smeserver-manager/root/usr/share/smanager/lib/SrvMngr/Controller/Pseudonyms.pm

407 lines
9.9 KiB
Perl
Raw Permalink Normal View History

package SrvMngr::Controller::Pseudonyms;
#----------------------------------------------------------------------
# heading : User management
# description : Pseudonyms
# navigation : 2000 210
#----------------------------------------------------------------------
#
# routes : end
#----------------------------------------------------------------------
use strict;
use warnings;
use Mojo::Base 'Mojolicious::Controller';
use Locale::gettext;
use SrvMngr::I18N;
use SrvMngr qw(theme_list init_session);
#use Data::Dumper;
#use esmith::FormMagick::Panel::pseudonyms;
use esmith::AccountsDB;
#use URI::Escape;
our $cdb = esmith::ConfigDB->open || die "Couldn't open configuration db";
our $adb = esmith::AccountsDB->open || die "Couldn't open accounts db";
sub main {
my $c = shift;
$c->app->log->info($c->log_req);
my %pse_datas = ();
my $title = $c->l('pse_FORM_TITLE');
my $notif = '';
$pse_datas{trt} = 'LST';
my @pseudonyms;
if ($adb)
{
@pseudonyms = $adb->pseudonyms();
}
$c->stash( title => $title, notif => $notif, pse_datas => \%pse_datas, pseudonyms => \@pseudonyms );
$c->render(template => 'pseudonyms');
};
sub do_display {
my $c = shift;
$c->app->log->info($c->log_req);
my $rt = $c->current_route;
my $trt = ($c->param('trt') || 'LST');
my $pseudonym = $c->param('pseudonym') || '';
my $title = $c->l('pse_FORM_TITLE');
my %pse_datas = ();
$pse_datas{'trt'} = $trt;
if ( $trt eq 'ADD' ) {
#nothing
}
if ( $trt eq 'UPD' ) {
my $rec = $adb->get($pseudonym);
if ($rec and $rec->prop('type') eq 'pseudonym') {
$pse_datas{pseudonym} = $pseudonym;
$pse_datas{account} = $rec->prop('Account') || '';
$pse_datas{internal} = is_pseudonym_internal($pseudonym);
}
}
if ( $trt eq 'DEL' ) {
my $rec = $adb->get($pseudonym);
if ($rec and $rec->prop('type') eq 'pseudonym') {
$pse_datas{pseudonym} = $pseudonym;
$pse_datas{account} = $rec->prop('Account') || '';
$pse_datas{internal} = is_pseudonym_internal($pseudonym);
}
}
if ( $trt eq 'LST' ) {
my @pseudonyms;
if ($adb) {
@pseudonyms = $adb->pseudonyms();
}
$c->stash( pseudonyms => \@pseudonyms );
}
$c->stash( title => $title, pse_datas => \%pse_datas );
$c->render( template => 'pseudonyms' );
};
sub do_update {
my $c = shift;
$c->app->log->info($c->log_req);
my $rt = $c->current_route;
my $trt = ($c->param('trt') || 'LST');
my $title = $c->l('pse_FORM_TITLE');
my %pse_datas = ();
$pse_datas{'trt'} = $trt;
my ($res, $result) = '';
#my $pseudonym = uri_unescape($c->param('Pseudonym'));
my $pseudonym = $c->param('Pseudonym');
$pse_datas{'pseudonym'} = $pseudonym;
if ( $trt eq 'ADD' ) {
my $account = $c->param('Account');
# controls
$res = $c->validate_new_pseudonym_name( $pseudonym, $account );
$result .= $res unless $res eq 'OK';
#$result .= ' blocked';
$res = '';
if ( ! $result ) {
$adb->new_record( $pseudonym, { type => 'pseudonym',
Account => $account} )
or $result .= "Error occurred while creating pseudonym in database.";
# Untaint $pseudonym before use in system()
($pseudonym) = ($pseudonym =~ /(.+)/);
system( "/sbin/e-smith/signal-event", "pseudonym-create", "$pseudonym",)
== 0 or $result .= 'pse_CREATE_ERROR.';
}
if ( ! $result ) {
$res = 'OK';
$result = $c->l('pse_CREATE_SUCCEEDED') . ' ' . $pseudonym;
}
}
if ( $trt eq 'UPD' ) {
my $account = $c->param('Account');
my $internal = $c->param ('Internal') || 'NO';
my $removable = $adb->get($pseudonym)->prop('Removable') || 'yes';
my %props = ('Account' => $account);
if ($removable eq 'yes') {
if ($internal eq "YES") { $props{'Visible'} = 'internal'; }
else { $adb->get($pseudonym)->delete_prop('Visible'); }
}
# controls
#$res = '';
#$res = validate_description( $c, $account );
#$result .= $res unless $res eq 'OK';
#$result .= 'blocked';
$res = '';
if ( ! $result ) {
$adb->get($pseudonym)->merge_props(%props)
or $result .= "Error occurred while modifying pseudonym in database.";
# Untaint $pseudonym before use in system()
($pseudonym) = ($pseudonym =~ /(.+)/);
system( "/sbin/e-smith/signal-event", "pseudonym-modify", "$pseudonym",)
== 0 or $result .= "Error occurred while modifying pseudonym.";
}
if ( ! $result ) {
$res = 'OK';
$result = $c->l('pse_MODIFY_SUCCEEDED') . ' ' . $pseudonym;
}
}
if ( $trt eq 'DEL' ) {
# controls
$res = '';
$res = validate_is_pseudonym($c, $pseudonym);
$result .= $res unless $res eq 'OK';
#$result .= 'blocked';
$res = '';
if ( ! $result ) {
$res = $c->delete_pseudonym( $pseudonym );
