diff options
Diffstat (limited to 'modules-available/dozmod/pages')
| -rw-r--r-- | modules-available/dozmod/pages/ldapfilters.inc.php | 119 | ||||
| -rw-r--r-- | modules-available/dozmod/pages/networkshares.inc.php | 108 | ||||
| -rw-r--r-- | modules-available/dozmod/pages/runscripts.inc.php | 133 |
3 files changed, 360 insertions, 0 deletions
diff --git a/modules-available/dozmod/pages/ldapfilters.inc.php b/modules-available/dozmod/pages/ldapfilters.inc.php new file mode 100644 index 00000000..d0ae41b8 --- /dev/null +++ b/modules-available/dozmod/pages/ldapfilters.inc.php @@ -0,0 +1,119 @@ +<?php + +class SubPage +{ + private static $show; + + public static function doPreprocess() + { + self::$show = Request::any('show', false, 'string'); + $action = Request::post('action'); + + if ($action === 'deleteFilter') { + User::assertPermission("ldapfilters.save"); + self::deleteLdapFilter(); + } else if ($action === 'saveFilter') { + User::assertPermission("ldapfilters.save"); + self::saveLdapFilter(); + } + User::assertPermission("ldapfilters.view"); + } + + public static function doRender() + { + if (self::$show === false) { + // Get all ldapfilters from the sat db. + $ldapfilters = Database::queryAll("SELECT filterid, filtername, filterkey, filtervalue FROM sat.presetlecturefilter + WHERE filtertype ='LDAP' ORDER BY filtername ASC"); + + $data = array( + 'ldapfilters' => $ldapfilters, + 'hasEditPermission' => User::hasPermission('ldapfilters.save') + ); + + Render::addTemplate('ldapfilters', $data); + } else if (self::$show === 'edit') { + $filterid = Request::get('filterid', false, 'int'); + + if ($filterid === false) { + Render::addTemplate('ldapfilter-add', array( + 'filterid' => 0 + )); + } else { + $ldapfilter = Database::queryFirst("SELECT filterid, filtername, filterkey, filtervalue FROM sat.presetlecturefilter + WHERE filterid = :id AND filtertype = 'LDAP'", array( 'id' => $filterid)); + // TODO: Show error if not exists + + Render::addTemplate('ldapfilter-add', $ldapfilter); + } + } + } + + private static function deleteLdapFilter() { + User::assertPermission('ldapfilters.save'); + $filterid = Request::post('filterid', false, 'int'); + if ($filterid === false) { + Message::addError('ldap-filter-id-missing'); + return; + } + $res = Database::exec("DELETE FROM sat.presetlecturefilter WHERE filterid = :id AND filtertype = 'LDAP'", array('id' => $filterid)); + if ($res !== 1) { + Message::addWarning('ldap-invalid-filter-id', $filterid); + } else { + Message::addSuccess('ldap-filter-deleted'); + } + } + + private static function saveLdapFilter() { + $filterid = Request::post('filterid', '', 'int'); + $filtername = Request::post('filtername', false, 'string'); + $filterattribute = Request::post('attribute', false, 'string'); + $filtervalue = Request::post('value', false, 'string'); + + if ($filtername === false || $filterattribute === false || $filtervalue === false) { + Message::addError('ldap-filter-save-missing-information'); + return; + } + + if ($filterid === 0) { + // Insert filter in the db. + $res = Database::exec("INSERT INTO sat.presetlecturefilter (filtertype, filtername, filterkey, filtervalue) + VALUES ('LDAP', :filtername, :attribute, :value)", array( + 'filtername' => $filtername, + 'attribute' => $filterattribute, + 'value' => $filtervalue + )); + + if ($res !== 1) { + Message::addError('ldap-filter-insert-failed'); + } else { + Message::addSuccess('ldap-filter-created'); + } + + } else { + // Update filter in the db. + $res = Database::exec("UPDATE sat.presetlecturefilter SET + filtername = :filtername, filterkey = :attribute, filtervalue = :value + WHERE filterid = :filterid AND filtertype = 'LDAP'", array( + 'filterid' => $filterid, + 'filtername' => $filtername, + 'attribute' => $filterattribute, + 'value' => $filtervalue + )); + + if ($res !== 1) { + Message::addError('ldap-filter-insert-failed'); + } else { + Message::addSuccess('ldap-filter-saved'); + } + + } + Util::redirect("?do=dozmod§ion=ldapfilters"); + } + + public static function doAjax() + { + + } + +}
