Checkmk git commits

checkmk-commits@lists.checkmk.com

1 participants
64479 discussions

Check_MK Git: check_mk: .f12 now uses SITE variable if set

by Götz Golla

Module: check_mk Branch: master Commit: a687ea00390092d262e75a23ebfedfccb34a20dd URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=a687ea00390092… Author: Götz Golla <gg(a)mathias-kettner.de> Date: Wed Oct 23 11:54:04 2013 +0200 .f12 now uses SITE variable if set --- doc/treasures/active_checks/.f12 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/treasures/active_checks/.f12 b/doc/treasures/active_checks/.f12 index 678ec69..131fbd8 100755 --- a/doc/treasures/active_checks/.f12 +++ b/doc/treasures/active_checks/.f12 @@ -1,2 +1,2 @@ -site=${site:-$(omd sites --bare | head -n 1)} -sudo rsync -ar ./ /omd/sites/$site/lib/nagios/plugins +SITE=${SITE:-$(omd sites --bare | head -n 1)} +sudo rsync -a ./ /omd/sites/$SITE/lib/nagios/plugins

10 years, 11 months

Check_MK Git: check_mk: semicolons are no escaped and can be used in sql statements

by Götz Golla

Module: check_mk Branch: master Commit: 9a3c41f8ca4de7d1dc2fa37cb2622f22d3ffa89e URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=9a3c41f8ca4de7… Author: Götz Golla <gg(a)mathias-kettner.de> Date: Wed Oct 23 11:32:46 2013 +0200 semicolons are no escaped and can be used in sql statements --- checks/check_sql | 2 +- doc/treasures/active_checks/check_sql | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/checks/check_sql b/checks/check_sql index 4bd610e..8788947 100644 --- a/checks/check_sql +++ b/checks/check_sql @@ -48,7 +48,7 @@ def check_sql_arguments(params): args += " -w %s:%s" % (lower[0], upper[0]) args += " -c %s:%s" % (lower[1], upper[1]) - sql_tmp = params["sql"].replace("\n", r"\n") + sql_tmp = params["sql"].replace("\n", r"\n").replace(";", "\;") args += " %s" % quote_shell_string(sql_tmp) return args diff --git a/doc/treasures/active_checks/check_sql b/doc/treasures/active_checks/check_sql index 8e84bb5..4d803ed 100755 --- a/doc/treasures/active_checks/check_sql +++ b/doc/treasures/active_checks/check_sql @@ -119,7 +119,7 @@ try: if args: opt_sql_tmp = ' '.join(map(str,args)) - opt_sql = opt_sql_tmp.replace(r"\n", "\n") + opt_sql = opt_sql_tmp.replace(r"\n", "\n").replace('\;', ";") else: print "UNKNOWN - no SQL statement given" sys.exit(3)

10 years, 11 months

Check_MK Git: check_mk: Removed peer replication from configuration dialog

by Mathias Kettner

Module: check_mk Branch: master Commit: 3582330f20c25c3fc1af4f181af2251a8af1fdb7 URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=3582330f20c25c… Author: Mathias Kettner <mk(a)mathias-kettner.de> Date: Wed Oct 23 04:44:14 2013 -0400 Removed peer replication from configuration dialog Existing peer replications are still unaffected but will soon be removed anyway. --- ChangeLog | 1 + web/htdocs/wato.py | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 7d3f0c9..43e6d79 100644 --- a/ChangeLog +++ b/ChangeLog @@ -92,6 +92,7 @@ * New option for full SNMP scan in bulk inventory * bulk operations now also available when checkboxes are off * LDAP: Added test to validate the configured role sync groups + * Disabled replication type "peer" in site editor. * FIX: correct display of number of hosts in bulk inventory * FIX: nailed down ".siteid" exception when added new site * FIX: fixed setting for locking mode from 'ait' to 'wait' diff --git a/web/htdocs/wato.py b/web/htdocs/wato.py index a59454f..ac32bf7 100644 --- a/web/htdocs/wato.py +++ b/web/htdocs/wato.py @@ -7374,7 +7374,7 @@ def mode_edit_site(phase): forms.section(_("Replication method")) html.select("replication", [ ("none", _("No replication with this site")), - ("peer", _("Peer: synchronize configuration with this site")), + # ("peer", _("Peer: synchronize configuration with this site")), ("slave", _("Slave: push configuration to this site")) ], site.get("replication", "none")) html.help( _("WATO replication allows you to manage several monitoring sites with a "

