From 5a768ccaa9cafd0f40f4b76e2e7b8dc58f5e4e43 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jannis=20Mo=C3=9Fhammer?= Date: Thu, 15 Aug 2013 14:27:53 +0200 Subject: [PATCH] Start authentication form refs #3777 --- application/controllers/ConfigController.php | 19 ++ .../forms/Config/AuthenticationForm.php | 279 ++++++++++++++++++ application/forms/Config/GeneralForm.php | 58 +++- .../views/scripts/config/authentication.phtml | 2 + 4 files changed, 350 insertions(+), 8 deletions(-) create mode 100644 application/forms/Config/AuthenticationForm.php create mode 100644 application/views/scripts/config/authentication.phtml diff --git a/application/controllers/ConfigController.php b/application/controllers/ConfigController.php index b2d0a7b2ee..5e69c219ba 100644 --- a/application/controllers/ConfigController.php +++ b/application/controllers/ConfigController.php @@ -32,6 +32,7 @@ use \Icinga\Web\Hook\Configuration\ConfigurationTabBuilder; use \Icinga\Application\Icinga; use \Icinga\Form\Config\GeneralForm; +use \Icinga\Form\Config\AuthenticationForm; use \Icinga\Form\Config\LoggingForm; use \Icinga\Config\PreservingIniWriter; @@ -57,6 +58,15 @@ public static function createProvidedTabs() "url" => Url::fromPath("/config") ) ), + + "authentication" => new Tab( + array( + "name" => "auth", + "title" => "Authentication", + "url" => Url::fromPath('/config/authentication') + ) + ), + "logging" => new Tab( array( "name" => "logging", @@ -96,6 +106,15 @@ public function indexAction() $this->view->form = $form; } + public function authenticationAction() + { + $form = new AuthenticationForm(); + $form->setConfiguration(IcingaConfig::app('authentication')); + $form->setRequest($this->_request); + $form->isSubmittedAndValid(); + $this->view->form = $form; + } + public function loggingAction() { $form = new LoggingForm(); diff --git a/application/forms/Config/AuthenticationForm.php b/application/forms/Config/AuthenticationForm.php new file mode 100644 index 0000000000..d835a956f8 --- /dev/null +++ b/application/forms/Config/AuthenticationForm.php @@ -0,0 +1,279 @@ + + * @license http://www.gnu.org/licenses/gpl-2.0.txt GPL, version 2 + * @author Icinga Development Team + */ +// {{{ICINGA_LICENSE_HEADER}}} + +namespace Icinga\Form\Config; + +use \Icinga\Application\Config as IcingaConfig; +use \Icinga\Application\Icinga; +use \Icinga\Application\Logger; +use \Icinga\Application\DbAdapterFactory; + +use \Icinga\Web\Form; +use \Icinga\Web\Form\Element\Note; +use \Icinga\Web\Form\Decorator\ConditionalHidden; +use \Zend_Config; +use \Zend_Form_Element_Text; +use \Zend_Form_Element_Select; + +class AuthenticationForm extends Form +{ + /** + * The configuration to use for populating this form + * + * @var IcingaConfig + */ + private $config = null; + + /** + * The resources to use instead of the factory provided ones (use for testing) + * + * @var null + */ + private $resources = null; + + /** + * Set an alternative array of resources that should be used instead of the DBFactory resource set + * (used for testing) + * + * @param array $resources The resources to use for populating the db selection field + */ + public function setResources(array $resources) + { + $this->resources = $resources; + } + + /** + * Return content of the resources.ini or previously set resources for displaying in the database selection field + * + * @return array + */ + public function getResources() + { + if ($this->resources === null ) { + return DbAdapterFactory::getResources(); + } else { + return $this->resources; + } + } + + /** + * Set the configuration to be used for this form + * + * @param IcingaConfig $cfg + */ + public function setConfiguration($cfg) + { + $this->config = $cfg; + } + + private function addProviderFormForDb($name, $backend) + { + + $backends = array(); + foreach ($this->getResources() as $resname => $resource) + { + if ($resource['type'] !== 'db') { + continue; + } + $backends[$resname] = $resname; + } + + $this->addElement( + 'select', + 'backend_' . $name . '_resource', + array( + 'label' => 'Database connection', + 'required' => true, + 'value' => $backend->get('resource'), + 'multiOptions' => $backends + ) + ); + + + $this->addElement( + 'submit', + 'backend_' . $name . '_remove', + array( + 'label' => 'Remove this backend', + 'required' => true + ) + ); + + $this->addDisplayGroup( + array( + 'backend_' . $name . '_resource', + 'backend_' . $name . '_remove' + ), + 'auth_provider_' . $name, + array( + 'legend' => 'DB Authentication ' . $name + ) + ); + } + + private function addProviderFormForLdap($name, $backend) + { + $this->addElement( + 'text', + 'backend_' . $name . '_hostname', + array( + 'label' => 'LDAP server host', + 'value' => $backend->get('hostname', 'localhost'), + 'required' => true + ) + ); + + $this->addElement( + 'text', + 'backend_' . $name . '_root_dn', + array( + 'label' => 'LDAP root dn', + 'value' => $backend->get('hostname', 'ou=people,dc=icinga,dc=org'), + 'required' => true + ) + ); + + $this->addElement( + 'text', + 'backend_' . $name . '_bind_dn', + array( + 'label' => 'LDAP bind dn', + 'value' => $backend->get('bind_dn', 'cn=admin,cn=config'), + 'required' => true + ) + ); + + $this->addElement( + 'password', + 'backend_' . $name . '_bind_pw', + array( + 'label' => 'LDAP bind password', + 