GarciaPL

#!/usr/bin/perl -w
######################################
# Info : Add User Nagios on st1monms2
# Version : 1.0
# Date : 7 luty 2012
# Author : Lukasz Ciesluk
# Help : http://pl.linkedin.com/in/lukaszciesluk/
######################################
#
# Run :
# chmod +x AddUserNagios_st1monms2.pl
# ./AddUserNagios_st1monms2.pl -h (for help)
# ./AddUserNagios_st1monms2.pl -u <NEW_USERNAME> --username_db <DATABASE_USERNAME> --password_db <DATABASE_PASSWORD> --database <DATABASE_NAME>

use strict;
use warnings;
use Getopt::Long;
use DBI;
use Tie::File;

my $new_nagios_user = undef;
my $username_db = undef;
my $password_db = undef;
my $database = undef;
my $sql = undef;
my $dbh = undef;
my $help = undef;

my $htpasswd_directory = "/opt/nagios/etc/";
my $htpasswd_file = "htpasswd.users";
my $nagios_cgi_directory = "/opt/nagios/etc/";
my $nagios_cgi_cfg_file = "cgi.cfg";
my @nagios_cgi_fields = ( 'authorized_for_all_services', 'authorized_for_all_hosts', 'authorized_for_read_only' );

my $domain = "\@BANK.COM.PL";
my $comma = ",";
my $password_algorithm = "b64_sha1";
my $password_user_merlin = "4insgmC8hl++J1uTcPVCtfo2uX0=";

sub usage {
    print "$0 --u <new_nagios_user> --dbu <username_db> --dbp <password_db> --dbd <database>\n";
}

sub connect_db_merlin {
    $dbh = DBI->connect("dbi:mysql:database=$database;"."host=localhost;port=3306", $username_db, $password_db) || die "Nie mozna sie polaczyc do bazy: $DBI::errstr";
}

sub duplicate_htpasswd {
    my ($nagios_user_create) = @_;
    if (-d $htpasswd_directory) {
        chdir($htpasswd_directory) or die "Can not change directory to the $htpasswd_directory!";

        my $cat_user = `cat $htpasswd_file | grep $nagios_user_create`;
        if (length($cat_user) > 0) {
            print "User has record in $htpasswd_file file which may mean that user can exists. Exit program\n";
            exit;
        }

        tie my @array, 'Tie::File', $htpasswd_file or die "Reading file $htpasswd_file finished with an error : $!\n";
        my $monkey_index = index($array[-1], '@');
        my $domain_substring = substr($array[-1], $monkey_index, length($array[-1]));
        my $new_user_string = $nagios_user_create.$domain_substring;
        print "Adding record to $htpasswd_file file : $new_user_string\n";
        open (FILE, ">>$htpasswd_file") || die "Error opening file $htpasswd_file : $!\n";
        print FILE "$new_user_string\n";
        close FILE;
    } else {
        print "Catalog $htpasswd_directory does not exist. Exit program\n";
        exit;
    }
}

sub duplicate_st1monms2_cgi {
    my ($nagios_user_create) = @_;
    if (-d $nagios_cgi_directory) {
        chdir($nagios_cgi_directory) or die "Can not change directory to the $nagios_cgi_directory!";

        my $cat_user = `cat $nagios_cgi_cfg_file | grep $nagios_user_create`;
        if (length($cat_user) > 0) {
            print "User has record in $htpasswd_file file which may mean that user can exists. Exit program\n";
            exit;
        }

        open ( FILE, "$nagios_cgi_cfg_file" ) || die "Error opening file $nagios_cgi_cfg_file : $!\n";
        my @lines = <FILE>;
        for my $linia (@lines) {
            foreach my $field (@nagios_cgi_fields) {
                if($linia =~ /$field/){
                    $linia =~ s/^\s+//;
                    $linia =~ s/\s+$//;
                    $linia =~ s/^\s+//;
                    $linia =~ s/\s+$//;

                    my @add_user_authorizate = `sed -i.bak -e s/$linia/$linia$comma$nagios_user_create$domain/g $nagios_cgi_cfg_file`;
                    print @add_user_authorizate;

                    print "Granted $field privilege to user $nagios_user_create\n";
                }
            }
        }
        close (FILE);
    } else {
        print "Catalog $nagios_cgi_directory does not exist. Exit program\n";
        exit;
    }
}

sub restart_nagios {
    my @restart = `mon restart`;
    print @restart;
}

sub merlin_db_operations {
    my ($nagios_user_create) = @_;

    print "Checking if user $nagios_user_create$domain exists in database already\n";
    my $sthUserExists = $dbh->prepare('select count(*) as ilosc from users where username = ?') || die "Database Select User Error $DBI::errstr";
    $sthUserExists->bind_param(1, $nagios_user_create.$domain);
    $sthUserExists->execute();
    my $ifexists = $sthUserExists->fetchrow_hashref();

    if ($ifexists->{ilosc} > 0) {
        print "User $nagios_user_create$domain exists! Interrupt program!\n";
        $dbh->disconnect();
        exit;
    } else {
        print "User $nagios_user_create$domain does not exist in database. Continuing.\n";
    }

    my $sth = $dbh->prepare('select max(id) as maxid from users') || die "Database Select Max ID Error $DBI::errstr";
    $sth->execute();
    my $result = $sth->fetchrow_hashref();
    my $new_user_id = $result->{maxid} + 1;

