eurephia v1.0 - Developer: eurephiadm/commands/adminaccess.c Source File

Go to the documentation of this file.
00001 /* useraccess.c  --  eurephiadm useraccess command:
00002  *                   Management of user access levels (eurephia_adminaccess table)
00003  *
00004  *  GPLv2 only - Copyright (C) 2009 - 2010
00005  *               David Sommerseth <dazo@users.sourceforge.net>
00006  *
00007  *  This program is free software; you can redistribute it and/or
00008  *  modify it under the terms of the GNU General Public License
00009  *  as published by the Free Software Foundation; version 2
00010  *  of the License.
00011  *
00012  *  This program is distributed in the hope that it will be useful,
00013  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
00014  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00015  *  GNU General Public License for more details.
00016  *
00017  *  You should have received a copy of the GNU General Public License
00018  *  along with this program; if not, write to the Free Software
00019  *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
00020  *
00021  */
00022 
00032 #include <stdio.h>
00033 #include <string.h>
00034 #include <assert.h>
00035 
00036 #ifdef HAVE_LIBXML2
00037 #include <libxml/tree.h>
00038 #include <libxml/xpath.h>
00039 #endif
00040 
00041 #define MODULE "eurephia::UserAdmin" 
00042 #include <eurephia_nullsafe.h>
00043 #include <eurephia_context.h>
00044 #include <eurephia_log.h>
00045 #include <eurephia_xml.h>
00046 #include <eurephia_values_struct.h>
00047 #include <eurephiadb_session_struct.h>
00048 #include <eurephiadb_mapping.h>
00049 #include <eurephiadb_driver.h>
00050 #include <certinfo.h>
00051 
00052 #include "../argparser.h"
00053 #include "../xsltparser.h"
00054 
00060 void display_adminaccess_help(int page) {
00061         switch( page ) {
00062         case 'G':
00063                 printf("The grant mode will grant a user access to a specified access level.\n"
00064                        "\n"
00065                        "     -i | --uid          User account ID\n"
00066                        "     -I | --interface    Grant access through which interface (default 'C')\n"
00067                        "     -a | --access-level Which access level to grant access to\n"
00068                        "\n"
00069                        );
00070                 break;
00071         case 'R':
00072                 printf("The revoke mode will remove an access from the desired user accounts.\n"
00073                        "\n"
00074                        "     -i | --uid          User account ID\n"
00075                        "     -I | --interface    Revoke access from interface (default 'C')\n"
00076                        "     -a | --access-level Which access level to revoke access from\n"
00077                        "\n"
00078                        );
00079                 break;
00080         case 'l':
00081                 printf("The list mode will show the granted user access levels\n"
00082                        "\n"
00083                        "     -i | --uid          User account ID\n"
00084                        "     -u | --username     User name\n"
00085                        "     -I | --interface    Which interfaces to show (default 'C')\n"
00086                        "     -a | --access-level Which access level to show\n"
00087                        "\n"
00088                        );
00089                 break;
00090         default:
00091                 printf("Available modes for the adminaccess command are:\n\n"
00092                        "     -G | --grant       Grant a specific access level to a user\n"
00093                        "     -R | --revoke      Revoke access levels\n"
00094                        "     -l | --list        List all granted accesses\n"
00095                        "     -h | --help <mode> Help about a specific mode\n\n");
00096                 break;
00097         }
00098 }
00099 
00103 void help_AdminAccess() {
00104         display_adminaccess_help(0);
00105 }
00106 
00107 
