diff options
Diffstat (limited to 'modules-available/sysconfig')
9 files changed, 97 insertions, 86 deletions
diff --git a/modules-available/sysconfig/addmodule_adauth.inc.php b/modules-available/sysconfig/addmodule_adauth.inc.php index 07806061..df7f385d 100644 --- a/modules-available/sysconfig/addmodule_adauth.inc.php +++ b/modules-available/sysconfig/addmodule_adauth.inc.php @@ -31,7 +31,7 @@ class AdAuth_Start extends AddModule_Base if (isset($data['server']) && preg_match('/^(.*)\:(636|3269|389|3268)$/', $data['server'], $out)) { $data['server'] = $out[1]; } - if (isset($data['homeattr']) && !isset($data['mapping']['homemount'])) { + if (isset($data['homeattr']) && !isset($data['mapping']['homemount']) && strtolower($data['homeattr']) !== 'homedirectory') { $data['mapping']['homemount'] = $data['homeattr']; } $data['step'] = 'AdAuth_CheckConnection'; @@ -59,13 +59,18 @@ class AdAuth_CheckConnection extends AddModule_Base $this->server = Request::post('server'); $binddn = Request::post('binddn'); $ssl = Request::post('ssl', 'off') === 'on'; - if (empty($this->server) || empty($binddn)) { - Message::addError('main.empty-field'); + if (empty($this->server)) { + Message::addError('main.parameter-empty', 'server'); + AddModule_Base::setStep('AdAuth_Start'); // Continues with AdAuth_Start for render() + return; + } + if (empty($binddn)) { + Message::addError('main.parameter-empty', 'binddn'); AddModule_Base::setStep('AdAuth_Start'); // Continues with AdAuth_Start for render() return; } if ((preg_match(AD_AT_REGEX, $this->bindDn) > 0) && (strlen($this->searchBase) < 2)) { - Message::addError('main.empty-field', 'searchBase'); + Message::addError('main.parameter-empty', 'searchBase'); AddModule_Base::setStep('AdAuth_Start'); // Continues with AdAuth_Start for render() return; } @@ -91,6 +96,7 @@ class AdAuth_CheckConnection extends AddModule_Base protected function renderInternal() { + $mapping = Request::post('mapping', false, 'array'); $data = array( 'edit' => Request::post('edit'), 'title' => Request::post('title'), @@ -99,17 +105,16 @@ class AdAuth_CheckConnection extends AddModule_Base 'binddn' => $this->bindDn, 'bindpw' => Request::post('bindpw'), 'home' => Request::post('home'), - 'homeattr' => Request::post('homeattr'), 'ssl' => Request::post('ssl'), 'fixnumeric' => Request::post('fixnumeric'), 'certificate' => Request::post('certificate', ''), 'taskid' => $this->scanTask['id'], - 'mapping' => ConfigModuleBaseLdap::getMapping(Request::post('mapping', false, 'array')), + 'mapping' => ConfigModuleBaseLdap::getMapping($mapping), ); $data['prev'] = 'AdAuth_Start'; if ((preg_match(AD_BOTH_REGEX, $this->bindDn) > 0) || (strlen($this->searchBase) < 2)) { $data['next'] = 'AdAuth_SelfSearch'; - } elseif (empty($data['homeattr'])) { + } elseif (empty($mapping['homemount'])) { $data['next'] = 'AdAuth_HomeAttrCheck'; } else { $data['next'] = 'AdAuth_CheckCredentials'; @@ -127,10 +132,8 @@ class AdAuth_SelfSearch extends AddModule_Base protected function preprocessInternal() { - $server = Request::post('server'); - $port = Request::post('port'); + $server = $binddn = $port = null; $searchbase = Request::post('searchbase', ''); - $binddn = Request::post('binddn'); $bindpw = Request::post('bindpw'); $ssl = Request::post('ssl', 'off') === 'on'; if ($ssl && !Request::post('fingerprint')) { @@ -138,10 +141,13 @@ class AdAuth_SelfSearch extends AddModule_Base AddModule_Base::setStep('AdAuth_Start'); // Continues with AdAuth_Start for render() return; } - if (empty($server) || empty($binddn) || empty($port)) { - Message::addError('main.empty-field'); - AddModule_Base::setStep('AdAuth_Start'); // Continues