[54] | 1 | #!/usr/bin/perl
|
---|
| 2 | # ipdb/cgi-bin/admin.cgi
|
---|
| 3 | # Hack interface to make specific changes to IPDB that (for one reason
|
---|
| 4 | # or another) can't be made through the main interface.
|
---|
[65] | 5 | #
|
---|
[54] | 6 | ###
|
---|
| 7 | # SVN revision info
|
---|
| 8 | # $Date: 2015-03-20 19:14:06 +0000 (Fri, 20 Mar 2015) $
|
---|
| 9 | # SVN revision $Rev: 709 $
|
---|
| 10 | # Last update by $Author: kdeugau $
|
---|
| 11 | ###
|
---|
[417] | 12 | # Copyright (C) 2004-2010 - Kris Deugau
|
---|
[54] | 13 |
|
---|
| 14 | use strict;
|
---|
| 15 | use warnings;
|
---|
| 16 | use CGI::Carp qw(fatalsToBrowser);
|
---|
[517] | 17 | use CGI::Simple;
|
---|
| 18 | use HTML::Template;
|
---|
[54] | 19 | use DBI;
|
---|
| 20 | #use POSIX qw(ceil);
|
---|
| 21 | use NetAddr::IP;
|
---|
| 22 |
|
---|
| 23 | use Sys::Syslog;
|
---|
| 24 |
|
---|
[417] | 25 | # don't remove! required for GNU/FHS-ish install from tarball
|
---|
| 26 | ##uselib##
|
---|
| 27 |
|
---|
[515] | 28 | use CustIDCK;
|
---|
[417] | 29 | use MyIPDB;
|
---|
| 30 |
|
---|
[431] | 31 | openlog "IPDB-admin","pid","$IPDB::syslog_facility";
|
---|
[54] | 32 |
|
---|
| 33 | # Collect the username from HTTP auth. If undefined, we're in a test environment.
|
---|
| 34 | my $authuser;
|
---|
| 35 | if (!defined($ENV{'REMOTE_USER'})) {
|
---|
| 36 | $authuser = '__temptest';
|
---|
| 37 | } else {
|
---|
| 38 | $authuser = $ENV{'REMOTE_USER'};
|
---|
| 39 | }
|
---|
| 40 |
|
---|
| 41 | syslog "debug", "$authuser active";
|
---|
| 42 |
|
---|
[517] | 43 | # Set up the CGI object...
|
---|
| 44 | my $q = new CGI::Simple;
|
---|
| 45 | # ... and get query-string params as well as POST params if necessary
|
---|
| 46 | $q->parse_query_string;
|
---|
| 47 |
|
---|
| 48 | # Convenience; saves changing all references to %webvar
|
---|
| 49 | ##fixme: tweak for handling <select multiple='y' size=3> (list with multiple selection)
|
---|
| 50 | my %webvar = $q->Vars;
|
---|
| 51 |
|
---|
| 52 | # anyone got a better name? :P
|
---|
| 53 | my $thingroot = $ENV{SCRIPT_FILENAME};
|
---|
| 54 | $thingroot =~ s|cgi-bin/admin.cgi||;
|
---|
| 55 |
|
---|
| 56 | # Set up some globals
|
---|
| 57 | $ENV{HTML_TEMPLATE_ROOT} = $thingroot."templates";
|
---|
| 58 |
|
---|
[199] | 59 | # Why not a global DB handle? (And a global statement handle, as well...)
|
---|
| 60 | # Use the connectDB function, otherwise we end up confusing ourselves
|
---|
| 61 | my $ip_dbh;
|
---|
| 62 | my $sth;
|
---|
| 63 | my $errstr;
|
---|
| 64 | ($ip_dbh,$errstr) = connectDB_My;
|
---|
| 65 | if (!$ip_dbh) {
|
---|
[517] | 66 | $webvar{action} = "dberr";
|
---|
| 67 | } else {
|
---|
| 68 | initIPDBGlobals($ip_dbh);
|
---|
[199] | 69 | }
|
---|
| 70 |
|
---|
[548] | 71 | if(!defined($webvar{action})) {
|
---|
| 72 | $webvar{action} = "main"; #shuts up the warnings.
