Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
refs #7163
- Loading branch information
Showing
6 changed files
with
506 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,214 @@ | ||
<?php | ||
|
||
namespace Icinga\Form; | ||
|
||
use Icinga\Application\Config; | ||
use Icinga\Logger\Logger; | ||
use Icinga\Protocol\Ldap\Exception as LdapException; | ||
use Icinga\Protocol\Ldap\Connection; | ||
use Icinga\Web\Request; | ||
use Icinga\Protocol\Dns; | ||
use Icinga\Web\Form\Element\Note; | ||
use Icinga\Web\Form; | ||
|
||
/** | ||
* Form class for application-wide and logging specific settings | ||
*/ | ||
class LdapDiscoveryForm extends Form | ||
{ | ||
/** | ||
* The discovered server settings | ||
* | ||
* @var array | ||
*/ | ||
private $capabilities = null; | ||
|
||
/** | ||
* The discovered root_dn | ||
* | ||
* @var null | ||
*/ | ||
private $namingContext = null; | ||
|
||
/** | ||
* The working domain name | ||
* | ||
* @var null | ||
*/ | ||
private $domain = null; | ||
|
||
/** | ||
* The working port name | ||
* | ||
* @var int | ||
*/ | ||
private $port = 389; | ||
|
||
/** | ||
* Initialize this page | ||
*/ | ||
public function init() | ||
{ | ||
$this->setName('form_ldap_discovery'); | ||
} | ||
|
||
/** | ||
* @see Form::createElements() | ||
*/ | ||
public function createElements(array $formData) | ||
{ | ||
$this->addElement( | ||
'text', | ||
'domain', | ||
array( | ||
'required' => true, | ||
'label' => t('Search Domain'), | ||
'description' => t('Search this domain for records of available servers.'), | ||
) | ||
); | ||
|
||
if (false) { | ||
$this->addElement( | ||
new Note( | ||
'additional_description', | ||
array( | ||
'value' => t('No Ldap servers found on this domain.' | ||
. ' You can try to specify host and port and try again, or just skip this step and ' | ||
. 'configure the server manually.' | ||
) | ||
) | ||
) | ||
); | ||
$this->addElement( | ||
'text', | ||
'hostname', | ||
array( | ||
'required' => false, | ||
'label' => t('Host'), | ||
'description' => t('IP or host name to search.'), | ||
) | ||
); | ||
|
||
$this->addElement( | ||
'text', | ||
'port', | ||
array( | ||
'required' => false, | ||
'label' => t('Port'), | ||
'description' => t('Port', 389), | ||
) | ||
); | ||
} | ||
return $this; | ||
} | ||
|
||
public function isValid($data) | ||
{ | ||
if (false === parent::isValid($data)) { | ||
return false; | ||
} | ||
if ($this->discover($this->getValue('domain'))) { | ||
return true; | ||
} | ||
return true; | ||
} | ||
|
||
|
||
private function discover($domain) | ||
{ | ||
// Attempt 1: Connect to the domain directly | ||
if ($this->discoverCapabilities(array( | ||
'hostname' => $domain, | ||
'port' => 389) | ||
)) { | ||
return true; | ||
} | ||
|
||
// Attempt 2: Discover all available ldap dns records and connect to the first one | ||
$cap = false; | ||
$records = array_merge(Dns::getSrvRecords($domain, 'ldap'), Dns::getSrvRecords($domain, 'ldaps')); | ||
if (isset($records[0])) { | ||
$record = $records[0]; | ||
if (isset($record['port'])) { | ||
$cap = $this->discoverCapabilities(array( | ||
'hostname' => $record['target'], | ||
'port' => $record['port'] | ||
)); | ||
} else { | ||
$cap = $this->discoverCapabilities(array( | ||
'hostname' => $record['target'], | ||
'port' => 389 | ||
)); | ||
} | ||
} | ||
return $cap; | ||
} | ||
|
||
private function discoverCapabilities($config) | ||
{ | ||
$conn = new Connection(new Config($config)); | ||
try { | ||
$conn->connect(); | ||
$this->capabilities = $conn->getCapabilities(); | ||
$this->namingContext = $conn->getDefaultNamingContext(); | ||
$this->port = $config['port']; | ||
$this->domain = $config['hostname']; | ||
return true; | ||
} catch (LdapException $e) { | ||
Logger::info( | ||
'Ldap discovery for ' . $config['hostname'] . ':' . $config['port'] . ' failed: ' . $e->getMessage() | ||
); | ||
return false; | ||
} | ||
} | ||
|
||
public function suggestResourceSettings() | ||
{ | ||
if (! isset($this->capabilities)) { | ||
return array(); | ||
} | ||
if (isset($this->capabilities->msCapabilities->ActiveDirectoryOid)) { | ||
return array( | ||
'hostname' => $this->domain, | ||
