initial commit of file from CVS for smeserver-manager on Fri Mar 22 14:54:28 AEDT 2024

This commit is contained in:
Trevor Batley
2024-03-22 14:54:28 +11:00
parent eed507434f
commit db139626ba
242 changed files with 25308 additions and 2 deletions

File diff suppressed because it is too large Load Diff

View File

@@ -0,0 +1,175 @@
package SrvMngr::Controller::Bugreport;
#----------------------------------------------------------------------
# heading : Investigation
# description : Report a bug
# navigation : 7000 500
# routes : end
#------------------------------
use strict;
use warnings;
use Mojo::Base 'Mojolicious::Controller';
use Locale::gettext;
use SrvMngr::I18N;
use SrvMngr qw(theme_list init_session);
use Text::Template;
use File::Basename;
use esmith::FormMagick qw( gen_locale_date_string );
our $cdb = esmith::ConfigDB->open or die "Couldn't open ConfigDB\n";
# Get some basic info on the current SME install
our $sysconfig = $cdb->get('sysconfig');
our $systemmode = $cdb->get('SystemMode')->value;
our $previoussystemmode = $sysconfig->prop('PreviousSystemMode');
our $releaseversion = $sysconfig->prop('ReleaseVersion');
# Prepare some filehandles for templates and reports
our $templatefile = '/tmp/bugreport_template.txt';
our $configreportfile = '/tmp/configreport.txt';
sub main {
my $c = shift;
$c->app->log->info($c->log_req);
my %bugr_datas = ();
my $title = $c->l('bugr_FORM_TITLE');
my $modul = $c->render_to_string( inline => $c->l('bugr_DESCRIPTION'));
$bugr_datas{'trt'} = 'SHOW';
$c->stash(title => $title, modul => $modul, bugr_datas => \%bugr_datas);
$c->render(template => 'bugreport');
};
sub do_report {
my $c = shift;
$c->app->log->info($c->log_req);
my $title = $c->l('bugr_FORM_TITLE');
my $trt = $c->param('trt') || 'SHOW';
my %bugr_datas = ();
$bugr_datas{'trt'} = $trt;
if ( $trt eq 'SHOW' ) {
create_configuration_report();
my $out = $c->render_to_string(inline => show_config_report());
$bugr_datas{'trt'} = 'DOWN';
$c->stash(title => $title, modul => $out, bugr_datas => \%bugr_datas);
$c->render(template => 'bugreport2');
}
if ( $trt eq 'DOWN' ) {
my $modul = 'Bug report download';
# $c->render_file(
# 'filepath' => "$configreportfile",
# 'format' => 'x-download',
# 'content_disposition' => 'attachment',
# 'cleanup' => 1,
# );
# the following in this sub will not be used !!!
# $bugr_datas{'trt'} = 'DOWN';
# $c->stash(title => $title, modul => $modul, bugr_datas => \%bugr_datas);
# $c->render(template => 'bugreport');
}
};
sub create_configuration_report {
my $c = shift;
# TBD: possibly check $q for a boolean value eg. from a checkbox
# indicating the user has read privacy warning etc.
# create the reporting template
my $configreport_template = Text::Template->new(TYPE => 'FILE', SOURCE => '/etc/e-smith/web/common/configuration_report.tmpl', UNTAINT => 1);
my $report_creation_time = gen_locale_date_string;
# curent kernel
my $curkernel = `uname -r`;
# get additional RPMs
my @newrpms = `/sbin/e-smith/audittools/newrpms`;
# get additional Repositories
my @repositories = `/sbin/e-smith/audittools/repositories`;
#print @repositories;
# get templates
my @templates = `/sbin/e-smith/audittools/templates`;
# get events
my @events = `/sbin/e-smith/audittools/events`;
# set template variables
my %vars = (report_creation_time => \$report_creation_time,
releaseversion => \$releaseversion,
curkernel => \$curkernel,
systemmode => \$systemmode,
previoussystemmode => \$previoussystemmode,
newrpms => \@newrpms,
templates => \@templates,
events => \@events,
repositories => \@repositories,
);
# prcess template
my $result = $configreport_template->fill_in(HASH => \%vars);
# write processed template to file
open (my $cfgrep, '>', $configreportfile) or die "Could not create temporary file for config report!";
print $cfgrep $result;
close $cfgrep;
}
sub show_config_report {
my $c = shift;
my $out = '';
$out .= sprintf "<PRE>";
open (my $cfgrep, '<', $configreportfile) or die "Could not find temporary config report file!";
while (<$cfgrep>) {
$out .= sprintf("%s", $_);
}
$out .= sprintf "</PRE>";
return $out;
}
sub download_config_report {
my $c = shift;
$c->render_file(
'filepath' => "$configreportfile",
'format' => 'x-download',
'content_disposition' => 'attachment',
'cleanup' => 1,
);
}
1;

View File

@@ -0,0 +1,113 @@
package SrvMngr::Controller::Clamav;
#----------------------------------------------------------------------
# heading : System
# description : Antivirus (ClamAV)
# navigation : 4000 600
#
# routes : end
#------------------------------
use strict;
use warnings;
use Mojo::Base 'Mojolicious::Controller';
use Locale::gettext;
use SrvMngr::I18N;
use SrvMngr qw(theme_list init_session);
#package esmith::FormMagick::Panel::clamav;
our $db = esmith::ConfigDB->open() || die "Couldn't open config db";
sub main {
my $c = shift;
$c->app->log->info($c->log_req);
my %clm_datas = ();
my $title = $c->l('clm_FORM_TITLE');
my $modul = $c->render_to_string(inline => $c->l('clm_DESC_FILESYSTEM_SCAN_PERIOD'));
$clm_datas{'FilesystemScan'} = ($db->get_prop('clamav','FilesystemScan')) || 'disabled';
$clm_datas{'Quarantine'} = ($db->get_prop('clamav','Quarantine')) || 'disabled';
$clm_datas{'clam_versions'} = get_clam_versions();
$c->stash( title => $title, modul => $modul, clm_datas => \%clm_datas );
$c->render(template => 'clamav');
};
sub do_update {
my $c = shift;
$c->app->log->info($c->log_req);
my $http_clamav_status = $c->param('http_clamav_status') || 'disabled';
my $smtp_clamav_status = $c->param('smtp_clamav_status') || '';
my $result = "";
$c->change_settings();
# Update the system
system("/sbin/e-smith/signal-event clamav-update") == 0
or $result = $c->l('clm_ERROR_UPDATING_CONFIGURATION');
if ( ! $result ) {
$result = $c->l('clm_SUCCESS') ;
$c->flash( success => $result );
} else {
$c->flash( error => $result );
}
$c->redirect_to('/clamav');
};
sub change_settings {
my $c = shift;
my $status = $c->param('status');
my $FilesystemScan = ( $c->param('FilesystemScan') || 'disabled' );
my $Quarantine = ( $c->param('Quarantine') || 'disabled' );
my $DatabaseMirror = ( $c->param('DatabaseMirror') || 'db.us.clamav.net' );
my $UpdateOfficeHrs = ( $c->param('UpdateOfficeHrs') || 'disabled' );
my $UpdateNonOfficeHrs = ( $c->param('UpdateNonOfficeHrs') || 'disabled' );
my $UpdateWeekend = ( $c->param('UpdateWeekend') || 'disabled' );
my $HTTPProxyServer = ( $c->param('HTTPProxyServer') || '' );
my $HTTPProxyPort = ( $c->param('HTTPProxyPort') || '' );
my $HTTPProxyUsername = ( $c->param('HTTPProxyUsername') || '' );
my $HTTPProxyPassword = ( $c->param('HTTPProxyPassword') || '' );
my $clamav = $db->get('clamav') || $db->new_record('clamav', {type=>'service'});
$status ||= $clamav->prop('status');
$clamav->merge_props(
status => $status,
FilesystemScan => $FilesystemScan,
Quarantine => $Quarantine,
DatabaseMirror => $DatabaseMirror,
UpdateOfficeHrs => $UpdateOfficeHrs,
UpdateNonOfficeHrs => $UpdateNonOfficeHrs,
UpdateWeekend => $UpdateWeekend,
HTTPProxyServer => $HTTPProxyServer,
HTTPProxyPort => $HTTPProxyPort,
HTTPProxyUsername => $HTTPProxyUsername,
HTTPProxyPassword => $HTTPProxyPassword,
);
}
sub get_clam_versions
{
my $version = `/usr/bin/freshclam -V`;
chomp $version;
$version =~ s/^ClamAV //;
return $version;
}
1;

View File

@@ -0,0 +1,404 @@
package SrvMngr::Controller::Datetime;
#----------------------------------------------------------------------
# heading : System
# description : Date and time
# navigation : 4000 400
# routes : end
#------------------------------
use strict;
use warnings;
use Mojo::Base 'Mojolicious::Controller';
use Locale::gettext;
use SrvMngr::I18N;
use SrvMngr qw(theme_list init_session);
use esmith::FormMagick;
use esmith::util;
our $cdb = esmith::ConfigDB->open() || die "Couldn't open config db";
sub main {
my $c = shift;
$c->app->log->info($c->log_req);
my %dat_datas = ();
my $title = $c->l('dat_FORM_TITLE');
my $modul = $c->l('dat_INITIAL_DESC');
$dat_datas{ntpstatus} = 'disabled';
my $rec = $cdb->get('ntpd');
if ($rec) {
$dat_datas{'ntpserver'} = $rec->prop('NTPServer') || '';
if ( $rec->prop('status') eq 'enabled' ) {
$dat_datas{ntpstatus} = 'enabled'
unless ($rec->prop('SyncToHWClockSupported') || 'yes') eq 'yes' and $dat_datas{ntpserver} =~ m#^\s*$#;
}
}
($dat_datas{weekday}, $dat_datas{monthname},
$dat_datas{month}, $dat_datas{day}, $dat_datas{year},
$dat_datas{hour}, $dat_datas{minute}, $dat_datas{second},
$dat_datas{ampm}) = split /\|/,
`/bin/date '+%A|%B|%-m|%-d|%Y|%-I|%M|%S|%p'`;
# get rid of trailing carriage return on last field
chop ($dat_datas{ampm});
$dat_datas{'now_string'} = esmith::FormMagick->gen_locale_date_string();
$c->stash( title => $title, modul => $modul, dat_datas => \%dat_datas );
$c->render('datetime');
};
sub do_update {
my $c = shift;
my %dat_datas = ();
my $title = $c->l('dat_FORM_TITLE');
my $modul = $c->l('dat_INITIAL_DESC');
my $result;
my $success;
my $old_ntpstatus = $c->param('Old_ntpstatus');
$dat_datas{ntpstatus} = $c->param('Ntpstatus');
if ( $dat_datas{ntpstatus} ne $old_ntpstatus) {
if ( $dat_datas{ntpstatus} eq 'disabled' ) {
($dat_datas{weekday},
$dat_datas{monthname},
$dat_datas{month},
$dat_datas{day},
$dat_datas{year},
$dat_datas{hour},
$dat_datas{minute},
$dat_datas{second},
$dat_datas{ampm}) = split /\|/,
`/bin/date '+%A|%B|%-m|%-d|%Y|%-I|%M|%S|%p'`;
# get rid of trailing carriage return on last field
chop ($dat_datas{ampm});
} else {
$dat_datas{ntpserver} = ($cdb->get_prop('ntpd','NTPServer')) || '';
}
$dat_datas{now_string} = esmith::FormMagick->gen_locale_date_string();
$c->stash( title => $title, modul => $modul, dat_datas => \%dat_datas );
return $c->render('datetime');
}
if ( $dat_datas{ntpstatus} eq 'enabled' ) {
# update ntpserver
$dat_datas{ntpserver} = $c->param('Ntpserver') || '';
if ( $dat_datas{ntpserver} eq "pool.ntp.org" ) {
$result .= $c->l('dat_INVALID_NTP_ADDR');
} elsif ( $dat_datas{ntpserver} =~ /^([a-zA-Z0-9\.\-]+)$/ ) {
$dat_datas{ntpserver} = $1;
# } elsif ( $dat_datas{ntpserver} =~ /^\s*$/ ) {
# $dat_datas{ntpserver} = "";
} else {
$result .= $c->l('dat_INVALID_NTP_ADDR');
}
if ( ! $result ) {
$success = update_ntpserver( $c, $dat_datas{ntpserver} );
}
} else {
# set Locale time & clean ntpserver
#my $servername = ($c->param('ServerName') || 'WS');
if ( ! $result ) {
$result = validate_change_datetime( $c );
if ( $result eq 'OK' ) {
$success = $c->l('dat_UPDATING_CLOCK');
$result = '';
disable_ntp();
$success .= '<br>'. $c->l('dat_SERVER_DISABLED_DESC');
}
}
}
if ( $result ) {
$c->stash( error => $result );
$c->stash( title => $title, modul => $modul, dat_datas => \%dat_datas );
return $c->render('datetime');
}
#$result = $c->l('dat_SUCCESS');
my $message = "'Datetime' update DONE";
$c->app->log->info($message);
$c->flash( success => $success );
$c->redirect_to('/datetime');
};
sub validate_change_datetime {
my $c = shift;
#--------------------------------------------------
# Untaint parameters and check for validity
#--------------------------------------------------
my $timezone = $c->param ('Timezone');
if ($timezone =~ /^([\w\-]+\/?[\w\-+]*)$/) {
$timezone = $1;
} else {
$timezone = "US/Eastern";
}
my $month = $c->param ('Month');
if ($month =~ /^(\d{1,2})$/) {
$month = $1;
} else {
$month = "1";
}
if (($month < 1) || ($month > 12)) {
return $c->l('dat_INVALID_MONTH')." $month. ". $c->l('dat_MONTH_BETWEEN_1_AND_12');
}
my $day = $c->param ('Day');
if ($day =~ /^(\d{1,2})$/) {
$day = $1;
} else {
$day = "1";
}
if (($day < 1) || ($day > 31)) {
return $c->l('dat_INVALID_DAY')." $day. ". $c->l('dat_BETWEEN_1_AND_31');
}
my $year = $c->param ('Year');
if ($year =~ /^(\d{4})$/) {
$year = $1;
} else {
$year = "2000";
}
if (($year < 1900) || ($year > 2200)) {
return $c->l('dat_INVALID_YEAR')." $year. ". $c->l('dat_FOUR_DIGIT_YEAR');
}
my $hour = $c->param ('Hour');
if ($hour =~ /^(\d{1,2})$/) {
$hour = $1;
} else {
$hour = "12";
}
if (($hour < 1) || ($hour > 12)) {
return $c->l('dat_INVALID_HOUR')." $hour. ". $c->l('dat_BETWEEN_1_AND_12');
}
my $minute = $c->param ('Minute');
if ($minute =~ /^(\d{1,2})$/) {
$minute = $1;
} else {
$minute = "0";
}
if (($minute < 0) || ($minute > 59)) {
return $c->l('datINVALID_MINUTE')." $minute. ".$c->l('dat_BETWEEN_0_AND_59');
}
my $second = $c->param ('Second');
if ($second =~ /^(\d{1,2})$/) {
$second = $1;
} else {
$second = "0";
}
if (($second < 0) || ($second > 59)) {
return $c->l('dat_INVALID_SECOND')." $second. ". $c->l('dat_BETWEEN_0_AND_59');
}
my $ampm = $c->param ('Ampm');
if ($ampm =~ /^(AM|PM)$/) {
$ampm = $1;
} else {
$ampm = "AM";
}
# convert to 24 hour time
$hour = $hour % 12;
if ($ampm eq "PM") {
$hour = $hour + 12;
}
#--------------------------------------------------
# Store time zone in configuration database
#--------------------------------------------------
my $conf = esmith::ConfigDB->open();
my $old = $conf->get('UnsavedChanges')->value;
my $rec = $conf->get('TimeZone');
unless ($rec) {
$rec = $conf->new_record('TimeZone',undef);
}
$rec->set_value($timezone);
$conf->get('UnsavedChanges')->set_value($old);
#--------------------------------------------------
# Signal event to change time zone, system time
# and hardware clock
#--------------------------------------------------
my $newdate = sprintf "%02d%02d%02d%02d%04d.%02d",
$month, $day, $hour, $minute, $year, $second;
esmith::util::backgroundCommand(2,
"/sbin/e-smith/signal-event","timezone-update",$newdate);
return 'OK';
}
sub update_ntpserver {
my $c = shift;
my $ntpserver = shift;
my $msg;
#------------------------------------------------------------
# Looks good; go ahead and change the parameters.
#------------------------------------------------------------
my $old = $cdb->get('UnsavedChanges')->value;
my $rec = $cdb->get('ntpd');
if ($rec) {
$rec->set_prop('status','enabled');
$rec->set_prop('NTPServer',$ntpserver);
} else {
$rec = $cdb->new_record( 'ntpd',
{ type=>'service', status=>'enabled', SyncToHWClockSupported => 'yes', NTPServer=>$ntpserver } );
}
$cdb->get('UnsavedChanges')->set_value($old);
$msg = $c->l('dat_SETTINGS_CHANGED');
if ( $ntpserver =~ /^\s*$/ ) {
$rec->set_prop('status', ($rec->prop('SyncToHWClockSupported') || 'yes') eq 'yes' ? 'enabled' : 'disabled');
$rec->set_prop('NTPServer', '');
$msg = $c->l('dat_INVALID_NTP_SERVER') if ($rec->prop('SyncToHWClockSupported') || 'yes') ne 'yes';
}
esmith::util::backgroundCommand( 2, "/sbin/e-smith/signal-event", "timeserver-update" );
return $msg;
}
sub disable_ntp {
# make sure that the parameters are set for disabled
my $old = $cdb->get('UnsavedChanges')->value;
my $rec = $cdb->get('ntpd');
if ($rec) {
$rec->set_prop('status', ($rec->prop('SyncToHWClockSupported') || 'yes') eq 'yes' ? 'enabled' : 'disabled');
$rec->set_prop('NTPServer','');
} else {
$rec = $cdb->new_record('ntpd',
{type=>'service', status=>'enabled', SyncToHWClockSupported => 'yes', NTPServer=>''});
}
$cdb->get('UnsavedChanges')->set_value($old);
}
sub getTimezone {
#--------------------------------------------------
# Figure out time zone by looking first looking at
# the configuration database value of TimeZone.
# If that is not defined, try and get it from /etc/localtime.
# If that doesn't work, default to US/Eastern.
#--------------------------------------------------
my $localtime;
my $timezonedefault = "US/Eastern";
if (defined $cdb->get('TimeZone')) {
$timezonedefault = $cdb->get('TimeZone')->value;
} else {
if (defined ($localtime = readlink '/etc/localtime')) {
my $pos = index $localtime, 'zoneinfo/';
if ( $pos > -1 ) {
$timezonedefault = substr $localtime, ($pos + 9);
}
}
}
return $timezonedefault;
}
sub getZone_list {
my $c = shift;
#--------------------------------------------------
# Get a sorted list of time zones
#--------------------------------------------------
$ENV{BASH_ENV} = '';
if (! open (ZONES, "cd /usr/share/zoneinfo; /usr/bin/find . -type f -or -type l | /bin/grep '^./[A-Z]' |"))
{
warn ( $c->l('COULD_NOT_OPEN_TZ_FILE').$!.'.' );
return undef;
}
my $zone;
my @zones = ();
while (defined ($zone = <ZONES>))
{
chop ($zone);
$zone =~ s/^.\///;
push @zones, $zone;
}
close ZONES;
my @zt = sort @zones;
return \@zt;
}
sub getMonth_list {
my $c = shift;
return [[ $c->l('dat_JANUARY') => '1'],
[ $c->l('dat_FEBRUARY') => '2'],
[ $c->l('dat_MARCH') => '3'],
[ $c->l('dat_APRIL') => '4'],
[ $c->l('dat_MAY') => '5'],
[ $c->l('dat_JUNE') => '6'],
[ $c->l('dat_JULY') => '7'],
[ $c->l('dat_AUGUST') => '8'],
[ $c->l('dat_SEPTEMBER') => '9'],
[ $c->l('dat_OCTOBER') => '10'],
[ $c->l('dat_NOVEMBER') => '11'],
[ $c->l('dat_DECEMBER') => '12']];
}
1;

View File

@@ -0,0 +1,97 @@
package SrvMngr::Controller::Directory;
#----------------------------------------------------------------------
# heading : User management
# description : Directory
# navigation : 2000 300
#
# routes : end
#----------------------------------------------------------------------
use strict;
use warnings;
use Mojo::Base 'Mojolicious::Controller';
use Locale::gettext;
use SrvMngr::I18N;
use SrvMngr qw(theme_list init_session);
#use esmith::util qw(ldapBase);
use esmith::FormMagick::Panel::directory;
our $db = esmith::ConfigDB->open() || die "Couldn't open config db";
sub main {
my $c = shift;
$c->app->log->info($c->log_req);
my %dir_datas = ();
my $title = $c->l('dir_FORM_TITLE');
my $modul = $c->render_to_string(inline => $c->l('dir_DESCRIPTION'));
$dir_datas{'root'} = get_ldap_base();
$dir_datas{'access'} = ($db->get_prop('ldap','access')) || 'private';
$dir_datas{'department'} = ($db->get_prop('ldap','defaultDepartment')) || '';
$dir_datas{'company'} = ($db->get_prop('ldap','defaultCompany')) || '';
$dir_datas{'street'} = ($db->get_prop('ldap','defaultStreet')) || '';
$dir_datas{'city'} = ($db->get_prop('ldap','defaultCity')) || '';
$dir_datas{'phonenumber'} = ($db->get_prop('ldap','defaultPhoneNumber')) || '';
$c->stash( title => $title, modul => $modul, dir_datas => \%dir_datas );
$c->render(template => 'directory');
};
sub do_update {
my $c = shift;
$c->app->log->info($c->log_req);
my $access = $c->param('access');
my $department = $c->param('department');
my $company = $c->param('company');
my $street = $c->param('street');
my $city = $c->param('city');
my $phonenumber = $c->param('phonenumber');
my $existing = $c->param('existing');
my $result = "";
$db->get('ldap')->set_prop('access', $access);
$db->get('ldap')->set_prop('defaultDepartment', $department);
$db->get('ldap')->set_prop('defaultCompany', $company);
$db->get('ldap')->set_prop('defaultStreet', $street);
$db->get('ldap')->set_prop('defaultCity', $city);
$db->get('ldap')->set_prop('defaultPhoneNumber', $phonenumber);
if ($existing eq 'update') {
my $ac = esmith::AccountsDB->open() || die "Couldn't open accounts db";
my @users = $ac->users();
foreach my $user (@users) {
$user->set_prop('Phone', $phonenumber);
$user->set_prop('Company', $company);
$user->set_prop('Dept', $department);
$user->set_prop('City', $city);
$user->set_prop('Street', $street);
}
}
#
# Update the system
#
system ("/sbin/e-smith/signal-event ldap-update") == 0
or $result = $c->l('ERROR_UPDATING_CONFIGURATION');
my $title = $c->l('dir_FORM_TITLE');
if ( $result eq '' ) { $result = $c->l('dir_SUCCESS'); }
$c->stash( title => $title, modul => $result );
$c->render(template => 'module');
};
1;

View File

@@ -0,0 +1,502 @@
package SrvMngr::Controller::Domains;
#----------------------------------------------------------------------
# heading : Network
# description : Domains
# navigation : 6000 300
#
# routes : end
#----------------------------------------------------------------------
use strict;
use warnings;
use Mojo::Base 'Mojolicious::Controller';
use Locale::gettext;
use SrvMngr::I18N;
use SrvMngr qw(theme_list init_session);
#use Data::Dumper;
#use esmith::FormMagick::Panel::domains;
use esmith::DomainsDB;
use esmith::AccountsDB;
#use URI::Escape;
our $ddb = esmith::DomainsDB->open || die "Couldn't open domains db";
our $cdb = esmith::ConfigDB->open || die "Couldn't open configuration db";
our $adb = esmith::AccountsDB->open || die "Couldn't open accounts db";
our $REGEXP_DOMAIN = qq([a-zA-Z0-9\-\.]+);
sub main {
my $c = shift;
$c->app->log->info($c->log_req);
my %dom_datas = ();
my $title = $c->l('dom_FORM_TITLE');
$dom_datas{trt} = 'LST';
my @domains;
for ($ddb->domains())
{
my $ns = $_->prop('Nameservers') || 'internet';
push @domains,
{ Domain => $_->key, $_->props,
Nameservers => $ns,
}
}
$dom_datas{forwarder} = $cdb->get_prop('dnscache', 'Forwarder');
$dom_datas{forwarder2} = $cdb->get_prop('dnscache', 'Forwarder2') || '';
$c->stash( title => $title, dom_datas => \%dom_datas, domains => \@domains );
$c->render(template => 'domains');
};
sub do_display {
my $c = shift;
$c->app->log->info($c->log_req);
my $rt = $c->current_route;
my $trt = $c->param('trt');
my $domain = $c->param('Domain') || '';
#$trt = 'DEL' if ( $rt eq 'domaindel1' );
#$trt = 'UPD' if ( $rt eq 'domainupd1' );
#$trt = 'UP2' if ( $rt eq 'domainup21' );
#$trt = 'ADD' if ( $rt eq 'domainadd1' );
my %dom_datas = ();
my $title = $c->l('dom_FORM_TITLE');
my $result = '';
$dom_datas{'trt'} = $trt;
if ( $trt ne 'ADD' and $trt ne 'UPD' and $trt ne 'UP2' and $trt ne 'DEL' ) {
$result = "Trt unknown ( $trt ) !"
}
if ( $trt eq 'ADD' ) {
#nothing
}
if ( $trt eq 'UPD' ) {
my $rec = $ddb->get($domain);
if ( $rec ) {
$dom_datas{domain} = $domain;
$dom_datas{description} = $rec->prop('Description') || '';
$dom_datas{content} = $rec->prop('Content') || '';
$dom_datas{nameservers} = $rec->prop('Nameservers') || 'internet';
} else {
$result = "Domain $domain not found !"
}
}
if ( $trt eq 'UP2' ) {
$dom_datas{forwarder} = $cdb->get_prop('dnscache', 'Forwarder') || '';
$dom_datas{forwarder2} = $cdb->get_prop('dnscache', 'Forwarder2') || '';
}
if ( $trt eq 'DEL' ) {
my $rec = $ddb->get($domain);
if ( $rec ) {
$dom_datas{domain} = $domain;
$dom_datas{description} = $rec->prop('Description') || '';
}
}
if ( $trt eq 'LST' ) {
my @domains;
if ($adb) {
@domains = $ddb->domains();
}
$c->stash( domains => \@domains );
}
if ( ! $result ) {
$c->stash( error => $result );
}
$c->stash( title => $title, dom_datas => \%dom_datas );
$c->render( template => 'domains' );
};
sub do_update {
my $c = shift;
$c->app->log->info($c->log_req);
my $rt = $c->current_route;
my $trt = $c->param('trt');
my %dom_datas = ();
my ($res, $result) = '';
#my $domain = uri_unescape($c->param('domain'));
my $domain = $c->param('Domain');
if ( $trt eq 'ADD' ) {
my $account = $c->param('Account');
# controls (validate ?????)
#? validate_new_domain_name( $c, $domain, $account );
#$result .= $res unless $res eq 'OK';
#$result .= ' blocked';
$res = '';
if ( ! $result ) {
$res = $c->create_modify_domain( 'create', $domain );
$result .= $res unless $res eq 'OK';
}
if ( ! $result ) {
$result = $c->l('dom_SUCCESSFULLY_CREATED') . " $domain";
}
}
if ( $trt eq 'UPD' ) {
my $description = $c->param('Description');
my $content = $c->param('Content');
my $nameservers = $c->param('Nameservers');
# controls
#$res = validate_description( $c, $account );
#$result .= $res unless $res eq 'OK';
#$result .= 'blocked';
$res = '';
if ( ! $result ) {
$res = $c->create_modify_domain( 'modify', $domain );
$result .= $res unless $res eq 'OK';
}
if ( ! $result ) {
$result = $c->l('dom_SUCCESSFULLY_MODIFIED') . " $domain";
}
}
if ( $trt eq 'UP2' ) {
my $forwarder = $c->param('Forwarder');
my $forwarder2 = $c->param('Forwarder2');
# controls
$res = $c->ip_number_or_blank( $forwarder );
$result .= $res unless $res eq 'OK';
$res = $c->ip_number_or_blank( $forwarder2 );
$result .= $res unless $res eq 'OK';
#$result .= 'blocked';
$res = '';
if ( ! $result ) {
$res = $c->modify_dns( $forwarder, $forwarder2 );
$result .= $res unless $res eq 'OK';
}
if ( ! $result ) {
$result = $c->l('SUCCESS') . " $forwarder $forwarder2";
}
}
if ( $trt eq 'DEL' ) {
# controls
#$res = validate_is_domain($c, $domain);
#$result .= $res unless $res eq 'OK';
#$result .= 'blocked';
$res = '';
if ( ! $result ) {
$res = $c->delete_domain( $domain );
$result .= $res unless $res eq 'OK';
}
if ( ! $result ) {
$result = $c->l('dom_SUCCESSFULLY_DELETED') . " $domain";
}
}
# common parts
if ($res ne 'OK') {
my $title = $c->l('dom_FORM_TITLE');
$dom_datas{'domain'} = $domain;
$dom_datas{'trt'} = $trt;
$c->stash( error => $result . "($res)" );
$c->stash( title => $title, dom_datas => \%dom_datas );
return $c->render( 'domains' );
}
my $message = "'Domains' updates ($trt) DONE";
$c->app->log->info($message);
$c->flash( success => $result );
$c->redirect_to('/domains');
};
sub create_modify_domain {
my ($c, $action, $domain) = @_;
$domain = $1 if ($domain =~ /^($REGEXP_DOMAIN)$/);
unless ($domain) {
return ($c->l($action eq 'create' ? 'dom_ERROR_CREATING_DOMAIN'
: 'dom_ERROR_MODIFYING_DOMAIN') . ' Ctl');
}
my $rec = $ddb->get($domain);
if ($rec and $action eq 'create') {
return $c->l('dom_DOMAIN_IN_USE_ERROR');
}
if (not $rec and $action eq 'modify') {
return $c->l('dom_NONEXISTENT_DOMAIN_ERROR');
}
$rec ||= $ddb->new_record($domain, { type => 'domain' });
my %props;
$props{$_} = $c->param($_) for ( qw(Content Description Nameservers) );
$rec->merge_props(%props);
if ( system( "/sbin/e-smith/signal-event",
"domain-$action", "$domain" ) != 0 ) {
return ($c->l($action eq 'create' ? 'dom_ERROR_CREATING_DOMAIN'
: 'dom_ERROR_MODIFYING_DOMAIN') . " Exe $action");
}
return 'OK';
}
sub delete_domain {
my ($c, $domain) = @_;
$domain = $1 if ($domain =~ /^($REGEXP_DOMAIN)$/);
return ($c->l('dom_ERROR_WHILE_REMOVING_DOMAIN') . ' Ctl') unless ($domain);
my $rec = $ddb->get($domain);
return ($c->l('dom_NONEXISTENT_DOMAIN_ERROR')) if (not $rec);
$rec->set_prop('type', 'domain-deleted');
if (system("/sbin/e-smith/signal-event", "domain-delete", "$domain") != 0) {
return ($c->l('dom_ERROR_WHILE_REMOVING_DOMAIN') . 'Exe');
}
$rec->delete;
return 'OK';
}
sub modify_dns {
my ($c, $forwarder, $forwarder2) = @_;
my $dnscache = $cdb->get('dnscache');
($forwarder, $forwarder2) = ($forwarder2, '')
if ($forwarder2 and not $forwarder);
if ($forwarder) {
$dnscache->set_prop('Forwarder', $forwarder);
} else {
$dnscache->delete_prop('Forwarder');
}
if ($forwarder2) {
$dnscache->set_prop('Forwarder2', $forwarder2);
} else {
$dnscache->delete_prop('Forwarder2');
}
unless ( system( "/sbin/e-smith/signal-event", "dns-update" ) == 0 )
{
return $c->l('dom_ERROR_UPDATING');
}
return 'OK';
}
sub existing_accounts_list {
my $c = shift;
my @existingAccounts = ( ['Administrator' => 'admin']);
foreach my $a ($adb->get_all) {
if ($a->prop('type') =~ /(user|group)/) {
push @existingAccounts, [ $a->key => $a->key ];
}
if ($a->prop('type') eq "domain") {
my $target = $adb->get($a->prop('Account'));
unless ($target)
{
warn "WARNING: domain (" . $a->key . ") => missing Account("
. $a->prop('Account') . ")\n";
next;
}
push @existingAccounts, [ $a->key, $a->key ]
unless ($target->prop('type') eq "domain");
}
}
return(\@existingAccounts);
}
sub content_options_list {
my $c = shift;
my @options = ( [ $c->l('dom_PRIMARY_SITE') => 'Primary' ]);
foreach ($adb->ibays) {
push @options, [ $_->prop('Name') => $_->key ]
if ($_->key ne 'Primary');
}
return \@options
}
sub get_content_value
{
my $c = shift;
my $domain = shift;
return $domain ? $ddb->get_prop($domain, 'Content') : 'Primary';
}
sub get_description_value
{
my $c = shift;
my $domain = $c->param('Domain') || undef;
return $ddb->get_prop($domain, 'Description');
}
sub nameserver_options_list {
my $c = shift;
my $domain = $c->param('Domain') || undef;
my @opts = qw(localhost internet);
push @opts, 'corporate' if ($cdb->get_prop('dnscache', 'Forwarder'));
my $ns = ($ddb->get_prop($domain, 'Nameservers') || 'internet');
push @opts, $ns unless scalar grep { /^$ns$/ } @opts;
my @options;
foreach (@opts) {
push @options, [ $c->l( "dom_$_" ) => $_ ];
}
return \@options;
}
sub get_nameserver_value {
my $c = shift;
my $domain = $c->param('Domain') || undef;
return ($ddb->get_prop($domain, 'Nameservers') || 'internet');
}
sub validate_Domain
{
my $c = shift;
my $domain = lc shift;
return ($domain =~ /^($REGEXP_DOMAIN)$/) ? 'OK' :
'DOMAIN_NAME_VALIDATION_ERROR';
}
sub validate_Description
{
# XXX - FIXME - NOTREACHED
# We used to use the Description in the Appletalk volume name
# which meant it needed validation. I don't see any reason to
# do this any more
my $c = shift;
my $description = shift;
return ($description =~ /^([\-\'\w][\-\'\w\s\.]*)$/) ? 'OK' :
'DOMAIN_DESCRIPTION_VALIDATION_ERROR';
}
sub ip_number_or_blank {
# XXX - FIXME - we should push this down into CGI::FormMagick
my $c = shift;
my $ip = shift;
if (!defined($ip) || $ip eq "")
{
return 'OK';
}
return ip_number( $c, $ip );
}
sub ip_number {
# from CGI::FormMagick::Validator qw( ip_number );
my ($c, $data) = @_;
return undef unless defined $data;
return $c->l('FM_IP_NUMBER1') unless $data =~ /^[\d.]+$/;
my @octets = split /\./, $data;
my $dots = ($data =~ tr/.//);
return $c->l('FM_IP_NUMBER2') unless (scalar @octets == 4 and $dots == 3);
foreach my $octet (@octets) {
return $c->l("FM_IP_NUMBER3", $octet) if $octet > 255;
}
return 'OK';
}
1;