|
---|
| 73 | }
|
---|
| 74 |
|
---|
[517] | 75 | # handle DB error output
|
---|
| 76 | if ($webvar{action} eq 'dberr') {
|
---|
| 77 | my $page = HTML::Template->new(filename => "admin/dberr.tmpl");
|
---|
| 78 | $page->param(errmsg => $errstr);
|
---|
| 79 | print "Content-Type: text/html\n\n".$page->output;
|
---|
| 80 | exit;
|
---|
| 81 | }
|
---|
| 82 |
|
---|
[233] | 83 | if ($IPDBacl{$authuser} !~ /A/) {
|
---|
[517] | 84 | my $page = HTML::Template->new(filename => "admin/aclerr.tmpl");
|
---|
| 85 | ##fixme: need params for IPDB admin email and name
|
---|
| 86 | $page->param(ipdbadmin_email => 'ipdbadmin@example.com');
|
---|
| 87 | $page->param(ipdbadmin_name => 'the IPDB administrator');
|
---|
| 88 | print "Content-Type: text/html\n\n".$page->output;
|
---|
[233] | 89 | exit;
|
---|
| 90 | }
|
---|
| 91 |
|
---|
[517] | 92 | my $header = HTML::Template->new(filename => "admin/header.tmpl");
|
---|
[641] | 93 | $header->param(mainpage => 1) if $webvar{action} eq 'main';
|
---|
[669] | 94 | $header->param(webpath => $IPDB::webpath);
|
---|
[641] | 95 | print "Content-type: text/html\n\n".$header->output;
|
---|
[58] | 96 |
|
---|
[517] | 97 | my $page;
|
---|
| 98 | if (-e "$ENV{HTML_TEMPLATE_ROOT}/admin/$webvar{action}.tmpl") {
|
---|
| 99 | $page = HTML::Template->new(filename => "admin/$webvar{action}.tmpl");
|
---|
| 100 | } else {
|
---|
| 101 | $page = HTML::Template->new(filename => "admin/dunno.tmpl");
|
---|
| 102 | }
|
---|
| 103 |
|
---|
| 104 | # handle index page
|
---|
| 105 | if ($webvar{action} eq 'main') {
|
---|
[541] | 106 | my $tlist = getTypeList($ip_dbh, 'a');
|
---|
| 107 | $tlist->[0]->{sel} = 1;
|
---|
| 108 | $page->param(typelist => $tlist);
|
---|
[199] | 109 |
|
---|
[541] | 110 | my $mlist = getMasterList($ip_dbh, 'm');
|
---|
| 111 | $page->param(masterlist => $mlist);
|
---|
[54] | 112 | }
|
---|
| 113 |
|
---|
[517] | 114 | ## Non-default actions.
|
---|
[199] | 115 |
|
---|
[517] | 116 | elsif ($webvar{action} eq 'alloc') {
|
---|
[199] | 117 |
|
---|
[543] | 118 | my $cidr = new NetAddr::IP $webvar{cidr};
|
---|
| 119 | if (!$cidr || "$cidr" =~ /^0/) {
|
---|
[517] | 120 | $page->param(errmsg => "Can't allocate something that's not a netblock/ip");
|
---|
| 121 | goto ERRJUMP;
|
---|
[199] | 122 | }
|
---|
| 123 |
|
---|
[544] | 124 | my $custid = $def_custids{$webvar{alloctype}};
|
---|
[199] | 125 | if ($custid eq '') {
|
---|
[546] | 126 | # Crosscheck with billing.
|
---|
| 127 | my $status = CustIDCK->custid_exist($webvar{custid});
|
---|
| 128 | if ($CustIDCK::Error) {
|
---|
| 129 | $page->param(errmsg => "Error verifying customer ID: ".$CustIDCK::ErrMsg);
|
---|
| 130 | goto ERRJUMP;
|
---|
[400] | 131 | }
|
---|
[546] | 132 | if (!$status) {
|
---|
| 133 | $page->param(errmsg => "Customer ID not valid. Make sure the Customer ID ".
|
---|
| 134 | "is correct.<br>\nUse STAFF for staff static IPs, and $IPDB::defcustid for any other ".
|
---|
| 135 | "non-customer assignments.");
|
---|
| 136 | goto ERRJUMP;
|
---|
| 137 | }
|
---|
[199] | 138 | # Type that doesn't have a default custid
|
---|
| 139 | $custid = $webvar{custid};
|
---|
| 140 | }
|
---|
| 141 |
|
---|
[544] | 142 | my $maskbits = $cidr->masklen;
|
---|
[642] | 143 | my ($fbid, $fb, $fbparent);
|
---|
| 144 | ($fbid, $fb, $fbparent) = findAllocateFrom($ip_dbh, $maskbits, $webvar{alloctype}, '','',
|
---|
[544] | 145 | (gimme => "$cidr", allowpriv => 1));
|
---|
[642] | 146 | $page->param(fbid => $fbid);
|
---|
| 147 | $page->param(parid => $fbparent);
|
---|
| 148 | my $rdns = getBlockRDNS($ip_dbh, id => $fbparent, type => ($webvar{alloctype} =~ /^.i$/ ? 'i' : 'b'),
|
---|
| 149 | user => $authuser);
|
---|
| 150 | $page->param(rdns => $rdns);
|
---|
| 151 | if ($webvar{alloctype} =~ /^(.)i$/) {
|
---|
[544] | 152 | my $iptype = $1;
|
---|
[642] | 153 | my $ptmp = getBlockData($ip_dbh, $fbparent);
|
---|
[544] | 154 | if ($ptmp->{type} =~ /^(.)[dp]$/) {
|
---|
| 155 | my $newiptype = "$1i";
|
---|
| 156 | if ($ptmp->{type} !~ /^$iptype./) {
|
---|
| 157 | $page->param(warnmsg => "Warning: Allocating IP as '".$disp_alloctypes{$newiptype}."' instead of '".