with AdAuth_Start for render() - return; + foreach (['server', 'binddn', 'port'] as $var) { + $$var = Request::post($var, null); + if (empty($$var)) { + Message::addError('main.parameter-empty', $var); + AddModule_Base::setStep('AdAuth_Start'); // Continues with AdAuth_Start for render() + return; + } } $this->originalBindDn = ''; // Fix bindDN if short name given @@ -190,6 +196,7 @@ class AdAuth_SelfSearch extends AddModule_Base protected function renderInternal() { + $mapping = Request::post('mapping', false, 'array'); $data = array( 'edit' => Request::post('edit'), 'title' => Request::post('title'), @@ -199,16 +206,15 @@ class AdAuth_SelfSearch extends AddModule_Base 'binddn' => Request::post('binddn'), 'bindpw' => Request::post('bindpw'), 'home' => Request::post('home'), - 'homeattr' => Request::post('homeattr'), 'ssl' => Request::post('ssl') === 'on', 'fixnumeric' => Request::post('fixnumeric'), 'fingerprint' => Request::post('fingerprint'), 'certificate' => Request::post('certificate', ''), 'originalbinddn' => $this->originalBindDn, - 'mapping' => ConfigModuleBaseLdap::getMapping(Request::post('mapping', false, 'array')), + 'mapping' => ConfigModuleBaseLdap::getMapping($mapping), 'prev' => 'AdAuth_Start' ); - if (empty($data['homeattr'])) { + if (empty($mapping['homemount'])) { $data['next'] = 'AdAuth_HomeAttrCheck'; } else { $data['next'] = 'AdAuth_CheckCredentials'; @@ -226,10 +232,8 @@ class AdAuth_HomeAttrCheck extends AddModule_Base protected function preprocessInternal() { - $server = Request::post('server'); - $port = Request::post('port'); + $server = $binddn = $port = null; $searchbase = Request::post('searchbase', ''); - $binddn = Request::post('binddn'); $bindpw = Request::post('bindpw'); $ssl = Request::post('ssl', 'off') === 'on'; if ($ssl && !Request::post('fingerprint')) { @@ -237,10 +241,13 @@ class AdAuth_HomeAttrCheck extends AddModule_Base AddModule_Base::setStep('AdAuth_Start'); // Continues with AdAuth_Start for render() return; } - if (empty($server) || empty($binddn) || empty($port)) { - Message::addError('main.empty-field'); - AddModule_Base::setStep('AdAuth_Start'); // Continues with AdAuth_Start for render() - return; + foreach (['server', 'binddn', 'port'] as $var) { + $$var = Request::post($var, null); + if (empty($$var)) { + Message::addError('main.parameter-empty', $var); + AddModule_Base::setStep('AdAuth_Start'); // Continues with AdAuth_Start for render() + return; + } } if ($ssl) { $uri = "ldaps://$server:$port/"; @@ -276,7 +283,6 @@ class AdAuth_HomeAttrCheck extends AddModule_Base 'binddn' => Request::post('binddn'), 'bindpw' => Request::post('bindpw'), 'home' => Request::post('home'), - 'homeattr' => Request::post('homeattr'), 'ssl' => Request::post('ssl') === 'on', 'fixnumeric' => Request::post('fixnumeric'), 'fingerprint' => Request::post('fingerprint'), @@ -299,10 +305,8 @@ class AdAuth_CheckCredentials extends AddModule_Base protected function preprocessInternal() { - $server = Request::post('server'); - $port = Request::post('port'); + $server = $binddn = $port = null; $searchbase = Request::post('searchbase', ''); - $binddn = Request::post('binddn'); $bindpw = Request::post('bindpw'); $ssl = Request::post('ssl', 'off') === 'on'; if ($ssl && !Request::post('fingerprint')) { @@ -310,10 +314,13 @@ class AdAuth_CheckCredentials extends AddModule_Base AddModule_Base::setStep('AdAuth_Start'); // Continues with AdAuth_Start for render() return; } - if (empty($server) || empty($binddn) || empty($port)) { - Message::addError('main.empty-field'); - AddModule_Base::setStep('AdAuth_Start'); // Continues