/**
  * My account
  */
 public function indexAction()
 {
     $config = Config::app()->getSection('global');
     $user = $this->Auth()->getUser();
     if ($user->getAdditional('backend_type') === 'db') {
         try {
             $userBackend = UserBackend::create($user->getAdditional('backend_name'));
         } catch (ConfigurationError $e) {
             $userBackend = null;
         }
         if ($userBackend !== null) {
             $changePasswordForm = new ChangePasswordForm();
             $changePasswordForm->setBackend($userBackend)->handleRequest();
             $this->view->changePasswordForm = $changePasswordForm;
         }
     }
     $form = new PreferenceForm();
     $form->setPreferences($user->getPreferences());
     if ($config->get('config_backend', 'ini') !== 'none') {
         $form->setStore(PreferencesStore::create(new ConfigObject(array('store' => $config->get('config_backend', 'ini'), 'resource' => $config->config_resource)), $user));
     }
     $form->handleRequest();
     $this->view->form = $form;
     $this->getTabs()->activate('account');
 }
 /**
  * Create and add elements to this form
  *
  * @param   array   $formData
  */
 public function createElements(array $formData)
 {
     $resourceNames = $this->getLdapResourceNames();
     $this->addElement('select', 'resource', array('required' => true, 'autosubmit' => true, 'label' => $this->translate('LDAP Connection'), 'description' => $this->translate('The LDAP connection to use for this backend.'), 'multiOptions' => array_combine($resourceNames, $resourceNames)));
     $resource = ResourceFactory::create(isset($formData['resource']) && in_array($formData['resource'], $resourceNames) ? $formData['resource'] : $resourceNames[0]);
     $userBackends = array('none' => $this->translate('None', 'usergroupbackend.ldap.user_backend'));
     $userBackendNames = $this->getLdapUserBackendNames($resource);
     if (!empty($userBackendNames)) {
         $userBackends = array_merge($userBackends, array_combine($userBackendNames, $userBackendNames));
     }
     $this->addElement('select', 'user_backend', array('required' => true, 'autosubmit' => true, 'label' => $this->translate('User Backend'), 'description' => $this->translate('The user backend to link with this user group backend.'), 'multiOptions' => $userBackends));
     $groupBackend = new LdapUserGroupBackend($resource);
     if ($formData['type'] === 'ldap') {
         $defaults = $groupBackend->getOpenLdapDefaults();
         $groupConfigDisabled = $userConfigDisabled = null;
         // MUST BE null, do NOT change this to false!
     } else {
         // $formData['type'] === 'msldap'
         $defaults = $groupBackend->getActiveDirectoryDefaults();
         $groupConfigDisabled = $userConfigDisabled = true;
     }
     $dnDisabled = null;
     // MUST BE null
     if (isset($formData['user_backend']) && $formData['user_backend'] !== 'none') {
         $userBackend = UserBackend::create($formData['user_backend']);
         $defaults->merge(array('user_base_dn' => $userBackend->getBaseDn(), 'user_class' => $userBackend->getUserClass(), 'user_name_attribute' => $userBackend->getUserNameAttribute(), 'user_filter' => $userBackend->getFilter()));
         $userConfigDisabled = $dnDisabled = true;
     }
     $this->createGroupConfigElements($defaults, $groupConfigDisabled);
     $this->createUserConfigElements($defaults, $userConfigDisabled, $dnDisabled);
 }
 /**
  * Validate the configuration by creating a backend and requesting the user count
  *
  * @param   Form    $form   The form to fetch the configuration values from
  *
  * @return  bool            Whether validation succeeded or not
  */
 public static function isValidUserBackend(Form $form)
 {
     try {
         $ldapUserBackend = UserBackend::create(null, new ConfigObject($form->getValues()));
         $ldapUserBackend->assertAuthenticationPossible();
     } catch (AuthenticationException $e) {
         if (($previous = $e->getPrevious()) !== null) {
             $form->addError($previous->getMessage());
         } else {
             $form->addError($e->getMessage());
         }
         return false;
     } catch (Exception $e) {
         $form->addError(sprintf($form->translate('Unable to validate authentication: %s'), $e->getMessage()));
         return false;
     }
     return true;
 }
 /**
  * Return the given user backend or the first match in order
  *
  * @param   string  $name           The name of the backend, or null in case the first match should be returned
  * @param   string  $interface      The interface the backend should implement, no interface check if null
  *
  * @return  UserBackendInterface
  *
  * @throws  Zend_Controller_Action_Exception    In case the given backend name is invalid
  */
 protected function getUserBackend($name = null, $interface = 'Icinga\\Data\\Selectable')
 {
     if ($name !== null) {
         $config = Config::app('authentication');
         if (!$config->hasSection($name)) {
             $this->httpNotFound(sprintf($this->translate('Authentication backend "%s" not found'), $name));
         } else {
             $backend = UserBackend::create($name, $config->getSection($name));
             if ($interface && !$backend instanceof $interface) {
                 $interfaceParts = explode('\\', strtolower($interface));
                 throw new Zend_Controller_Action_Exception(sprintf($this->translate('Authentication backend "%s" is not %s'), $name, array_pop($interfaceParts)), 400);
             }
         }
     } else {
         $backends = $this->loadUserBackends($interface);
         $backend = array_shift($backends);
     }
