first draft itk mgmt
This commit is contained in:
parent
6f0106d4d0
commit
89858a6bbd
4 changed files with 250 additions and 0 deletions
|
@ -52,6 +52,10 @@ if (!array_key_exists('auth', $_SESSION) || $_SESSION['auth']!=1) {
|
|||
|
||||
include_once EVOADMIN_BASE . '../inc/webadmin-servername.php';
|
||||
|
||||
} elseif (preg_match('#^/webadmin/itk/(.*)/?$#', $uri, $params)) {
|
||||
|
||||
include_once EVOADMIN_BASE . '../inc/webadmin-itk.php';
|
||||
|
||||
} elseif (preg_match('#^/webadmin/edit/(.*)/?$#', $uri, $params)) {
|
||||
|
||||
include_once EVOADMIN_BASE . '../inc/webadmin-edit.php';
|
||||
|
|
130
inc/webadmin-itk.php
Normal file
130
inc/webadmin-itk.php
Normal file
|
@ -0,0 +1,130 @@
|
|||
<?php
|
||||
|
||||
/**
|
||||
* Apache VirtualHost Management Page
|
||||
*
|
||||
* Copyright (c) 2009 Evolix - Tous droits reserves
|
||||
*
|
||||
* vim: expandtab softtabstop=4 tabstop=4 shiftwidth=4 showtabline=2
|
||||
*
|
||||
* @author Gregory Colpart <reg@evolix.fr>
|
||||
* @author Thomas Martin <tmartin@evolix.fr>
|
||||
* @author Sebastien Palma <spalma@evolix.fr>
|
||||
* @version 1.0
|
||||
*/
|
||||
|
||||
require_once EVOADMIN_BASE . '../lib/bdd.php';
|
||||
require_once EVOADMIN_BASE . '../lib/domain.php';
|
||||
|
||||
global $conf;
|
||||
|
||||
var_dump($_SESSION);
|
||||
if (isset($_GET['enable']) ) {
|
||||
require_once EVOADMIN_BASE . '../evolibs/Form.php';
|
||||
|
||||
include_once EVOADMIN_BASE . '../tpl/header.tpl.php';
|
||||
include_once EVOADMIN_BASE . '../tpl/menu.tpl.php';
|
||||
|
||||
|
||||
# TODO: sanitize $_GET
|
||||
$servername = array (
|
||||
'domain' => htmlspecialchars(basename($_SERVER['REDIRECT_URL'])),
|
||||
'servername' => $_GET['enable']
|
||||
);
|
||||
|
||||
$enable_cmd = 'web-add.sh enable-user-itk ' . $servername['servername'] . ' ' . $servername['domain'];
|
||||
|
||||
sudoexec($enable_cmd, $enable_cmd_output, $enable_cmd_return);
|
||||
|
||||
if ($enable_cmd_return == 0) {
|
||||
print 'Sécurité ITK activée.';
|
||||
printf ('<p><a href="%s">Retour à la gestion ITK</a></p>', $_SERVER['REDIRECT_URL']);
|
||||
}
|
||||
|
||||
include_once EVOADMIN_BASE . '../tpl/footer.tpl.php';
|
||||
|
||||
|
||||
}
|
||||
elseif (isset($_GET['disable']) ) {
|
||||
require_once EVOADMIN_BASE . '../evolibs/Form.php';
|
||||
|
||||
include_once EVOADMIN_BASE . '../tpl/header.tpl.php';
|
||||
include_once EVOADMIN_BASE . '../tpl/menu.tpl.php';
|
||||
|
||||
|
||||
# TODO: sanitize $_GET
|
||||
$servername = array (
|
||||
'domain' => htmlspecialchars(basename($_SERVER['REDIRECT_URL'])),
|
||||
'servername' => $_GET['disable']
|
||||
);
|
||||
|
||||
$disable_cmd = 'web-add.sh disable-user-itk ' . $servername['servername'] . ' ' . $servername['domain'];
|
||||
|
||||
sudoexec($disable_cmd, $disable_cmd_output, $disable_cmd_return);
|
||||
|
||||
if ($disable_cmd_return == 0) {
|
||||
print 'Sécurité ITK désactivée';
|
||||
printf ('<p><a href="%s">Retour à la gestion ITK</a></p>', $_SERVER['REDIRECT_URL']);
|
||||
}
|
||||
|
||||
include_once EVOADMIN_BASE . '../tpl/footer.tpl.php';
|
||||
|
||||
|
||||
}
|
||||
else {
|
||||
|
||||
$domain = $params[1];
|
||||
$data_list = array();
|
||||
|
||||
// TODO: adapt for cluster mode
|
||||
if ($conf['cluster']) {
|
||||
if (is_mcluster_mode()) {
|
||||
// If the user has not yet selected a cluster, redirect-it to home page.