00119 int help_AdminAccess2(eurephiaCTX *ctx, eurephiaSESSION *sess, eurephiaVALUES *cfg, int argc, char **argv) {
00120         e_options helpargs[] = {
00121                 {"--list", "-l", 0},
00122                 {"--grant", "-G", 0},
00123                 {"--revoke", "-R", 0},
00124                 {NULL, NULL, 0}
00125         };
00126 
00127         int i = 1;
00128         display_adminaccess_help(eurephia_getopt(&i, argc, argv, helpargs));
00129         return 0;
00130 }
00131 
00143 int list_adminaccess(eurephiaCTX *ctx, eurephiaSESSION *sess, eurephiaVALUES *cfg, int argc, char **argv) {
00144         xmlDoc *list_xml = NULL, *srch_xml = NULL;
00145         xmlNode *srch_n = NULL, *tmp_n = NULL;
00146         int i = 0, rc = -1;
00147         char *uid = NULL, *username = NULL, *intf = NULL, *acl = NULL;
00148 
00149         e_options listargs[] = {
00150                 {"--uid", "-i", 1},
00151                 {"--username", "-u", 1},
00152                 {"--interface", "-I", 1},
00153                 {"--access-level", "-a", 1},
00154                 {"--help", "-h", 0},
00155                 {NULL, NULL, 0}
00156         };
00157 
00158         assert( (ctx != NULL) && (ctx->dbc != NULL) && (ctx->dbc->config != NULL));
00159 
00160         // Parse arguments
00161         for( i = 1; i < argc; i++ ) {
00162                 switch( eurephia_getopt(&i, argc, argv, listargs) ) {
00163                 case 'i':
00164                         uid = optargs[0];
00165                         break;
00166                 case 'u':
00167                         username = optargs[0];
00168                         break;
00169                 case 'I':
00170                         intf = optargs[0];
00171                         break;
00172                 case 'a':
00173                         acl = optargs[0];
00174                         break;
00175 
00176                 case 'h':
00177                         display_adminaccess_help('l');
00178                         return 0;
00179 
00180                 default:
00181                         return 1;
00182                 }
00183         }
00184 
00185         // Build up search XML
00186         eurephiaXML_CreateDoc(ctx, 1, "admin_access", &srch_xml, &srch_n);
00187         assert( (srch_xml != NULL) && (srch_n != NULL) );
00188         xmlNewProp(srch_n, (xmlChar *) "mode", (xmlChar *) "list");
00189 
00190         tmp_n = xmlNewChild(srch_n, NULL, (xmlChar *) "fieldMapping", NULL);
00191         xmlNewProp(tmp_n, (xmlChar *) "table", (xmlChar *) "eurephia_adminaccess");
00192 
00193         if( uid != NULL ) {
00194                 xmlNewChild(tmp_n, NULL, (xmlChar *) "uid", (xmlChar *) uid);
00195         }
00196         if( username != NULL ) {
00197                 xmlNewChild(tmp_n, NULL, (xmlChar *) "username", (xmlChar *) username);
00198         }
00199         if( intf != NULL ) {
00200                 xmlNewChild(tmp_n, NULL, (xmlChar *) "interface", (xmlChar *) intf);
00201         }
00202         if( acl != NULL ) {
00203                 xmlNewChild(tmp_n, NULL, (xmlChar *) "accesslevel", (xmlChar *) acl);
00204         }
00205 
00206         list_xml = eDBadminAccessLevel(ctx, srch_xml);
00207         xmlFreeDoc(srch_xml);
00208         if( list_xml == NULL ) {
00209                 fprintf(stderr, "%s: Error retrieving user access list\n", MODULE);
00210                 return 1;
00211         }
00212 
00213         tmp_n = eurephiaXML_getRoot(ctx, list_xml, NULL, 1);
00214         if( tmp_n == NULL ) {
00215                 fprintf(stderr, "%s: Error retrieving user access list results\n", MODULE);
00216                 rc = 1;
00217         } else if( xmlStrcmp(tmp_n->name, (xmlChar *) "admin_access_list") == 0 ) {
00218                 xslt_print_xmldoc(stdout, cfg, list_xml, "adminaccess.xsl", NULL);
00219                 rc = 0;
00220         } else {
00221                 eurephiaRESULT *res = eurephiaXML_ParseResultMsg(ctx, list_xml);
00222                 assert( res != NULL );
00223                 fprintf(stderr, "%s: %s\n", MODULE, res->message);