'value' => $backend->get('bind_pw', 'admin'), + 'required' => true + ) + ); + + $this->addElement( + 'text', + 'backend_' . $name . '_bind_user_class', + array( + 'label' => 'LDAP user object class', + 'value' => $backend->get('user_class', 'inetOrgPerson'), + 'required' => true + ) + ); + + $this->addElement( + 'text', + 'backend_' . $name . '_bind_user_name_attribute', + array( + 'label' => 'LDAP user name attribute', + 'value' => $backend->get('user_name_attribute', 'uid'), + 'required' => true + ) + ); + + $this->addElement( + 'submit', + 'backend_' . $name . '_remove', + array( + 'label' => 'Remove this backend' + ) + ); + + $this->addDisplayGroup( + array( + 'backend_' . $name . '_hostname', + 'backend_' . $name . '_root_dn', + 'backend_' . $name . '_bind_dn', + 'backend_' . $name . '_bind_pw', + 'backend_' . $name . '_bind_user_class', + 'backend_' . $name . '_bind_user_name_attribute', + 'backend_' . $name . '_remove' + ), + 'auth_provider_' . $name, + array( + 'legend' => 'LDAP Authentication ' . $name + ) + ); + } + + + public function addPriorityButtons($name, $pos) + { + if ($pos > 0) { + $this->addElement( + 'submit', + 'priority_change_'.$name.'_down', + array( + 'label' => 'Move up in authentication order', + 'value' => $pos-1 + ) + ); + } + if ($pos+1 < count($this->config->keys())) { + $this->addElement( + 'submit', + 'priority_change_'.$name.'_up', + array( + 'label' => 'Move down in authentication order', + 'value' => $pos+1 + ) + ); + } + } + + public function create() + { + $this->addElement( + 'submit', + 'add_backend', + array( + 'label' => 'Add a new authentication provider', + 'class' => 'btn' + ) + ); + $pos = 0; + foreach ($this->config as $name => $backend) { + + $type = strtolower($backend->get('backend')); + if ($type === 'db') { + $this->addProviderFormForDb($name, $backend); + } elseif ($type === 'ldap') { + $this->addProviderFormForLdap($name, $backend); + } else { + Logger::error('Unsupported backend found in authentication configuration: ' . $backend->get('backend')); + continue; + } + $this->addPriorityButtons($name, $pos); + + $pos++; + } + $this->setSubmitLabel('Save changes'); + } +} \ No newline at end of file diff --git a/application/forms/Config/GeneralForm.php b/application/forms/Config/GeneralForm.php index 671d9694de..3d83272cdb 100644 --- a/application/forms/Config/GeneralForm.php +++ b/application/forms/Config/GeneralForm.php @@ -30,6 +30,7 @@ use \Icinga\Application\Config as IcingaConfig; use \Icinga\Application\Icinga; +use \Icinga\Application\DbAdapterFactory; use \Icinga\Web\Form; use \Icinga\Web\Form\Decorator\ConditionalHidden; use \Icinga\Web\Form\Element\Note; @@ -37,7 +38,7 @@ use \DateTimeZone; use \Zend_Config; use \Zend_Form_Element_Text; - +use \Zend_Form_Element_Select; /** * Configuration form for general, application-wide settings @@ -59,6 +60,14 @@ class GeneralForm extends Form */ private $configDir = null; + + /** + * The resources to use instead of the factory provided ones (use for testing) + * + * @var null + */ + private $resources = null; + /** * Set the configuration to be used for this form * @@ -90,6 +99,31 @@ public function getConfigDir() return $this->configDir === null ? IcingaConfig::$configDir : $this->configDir; } + /** + * Set an alternative array of resources that should be used instead of the DBFactory resource set + * (used for testing) + * + * @param array $resources The resources to use for populating the db selection field + */ + public function setResources(array $resources) + { + $this->resources = $resources; + } + + /** + * Return content of the resources.ini or previously set resources for displaying in the database selection field + * + * @return array + */ + public function getResources() + { + if ($this->resources === null ) { + return DbAdapterFactory::getResources(); + } else { + return $this->resources; + } + } + /** * Add the checkbox for using the development environment to this form * @@ -236,14 +270,23 @@ public function addUserPreferencesDialog(Zend_Config $cfg) 'value' => $cfg->get('configPath') ) ); + $backends = array(); + foreach ($this->getResources() as $name => $resource) + { + if ($resource['type'] !== 'db') { + continue; + } + $backends[$name] = $name; + } - $txtPreferencesDbResource = new Zend_Form_Element_Text( + $txtPreferencesDbResource = new Zend_Form_Element_Select( array( - 'name' => 'preferences_db_resource', - 'label' => 'Database connection (TODO: Make select field)', - 'required' => $backend === 'db', - 'condition' => $backend === 'db', - 'value' => $cfg->get('resource') + 'name' => 'preferences_db_resource', + 'label' => 'Database connection', + 'required' => $backend === 'db', + 'condition' => $backend === 'db', + 'value' => $cfg->get('resource'), + 'multiOptions' => $backends ) ); @@ -282,7 +325,6 @@ public function create() $this->addDateFormatSettings($global); $this->addUserPreferencesDialog($preferences); - $this->setSubmitLabel('Save changes'); } diff --git a/application/views/scripts/config/authentication.phtml b/application/views/scripts/config/authentication.phtml new file mode 100644 index 0000000000..f0b046499b --- /dev/null +++ b/application/views/scripts/config/authentication.phtml @@ -0,0 +1,2 @@ +tabs->render($this); ?> +form ?> \ No newline at end of file