Initial commit

1 files changed, 234 insertions, 0 deletions

diff --git a/modules-available/usblockoff/page.inc.php b/modules-available/usblockoff/page.inc.php
new file mode 100644
index 00000000..e2effad4
--- /dev/null
+++ b/modules-available/usblockoff/page.inc.php
@@ -0,0 +1,234 @@
+<?php
+$glob3 = 'globale Variable 3';
+$name = 'testname';
+$logedIn = true;
+class Page_usblockoff extends Page {
+
+	/**
+	 * Called before any page rendering happens - early hook to check parameters etc.
+	 */
+	protected function doPreprocess()	{
+		User::load();
+
+		if (!User::isLoggedIn()) {
+			Message::addError('main.no-permission');
+			Util::redirect('?do=Main'); // does not return
+		}
+
+		$this->action = Request::post('action');
+		error_log($this->action);
+
+		if ($this->action === 'updateConfig') {
+			$this->updateConfig();
+		} elseif ($this->action === 'deleteConfig') {
+			$this->deleteConfig();
+		}
+		// elseif ($this->action === 'addDevices') {
+		//	$this->addDevices();
+		//}
+	}
+
+	/**
+	 * Menu etc. has already been generated, now it's time to generate page content.
+	 */
+	protected function doRender()	{
+		$this->loadConfigChooser();
+	}
+
+
+	protected function loadConfigChooser() {
+		$dbquery = Database::simpleQuery("SELECT configid, configname FROM `usb_configs`");
+		$configs = array();
+		while ($dbentry = $dbquery->fetch(PDO::FETCH_ASSOC)) {
+			$config['config_id'] = $dbentry['configid'];
+			$config['config_name'] = $dbentry['configname'];
+			$configs[] = $config;
+		}
+
+		Render::addTemplate('usb-choose-config', array( 'config_list' => array_values($configs)));
+	}
+
+	protected function deleteConfig() {
+		$configID = Request::post('id', 0, 'int');
+
+		if ($configID != 0) {
+			Database::exec("DELETE FROM `usb_configs` WHERE configid=:configid", array('configid' => $configID));
+		}
+
+		Util::redirect('?do=usblockoff');
+	}
+
+	protected function updateConfig() {
+		// Add new settings in usbguard-daemon.conf here:
+		$result['RuleFile'] = Request::post('RuleFile', '', 'string');
+		$result['ImplicitPolicyTarget'] = Request::post('ImplicitPolicyTarget', '', 'string');
+		$result['PresentDevicePolicy'] = Request::post('PresentDevicePolicy', '', 'string');
+		$result['PresentControllerPolicy'] = Request::post('PresentControllerPolicy', '', 'string');
+		$result['InsertedDevicePolicy'] = Request::post('InsertedDevicePolicy', '', 'string');
+		$result['RestoreControllerDeviceState'] = Request::post('RestoreControllerDeviceState', '', 'string');
+		$result['DeviceManagerBackend'] = Request::post('DeviceManagerBackend', '', 'string');
+		$result['IPCAllowedUsers'] = Request::post('IPCAllowedUsers', '', 'string');
+		$result['IPCAllowedGroups'] = Request::post('IPCAllowedGroups', '', 'string');
+		$result['IPCAccessControlFiles'] = Request::post('IPCAccessControlFiles', '', 'string');
+		$result['DeviceRulesWithPort'] = Request::post('DeviceRulesWithPort', '', 'string');
+		$result['AuditFilePath'] = Request::post('AuditFilePath', '', 'string');
+		$result['rules'] = Request::post('rules', '', 'string');
+
+		$id = Request::post('id', 0, 'int');
+		$configname = Request::post('configName', '', 'string');
+		$dbquery = Database::queryFirst("SELECT * FROM `usb_configs` WHERE configid=:id", array('id' => $id));
+
+		// Load daemon.conf from db else load default
+		if ($dbquery !== false) {
+			$daemonConf = explode("\r\n", $dbquery['daemonconfig']);
+		} else {
+			$currentdir = getcwd();
+			$file = $currentdir . '/modules/usblockoff/inc/default-configs/usbguard-daemon.conf';
+			$daemonConf = file($file);
+		}
+		$newDaemonConf = array();
+
+		foreach ($daemonConf as $line) {
+			$t_line = trim($line, "\r\n");
+			if ($t_line == '' || $t_line[0] == '#') {
+				$newDaemonConf[] = $line . "\r\n";
+				continue;
+			} else {
+				$splitstr = explode('=', $line);
+
+			  $splitstr[1] = $result[$splitstr[0]];
+				$newDaemonConf[] = implode('=', $splitstr)."\r\n";
+			}
+		}
+
+		// INSERT IN DB
+		if ($id == '0') {
+			$dbquery = Database::exec("INSERT INTO `usb_configs` (configname, rulesconfig, daemonconfig) VALUES (:configname, :rulesconfig, :daemonconfig)",
+												array('configname' => $configname, 'rulesconfig' => $result['rules'], 'daemonconfig' => implode($newDaemonConf)));
+		} else {