\ No newline at end of file diff --git a/modules-available/dozmod/pages/networkshares.inc.php b/modules-available/dozmod/pages/networkshares.inc.php new file mode 100644 index 00000000..659321b4 --- /dev/null +++ b/modules-available/dozmod/pages/networkshares.inc.php @@ -0,0 +1,108 @@ +<?php + +class SubPage +{ + + public static function doPreprocess() + { + $action = Request::post('action', '', 'string'); + + if ($action === 'delete') { + User::assertPermission('networkshares.save'); + $shareid = Request::post('shareid', false, 'int'); + if ($shareid !== false) { + $res = Database::exec('DELETE FROM sat.presetnetworkshare WHERE shareid = :shareid', ['shareid' => $shareid]); + if ($res !== false) { + Message::addSuccess('networkshare-deleted'); + } + } + } else if ($action === 'save') { + User::assertPermission('networkshares.save'); + $shareid = Request::post('shareid', 0, 'int'); + $sharename = Request::post('sharename', '', 'string'); + $path = Request::post('path', false, 'string'); + $target = Request::post('target', '', 'string'); + $authType = Request::post('auth', '', 'string'); + $username = Request::post('username', '', 'string'); + $password = Request::post('password', '', 'string'); + if (!in_array($authType, ['LOGIN_USER', 'OTHER_USER'], true)) { + Message::addError('networkshare-invalid-auth-type', $authType); + } elseif (empty($path)) { + Message::addError('networkshare-missing-path'); + } else { + $data = json_encode([ + 'auth' => $authType, + 'path' => $path, + 'displayname' => $sharename, + 'mountpoint' => $target, + 'username' => $username, + 'password' => $password, + ]); + if ($shareid !== 0) { + Database::exec('UPDATE sat.presetnetworkshare SET sharename = :sharename, sharedata = :data' + .' WHERE shareid = :shareid', compact('shareid', 'sharename', 'data')); + } else { + Database::exec('INSERT INTO sat.presetnetworkshare (sharename, sharedata, active)' + .' VALUES (:sharename, :data, 1)', compact('sharename', 'data')); + } + Message::addSuccess('networkshare-saved'); + } + } else if ($action === 'activate' || $action === 'deactivate') { + User::assertPermission('networkshares.save'); + $shareid = Request::post('shareid', false, 'int'); + $active = ($action === 'activate' ? 1 : 0); + Database::exec('UPDATE sat.presetnetworkshare SET active = :active WHERE shareid = :shareid', compact('active', 'shareid')); + } + if (Request::isPost()) { + Util::redirect('?do=dozmod§ion=networkshares'); + } + User::assertPermission('networkshares.view'); + } + + public static function doRender() + { + $show = Request::get('show', 'list', 'string'); + if ($show === 'list') { + $res = Database::simpleQuery('SELECT shareid, sharename, sharedata, active + FROM sat.presetnetworkshare ORDER BY sharename ASC'); + $rows = array(); + while ($row = $res->fetch(PDO::FETCH_ASSOC)) { + $dec = json_decode($row['sharedata'], true); + if (!is_array($dec)) { + $dec = []; + } + if ($dec['auth'] === 'LOGIN_USER') { + $row['loginAsUser'] = true; + } + $rows[] = $row + $dec; + } + Render::addTemplate('networkshares', [ + 'networkshares' => $rows, + 'hasEditPermissions' => User::hasPermission('networkshares.save') + ]); + } else if ($show === 'edit') { + $shareid = Request::get('shareid', 0, 'int'); + if ($shareid === 0) { + $data = []; + } else { + $data = Database::queryFirst('SELECT shareid, sharename, sharedata + FROM sat.presetnetworkshare WHERE shareid = :shareid', ['shareid' => $shareid]); + if ($data === false) { + Message::addError('networkshare-invalid-shareid', $shareid); + Util::redirect('?do=dozmod§ion=networkshares'); + } + $dec = json_decode($data['sharedata'], true); + if (is_array($dec)) { + $data += $dec; + } + if ($data['auth'] === 'LOGIN_USER') { + $data['loggedInUser_selected'] = 'selected'; + } else { + $data['specificUser_selected'] = 'selected'; + } + } + Render::addTemplate('networkshares-edit', $data); + } + } + +} diff --git a/modules-available/dozmod/pages/runscripts.inc.php b/modules-available/dozmod/pages/runscripts.inc.php new file mode 100644 index 00000000..c6566c13 --- /dev/null +++ b/modules-available/dozmod/pages/runscripts.inc.php @@ -0,0 +1,133 @@ +<?php + +class SubPage +{ + + public static function doPreprocess() + { + /* execute actions */ + $action = Request::post('action', false, 'string'); + + if ($action === 