|
---|
[642] | 158 | $disp_alloctypes{$webvar{alloctype}}."' to match pool ".$ptmp->{block}."\n");
|
---|
[544] | 159 | $webvar{alloctype} = $newiptype;
|
---|
| 160 | }
|
---|
| 161 | }
|
---|
[642] | 162 | if (!$fbid) {
|
---|
[517] | 163 | $page->param(errmsg => "Can't allocate static IP from outside a pool!!");
|
---|
| 164 | goto ERRJUMP;
|
---|
| 165 | }
|
---|
[199] | 166 | } else {
|
---|
[642] | 167 | if (!$fbid) {
|
---|
| 168 | $page->param(errmsg => "Can't allocate from outside a free block!!");
|
---|
[517] | 169 | goto ERRJUMP;
|
---|
| 170 | }
|
---|
[199] | 171 | }
|
---|
| 172 |
|
---|
[642] | 173 | my $alloc_from = new NetAddr::IP $fb;
|
---|
[199] | 174 |
|
---|
[517] | 175 | my @cities;
|
---|
[199] | 176 | foreach my $city (@citylist) {
|
---|
[517] | 177 | my %row = (city => $city);
|
---|
| 178 | push @cities, \%row;
|
---|
[199] | 179 | }
|
---|
[517] | 180 | $page->param(
|
---|
| 181 | cidr => $cidr,
|
---|
| 182 | disptype => $disp_alloctypes{$webvar{alloctype}},
|
---|
| 183 | type => $webvar{alloctype},
|
---|
| 184 | alloc_from => $alloc_from,
|
---|
| 185 | custid => $custid,
|
---|
| 186 | citylist => \@cities
|
---|
| 187 | );
|
---|
[199] | 188 |
|
---|
| 189 | } elsif ($webvar{action} eq 'confirm') {
|
---|
| 190 |
|
---|
[517] | 191 | $page->param(
|
---|
| 192 | cidr => $webvar{cidr},
|
---|
| 193 | custid => $webvar{custid},
|
---|
| 194 | desc => $webvar{desc},
|
---|
| 195 | disptype => $disp_alloctypes{$webvar{alloctype}}
|
---|
| 196 | );
|
---|
[199] | 197 | # Only need to check city here.
|
---|
| 198 | if ($webvar{city} eq '-') {
|
---|
[517] | 199 | $page->param(locerr => "Invalid customer location! Go back and select customer's location.");
|
---|
| 200 | goto ERRJUMP;
|
---|
[545] | 201 | }
|
---|
| 202 |
|
---|
[642] | 203 | my ($retcode,$msg) = allocateBlock($ip_dbh, cidr => $webvar{cidr}, fbid => $webvar{fbid},
|
---|
| 204 | parent => $webvar{parent}, custid => $webvar{custid}, type => $webvar{alloctype}, city => $webvar{city},
|
---|
| 205 | desc => $webvar{desc}, notes => $webvar{notes}, circid => $webvar{circid},
|
---|
| 206 | privdata => $webvar{privdata}, nodeid => $webvar{node}, rdns => $webvar{rdns}, user => $authuser);
|
---|
| 207 |
|
---|
[545] | 208 | if ($retcode eq 'OK') {
|
---|
| 209 | syslog "notice", "$authuser allocated '$webvar{cidr}' to '$webvar{custid}' as ".
|
---|
| 210 | "'$webvar{alloctype}'";
|
---|
| 211 | if ($webvar{alloctype} =~ /^.i$/) {
|
---|
| 212 | mailNotify($ip_dbh, "a$webvar{alloctype}", "ADDED: $disp_alloctypes{$webvar{alloctype}} allocation",
|
---|
| 213 | "$disp_alloctypes{$webvar{alloctype}} $webvar{cidr} allocated to customer $webvar{custid}\n".
|
---|
| 214 | "Description: $webvar{desc}\n\nAllocated by: $authuser\n");
|
---|
| 215 | }
|
---|
| 216 | } else {
|
---|
| 217 | $page->param(errmsg => $msg);
|
---|
| 218 | syslog "err", "($authuser) Allocation of '$webvar{cidr}' to '$webvar{custid}' as ".
|
---|
| 219 | "'$webvar{alloctype}' failed: '$msg'";
|
---|
| 220 | }
|
---|
[199] | 221 |
|
---|
[54] | 222 | } elsif ($webvar{action} eq 'alloctweak') {
|
---|
[517] | 223 |
|
---|
[54] | 224 | fix_allocfrom();
|
---|
| 225 | showAllocs($webvar{allocfrom});
|
---|
[517] | 226 |
|
---|
[54] | 227 | } elsif ($webvar{action} eq 'update') {
|
---|
[517] | 228 |
|
---|
[54] | 229 | update();
|
---|
[58] | 230 |
|
---|
[517] | 231 | } elsif ($webvar{action} eq 'touch') {
|
---|
[58] | 232 |
|
---|
[547] | 233 | my ($code,$msg) = touchMaster($ip_dbh, $webvar{whichmaster});
|
---|
| 234 | $page->param(errmsg => $msg) if $code eq 'FAIL';
|
---|
[517] | 235 |
|
---|
[329] | 236 | } elsif ($webvar{action} eq 'listcust') {
|
---|
[517] | 237 |
|
---|
[709] | 238 | my $clist = $ip_dbh->selectall_arrayref("SELECT custid,name AS custname,tech_handle AS tech ".
