From 8ca6cc32b2c789a3149861159ad258f2cb9491e3 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 28 Apr 2024 14:39:39 +0200 Subject: Adding upstream version 2.11.4. Signed-off-by: Daniel Baumann --- .../library/Setup/Steps/AuthenticationStep.php | 238 ++++++++++++++++++ modules/setup/library/Setup/Steps/DatabaseStep.php | 266 +++++++++++++++++++++ .../library/Setup/Steps/GeneralConfigStep.php | 131 ++++++++++ modules/setup/library/Setup/Steps/ResourceStep.php | 199 +++++++++++++++ .../setup/library/Setup/Steps/UserGroupStep.php | 213 +++++++++++++++++ 5 files changed, 1047 insertions(+) create mode 100644 modules/setup/library/Setup/Steps/AuthenticationStep.php create mode 100644 modules/setup/library/Setup/Steps/DatabaseStep.php create mode 100644 modules/setup/library/Setup/Steps/GeneralConfigStep.php create mode 100644 modules/setup/library/Setup/Steps/ResourceStep.php create mode 100644 modules/setup/library/Setup/Steps/UserGroupStep.php (limited to 'modules/setup/library/Setup/Steps') diff --git a/modules/setup/library/Setup/Steps/AuthenticationStep.php b/modules/setup/library/Setup/Steps/AuthenticationStep.php new file mode 100644 index 0000000..3c6c64a --- /dev/null +++ b/modules/setup/library/Setup/Steps/AuthenticationStep.php @@ -0,0 +1,238 @@ +data = $data; + } + + public function apply() + { + $success = $this->createAuthenticationIni(); + if (isset($this->data['adminAccountData']['resourceConfig'])) { + $success &= $this->createAccount(); + } + + $success &= $this->createRolesIni(); + return $success; + } + + protected function createAuthenticationIni() + { + $config = array(); + $backendConfig = $this->data['backendConfig']; + $backendName = $backendConfig['name']; + unset($backendConfig['name']); + $config[$backendName] = $backendConfig; + if (isset($this->data['resourceName'])) { + $config[$backendName]['resource'] = $this->data['resourceName']; + } + + try { + Config::fromArray($config) + ->setConfigFile(Config::resolvePath('authentication.ini')) + ->saveIni(); + } catch (Exception $e) { + $this->authIniError = $e; + return false; + } + + $this->authIniError = false; + return true; + } + + protected function createRolesIni() + { + if (isset($this->data['adminAccountData']['username'])) { + $config = array( + 'users' => $this->data['adminAccountData']['username'], + 'permissions' => '*' + ); + + if ($this->data['backendConfig']['backend'] === 'db') { + $config['groups'] = mt('setup', 'Administrators', 'setup.role.name'); + } + } else { // isset($this->data['adminAccountData']['groupname']) + $config = array( + 'groups' => $this->data['adminAccountData']['groupname'], + 'permissions' => '*' + ); + } + + try { + Config::fromArray(array(mt('setup', 'Administrators', 'setup.role.name') => $config)) + ->setConfigFile(Config::resolvePath('roles.ini')) + ->saveIni(); + } catch (Exception $e) { + $this->permIniError = $e; + return false; + } + + $this->permIniError = false; + return true; + } + + protected function createAccount() + { + try { + $backend = new DbUserBackend( + ResourceFactory::createResource(new ConfigObject($this->data['adminAccountData']['resourceConfig'])) + ); + + if ($backend->select()->where('user_name', $this->data['adminAccountData']['username'])->count() === 0) { + $backend->insert('user', array( + 'user_name' => $this->data['adminAccountData']['username'], + 'password' => $this->data['adminAccountData']['password'], + 'is_active' => true + )); + $this->dbError = false; + } + } catch (Exception $e) { + $this->dbError = $e; + return false; + } + + return true; + } + + public function getSummary() + { + $pageTitle = '

