作者:0sval
项目:icingaweb
/**
* Apply permissions, restrictions and roles to the given user
*
* @param User $user
*/
public function applyRoles(User $user)
{
$username = $user->getUsername();
try {
$roles = Config::app('roles');
} catch (NotReadableError $e) {
Logger::error('Can\'t get permissions and restrictions for user \'%s\'. An exception was thrown:', $username, $e);
return;
}
$userGroups = $user->getGroups();
$permissions = array();
$restrictions = array();
$roleObjs = array();
foreach ($roles as $roleName => $role) {
if ($this->match($username, $userGroups, $role)) {
$permissionsFromRole = StringHelper::trimSplit($role->permissions);
$permissions = array_merge($permissions, array_diff($permissionsFromRole, $permissions));
$restrictionsFromRole = $role->toArray();
unset($restrictionsFromRole['users']);
unset($restrictionsFromRole['groups']);
unset($restrictionsFromRole['permissions']);
foreach ($restrictionsFromRole as $name => $restriction) {
if (!isset($restrictions[$name])) {
$restrictions[$name] = array();
}
$restrictions[$name][] = $restriction;
}
$roleObj = new Role();
$roleObjs[] = $roleObj->setName($roleName)->setPermissions($permissionsFromRole)->setRestrictions($restrictionsFromRole);
}
}
$user->setPermissions($permissions);
$user->setRestrictions($restrictions);
$user->setRoles($roleObjs);
}
作者:JakobG
项目:icingaweb
/**
* Set the hook as failed w/ the given message
*
* @param string $message Error message or error format string
* @param mixed ...$arg Format string argument
*/
private function fail($message)
{
$args = array_slice(func_get_args(), 1);
$lastError = vsprintf($message, $args);
Logger::debug($lastError);
$this->lastError = $lastError;
}
作者:Icing
项目:icingaweb2-module-elasticsearc
/**
* Set the filter and render it internally.
*
* @param Filter $filter
*
* @return $this
*
* @throws ProgrammingError
*/
public function setFilter(Filter $filter)
{
$this->filter = $filter;
$this->query = $this->renderFilter($this->filter);
Logger::debug('Rendered elasticsearch filter: %s', json_encode($this->query));
return $this;
}
作者:kobmak
项目:icingaweb
/**
* Append the given log entry and fail this inspection with the given error
*
* @param $entry string|Inspection A log entry or nested inspection
*
* @throws ProgrammingError When called multiple times
*
* @return this fluent interface
*/
public function error($entry)
{
if (isset($this->error)) {
throw new ProgrammingError('Inspection object used after error');
}
Logger::error($entry);
$this->log[] = $entry;
$this->error = $entry;
return $this;
}
作者:JakobG
项目:icingaweb
/**
* Display exception
*/
public function errorAction()
{
$error = $this->_getParam('error_handler');
$exception = $error->exception;
/** @var \Exception $exception */
Logger::error($exception);
Logger::error('Stacktrace: %s', $exception->getTraceAsString());
switch ($error->type) {
case Zend_Controller_Plugin_ErrorHandler::EXCEPTION_NO_ROUTE:
case Zend_Controller_Plugin_ErrorHandler::EXCEPTION_NO_CONTROLLER:
case Zend_Controller_Plugin_ErrorHandler::EXCEPTION_NO_ACTION:
$modules = Icinga::app()->getModuleManager();
$path = ltrim($this->_request->get('PATH_INFO'), '/');
$path = preg_split('~/~', $path);
$path = array_shift($path);
$this->getResponse()->setHttpResponseCode(404);
$this->view->message = $this->translate('Page not found.');
if ($this->Auth()->isAuthenticated() && $modules->hasInstalled($path) && !$modules->hasEnabled($path)) {
$this->view->message .= ' ' . sprintf($this->translate('Enabling the "%s" module might help!'), $path);
}
break;
default:
switch (true) {
case $exception instanceof HttpMethodNotAllowedException:
$this->getResponse()->setHttpResponseCode(405);
$this->getResponse()->setHeader('Allow', $exception->getAllowedMethods());