00224                 rc = 1;
00225                 free_nullsafe(ctx, res);
00226         }
00227         xmlFreeDoc(list_xml);
00228         return rc;
00229 }
00230 
00231 
00243 int grant_revoke(eurephiaCTX *ctx, eurephiaSESSION *sess, eurephiaVALUES *cfg, int argc, char **argv) {
00244         xmlDoc *upd_xml = NULL, *res_xml = NULL;
00245         xmlNode *root_n = NULL, *fmap_n = NULL;
00246         char actmode = '-', *actmode_str = NULL;
00247         int i = 0, rc = 0;
00248         int f_uid = 0, f_acl = 0, f_intf = 0;
00249 
00250         e_options addargs[] = {
00251                 {"--uid", "-i", 1},
00252                 {"--access-level", "-a", 1},
00253                 {"--interface", "-I", 1},
00254                 {"--help", "-h", 0},
00255                 {NULL, NULL, 0}
00256         };
00257 
00258         assert( (ctx != NULL) && (ctx->dbc != NULL) && (ctx->dbc->config != NULL));
00259 
00260         eurephiaXML_CreateDoc(ctx, 1, "admin_access", &upd_xml, &root_n);
00261         fmap_n = xmlNewChild(root_n, NULL, (xmlChar *) "fieldMapping", NULL);
00262         xmlNewProp(fmap_n, (xmlChar *) "table", (xmlChar *) "eurephia_adminaccess");
00263 
00264         if( (strcmp(argv[0], "--grant") == 0) || (strcmp(argv[0], "-G") == 0) ) {
00265                 actmode = 'G';
00266                 actmode_str = "granted";
00267                 xmlNewProp(root_n, (xmlChar *) "mode", (xmlChar *) "grant");
00268         } else if( (strcmp(argv[0], "--revoke") == 0) || (strcmp(argv[0], "-R") == 0) ) {
00269                 actmode = 'R';
00270                 actmode_str = "revoked";
00271                 xmlNewProp(root_n, (xmlChar *) "mode", (xmlChar *) "revoke");
00272         }
00273 
00274         for( i = 1; i < argc; i++ ) {
00275                 switch( eurephia_getopt(&i, argc, argv, addargs) ) {
00276                 case 'i':
00277                         if( f_uid > 0 ) {
00278                                 fprintf(stderr, "%s: User id can only be set once\n", MODULE);
00279                                 return 1;
00280                         }
00281                         if( atoi_nullsafe(optargs[0]) < 1 ) {
00282                                 fprintf(stderr, "%s: User ID must be a positive number (>0)\n", MODULE);
00283                                 return 1;
00284                         }
00285                         f_uid++;
00286                         xmlNewChild(fmap_n, NULL, (xmlChar *) "uid", (xmlChar *) optargs[0]);
00287                         break;
00288 
00289                 case 'a':
00290                         if( f_acl > 0 ) {
00291                                 fprintf(stderr, "%s: Access level can only be set once\n", MODULE);
00292                                 return 1;
00293                         }
00294                         f_acl++;
00295                         xmlNewChild(fmap_n, NULL, (xmlChar *) "accesslevel", (xmlChar *) optargs[0]);
00296                         break;
00297 
00298                 case 'I':
00299                         if( f_intf > 0 ) {
00300                                 fprintf(stderr, "%s: Access level can only be set once\n", MODULE);
00301                                 return 1;
00302                         }
00303                         f_intf++;
00304                         xmlNewChild(fmap_n, NULL, (xmlChar *) "interface", (xmlChar *) optargs[0]);
00305                         break;
00306 
00307                 case 'h':
00308                         display_adminaccess_help(actmode);
00309                         return 0;
00310 
00311                 default:
00312                         return 1;
00313                }
00314         }
00315 
00316         if( (f_uid != 1) || (f_acl != 1) ) {
00317                 fprintf(stderr, "%s: You must provide both a user ID (--uid) "
00318                         "and an access level (--access-level)\n",
00319                         MODULE);
00320                 return 1;
00321         }
00322 
00323         if( f_intf == 0 ) {
00324                 // Default interface value, if not set.
