Ignore:
Timestamp:
04/19/05 15:42:43 (20 years ago)
Author:
Kris Deugau
Message:

/branches/stable

Merge ACL support from /branches/acl up to r241

File:
1 edited

Legend:

Unmodified
Added
Removed

  • branches/stable/cgi-bin/admin.cgi

    r204 r242  
    3434}
    3535
    36 if ($authuser !~ /^(kdeugau|jodyh|jipp)$/) {
    37   print "Content-Type: text/html\n\n".
    38         "<html><head><title>Access denied</title></head><body>\n".
    39         'Access to this tool is restricted.  Contact <a href="mailto:kdeugau@vianet.ca">Kris</a> '.
    40         "for more information.</body></html>\n";
    41   exit;
    42 }
    43 
    4436syslog "debug", "$authuser active";
    4537
     
    5547initIPDBGlobals($ip_dbh);
    5648
     49if ($IPDBacl{$authuser} !~ /A/) {
     50  print "Content-Type: text/html\n\n".
     51        "<html><head><title>Access denied</title></head><body>\n".
     52        'Access to this tool is restricted.  Contact <a href="mailto:kdeugau@vianet.ca">Kris</a> '.
     53        "for more information.</body></html>\n";
     54  exit;
     55}
     56
    5757my %webvar = parse_post();
    5858cleanInput(\%webvar);
    5959
    6060print "Content-type: text/html\n\n".
    61         "<html>\n<head>\n\t<title>TEST [IPDB admin tools] TEST</title>\n".
     61        "<html>\n<head>\n\t<title>[IPDB admin tools]</title>\n".
    6262        qq(\t<link rel="stylesheet" type="text/css" href="/ip/ipdb.css">\n).
    6363        "</head>\n<body>\n".
     
    9191</form>
    9292<hr><a href="admin.cgi?action=showpools">List IP Pools</a> for manual tweaking and updates
     93<hr><a href="admin.cgi?action=showACL">Change ACLs</a> (change internal access controls -
     94note that this does NOT include IP-based limits)
    9395);
    9496} else {
     
    283285    syslog "notice", "$authuser updated pool IP $webvar{ip}";
    284286  }
    285 #  showPool("$data[0]");
    286 #} else {
    287 #  print "webvar{action} check failed: $webvar{action}";
     287} elsif ($webvar{action} eq 'showACL') {
     288  print "Notes:<br>\n".
     289        "<li>Users must be added to .htpasswd from the shell, for the time being.\n".
     290        "<li>New accounts will be added to the ACL here every time this page is loaded.\n".
     291        "<li>Old accounts will NOT be automatically deleted;  they must be removed via shell.\n".
     292        "<li>Admin users automatically get all other priviledges.\n";
     293# open .htpasswd, and snag the userlist.
     294  $sth = $ip_dbh->prepare("select count (*) from users where username=?");
     295  open HTPASS, "<../../.htpasswd" or carp "BOO! No .htpasswd file!";
     296  while (<HTPASS>) {
     297    chomp;
     298    my ($username,$encpwd) = split /:/;
     299    $sth->execute($username);
     300    my @data = $sth->fetchrow_array;
     301    if ($data[0] eq '0') {
     302      my $sth2 = $ip_dbh->prepare("insert into users (username,password) values ('$username','$encpwd')");
     303      $sth2->execute;
     304      print "$username added with read-only privs to ACL<br>\n";
     305    }
     306  }
     307
     308  print "<hr>Users with access:\n<table border=1>\n";
     309  print "<tr><td>Username</td><td>Add new</td><td>Change</td>".
     310        "<td>Delete</td><td>Admin user</td></tr>\n".
     311        "<form action=admin.cgi method=POST>\n";
     312  $sth = $ip_dbh->prepare("select username,acl from users order by username");
     313  $sth->execute;
     314  while (my @data = $sth->fetchrow_array) {
     315    print "<form action=admin.cgi method=POST><input type=hidden name=action value=updacl>".
     316        qq(<tr><td>$data[0]<input type=hidden name=username value="$data[0]"></td><td>).
     317    # Now for the fun bit.  We have to pull apart the ACL field and
     318    # output a bunch of checkboxes.
     319        "<input type=checkbox name=add".($data[1] =~ /a/ ? ' checked=y' : '').
     320        "></td><td><input type=checkbox name=change".($data[1] =~ /c/ ? ' checked=y' : '').
     321        "></td><td><input type=checkbox name=del".($data[1] =~ /d/ ? ' checked=y' : '').
     322        "></td><td><input type=checkbox name=admin".($data[1] =~ /A/ ? ' checked=y' : '').
     323        qq(></td><td><input type=submit value="Update"></td></tr></form>\n);
     324
     325  }
     326  print "</table>\n";
     327} elsif ($webvar{action} eq 'updacl') {
     328  print "Updating ACL for $webvar{username}:<br>\n";
     329  my $acl = 'b';
     330  if ($webvar{admin} eq 'on') {
     331    $acl .= "acdA";
     332  } else {
     333    $acl .= ($webvar{add} eq 'on' ? 'a' : '').
     334        ($webvar{change} eq 'on' ? 'c' : '').
     335        ($webvar{del} eq 'on' ? 'd' : '');
     336  }
     337  print "New ACL: $acl<br>\n";
     338
     339  $sth = $ip_dbh->prepare("update users set acl='$acl' where username='$webvar{username}'");
     340  $sth->execute;
     341  print "OK\n" if !$sth->err;
     342
     343  print qq(<hr><a href="admin.cgi?action=showACL">Back</a> to ACL listing\n);
     344
     345} elsif ($webvar{action} ne '<NULL>') {
     346  print "webvar{action} check failed: Don't know how to $webvar{action}";
    288347}
    289348
Note: See TracChangeset for help on using the changeset viewer.