break;
case $exception instanceof HttpNotFoundException:
$this->getResponse()->setHttpResponseCode(404);
break;
case $exception instanceof MissingParameterException:
$this->getResponse()->setHttpResponseCode(400);
$this->getResponse()->setHeader('X-Status-Reason', 'Missing parameter ' . $exception->getParameter());
break;
case $exception instanceof HttpBadRequestException:
$this->getResponse()->setHttpResponseCode(400);
break;
case $exception instanceof SecurityException:
$this->getResponse()->setHttpResponseCode(403);
break;
default:
$this->getResponse()->setHttpResponseCode(500);
break;
}
$this->view->message = $exception->getMessage();
if ($this->getInvokeArg('displayExceptions')) {
$this->view->stackTrace = $exception->getTraceAsString();
}
break;
}
if ($this->getRequest()->isApiRequest()) {
$this->getResponse()->json()->setErrorMessage($this->view->message)->sendResponse();
}
$this->view->request = $error->request;
}
作者:JakobG
项目:icingaweb
/**
* Display the application log
*/
public function applicationlogAction()
{
if (!Logger::writesToFile()) {
$this->httpNotFound('Page not found');
}
$this->addTitleTab('application log');
$resource = new FileReader(new ConfigObject(array('filename' => Config::app()->get('logging', 'file'), 'fields' => '/(?<!.)(?<datetime>[0-9]{4}(?:-[0-9]{2}){2}' . 'T[0-9]{2}(?::[0-9]{2}){2}(?:[\\+\\-][0-9]{2}:[0-9]{2})?)' . ' - (?<loglevel>[A-Za-z]+) - (?<message>.*)(?!.)/msS')));
$this->view->logData = $resource->select()->order('DESC');
$this->setupLimitControl();
$this->setupPaginationControl($this->view->logData);
}
作者:NerdG
项目:icingaweb
/**
* Parse the given query text and returns the json as expected by the semantic search box
*
* @param String $text The query to parse
* @return array The result structure to be returned in json format
*/
private function parse($text, $target)
{
try {
$queryTree = $this->registry->createQueryTreeForFilter($text);
$registry = $this->moduleRegistry;
return array('state' => 'success', 'proposals' => $this->registry->getProposalsForQuery($text), 'urlParam' => $registry::getUrlForTarget($target, $queryTree), 'valid' => count($this->registry->getIgnoredQueryParts()) === 0);
} catch (\Exception $exc) {
Logger::error($exc);
$this->getResponse()->setHttpResponseCode(500);
return array('state' => 'error', 'message' => 'Search service is currently not available');
}
}
作者:kobmak
项目:icingaweb
/**
* Resolve a macro based on the given object
*
* @param string $macro The macro to resolve
* @param MonitoredObject|stdClass $object The object used to resolve the macro
*
* @return string The new value or the macro if it cannot be resolved
*/
public static function resolveMacro($macro, $object)
{
if (isset(self::$icingaMacros[$macro]) && isset($object->{self::$icingaMacros[$macro]})) {
return $object->{self::$icingaMacros[$macro]};
}
try {
$value = $object->{$macro};
} catch (Exception $e) {
$value = null;
Logger::debug('Unable to resolve macro "%s". An error occured: %s', $macro, $e);
}
return $value !== null ? $value : $macro;
}
作者:xer
项目:icingaweb
public function setAuthenticated(User $user, $persist = true)
{
$username = $user->getUsername();
try {
$config = Config::app();
} catch (NotReadableError $e) {
Logger::error(new IcingaException('Cannot load preferences for user "%s". An exception was thrown: %s', $username, $e));
$config = new Config();
}
if ($config->get('preferences', 'store', 'ini') !== 'none') {
$preferencesConfig = $config->getSection('preferences');
try {
$preferencesStore = PreferencesStore::create($preferencesConfig, $user);
$preferences = new Preferences($preferencesStore->load());
} catch (Exception $e) {
Logger::error(new IcingaException('Cannot load preferences for user "%s". An exception was thrown: %s', $username, $e));
