Skip to content

Commit

Permalink
Merge branch 'feature/user-and-group-management-8826'
Browse files Browse the repository at this point in the history 
resolves #8826
resolves #9122
resolves #8877
  • Loading branch information
Johannes Meyer committed Jun 2, 2015
2 parents 06fb6ff + 28a28a8 commit 5f898a3
Show file tree
Hide file tree
Showing 100 changed files with 8,345 additions and 2,037 deletions.
2 changes: 1 addition & 1 deletion application/controllers/AuthenticationController.php
View file
Expand Up @@ -7,7 +7,7 @@
use Icinga\Application\Icinga;
use Icinga\Application\Logger;
use Icinga\Authentication\AuthChain;
use Icinga\Authentication\Backend\ExternalBackend;
use Icinga\Authentication\User\ExternalBackend;
use Icinga\Exception\AuthenticationException;
use Icinga\Exception\ConfigurationError;
use Icinga\Exception\NotReadableError;
Expand Down
121 changes: 61 additions & 60 deletions application/controllers/ConfigController.php
View file
Expand Up @@ -5,14 +5,15 @@
use Icinga\Application\Icinga;
use Icinga\Application\Modules\Module;
use Icinga\Data\ResourceFactory;
use Icinga\Forms\Config\AuthenticationBackendConfigForm;
use Icinga\Forms\Config\AuthenticationBackendReorderForm;
use Icinga\Forms\Config\UserBackendConfigForm;
use Icinga\Forms\Config\UserBackendReorderForm;
use Icinga\Forms\Config\GeneralConfigForm;
use Icinga\Forms\Config\ResourceConfigForm;
use Icinga\Forms\ConfirmRemovalForm;
use Icinga\Security\SecurityException;
use Icinga\Web\Controller;
use Icinga\Web\Notification;
use Icinga\Web\Url;
use Icinga\Web\Widget;

/**
Expand All @@ -38,20 +39,12 @@ public function init()
$auth = $this->Auth();
$allowedActions = array();
if ($auth->hasPermission('config/application/general')) {
$tabs->add('application', array(
$tabs->add('general', array(
'title' => $this->translate('Adjust the general configuration of Icinga Web 2'),
'label' => $this->translate('Application'),
'url' => 'config/application'
'label' => $this->translate('General'),
'url' => 'config/general'
));
$allowedActions[] = 'application';
}
if ($auth->hasPermission('config/application/authentication')) {
$tabs->add('authentication', array(
'title' => $this->translate('Configure how users authenticate with and log into Icinga Web 2'),
'label' => $this->translate('Authentication'),
'url' => 'config/authentication'
));
$allowedActions[] = 'authentication';
$allowedActions[] = 'general';
}
if ($auth->hasPermission('config/application/resources')) {
$tabs->add('resource', array(
Expand All @@ -61,15 +54,21 @@ public function init()
));
$allowedActions[] = 'resource';
}
if ($auth->hasPermission('config/application/roles')) {
$tabs->add('roles', array(
'title' => $this->translate(
'Configure roles to permit or restrict users and groups accessing Icinga Web 2'
),
'label' => $this->translate('Roles'),
'url' => 'roles'
if ($auth->hasPermission('config/application/userbackend')) {
$tabs->add('userbackend', array(
'title' => $this->translate('Configure how users authenticate with and log into Icinga Web 2'),
'label' => $this->translate('Authentication'),
'url' => 'config/userbackend'
));
$allowedActions[] = 'userbackend';
}
if ($auth->hasPermission('config/application/usergroupbackend')) {
$tabs->add('usergroupbackend', array(
'title' => $this->translate('Configure how users are associated with groups by Icinga Web 2'),
'label' => $this->translate('User Groups'),
'url' => 'usergroupbackend/list'
));
$allowedActions[] = 'roles';
$allowedActions[] = 'usergroupbackend';
}
$this->firstAllowedAction = array_shift($allowedActions);
}
Expand All @@ -85,7 +84,7 @@ public function devtoolsAction()
public function indexAction()
{
if ($this->firstAllowedAction === null) {
throw new SecurityException($this->translate('No permission for configuration'));
throw new SecurityException($this->translate('No permission for application configuration'));
}
$action = $this->getTabs()->get($this->firstAllowedAction);
if (substr($action->getUrl()->getPath(), 0, 7) === 'config/') {
Expand All @@ -96,19 +95,19 @@ public function indexAction()
}

/**
* Application configuration
* General configuration
*
* @throws SecurityException If the user lacks the permission for configuring the application
* @throws SecurityException If the user lacks the permission for configuring the general configuration
*/
public function applicationAction()
public function generalAction()
{
$this->assertPermission('config/application/general');
$form = new GeneralConfigForm();
$form->setIniConfig(Config::app());
$form->handleRequest();

