Skip to content

Commit

Permalink
Merge branch 'master' into bugfix/drop-zend-config-7147
Browse files Browse the repository at this point in the history 
Conflicts:
	application/forms/LdapDiscoveryForm.php
  • Loading branch information
Johannes Meyer committed Nov 18, 2014
2 parents 68277d3 + 985df11 commit c288a68
Show file tree
Hide file tree
Showing 19 changed files with 288 additions and 185 deletions.
8 changes: 4 additions & 4 deletions .vagrant-puppet/manifests/default.pp
View file
Expand Up @@ -602,14 +602,14 @@
}

exec { 'populate-icingaweb-mysql-db-tables':
unless => 'mysql -uicingaweb -picingaweb icingaweb -e "SELECT * FROM account;" &> /dev/null',
command => 'mysql -uicingaweb -picingaweb icingaweb < /vagrant/etc/schema/mysql.sql',
unless => 'mysql -uicingaweb -picingaweb icingaweb -e "SELECT * FROM icingaweb_group;" &> /dev/null',
command => 'mysql -uicingaweb -picingaweb icingaweb < /vagrant/etc/schema/mysql.schema.sql',
require => [ Exec['create-mysql-icingaweb-db'] ]
}

exec { 'populate-icingweba-pgsql-db-tables':
unless => 'psql -U icingaweb -d icingaweb -c "SELECT * FROM account;" &> /dev/null',
command => 'sudo -u postgres psql -U icingaweb -d icingaweb -f /vagrant/etc/schema/pgsql.sql',
unless => 'psql -U icingaweb -d icingaweb -c "SELECT * FROM icingaweb_group;" &> /dev/null',
command => 'sudo -u postgres psql -U icingaweb -d icingaweb -f /vagrant/etc/schema/pgsql.schema.sql',
require => [ Exec['create-pgsql-icingaweb-db'] ]
}

Expand Down
1 change: 0 additions & 1 deletion Vagrantfile
View file
Expand Up @@ -54,7 +54,6 @@ Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
# the path on the host to the actual folder. The second argument is
# the path on the guest to mount the folder. And the optional third
# argument is a set of non-required options.
config.vm.synced_folder "./config", "/vagrant/config"
config.vm.synced_folder "./var/log", "/vagrant/var/log"

# Provider-specific configuration so you can fine-tune various
Expand Down
142 changes: 3 additions & 139 deletions application/forms/LdapDiscoveryForm.php
View file
@@ -1,47 +1,13 @@
<?php
// {{{ICINGA_LICENSE_HEADER}}}
// {{{ICINGA_LICENSE_HEADER}}}

namespace Icinga\Forms;

use Icinga\Application\Logger;
use Icinga\Data\ConfigObject;
use Icinga\Protocol\Ldap\Exception as LdapException;
use Icinga\Protocol\Ldap\Connection;
use Icinga\Protocol\Dns;
use Icinga\Web\Form;

/**
* Form class for application-wide and logging specific settings
*/
class LdapDiscoveryForm extends Form
{
/**
* The discovered server settings
*
* @var array
*/
private $capabilities = null;

/**
* The discovered root_dn
*
* @var null
*/
private $namingContext = null;

/**
* The working domain name
*
* @var null
*/
private $domain = null;

/**
* The working port name
*
* @var int
*/
private $port = 389;

/**
* Initialize this page
*/
Expand Down Expand Up @@ -104,108 +70,6 @@ public function isValid($data)
if (false === parent::isValid($data)) {
return false;
}
if ($this->discover($this->getValue('domain'))) {
return true;
}
return true;
}


private function discover($domain)
{
// Attempt 1: Connect to the domain directly
if ($this->discoverCapabilities(array(
'hostname' => $domain,
'port' => 389)
)) {
return true;
}