$preferences = new Preferences();
}
} else {
$preferences = new Preferences();
}
$user->setPreferences($preferences);
$groups = $user->getGroups();
foreach (Config::app('groups') as $name => $config) {
try {
$groupBackend = UserGroupBackend::create($name, $config);
$groupsFromBackend = $groupBackend->getMemberships($user);
} catch (Exception $e) {
Logger::error('Can\'t get group memberships for user \'%s\' from backend \'%s\'. An exception was thrown: %s', $username, $name, $e);
continue;
}
if (empty($groupsFromBackend)) {
continue;
}
$groupsFromBackend = array_values($groupsFromBackend);
$groups = array_merge($groups, array_combine($groupsFromBackend, $groupsFromBackend));
}
$user->setGroups($groups);
$admissionLoader = new AdmissionLoader();
list($permissions, $restrictions) = $admissionLoader->getPermissionsAndRestrictions($user);
$user->setPermissions($permissions);
$user->setRestrictions($restrictions);
$this->user = $user;
if ($persist) {
$this->persistCurrentUser();
}
}
作者:thorebah
项目:icingaweb
/**
* {@inheritdoc}
*/
protected function setupLogger()
{
$config = new ConfigObject();
$config->log = $this->params->shift('log', 'stderr');
if ($config->log === 'file') {
$config->file = $this->params->shiftRequired('log-path');
} elseif ($config->log === 'syslog') {
$config->application = 'icingacli';
}
if ($this->params->get('verbose', false)) {
$config->level = Logger::INFO;
} elseif ($this->params->get('debug', false)) {
$config->level = Logger::DEBUG;
} else {
$config->level = Logger::WARNING;
}
Logger::create($config);
return $this;
}
作者:kobmak
项目:icingaweb
/**
* Register all custom user backends from all loaded modules
*/
protected static function registerCustomUserBackends()
{
if (static::$customBackends !== null) {
return;
}
static::$customBackends = array();
$providedBy = array();
foreach (Icinga::app()->getModuleManager()->getLoadedModules() as $module) {
foreach ($module->getUserBackends() as $identifier => $className) {
if (array_key_exists($identifier, $providedBy)) {
Logger::warning('Cannot register user backend of type "%s" provided by module "%s".' . ' The type is already provided by module "%s"', $identifier, $module->getName(), $providedBy[$identifier]);
} elseif (in_array($identifier, static::$defaultBackends)) {
Logger::warning('Cannot register user backend of type "%s" provided by module "%s".' . ' The type is a default type provided by Icinga Web 2', $identifier, $module->getName());
} else {
$providedBy[$identifier] = $module->getName();
static::$customBackends[$identifier] = $className;
}
}
}
}
作者:hsanjua
项目:icingaweb
protected function addMessage($message, $type = 'info')
{
if (!in_array($type, array('info', 'error', 'warning', 'success'))) {
throw new ProgrammingError('"%s" is not a valid notification type', $type);
}
if ($this->isCli) {
$msg = sprintf('[%s] %s', $type, $message);
switch ($type) {
case 'info':
case 'success':
Logger::info($msg);
break;
case 'warning':
Logger::warn($msg);
break;
case 'error':
Logger::error($msg);
break;
}
return;
}
$this->messages[] = (object) array('type' => $type, 'message' => $message);
}
作者:kobmak
项目:icingaweb
/**
* Parse the given value based on the ASN.1 standard (GeneralizedTime) and return its timestamp representation
*
* @param string|null $value
*
* @return int
*/
protected function retrieveGeneralizedTime($value)
{
if ($value === null) {
return $value;
}
if (($dateTime = DateTime::createFromFormat('YmdHis.uO', $value)) !== false || ($dateTime = DateTime::createFromFormat('YmdHis.uZ', $value)) !== false || ($dateTime = DateTime::createFromFormat('YmdHis.u', $value)) !== false || ($dateTime = DateTime::createFromFormat('YmdHis', $value)) !== false || ($dateTime = DateTime::createFromFormat('YmdHi', $value)) !== false || ($dateTime = DateTime::createFromFormat('YmdH', $value)) !== false) {