|
---|
| 239 | "FROM customers ORDER BY custid", { Slice => {} } );
|
---|
| 240 | $page->param(custlist => $clist);
|
---|
[517] | 241 |
|
---|
[331] | 242 | } elsif ($webvar{action} eq 'edcust') {
|
---|
[517] | 243 |
|
---|
[418] | 244 | if ($webvar{newcust}) {
|
---|
| 245 | $sth = $ip_dbh->prepare("INSERT INTO customers (custid) VALUES (?)");
|
---|
| 246 | $sth->execute($webvar{custid});
|
---|
| 247 | }
|
---|
[331] | 248 | $sth = $ip_dbh->prepare("select custid,name,street,city,province,".
|
---|
[436] | 249 | "country,pocode,phone,tech_handle,abuse_handle,admin_handle,special ".
|
---|
[331] | 250 | "from customers where custid='$webvar{custid}'");
|
---|
| 251 | $sth->execute;
|
---|
[436] | 252 | my ($custid, $name, $street, $city, $prov, $country, $pocode, $phone, $tech, $abuse, $admin, $special) =
|
---|
[331] | 253 | $sth->fetchrow_array;
|
---|
| 254 |
|
---|
[517] | 255 | $page->param(
|
---|
| 256 | custid => $custid,
|
---|
| 257 | name => $name,
|
---|
| 258 | street => $street,
|
---|
| 259 | city => $city,
|
---|
| 260 | prov => $prov,
|
---|
| 261 | country => $country,
|
---|
| 262 | pocode => $pocode,
|
---|
| 263 | phone => $phone,
|
---|
| 264 | tech => $tech,
|
---|
| 265 | abuse => $abuse,
|
---|
| 266 | admin => $admin,
|
---|
| 267 | special => $special
|
---|
| 268 | );
|
---|
| 269 |
|
---|
[329] | 270 | } elsif ($webvar{action} eq 'updcust') {
|
---|
[517] | 271 |
|
---|
[709] | 272 | if ($webvar{abutton} eq 'Update') {
|
---|
| 273 | $ip_dbh->do(q(
|
---|
| 274 | UPDATE customers
|
---|
| 275 | SET name = ?, street = ?, city = ?, province=?, country=?, pocode=?,
|
---|
| 276 | phone = ?, tech_handle = ?, abuse_handle = ?, admin_handle = ?, special = ?
|
---|
| 277 | WHERE custid = ?
|
---|
| 278 | ), undef,
|
---|
| 279 | ($webvar{name}, $webvar{street}, $webvar{city}, $webvar{province}, $webvar{country}, $webvar{pocode},
|
---|
| 280 | $webvar{phone}, $webvar{tech_handle}, $webvar{abuse_handle}, $webvar{admin_handle}, $webvar{special},
|
---|
| 281 | $webvar{custid})
|
---|
| 282 | );
|
---|
| 283 | $page->param(whatact => "Updated");
|
---|
| 284 | } elsif ($webvar{abutton} eq 'Delete (immediate)') {
|
---|
| 285 | $ip_dbh->do("DELETE FROM customers WHERE custid = ?", undef, $webvar{custid});
|
---|
| 286 | $page->param(whatact => "Deleted");
|
---|
| 287 | } else {
|
---|
| 288 | # Your llama is on fire
|
---|
| 289 | }
|
---|
| 290 | # Show what we've just either updated or deleted.
|
---|
| 291 | # Deleted, so that in case of "OOOPS!!", the "special" data can be recovered.
|
---|
[517] | 292 | $page->param(
|
---|
| 293 | custid => $webvar{custid},
|
---|
| 294 | name => $webvar{name},
|
---|
| 295 | street => $webvar{street},
|
---|
| 296 | city => $webvar{city},
|
---|
| 297 | prov => $webvar{province},
|
---|
| 298 | country => $webvar{country},
|
---|
| 299 | pocode => $webvar{pocode},
|
---|
| 300 | phone => $webvar{phone},
|
---|
| 301 | tech => $webvar{tech_handle},
|
---|
| 302 | abuse => $webvar{abuse_handle},
|
---|
| 303 | admin => $webvar{admin_handle},
|
---|
| 304 | special => $webvar{special}
|
---|
| 305 | );
|
---|
[418] | 306 |
|
---|
[65] | 307 | } elsif ($webvar{action} eq 'showpools') {
|
---|
[517] | 308 |
|
---|
[644] | 309 | my $plist = $ip_dbh->selectall_arrayref("SELECT a.id,a.cidr AS pool, count(*) AS free FROM poolips p ".
|
---|
| 310 | "JOIN allocations a ON a.id=p.parent_id ".
|
---|
| 311 | "WHERE available='y' GROUP BY a.cidr,a.id ORDER BY a.cidr", { Slice => {} });
|
---|
| 312 | $page->param(poollist => $plist);
|
---|
[517] | 313 |
|
---|
[65] | 314 | } elsif ($webvar{action} eq 'tweakpool') {
|
---|
[517] | 315 |
|
---|
[65] | 316 | showPool($webvar{pool});
|
---|
[517] | 317 |
|
---|
[65] | 318 | } elsif ($webvar{action} eq 'updatepool') {
|
---|
[199] | 319 |
|
---|
[644] | 320 | my $ip = $ip_dbh->selectrow_array("SELECT ip FROM poolips WHERE id=?", undef, ($webvar{id}) );
|
---|
| 321 | $page->param(ip => $ip);
|
---|
| 322 | $sth = $ip_dbh->prepare("UPDATE poolips SET custid=?, city=?, type=?, available='".