10 years, 11 months

Check_MK Git: check_mk: Fixed styling of sidebar snapin move indicator

by Mathias Kettner

Module: check_mk Branch: master Commit: ca43744760d0e57303eff332c2f1546477c986c1 URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=ca43744760d0e5… Author: Mathias Kettner <mk(a)mathias-kettner.de> Date: Tue Oct 22 15:00:41 2013 -0400 Fixed styling of sidebar snapin move indicator --- web/htdocs/sidebar.css | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/web/htdocs/sidebar.css b/web/htdocs/sidebar.css index 0a8ed02..7a98cdb 100644 --- a/web/htdocs/sidebar.css +++ b/web/htdocs/sidebar.css @@ -357,14 +357,16 @@ div.statebullet { } div#snapinDragIndicator { - height: 2px; + height: 1.5px; line-height: 1px; font-size: 1px; - width: 249px; + width: 247px; background-color: #fff; - margin: 0px 0px 0px 10px; + margin: 0px 0px 0px 11px; border-radius: 3px; - box-shadow: 0px 0px 5px #ffffff; + box-shadow: 0px 0px 3px #fff; + position: relative; + top: 2px; }

10 years, 11 months

Check_MK Git: check_mk: Fixed layout of ListOfStrings

by Mathias Kettner

Module: check_mk Branch: master Commit: cf87bbc79c417df73de9b471335394002a9974eb URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=cf87bbc79c417d… Author: Mathias Kettner <mk(a)mathias-kettner.de> Date: Tue Oct 22 15:13:37 2013 -0400 Fixed layout of ListOfStrings Cancelling the float: left, that makes e.g. the Negate hosts option appear in the same line as the list of hosts. I hope this does not break something on browsers other then Chrome and Firefox. --- web/htdocs/check_mk.css | 4 ++-- web/htdocs/wato.py | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/web/htdocs/check_mk.css b/web/htdocs/check_mk.css index 41169e0..aac444f 100644 --- a/web/htdocs/check_mk.css +++ b/web/htdocs/check_mk.css @@ -471,7 +471,7 @@ table.valuespec_listof option[selected] { font-weight: bold; } -div.listofstring.horizontal { +div.listofstrings.horizontal { clear: left; } @@ -484,7 +484,7 @@ div.listofstrings.horizontal > div { margin-right: 2px; } div.listofstrings.horizontal > div:last-child { - /* float: none; */ + float: none; } table.listchoice { diff --git a/web/htdocs/wato.py b/web/htdocs/wato.py index 6602edd..c6a0a94 100644 --- a/web/htdocs/wato.py +++ b/web/htdocs/wato.py @@ -11395,7 +11395,7 @@ def mode_edit_rule(phase, new = False): html.checkbox("negate_hosts", negate_hosts, label = _("<b>Negate:</b> make rule apply for <b>all but</b> the above hosts")) - html.write("</div><br>") + html.write("</div>") html.help(_("You can enter a number of explicit host names that rule should or should " "not apply to here. Leave this option disabled if you want the rule to " "apply for all hosts specified by the given tags."))

10 years, 11 months

Check_MK Git: check_mk: Fix protocol of --keepalive in case of exception

by Mathias Kettner

Module: check_mk Branch: master Commit: d4eb0da7bd448bcb19dfc10cf2f75181c4213bfb URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=d4eb0da7bd448b… Author: Mathias Kettner <mk(a)mathias-kettner.de> Date: Tue Oct 22 18:43:25 2013 -0400 Fix protocol of --keepalive in case of exception --- modules/check_mk.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/modules/check_mk.py b/modules/check_mk.py index c372f77..1f9542f 100755 --- a/modules/check_mk.py +++ b/modules/check_mk.py @@ -5127,8 +5127,9 @@ def do_check_keepalive(): except Exception, e: if opt_debug: raise - sys.stdout.write("UNKNOWN - %s\n3\n" % e) - + total_check_output = "UNKNOWN - %s\n" % e + sys.stdout.write("%03d\n%08d\n%s" % + (3, len(total_check_output), total_check_output))