return $dateTime->getTimeStamp();
} else {
Logger::debug(sprintf('Failed to parse "%s" based on the ASN.1 standard (GeneralizedTime) in repository "%s".', $value, $this->getName()));
}
}
作者:hsanjua
项目:icingaweb
/**
* Fetch and return all users from all user backends
*
* @return ArrayDatasource
*/
protected function fetchUsers()
{
$users = array();
foreach ($this->loadUserBackends('Icinga\\Data\\Selectable') as $backend) {
try {
foreach ($backend->select(array('user_name')) as $row) {
$users[] = $row;
}
} catch (Exception $e) {
Logger::error($e);
Notification::warning(sprintf($this->translate('Failed to fetch any users from backend %s. Please check your log'), $backend->getName()));
}
}
return new ArrayDatasource($users);
}
作者:trigoesrodrig
项目:icingaweb
/**
* Create webserver configuration
*
* USAGE:
*
* icingacli setup config webserver <apache|nginx> [options]
*
* OPTIONS:
*
* --path=<urlpath> The URL path to Icinga Web 2 [/icingaweb2]
*
* --root|--document-root=<directory> The directory from which the webserver will serve files [/path/to/icingaweb2/public]
*
* --config=<directory> Path to Icinga Web 2's configuration files [/etc/icingaweb2]
*
* --file=<filename> Write configuration to file [stdout]
*
* EXAMPLES:
*
* icingacli setup config webserver apache
*
* icingacli setup config webserver apache --path=/icingaweb2 --document-root=/usr/share/icingaweb2/public --config=/etc/icingaweb2
*
* icingacli setup config webserver apache --file=/etc/apache2/conf.d/icingaweb2.conf
*
* icingacli setup config webserver nginx
*/
public function webserverAction()
{
if (($type = $this->params->getStandalone()) === null) {
$this->fail($this->translate('Argument type is mandatory.'));
}
try {
$webserver = Webserver::createInstance($type);
} catch (ProgrammingError $e) {
$this->fail($this->translate('Unknown type') . ': ' . $type);
}
$urlPath = trim($this->params->get('path', $webserver->getUrlPath()));
if (strlen($urlPath) === 0) {
$this->fail($this->translate('The argument --path expects a URL path'));
}
$documentRoot = trim($this->params->get('root', $this->params->get('document-root', $webserver->getDocumentRoot())));
if (strlen($documentRoot) === 0) {
$this->fail($this->translate('The argument --root/--document-root expects a directory from which the webserver will serve files'));
}
$configDir = trim($this->params->get('config', $webserver->getConfigDir()));
if (strlen($configDir) === 0) {
$this->fail($this->translate('The argument --config expects a path to Icinga Web 2\'s configuration files'));
}
$webserver->setDocumentRoot($documentRoot)->setConfigDir($configDir)->setUrlPath($urlPath);
$config = $webserver->generate() . "\n";
if (($file = $this->params->get('file')) !== null) {
if (file_exists($file) === true) {
$this->fail(sprintf($this->translate('File %s already exists. Please delete it first.'), $file));
}
Logger::info($this->translate('Write %s configuration to file: %s'), $type, $file);
$re = file_put_contents($file, $config);
if ($re === false) {
$this->fail($this->translate('Could not write to file') . ': ' . $file);
}
Logger::info($this->translate('Successfully written %d bytes to file'), $re);
return true;
}
echo $config;
return true;
}
作者:hsanjua
项目:icingaweb
/**
* Log into the application
*/
public function loginAction()
{
$icinga = Icinga::app();
if ($icinga->setupTokenExists() && $icinga->requiresSetup()) {
$this->redirectNow(Url::fromPath('setup'));
}
$triedOnlyExternalAuth = null;
$auth = $this->Auth();
$this->view->form = $form = new LoginForm();
$this->view->title = $this->translate('Icingaweb Login');
try {
$redirectUrl = $this->view->form->getValue('redirect');