|
---|
[65] | 323 | (($webvar{available} eq 'y') ? 'y' : 'n').
|
---|
[517] | 324 | "', notes=?, description=? ".
|
---|
[644] | 325 | "WHERE id=?");
|
---|
| 326 | $sth->execute($webvar{custid}, $webvar{city}, $webvar{type}, $webvar{notes}, $webvar{desc}, $webvar{id});
|
---|
[65] | 327 | if ($sth->err) {
|
---|
[517] | 328 | $page->param(errmsg => $sth->errstr);
|
---|
[644] | 329 | syslog "err", "$authuser could not update pool IP $ip: ".$sth->errstr;
|
---|
[517] | 330 | } else {
|
---|
[644] | 331 | syslog "notice", "$authuser updated pool IP $ip";
|
---|
[65] | 332 | }
|
---|
[644] | 333 | my $poolid = $ip_dbh->selectrow_array("SELECT parent_id FROM poolips WHERE id=?", undef, ($webvar{id}) );
|
---|
| 334 | $page->param(poolid => $poolid);
|
---|
| 335 | my $pool = $ip_dbh->selectrow_array("SELECT cidr FROM allocations WHERE id=?", undef, ($poolid) );
|
---|
| 336 | $page->param(pool => $pool);
|
---|
[517] | 337 |
|
---|
[258] | 338 | } elsif ($webvar{action} eq 'showusers') {
|
---|
[233] | 339 |
|
---|
| 340 | $sth = $ip_dbh->prepare("select username,acl from users order by username");
|
---|
| 341 | $sth->execute;
|
---|
[517] | 342 | my @userlist;
|
---|
| 343 | while (my ($username,$acl) = $sth->fetchrow_array) {
|
---|
| 344 | ##fixme: funky things happening with HTML::Template here; shouldn't need the "logic ? iftrue : iffalse" structure
|
---|
| 345 | my %row = (
|
---|
| 346 | username => $username,
|
---|
| 347 | can_add => ($acl =~ /a/ ? 1 : 0),
|
---|
| 348 | can_change => ($acl =~ /c/ ? 1 : 0),
|
---|
| 349 | can_del => ($acl =~ /d/ ? 1 : 0),
|
---|
| 350 | sysnet => ($acl =~ /s/ ? 1 : 0),
|
---|
| 351 | is_admin => ($acl =~ /A/ ? 1 : 0),
|
---|
| 352 | acl => $acl
|
---|
| 353 | );
|
---|
| 354 | push @userlist, \%row;
|
---|
| 355 | }
|
---|
| 356 | $page->param(userlist => \@userlist);
|
---|
[233] | 357 |
|
---|
| 358 | } elsif ($webvar{action} eq 'updacl') {
|
---|
[517] | 359 |
|
---|
| 360 | $page->param(username => $webvar{username});
|
---|
[233] | 361 | my $acl = 'b';
|
---|
| 362 | if ($webvar{admin} eq 'on') {
|
---|
[284] | 363 | $acl .= "acdsA";
|
---|
[233] | 364 | } else {
|
---|
| 365 | $acl .= ($webvar{add} eq 'on' ? 'a' : '').
|
---|
| 366 | ($webvar{change} eq 'on' ? 'c' : '').
|
---|
[284] | 367 | ($webvar{del} eq 'on' ? 'd' : '').
|
---|
| 368 | ($webvar{sysnet} eq 'on' ? 's' : '');
|
---|
[233] | 369 | }
|
---|
[517] | 370 | $page->param(acl => $acl);
|
---|
[233] | 371 |
|
---|
| 372 | $sth = $ip_dbh->prepare("update users set acl='$acl' where username='$webvar{username}'");
|
---|
| 373 | $sth->execute;
|
---|
[517] | 374 | $page->param(errmsg => $sth->errstr) if $sth->err;
|
---|
[233] | 375 |
|
---|
[517] | 376 | } elsif ($webvar{action} eq 'newuser') {
|
---|
[233] | 377 |
|
---|
[517] | 378 | $page->param(username => $webvar{username});
|
---|
[259] | 379 | my $cr_pass = ($webvar{preenc} ? $webvar{password} :
|
---|
| 380 | crypt $webvar{password}, join('',('.','/',0..9,'A'..'Z','a'..'z')[rand 64, rand 64]));
|
---|
[258] | 381 | $sth = $ip_dbh->prepare("insert into users (username,password,acl) values ".
|
---|
| 382 | "('$webvar{username}','$cr_pass','b')");
|
---|
| 383 | $sth->execute;
|
---|
[517] | 384 | $page->param(errmsg => $sth->errstr) if $sth->err;
|
---|
[258] | 385 |
|
---|
[517] | 386 | } elsif ($webvar{action} eq 'deluser') {
|
---|
[258] | 387 |
|
---|
[517] | 388 | $page->param(username => $webvar{username});
|
---|
[258] | 389 | $sth = $ip_dbh->prepare("delete from users where username='$webvar{username}'");
|
---|
| 390 | $sth->execute;
|
---|
[517] | 391 | $page->param(errmsg => $sth->errstr) if $sth->err;
|
---|
[258] | 392 |
|
---|
[517] | 393 | } elsif ($webvar{action} eq 'emailnotice') {
|
---|
[258] | 394 |
|
---|
[422] | 395 | $sth = $ip_dbh->prepare("SELECT action,reciplist FROM notify");
|
---|
| 396 | $sth->execute;
|
---|
[517] | 397 | my @spamlist;
|
---|
[422] | 398 | while (my ($notice_code,$reciplist) = $sth->fetchrow_array() ) {
|
---|
| 399 | ##fixme: hairy mess, only a few things call mailNotify() anyway, so many possible notices won't work.
