From: Marcin Haba Date: Mon, 23 Jun 2014 12:42:05 +0000 (+0200) Subject: baculum: Saving auth file for web server HTTP Basic auth X-Git-Tag: Release-7.0.5~51 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=ff2994ad4188da4552e37b601ca752dbed1c92c3;p=bacula%2Fbacula baculum: Saving auth file for web server HTTP Basic auth --- diff --git a/gui/baculum/protected/Class/ConfigurationManager.php b/gui/baculum/protected/Class/ConfigurationManager.php index a92410142b..4bee3b643c 100644 --- a/gui/baculum/protected/Class/ConfigurationManager.php +++ b/gui/baculum/protected/Class/ConfigurationManager.php @@ -27,6 +27,11 @@ class ConfigurationManager extends TModule */ const CONFIG_FILE = 'Application.Data.settings'; + /** + * Users login and password file for HTTP Basic auth. + */ + const USERS_FILE = 'Application.Data.baculum'; + /** * PostgreSQL default params. */ @@ -127,5 +132,82 @@ class ConfigurationManager extends TModule public function isApplicationConfig() { return file_exists(Prado::getPathOfNamespace(self::CONFIG_FILE, '.conf')); } + + /** + * Saving user to users configuration file. + * + * NOTE! + * So far by webGUI is possible to set one user. + * For more users and restricted consoles, there is need to modify + * users and passwords file. + * + * TODO: Support for more than one user setting on webGUI. + * + * @access public + * @param string $user username + * @param string $password user's password + * @param boolean $firstUsage determine if it is first saved user during first Baculum run + * @param mixed $oldUser previous username before change + * @return boolean true if user saved successfully, otherwise false + */ + public function setUsersConfig($user, $password, $firstUsage = false, $oldUser = null) { + $usersFile = Prado::getPathOfNamespace(self::USERS_FILE, '.users'); + if($firstUsage === true) { + $this->clearUsersConfig(); + } + + $users = $this->isUsersConfig() === true ? file($usersFile, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES) : array(); + $userExists = false; + + for($i = 0; $i < count($users); $i++) { + // checking if user already exist in configuration file and if exist then update password + if(preg_match("/^{$user}\:/", $users[$i]) === 1) { + $users[$i] = "{$user}:{$password}"; + $userExists = true; + break; + } + } + + if(!is_null($oldUser) && $oldUser !== $user) { + // delete old username with password from configuration file + for($j = 0; $j < count($users); $j++) { + if(preg_match("/^{$oldUser}\:/", $users[$j]) === 1) { + unset($users[$j]); + break; + } + } + } + + // add new user if does not exist + if($userExists === false) { + array_push($users, "{$user}:{$password}"); + } + + $usersToFile = implode("\n", $users); + $result = file_put_contents($usersFile, $usersToFile) !== false; + return $result; + } + + /** + * Checking if users configuration file exists. + * + * @access public + * @return boolean true if file exists, otherwise false + */ + public function isUsersConfig() { + return file_exists(Prado::getPathOfNamespace(self::USERS_FILE, '.users')); + } + + /** + * Clear all content of users file. + * + * @access private + * @return boolean true if file cleared successfully, otherwise false + */ + private function clearUsersConfig() { + $usersFile = Prado::getPathOfNamespace(self::USERS_FILE, '.users'); + $result = file_put_contents($usersFile, '') !== false; + return $result; + } } ?> \ No newline at end of file diff --git a/gui/baculum/protected/Pages/ConfigurationWizard.page b/gui/baculum/protected/Pages/ConfigurationWizard.page index 7cda83b63a..61eda516c6 100644 --- a/gui/baculum/protected/Pages/ConfigurationWizard.page +++ b/gui/baculum/protected/Pages/ConfigurationWizard.page @@ -252,7 +252,8 @@
-

<%[ NOTE! ]%>
<%[ Above administration login and administration password should be the same as login params defined in Web Server authorization file. They are HTTP Basic authorization params by using which you have logged in to this wizard. ]%>

+

<%[ NOTE! ]%>
<%[ Above administration login and administration password will be used for login as administrator to Baculum WebGUI. They are your HTTP Basic authorization params by using which you will be logged in to Baculum. ]%>

+

<%[ NOTE! ]%>
<%[ In case when you use your selected HTTP Basic auth backend and in particular manual Baculum installation from source tar.gz archive, in above fields you need to provide your defined login and password which you used for access to this wizard. ]%>

diff --git a/gui/baculum/protected/Pages/ConfigurationWizard.php b/gui/baculum/protected/Pages/ConfigurationWizard.php index c818af0c4c..bcf84ca287 100644 --- a/gui/baculum/protected/Pages/ConfigurationWizard.php +++ b/gui/baculum/protected/Pages/ConfigurationWizard.php @@ -105,7 +105,16 @@ class ConfigurationWizard extends BaculumPage $cfgData['baculum']['debug'] = isset($this->applicationConfig['baculum']['debug']) ? $this->applicationConfig['baculum']['debug'] : "0"; $ret = $this->getModule('configuration')->setApplicationConfig($cfgData); if($ret === true) { - $this->goToDefaultPage(); + if($this->getModule('configuration')->isUsersConfig() === true) { // version with users config file, so next is try to auto-login + $previousUser = ($this->firstRun === false) ? $this->applicationConfig['baculum']['login'] : null; + $this->getModule('configuration')->setUsersConfig($cfgData['baculum']['login'], $cfgData['baculum']['password'], $this->firstRun, $previousUser); + // Automatic login after finish wizard. + $http_protocol = isset($_SERVER['HTTPS']) && !empty($_SERVER['HTTPS']) ? 'https' : 'http'; + $location = sprintf("%s://%s:%s@%s:%d/", $http_protocol, $cfgData['baculum']['login'], $cfgData['baculum']['password'], $_SERVER['SERVER_NAME'], $_SERVER['SERVER_PORT']); + header("Location: $location"); + } else { // standard version (user defined auth method) + $this->goToDefaultPage(); + } } }