if ($redirectUrl) {
$redirectUrl = Url::fromPath($redirectUrl);
} else {
$redirectUrl = Url::fromPath('dashboard');
}
if ($auth->isAuthenticated()) {
$this->rerenderLayout()->redirectNow($redirectUrl);
}
try {
$config = Config::app('authentication');
} catch (NotReadableError $e) {
throw new ConfigurationError($this->translate('Could not read your authentication.ini, no authentication methods are available.'), 0, $e);
}
$chain = new AuthChain($config);
$request = $this->getRequest();
if ($request->isPost() && $this->view->form->isValid($request->getPost())) {
$user = new User($this->view->form->getValue('username'));
$password = $this->view->form->getValue('password');
$backendsTried = 0;
$backendsWithError = 0;
$redirectUrl = $form->getValue('redirect');
if ($redirectUrl) {
$redirectUrl = Url::fromPath($redirectUrl);
} else {
$redirectUrl = Url::fromPath('dashboard');
}
foreach ($chain as $backend) {
if ($backend instanceof ExternalBackend) {
continue;
}
++$backendsTried;
try {
$authenticated = $backend->authenticate($user, $password);
} catch (AuthenticationException $e) {
Logger::error($e);
++$backendsWithError;
continue;
}
if ($authenticated === true) {
$auth->setAuthenticated($user);
$this->rerenderLayout()->redirectNow($redirectUrl);
}
}
if ($backendsTried === 0) {
$this->view->form->addError($this->translate('No authentication methods available. Did you create' . ' authentication.ini when setting up Icinga Web 2?'));
} else {
if ($backendsTried === $backendsWithError) {
$this->view->form->addError($this->translate('All configured authentication methods failed.' . ' Please check the system log or Icinga Web 2 log for more information.'));
} elseif ($backendsWithError) {
$this->view->form->addError($this->translate('Please note that not all authentication methods were available.' . ' Check the system log or Icinga Web 2 log for more information.'));
}
}
if ($backendsTried > 0 && $backendsTried !== $backendsWithError) {
$this->view->form->getElement('password')->addError($this->translate('Incorrect username or password'));
}
} elseif ($request->isGet()) {
$user = new User('');
foreach ($chain as $backend) {
$triedOnlyExternalAuth = $triedOnlyExternalAuth === null;
if ($backend instanceof ExternalBackend) {
$authenticated = $backend->authenticate($user);
if ($authenticated === true) {
$auth->setAuthenticated($user);
$this->rerenderLayout()->redirectNow(Url::fromPath(Url::fromRequest()->getParam('redirect', 'dashboard')));
}
} else {
$triedOnlyExternalAuth = false;
}
}
}
} catch (Exception $e) {
$this->view->form->addError($e->getMessage());
}
$this->view->requiresExternalAuth = $triedOnlyExternalAuth && !$auth->isAuthenticated();
$this->view->requiresSetup = Icinga::app()->requiresSetup();
}
作者:kobmak
项目:icingaweb
/**
* Set up internationalization using gettext
*
* @return $this
*/
protected final function setupInternationalization()
{
if ($this->hasLocales()) {
Translator::registerDomain(Translator::DEFAULT_DOMAIN, $this->getLocaleDir());
}
$locale = $this->detectLocale();
if ($locale === null) {
$locale = Translator::DEFAULT_LOCALE;
}
try {
Translator::setupLocale($locale);
} catch (Exception $error) {
Logger::error($error);
}
return $this;
}
作者:0sval
项目:icingaweb
/**
* Return the form for the given type of navigation item
*
* @param string $type
*
* @return Form
*/
protected function getItemForm($type)
{
$className = StringHelper::cname($type, '-') . 'Form';
$form = null;
foreach (Icinga::app()->getModuleManager()->getLoadedModules() as $module) {
$classPath = 'Icinga\\Module\\' . ucfirst($module->getName()) . '\\' . static::FORM_NS . '\\' . $className;
if (class_exists($classPath)) {
$form = new $classPath();
break;
}
}
if ($form === null) {