     return $backend;
 }
 /**
  * Apply the given configuration on this backend
  *
  * @param   ConfigObject    $config
  *
  * @return  $this
  *
  * @throws  ConfigurationError      In case a linked user backend does not exist or is invalid
  */
 public function setConfig(ConfigObject $config)
 {
     if ($config->backend === 'ldap') {
         $defaults = $this->getOpenLdapDefaults();
     } elseif ($config->backend === 'msldap') {
         $defaults = $this->getActiveDirectoryDefaults();
     } else {
         $defaults = new ConfigObject();
     }
     if ($config->user_backend && $config->user_backend !== 'none') {
         $userBackend = UserBackend::create($config->user_backend);
         if (!$userBackend instanceof LdapUserBackend) {
             throw new ConfigurationError('User backend "%s" is not of type LDAP', $config->user_backend);
         }
         if ($this->ds->getHostname() !== $userBackend->getDataSource()->getHostname() || $this->ds->getPort() !== $userBackend->getDataSource()->getPort()) {
             // TODO(jom): Elaborate whether it makes sense to link directories on different hosts
             throw new ConfigurationError('It is required that a linked user backend refers to the ' . 'same directory as it\'s user group backend counterpart');
         }
         $this->setUserBackend($userBackend);
         $defaults->merge(array('user_base_dn' => $userBackend->getBaseDn(), 'user_class' => $userBackend->getUserClass(), 'user_name_attribute' => $userBackend->getUserNameAttribute(), 'user_filter' => $userBackend->getFilter()));
     }
     return $this->setGroupBaseDn($config->base_dn)->setUserBaseDn($config->get('user_base_dn', $this->getGroupBaseDn()))->setGroupClass($config->get('group_class', $defaults->group_class))->setUserClass($config->get('user_class', $defaults->user_class))->setGroupNameAttribute($config->get('group_name_attribute', $defaults->group_name_attribute))->setUserNameAttribute($config->get('user_name_attribute', $defaults->user_name_attribute))->setGroupMemberAttribute($config->get('group_member_attribute', $defaults->group_member_attribute))->setGroupFilter($config->filter)->setUserFilter($config->user_filter);
 }
Beispiel #6
0
 /**
  * Create and return the backend
  *
  * @return  DbUserBackend|LdapUserBackend
  */
 protected function createBackend()
 {
     $config = new ConfigObject($this->backendConfig);
     $config->resource = $this->resourceConfig;
     return UserBackend::create(null, $config);
 }
Beispiel #7
0
 /**
  * Check whether the current user backend is valid, i.e. it's enabled, not an external user backend and whether its
  * config is valid
  *
  * @return bool
  */
 public function valid()
 {
     if (!$this->config->valid()) {
         // Stop when there are no more backends to check
         return false;
     }
     $backendConfig = $this->config->current();
     if ((bool) $backendConfig->get('disabled', false)) {
         $this->next();
         return $this->valid();
     }
     $name = $this->key();
     try {
         $backend = UserBackend::create($name, $backendConfig);
     } catch (ConfigurationError $e) {
         Logger::error(new ConfigurationError('Can\'t create authentication backend "%s". An exception was thrown:', $name, $e));
         $this->next();
         return $this->valid();
     }
     if ($this->getSkipExternalBackends() && $backend instanceof ExternalBackend) {
         $this->next();
         return $this->valid();
     }
     $this->currentBackend = $backend;
     return true;
 }
 /**
  * Create and return the user backend
  *
  * @return  DbUserBackend|LdapUserBackend
  */
 protected function createUserBackend()
 {
     $resourceConfig = new Config();
     $resourceConfig->setSection($this->resourceConfig['name'], $this->resourceConfig);
     ResourceFactory::setConfig($resourceConfig);
     $config = new ConfigObject($this->backendConfig);
     $config->resource = $this->resourceConfig['name'];
     return UserBackend::create(null, $config);
 }
 /**
  * Create a user backend by using the given form's values and return its inspection results
  *
  * Returns null for non-inspectable backends.
  *
  * @param   Form    $form
  *
  * @return  Inspection|null
  */
 public static function inspectUserBackend(Form $form)
 {
     $backend = UserBackend::create(null, new ConfigObject($form->getValues()));
     if ($backend instanceof Inspectable) {
         return $backend->inspect();
     }
 }
Beispiel #10
0
 /**
  * Validate the configuration by creating a backend and requesting the user count
  *
  * @param   Form    $form   The form to fetch the configuration values from
  *
  * @return  bool            Whether validation succeeded or not
  */
 public static function isValidUserBackend(Form $form)
 {
     /**
      * @var $result Inspection
      */
     $result = UserBackend::create(null, new ConfigObject($form->getValues()))->inspect();
     if ($result->hasError()) {
         $form->addError($result->getError());
     }
     // TODO: display diagnostics in $result->toArray() to the user
     return !$result->hasError();
 }
Beispiel #11
0
 /**
  * Return the names of all users this backend currently provides
  *
  * @return  array
  */
 protected function fetchUsers()
 {
     $config = new ConfigObject($this->backendConfig);
     $config->resource = $this->resourceConfig;
     $backend = UserBackend::create(null, $config);
     try {
         return $backend->select(array('user_name'))->order('user_name', 'asc', true)->fetchColumn();
     } catch (Exception $_) {
         // No need to handle anything special here. Error means no users found.
         return array();
     }
 }