|
---|
| 400 | my $action_out = dispNoticeCode($notice_code);
|
---|
[517] | 401 | my %row = (
|
---|
| 402 | action => $action_out,
|
---|
| 403 | code => $notice_code,
|
---|
| 404 | recips => $reciplist
|
---|
| 405 | );
|
---|
| 406 | push @spamlist, \%row;
|
---|
[422] | 407 | }
|
---|
[517] | 408 | $page->param(spamlist => \@spamlist);
|
---|
[423] | 409 |
|
---|
| 410 | $sth = $ip_dbh->prepare("SELECT type,dispname FROM alloctypes WHERE listorder < 500 ".
|
---|
| 411 | "ORDER BY listorder");
|
---|
| 412 | $sth->execute;
|
---|
| 413 | my $i=0;
|
---|
[517] | 414 | my @typelist;
|
---|
[423] | 415 | while (my ($type,$disp) = $sth->fetchrow_array) {
|
---|
[517] | 416 | my %row = (
|
---|
| 417 | type => $type,
|
---|
| 418 | disptype => $disp,
|
---|
| 419 | # ahh, off-by-one counts, how we do love thee... NOT!
|
---|
| 420 | newrow => ($i+2 > $sth->rows ? 1 : (++$i % 4)),
|
---|
| 421 | );
|
---|
| 422 | push @typelist, \%row;
|
---|
[423] | 423 | }
|
---|
[517] | 424 | $page->param(typelist => \@typelist);
|
---|
[423] | 425 |
|
---|
[517] | 426 | } elsif ($webvar{action} eq 'addnotice') {
|
---|
[423] | 427 |
|
---|
[426] | 428 | $webvar{alloctype} = $webvar{special} if $webvar{msgaction} eq 's:';
|
---|
| 429 | if ($webvar{msgaction} && $webvar{alloctype} && $webvar{reciplist}) {
|
---|
[517] | 430 | $page->param(cantry => 1);
|
---|
[426] | 431 | $webvar{reciplist} =~ s/[\r\n]+/,/g;
|
---|
[438] | 432 | $webvar{msgaction} = "f:$webvar{msgaction}" if $webvar{onfail};
|
---|
[517] | 433 | $page->param(reciplist => $webvar{reciplist});
|
---|
| 434 | $page->param(dispnotice => dispNoticeCode($webvar{msgaction}.$webvar{alloctype}));
|
---|
[426] | 435 | $sth = $ip_dbh->prepare("INSERT INTO notify (action, reciplist) VALUES (?,?)");
|
---|
[423] | 436 | ##fixme: automagically merge reciplists iff action already exists
|
---|
[426] | 437 | $sth->execute($webvar{msgaction}.$webvar{alloctype}, $webvar{reciplist});
|
---|
[517] | 438 | $page->param(addfailed => $sth->errstr) if $sth->err;
|
---|
[423] | 439 | }
|
---|
| 440 |
|
---|
[424] | 441 | } elsif ($webvar{action} eq 'delnotice') {
|
---|
[517] | 442 |
|
---|
| 443 | $page->param(dispnotice => dispNoticeCode($webvar{code}.$webvar{alloctype}));
|
---|
[424] | 444 | $sth = $ip_dbh->prepare("DELETE FROM notify WHERE action=?");
|
---|
| 445 | $sth->execute($webvar{code});
|
---|
[517] | 446 | $page->param(delfailed => $sth->errstr) if $sth->err;
|
---|
[424] | 447 |
|
---|
[422] | 448 | } elsif ($webvar{action} eq 'ednotice') {
|
---|
[517] | 449 |
|
---|
| 450 | $page->param(dispnotice => dispNoticeCode($webvar{code}));
|
---|
| 451 | $page->param(code => $webvar{code});
|
---|
[422] | 452 | $sth = $ip_dbh->prepare("SELECT reciplist FROM notify WHERE action=?");
|
---|
| 453 | $sth->execute($webvar{code});
|
---|
| 454 | my ($reciplist) = $sth->fetchrow_array;
|
---|
| 455 | $reciplist =~ s/,/\n/g;
|
---|
[517] | 456 | $page->param(reciplist => $reciplist);
|
---|
| 457 |
|
---|
[422] | 458 | } elsif ($webvar{action} eq 'updnotice') {
|
---|
[517] | 459 |
|
---|
| 460 | $page->param(dispnotice => dispNoticeCode($webvar{code}));
|
---|
[422] | 461 | $sth = $ip_dbh->prepare("UPDATE notify SET reciplist=? WHERE action=?");
|
---|
| 462 | $webvar{reciplist} =~ s/[\r\n]+/,/g;
|
---|
| 463 | $sth->execute($webvar{reciplist}, $webvar{code});
|
---|
[517] | 464 | $page->param(updfailed => $sth->errstr) if $sth->err;
|
---|
| 465 |
|
---|
[256] | 466 | } elsif ($webvar{action} ne '<NULL>') {
|
---|
[517] | 467 | $page->param(dunno => $webvar{action});
|
---|
[54] | 468 | }
|
---|
| 469 |
|
---|
[643] | 470 | ERRJUMP:
|
---|
[517] | 471 | print $page->output;
|
---|
[54] | 472 |
|
---|
[517] | 473 | ##fixme: make me a footer param!