|
||||
if (empty($_SESSION['cluster'])) {
|
||||
http_redirect('/');
|
||||
}
|
||||
$cache = str_replace('%cluster_name%', $_SESSION['cluster'], $conf['cache']);
|
||||
}
|
||||
else {
|
||||
$cache = $conf['cache'];
|
||||
}
|
||||
|
||||
$alias_list = array();
|
||||
|
||||
/* parcours de la table Serveralias */
|
||||
$bdd = new bdd();
|
||||
$bdd->open($cache);
|
||||
|
||||
$alias_list = $bdd->list_serveralias($domain);
|
||||
}
|
||||
else {
|
||||
|
||||
$cmd = 'web-add.sh list-servername ' . $domain;
|
||||
|
||||
if(!is_superadmin()) {
|
||||
$cmd = sprintf('%s %s', $cmd, $_SESSION['user']);
|
||||
}
|
||||
sudoexec($cmd, $data_output, $exec_return);
|
||||
|
||||
# à revérifier (notamment gestion erreurs)
|
||||
if ($exec_return == 0) {
|
||||
foreach($data_output as $data_line) {
|
||||
$cmd_itk = 'web-add.sh list-user-itk ' . $data_line . ' ' . $domain;
|
||||
|
||||
sudoexec($cmd_itk, $data_output_itk, $exec_return_itk);
|
||||
|
||||
# on prend le premier résultat du tableau, ne fonctionne pas s'il y a plusieurs la même ligne ou des commentaires etc.
|
||||
array_push($data_list, ['servername' => $data_line, 'user' => $data_output_itk[0]]);
|
||||
unset($data_output_itk); # reset variable pour éviter conflits
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
include_once EVOADMIN_BASE . '../tpl/header.tpl.php';
|
||||
include_once EVOADMIN_BASE . '../tpl/menu.tpl.php';
|
||||
include_once EVOADMIN_BASE . '../tpl/webadmin-itk.tpl.php';
|
||||
include_once EVOADMIN_BASE . '../tpl/footer.tpl.php';
|
||||
|
||||
}
|
||||
|
||||
?>
|
|
@ -135,6 +135,18 @@ check-occurence NAME
|
|||
|
||||
List all occurences of NAME in vhosts
|
||||
|
||||
list-user-itk DOMAIN LOGIN
|
||||
|
||||
List the assigned ITK user for the DOMAIN specified
|
||||
|
||||
enable-user-itk DOMAIN LOGIN
|
||||
|
||||
Enable the assigned ITK user for the DOMAIN specified
|
||||
|
||||
disable-user-itk DOMAIN LOGIN
|
||||
|
||||
Disable the assigned ITK user for the DOMAIN specified
|
||||
|
||||
setphpversion LOGIN VERSION
|
||||
|
||||
Change PHP version for LOGIN
|
||||
|
@ -752,6 +764,15 @@ arg_processing() {
|
|||
check-occurence)
|
||||
op_checkoccurencename "$@"
|
||||
;;
|
||||
list-user-itk)
|
||||
op_listuseritk "$@"
|
||||
;;
|
||||
enable-user-itk)
|
||||
op_enableuseritk "$@"
|
||||
;;
|
||||
disable-user-itk)
|
||||
op_disableuseritk "$@"
|
||||
;;
|
||||
setphpversion)
|
||||
op_setphpversion "$@"
|
||||
;;
|
||||
|
@ -766,6 +787,7 @@ arg_processing() {
|
|||
}
|
||||
|
||||
op_listvhost() {
|
||||
# cas pour afficher usage à faire
|
||||
if [ $# -eq 1 ]; then
|
||||
configlist="$VHOST_PATH/${1}.conf";