' . mt('setup', 'Authentication', 'setup.page.title') . '

'; + $backendTitle = '

' . mt('setup', 'Authentication Backend', 'setup.page.title') . '

'; + $adminTitle = '

' . mt('setup', 'Administration', 'setup.page.title') . '

'; + + $authType = $this->data['backendConfig']['backend']; + $backendDesc = '

' . sprintf( + mt('setup', 'Users will authenticate using %s.', 'setup.summary.auth'), + $authType === 'db' ? mt('setup', 'a database', 'setup.summary.auth.type') : ( + $authType === 'ldap' || $authType === 'msldap' ? 'LDAP' : ( + mt('setup', 'webserver authentication', 'setup.summary.auth.type') + ) + ) + ) . '

'; + + $backendHtml = '' + . '' + . '' + . '' + . '' + . '' + . '' + . ($authType === 'ldap' || $authType === 'msldap' ? ( + '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + ) : ($authType === 'external' ? ( + '' + . '' + . '' + . '' + ) : '')) + . '' + . '
' . t('Backend Name') . '' . $this->data['backendConfig']['name'] . '
' . mt('setup', 'User Object Class') . '' . ($authType === 'msldap' ? 'user' : $this->data['backendConfig']['user_class']) . '
' . mt('setup', 'Custom Filter') . '' . (trim($this->data['backendConfig']['filter']) ?: t('None', 'auth.ldap.filter')) . '
' . mt('setup', 'User Name Attribute') . '' . ($authType === 'msldap' + ? 'sAMAccountName' + : $this->data['backendConfig']['user_name_attribute']) . '
' . t('Filter Pattern') . '' . $this->data['backendConfig']['strip_username_regexp'] . '
'; + + if (isset($this->data['adminAccountData']['username'])) { + $adminHtml = '

' . (isset($this->data['adminAccountData']['resourceConfig']) ? sprintf( + mt('setup', 'Administrative rights will initially be granted to a new account called "%s".'), + $this->data['adminAccountData']['username'] + ) : sprintf( + mt('setup', 'Administrative rights will initially be granted to an existing account called "%s".'), + $this->data['adminAccountData']['username'] + )) . '

'; + } else { // isset($this->data['adminAccountData']['groupname']) + $adminHtml = '

' . sprintf( + mt('setup', 'Administrative rights will initially be granted to members of the user group "%s".'), + $this->data['adminAccountData']['groupname'] + ) . '