View File

@@ -0,0 +1,925 @@
package SrvMngr::Controller::Emailsettings;
#----------------------------------------------------------------------
# heading : System
# description : E-mail
# navigation : 4000 500
#
#
# routes : end
#----------------------------------------------------------------------
use strict;
use warnings;
use Mojo::Base 'Mojolicious::Controller';
use Locale::gettext;
use SrvMngr::I18N;
use SrvMngr qw(theme_list init_session ip_number_or_blank);
use esmith::ConfigDB;
use esmith::AccountsDB;
use esmith::util;
use File::Basename;
our $pattern_db = esmith::ConfigDB->open("mailpatterns");
our $cdb = esmith::ConfigDB->open || die "Couldn't open config db";
sub main {
my $c = shift;
$c->app->log->info($c->log_req);
my %mai_datas = ();
my $title = $c->l('mai_FORM_TITLE');
$mai_datas{'trt'} = 'LIST';
$mai_datas{fetchmailmethod} = $cdb->get_prop('fetchmail', 'Method');
$c->stash( title => $title, notif => '', mai_datas => \%mai_datas );
$c->render(template => 'emailsettings');
};
sub do_display {
my $c = shift;
my $rt = $c->current_route;
my $trt = ($c->param('trt') || 'LIST');
my %mai_datas = ();
my $title = $c->l('mai_FORM_TITLE');
my ($notif, $dest) = '';
$mai_datas{'trt'} = $trt;
if ( $trt eq 'ACC' ) {
$dest = 'emailaccess';
$mai_datas{fetchmailmethod} = $cdb->get_prop('fetchmail', 'Method');
}
if ( $trt eq 'FIL' ) {
$dest = 'emailfilter';
$mai_datas{'virusstatus'} = $c->get_virus_status();
$mai_datas{'spamstatus'} = $cdb->get_prop('spamassassin', 'status');
$mai_datas{'spamsensitivity'} = $cdb->get_prop('spamassassin', 'Sensitivity','medium');
$mai_datas{'spamtaglevel'} = $cdb->get_prop('spamassassin', 'TagLevel') || '0';
$mai_datas{'spamrejectlevel'} = $cdb->get_prop('spamassassin', 'RejectLevel') || '0';
$mai_datas{spamsortspam} = $cdb->get_prop('spamassassin', 'SortSpam');
$mai_datas{spamsubjecttag} = $cdb->get_prop('spamassassin', 'SubjectTag');
$mai_datas{spamsubject} = $cdb->get_prop('spamassassin', 'Subject');
}
if ( $trt eq 'REC' ) {
$dest = 'emailreceive';
$mai_datas{fetchmailmethod} = $cdb->get_prop('fetchmail', 'Method');
$mai_datas{freqoffice} = $cdb->get_prop('fetchmail', 'FreqOffice');
$mai_datas{freqoutside} = $cdb->get_prop('fetchmail', 'FreqOutside');
$mai_datas{freqweekend} = $cdb->get_prop('fetchmail', 'FreqWeekend');
$mai_datas{secondarymailserver} = $cdb->get_prop('fetchmail', 'SecondaryMailServer');
$mai_datas{secondarymailaccount} = $cdb->get_prop('fetchmail', 'SecondaryMailAccount');
$mai_datas{secondarymailpassword} = $cdb->get_prop('fetchmail', 'SecondaryMailPassword');
$mai_datas{specifyheader} = get_secondary_mail_use_envelope();
$mai_datas{secondarymailenvelope} = $cdb->get_prop('fetchmail', 'SecondaryMailEnvelope');
}
if ( $trt eq 'DEL' ) {
$dest = 'emaildeliver';
$mai_datas{emailunknownuser} = $cdb->get_value('EmailUnknownUser') || '"returntosender';
$mai_datas{delegatemailserver} = $cdb->get_value('DelegateMailServer');
$mai_datas{smtpsmarthost} = $cdb->get_value('SMTPSmartHost');
$mai_datas{smtpauthproxystatus} = $cdb->get_prop('smtp-auth-proxy', 'status') || 'disabled';
$mai_datas{smtpauthproxyuserid} = $cdb->get_prop('smtp-auth-proxy', 'Userid') || '';
$mai_datas{smtpauthproxypassword} = $cdb->get_prop('smtp-auth-proxy', 'Passwd') || '';
}
$c->stash( title => $title, notif => $notif, mai_datas => \%mai_datas );
return $c->render( template => $dest );
};
sub do_update {
my $c = shift;
$c->app->log->info($c->log_req);
my $rt = $c->current_route;
my $trt = $c->param('trt');
my %mai_datas = ();
$mai_datas{trt} = $trt;
my $title = $c->l('mai_FORM_TITLE');
my ($dest, $res, $result) = '';
if ( $trt eq 'ACC' ) {
$dest = 'emailaccess';
# $mai_datas{xxx} = $c->param('XXX');
# controls
# $res = xxxxxxx( $c );
# $result .= $res unless $res eq 'OK';
if ( ! $result ) {
$res = $c->change_settings_access();
$result .= $res unless $res eq 'OK';
if ( ! $result ) {
$result = $c->l('mai_SUCCESS');
}
}
}
if ( $trt eq 'FIL' ) {
$dest = 'emailfilter';
# $mai_datas{xxx} = $c->param('XXX');
# controls
# $res = zzzzzz( $c );
# $result .= $res unless $res eq 'OK';
if ( ! $result ) {
$res = $c->change_settings_filtering();
$result .= $res unless $res eq 'OK';
if ( ! $result ) {
$result = $c->l('mai_SUCCESS');
}
}
}
if ( $trt eq 'REC' ) {
$dest = 'emailreceive';
# $mai_datas{xxx} = $c->param('XXX');
# controls
# $res = yyyyyyyyy( $c );
# $result .= $res unless $res eq 'OK';
if ( ! $result ) {
$res = $c->change_settings_reception();
$result .= $res unless $res eq 'OK';
if ( ! $result ) {
$result = $c->l('mai_SUCCESS');
}
}
}
if ( $trt eq 'DEL' ) {
$dest = 'emaildeliver';
# $mai_datas{xxx} = $c->param('XXX');
# controls
$res = $c->ip_number_or_blank( $c->param('DelegateMailServer') );
$result .= $res . ' DMS <br>' unless $res eq 'OK';
$res = $c->validate_smarthost( $c->param('SMTPSmartHost') );
$result .= $res . ' SH <br>' unless $res eq 'OK';
$res = $c->nonblank_if_smtpauth( $c->param('SMTPSmartHost') );
$result .= $res . ' SH <br>' unless $res eq 'OK';
$res = $c->nonblank_if_smtpauth( $c->param('SMTPAUTHPROXY_Userid') );
$result .= $res . ' USR <br>' unless $res eq 'OK';
$res = $c->nonblank_if_smtpauth( $c->param('SMTPAUTHPROXY_Passwd') );
$result .= $res . ' PWD <br>' unless $res eq 'OK';
if ( ! $result ) {
$res = $c->change_settings_delivery();
$result .= $res unless $res eq 'OK';
if ( ! $result ) {
$result = $c->l('mai_SUCCESS');
}
}
}
# common part
if ($res ne 'OK') {
$c->stash( error => $result );
$c->stash( title => $title, mai_datas => \%mai_datas );
return $c->render( $dest );
}
my $message = "emailsettings updates $trt DONE";
$c->app->log->info($message);
$c->flash( success => $result );
$c->redirect_to("/emailsettings");
};
sub get_virus_status {
my ($c, $localise) = @_;
my $status = $cdb->get_prop("qpsmtpd", 'VirusScan') || 'disabled';
return $localise ? $c->localise_status($status) : $status;
}
sub get_spam_status {
my ($c, $localise) = @_;
my $status = $cdb->get_prop('spamassassin', 'status') || 'disabled';
return $localise ? $c->localise_status($status) : $status;
}
sub localise_status {
my ($c, $status) = @_;
return $c->l($status eq 'enabled' ? $c->l('ENABLED') : $c->l('DISABLED'));
}
sub get_prop {
my ($c, $item, $prop, $default) = @_;
return $cdb->get_prop($item, $prop) || $default;
}
sub get_value {
my $c = shift;
my $item = shift;
return $cdb->get_value($item) || '';
}
sub get_emailunknownuser_status {
my ($c, $localise) = @_;
my $options = $c->get_emailunknownuser_options();
my $val = $cdb->get_value('EmailUnknownUser') || "returntosender";
return $localise ? $c->l($options->{$val}) : $val;
}
sub get_patterns_status {
my ($c, $localise) = @_;
my $status = $cdb->get_prop("qpsmtpd", 'PatternsScan') || 'disabled';
return $localise ? $c->localise_status($status) : $status;
}
sub adjust_patterns {
my $c = shift;
my @selected = @{$c->every_param('BlockExecutableContent')};
foreach my $pattern ( $pattern_db->get_all_by_prop( type => "pattern") )
{
my $status = (grep $pattern->key eq $_, @selected) ? 'enabled'
: 'disabled';
$pattern->set_prop('Status', $status);
}
$pattern_db->reload;
return scalar @selected;
}
sub get_current_pop3_access {
my ($c, $localise) = @_;
my $pop3Status = $cdb->get_prop('pop3', 'status') || 'enabled';
my $pop3Access = $cdb->get_prop('pop3', 'access') || 'private';
my $pop3sStatus = $cdb->get_prop('pop3s', 'status') || 'enabled';
my $pop3sAccess = $cdb->get_prop('pop3s', 'access') || 'private';
my $options = get_pop_options();
if ($pop3Status ne 'enabled' && $pop3sStatus ne 'enabled')
{
return $localise ? $c->l($options->{disabled}) : 'disabled';
}
elsif ($pop3Status eq 'enabled' && $pop3Access eq 'public')
{
return $localise ? $c->l($options->{public}) : 'public';
}
elsif ($pop3sStatus eq 'enabled' && $pop3sAccess eq 'public')
{
return $localise ? $c->l($options->{publicSSL}) : 'publicSSL';
}
return $localise ? $c->l($options->{private}) : 'private';
}
sub get_current_imap_access {
my ($c, $localise) = @_;
my $imapStatus = $cdb->get_prop('imap', 'status') || 'enabled';
my $imapAccess = $cdb->get_prop('imap', 'access') || 'private';
my $imapsStatus = $cdb->get_prop('imaps', 'status') || 'enabled';
my $imapsAccess = $cdb->get_prop('imaps', 'access') || 'private';
my $options = get_imap_options();
if (($imapStatus ne 'enabled' || $imapAccess eq 'localhost') && $imapsStatus ne 'enabled')
{
return $localise ? $c->l($options->{disabled}) : 'disabled';
}
if ($imapStatus eq 'enabled' && $imapAccess eq 'public')
{
return $localise ? $c->l($options->{public}) : 'public';
}
elsif ($imapsStatus eq 'enabled' && $imapsAccess eq 'public')
{
return $localise ? $c->l($options->{publicSSL}) : 'publicSSL';
}
return $localise ? $c->l($options->{private}) : 'private';
}
sub get_current_smtp_auth {
my ($c, $localise) = @_;
my $smtpStatus = $cdb->get_prop('qpsmtpd', 'status') || 'enabled';
my $smtpAuth = $cdb->get_prop('qpsmtpd', 'Authentication') || 'enabled';
my $smtpsStatus = $cdb->get_prop('sqpsmtpd', 'status') || 'enabled';
my $smtpsAuth = $cdb->get_prop('sqpsmtpd', 'Authentication') || 'enabled';
my $options = get_smtp_auth_options();
if ($smtpStatus eq 'enabled' && $smtpAuth eq 'enabled')
{
return $localise ? $c->l($options->{public}) : 'public';
}
elsif ($smtpsStatus eq 'enabled' && $smtpsAuth eq 'enabled')
{
return $localise ? $c->l($options->{publicSSL}) : 'publicSSL';
}
return $localise ? $c->l($options->{disabled}) : 'disabled';
}
sub get_current_webmail_status {
my ($c, $localise) = @_;
# determine status of webmail
my $WebmailStatus = "disabled";
my $IMPStatus = $cdb->get_prop('imp', 'status') || 'disabled';
my $HordeStatus = $cdb->get_prop('horde', 'status') || 'disabled';
my $MysqlStatus = $cdb->get_prop('mariadb', 'status') || 'disabled';
my $PHPStatus = $cdb->get_prop('php', 'status') || 'disabled';
my $Networkaccess = $cdb->get_prop('horde','access') || 'disabled';
# all four components must be on for webmail to be working
if ( ( $IMPStatus eq "enabled" )
&& ( $HordeStatus eq "enabled" )
&& ( $MysqlStatus eq "enabled" )
&& ( $PHPStatus eq "enabled" )
&& ( $Networkaccess eq "public"))
{
$WebmailStatus = "enabledSSL";
}
elsif ( ( $IMPStatus eq "enabled" )
&& ( $HordeStatus eq "enabled" )
&& ( $MysqlStatus eq "enabled" )
&& ( $PHPStatus eq "enabled" )
&& ( $Networkaccess eq "private" ))
{
$WebmailStatus = "localnetworkSSL";
}
my $options = get_webmail_options();
return $localise ? $c->l($options->{$WebmailStatus})
: $WebmailStatus;
}
sub get_pop_opt {
my $c = shift;
return [[ $c->l('DISABLED') => 'disabled' ],
[ $c->l('NETWORKS_ALLOW_LOCAL') => 'private' ],
[ $c->l('mai_SECURE_POP3') => 'publicSSL' ],
[ $c->l('mai_INSECURE_POP3') => 'public' ]];
}
sub get_pop_options {
my $c = @_;
my %options = (
disabled => 'DISABLED',
private => 'NETWORKS_ALLOW_LOCAL',
publicSSL => 'mai_SECURE_POP3'
);
my $access = $cdb->get_prop('pop3', 'access') || 'private';
$options{public} = 'mai_INSECURE_POP3' if ($access eq 'public');
\%options;
}
sub get_imap_opt {
my $c = shift;
return [[ $c->l('DISABLED') => 'disabled' ],
[ $c->l('NETWORKS_ALLOW_LOCAL') => 'private' ],
[ $c->l('mai_SECURE_IMAP') => 'publicSSL' ],
[ $c->l('mai_INSECURE_IMAP') => 'public' ]];
}
sub get_imap_options {
my $c = shift;
my %options = (
disabled => 'DISABLED',
private => 'NETWORKS_ALLOW_LOCAL',
publicSSL => 'mai_SECURE_IMAP'
);
my $access = $cdb->get_prop('imap', 'access') || 'private';
$options{public} = 'mai_INSECURE_IMAP' if ($access eq 'public');
\%options;
}
sub get_smtp_auth_options {
my $c = shift;
my %options = ( disabled => 'DISABLED', publicSSL => 'mai_SECURE_SMTP', public => 'mai_INSECURE_SMTP');
\%options;
}
sub get_webmail_opt {
my $c = shift;
return [[ $c->l('DISABLED') => 'disabled' ],
[ $c->l('mai_ENABLED_SECURE_ONLY') => 'enabledSSL' ],
[ $c->l('mai_ONLY_LOCAL_NETWORK_SSL') => 'localnetworkSSL' ],
[ $c->l('mai_ENABLED_BOTH') => 'public' ]];
}
sub get_webmail_options {
my $c = shift;
my %options = (
disabled => 'DISABLED',
enabledSSL => 'mai_ENABLED_SECURE_ONLY',
localnetworkSSL => 'mai_ONLY_LOCAL_NETWORK_SSL' );
\%options;
}
sub get_retrieval_opt {
my $c = shift;
return $cdb->get("SystemMode")->value eq "servergateway-private"
? [ $c->l('mai_MULTIDROP') => 'multidrop']
: [[ $c->l('mai_STANDARD') => 'standard'],
[ $c->l('mai_ETRN') => 'etrn' ],
[ $c->l('mai_MULTIDROP') => 'multidrop']];
}
sub get_smtp_auth_opt {
my $c = shift;
return [[ $c->l('DISABLED') => 'disabled'],
[ $c->l('mai_SECURE_SMTP') => 'publicSSL'],
[ $c->l('mai_INSECURE_SMTP') => 'public']];
}
sub get_emailunknownuser_options {
my $c = shift;
my $accounts = esmith::AccountsDB->open_ro();
my %existingAccounts = ('admin' => $c->l("mai_FORWARD_TO_ADMIN"),
'returntosender' => $c->l("mai_RETURN_TO_SENDER") );
foreach my $account ($accounts->get_all) {
next if $account->key eq 'everyone';
if ($account->prop('type') =~ /(user|group|pseudonym)/) {
$existingAccounts{$account->key} = $c->l("mai_FORWARD_TO") . " " . $account->key;
}
}
return(\%existingAccounts);
}
sub get_emailunknownuser_opt {
my $c = shift;
my $accounts = esmith::AccountsDB->open_ro();
my @existingAccounts = ([ $c->l("mai_FORWARD_TO_ADMIN") => 'admin'],
[ $c->l("mai_RETURN_TO_SENDER") => 'returntosender']);
foreach my $account ($accounts->get_all) {
next if $account->key eq 'everyone';
if ($account->prop('type') =~ /(user|group|pseudonym)/) {
push @existingAccounts, [ $c->l("mai_FORWARD_TO") . " " . $account->key => $account->key];
}
}
return(\@existingAccounts);
}
sub get_patterns_opt {
my $c = shift;
my @options;
foreach my $pattern ( $pattern_db->get_all_by_prop( type => "pattern" ) ) {
my %props = $pattern->props;
push @options, [ $props{'Description'} => $pattern->key ];
}
return \@options;
}
sub get_patterns_current_opt {
my $c = shift;
my @selected;
foreach my $pattern ( $pattern_db->get_all_by_prop( type => "pattern" ) ) {
my %props = $pattern->props;
push @selected, $pattern->key if ($props{'Status'} eq 'enabled');
}
return \@selected;
}
sub get_spam_level_options {
return [ 0..20 ];
}
sub get_spam_sensitivity_opt {
my $c = shift;
return [[ $c->l('mai_VERYLOW') => 'verylow' ],
[ $c->l('mai_LOW') => 'low' ],
[ $c->l('mai_MEDIUM') => 'medium' ],
[ $c->l('mai_HIGH') => 'high' ],
[ $c->l('mai_VERYHIGH') => 'veryhigh' ],
[ $c->l('mai_CUSTOM') => 'custom' ]];
}
sub fetchmail_freq {
my $c = shift;
return [[ $c->l('mai_NEVER') => 'never' ],
[ $c->l('mai_EVERY5MIN') => 'every5min' ],
[ $c->l('mai_EVERY15MIN') => 'every15min' ],
[ $c->l('mai_EVERY30MIN') => 'every30min' ],
[ $c->l('mai_EVERYHOUR') => 'everyhour' ],
[ $c->l('mai_EVERY2HRS') => 'every2hrs' ]];
}
sub display_multidrop {
my $status = $cdb->get_prop('fetchmail', 'status') || 'disabled';
# XXX FIXME - WIP
# Only display ETRN/multidrop settings if relevant
# To do this, we need an "Show ETRN/multidrop settings" button
# in standard mode.
# return ($status eq 'enabled');
return 1;
}
sub change_settings_reception {
my $c = shift;
my $FetchmailMethod = ( $c->param('FetchmailMethod') || 'standard' );
my $FetchmailFreqOffice = ( $c->param('FreqOffice') || 'every15min' );
my $FetchmailFreqOutside = ( $c->param('FreqOutside') || 'everyhour' );
my $FetchmailFreqWeekend = ( $c->param('FreqWeekend') || 'everyhour' );
my $SpecifyHeader = ( $c->param('SpecifyHeader') || 'off' );
my $fetchmail = $cdb->get('fetchmail') || $cdb->new_record( "fetchmail",
{ type => "service", status => "disabled" } );
if ( $FetchmailMethod eq 'standard' ) {
$fetchmail->set_prop( 'status', 'disabled' );
$fetchmail->set_prop( 'Method', $FetchmailMethod );
}
else {
$fetchmail->set_prop( 'status', 'enabled' );
$fetchmail->set_prop( 'Method', $FetchmailMethod );
$fetchmail->set_prop( 'SecondaryMailServer',
$c->param('SecondaryMailServer') )
unless ( $c->param('SecondaryMailServer') eq '' );
$fetchmail->set_prop('FreqOffice', $FetchmailFreqOffice );
$fetchmail->set_prop('FreqOutside', $FetchmailFreqOutside );
$fetchmail->set_prop('FreqWeekend', $FetchmailFreqWeekend );
$fetchmail->set_prop('SecondaryMailAccount',
$c->param('SecondaryMailAccount') )
unless ( $c->param('SecondaryMailAccount') eq '' );
$fetchmail->set_prop( 'SecondaryMailPassword',
$c->param('SecondaryMailPassword') )
unless ( $c->param('SecondaryMailPassword') eq '' );
if ( $SpecifyHeader eq 'on' ) {
$fetchmail->merge_props(
'SecondaryMailEnvelope' => $c->param('SecondaryMailEnvelope') );
}
else {
$fetchmail->delete_prop('SecondaryMailEnvelope');
}
}
my $smtpAuth = ($c->param('SMTPAuth') || 'public');
if ($smtpAuth eq 'public') {
$cdb->set_prop("qpsmtpd", "Authentication", "enabled" );
$cdb->set_prop("sqpsmtpd", "Authentication", "enabled" );
} elsif ($smtpAuth eq 'publicSSL') {
$cdb->set_prop("qpsmtpd", "Authentication", "disabled" );
$cdb->set_prop("sqpsmtpd", "Authentication", "enabled" );
} else {
$cdb->set_prop("qpsmtpd", "Authentication", "disabled" );
$cdb->set_prop("sqpsmtpd", "Authentication", "disabled" );
}
unless ( system( "/sbin/e-smith/signal-event", "email-update" ) == 0 )
{
return $c->l('mai_ERROR_UPDATING_CONFIGURATION');
}
return 'OK';
}
sub change_settings_delivery {
my ($c) = shift;
my $EmailUnknownUser = ($c->param('EmailUnknownUser') || 'returntosender');
$cdb->set_value('SMTPSmartHost', $c->param('SMTPSmartHost'));
$cdb->set_value('DelegateMailServer', $c->param('DelegateMailServer'));
$cdb->set_value('EmailUnknownUser', $EmailUnknownUser);
my $proxy = $cdb->get('smtp-auth-proxy');
my %props = $proxy->props;
for ( qw(Userid Passwd status) )
{
$props{$_} = $c->param("SMTPAUTHPROXY_$_");
}
$proxy->merge_props(%props);
unless ( system( "/sbin/e-smith/signal-event", "email-update" ) == 0 )
{
return $c->l('mai_ERROR_UPDATING_CONFIGURATION');
}
return 'OK';
}
sub change_settings_access {
my $c = shift;
my $pop3Access = ($c->param('POPAccess') || 'private');
if ($pop3Access eq 'disabled') {
$cdb->set_prop('pop3', "status", "disabled" );
$cdb->set_prop('pop3s', "status", "disabled" );
} else {
$cdb->set_prop('pop3', "status", "enabled" );
$cdb->set_prop('pop3s', "status", "enabled" );
}
if ($pop3Access eq 'public') {
$cdb->set_prop('pop3', "access", "public" );
$cdb->set_prop('pop3s', "access", "public" );
} elsif ($pop3Access eq 'publicSSL') {
$cdb->set_prop('pop3', "access", "private" );
$cdb->set_prop('pop3s', "access", "public" );
} else {
$cdb->set_prop('pop3', "access", "private" );
$cdb->set_prop('pop3s', "access", "private" );
}
my $imapAccess = ($c->param('IMAPAccess') || 'private');
if ($imapAccess eq 'disabled') {
$cdb->set_prop('imap', "status", "enabled" );
$cdb->set_prop('imap', "access", "localhost" );
$cdb->set_prop('imaps', "status", "disabled" );
} elsif ($imapAccess eq 'public') {
$cdb->set_prop('imap', "status", "enabled" );
$cdb->set_prop('imap', "access", "public" );
$cdb->set_prop('imaps', "status", "enabled" );
$cdb->set_prop('imaps', "access", "public" );
} elsif ($imapAccess eq 'publicSSL') {
$cdb->set_prop('imap', "status", "enabled" );
$cdb->set_prop('imap', "access", "private" );
$cdb->set_prop('imaps', "status", "enabled" );
$cdb->set_prop('imaps', "access", "public" );
} else {
$cdb->set_prop('imap', "status", "enabled" );
$cdb->set_prop('imap', "access", "private" );
$cdb->set_prop('imaps', "status", "enabled" );
$cdb->set_prop('imaps', "access", "private" );
}
#------------------------------------------------------------
# Set webmail state in configuration database, and access
# type for SSL
# PHP and MySQL should always be on, and are enabled by default
# We don't do anything with them here.
#------------------------------------------------------------
my $webmail = ($c->param('WebMail') || 'disabled');
if ( $webmail eq "enabled" ) {
$cdb->set_prop('php', "status", $webmail );
$cdb->set_prop('mariadb',"status", $webmail );
$cdb->set_prop('imp',"status", $webmail );
$cdb->set_prop('horde', "status", $webmail );
$cdb->set_prop('imp',"access", "full" );
$cdb->set_prop('horde',"access", "public" );
$cdb->set_prop('horde',"HttpsOnly", "no" );
}
elsif ( $webmail eq "enabledSSL" ) {
$cdb->set_prop('php',"status", "enabled" );
$cdb->set_prop('mariadb',"status", "enabled" );
$cdb->set_prop('imp',"status", 'enabled' );
$cdb->set_prop('horde',"status", 'enabled' );
$cdb->set_prop('imp',"access", "SSL" );
$cdb->set_prop('horde',"access", "public" );
$cdb->set_prop('horde',"HttpsOnly", "yes" );
}
elsif ( $webmail eq "localnetworkSSL" ) {
$cdb->set_prop('php',"status", "enabled" );
$cdb->set_prop('mariadb',"status", "enabled" );
$cdb->set_prop('imp',"status", 'enabled' );
$cdb->set_prop('horde',"status", 'enabled' );
$cdb->set_prop('imp',"access", "SSL" );
$cdb->set_prop('horde',"access", "private" );
$cdb->set_prop('horde',"HttpsOnly", "yes" );
}
else {
$cdb->set_prop('imp',"status", 'disabled' );
$cdb->set_prop('horde',"status", 'disabled' );
}
unless ( system( "/sbin/e-smith/signal-event", "email-update" ) == 0 ) {
return $c->l('mai_ERROR_UPDATING_CONFIGURATION');
}
return 'OK';
}
sub change_settings_filtering {
my $c = shift;
my $virus_status = ( $c->param('VirusStatus') || 'disabled' );
$cdb->set_prop("qpsmtpd", 'VirusScan', $virus_status);
for my $param ( qw(
status
Sensitivity
TagLevel
RejectLevel
SortSpam
Subject
SubjectTag) )
{
$cdb->set_prop('spamassassin', $param, $c->param("Spam$param"));
}
my $patterns_status = $c->adjust_patterns() ? 'enabled' : 'disabled';
$cdb->set_prop("qpsmtpd", 'PatternsScan', $patterns_status);
unless ( system( "/sbin/e-smith/signal-event", "email-update" ) == 0 )
{
return $c->l('mai_ERROR_UPDATING_CONFIGURATION');
}
return 'OK';
}
#sub blank_or_ip_number {
# my ($c, $value) = @_;
# return 'OK' unless (defined $value); # undef is blank
# return 'OK' if ($value =~ /^$/); # blank is blank
# return $c->call_fm_validation("ip_number",$value,''); # otherwise, validate the input
#}
sub nonblank_if_smtpauth {
my ($c, $value) = @_;
return "OK" unless ($c->param("SMTPAUTHPROXY_status") eq 'enabled');
return ($value =~ /\S+/) ? "OK" : $c->l('mai_VALIDATION_SMTPAUTH_NONBLANK');
}
sub get_secondary_mail_use_envelope {
my $use_envelope = $cdb->get_prop('fetchmail', 'SecondaryMailEnvelope');
if ( defined $use_envelope ) {
return ('on');
} else {
return ('off');
}
}
sub validate_smarthost {
my $fm = shift;
my $smarthost = shift;
return ('OK') if ( $smarthost =~ /^(\S+\.\S+)$/ );
return ('OK') if ( $smarthost eq '' );
return "INVALID_SMARTHOST";
}
1;

