Commit | Line | Data |
---|---|---|
dfb0d0d7 AC |
1 | <% val you = Init.getUserId (); |
2 | val yourname = Init.getUserName (); | |
3 | ||
3d2ed222 | 4 | val nodeNum = case $"node" of |
78a61577 | 5 | "" => 6 |
3d2ed222 AC |
6 | | node => Web.stoi node; |
7 | val nodeName = Init.nodeName nodeNum; | |
8 | ||
dfb0d0d7 AC |
9 | val uname = case $"uname" of |
10 | "" => yourname | |
11 | | uname => uname; | |
12 | ||
3d2ed222 AC |
13 | val socks = Sec.socketPerms {node = nodeNum, uname = uname}; |
14 | val tpe = Sec.isTpe {node = nodeNum, uname = uname}; | |
15 | val cron = Sec.cronAllowed {node = nodeNum, uname = uname}; | |
dfb0d0d7 AC |
16 | |
17 | ref showNormal = true; | |
18 | ||
19 | @header [("title", ["Security settings"])]; | |
20 | ||
21 | if $"cmd" = "socks" then | |
22 | showNormal := false; | |
23 | val socks = $"socks"; | |
3d2ed222 AC |
24 | %>Are you sure you want to request that socket permissions for <b><% Web.html uname %></b> on <b><% Web.html nodeName %></b> be changed to <b><% Web.html socks %></b>?<br> |
25 | <a href="sec?cmd=socks2&node=<% nodeNum %>&uname=<% Web.urlEncode uname %>&socks=<% Web.urlEncode socks %>&msg=<% Web.urlEncode ($"msg") %>">Yes, place the request!</a><% | |
dfb0d0d7 | 26 | elseif $"cmd" = "socks2" then |
3d2ed222 | 27 | val id = Sec.Req.add {usr = you, node = nodeNum, data = String.concat [uname, ": change socket permissions to ", $"socks"], msg = $"msg"}; |
dfb0d0d7 | 28 | if not (Sec.Req.notifyNew id) then |
b6dd1aaf | 29 | %><h3>Error sending e-mail notification</h3><% |
dfb0d0d7 | 30 | end |
b6dd1aaf | 31 | %><h3>Request added</h3><% |
dfb0d0d7 AC |
32 | |
33 | elseif $"cmd" = "tpe" then | |
34 | showNormal := false; | |
35 | val tpe = iff $"tpe" = "yes" then "on" else "off"; | |
3d2ed222 AC |
36 | %>Are you sure you want to request that trusted-path-executables-only for <b><% Web.html uname %></b> on <b><% Web.html nodeName %></b> be turned <b><% tpe %></b>?<br> |
37 | <a href="sec?cmd=tpe2&node=<% nodeNum %>&uname=<% Web.urlEncode uname %>&tpe=<% tpe %>&msg=<% Web.urlEncode ($"msg") %>">Yes, place the request!</a><% | |
dfb0d0d7 | 38 | elseif $"cmd" = "tpe2" then |
3d2ed222 | 39 | val id = Sec.Req.add {usr = you, node = nodeNum, data = String.concat [uname, ": turn tpe ", $"tpe"], msg = $"msg"}; |
dfb0d0d7 | 40 | if not (Sec.Req.notifyNew id) then |
b6dd1aaf | 41 | %><h3>Error sending e-mail notification</h3><% |
dfb0d0d7 | 42 | end |
b6dd1aaf | 43 | %><h3>Request added</h3><% |
dfb0d0d7 | 44 | |
e510b9bd AC |
45 | elseif $"cmd" = "cron" then |
46 | showNormal := false; | |
47 | val cron = iff $"cron" = "yes" then "enabled" else "disabled"; | |
3d2ed222 AC |
48 | %>Are you sure you want to request that <tt>cron</tt> permissions for <b><% Web.html uname %></b> on <b><% Web.html nodeName %></b> be <b><% cron %></b>?<br> |
49 | <a href="sec?cmd=cron2&node=<% nodeNum %>&uname=<% Web.urlEncode uname %>&cron=<% cron %>&msg=<% Web.urlEncode ($"msg") %>">Yes, place the request!</a><% | |
e510b9bd AC |
50 | elseif $"cmd" = "cron2" then |
51 | val cron = iff $"cron" = "enabled" then "enable" else "disable"; | |