// Attempt 2: Discover all available ldap dns records and connect to the first one
$cap = false;
$records = array_merge(Dns::getSrvRecords($domain, 'ldap'), Dns::getSrvRecords($domain, 'ldaps'));
if (isset($records[0])) {
$record = $records[0];
if (isset($record['port'])) {
$cap = $this->discoverCapabilities(array(
'hostname' => $record['target'],
'port' => $record['port']
));
} else {
$cap = $this->discoverCapabilities(array(
'hostname' => $record['target'],
'port' => 389
));
}
}
return $cap;
}

private function discoverCapabilities($config)
{
$conn = new Connection(new ConfigObject($config));
try {
$conn->connect();
$this->capabilities = $conn->getCapabilities();
$this->namingContext = $conn->getDefaultNamingContext();
$this->port = $config['port'];
$this->domain = $config['hostname'];
return true;
} catch (LdapException $e) {
Logger::info(
'Ldap discovery for ' . $config['hostname'] . ':' . $config['port'] . ' failed: ' . $e->getMessage()
);
return false;
}
}

public function suggestResourceSettings()
{
if (! isset($this->capabilities)) {
return array();
}
if ($this->capabilities->msCapabilities->ActiveDirectoryOid) {
return array(
'hostname' => $this->domain,
'port' => $this->port,
'root_dn' => $this->namingContext
);
} else {
return array(
'hostname' => $this->domain,
'port' => $this->port,
'root_dn' => $this->namingContext
);
}
}

public function hasSuggestion()
{
return isset($this->capabilities);
}

public function suggestBackendSettings()
{
if (! isset($this->capabilities)) {
return array();
}
if ($this->capabilities->msCapabilities->ActiveDirectoryOid) {
return array(
'base_dn' => $this->namingContext,
'user_class' => 'user',
'user_name_attribute' => 'sAMAccountName'
);
} else {
return array(
'base_dn' => $this->namingContext,
'user_class' => 'inetOrgPerson',
'user_name_attribute' => 'uid'
);
}
}

public function isAd()
{
return $this->capabilities->msCapabilities->ActiveDirectoryOid;
}
}
}
1 change: 0 additions & 1 deletion bin/icingacli
View file
@@ -1,5 +1,4 @@
#!/usr/bin/php

<?php
// {{{ICINGA_LICENSE_HEADER}}}
// {{{ICINGA_LICENSE_HEADER}}}
Expand Down
3 changes: 3 additions & 0 deletions etc/schema/pgsql.schema.sql
View file
Expand Up @@ -76,6 +76,7 @@ CREATE UNIQUE INDEX idx_icingaweb_user
CREATE TABLE "icingaweb_user_preference" (
"username" character varying(64) NOT NULL,
"name" character varying(64) NOT NULL,
"section" character varying(64) NOT NULL,
"value" character varying(255) NOT NULL,
"ctime" timestamp NULL DEFAULT NULL,
"mtime" timestamp NULL DEFAULT NULL
Expand All @@ -85,12 +86,14 @@ ALTER TABLE ONLY "icingaweb_user_preference"
ADD CONSTRAINT pk_icingaweb_user_preference
PRIMARY KEY (
"username",
"section",
"name"
);

CREATE UNIQUE INDEX idx_icingaweb_user_preference
ON "icingaweb_user_preference"
USING btree (
lower((username)::text),
lower((section)::text),
lower((name)::text)
);
23 changes: 23 additions & 0 deletions library/Icinga/Protocol/Ldap/Connection.php
View file
Expand Up @@ -95,6 +95,7 @@ class Connection

protected $capabilities;
protected $namingContexts;
protected $discoverySuccess = false;

/**
* Constructor
Expand All @@ -112,6 +113,16 @@ public function __construct(ConfigObject $config)
$this->port = $config->get('port', $this->port);
}

public function getHostname()
{
return $this->hostname;
}

public function getPort()
{
return $this->port;
}

public function getDN()
{
return $this->root_dn;
Expand Down Expand Up @@ -391,6 +402,7 @@ protected function prepareNewConnection()
try {
$capabilities = $this->discoverCapabilities($ds);
list($cap, $namingContexts) = $capabilities;
$this->discoverySuccess = true;
} catch (LdapException $e) {

// discovery failed, guess defaults
Expand Down Expand Up @@ -602,6 +614,17 @@ public function namingContexts()
return $this->namingContexts;
}

/**
* Whether service discovery was successful
*
* @return boolean True when ldap settings were discovered, false when
* settings were guessed
*/
public function discoverySuccessful()
{
return $this->discoverySuccess;
}

/**
* Discover the capabilities of the given ldap-server
*
Expand Down

0 comments on commit c288a68

Please sign in to comment.