first draft itk mgmt

This commit is contained in:
Nicolas Roman 2019-03-25 18:05:37 +01:00 committed by Ludovic Poujol
parent 6f0106d4d0
commit 89858a6bbd
4 changed files with 250 additions and 0 deletions

View file

@ -52,6 +52,10 @@ if (!array_key_exists('auth', $_SESSION) || $_SESSION['auth']!=1) {
include_once EVOADMIN_BASE . '../inc/webadmin-servername.php';
} elseif (preg_match('#^/webadmin/itk/(.*)/?$#', $uri, $params)) {
include_once EVOADMIN_BASE . '../inc/webadmin-itk.php';
} elseif (preg_match('#^/webadmin/edit/(.*)/?$#', $uri, $params)) {
include_once EVOADMIN_BASE . '../inc/webadmin-edit.php';

130
inc/webadmin-itk.php Normal file
View file

@ -0,0 +1,130 @@
<?php
/**
* Apache VirtualHost Management Page
*
* Copyright (c) 2009 Evolix - Tous droits reserves
*
* vim: expandtab softtabstop=4 tabstop=4 shiftwidth=4 showtabline=2
*
* @author Gregory Colpart <reg@evolix.fr>
* @author Thomas Martin <tmartin@evolix.fr>
* @author Sebastien Palma <spalma@evolix.fr>
* @version 1.0
*/
require_once EVOADMIN_BASE . '../lib/bdd.php';
require_once EVOADMIN_BASE . '../lib/domain.php';
global $conf;
var_dump($_SESSION);
if (isset($_GET['enable']) ) {
require_once EVOADMIN_BASE . '../evolibs/Form.php';
include_once EVOADMIN_BASE . '../tpl/header.tpl.php';
include_once EVOADMIN_BASE . '../tpl/menu.tpl.php';
# TODO: sanitize $_GET
$servername = array (
'domain' => htmlspecialchars(basename($_SERVER['REDIRECT_URL'])),
'servername' => $_GET['enable']
);
$enable_cmd = 'web-add.sh enable-user-itk ' . $servername['servername'] . ' ' . $servername['domain'];
sudoexec($enable_cmd, $enable_cmd_output, $enable_cmd_return);
if ($enable_cmd_return == 0) {
print 'Sécurité ITK activée.';
printf ('<p><a href="%s">Retour à la gestion ITK</a></p>', $_SERVER['REDIRECT_URL']);
}
include_once EVOADMIN_BASE . '../tpl/footer.tpl.php';
}
elseif (isset($_GET['disable']) ) {
require_once EVOADMIN_BASE . '../evolibs/Form.php';
include_once EVOADMIN_BASE . '../tpl/header.tpl.php';
include_once EVOADMIN_BASE . '../tpl/menu.tpl.php';
# TODO: sanitize $_GET
$servername = array (
'domain' => htmlspecialchars(basename($_SERVER['REDIRECT_URL'])),
'servername' => $_GET['disable']
);
$disable_cmd = 'web-add.sh disable-user-itk ' . $servername['servername'] . ' ' . $servername['domain'];
sudoexec($disable_cmd, $disable_cmd_output, $disable_cmd_return);
if ($disable_cmd_return == 0) {
print 'Sécurité ITK désactivée';
printf ('<p><a href="%s">Retour à la gestion ITK</a></p>', $_SERVER['REDIRECT_URL']);
}
include_once EVOADMIN_BASE . '../tpl/footer.tpl.php';
}
else {
$domain = $params[1];
$data_list = array();
// TODO: adapt for cluster mode
if ($conf['cluster']) {
if (is_mcluster_mode()) {
// If the user has not yet selected a cluster, redirect-it to home page.
if (empty($_SESSION['cluster'])) {
http_redirect('/');
}
$cache = str_replace('%cluster_name%', $_SESSION['cluster'], $conf['cache']);
}
else {
$cache = $conf['cache'];
}
$alias_list = array();
/* parcours de la table Serveralias */
$bdd = new bdd();
$bdd->open($cache);
$alias_list = $bdd->list_serveralias($domain);
}
else {
$cmd = 'web-add.sh list-servername ' . $domain;
if(!is_superadmin()) {
$cmd = sprintf('%s %s', $cmd, $_SESSION['user']);
}
sudoexec($cmd, $data_output, $exec_return);
# à revérifier (notamment gestion erreurs)
if ($exec_return == 0) {
foreach($data_output as $data_line) {
$cmd_itk = 'web-add.sh list-user-itk ' . $data_line . ' ' . $domain;
sudoexec($cmd_itk, $data_output_itk, $exec_return_itk);
# on prend le premier résultat du tableau, ne fonctionne pas s'il y a plusieurs la même ligne ou des commentaires etc.
array_push($data_list, ['servername' => $data_line, 'user' => $data_output_itk[0]]);
unset($data_output_itk); # reset variable pour éviter conflits
}
}
}
include_once EVOADMIN_BASE . '../tpl/header.tpl.php';
include_once EVOADMIN_BASE . '../tpl/menu.tpl.php';
include_once EVOADMIN_BASE . '../tpl/webadmin-itk.tpl.php';
include_once EVOADMIN_BASE . '../tpl/footer.tpl.php';
}
?>

