<?php
$glob3 = 'globale Variable 3';
$name = 'testname';
$logedIn = true;
class Page_usblockoff extends Page
{
/**
* Called before any page rendering happens - early hook to check parameters etc.
*/
protected function doPreprocess()
{
User::load();
if (!User::isLoggedIn()) {
Message::addError('main.no-permission');
Util::redirect('?do=Main'); // does not return
}
$this->action = Request::any('action');
if ($this->action === 'updateConfig') {
$this->updateConfig();
} elseif ($this->action === 'deleteConfig') {
$this->deleteConfig();
}
}
/**
* Menu etc. has already been generated, now it's time to generate page content.
*/
protected function doRender()
{
$show = Request::get("show", "config-table");
if ($show === "config-table") {
$this->loadConfigChooser();
} else if ($show === "edit-config") {
$configid = Request::get("configid", "");
$configName = Database::queryFirst("SELECT configname FROM `usb_configs` WHERE configid=:id", array(
'id' => $configid
));
$rulesConfigHtml = $this->loadRulesConfig($configid);
$daemonConfigHtml = $this->loadDaemonConfig($configid);
Render::addTemplate('usb-edit-config', array(
'configid' => $configid,
'configName' => $configName['configname'],
'rulesConfigHtml' => $rulesConfigHtml,
'daemonConfigHtml' => $daemonConfigHtml
));
}
}
protected function loadConfigChooser()
{
$dbquery = Database::simpleQuery("SELECT configid, configname FROM `usb_configs`");
$configs = array();
while ($dbentry = $dbquery->fetch(PDO::FETCH_ASSOC)) {
$config['config_id'] = $dbentry['configid'];
$config['config_name'] = $dbentry['configname'];
$configs[] = $config;
}
Render::addTemplate('usb-configuration-table', array('config_list' => array_values($configs)));
}
protected function deleteConfig()
{
$configID = Request::any('id', 0, 'int');
if ($configID != 0) {
Database::exec("DELETE FROM `usb_configs` WHERE configid=:configid", array('configid' => $configID));
}
Message::addSuccess('config-deleted');
Util::redirect('?do=usblockoff');
}
protected function updateConfig()
{
$result['saveAsNewConfig'] = Request::post('saveAsNewConfig', false, 'bool');
// Add new settings in usbguard-daemon.conf here:
$result['RuleFile'] = Request::post('RuleFile', '', 'string');
$result['ImplicitPolicyTarget'] = Request::post('ImplicitPolicyTarget', '', 'string');
$result['PresentDevicePolicy'] = Request::post('PresentDevicePolicy', '', 'string');
$result['PresentControllerPolicy'] = Request::post('PresentControllerPolicy', '', 'string');
$result['InsertedDevicePolicy'] = Request::post('InsertedDevicePolicy', '', 'string');
$result['RestoreControllerDeviceState'] = Request::post('RestoreControllerDeviceState', '', 'string');
$result['DeviceManagerBackend'] = Request::post('DeviceManagerBackend', '', 'string');
$result['IPCAllowedUsers'] = Request::post('IPCAllowedUsers', '', 'string');
$result['IPCAllowedGroups'] = Request::post('IPCAllowedGroups', '', 'string');
$result['IPCAccessControlFiles'] = Request::post('IPCAccessControlFiles', '', 'string');
$result['DeviceRulesWithPort'] = Request::post('DeviceRulesWithPort', '', 'string');
$result['AuditFilePath'] = Request::post('AuditFilePath', '', 'string');
$result['rules'] = Request::post('rules', '', 'string');
$id = Request::post('id', 0, 'int');
$configname = Request::post('configName', '', 'string');
$dbquery = Database::queryFirst("SELECT * FROM `usb_configs` WHERE configid=:id", array('id' => $id));
// Load daemon.conf from db else load default
if ($dbquery !== false) {
$daemonConf = explode("\r\n", $dbquery['daemonconfig']);
} else {
$currentdir = getcwd();
$file = $currentdir . '/modules/usblockoff/inc/default-configs/usbguard-daemon.conf';
$daemonConf = file($file);
}
$newDaemonConf = array();
foreach ($daemonConf as $line) {
$t_line = trim($line, "\r\n");
if ($t_line == '' || $t_line[0] == '#') {
$newDaemonConf[] = $line . "\r\n";
continue;
} else {
$splitstr = explode('=', $line);
$splitstr[1] = $result[$splitstr[0]];
$newDaemonConf[] = implode('=', $splitstr) . "\r\n";
}
}
// INSERT IN DB
if ($id == '0' || $result['saveAsNewConfig']) {
$dbquery = Database::exec("INSERT INTO `usb_configs` (configname, rulesconfig, daemonconfig) VALUES (:configname, :rulesconfig, :daemonconfig)",
array('configname' => $configname,
'rulesconfig' => $result['rules'],
'daemonconfig' => implode($newDaemonConf)));
} else {
$dbquery = Database::exec("UPDATE `usb_configs` SET configname=:configname, rulesconfig=:rulesconfig, daemonconfig=:daemonconfig WHERE configid=:configid",
array('configid' => $id,
'configname' => $configname,
'rulesconfig' => $result['rules'],
'daemonconfig' => implode($newDaemonConf)));
}
Message::addSuccess('config-saved');
}
private function loadRulesConfig($id) {
$rulesConf = null;
if ($id == 0) {
$currentdir = getcwd();
$rulesConf = file_get_contents($currentdir . '/modules/usblockoff/inc/default-configs/rules.conf');