'; + } + + return $pageTitle . '
' . $backendDesc . $backendTitle . $backendHtml . '
' + . '
' . $adminTitle . $adminHtml . '
'; + } + + public function getReport() + { + $report = array(); + + if ($this->authIniError === false) { + $report[] = sprintf( + mt('setup', 'Authentication configuration has been successfully written to: %s'), + Config::resolvePath('authentication.ini') + ); + } elseif ($this->authIniError !== null) { + $report[] = sprintf( + mt('setup', 'Authentication configuration could not be written to: %s. An error occured:'), + Config::resolvePath('authentication.ini') + ); + $report[] = sprintf(mt('setup', 'ERROR: %s'), IcingaException::describe($this->authIniError)); + } + + if ($this->dbError === false) { + $report[] = sprintf( + mt('setup', 'Account "%s" has been successfully created.'), + $this->data['adminAccountData']['username'] + ); + } elseif ($this->dbError !== null) { + $report[] = sprintf( + mt('setup', 'Unable to create account "%s". An error occured:'), + $this->data['adminAccountData']['username'] + ); + $report[] = sprintf(mt('setup', 'ERROR: %s'), IcingaException::describe($this->dbError)); + } + + if ($this->permIniError === false) { + $report[] = isset($this->data['adminAccountData']['username']) ? sprintf( + mt('setup', 'Account "%s" has been successfully defined as initial administrator.'), + $this->data['adminAccountData']['username'] + ) : sprintf( + mt('setup', 'The members of the user group "%s" were successfully defined as initial administrators.'), + $this->data['adminAccountData']['groupname'] + ); + } elseif ($this->permIniError !== null) { + $report[] = isset($this->data['adminAccountData']['username']) ? sprintf( + mt('setup', 'Unable to define account "%s" as initial administrator. An error occured:'), + $this->data['adminAccountData']['username'] + ) : sprintf( + mt( + 'setup', + 'Unable to define the members of the user group "%s" as initial administrators. An error occured:' + ), + $this->data['adminAccountData']['groupname'] + ); + $report[] = sprintf(mt('setup', 'ERROR: %s'), IcingaException::describe($this->permIniError)); + } + + return $report; + } +} diff --git a/modules/setup/library/Setup/Steps/DatabaseStep.php b/modules/setup/library/Setup/Steps/DatabaseStep.php new file mode 100644 index 0000000..32b2d15 --- /dev/null +++ b/modules/setup/library/Setup/Steps/DatabaseStep.php @@ -0,0 +1,266 @@ +data = $data; + $this->messages = array(); + } + + public function apply() + { + $resourceConfig = $this->data['resourceConfig']; + if (isset($this->data['adminName'])) { + $resourceConfig['username'] = $this->data['adminName']; + if (isset($this->data['adminPassword'])) { + $resourceConfig['password'] = $this->data['adminPassword']; + } + } + + $db = new DbTool($resourceConfig); + + try { + if ($resourceConfig['db'] === 'mysql') { + $this->setupMysqlDatabase($db); + } elseif ($resourceConfig['db'] === 'pgsql') { + $this->setupPgsqlDatabase($db); + } + } catch (Exception $e) { + $this->error = $e; + throw new SetupException(); + } + + $this->error = false; + return true; + } + + protected function setupMysqlDatabase(DbTool $db) + { + try { + $db->connectToDb(); + $this->log( + mt('setup', 'Successfully connected to existing database "%s"...'), + $this->data['resourceConfig']['dbname'] + ); + } catch (PDOException $_) { + $db->connectToHost(); + $this->log(mt('setup', 'Creating new database "%s"...'), $this->data['resourceConfig']['dbname']); + $db->exec('CREATE DATABASE ' . $db->quoteIdentifier($this->data['resourceConfig']['dbname'])); + $db->reconnect($this->data['resourceConfig']['dbname']); + } + + if (array_search(reset($this->data['tables']), $db->listTables(), true) !== false) { + $this->log(mt('setup', 'Database schema already exists...')); + } else { + $this->log(mt('setup', 'Creating database schema...')); + $db->import($this->data['schemaPath'] . '/mysql.schema.sql'); + } + + if ($db->hasLogin($this->data['resourceConfig']['username'])) { + $this->log(mt('setup', 'Login "%s" already exists...'), $this->data['resourceConfig']['username']); + } else { + $this->log(mt('setup', 'Creating login "%s"...'), $this->data['resourceConfig']['username']); + $db->addLogin($this->data['resourceConfig']['username'], $this->data['resourceConfig']['password']); + } + + $username = $this->data['resourceConfig']['username']; + if ($db->checkPrivileges($this->data['privileges'], $this->data['tables'], $username)) { + $this->log( + mt('setup', 'Required privileges were already granted to login "%s".'), + $this->data['resourceConfig']['username'] + ); + } else { + $this->log( + mt('setup', 'Granting required privileges to