/**
* Create a transport from config
*
* @param ConfigObject $config
*
* @return LocalCommandFile|RemoteCommandFile
* @throws ConfigurationError
*/
public static function fromConfig(ConfigObject $config)
{
$config = clone $config;
switch (strtolower($config->transport)) {
case RemoteCommandFile::TRANSPORT:
$transport = new RemoteCommandFile();
break;
case LocalCommandFile::TRANSPORT:
case '':
// Casting null to string is the empty string
$transport = new LocalCommandFile();
break;
default:
throw new ConfigurationError('Can\'t create command transport \'%s\'. Invalid transport defined in \'%s\'.' . ' Use one of \'%s\' or \'%s\'.', $config->transport, self::$config->getConfigFile(), LocalCommandFile::TRANSPORT, RemoteCommandFile::TRANSPORT);
}
unset($config->transport);
foreach ($config as $key => $value) {
$method = 'set' . ucfirst($key);
if (!method_exists($transport, $method)) {
// Ignore settings from config that don't have a setter on the transport instead of throwing an
// exception here because the transport should throw an exception if it's not fully set up
// when being about to send a command
continue;
}
$transport->{$method}($value);
}
return $transport;
}
/**
* Return the user backend configuration as Config object
*
* @return Config
*/
protected function createBackendConfiguration()
{
$config = new Config();
$backendConfig = $this->backendConfig;
$backendConfig['resource'] = $this->resourceConfig['name'];
$config->setSection($this->backendConfig['name'], $backendConfig);
return $config;
}
/**
* Set the resource configuration to use
*
* @param array $config
*
* @return $this
*/
public function setResourceConfig(array $config)
{
$resourceConfig = new Config();
$resourceConfig->setSection($config['name'], $config);
ResourceFactory::setConfig($resourceConfig);
$this->config = $config;
return $this;
}
/**
* Persist the current configuration to disk
*
* If an error occurs the user is shown a view describing the issue and displaying the raw INI configuration.
*
* @return bool Whether the configuration could be persisted
*/
public function save()
{
try {
$this->config->saveIni();
} catch (Exception $e) {
$this->addDecorator('ViewScript', array('viewModule' => 'default', 'viewScript' => 'showConfiguration.phtml', 'errorMessage' => $e->getMessage(), 'configString' => $this->config, 'filePath' => $this->config->getConfigFile(), 'placement' => Zend_Form_Decorator_Abstract::PREPEND));
return false;
}
return true;
}
/**
* {@inheritdoc}
*/
protected function writeConfig(Config $config)
{
// TODO: Remove this once #11743 is fixed
$section = $config->getSection('elasticsearch');
foreach ($section->toArray() as $key => $value) {
if ($value === null) {
unset($section->{$key});
}
}
parent::writeConfig($config);
}
/**
* (non-PHPDoc)
* @see \Icinga\Web\Form::createElements() For the method documentation.
*/
public function createElements(array $formData = array())
{
$config = Config::module('monitoring');
parent::createElements($formData);
$this->addElements(array(array('checkbox', 'all_services', array('label' => $this->translate('All Services'), 'value' => (bool) $config->get('settings', 'hostcheck_all_services', false), 'description' => $this->translate('Schedule check for all services on the hosts and the hosts themselves.')))));
return $this;
}
protected function init()
{
$cfg = Config::module('pnp4nagios')->getSection('pnp4nagios');
$this->configDir = rtrim($cfg->get('config_dir', $this->configDir), '/');
$this->baseUrl = rtrim($cfg->get('base_url', $this->baseUrl), '/');
$this->readPnpConfig();
}
/**
* Create and return a user backend with the given name and given configuration applied to it
*
* @param string $name
* @param ConfigObject $backendConfig
*
* @return UserBackendInterface
*
* @throws ConfigurationError
*/
public static function create($name, ConfigObject $backendConfig = null)
{
if ($backendConfig === null) {
self::assertBackendsExist();
if (self::$backends->hasSection($name)) {
$backendConfig = self::$backends->getSection($name);
} else {
throw new ConfigurationError('User backend "%s" does not exist', $name);
}
}
if ($backendConfig->name !== null) {
$name = $backendConfig->name;
}
if (!($backendType = strtolower($backendConfig->backend))) {
throw new ConfigurationError('Authentication configuration for user backend "%s" is missing the \'backend\' directive', $name);
}
if ($backendType === 'external') {
