diff options
author | Nils Schwabe | 2014-06-04 14:27:03 +0200 |
---|---|---|
committer | Nils Schwabe | 2014-06-04 14:27:03 +0200 |
commit | 155cf6aeea9ba7ecbc39face6442d3ce1b03ad8e (patch) | |
tree | 1dcc8354eaf6ce216461fc434d9c1a6a67559914 /management-interface/api | |
parent | Improve login (diff) | |
download | masterserver-155cf6aeea9ba7ecbc39face6442d3ce1b03ad8e.tar.gz masterserver-155cf6aeea9ba7ecbc39face6442d3ce1b03ad8e.tar.xz masterserver-155cf6aeea9ba7ecbc39face6442d3ce1b03ad8e.zip |
Add webinterface with functionallity
Diffstat (limited to 'management-interface/api')
-rw-r--r-- | management-interface/api/.htaccess | 1 | ||||
-rw-r--r-- | management-interface/api/models/.htaccess | 1 | ||||
-rw-r--r-- | management-interface/api/models/Home.php | 21 | ||||
-rw-r--r-- | management-interface/api/models/Master.php | 54 | ||||
-rw-r--r-- | management-interface/api/models/Satellites.php | 203 | ||||
-rw-r--r-- | management-interface/api/models/Template.php | 13 | ||||
-rw-r--r-- | management-interface/api/models/Users.php | 22 |
7 files changed, 291 insertions, 24 deletions
diff --git a/management-interface/api/.htaccess b/management-interface/api/.htaccess new file mode 100644 index 0000000..8d2f256 --- /dev/null +++ b/management-interface/api/.htaccess @@ -0,0 +1 @@ +deny from all diff --git a/management-interface/api/models/.htaccess b/management-interface/api/models/.htaccess new file mode 100644 index 0000000..8d2f256 --- /dev/null +++ b/management-interface/api/models/.htaccess @@ -0,0 +1 @@ +deny from all diff --git a/management-interface/api/models/Home.php b/management-interface/api/models/Home.php new file mode 100644 index 0000000..6fd384e --- /dev/null +++ b/management-interface/api/models/Home.php @@ -0,0 +1,21 @@ +<?php + +class Home { + + public function __construct() { + } + + public function tabHome($f3) { + // one command is 'sh -c' and the other command is 'grep' + // so we need more than two commands to find the server + if (shell_exec('ps aux | grep "org.openslx.imagemaster.App" | wc -l') > 2) { + $f3->set('serverstatus', true); + } else { + $f3->set('serverstatus', false); + } + // now render the view + echo Template::instance()->render('views/home.htm'); + } +} + +?> diff --git a/management-interface/api/models/Master.php b/management-interface/api/models/Master.php index 0566b0a..75b76f2 100644 --- a/management-interface/api/models/Master.php +++ b/management-interface/api/models/Master.php @@ -26,23 +26,27 @@ class Master { echo $this->view->render('template/header.php'); - echo $this->view->render('views/menu.php'); + echo $this->view->render('template/menu.php'); if (!empty($f3->get('message'))) { echo $this->view->render('template/message.php'); } + + // DEBUG !!!! + echo $this->view->render('template/requestdump.php'); - // if we want to list the users: + // let the module choose what to render if ($f3->get('_module') === 'users') { - $this->tabUsers($f3); + (new Users)->tabUsers($f3); } else if($f3->get('_module') === 'home') { - $this->tabHome($f3); + (new Home)->tabHome($f3); } else if ($f3->get('_module') === 'satellites') { - $this->tabSatellite($f3); + (new Satellites)->tabSatellites($f3); + } else { + // if module is not available, display the views/_module.htm + echo Template::instance()->render('views/'.$f3->get('_module').'.htm'); } - echo Template::instance()->render('views/' . $f3->get('_module') . '.htm'); - echo $this->view->render('template/footer.php'); } @@ -55,7 +59,7 @@ class Master { $f3->reroute('@module(@m=home)'); } else { $f3->set('message', 'Login invalid.'); - $f3->reroute('@module(@m=home)'); + $f3->reroute('@module(@m=login)'); } } @@ -64,27 +68,29 @@ class Master { $f3->set('message', 'Logout successful'); $f3->set('loggedin', false); $f3->set('username', 'Guest'); - $this->parse($f3, array('m' => 'login')); - } - - private function tabUsers($f3) { - $f3->set('result',$f3->get('DB')->exec('SELECT userid, username, organization, firstname, lastname, email, lastlogin FROM user')); + $this->parse($f3, array('m' => 'home')); } - private function tabHome($f3) { - // one command is 'sh -c' and the other command is 'grep' - // so we need more than two commands to find the server - if (shell_exec('ps aux | grep "org.openslx.imagemaster.App" | wc -l') > 2) { - $f3->set('serverstatus', true); + public function saveSatellite($f3, $organization, $address, $name, $prefix, $publickey) { + // first save the satellite, then parse the site + $msg = (new Satellites)->save($f3, $organization, $address, $name, $prefix, $publickey); + if ($msg === '') { + $f3->set('action', 'done'); } else { - $f3->set('serverstatus', false); + $f3->set('message', $msg); } + $this->parse($f3, array('m' => 'satellites')); } - - private function tabSatellite($f3) { - $f3->set('result', $f3->get('DB')->exec('SELECT organization, address, name, prefix, publickey FROM satellite')); + + public function newSatellite($f3, $organization, $address, $name, $prefix, $publickey) { + // first save then parse + $msg = (new Satellites)->saveNew($f3, $organization, $address, $name, $prefix, $publickey); + if ($msg === '') { + $f3->set('action', 'done'); + } else { + $f3->set('message', $msg); + } + $this->parse($f3, array('m' => 'satellites')); } - } - ?