login "%s"...'), + $this->data['resourceConfig']['username'] + ); + $db->grantPrivileges( + $this->data['privileges'], + $this->data['tables'], + $this->data['resourceConfig']['username'] + ); + } + } + + protected function setupPgsqlDatabase(DbTool $db) + { + try { + $db->connectToDb(); + $this->log( + mt('setup', 'Successfully connected to existing database "%s"...'), + $this->data['resourceConfig']['dbname'] + ); + } catch (PDOException $_) { + $db->connectToHost(); + $this->log(mt('setup', 'Creating new database "%s"...'), $this->data['resourceConfig']['dbname']); + $db->exec(sprintf( + "CREATE DATABASE %s WITH ENCODING 'UTF-8'", + $db->quoteIdentifier($this->data['resourceConfig']['dbname']) + )); + $db->reconnect($this->data['resourceConfig']['dbname']); + } + + if (array_search(reset($this->data['tables']), $db->listTables(), true) !== false) { + $this->log(mt('setup', 'Database schema already exists...')); + } else { + $this->log(mt('setup', 'Creating database schema...')); + $db->import($this->data['schemaPath'] . '/pgsql.schema.sql'); + } + + if ($db->hasLogin($this->data['resourceConfig']['username'])) { + $this->log(mt('setup', 'Login "%s" already exists...'), $this->data['resourceConfig']['username']); + } else { + $this->log(mt('setup', 'Creating login "%s"...'), $this->data['resourceConfig']['username']); + $db->addLogin($this->data['resourceConfig']['username'], $this->data['resourceConfig']['password']); + } + + $username = $this->data['resourceConfig']['username']; + if ($db->checkPrivileges($this->data['privileges'], $this->data['tables'], $username)) { + $this->log( + mt('setup', 'Required privileges were already granted to login "%s".'), + $this->data['resourceConfig']['username'] + ); + } else { + $this->log( + mt('setup', 'Granting required privileges to login "%s"...'), + $this->data['resourceConfig']['username'] + ); + $db->grantPrivileges( + $this->data['privileges'], + $this->data['tables'], + $this->data['resourceConfig']['username'] + ); + } + } + + public function getSummary() + { + $resourceConfig = $this->data['resourceConfig']; + if (isset($this->data['adminName'])) { + $resourceConfig['username'] = $this->data['adminName']; + if (isset($this->data['adminPassword'])) { + $resourceConfig['password'] = $this->data['adminPassword']; + } + } + + $db = new DbTool($resourceConfig); + + try { + $db->connectToDb(); + if (array_search(reset($this->data['tables']), $db->listTables(), true) === false) { + if ($resourceConfig['username'] !== $this->data['resourceConfig']['username']) { + $message = sprintf( + mt( + 'setup', + 'The database user "%s" will be used to setup the missing schema required by Icinga' + . ' Web 2 in database "%s" and to grant access to it to a new login called "%s".' + ), + $resourceConfig['username'], + $resourceConfig['dbname'], + $this->data['resourceConfig']['username'] + ); + } else { + $message = sprintf( + mt( + 'setup', + 'The database user "%s" will be used to setup the missing' + . ' schema required by Icinga Web 2 in database "%s".' + ), + $resourceConfig['username'], + $resourceConfig['dbname'] + ); + } + } else { + $message = sprintf( + mt('setup', 'The database "%s" already seems to be fully set up. No action required.'), + $resourceConfig['dbname'] + ); + } + } catch (PDOException $_) { + try { + $db->connectToHost(); + if ($resourceConfig['username'] !== $this->data['resourceConfig']['username']) { + if ($db->hasLogin($this->data['resourceConfig']['username'])) { + $message = sprintf( + mt( + 'setup', + 'The database user "%s" will be used to create the missing database' + . ' "%s" with the schema required by Icinga Web 2 and to grant' + . ' access to it to an existing login called "%s".' + ), + $resourceConfig['username'], + $resourceConfig['dbname'], + $this->data['resourceConfig']['username'] + ); + } else { + $message = sprintf( + mt( + 'setup', + 'The database user "%s" will be used to create the missing database' + . ' "%s" with the schema required by Icinga Web 2 and to grant' + . ' access to it to a new login called "%s".' + ), + $resourceConfig['username'], + $resourceConfig['dbname'], + $this->data['resourceConfig']['username'] + ); + } + } else { + $message = sprintf( + mt( + 'setup', + 'The database user "%s" will be used to create the missing' + . ' database "%s" with the schema required by Icinga Web 2.' + ), + $resourceConfig['username'], + $resourceConfig['dbname'] + ); + } + } catch (Exception $_) { + $message = mt( + 'setup', + 'No connection to database host possible. You\'ll need to setup the' + . ' database with the schema required by Icinga Web 2 manually.' + ); + } + } + + return '