    print "Please give name of user (realname)\n";
    my $realname = <>;
    chomp ($realname);
    print "Please give e-mail address of user (e-mail)\n";
    my $email = <>;
    chomp ($email);

    my $sthUserTable = $dbh->prepare('insert into users(id, realname, email, username, password_algo, password) VALUES (?, ?, ?, ?, ?, ?)');
    $sthUserTable->bind_param(1, $new_user_id);
    $sthUserTable->bind_param(2, $realname);
    $sthUserTable->bind_param(3, $email);
    $sthUserTable->bind_param(4, $nagios_user_create.$domain);
    $sthUserTable->bind_param(5, $password_algorithm);
    $sthUserTable->bind_param(6, $password_user_merlin);
    $sthUserTable->execute();

    print "Added to Users table a user (username) : $nagios_user_create$domain with ID = $new_user_id\n";
    print "Selected algorithm for password : $password_algorithm and password : $password_user_merlin\n";

    print "Adding roles for user\n";
    my $sthRolesUsersTable = $dbh->prepare('insert into roles_users(user_id, role_id) VALUES (?, 1)');
    $sthRolesUsersTable->bind_param(1, $new_user_id);
    $sthRolesUsersTable->execute();

    print "Please answer for user roles : \n";
    print "Add system_information role ? (0 - no, 1 - yes)\n";
    my $system_information = <>;
    chomp ($system_information);
    print "Add configuration_information role ? (0 - no, 1 - yes)\n";
    my $configuration_information = <>;
    chomp ($configuration_information);
    print "Add system_commands role ? (0 - no, 1 - yes)\n";
    my $system_commands = <>;
    chomp ($system_commands);
    print "Add all_services role ? (0 - no, 1 - yes)\n";
    my $all_services = <>;
    chomp ($all_services);
    print "Add all_hosts role ? (0 - no, 1 - yes)\n";
    my $all_hosts = <>;
    chomp ($all_hosts);
    print "Add all_service_commands role ? (0 - no, 1 - yes)\n";
    my $all_service_commands = <>;
    chomp ($all_service_commands);
    print "Add all_host_commands role ? (0 - no, 1 - yes)\n";
    my $all_host_commands = <>;
    chomp ($all_host_commands);

    print "Adding roles for user $nagios_user_create\n";
    my $sthUserAuthorizationTable = $dbh->prepare('insert into ninja_user_authorization(user_id, system_information, configuration_information, system_commands, all_services, all_hosts, all_service_commands, all_host_commands)
        VALUES (?, ?, ?, ?, ?, ?, ?, ?)');
    $sthUserAuthorizationTable->bind_param(1, $new_user_id);
    $sthUserAuthorizationTable->bind_param(2, $system_information);
    $sthUserAuthorizationTable->bind_param(3, $configuration_information);
    $sthUserAuthorizationTable->bind_param(4, $system_commands);
    $sthUserAuthorizationTable->bind_param(5, $all_services);
    $sthUserAuthorizationTable->bind_param(6, $all_hosts);
    $sthUserAuthorizationTable->bind_param(7, $all_service_commands);
    $sthUserAuthorizationTable->bind_param(8, $all_host_commands);
    $sthUserAuthorizationTable->execute();
}

sub help {
   print "\nAdd User Nagios\n";
   usage();
   print <<EOT;
--help
   print this help message
--u --nagios_user=NAGIOS_USER
   new Nagios username e.g. test_user (without domain!)
--dbu --username_db=DATABASE_USERNAME
   database username
--dbp --password_db=DATABASE_PASSWORD
   database password
--dbd --database=DATABASE_NAME
   database name
Additional info : run script as a root!
EOT
}

sub check_input {
    Getopt::Long::Configure ("bundling");
    GetOptions(
        'help'    => \$help,
        'u=s'     => \$new_nagios_user,           'nagios_user:s'    => \$new_nagios_user,
        'dbu=s'   => \$username_db,               'username_db:s'    => \$username_db,
        'dbp=s'   => \$password_db,               'password_db:s'    => \$password_db,
        'dbd=s'   => \$database,                   'database:s'      => \$database
    );

if ($help) { help(); exit; }
if (!defined($new_nagios_user))
    { print "Put new username nagios to create! (-h for help)\n"; usage(); exit;}
if (!defined($username_db) || !defined($password_db))
    { print "Put database login or password info! (-h for help)\n"; usage(); exit;}
if (!defined($database))
    { print "Put database name! (-h for help)\n"; usage(); exit;}
}

######### MAIN PROGRAM

check_input();

######### Connect to merlin database
print "Checking connection to database $database\n";
connect_db_merlin();

######### Duplicate user field on <YOUR_NAGIOS_SERVER> in /opt/nagios/etc/htpasswd.users
print "Duplicate user entry in file $htpasswd_directory$htpasswd_file\n";
duplicate_htpasswd($new_nagios_user);

######### Adding authorization to file /opt/nagios/etc/cgi.cfg
print "Adding authorizations for new user to file $nagios_cgi_directory$nagios_cgi_cfg_file\n";
duplicate_st1monms2_cgi($new_nagios_user);

######### Restarting nagios
print "Restarting nagios... please wait\n";
restart_nagios();

######### Adding records to database
print "Adding records to database\n";
merlin_db_operations($new_nagios_user);

######### Disconnect from database
print "Disconnect from database\n";
$dbh->disconnect();