|
---|
[643] | 474 | print qq(<hr><div><a href="$IPDB::webpath/">Back</a> to the main IPDB</div>\n);
|
---|
[54] | 475 |
|
---|
[517] | 476 | # We print the footer here, so we don't have to do it elsewhere.
|
---|
| 477 | my $footer = HTML::Template->new(filename => "footer.tmpl");
|
---|
| 478 | # we're already in the admin tools, no need to provide a bottom link. maybe.
|
---|
| 479 | #$footer->param(adminlink => ($IPDBacl{$authuser} =~ /A/));
|
---|
[54] | 480 |
|
---|
[517] | 481 | print $footer->output;
|
---|
| 482 |
|
---|
[708] | 483 | $sth->finish if $sth;
|
---|
[54] | 484 | $ip_dbh->disconnect;
|
---|
| 485 |
|
---|
| 486 | exit;
|
---|
| 487 |
|
---|
| 488 |
|
---|
[517] | 489 | # Hokay. This is a little different. We have a few specific functions here:
|
---|
| 490 | # -> Assign arbitrary subnet from arbitrary free space
|
---|
| 491 | # -> Tweak individual DB fields
|
---|
| 492 | #
|
---|
| 493 |
|
---|
| 494 |
|
---|
[54] | 495 | # Tweak allocfrom into shape.
|
---|
| 496 | sub fix_allocfrom {
|
---|
| 497 | if ($webvar{allocfrom} =~ /^(\d+\.){2}\d+$/) {
|
---|
| 498 | # 3-octet class C specified
|
---|
| 499 | $webvar{allocfrom} .= ".0/24";
|
---|
| 500 | } elsif ($webvar{allocfrom} =~ /^(\d+\.){3}\d+$/) {
|
---|
| 501 | # 4-octet IP specified;
|
---|
| 502 | $webvar{allocfrom} .= "/24";
|
---|
| 503 | }
|
---|
| 504 | }
|
---|
| 505 |
|
---|
| 506 |
|
---|
[517] | 507 | # Show allocations to allow editing.
|
---|
| 508 | sub showAllocs {
|
---|
[58] | 509 |
|
---|
[517] | 510 | my $within = new NetAddr::IP $_[0];
|
---|
| 511 | $page->param(within => $within);
|
---|
[58] | 512 |
|
---|
[647] | 513 |
|
---|
| 514 | $sth = $ip_dbh->prepare("SELECT id,vrf,cidr,custid,type,city,description FROM allocations".
|
---|
| 515 | " WHERE cidr <<= ? ORDER BY vrf,cidr");
|
---|
| 516 | $sth->execute($within);
|
---|
[517] | 517 | my @blocklist;
|
---|
[647] | 518 | while (my ($id,$vrf,$cidr,$custid,$type,$city,$desc) = $sth->fetchrow_array) {
|
---|
[517] | 519 | my %row = (
|
---|
[647] | 520 | id => $id,
|
---|
[517] | 521 | cidr => $cidr,
|
---|
| 522 | custid => $custid,
|
---|
| 523 | city => $city,
|
---|
| 524 | desc => $desc,
|
---|
| 525 | );
|
---|
[54] | 526 |
|
---|
[517] | 527 | ##fixme: don't wanna retrieve the whole type list *every time around the outer loop*
|
---|
[647] | 528 | my $sth2 = $ip_dbh->prepare("SELECT type,listname FROM alloctypes".
|
---|
| 529 | " WHERE listorder < 999 AND NOT (type LIKE '_i') ORDER BY listorder");
|
---|
[348] | 530 | $sth2->execute;
|
---|
[517] | 531 | my @typelist;
|
---|
| 532 | while (my ($listtype,$dispname) = $sth2->fetchrow_array) {
|
---|
| 533 | my %subrow = (
|
---|
| 534 | type => $listtype,
|
---|
| 535 | dispname => $dispname,
|
---|
| 536 | selected => ($listtype eq $type)
|
---|
| 537 | );
|
---|
| 538 | push @typelist, \%subrow;
|
---|
[348] | 539 | }
|
---|
[517] | 540 | $row{typelist} = \@typelist;
|
---|
| 541 | push @blocklist, \%row;
|
---|
[54] | 542 | }
|
---|
[517] | 543 | $page->param(blocklist => \@blocklist);
|
---|
| 544 | } # end showAllocs()
|
---|
[54] | 545 |
|
---|
| 546 |
|
---|
| 547 | # Stuff updates into DB
|
---|
| 548 | sub update {
|
---|
[647] | 549 | my $cidr = $ip_dbh->selectrow_array("SELECT cidr FROM allocations WHERE id=?", undef, ($webvar{block}) );
|
---|
| 550 |
|
---|
[517] | 551 | # Relatively simple SQL transaction here. Note that we're deliberately NOT
|
---|
| 552 | # updating notes/desc here as it's available through the main interface.