' . mt('setup', 'Database Setup', 'setup.page.title') . '

' . $message . '

'; + } + + public function getReport() + { + if ($this->error === false) { + $report = $this->messages; + $report[] = mt('setup', 'The database has been fully set up!'); + return $report; + } elseif ($this->error !== null) { + $report = $this->messages; + $report[] = mt('setup', 'Failed to fully setup the database. An error occured:'); + $report[] = sprintf(mt('setup', 'ERROR: %s'), IcingaException::describe($this->error)); + return $report; + } + } + + protected function log() + { + $this->messages[] = call_user_func_array('sprintf', func_get_args()); + } +} diff --git a/modules/setup/library/Setup/Steps/GeneralConfigStep.php b/modules/setup/library/Setup/Steps/GeneralConfigStep.php new file mode 100644 index 0000000..2c928f6 --- /dev/null +++ b/modules/setup/library/Setup/Steps/GeneralConfigStep.php @@ -0,0 +1,131 @@ +data = $data; + } + + public function apply() + { + $config = array(); + foreach ($this->data['generalConfig'] as $sectionAndPropertyName => $value) { + list($section, $property) = explode('_', $sectionAndPropertyName, 2); + $config[$section][$property] = $value; + } + + $config['global']['config_resource'] = $this->data['resourceName']; + + try { + Config::fromArray($config) + ->setConfigFile(Config::resolvePath('config.ini')) + ->saveIni(); + } catch (Exception $e) { + $this->error = $e; + return false; + } + + $this->error = false; + return true; + } + + public function getSummary() + { + $pageTitle = '

' . mt('setup', 'Application Configuration', 'setup.page.title') . '

'; + $generalTitle = '

' . t('General', 'app.config') . '

'; + $loggingTitle = '

' . t('Logging', 'app.config') . '

'; + + $generalHtml = '' + . ''; + + $type = $this->data['generalConfig']['logging_log']; + if ($type === 'none') { + $loggingHtml = '

' . mt('setup', 'Logging will be disabled.') . '

