[checkmk-commits] Added missing changes

Module: check_mk Branch: master Commit: d00ba81177c6663f2acc73c618b1d864f916ef8f URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=d00ba81177c666… Author: Lars Michelsen <lm(a)mathias-kettner.de> Date: Fri Jan 27 12:35:30 2017 +0100 Added missing changes Change-Id: I81f7b7edb7a713a6133e7e2e69ec942f5058232c --- web/htdocs/htmllib.py | 8 +++++--- web/htdocs/wato.py | 24 ++++++++++++++++++++++++ web/plugins/userdb/ldap.py | 14 +++++++++----- web/plugins/views/mkeventd.py | 3 ++- 4 files changed, 40 insertions(+), 9 deletions(-) diff --git a/web/htdocs/htmllib.py b/web/htdocs/htmllib.py index 4ce946d..af4e001 100644 --- a/web/htdocs/htmllib.py +++ b/web/htdocs/htmllib.py @@ -1649,12 +1649,14 @@ class html(DeprecationWrapper): return filename - def makeactionuri(self, addvars, filename=None): - return self.makeuri(addvars + [("_transid", self.get_transid())], filename=filename) + def makeactionuri(self, addvars, filename=None, delvars=None): + return self.makeuri(addvars + [("_transid", self.get_transid())], + filename=filename, delvars=delvars) def makeactionuri_contextless(self, addvars, filename=None): - return self.makeuri_contextless(addvars + [("_transid", self.get_transid())], filename=filename) + return self.makeuri_contextless(addvars + [("_transid", self.get_transid())], + filename=filename) # diff --git a/web/htdocs/wato.py b/web/htdocs/wato.py index f535412..8b4fe71 100644 --- a/web/htdocs/wato.py +++ b/web/htdocs/wato.py @@ -5825,9 +5825,33 @@ def vs_ldap_connection(new, connection_id): 'user_filter', 'user_filter_group', 'user_id', 'lower_user_ids', 'connect_timeout', 'version', 'group_filter', 'group_member', 'suffix', ], + validate = validate_ldap_connection, ) +def validate_ldap_connection(value, varprefix): + for role_id, group_specs in value["active_plugins"].get("groups_to_roles", {}).items(): + for index, group_spec in enumerate(group_specs): + dn, connection_id = group_spec + + if connection_id == None: + group_dn = value["group_dn"] + + else: + connection = userdb.get_connection(connection_id) + if not connection: + continue + group_dn = connection.get_group_dn() + + if not group_dn: + raise MKUserError(varprefix, _("You need to configure the group base DN to be able to " + "use the roles synchronization plugin.")) + + if not dn.lower().endswith(group_dn.lower()): + varname = "connection_p_active_plugins_p_groups_to_roles_p_%s_1_%d" % (role_id, index) + raise MKUserError(varname, _("The configured DN does not match the group base DN.")) + + def mode_edit_ldap_connection(phase): connection_id = html.var("id") connections = userdb.load_connection_config() diff --git a/web/plugins/userdb/ldap.py b/web/plugins/userdb/ldap.py index 5e764e3..ea6b2d0 100644 --- a/web/plugins/userdb/ldap.py +++ b/web/plugins/userdb/ldap.py @@ -334,6 +334,10 @@ class LDAPUserConnector(UserConnector): return self._config['group_dn'] != '' + def get_group_dn(self): + return self.replace_macros(self._config['group_dn']) + + def get_suffix(self): return self._config.get('suffix') @@ -378,7 +382,7 @@ class LDAPUserConnector(UserConnector): def group_base_dn_exists(self): - return self.object_exists(self.replace_macros(self._config['group_dn'])) + return self.object_exists(self.get_group_dn()) def ldap_paged_async_search(self, base, scope, filt, columns): @@ -669,7 +673,7 @@ class LDAPUserConnector(UserConnector): def get_groups(self, specific_dn = None): filt = self.ldap_filter('groups') - dn = self.replace_macros(self._config['group_dn']) + dn = self.get_group_dn() if specific_dn: # When using AD, the groups can be filtered by the DN attribute. With @@ -712,8 +716,8 @@ class LDAPUserConnector(UserConnector): add_filt = '(|%s)' % ''.join([ '(%s=%s)' % (filt_attr, f) for f in filters ]) filt = '(&%s%s)' % (filt, add_filt) - for dn, obj in self.ldap_search(self.replace_macros(self._config['group_dn']), - filt, ['cn', member_attr], self._config['group_scope']): + for dn, obj in self.ldap_search(self.get_group_dn(), filt, ['cn', member_attr], + self._config['group_scope']): groups[dn] = { 'cn' : obj['cn'][0], 'members' : [ m.encode('utf-8').lower() for m in obj.get(member_attr,[]) ], @@ -738,7 +742,7 @@ class LDAPUserConnector(UserConnector): groups = {} for filter_val in filters: if filt_attr == 'cn': - result = self.ldap_search(self.replace_macros(self._config['group_dn']), + result = self.ldap_search(self.get_group_dn(), '(&%s(cn=%s))' % (self.ldap_filter('groups'), filter_val), ['dn'], self._config['group_scope']) if not result: diff --git a/web/plugins/views/mkeventd.py b/web/plugins/views/mkeventd.py index 4a0b9d8..48e4935 100644 --- a/web/plugins/views/mkeventd.py +++ b/web/plugins/views/mkeventd.py @@ -324,7 +324,8 @@ if mkeventd_enabled: ("_delete_event", _("Archive Event")), ("_show_result", "0"), ] - url = html.makeactionuri(urlvars, filename=filename) + url = html.makeactionuri(urlvars, filename=filename, + delvars=["selection", "show_checkboxes"]) return html.render_icon_button(url, _("Archive this event"), "delete") else: return ''