$classPath = 'Icinga\\' . static::FORM_NS . '\\' . $className;
if (class_exists($classPath)) {
$form = new $classPath();
}
}
if ($form === null) {
Logger::debug('Failed to find custom navigation item form %s for item %s. Using form NavigationItemForm now', $className, $type);
$form = new NavigationItemForm();
} elseif (!$form instanceof NavigationItemForm) {
throw new ProgrammingError('Class %s must inherit from NavigationItemForm', $classPath);
}
return $form;
}
作者:ZipRecruite
项目:icingaweb
/**
* Return the app's menu
*
* @return Navigation
*/
public function getMenu()
{
if ($this->user !== null) {
$menu = array('dashboard' => array('label' => t('Dashboard'), 'url' => 'dashboard', 'icon' => 'dashboard', 'priority' => 10), 'system' => array('label' => t('System'), 'icon' => 'services', 'priority' => 700, 'renderer' => array('SummaryNavigationItemRenderer', 'state' => 'critical'), 'children' => array('about' => array('label' => t('About'), 'url' => 'about', 'priority' => 701))), 'configuration' => array('label' => t('Configuration'), 'icon' => 'wrench', 'permission' => 'config/*', 'priority' => 800, 'children' => array('application' => array('label' => t('Application'), 'url' => 'config/general', 'permission' => 'config/application/*', 'priority' => 810), 'navigation' => array('label' => t('Shared Navigation'), 'url' => 'navigation/shared', 'permission' => 'config/application/navigation', 'priority' => 820), 'authentication' => array('label' => t('Authentication'), 'url' => 'config/userbackend', 'permission' => 'config/authentication/*', 'priority' => 830), 'roles' => array('label' => t('Roles'), 'url' => 'role/list', 'permission' => 'config/authentication/roles/show', 'priority' => 840), 'users' => array('label' => t('Users'), 'url' => 'user/list', 'permission' => 'config/authentication/users/show', 'priority' => 850), 'groups' => array('label' => t('Usergroups'), 'url' => 'group/list', 'permission' => 'config/authentication/groups/show', 'priority' => 860), 'modules' => array('label' => t('Modules'), 'url' => 'config/modules', 'permission' => 'config/modules', 'priority' => 890))), 'user' => array('label' => $this->user->getUsername(), 'icon' => 'user', 'priority' => 900, 'children' => array('preferences' => array('label' => t('Preferences'), 'url' => 'preference', 'priority' => 910), 'navigation' => array('label' => t('Navigation'), 'url' => 'navigation', 'priority' => 920), 'logout' => array('label' => t('Logout'), 'url' => 'authentication/logout', 'priority' => 990, 'renderer' => array('NavigationItemRenderer', 'target' => '_self')))));
if (Logger::writesToFile()) {
$menu['system']['children']['application_log'] = array('label' => t('Application Log'), 'url' => 'list/applicationlog', 'priority' => 710);
}
} else {
$menu = array();
}
return Navigation::fromArray($menu)->load('menu-item');
}
作者:kobmak
项目:icingaweb
/**
* Check whether the current user backend is valid, i.e. it's enabled, not an external user backend and whether its
* config is valid
*
* @return bool
*/
public function valid()
{
if (!$this->config->valid()) {
// Stop when there are no more backends to check
return false;
}
$backendConfig = $this->config->current();
if ((bool) $backendConfig->get('disabled', false)) {
$this->next();
return $this->valid();
}
$name = $this->key();
try {
$backend = UserBackend::create($name, $backendConfig);
} catch (ConfigurationError $e) {
Logger::error(new ConfigurationError('Can\'t create authentication backend "%s". An exception was thrown:', $name, $e));
$this->next();
return $this->valid();
}
if ($this->getSkipExternalBackends() && $backend instanceof ExternalBackend) {
$this->next();
return $this->valid();
}
$this->currentBackend = $backend;
return true;
}