'; + } else { + $level = $this->data['generalConfig']['logging_level']; + + switch ($type) { + case 'php': + $typeDescription = t('Webserver Log', 'app.config.logging.type'); + $typeSpecificHtml = ''; + break; + + case 'syslog': + $typeDescription = 'Syslog'; + $typeSpecificHtml = '' . t('Application Prefix') . '' + . '' . $this->data['generalConfig']['logging_application'] . ''; + break; + + case 'file': + $typeDescription = t('File', 'app.config.logging.type'); + $typeSpecificHtml = '' . t('Filepath') . '' + . '' . $this->data['generalConfig']['logging_file'] . ''; + break; + } + + $loggingHtml = '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . $typeSpecificHtml + . '' + . '' + . '
' . t('Type', 'app.config.logging') . '' . $typeDescription . '
' . t('Level', 'app.config.logging') . '' . ($level === Logger::$levels[Logger::ERROR] ? t('Error', 'app.config.logging.level') : ( + $level === Logger::$levels[Logger::WARNING] ? t('Warning', 'app.config.logging.level') : ( + $level === Logger::$levels[Logger::INFO] ? t('Information', 'app.config.logging.level') : ( + t('Debug', 'app.config.logging.level') + ) + ) + )) . '
'; + } + + return $pageTitle . '
' . $generalTitle . $generalHtml . '
' + . '
' . $loggingTitle . $loggingHtml . '
'; + } + + public function getReport() + { + if ($this->error === false) { + return array(sprintf( + mt('setup', 'General configuration has been successfully written to: %s'), + Config::resolvePath('config.ini') + )); + } elseif ($this->error !== null) { + return array( + sprintf( + mt('setup', 'General configuration could not be written to: %s. An error occured:'), + Config::resolvePath('config.ini') + ), + sprintf(mt('setup', 'ERROR: %s'), IcingaException::describe($this->error)) + ); + } + } +} diff --git a/modules/setup/library/Setup/Steps/ResourceStep.php b/modules/setup/library/Setup/Steps/ResourceStep.php new file mode 100644 index 0000000..d9daf3b --- /dev/null +++ b/modules/setup/library/Setup/Steps/ResourceStep.php @@ -0,0 +1,199 @@ +data = $data; + } + + public function apply() + { + $resourceConfig = array(); + if (isset($this->data['dbResourceConfig'])) { + $dbConfig = $this->data['dbResourceConfig']; + $resourceName = $dbConfig['name']; + unset($dbConfig['name']); + $resourceConfig[$resourceName] = $dbConfig; + } + + if (isset($this->data['ldapResourceConfig'])) { + $ldapConfig = $this->data['ldapResourceConfig']; + $resourceName = $ldapConfig['name']; + unset($ldapConfig['name']); + $resourceConfig[$resourceName] = $ldapConfig; + } + + try { + Config::fromArray($resourceConfig) + ->setConfigFile(Config::resolvePath('resources.ini')) + ->saveIni(); + } catch (Exception $e) { + $this->error = $e; + return false; + } + + $this->error = false; + return true; + } + + public function getSummary() + { + if (isset($this->data['dbResourceConfig']) && isset($this->data['ldapResourceConfig'])) { + $pageTitle = '

' . mt('setup', 'Resources', 'setup.page.title') . '

'; + } else { + $pageTitle = '

' . mt('setup', 'Resource', 'setup.page.title') . '

'; + } + + if (isset($this->data['dbResourceConfig'])) { + $dbTitle = '

' . mt('setup', 'Database', 'setup.page.title') . '

'; + $dbHtml = '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . ''; + + if (defined('\PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT') + && isset($this->data['resourceConfig']['ssl_do_not_verify_server_cert']) + && $this->data['resourceConfig']['ssl_do_not_verify_server_cert'] + ) { + $dbHtml .= '' + . '' + . '' + . '' + . ''; + } + if (isset($this->data['dbResourceConfig']['ssl_key']) && $this->data['dbResourceConfig']['ssl_key']) { + $dbHtml .= '' + .'' + . '' + . '' + . ''; + } + if (isset($this->data['dbResourceConfig']['ssl_cert']) && $this->data['dbResourceConfig']['ssl_cert']) { + $dbHtml .= '' + . '' + . '' + . '' + . ''; + } + if (isset($this->data['dbResourceConfig']['ssl_ca']) && $this->data['dbResourceConfig']['ssl_ca']) { + $dbHtml .= '' + . '' + . '' + . '' + . ''; + } + if (isset($this->data['dbResourceConfig']['ssl_capath']) && $this->data['dbResourceConfig']['ssl_capath']) { + $dbHtml .= '' + . '' + . '' + . '' + . ''; + } + if (isset($this->data['dbResourceConfig']['ssl_cipher']) && $this->data['dbResourceConfig']['ssl_cipher']) { + $dbHtml .= '' + . '' + . '' + . '' + . ''; + } + + $dbHtml .= '' + . '' + . '
' . t('Resource Name') . '' . $this->data['dbResourceConfig']['name'] . '
' . t('Database Type') . '' . $this->data['dbResourceConfig']['db'] . '
' . t('Host') . '' . $this->data['dbResourceConfig']['host'] . '
' . t('Port') . '' . $this->data['dbResourceConfig']['port'] . '
' . t('Database Name') . '' . $this->data['dbResourceConfig']['dbname'] . '
' . t('Username') . '' . $this->data['dbResourceConfig']['username'] . '
' . t('Password') . '' . str_repeat('*', strlen($this->data['dbResourceConfig']['password'])) . '
' . t('SSL Do Not Verify Server Certificate') . '' . $this->data['resourceConfig']['ssl_do_not_verify_server_cert'] . '
' . t('SSL Key') . '' . $this->data['dbResourceConfig']['ssl_key'] . '
' . t('SSL Cert') . '' . $this->data['dbResourceConfig']['ssl_cert'] . '
' . t('CA') . '' . $this->data['dbResourceConfig']['ssl_ca'] . '
' . t('CA Path') . '' . $this->data['dbResourceConfig']['ssl_capath'] . '
' . t('Cipher') . '' . $this->data['dbResourceConfig']['ssl_cipher'] . '
'; + } + + if (isset($this->data['ldapResourceConfig'])) { + $ldapTitle = '

