From de08fc1f317317d807317ddc6e5122f41fd48759 Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Tue, 27 Apr 2021 16:15:06 +0200
Subject: [serversetup-bwlp-ipxe] Disallow editing .special entries

---
 .../serversetup-bwlp-ipxe/lang/de/messages.json        |  2 ++
 .../serversetup-bwlp-ipxe/lang/en/messages.json        |  2 ++
 modules-available/serversetup-bwlp-ipxe/page.inc.php   | 18 ++++++++++++++----
 3 files changed, 18 insertions(+), 4 deletions(-)

diff --git a/modules-available/serversetup-bwlp-ipxe/lang/de/messages.json b/modules-available/serversetup-bwlp-ipxe/lang/de/messages.json
index 339296e7..5446130f 100644
--- a/modules-available/serversetup-bwlp-ipxe/lang/de/messages.json
+++ b/modules-available/serversetup-bwlp-ipxe/lang/de/messages.json
@@ -2,6 +2,7 @@
     "boot-entry-created": "Men\u00fceintrag {{0}} erzeugt",
     "boot-entry-updated": "Men\u00fceintrag {{0}} aktualisiert",
     "bootentry-deleted": "Men\u00fceintrag gel\u00f6scht",
+    "cannot-edit-special": "Der Eintrag {{0}} kann nicht editiert werden",
     "error-saving-entry": "Fehler beim Speichern des Eintrags {{0}}: {{1}}",
     "image-not-found": "USB-Image nicht gefunden. Generieren Sie das Bootmen\u00fc neu.",
     "import-error": "Fehler beim Importieren",
@@ -20,6 +21,7 @@
     "missing-bootentry-data": "Fehlende Daten f\u00fcr den Men\u00fceintrag",
     "no-ip-addr-set": "Bitte w\u00e4hlen Sie die prim\u00e4re IP-Adresse des Servers",
     "no-ip-set": "Kann Import alter Konfiguration nicht ausf\u00fchren. Bitte zuerst die prim\u00e4re IP-Adresse des Servers festlegen.",
+    "nothing-changed-or-protected": "{{0}}: Nichts ver\u00e4ndert, oder gesch\u00fctzter Eintrag",
     "unknown-bootentry-type": "Unbekannter Eintrags-Typ: {{0}}",
     "unknown-hook-module": "Unbekanntes Modul: {{0}}"
 }
\ No newline at end of file
diff --git a/modules-available/serversetup-bwlp-ipxe/lang/en/messages.json b/modules-available/serversetup-bwlp-ipxe/lang/en/messages.json
index 9e1c0b3e..21fdfdc3 100644
--- a/modules-available/serversetup-bwlp-ipxe/lang/en/messages.json
+++ b/modules-available/serversetup-bwlp-ipxe/lang/en/messages.json
@@ -2,6 +2,7 @@
     "boot-entry-created": "Created menu item {{0}}",
     "boot-entry-updated": "Updated menu item {{0}}",
     "bootentry-deleted": "Deleted menu item",
+    "cannot-edit-special": "Entry {{0}} cannot be edited",
     "error-saving-entry": "Error saving item {{0}}: {{1}}",
     "image-not-found": "USB image not found. Try regenerating the boot menu first.",
     "import-error": "Error importing menu",
@@ -20,6 +21,7 @@
     "missing-bootentry-data": "Missing data for menu item",
     "no-ip-addr-set": "Please set the server's primary IP address",
     "no-ip-set": "Cannot import old configuration. Please set the primary IP address first.",
+    "nothing-changed-or-protected": "{{0}}: Nothing changed, oder protected entry",
     "unknown-bootentry-type": "Unknown item type: {{0}}",
     "unknown-hook-module": "Unknown module: {{0}}"
 }
\ No newline at end of file
diff --git a/modules-available/serversetup-bwlp-ipxe/page.inc.php b/modules-available/serversetup-bwlp-ipxe/page.inc.php
index f0422fd3..8fd6fd49 100644
--- a/modules-available/serversetup-bwlp-ipxe/page.inc.php
+++ b/modules-available/serversetup-bwlp-ipxe/page.inc.php
@@ -531,6 +531,10 @@ class Page_ServerSetup extends Page
 				Message::addError('invalid-boot-entry', $id);
 				Util::redirect('?do=serversetup');
 			}
+			if ($row['module'] === '.special') {
+				Message::addError('cannot-edit-special', $id);
+				Util::redirect('?do=serversetup');
+			}
 			if ($row['module'][0] === '.') {
 				// either script or exec entry
 				$json = json_decode($row['data'], true);
@@ -873,7 +877,6 @@ class Page_ServerSetup extends Page
 			Message::addError('missing-bootentry-data');
 			return;
 		}
-		$module = false;
 		$type = Request::post('type', false, 'string');
 		if ($type[0] === '.') {
 			// Exec or script
@@ -881,6 +884,8 @@ class Page_ServerSetup extends Page
 				$entry = BootEntry::newStandardBootEntry($data);
 			} elseif ($type === '.script') {
 				$entry = BootEntry::newCustomBootEntry($data);
+			} else {
+				$entry = null;
 			}
 			if ($entry === null) {
 				Message::addError('main.empty-field');
@@ -924,10 +929,15 @@ class Page_ServerSetup extends Page
 		} else {
 			// Edit existing entry
 			$params['oldid'] = $oldEntryId;
-			Database::exec('UPDATE serversetup_bootentry SET
+			// Ignore .special, must never update
+			$aff = Database::exec("UPDATE serversetup_bootentry SET
 				entryid = If(builtin = 0, :entryid, entryid), title = :title, module = :module, data = :data
-				WHERE entryid = :oldid', $params);
-			Message::addSuccess('boot-entry-updated', $newId);
+				WHERE entryid = :oldid AND module <> '.special'", $params);
+			if ($aff > 0) {
+				Message::addSuccess('boot-entry-updated', $newId);
+			} else {
+				Message::addWarning('nothing-changed-or-protected', $newId);
+			}
 		}
 		if (Request::post('next') === 'reload') {
 			Util::redirect('?do=serversetup&show=editbootentry&id=' . $newId);
-- 
cgit v1.2.3-55-g7522