WIP

12 files changed, 229 insertions, 0 deletions

diff --git a/modules-available/webinterface/config.json b/modules-available/webinterface/config.json
new file mode 100644
index 00000000..6c189b63
--- /dev/null
+++ b/modules-available/webinterface/config.json
@@ -0,0 +1,4 @@
+{
+	"category":"main.content",
+	"enabled":"true"
+}
diff --git a/modules-available/webinterface/lang/de/templates/httpd-restart.json b/modules-available/webinterface/lang/de/templates/httpd-restart.json
new file mode 100644
index 00000000..e995a251
--- /dev/null
+++ b/modules-available/webinterface/lang/de/templates/httpd-restart.json
@@ -0,0 +1,4 @@
+{
+    "lang_applyingSettings": "Anwenden der Einstellungen",
+    "lang_installAndRestart": "Zertifikat installieren und Webserver neustarten"
+}
\ No newline at end of file
diff --git a/modules-available/webinterface/lang/de/templates/https.json b/modules-available/webinterface/lang/de/templates/https.json
new file mode 100644
index 00000000..621343e3
--- /dev/null
+++ b/modules-available/webinterface/lang/de/templates/https.json
@@ -0,0 +1,12 @@
+{
+    "lang_HttpsIsDisabled": "HTTPS ist derzeit deaktiviert",
+    "lang_caChain": "Optional k\u00f6nnen Sie hier die zum Zertifikat geh\u00f6rende Zertifikatkette (CA-Chain) einf\u00fcgen. Dies wird ben\u00f6tigt, wenn das Zertifikat nicht direkt von einer der in Browsern mitgeliferten CAs signiert wurde. Die Datei enth\u00e4lt ein oder meherere Zertifikatsbl\u00f6cke, im gleichen Format wie das oben gezeigte Zertifikat.",
+    "lang_certificate": "Bitte f\u00fcgen Sie hier das Zertifikat ein. Das Zertifikat wird im Base64-codierten x509-Format erwartet (manchmal pem genannt). Es sieht in etwa wie folgt aus:",
+    "lang_customCert": "Eigenes Zertifikat verwenden",
+    "lang_description": "Hier k\u00f6nnen Sie festlegen, ob das Web-Interface auch per HTTPS erreichbar sein soll, und welches Zertifikat daf\u00fcr verwendet werden soll.",
+    "lang_httpsSettings": "HTTPS-Konfiguration",
+    "lang_noHttps": "HTTPS wieder deaktivieren, aktuelles Zertifikat l\u00f6schen",
+    "lang_privateKey": "Bitte f\u00fcgen Sie hier den privaten Schl\u00fcssel ein, der zum obigen Zertifikat geh\u00f6rt. Er muss ebenfalls im \"pem\"-Format vorliegen, und sieht wie folgt aus:",
+    "lang_randomCert": "Neues selbstsigniertes Zertifikat generieren",
+    "lang_save": "Speichern"
+}
\ No newline at end of file
diff --git a/modules-available/webinterface/lang/de/templates/passwords.json b/modules-available/webinterface/lang/de/templates/passwords.json
new file mode 100644
index 00000000..17c156c3
--- /dev/null
+++ b/modules-available/webinterface/lang/de/templates/passwords.json
@@ -0,0 +1,7 @@
+{
+    "lang_description": "Legen Sie fest, ob Passwortfelder in der Web-Schnittstelle maskiert werden, oder ob Ihr Inhalt sichtbar sein soll. Wenn Sie die Schnittstelle in einer sicheren Umgebung nutzen (keine neugierigen Augen), kann dies den Komfort erh\u00f6hen. Das Passwortfeld der Anmeldemaske ist von dieser Einstellung ausgenommen.",
+    "lang_hidePasswords": "Passw\u00f6rter maskieren",
+    "lang_passwordFields": "Passwortfelder",
+    "lang_save": "Speichern",
+    "lang_showPasswords": "Passw\u00f6rter anzeigen"
+}
\ No newline at end of file
diff --git a/modules-available/webinterface/lang/en/module.json b/modules-available/webinterface/lang/en/module.json
new file mode 100644
index 00000000..dde5ac86
--- /dev/null
+++ b/modules-available/webinterface/lang/en/module.json
@@ -0,0 +1,3 @@
+{
+    "module_name": "Web Interface"
+}
\ No newline at end of file
diff --git a/modules-available/webinterface/lang/en/templates/httpd-restart.json b/modules-available/webinterface/lang/en/templates/httpd-restart.json
new file mode 100644
index 00000000..0a7d4aea
--- /dev/null
+++ b/modules-available/webinterface/lang/en/templates/httpd-restart.json
@@ -0,0 +1,4 @@
+{
+    "lang_applyingSettings": "Applying settings",
+    "lang_installAndRestart": "Installing certificate and restarting web server"
+}
\ No newline at end of file
diff --git a/modules-available/webinterface/lang/en/templates/https.json b/modules-available/webinterface/lang/en/templates/https.json
new file mode 100644
index 00000000..64631a9a
