<?php
$glob3 = 'globale Variable 3';
$name = 'testname';
$logedIn = true;
class Page_usblockoff extends Page
{
/**
* Called before any page rendering happens - early hook to check parameters etc.
*/
protected function doPreprocess()
{
User::load();
if (!User::isLoggedIn()) {
Message::addError('main.no-permission');
Util::redirect('?do=Main'); // does not return
}
$this->action = Request::post('action');
error_log($this->action);
if ($this->action === 'updateConfig') {
$this->updateConfig();
} elseif ($this->action === 'deleteConfig') {
$this->deleteConfig();
}
// elseif ($this->action === 'addDevices') {
// $this->addDevices();
//}
}
/**
* Menu etc. has already been generated, now it's time to generate page content.
*/
protected function doRender()
{
$this->loadConfigChooser();
}
protected function loadConfigChooser()
{
$dbquery = Database::simpleQuery("SELECT configid, configname FROM `usb_configs`");
$configs = array();
while ($dbentry = $dbquery->fetch(PDO::FETCH_ASSOC)) {
$config['config_id'] = $dbentry['configid'];
$config['config_name'] = $dbentry['configname'];
$configs[] = $config;
}
Render::addTemplate('usb-choose-config', array('config_list' => array_values($configs)));
}
protected function deleteConfig()
{
$configID = Request::post('id', 0, 'int');
if ($configID != 0) {
Database::exec("DELETE FROM `usb_configs` WHERE configid=:configid", array('configid' => $configID));
}
Util::redirect('?do=usblockoff');
}
protected function updateConfig()
{
// Add new settings in usbguard-daemon.conf here:
$result['RuleFile'] = Request::post('RuleFile', '', 'string');
$result['ImplicitPolicyTarget'] = Request::post('ImplicitPolicyTarget', '', 'string');
$result['PresentDevicePolicy'] = Request::post('PresentDevicePolicy', '', 'string');
$result['PresentControllerPolicy'] = Request::post('PresentControllerPolicy', '', 'string');
$result['InsertedDevicePolicy'] = Request::post('InsertedDevicePolicy', '', 'string');
$result['RestoreControllerDeviceState'] = Request::post('RestoreControllerDeviceState', '', 'string');
$result['DeviceManagerBackend'] = Request::post('DeviceManagerBackend', '', 'string');
$result['IPCAllowedUsers'] = Request::post('IPCAllowedUsers', '', 'string');
$result['IPCAllowedGroups'] = Request::post('IPCAllowedGroups', '', 'string');
$result['IPCAccessControlFiles'] = Request::post('IPCAccessControlFiles', '', 'string');
$result['DeviceRulesWithPort'] = Request::post('DeviceRulesWithPort', '', 'string');
$result['AuditFilePath'] = Request::post('AuditFilePath', '', 'string');
$result['rules'] = Request::post('rules', '', 'string');
$id = Request::post('id', 0, 'int');
$configname = Request::post('configName', '', 'string');
$dbquery = Database::queryFirst("SELECT * FROM `usb_configs` WHERE configid=:id", array('id' => $id));
// Load daemon.conf from db else load default
if ($dbquery !== false) {
$daemonConf = explode("\r\n", $dbquery['daemonconfig']);
} else {
$currentdir = getcwd();
$file = $currentdir . '/modules/usblockoff/inc/default-configs/usbguard-daemon.conf';
$daemonConf = file($file);
}
$newDaemonConf = array();
foreach ($daemonConf as $line) {
$t_line = trim($line, "\r\n");
if ($t_line == '' || $t_line[0] == '#') {
$newDaemonConf[] = $line . "\r\n";
continue;
} else {
$splitstr = explode('=', $line);
$splitstr[1] = $result[$splitstr[0]];
$newDaemonConf[] = implode('=', $splitstr) . "\r\n";
}
}
// INSERT IN DB
if ($id == '0') {
$dbquery = Database::exec("INSERT INTO `usb_configs` (configname, rulesconfig, daemonconfig) VALUES (:configname, :rulesconfig, :daemonconfig)",
array('configname' => $configname,
'rulesconfig' => $result['rules'],
'daemonconfig' => implode($newDaemonConf)));
} else {
$dbquery = Database::exec("UPDATE `usb_configs` SET configname=:configname, rulesconfig=:rulesconfig, daemonconfig=:daemonconfig WHERE configid=:configid",