|
---|
[647] | 553 | $ip_dbh->do("UPDATE allocations SET custid=?, city=?, type=? WHERE id=?", undef,
|
---|
| 554 | ($webvar{custid}, $webvar{city}, $webvar{alloctype}, $webvar{block}) );
|
---|
[517] | 555 |
|
---|
[647] | 556 | $page->param(block => $cidr);
|
---|
| 557 | if ($ip_dbh->err) {
|
---|
| 558 | $page->param(updfailed => $ip_dbh->errstr);
|
---|
| 559 | syslog "err", "$authuser could not update block '$cidr': '".$ip_dbh->errstr."'";
|
---|
[54] | 560 | } else {
|
---|
[647] | 561 | syslog "notice", "$authuser updated $cidr";
|
---|
[54] | 562 | }
|
---|
| 563 | # need to get /24 that block is part of
|
---|
[647] | 564 | my @bits = split /\./, $cidr;
|
---|
[54] | 565 | $bits[3] = "0/24";
|
---|
| 566 | showAllocs((join ".", @bits));
|
---|
[517] | 567 | } # end update()
|
---|
[65] | 568 |
|
---|
| 569 |
|
---|
| 570 | # showPool()
|
---|
| 571 | # List all IPs in a pool, and allow arbitrary admin changes to each
|
---|
| 572 | # Allow changes to ALL fields
|
---|
[548] | 573 | sub showPool {
|
---|
[647] | 574 | my $pool = shift;
|
---|
[348] | 575 |
|
---|
[647] | 576 | # arguably even presenting a list here is Wrong, because Pool IPs Should Alwasy Match The Pool Type, but...
|
---|
| 577 | # could also set "selected" on the "correct" type
|
---|
| 578 | my $tlist = getTypeList($ip_dbh, 'i');
|
---|
| 579 | $page->param(typelist => $tlist);
|
---|
[348] | 580 |
|
---|
[647] | 581 | $sth = $ip_dbh->prepare("SELECT id,ip,custid,city,type,available,description,notes from poolips".
|
---|
| 582 | " WHERE parent_id=? ORDER BY ip");
|
---|
[548] | 583 | $sth->execute($pool);
|
---|
[517] | 584 | my @iplist;
|
---|
[647] | 585 | while (my ($id,$ip,$custid,$city,$type,$avail,$desc,$notes) = $sth->fetchrow_array) {
|
---|
[517] | 586 | my %row = (
|
---|
[647] | 587 | id => $id,
|
---|
[517] | 588 | ip => $ip,
|
---|
| 589 | custid => $custid,
|
---|
| 590 | city => $city,
|
---|
| 591 | type => $type,
|
---|
| 592 | avail => $avail,
|
---|
| 593 | desc => $desc,
|
---|
| 594 | notes => $notes
|
---|
| 595 | );
|
---|
| 596 | push @iplist, \%row;
|
---|
[65] | 597 | }
|
---|
[517] | 598 | $page->param(iplist => \@iplist);
|
---|
| 599 | } # end showPool()
|
---|
[422] | 600 |
|
---|
| 601 |
|
---|
| 602 | # interpret the notify codes
|
---|
| 603 | sub dispNoticeCode {
|
---|
| 604 | my $code = shift;
|
---|
| 605 | my $action_out = '';
|
---|
[426] | 606 |
|
---|
| 607 | if ($code =~ /^s:/) {
|
---|
| 608 | $code =~ s/^s:/Special: /;
|
---|
| 609 | return $code;
|
---|
| 610 | }
|
---|
[422] | 611 | if ($code =~ /^f:(.+)$/) {
|
---|
| 612 | $code =~ s/^f://;
|
---|
| 613 | $action_out = "Failure on ";
|
---|
| 614 | }
|
---|
| 615 | if (my $target = $code =~ /^n(.+)/) {
|
---|
| 616 | $action_out .= "New ";
|
---|
| 617 | if ($1 eq 'ci') { $action_out .= "city"; }
|
---|
| 618 | elsif ($1 eq 'no') { $action_out .= "node"; }
|
---|
| 619 | else { $action_out .= '<unknown>'; }
|
---|
| 620 | } else {
|
---|
| 621 | my ($action,$target) = ($code =~ /^(.)(.+)$/);
|
---|
| 622 | if ($action eq 'a') { $action_out .= 'Add '; }
|
---|
| 623 | elsif ($action eq 'u') { $action_out .= 'Update '; }
|
---|
| 624 | elsif ($action eq 'd') { $action_out .= 'Delete '; }
|
---|
| 625 | ##fixme: what if we get something funky?
|
---|
[423] | 626 | # What about the eleventy-billion odd combinations possible?
|
---|
| 627 | # this should give an idea of the structure tho
|
---|
[422] | 628 | if ($target eq 'a') { $action_out .= "all"; }
|
---|
[438] | 629 | elsif ($target eq '.i') {
|
---|
[423] | 630 | $action_out .= "all static IPs";
|
---|
| 631 | }
|
---|
[422] | 632 | else { $action_out .= $disp_alloctypes{$target}; }
|
---|
| 633 | }
|
---|
| 634 | return $action_out;
|
---|
| 635 | }
|
---|