10 years, 11 months

Check_MK Git: check_mk: Better styling of WATO host checkboxes

by Mathias Kettner

Module: check_mk Branch: master Commit: 2dc4f7f38c984b945263bb92be28dfba6f71df38 URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=2dc4f7f38c984b… Author: Mathias Kettner <mk(a)mathias-kettner.de> Date: Wed Oct 23 03:17:42 2013 -0400 Better styling of WATO host checkboxes --- web/htdocs/wato.css | 5 ++++- web/htdocs/wato.py | 12 ++++++------ 2 files changed, 10 insertions(+), 7 deletions(-) diff --git a/web/htdocs/wato.css b/web/htdocs/wato.css index 737ba47..7c1dc47 100644 --- a/web/htdocs/wato.css +++ b/web/htdocs/wato.css @@ -219,7 +219,6 @@ table.validationerror img { } .wato table.data tr.data td.bulksearch { - text-align: right; padding-right: 0px; white-space: nowrap; } @@ -229,6 +228,10 @@ table.validationerror img { margin-right: 5px; } +.wato table.data tr.data td.bulksearch div.togglebutton.checkbox { + margin-left: 0px; +} + /* Path to current folder at top of screen */ .wato div.folderpath { diff --git a/web/htdocs/wato.py b/web/htdocs/wato.py index 3f5241f..74ec886 100644 --- a/web/htdocs/wato.py +++ b/web/htdocs/wato.py @@ -1274,12 +1274,6 @@ def show_hosts(folder): def bulk_actions(at_least_one_imported, top, withsearch, colspan, odd, show_checkboxes): html.write('<tr class="data %s0">' % odd) html.write("<td class=bulksearch colspan=3>") - if withsearch: - html.text_input(top and "search" or "search") - html.button("_search", _("Search")) - html.set_focus("search") - html.write('</td>') - html.write("<td class=bulkactions colspan=%d>" % (colspan-3)) if not show_checkboxes: html.write('<div id="%s_on" title="%s" class="togglebutton %s up" ' 'onclick="location.href=\'%s\'"></div>' % ( @@ -1291,6 +1285,12 @@ def show_hosts(folder): 'onclick="location.href=\'%s\'"></div>' % ( 'checkbox', _('Hide Checkboxes and bulk actions'), 'checkbox', html.makeuri([('show_checkboxes', '0')]))) + if withsearch: + html.text_input(top and "search" or "search") + html.button("_search", _("Search")) + html.set_focus("search") + html.write('</td>') + html.write("<td class=bulkactions colspan=%d>" % (colspan-3)) html.write(' ' + _("Selected hosts:\n"))

10 years, 11 months

Check_MK Git: check_mk: FIX exception: use html instead of htmllib

by Mathias Kettner

Module: check_mk Branch: master Commit: d421a1a2b2d46fb84d24203fe30b46a8b68cccb1 URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=d421a1a2b2d46f… Author: Mathias Kettner <mk(a)mathias-kettner.de> Date: Tue Oct 22 18:42:45 2013 -0400 FIX exception: use html instead of htmllib --- web/htdocs/wato.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/web/htdocs/wato.py b/web/htdocs/wato.py index c6a0a94..bb9fc1d 100644 --- a/web/htdocs/wato.py +++ b/web/htdocs/wato.py @@ -5288,7 +5288,7 @@ def mode_snapshot(phase): c = wato_confirm(_("Confirm deletion of snapshot"), _("Are you sure you want to delete the snapshot <br><br>%s?") % - htmllib.attrencode(delete_file) + html.attrencode(delete_file) ) if c: os.remove(os.path.join(snapshot_dir, delete_file)) @@ -5305,12 +5305,12 @@ def mode_snapshot(phase): c = wato_confirm(_("Confirm restore snapshot"), _("Are you sure you want to restore the snapshot <br><br>%s ?") % - htmllib.attrencode(snapshot_file) + html.attrencode(snapshot_file) ) if c: multitar.extract_from_file(snapshot_dir + snapshot_file, backup_paths) log_pending(SYNCRESTART, None, "snapshot-restored", - _("Restored snapshot %s") % htmllib.attrencode(snapshot_file)) + _("Restored snapshot %s") % html.attrencode(snapshot_file)) return None, _("Successfully restored snapshot.") elif c == False: # not yet confirmed return ""