array('configid' => $id,
'configname' => $configname,
'rulesconfig' => $result['rules'],
'daemonconfig' => implode($newDaemonConf)));
}
}
/**
* AJAX
*/
protected function doAjax()
{
User::load();
if (!User::isLoggedIn()) {
die('Unauthorized');
}
$action = Request::any('action');
if ($action === 'deviceList') {
$this->ajaxDeviceList();
} elseif ($action === 'loadConfig') {
$id = Request::any('id', 0, 'int');
$this->ajaxConfig($id);
}
}
private function ajaxConfig($id)
{
$form = array();
$rulesConf;
if ($id == 0) {
$currentdir = getcwd();
$rulesConf = file_get_contents($currentdir . '/modules/usblockoff/inc/default-configs/rules.conf');
$daemonConf = file($currentdir . '/modules/usblockoff/inc/default-configs/usbguard-daemon.conf');
} else {
$dbquery = Database::queryFirst("SELECT * FROM `usb_configs` WHERE configid=:id", array('id' => $id));
$daemonConf = explode("\r\n", $dbquery['daemonconfig']);
$rulesConf = $dbquery['rulesconfig'];
}
$element = array();
$hlptxt = '';
foreach ($daemonConf as $line) {
$t_line = trim($line, "\r\n");
if ($t_line == '#' || $t_line == '' || strpos($t_line, '#!!!') !== false) {
continue;
} elseif ($t_line[0] == '#') {
$ttxt = trim($line, "#");
$hlptxt .= $ttxt . '<br>';
} else {
$splitstr = explode('=', $t_line);
$element['name'] = $splitstr[0];
$element['value'] = $splitstr[1];
$element['helptext'] = $hlptxt;
$form[] = $element;
$hlptxt = '';
}
}
echo Render::parse('usb-configuration', array(
'list' => array_values($form),
'rules' => $rulesConf,
));
}
private function ajaxDeviceList()
{
$usbdevices = array();
$dbquery = Database::simpleQuery("SELECT * FROM `usb_devices`");
while ($entry = $dbquery->fetch(PDO::FETCH_ASSOC)) {
$locationquery = Database::queryFirst("SELECT l.locationname AS 'name', m.clientip AS 'ip' FROM machine AS m JOIN location AS l ON l.locationid=m.locationid
WHERE m.machineuuid=:machineuuid", array('machineuuid' => $entry['machineuuid']));
$device['uid'] = $entry['uid'];
$device['id'] = $entry['id'];
$device['name'] = $entry['name'];
$device['serial'] = $entry['serial'];
$device['machineuuid'] = $entry['machineuuid'];
$device['user'] = $entry['user'];
$device['clientip'] = $locationquery['ip'];
$device['date'] = date('d.m.Y', $entry['time']);
$device['time'] = date('G:i', $entry['time']);
$device['location'] = $locationquery['name'];
$ruleInformation = json_decode($entry['ruleInformation'], true);
$device['hash'] = $ruleInformation['hash'];
$device['parent-hash'] = $ruleInformation['parent-hash'];
$device['via-port'] = $ruleInformation['via-port'];
$device['with-interface'] = $ruleInformation['with-interface'];
$usbdevices[] = $device;
}
$settings = array();
$setting = array();
$setting['title'] = "Action";
$setting['select_list'] = array(array(
'option' => 'allow',
'active' => true,
),
array(
'option' => 'block',
'active' => false,
),
array(
'option' => 'reject',
'active' => false,
));
$setting['helptext'] = array('helptext' => Dictionary::translateFile('rule', 'abr_helptext'));
$setting['property'] = 'action';
$setting['settingHtml'] = Render::parse('server-prop-dropdown', (array)$setting);
$settings[] = $setting;
$ruleValues = array('id' => true,
'serial' => true,
'name' => true,
'hash' => false,
'parent-hash' => false,
'via-port' => false,
'with-interface' => false,
'interface-policy' => false);
foreach ($ruleValues as $key => $value) {
$settings[] = array(
'settingHtml' => Render::parse('server-prop-bool', array('title' => Dictionary::translateFile('rule', $key),
'helptext' => array('helptext' => Dictionary::translateFile('rule', $key . "_helptext")),
'property' => $key,
'currentvalue' => $value)),
);
}
echo Render::parse('usb-device-list', array(
'list' => array_values($usbdevices),
'settings' => array_values($settings)
));
}
}