|
||||
else
|
||||
|
@ -875,6 +897,39 @@ op_checkoccurencename() {
|
|||
fi
|
||||
}
|
||||
|
||||
op_listuseritk() {
|
||||
if [ $# -eq 2 ]; then
|
||||
domain=${1}
|
||||
configfile="$VHOST_PATH"/"${2}".conf
|
||||
|
||||
sed -n "/$domain/,/<\/VirtualHost>/p" $configfile | awk '/AssignUserID/ {print $2}'
|
||||
else usage
|
||||
fi
|
||||
}
|
||||
|
||||
op_enableuseritk() {
|
||||
if [ $# -eq 2 ]; then
|
||||
domain=${1}
|
||||
configfile="$VHOST_PATH"/"${2}".conf
|
||||
user=$(op_listuseritk "${1}" "${2}")
|
||||
echo $user
|
||||
|
||||
sed -i "/^ *AssignUserID ${user}/ s/${user}/www-${user}/" $VHOST_PATH/"${2}".conf --follow-symlinks
|
||||
else usage
|
||||
fi
|
||||
}
|
||||
|
||||
op_disableuseritk() {
|
||||
if [ $# -eq 2 ]; then
|
||||
domain=${1}
|
||||
configfile="$VHOST_PATH"/"${2}".conf
|
||||
user=$(op_listuseritk "${1}" "${2}")
|
||||
echo $user
|
||||
sed -i "/^ *AssignUserID ${user}/ s/${user}/${user:4}/" $VHOST_PATH/"${2}".conf --follow-symlinks
|
||||
else usage
|
||||
fi
|
||||
}
|
||||
|
||||
op_add() {
|
||||
|
||||
#
|
||||
|
|
61
tpl/webadmin-itk.tpl.php
Normal file
61
tpl/webadmin-itk.tpl.php
Normal file
|
@ -0,0 +1,61 @@
|
|||
<?php
|
||||
|
||||
/**
|
||||
* Edition d'un domaine
|
||||
*
|
||||
* Copyright (c) 2009 Evolix - Tous droits reserves
|
||||
*
|
||||
* vim: expandtab softtabstop=4 tabstop=4 shiftwidth=4 showtabline=2
|
||||
*
|
||||
* @author Thomas Martin <tmartin@evolix.fr>
|
||||
* @version 1.0
|
||||
*/
|
||||
|
||||
?>
|
||||
|
||||
<h2>Sécurité ITK</h2>
|
||||
|
||||
<?php
|
||||
|
||||
if(count($data_list) > 0) { ?>
|
||||
|
||||
<table id="tab-list">
|
||||
<thead>
|
||||
<tr>
|
||||
<th>ServerName</th>
|
||||
<th>Utilisateur</th>
|
||||
<?php if (is_superadmin()) {
|
||||
print '<th>Action</th>';
|
||||
} ?>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
<?php
|
||||
for ( $i=0; $i < count($data_list); ++$i ) {
|
||||
print '<tr>';
|
||||
printf('<td>%s</td>',
|
||||
$data_list[$i]['servername']);
|
||||
printf('<td>%s</td>',
|
||||
$data_list[$i]['user']);
|
||||
if (is_superadmin()) {
|
||||
|
||||
if (strpos($data_list[$i]['user'], 'www') !== false) {
|
||||
$action = ['disable', 'Désactiver'];
|
||||
} else {
|
||||
$action = ['enable', 'Activer'];
|
||||
}
|
||||
|
||||
printf('<td><a href="/webadmin/itk/%s?%s=%s">'.$action[1].'</a></td>',
|
||||
$domain, $action[0], $data_list[$i]['servername']);
|
||||
}
|
||||
print '</tr>';
|
||||
} ?>
|
||||
</tbody>
|
||||
</table>
|
||||
<?php
|
||||
} else {
|
||||
print "<p>Aucun ServerName existant pour le domaine $domain !</p>";
|
||||
}
|
||||
|
||||
|
||||
?>
|
Loading…
Reference in a new issue