--- /dev/null
+++ b/modules-available/webinterface/lang/en/templates/https.json
@@ -0,0 +1,12 @@
+{
+    "lang_HttpsIsDisabled": "HTTPS is currently disabled",
+    "lang_caChain": "Here you can paste an optional certificate chain. It should only be required if you have a certificate that was not directly signed by a certificate authority known by the browsers. It should contain one or more certificate blocks, looking just like the certificate above.",
+    "lang_certificate": "Please paste your certificate below. It has to be in base64 encoded x509 format (sometimes called pem). It should look something like this:",
+    "lang_customCert": "Supply own certificate",
+    "lang_description": "Here you can set whether the web interface should be accessible via https. You can chose if you want to use a random self signed certificate, or supply your own.",
+    "lang_httpsSettings": "HTTPS settings",
+    "lang_noHttps": "Disable HTTPS, delete current certificate",
+    "lang_privateKey": "Please paste the private key belonging to the certificate here. It has to be in \"pem\" format too, which should look like this:",
+    "lang_randomCert": "Genenrate new self-signed certificate",
+    "lang_save": "Save"
+}
\ No newline at end of file
diff --git a/modules-available/webinterface/lang/en/templates/passwords.json b/modules-available/webinterface/lang/en/templates/passwords.json
new file mode 100644
index 00000000..2db88ae2
--- /dev/null
+++ b/modules-available/webinterface/lang/en/templates/passwords.json
@@ -0,0 +1,7 @@
+{
+    "lang_description": "Set whether password fields should be masked or not. The password field of the login page to the web interface is always masked.",
+    "lang_hidePasswords": "Mask passwords",
+    "lang_passwordFields": "Password fields",
+    "lang_save": "Save",
+    "lang_showPasswords": "Show passwords"
+}
\ No newline at end of file
diff --git a/modules-available/webinterface/page.inc.php b/modules-available/webinterface/page.inc.php
new file mode 100644
index 00000000..c301dec9
--- /dev/null
+++ b/modules-available/webinterface/page.inc.php
@@ -0,0 +1,85 @@
+<?php
+
+class Page_WebInterface extends Page
+{
+
+	protected function doPreprocess()
+	{
+		User::load();
+		if (!User::hasPermission('superadmin')) {
+			Message::addError('no-permission');
+			Util::redirect('?do=Main');
+		}
+		switch (Request::post('action')) {
+			case 'https':
+				$this->actionConfigureHttps();
+				break;
+			case 'password':
+				$this->actionShowHidePassword();
+				break;
+		}
+	}
+
+	private function actionConfigureHttps()
+	{
+		$task = false;
+		switch (Request::post('mode')) {
+			case 'off':
+				$task = $this->setHttpsOff();
+				break;
+			case 'random':
+				$task = $this->setHttpsRandomCert();
+				break;
+			case 'custom':
+				$task = $this->setHttpsCustomCert();
+				break;
+		}
+		if (isset($task['id'])) {
+			Session::set('https-id', $task['id']);
+			Util::redirect('?do=WebInterface&show=httpsupdate');
+		}
+	}
+	
+	private function actionShowHidePassword()
+	{
+		Property::setPasswordFieldType(Request::post('mode') === 'show' ? 'text' : 'password');
+		Util::redirect('?do=WebInterface');
+	}
+
+	protected function doRender()
+	{
+		Render::setTitle(Dictionary::translate('lang_titleWebinterface'));
+		if (Request::get('show') === 'httpsupdate') {
+			Render::addTemplate('httpd-restart', array('taskid' => Session::get('https-id')));
+		}
+		Render::addTemplate('https', array('httpsEnabled' => file_exists('/etc/lighttpd/server.pem')));
+		$data = array();
+		if (Property::getPasswordFieldType() === 'text')
+			$data['selected_show'] = 'checked';
+		else
+			$data['selected_hide'] = 'checked';
+		Render::addTemplate('passwords', $data);
+	}
+
+	private function setHttpsOff()
+	{
+		return Taskmanager::submit('LighttpdHttps', array());
+	}
+
+	private function setHttpsRandomCert()
+	{
+		return Taskmanager::submit('LighttpdHttps', array(
+				'proxyip' => Property::getServerIp()
+		));
+	}
+
+	private function setHttpsCustomCert()
+	{
+		return Taskmanager::submit('LighttpdHttps', array(
+				'importcert' => Request::post('certificate', 'bla'),
+				'importkey' => Request::post('privatekey', 'bla'),
