Index: branches/dns/cgi-bin/admin.cgi =================================================================== --- branches/dns/cgi-bin/admin.cgi (revision 216) +++ branches/dns/cgi-bin/admin.cgi (revision 262) @@ -33,12 +33,4 @@ } -if ($authuser !~ /^(kdeugau|jodyh|jipp)$/) { - print "Content-Type: text/html\n\n". - "Access denied\n". - 'Access to this tool is restricted. Contact Kris '. - "for more information.\n"; - exit; -} - syslog "debug", "$authuser active"; @@ -53,4 +45,12 @@ } initIPDBGlobals($ip_dbh); + +if ($IPDBacl{$authuser} !~ /A/) { + print "Content-Type: text/html\n\n". + "Access denied\n". + 'Access to this tool is restricted. Contact Kris '. + "for more information.\n"; + exit; +} my %webvar = parse_post(); @@ -90,4 +90,6 @@
List IP Pools for manual tweaking and updates +
Manage users (add/remove users; change +internal access controls - note that this does NOT include IP-based limits) ); } else { @@ -123,4 +125,11 @@ printAndExit("Can't allocate from outside a free block!!\n") if !$data[0]; + } elsif ($webvar{alloctype} =~ /^(.)i$/) { + $sth = $ip_dbh->prepare("select cidr from allocations where cidr >>='$cidr' and (type like '_d' or type like '_p')"); + $sth->execute; + @data = $sth->fetchrow_array; +# User deserves errors if user can't be bothered to find the pool and a free IP first. + printAndExit("Can't allocate static IP from outside a pool!!\n") + if !$data[0]; } else { $sth = $ip_dbh->prepare("select cidr from freeblocks where cidr >>='$cidr' and not (routed='n')"); @@ -202,5 +211,5 @@ print "Allocation failed! IPDB::allocateBlock said:\n$msg\n"; syslog "err", "($authuser) Allocation of '$webvar{cidr}' to '$webvar{custid}' as ". - "'$webvar{type}' failed: '$msg'"; + "'$webvar{alloctype}' failed: '$msg'"; } } # done city check @@ -267,7 +276,77 @@ syslog "notice", "$authuser updated pool IP $webvar{ip}"; } -# showPool("$data[0]"); -#} else { -# print "webvar{action} check failed: $webvar{action}"; +} elsif ($webvar{action} eq 'showusers') { + print "Notes:
\n". + "
  • Admin users automatically get all other priviledges.\n". + "
    Add new user:
    \n". + "Username:
    \n". + "Password: Password is pre-encrypted (MUST be crypt() encrypted)
    \n". + "
    \n"; + + print "
    Users with access:\n\n"; + print "". + "\n". + "\n"; + $sth = $ip_dbh->prepare("select username,acl from users order by username"); + $sth->execute; + while (my @data = $sth->fetchrow_array) { + print "". + qq(\n). + "\n); + + } + print "
    UsernameAdd newChangeDeleteAdmin user
    $data[0]). + # Now for the fun bit. We have to pull apart the ACL field and + # output a bunch of checkboxes. + "
    ". + "". + qq(
    \n"; +} elsif ($webvar{action} eq 'updacl') { + print "Updating ACL for $webvar{username}:
    \n"; + my $acl = 'b'; + if ($webvar{admin} eq 'on') { + $acl .= "acdA"; + } else { + $acl .= ($webvar{add} eq 'on' ? 'a' : ''). + ($webvar{change} eq 'on' ? 'c' : ''). + ($webvar{del} eq 'on' ? 'd' : ''); + } + print "New ACL: $acl
    \n"; + + $sth = $ip_dbh->prepare("update users set acl='$acl' where username='$webvar{username}'"); + $sth->execute; + print "OK\n" if !$sth->err; + + print qq(
    Back to user listing\n); + +} elsif ($webvar{action} eq 'newuser') { + print "Adding user $webvar{username}...\n"; + my $cr_pass = ($webvar{preenc} ? $webvar{password} : + crypt $webvar{password}, join('',('.','/',0..9,'A'..'Z','a'..'z')[rand 64, rand 64])); + $sth = $ip_dbh->prepare("insert into users (username,password,acl) values ". + "('$webvar{username}','$cr_pass','b')"); + $sth->execute; + if ($sth->err) { + print "
    Error adding user: ".$sth->errstr; + } else { + print "OK\n"; + } + + print qq(
    Back to user listing\n); + +} elsif ($webvar{action} eq 'deluser') { + print "Deleting user $webvar{username}.
    \n"; + $sth = $ip_dbh->prepare("delete from users where username='$webvar{username}'"); + $sth->execute; + print "OK\n" if !$sth->err; + + print qq(
    Back to user listing\n); + +} elsif ($webvar{action} ne '') { + print "webvar{action} check failed: Don't know how to $webvar{action}"; }