$result .= $res unless $res eq 'OK';
if ( ! $result ) {
$res = 'OK';
$result = $c->l('pse_REMOVE_SUCCEEDED') . ' ' . $pseudonym;
}
}
}
# common parts
if ( $res ne 'OK' ) {
$c->stash( error => $result);
$c->stash( title => $title, pse_datas => \%pse_datas );
return $c->render('pseudonyms');
}
my $message = "'Pseudonyms' updates $trt DONE";
$c->app->log->info($message);
$c->flash( success => $result );
$c->redirect_to('/pseudonyms');
};
sub delete_pseudonym {
my ($c, $pseudonym) = @_;
my $msg = '';
#------------------------------------------------------------
# Make the pseudonym inactive, signal pseudonym-delete event
# and then delete it
#------------------------------------------------------------
my @pseudonyms = $adb->pseudonyms();
foreach my $p_rec (@pseudonyms) {
if ($p_rec->prop("Account") eq $pseudonym) {
$adb->get($p_rec->key)->set_prop('type','pseudonym-deleted')
or $msg .= "Error occurred while changing pseudonym type.";
}
}
$adb->get($pseudonym)->set_prop('type','pseudonym-deleted')
or $msg .= "Error occurred while changing pseudonym type.";
# Untaint $pseudonym before use in system()
($pseudonym) = ($pseudonym =~ /(.+)/);
system( "/sbin/e-smith/signal-event", "pseudonym-delete", "$pseudonym") == 0
or $msg .= "Error occurred while removing pseudonym.";
#TODO: is it ->delete or get()->delete
foreach my $p_rec (@pseudonyms) {
if ($p_rec->prop("Account") eq $pseudonym) {
$adb->get($p_rec->key)->delete()
or $msg .= "Error occurred while deleting pseudonym from database.";
}
}
$adb->get($pseudonym)->delete()
or $msg .= "Error occurred while deleting pseudonym from database.";
return $msg unless $msg;
return 'OK';
}
sub existing_accounts_list {
my $c = shift;
my @existingAccounts = ( ['Administrator' => 'admin']);
foreach my $a ($adb->get_all) {
if ($a->prop('type') =~ /(user|group)/) {
push @existingAccounts, [ $a->key => $a->key ];
}
if ($a->prop('type') eq "pseudonym") {
my $target = $adb->get($a->prop('Account'));
unless ($target)
{
warn "WARNING: pseudonym (" . $a->key . ") => missing Account("
. $a->prop('Account') . ")\n";
next;
}
push @existingAccounts, [ $a->key, $a->key ]
unless ($target->prop('type') eq "pseudonym");
}
}
return(\@existingAccounts);
}
=head2 get_pseudonym_account
Returns the current Account property for this pseudonym
=cut
sub get_pseudonym_account {
my $c = shift;
my $pseudonym = shift;
my $a = $adb->get($pseudonym)->prop('Account');
if ($a eq "admin") {
$a = "Administrator";
} elsif ($a eq "shared") {
$a = $c->l("EVERYONE");
}
return($a);
}
=head2 is_pseudonym_not_removable
Returns 1 if the current Account is not removable, 0 otherwise
=cut
sub is_pseudonym_not_removable {
my $c = shift;
my $pseudonym = shift;
my $removable = $adb->get($pseudonym)->prop('Removable') || 'yes';
return 1 if ($removable eq 'yes');
return 0;
}
=head2 is_pseudonym_internal
Returns YES if the current Account property Visible is 'internal'
=cut
sub is_pseudonym_internal {
# my $c = shift;
my $pseudonym = shift;
my $visible = $adb->get($pseudonym)->prop('Visible') || '';
return 'YES' if ($visible eq 'internal');
return 'NO';
}
=head2 validate_new_pseudonym_name FM PSEUDONYM
Returns "OK" if the pseudonym starts with a letter or number and
contains only letters, numbers, . - and _ and isn't taken
Returns "VALID_PSEUDONYM_NAMES" if the name contains invalid chars
Returns "NAME_IN_USE" if this pseudonym is taken.
=cut
sub validate_new_pseudonym_name {
my ($c, $pseudonym, $account) = @_;
my $acct = $adb->get($pseudonym);
if (defined $acct) {
return($c->l('pse_NAME_IN_USE'));
} elsif ($pseudonym =~ /@/) {
use esmith::DomainsDB;
my $ddb = esmith::DomainsDB->open_ro
or die "Couldn't open DomainsDB\n";
my ($lhs, $rhs) = split /@/, $pseudonym;
return ($c->l('pse_PSEUDONYM_INVALID_DOMAIN')) unless ($ddb->get($rhs));
return ($c->l('pse_PSEUDONYM_INVALID_SAMEACCT')) if ($lhs eq $account);
return ('OK'); # p:' . $pseudonym . ' a:' . $account);
} elsif ( $pseudonym !~ /^([a-z0-9][a-z0-9\.\-_!#\?~\$\^\+&`%\/\*]*)$/ ) {
return($c->l('pse_VALID_PSEUDONYM_NAMES'));
} else {
return('OK');
}
}
=head2 validate_is_pseudonym FM NAME
returns "OK" if it is.
returns "NOT_A_PSEUDONYM" if the name in question isn't an existing pseudonym
=cut
sub validate_is_pseudonym {
my $c = shift;
my $pseudonym = shift;
$pseudonym = $adb->get($pseudonym);
return($c->l('pse_NOT_A_PSEUDONYM')) unless $pseudonym;
my $type = $pseudonym->prop('type');
unless (defined $type && ($type eq 'pseudonym') ) {
return($c->l('NOT_A_PSEUDONYM'));
}
return ('OK');
}
1;