3d2ed222 | 52 | val id = Sec.Req.add {usr = you, node = nodeNum, data = String.concat [uname, ": ", cron, " cron access"], msg = $"msg"}; |
e510b9bd | 53 | if not (Sec.Req.notifyNew id) then |
b6dd1aaf | 54 | %><h3>Error sending e-mail notification</h3><% |
e510b9bd | 55 | end |
b6dd1aaf | 56 | %><h3>Request added</h3><% |
e510b9bd AC |
57 | elseif $"cmd" = "rule" then |
58 | showNormal := false; | |
59 | val rule = $"rule"; | |
308f44e7 AC |
60 | |
61 | if Sec.validRule rule then | |
62 | %>Are you sure you want to request the firewall rule <b><% Web.html uname %> <% Web.html rule %></b> on <b><% Web.html nodeName %></b>?<br> | |
3d2ed222 | 63 | <a href="sec?cmd=rule2&node=<% nodeNum %>&uname=<% Web.urlEncode uname %>&rule=<% Web.urlEncode rule %>&msg=<% Web.urlEncode ($"msg") %>">Yes, place the request!</a><% |
308f44e7 AC |
64 | else |
65 | %>"<% Web.html rule %>" is not a valid firewall rule! Please reread <a href="http://wiki.hcoop.net/wiki/FirewallRules">the instructions</a>, and remember to leave off the initial username portion.<% | |
66 | end | |
67 | ||
e510b9bd | 68 | elseif $"cmd" = "rule2" then |
308f44e7 AC |
69 | val rule = $"rule"; |
70 | ||
71 | if Sec.validRule rule then | |
5c6d7637 | 72 | val id = Sec.Req.add {usr = you, node = nodeNum, data = String.concat ["Add firewall rule \"", nodeName, " ", uname, " ", rule, "\""], msg = $"msg"}; |
308f44e7 AC |
73 | if not (Sec.Req.notifyNew id) then |
74 | %><h3>Error sending e-mail notification</h3><% | |
75 | end | |
76 | %><h3>Request added</h3><% | |
77 | else | |
78 | %>"<% Web.html rule %>" is not a valid firewall rule! Please reread <a href="http://wiki.hcoop.net/wiki/FirewallRules">the instructions</a>, and remember to leave off the initial username portion.<% | |
e510b9bd | 79 | end |
e510b9bd AC |
80 | |
81 | elseif $"modRule" <> "" then | |
82 | showNormal := false; | |
83 | val oldRule = $"modRule"; | |
84 | val rule = $"rule" | |
85 | if oldRule = rule then | |
86 | %>You didn't modify the textbox for this rule before clicking the button, so there is no request to be made.<% | |
87 | else | |
3d2ed222 AC |
88 | %>Are you sure you want to request that firewall rule <b><% Web.html uname %> <% Web.html oldRule %></b> be replaced by <b><% Web.html uname %> <% Web.html rule %></b> on <b><% Web.html nodeName %></b>?<br> |
89 | <a href="sec?node=<% nodeNum %>&uname=<% Web.urlEncode uname %>&modRule2=<% Web.urlEncode oldRule %>&rule=<% Web.urlEncode rule %>&msg=<% Web.urlEncode ($"msg") %>">Yes, place the request!</a><% | |
e510b9bd AC |
90 | end |
91 | elseif $"modRule2" <> "" then | |
3d2ed222 | 92 | val id = Sec.Req.add {usr = you, node = nodeNum, data = String.concat ["Change firewall rule \"", uname, " ", $"modRule2", "\" to \"", uname, " ", $"rule", "\""], msg = $"msg"}; |
e510b9bd | 93 | if not (Sec.Req.notifyNew id) then |
b6dd1aaf | 94 | %><h3>Error sending e-mail notification</h3><% |
e510b9bd | 95 | end |
b6dd1aaf | 96 | %><h3>Request added</h3><% |
e510b9bd AC |
97 | |
98 | elseif $"delRule" <> "" then | |
99 | showNormal := false; | |
100 | val oldRule = $"delRule"; | |
3d2ed222 AC |
101 | %>Are you sure you want to request that firewall rule <b><% Web.html uname %> <% Web.html oldRule %></b> on <b><% Web.html nodeName %></b> be <b>deleted</bD>?<br> |