10 years, 11 months

Check_MK Git: check_mk: WATO: bulk operations now also available when checkboxes are off

by Mathias Kettner

Module: check_mk Branch: master Commit: 4dc44d02f6889447227c193d7dbc5fdc5509452b URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=4dc44d02f68894… Author: Mathias Kettner <mk(a)mathias-kettner.de> Date: Wed Oct 23 03:06:07 2013 -0400 WATO: bulk operations now also available when checkboxes are off --- .bugs/982 | 9 ++++++++- ChangeLog | 1 + web/htdocs/wato.py | 39 +++++++++++++++++++++------------------ 3 files changed, 30 insertions(+), 19 deletions(-) diff --git a/.bugs/982 b/.bugs/982 index f7b3731..3c6fd58 100644 --- a/.bugs/982 +++ b/.bugs/982 @@ -1,9 +1,16 @@ Title: WATO: Hostlist in folder: enable checkboxes -> all should be checked Component: wato -State: open +State: done Date: 2013-10-09 20:39:38 Targetversion: 1.4.0 Class: nastiness When you enable the checkboxes in a WATO folder host list, then all boxes should initially be checked. + +Better solution: readd the bulk buttons also when there +are no checkboxes at all. + + +2013-10-23 03:05:33: changed state open -> done +Bulk operations now also work without checkboxes diff --git a/ChangeLog b/ChangeLog index c22bec4..0cf8cf3 100644 --- a/ChangeLog +++ b/ChangeLog @@ -87,6 +87,7 @@ distributed WATO (available in the "Distributed Monitoring") * bulk inventory: display percentage in progress bar * New option for full SNMP scan in bulk inventory + * bulk operations now also available when checkboxes are off * FIX: correct display of number of hosts in bulk inventory * FIX: nailed down ".siteid" exception when added new site * FIX: fixed setting for locking mode from 'ait' to 'wait' diff --git a/web/htdocs/wato.py b/web/htdocs/wato.py index bb9fc1d..3f5241f 100644 --- a/web/htdocs/wato.py +++ b/web/htdocs/wato.py @@ -1292,23 +1292,23 @@ def show_hosts(folder): 'checkbox', _('Hide Checkboxes and bulk actions'), 'checkbox', html.makeuri([('show_checkboxes', '0')]))) - html.write(' ' + _("Selected hosts:\n")) + html.write(' ' + _("Selected hosts:\n")) - if not g_folder.get(".lock_hosts"): - if config.may("wato.manage_hosts"): - html.button("_bulk_delete", _("Delete")) - if config.may("wato.edit_hosts"): - html.button("_bulk_edit", _("Edit")) - html.button("_bulk_cleanup", _("Cleanup")) - if config.may("wato.services"): - html.button("_bulk_inventory", _("Inventory")) - if not g_folder.get(".lock_hosts"): - if config.may("wato.parentscan"): - html.button("_parentscan", _("Parentscan")) - if config.may("wato.edit_hosts") and config.may("wato.move_hosts"): - move_to_folder_combo("host", None, top) - if at_least_one_imported: - html.button("_bulk_movetotarget", _("Move to Target Folders")) + if not g_folder.get(".lock_hosts"): + if config.may("wato.manage_hosts"): + html.button("_bulk_delete", _("Delete")) + if config.may("wato.edit_hosts"): + html.button("_bulk_edit", _("Edit")) + html.button("_bulk_cleanup", _("Cleanup")) + if config.may("wato.services"): + html.button("_bulk_inventory", _("Inventory")) + if not g_folder.get(".lock_hosts"): + if config.may("wato.parentscan"): + html.button("_parentscan", _("Parentscan")) + if config.may("wato.edit_hosts") and config.may("wato.move_hosts"): + move_to_folder_combo("host", None, top) + if at_least_one_imported: + html.button("_bulk_movetotarget", _("Move to Target Folders")) html.write("</td></tr>\n") # Show table of hosts in this folder @@ -1680,16 +1680,19 @@ def delete_folder_after_confirm(del_folder): # Create list of all hosts that are select with checkboxes in the current file. # This is needed for bulk operations. def get_hostnames_from_checkboxes(filterfunc = None): + show_checkboxes = html.var("show_checkboxes") == "1" + entries = g_folder[".hosts"].items() entries.sort() - selected = weblib.get_rowselection('wato-folder-/'+g_folder['.path']) + if show_checkboxes: + selected = weblib.get_rowselection('wato-folder-/'+g_folder['.path']) selected_hosts = [] search_text = html.var("search") for hostname, host in entries: if (not search_text or (search_text.lower() in hostname.lower())) \ - and ('_c_' + hostname) in selected: + and (not show_checkboxes or ('_c_' + hostname) in selected): if filterfunc == None or \ filterfunc(host): selected_hosts.append(hostname)

