Changeset 65 for trunk/DNSDB.pm

Timestamp:

11/25/10 16:26:08 (13 years ago)

Author:

Kris Deugau

Message:

/trunk

checkpoint, adding permissions/ACL support

File:

• trunk/DNSDB.pm (modified) (7 diffs)

trunk/DNSDB.pm

@@ -16 +16 @@
 use DBI;
 use Net::DNS;
+use Crypt::PasswdMD5;
 #use Net::SMTP;
 #use NetAddr::IP qw( Compact );
@@ -24 +25 @@
 @ISA            = qw(Exporter);
 @EXPORT_OK      = qw(
-        &initGlobals &connectDB &finish
+        &initGlobals &initPermissions &getPermissions
+        &connectDB &finish
         &addDomain &delDomain &domainName
         &addGroup &delGroup &getChildren &groupName
@@ -32 +34 @@
         &domStatus &importAXFR
         %typemap %reverse_typemap
+        %permissions
         );
 
 @EXPORT         = (); # Export nothing by default.
 %EXPORT_TAGS    = ( ALL => [qw(
-                &initGlobals &connectDB &finish
+                &initGlobals &initPermissions &getPermissions
+                &connectDB &finish
                 &addDomain &delDomain &domainName
                 &addGroup &delGroup &getChildren &groupName
@@ -44 +48 @@
                 &domStatus &importAXFR
                 %typemap %reverse_typemap
+                %permissions
                 )]
         );
@@ -67 +72 @@
 our %reverse_typemap;
 
+our %permissions;
 
 ##
@@ -156 +162 @@
   }
 } # end initGlobals
+
+
+## DNSDB::initPermissions()
+# Set up permissions global
+# Takes database handle and UID
+sub initPermissions {
+  my $dbh = shift;
+  my $uid = shift;
+
+#  %permissions = $(getPermissions($dbh,'user',$uid));
+  getPermissions($dbh, 'user', $uid, \%permissions);
+
+} # end initPermissions()
+
+
+## DNSDB::getPermissions()
+# Get permissions from DB
+# Requires DB handle, group or user flag, ID, and hashref.
+sub getPermissions {
+  my $dbh = shift;
+  my $type = shift;
+  my $id = shift;
+  my $hash = shift;
+
+  my $sql = qq(
+        SELECT
+        p.admin,p.self_edit,
+        p.group_create,p.group_edit,p.group_delete,
+        p.user_create,p.user_edit,p.user_delete,
+        p.domain_create,p.domain_edit,p.domain_delete,
+        p.record_create,p.record_edit,p.record_delete
+        FROM permissions p
+        );
+  if ($type eq 'group') {
+    $sql .= qq(
+        JOIN groups g ON g.permission_id=p.permission_id
+        WHERE g.group_id=?
+        );
+  } else {
+    $sql .= qq(
+        JOIN users u ON u.permission_id=p.permission_id
+        WHERE u.user_id=?
+        );
+  }
+
+  my $sth = $dbh->prepare($sql);
+
+  $sth->execute($id) or die "argh: ".$sth->errstr;
+
+#  my $permref = $sth->fetchrow_hashref;
+#  return $permref;
+#  $hash = $permref;
+# Eww.  Need to learn how to forcibly drop a hashref onto an existing hash.
+  ($hash->{admin},$hash->{self_edit},
+        $hash->{group_create},$hash->{group_edit},$hash->{group_delete},
+        $hash->{user_create},$hash->{user_edit},$hash->{user_delete},
+        $hash->{domain_create},$hash->{domain_edit},$hash->{domain_delete},
+        $hash->{record_create},$hash->{record_edit},$hash->{record_delete})
+        = $sth->fetchrow_array;
+
+} # end getPermissions()
+
+
+## DNSDB::changePermissions()
+# Update an ACL entry
+# Takes a db handle, type, owner-id, and hashref for the changed permissions.
+##fixme: Must handle case of changing object's permissions from inherited to custom
+sub changePermissions {
+  my $dbh = shift;
+  my $type = shift;
+  my $id = shift;
+  my $newperms = shift;
+
+  # see if we're switching from inherited to custom
+  my $sth = $dbh->prepare("SELECT (u.permission_id=g.permission_id) AS was_inherited".
+        " FROM ".($type eq 'user' ? 'users' : 'groups')." u ".
+        " JOIN groups g ON u.group_id=g.group_id ".
+        " WHERE u.".($type eq 'user' ? 'user' : 'group')."_id=?");
+  $sth->execute($id);
+
+} # end changePermissions()
 
 
@@ -507 +594 @@
 
 ##fixme: add another table to hold name/email for log table?
+die "dying horribly\n";
 
     # once we get here, we should have suceeded.