diff options
author | root | 2017-11-05 06:08:37 +0100 |
---|---|---|
committer | root | 2017-11-05 06:08:37 +0100 |
commit | 56adda043ed5f4e04c12aec2d6ebbca2372332b8 (patch) | |
tree | 0c584a7264d8435d8c2ceac4d14679fd886627e9 /modules-available/usblockoff/page.inc.php | |
parent | [syslog] Tweak machineuuid index in installer (diff) | |
download | slx-admin-56adda043ed5f4e04c12aec2d6ebbca2372332b8.tar.gz slx-admin-56adda043ed5f4e04c12aec2d6ebbca2372332b8.tar.xz slx-admin-56adda043ed5f4e04c12aec2d6ebbca2372332b8.zip |
Initial commit
Diffstat (limited to 'modules-available/usblockoff/page.inc.php')
-rw-r--r-- | modules-available/usblockoff/page.inc.php | 234 |
1 files changed, 234 insertions, 0 deletions
diff --git a/modules-available/usblockoff/page.inc.php b/modules-available/usblockoff/page.inc.php new file mode 100644 index 00000000..e2effad4 --- /dev/null +++ b/modules-available/usblockoff/page.inc.php @@ -0,0 +1,234 @@ +<?php +$glob3 = 'globale Variable 3'; +$name = 'testname'; +$logedIn = true; +class Page_usblockoff extends Page { + + /** + * Called before any page rendering happens - early hook to check parameters etc. + */ + protected function doPreprocess() { + User::load(); + + if (!User::isLoggedIn()) { + Message::addError('main.no-permission'); + Util::redirect('?do=Main'); // does not return + } + + $this->action = Request::post('action'); + error_log($this->action); + + if ($this->action === 'updateConfig') { + $this->updateConfig(); + } elseif ($this->action === 'deleteConfig') { + $this->deleteConfig(); + } + // elseif ($this->action === 'addDevices') { + // $this->addDevices(); + //} + } + + /** + * Menu etc. has already been generated, now it's time to generate page content. + */ + protected function doRender() { + $this->loadConfigChooser(); + } + + + protected function loadConfigChooser() { + $dbquery = Database::simpleQuery("SELECT configid, configname FROM `usb_configs`"); + $configs = array(); + while ($dbentry = $dbquery->fetch(PDO::FETCH_ASSOC)) { + $config['config_id'] = $dbentry['configid']; + $config['config_name'] = $dbentry['configname']; + $configs[] = $config; + } + + Render::addTemplate('usb-choose-config', array( 'config_list' => array_values($configs))); + } + + protected function deleteConfig() { + $configID = Request::post('id', 0, 'int'); + + if ($configID != 0) { + Database::exec("DELETE FROM `usb_configs` WHERE configid=:configid", array('configid' => $configID)); + } + + Util::redirect('?do=usblockoff'); + } + + protected function updateConfig() { + // Add new settings in usbguard-daemon.conf here: + $result['RuleFile'] = Request::post('RuleFile', '', 'string'); + $result['ImplicitPolicyTarget'] = Request::post('ImplicitPolicyTarget', '', 'string'); + $result['PresentDevicePolicy'] = Request::post('PresentDevicePolicy', '', 'string'); + $result['PresentControllerPolicy'] = Request::post('PresentControllerPolicy', '', 'string'); + $result['InsertedDevicePolicy'] = Request::post('InsertedDevicePolicy', '', 'string'); + $result['RestoreControllerDeviceState'] = Request::post('RestoreControllerDeviceState', '', 'string'); + $result['DeviceManagerBackend'] = Request::post('DeviceManagerBackend', '', 'string'); + $result['IPCAllowedUsers'] = Request::post('IPCAllowedUsers', '', 'string'); + $result['IPCAllowedGroups'] = Request::post('IPCAllowedGroups', '', 'string'); + $result['IPCAccessControlFiles'] = Request::post('IPCAccessControlFiles', '', 'string'); + $result['DeviceRulesWithPort'] = Request::post('DeviceRulesWithPort', '', 'string'); + $result['AuditFilePath'] = Request::post('AuditFilePath', '', 'string'); + $result['rules'] = Request::post('rules', '', 'string'); + + $id = Request::post('id', 0, 'int'); + $configname = Request::post('configName', '', 'string'); + $dbquery = Database::queryFirst("SELECT * FROM `usb_configs` WHERE configid=:id", array('id' => $id)); + + // Load daemon.conf from db else load default + if ($dbquery !== false) { + $daemonConf = explode("\r\n", $dbquery['daemonconfig']); + } else { + $currentdir = getcwd(); + $file = $currentdir . '/modules/usblockoff/inc/default-configs/usbguard-daemon.conf'; + $daemonConf = file($file); + } + $newDaemonConf = array(); + + foreach ($daemonConf as $line) { + $t_line = trim($line, "\r\n"); + if ($t_line == '' || $t_line[0] == '#') { + $newDaemonConf[] = $line . "\r\n"; + continue; + } else { + $splitstr = explode('=', $line); + + $splitstr[1] = $result[$splitstr[0]]; + $newDaemonConf[] = implode('=', $splitstr)."