Module: check_mk
Branch: master
Commit: d00ba81177c6663f2acc73c618b1d864f916ef8f
URL:
http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=d00ba81177c666…
Author: Lars Michelsen <lm(a)mathias-kettner.de>
Date: Fri Jan 27 12:35:30 2017 +0100
Added missing changes
Change-Id: I81f7b7edb7a713a6133e7e2e69ec942f5058232c
---
web/htdocs/htmllib.py | 8 +++++---
web/htdocs/wato.py | 24 ++++++++++++++++++++++++
web/plugins/userdb/ldap.py | 14 +++++++++-----
web/plugins/views/mkeventd.py | 3 ++-
4 files changed, 40 insertions(+), 9 deletions(-)
diff --git a/web/htdocs/htmllib.py b/web/htdocs/htmllib.py
index 4ce946d..af4e001 100644
--- a/web/htdocs/htmllib.py
+++ b/web/htdocs/htmllib.py
@@ -1649,12 +1649,14 @@ class html(DeprecationWrapper):
return filename
- def makeactionuri(self, addvars, filename=None):
- return self.makeuri(addvars + [("_transid", self.get_transid())],
filename=filename)
+ def makeactionuri(self, addvars, filename=None, delvars=None):
+ return self.makeuri(addvars + [("_transid", self.get_transid())],
+ filename=filename, delvars=delvars)
def makeactionuri_contextless(self, addvars, filename=None):
- return self.makeuri_contextless(addvars + [("_transid",
self.get_transid())], filename=filename)
+ return self.makeuri_contextless(addvars + [("_transid",
self.get_transid())],
+ filename=filename)
#
diff --git a/web/htdocs/wato.py b/web/htdocs/wato.py
index f535412..8b4fe71 100644
--- a/web/htdocs/wato.py
+++ b/web/htdocs/wato.py
@@ -5825,9 +5825,33 @@ def vs_ldap_connection(new, connection_id):
'user_filter', 'user_filter_group', 'user_id',
'lower_user_ids', 'connect_timeout', 'version',
'group_filter', 'group_member', 'suffix',
],
+ validate = validate_ldap_connection,
)
+def validate_ldap_connection(value, varprefix):
+ for role_id, group_specs in
value["active_plugins"].get("groups_to_roles", {}).items():
+ for index, group_spec in enumerate(group_specs):
+ dn, connection_id = group_spec
+
+ if connection_id == None:
+ group_dn = value["group_dn"]
+
+ else:
+ connection = userdb.get_connection(connection_id)
+ if not connection:
+ continue
+ group_dn = connection.get_group_dn()
+
+ if not group_dn:
+ raise MKUserError(varprefix, _("You need to configure the group base
DN to be able to "
+ "use the roles synchronization
plugin."))
+
+ if not dn.lower().endswith(group_dn.lower()):
+ varname =
"connection_p_active_plugins_p_groups_to_roles_p_%s_1_%d" % (role_id, index)
+ raise MKUserError(varname, _("The configured DN does not match the
group base DN."))
+
+
def mode_edit_ldap_connection(phase):
connection_id = html.var("id")
connections = userdb.load_connection_config()
diff --git a/web/plugins/userdb/ldap.py b/web/plugins/userdb/ldap.py
index 5e764e3..ea6b2d0 100644
--- a/web/plugins/userdb/ldap.py
+++ b/web/plugins/userdb/ldap.py
@@ -334,6 +334,10 @@ class LDAPUserConnector(UserConnector):
return self._config['group_dn'] != ''
+ def get_group_dn(self):
+ return self.replace_macros(self._config['group_dn'])
+
+
def get_suffix(self):
return self._config.get('suffix')
@@ -378,7 +382,7 @@ class LDAPUserConnector(UserConnector):
def group_base_dn_exists(self):
- return self.object_exists(self.replace_macros(self._config['group_dn']))
+ return self.object_exists(self.get_group_dn())
def ldap_paged_async_search(self, base, scope, filt, columns):
@@ -669,7 +673,7 @@ class LDAPUserConnector(UserConnector):
def get_groups(self, specific_dn = None):
filt = self.ldap_filter('groups')
- dn = self.replace_macros(self._config['group_dn'])
+ dn = self.get_group_dn()
if specific_dn:
# When using AD, the groups can be filtered by the DN attribute. With
@@ -712,8 +716,8 @@ class LDAPUserConnector(UserConnector):
add_filt = '(|%s)' % ''.join([ '(%s=%s)' %
(filt_attr, f) for f in filters ])
filt = '(&%s%s)' % (filt, add_filt)
- for dn, obj in
self.ldap_search(self.replace_macros(self._config['group_dn']),
- filt, ['cn', member_attr],
self._config['group_scope']):
+ for dn, obj in self.ldap_search(self.get_group_dn(), filt, ['cn',
member_attr],
+ self._config['group_scope']):
groups[dn] = {
'cn' : obj['cn'][0],
'members' : [ m.encode('utf-8').lower() for m in
obj.get(member_attr,[]) ],
@@ -738,7 +742,7 @@ class LDAPUserConnector(UserConnector):
groups = {}
for filter_val in filters:
if filt_attr == 'cn':
- result =
self.ldap_search(self.replace_macros(self._config['group_dn']),
+ result = self.ldap_search(self.get_group_dn(),
'(&%s(cn=%s))' %
(self.ldap_filter('groups'), filter_val),
['dn'],
self._config['group_scope'])
if not result:
diff --git a/web/plugins/views/mkeventd.py b/web/plugins/views/mkeventd.py
index 4a0b9d8..48e4935 100644
--- a/web/plugins/views/mkeventd.py
+++ b/web/plugins/views/mkeventd.py
@@ -324,7 +324,8 @@ if mkeventd_enabled:
("_delete_event", _("Archive Event")),
("_show_result", "0"),
]
- url = html.makeactionuri(urlvars, filename=filename)
+ url = html.makeactionuri(urlvars, filename=filename,
+ delvars=["selection",
"show_checkboxes"])
return html.render_icon_button(url, _("Archive this event"),
"delete")
else:
return ''