diff options
| author | David Sommerseth <dazo@users.sourceforge.net> | 2009-03-24 20:35:24 +0100 |
|---|---|---|
| committer | David Sommerseth <dazo@users.sourceforge.net> | 2009-03-24 20:35:24 +0100 |
| commit | 8ea72c10a67b62cef3482a6c821bef7f842b87a1 (patch) | |
| tree | 02871a29d394f74f6e4f359f74e61c4ab514de3a /eurephiadm | |
| parent | 1965d64515be7760a3a20e331f79b726e3c6dd74 (diff) | |
| download | eurephia-8ea72c10a67b62cef3482a6c821bef7f842b87a1.tar.gz eurephia-8ea72c10a67b62cef3482a6c821bef7f842b87a1.tar.xz eurephia-8ea72c10a67b62cef3482a6c821bef7f842b87a1.zip | |
eurephiadm: Began implementing useraccess command
Only listing of user access levels are implemented.
Diffstat (limited to 'eurephiadm')
| -rw-r--r-- | eurephiadm/CMakeLists.txt | 1 | ||||
| -rw-r--r-- | eurephiadm/commands.h | 6 | ||||
| -rw-r--r-- | eurephiadm/commands/useraccess.c | 278 |
3 files changed, 285 insertions, 0 deletions
diff --git a/eurephiadm/CMakeLists.txt b/eurephiadm/CMakeLists.txt index dc91df4..ffaa7ad 100644 --- a/eurephiadm/CMakeLists.txt +++ b/eurephiadm/CMakeLists.txt @@ -14,6 +14,7 @@ SET(efw_ipt_SRC commands/lastlog.c commands/certificates.c commands/usercerts.c + commands/useraccess.c commands/edit_config.c ../common/eurephia_log.c ../common/eurephia_getsym.c diff --git a/eurephiadm/commands.h b/eurephiadm/commands.h index 7d949fe..6b716f1 100644 --- a/eurephiadm/commands.h +++ b/eurephiadm/commands.h @@ -54,6 +54,9 @@ int cmd_Certificates(eurephiaCTX *, eurephiaSESSION *, eurephiaVALUES *cfg, int void help_UserCerts(); int cmd_UserCerts(eurephiaCTX *, eurephiaSESSION *, eurephiaVALUES *cfg, int argc, char **argv); +void help_UserAccess(); +int cmd_UserAccess(eurephiaCTX *, eurephiaSESSION *, eurephiaVALUES *cfg, int argc, char **argv); + void help_EditConfig(); int cmd_EditConfig(eurephiaCTX *, eurephiaSESSION *, eurephiaVALUES *cfg, int argc, char **argv); @@ -80,6 +83,9 @@ static const eurephiadm_functions cmdline_functions[] = { {"usercerts", 1, "useradmin", NULL, "User account/Certificate link management", help_UserCerts, cmd_UserCerts}, + {"useraccess", 1, "useradmin", NULL, + "User account access levels (admin)", help_UserAccess, cmd_UserAccess}, + {"show-config", 1, "config", NULL, "List all config settings", NULL, cmd_ShowCfg}, diff --git a/eurephiadm/commands/useraccess.c b/eurephiadm/commands/useraccess.c new file mode 100644 index 0000000..80a6663 --- /dev/null +++ b/eurephiadm/commands/useraccess.c @@ -0,0 +1,278 @@ +/* useraccess.c -- eurephiadm useraccess command: + * Management of user access levels (eurpehia_adminaccess table) + * + * GPLv2 - Copyright (C) 2009 David Sommerseth <dazo@users.sourceforge.net> + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; version 2 + * of the License. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + * + */ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <assert.h> + +#ifdef HAVE_LIBXML2 +#include <libxml/parser.h> +#include <libxml/tree.h> +#include <libxml/xpath.h> +#endif + +#define MODULE "eurephia::UserCerts" +#include <eurephia_nullsafe.h> +#include <eurephia_context.h> +#include <eurephia_log.h> +#include <eurephia_xml.h> +#include <eurephia_values_struct.h> +#include <eurephiadb_session_struct.h> +#include <eurephia_admin_struct.h> +#include <eurephiadb_mapping.h> +#include <eurephiadb_driver.h> +#include <certinfo.h> + +#include "../argparser.h" +#include "../field_print.h" + + +void display_useraccess_help(int page) { + switch( page ) { + case 'G': + printf("The grant mode will grant a user access to a specified access level.