\r\n"; + } + } + + // INSERT IN DB + if ($id == '0') { + $dbquery = Database::exec("INSERT INTO `usb_configs` (configname, rulesconfig, daemonconfig) VALUES (:configname, :rulesconfig, :daemonconfig)", + array('configname' => $configname, 'rulesconfig' => $result['rules'], 'daemonconfig' => implode($newDaemonConf))); + } else { + $dbquery = Database::exec("UPDATE `usb_configs` SET configname=:configname, rulesconfig=:rulesconfig, daemonconfig=:daemonconfig WHERE configid=:configid", + array('configid' => $id,'configname' => $configname, 'rulesconfig' => $result['rules'], 'daemonconfig' => implode($newDaemonConf))); + } + } + + /** + * AJAX + */ + protected function doAjax() + { + User::load(); + if (!User::isLoggedIn()) { + die('Unauthorized'); + } + $action = Request::any('action'); + if ($action === 'deviceList') { + $this->ajaxDeviceList(); + } elseif ($action === 'loadConfig') { + $id = Request::any('id', 0, 'int'); + $this->ajaxConfig($id); + } + } + + private function ajaxConfig($id) { + + $form = array(); + $rulesConf; + + if($id == 0) { + $currentdir = getcwd(); + + $rulesConf = file_get_contents($currentdir . '/modules/usblockoff/inc/default-configs/rules.conf'); + $daemonConf = file($currentdir . '/modules/usblockoff/inc/default-configs/usbguard-daemon.conf'); + } else { + $dbquery = Database::queryFirst("SELECT * FROM `usb_configs` WHERE configid=:id", array('id' => $id)); + $daemonConf = explode("\r\n", $dbquery['daemonconfig']); + $rulesConf = $dbquery['rulesconfig']; + } + + $element = array(); + $hlptxt = ''; + + foreach ($daemonConf as $line) { + $t_line = trim($line, "\r\n"); + if ($t_line == '#' || $t_line == '' || strpos($t_line, '#!!!') !== false) { + continue; + } elseif ($t_line[0] == '#') { + $ttxt = trim($line, "#"); + $hlptxt .= $ttxt . '<br>'; + } else { + $splitstr = explode('=', $t_line); + $element['name'] = $splitstr[0]; + $element['value'] = $splitstr[1]; + $element['helptext'] = $hlptxt; + + $form[] = $element; + $hlptxt = ''; + } + } + + echo Render::parse('usb-configuration', array( + 'list' => array_values($form), + 'rules' => $rulesConf, + )); + } + + private function ajaxDeviceList() { + + $usbdevices = array(); + + $dbquery = Database::simpleQuery("SELECT * FROM `usb_devices`"); + while ($entry = $dbquery->fetch(PDO::FETCH_ASSOC)) { + $locationquery = Database::queryFirst("SELECT l.locationname AS 'name', m.clientip AS 'ip' FROM machine AS m JOIN location AS l ON l.locationid=m.locationid + WHERE m.machineuuid=:machineuuid", array( 'machineuuid' => $entry['machineuuid'])); + + $device['uid'] = $entry['uid']; + $device['id'] = $entry['id']; + $device['name'] = $entry['name']; + $device['serial'] = $entry['serial']; + $device['machineuuid'] = $entry['machineuuid']; + $device['user'] = $entry['user']; + $device['clientip'] = $locationquery['ip']; + $device['date'] = date('d.m.Y', $entry['time']); + $device['time'] = date('G:i', $entry['time']); + $device['location'] = $locationquery['name']; + $ruleInformation = json_decode($entry['ruleInformation'], true); + $device['hash'] = $ruleInformation['hash']; + $device['parent-hash'] = $ruleInformation['parent-hash']; + $device['via-port'] = $ruleInformation['via-port']; + $device['with-interface'] = $ruleInformation['with-interface']; + $usbdevices[] = $device; + } + + $settings = array(); + $setting = array(); + $setting['title'] = "Action"; + $setting['select_list'] = array(array( + 'option' => 'allow', + 'active' => true, + ), array( + 'option' => 'block', + 'active' => false, + ), array( + 'option' => 'reject', + 'active' => false, + )); + $setting['helptext'] = array('helptext' => Dictionary::translateFile('rule', 'abr_helptext')); + $setting['property'] = 'action'; + $setting['settingHtml'] = Render::parse('server-prop-dropdown', (array)$setting); + $settings[] = $setting; + + $ruleValues = array('id' => true, 'serial' => true, 'name' => true, 'hash' => false, 'parent-hash' => false, 'via-port' => false, 'with-interface' => false, 'interface-policy' => false); + foreach ($ruleValues as $key => $value) { + $settings[] = array( + 'settingHtml' => Render::parse('server-prop-bool', array('title' => Dictionary::translateFile('rule', $key), + 'helptext' => array('helptext' => Dictionary::translateFile('rule', $key . "_helptext")), + 'property' => $key, 'currentvalue' => $value)), + ); + } + + echo Render::parse('usb-device-list', array( + 'list' => array_values($usbdevices), + 'settings' => array_values($settings) + )); + } +} |