X-Git-Url: http://git.hcoop.net/bpt/portal.git/blobdiff_plain/f432bce2e8a41a84b0cea40ac7b7ae27af2d5958..4763cfb8e0dc2f6b2d4fd798cc9e3124c3e86288:/sec.mlt
diff --git a/sec.mlt b/sec.mlt
index 9e5c0dd..ba58b95 100644
--- a/sec.mlt
+++ b/sec.mlt
@@ -1,14 +1,19 @@
<% val you = Init.getUserId ();
val yourname = Init.getUserName ();
+val nodeNum = case $"node" of
+ "" => 2
+ | node => Web.stoi node;
+val nodeName = Init.nodeName nodeNum;
+
val uname = case $"uname" of
"" => yourname
| uname => uname;
-val socks = Sec.socketPerms uname;
-val tpe = Sec.isTpe uname;
-val cron = Sec.cronAllowed uname;
-val ftp = Sec.ftpAllowed uname;
+val socks = Sec.socketPerms {node = nodeNum, uname = uname};
+val tpe = Sec.isTpe {node = nodeNum, uname = uname};
+val cron = Sec.cronAllowed {node = nodeNum, uname = uname};
+val ftp = Sec.ftpAllowed {node = nodeNum, uname = uname};
ref showNormal = true;
@@ -17,64 +22,76 @@ ref showNormal = true;
if $"cmd" = "socks" then
showNormal := false;
val socks = $"socks";
- %>Are you sure you want to request that socket permissions for <% Web.html uname %> be changed to <% Web.html socks %>?
- ">Yes, place the request!<%
+ %>Are you sure you want to request that socket permissions for <% Web.html uname %> on <% Web.html nodeName %> be changed to <% Web.html socks %>?
+ ">Yes, place the request!<%
elseif $"cmd" = "socks2" then
- val id = Sec.Req.add (you, String.concat [uname, ": change socket permissions to ", $"socks"], $"msg");
+ val id = Sec.Req.add {usr = you, node = nodeNum, data = String.concat [uname, ": change socket permissions to ", $"socks"], msg = $"msg"};
if not (Sec.Req.notifyNew id) then
- %>
Error sending e-mail notification
<%
+ %>Error sending e-mail notification
<%
end
- %>Request added
<%
+ %>Request added
<%
elseif $"cmd" = "tpe" then
showNormal := false;
val tpe = iff $"tpe" = "yes" then "on" else "off";
- %>Are you sure you want to request that trusted-path-executables-only for <% Web.html uname %> be turned <% tpe %>?
- ">Yes, place the request!<%
+ %>Are you sure you want to request that trusted-path-executables-only for <% Web.html uname %> on <% Web.html nodeName %> be turned <% tpe %>?
+ ">Yes, place the request!<%
elseif $"cmd" = "tpe2" then
- val id = Sec.Req.add (you, String.concat [uname, ": turn tpe ", $"tpe"], $"msg");
+ val id = Sec.Req.add {usr = you, node = nodeNum, data = String.concat [uname, ": turn tpe ", $"tpe"], msg = $"msg"};
if not (Sec.Req.notifyNew id) then
- %>Error sending e-mail notification
<%
+ %>Error sending e-mail notification
<%
end
- %>Request added
<%
+ %>Request added
<%
elseif $"cmd" = "cron" then
showNormal := false;
val cron = iff $"cron" = "yes" then "enabled" else "disabled";
- %>Are you sure you want to request that cron permissions for <% Web.html uname %> be <% cron %>?
- ">Yes, place the request!<%
+ %>Are you sure you want to request that cron permissions for <% Web.html uname %> on <% Web.html nodeName %> be <% cron %>?
+ ">Yes, place the request!<%
elseif $"cmd" = "cron2" then
val cron = iff $"cron" = "enabled" then "enable" else "disable";
- val id = Sec.Req.add (you, String.concat [uname, ": ", cron, " cron access"], $"msg");
+ val id = Sec.Req.add {usr = you, node = nodeNum, data = String.concat [uname, ": ", cron, " cron access"], msg = $"msg"};
if not (Sec.Req.notifyNew id) then
- %>Error sending e-mail notification
<%
+ %>Error sending e-mail notification
<%
end
- %>Request added
<%
+ %>Request added
<%
elseif $"cmd" = "ftp" then
showNormal := false;
val ftp = iff $"ftp" = "yes" then "enabled" else "disabled";
- %>Are you sure you want to request that FTP permissions for <% Web.html uname %> be <% ftp %>?
- ">Yes, place the request!<%
+ %>Are you sure you want to request that FTP permissions for <% Web.html uname %> on <% Web.html nodeName %> be <% ftp %>?
+ ">Yes, place the request!<%
elseif $"cmd" = "ftp2" then
val ftp = iff $"ftp" = "enabled" then "enable" else "disable";
- val id = Sec.Req.add (you, String.concat [uname, ": ", ftp, " FTP access"], $"msg");
+ val id = Sec.Req.add {usr = you, node = nodeNum, data = String.concat [uname, ": ", ftp, " FTP access"], msg = $"msg"};
if not (Sec.Req.notifyNew id) then
- %>Error sending e-mail notification
<%
+ %>Error sending e-mail notification
<%
end
- %>Request added
<%
+ %>Request added
<%
elseif $"cmd" = "rule" then
showNormal := false;
val rule = $"rule";
- %>Are you sure you want to request the firewall rule <% Web.html uname %> <% Web.html rule %>?