$backend = new ExternalBackend($backendConfig);
$backend->setName($name);
return $backend;
}
if (in_array($backendType, static::$defaultBackends)) {
// The default backend check is the first one because of performance reasons:
// Do not attempt to load a custom user backend unless it's actually required
} elseif (($customClass = static::getCustomUserBackend($backendType)) !== null) {
$backend = new $customClass($backendConfig);
if (!is_a($backend, 'Icinga\\Authentication\\User\\UserBackendInterface')) {
throw new ConfigurationError('Cannot utilize user backend of type "%s". Class "%s" does not implement UserBackendInterface', $backendType, $customClass);
}
$backend->setName($name);
return $backend;
} else {
throw new ConfigurationError('Authentication configuration for user backend "%s" defines an invalid backend type.' . ' Backend type "%s" is not supported', $name, $backendType);
}
if ($backendConfig->resource === null) {
throw new ConfigurationError('Authentication configuration for user backend "%s" is missing the \'resource\' directive', $name);
}
$resource = ResourceFactory::create($backendConfig->resource);
switch ($backendType) {
case 'db':
$backend = new DbUserBackend($resource);
break;
case 'msldap':
$backend = new LdapUserBackend($resource);
$backend->setBaseDn($backendConfig->base_dn);
$backend->setUserClass($backendConfig->get('user_class', 'user'));
$backend->setUserNameAttribute($backendConfig->get('user_name_attribute', 'sAMAccountName'));
$backend->setFilter($backendConfig->filter);
break;
case 'ldap':
$backend = new LdapUserBackend($resource);
$backend->setBaseDn($backendConfig->base_dn);
$backend->setUserClass($backendConfig->get('user_class', 'inetOrgPerson'));
$backend->setUserNameAttribute($backendConfig->get('user_name_attribute', 'uid'));
$backend->setFilter($backendConfig->filter);
break;
}
$backend->setName($name);
return $backend;
}
/**
* Unshare the given navigation item
*
* @param string $name
* @param string $parent
*
* @return Config The new config of the given navigation item
*
* @throws NotFoundError In case no navigation item with the given name is found
* @throws IcingaException In case the navigation item has a parent assigned to it
*/
public function unshare($name, $parent = null)
{
$config = $this->getShareConfig();
if (!$config->hasSection($name)) {
throw new NotFoundError('No navigation item called "%s" found', $name);
}
$itemConfig = $config->getSection($name);
if ($parent === null) {
$parent = $itemConfig->parent;
}
if ($parent && $this->hasBeenShared($parent)) {
throw new IcingaException($this->translate('Unable to unshare navigation item "%s". It is dependent from item "%s".' . ' Dependent items can only be unshared by unsharing their parent'), $name, $parent);
}
$children = $this->getFlattenedChildren($name);
$config->removeSection($name);
$this->secondaryConfig = $config;
if (!$itemConfig->owner || $itemConfig->owner === $this->getUser()->getUsername()) {
$config = $this->getUserConfig();
} else {
$config = Config::navigation($itemConfig->type, $itemConfig->owner);
}
foreach ($children as $child) {
$childConfig = $this->secondaryConfig->getSection($child);
unset($childConfig->owner);
$this->secondaryConfig->removeSection($child);
$config->setSection($child, $childConfig);
}
unset($itemConfig->owner);
unset($itemConfig->users);
unset($itemConfig->groups);
$config->setSection($name, $itemConfig);
$this->setIniConfig($config);
return $config;
}
public function setAuthenticated(User $user, $persist = true)
{
$username = $user->getUsername();
try {
$config = IcingaConfig::app();
} catch (NotReadableError $e) {
Logger::error(new Exception('Cannot load preferences for user "' . $username . '". An exception was thrown', 0, $e));
$config = new Zend_Config(array());
}
if (($preferencesConfig = $config->preferences) !== null) {
try {
$preferencesStore = PreferencesStore::create($preferencesConfig, $user);
$preferences = new Preferences($preferencesStore->load());
} catch (NotReadableError $e) {
Logger::error(new Exception('Cannot load preferences for user "' . $username . '". An exception was thrown', 0, $e));
$preferences = new Preferences();
}
} else {
$preferences = new Preferences();
}
$user->setPreferences($preferences);
$membership = new Membership();
$groups = $membership->getGroupsByUsername($username);
$user->setGroups($groups);
$admissionLoader = new AdmissionLoader();