102 | <a href="sec?node=<% nodeNum %>&uname=<% Web.urlEncode uname %>&delRule2=<% Web.urlEncode oldRule %>&msg=<% Web.urlEncode ($"msg") %>">Yes, place the request!</a><% | |
e510b9bd | 103 | elseif $"delRule2" <> "" then |
3d2ed222 | 104 | val id = Sec.Req.add {usr = you, node = nodeNum, data = String.concat ["Delete firewall rule \"", uname, " ", $"delRule2", "\""], msg = $"msg"}; |
e510b9bd | 105 | if not (Sec.Req.notifyNew id) then |
b6dd1aaf | 106 | %><h3>Error sending e-mail notification</h3><% |
e510b9bd | 107 | end |
b6dd1aaf | 108 | %><h3>Request added</h3><% |
e510b9bd | 109 | |
dfb0d0d7 AC |
110 | elseif $"cmd" = "open" then |
111 | showNormal := false; | |
112 | Group.requireGroupName "server"; | |
b6dd1aaf | 113 | %><h3>Open requests</h3> |
dfb0d0d7 AC |
114 | <a href="sec?cmd=list">List all requests</a><% |
115 | ||
116 | foreach (name, req) in Sec.Req.listOpen () do %> | |
117 | <br><hr><br> | |
b6dd1aaf AC |
118 | <table class="blanks"> |
119 | <tr> <td>By:</td> <td><a href="user?id=<% #usr req %>"><% name %></a></td> </tr> | |
6b8b767b | 120 | <tr> <td>Time:</td> <td><% #stamp req %> (<% Util.diffFromNow (#stamp req) %> ago)</td></tr> |
3d2ed222 | 121 | <tr> <td>Node:</td> <td><% Web.html (Init.nodeName (#node req)) %></td> </tr> |
b6dd1aaf AC |
122 | <tr> <td>Request:</td> <td><% #data req %></td> </tr> |
123 | <tr> <td>Msg:</td> <td colspan="2"><% Web.html (#msg req) %></td> </tr> | |
dfb0d0d7 AC |
124 | </table> |
125 | ||
126 | <br> | |
127 | <a href="sec?mod=<% #id req %>">[Modify]</a> | |
128 | <a href="sec?del=<% #id req %>">[Delete]</a><br> | |
129 | ||
130 | <% end | |
131 | ||
132 | elseif $"cmd" = "list" then | |
133 | showNormal := false; | |
134 | Group.requireGroupName "server" | |
b6dd1aaf | 135 | %><h3>All requests</h3><% |
dfb0d0d7 AC |
136 | |
137 | foreach (name, req) in Sec.Req.list () do %> | |
138 | <br><hr><br> | |
b6dd1aaf AC |
139 | <table class="blanks"> |
140 | <tr> <td>By:</td> <td colspan="2"><a href="user?id=<% #usr req %>"><% name %></a></td> </tr> | |
6b8b767b | 141 | <tr> <td>Time:</td> <td colspan="2"><% #stamp req %> (<% Util.diffFromNow (#stamp req) %> ago)</td></tr> |
3d2ed222 | 142 | <tr> <td>Node:</td> <td><% Web.html (Init.nodeName (#node req)) %></td> </tr> |
b6dd1aaf AC |
143 | <tr> <td>Request:</td> <td><% #data req %></td> </tr> |
144 | <tr> <td>Reason:</td> <td colspan="2"><% Web.html (#msg req) %></td> </tr> | |
dfb0d0d7 AC |
145 | </table> |
146 | ||
147 | <br> | |
148 | <a href="sec?mod=<% #id req %>">[Modify]</a> | |
149 | <a href="sec?del=<% #id req %>">[Delete]</a> | |
150 | ||
151 | <% end | |
152 | ||
153 | elseif $"mod" <> "" then | |
154 | showNormal := false; | |
155 | Group.requireGroupName "server"; | |
156 | val id = Web.stoi ($"mod"); | |
157 | val req = Sec.Req.lookup id; | |
158 | val user = Init.lookupUser (#usr req) %> | |
b6dd1aaf | 159 | <h3>Handle request</h3> |
dfb0d0d7 AC |
160 | |
161 | <form action="sec" method="post"> | |
162 | <input type="hidden" name="save" value="<% id %>"> | |
b6dd1aaf AC |
163 | <table class="blanks"> |