'port' => $this->port, | ||
'root_dn' => $this->namingContext | ||
); | ||
} else { | ||
return array( | ||
'hostname' => $this->domain, | ||
'port' => $this->port, | ||
'root_dn' => $this->namingContext | ||
); | ||
} | ||
} | ||
|
||
public function hasSuggestion() | ||
{ | ||
return isset($this->capabilities); | ||
} | ||
|
||
public function suggestBackendSettings() | ||
{ | ||
if (! isset($this->capabilities)) { | ||
return array(); | ||
} | ||
if (isset($this->capabilities->msCapabilities->ActiveDirectoryOid)) { | ||
return array( | ||
'base_dn' => $this->namingContext, | ||
'user_class' => 'user', | ||
'user_name_attribute' => 'sAMAccountName' | ||
); | ||
} else { | ||
return array( | ||
'base_dn' => $this->namingContext, | ||
'user_class' => 'inetOrgPerson', | ||
'user_name_attribute' => 'uid' | ||
); | ||
} | ||
} | ||
|
||
public function isAd() | ||
{ | ||
return isset($this->capabilities->msCapabilities->ActiveDirectoryOid); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,128 @@ | ||
<?php | ||
// {{{ICINGA_LICENSE_HEADER}}} | ||
// {{{ICINGA_LICENSE_HEADER}}} | ||
|
||
namespace Icinga\Form\Setup; | ||
|
||
use Icinga\Protocol\Dns; | ||
use Icinga\Web\Form; | ||
use Icinga\Web\Form\Element\Note; | ||
use Icinga\Form\LdapDiscoveryForm; | ||
use Icinga\Form\Config\Resource\LdapResourceForm; | ||
use Icinga\Web\Request; | ||
|
||
/** | ||
* Wizard page to define the connection details for a LDAP resource | ||
*/ | ||
class LdapDiscoveryConfirmPage extends Form | ||
{ | ||
const TYPE_AD = 'MS ActiveDirectory'; | ||
const TYPE_MISC = 'LDAP'; | ||
|
||
private $infoTemplate = <<< 'EOT' | ||
<br/> | ||
Found LDAP server on {domain} | ||
<ul> | ||
<li><b>Type:</b> {type}</li> | ||
<li><b>Port:</b> {port}</li> | ||
<li><b>Root DN:</b> {root_dn}</li> | ||
<li><b>User-Class:</b> {user_class}</li> | ||
<li><b>User-Attribue:</b> {user_attribute}</li> | ||
</ul> | ||
EOT; | ||
|
||
/** | ||
* The previous configuration | ||
* | ||
* @var array | ||
*/ | ||
private $config; | ||
|
||
/** | ||
* Initialize this page | ||
*/ | ||
public function init() | ||
{ | ||
$this->setName('setup_ldap_discovery_confirm'); | ||
} | ||
|
||
/** | ||
* Set the resource configuration to use | ||
* | ||
* @param array $config | ||
* | ||
* @return self | ||
*/ | ||
public function setResourceConfig(array $config) | ||
{ | ||
$this->config = $config; | ||
return $this; | ||
} | ||
|
||
/** | ||
* Return the resource configuration as Zend_Config object | ||
* | ||
* @return Zend_Config | ||
*/ | ||
public function getResourceConfig() | ||
{ | ||
return new Zend_Config($this->config); | ||
} | ||
|
||
/** | ||
* @see Form::createElements() | ||
*/ | ||
public function createElements(array $formData) | ||
{ | ||
$resource = $this->config['resource']; | ||
$backend = $this->config['backend']; | ||
$html = $this->infoTemplate; | ||
$html = str_replace('{domain}', $this->config['domain'], $html); | ||
$html = str_replace('{type}', $this->config['type'], $html); | ||
$html = str_replace('{hostname}', $resource['hostname'], $html); | ||
$html = str_replace('{port}', $resource['port'], $html); | ||
$html = str_replace('{root_dn}', $resource['root_dn'], $html); | ||
$html = str_replace('{user_attribute}', $backend['user_name_attribute'], $html); | ||
$html = str_replace('{user_class}', $backend['user_class'], $html); | ||
|
||
$this->addElement( | ||
new Note( | ||
'suggestion', | ||
array('value' => $html) | ||
) | ||
); | ||
|
||
$this->addElement( | ||
'checkbox', | ||
'confirm', | ||
array( | ||
'value' => '1', | ||
'label' => t('Use this configuration?') | ||
) | ||
); | ||
} | ||
|
||
/** | ||
* Validate the given form data and check whether a BIND-request is successful | ||
* | ||
* @param array $data The data to validate | ||
* | ||
* @return bool | ||
*/ | ||
public function isValid($data) | ||
{ | ||
if (false === parent::isValid($data)) { | ||
return false; | ||
} | ||
return true; | ||
} | ||
|
||
public function getValues($suppressArrayNotation = false) | ||
{ | ||
if ($this->getValue('confirm') === '1') { | ||
// use configuration | ||
return $this->config; | ||
} | ||
return null; | ||
} | ||
} |
Oops, something went wrong.