View File

@@ -0,0 +1,507 @@
package SrvMngr::Controller::Groups;
#----------------------------------------------------------------------
# heading : User management
# description : GROUPS
# navigation : 2000 200
#----------------------------------------------------------------------
#
# routes : end
#----------------------------------------------------------------------
use strict;
use warnings;
use Mojo::Base 'Mojolicious::Controller';
use Locale::gettext;
use SrvMngr::I18N;
use SrvMngr qw(theme_list init_session);
#use Data::Dumper;
#use esmith::FormMagick::Panel::groups;
use esmith::AccountsDB;
our $cdb = esmith::ConfigDB->open || die "Couldn't open configuration db";
our $adb = esmith::AccountsDB->open || die "Couldn't open accounts db";
sub main {
my $c = shift;
$c->app->log->info($c->log_req);
my %grp_datas = ();
my $title = $c->l('grp_FORM_TITLE');
$grp_datas{trt} = 'LST';
my @groups;
if ($adb) {
@groups = $adb->groups();
}
$c->stash( title => $title, grp_datas => \%grp_datas, groups => \@groups );
$c->render(template => 'groups');
};
sub do_display {
my $c = shift;
$c->app->log->info($c->log_req);
my $rt = $c->current_route;
my $trt = ($c->param('trt') || 'LST');
my $group = $c->param('group');
my %grp_datas = ();
my $title = $c->l('grp_FORM_TITLE');
$grp_datas{'trt'} = $trt;
if ( $trt eq 'ADD' ) {
#nothing
}
if ( $trt eq 'UPD' ) {
my %members = ();
my %users = ();
my $rec = $adb->get($group);
if ($rec and $rec->prop('type') eq 'group') {
$grp_datas{group} = $group;
$grp_datas{description} = $rec->prop('Description') || '';
%members = @{$c->gen_members_list( $group )};
}
$c->stash( members => \%members, users => \%users );
}
if ( $trt eq 'DEL' ) {
my %members = ();
my %ibays = ();
my $rec = $adb->get($group);
if ($rec and $rec->prop('type') eq 'group') {
$grp_datas{group} = $group;
$grp_datas{description} = $rec->prop('Description') || '';
%members = @{$c->gen_members_list($group)};
%ibays = @{$c->gen_ibays_list($group)};
}
$c->stash( members => \%members, ibays => \%ibays );
}
if ( $trt eq 'LST' ) {
my @groups;
if ($adb) {
@groups = $adb->groups();
}
$c->stash( groups => \@groups );
}
$c->stash( title => $title, grp_datas => \%grp_datas );
$c->render( template => 'groups' );
};
sub do_update {
my $c = shift;
$c->app->log->info($c->log_req);
my $rt = $c->current_route;
my $trt = ($c->param('trt') || 'LST');
my $groupName = $c->param('groupName') || '';
my $title = $c->l('grp_FORM_TITLE');
my ($res, $result) = '';
my %grp_datas = ();
$grp_datas{'trt'} = $trt;
$grp_datas{'group'} = $groupName;
my @members = ();
if ( $trt eq 'ADD' ) {
my $groupDesc = $c->param('groupDesc');
@members = @{$c->every_param('groupMembers')};
my $members = join ( ",", @members );
# controls
$res = $c->validate_group( $groupName );
$result .= $res . '<br>' unless $res eq 'OK';
$res = $c->validate_group_length( $groupName );
$result .= $res . '<br>' unless $res eq 'OK';
$res = $c->validate_group_naming_conflict( $groupName );
$result .= $res . '<br>' unless $res eq 'OK';
$res = $c->validate_description( $groupDesc );
$result .= $res . '<br>' unless $res eq 'OK';
$res = $c->validate_group_has_members( @members );
$result .= $res . '<br>' unless $res eq 'OK';
my %props = (
'type', 'group', 'Description',
$groupDesc, 'Members', $members
);
$res = '';
if ( ! $result ) {
$adb->new_record( $groupName, \%props );
# Untaint groupName before use in system()
($groupName) = ($groupName =~ /^([a-z][\-\_\.a-z0-9]*)$/);
system("/sbin/e-smith/signal-event", "group-create", "$groupName") == 0
or $result .= $c->l('qgp_CREATE_ERROR')."\n";
}
if ( ! $result ) {
$result = $c->l('grp_CREATED_GROUP') . ' ' . $groupName;
$res = 'OK';
}
}
if ( $trt eq 'UPD' ) {
my $groupDesc = $c->param('groupDesc');
@members = @{$c->every_param('groupMembers')};
my $members = join ( ",", @members );
# controls
$res = '';
$res = validate_description( $c, $groupDesc );
$result .= $res . '<br>' unless $res eq 'OK';
$res = validate_group_has_members( $c, @members );
$result .= $res . '<br>' unless $res eq 'OK';
$res = '';
if ( ! $result ) {
$adb->get($groupName)->set_prop( 'Members', $members );
$adb->get($groupName)->set_prop( 'Description', $groupDesc );
# Untaint groupName before use in system()
($groupName) = ($groupName =~ /^([a-z][\-\_\.a-z0-9]*)$/);
system("/sbin/e-smith/signal-event", "group-modify", "$groupName") ==0
or $result .= $c->l('qgp_MODIFY_ERROR')."\n";
}
if ( ! $result ) {
$result = $c->l('grp_MODIFIED_GROUP') . ' ' . $groupName;
$res = 'OK';
}
}
if ( $trt eq 'DEL' ) {
if ($groupName =~ /^([a-z][\-\_\.a-z0-9]*)$/) {
$groupName = $1;
} else {
$result .= $c->l('grp_ERR_INTERNAL_FAILURE') . ':' . $groupName;
}
my $rec = $adb->get($groupName);
$result .= $c->l('grp_ERR_INTERNAL_FAILURE') . ':' . $groupName unless ($rec);
$res = '';
if ( ! $result ) {
$res = delete_group( $c, $groupName );
$result .= $res unless $res eq 'OK';
if ( ! $result ) {
$result = $c->l('grp_DELETED_GROUP') . ' ' . $groupName;
$res = 'OK';
}
}
}
# common parts
if ($res ne 'OK') {
$c->stash( error => $result );
my %members = @{$c->gen_members_list($groupName)};
$c->stash( title => $title, members => \%members, grp_datas => \%grp_datas );
return $c->render('groups');
}
my $message = "'Groups' updates ($trt) DONE";
$c->app->log->info($message);
$c->flash( success => $result );
$c->redirect_to('/groups');
};
sub delete_group {
my ( $c, $groupName ) = @_;
# Update the db account (1)
$adb->get($groupName)->set_prop('type', 'group-deleted');
# Untaint groupName before use in system()
($groupName) = ($groupName =~ /^([a-z][\-\_\.a-z0-9]*)$/);
return (system ("/sbin/e-smith/signal-event", "group-delete", "$groupName") ||
! $adb->get($groupName)->delete()) ?
$c->l('DELETE_ERROR') : 'OK';
}
sub gen_members_list {
my ( $c, $group ) = @_;
my @members = ();
my $rec = $adb->get($group);
@members = split ( /,/, $rec->prop('Members') ) if ( $rec );
my %names;
foreach my $m (@members) {
my $name;
if ( $m eq 'admin' ) {
$name = "Administrator";
}
else {
$name = $adb->get($m)->prop('FirstName') . " "
. $adb->get($m)->prop('LastName');
}
$names{$m} = $name;
}
@members = %names;
return \@members;
}
sub gen_ibays_list {
my ( $c, $group ) = @_;
my %names;
foreach my $ibay ( $adb->ibays ) {
if ( $ibay->prop('Group') eq $group ) {
$names{$ibay->key} = $ibay->prop('Name');
}
}
my @ibays = %names;
return \@ibays;
}
sub gen_users_list {
my $c = shift;
my @users = sort { $a->key() cmp $b->key() } $adb->users();
my %names;
foreach my $user ( @users ) {
$names{$user->key} = $user->prop('FirstName') . " "
. $user->prop('LastName');
}
return \%names;
}
=head1 VALIDATION
=head2 validate_is_group FM GROUP
returns OK if GROUP is a current group. otherwisee returns "NOT_A_GROUP"
=begin testing
#ok($panel->validate_is_group('root') eq 'OK', "Root is a group");
ok($panel->validate_is_group('ro2ot') eq 'NOT_A_GROUP', "Ro2ot is not a group");
=end testing
=cut
sub validate_is_group () {
my $c = shift;
my $group = shift;
my @groups = $adb->groups();
my %groups = map { $_->key => 1 } @groups;
unless ( exists $groups{$group} ) {
return ($c->l('grp_NOT_A_GROUP'));
}
return ("OK");
}
=head2 validate_group_naming_conflict FM GROUPNAME
Returns "OK" if this group's name doesn't conflict with anything
Returns "PSEUDONYM_CONFLICT" if this name conflicts with a pseudonym
Returns "NAME_CONFLICT" if this group name conflicts with anything else
ok (undef, 'need testing for validate_naming_Conflicts');
=cut
sub validate_group_naming_conflict
{
my $c = shift;
my $groupName = shift;
my $account = $adb->get($groupName);
my $type;
if (defined $account)
{
$type = $account->prop('type');
}
elsif (defined getpwnam($groupName) || defined getgrnam($groupName))
{
$type = "system";
}
else
{
return('OK');
}
return ($c->l('grp_ACCOUNT_CONFLICT', $groupName, $type));
}
=head2 validate_group FM groupname
Returns OK if the group name contains only valid characters
Returns GROUP_NAMING otherwise
=being testing
ok(validate_group('','foo') eq 'OK', 'foo is a valid group);
ok(validate_group('','f&oo') eq 'GROUP_CONTAINS_INVALD', 'f&oo is not a valid group);
=end testing
=cut
sub validate_group {
my $c = shift;
my $groupName = shift;
unless ( $groupName =~ /^([a-z][\-\_\.a-z0-9]*)$/ ) {
return $c->l('grp_GROUP_NAMING');
}
return ('OK');
}
=head2 validate_group_length FM GROUPNAME
returns 'OK' if the group name is shorter than the maximum group name length
returns 'GROUP_TOO_LONG' otherwise
=begin testing
ok(($panel->validate_group_length('foo') eq 'OK'), "a short groupname passes");
ok(($panel->validate_group_length('fooooooooooooooooo') eq 'GROUP_TOO_LONG'), "a long groupname fails");
=end testing
=cut
sub validate_group_length {
my $c = shift;
my $groupName = shift;
my $maxGroupNameLength = ($cdb->get('maxGroupNameLength')
? $cdb->get('maxGroupNameLength')->prop('type')
: "") || 12;
if ( length $groupName > $maxGroupNameLength ) {
return $c->l('grp_GROUP_TOO_LONG', $maxGroupNameLength);
}
else {
return ('OK');
}
}
=head2 validate_group_has_members FM MEMBERS
Validates that the cgi parameter MEMBERS is an array with at least one entry
Returns OK if true. Otherwise, returns NO_MEMBERS
=begin testing
ok(validate_group_has_members('',qw(foo bar)) eq 'OK', "We do ok with a group with two members");
ok(validate_group_has_members('',qw()) eq 'NO_MEMBERS', "We do ok with a group with no members");
ok(validate_group_has_members('') eq 'NO_MEMBERS', "We do ok with a group with undef members");
=end testing
=cut
sub validate_group_has_members {
my $c = shift;
my @members = (@_);
my $count = @members;
if ( $count == 0 ) {
return ($c->l('grp_NO_MEMBERS'));
}
else {
return ('OK');
}
}
=pod
=head2 validate_description ($description).
Checks the supplied description. Period is allowed in description
=cut
sub validate_description
{
my ($c, $description) = @_;
if ( $description =~ /^([\-\'\w][\-\'\w\s\.]*)$/ ) {
return ('OK');
}
else {
return ($c->l('FM_ERR_UNEXPECTED_DESC'));
}
}
1

View File

@@ -0,0 +1,615 @@
package SrvMngr::Controller::Hostentries;
#----------------------------------------------------------------------
# heading : Network
# description : Hostnames and addresses
# navigation : 6000 200
#----------------------------------------------------------------------
#
# routes : end
#----------------------------------------------------------------------
use strict;
use warnings;
use Mojo::Base 'Mojolicious::Controller';
use Locale::gettext;
use SrvMngr::I18N;
use SrvMngr qw(theme_list init_session);
#use Data::Dumper;
#use esmith::FormMagick::Panel::hostentries;
use esmith::DomainsDB;
use esmith::AccountsDB;
use esmith::HostsDB;
use esmith::NetworksDB;
use HTML::Entities;
use Net::IPv4Addr qw(ipv4_in_network);
#use URI::Escape;
our $ddb = esmith::DomainsDB->open || die "Couldn't open hostentries db";
our $cdb = esmith::ConfigDB->open || die "Couldn't open configuration db";
our $hdb = esmith::HostsDB->open || die "Couldn't open hosts db";
our $ndb = esmith::NetworksDB->open || die "Couldn't open networks db";
sub main {
my $c = shift;
$c->app->log->info( $c->log_req );
my %hos_datas = ();
my $title = $c->l('hos_FORM_TITLE');
my $notif = '';
$hos_datas{trt} = 'LIST';
my %dom_hosts = ();
foreach my $d ( @{ domains_list() } ) {
$dom_hosts{$d} = { COUNT => 0, HOSTS => [] };
if ( my @hosts = $hdb->get_hosts_by_domain($d) ) {
$dom_hosts{$d}{'COUNT'} = scalar(@hosts);
# my @entries;
push @{ $dom_hosts{$d}{'HOSTS'} }, host_data($_) foreach (@hosts);
}
}
$c->stash(
title => $title,
notif => $notif,
hos_datas => \%hos_datas,
dom_hosts => \%dom_hosts
);
$c->render( template => 'hostentries' );
}
sub do_display {
my $c = shift;
$c->app->log->info( $c->log_req );
my $rt = $c->current_route;
my $trt = $c->param('trt') || 'LST';
my $hostname = $c->param('Hostname') || '';
$trt = 'ADD' if ( $rt eq 'hostentryadd' );
$trt = 'LST' if ( $trt ne 'DEL' && $trt ne 'UPD' && $trt ne 'ADD' );
my %hos_datas = ();
my $title = $c->l('hos_FORM_TITLE');
my $notif = '';
$hos_datas{'trt'} = $trt;
if ( $trt eq 'ADD' ) {
}
if ( $trt eq 'UPD' or $trt eq 'DEL' ) {
my $rec = $hdb->get($hostname);
if ($rec) {
$hos_datas{hostname} = $rec->key;
( $hos_datas{name}, $hos_datas{domain} ) =
split_hostname($hostname);
$hos_datas{internalip} = $rec->prop('InternalIP') || '';
$hos_datas{externalip} = $rec->prop('ExternalIP') || '';
$hos_datas{macaddress} = $rec->prop('MACAddress') || '';
$hos_datas{hosttype} = $rec->prop('HostType');
$hos_datas{comment} =
HTML::Entities::encode( $rec->prop('Comment') );
}
else {
$notif = "Hostname $hostname not found !";
}
}
#if ( $trt eq 'DEL' ) {
# my $rec = $hdb->get($hostname);
# if ( $rec ) {
# get_hos_datas( $rec, %hos_datas );
# } else {
# $notif = "Hostname $hostname not found !"
# }
#}
if ( $trt eq 'LIST' ) {
}
$c->stash( title => $title, notif => $notif, hos_datas => \%hos_datas );
$c->render( template => 'hostentries' );
}
sub do_update {
my $c = shift;
$c->app->log->info( $c->log_req );
my $rt = $c->current_route;
my $trt = ( $c->param('trt') || 'LIST' );
my %hos_datas = ();
my $title = $c->l('hos_FORM_TITLE');
my $notif = '';
my $result = '';
$hos_datas{'name'} = lc $c->param('Name');
$hos_datas{'domain'} = lc $c->param('Domain');
$hos_datas{'hostname'} = $c->param('Hostname');
$hos_datas{'comment'} = $c->param('Comment');
$hos_datas{'hosttype'} = $c->param('Hosttype');
$hos_datas{'internalip'} = $c->param('Internalip');
$hos_datas{'macaddress'} = $c->param('Macaddress');
$hos_datas{'externalip'} = $c->param('Externalip');
my $hostname = "$hos_datas{'name'}.$hos_datas{'domain'}";
if ( $trt eq 'ADD' ) {
$hos_datas{'hostname'} = $hostname;
# controls
my $res = '';
unless ( $hos_datas{'name'} =~ /^[a-z0-9][a-z0-9-]*$/ ) {
$result .= $c->l('hos_HOSTNAME_VALIDATOR_ERROR') . '<br>';
}
unless ( $hos_datas{comment} =~ /^([a-zA-Z0-9][\_\.\-,A-Za-z0-9\s]*)$/
|| $hos_datas{comment} eq '' )
{
$result .= $c->l('hos_HOSTNAME_COMMENT_ERROR') . '<br>';
}
# Look for duplicate hosts.
my $hostrec = undef;
if ( $hostrec = $hdb->get($hostname) ) {
$result .= $c->l(
'hos_HOSTNAME_EXISTS_ERROR',
{
fullHostName => $hostname,
type => $hostrec->prop('HostType')
}
) . '<br>',;
}
if ( !$result and $hos_datas{hosttype} ne 'Self' ) {
if ( $hos_datas{hosttype} eq 'Local' ) {
$hos_datas{'trt'} = 'ALC'; # ADD/LOCAL
}
else {
$hos_datas{'trt'} = 'ARM'; # ADD/REMOVE
}
$c->stash( title => $title, notif => '', hos_datas => \%hos_datas );
return $c->render( template => 'hostentries' );
}
#!#$result .= ' blocked';
if ( !$result ) {
$res = create_modify_hostentry( $c, $trt, %hos_datas );
$result .= $res unless $res eq 'OK';
}
if ( !$result ) {
$result = $c->l('hos_CREATE_OR_MODIFY_SUCCEEDED') . ' ' . $hostname;
$trt = 'SUC';
}
}
if ( $trt eq 'UPD' ) {
# controls
my $res = '';
#$res = validate_description( $c, $account );
#$result .= $res unless $res eq 'OK';
unless ( $hos_datas{comment} =~ /^([a-zA-Z0-9][\_\.\-,A-Za-z0-9\s]*)$/
|| $hos_datas{comment} eq '' )
{
$result .= $c->l('hos_HOSTNAME_COMMENT_ERROR') . '<br>';
}
if ( !$result and $hos_datas{hosttype} ne 'Self' ) {
if ( $hos_datas{hosttype} eq 'Local' ) {
$hos_datas{'trt'} = 'ULC'; # UPDATE/LOCAL
}
else {
$hos_datas{'trt'} = 'URM'; # UPDATE/REMOVE
}
$c->stash( title => $title, notif => '', hos_datas => \%hos_datas );
return $c->render( template => 'hostentries' );
}
#!#$result .= 'blocked';
if ( !$result ) {
$res = create_modify_hostentry( $c, $trt, %hos_datas );
$result .= $res unless $res eq 'OK';
}
if ( !$result ) {
$result = $c->l('hos_MODIFY_SUCCEEDED') . ' ' . $hostname;
$trt = 'SUC';
}
}
if ( $trt =~ /^.LC$/ ) {
# controls
my $res = '';
$res = ip_number( $c, $hos_datas{internalip} );
$result .= $res . ' ' unless $res eq 'OK';
$res = not_in_dhcp_range( $c, $hos_datas{internalip} );
$result .= $res . ' ' unless $res eq 'OK';
$res = not_taken( $c, $hos_datas{internalip} );
$result .= $res . ' ' unless $res eq 'OK';
$res = must_be_local( $c, $hos_datas{internalip} );
$result .= $res . ' ' unless $res eq 'OK';
$res = mac_address_or_blank( $c, $hos_datas{macaddress} );
$result .= $res . ' ' unless $res eq 'OK';
#!#$result .= 'blocked';
if ( !$result ) {
$res = create_modify_hostentry( $c, $trt, %hos_datas );
$result .= $res unless $res eq 'OK';
}
if ( !$result ) {
$result = $c->l('hos_MODIFY_SUCCEEDED') . ' ' . $hostname;
$trt = 'SUC';
}
}
if ( $trt =~ /^.RM$/ ) {
# controls
my $res = '';
$res = ip_number_or_blank( $c, $hos_datas{externalip} );
$result .= $res . '<br>' unless $res eq 'OK';
#!#$result .= 'blocked';
if ( !$result ) {
$res = create_modify_hostentry( $c, $trt, %hos_datas );
$result .= $res unless $res eq 'OK';
}
if ( !$result ) {
$result = $c->l('hos_MODIFY_SUCCEEDED') . ' ' . $hostname;
$trt = 'SUC';
}
}
#if ( $trt eq 'ULC' ) {
#}
#if ( $trt eq 'URM' ) {
#}
if ( $trt eq 'DEL' ) {
# controls
my $res = '';
#$res = validate_is_hostentry($c, $hostname);
#$result .= $res unless $res eq 'OK';
#!#$result .= 'blocked';
if ( !$result ) {
my $res = delete_hostentry( $c, $hos_datas{hostname} );
$result .= $res unless $res eq 'OK';
}
if ( !$result ) {
$result = $c->l('hos_REMOVE_SUCCEEDED') . ' ' . $hostname;
$trt = 'SUC';
}
}
$hos_datas{'hostname'} = $hostname;
$hos_datas{'trt'} = $trt;
$c->stash( title => $title, notif => $result, hos_datas => \%hos_datas );
if ( $hos_datas{trt} ne 'SUC' ) {
return $c->render( template => 'hostentries' );
}
$c->redirect_to('/hostentries');
}
sub create_modify_hostentry {
my ( $c, $trt, %hos_datas ) = @_;
my $hostname = $hos_datas{hostname};
my $action;
if ( $trt eq 'ADD' or $trt eq 'ALC' or $trt eq 'ARM' ) {
$action = 'create';
}
if ( $trt eq 'UPD' or $trt eq 'ULC' or $trt eq 'URM' ) {
$action = 'modify';
}
unless ($hostname) {
return $c->l(
$action eq 'create'
? $c->l('hos_ERROR_CREATING_HOST')
: $c->l('hos_ERROR_MODIFYING_HOST')
);
}
# Untaint and lowercase $hostname
$hostname =~ /([\w\.-]+)/;
$hostname = lc($1);
my $rec = $hdb->get($hostname);
if ( $rec and $action eq 'create' ) {
return $c->l('hos_HOSTNAME_IN_USE_ERROR');
}
if ( not $rec and $action eq 'modify' ) {
return $c->l('hos_NONEXISTENT_HOSTNAME_ERROR');
}
my %props = (
type => 'host',
HostType => $hos_datas{hosttype},
ExternalIP => $hos_datas{externalip},
InternalIP => $hos_datas{internalip},
MACAddress => $hos_datas{macaddress},
Comment => $hos_datas{comment},
);
if ( $action eq 'create' ) {
if ( $hdb->new_record( $hostname, \%props ) ) {
if (
system( "/sbin/e-smith/signal-event", "host-$action",
$hostname ) != 0
)
{
return $c->l('hos_ERROR_WHILE_CREATING_HOST');
}
}
}
if ( $action eq 'modify' ) {
if ( $rec->merge_props(%props) ) {
if (
system( "/sbin/e-smith/signal-event", "host-$action",
$hostname ) != 0
)
{
rturn $c->l('hos_ERROR_WHILE_MODIFYING_HOST');
}
}
}
return 'OK';
}
sub delete_hostentry {
my ( $c, $hostname ) = @_;
# Untaint $hostname before use in system()
$hostname =~ /([\w\.-]+)/;
$hostname = $1;
return ( $c->l('hos_ERROR_WHILE_REMOVING_HOST') ) unless ($hostname);
my $rec = $hdb->get($hostname);
return ( $c->l('hos_NONEXISTENT_HOST_ERROR') ) if ( not $rec );
if ( $rec->delete() ) {
if (
system( "/sbin/e-smith/signal-event", "host-delete", "$hostname" )
== 0 )
{
return 'OK';
}
}
return ( $c->l('hos_ERROR_WHILE_DELETING_HOST') );
}
sub domains_list {
my $d = esmith::DomainsDB->open_ro() or die "Couldn't open DomainsDB";
my @domains;
for ( $d->domains ) {
my $ns = $_->prop("Nameservers") || 'localhost';
push @domains, $_->key if ( $ns eq 'localhost' );
}
return \@domains;
}
sub host_data {
my $host_record = shift;
my $ht = $host_record->prop('HostType');
my $ip =
( $ht eq 'Self' ) ? $cdb->get_value('LocalIP')
: ( $ht eq 'Remote' ) ? $host_record->prop('ExternalIP')
: $host_record->prop('InternalIP');
my %data = (
'IP' => $ip,
'HostName' => $host_record->key(),
'HostType' => $host_record->prop('HostType'),
'MACAddress' => ( $host_record->prop('MACAddress') || '' ),
'Comment' => ( $host_record->prop('Comment') || '' ),
'static' => ( $host_record->prop('static') || 'no' )
);
return \%data
}
sub hosttype_list {
my $c = shift;
return [
[ $c->l('SELF') => 'Self' ],
[ $c->l('LOCAL') => 'Local' ],
[ $c->l('REMOTE') => 'Remote' ]
];
}
sub split_hostname {
my $hostname = shift;
return ( $hostname =~ /^([^\.]+)\.(.+)$/ );
}
sub mac_address_or_blank {
my ( $c, $data ) = @_;
return "OK" unless $data;
return mac_address( $c, $data );
}
sub mac_address {
# from CGI::FormMagick::Validator::Network
my ( $c, $data ) = @_;
$_ = lc $data; # easier to match on $_
if ( not defined $_ ) {
return $c->l('FM_MAC_ADDRESS1');
}
elsif (/^([0-9a-f][0-9a-f](:[0-9a-f][0-9a-f]){5})$/) {
return "OK";
}
else {
return $c->l('FM_MAC_ADDRESS2');
}
}
sub ip_number_or_blank {
# XXX - FIXME - we should push this down into CGI::FormMagick
my $c = shift;
my $ip = shift;
if ( !defined($ip) || $ip eq "" ) {
return 'OK';
}
return ip_number( $c, $ip );
}
sub ip_number {
# from CGI::FormMagick::Validator qw( ip_number );
my ( $c, $data ) = @_;
return undef unless defined $data;
return $c->l('FM_IP_NUMBER1') unless $data =~ /^[\d.]+$/;
my @octets = split /\./, $data;
my $dots = ( $data =~ tr/.// );
return $c->l('FM_IP_NUMBER2') unless ( scalar @octets == 4 and $dots == 3 );
foreach my $octet (@octets) {
return $c->l( "FM_IP_NUMBER3", $octet ) if $octet > 255;
}
return 'OK';
}
sub not_in_dhcp_range {
my $c = shift;
my $address = shift;
my $status = $cdb->get('dhcpd')->prop('status') || "disabled";
return 'OK' unless $status eq "enabled";
my $start = $cdb->get('dhcpd')->prop('start');
my $end = $cdb->get('dhcpd')->prop('end');
return ( esmith::util::IPquadToAddr($start) <=
esmith::util::IPquadToAddr($address)
&& esmith::util::IPquadToAddr($address) <=
esmith::util::IPquadToAddr($end) )
? $c->l('hos_ADDR_IN_DHCP_RANGE')
: 'OK';
}
sub not_taken {
my $c = shift;
my $localip = shift;
my $server_localip = $cdb->get_value('LocalIP') || '';
my $server_gateway = $cdb->get_value('GatewayIP') || '';
my $server_extip = $cdb->get_value('ExternalIP') || '';
#$c->debug_msg("\$localip is $localip");
#$c->debug_msg("\$server_localip is $server_localip");
#$c->debug_msg("\$server_gateway is $server_gateway");
#$c->debug_msg("\$server_extip is $server_extip");
if ( $localip eq $server_localip ) {
return $c->l('hos_ERR_IP_IS_LOCAL_OR_GATEWAY');
}
if ( $localip eq $server_gateway ) {
return $c->l('hos_ERR_IP_IS_LOCAL_OR_GATEWAY');
}
if ( ( $cdb->get_value('SystemMode') ne 'serveronly' )
&& ( $server_extip eq $localip ) )
{
return $c->l('hos_ERR_IP_IS_LOCAL_OR_GATEWAY');
}
if ( $localip eq '127.0.0.1' ) {
return $c->l('hos_ERR_IP_IS_LOCAL_OR_GATEWAY');
}
else {
return 'OK';
}
}
sub must_be_local {
my $c = shift;
my $localip = shift;
# Make sure that the IP is indeed local.
#my $ndb = esmith::NetworksDB->open_ro;
my @local_list = $ndb->local_access_spec;
foreach my $spec (@local_list) {
next if $spec eq '127.0.0.1';
if ( eval { Net::IPv4Addr::ipv4_in_network( $spec, $localip ) } ) {
return 'OK';
}
}
# Not OK. The IP is not on any of our local networks.
return $c->l('hos_ERR_IP_NOT_LOCAL');
}
1;