> diff --git a/management-interface/api/models/Satellites.php b/management-interface/api/models/Satellites.php new file mode 100644 index 0000000..456d74b --- /dev/null +++ b/management-interface/api/models/Satellites.php @@ -0,0 +1,203 @@ +<?php +/** + * Renders the satellite tab +*/ +class Satellites { + + public function __construct() { + + } + + public function tabSatellites($f3) { + $this->action($f3); + + // load items for table + if (isset($f3->get('GET')['order'])) { + $order = $f3->get('GET')['order']; + if ($order != 'organization' && $order != 'address' && $order != 'name' && $order != 'prefix') { + $order = 'prefix'; + } + } else { + $order = 'prefix'; + } + + if (isset($f3->get('GET')['di'])) { + $di = $f3->get('GET')['di']; + $di = ($di === 'asc')? 'ASC':'DESC'; + } else { + $di = 'ASC'; + } + + $f3->set('order', $order); + $f3->set('di', $di); + $f3->set('result', $f3->get('DB')->exec('SELECT organization, address, name, prefix, publickey FROM satellite ORDER BY '.$order.' '.$di)); + + if (isset( $f3->get('GET')['prefix'] )) { + $f3->set('prefix', $f3->get('GET')['prefix']); + } else { + $f3->set('prefix', ''); + } + // now render the view + echo Template::instance()->render('views/satellites.htm'); + } + + public function action($f3) { + if ($f3->get('action') === 'done') return; + if (isset( $f3->get('REQUEST')['action'] ) && $f3->get('REQUEST')['action'] === 'new') { + // we want to add a new entry + $f3->set('action', 'new'); + + // set the already entered values if possible + if (isset($f3->get('POST')['organization'])) { + $organization = htmlspecialchars($f3->get('POST')['organization']); + } else { + $organization = ''; + } + + if (isset($f3->get('POST')['address'])) { + $address = htmlspecialchars($f3->get('POST')['address']); + } else { + $address = ''; + } + + if (isset($f3->get('POST')['name'])) { + $name = htmlspecialchars($f3->get('POST')['name']); + } else { + $name= ''; + } + + if (isset($f3->get('POST')['prefix'])) { + $prefix = htmlspecialchars($f3->get('POST')['prefix']); + } else { + $prefix= ''; + } + + if (isset($f3->get('POST')['publickey'])) { + $publickey = htmlspecialchars($f3->get('POST')['publickey']); + } else { + $publickey= ''; + } + + // put all the values into a nice array + $f3->set('new', array( + 'organization' => $organization, + 'address' => $address, + 'name' => $name, + 'prefix' => $prefix, + 'publickey' => $publickey + )); + } else if ((isset( $f3->get('GET')['action'] ) && isset( $f3->get('GET')['prefix'])) + || isset($f3->get('POST')['prefix'])) { + if (isset($f3->get('POST')['prefix'])) { + $action = 'edit'; + $wasSubmit = true; + } else { + $action = $f3->get('GET')['action']; + $wasSubmit = false; + } + $prefix = $f3->get('REQUEST')['prefix']; + + // check if actions and prefixes are valid + if ($action === 'edit') { + if (!$wasSubmit && !$this->checkPrefix($f3, $prefix)) { + $action = ''; + } else { + // get entry from db + $result = $f3->get('DB')->exec('SELECT organization, address, name, prefix, publickey FROM satellite WHERE prefix=?', $prefix); + $f3->set('editprefix', $result[0]); + $f3->set('base64key', base64_encode($f3->get('editprefix')['publickey'])); + } + + if ($wasSubmit) { + $f3->set('editprefix', array( + 'organization' => htmlspecialchars($f3->get('POST')['organization']), + 'address' => htmlspecialchars($f3->get('POST')['address']), + 'name' => htmlspecialchars($f3->get('POST')['name']), + 'prefix' => htmlspecialchars($f3->get('POST')['prefix']), + 'publickey' => htmlspecialchars($f3->get('POST')['publickey']))); + $f3->set('base64key', $f3->get('POST')['publickey']); + + } + } else if ($action === 'delete') { + foreach($prefix as $p) { + if (!