with AdAuth_Start for render() - return; + foreach (['server', 'binddn', 'port'] as $var) { + $$var = Request::post($var, null); + if (empty($$var)) { + Message::addError('main.parameter-empty', $var); + AddModule_Base::setStep('AdAuth_Start'); // Continues with AdAuth_Start for render() + return; + } } // Test query 4 users if ($ssl) { @@ -502,8 +509,7 @@ class AdAuth_Finish extends AddModule_Base Message::addError('main.value-invalid', 'any', 'any'); $tgz = false; } else { - $parent = $this->stopOldInstance(); - $tgz = $module->generate($this->edit === false, $parent); + $tgz = $module->generate($this->edit === false); } if ($tgz === false) { AddModule_Base::setStep('AdAuth_Start'); // Continues with AdAuth_Start for render() @@ -514,24 +520,6 @@ class AdAuth_Finish extends AddModule_Base ); } - private function stopOldInstance() - { - if ($this->edit === false) - return NULL; - $list = ConfigTgz::getAllForModule($this->edit->id()); - if (!is_array($list)) - return NULL; - $parent = NULL; - foreach ($list as $tgz) { - if (!$tgz->isActive()) - continue; - $task = Trigger::ldadp($tgz->id(), $parent); - if (isset($task['id'])) - $parent = $task['id']; - } - return $parent; - } - protected function renderInternal() { Render::addDialog(Dictionary::translateFile('config-module', 'adAuth_title'), false, 'ad-finish', $this->taskIds); diff --git a/modules-available/sysconfig/addmodule_ldapauth.inc.php b/modules-available/sysconfig/addmodule_ldapauth.inc.php index a193f779..1db6cb51 100644 --- a/modules-available/sysconfig/addmodule_ldapauth.inc.php +++ b/modules-available/sysconfig/addmodule_ldapauth.inc.php @@ -23,7 +23,7 @@ class LdapAuth_Start extends AddModule_Base if (isset($data['server']) && preg_match('/^(.*)\:(636|389)$/', $data['server'], $out)) { $data['server'] = $out[1]; } - if (isset($data['homeattr']) && !isset($data['mapping']['homemount'])) { + if (isset($data['homeattr']) && !isset($data['mapping']['homemount']) && strtolower($data['homeattr']) !== 'homedirectory') { $data['mapping']['homemount'] = $data['homeattr']; } $data['step'] = 'LdapAuth_CheckConnection'; @@ -281,8 +281,7 @@ class LdapAuth_Finish extends AddModule_Base Message::addError('main.value-invalid', 'any', 'any'); $tgz = false; } else { - $parent = $this->stopOldInstance(); - $tgz = $module->generate($this->edit === false, $parent); + $tgz = $module->generate($this->edit === false); } if ($tgz === false) { AddModule_Base::setStep('LdapAuth_Start'); // Continues with LdapAuth_Start for render() @@ -293,24 +292,6 @@ class LdapAuth_Finish extends AddModule_Base ); } - private function stopOldInstance() - { - if ($this->edit === false) - return NULL; - $list = ConfigTgz::getAllForModule($this->edit->id()); - if (!is_array($list)) - return NULL; - $parent = NULL; - foreach ($list as $tgz) { - if (!$tgz->isActive()) - continue; - $task = Trigger::ldadp($tgz->id(), $parent); - if (isset($task['id'])) - $parent = $task['id']; - } - return $parent; - } - protected function renderInternal() { Render::addDialog(Dictionary::translateFile('config-module', 'ldapAuth_title'), false, 'ldap-finish', $this->taskIds); diff --git a/modules-available/sysconfig/clientscript.js b/modules-available/sysconfig/clientscript.js index f3a47824..1553d678 100644 --- a/modules-available/sysconfig/clientscript.js +++ b/modules-available/sysconfig/clientscript.js @@ -98,7 +98,7 @@ function checkBuildStatus() { confs.push($(this).val()); }); if (mods.length === 0 && confs.length === 0) return; - if (++statusChecks < 10) setTimeout(checkBuildStatus, 200 + 50 * statusChecks); + if (++statusChecks < 10) setTimeout(checkBuildStatus, 150 + 100 * statusChecks); $.post('?do=SysConfig', { mods: mods.join(), confs: confs.join(), token: TOKEN, action: 'status' }, function (data) { if (typeof data === 'undefined') return; if (typeof data.mods === 'object') updateButtonColor($(".refmod.btn-primary"), data.mods); diff --git a/modules-available/sysconfig/inc/configmodule.inc.php b/modules-available/sysconfig/inc/configmodule.inc.php index cfe79802..2cee37a9 100644 --- a/modules-available/sysconfig/inc/configmodule.inc.php +++ b/modules-available/sysconfig/inc/configmodule.inc.php @@ -412,6 +412,9 @@ abstract class ConfigModule $this->markFailed(); return false; } + } elseif (!file_exists($tmpTgz)) { + EventLog::warning('ConfigModule::markUpdated for tmpTgz="' . $this->moduleTitle . '" called which doesn\'t exist. Doing nothing.'); + return true; } else { $task = Taskmanager::submit('MoveFile', array( 'source' => $tmpTgz, @@ -419,10 +422,11 @@ abstract class ConfigModule )); $task = Taskmanager::waitComplete($task, 5000); if (Taskmanager::isFailed($task) || !Taskmanager::isFinished($task)) { - if (!API && !AJAX) + if (!API && !AJAX) { Taskmanager::addErrorMessage($task); - else - EventLog::failure('Could not move ' . $tmpTgz . ' to ' . $this->moduleArchive . ' while generating "' . $this->moduleTitle . '"'); + } else { + EventLog::failure('Could not move ' . $tmpTgz . ' to ' . $this->moduleArchive . ' while generating "' . $this->moduleTitle . '"', print_r($task, true)); + } $this->markFailed(); return false; } diff --git a/modules-available/sysconfig/inc/configmodulebaseldap.inc.php b/modules-available/sysconfig/inc/configmodulebaseldap.inc.php index d8a41a8b..d6fc3ed9 100644 --- a/modules-available/sysconfig/inc/configmodulebaseldap.inc.php +++ b/modules-available/sysconfig/inc/configmodulebaseldap.inc.php @@ -33,7 +33,10 @@ abstract class ConfigModuleBaseLdap extends ConfigModule protected function generateInternal($tgz, $parent) { - Trigger::ldadp($this->id(), $parent); + $np = Trigger::ldadp($this->id(), $parent); + if ($np !== false) { + $parent = $np; + } $config = $this->moduleData; if (isset($config['certificate']) && !is_string($config['certificate'])) { unset($config['certificate']); @@ -64,7 +67,11 @@ abstract class ConfigModuleBaseLdap extends ConfigModule $config['fixnumeric'] = 's'; } $this->preTaskmanagerHook($config); - return Taskmanager::submit('CreateLdapConfig', $config); + $task = Taskmanager::submit('CreateLdapConfig', $config); + if (is_array($task) && isset($task['id'])) { + Trigger::ldadp(null, $task['id']); + } + return $task; } /** diff --git a/modules-available/sysconfig/inc/configtgz.inc.php b/modules-available/sysconfig/inc/configtgz.inc.php index 09ea999c..17c9f35d 100644 --- a/modules-available/sysconfig/inc/configtgz.inc.php +++ b/modules-available/sysconfig/inc/configtgz.inc.php @@ -157,7 +157,6 @@ class ConfigTgz { if ($this->configId === 0) Util::traceError('ConfigTgz::markUpdated called with invalid config id!'); - Event::activeConfigChanged(); if ($this->areAllModulesUpToDate()) return $this->mark('OK'); return $this->mark('OUTDATED'); diff --git a/modules-available/sysconfig/inc/ldap.inc.php b/modules-available/sysconfig/inc/ldap.inc.php index 23b24885..349a662e 100644 --- a/modules-available/sysconfig/inc/ldap.inc.php +++ b/modules-available/sysconfig/inc/ldap.inc.php @@ -12,11 +12,7 @@ class Ldap { // To find ourselves we try to figure out the proper search base, since the given one // might be just for users, not for functional or utility accounts - if (preg_match('/,(OU=.*DC=.