10 years, 11 months

Check_MK Git: check_mk: LDAP: Added option to make group and role sync plugin handle nested groups

by Lars Michelsen

Module: check_mk Branch: master Commit: 4c36596a6c7082c9a3dad86df308503727df1549 URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=4c36596a6c7082… Author: Lars Michelsen <lm(a)mathias-kettner.de> Date: Wed Oct 23 10:23:48 2013 +0200 LDAP: Added option to make group and role sync plugin handle nested groups --- ChangeLog | 4 ++++ web/htdocs/wato.py | 30 +++++++++++++++++++++------ web/plugins/userdb/ldap.py | 49 +++++++++++++++++++++++++++++++++++--------- 3 files changed, 67 insertions(+), 16 deletions(-) diff --git a/ChangeLog b/ChangeLog index c22bec4..759029d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -26,6 +26,9 @@ * Wiki Sidebar Snapin: showing navigation and quicksearch. OMD only. * Sidebar can now be folded. Simply click somewhere at the left 10 pixels. * Foldable sections now have an animated triangle icon that shows the folding state + * LDAP: Added option to make group and role sync plugin handle nested + groups (only in Active Directory at the moment). Enabling this + feature might increase the sync time a lot - use only when really needed. * FIX: Fixed encoding problem in webservice column output * FIX: Fix output format python for several numeric columns * FIX: Fixed searching hosts by aliases/adresses @@ -87,6 +90,7 @@ distributed WATO (available in the "Distributed Monitoring") * bulk inventory: display percentage in progress bar * New option for full SNMP scan in bulk inventory + * LDAP: Added test to validate the configured role sync groups * FIX: correct display of number of hosts in bulk inventory * FIX: nailed down ".siteid" exception when added new site * FIX: fixed setting for locking mode from 'ait' to 'wait' diff --git a/web/htdocs/wato.py b/web/htdocs/wato.py index 6602edd..78d053a 100644 --- a/web/htdocs/wato.py +++ b/web/htdocs/wato.py @@ -5624,12 +5624,30 @@ def mode_ldap_config(phase): else: return (False, msg) + def test_groups_to_roles(address): + if 'groups_to_roles' not in config.ldap_active_plugins: + return True, _('Skipping this test (Plugin is not enabled)') + + userdb.ldap_connect(enforce_new = True, enforce_server = address) + num = 0 + for role_id, dn in config.ldap_active_plugins['groups_to_roles'].items(): + if isinstance(dn, str): + num += 1 + try: + ldap_groups = userdb.ldap_get_groups('(distinguishedName=%s)' % dn) + if not ldap_groups: + return False, _('Could not find the group specified for role %s') % role_id + except Exception, e: + return False, _('Error while fetching group for role %s: %s') % (role_id, str(e)) + return True, _('Found all %d groups.') % num + tests = [ - (_('Connect'), test_connect), - (_('User Base-DN'), test_user_base_dn), - (_('Count Users'), test_user_count), - (_('Group Base-DN'), test_group_base_dn), - (_('Count Groups'), test_group_count), + (_('Connect'), test_connect), + (_('User Base-DN'), test_user_base_dn), + (_('Count Users'), test_user_count), + (_('Group Base-DN'), test_group_base_dn), + (_('Count Groups'), test_group_count), + (_('Sync-Plugin: Roles'), test_groups_to_roles), ] for address in userdb.ldap_servers(): @@ -5642,7 +5660,7 @@ def mode_ldap_config(phase): state, msg = test(address) except Exception, e: state = False - msg = _('Exception: %s') % e + msg = _('Exception: %s') % html.attrencode(e) if state: img = '<img src="images/icon_success.gif" alt="%s" />' % _('Success') diff --git a/web/plugins/userdb/ldap.py b/web/plugins/userdb/ldap.py index 4aa68d3..77faf2e 100644 --- a/web/plugins/userdb/ldap.py +++ b/web/plugins/userdb/ldap.py @@ -505,7 +505,7 @@ def ldap_get_groups(add_filt = None): filt = '(&%s%s)' % (filt, add_filt) return ldap_search(ldap_replace_macros(config.ldap_groupspec['dn']), filt, ['cn']) -def ldap_user_groups(username, user_dn, attr = 'cn'): +def ldap_user_groups(username, user_dn, attr = 'cn', nested = False): # When configured to convert user_ids to lower case, all user ids here are lower case. # Otherwise all user_ids are in the case which they are in LDAP. This should be ok # for this function! I removed the snippet below to reduce the number of ldap queries. @@ -515,11 +515,12 @@ def ldap_user_groups(username, user_dn, attr = 'cn'): # # so the username read from ldap might