} else {
$dbquery = Database::queryFirst("SELECT * FROM `usb_configs` WHERE configid=:id", array('id' => $id));
$rulesConf = $dbquery['rulesconfig'];
}
return Render::parse('usb-rules-config', array(
'rules' => $rulesConf,
));
}
private function loadDaemonConfig($id)
{
$form = array();
$rulesConf = null;
if ($id == 0) {
$currentdir = getcwd();
$daemonConf = file($currentdir . '/modules/usblockoff/inc/default-configs/usbguard-daemon.conf');
} else {
$dbquery = Database::queryFirst("SELECT * FROM `usb_configs` WHERE configid=:id", array('id' => $id));
$daemonConf = explode("\r\n", $dbquery['daemonconfig']);
}
$element = array();
$hlptxt = '';
foreach ($daemonConf as $line) {
$t_line = trim($line, "\r\n");
if ($t_line == '#' || $t_line == '' || strpos($t_line, '#!!!') !== false) {
continue;
} elseif ($t_line[0] == '#') {
$ttxt = trim($line, "#");
$hlptxt .= $ttxt . '<br>';
} else {
$splitstr = explode('=', $t_line);
$element['name'] = $splitstr[0];
$element['value'] = $splitstr[1];
$element['helptext'] = $hlptxt;
$form[] = $element;
$hlptxt = '';
}
}
return Render::parse('usb-daemon-config', array(
'list' => array_values($form),
));
}
/**
* AJAX
*/
protected function doAjax()
{
User::load();
if (!User::isLoggedIn()) {
die('Unauthorized');
}
$action = Request::any('action');
if ($action === 'deviceList') {
$this->ajaxDeviceList();
} elseif ($action === 'genericRuleBuilder') {
$this->ajaxGenericRuleBuilder();
}
}
private function ajaxGenericRuleBuilder() {
$settings = array();
// TODO: Translate Operator Action etc..
$setting = array();
$setting['title'] = "Action";
$setting['select_list'] = array(array(
'option' => 'allow',
'active' => true,
),
array(
'option' => 'block',
'active' => false,
),
array(
'option' => 'reject',
'active' => false,
));
$setting['helptext'] = array('helptext' => Dictionary::translateFile('rule', 'abr_helptext'));
$setting['property'] = 'action';
$setting['settingHtml'] = Render::parse('server-prop-dropdown', (array)$setting);
$settings[] = $setting;
echo Render::parse('usb-add-generic-rule', array(
'settings' => array_values($settings),
));
}
private function ajaxDeviceList()
{
$usbdevices = $this->getUsbDeviceList();
// TODO: Translate Operator Action etc..
$settings = array();
$setting = array();
$setting['title'] = "Action";
$setting['select_list'] = array(array(
'option' => 'allow',
'active' => true,
),
array(
'option' => 'block',
'active' => false,
),
array(
'option' => 'reject',
'active' => false,
));
$setting['helptext'] = array('helptext' => Dictionary::translateFile('rule', 'abr_helptext'));
$setting['property'] = 'action';
$setting['settingHtml'] = Render::parse('server-prop-dropdown', (array)$setting);
$settings[] = $setting;
$ruleValues = array('id' => true,
'serial' => true,
'name' => true,
'hash' => false,
'parent-hash' => false,
'via-port' => false,
'with-interface' => false,
'interface-policy' => false);
foreach ($ruleValues as $key => $value) {
$settings[] = array(
'settingHtml' => Render::parse('server-prop-bool', array('title' => Dictionary::translateFile('rule', $key),
'helptext' => array('helptext' => Dictionary::translateFile('rule', $key . "_helptext")),
'property' => $key,
'currentvalue' => $value)),
);
}
echo Render::parse('usb-device-list', array(
'list' => array_values($usbdevices),
'settings' => array_values($settings)
));
}
private function getUsbDeviceList() {
$usbdevices = array();
// TODO: Per USB Device 3 querys are executed.. better build a more complex sql query?
$uid = 0;
$dbquery = Database::simpleQuery("SELECT * FROM `usblockoff_hw`");
while ($entry = $dbquery->fetch(PDO::FETCH_ASSOC)) {
$device = array();
// Get all props from the hw table.
$dbquery2 = Database::simpleQuery("SELECT * FROM `statistic_hw_prop` WHERE hwid=:hwid", array(
'hwid' => $entry['hwid']
));
while ($prop = $dbquery2->fetch(PDO::FETCH_ASSOC)) {
$device[$prop['prop']] = $prop['value'];
}
// Get all props from the device table.
$dbquery3 = Database::simpleQuery("SELECT * FROM `usblockoff_hw_prop` WHERE hwid=:hwid AND serial=:serial", array(
'hwid' => $entry['hwid'],
'serial' => $entry['serial']
));
while ($prop = $dbquery3->fetch(PDO::FETCH_ASSOC)) {
$device[$prop['prop']] = $prop['value'];
}
if (!empty($device['machineuuid'])) {
$locationquery = Database::queryFirst("SELECT l.locationname AS 'name', m.clientip AS 'ip' FROM machine AS m JOIN location AS l ON l.locationid=m.locationid
WHERE m.machineuuid=:machineuuid", array('machineuuid' => $entry['machineuuid']));
$device['clientip'] = $locationquery['ip'];
$device['location'] = $locationquery['name'];
}
$device['uid'] = ++$uid;
$device['id'] = $device['vendorid'] . ":" . $device['productid'];
$device['serial'] = $entry['serial'];
$device['date'] = date('d.m.Y', $device['lastseen']);
$device['time'] = date('G:i', $device['lastseen']);
$usbdevices[] = $device;
}
return $usbdevices;
}
}