LDAP

'; + $ldapHtml = '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '
' . t('Resource Name') . '' . $this->data['ldapResourceConfig']['name'] . '
' . t('Host') . '' . $this->data['ldapResourceConfig']['hostname'] . '
' . t('Port') . '' . $this->data['ldapResourceConfig']['port'] . '
' . t('Root DN') . '' . $this->data['ldapResourceConfig']['root_dn'] . '
' . t('Bind DN') . '' . $this->data['ldapResourceConfig']['bind_dn'] . '
' . t('Bind Password') . '' . str_repeat('*', strlen($this->data['ldapResourceConfig']['bind_pw'])) . '
'; + } + + return $pageTitle . (isset($dbTitle) ? '
' . $dbTitle . $dbHtml . '
' : '') + . (isset($ldapTitle) ? '
' . $ldapTitle . $ldapHtml . '
' : ''); + } + + public function getReport() + { + if ($this->error === false) { + return array(sprintf( + mt('setup', 'Resource configuration has been successfully written to: %s'), + Config::resolvePath('resources.ini') + )); + } elseif ($this->error !== null) { + return array( + sprintf( + mt('setup', 'Resource configuration could not be written to: %s. An error occured:'), + Config::resolvePath('resources.ini') + ), + sprintf(mt('setup', 'ERROR: %s'), IcingaException::describe($this->error)) + ); + } + } +} diff --git a/modules/setup/library/Setup/Steps/UserGroupStep.php b/modules/setup/library/Setup/Steps/UserGroupStep.php new file mode 100644 index 0000000..4aab676 --- /dev/null +++ b/modules/setup/library/Setup/Steps/UserGroupStep.php @@ -0,0 +1,213 @@ +data = $data; + } + + public function apply() + { + $success = $this->createGroupsIni(); + if (isset($this->data['resourceConfig'])) { + $success &= $this->createUserGroup(); + if ($success) { + $success &= $this->createMembership(); + } + } + + return $success; + } + + protected function createGroupsIni() + { + $config = array(); + if (isset($this->data['groupConfig'])) { + $backendConfig = $this->data['groupConfig']; + $backendName = $backendConfig['name']; + unset($backendConfig['name']); + $config[$backendName] = $backendConfig; + } else { + $backendConfig = array( + 'backend' => $this->data['backendConfig']['backend'], // "db" or "msldap" + 'resource' => $this->data['resourceName'] + ); + + if ($backendConfig['backend'] === 'msldap') { + $backendConfig['user_backend'] = $this->data['backendConfig']['name']; + } + + $config[$this->data['backendConfig']['name']] = $backendConfig; + } + + try { + Config::fromArray($config) + ->setConfigFile(Config::resolvePath('groups.ini')) + ->saveIni(); + } catch (Exception $e) { + $this->groupIniError = $e; + return false; + } + + $this->groupIniError = false; + return true; + } + + protected function createUserGroup() + { + try { + $backend = new DbUserGroupBackend( + ResourceFactory::createResource(new ConfigObject($this->data['resourceConfig'])) + ); + + $groupName = mt('setup', 'Administrators', 'setup.role.name'); + if ($backend->select()->where('group_name', $groupName)->count() === 0) { + $backend->insert('group', array( + 'group_name' => $groupName + )); + $this->groupError = false; + } + } catch (Exception $e) { + $this->groupError = $e; + return false; + } + + return true; + } + + protected function createMembership() + { + try { + $backend = new DbUserGroupBackend( + ResourceFactory::createResource(new ConfigObject($this->data['resourceConfig'])) + ); + + $groupName = mt('setup', 'Administrators', 'setup.role.name'); + $userName = $this->data['username']; + if ($backend + ->select() + ->from('group_membership') + ->where('group_name', $groupName) + ->where('user_name', $userName) + ->count() === 0 + ) { + $backend->insert('group_membership', array( + 'group_name' => $groupName, + 'user_name' => $userName + )); + $this->memberError = false; + } + } catch (Exception $e) { + $this->memberError = $e; + return false; + } + + return true; + } + + public function getSummary() + { + if (! isset($this->data['groupConfig'])) { + return; // It's not necessary to show the user something he didn't configure.. + } + + $pageTitle = '