View File

@@ -0,0 +1,577 @@
package SrvMngr::Controller::Ibays;
#----------------------------------------------------------------------
# heading : Network
# description : Shared areas (was ibays)
# navigation : 6000 100
#
#
# routes : end
#----------------------------------------------------------------------
use strict;
use warnings;
use Mojo::Base 'Mojolicious::Controller';
use Locale::gettext;
use SrvMngr::I18N;
use SrvMngr qw( theme_list init_session is_normal_password );
use esmith::AccountsDB;
use esmith::ConfigDB;
use esmith::DomainsDB;
#use esmith::FormMagick::Panel::ibays;
our $adb = esmith::AccountsDB->open || die "Couldn't open accounts db";
our $cdb = esmith::ConfigDB->open() || die "Couldn't open config db";
sub main {
my $c = shift;
$c->app->log->info($c->log_req);
my %iba_datas = ();
my $title = $c->l('iba_FORM_TITLE');
$iba_datas{'trt'} = 'LIST';
my @ibays;
if ($adb)
{
@ibays = $adb->ibays();
}
$c->stash( title => $title, iba_datas => \%iba_datas, ibays => \@ibays );
$c->render(template => 'ibays');
};
sub do_display {
my $c = shift;
my $rt = $c->current_route;
my $trt = ($c->param('trt') || 'LIST');
my $ibay = $c->param('ibay') || '';
#$trt = 'DEL' if ( $ibay );
#$trt = 'ADD' if ( $rt eq 'ibayadd' );
my %iba_datas = ();
my $title = $c->l('iba_FORM_TITLE');
my $modul = '';
$iba_datas{'trt'} = $trt;
if ( $trt eq 'ADD' ) {
$iba_datas{ibay} = '';
$iba_datas{description} = '';
$iba_datas{group} = '';
$iba_datas{userAccess} = '';
$iba_datas{publicAccess} = '';
$iba_datas{CgiBin} = '';
$iba_datas{SSL} = '';
}
if ( $trt eq 'UPD' ) {
my $rec = $adb->get($ibay);
if ($rec and $rec->prop('type') eq 'ibay') {
$iba_datas{ibay} = $ibay;
$iba_datas{description} = $rec->prop('Name') || '';
$iba_datas{group} = $rec->prop('Group') || '';
$iba_datas{userAccess} = $rec->prop('UserAccess') || '';
$iba_datas{publicAccess} = $rec->prop('PublicAccess') || '';
$iba_datas{CgiBin} = $rec->prop('CgiBin') || 'disabled';
$iba_datas{SSL} = $rec->prop('SSL') || 'disabled';
}
}
if ( $trt eq 'DEL' ) {
my $rec = $adb->get($ibay);
if ($rec and $rec->prop('type') eq 'ibay') {
$iba_datas{ibay} = $ibay;
$iba_datas{description} = $rec->prop('Name') || '';
$modul .= print_vhost_message( $c, $ibay );
}
}
if ( $trt eq 'PWD' ) {
my $rec = $adb->get($ibay);
if ($rec and $rec->prop('type') eq 'ibay') {
$iba_datas{ibay} = $ibay;
$iba_datas{description} = $rec->prop('Name') || '';
}
}
if ( $trt eq 'LIST' ) {
my @ibays;
$adb = esmith::AccountsDB->open || die "Couldn't open accounts db";
if ($adb)
{
@ibays = $adb->ibays();
}
$c->stash( ibays => \@ibays );
}
$c->stash( title => $title, modul => $modul, iba_datas => \%iba_datas );
$c->render( template => 'ibays' );
};
sub do_update {
my $c = shift;
$c->app->log->info($c->log_req);
my $rt = $c->current_route;
my $trt = ($c->param('trt') || 'LIST');
my %iba_datas = ();
my $title = $c->l('iba_FORM_TITLE');
$iba_datas{'trt'} = $trt;
my $result = '';
my $res;
if ( $trt eq 'ADD' ) {
my $name = ($c->param('ibay') || '');
# controls
$res = validate_ibay( $c, $name );
$result .= $res unless $res eq 'OK';
if ( ! $result ) {
$res = create_ibay( $c, $name );
$result .= $res unless $res eq 'OK';
if ( ! $result ) {
$result = $c->l('iba_SUCCESSFULLY_CREATED_IBAY') . ' ' . $name;
$iba_datas{trt} = 'LST';
}
}
}
if ( $trt eq 'UPD' ) {
my $name = ($c->param('ibay') || '');
# controls
$res = '';
if ( ! $result ) {
$res = modify_ibay( $c, $name );
$result .= $res unless $res eq 'OK';
if ( ! $result ) {
$result = $c->l('iba_SUCCESSFULLY_MODIFIED_IBAY') . ' ' . $name;
$iba_datas{trt} = 'LST';
}
}
}
if ( $trt eq 'PWD' ) {
my $ibay = ($c->param('ibay') || '');
my $pass1 = ($c->param('newPass') || '');
my $pass2 = ($c->param('newPassVerify') || '');
# controls
unless ($pass1 eq $pass2) {
$result .= $c->l('iba_IBAY_PASSWD_VERIFY_ERROR') . ' - ';
}
$res = check_password( $c, $pass1 );
$result .= $res unless $res eq 'OK';
if ( ! $result ) {
$res = reset_password( $c, $ibay, $pass1 );
$result .= $res unless $res eq 'OK';
if ( ! $result ) {
$result = $c->l('iba_SUCCESSFULLY_RESET_PASSWORD') . ' ' . $ibay;
$iba_datas{trt} = 'LST';
}
}
}
if ( $trt eq 'DEL' ) {
my $ibay = $c->param ('ibay');
if ($ibay =~ /^([a-z][a-z0-9]*)$/) {
$ibay = $1;
} else {
$result .= $c->l('iba_ERR_INTERNAL_FAILURE') . ':' . $ibay;
}
if ( ! $result ) {
$res = remove_ibay( $c, $ibay );
$result .= $res unless $res eq 'OK';
if ( ! $result ) {
$result = $c->l('iba_SUCCESSFULLY_DELETED_IBAY') . ' ' . $ibay;
$iba_datas{trt} = 'LST';
}
}
}
# common parts
if ($res ne 'OK') {
$c->stash( error => $result );
$c->stash( title => $title, iba_datas => \%iba_datas );
return $c->render('ibays');
}
my $message = "'Ibays' updates ($trt) DONE";
$c->app->log->info($message);
$c->flash( success => $result );
$c->redirect_to('/ibays');
};
sub validate_ibay {
my ($c, $name) = @_;
my $msg = validate_name($c, $name);
unless ($msg eq "OK")
{
return ($msg);
}
$msg = max_ibay_name_length($c, $name);
unless ($msg eq "OK")
{
return ($msg);
}
$msg = conflict_check($c, $name);
unless ($msg eq "OK")
{
return ($msg);
}
return ('OK');
}
sub create_ibay {
my ($c, $name) = @_;
my $msg;
my $uid = $adb->get_next_uid();
if (my $acct = $adb->new_record($name, {
Name => $c->param('ibayDesc'),
CgiBin => $c->param('CgiBin'),
Group => $c->param('group'),
PublicAccess => $c->param('publicAccess'),
SSL => $c->param('SSL'),
UserAccess => $c->param('userAccess'),
Uid => $uid,
Gid => $uid,
PasswordSet => 'no',
type => 'ibay',
}) )
{
# Untaint $name before use in system()
$name =~ /(.+)/; $name = $1;
if (system ("/sbin/e-smith/signal-event", "ibay-create", $name) == 0) {
$msg = 'OK';
} else {
$msg = $c->l('iba_ERROR_WHILE_CREATING_IBAY');
}
} else {
$msg = $c->l('iba_CANT_CREATE_IBAY');
}
return $msg;
}
sub modify_ibay {
my ($c, $name) = @_;
my $msg;
if (my $acct = $adb->get($name)) {
if ($acct->prop('type') eq 'ibay') {
$acct->merge_props(
Name => $c->param('ibayDesc'),
CgiBin => $c->param('CgiBin'),
Group => $c->param('group'),
PublicAccess => $c->param('publicAccess'),
SSL => $c->param('SSL'),
UserAccess => $c->param('userAccess'),
);
# Untaint $name before use in system()
$name =~ /(.+)/; $name = $1;
if (system ("/sbin/e-smith/signal-event", "ibay-modify",
$name) == 0)
{
$msg = 'OK';
} else {
$msg = $c->l('iba_ERROR_WHILE_MODIFYING_IBAY');
}
} else {
$msg = $c->l('iba_CANT_FIND_IBAY');
}
} else {
$msg = $c->l('iba_CANT_FIND_IBAY');
}
return $msg;
}
sub print_vhost_message {
my $c = shift;
my $name = $c->param('ibay');
my $result = '';
my $domaindb = esmith::DomainsDB->open();
my @domains = $domaindb->get_all_by_prop(Content => $name);
my $vhostListItems = join "\n",
(map ($_->key." ".$_->prop('Description'), @domains));
if ($vhostListItems)
{
$result = $c->l('iba_VHOST_MESSAGE') . "<br><ul>";
foreach ( $vhostListItems ) {
$result .= "<li> $_ </li>";
}
$result .= '</ul>'
}
return $result;
}
sub remove_ibay {
my ($c, $name) = @_;
my $msg = '';
if (my $acct = $adb->get($name)) {
if ($acct->prop('type') eq 'ibay') {
$acct->set_prop('type', 'ibay-deleted');
my $domains_db = esmith::DomainsDB->open();
my @domains = $domains_db->get_all_by_prop(Content=>$name);
foreach my $d (@domains) {
$d->set_prop(Content => 'Primary');
}
# Untaint $name before use in system()
$name =~ /(.+)/; $name = $1;
if (system ("/sbin/e-smith/signal-event", "ibay-delete",
$name) == 0)
{
$msg = 'OK';
$acct->delete();
} else {
$msg = $c->l('iba_ERROR_WHILE_DELETING_IBAY');
}
} else {
$msg = $c->l('iba_CANT_FIND_IBAY');
}
} else {
$msg = $c->l('iba_CANT_FIND_IBAY');
}
return $msg;
}
sub reset_password {
my ($c, $name, $newPass) = @_;
my ($msg, $acct);
if (($acct = $adb->get($name)) && ($acct->prop('type') eq 'ibay')) {
esmith::util::setIbayPassword ($acct->key, $newPass);
$acct->set_prop('PasswordSet', 'yes');
# Untaint $name before use in system()
$name =~ /(.+)/; $name = $1;
if (system ("/sbin/e-smith/signal-event", "password-modify",
$name) == 0)
{
$msg = 'OK';
} else {
$msg = $c->l('iba_ERROR_WHILE_RESETTING_PASSWORD');
}
} else {
$msg = $c->l('iba_CANT_FIND_IBAY');
}
return $msg;
}
sub check_password {
my ($c, $password) = @_;
my $strength;
my $rec = $cdb->get('passwordstrength');
$strength = ($rec ? ($rec->prop('Ibays') || 'none') : 'none');
return validate_password( $c, $strength, $password );
}
sub validate_password {
my ($c, $strength, $pass) = @_;
use Crypt::Cracklib;
my $reason;
if ($strength eq "none") {
return $c->l("Passwords must be at least 7 characters long") unless (length($pass) > 6);
return "OK";
}
$reason = is_normal_password($c, $pass, undef);
return $reason unless ($reason eq "OK");
return "OK" unless ($strength eq "strong");
if ( -f '/usr/lib64/cracklib_dict.pwd' ) {
$reason = fascist_check($pass, '/usr/lib64/cracklib_dict');
} else {
$reason = fascist_check($pass, '/usr/lib/cracklib_dict');
}
$reason ||= "Software error: password check failed";
return "OK" if ($reason eq "ok");
return $c->l("Bad Password Choice") . ": "
. $c->l("The password you have chosen is not a good choice, because")
. " " . $c->($reason) . ".";
}
=head2 group_list()
Returns a hash of groups for the Create/Modify screen's group field's
drop down list.
=cut
sub group_list_m {
my @groups = $adb->groups();
my @grps = ( ['Admin' => 'admin'], ['Everyone' => 'shared']);
foreach my $g (@groups) {
push @grps, [ $g->prop('Description')." (". $g->key.")", $g->key() ];
}
return \@grps;
}
=head2 userAccess_list
Returns the hash of user access settings for showing in the user access
drop down list.
=cut
sub userAccess_list_m {
my $c = shift;
return [[ $c->l('WARG') => 'wr-admin-rd-group'],
[ $c->l('WGRE') => 'wr-group-rd-everyone'],
[ $c->l('WGRG') => 'wr-group-rd-group']];
}
=head2 publicAccess_list
Returns the hash of public access settings for showing in the public
access drop down list.
=cut
sub publicAccess_list_m {
my $c = shift;
return [[ $c->l('NONE') => 'none'],
[ $c->l('LOCAL_NETWORK_NO_PASSWORD') => 'local'],
[ $c->l('LOCAL_NETWORK_PASSWORD') => 'local-pw'],
[ $c->l('ENTIRE_INTERNET_NO_PASSWORD') => 'global'],
[ $c->l('ENTIRE_INTERNET_PASSWORD') => 'global-pw'],
[ $c->l('ENTIRE_INTERNET_PASSWORD_REMOTE') => 'global-pw-remote']];
}
sub max_ibay_name_length {
my ($c, $data) = @_;
$cdb->reload();
my $max = $cdb->get('maxIbayNameLength')->value;
if (length($data) <= $max) {
return "OK";
} else {
return $c->l('iba_MAX_IBAY_NAME_LENGTH_ERROR', $data, $max, $max);
# {acctName => $data,
# maxIbayNameLength => $max,
# maxLength => $max});
}
}
sub conflict_check {
my ($c, $name) = @_;
my $rec = $adb->get($name);
my $type;
if (defined $rec)
{
my $type = $rec->prop('type');
if ($type eq "pseudonym")
{
my $acct = $rec->prop("Account");
my $acct_type = $adb->get($acct)->prop('type');
return $c->l('iba_ACCT_CLASHES_WITH_PSEUDONYM', $name, $acct_type, $acct);
}
}
elsif (defined getpwnam($name) || defined getgrnam($name))
{
$type = 'system';
}
else
{
# No account record and no account
return 'OK';
}
return $c->l('iba_ACCOUNT_EXISTS', $name, $type);
}
sub validate_name {
my ($c, $acctName) = @_;
unless ($acctName =~ /^([a-z][\_\.\-a-z0-9]*)$/)
{
return $c->l('iba_ACCT_NAME_HAS_INVALID_CHARS', $acctName);
}
return "OK";
}
1

View File

@@ -0,0 +1,37 @@
package SrvMngr::Controller::Initial;
#----------------------------------------------------------------------
# heading : Support
# description : Home
# navigation : 0000 000
# menu : N
# routes : end
#----------------------------------------------------------------------
use strict;
use warnings;
use Mojo::Base 'Mojolicious::Controller';
use Locale::gettext;
use SrvMngr::I18N;
use SrvMngr qw(theme_list init_session);
#use SrvMngr::Model::Main;
sub main {
my $c = shift;
$c->app->log->info($c->log_req);
my $title = $c->l('initial_FORM_TITLE');
my $modul = $c->render_to_string(inline => $c->l('initial_FRAMES_BODY'));
$c->stash( title => $title, modul => $modul );
$c->render(template => 'initial');
}
1;

View File

@@ -0,0 +1,41 @@
package SrvMngr::Controller::Legacypanel;
#----------------------------------------------------------------------
# name : legacypanel, method : get, url : /legacypanel, ctlact : Legacypanel#main
#
# routes : end
#----------------------------------------------------------------------
use strict;
use warnings;
use Mojo::Base 'Mojolicious::Controller';
use Locale::gettext;
use SrvMngr::I18N;
use SrvMngr qw(theme_list init_session);
#use SrvMngr::Model::Main;
sub main {
my $c = shift;
$c->app->log->info($c->log_req);
my $title = $c->l('legacy panel');
my $legacy_url = $c->param('url');
my $legacy_height = $c->param('height') | 600;
$c->stash( title => $title, modul => $legacy_url, height => $legacy_height );
$c->render(template => 'embedded');
}
sub getlegacyurl {
my $c = shift;
my $url = shift;
return "/smanager/legacypanel?url=$url";
}
1;

View File

@@ -0,0 +1,291 @@
package SrvMngr::Controller::Localnetworks;
#----------------------------------------------------------------------
# heading : Network
# description : Local networks
# navigation : 6000 500
#
# routes : end
#----------------------------------------------------------------------
use strict;
use warnings;
use Mojo::Base 'Mojolicious::Controller';
use Locale::gettext;
use SrvMngr::I18N;
use SrvMngr qw(theme_list init_session subnet_mask get_reg_mask ip_number);
#use Data::Dumper;
use esmith::util;
use esmith::HostsDB;
my $network_db = esmith::NetworksDB->open() || die("Couldn't open networks db");
my $ret = "OK";
sub main {
my $c = shift;
$c->app->log->info( $c->log_req );
my %ln_datas = ();
$ln_datas{return} = "";
my $title = $c->l('ln_LOCAL NETWORKS');
my $modul = '';
$ln_datas{trt} = 'LIST';
my @localnetworks;
if ($network_db) {
@localnetworks = $network_db->get_all_by_prop( type => 'network' );
}
$c->stash(
title => $title,
modul => $modul,
ln_datas => \%ln_datas,
localnetworks => \@localnetworks
);
$c->render( template => 'localnetworks' );
}
sub do_display {
my $c = shift;
$c->app->log->info( $c->log_req );
my $rt = $c->current_route;
my $trt = ( $c->param('trt') || 'LIST' );
$trt = 'DEL' if ( $rt eq 'localnetworksdel' );
$trt = 'ADD' if ( $rt eq 'localnetworksadd' );
$trt = 'ADD1' if ( $rt eq 'localnetworksadd1' );
$trt = 'DEL1' if ( $rt eq 'localnetworksdel1' );
my %ln_datas = ();
my $title = $c->l('ln_LOCAL NETWORKS');
my $modul = '';
if ( $trt eq 'ADD' ) {
#Add a network - called from the list panel
# Nothing to do here...as just need fields to input data.
}
if ( $trt eq 'ADD1' ) {
#Add a network - called after new network details filled in
my %ret = add_network($c);
#Return to list page if success
if ((index($ret{ret},"SUCCESS") != -1)) {
$trt = "LIST";
} else {
#Error - return to Add page
$trt = "ADD";
}
$network_db = esmith::NetworksDB->open() || die("Failed to open Networkdb-3"); #Refresh the network DB
$c->stash(ret=>\%ret); #stash it away for the template
}
if ( $trt eq 'DEL1' ) {
#After Remove clicked on Delete network panel
my $network_db = esmith::NetworksDB->open() || die("Failed to open Networkdb-1");
my $localnetwork = $c->param("localnetwork");
my $delete_hosts = $c->param("deletehost")||"1"; #default to deleting them.
my $rec = $network_db->get($localnetwork)||die("Failed to find network on db:$localnetwork");
if ( $rec and $rec->prop('type') eq 'localnetwork' ) {
$ln_datas{localnetwork} = $localnetwork;
}
my %ret = remove_network($localnetwork,$delete_hosts);
$network_db = esmith::NetworksDB->open() || die("Failed to open Networkdb-2"); #Refresh the network DB
my @localnetworks;
if ($network_db) {
@localnetworks = $network_db->get_all_by_prop( type => 'network' );
}
# Load up ln_datas with values need by template
$ln_datas{subnet} = $rec->prop('Mask');
$ln_datas{router} = $rec->prop('Router');
$c->stash( ln_datas => \%ln_datas, localnetworks => \@localnetworks ,ret =>\%ret);
}
if ( $trt eq 'DEL' ) {
#Initial delete panel requiring confirmation
my $localnetwork = $c->param("localnetwork") || '';
$c->stash(localnetwork=>$localnetwork);
my $rec = $network_db->get($localnetwork) || die("Failed to get local network in db::$localnetwork");
my $subnet = $rec->prop('Mask');
$ln_datas{subnet} = $subnet;
$ln_datas{router} = $rec->prop('Router');
my $numhosts = hosts_on_network($localnetwork,$subnet);
$ln_datas{localnetwork} = $localnetwork;
$ln_datas{deletehosts} = $numhosts>0?1:0;
}
if ( $trt eq 'LIST' ) {
#List all the networks
my @localnetworks;
if ($network_db) {
@localnetworks = $network_db->get_all_by_prop( type => 'network' );
}
$c->stash( localnetworks => \@localnetworks );
## $c->redirect_to('/localnetworks');
}
$ln_datas{'trt'} = $trt;
$c->stash( title => $title, modul => $modul, ln_datas => \%ln_datas );
$c->render( template => 'localnetworks' );
}
sub remove_network {
my $network = shift;
my $network_db = esmith::NetworksDB->open();
my $record = $network_db->get($network);
my $delete_hosts = shift;
if ( my $record = $network_db->get($network) ) {
my $subnet = $record->prop('Mask');
my $router = $record->prop('Router');
$record->set_prop( type => 'network-deleted' );
# Untaint $network before use in system()
$network =~ /(.+)/;
$network = $1;
if ( system( "/sbin/e-smith/signal-event", "network-delete", $network ) == 0 ) {
if ($delete_hosts) {
my @hosts_to_delete = hosts_on_network( $network, $subnet );
foreach my $host (@hosts_to_delete) {
$host->delete;
}
}
$record->delete;
return (ret=>'ln_SUCCESS_REMOVED_NETWORK',vars=>"$network,$subnet,$router");
}
else {
return (ret=>"ln_ERROR_DELETING_NETWORK");
}
}
else {
return (ret=>"ln_NO_SUCH_NETWORK");
}
}
sub hosts_on_network {
my $network = shift;
my $netmask = shift;
die if not $network and $netmask;
my $cidr = "$network/$netmask";
my $hosts = esmith::HostsDB->open() || die("Couldn't open hosts db");
my @localhosts = grep { $_->prop('HostType') eq 'Local' } $hosts->hosts;
my @hosts_on_network = ();
foreach my $host (@localhosts) {
my $ip = $host->prop('InternalIP') || "";
if ($ip) {
if ( Net::IPv4Addr::ipv4_in_network( $cidr, $ip ) ) {
push @hosts_on_network, $host;
}
}
}
return @hosts_on_network if wantarray;
return scalar @hosts_on_network;
}
sub add_network
{
my ($fm) = @_;
my $networkAddress = $fm->param('networkAddress');
my $networkMask = $fm->param('networkMask');
my $networkRouter = $fm->param('networkRouter');
#Validate Ips and subnet mask
my $res = ip_number($fm, $networkAddress);
return (ret=>'ln_INVALID_IP_ADDRESS', vars=>"Network Address $res") unless $res eq 'OK';
$res = subnet_mask( $networkMask );
return (ret=>'ln_INVALID_SUBNET_MASK', vars=>"$networkMask" ) unless $res eq 'OK';
$res = ip_number($fm, $networkRouter);
return (ret=>'ln_INVALID_IP_ADDRESS' , vars=>"Routeur Address $res") unless $res eq 'OK';
# we transform bit mask to regular mask
$networkMask = get_reg_mask( $networkAddress, $networkMask );
my $network_db = esmith::NetworksDB->open()
|| esmith::NetworksDB->create();
my $config_db = esmith::ConfigDB->open();
my $localIP = $config_db->get('LocalIP');
my $localNetmask = $config_db->get('LocalNetmask');
my ( $localNetwork, $localBroadcast ) =
esmith::util::computeNetworkAndBroadcast( $localIP->value(),
$localNetmask->value() );
my ( $routerNetwork, $routerBroadcast ) =
esmith::util::computeNetworkAndBroadcast( $networkRouter,
$localNetmask->value() );
# Note to self or future developers:
# the following tests should probably be validation routines
# in the form itself, but it just seemed too fiddly to do that
# at the moment. -- Skud 2002-04-11
# I agree --bjr 2020-04-18
if ( $routerNetwork ne $localNetwork )
{
return (ret=>'ln_NOT_ACCESSIBLE_FROM_LOCAL_NETWORK');
}
my ( $network, $broadcast ) =
esmith::util::computeNetworkAndBroadcast( $networkAddress, $networkMask );
if ( $network eq $localNetwork )
{
return (ret=>'ln_NETWORK_ALREADY_LOCAL');
}
if ( $network_db->get($network) )
{
return (ret=>'ln_NETWORK_ALREADY_ADDED');
}
$network_db->new_record(
$network,
{
Mask => $networkMask,
Router => $networkRouter,
type => 'network',
}
);
# Untaint $network before use in system()
$network =~ /(.+)/;
$network = $1;
system( "/sbin/e-smith/signal-event", "network-create", $network ) == 0
or ( return (ret=>'ln_ERROR_CREATING_NETWORK' ));
my ( $totalHosts, $firstAddr, $lastAddr ) =
esmith::util::computeHostRange( $network, $networkMask );
my $msg;
if ( $totalHosts == 1 )
{
return (ret=>'ln_SUCCESS_SINGLE_ADDRESS',vars=>"$network,$networkMask,$networkRouter");
}
elsif (( $totalHosts == 256 )
|| ( $totalHosts == 65536 )
|| ( $totalHosts == 16777216 ) )
{
return ( ret=>'ln_SUCCESS_NETWORK_RANGE',vars=>"$network,$networkMask,$networkRouter,$totalHosts,$firstAddr,$lastAddr");
}
else
{ my $simpleMask = esmith::util::computeLocalNetworkPrefix( $network, $networkMask );
return ( ret => 'ln_SUCCESS_NONSTANDARD_RANGE',
vars=>"$network,$networkMask,$networkRouter,$totalHosts,$firstAddr,$lastAddr,$simpleMask");
}
}

View File

@@ -0,0 +1,273 @@
package SrvMngr::Controller::Login;
#----------------------------------------------------------------------
# heading : Support
# description : Login
# navigation : 0000 001
# menu : N
#
# routes : end
#----------------------------------------------------------------------
# for information
# $r->get('/login')->to('login#main')->name('login');
# $r->post('/login')->to('login#login')->name('signin');
# $r->get('/login2')->to('login#pwdrescue')->name('pwdresc');
# $r->get('/loginc')->to('login#confpwd')->name('resetpwdconf');
# for information
use strict;
use warnings;
use Mojo::Base 'Mojolicious::Controller';
use Locale::gettext;
use esmith::AccountsDB;
use SrvMngr::I18N;
use SrvMngr::Model::Main;
use SrvMngr qw( theme_list init_session );
my $MAX_LOGIN_ATTEMPTS = 3;
my $DURATION_BLOCKED = 30 * 60; # access blocked for 30 min
my $TIMEOUT_FAILED_LOGIN = 1;
my $RESET_DURATION = 2 * 60 * 60; # 2 hours for resetting
our $adb = esmith::AccountsDB->open() or die "Couldn't open DB Accounts\n";
my $allowed_user_re = qr/^\w{5,10}$/;
my %Login_Attempts;
sub main {
my $c = shift;
$c->stash( trt => 'NORM' );
$c->render('login');
}
sub login {
my $c = shift;
my $trt = $c->param('Trt');
# password reset request
if ( $trt eq 'RESET' ) {
my $res = $c->mail_rescue();
if ( $res ne 'OK' ) {
$c->stash( error => $res, trt => $trt );
return $c->render('login');
}
$c->flash( success => $c->l('use_RESET_REGISTERED') );
record_login_attempt($c, 'RESET');
return $c->redirect_to( $c->home_page );
}
# normal loggin
my $name = $c->param('Username');
my $pass = $c->param('Password');
my $from = $c->param('From');
if ( is_denied($c) ) {
$c->stash( error => $c->l('use_TOO_MANY_LOGIN'), trt => 'NORM' );
return $c->render('login');
}
# untaint
unless ( ($name =~ /^([a-z][\-\_\.a-z0-9]*)$/) && ($pass =~ /^([ -~]+)$/) ) {
record_login_attempt($c, 'FAILED');
$c->stash( error => $c->l('use_INVALID_DATA'), trt => 'NORM' );
return $c->render('login');
}
my $alias = SrvMngr::Model::Main->check_adminalias( $c );
if ( $alias ) {
if ( $name eq $alias ) {
$name = 'admin';
} elsif ( $name eq 'admin' ) {
record_login_attempt($c, 'FAILED');
$c->stash( error => $c->l('use_SORRY'), trt => 'NORM' );
return $c->render('login');
}
}
if (SrvMngr::Model::Main->check_credentials($name, $pass)) {
$c->session(logged_in => 1); # set the logged_in flag
$c->session(username => $name); # keep a copy of the username
# if ( $name eq 'admin' || $adb->is_user_in_group($name, 'AdmiN') ) # for futur use
if ( $name eq 'admin' ) {
$c->session(is_admin => 1);
} else {
$c->session(is_admin => 0);
}
$c->session(expiration => 600); # expire this session in 10 minutes
$c->flash( success => $c->l('use_WELCOME') );
record_login_attempt($c, 'SUCCESS');
} else {
record_login_attempt($c, 'FAILED');
sleep $TIMEOUT_FAILED_LOGIN;
$c->stash( error => $c->l('use_SORRY'), trt => 'NORM' );
return $c->render('login');
}
$from = $c->home_page if ( $from eq 'login' );
$c->redirect_to( $from );
}
sub pwdrescue {
my $c = shift;
$c->stash( trt => 'RESET' );
$c->render('login');
}
sub mail_rescue {
my $c = shift;
my $name = $c->param('Username');
my $from = $c->param('From');
my $res;
$res .= $c->l('use_TOO_MANY_LOGIN') if ( is_denied($c) );
# untaint
if ( ! $res && $name !~ /^([a-z][\-\_\.a-z0-9]*)$/ ) {
record_login_attempt($c, 'FAILED');
$res .= $c->l('use_ERR_NAME');
}
if ( ! $res && $name eq 'admin' ) {
$res .= $c->l('use_NOT_THAT_OPER');
}
# user exists ?
if ( ! $res ) {
my $acct = $adb->get($name);
if ( ! $acct || $acct->prop('type') ne "user" || $acct->prop('PasswordSet') ne 'yes' ) {
$res .= $c->l('use_NOT_THAT_OPER');
}
}
return $res if $res;
# send email
my $email = $name .'@'. $c->session->{DomainName};
my $until = time() + $RESET_DURATION;
$c->pwdrst->{$name} = {
email => $email,
date => $until,
confirmed => 0,
};
my $jwt = $c->jwt->claims({username => $name})->encode;
my $url = $c->url_for('loginc')->to_abs->query(jwt => $jwt);
# $c->email( $email, $c->l('use_CONFIRM_RESET'), $c->render_to_string(inline => $c->l('use_GO_TO_URL', $url) ) );
# directly (without minion)
$c->send_email( $email, $c->l('use_CONFIRM_RESET'), $c->render_to_string(inline => $c->l('use_GO_TO_URL', $url) ) );
return 'OK';
}
sub logout {
my $c = shift;
$c->app->log->info($c->log_req);
$c->session( expires => 1 );
$c->flash( success => $c->l('use_BYE') );
$c->flash( error => 'Byegood' );
$c->redirect_to( $c->home_page );
}
sub confpwd {
my $c = shift;
my $jwt = $c->param('jwt');
my $name = $c->jwt->decode($jwt)->{username};
# request already treated or outdated
if ( $c->pwdrst->{$name}{confirmed} != 0 or $c->pwdrst->{$name}{date} < time() ) {
$c->flash( error => $c->l('use_INVALID_REQUEST'));
return $c->redirect_to( $c->home_page );
}
# reset password for this account
$c->pwdrst->{$name}{confirmed} = 1;
$c->flash( success => $c->l('use_OK_FOR_RESET') );
# call userpassword with encoded name
my $url = $c->url_for('userpasswordr')->to_abs->query(jwt => $jwt);
# warn "confpwd: " . $url . "\n";
return $c->redirect_to( $url );
}
sub record_login_attempt {
my ($c, $result) = @_;
my $user = $c->param('Username');
my $ip_address = $c->tx->remote_address;
if ($result eq 'RESET') {
$c->app->log->info(join "\t", "Password reset requested for : $user at ", $ip_address);
} elsif ($result eq 'SUCCESS') {
$c->app->log->info(join "\t", "Login succeeded: $user", $ip_address);
$Login_Attempts{$ip_address}->{tries} = 0; # reset the number of login attempts
} else {
$c->app->log->info(join "\t", "Login FAILED: $user", $ip_address);
$Login_Attempts{$ip_address}->{tries}++;
if ( $Login_Attempts{$ip_address}->{tries} > $MAX_LOGIN_ATTEMPTS ) {
$Login_Attempts{$ip_address}->{denied_until} = time() + $DURATION_BLOCKED;
}
}
}
sub is_denied {
my ($c) = @_;
my $ip_address = $c->tx->remote_address;
return unless exists $Login_Attempts{$ip_address}
&& exists $Login_Attempts{$ip_address}->{denied_until};
return 'Denied'
if $Login_Attempts{$ip_address}->{denied_until} > time();
# TIMEOUT has expired, reset attempts
delete $Login_Attempts{$ip_address}->{denied_until};
$Login_Attempts{$ip_address}->{tries} = 0;
return;
}
1;

View File

@@ -0,0 +1,34 @@
package SrvMngr::Controller::Logout;
#----------------------------------------------------------------------
# heading : Current User
# description : Logout
# navigation : 1000 900
# menu : U
#
# routes : end
#----------------------------------------------------------------------
use strict;
use warnings;
use Mojo::Base 'Mojolicious::Controller';
use Locale::gettext;
use SrvMngr::I18N;
use SrvMngr qw( theme_list init_session );
sub logout {
my $c = shift;
$c->app->log->info($c->log_req);
$c->session( expires => 1 );
$c->flash( success => 'Goodbye' );
$c->redirect_to( $c->home_page );
}
1;

View File

@@ -0,0 +1,34 @@
package SrvMngr::Controller::Manual;
#----------------------------------------------------------------------
# heading : Support
# description : Online manual
# navigation : 0000 100
# menu : N
#
# routes : end
#----------------------------------------------------------------------
use strict;
use warnings;
use Mojo::Base 'Mojolicious::Controller';
use Locale::gettext;
use SrvMngr::I18N;
use SrvMngr qw(theme_list init_session);
sub main {
my $c = shift;
$c->app->log->info($c->log_req);
my $title = $c->l('manual_FORM_TITLE');
my $modul = $c->render_to_string(inline => $c->l('manual_DESCRIPTION'));
$c->stash( title => $title, modul => $modul);
$c->render(template => 'manual');
}
1;

View File

@@ -0,0 +1,71 @@
package SrvMngr::Controller::Modules;
use strict;
use warnings;
use Mojo::Base 'Mojolicious::Controller';
use Locale::gettext;
use SrvMngr::I18N;
#
# routes : end
#----------------------------------------------------------------------
use SrvMngr qw(theme_list init_session);
sub bugreport {
my $c = shift;
$c->app->log->info($c->log_req);
my $modul = $c->render_to_string( inline => "<p># my (\$lang, \$releaseVersion,
<br># \$c->stash\(\'lang\', \'releaseVer\'
# \'navigation\'</p>");
$c->stash( modul => $modul );
};
sub support {
my $c = shift;
$c->app->log->info($c->log_req);
my $modul = $c->stash('modul');
$modul .= 'Mail result is 1 + 8.';
$c->stash( modul => $modul, PwdSet => '0', Unsafe => '0' );
#$c->render('modules/support');
};
sub modsearch {
my $c = shift;
my $module = $c->param('module');
$c->app->log->info($c->log_req);
my $redirect_url = SrvMngr->get_mod_url($module);
if($redirect_url ne "-1"){
#$c->render(text => "mod_search: $module to $redirect_url");
return $c->redirect_to($redirect_url);
#return $c->redirect_to( url_for($redirect_url) );
}
#$c->render(text => "mod_search: $module to 'welcome'");
return $c->redirect_to( $c->home_page );
};
sub whatever {
my $c = shift;
my $whatever = $c->param('whatever');
$c->app->log->info($c->log_req . ' ' . $whatever);
$c->render(text => "whatever: /$whatever did not match.", status => 404);
};
1;