\n" + "\n" + " -i | --uid User accound ID\n" + " -u | --username User name\n" + " -I | --interface Grant access through which interface (default 'C')\n" + " -a | --access-level Grant access which access level\n" + "\n" + ); + break; + case 'R': + printf("The revoke mode will remove the access from the desired user accounts.\n" + "\n" + " -i | --uid User accound ID\n" + " -u | --username User name\n" + " -I | --interface Grant access through which interface (default 'C')\n" + " -a | --access-level Grant access which access level\n" + "\n" + ); + break; + case 'l': + printf("The list mode will show the granted user access levels\n" + "\n" + " -i | --uid User accound ID\n" + " -u | --username User name\n" + " -I | --interface Grant access through which interface (default 'C')\n" + " -a | --access-level Grant access which access level\n" + "\n" + ); + break; + default: + printf("Available modes for the usercerts command are:\n\n" + " -G | --grant Grant a specific access level to a user\n" + " -R | --revoke Revoke access levels\n" + " -l | --list List all granted access levels\n" + " -h | --help <mode> Help about a specific mode\n\n"); + break; + } +} + +void help_UserAccess() { + display_useraccess_help(0); +} + +int help_UserAccess2(eurephiaCTX *ctx, eurephiaSESSION *sess, eurephiaVALUES *cfg, int argc, char **argv) { + e_options helpargs[] = { + {"--list", "-l", 0}, + {"--grant", "-G", 0}, + {"--revoke", "-R", 0}, + {NULL, NULL, 0} + }; + + int i = 1; + display_useraccess_help(eurephia_getopt(&i, argc, argv, helpargs)); + return 0; +} + +int list_useraccess(eurephiaCTX *ctx, eurephiaSESSION *sess, eurephiaVALUES *cfg, int argc, char **argv) { + xmlDoc *list_xml = NULL, *srch_xml = NULL; + xmlNode *list_n = NULL, *srch_n = NULL, *tmp_n = NULL, *acl_n = NULL; + int i = 0; + char *uid = NULL, *username = NULL, *intf = NULL, *acl = NULL; + + e_options listargs[] = { + {"--uid", "-i", 1}, + {"--username", "-u", 1}, + {"--interface", "-I", 1}, + {"--access-level", "-a", 1}, + {"--help", "-h", 0}, + {NULL, NULL, 0} + }; + + assert( (ctx != NULL) && (ctx->dbc != NULL) && (ctx->dbc->config != NULL)); + + // Parse arguments + for( i = 1; i < argc; i++ ) { + switch( eurephia_getopt(&i, argc, argv, listargs) ) { + case 'i': + uid = optargs[0]; + break; + case 'u': + username = optargs[0]; + break; + case 'I': + intf = optargs[0]; + break; + case 'a': + acl = optargs[0]; + break; + + case 'h': + display_useraccess_help('l'); + return 0; + + default: + return 1; + } + } + + // Build up search XML + eurephiaXML_CreateDoc(ctx, 1, "admin_access", &srch_xml, &srch_n); + assert( (srch_xml != NULL) && (srch_n != NULL) ); + + tmp_n = xmlNewChild(srch_n, NULL, (xmlChar *) "fieldMapping", NULL); + xmlNewProp(tmp_n, (xmlChar *) "table", (xmlChar *) "eurephia_adminaccess"); + + if( uid != NULL ) { + xmlNewChild(tmp_n, NULL, (xmlChar *) "uid", (xmlChar *) uid); + } + if( username != NULL ) { + xmlNewChild(tmp_n, NULL, (xmlChar *) "username", (xmlChar *) username); + } + if( intf != NULL ) { + xmlNewChild(tmp_n, NULL, (xmlChar *) "interface", (xmlChar *) intf); + } + if( acl != NULL ) { + xmlNewChild(tmp_n, NULL, (xmlChar *) "accesslevel", (xmlChar *) acl); + } + + list_xml = eDBadminGetAdminAccess(ctx, srch_xml); + xmlFreeDoc(srch_xml); + if( list_xml == NULL ) { + fprintf(stderr, "%s: Error retrieving user access list\n", MODULE); + return 1; + } + + list_n = eurephiaXML_getRoot(ctx, list_xml, "admin_access_list", 1); + if( list_n == NULL ) { + fprintf(stderr, "%s: Error retrieving user access list\n", MODULE); + xmlFreeDoc(list_xml); + return 1; + } + + printf(" [uid] Username Intf. Access level\n"); + printf("----------------------------------------------------------------------------\n"); + for( list_n = list_n->children; list_n != NULL; list_n = list_n->next ) { + tmp_n = xmlFindNode(list_n, "username"); + printf(" [%3.3s] %-30.30s ", + xmlGetAttrValue(tmp_n->properties, "uid"), + xmlGetNodeContent(list_n, "username")); + + int first = 1; + acl_n = xmlFindNode(list_n, "access_levels"); + for( acl_n = acl_n->children ; acl_n != NULL; acl_n = acl_n->next ) { + if( !first ) { + printf(" "); + } else { + first = 0; + } + printf("%s %s\n", + xmlGetAttrValue(acl_n->properties, "interface"), + acl_n->children->content); + } + if( list_n->next != NULL ) { + printf("\n"); + } + } + printf("----------------------------------------------------------------------------\n"); + xmlFreeDoc(list_xml); + return 0; +} + + +int grant_revoke(eurephiaCTX *ctx, eurephiaSESSION *sess, eurephiaVALUES *cfg, int argc, char **argv) { + return 0; +} + +int cmd_UserAccess(eurephiaCTX *ctx, eurephiaSESSION *sess, eurephiaVALUES *cfg, int argc, char **argv) { + char **mode_argv; + int i, mode_argc = 0, rc = 0; + int (*mode_fnc) (eurephiaCTX *ctx, eurephiaSESSION *sess, eurephiaVALUES *cfg, int argc, char **argv); + + e_options modeargs[] = { + {"--list", "-l", 0}, + {"--add", "-A", 0}, + {"--delete", "-D", 0}, + {"--help", "-h", 0}, + {NULL, NULL, 0} + }; + + assert((ctx != NULL) && (ctx->dbc != NULL) && (ctx->dbc->config != NULL)); + mode_fnc = NULL; + for( i = 1; i < argc; i++ ) { + switch( eurephia_getopt(&i, argc, argv, modeargs) ) { + case 'l': + mode_fnc = list_useraccess; + break; + + case 'h': + mode_fnc = help_UserAccess2; + break; + + /* + case 'G': + mode_fnc = grant_revoke; + break; + + case 'R': + mode_fnc = grant_revoke; + break; + */ + default: + break; + } + if( mode_fnc != NULL ) { + break; + } + } + + // If we do not have any known mode defined, exit with error + if( mode_fnc == NULL ) { + fprintf(stderr, "%s: Unknown argument. No mode given\n", MODULE); + return 1; + } + + // Allocate memory for our arguments being sent to the mode function + mode_argv = (char **) calloc(sizeof(char *), (argc - i)+2); + assert(mode_argv != NULL); + + // Copy over only the arguments needed for the mode + mode_argc = eurephia_arraycp(i, argc, argv, mode_argv, (argc - i)); + + // Call the mode function + rc = mode_fnc(ctx, sess, cfg, mode_argc, mode_argv); + free_nullsafe(mode_argv); + + return rc; +} |