1 /* Icinga 2 | (c) 2012 Icinga GmbH | GPLv2+ */
3 #include "icinga/usergroup.hpp"
4 #include "icinga/usergroup-ti.cpp"
5 #include "config/objectrule.hpp"
6 #include "config/configitem.hpp"
7 #include "base/configtype.hpp"
8 #include "base/objectlock.hpp"
9 #include "base/logger.hpp"
10 #include "base/context.hpp"
11 #include "base/workqueue.hpp"
13 using namespace icinga;
15 REGISTER_TYPE(UserGroup);
17 INITIALIZE_ONCE([]() {
18 ObjectRule::RegisterType("UserGroup");
21 bool UserGroup::EvaluateObjectRule(const User::Ptr& user, const ConfigItem::Ptr& group)
23 String groupName = group->GetName();
25 CONTEXT("Evaluating rule for group '" + groupName + "'");
27 ScriptFrame frame(true);
28 if (group->GetScope())
29 group->GetScope()->CopyTo(frame.Locals);
30 frame.Locals->Set("user", user);
32 if (!group->GetFilter()->Evaluate(frame).GetValue().ToBool())
35 Log(LogDebug, "UserGroup")
36 << "Assigning membership for group '" << groupName << "' to user '" << user->GetName() << "'";
38 Array::Ptr groups = user->GetGroups();
40 if (groups && !groups->Contains(groupName))
41 groups->Add(groupName);
46 void UserGroup::EvaluateObjectRules(const User::Ptr& user)
48 CONTEXT("Evaluating group membership for user '" + user->GetName() + "'");
50 for (const ConfigItem::Ptr& group : ConfigItem::GetItems(UserGroup::TypeInstance))
52 if (!group->GetFilter())
55 EvaluateObjectRule(user, group);
59 std::set<User::Ptr> UserGroup::GetMembers() const
61 boost::mutex::scoped_lock lock(m_UserGroupMutex);
65 void UserGroup::AddMember(const User::Ptr& user)
67 user->AddGroup(GetName());
69 boost::mutex::scoped_lock lock(m_UserGroupMutex);
70 m_Members.insert(user);
73 void UserGroup::RemoveMember(const User::Ptr& user)
75 boost::mutex::scoped_lock lock(m_UserGroupMutex);
76 m_Members.erase(user);
79 bool UserGroup::ResolveGroupMembership(const User::Ptr& user, bool add, int rstack) {
81 if (add && rstack > 20) {
82 Log(LogWarning, "UserGroup")
83 << "Too many nested groups for group '" << GetName() << "': User '"
84 << user->GetName() << "' membership assignment failed.";
89 Array::Ptr groups = GetGroups();
91 if (groups && groups->GetLength() > 0) {
92 ObjectLock olock(groups);
94 for (const String& name : groups) {
95 UserGroup::Ptr group = UserGroup::GetByName(name);
97 if (group && !group->ResolveGroupMembership(user, add, rstack + 1))