View File

@@ -0,0 +1,410 @@
package SrvMngr::Controller::Portforwarding;
#----------------------------------------------------------------------
# heading : Network
# description : Port forwarding
# navigation : 6000 600
#
# routes : end
#----------------------------------------------------------------------
use strict;
use warnings;
use Mojo::Base 'Mojolicious::Controller';
use Locale::gettext;
use SrvMngr::I18N;
use SrvMngr qw(theme_list init_session);
#use Regexp::Common qw /net/;
#use Data::Dumper;
use esmith::util;
use esmith::HostsDB;
our $db = esmith::ConfigDB->open
|| die "Can't open configuration database: $!\n";
our $tcp_db = esmith::ConfigDB->open('portforward_tcp')
|| die "Can't open portforward_tcp database: $!\n";
our $udp_db = esmith::ConfigDB->open('portforward_udp')
|| die "Can't open portforward_udp database: $!\n";
my %ret = ();
use constant FALSE => 0;
use constant TRUE => 1;
sub main {
my $c = shift;
$c->app->log->info( $c->log_req );
my %pf_datas = ();
$pf_datas{return} = "";
my $title = $c->l('pf_FORM_TITLE');
my $modul = '';
$pf_datas{trt} = 'LIST';
my @tcpforwards = $tcp_db->get_all;
my @udpforwards = $udp_db->get_all;
my $empty = 1 if not @tcpforwards and not @udpforwards;
$c->stash(
title => $title,
modul => $modul,
pf_datas => \%pf_datas,
tcpforwards =>\@tcpforwards,
udpforwards =>\@udpforwards,
empty => $empty
);
$c->render( template => 'portforwarding' );
}
sub do_display {
my $c = shift;
$c->app->log->info( $c->log_req );
my $rt = $c->current_route;
my $trt = ( $c->param('trt') || 'LIST' );
$trt = 'DEL' if ( $rt eq 'portforwardingdel' );
$trt = 'ADD' if ( $rt eq 'portforwardingadd' );
$trt = 'ADD1' if ( $rt eq 'portforwardingadd1' );
$trt = 'DEL1' if ( $rt eq 'portforwardingdel1' );
my %pf_datas = ();
my $title = $c->l('pf_FORM_TITLE');
my $modul = '';
if ( $trt eq 'ADD' ) {
# Add a portforward- called from the list panel
# Nothing to do here...as just need template to display fields to input data.
}
if ( $trt eq 'ADD1' ) {
#Add a port forward - called after new pf details filled in
my %ret = add_portforward($c);
#Return to list page if success
if ((index($ret{ret},"SUCCESS") != -1)) {
$trt = "LIST";
} else {
#Error - return to Add page
$trt = "ADD";
}
$c->stash(ret=>\%ret);
}
if ( $trt eq 'DEL1' ) {
##After Remove clicked on Delete network panel
my $sport = $c->param("sport") || '';
my $proto = $c->param("proto") || '';
#work out which protocol
my $fdb;
if ($proto eq 'TCP') {
$fdb = $tcp_db;
}
else {
$fdb = $udp_db;
}
#check that the sport is in the db
my $entry = $fdb->get($sport) || die("Unable to find sport and proto $sport $proto");
$entry->delete;
system( "/sbin/e-smith/signal-event", "portforwarding-update") == 0
or ( die($c->l('pf_ERR_NONZERO_RETURN_EVENT')));
$trt = "LIST";
my %ret = (ret=>"pf_SUCCESS");
$c->stash(ret=>\%ret);
}
if ( $trt eq 'DEL' ) {
##Initial delete panel requiring confirmation
my $sport = $c->param("sport") || '';
my $proto = $c->param("proto") || '';
$c->stash(sport=>$sport);
#work out which protocol
my $fdb;
if ($proto eq 'TCP') {
$fdb = $tcp_db;
}
else {
$fdb = $udp_db;
}
#pull out details and pass to template
my $entry = $fdb->get($sport) || die("Unable to find sport and proto $sport $proto");
$pf_datas{proto} = $proto;
$pf_datas{sport} = $sport;
$pf_datas{dhost} = $entry->prop('DestHost');
$pf_datas{dport} = $entry->prop('DestPort') || '';
$pf_datas{cmmnt} = $entry->prop('Comment') || '';
$pf_datas{allow} = $entry->prop('AllowHosts') || '';
}
if ( $trt eq 'LIST' ) {
#List all the port forwards
my @tcpforwards = $tcp_db->get_all;
my @udpforwards = $udp_db->get_all;
my $empty = 1 if not @tcpforwards and not @udpforwards;
$c->stash(
tcpforwards =>\@tcpforwards,
udpforwards =>\@udpforwards,
empty => $empty
);
#my %forwards = (TCP=>@tcpforwards,UDP=>@udpforwards);
#$c->stash(portforwarding => %forwards);
}
$pf_datas{'trt'} = $trt;
$c->stash( title => $title, modul => $modul, pf_datas => \%pf_datas );
$c->render( template => 'portforwarding' );
}
sub add_portforward {
my $c = shift;
my $sport = $c->param("sport") || '';
my $proto = $c->param("proto") || '';
#work out which protocol
my $fdb;
if ($proto eq 'TCP') {
$fdb = $tcp_db;
}
else {
$fdb = $udp_db;
}
#Get the other values
my $dport = $c->param("dport");
my $dhost = get_destination_host($c);
my $cmmnt = $c->param("cmmnt") || "";
my $allow = $c->param("allow") || "";
my $deny = (($c->param("allow")) ? "0.0.0.0/0" : "");
$proto =~ s/^\s+|\s+$//g;
$sport =~ s/^\s+|\s+$//g;
$dport =~ s/^\s+|\s+$//g;
$dhost =~ s/^\s+|\s+$//g;
#Validate the values
%ret=validate_source_port($c) ; unless (index($ret{ret},"SUCCESS")!= -1) {return %ret;}
%ret=validate_allowed_hosts($c) ; if (index($ret{ret},"SUCCESS")== -1) {return %ret;}
%ret=validate_destination_port($c) ; if (index($ret{ret},"SUCCESS")== -1) {return %ret;}
%ret=validate_destination_host($c) ; if (index($ret{ret},"SUCCESS")== -1) {return %ret;}
# and then write it to the DB and tell the exec about it.
my $entry = $fdb->get($sport) || $fdb->new_record($sport, { type => 'forward' });
$entry->set_prop('DestHost', $dhost);
$entry->set_prop('DestPort', $dport) if $dport;
$entry->set_prop('Comment', $cmmnt);
$entry->set_prop('AllowHosts', $allow);
$entry->set_prop('DenyHosts', $deny);
system( "/sbin/e-smith/signal-event", "portforwarding-update") == 0
or ( return (ret=>'pf_ERR_NONZERO_RETURN_EVENT' ));
my %ret = (ret=>"pf_SUCCESS");
return %ret;
}
sub get_destination_host
{
my $q = shift;
my $dhost = $q->param("dhost");
my $localip = $db->get_prop('InternalInterface', 'IPAddress');
my $external_ip = $db->get_prop('ExternalInterface', 'IPAddress') || $localip;
if ($dhost =~ /^(127.0.0.1|$localip|$external_ip)$/i)
{
# localhost token gets expanded at runtime to current external IP
$dhost = 'localhost';
}
return $dhost;
}
sub validate_source_port {
my $q = shift;
my $sport = $q->param('sport');
$sport =~ s/^\s+|\s+$//g;
# If this is a port range, split it up and validate it individually.
my @ports = ();
if ($sport =~ /-/)
{
@ports = split /-/, $sport;
if (@ports > 2)
{
#$self->debug_msg("found more than 2 ports: @ports");
return (ret=>'pf_ERR_BADPORT');
}
}
else
{
push @ports, $sport;
}
#$self->debug_msg("the ports array is: @ports");
foreach my $port (@ports)
{
#$self->debug_msg("looping on port $port");
if (! isValidPort($port))
{
#$self->debug_msg("returning: " . $self->localise('ERR_BADPORT'));
return (ret=>'pf_ERR_BADPORT');
}
}
# Now, lets screen any duplicates.
my $protocol = $q->param('protocol');
my @forwards = ();
# Grab the existing rules for this protocol.
if ($protocol eq 'TCP') {
@forwards = map { $_->key } $tcp_db->get_all;
} elsif ($protocol eq 'UDP') {
@forwards = map { $_->key } $udp_db->get_all;
}
foreach my $psport (@forwards)
{
if (detect_collision($sport, $psport))
{
return (ret=>'pf_ERR_PORT_COLLISION');
}
}
return (ret=>"pf_SUCCESS");
}
sub detect_collision
{
my $port_a = shift;
my $port_b = shift;
# If they're both single ports, see if they're the same.
if (($port_a !~ /-/) && ($port_b !~ /-/))
{
return $port_a eq $port_b;
}
# If port_a is not a range but port_b is, is a in b?
elsif ($port_a !~ /-/)
{
my ($b1, $b2) = split /-/, $port_b;
return (($port_a >= $b1) && ($port_a <= $b2));
}
elsif ($port_b !~ /-/)
{
my ($a1, $a2) = split /-/, $port_a;
return (($port_b >= $a1) && ($port_b <= $a2));
}
else
{
# They're both ranges. Do they overlap?
my ($a1, $a2) = split /-/, $port_a;
my ($b1, $b2) = split /-/, $port_b;
# They can overlap in two ways. Either a1 is in b, or b1 is in a.
if (($a1 >= $b1) && ($a1 <= $b2))
{
return TRUE;
}
elsif (($b1 >= $a1) && ($b1 <= $a2))
{
return TRUE;
}
return FALSE;
}
}
sub validate_destination_port {
my $c = shift;
my $dport = $c->param('dport');
$dport =~ s/^\s+|\s+$//g;
# If the dport is empty, that's ok.
return (ret=>'pf_SUCCESS') if not $dport;
# If this is a port range, split it up and validate it individually.
my @ports = ();
if ($dport =~ /-/)
{
@ports = split /-/, $dport;
if (@ports > 2)
{
#$self->debug_msg("found more than 2 ports: @ports");
return (ret=>'pf_ERR_BADPORT');
}
}
else
{
push @ports, $dport;
}
#$self->debug_msg("the ports array is: @ports");
foreach my $port (@ports)
{
#$self->debug_msg("looping on port $port");
if (! isValidPort($port))
{
#$self->debug_msg("returning: " . $self->localise('ERR_BADPORT'));
return (ret=>'pf_ERR_BADPORT');
}
}
return (ret=>'pf_SUCCESS');
}
sub isValidPort() {
my $port = shift;
return FALSE unless defined $port;
if (($port =~ /^\d+$/) &&
($port > 0) &&
($port < 65536))
{
return TRUE;
}
else {
return FALSE;
}
}
sub validate_destination_host {
my $c = shift;
my $dhost = $c->param('dhost');
$dhost =~ s/^\s+|\s+$//g;
my $localip = $db->get_prop('InternalInterface', 'IPAddress');
my $external_ip = $db->get_prop('ExternalInterface', 'IPAddress') || $localip;
if ($dhost =~ /^(localhost|127.0.0.1|$localip|$external_ip)$/i)
{
# localhost token gets expanded at runtime to current external IP
$c->param(-name=>'dhost', -value=>'localhost');
return (ret=>'pf_SUCCESS');
}
my $systemmode = $db->get_value('SystemMode');
if ($systemmode eq 'serveronly') {
return (ret=>'pf_IN_SERVERONLY');
}
if (isValidIP($dhost)) {
return (ret=>'pf_SUCCESS');
}
else {
return (ret=>'pf_ERR_BADIP');
}
}
sub validate_allowed_hosts {
my $c = shift;
my $ahost = $c->param('allow');
$ahost =~ s/^\s+|\s+$//g;
my %valid_ahost_list = (ret=>"pf_SUCCESS");
foreach (split(/[\s,]+/, $ahost)) {
my $valid_ipnet = 0;
$valid_ipnet = 1 if ($_ =~ m/^\d+\.\d+\.\d+\.\d+$/);
$valid_ipnet = 1 if ($_ =~ m/^\d+\.\d+\.\d+\.\d+\/\d+$/);
%valid_ahost_list = (ret=>"pf_ERR_BADAHOST") if ($valid_ipnet != 1);
}
return %valid_ahost_list;
}
1;

View File

@@ -0,0 +1,379 @@
package SrvMngr::Controller::Printers;
#----------------------------------------------------------------------
# heading : System
# description : Printers
# navigation : 4000 800
#
#
# routes : end
#----------------------------------------------------------------------
use strict;
use warnings;
use Mojo::Base 'Mojolicious::Controller';
use Locale::gettext;
use SrvMngr::I18N;
use SrvMngr qw(theme_list init_session);
use esmith::FormMagick::Panel::printers;
our $adb = esmith::AccountsDB->open || die "Couldn't open accounts db";
sub main {
my $c = shift;
$c->app->log->info($c->log_req);
my %prt_datas = ();
my $title = $c->l('prt_FORM_TITLE');
$prt_datas{'trt'} = 'LIST';
my @printerDrivers;
if ($adb)
{
@printerDrivers = $adb->printers();
}
$c->stash( title => $title, prt_datas => \%prt_datas, printerDrivers => \@printerDrivers );
$c->render(template => 'printers');
};
sub do_display {
my $c = shift;
my $rt = $c->current_route;
my $trt = ($c->param('trt') || 'LIST');
my $printer = $c->param('printer') || '';
#$trt = 'DEL' if ( $printer );
#$trt = 'ADD' if ( $rt eq 'printeradd' );
my %prt_datas = ();
my $title = $c->l('prt_FORM_TITLE');
$prt_datas{'trt'} = $trt;
if ( $trt eq 'ADD' ) {
# nothing
}
if ( $trt eq 'DEL' ) {
my $rec = $adb->get($printer);
if ($rec and $rec->prop('type') eq 'printer') {
$prt_datas{printer} = $printer;
$prt_datas{description} = $rec->prop('Description') || '';
}
}
if ( $trt eq 'LIST' ) {
my @printerDrivers;
if ($adb)
{
@printerDrivers = $adb->printers();
}
$c->stash( printerDrivers => \@printerDrivers );
}
$c->stash( title => $title, prt_datas => \%prt_datas );
$c->render( template => 'printers' );
};
sub do_update {
my $c = shift;
$c->app->log->info($c->log_req);
my $rt = $c->current_route;
my $trt = ($c->param('trt') || 'LIST');
my %prt_datas = ();
my $title = $c->l('prt_FORM_TITLE');
$prt_datas{'trt'} = $trt;
my ($res, $result) = '';
if ( $trt eq 'ADD' ) {
my $name = ($c->param('Name') || '');
my $description = ($c->param('Description') || '');
my $location = ($c->param('Location') || '');
# controls
$res = $c->validate_printer( $name, $description, $location );
$result .= $res unless $res eq 'OK';
if ( $location eq 'remote' and ! $result) {
$prt_datas{'trt'} = 'NET';
$prt_datas{'name'} = $name;
$prt_datas{'description'} = $description;
$prt_datas{'location'} = $location;
$c->stash( title => $title, prt_datas => \%prt_datas );
return $c->render( template => 'printers' );
}
$res = '';
if ( ! $result ) {
$res = $c->new_printer( $name, $description, $location );
#$remoteName, $address );
$result .= $res unless $res eq 'OK';
if ( ! $result ) {
$result = $c->l('prt_CREATED_SUCCESSFULLY') . ' ' . $name;
}
}
}
if ( $trt eq 'NET' ) {
my $name = ($c->param('Name') || '');
my $description = ($c->param('Description') || '');
my $location = ($c->param('Location') || '');
my $remoteName = ($c->param ('RemoteName') || '');
my $address = ($c->param ('Address') || '');
$prt_datas{'name'} = $name;
$prt_datas{'description'} = $description;
$prt_datas{'location'} = $location;
# controls
$res = $c->validate_network( $location, $remoteName, $address);
$result .= $res unless $res eq 'OK';
$res = '';
if ( ! $result ) {
$res = $c->new_printer( $name, $description, $location, $remoteName, $address );
$result .= $res unless $res eq 'OK';
if ( ! $result ) {
$result = $c->l('prt_CREATED_SUCCESSFULLY') . ' ' . $name;
}
}
}
if ( $trt eq 'DEL' ) {
my $printer = ($c->param ('printer') || '');
if ($printer =~ /^([a-z][a-z0-9]*)$/) {
$printer = $1;
} else {
$result .= $c->l('prt_ERR_INTERNAL_FAILURE') . ':' . $printer;
}
my $rec = $adb->get($printer);
$result .= $c->l('prt_ERR_INTERNAL_FAILURE') . ':' . $printer unless ($rec);
$res = '';
if ( ! $result ) {
$res = $c->del_printer( $printer );
$result .= $res unless $res eq 'OK';
if ( ! $result ) {
$result = $c->l('prt_DELETED_SUCCESSFULLY') . ' ' . $printer;
}
}
}
# common parts
if ($res ne 'OK') {
$c->stash( error => $result );
$c->stash( title => $title, prt_datas => \%prt_datas );
return $c->render('printers');
}
my $message = "'Printers' updates ($trt) DONE";
$c->app->log->info($message);
$c->flash( success => $result );
#$c->flash( error => 'No changes applied !!' ); # for testing purpose
$c->redirect_to('/printers');
};
sub del_printer {
my ( $c, $printer ) = @_;
# Update the db account (1)
my $rec = $adb->get($printer);
$rec->set_prop('type', 'printer-deleted');
system ("/sbin/e-smith/signal-event printer-delete $printer") == 0
or return $c->error('ERR_DELETING');
$rec->delete();
return 'OK';
}
sub validate_printer {
my ($c, $name, $description, $location, $remoteName, $address ) = @_;
#------------------------------------------------------------
# Validate parameters and untaint them
#------------------------------------------------------------
if ($name =~ /^([a-z][a-z0-9]*)$/) {
$name = $1;
} else {
return $c->l('prt_ERR_UNEXPECTED_NAME') . ': ' . $name;
}
if ($description =~ /^([\'\w\s]+)$/) {
$description = $1;
} else {
return $c->l('prt_ERR_UNEXPECTED_DESC') . ': ' . $description;
}
if ($location =~ /^(lp[0-9]+|remote|usb\/lp[0-9]+)$/){
$location = $1;
} else {
$location = "lp0";
}
#------------------------------------------------------------
# Looks good. Find out if this printer has been taken
#------------------------------------------------------------
my $rec = $adb->get($name);
my $type;
if ($rec and ($type = $rec->prop('type'))) {
return $c->l('prt_ERR_EXISTS') . ' : ' . $name;
}
return 'OK';
}
sub validate_network {
my ($c, $location, $remoteName, $address ) = @_;
if ($location eq 'remote') {
my $msg = hostname_or_ip2 ( $c, $address );
return $msg unless $msg eq 'OK';
if ($address =~ /^([a-zA-Z0-9\.\-]+)$/) {
$address = $1;
} else {
return $c->l('prt_ERR_INVALID_ADDRESS') . ' : ' . $address;
}
if ($remoteName =~ /^([^\|]*)$/) {
$remoteName = $1;
} else {
return $c->l('prt_ERR_INVALID_REMOTE_NAME') . ' : ' . $remoteName;
}
}
return 'OK';
}
sub new_printer {
my ($c, $name, $description, $location, $remoteName, $address ) = @_;
#------------------------------------------------------------
# Printer name is available! Update printers database and
# signal the create-printer event.
#------------------------------------------------------------
my $result = '';
my $rec = $adb->new_record($name,
{type=>'printer',
Description => $description,
Address => $address,
RemoteName => $remoteName,
Location => $location});
system ("/sbin/e-smith/signal-event printer-create $name") == 0
or return $c->error('ERR_CREATING');
return 'OK',
}
sub hostname_or_ip2 {
my ($fm, $data) = @_;
if ($data =~ /^[\d\.]+$/) {
if (ip_number2($fm, $data) eq "OK")
{
return "OK";
}
else
{
return $fm->l('prt_MUST_BE_VALID_HOSTNAME_OR_IP');
}
}
elsif ($data =~ /^([a-zA-Z0-9\.\-]+)$/ )
{
return "OK";
}
else
{
return $fm->l('prt_MUST_BE_VALID_HOSTNAME_OR_IP');
}
}
sub ip_number2 {
# from CGI::FormMagick::Validator::ip_number($fm, $data)
my ($fm, $data) = @_;
return undef unless defined $data;
return 'FM_IP_NUMBER1' unless $data =~ /^[\d.]+$/;
my @octets = split /\./, $data;
my $dots = ($data =~ tr/.//);
return 'FM_IP_NUMBER2' unless (scalar @octets == 4 and $dots == 3);
foreach my $octet (@octets) {
return $fm->l("FM_IP_NUMBER3", {octet => $octet}) if $octet > 255;
}
return 'OK';
}
=head2 publicAccess_list
Returns the hash of public access settings for showing in the public
access drop down list.
=cut
sub printerLocation_list {
my $c = shift;
return [[ $c->l('prt_LOCAL_PRINTER_0') => 'lp0'],
[ $c->l('prt_LOCAL_PRINTER_1') => 'lp1'],
[ $c->l('prt_LOCAL_PRINTER_2') => 'lp2'],
[ $c->l('prt_NET_PRINTER') => 'remote' ],
[ $c->l('prt_FIRST_USB_PRINTER') => 'usb/lp0'],
[ $c->l('prt_SECOND_USB_PRINTER') => 'usb/lp1']];
}
1

View File

@@ -0,0 +1,75 @@
package SrvMngr::Controller::Proxy;
#----------------------------------------------------------------------
# heading : System
# description : Proxy settings
# navigation : 4000 700
#----------------------------------------------------------------------
#
# routes : end
#----------------------------------------------------------------------
use strict;
use warnings;
use Mojo::Base 'Mojolicious::Controller';
use Locale::gettext;
use SrvMngr::I18N;
use SrvMngr qw(theme_list init_session);
our $db = esmith::ConfigDB->open || die "Couldn't open config db";
sub main {
my $c = shift;
$c->app->log->info($c->log_req);
my %prx_datas = ();
my $title = $c->l('prx_TITLE');
my $modul = $c->render_to_string(inline => $c->l('prx_FIRST_PAGE_DESCRIPTION'));
$prx_datas{'http_proxy_status'} = ($db->get_prop('squid','status')) || 'disabled';
#if (system('/bin/rpm -q e-smith-email > /dev/null') == 0)
#{
$prx_datas{'smtp_proxy_status'} = $db->get_prop('qpsmtpd','Proxy') || undef;
#}
#(system('/bin/rpm -q e-smith-email > /dev/null') == 0) ?
$c->stash( title => $title, modul => $modul, prx_datas => \%prx_datas );
$c->render(template => 'proxy');
};
sub do_update {
my $c = shift;
$c->app->log->info($c->log_req);
my $http_proxy_status = $c->param('http_proxy_status') || 'disabled';
my $smtp_proxy_status = $c->param('smtp_proxy_status') || '';
my $result = "";
my $squid = $db->get('squid') or $result = $c->l('prx_ERR_NO_SQUID_REC');
# smtpd is allowed to not exist, as the relevant packages may not be
# installed.
my $smtpd = $db->get('qpsmtpd') || undef;
$squid->set_prop('status', $http_proxy_status);
$smtpd->set_prop('Proxy', $smtp_proxy_status) if $smtpd;
#
# Update the system
#
system("/sbin/e-smith/signal-event proxy-update") == 0
or $result = $c->l('prx_ERR_PROXY_UPDATE_FAILED');
my $title = $c->l('prx_TITLE');
if ( $result eq '' ) { $result = $c->l('prx_SUCCESS'); }
$c->stash( title => $title, modul => $result );
$c->render(template => 'module');
};
1;

View File

@@ -0,0 +1,406 @@
package SrvMngr::Controller::Pseudonyms;
#----------------------------------------------------------------------
# heading : User management
# description : Pseudonyms
# navigation : 2000 210
#----------------------------------------------------------------------
#
# routes : end
#----------------------------------------------------------------------
use strict;
use warnings;
use Mojo::Base 'Mojolicious::Controller';
use Locale::gettext;
use SrvMngr::I18N;
use SrvMngr qw(theme_list init_session);
#use Data::Dumper;
#use esmith::FormMagick::Panel::pseudonyms;
use esmith::AccountsDB;
#use URI::Escape;
our $cdb = esmith::ConfigDB->open || die "Couldn't open configuration db";
our $adb = esmith::AccountsDB->open || die "Couldn't open accounts db";
sub main {
my $c = shift;
$c->app->log->info($c->log_req);
my %pse_datas = ();
my $title = $c->l('pse_FORM_TITLE');
my $notif = '';
$pse_datas{trt} = 'LST';
my @pseudonyms;
if ($adb)
{
@pseudonyms = $adb->pseudonyms();
}
$c->stash( title => $title, notif => $notif, pse_datas => \%pse_datas, pseudonyms => \@pseudonyms );
$c->render(template => 'pseudonyms');
};
sub do_display {
my $c = shift;
$c->app->log->info($c->log_req);
my $rt = $c->current_route;
my $trt = ($c->param('trt') || 'LST');
my $pseudonym = $c->param('pseudonym') || '';
my $title = $c->l('pse_FORM_TITLE');
my %pse_datas = ();
$pse_datas{'trt'} = $trt;
if ( $trt eq 'ADD' ) {
#nothing
}
if ( $trt eq 'UPD' ) {
my $rec = $adb->get($pseudonym);
if ($rec and $rec->prop('type') eq 'pseudonym') {
$pse_datas{pseudonym} = $pseudonym;
$pse_datas{account} = $rec->prop('Account') || '';
$pse_datas{internal} = is_pseudonym_internal($pseudonym);
}
}
if ( $trt eq 'DEL' ) {
my $rec = $adb->get($pseudonym);
if ($rec and $rec->prop('type') eq 'pseudonym') {
$pse_datas{pseudonym} = $pseudonym;
$pse_datas{account} = $rec->prop('Account') || '';
$pse_datas{internal} = is_pseudonym_internal($pseudonym);
}
}
if ( $trt eq 'LST' ) {
my @pseudonyms;
if ($adb) {
@pseudonyms = $adb->pseudonyms();
}
$c->stash( pseudonyms => \@pseudonyms );
}
$c->stash( title => $title, pse_datas => \%pse_datas );
$c->render( template => 'pseudonyms' );
};
sub do_update {
my $c = shift;
$c->app->log->info($c->log_req);
my $rt = $c->current_route;
my $trt = ($c->param('trt') || 'LST');
my $title = $c->l('pse_FORM_TITLE');
my %pse_datas = ();
$pse_datas{'trt'} = $trt;
my ($res, $result) = '';
#my $pseudonym = uri_unescape($c->param('Pseudonym'));
my $pseudonym = $c->param('Pseudonym');
$pse_datas{'pseudonym'} = $pseudonym;
if ( $trt eq 'ADD' ) {
my $account = $c->param('Account');
# controls
$res = $c->validate_new_pseudonym_name( $pseudonym, $account );
$result .= $res unless $res eq 'OK';
#$result .= ' blocked';
$res = '';
if ( ! $result ) {
$adb->new_record( $pseudonym, { type => 'pseudonym',
Account => $account} )
or $result .= "Error occurred while creating pseudonym in database.";
# Untaint $pseudonym before use in system()
($pseudonym) = ($pseudonym =~ /(.+)/);
system( "/sbin/e-smith/signal-event", "pseudonym-create", "$pseudonym",)
== 0 or $result .= 'pse_CREATE_ERROR.';
}
if ( ! $result ) {
$res = 'OK';
$result = $c->l('pse_CREATE_SUCCEEDED') . ' ' . $pseudonym;
}
}
if ( $trt eq 'UPD' ) {
my $account = $c->param('Account');
my $internal = $c->param ('Internal') || 'NO';
my $removable = $adb->get($pseudonym)->prop('Removable') || 'yes';
my %props = ('Account' => $account);
if ($removable eq 'yes') {
if ($internal eq "YES") { $props{'Visible'} = 'internal'; }
else { $adb->get($pseudonym)->delete_prop('Visible'); }
}
# controls
#$res = '';
#$res = validate_description( $c, $account );
#$result .= $res unless $res eq 'OK';
#$result .= 'blocked';
$res = '';
if ( ! $result ) {
$adb->get($pseudonym)->merge_props(%props)
or $result .= "Error occurred while modifying pseudonym in database.";
# Untaint $pseudonym before use in system()
($pseudonym) = ($pseudonym =~ /(.+)/);
system( "/sbin/e-smith/signal-event", "pseudonym-modify", "$pseudonym",)
== 0 or $result .= "Error occurred while modifying pseudonym.";
}
if ( ! $result ) {
$res = 'OK';
$result = $c->l('pse_MODIFY_SUCCEEDED') . ' ' . $pseudonym;
}
}
if ( $trt eq 'DEL' ) {
# controls
$res = '';
$res = validate_is_pseudonym($c, $pseudonym);
$result .= $res unless $res eq 'OK';
#$result .= 'blocked';
$res = '';
if ( ! $result ) {
$res = $c->delete_pseudonym( $pseudonym );
$result .= $res unless $res eq 'OK';
if ( ! $result ) {
$res = 'OK';
$result = $c->l('pse_REMOVE_SUCCEEDED') . ' ' . $pseudonym;
}
}
}
# common parts
if ( $res ne 'OK' ) {
$c->stash( error => $result);
$c->stash( title => $title, pse_datas => \%pse_datas );
return $c->render('pseudonyms');
}
my $message = "'Pseudonyms' updates $trt DONE";
$c->app->log->info($message);
$c->flash( success => $result );
$c->redirect_to('/pseudonyms');
};
sub delete_pseudonym {
my ($c, $pseudonym) = @_;
my $msg = '';
#------------------------------------------------------------
# Make the pseudonym inactive, signal pseudonym-delete event
# and then delete it
#------------------------------------------------------------
my @pseudonyms = $adb->pseudonyms();
foreach my $p_rec (@pseudonyms) {
if ($p_rec->prop("Account") eq $pseudonym) {
$adb->get($p_rec->key)->set_prop('type','pseudonym-deleted')
or $msg .= "Error occurred while changing pseudonym type.";
}
}
$adb->get($pseudonym)->set_prop('type','pseudonym-deleted')
or $msg .= "Error occurred while changing pseudonym type.";
# Untaint $pseudonym before use in system()
($pseudonym) = ($pseudonym =~ /(.+)/);
system( "/sbin/e-smith/signal-event", "pseudonym-delete", "$pseudonym") == 0
or $msg .= "Error occurred while removing pseudonym.";
#TODO: is it ->delete or get()->delete
foreach my $p_rec (@pseudonyms) {
if ($p_rec->prop("Account") eq $pseudonym) {
$adb->get($p_rec->key)->delete()
or $msg .= "Error occurred while deleting pseudonym from database.";
}
}
$adb->get($pseudonym)->delete()
or $msg .= "Error occurred while deleting pseudonym from database.";
return $msg unless $msg;
return 'OK';
}
sub existing_accounts_list {
my $c = shift;
my @existingAccounts = ( ['Administrator' => 'admin']);
foreach my $a ($adb->get_all) {
if ($a->prop('type') =~ /(user|group)/) {
push @existingAccounts, [ $a->key => $a->key ];
}
if ($a->prop('type') eq "pseudonym") {
my $target = $adb->get($a->prop('Account'));
unless ($target)
{
warn "WARNING: pseudonym (" . $a->key . ") => missing Account("
. $a->prop('Account') . ")\n";
next;
}
push @existingAccounts, [ $a->key, $a->key ]
unless ($target->prop('type') eq "pseudonym");
}
}
return(\@existingAccounts);
}
=head2 get_pseudonym_account
Returns the current Account property for this pseudonym
=cut
sub get_pseudonym_account {
my $c = shift;
my $pseudonym = shift;
my $a = $adb->get($pseudonym)->prop('Account');
if ($a eq "admin") {
$a = "Administrator";
} elsif ($a eq "shared") {
$a = $c->l("EVERYONE");
}
return($a);
}
=head2 is_pseudonym_not_removable
Returns 1 if the current Account is not removable, 0 otherwise
=cut
sub is_pseudonym_not_removable {
my $c = shift;
my $pseudonym = shift;
my $removable = $adb->get($pseudonym)->prop('Removable') || 'yes';
return 1 if ($removable eq 'yes');
return 0;
}
=head2 is_pseudonym_internal
Returns YES if the current Account property Visible is 'internal'
=cut
sub is_pseudonym_internal {
# my $c = shift;
my $pseudonym = shift;
my $visible = $adb->get($pseudonym)->prop('Visible') || '';
return 'YES' if ($visible eq 'internal');
return 'NO';
}
=head2 validate_new_pseudonym_name FM PSEUDONYM
Returns "OK" if the pseudonym starts with a letter or number and
contains only letters, numbers, . - and _ and isn't taken
Returns "VALID_PSEUDONYM_NAMES" if the name contains invalid chars
Returns "NAME_IN_USE" if this pseudonym is taken.
=cut
sub validate_new_pseudonym_name {
my ($c, $pseudonym, $account) = @_;
my $acct = $adb->get($pseudonym);
if (defined $acct) {
return($c->l('pse_NAME_IN_USE'));
} elsif ($pseudonym =~ /@/) {
use esmith::DomainsDB;
my $ddb = esmith::DomainsDB->open_ro
or die "Couldn't open DomainsDB\n";
my ($lhs, $rhs) = split /@/, $pseudonym;
return ($c->l('pse_PSEUDONYM_INVALID_DOMAIN')) unless ($ddb->get($rhs));
return ($c->l('pse_PSEUDONYM_INVALID_SAMEACCT')) if ($lhs eq $account);
return ('OK'); # p:' . $pseudonym . ' a:' . $account);
} elsif ( $pseudonym !~ /^([a-z0-9][a-z0-9\.\-_!#\?~\$\^\+&`%\/\*]*)$/ ) {
return($c->l('pse_VALID_PSEUDONYM_NAMES'));
} else {
return('OK');
}
}
=head2 validate_is_pseudonym FM NAME
returns "OK" if it is.
returns "NOT_A_PSEUDONYM" if the name in question isn't an existing pseudonym
=cut
sub validate_is_pseudonym {
my $c = shift;
my $pseudonym = shift;
$pseudonym = $adb->get($pseudonym);
return($c->l('pse_NOT_A_PSEUDONYM')) unless $pseudonym;
my $type = $pseudonym->prop('type');
unless (defined $type && ($type eq 'pseudonym') ) {
return($c->l('NOT_A_PSEUDONYM'));
}
return ('OK');
}
1;