' . mt('setup', 'User Groups', 'setup.page.title') . '

'; + $backendTitle = '

' . mt('setup', 'User Group Backend', 'setup.page.title') . '

'; + + $backendHtml = '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '' + . '
' . t('Backend Name') . '' . $this->data['groupConfig']['name'] . '
' . mt('setup', 'Group Object Class') . '' . $this->data['groupConfig']['group_class'] . '
' . mt('setup', 'Custom Filter') . '' . (trim($this->data['groupConfig']['group_filter']) ?: t('None', 'auth.ldap.filter')) . '
' . mt('setup', 'Group Name Attribute') . '' . $this->data['groupConfig']['group_name_attribute'] . '
' . mt('setup', 'Group Member Attribute') . '' . $this->data['groupConfig']['group_member_attribute'] . '
'; + + return $pageTitle . '
' . $backendTitle . $backendHtml . '
'; + } + + public function getReport() + { + $report = array(); + + if ($this->groupIniError === false) { + $report[] = sprintf( + mt('setup', 'User Group Backend configuration has been successfully written to: %s'), + Config::resolvePath('groups.ini') + ); + } elseif ($this->groupIniError !== null) { + $report[] = sprintf( + mt('setup', 'User Group Backend configuration could not be written to: %s. An error occured:'), + Config::resolvePath('groups.ini') + ); + $report[] = sprintf(mt('setup', 'ERROR: %s'), IcingaException::describe($this->groupIniError)); + } + + if ($this->groupError === false) { + $report[] = sprintf( + mt('setup', 'User Group "%s" has been successfully created.'), + mt('setup', 'Administrators', 'setup.role.name') + ); + } elseif ($this->groupError !== null) { + $report[] = sprintf( + mt('setup', 'Unable to create user group "%s". An error occured:'), + mt('setup', 'Administrators', 'setup.role.name') + ); + $report[] = sprintf(mt('setup', 'ERROR: %s'), IcingaException::describe($this->groupError)); + } + + if ($this->memberError === false) { + $report[] = sprintf( + mt('setup', 'Account "%s" has been successfully added as member to user group "%s".'), + $this->data['username'], + mt('setup', 'Administrators', 'setup.role.name') + ); + } elseif ($this->memberError !== null) { + $report[] = sprintf( + mt('setup', 'Unable to add account "%s" as member to user group "%s". An error occured:'), + $this->data['username'], + mt('setup', 'Administrators', 'setup.role.name') + ); + $report[] = sprintf(mt('setup', 'ERROR: %s'), IcingaException::describe($this->memberError)); + } + + return $report; + } +} -- cgit v1.2.3