$user->setPermissions($admissionLoader->getPermissions($username, $groups));
$user->setRestrictions($admissionLoader->getRestrictions($username, $groups));
$this->user = $user;
if ($persist == true) {
$session = Session::getSession();
$session->refreshId();
$this->persistCurrentUser();
}
}
/**
* {@inheritDoc}
*/
protected function writeConfig(Config $config)
{
parent::writeConfig($config);
if ($this->updatedAppConfig !== null) {
$this->updatedAppConfig->saveIni();
}
}
/**
* Apply permissions, restrictions and roles to the given user
*
* @param User $user
*/
public function applyRoles(User $user)
{
$username = $user->getUsername();
try {
$roles = Config::app('roles');
} catch (NotReadableError $e) {
Logger::error('Can\'t get permissions and restrictions for user \'%s\'. An exception was thrown:', $username, $e);
return;
}
$userGroups = $user->getGroups();
$permissions = array();
$restrictions = array();
$roleObjs = array();
foreach ($roles as $roleName => $role) {
if ($this->match($username, $userGroups, $role)) {
$permissionsFromRole = StringHelper::trimSplit($role->permissions);
$permissions = array_merge($permissions, array_diff($permissionsFromRole, $permissions));
$restrictionsFromRole = $role->toArray();
unset($restrictionsFromRole['users']);
unset($restrictionsFromRole['groups']);
unset($restrictionsFromRole['permissions']);
foreach ($restrictionsFromRole as $name => $restriction) {
if (!isset($restrictions[$name])) {
$restrictions[$name] = array();
}
$restrictions[$name][] = $restriction;
}
$roleObj = new Role();
$roleObjs[] = $roleObj->setName($roleName)->setPermissions($permissionsFromRole)->setRestrictions($restrictionsFromRole);
}
}
$user->setPermissions($permissions);
$user->setRestrictions($restrictions);
$user->setRoles($roleObjs);
}
/**
* Create menu from the application's menu config file plus the config files from all enabled modules
*
* @return self
*/
public static function fromConfig()
{
$menu = new static('menu');
$manager = Icinga::app()->getModuleManager();
try {
$menuConfigs = array(Config::app('menu'));
} catch (NotReadableError $e) {
Logger::error($e);
$menuConfigs = array();
}
try {
$modules = $manager->listEnabledModules();
} catch (NotReadableError $e) {
Logger::error($e);
$modules = array();
}
foreach ($modules as $moduleName) {
try {
$moduleMenuConfig = Config::module($moduleName, 'menu');
} catch (NotReadableError $e) {
Logger::error($e);
$moduleMenuConfig = array();
}
if (!empty($moduleMenuConfig)) {
$menuConfigs[] = $moduleMenuConfig;
}
}
return $menu->loadMenuItems($menu->flattenConfigs($menuConfigs));
}
/**
* Check whether the current user backend is valid, i.e. it's enabled, not an external user backend and whether its
* config is valid
*
* @return bool
*/
public function valid()
{
if (!$this->config->valid()) {
// Stop when there are no more backends to check
return false;
}
$backendConfig = $this->config->current();
if ((bool) $backendConfig->get('disabled', false)) {
$this->next();
return $this->valid();
}
$name = $this->key();
try {
$backend = UserBackend::create($name, $backendConfig);
} catch (ConfigurationError $e) {
Logger::error(new ConfigurationError('Can\'t create authentication backend "%s". An exception was thrown:', $name, $e));
$this->next();
return $this->valid();
}
if ($this->getSkipExternalBackends() && $backend instanceof ExternalBackend) {
$this->next();
return $this->valid();
}
$this->currentBackend = $backend;
return true;
}
/**
* My account
*/
public function indexAction()
{
$config = Config::app()->getSection('global');
$user = $this->Auth()->getUser();
if ($user->getAdditional('backend_type') === 'db') {
try {
$userBackend = UserBackend::create($user->getAdditional('backend_name'));
} catch (ConfigurationError $e) {
$userBackend = null;
}
if ($userBackend !== null) {
$changePasswordForm = new ChangePasswordForm();
$changePasswordForm->setBackend($userBackend)->handleRequest();
$this->view->changePasswordForm = $changePasswordForm;
}
}
$form = new PreferenceForm();
$form->setPreferences($user->getPreferences());
if ($config->get('config_backend', 'ini') !== 'none') {
$form->setStore(PreferencesStore::create(new ConfigObject(array('store' => $config->get('config_backend', 'ini'), 'resource' => $config->config_resource)), $user));
}
$form->handleRequest();
$this->view->form = $form;
$this->getTabs()->activate('account');
}