View File

@@ -0,0 +1,152 @@
package SrvMngr::Controller::Qmailanalog;
#----------------------------------------------------------------------
# heading : Investigation
# description : Mail log file analysis
# navigation : 7000 200
#
# routes : end
#----------------------------------------------------------------------
use strict;
use warnings;
use Mojo::Base 'Mojolicious::Controller';
use esmith::FormMagick qw(gen_locale_date_string);
use Locale::gettext;
use SrvMngr::I18N;
use SrvMngr qw(theme_list init_session);
sub main {
my $c = shift;
$c->app->log->info($c->log_req);
my $title = $c->l('qma_FORM_TITLE');
my $modul = $c->render_to_string(inline => $c->l('qma_INITIAL_DESC'));
$c->stash( title => $title, modul => $modul );
$c->render(template => 'qmailanalog');
};
sub do_update {
my $c = shift;
$c->app->log->info($c->log_req);
my $result = "";
my $report_type = $c->param('report_type');
if ($report_type =~ /^(\S+)$/)
{
$report_type = $1;
}
elsif ($report_type =~ /^\s*$/)
{
$report_type = "zoverall";
} else {
$result = $c->l('INVALID_REPORT_TYPE') . $report_type;
$report_type = undef;
}
my $title = $c->l('qma_FORM_TITLE');
$result = $c->render_to_string(inline => generateReport($c, $report_type)) if $report_type;
$c->stash( title => $title, modul => $result );
$c->render(template => 'module');
};
sub generateReport {
my $c = shift;
my $report_type = shift;
my $out = '';
#------------------------------------------------------------
# Looks good; go ahead and generate the report.
#------------------------------------------------------------
# $| = 1;
my $now_string = $c->gen_locale_date_string();
$out .= sprintf("<h3>%s %s </h3>", $c->l('REPORT_GENERATED'), $now_string);
if ($report_type =~ /^qmail-q/)
{
open(QMAILQUEUEREPORT, "/var/qmail/bin/$report_type |");
$out .= sprintf "<pre>";
while (<QMAILQUEUEREPORT>)
{
$out .= sprintf("%s", $_);
}
close QMAILQUEUEREPORT;
$out .= sprintf "</pre>";
$out .= sprintf("<h3>%s</h3>", $c->l('END_OF_REPORT'));
return '';
}
chdir "/var/log/qmail";
open(QMAILANALOG,
"/bin/cat \@* current 2>/dev/null"
. "| /usr/local/bin/tai64nunix"
. "| /usr/local/qmailanalog/bin/matchup 5>/dev/null"
. "| /usr/local/qmailanalog/bin/$report_type |"
);
$out .= sprintf "<pre>";
while (<QMAILANALOG>)
{
# Cook any special HTML characters
s/\&/\&amp;/g;
s/\"/\&quot;/g;
s/\>/\&gt;/g;
s/\</\&lt;/g;
$out .= sprintf("%s", $_);
}
close QMAILANALOG;
$out .= sprintf "</pre>";
$out .= sprintf("<h3>%s</h3>", $c->l('END_OF_REPORT'));
return $out;
}
sub reportType_list {
my $c = shift;
my @array = (
# [ $c->l('qma_LIST_OUTGOING') => 'qmail-qread' ],
# [ $c->l('qma_SUMMARIZE_QUEUE') => 'qmail-qstat' ],
[ $c->l('qma_SUCCESSFUL_DELIVERY_DELAY') => 'zddist' ],
[ $c->l('qma_REASONS_DEFERRAL') => 'zdeferrals' ],
[ $c->l('qma_REASONS_FAILURE') => 'zfailures' ],
[ $c->l('qma_BASIC_STATS') => 'zoverall' ],
[ $c->l('qma_RECIP_STATS') => 'zrecipients' ],
[ $c->l('qma_RECIP_HOSTS') => 'zrhosts' ],
[ $c->l('qma_RECIP_ORDERED') => 'zrxdelay' ],
[ $c->l('qma_SENDER_STATS') => 'zsenders' ],
[ $c->l('qma_SENDMAIL_STYLE') => 'zsendmail' ],
[ $c->l('qma_REASONS_SUCCESS') => 'zsuccesses' ],
[ $c->l('qma_SENDER_UIDS') => 'zsuids' ]
);
my @sorted_array = sort { $a->[0] cmp $b->[0] } @array;
return \@sorted_array;
}
1;

View File

@@ -0,0 +1,193 @@
package SrvMngr::Controller::Quota;
#----------------------------------------------------------------------
# heading : User management
# description : Quotas
# navigation : 2000 300
#----------------------------------------------------------------------
#
# routes : end
#----------------------------------------------------------------------
use strict;
use warnings;
use Mojo::Base 'Mojolicious::Controller';
use esmith::FormMagick::Panel::quota;
#use esmith::TestUtils;
use Scalar::Util qw(looks_like_number);
use Locale::gettext;
use SrvMngr::I18N;
use SrvMngr qw(theme_list init_session);
#our $db = esmith::ConfigDB->open || die "Couldn't open config db";
our $adb = esmith::AccountsDB->open || die "Couldn't open accounts db";
sub main {
my $c = shift;
$c->app->log->info($c->log_req);
my %quo_datas = ();
my $title = $c->l('quo_FORM_TITLE');
$quo_datas{'trt'} = 'LIST';
my @userAccounts;
if ($adb) {
@userAccounts = $adb->users();
}
$c->stash( title => $title, quo_datas => \%quo_datas, userAccounts => \@userAccounts );
$c->render(template => 'quota');
};
sub do_display {
my $c = shift;
my $rt = $c->current_route;
my $trt = ($c->param('trt') || 'LIST');
my $user = $c->param('user') || '';
$trt = 'UPD' if ( $user );
my %quo_datas = ();
my $title = $c->l('quo_FORM_TITLE');
$quo_datas{'trt'} = $trt;
if ( $trt eq 'UPD' ) {
my $rec = $adb->get($user);
if ($rec and $rec->prop('type') eq 'user') {
$quo_datas{user} = $user;
$quo_datas{userRec} = $rec;
my $max = esmith::FormMagick::Panel::quota->toBestUnit($rec->prop('MaxBlocks'));
$quo_datas{hardlim} = $max;
$max = esmith::FormMagick::Panel::quota->toBestUnit($rec->prop('MaxBlocksSoftLim'));
$quo_datas{softlim} = $max;
}
}
$c->stash( title => $title, quo_datas => \%quo_datas );
$c->render( template => 'quota' );
};
sub do_update {
my $c = shift;
$c->app->log->info($c->log_req);
my $title = $c->l('quo_FORM_TITLE');
my %quo_datas = ();
my $rt = $c->current_route;
my $trt = ($c->param('trt') || 'LIST');
$quo_datas{trt} = $trt;
my $result = '';
my $res;
if ( $trt eq 'UPD' ) {
$quo_datas{user} = ($c->param('user') || '');
$quo_datas{softlim} = ($c->param('Soft') || '');
$quo_datas{hardlim} = ($c->param('Hard') || '');
# controls
$res = validate_quota( $c, $quo_datas{user}, $quo_datas{softlim}, $quo_datas{hardlim} );
$result .= $res unless $res eq 'OK';
if ( ! $result ) {
$result = $c->l('quo_SUCCESSFULLY_MODIFIED') . ' ' . $quo_datas{user};
} else {
$quo_datas{userRec} = $adb->get($quo_datas{user}) || undef;
}
}
# common parts
if ($res ne 'OK') {
$c->stash( error => $result );
$c->stash( title => $title, quo_datas => \%quo_datas );
return $c->render('quota');
}
my $message = "'Quota' updates ($trt) DONE";
$c->app->log->info($message);
$c->flash( success => $result );
$c->redirect_to('/quota');
};
sub validate_quota {
my ($c, $acct, $softlim, $hardlim ) = @_;
my $msg;
my $rec = $adb->get($acct);
return $c->l('quo_ERR_NO_SUCH_ACCT') . ' : ' . $acct unless (defined $rec);
my $type = $rec->prop('type');
unless ($type eq "user") {
$msg = $c->l('quo_ERR_NOT_A_USER_ACCT').$acct.$c->l('quo_ACCOUNT_IS_TYPE').$type;
return $msg;
}
my $uid = getpwnam($acct);
return $c->l('COULD_NOT_GET_UID').$acct unless ($uid);
if (($softlim !~ /^(.+?)\s*([KMGT])?$/ ) || (!looks_like_number ($1))) {
return $c->l('quo_SOFT_VAL_MUST_BE_NUMBER');
}
my $exponent = 1; # Entries with no suffix are assumed to be in megabytes.
if (defined ($2)) {
$exponent = index("KMGT",$2);
}
$softlim = ($1 * 1024 ** $exponent);
if (($hardlim !~ /^(.+?)\s*([KMGT])?$/ ) || (!looks_like_number ($1))) {
return $c->l('quo_HARD_VAL_MUST_BE_NUMBER');
}
$exponent = 1; # Entries with no suffix are assumed to be in megabytes.
if (defined ($2))
{
$exponent = index("KMGT",$2);
}
$hardlim = ($1 * 1024 ** $exponent);
#------------------------------------------------------------
# Make sure that soft limit is less than hard limit.
#------------------------------------------------------------
unless ($hardlim == 0 or $hardlim > $softlim) {
return $c->l('quo_ERR_HARD_LT_SOFT');
}
#------------------------------------------------------------
# Update accounts database and signal the user-modify event.
#------------------------------------------------------------
$rec->set_prop('MaxBlocks', $hardlim);
$rec->set_prop('MaxBlocksSoftLim', $softlim);
# Untaint $acct before using in system().
$acct =~ /^(\w[\-\w_\.]*)$/; $acct = $1;
system ("/sbin/e-smith/signal-event", "user-modify", "$acct") == 0
or die ($c->l('quo_ERR_MODIFYING')."\n");
return 'OK';
}
1

View File

@@ -0,0 +1,87 @@
package SrvMngr::Controller::Reboot;
#----------------------------------------------------------------------
# heading : System
# description : Reboot or shutdown
# navigation : 4000 700
#
# routes : end
#----------------------------------------------------------------------
use strict;
use warnings;
use Mojo::Base 'Mojolicious::Controller';
use Locale::gettext;
use SrvMngr::I18N;
use SrvMngr qw(theme_list init_session);
sub main {
my $c = shift;
$c->app->log->info($c->log_req);
my $title = $c->l('rbo_FORM_TITLE');
my $modul = '';
$c->stash( title => $title, modul => $modul );
$c->render(template => 'reboot');
};
sub do_action {
my $c = shift;
$c->app->log->info($c->log_req);
my $title = $c->l('rbo_FORM_TITLE');
my $result = "";
my $function = $c->param ('function');
my $debug = $c->param('debug');
if ($function eq "reboot") {
$result = $c->l('rbo_REBOOT_SUCCEEDED') . '<br>' . $c->l('rbo_DESC_REBOOT');
unless ($debug) {
esmith::util::backgroundCommand( 1, "/sbin/e-smith/signal-event", "reboot" );
# system( "/sbin/e-smith/signal-event", "reboot" ) == 0
# or die ("Error occurred while rebooting.\n");
}
} elsif ($function eq 'shutdown') {
$result = $c->l('rbo_SHUTDOWN_SUCCEEDED') . '<br>' . $c->l('rbo_DESC_SHUTDOWN');
unless ($debug) {
esmith::util::backgroundCommand( 1, "/sbin/e-smith/signal-event", "halt" );
# system( "/sbin/e-smith/signal-event", "halt" ) == 0
# or die ("Error occurred while halting.\n");
}
} elsif ($function eq 'reconfigure') {
$result = $c->l('rbo_RECONFIGURE_SUCCEEDED') . '<br>' . $c->l('rbo_DESC_RECONFIGURE');
unless ($debug) {
# esmith::util::backgroundCommand( 1, "/sbin/e-smith/signal-event", "post-upgrade",
# "; ", "/sbin/e-smith/signal-event", "reboot" );
system( "/sbin/e-smith/signal-event", "post-upgrade" ) == 0
or die ("Error occurred while running post-upgrade.\n");
system( "/sbin/e-smith/signal-event", "reboot" ) == 0
or die ("Error occurred while rebooting.\n");
}
}
$c->stash( title => $title, modul => $result );
$c->render(template => 'module');
};
sub rebootFunction_list {
my $c = shift;
return [[ $c->l('rbo_REBOOT') => 'reboot' ],
[ $c->l('RECONFIGURE') => 'reconfigure' ],
[ $c->l('SHUTDOWN') => 'shutdown' ]];
}
1;

View File

@@ -0,0 +1,505 @@
package SrvMngr::Controller::Remoteaccess;
#----------------------------------------------------------------------
# heading : Network
# description : Remote access
# navigation : 6000 400
#----------------------------------------------------------------------
#
# routes : end
#----------------------------------------------------------------------
use strict;
use warnings;
use Mojo::Base 'Mojolicious::Controller';
use Locale::gettext;
use SrvMngr::I18N;
use SrvMngr qw(theme_list init_session ip_number subnet_mask get_reg_mask);
use esmith::ConfigDB;
use esmith::util;
use File::Basename;
use Exporter;
use Carp;
use Socket qw( inet_aton );
#our @ISA = qw(esmith::FormMagick Exporter);
our @EXPORT = qw( networkAccess_list passwordLogin_list get_ssh_permit_root_login get_ssh_access get_telnet_mode
get_ftp_access get_ftp_password_login_access
get_value get_prop get_ssh_password_auth
validate_network_and_mask ip_number_or_blank subnet_mask_or_blank
get_ipsecrw_sessions pptp_and_dhcp_range
);
# get_pptp_sessions
our $db = esmith::ConfigDB->open || warn "Couldn't open configuration database";
sub main {
my $c = shift;
$c->app->log->info($c->log_req);
my $title = $c->l('rma_FORM_TITLE');
my $notif = '';
my %rma_datas = ();
#$rma_datas{ipsecrwSess} = $c->get_ipsecrw_sessions();
#$rma_datas{pptpSessions} = $c->get_pptp_sessions();
$rma_datas{sshAccess} = $c->get_ssh_access();
$rma_datas{sshPermitRootLogin} = $c->get_ssh_permit_root_login();
$rma_datas{sshPasswordAuthentication} = $c->get_ssh_password_auth();
$rma_datas{sshTCPPort} = $c->get_ssh_port();
$rma_datas{ftpAccess} = $c->get_ftp_access();
$rma_datas{ftpPasswordAccess} = $c->get_ftp_password_login_access();
#$rma_datas{telnetAccess} = $c->get_telnet_access;
$c->stash( title => $title, notif => $notif, rma_datas => \%rma_datas );
$c->render(template => 'remoteaccess');
};
sub do_action {
my $c = shift;
$c->app->log->info($c->log_req);
my $title = $c->l('rma_FORM_TITLE');
my ($result, $res, $trt) = '';
my %rma_datas = ();
$rma_datas{ipsecrwSess} = ($c->param ('IpsecrwSess') || '');
$rma_datas{ipsecrwReset} = ($c->param ('IpsecrwReset') || '');
#$rma_datas{pptpSessions} = ($c->param ('PptpSessions') || '0');
$rma_datas{validFromNetwork} = ($c->param ('ValidFromNetwork') || '');
$rma_datas{validFromMask} = ($c->param ('ValidFromMask') || '');
## my @remove = $q->param('validFromRemove'); ???????? the first one only !!
my @vals = $c->param ('Remove_nets');
$rma_datas{remove_nets} = join ',', @vals;
$rma_datas{sshaccess} = ($c->param ('SshAccess') || 'off');
$rma_datas{sshPermitRootLogin} = ($c->param ('SshPermitRootLogin') || 'no');
$rma_datas{sshPasswordAuthentication} = ($c->param ('SshPasswordAuthentication') || 'no');
$rma_datas{sshTCPPort} = ($c->param ('SshTCPPort') || '22');
$rma_datas{ftpAccess} = ($c->param ('FtpAccess') || 'off');
$rma_datas{ftpPasswordAccess} = ($c->param ('FtpPasswordAccess') || 'private');
$rma_datas{telnetAccess} = ($c->param ('TelnetAccess') || 'off');
# validate
my $v = $c->validation;
return $c->render('remoteaccess') unless $v->has_data;
#$v->optional('PptpSessions')->num(0, 999)->is_valid;
$v->optional('ValidFromNetwork')->size(7, 15)->is_valid;
$v->optional('ValidFromMask')->size(7, 15)->is_valid;
$v->required('SshTCPPort')->num(1, 65535)->is_valid;
$result .= 'field validation error' if $v->has_error;
if ( ! $result ) {
# controls
#$res = pptp_and_dhcp_range( $c, $rma_datas{pptpSessions} );
#$result .= $res . ' ' unless $res eq 'OK';
$res = ip_number_or_blank( $c, $rma_datas{validFromNetwork} );
$result .= $res . ' ' unless $res eq 'OK';
$res = subnet_mask_or_blank( $c, $rma_datas{validFromMask} );
$result .= $res . ' ' unless $res eq 'OK';
$res = validate_network_and_mask( $c, $rma_datas{validFromNetwork}, $rma_datas{validFromMask} );
$result .= $res . ' ' unless $res eq 'OK';
#$result .= ' blocked for testing !' . $rma_datas{remove_nets};
}
if ( ! $result ) {
$res = change_settings( $c, %rma_datas );
$result .= $res unless $res eq 'OK';
}
if ( ! $result ) {
$result = $c->l('rma_ACTION_SUCCEEDED');
$trt = 'SUC';
}
$c->stash( title => $title, notif => $result, rma_datas => \%rma_datas );
if ( $trt ne 'SUC' ) {
return $c->render(template => 'remoteaccess');
}
$c->redirect_to('/remoteaccess');
};
sub networkAccess_list {
my $c = shift;
return [[ $c->l('rma_NO_ACCESS') => 'off'],
[ $c->l('NETWORKS_ALLOW_LOCAL') => 'private'],
[ $c->l('NETWORKS_ALLOW_PUBLIC') => 'public']];
}
sub passwordLogin_list {
my $c = shift;
return [[$c->l('rma_PASSWORD_LOGIN_PRIVATE') => 'private'],
[$c->l('rma_PASSWORD_LOGIN_PUBLIC') => 'public']];
}
sub get_prop {
my ($c, $item, $prop) = @_;
warn "You must specify a record key" unless $item;
warn "You must specify a property name" unless $prop;
my $record = $db->get($item) or warn "Couldn't get record for $item";
return $record ? $record->prop($prop) : undef;
}
sub get_value {
my $c = shift;
my $item = shift;
return ($db->get($item)->value());
}
sub get_ftp_access {
my $status = get_prop('','ftp','status') || 'disabled';
return 'off' unless $status eq 'enabled';
my $access = get_prop('','ftp','access') || 'private';
return ($access eq 'public') ? 'normal' : 'private';
}
#sub get_pptp_sessions {
# my $status = get_prop('','pptpd','status');
# if (defined($status) && ($status eq 'enabled')) {
# return(get_prop('','pptpd','sessions') || 'no');
# return '0';
#}
sub get_ssh_permit_root_login {
return(get_prop('','sshd','PermitRootLogin') || 'no');
}
sub get_ssh_password_auth {
return(get_prop('','sshd','PasswordAuthentication') || 'yes');
}
sub get_ssh_access {
my $status = get_prop('','sshd','status');
if (defined($status) && ($status eq 'enabled')) {
my $access = get_prop('','sshd','access');
$access = ($access eq 'public') ? 'public' : 'private';
return($access);
}
else {
return('off');
}
}
sub get_ssh_port {
return(get_prop('$c','sshd','TCPPort') || '22');
}
sub get_ftp_password_login_access {
my $status = get_prop('','ftp','status') || 'disabled';
return 'private' unless $status eq 'enabled';
my $access = get_prop('','ftp','LoginAccess') || 'private';
return ($access eq 'public') ? 'public' : 'private';
}
sub get_telnet_mode {
my $telnet = $db->get('telnet');
return('off') unless $telnet;
my $status = $telnet->prop('status') || 'disabled';
return('off') unless $status eq 'enabled';
my $access = $telnet->prop('access') || 'private';
return ($access eq "public") ? "public" : "private";
}
sub get_ipsecrw_sessions {
my $status = $db->get('ipsec')->prop('RoadWarriorStatus');
if (defined($status) && ($status eq 'enabled')) {
return($db->get('ipsec')->prop('RoadWarriorSessions') || '0');
}
else {
return('0');
}
}
sub get_ipsecrw_status {
return undef unless ( $db->get('ipsec'));
return $db->get('ipsec')->prop('RoadWarriorStatus');
}
sub pptp_and_dhcp_range {
my $c = shift;
my $val = shift || 0;
my $dhcp_status = $db->get_prop('dhcpd','status') || 'disabled';
my $dhcp_end = $db->get_prop('dhcpd','end') || '';
my $dhcp_start = $db->get_prop('dhcpd','start') || '';
if ( $dhcp_status eq 'enabled' ) {
my $ip_start = unpack 'N', inet_aton($dhcp_start);
my $ip_end = unpack 'N', inet_aton($dhcp_end);
my $ip_count = $ip_end - $ip_start;
return 'OK' if( $val < $ip_count );
return $c->l('rma_NUMBER_OF_PPTP_CLIENTS_MUST_BE_LESSER_THAN_NUMBER_OF_IP_IN_DHCP_RANGE');
} else {
return 'OK';
}
}
sub _get_valid_from {
my $c = shift;
my $rec = $db->get('httpd-admin');
return undef unless($rec);
my @vals = (split ',', ($rec->prop('ValidFrom') || ''));
return @vals;
}
sub ip_number_or_blank {
my $c = shift;
my $ip = shift;
if (!defined($ip) || $ip eq "") {
return 'OK';
}
return ip_number($c, $ip);
}
sub subnet_mask_or_blank {
my $c = shift;
my $mask = shift;
if (!defined($mask) || $mask eq "") {
return "OK";
}
chomp $mask ;
return ( subnet_mask( $mask ) ne 'OK' ) ? $c->l('rma_INVALID_SUBNET_MASK') . " (" . $mask . ")" : 'OK';
}
sub validate_network_and_mask {
my $c = shift;
my $net = shift || "";
my $mask = shift || "";
if ($net xor $mask) {
return $c->l('rma_ERR_INVALID_PARAMS' . " (" . $net."/".$mask . ")");
}
return 'OK';
}
sub change_settings {
my ($c, %rma_datas) = @_;
#------------------------------------------------------------
# good; go ahead and change the access.
#------------------------------------------------------------
my $rec = $db->get('telnet');
if($rec) {
if ($rma_datas{telnetAccess} eq "off") {
$rec->set_prop('status','disabled');
} else {
$rec->set_prop('status','enabled');
$rec->set_prop('access', $rma_datas{telnetAccess});
}
}
$rec = $db->get('sshd') || $db->new_record('sshd', {type => 'service'});
$rec->set_prop('TCPPort', $rma_datas{sshTCPPort});
$rec->set_prop('status', ( $rma_datas{sshaccess} eq "off" ? 'disabled' : 'enabled'));
$rec->set_prop('access', $rma_datas{sshaccess});
$rec->set_prop('PermitRootLogin', $rma_datas{sshPermitRootLogin});
$rec->set_prop('PasswordAuthentication', $rma_datas{sshPasswordAuthentication});
$rec = $db->get('ftp');
if($rec) {
if ($rma_datas{ftpAccess} eq "off") {
$rec->set_prop('status', 'disabled');
$rec->set_prop('access', 'private');
$rec->set_prop('LoginAccess', 'private');
} elsif ($rma_datas{ftpAccess} eq "normal") {
$rec->set_prop('status', 'enabled');
$rec->set_prop('access', 'public');
$rec->set_prop('LoginAccess', $rma_datas{ftpPasswordAccess});
} else {
$rec->set_prop('status', 'enabled');
$rec->set_prop('access', 'private');
$rec->set_prop('LoginAccess', $rma_datas{ftpPasswordAccess});
}
}
# if ($rma_datas{pptpSessions} == 0) {
# $db->get('pptpd')->set_prop('status', 'disabled');
# } else {
# $db->get('pptpd')->set_prop('status', 'enabled');
# $db->get('pptpd')->set_prop('sessions', $rma_datas{pptpSessions});
# }
if ( $rma_datas{validFromNetwork} && $rma_datas{validFromMask} ) {
unless (add_new_valid_from( $c, $rma_datas{validFromNetwork}, $rma_datas{validFromMask} )) {
return $c->l('rma_ERROR_UPDATING_CONFIGURATION') . 'new net';
}
}
if ( $rma_datas{remove_nets} ) {
unless (remove_valid_from( $c, $rma_datas{remove_nets} )) {
return $c->l('rma_ERROR_UPDATING_CONFIGURATION') . 'del net';
}
}
# reset ipsec roadwarrior CA,server,client certificates
if ($rma_datas{ipsecrwReset}) {
system('/sbin/e-smith/roadwarrior', 'reset_certs') == 0 or
return $c->l('rma_ERROR_UPDATING_CONFIGURATION') . 'rst ipsec';
}
if ( $rma_datas{ipsecrwSess} ) {
set_ipsecrw_sessions( $c, $rma_datas{ipsecrwSess} );
}
unless ( system( "/sbin/e-smith/signal-event", "remoteaccess-update" ) == 0 ) {
return $c->l('rma_ERROR_UPDATING_CONFIGURATION');
}
return 'OK';
}
sub set_ipsecrw_sessions {
my $c = shift;
my $sessions = shift;
if (defined $sessions) {
$db->get('ipsec')->set_prop('RoadWarriorSessions', $sessions);
if (int($sessions) > 0) {
$db->get('ipsec')->set_prop('RoadWarriorStatus', 'enabled');
}
}
return '';
}
sub add_new_valid_from {
my $c = shift;
my $net = shift;
my $mask = shift;
# we transform bit mask to regular mask
$mask = get_reg_mask( $net, $mask );
my $rec = $db->get('httpd-admin');
return $c->error('ERR_NO_RECORD') unless $rec;
my $prop = $rec->prop('ValidFrom') || '';
my @vals = split /,/, $prop;
return '' if (grep /^$net\/$mask$/, @vals); # already have this entry
if ($prop ne '') {
$prop .= ",$net/$mask";
} else {
$prop = "$net/$mask";
}
$rec->set_prop('ValidFrom', $prop);
return 1;
}
sub remove_valid_from {
my $c = shift;
my $remove_nets = shift;
my @remove = split /,/, $remove_nets;
# my @remove = $c->param('Remove_nets');
my @vals = $c->_get_valid_from();
foreach my $entry (@remove) {
return undef unless $entry;
my ($net, $mask) = split (/\//, $entry);
unless (@vals) {
print STDERR "ERROR: unable to load ValidFrom property from conf db\n";
return undef;
}
# what if we don't have a mask because someone added an entry from
# the command line? by the time we get here, the panel will have
# added a 32 bit mask, so we don't know for sure if the value in db
# is $net alone or $net/255.255.255.255. we have to check for both
# in this special case...
@vals = (grep { $entry ne $_ && $net ne $_ } @vals);
}
my $prop;
if (@vals) {
$prop = join ',',@vals;
} else {
$prop = '';
}
$db->get('httpd-admin')->set_prop('ValidFrom', $prop);
return 1;
}
1;

View File

@@ -0,0 +1,56 @@
package SrvMngr::Controller::Request;
#
# routes : end
#----------------------------------------------------------------------
use strict;
use warnings;
use Mojo::Base 'Mojolicious::Controller';
use Locale::gettext;
use SrvMngr::I18N;
use SrvMngr qw(theme_list init_session);
# retrieve a configuration db record
sub getconfig {
my $c = shift;
my $key = $c->param('key');
$c->app->log->info($c->log_req . ' ' . $key);
if ($key) {
use esmith::ConfigDB qw(open_ro);
my $cdb = esmith::ConfigDB->open_ro;
return getdb( $c, $cdb, $key);
}
}
# retrieve an accounts db record, given its name
sub getaccount {
my $c = shift;
my $key = $c->param('key');
$c->app->log->info($c->log_req . ' ' . $key);
if ($key) {
use esmith::AccountsDB qw(open_ro);
my $adb = esmith::AccountsDB->open_ro;
return getdb( $c, $adb, $key);
}
}
sub getdb {
my ($c, $db, $key) = @_;
if ( my $rec = $db->get($key) ) {
return $c->render(json => { $key => { $rec->props }} );
}
return undef;
}
1;

