kienan
/
AlternC
mirror of https://github.com/kienanstewart/AlternC.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Restriction IP opérationnelle, il manque a faire l'ergonomie de l'interface

This commit is contained in:
Alan Garcia 2011-05-03 19:03:43 +00:00
parent 83da8361e0
commit c64718ca51
2 changed files with 120 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
bureau/admin/ip_main.php
View File

@ -4,12 +4,13 @@ include_once("head.php");
$fields = array ( $fields = array (
"delete_id" => array ("get", "integer", ""), "delete_id" => array ("get", "integer", ""),
"id" => array ("post", "integer", 0), "delete_affected_id" => array ("get", "integer", ""),
"ipsub" => array ("post", "string", ""), "id" => array ("post", "integer", 0),
"infos" => array ("post", "string" ,""), "ipsub" => array ("post", "string", ""),
"s_ipsub" => array ("post", "integer", ""), "infos" => array ("post", "string" ,""),
"s_protocol" => array ("post", "string", ""), "s_ipsub" => array ("post", "integer", ""),
"s_protocol" => array ("post", "string", ""),
); );
getFields($fields); getFields($fields);
@ -23,9 +24,15 @@ if (!empty($s_protocol)) {
} }
} }
if (!empty($delete_affected_id)) {
if (! $authip->ip_affected_delete($delete_affected_id)) {
$error="Error during deletion";
}
}
if (!empty($delete_id)) { if (!empty($delete_id)) {
if (! $authip->ip_delete($delete_id)) { if (! $authip->ip_delete($delete_id)) {
$error="Error during recording"; $error="Error during deletion";
} }
} }
@ -59,7 +66,9 @@ $lac = $authip->list_affected();
echo "<tr>"; echo "<tr>";
echo "<td>".$ac[$ll['protocol']]['name']."</td>"; echo "<td>".$ac[$ll['protocol']]['name']."</td>";
echo "<td>".$ac[$ll['protocol']]['values'][$ll['parameters']]."</td>"; echo "<td>".$ac[$ll['protocol']]['values'][$ll['parameters']]."</td>";
echo "<td>".$list_ip[$ll['authorised_ip_id']]['ip_human']."</td>"; echo "<td>".$list_ip[$ll['authorised_ip_id']]['infos']."<br/>".$list_ip[$ll['authorised_ip_id']]['ip_human']."</td>"; ?>
<td><div class="ina"><a href="ip_main.php?delete_affected_id=<?php echo urlencode($ll["id"]) ?>"><img src="images/delete.png" alt="<?php __("Delete")?>" /><?php __("Delete"); ?></a></div></td>
<?php
echo "</tr>"; echo "</tr>";
} }
?> ?>
@ -79,7 +88,7 @@ $lac = $authip->list_affected();
<td> <td>
<?php foreach ($ac as $a) { ?> <?php foreach ($ac as $a) { ?>
<p> <p>
<input type="radio" name="s_protocol" id="protocol_<?php echo htmlentities($a['protocol']);?>" value="<?php echo htmlentities($a['protocol']);?>" /> <input type="radio" name="s_protocol" id="s_protocol_<?php echo htmlentities($a['protocol']);?>" value="<?php echo htmlentities($a['protocol']);?>" />
<label for="s_protocol_<?php echo htmlentities($a['protocol']);?>"><?php echo htmlentities($a['name']); ?></label> <label for="s_protocol_<?php echo htmlentities($a['protocol']);?>"><?php echo htmlentities($a['name']); ?></label>
<select name="s_affect_<?php echo htmlentities($a['protocol']);?>" id="s_affect_<?php echo htmlentities($a['protocol']);?>"> <select name="s_affect_<?php echo htmlentities($a['protocol']);?>" id="s_affect_<?php echo htmlentities($a['protocol']);?>">
<?php foreach ($a['values'] as $k => $v) { ?> <?php foreach ($a['values'] as $k => $v) { ?>
@ -119,21 +128,17 @@ $lac = $authip->list_affected();
if (checkip($i['ip'])) { if (checkip($i['ip'])) {
if ($i['subnet']==32) { if ($i['subnet']==32) {
$txt="Address IPv4"; $txt="Address IPv4";
$ip="${i['ip']}";
} else { } else {
$txt="Subnet IPv4"; $txt="Subnet IPv4";
$ip="${i['ip']}/${i['subnet']}";
} }
} elseif (checkipv6($i['ip'])) { } elseif (checkipv6($i['ip'])) {
if ($i['subnet']==128) { if ($i['subnet']==128) {
$txt="Address IPv6"; $txt="Address IPv6";
$ip="${i['ip']}";
} else { } else {
$txt="Subnet IPv6"; $txt="Subnet IPv6";
$ip="${i['ip']}/${i['subnet']}";
} }
} }
echo "<tr><td>$txt</td><td>$ip</td><td>${i['infos']}</td>"; echo "<tr><td>$txt</td><td>{$i['ip_human']}</td><td>{$i['infos']}</td>";
?> ?>
<td><div class="ina"><a href="javascript:edit_ip(<?php echo "'".htmlentities($i['id'])."','".htmlentities($i['ip_human'])."','".htmlentities($i['infos'])."'"; ?>);"><img src="images/edit.png" alt="<?php __("Edit"); ?>" /><?php __("Edit"); ?></a></div></td> <td><div class="ina"><a href="javascript:edit_ip(<?php echo "'".htmlentities($i['id'])."','".htmlentities($i['ip_human'])."','".htmlentities($i['infos'])."'"; ?>);"><img src="images/edit.png" alt="<?php __("Edit"); ?>" /><?php __("Edit"); ?></a></div></td>