- ">Yes, place the request!<%
+
+ if Sec.validRule rule then
+ %>Are you sure you want to request the firewall rule <% Web.html uname %> <% Web.html rule %> on <% Web.html nodeName %>?
+ ">Yes, place the request!<%
+ else
+ %>"<% Web.html rule %>" is not a valid firewall rule! Please reread the instructions, and remember to leave off the initial username portion.<%
+ end
+
elseif $"cmd" = "rule2" then
- val id = Sec.Req.add (you, String.concat ["Add firewall rule \"", uname, " ", $"rule", "\""], $"msg");
- if not (Sec.Req.notifyNew id) then
- %>Error sending e-mail notification
<%
+ val rule = $"rule";
+
+ if Sec.validRule rule then
+ val id = Sec.Req.add {usr = you, node = nodeNum, data = String.concat ["Add firewall rule \"", uname, " ", rule, "\""], msg = $"msg"};
+ if not (Sec.Req.notifyNew id) then
+ %>Error sending e-mail notification
<%
+ end
+ %>Request added
<%
+ else
+ %>"<% Web.html rule %>" is not a valid firewall rule! Please reread the instructions, and remember to leave off the initial username portion.<%
end
- %>Request added
<%
elseif $"modRule" <> "" then
showNormal := false;
@@ -83,41 +100,42 @@ elseif $"modRule" <> "" then
if oldRule = rule then
%>You didn't modify the textbox for this rule before clicking the button, so there is no request to be made.<%
else
- %>Are you sure you want to request that firewall rule <% Web.html uname %> <% Web.html oldRule %> be replaced by <% Web.html uname %> <% Web.html rule %>?
- ">Yes, place the request!<%
+ %>Are you sure you want to request that firewall rule <% Web.html uname %> <% Web.html oldRule %> be replaced by <% Web.html uname %> <% Web.html rule %> on <% Web.html nodeName %>?
+ ">Yes, place the request!<%
end
elseif $"modRule2" <> "" then
- val id = Sec.Req.add (you, String.concat ["Change firewall rule \"", uname, " ", $"modRule2", "\" to \"", uname, " ", $"rule", "\""], $"msg");
+ val id = Sec.Req.add {usr = you, node = nodeNum, data = String.concat ["Change firewall rule \"", uname, " ", $"modRule2", "\" to \"", uname, " ", $"rule", "\""], msg = $"msg"};
if not (Sec.Req.notifyNew id) then
- %>Error sending e-mail notification
<%
+ %>Error sending e-mail notification
<%
end
- %>Request added
<%
+ %>Request added
<%
elseif $"delRule" <> "" then
showNormal := false;
val oldRule = $"delRule";
- %>Are you sure you want to request that firewall rule <% Web.html uname %> <% Web.html oldRule %> be deleted?
- ">Yes, place the request!<%
+ %>Are you sure you want to request that firewall rule <% Web.html uname %> <% Web.html oldRule %> on <% Web.html nodeName %> be deleted?
+ ">Yes, place the request!<%
elseif $"delRule2" <> "" then
- val id = Sec.Req.add (you, String.concat ["Delete firewall rule \"", uname, " ", $"delRule2", "\""], $"msg");
+ val id = Sec.Req.add {usr = you, node = nodeNum, data = String.concat ["Delete firewall rule \"", uname, " ", $"delRule2", "\""], msg = $"msg"};
if not (Sec.Req.notifyNew id) then
- %>Error sending e-mail notification
<%
+ %>Error sending e-mail notification
<%
end
- %>Request added
<%
+ %>Request added
<%
elseif $"cmd" = "open" then
showNormal := false;
Group.requireGroupName "server";
- %>Open requests
+ %>Open requests
List all requests<%
foreach (name, req) in Sec.Req.listOpen () do %>
-
- By: | <% name %> |
- Time: | <% #stamp req %> |
- Request: | <% #data req %> |
- Msg: | <% Web.html (#msg req) %> |
+
+ By: | <% name %> |
+ Time: | <% #stamp req %> |
+ Node: | <% Web.html (Init.nodeName (#node req)) %> |
+ Request: | <% #data req %> |
+ Msg: | <% Web.html (#msg req) %> |
@@ -129,15 +147,16 @@ elseif $"cmd" = "open" then
elseif $"cmd" = "list" then
showNormal := false;
Group.requireGroupName "server"
- %>All requests
<%
+ %>All requests
<%
foreach (name, req) in Sec.Req.list () do %>
-
- By: | <% name %> |
- Time: | <% #stamp req %> |
- Request: | <% #data req %> |
- Reason: | <% Web.html (#msg req) %> |
+
+ By: | <% name %> |
+ Time: | <% #stamp req %> |
+ Node: | <% Web.html (Init.nodeName (#node req)) %> |
+ Request: | <% #data req %> |
+ Reason: | <% Web.html (#msg req) %> |
@@ -152,20 +171,24 @@ elseif $"mod" <> "" then
val id = Web.stoi ($"mod");
val req = Sec.Req.lookup id;
val user = Init.lookupUser (#usr req) %>
-Handle request
+Handle request