'save') { + User::assertPermission("runscripts.save"); + self::saveScript(); + } + + if (Request::isPost()) { + Util::redirect('?do=dozmod§ion=runscripts'); + } + User::assertPermission('runscripts.view'); + } + + private static function saveScript() + { + $id = Request::post('runscriptid', false, 'int'); + $scriptname = Request::post('scriptname', '', 'string'); + if ($id === false) { + Message::addError('main.parameter-missing', 'runscriptid'); + return; + } + $data = [ + 'scriptname' => $scriptname, + 'content' => Request::post('content', '', 'string'), + 'visibility' => Request::post('visibility', 1, 'int'), + 'extension' => preg_replace('/[^a-z0-9_\-~\!\$\=]/i', '', Request::post('extension', '', 'string')), + 'passcreds' => Request::post('passcreds', 0, 'int') !== 0, + 'isglobal' => Request::post('isglobal', 0, 'int') !== 0, + ]; + if ($id === 0) { + // New entry + $ret = Database::exec('INSERT INTO sat.presetrunscript + (scriptname, content, extension, visibility, passcreds, isglobal) VALUES + (:scriptname, :content, :extension, :visibility, :passcreds, :isglobal)', $data); + $id = Database::lastInsertId(); + } else { + // Edit entry + $data['id'] = $id; + Database::exec('UPDATE sat.presetrunscript SET + scriptname = :scriptname, content = :content, extension = :extension, visibility = :visibility, + passcreds = :passcreds, isglobal = :isglobal + WHERE runscriptid = :id', $data); + } + $oslist = Request::post('osid', false, 'array'); + if (is_array($oslist)) { + $oslist = array_filter($oslist, 'is_numeric'); + $query = Database::prepare('INSERT INTO sat.presetrunscript_x_operatingsystem + (runscriptid, osid) VALUES (:id, :osid)'); + foreach ($oslist as $osid) { + $query->execute(['id' => $id, 'osid' => $osid]); + } + $query->closeCursor(); + Database::exec('DELETE FROM sat.presetrunscript_x_operatingsystem + WHERE runscriptid = :id AND osid NOT IN (:oslist)', ['id' => $id, 'oslist' => $oslist]); + } + Message::addSuccess('runscript-saved'); + } + + public static function doRender() + { + $show = Request::get('show', 'list', 'string'); + if ($show === 'list') { + $res = Database::simpleQuery('SELECT runscriptid, scriptname, extension, visibility, passcreds, isglobal + FROM sat.presetrunscript + ORDER BY scriptname ASC'); + $rows = []; + while ($row = $res->fetch(PDO::FETCH_ASSOC)) { + if ($row['visibility'] == 0) { + $row['visibility'] = 'eye-close'; + } elseif ($row['visibility'] == 1) { + $row['visibility'] = 'eye-open'; + } else { + $row['visibility'] = 'arrow-down'; + } + $rows[] = $row; + } + Render::addTemplate('runscripts-list', ['list' => $rows, 'hasEditPermission' => User::hasPermission('runscripts.save')]); + } elseif ($show === 'edit') { + // Edit + $id = Request::get('runscriptid', false, 'int'); + if ($id === false) { + Message::addError('main.parameter-missing', 'runscriptid'); + Util::redirect('?do=dozmod§ion=runscripts'); + } + if ($id === 0) { + $row = [ + 'runscriptid' => 0, + 'visibility_1_checked' => 'checked', + 'isglobal_1_checked' => 'checked', + ]; + } else { + $row = Database::queryFirst('SELECT runscriptid, scriptname, content, extension, visibility, passcreds, isglobal + FROM sat.presetrunscript + WHERE runscriptid = :runscriptid', ['runscriptid' => $id]); + $row['visibility_' . $row['visibility'] . '_selected'] = 'selected'; + $row['passcreds_checked'] = $row['passcreds'] ? 'checked' : ''; + $row['isglobal_' . $row['isglobal'] . '_checked'] = 'checked'; + if ($row === false) { + Message::addError('runscript-invalid-id', $id); + Util::redirect('?do=dozmod§ion=runscripts'); + } + } + // Get OS + $row['oslist'] = []; + $res = Database::simpleQuery('SELECT o.osid, o.displayname, pxo.osid AS isvalid FROM sat.operatingsystem o + LEFT JOIN sat.presetrunscript_x_operatingsystem pxo ON (o.osid = pxo.osid AND pxo.runscriptid = :runscriptid) + ORDER BY o.displayname ASC', ['runscriptid' => $id]); + while ($osrow = $res->fetch(PDO::FETCH_ASSOC)) { + $row['oslist'][] = [ + 'osid' => $osrow['osid'], + 'displayname' => $osrow['displayname'], + 'checked' => $osrow['isvalid'] ? 'checked' : '', + ]; + } + // Output + Render::addTemplate('runscripts-edit', $row); + } + } + + public static function doAjax() + { + + } + +} |