$this->checkPrefix($f3, $p)) { + $action = ''; + $msg = 'One or more of your Satellites was not valid.'; + break; // found one invalid prefix --> stop + } else { + $this->deletePrefix($f3, $p); + } + } + } else { + $action = ''; + } + + // action is save + $f3->set('action', $action); + } else { + $f3->set('action', ''); + } + } + + /* + * Checks the prefix against the db and saves the unique result to global variable editprefix + */ + public function checkPrefix($f3, $prefix) { + $result = $f3->get('DB')->exec('SELECT organization, address, name, prefix, publickey FROM satellite WHERE prefix=?', $prefix); + if (sizeof($result) != 1) { + return false; + } + return true; + } + + /* + * Saves a new satellite + */ + public function save($f3, $organization, $address, $name, $prefix, $publickey) { + // check inputs + if (empty($organization) || empty($address) || empty($name) || empty($prefix)) return 'Organization, address, name and prefix must not be empty.'; + if (!preg_match('/^[a-zA-Z-]{3,20}\.[a-zA-Z]{2,3}$/', $organization)) return 'Organization must be in form something.de'; + if (!preg_match('/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$/', $address) + && !preg_match('/^[a-zA-Z-]*\.*[a-zA-Z-]+\.[a-zA-Z]{2,3}$/', $address)) return 'Address must be an ip or hostname.'; + if (!preg_match('/^[\a-zA-ZäüöÄÜÖß \.()-_]*$/', $name)) return "Name must be a string between 0 and 255 characters. (Special chars: ._-())"; + if (!preg_match('/^[a-z]{2,3}$/', $prefix)) return "Prefix must be a string between 2 and 3 characters."; + if (!empty($publickey) && !preg_match('/^(?:[A-Za-z0-9+\/]{4})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?$/', $publickey)) return 'Public key must be base64 encoded'; + + $pubkeybin = base64_decode($publickey); + + // It will not be checked if this prefix is already in use. It is the primary key and an entry that is existing will be overwritten + $result = $f3->get('DB')->exec('UPDATE satellite SET organization=?, address=?, name=?, publickey=? WHERE prefix=?', + array( 1 => $organization, 2 => $address, 3 => $name, 4 => $pubkeybin, 5 => $prefix)); + + if ($result == 1 || $result == 0) return ''; + else return 'Some weird error occured.'; + } + + public function saveNew($f3, $organization, $address, $name, $prefix, $publickey) { + // check inputs + if (empty($organization) || empty($address) || empty($name) || empty($prefix)) return 'Organization, address, name and prefix must not be empty.'; + if (!preg_match('/^[a-zA-Z-]{3,20}\.[a-zA-Z]{2,3}$/', $organization)) return 'Organization must be in form something.de'; + if (!preg_match('/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$/', $address) + && !preg_match('/^[a-zA-Z-]*\.*[a-zA-Z-]+\.[a-zA-Z]{2,3}$/', $address)) return 'Address must be an ip or hostname.'; + if (!preg_match('/^[a-zA-ZäüöÄÜÖß \.()-_]*$/', $name)) return "Name must be a string between 0 and 255 characters. (Special chars: ._-())"; + if (!preg_match('/^[a-z]{2,3}$/', $prefix)) return "Prefix must be a string between 2 and 3 characters."; + if (!empty($publickey) && !preg_match('/^(?:[A-Za-z0-9+\/]{4})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?$/', $publickey)) return 'Public key must be base64 encoded'; + + $pubkeybin = base64_decode($publickey); + + $result = $f3->get('DB')->exec('INSERT INTO satellite SET organization=?, address=?, name=?, publickey=?, prefix=?', + array(1 => $organization, 2 => $address, 3 => $name, 4 => $publickey, 5 => $prefix)); + + if ($result == true) return ''; + else return 'Error while inserting satellite.'; + } + + + public function deletePrefix($f3, $prefix) { + $result = $f3->get('DB')->exec('DELETE FROM satellite WHERE prefix=?', $prefix); + if ($result === 1) return true; + else return false; + } +} + +?> diff --git a/management-interface/api/models/Template.php b/management-interface/api/models/Template.php new file mode 100644 index 0000000..439ab33 --- /dev/null +++ b/management-interface/api/models/Template.php @@ -0,0 +1,13 @@ +<?php + +class Home { + + public function __construct() { + } + + public function tabHome($f3) { + + } +} + +?> diff --git a/management-interface/api/models/Users.php b/management-interface/api/models/Users.php new file mode 100644 index 0000000..f09882b --- /dev/null +++ b/management-interface/api/models/Users.php @@ -0,0 +1,22 @@ +<?php + +class Users { + + public function __construct() { + } + + public function tabUsers($f3) { + if (isset($f3->get('GET')['filter'])) { + $filter = '%'.$f3->get('GET')['filter'].'%'; + $f3->set('result',$f3->get('DB')->exec('SELECT userid, username, organization, firstname, lastname, email, lastlogin FROM user WHERE username LIKE ?', $filter)); + $f3->set('oldFilter', htmlspecialchars($f3->get('GET')['filter'])); + } else { + $f3->set('result',$f3->get('DB')->exec('SELECT userid, username, organization, firstname, lastname, email, lastlogin FROM user')); + $f3->set('oldFilter', ''); + } + // now render the view + echo Template::instance()->render('views/users.htm'); + } +} + +?> |