00325                 xmlNewChild(fmap_n, NULL, (xmlChar *) "interface", (xmlChar *) "C");
00326         }
00327 
00328         res_xml = eDBadminAccessLevel(ctx, upd_xml);
00329         if( res_xml == NULL ) {
00330                 fprintf(stderr, "%s: Failed to update the access level\n", MODULE);
00331                 rc = 1;
00332         } else {
00333                 eurephiaRESULT *res = eurephiaXML_ParseResultMsg(ctx, res_xml);
00334                 if( res == NULL ) {
00335                         fprintf(stderr, "%s: Failed to update the access level.  No results returned\n",
00336                                 MODULE);
00337                         rc = 1;
00338                 } else {
00339                         if( res->resultType == exmlERROR ) {
00340                                 fprintf(stderr, "%s: %s\n", MODULE, res->message);
00341                         rc = 1;
00342                         } else {
00343                                 fprintf(stdout, "%s: %s\n", MODULE, res->message);
00344                                 rc = 0;
00345                         }
00346                 }
00347                 free_nullsafe(ctx, res);
00348                 xmlFreeDoc(res_xml);
00349         }
00350         xmlFreeDoc(upd_xml);
00351         return rc;
00352 }
00353 
00354 
00366 int cmd_AdminAccess(eurephiaCTX *ctx, eurephiaSESSION *sess, eurephiaVALUES *cfg, int argc, char **argv) {
00367         char **mode_argv;
00368         int i, mode_argc = 0, rc = 0;
00369         int (*mode_fnc) (eurephiaCTX *ctx, eurephiaSESSION *sess, eurephiaVALUES *cfg, int argc, char **argv);
00370 
00371         e_options modeargs[] = {
00372                 {"--list", "-l", 0},
00373                 {"--grant", "-G", 0},
00374                 {"--revoke", "-R", 0},
00375                 {"--help", "-h", 0},
00376                 {NULL, NULL, 0}
00377         };
00378 
00379         assert((ctx != NULL) && (ctx->dbc != NULL) && (ctx->dbc->config != NULL));
00380         mode_fnc = NULL;
00381         for( i = 1; i < argc; i++ ) {
00382                 switch( eurephia_getopt(&i, argc, argv, modeargs) ) {
00383                 case 'l':
00384                         mode_fnc = list_adminaccess;
00385                         break;
00386 
00387                 case 'h':
00388                         mode_fnc = help_AdminAccess2;
00389                         break;
00390 
00391                 case 'G':
00392                         mode_fnc = grant_revoke;
00393                         break;
00394 
00395                 case 'R':
00396                         mode_fnc = grant_revoke;
00397                         break;
00398 
00399                 default:
00400                         break;
00401                 }
00402                 if( mode_fnc != NULL ) {
00403                         break;
00404                 }
00405         }
00406 
00407         // If we do not have any known mode defined, exit with error
00408         if( mode_fnc == NULL )  {
00409                 fprintf(stderr, "%s: Unknown argument.  No mode given\n", MODULE);
00410                 return 1;
00411         }
00412 
00413         // Allocate memory for our arguments being sent to the mode function
00414         mode_argv = (char **) calloc(sizeof(char *), (argc - i)+2);
00415         assert(mode_argv != NULL);
00416 
00417         // Copy over only the arguments needed for the mode
00418         mode_argc = eurephia_arraycp(i, argc, argv, mode_argv, (argc - i));
00419 
00420         // Call the mode function
00421         rc = mode_fnc(ctx, sess, cfg, mode_argc, mode_argv);
00422         free_nullsafe(ctx, mode_argv);
00423 
00424         return rc;
00425 }