View File

@@ -0,0 +1,235 @@
package SrvMngr::Controller::Review;
#----------------------------------------------------------------------
# heading : Support
# description : Review configuration
# navigation : 000 500
# menu : N
# routes : end
#----------------------------------------------------------------------
# heading-o : Configuration
# description-o : Review configuration
# navigation-o : 6000 6800
#----------------------------------------------------------------------
use strict;
use warnings;
use Mojo::Base 'Mojolicious::Controller';
use Locale::gettext;
use SrvMngr::I18N;
use SrvMngr qw(theme_list init_session);
#use SrvMngr::Review_sub qw(print_page);
#use smeserver::Panel::review;
use esmith::FormMagick::Panel::review;
our $db = esmith::ConfigDB->open_ro || die "Couldn't open config db";
our $domains = esmith::DomainsDB->open_ro || die "Couldn't open domains";
our $networks = esmith::NetworksDB->open_ro || die "Couldn't open networks";
sub main {
my $c = shift;
$c->app->log->info($c->log_req);
my $title = $c->l('rvw_FORM_TITLE');
my $modul = $c->render_to_string(inline => $c->l('rvw_DESCRIPTION'));
my %rvw_datas = ();
$rvw_datas{'servermode'} = (get_value('','SystemMode' )|| '');
$rvw_datas{'localip'} = get_value('$c','LocalIP' )
.'/'.get_value('$c','LocalNetmask');
$rvw_datas{'publicip'} =
esmith::FormMagick::Panel::review->get_public_ip_address($c);
$rvw_datas{'gateway'} =
$c->render_to_string(inline => print2_gateway_stanza($c));
$rvw_datas{'serveronly'} =
$c->render_to_string(inline => print2_serveronly_stanza($c));
$rvw_datas{'addlocalnetworks'} = get_local_networks($c);
$rvw_datas{'dhcpserver'} =
$c->render_to_string(inline => print2_dhcp_stanza($c));
$rvw_datas{'dnsserver'} = (get_value('','LocalIP' )|| '');
$rvw_datas{'webserver'} = 'www.'.(get_local_domain());
my $port = $db->get_prop("squid", "TransparentPort") || 3128;
$rvw_datas{'proxyserver'} = 'proxy.'.get_local_domain().":$port";
$rvw_datas{'ftpserver'} = 'ftp.'.get_local_domain();
$rvw_datas{'smtpserver'} = 'mail.'.get_local_domain();
$rvw_datas{'domainname'} = (get_value('','DomainName' )|| '');
$rvw_datas{'virtualdomains'} =
$c->render_to_string(inline => gen2_domains($c));
$rvw_datas{'primarywebsite'} = 'http://www.'.get_value('','DomainName');
$rvw_datas{'servermanager'} = 'https://'. (get_value('','SystemName') || 'localhost').'/server-manager/';
$rvw_datas{'usermanager'} = 'https://'. (get_value('','SystemName') || 'localhost').'/user-password/';
$rvw_datas{'emailaddresses'} =
$c->render_to_string(inline => gen2_email_addresses($c));
#$c->stash( releaseVersion => $c->session->{releaseVersion}, copyRight => $c->session->{copyRight},
#PwdSet => $c->session->{PwdSet}, Unsafe => $c->session->{Unsafe},
$c->stash( title => $title, modul => $modul, rvw_datas => \%rvw_datas,
);
$c->render(template => 'review');
}
=head2 gen2_email_addresses
Returns a string of the various forms of email addresses that work
on an SMEServer (mojo v.)
=cut
sub gen2_email_addresses {
my $c = shift;
my $domain = get_value($c,'DomainName');
my $useraccount = $c->l("rvw_EMAIL_USERACCOUNT");
my $firstname = $c->l("rvw_EMAIL_FIRSTNAME");
my $lastname = $c->l("rvw_EMAIL_LASTNAME");
my $out = "<I>" . $useraccount . "</I>\@" . $domain . "<BR>"
. "<I>" . $firstname . "</I>.<I>" . $lastname . "</I>\@" . $domain . "<BR>"
. "<I>" . $firstname . "</I>_<I>" . $lastname . "</I>\@" . $domain . "<BR>";
return $out;
}
=head2 gen2_domains
Returns a string of the domains this SME Server serves or a localized string
saying "no domains defined" (mojo ver)
=cut
sub gen2_domains {
my $c = shift;
my @virtual = $domains->get_all_by_prop( type => 'domain');
my $numvirtual = @virtual;
if ($numvirtual == 0) {
$c->localise("NO_VIRTUAL_DOMAINS");
}
else {
my $out = "";
my $domain;
foreach $domain (sort @virtual) {
if ($out ne "") {
$out .= "<BR>";
}
$out .= $domain->key;
}
return $out;
}
}
=head2 get2_local_networks
Return a <br> delimited string of all the networks this SMEServer is
serving. (mojo ver)
=cut
sub get2_local_networks {
my $c = shift;
my @nets = $networks->get_all_by_prop('type' => 'network');
my $numNetworks = @nets;
if ($numNetworks == 0) {
return $c->l('rvw_NO_NETWORKS');
}
else {
my $out = "";
foreach my $network (sort @nets) {
if ($out ne "") {
$out .= "<BR>";
}
$out .= $network->key."/" . get_net_prop($c, $network->key, 'Mask');
if ( defined get_net_prop($c, $network->key, 'Router') ) {
$out .= " via " . get_net_prop ($c, $network->key, 'Router');
}
}
return $out;
}
}
=head2 print2_gateway_stanza
If this system is a server gateway, show the external ip and gateway ip (mojo ver)
=cut
sub print2_gateway_stanza
{
my $c = shift;
if (get_value($c,'SystemMode') =~ /servergateway/)
{
my $ip = get_value($c,'ExternalIP');
my $static =
(get_value($c, 'AccessType') eq 'dedicated') &&
(get_value($c, 'ExternalDHCP') eq 'off') &&
(get_prop($c, 'pppoe', 'status') eq 'disabled');
if ($static)
{
$ip .= "/".get_value($c,'ExternalNetmask');
}
my $out = $c->l('rvw_EXTERNAL_IP_ADDRESS_SUBNET_MASK').':'.$ip;
if ($static)
{
$out .= $c->l('rvw_GATEWAY').':'.get_value($c,'GatewayIP');
}
return $out
}
}
=head2 print2_serveronly_stanza
If this system is a standalone server with net access, show the external
gateway IP (mojo ver)
=cut
sub print2_serveronly_stanza {
my $c = shift;
if ( (get_value($c,'SystemMode') eq 'serveronly') &&
get_value($c,'AccessType') &&
(get_value($c,'AccessType') ne "off")) {
return ( get_value($c,'GatewayIP') );
}
}
=head2 print2_dhcp_stanza
Prints out the current state of dhcp service (mojo ver)
=cut
sub print2_dhcp_stanza {
my $c = shift;
my $out = (get_prop($c,'dhcpd','status') || 'disabled' );
if (get_prop($c,'dhcpd', 'status') eq 'enabled') {
$out .= '<br>'.$c->l('rvw_BEGINNING_OF_DHCP_ADDRESS_RANGE').':';
$out .= (get_prop($c,'dhcpd','start') || '' ).'<br>';
$out .= $c->l('rvw_END_OF_DHCP_ADDRESS_RANGE').':';
$out .= (get_prop($c,'dhcpd','end') || '' );
}
return $out;
}
1;

View File

@@ -0,0 +1,44 @@
package SrvMngr::Controller::Support;
#----------------------------------------------------------------------
# heading : Support
# description : Support and licensing
# navigation : 0000 200
# menu : N
#
# routes : end
#----------------------------------------------------------------------
use strict;
use warnings;
use Mojo::Base 'Mojolicious::Controller';
use SrvMngr qw(theme_list init_session);
use esmith::util;
sub display_licenses {
my $lang = shift;
my $lic = '';
foreach my $license (esmith::util::getLicenses($lang)) {
$lic .= $license . '<br>';
}
return $lic;
}
sub main {
my $c = shift;
$c->app->log->info($c->log_req);
my $title = $c->l('support_FORM_TITLE');
my $modul = $c->render_to_string(inline => display_licenses($c->session->{lang}));
$c->stash( title => $title, modul => $modul );
$c->render(template => 'module');
};
1;

View File

@@ -0,0 +1,51 @@
package SrvMngr::Controller::Swttheme;
#
# routes : end
#----------------------------------------------------------------------
use strict;
use warnings;
use Mojo::Base 'Mojolicious::Controller';
#use SrvMngr qw(theme_list init_session);
our $db = esmith::ConfigDB->open() || die "Couldn't open config db";
sub main {
my $c = shift;
my $from = $c->param('From') || '/';
my $theme = $c->param('Theme');
$c->app->log->info(" swt theme '$from' '$theme' ");
my $oldTheme = $c->session->{CurrentTheme};
if ( $theme ne $oldTheme ) {
# $c->app->renderer->paths([$c->app->home->rel_file('themes/default/templates')]);
# $c->app->static->paths([$c->app->home->rel_file('themes/default/public')]);
# if ( $theme ne 'default' ) {
# # Put the new theme first
# my $t_path = $c->app->home->rel_file('themes/'.$theme);
# unshift @{$c->app->renderer->paths}, $t_path.'/templates' if -d $t_path.'/templates';
# unshift @{$c->app->static->paths}, $t_path.'/public' if -d $t_path.'/public';
# }
$c->session->{CurrentTheme} = $theme;
$db->get('smanager')->set_prop('Theme', $theme);
system ("/sbin/e-smith/signal-event smanager-theme-change") == 0
or warn "$c->l('ERROR_UPDATING')";
}
## (not sure) $c->flash( warning => $c->l('swt_LOGIN_AGAIN') );
$from = '/initial' if $from eq '/';
$from = '/' . $from if ( $from !~ m|^\/| );
$c->redirect_to( $from);
}
1;

View File

@@ -0,0 +1,961 @@
package SrvMngr::Controller::Useraccounts;
#----------------------------------------------------------------------
# heading : User management
# description : Users
# navigation : 2000 100
#----------------------------------------------------------------------
#
# routes : end
#----------------------------------------------------------------------
use strict;
use warnings;
use Mojo::Base 'Mojolicious::Controller';
use Locale::gettext;
use SrvMngr::I18N;
use SrvMngr qw(theme_list init_session
is_normal_password email_simple);
#use esmith::FormMagick qw( validate_password );
#use CGI::FormMagick::Validator qw( call_fm_validation );
use esmith::AccountsDB;
use esmith::ConfigDB;
use esmith::util;
#use esmith::FormMagick;
#use esmith::cgi;
#use File::Basename;
#use Exporter;
#use Carp qw(verbose);
#use esmith::FormMagick::Panel::useraccounts;
our $adb = esmith::AccountsDB->open || die "Couldn't open accounts db";
our $cdb = esmith::ConfigDB->open() || die "Couldn't open config db";
sub main {
my $c = shift;
$c->app->log->info($c->log_req);
my $notif = '';
my %usr_datas = ();
my $title = $c->l('usr_FORM_TITLE');
$usr_datas{'trt'} = 'LIST';
my @users = $adb->get('admin');
push @users, $adb->users();
$c->stash( title => $title, notif => $notif, usr_datas => \%usr_datas, users => \@users );
$c->render(template => 'useraccounts');
};
sub do_display {
my $c = shift;
my $rt = $c->current_route;
my $trt = ($c->param('trt') || 'ADD');
my $user = ($c->param('user') || '');
my %usr_datas = ();
my $title = $c->l('usr_FORM_TITLE');
my ($notif, $modul) = '';
$usr_datas{'trt'} = $trt;
if ( $trt eq 'ADD' ) {
$usr_datas{user} = '';
$usr_datas{firstname} = '';
$usr_datas{lastname} = '';
$usr_datas{dept} = $c->get_ldap_value('Dept');
$usr_datas{company} = $c->get_ldap_value('Company');
$usr_datas{street} = $c->get_ldap_value('Street');
$usr_datas{city} = $c->get_ldap_value('City');
$usr_datas{phone} = $c->get_ldap_value('Phone');
}
if ( $trt eq 'UPD' or $trt eq 'UPS' ) {
my $rec = $adb->get($user);
my $type = ( $trt eq 'UPS' ) ? 'system' : 'user';
if ($rec and $rec->prop('type') eq $type) {
$usr_datas{user} = $user;
$usr_datas{firstname} = $rec->prop('FirstName');
$usr_datas{lastname} = $rec->prop('LastName');
$usr_datas{vpnclientaccess} = $rec->prop('VPNClientAccess');
$usr_datas{emailforward} = $rec->prop('EmailForward');
$usr_datas{forwardaddress} = $rec->prop('ForwardAddress');
if ( $trt eq 'UPD' ) {
$usr_datas{dept} = $rec->prop('Dept');
$usr_datas{company} = $rec->prop('Company');
$usr_datas{street} = $rec->prop('Street');
$usr_datas{city} = $rec->prop('City');
$usr_datas{phone} = $rec->prop('Phone');
}
}
}
if ( $trt eq 'DEL' ) {
my $rec = $adb->get($user);
if ($rec and $rec->prop('type') eq 'user') {
$usr_datas{user} = $user;
$usr_datas{name} = $c->get_user_name($user);
}
}
if ( $trt eq 'PWD' or $trt eq 'PWS' ) {
my $rec = $adb->get($user);
my $type = ( $trt eq 'PWS' ) ? 'system' : 'user';
if ($rec and $rec->prop('type') eq $type) {
$usr_datas{user} = $user;
$usr_datas{name} = $c->get_user_name($user);
}
}
if ( $trt eq 'LCK' ) {
my $rec = $adb->get($user);
if ($rec and $rec->prop('type') eq 'user') {
$usr_datas{user} = $user;
$usr_datas{name} = $c->get_user_name($user);
}
}
if ( $trt eq 'LIST' ) {
my @useraccounts;
if ($adb)
{
@useraccounts = $adb->useraccounts();
}
$c->stash( useraccounts => \@useraccounts );
}
$c->stash( title => $title, notif => $notif, usr_datas => \%usr_datas );
$c->render( template => 'useraccounts' );
};
sub do_update {
my $c = shift;
$c->app->log->info($c->log_req);
my $rt = $c->current_route;
my $trt = ($c->param('trt') || 'LIST');
my $user = ($c->param('user') || '');
my $name = ($c->param('name') || '');
my %usr_datas = ();
$usr_datas{trt} = $trt;
my $title = $c->l('usr_FORM_TITLE');
my ($res, $result) = '';
if ( $trt eq 'ADD' ) {
# controls
my $first = $c->param('FirstName');
my $last = $c->param('LastName');
my $mail = $c->param('ForwardAddress');
unless ( $first ) {
$result .= $c->l('FM_NONBLANK') . ' - ';
}
unless ( $last ) {
$result .= $c->l('FM_NONBLANK') . ' - ';
}
#unless ( $mail ) {
# $result .= $c->l('FM_NONBLANK') . ' - ';
#}
$res = $c->validate_acctName( $user );
$result .= $res unless $res eq 'OK';
$res = $c->validate_acctName_length( $user );
$result .= $res unless $res eq 'OK';
$res = $c->validate_acctName_conflict( $user );
$result .= $res unless $res eq 'OK';
$res = $c->pseudonym_clash( $first );
$result .= $res unless $res eq 'OK';
if ( $mail ) {
$res = $c->emailforward( $mail );
$result .= $res unless $res eq 'OK';
}
#$result .= 'Blocked for testing';
if ( ! $result ) {
$res = create_user( $c, $user );
$result .= $res unless $res eq 'OK';
if ( ! $result ) {
$result = $c->l('usrUSER_CREATED') . ' ' . $user;
$usr_datas{trt} = 'SUC';
}
}
}
if ( $trt eq 'UPD' or $trt eq 'UPS') {
# controls
my $first = $c->param('FirstName');
my $last = $c->param('LastName');
my $mail = $c->param('ForwardAddress');
unless ( $first ) {
$result .= $c->l('FM_NONBLANK') . ' - ';
}
unless ( $last ) {
$result .= $c->l('FM_NONBLANK') . ' - ';
}
#unless ( $mail ) {
# $result .= $c->l('FM_NONBLANK') . ' - ';
#}
$res = $c->pseudonym_clash( $first );
$result .= $res unless $res eq 'OK';
if ( $mail ) {
$res = $c->emailforward( $mail );
$result .= $res unless $res eq 'OK';
}
#$result .= 'Blocked for testing';
if ( ! $result ) {
if ( $trt eq 'UPS' ) {
$res = $c->modify_admin();
} else {
$res = $c->modify_user( $user );
}
$result .= $res unless $res eq 'OK';
if ( ! $result ) {
$result = $c->l('usr_USER_MODIFIED') . ' ' . $user;
$usr_datas{trt} = 'SUC';
}
}
}
if ( $trt eq 'PWD' ) {
my $pass1 = $c->param('newPass');
my $pass2 = $c->param('newPassVerify');
# controls
unless ($pass1) {
$result .= $c->l('FM_NONBLANK') . ' - ';
}
unless ($pass1 eq $pass2) {
$result .= $c->l('PASSWORD_VERIFY_ERROR') . ' - ';
}
if ( ! $result ) {
$res = check_password( $c, $pass1 );
$result .= $res unless $res eq 'OK';
}
if ( $user eq 'admin' ) {
$result .= "System password should not be reset here !";
}
#$result .= 'Blocked for testing';
if ( ! $result ) {
my $res = $c->reset_password( $user, $pass1 );
$result .= $res unless $res eq 'OK';
if ( ! $result ) {
$result = $c->l('usr_PASSWORD_CHANGE_SUCCEEDED', $user);
$usr_datas{trt} = 'SUC';
}
}
}
if ( $trt eq 'PWS' ) { # system password reset (admin)
my $curpass = $c->param('CurPass');
my $pass1 = $c->param('Pass');
my $pass2 = $c->param('PassVerify');
# controls
if ($curpass) {
$res = $c->system_authenticate_password( $curpass );
$result .= $res unless $res eq 'OK';
} else {
$result .= $c->l('FM_NONBLANK') . ' - ';
}
unless ($pass1 and $pass2) {
$result .= $c->l('FM_NONBLANK') . ' - ';
}
unless ($pass1 eq $pass2) {
$result .= $c->l('usr_SYSTEM_PASSWORD_VERIFY_ERROR') . ' - ';
}
if ( ! $result ) {
$res = $c->system_validate_password( $pass1 );
$result .= $res unless $res eq 'OK';
$res = $c->system_check_password( $pass1 );
$result .= $res unless $res eq 'OK';
}
#$result .= 'Blocked for testing';
if ( ! $result ) {
my $res = $c->system_change_password();
$result .= $res unless $res eq 'OK';
if ( ! $result ) {
$result = $c->l('usr_SYSTEM_PASSWORD_CHANGED', $user);
$usr_datas{trt} = 'SUC';
}
}
}
if ( $trt eq 'LCK' ) {
# controls
#$res = xxxxxxxxxxx();
#$result .= $res unless $res eq 'OK';
#$result .= 'Blocked for testing';
if ( ! $result ) {
my $res = $c->lock_account( $user );
$result .= $res unless $res eq 'OK';
if ( ! $result ) {
$result = $c->l('usr_LOCKED_ACCOUNT', $user);
$usr_datas{trt} = 'SUC';
}
}
}
if ( $trt eq 'DEL' ) {
# controls
#$res = xxxxxxxxxxx();
#$result .= $res unless $res eq 'OK';
#$result .= 'Blocked for testing';
if ( ! $result ) {
my $res = $c->remove_account( $user );
$result .= $res unless $res eq 'OK';
if ( ! $result ) {
$result = $c->l('usr_SUCCESSFULLY_DELETED_USER') . ' ' . $user;
$usr_datas{trt} = 'SUC';
}
}
}
$usr_datas{'user'} = $user;
$usr_datas{'name'} = $name;
$c->stash( title => $title, notif => $result, usr_datas => \%usr_datas );
if ($usr_datas{trt} ne 'SUC') {
return $c->render(template => 'useraccounts');
}
$c->redirect_to('/useraccounts');
};
sub lock_account {
my $c = shift;
my $user = $c->param('user');
my $acct = $adb->get($user);
if ($acct->prop('type') eq "user") {
undef $adb;
# Untaint the username before use in system()
$user =~ /^(\w[\-\w_\.]*)$/;
$user = $1;
if (system("/sbin/e-smith/signal-event", "user-lock", $user)) {
$adb = esmith::AccountsDB->open();
return $c->l("usr_ERR_OCCURRED_LOCKING");
}
$adb = esmith::AccountsDB->open();
return 'OK';
} else {
return $c->l('NO_SUCH_USER', $user);
}
}
sub remove_account {
my ($c) = @_;
my $user = $c->param('user');
my $acct = $adb->get($user);
if ($acct->prop('type') eq 'user') {
$acct->set_prop('type', 'user-deleted');
undef $adb;
# Untaint the username before use in system()
$user =~ /^(\w[\-\w_\.]*)$/;
$user = $1;
if (system ("/sbin/e-smith/signal-event", "user-delete", $user))
{
$adb = esmith::AccountsDB->open();
return $c->l("ERR_OCCURRED_DELETING");
}
$adb = esmith::AccountsDB->open();
$adb->get($user)->delete;
return 'OK';
} else {
return $c->l('NO_SUCH_USER', $user);
}
}
sub reset_password {
my ($c, $user, $passw1) = @_;
unless (($user) = ($user =~ /^(\w[\-\w_\.]*)$/)) {
return $c->l('usr_TAINTED_USER');
}
$user = $1;
my $acct = $adb->get($user);
if ( $acct->prop('type') eq "user") {
esmith::util::setUserPassword ($user, $passw1);
$acct->set_prop("PasswordSet", "yes");
undef $adb;
if (system("/sbin/e-smith/signal-event", "password-modify", $user))
{
$adb = esmith::AccountsDB->open();
return $c->l("usr_ERR_OCCURRED_MODIFYING_PASSWORD");
}
$adb = esmith::AccountsDB->open();
return 'OK';
} else {
return $c->l('NO_SUCH_USER', $user);
}
}
sub check_password {
my $c = shift;
my $pass1 = shift;
my $check_type;
my $rec = $cdb->get('passwordstrength');
$check_type = ($rec ? ($rec->prop('Users') || 'none') : 'none');
return validate_password($c, $check_type, $pass1);
}
sub validate_password {
my ($c, $strength, $pass) = @_;
use Crypt::Cracklib;
my $reason;
if ($strength eq "none") {
return $c->l("Passwords must be at least 7 characters long") unless (length($pass) > 6);
return "OK";
}
$reason = is_normal_password($c, $pass, undef);
return $reason unless ($reason eq "OK");
return "OK" unless ($strength eq "strong");
if ( -f '/usr/lib64/cracklib_dict.pwd' ) {
$reason = fascist_check($pass, '/usr/lib64/cracklib_dict');
} else {
$reason = fascist_check($pass, '/usr/lib/cracklib_dict');
}
$reason ||= "Software error: password check failed";
return "OK" if ($reason eq "ok");
return $c->l("Bad Password Choice") . ": "
. $c->l("The password you have chosen is not a good choice, because")
. " " . $c->($reason) . ".";
}
sub emailForward_list {
my $c = shift;
return [[ $c->l('usr_DELIVER_EMAIL_LOCALLY') => 'local'],
[ $c->l('usr_FORWARD_EMAIL') => 'forward'],
[ $c->l('usr_DELIVER_AND_FORWARD') => 'both']];
}
sub max_user_name_length {
my ($c, $data) = @_;
$cdb->reload();
my $max = $cdb->get('maxuserNameLength')->value;
if (length($data) <= $max) {
return "OK";
} else {
return $c->l('usr_MAX_user_NAME_LENGTH_ERROR', $data, $max, $max);
}
}
sub validate_acctName {
my ($c, $acctName) = @_;
unless ($adb->validate_account_name($acctName)) {
return $c->l('usr_ACCT_NAME_HAS_INVALID_CHARS', $acctName);
}
return "OK";
}
sub validate_acctName_length {
my $c = shift;
my $acctName = shift;
my $maxAcctNameLength = ($cdb->get('maxAcctNameLength')
? $cdb->get('maxAcctNameLength')->prop('type') : "") || 12;
if ( length $acctName > $maxAcctNameLength ) {
return $c->l('usr_ACCOUNT_TOO_LONG', $maxAcctNameLength);
} else {
return ('OK');
}
}
sub validate_acctName_conflict {
my $c = shift;
my $acctName = shift;
my $account = $adb->get($acctName);
my $type;
if (defined $account) {
$type = $account->prop('type');
} elsif (defined getpwnam($acctName) || defined getgrnam($acctName)) {
$type = "system";
} else {
return('OK');
}
return $c->l('usr_ACCOUNT_CONFLICT', $acctName, $type);
}
sub get_user_name {
my ($c, $acctName) = @_;
my $usr = $adb->get($acctName);
return '' unless $usr;
return $usr->prop('FirstName') ." ". $usr->prop('LastName');
}
sub get_ldap_value {
my ($c, $field) = @_;
# don't do the lookup if this is a modification of an existing user
if ($c->param('user')) {
return $c->param($field);
}
my %CGIParam2DBfield = (
Dept => 'defaultDepartment',
Company => 'defaultCompany',
Street => 'defaultStreet',
City => 'defaultCity',
Phone => 'defaultPhoneNumber'
);
return $cdb->get('ldap')->prop($CGIParam2DBfield{$field});
}
sub get_pptp_value {
return $cdb->get('pptpd')->prop('AccessDefault') || 'no';
}
sub pseudonym_clash {
my ($c, $first) = @_;
$first ||= "";
my $last = $c->param('LastName') || "";
my $acctName = $c->param('user') || "";
my $up = "$first $last";
$up =~ s/^\s+//;
$up =~ s/\s+$//;
$up =~ s/\s+/ /g;
$up =~ s/\s/_/g;
my $dp = $up;
$dp =~ s/_/./g;
$dp = $adb->get($dp);
$up = $adb->get($up);
my $da = $dp->prop('Account') if $dp;
my $ua = $up->prop('Account') if $up;
if ($dp and $da and $da ne $acctName) {
return $c->l('usr_PSEUDONYM_CLASH',
$acctName, $da, $dp->key);
} elsif ($up and $ua and $ua ne $acctName) {
return $c->l('usr_PSEUDONYM_CLASH',
$acctName, $ua, $up->key );
} else {
return "OK";
}
}
sub emailforward {
my ($c, $data) = @_;
my $response = $c->email_simple($data);
if ($response eq "OK") {
return "OK";
} elsif ($data eq "") {
# Blank is ok, only if we're not forwarding, which means that the
# EmailForward param must be set to 'local'.
my $email_forward = $c->param('EmailForward') || '';
$email_forward =~ s/^\s+|\s+$//g;
return 'OK' if $email_forward eq 'local';
return $c->l('usr_CANNOT_CONTAIN_WHITESPACE');
} else {
return $c->l('usr_CANNOT_CONTAIN_WHITESPACE')
if ( $data =~ /\s+/ );
# Permit a local address.
return "OK" if $data =~ /^[a-zA-Z][a-zA-Z0-9\._\-]*$/;
return $c->l('usr_UNACCEPTABLE_CHARS');
}
}
sub get_groups {
my ($c) = shift;
my @groups = $adb->groups();
return \@groups;
}
sub ipsec_for_acct {
my $c = shift;
# Don't show ipsecrw setting unless the status property exists
return '' unless ($cdb->get('ipsec')
&& $cdb->get('ipsec')->prop('RoadWarriorStatus'));
# Don't show ipsecrw setting unless /sbin/e-smith/roadwarrior exists
return '' unless -x '/sbin/e-smith/roadwarrior';
my $user = $c->param('user');
return '' unless $user;
my $rec = $adb->get($user);
if ( $rec ) {
my $pwset = $rec->prop('PasswordSet') || 'no';
my $VPNaccess = $rec->prop('VPNClientAccess') || 'no';
if ($pwset eq 'yes' and $VPNaccess eq 'yes') {
return 'OK';
}
}
return '';
}
sub is_user_in_group {
my $c = shift;
my $user = shift || '';
my $group = shift || '';
return '' unless ( $user and $group );
return ( $adb->is_user_in_group($user, $group) ) ? 'OK' : '';
}
sub get_ipsec_client_cert {
my $c = shift;
my $user = $c->param('user');
($user) = ($user =~ /^(.*)$/);
die "Invalid user: $user\n" unless getpwnam($user);
open (KID, "/sbin/e-smith/roadwarrior get_client_cert $user |")
or die "Can't fork: $!";
my $certfile = <KID>;
close KID;
require File::Basename;
my $certname = File::Basename::basename($certfile);
print "Expires: 0\n";
print "Content-type: application/x-pkcs12\n";
print "Content-disposition: inline; filename=$certname\n";
print "\n";
open (CERT, "<$certfile");
while (<CERT>)
{
print;
}
close CERT;
return '';
}
sub modify_user {
my ($c) = @_;
my $acctName = $c->param('user');
unless (($acctName) = ($acctName =~ /^(\w[\-\w_\.]*)$/)) {
return $c->l('usr_TAINTED_USER', $acctName);
}
# Untaint the username before use in system()
$acctName = $1;
my $acct = $adb->get($acctName);
my $acctType = $acct->prop('type');
if ($acctType eq "user")
{
$adb->remove_user_auto_pseudonyms($acctName);
my %newProperties = (
'FirstName' => $c->param('FirstName'),
'LastName' => $c->param('LastName'),
'Phone' => $c->param('Phone'),
'Company' => $c->param('Company'),
'Dept' => $c->param('Dept'),
'City' => $c->param('City'),
'Street' => $c->param('Street'),
'EmailForward' => $c->param('EmailForward'),
'ForwardAddress' => $c->param('ForwardAddress'),
'VPNClientAccess'=> $c->param('VPNClientAccess'),
);
$acct->merge_props(%newProperties);
$adb->create_user_auto_pseudonyms($acctName)
if ( ($cdb->get_prop('pseudonyms','create') || 'enabled') eq 'enabled' );
my @old_groups = $adb->user_group_list($acctName);
my @new_groups = @{$c->every_param("groupMemberships")};
# $c->app->log->info($c->dumper("groups: Old " . @old_groups .' New '. @new_groups));
$adb->remove_user_from_groups($acctName, @old_groups);
$adb->add_user_to_groups($acctName, @new_groups);
undef $adb;
unless (system ("/sbin/e-smith/signal-event", "user-modify",
$acctName) == 0) {
$adb = esmith::AccountsDB->open();
return $c->l('usr_CANNOT_MODIFY_USER');
}
$adb = esmith::AccountsDB->open();
}
return 'OK';
}
sub create_user {
my $c = shift;
my $acctName = $c->param('user');
my %userprops;
foreach my $field ( qw( FirstName LastName Phone Company Dept
City Street EmailForward ForwardAddress VPNClientAccess) )
{
$userprops{$field} = $c->param($field);
}
$userprops{'PasswordSet'} = "no";
$userprops{'type'} = 'user';
my $acct = $adb->new_record($acctName)
or warn "Can't create new account for $acctName (does it already exist?)\n";
$acct->reset_props(%userprops);
$adb->create_user_auto_pseudonyms($acctName)
if ( ($cdb->get_prop('pseudonyms','create') || 'enabled') eq 'enabled' );
my @groups = @{$c->every_param("groupMemberships")};
$adb->add_user_to_groups($acctName, @groups);
undef $adb;
# Untaint the username before use in system()
$acctName =~ /^(\w[\-\w_\.]*)$/;
$acctName = $1;
if (system ("/sbin/e-smith/signal-event", "user-create", $acctName))
{
$adb = esmith::AccountsDB->open();
return $c->l("usr_ERR_OCCURRED_CREATING");
}
$adb = esmith::AccountsDB->open();
$c->set_groups();
return 'OK';
}
sub set_groups {
my $c = shift;
my $acctName = $c->param('user');
my @groups = @{$c->every_param("groupMemberships")};
$adb->set_user_groups($acctName, @groups);
}
sub modify_admin {
my ($c) = @_;
my $acct = $adb->get('admin');
my %newProperties = (
'FirstName' => $c->param('FirstName'),
'LastName' => $c->param('LastName'),
'EmailForward' => $c->param('EmailForward'),
'ForwardAddress' => $c->param('ForwardAddress'),
'VPNClientAccess'=> $c->param('VPNClientAccess'),
);
$acct->merge_props(%newProperties);
undef $adb;
my $status =
system ("/sbin/e-smith/signal-event", "user-modify-admin", 'admin');
$adb = esmith::AccountsDB->open();
if ($status == 0) {
return 'OK';
} else {
return$c->l('usr_CANNOT_MODIFY_USER', 'First');
}
}
sub system_validate_password {
my $c = shift;
my $pass1 = shift;
# If the password contains one or more printable character
if ($pass1 =~ /^([ -~]+)$/) {
return('OK');
} else {
return $c->l('usr_SYSTEM_PASSWORD_UNPRINTABLES_IN_PASS');
}
}
sub system_check_password {
my $c = shift;
my $pass1 = shift;
use esmith::ConfigDB;
my $conf = esmith::ConfigDB->open();
my ($check_type, $rec);
if ($conf) {
$rec = $conf->get('passwordstrength');
}
$check_type = ($rec ? ($rec->prop('Admin') || 'strong') : 'strong');
return $c->validate_password($check_type, $pass1);
}
sub system_authenticate_password {
my $c = shift;
my $pass = shift;
if (esmith::util::authenticateUnixPassword( ($cdb->get_value("AdminIsNotRoot") eq 'enabled') ? 'admin' : 'root', $pass)) {
return "OK";
} else {
return $c->l("usr_SYSTEM_PASSWORD_AUTH_ERROR");
}
}
sub system_change_password {
my ($c) = @_;
my $pass = $c->param('Pass');
($cdb->get_value("AdminIsNotRoot") eq 'enabled') ? esmith::util::setUnixPassword('admin',$pass) : esmith::util::setUnixSystemPassword($pass);
esmith::util::setServerSystemPassword($pass);
my $result = system("/sbin/e-smith/signal-event password-modify admin");
if ($result == 0) {
return 'OK';
} else {
return $c->l("Error occurred while modifying password for admin.", 'First');
}
}
1

View File

@@ -0,0 +1,38 @@
package SrvMngr::Controller::Userpanelaccess;
#----------------------------------------------------------------------
# heading : User management
# description : User Panel Access
# navigation : 2000 150
# menu :
#----------------------------------------------------------------------
# name : userpanelaccess, method : get, url : /userpanelaccess, ctlact : Userpanelaccess#main
#
# routes : end
#----------------------------------------------------------------------
use strict;
use warnings;
use Mojo::Base 'Mojolicious::Controller';
use Locale::gettext;
use SrvMngr::I18N;
use SrvMngr qw(theme_list init_session);
#use SrvMngr::Model::Main;
sub main {
my $c = shift;
$c->app->log->info($c->log_req);
my $title = $c->l('User panel access');
$c->stash( title => $title, modul => 'https://mailserver.bjsystems.co.uk/server-manager/cgi-bin/userpanelaccess', height => 600 );
$c->render(template => 'embedded');
}
1;