<td><div class="ina"><a href="ip_main.php?delete_id=<?php echo urlencode($i["id"]) ?>"><img src="images/delete.png" alt="<?php __("Delete"); ?>" /><?php __("Delete"); ?></a></div></td> <td><div class="ina"><a href="ip_main.php?delete_id=<?php echo urlencode($i["id"]) ?>"><img src="images/delete.png" alt="<?php __("Delete"); ?>" /><?php __("Delete"); ?></a></div></td>
@ -155,7 +160,7 @@ $lac = $authip->list_affected();
</p> </p>
<p> <p>
<?php __("Add a comment");?><br/> <?php __("Add a comment");?><br/>
<input type="text" size=30 maxlength=200 name="infos" id="edit_infos" /> <input type="text" size=25 maxlength=200 name="infos" id="edit_infos" />
</p> </p>
<input type="submit" class="inb" value="<?php __("Save")?>" /> <input type="submit" class="inb" value="<?php __("Save")?>" />
</form> </form>

117
bureau/class/m_authip.php
View File

@ -24,7 +24,11 @@
**/ **/
class m_authip { class m_authip {
// Return all the IP address define by this user /*
* Retourne la liste des ip spécifiées par cet utilisateur
*
* @return array retourne un tableau indexé des ip de l'utilisateur
*/
function list_ip() { function list_ip() {
global $db, $cuid; global $db, $cuid;
@ -43,7 +47,13 @@ class m_authip {
return $r; return $r;
} }
// Delete an IP in authorised_ip /*
* Supprime une IP des IP de l'utilisateur
* et supprime les droits attaché en cascade
*
* @param integer $id id de la ligne à supprimer
* @return boolean Retourne FALSE si erreur, sinon TRUE
*/
function ip_delete($id) { function ip_delete($id) {
global $db, $cuid; global $db, $cuid;
$id=intval($id); $id=intval($id);
@ -59,7 +69,17 @@ class m_authip {
return true; return true;
} }
// Insert or update in authorised_ip /*
* Sauvegarde une IP dans les IP authorisée
*
* @param integer $id id de la ligne à modifier. Si vide ou
* égal à 0, alors c'est une insertion
* @param string $ipsub IP (v4 ou v6), potentiellement avec un subnet ( /24)
* @param string $infos commentaire pour l'utilisateur
* @param integer $uid Si $uid=0 et qu'on est super-admin, insertion avec uid=0
* ce qui correspond a une ip toujours authorisée
* @return boolean Retourne FALSE si erreur, sinon TRUE
*/
function ip_save($id, $ipsub, $infos, $uid=null) { function ip_save($id, $ipsub, $infos, $uid=null) {
global $db, $mem; global $db, $mem;
@ -95,11 +115,17 @@ class m_authip {
if (checkip($ip) && $subnet > 32 ) $subnet=32; if (checkip($ip) && $subnet > 32 ) $subnet=32;
if ($id) { // Update if ($id) { // Update
$list_affected = $this->list_affected($id);
foreach($list_affected as $k => $v) {
$this->call_hooks("authip_on_delete", $k );
}
if (! $db->query("update authorised_ip set ip='$ip', subnet='$subnet', infos='$infos' where id='$id' and uid='$cuid' ;") ) { if (! $db->query("update authorised_ip set ip='$ip', subnet='$subnet', infos='$infos' where id='$id' and uid='$cuid' ;") ) {
echo "query failed: ".$db->Error; echo "query failed: ".$db->Error;
return false; return false;
} }
// TODO hooks update foreach($list_affected as $k => $v) {
$this->call_hooks("authip_on_create", $k );
}
} else { // Insert } else { // Insert
if (! $db->query("insert into authorised_ip (uid, ip, subnet, infos) values ('$cuid', '$ip', '$subnet', '$infos' );") ) { if (! $db->query("insert into authorised_ip (uid, ip, subnet, infos) values ('$cuid', '$ip', '$subnet', '$infos' );") ) {
echo "query failed: ".$db->Error; echo "query failed: ".$db->Error;
@ -109,7 +135,12 @@ class m_authip {
return true; return true;
} }
// Function called by alternc when you delete a member /*
* Fonction appelée par Alternc lors de la suppression d'un utilisateur
*
* @param integer $l_uid uid de l'utilisater à supprimer
* @return boolean Retourne TRUE
*/
function alternc_del_member($l_uid) { function alternc_del_member($l_uid) {
$db->query("SELECT id FROM authorised_ip WHERE uid ='$l_uid';"); $db->query("SELECT id FROM authorised_ip WHERE uid ='$l_uid';");
while ($db->next_record()) { while ($db->next_record()) {
@ -119,6 +150,12 @@ class m_authip {
} }
/*
* Analyse les classes et récupéres les informations
* des classes voulant de la restriction IP
*
* @return array Retourne un tableau compliqué
*/
function get_auth_class() { function get_auth_class() {
global $classes; global $classes;
$authclass=array(); $authclass=array();