$this->view->form = $form;
$this->view->tabs->activate('application');
$this->view->tabs->activate('general');
}

/**
Expand Down Expand Up @@ -201,71 +200,72 @@ public function moduledisableAction()
}

/**
* Action for listing and reordering authentication backends
* Action for listing and reordering user backends
*/
public function authenticationAction()
public function userbackendAction()
{
$this->assertPermission('config/application/authentication');
$form = new AuthenticationBackendReorderForm();
$this->assertPermission('config/application/userbackend');
$form = new UserBackendReorderForm();
$form->setIniConfig(Config::app('authentication'));
$form->handleRequest();

$this->view->form = $form;
$this->view->tabs->activate('authentication');
$this->render('authentication/reorder');
$this->view->tabs->activate('userbackend');
$this->render('userbackend/reorder');
}

/**
* Action for creating a new authentication backend
* Action for creating a new user backend
*/
public function createauthenticationbackendAction()
public function createuserbackendAction()
{
$this->assertPermission('config/application/authentication');
$form = new AuthenticationBackendConfigForm();
$form->setTitle($this->translate('Create New Authentication Backend'));
$this->assertPermission('config/application/userbackend');
$form = new UserBackendConfigForm();
$form->setTitle($this->translate('Create New User Backend'));
$form->addDescription($this->translate(
'Create a new backend for authenticating your users. This backend'
. ' will be added at the end of your authentication order.'
));
$form->setIniConfig(Config::app('authentication'));
$form->setResourceConfig(ResourceFactory::getResourceConfigs());
$form->setRedirectUrl('config/authentication');
$form->setRedirectUrl('config/userbackend');
$form->handleRequest();

$this->view->form = $form;
$this->view->tabs->activate('authentication');
$this->render('authentication/create');
$this->view->tabs->activate('userbackend');
$this->render('userbackend/create');
}

/**
* Action for editing authentication backends
* Action for editing user backends
*/
public function editauthenticationbackendAction()
public function edituserbackendAction()
{
$this->assertPermission('config/application/authentication');
$form = new AuthenticationBackendConfigForm();
$form->setTitle($this->translate('Edit Backend'));
$this->assertPermission('config/application/userbackend');
$form = new UserBackendConfigForm();
$form->setTitle($this->translate('Edit User Backend'));
$form->setIniConfig(Config::app('authentication'));
$form->setResourceConfig(ResourceFactory::getResourceConfigs());
$form->setRedirectUrl('config/authentication');
$form->setRedirectUrl('config/userbackend');
$form->setAction(Url::fromRequest());
$form->handleRequest();

$this->view->form = $form;
$this->view->tabs->activate('authentication');
$this->render('authentication/modify');
$this->view->tabs->activate('userbackend');
$this->render('userbackend/modify');
}

/**
* Action for removing a backend from the authentication list
* Action for removing a user backend
*/
public function removeauthenticationbackendAction()
public function removeuserbackendAction()
{
$this->assertPermission('config/application/authentication');
$this->assertPermission('config/application/userbackend');
$form = new ConfirmRemovalForm(array(
'onSuccess' => function ($form) {
$configForm = new AuthenticationBackendConfigForm();
$configForm = new UserBackendConfigForm();
$configForm->setIniConfig(Config::app('authentication'));
$authBackend = $form->getRequest()->getQuery('auth_backend');
$authBackend = $form->getRequest()->getQuery('backend');

try {
$configForm->remove($authBackend);
Expand All @@ -276,21 +276,22 @@ public function removeauthenticationbackendAction()

if ($configForm->save()) {
Notification::success(sprintf(
t('Authentication backend "%s" has been successfully removed'),
t('User backend "%s" has been successfully removed'),
$authBackend
));
} else {
return false;
}
}
));
$form->setTitle($this->translate('Remove Backend'));
$form->setRedirectUrl('config/authentication');
$form->setTitle($this->translate('Remove User Backend'));
$form->setRedirectUrl('config/userbackend');
$form->setAction(Url::fromRequest());
$form->handleRequest();

$this->view->form = $form;
$this->view->tabs->activate('authentication');
$this->render('authentication/remove');
$this->view->tabs->activate('userbackend');
$this->render('userbackend/remove');
}

/**
Expand Down Expand Up @@ -373,7 +374,7 @@ public function removeresourceAction()
if ($config->get('resource') === $resource) {
$form->addDescription(sprintf(
$this->translate(
'The resource "%s" is currently in use by the authentication backend "%s". ' .
'The resource "%s" is currently utilized for authentication by user backend "%s". ' .
'Removing the resource can result in noone being able to log in any longer.'
),
$resource,
Expand Down

0 comments on commit 5f898a3

Please sign in to comment.