View File

@@ -0,0 +1,257 @@
package SrvMngr::Controller::Userpassword;
#----------------------------------------------------------------------
# heading : Current User
# description : Change password
# navigation : 1000 250
# menu : U
#
# routes : end
#----------------------------------------------------------------------
use strict;
use warnings;
use Mojo::Base 'Mojolicious::Controller';
use esmith::util;
use esmith::ConfigDB;
use esmith::AccountsDB;
use Locale::gettext;
use SrvMngr::I18N;
use SrvMngr qw( theme_list init_session is_normal_password );
our $cdb = esmith::ConfigDB->open_ro || die "Couldn't open configuration db";
sub main {
my $c = shift;
my %pwd_datas = ();
if ( $c->is_logged_in ) {
$pwd_datas{Account} = $c->session->{username};
$pwd_datas{trt} = 'NORM';
} else {
my $rt = $c->current_route;
my $mess = '';
my $jwt = $c->param('jwt') || '';
my $name = $c->jwt->decode($jwt)->{username} || '';
$mess = 'Invalid state' unless ($jwt and $name and $rt eq 'upwdreset');
# request already treated or outdated
if ( $c->pwdrst->{$name}{confirmed} != 1 or $c->pwdrst->{$name}{date} < time() ) {
$mess = $c->l('use_INVALID_REQUEST').' -step 1-';
}
if ( $mess ) {
$c->stash( error => $mess );
return $c->redirect_to ( $c->home_page );
}
# ok for reset password for this account - step 2
$c->pwdrst->{$name}{confirmed} = 2;
$pwd_datas{Account} = $name;
$pwd_datas{trt} = 'RESET';
$pwd_datas{jwt} = $jwt;
$c->flash( success => $c->l('use_OK_FOR_RESET') );
}
$c->stash( pwd_datas => \%pwd_datas );
$c->render( 'userpassword' );
}
sub change_password {
my $c = shift;
my $result;
my $res;
my %pwd_datas = ();
my $trt = $c->param('Trt');
my $acctName = $c->param('User');
my $oldPass = $c->param('Oldpass') || '';
my $pass = $c->param('Pass');
my $passVerify = $c->param('Passverify');
my $jwt = $c->param('jwt') || '';
my $rt = $c->current_route;
my $mess = ''; my $name = '';
$name = $c->jwt->decode($jwt)->{username} if $jwt;
if ( $trt eq 'RESET' ) {
$mess = 'Invalid state' unless ($jwt and $name and ($rt eq 'upwdreset2'));
# request already treated or outdated
if ( $c->pwdrst->{$name}{confirmed} != 2 or $c->pwdrst->{$name}{date} < time() ) {
$mess = $c->l('use_INVALID_REQUEST').' -step 2-';
}
if ( ! $name or $c->is_logged_in or $name ne $acctName ) {
$mess = 'Invalid reset state';
}
} else {
if ( $name or $jwt or ! $c->is_logged_in ) {
$mess = 'Invalid update state';
}
}
if ( $mess ) {
$c->stash( error => $mess );
return $c->redirect_to ( $c->home_page );
}
$pwd_datas{Account} = $acctName;
$pwd_datas{trt} = $trt;
# common controls
if ( $acctName eq 'admin' ) {
$result .= "Admin password should not be reset here !";
} else {
unless ( $pass && $passVerify ) {
$result .= $c->l('pwd_FIELDS_REQUIRED') . "<br>";
} else {
$result .= $c->l('pwd_PASSWORD_INVALID_CHARS') . "<br>" unless (($pass) = ($pass =~ /^([ -~]+)$/ ));
$result .= $c->l('pwd_PASSWORD_VERIFY_ERROR') . "<br>" unless ( $pass eq $passVerify );
}
}
if ( $result ne '' ) {
$c->stash( error => $result, pwd_datas => \%pwd_datas );
return $c->render( 'userpassword' );
}
# validate new password
$res = $c->check_password( $pass );
$result .= $res . "<br>" unless ( $res eq 'OK' );
# controls old password
if ( $trt ne 'RESET' ) {
unless ( $oldPass ) {
$result .= $c->l('pwd_FIELDS_REQUIRED') . "<br>" unless $trt eq 'RESET';
} else {
$result .= $c->l('pwd_PASSWORD_OLD_INVALID_CHARS') . "<br>" unless (($oldPass) = ($oldPass =~ /^(\S+)$/ ));
}
if ( $result ne '' ) {
$c->stash( error => $result, pwd_datas => \%pwd_datas );
return $c->render( 'userpassword' );
}
# verify old password
if ( $trt ne 'RESET') {
$result .= $c->l('pwd_ERROR_PASSWORD_CHANGE') . "<br>"
unless (SrvMngr::Model::Main->check_credentials($acctName, $oldPass));
}
}
# $result .= 'Blocked for test (prevents updates)<br>';
if ( ! $result ) {
my $res = $c->reset_password( $trt, $acctName, $pass, $oldPass );
$result .= $res unless $res eq 'OK';
}
if ( $result ) {
record_password_change_attempt($c, 'FAILED');
$c->stash( error => $result, pwd_datas => \%pwd_datas );
return $c->render( 'userpassword' );
}
$c->pwdrst->{$name}{confirmed} = 9 if $trt eq 'RESET';
record_password_change_attempt($c, 'SUCCESS');
$result .= $c->l('pwd_PASSWORD_CHANGE_SUCCESS');
$c->flash( success => $result );
$c->redirect_to( $c->home_page );
}
sub reset_password {
my ($c, $trt, $user, $password, $oldpassword) = @_;
my $ret;
return $c->l('usr_TAINTED_USER') unless (($user) = ($user =~ /^(\w[\-\w_\.]*)$/));
$user = $1;
my $adb = esmith::AccountsDB->open();
my $acct = $adb->get($user);
return $c->l('NO_SUCH_USER', $user) unless ( $acct->prop('type') eq 'user' );
$ret = esmith::util::setUserPasswordRequirePrevious( $user, $oldpassword, $password ) if $trt ne 'RESET';
$ret = esmith::util::setUserPassword( $user, $password ) if $trt eq 'RESET';
return $c->l('pwd_ERROR_PASSWORD_CHANGE') .' '. $trt unless $ret;
$acct->set_prop("PasswordSet", "yes");
undef $adb;
if (system("/sbin/e-smith/signal-event", "password-modify", $user)) {
$adb = esmith::AccountsDB->open();
return $c->l("usr_ERR_OCCURRED_MODIFYING_PASSWORD");
}
$adb = esmith::AccountsDB->open();
return 'OK';
}
sub record_password_change_attempt {
my ($c, $result) = @_;
my $user = $c->param('User');
my $ip_address = $c->tx->remote_address;
if ($result eq 'SUCCESS') {
$c->app->log->info(join "\t", "Password change succeeded: $user", $ip_address);
} else {
$c->app->log->info(join "\t", "Password change FAILED: $user", $ip_address);
}
}
sub check_password {
my $c = shift;
my $password = shift;
my $strength;
my $rec = $cdb->get('passwordstrength');
$strength = ($rec ? ($rec->prop('Users') || 'none') : 'none');
return validate_password( $c, $strength, $password );
}
sub validate_password {
my ($c, $strength, $pass) = @_;
use Crypt::Cracklib;
if ($strength eq "none") {
return $c->l("Passwords must be at least 7 characters long") unless ( length( $pass ) > 6 );
return "OK";
}
my $reason = is_normal_password($c, $pass, undef);
return $reason unless ($reason eq "OK");
return "OK" unless ($strength eq "strong");
if ( -f '/usr/lib64/cracklib_dict.pwd' ) {
$reason = fascist_check($pass, '/usr/lib64/cracklib_dict');
} else {
$reason = fascist_check($pass, '/usr/lib/cracklib_dict');
}
$reason ||= "Software error: password check failed";
return "OK" if ($reason eq "ok");
return $c->l("Bad Password Choice") . ": "
. $c->l("The password you have chosen is not a good choice, because")
. " " . $c->($reason) . ".";
}
1;

View File

@@ -0,0 +1,336 @@
package SrvMngr::Controller::Viewlogfiles;
#----------------------------------------------------------------------
# heading : Investigation
# description : View log files
# navigation : 7000 100
#
#
# routes : end
#----------------------------------------------------------------------
use strict;
use warnings;
use Mojo::Base 'Mojolicious::Controller';
#use esmith::FormMagick qw(gen_locale_date_string);
use Locale::gettext;
use SrvMngr::I18N;
use SrvMngr qw(theme_list init_session);
use esmith::ConfigDB;
use Time::TAI64;
use File::Basename;
use HTML::Entities;
use esmith::FormMagick qw(gen_locale_date_string);
use File::Temp qw(tempfile);
use constant TRUE => 1;
use constant FALSE => 0;
our $cdb = esmith::ConfigDB->open() || die "Couldn't open config db";
our @logfiles = (); # with array
sub main {
my $c = shift;
$c->app->log->info($c->log_req);
my %log_datas = ();
my $title = $c->l('log_FORM_TITLE');
my $notif = '';
$log_datas{default_op} =
($cdb->get('viewlogfiles')->prop('DefaultOperation')) || 'view';
$c->stash( title => $title, notif => $notif, log_datas => \%log_datas);
$c->render(template => 'viewlogfiles');
};
sub do_action {
my $c = shift;
$c->app->log->info($c->log_req);
my $title = $c->l('log_FORM_TITLE');
my $notif = '';
my $result = "";
my %log_datas = ();
$log_datas{filename} = $c->param('Filename');
$log_datas{matchpattern} = $c->param('Matchpattern');
$log_datas{highlightpattern} = $c->param('Highlightpattern');
$log_datas{operation} = $c->param('Operation');
if ($log_datas{operation} eq 'download') {
$log_datas{'trt'} = "DOWN"
} else {
$log_datas{'trt'} = "SHOW"
}
if ($log_datas{filename} =~ /^([\S\s]+)$/) {
$log_datas{filename} = $1;
} elsif ($log_datas{filename} =~ /^$/) {
$log_datas{filename} = "messages";
} else {
$result .= $c->l("log_FILENAME_ERROR", $log_datas{filename} )
. " ";
}
if ($log_datas{matchpattern} =~ /^(\S+)$/) {
$log_datas{matchpattern} = $1;
} else {
$log_datas{matchpattern} = ".";
}
if ($log_datas{highlightpattern} =~ /^(\S+)$/) {
$log_datas{highlightpattern} = $1;
} else {
$log_datas{highlightpattern} = '';
}
my $fullpath = "/var/log/$log_datas{filename}";
if (-z $fullpath) {
$result .= $c->l("log_LOG_FILE_EMPTY", "$log_datas{filename}" );
}
if ($log_datas{trt} eq "SHOW") {
if ( ! $result ) {
$result = $c->render_to_string(inline => showlogFile( $c, %log_datas ));
}
if ( $result ) {
$c->stash(title => $title, modul => $result, log_datas => \%log_datas);
return $c->render(template => 'viewlogfiles2');
}
}
if ( $log_datas{trt} eq 'DOWN' ) {
my $modul = 'Log file download';
$notif = download_logFile( $c, %log_datas );
return undef unless defined $notif;
}
$c->stash( title => $title, notif => $notif, log_datas => \%log_datas);
$c->render(template => 'viewlogfiles');
};
sub timestamp2local
{
$_ = shift;
if (/^(\@[0-9a-f]{24})(.*)/s)
{
return Time::TAI64::tai64nlocal($1) . $2;
}
elsif (/^([0-9]{10}\.[0-9]{3})(.*)/s)
{
return localtime($1) . $2;
}
return $_;
}
sub findlogFiles {
my $c = shift;
use File::Find;
sub findlogfiles
{
my $path = $File::Find::name;
if (-f)
{
# Remove leading /var/log/messages
$path =~ s:^/var/log/::;
# don't bother to collect files known to be non-text
# or not log files
foreach (qw(
lastlog
btmp$
wtmp
lock
(?<!qpsmtpd/)state
httpd/ssl_mutex.\d*
httpd/ssl_scache.pag
httpd/ssl_scache.dir
\/config$
))
{
return if $path =~ /$_/;
}
my ($file_base, $file_path, $file_type) = fileparse($path);
if ( $file_base =~ /@.*/ )
{
#$logfiles{$path} = $file_path . timestamp2local($file_base);
push @logfiles, [ $file_path . timestamp2local($file_base), $path ];
}
else
{
#$logfiles{$path} = $path;
push @logfiles, [ $path, $path ];
}
}
}
@logfiles = ();
# Now go and find all the files under /var/log
find({wanted => \&findlogfiles, no_chdir => 1}, '/var/log');
my @logf = sort { $a->[0] cmp $b->[0] } @logfiles;
return \@logf;
}
sub showlogFile {
my ($c, %log_datas) = @_;
my $fullpath = "/var/log/$log_datas{filename}";
my $out = '';
$out .= sprintf("$fullpath: \n");
$out .= sprintf($c->l("log_VIEWING_TIME", $c->gen_locale_date_string() ));
unless ( $log_datas{matchpattern} eq '.' )
{
#$out .= sprintf("<p>\n");
$out .= sprintf($c->l("log_MATCH_HEADER", $log_datas{matchpattern} ));
}
if ( $log_datas{highlightpattern} )
{
#$out .= sprintf("<p>\n");
$out .= sprintf($c->l("log_HIGHLIGHT_HEADER", "$log_datas{highlightpattern}" ));
}
if ($log_datas{filename} =~ /\.gz$/) {
my $pid = open(LOGFILE, "-|");
die "Couldn't fork: $!" unless defined $pid;
unless ($pid) {
# Child
exec("/bin/zcat", $fullpath)
|| die "Can't exec zcat: $!";
# NOTREACHED
}
} else {
open(LOGFILE, "$fullpath");
}
my $somethingMatched = 0;
my $fileEmpty = 1;
$out .= sprintf("<PRE>");
while(<LOGFILE>)
{
$fileEmpty = 0;
next unless /$log_datas{matchpattern}/;
$somethingMatched = 1;
$_ = timestamp2local($_);
$_ = HTML::Entities::encode_entities($_);
($log_datas{highlightpattern} && /$log_datas{highlightpattern}/)
? $out .= sprintf( "<b>$_</b>" )
: $out .= sprintf("$_");
}
$out .= sprintf("</PRE>");
if ($fileEmpty) {
$out .= sprintf("<p>\n");
$out .= sprintf($c->l("log_LOG_FILE_EMPTY"));
} else {
unless ($somethingMatched)
{
$out .= sprintf("<p>\n");
$out .= sprintf($c->l("log_NO_MATCHING_LINES"));
}
}
close LOGFILE;
return $out;
}
sub download_logFile {
my ($c, %log_datas) = @_;
my $fullpath = "/var/log/$log_datas{filename}";
# Save this information for later.
$cdb->get('viewlogfiles')->merge_props('DefaultOperation', $log_datas{operation});
# If the client is on windows, we must handle this a little differently.
my $win32 = FALSE;
my $mac = FALSE;
my $agent = $ENV{HTTP_USER_AGENT} || "";
if ($agent =~ /win32|windows/i) {
$win32 = TRUE;
} elsif ($agent =~ /mac/i) {
$mac = TRUE;
}
# Check for errors first. Once we start sending the file it's too late to
# report them.
my $error = "";
unless (-f $fullpath) {
$error = $c->l("log_ERR_NOEXIST_FILE") . $fullpath;
}
local *FILE;
open(FILE, "<$fullpath")
or $error = $c->l("log_ERR_NOOPEN_FILE");
# Put other error checking here.
return $error if $error;
# Fix the filename, as it might have a directory prefixed to it.
my $filename = $log_datas{filename};
if ( $filename =~ m#/# ) {
$filename = (split /\//, $filename)[-1];
}
# And send the file.
my $nl = "\n";
if ($win32) { $nl = "\r\n" }
elsif ($mac) { $nl = "\r" }
# Otherwise, send the file. Start with the headers.
# Note: The Content-disposition must be attachment, or IE will view the
# file inline like it's told. It ignores the Content-type, but it likes
# the Content-disposition (an officially unsupported header) for some
# reason. Yay Microsoft.
my $file2 = new File::Temp( UNLINK => 0 );
while (my $line = <FILE>) {
chomp $line;
my $linew = timestamp2local($line) . $nl;
print $file2 $linew;
}
close(FILE);
$c->render_file(
'filepath' => "$file2",
'filename' => "$filename",
'format' => 'x-download',
'content_disposition' => 'attachment',
'cleanup' => 1,
);
return undef;
}
1;

View File

@@ -0,0 +1,103 @@
package SrvMngr::Controller::Workgroup;
#----------------------------------------------------------------------
# heading : Network
# description : Samba workgroup
# navigation : 6000 700
#
# routes : end
#----------------------------------------------------------------------
use strict;
use warnings;
use Mojo::Base 'Mojolicious::Controller';
use Locale::gettext;
use SrvMngr::I18N;
use SrvMngr qw(theme_list init_session);
use esmith::FormMagick::Panel::workgroup;
our $db = esmith::ConfigDB->open || die "Couldn't open config db";
sub main {
my $c = shift;
$c->app->log->info($c->log_req);
my %wkg_datas = ();
my $title = $c->l('wkg_FORM_TITLE');
my $modul = '';
$wkg_datas{'Workgroup'} = ($db->get_prop('smb','Workgroup')) || '';
$wkg_datas{'ServerName'} = ($db->get_prop('smb','ServerName')) || '';
$wkg_datas{'ServerRole'} = ($db->get_prop('smb','ServerRole')) || '';
$wkg_datas{'RoamingProfiles'} = ($db->get_prop('smb','RoamingProfiles')) || '';
$c->stash( title => $title, modul => $modul, wkg_datas => \%wkg_datas );
$c->render(template => 'workgroup');
};
sub do_update {
my $c = shift;
$c->app->log->info($c->log_req);
my $result = "";
my $workgroup = ($c->param('Workgroup') || 'no');
my $servername = ($c->param('ServerName') || 'WS');
my $roamingprofiles = ($c->param('RoamingProfiles') || 'no');
my $serverrole = ($c->param('ServerRole') || 'WS');
# controls
my $res = validate2_workgroup($c, $workgroup, $servername);
$result .= $res unless $res eq 'OK';
$res = validate2_servername($c, $servername);
$result .= $res unless $res eq 'OK';
if ($result eq '') {
$db->get('smb')->set_prop('Workgroup', $workgroup);
$db->get('smb')->set_prop('ServerRole', $serverrole);
$db->get('smb')->set_prop('ServerName', $servername);
$db->get('smb')->set_prop('RoamingProfiles', $roamingprofiles);
}
system( "/sbin/e-smith/signal-event", "workgroup-update" ) == 0
or $result = $c->l('ERROR_UPDATING') . " system";
my $title = $c->l('wkg_FORM_TITLE');
if ( $result eq '' ) { $result = $c->l('wkg_SUCCESS'); }
$c->stash( title => $title, modul => $result );
$c->render(template => 'module');
};
sub validate2_servername {
my $c = shift;
my $servername = shift;
return ('OK') if ( $servername =~ /^([a-zA-Z][\-\w]*)$/ );
return $c->l('INVALID_SERVERNAME');
}
sub validate2_workgroup {
my $c = shift;
my $workgroup = lc(shift);
my $servername = lc(shift);
# my $workgroup = $c->l(shift);
# my $servername = $c->l(shift);
return $c->l('INVALID_WORKGROUP') unless ( $workgroup =~ /^([a-zA-Z0-9][\-\w\.]*)$/ );
return $c->l('INVALID_WORKGROUP_MATCHES_SERVERNAME') if ( $servername eq $workgroup);
return ('OK');
}
1;

View File

@@ -0,0 +1,560 @@
package SrvMngr::Controller::Yum;
#----------------------------------------------------------------------
# heading : System
# description : Software installer
# navigation : 4000 300
#
# routes : end
#----------------------------------------------------------------------
use strict;
use warnings;
use Mojo::Base 'Mojolicious::Controller';
use Locale::gettext;
use SrvMngr::I18N;
use SrvMngr qw(theme_list init_session ip_number_or_blank);
use esmith::ConfigDB;
use esmith::util;
use File::Basename;
our $cdb = esmith::ConfigDB->open || die "Couldn't open config db";
#use File::stat;
our %dbs;
for ( qw(available installed updates) )
{
$dbs{$_} = esmith::ConfigDB->open_ro("yum_$_") or
die "Couldn't open yum_$_ DB\n";
}
for ( qw(repositories) )
{
$dbs{$_} = esmith::ConfigDB->open("yum_$_") or
die "Couldn't open yum_$_ DB\n";
}
sub main {
my $c = shift;
$c->app->log->info($c->log_req);
my %yum_datas = ();
my $title = $c->l('yum_FORM_TITLE');
my $dest = 'yum';
my $notif = '';
$yum_datas{'trt'} = 'STAT';
if ( -e "/var/run/yum.pid" ) {
$yum_datas{'trt'} = 'LOGF';
$dest = 'yumlogfile';
} elsif ($cdb->get_prop('yum', 'LogFile')) {
$yum_datas{'trt'} = 'PSTU';
$yum_datas{'reconf'} = $cdb->get_value('UnsavedChanges', 'yes');
$dest = 'yumpostupg';
} else {
# normal other trt
}
$c->stash( title => $title, notif => $notif, yum_datas => \%yum_datas );
return $c->render( template => $dest );
}
sub do_display {
my $c = shift;
my $rt = $c->current_route;
my $trt = ($c->param('trt') || 'STAT');
my %yum_datas = ();
my $title = $c->l('yum_FORM_TITLE');
my ($notif, $dest) = '';
$yum_datas{'trt'} = $trt;
# force $trt if current logfile
if ( -e "/var/run/yum.pid" ) {
$trt = 'LOGF';
} elsif ($cdb->get_prop('yum', 'LogFile')) {
$trt = 'PSTU';
}
if ( $trt eq 'UPDT' ) {
$dest = 'yumupdate';
}
if ( $trt eq 'INST' ) {
$dest = 'yuminstall';
}
if ( $trt eq 'REMO' ) {
$dest = 'yumremove';
}
if ( $trt eq 'CONF' ) {
$dest = 'yumconfig';
}
if ( $trt eq 'LOGF' ) {
if (-e "/var/run/yum.pid") {
$dest = 'yumlogfile';
}
}
if ( $trt eq 'PSTU') {
if ($cdb->get_prop('yum', 'LogFile')) {
$dest = 'yumpostupg';
$yum_datas{'reconf'} = $cdb->get_value('UnsavedChanges', 'yes');
}
}
if ( ! $dest ) { $dest = 'yum'; }
$c->stash( title => $title, notif => $notif, yum_datas => \%yum_datas );
return $c->render( template => $dest );
};
sub do_update {
my $c = shift;
$c->app->log->info($c->log_req);
my $rt = $c->current_route;
my $trt = $c->param('trt');
my %yum_datas = ();
$yum_datas{trt} = $trt;
my $title = $c->l('yum_FORM_TITLE');
my ($dest, $res, $result) = '';
if ( $trt eq 'UPDT' ) {
$dest = 'yumupdate';
if ( ! $result ) {
$res = $c->do_yum('update');
$result .= $res unless $res eq 'OK';
if ( ! $result ) {
$yum_datas{trt} = 'SUC';
#$result = $c->l('yum_SUCCESS');
}
}
}
if ( $trt eq 'INST' ) {
$dest = 'yuminstall';
if ( ! $result ) {
$res = $c->do_yum('install');
$result .= $res unless $res eq 'OK';
if ( ! $result ) {
$yum_datas{trt} = 'SUC';
#$result = $c->l('yum_SUCCESS');
}
}
}
if ( $trt eq 'REMO' ) {
$dest = 'yumremove';
if ( ! $result ) {
$res = $c->do_yum('remove');
$result .= $res unless $res eq 'OK';
if ( ! $result ) {
$yum_datas{trt} = 'SUC';
#$result = $c->l('yum_SUCCESS');
}
}
}
if ( $trt eq 'CONF' ) {
$dest = 'yumconfig';
if ( ! $result ) {
$res = $c->change_settings();
$result .= $res unless $res eq 'OK';
if ( ! $result ) {
$yum_datas{trt} = 'SUC';
$result = $c->l('yum_SUCCESS');
}
}
}
if ( $trt eq 'PSTU') {
my $reconf = $c->param('reconf') || 'yes';
$dest = 'yumpostupg';
# effective reconfigure and reboot required
if ( $reconf eq 'yes' ) {
$res = $c->post_upgrade_reboot();
$result .= $res unless $res eq 'OK';
if ( ! $result ) {
$yum_datas{trt} = 'SUC';
$result = $c->l('yum_SYSTEM_BEING_RECONFIGURED');
}
} else {
$yum_datas{trt} = 'SUC';
$result = $c->l('yum_UPDATE_SUCCESS');
}
}
if ( $trt eq 'LOGF' ) {
$dest = 'yumlogfile';
if ( ! -e "/var/run/yum.pid") {
$yum_datas{trt} = 'SUC';
$result = $c->l('yum_SUCCESS');
}
}
# do_yum ended (no message) --> forced to LOGFile
if ( ! $result ) {
$dest = 'yumlogfile';
$yum_datas{trt} = 'LOGF';
}
$c->stash( title => $title, notif => $result, yum_datas => \%yum_datas );
if ($yum_datas{trt} ne 'SUC') {
return $c->render(template => $dest);
}
my $message = "'Yum' $trt update DONE";
$c->app->log->info($message);
$c->flash(success => $result) if $result;
$c->redirect_to("/yum");
};
sub is_empty {
my ($c, $yumdb) = @_;
my $groups = $dbs{$yumdb}->get_all_by_prop(type => 'group') || 'none';
my $packages = $dbs{$yumdb}->get_all_by_prop(type => 'package') || 'none';
#Show no updates if both = none
return 1 if ($packages eq $groups);
#else return here
return;
}
sub non_empty {
my ($c, $yumdb, $type) = @_;
$type ||= 'both';
return 0 unless (exists $dbs{$yumdb});
my $groups = scalar $dbs{$yumdb}->get_all_by_prop(type => 'group');
return $groups if ($type eq 'group');
my $packages = scalar $dbs{$yumdb}->get_all_by_prop(type => 'package');
if ($type eq 'package')
{
return $c->package_functions_enabled ? $packages : 0;
}
return ($c->package_functions_enabled or $yumdb eq 'updates') ?
($groups || $packages) : $groups;
}
sub package_functions_enabled {
my ($c) = @_;
return ($cdb->get_prop("yum", "PackageFunctions") eq "enabled");
}
sub get_status {
my ($c, $prop, $localise) = @_;
my $status = $cdb->get_prop("yum", $prop) || 'disabled';
return $status unless $localise;
return $c->l($status eq 'enabled' ? 'ENABLED' : 'DISABLED');
}
sub get_options {
my ($c, $yumdb, $type) = @_;
my %options;
for ($dbs{$yumdb}->get_all_by_prop(type => $type))
{
$options{$_->key} = $_->key . " " . $_->prop("Version") . " - " .
$_->prop("Repo");
}
return \%options;
}
sub get_options2 {
my ($c, $yumdb, $type) = @_;
my @options;
for ($dbs{$yumdb}->get_all_by_prop(type => $type))
{
push @options, [ $_->key . " " . $_->prop("Version") . " - " .
$_->prop("Repo") => $_->key ];
}
return \@options;
}
sub get_names {
return [ keys %{get_options(@_)} ];
}
sub get_names2 {
my ($c, $yumdb, $type) = @_;
my @selected;
for ($dbs{$yumdb}->get_all_by_prop(type => $type)) {
push @selected, $_->key;
}
return \@selected;
# return [ values @{get_options2(@_)} ];
}
sub get_repository_options2 {
my $c = shift;
my @options;
foreach my $repos (
$dbs{repositories}->get_all_by_prop(type => "repository") )
{
next unless ($repos->prop('Visible') eq 'yes'
or $repos->prop('status') eq 'enabled');
push @options, [ $repos->prop('Name') => $repos->key ];
}
my @opts = sort { $a->[0] cmp $b->[0] } @options;
return \@opts;
}
sub get_repository_current_options
{
my $c = shift;
my @selected;
foreach my $repos (
$dbs{repositories}->get_all_by_prop( type => "repository" ) )
{
next unless ($repos->prop('Visible') eq 'yes'
or $repos->prop('status') eq 'enabled');
push @selected, $repos->key if ($repos->prop('status') eq 'enabled');
}
return \@selected;
}
sub get_avail2 {
my ($c, $yumdb, $type) = @_;
return $c->get_options2("available", "package");
}
sub get_check_freq_opt {
my ($c) = @_;
return [[ $c->l('DISABLED') => 'disabled'],
[ $c->l('yum_1DAILY') => 'daily'],
[ $c->l('yum_2WEEKLY') => 'weekly'],
[ $c->l('yum_3MONTHLY') => 'monthly']];
}
sub print_skip_header {
my ($c) = shift;
return "<INPUT TYPE=\"hidden\" NAME=\"skip_header\" VALUE=\"1\">\n";
}
sub change_settings {
my ($c) = @_;
for my $param ( qw(
PackageFunctions
) )
{
$cdb->set_prop('yum', $param, $c->param("yum_$param"));
}
my $check4updates = $c->param("yum_check4updates");
my $status = 'disabled';
if ($check4updates ne 'disabled') { $status = 'enabled'; }
$cdb->set_prop('yum', 'check4updates', $check4updates);
my $deltarpm = $c->param("yum_DeltaRpmProcess");
$cdb->set_prop('yum', 'DeltaRpmProcess', $deltarpm);
my $downloadonly = $c->param("yum_DownloadOnly");
if ($downloadonly ne 'disabled') { $status = 'enabled'; }
$cdb->set_prop('yum', 'DownloadOnly', $downloadonly);
my $AutoInstallUpdates = $c->param("yum_AutoInstallUpdates");
if ($AutoInstallUpdates ne 'disabled') { $status = 'enabled'; }
$cdb->set_prop('yum', 'AutoInstallUpdates', $AutoInstallUpdates);
$cdb->set_prop('yum', 'status', $status);
my %selected = map {$_ => 1} @{$c->every_param('SelectedRepositories')};
foreach my $repos (
$dbs{repositories}->get_all_by_prop(type => "repository") )
{
$repos->set_prop("status",
exists $selected{$repos->key} ? 'enabled' : 'disabled');
}
$dbs{repositories}->reload;
unless ( system( "/sbin/e-smith/signal-event", "yum-modify" ) == 0 )
{
return $c->l('yum_ERROR_UPDATING_CONFIGURATION');
}
return 'OK';
}
sub do_yum {
my ($c, $function) = @_;
for ( qw(SelectedGroups SelectedPackages) )
{
$cdb->set_prop("yum", $_, join(',', (@{$c->every_param($_)} )));
}
esmith::util::backgroundCommand(0,
"/sbin/e-smith/signal-event", "yum-$function");
for ( qw(available installed updates) ) {
$dbs{$_}->reload;
}
return 'OK';
}
sub get_yum_status_page {
my ($c) = @_;
my $yum_status;
open(YUM_STATUS, "</var/run/yum.status");
$yum_status = <YUM_STATUS>;
close(YUM_STATUS);
return $yum_status;
}
sub format_yum_log {
my $c = shift;
$cdb->reload;
my $filepage = $cdb->get_prop('yum', 'LogFile');
return '' unless $filepage and ( -e "$filepage" );
my $out = sprintf "<PRE>";
open (FILE, "$filepage");
while (<FILE>) {
$out .= sprintf("%s", $_);
}
close FILE;
$out .= sprintf "</PRE>";
undef $filepage;
return $out;
}
sub post_upgrade_reboot {
my $c = shift;
$cdb->get_prop_and_delete('yum', 'LogFile');
$cdb->reload;
if (fork == 0) {
exec "/sbin/e-smith/signal-event post-upgrade; /sbin/e-smith/signal-event reboot";
die "Exec failed";
}
return 'OK'
}
sub show_yum_log {
my $c = shift;
my $out = $c->format_yum_log();
my $yum_log = $cdb->get_prop_and_delete('yum', 'LogFile');
return $out;
}
1;