+				'importchain' => Request::post('cachain', '')
+		));
+	}
+
+}
diff --git a/modules-available/webinterface/templates/httpd-restart.html b/modules-available/webinterface/templates/httpd-restart.html
new file mode 100644
index 00000000..cc84aafb
--- /dev/null
+++ b/modules-available/webinterface/templates/httpd-restart.html
@@ -0,0 +1,6 @@
+<div class="panel panel-default">
+	<div class="panel-heading">{{lang_applyingSettings}}</div>
+	<div class="panel-body">
+		<div data-tm-id="{{taskid}}" data-tm-log="error">{{lang_installAndRestart}}</div>
+	</div>
+</div>
diff --git a/modules-available/webinterface/templates/https.html b/modules-available/webinterface/templates/https.html
new file mode 100644
index 00000000..c6161cd6
--- /dev/null
+++ b/modules-available/webinterface/templates/https.html
@@ -0,0 +1,60 @@
+<form action="?do=WebInterface" method="post">
+	<input type="hidden" name="token" value="{{token}}">
+	<input type="hidden" name="action" value="https">
+	<div class="panel panel-default">
+		<div class="panel-heading">{{lang_httpsSettings}}</div>
+		<div class="panel-body">
+			<p>{{lang_description}}</p>
+			{{^httpsEnabled}}
+			<p>{{lang_HttpsIsDisabled}}</p>
+			{{/httpsEnabled}}
+			{{#httpsEnabled}}
+			<div class="input-group" onclick="$('#moff').prop('checked', true);
+					$('#wcustom').hide()">
+				<span class="input-group-addon"><input id="moff" type="radio" name="mode" value="off"></span>
+				<span class="form-control">
+					{{lang_noHttps}}
+				</span>
+			</div>
+			{{/httpsEnabled}}
+			<div class="input-group" onclick="$('#mrandom').prop('checked', true);
+					$('#wcustom').hide()">
+				<span class="input-group-addon"><input id="mrandom" type="radio" name="mode" value="random"></span>
+				<span class="form-control">
+					{{lang_randomCert}}
+				</span>
+			</div>
+			<div class="input-group" onclick="$('#mcustom').prop('checked', true);
+					$('#wcustom').show()">
+				<span class="input-group-addon"><input id="mcustom" type="radio" name="mode" value="custom"></span>
+				<span class="form-control">
+					{{lang_customCert}}
+				</span>
+			</div>
+			<div class="well well-sm" style="display:none" id="wcustom">
+				{{lang_certificate}}
+				<pre class="small">
+-----BEGIN CERTIFICATE-----
+MIIFfTCCA...
+.....
+-----END CERTIFICATE-----</pre>
+				<textarea name="certificate" class="form-control small" cols="101" rows="10"></textarea>
+				<hr>
+				{{lang_privateKey}}
+				<pre class="small">
+-----BEGIN PRIVATE KEY-----
+MIIFfTCCA...
+.....
+-----END PRIVATE KEY-----</pre>
+				<textarea name="privatekey" class="form-control small" cols="101" rows="10"></textarea>
+				<hr>
+				{{lang_caChain}}
+				<textarea name="cachain" class="form-control small" cols="101" rows="10"></textarea>
+				<hr>
+			</div>
+			<div class="pull-right">
+				<button type="submit" class="btn btn-primary">{{lang_save}}</button>
+			</div>
+		</div>
+	</div>
+</form>
diff --git a/modules-available/webinterface/templates/passwords.html b/modules-available/webinterface/templates/passwords.html
new file mode 100644
index 00000000..f9fda016
--- /dev/null
+++ b/modules-available/webinterface/templates/passwords.html
@@ -0,0 +1,25 @@
+<form action="?do=WebInterface" method="post">
+	<input type="hidden" name="token" value="{{token}}">
+	<input type="hidden" name="action" value="password">
+	<div class="panel panel-default">
+		<div class="panel-heading">{{lang_passwordFields}}</div>
+		<div class="panel-body">
+			<p>{{lang_description}}</p>
+			<div class="input-group" onclick="$('#pmshow').prop('checked', true)">
+				<span class="input-group-addon"><input id="pmshow" type="radio" name="mode" value="show" {{selected_show}}></span>
+				<span class="form-control">
+					{{lang_showPasswords}}
+				</span>
+			</div>
+			<div class="input-group" onclick="$('#pmhide').prop('checked', true)">
+				<span class="input-group-addon"><input id="pmhide" type="radio" name="mode" value="hide" {{selected_hide}}></span>
+				<span class="form-control">
+					{{lang_hidePasswords}}
+				</span>
+			</div>
+			<div class="pull-right">
+				<button type="submit" class="btn btn-primary">{{lang_save}}</button>
+			</div>
+		</div>
+	</div>
+</form>