+			$dbquery = Database::exec("UPDATE `usb_configs` SET configname=:configname, rulesconfig=:rulesconfig, daemonconfig=:daemonconfig WHERE configid=:configid",
+												array('configid' => $id,'configname' => $configname, 'rulesconfig' => $result['rules'], 'daemonconfig' => implode($newDaemonConf)));
+		}
+	}
+
+	/**
+	 * AJAX
+	 */
+	protected function doAjax()
+	{
+		User::load();
+		if (!User::isLoggedIn()) {
+			die('Unauthorized');
+		}
+		$action = Request::any('action');
+		if ($action === 'deviceList') {
+			$this->ajaxDeviceList();
+		} elseif ($action === 'loadConfig') {
+			$id = Request::any('id', 0, 'int');
+			$this->ajaxConfig($id);
+		}
+	}
+
+	private function ajaxConfig($id) {
+
+		$form = array();
+		$rulesConf;
+
+		if($id == 0) {
+			$currentdir = getcwd();
+
+			$rulesConf = file_get_contents($currentdir . '/modules/usblockoff/inc/default-configs/rules.conf');
+			$daemonConf = file($currentdir . '/modules/usblockoff/inc/default-configs/usbguard-daemon.conf');
+		} else {
+			$dbquery = Database::queryFirst("SELECT * FROM `usb_configs` WHERE configid=:id", array('id' => $id));
+			$daemonConf = explode("\r\n", $dbquery['daemonconfig']);
+			$rulesConf = $dbquery['rulesconfig'];
+		}
+
+		$element = array();
+		$hlptxt = '';
+
+		foreach ($daemonConf as $line) {
+			$t_line = trim($line, "\r\n");
+			if ($t_line == '#' || $t_line == '' || strpos($t_line, '#!!!') !== false) {
+				continue;
+			} elseif ($t_line[0] == '#') {
+				$ttxt = trim($line, "#");
+				$hlptxt .= $ttxt . '<br>';
+			} else {
+				$splitstr = explode('=', $t_line);
+				$element['name'] = $splitstr[0];
+				$element['value'] = $splitstr[1];
+				$element['helptext'] = $hlptxt;
+
+				$form[] = $element;
+				$hlptxt = '';
+			}
+		}
+
+		echo Render::parse('usb-configuration', array(
+			'list' => array_values($form),
+			'rules' => $rulesConf,
+		));
+	}
+
+	private function ajaxDeviceList() {
+
+		$usbdevices = array();
+
+		$dbquery = Database::simpleQuery("SELECT * FROM `usb_devices`");
+		while ($entry = $dbquery->fetch(PDO::FETCH_ASSOC)) {
+			$locationquery = Database::queryFirst("SELECT l.locationname AS 'name', m.clientip AS 'ip' FROM machine AS m JOIN location AS l ON l.locationid=m.locationid
+				 WHERE m.machineuuid=:machineuuid", array( 'machineuuid' => $entry['machineuuid']));
+
+			$device['uid'] = $entry['uid'];
+			$device['id'] = $entry['id'];
+			$device['name'] = $entry['name'];
+			$device['serial'] = $entry['serial'];
+			$device['machineuuid'] = $entry['machineuuid'];
+			$device['user'] = $entry['user'];
+			$device['clientip'] = $locationquery['ip'];
+			$device['date'] = date('d.m.Y', $entry['time']);
+			$device['time'] = date('G:i', $entry['time']);
+			$device['location'] = $locationquery['name'];
+			$ruleInformation = json_decode($entry['ruleInformation'], true);
+			$device['hash'] = $ruleInformation['hash'];
+			$device['parent-hash'] = $ruleInformation['parent-hash'];
+			$device['via-port'] = $ruleInformation['via-port'];
+			$device['with-interface'] = $ruleInformation['with-interface'];
+			$usbdevices[] = $device;
+		}
+
+		$settings = array();
+		$setting = array();
+		$setting['title'] = "Action";
+		$setting['select_list'] =  array(array(
+			'option' => 'allow',
+			'active' => true,
+		), array(
+			'option' => 'block',
+			'active' => false,
+		), array(
+			'option' => 'reject',
+			'active' => false,
+		));
+		$setting['helptext'] = array('helptext' => Dictionary::translateFile('rule', 'abr_helptext'));
+		$setting['property'] = 'action';
+		$setting['settingHtml'] = Render::parse('server-prop-dropdown', (array)$setting);
+		$settings[] = $setting;
+
+		$ruleValues = array('id' => true, 'serial' => true, 'name' => true, 'hash' => false, 'parent-hash' => false, 'via-port' => false, 'with-interface' => false, 'interface-policy' => false);
+		foreach ($ruleValues as $key => $value) {
+			$settings[] = array(
+				'settingHtml' => Render::parse('server-prop-bool', array('title' => Dictionary::translateFile('rule', $key),
+				'helptext' => array('helptext' => Dictionary::translateFile('rule', $key . "_helptext")),
+				 'property' => $key, 'currentvalue' => $value)),
+			 );
+		}
+
+		echo Render::parse('usb-device-list', array(
+			'list' => array_values($usbdevices),
+			'settings' => array_values($settings)
+		));
+	}
+}