public function setAuthenticated(User $user, $persist = true)
{
$username = $user->getUsername();
try {
$config = Config::app();
} catch (NotReadableError $e) {
Logger::error(new IcingaException('Cannot load preferences for user "%s". An exception was thrown: %s', $username, $e));
$config = new Config();
}
if ($config->get('preferences', 'store', 'ini') !== 'none') {
$preferencesConfig = $config->getSection('preferences');
try {
$preferencesStore = PreferencesStore::create($preferencesConfig, $user);
$preferences = new Preferences($preferencesStore->load());
} catch (Exception $e) {
Logger::error(new IcingaException('Cannot load preferences for user "%s". An exception was thrown: %s', $username, $e));
$preferences = new Preferences();
}
} else {
$preferences = new Preferences();
}
$user->setPreferences($preferences);
$groups = $user->getGroups();
foreach (Config::app('groups') as $name => $config) {
try {
$groupBackend = UserGroupBackend::create($name, $config);
$groupsFromBackend = $groupBackend->getMemberships($user);
} catch (Exception $e) {
Logger::error('Can\'t get group memberships for user \'%s\' from backend \'%s\'. An exception was thrown: %s', $username, $name, $e);
continue;
}
if (empty($groupsFromBackend)) {
continue;
}
$groupsFromBackend = array_values($groupsFromBackend);
$groups = array_merge($groups, array_combine($groupsFromBackend, $groupsFromBackend));
}
$user->setGroups($groups);
$admissionLoader = new AdmissionLoader();
list($permissions, $restrictions) = $admissionLoader->getPermissionsAndRestrictions($user);
$user->setPermissions($permissions);
$user->setRestrictions($restrictions);
$this->user = $user;
if ($persist) {
$this->persistCurrentUser();
}
}
public function getReport()
{
if ($this->error === false) {
return array(sprintf(mt('monitoring', 'Command transport configuration has been successfully created: %s'), Config::resolvePath('modules/monitoring/commandtransports.ini')));
} elseif ($this->error !== null) {
return array(sprintf(mt('monitoring', 'Command transport configuration could not be written to: %s. An error occured:'), Config::resolvePath('modules/monitoring/commandtransports.ini')), sprintf(mt('setup', 'ERROR: %s'), IcingaException::describe($this->error)));
}
}
/**
* (non-PHPDoc)
* @see \Icinga\Web\Form::createElements() For the method documentation.
*/
public function createElements(array $formData = array())
{
$this->addElement('textarea', 'comment', array('required' => true, 'label' => $this->translate('Comment'), 'description' => $this->translate('If you work with other administrators, you may find it useful to share information about the' . ' the host or service that is having problems. Make sure you enter a brief description of' . ' what you are doing.')));
if (!$this->getBackend()->isIcinga2()) {
$this->addElement('checkbox', 'persistent', array('label' => $this->translate('Persistent'), 'value' => (bool) Config::module('monitoring')->get('settings', 'comment_persistent', true), 'description' => $this->translate('If you uncheck this option, the comment will automatically be deleted the next time Icinga is' . ' restarted.')));
}
return $this;
}
protected function db()
{
$resourceName = Config::module('director')->get('db', 'resource');
if (!$resourceName) {
return false;
}
return Db::fromResourceName($resourceName);
}
/**
* {@inheritdoc}
*/
public static function fromConfig()
{
$backend = parent::fromConfig();
// TODO: move this to log types #11636
$resourceConfig = Config::module('elasticsearch')->getSection('elasticsearch');
$backend->setIndex($resourceConfig->get('logstash_pattern', 'logstash-*'));
return $backend;
}
public function getReport()
{
if ($this->error === false) {
return array(sprintf(mt('setup', 'General configuration has been successfully written to: %s'), Config::resolvePath('config.ini')));
} elseif ($this->error !== null) {
return array(sprintf(mt('setup', 'General configuration could not be written to: %s. An error occured:'), Config::resolvePath('config.ini')), sprintf(mt('setup', 'ERROR: %s'), IcingaException::describe($this->error)));
}
}
public function getReport()
{
if ($this->error === false) {
return array(sprintf(mt('monitoring', 'Monitoring instance configuration has been successfully created: %s'), Config::resolvePath('modules/monitoring/instances.ini')));
} elseif ($this->error !== null) {