164 | <tr> <td>Requestor:</td> <td><a href="user?id=<% #usr req %>"><% #name user %></a></td> </tr> | |
6b8b767b | 165 | <tr> <td>Time:</td> <td><% #stamp req %> (<% Util.diffFromNow (#stamp req) %> ago)</td></tr> |
b6dd1aaf | 166 | <tr> <td>Status:</td> <td><select name="status"> |
dfb0d0d7 AC |
167 | <option value="0"<% if #status req = Sec.Req.NEW then %> selected<% end %>>New</option> |
168 | <option value="1"<% if #status req = Sec.Req.INSTALLED then %> selected<% end %>>Installed</option> | |
169 | <option value="2"<% if #status req = Sec.Req.REJECTED then %> selected<% end %>>Rejected</option> | |
170 | </select></td> </tr> | |
3d2ed222 AC |
171 | <tr> <td>Node:</td> <td><select name="node"> |
172 | <% foreach node in Init.listNodes () do %> | |
7e839f2f | 173 | <option value="<% #id node %>"<% if #id node = #node req then %> selected<% end %>><% Web.html (#name node) %> (<% Web.html (#descr node) %>)</option> |
3d2ed222 | 174 | <% end %></select></td> </tr> |
daaa0de7 | 175 | <tr> <td>Request:</td> <td><input name="req" value="<% Web.html (#data req) %>"></td> </tr> |
b6dd1aaf | 176 | <tr> <td>Message:</td> <td><textarea name="msg" rows="10" cols="80" wrap="soft"><% Web.html (#msg req) %></textarea></td> </tr> |
dfb0d0d7 AC |
177 | <tr> <td><input type="submit" value="Save"></td> </tr> |
178 | </table> | |
179 | </form> | |
180 | ||
181 | <% elseif $"save" <> "" then | |
182 | showNormal := false; | |
183 | Group.requireGroupName "server"; | |
184 | val id = Web.stoi ($"save"); | |
185 | val req = Sec.Req.lookup id; | |
186 | val oldStatus = #status req; | |
187 | val newStatus = Sec.Req.statusFromInt (Web.stoi ($"status")); | |
3d2ed222 | 188 | Sec.Req.modify {req with node = nodeNum, data = $"req", msg = $"msg", status = newStatus}; |
8812fb4d AC |
189 | if not (Sec.Req.notifyMod {old = oldStatus, new = newStatus, changer = Init.getUserName(), req = id}) then |
190 | %><h3>Error sending e-mail notification</h3><% | |
dfb0d0d7 | 191 | end |
b6dd1aaf | 192 | %><h3>Request modified</h3> |
dfb0d0d7 AC |
193 | Back to: <a href="sec?cmd=open">open requests</a>, <a href="sec?cmd=list">all requests</a> |
194 | ||
195 | <% elseif $"del" <> "" then | |
196 | showNormal := false; | |
197 | Group.requireGroupName "server"; | |
198 | val id = Web.stoi ($"del"); | |
199 | val req = Sec.Req.lookup id; | |
200 | val user = Init.lookupUser (#usr req) | |
3d2ed222 | 201 | %><h3>Are you sure you want to delete request by <% #name user %> for "<% #data req %>" on <% Web.html (Init.nodeName (#node req)) %>?</h3> |
dfb0d0d7 AC |
202 | <a href="sec?del2=<% id %>">Yes, I'm sure!</a> |
203 | ||
204 | <% elseif $"del2" <> "" then | |
205 | showNormal := false; | |
206 | Group.requireGroupName "server"; | |
207 | val id = Web.stoi ($"del2"); | |
208 | Sec.Req.delete id | |
b6dd1aaf | 209 | %><h3>Request deleted</b><h3> |
dfb0d0d7 AC |
210 | Back to: <a href="sec?cmd=open">open requests</a>, <a href="sec?cmd=list">all requests</a> |
211 | ||
212 | <% end; | |
213 | ||
22073500 CE |
214 | if showNormal then |
215 | @secnormal [("uname", [uname]), | |
216 | ("nodeNum", [Int.toString nodeNum])]; | |
217 | end %> | |
dfb0d0d7 AC |
218 | |
219 | <% @footer[] %> |