*)$/i', Ldap::normalizeDn($binddn), $out)) { - // Get OU from binddn; works if not given short form of DOMAIN\user or user@domain.fqdn.com - $searchbase = $out[1]; - } elseif (preg_match('/,(DC=.*)$/i', Ldap::normalizeDn($searchbase), $out)) { - // Otherwise, shorten search base enough to only consider the DC=..,DC=.. part at the end + if (preg_match('/^\w+=[^=]+,(.*)$/i', Ldap::normalizeDn($binddn), $out)) { $searchbase = $out[1]; } return $searchbase; diff --git a/modules-available/sysconfig/page.inc.php b/modules-available/sysconfig/page.inc.php index 043645df..30271514 100644 --- a/modules-available/sysconfig/page.inc.php +++ b/modules-available/sysconfig/page.inc.php @@ -343,6 +343,9 @@ class Page_SysConfig extends Page Message::addError('main.empty-field'); Util::redirect('?do=sysconfig&locationid=' . $this->currentLoc); } + // Validate that either the configid is valid (in case we override for a specific location) + // or that if the locationid is 0 (=global) that the configid exists, because it's not allowed + // to unset the global config if ($this->currentLoc === 0 || $configid !== 0) { $row = Database::queryFirst("SELECT title, filepath FROM configtgz WHERE configid = :configid LIMIT 1", array('configid' => $configid)); if ($row === false) { @@ -358,6 +361,7 @@ class Page_SysConfig extends Page Database::exec("INSERT INTO configtgz_location (locationid, configid) VALUES (:locationid, :configid)" . " ON DUPLICATE KEY UPDATE configid = :configid", compact('locationid', 'configid')); } + Event::activeConfigChanged(); Util::redirect('?do=sysconfig&locationid=' . $this->currentLoc); } @@ -475,4 +479,36 @@ class Page_SysConfig extends Page AddConfig_Base::setStep($step); } + /** + * If modules need updates (blue refresh buttons), we query their state + * via ajax, in case they are about to generate. This happens for example + * if you edit a module and a bunch of configs depend on it and will be + * rebuilt. + */ + protected function doAjax() + { + if (Request::post('action') === 'status') { + $mods = Request::post('mods'); + $confs = Request::post('confs'); + $outMods = array(); + $outConfs = array(); + $mods = explode(',', $mods); + $confs = explode(',', $confs); + // Mods + $res = Database::simpleQuery("SELECT moduleid FROM configtgz_module + WHERE moduleid in (:mods) AND status = 'OK'", compact('mods')); + while ($row = $res->fetch(PDO::FETCH_ASSOC)) { + $outMods[] = $row['moduleid']; + } + // Confs + $res = Database::simpleQuery("SELECT configid FROM configtgz + WHERE configid in (:confs) AND status = 'OK'", compact('confs')); + while ($row = $res->fetch(PDO::FETCH_ASSOC)) { + $outConfs[] = $row['configid']; + } + Header('Content-Type: application/json'); + die(json_encode(array('mods' => $outMods, 'confs' => $outConfs))); + } + } + } diff --git a/modules-available/sysconfig/templates/ad-selfsearch.html b/modules-available/sysconfig/templates/ad-selfsearch.html index 6b85b9ed..64e181b2 100644 --- a/modules-available/sysconfig/templates/ad-selfsearch.html +++ b/modules-available/sysconfig/templates/ad-selfsearch.html @@ -54,7 +54,7 @@ <input name="server" value="{{server}}" type="hidden"> <input name="port" value="{{port}}" type="hidden"> <input id="searchbase" name="searchbase" value="{{searchbase}}" type="hidden"> - <input id="fulldn" name="binddn" value="" type="hidden"> + <input id="fulldn" name="binddn" value="{{binddn}}" type="hidden"> <input id="givendn" name="originalbinddn" value="{{originalbinddn}}" type="hidden"> <input name="bindpw" value="{{bindpw}}" type="hidden"> <input id="home" name="home" value="{{home}}" type="hidden"> |