differ. Fix it here. # user_dn, username = ldap_get_user(username, True) - if username in g_ldap_group_cache: + cache_key = '%s-%s' % (username, nested and 'n' or 'f') + if cache_key in g_ldap_group_cache: if attr == 'cn': - return g_ldap_group_cache[username][0] + return g_ldap_group_cache[cache_key][0] else: - return g_ldap_group_cache[username][1] + return g_ldap_group_cache[cache_key][1] # posixGroup objects use the memberUid attribute to specify the group memberships. # This is the username instead of the users DN. So the username needs to be used @@ -531,7 +532,10 @@ def ldap_user_groups(username, user_dn, attr = 'cn'): # Apply configured group ldap filter and only reply with groups # having the current user as member - add_filt = '(%s=%s)' % (ldap_member_attr(), ldap.filter.escape_filter_chars(user_filter)) + if config.ldap_connection['type'] and nested: + add_filt = '(member:1.2.840.113556.1.4.1941:=%s)' % ldap.filter.escape_filter_chars(user_dn) + else: + add_filt = '(%s=%s)' % (ldap_member_attr(), ldap.filter.escape_filter_chars(user_filter)) # First get all groups groups_cn = [] @@ -540,7 +544,7 @@ def ldap_user_groups(username, user_dn, attr = 'cn'): groups_cn.append(group['cn'][0]) groups_dn.append(dn) - g_ldap_group_cache.setdefault(username, (groups_cn, groups_dn)) + g_ldap_group_cache.setdefault(cache_key, (groups_cn, groups_dn)) if attr == 'cn': return groups_cn @@ -744,7 +748,7 @@ register_user_attribute_sync_plugins() def ldap_convert_groups_to_contactgroups(params, user_id, ldap_user, user): groups = [] # 1. Fetch CNs of all LDAP groups of the user (use group_dn, group_filter) - ldap_groups = ldap_user_groups(user_id, ldap_user['dn']) + ldap_groups = ldap_user_groups(user_id, ldap_user['dn'], nested = params.get('nested', False)) # 2. Fetch all existing group names in WATO cg_names = load_group_information().get("contact", {}).keys() @@ -759,20 +763,32 @@ ldap_attribute_plugins['groups_to_contactgroups'] = { 'contactgroup must match the common name (cn) of the LDAP group.'), 'convert': ldap_convert_groups_to_contactgroups, 'lock_attributes': ['contactgroups'], - 'no_param_txt': _('Add user to all contactgroups where the common name matches the group name.'), + 'parameters': [ + ('nested', FixedValue( + title = _('Handle nested group memberships (Active Directory only at the moment)'), + help = _('Once you enable this option, this plugin will not only handle direct ' + 'group memberships, instead it will also dig into nested groups and treat ' + 'the members of those groups as contact group members as well. Please mind ' + 'that this feature might increase the execution time of your LDAP sync.'), + value = True, + totext = _('Nested group memberships are resolved'), + ) + ) + ], } def ldap_convert_groups_to_roles(params, user_id, ldap_user, user): groups = [] # 1. Fetch DNs of all LDAP groups of the user - ldap_groups = [ g.lower() for g in ldap_user_groups(user_id, ldap_user['dn'], 'dn') ] + ldap_groups = [ g.lower() for g in ldap_user_groups(user_id, ldap_user['dn'], + attr = 'dn', nested = params.get('nested', False)) ] # 2. Load default roles from default user profile roles = config.default_user_profile['roles'][:] # 3. Loop all roles mentioned in params (configured to be synchronized) for role_id, dn in params.items(): - if dn.lower() in ldap_groups and role_id not in roles: + if isinstance(dn, str) and dn.lower() in ldap_groups and role_id not in roles: roles.append(role_id) return {'roles': roles} @@ -788,6 +804,19 @@ def ldap_list_roles_with_group_dn(): size = 80, enforce_suffix = ldap_replace_macros(config.ldap_groupspec.get('dn', '')), ))) + + elements.append( + ('nested', FixedValue( + title = _('Handle nested group memberships (Active Directory only at the moment)'), + help = _('Once you enable this option, this plugin will not only handle direct ' + 'group memberships, instead it will also dig into nested groups and treat ' + 'the members of those groups as contact group members as well. Please mind ' + 'that this feature might increase the execution time of your LDAP sync.'), + value = True, + totext = _('Nested group memberships are resolved'), + ) + ) + ) return elements ldap_attribute_plugins['groups_to_roles'] = {

10 years, 11 months

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

Checkmk git commits