@ -134,7 +171,17 @@ class m_authip {
return $authclass; return $authclass;
} }
// Save in ip_affected_save /*
* Enregistre ou modifie une affectation ip<=>ressource
* Nota : lance des hooks sur la classe correspondante pour
* informer de l'édition/création
*
* @param integer $authorised_ip_id id de l'ip affecté
* @param string $protocol nom du protocole (définie dans la classe correspondante)
* @param string $parameters information propre au protocole
* @param integer $id présent si c'est une édition
* @return boolean Retourne FALSE si erreur, sinon TRUE
*/
function ip_affected_save($authorised_ip_id, $protocol, $parameters, $id=null) { function ip_affected_save($authorised_ip_id, $protocol, $parameters, $id=null) {
global $db; global $db;
$authorised_ip_id=intval($authorised_ip_id); $authorised_ip_id=intval($authorised_ip_id);
@ -143,47 +190,83 @@ class m_authip {
if ($id) { if ($id) {
$id=intval($id); $id=intval($id);
$this->call_hooks("authip_on_delete", $id );
if (! $db->query("update authorised_ip_affected set authorised_ip_id='$authorised_ip_id', protocol='$protocol', parameters='$parameters' where id ='$id' limit 1;") ) { if (! $db->query("update authorised_ip_affected set authorised_ip_id='$authorised_ip_id', protocol='$protocol', parameters='$parameters' where id ='$id' limit 1;") ) {
echo "query failed: ".$db->Error; echo "query failed: ".$db->Error;
return false; return false;
} }
// TODO hooks update $this->call_hooks("authip_on_create", $id );
} else { } else {
if (! $db->query("insert into authorised_ip_affected (authorised_ip_id, protocol, parameters) values ('$authorised_ip_id', '$protocol', '$parameters');") ) { if (! $db->query("insert into authorised_ip_affected (authorised_ip_id, protocol, parameters) values ('$authorised_ip_id', '$protocol', '$parameters');") ) {
echo "query failed: ".$db->Error; echo "query failed: ".$db->Error;
return false; return false;
} }
// TODO hooks insert $this->call_hooks("authip_on_create", mysql_insert_id() );
} }
return true; return true;
} }
// Delete an IP in authorised_ip_affected /*
* Supprime une affectation ip<=>ressource
* Nota : lance des hooks dans la classe correspondante
* pour informer de la suppression
*
* @param integer $id id de la ligne à supprimer
* @return boolean Retourne FALSE si erreur, sinon TRUE
*/
function ip_affected_delete($id) { function ip_affected_delete($id) {
global $db; global $db;
$id=intval($id); $id=intval($id);
// Call hooks
$this->call_hooks("authip_on_delete", $id );
if (! $db->query("delete from authorised_ip_affected where id='$id' limit 1;") ) { if (! $db->query("delete from authorised_ip_affected where id='$id' limit 1;") ) {
echo "query failed: ".$db->Error; echo "query failed: ".$db->Error;
return false; return false;
} }
// TODO hooks delete
return true; return true;
} }
function list_affected() { /*
* Appel les hooks demandé avec en parametres les
* affectationt ip<=>ressource dont l'id est en parametre
*
* @param string $function nom de la fonction a rechercher et appeller dans les classes
* @param integer $affectation_id id de l'affectation correspondante
* @return boolean Retourne TRUE
*/
function call_hooks($function, $affectation_id) {
$d = $this->list_affected();
$affectation = $d[$affectation_id];
$e = $this->get_auth_class();
$c = $e[$affectation['protocol']]['class'];
global $$c;
if ( method_exists($$c, $function) ) {
$$c->$function($affectation);
}
return true;
}
/*
* Liste les affectation ip<=>ressource d'un utilisateur
*
* @return array Retourne un tableau de valeurs
*/
function list_affected($ip_id=null) {
global $db, $cuid; global $db, $cuid;
$r = array(); $r = array();
$db->query("SELECT * FROM authorised_ip_affected WHERE authorised_ip_id in (select id from authorised_ip where uid = '$cuid');"); if ( is_null($ip_id) ) {
$db->query("select aia.* from authorised_ip_affected aia, authorised_ip ai where ai.uid='$cuid' and aia.authorised_ip_id = ai.id order by protocol, parameters;");
} else {
$db->query("select aia.* from authorised_ip_affected aia, authorised_ip ai where ai.uid='$cuid' and aia.authorised_ip_id = '".intval($ip_id)."' order by protocol, parameters;");
}
while ($db->next_record()) { while ($db->next_record()) {
$r[]=$db->Record; $r[$db->f('id')]=$db->Record;
} }
return $r; return $r;
} }
// TODO :
// hooks on créations/update/delete
}; /* Classe m_authip */ }; /* Classe m_authip */