return array(sprintf(mt('monitoring', 'Monitoring instance configuration could not be written to: %s. An error occured:'), Config::resolvePath('modules/monitoring/instances.ini')), sprintf(mt('setup', 'ERROR: %s'), $this->error->getMessage()));
}
}
/**
* {@inheritdoc}
*/
public function createElements(array $formData = array())
{
$config = Config::module('monitoring');
$this->addElements(array(array('textarea', 'comment', array('required' => true, 'label' => $this->translate('Comment'), 'description' => $this->translate('If you work with other administrators, you may find it useful to share information about the' . ' the host or service that is having problems. Make sure you enter a brief description of' . ' what you are doing.'))), array('checkbox', 'forced', array('label' => $this->translate('Forced'), 'value' => (bool) $config->get('settings', 'custom_notification_forced', false), 'description' => $this->translate('If you check this option, the notification is sent out regardless of time restrictions and' . ' whether or not notifications are enabled.')))));
if (!$this->getBackend()->isIcinga2()) {
$this->addElement('checkbox', 'broadcast', array('label' => $this->translate('Broadcast'), 'value' => (bool) $config->get('settings', 'custom_notification_broadcast', false), 'description' => $this->translate('If you check this option, the notification is sent out to all normal and escalated contacts.')));
}
return $this;
}
public function fetchFiles()
{
$files = array();
$storage = new LegacyStorage(Config::module('businessprocess')->getSection('global'));
foreach ($storage->listProcesses() as $name => $title) {
$files['processes/' . $name . '.bp'] = $storage->getSource($name);
}
return $files;
}
/**
* {@inheritdoc}
*/
public function saveIni($filePath = null, $fileMode = 0660)
{
parent::saveIni($filePath, $fileMode);
foreach (static::listConfigFilesForUser($this->user) as $file) {
if ($file !== $filePath) {
@unlink($file);
}
}
}
/**
* Extract and return the section name off of the given $data
*
* @param array $data
*
* @return string
*
* @throws ProgrammingError In case no valid section name is available
*/
protected function extractSectionName(array &$data)
{
$keyColumn = $this->ds->getConfigObject()->getKeyColumn();
if (!isset($data[$keyColumn])) {
throw new ProgrammingError('$data does not provide a value for key column "%s"', $keyColumn);
}
$section = $data[$keyColumn];
unset($data[$keyColumn]);
return $section;
}
protected function init()
{
$cfg = Config::module('graphite')->getSection('graphite');
$this->baseUrl = rtrim($cfg->get('base_url', $this->baseUrl), '/');
$this->legacyMode = filter_var($cfg->get('legacy_mode', $this->legacyMode), FILTER_VALIDATE_BOOLEAN);
$this->serviceMacro = $cfg->get('service_name_template', $this->serviceMacro);
$this->hostMacro = $cfg->get('host_name_template', $this->hostMacro);
$this->imageUrlMacro = $cfg->get('graphite_args_template', $this->imageUrlMacro);
$this->largeImageUrlMacro = $cfg->get('graphite_large_args_template', $this->largeImageUrlMacro);
}
protected function init()
{
$cfg = Config::module('graphite')->getSection('graphite');
$this->baseUrl = rtrim($cfg->get('base_url', $this->baseUrl), '/');
$this->metricPrefix = $cfg->get('metric_prefix', $this->metricPrefix);
$this->serviceMacro = $cfg->get('service_name_template', $this->serviceMacro);
$this->hostMacro = $cfg->get('host_name_template', $this->hostMacro);
$this->imageUrlMacro = $cfg->get('graphite_args_template', $this->imageUrlMacro);
$this->largeImageUrlMacro = $cfg->get('graphite_large_args_template', $this->largeImageUrlMacro);
}
protected function getDirectories()
{
return Config::module('fileshipper', 'directories');
$config = Config::module('fileshipper', 'directories');
$dirs = array();
foreach ($config as $key => $c) {
$dirs[$key] = (object) $c->toArray();
}
return $dirs;
}
public function getReport()
{
if ($this->error === false) {
$message = mt('monitoring', 'Monitoring instance configuration has been successfully created: %s');
return '<p>' . sprintf($message, Config::resolvePath('modules/monitoring/instances.ini')) . '</p>';
} elseif ($this->error !== null) {
$message = mt('monitoring', 'Monitoring instance configuration could not be written to: %s; An error occured:');
return '<p class="error">' . sprintf($message, Config::resolvePath('modules/monitoring/instances.ini')) . '</p><p>' . $this->error->getMessage() . '</p>';
}
}