View file

@ -135,6 +135,18 @@ check-occurence NAME
List all occurences of NAME in vhosts
list-user-itk DOMAIN LOGIN
List the assigned ITK user for the DOMAIN specified
enable-user-itk DOMAIN LOGIN
Enable the assigned ITK user for the DOMAIN specified
disable-user-itk DOMAIN LOGIN
Disable the assigned ITK user for the DOMAIN specified
setphpversion LOGIN VERSION
Change PHP version for LOGIN
@ -752,6 +764,15 @@ arg_processing() {
check-occurence)
op_checkoccurencename "$@"
;;
list-user-itk)
op_listuseritk "$@"
;;
enable-user-itk)
op_enableuseritk "$@"
;;
disable-user-itk)
op_disableuseritk "$@"
;;
setphpversion)
op_setphpversion "$@"
;;
@ -766,6 +787,7 @@ arg_processing() {
}
op_listvhost() {
# cas pour afficher usage à faire
if [ $# -eq 1 ]; then
configlist="$VHOST_PATH/${1}.conf";
else
@ -875,6 +897,39 @@ op_checkoccurencename() {
fi
}
op_listuseritk() {
if [ $# -eq 2 ]; then
domain=${1}
configfile="$VHOST_PATH"/"${2}".conf
sed -n "/$domain/,/<\/VirtualHost>/p" $configfile | awk '/AssignUserID/ {print $2}'
else usage
fi
}
op_enableuseritk() {
if [ $# -eq 2 ]; then
domain=${1}
configfile="$VHOST_PATH"/"${2}".conf
user=$(op_listuseritk "${1}" "${2}")
echo $user
sed -i "/^ *AssignUserID ${user}/ s/${user}/www-${user}/" $VHOST_PATH/"${2}".conf --follow-symlinks
else usage
fi
}
op_disableuseritk() {
if [ $# -eq 2 ]; then
domain=${1}
configfile="$VHOST_PATH"/"${2}".conf
user=$(op_listuseritk "${1}" "${2}")
echo $user
sed -i "/^ *AssignUserID ${user}/ s/${user}/${user:4}/" $VHOST_PATH/"${2}".conf --follow-symlinks
else usage
fi
}
op_add() {
#

61
tpl/webadmin-itk.tpl.php Normal file
View file

@ -0,0 +1,61 @@
<?php
/**
* Edition d'un domaine
*
* Copyright (c) 2009 Evolix - Tous droits reserves
*
* vim: expandtab softtabstop=4 tabstop=4 shiftwidth=4 showtabline=2
*
* @author Thomas Martin <tmartin@evolix.fr>
* @version 1.0
*/
?>
<h2>Sécurité ITK</h2>
<?php
if(count($data_list) > 0) { ?>
<table id="tab-list">
<thead>
<tr>
<th>ServerName</th>
<th>Utilisateur</th>
<?php if (is_superadmin()) {
print '<th>Action</th>';
} ?>
</tr>
</thead>
<tbody>
<?php
for ( $i=0; $i < count($data_list); ++$i ) {
print '<tr>';
printf('<td>%s</td>',
$data_list[$i]['servername']);
printf('<td>%s</td>',
$data_list[$i]['user']);
if (is_superadmin()) {
if (strpos($data_list[$i]['user'], 'www') !== false) {
$action = ['disable', 'Désactiver'];
} else {
$action = ['enable', 'Activer'];
}
printf('<td><a href="/webadmin/itk/%s?%s=%s">'.$action[1].'</a></td>',
$domain, $action[0], $data_list[$i]['servername']);
}
print '</tr>';
} ?>
</tbody>
</table>
<?php
} else {
print "<p>Aucun ServerName existant pour le domaine $domain !</p>";
}
?>