00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00031 #include <string.h>
00032 #include <unistd.h>
00033 #include <assert.h>
00034
00035 #include <libxml/tree.h>
00036
00037 #include <sqlite3.h>
00038
00039 #include <eurephia_nullsafe.h>
00040 #include <eurephia_context.h>
00041 #include <eurephia_log.h>
00042 #include <eurephia_xml.h>
00043 #include <eurephia_values.h>
00044 #include <eurephiadb_session_struct.h>
00045 #include <eurephiadb_mapping.h>
00046 #include <passwd.h>
00047
00048 #ifndef DRIVER_MODE
00049 #define DRIVER_MODE
00050 #endif
00051 #include <eurephiadb_driver.h>
00052
00053 #include "../sqlite.h"
00054
00055 #define FMAP_USERS
00056 #define FMAP_ADMINACCESS
00057 #include "../fieldmapping.h"
00058
00059
00069 static inline int xml_set_flag(xmlNode *node, char *flagname, int flagged) {
00070 if( flagged ) {
00071 xmlNewChild(node, NULL, (xmlChar *) "flag", (xmlChar *) flagname);
00072 }
00073 return flagged;
00074 }
00075
00076
00088 static xmlDoc *useracc_view(eurephiaCTX *ctx, unsigned int infoType,
00089 eDBfieldMap *uinfo_map, const char *sortkeys)
00090 {
00091 dbresult *uinf = NULL, *qres = NULL;
00092 unsigned int flag = 0, uid = 0, recid = 0;
00093 char *username = NULL;
00094 xmlDoc *doc = NULL;
00095 xmlNode *root_n = NULL, *info_n = NULL;
00096
00097 DEBUG(ctx, 20, "Function call: eDBadminGetUserUserInfo(ctx, %i, {xmlDoc})", infoType);
00098 assert( ctx != NULL );
00099
00100 if( (ctx->context_type != ECTX_ADMIN_CONSOLE) && (ctx->context_type != ECTX_ADMIN_WEB) ) {
00101 eurephia_log(ctx, LOG_CRITICAL, 0,
00102 "eurephia admin function call attempted with wrong context type");
00103 return NULL;
00104 }
00105
00106
00107 uinf = sqlite_query_mapped(ctx, SQL_SELECT,
00108 "SELECT users.username, users.activated, users.deactivated,"
00109 " users.last_accessed, users.uid,"
00110 " (bl.username IS NOT NULL), opensess, logincount,"
00111 " (at.attempts > 0)"
00112 " FROM openvpn_users users"
00113 " LEFT JOIN openvpn_blacklist bl USING(username)"
00114 " LEFT JOIN openvpn_attempts at ON(at.username = users.username)"
00115 " LEFT JOIN (SELECT uid, count(*) AS logincount "
00116 " FROM openvpn_lastlog"
00117 " GROUP BY uid) lc"
00118 " ON (lc.uid = users.uid)"
00119 " LEFT JOIN (SELECT uid, count(*) > 0 AS opensess"
00120 " FROM openvpn_lastlog"
00121 " WHERE sessionstatus = 2"
00122 " GROUP BY uid) os"
00123 " ON (os.uid = users.uid)",
00124 NULL, uinfo_map, sortkeys);
00125
00126 if( uinf == NULL ) {
00127 eurephia_log(ctx, LOG_ERROR, 0, "Error querying the database for a user");
00128 return eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, "Failed to query the user database");
00129 }
00130
00131 eurephiaXML_CreateDoc(ctx, 1, "UserAccount", &doc, &root_n);
00132 xmlNewProp(root_n, (xmlChar *) "mode", (xmlChar *) "view");
00133
00134 for( recid = 0; recid < sqlite_get_numtuples(uinf); recid++ ) {
00135 xmlNode *user_n = xmlNewChild(root_n, NULL, (xmlChar *) "Account", NULL);
00136 assert( user_n != NULL );
00137
00138 sqlite_xml_value(user_n, XML_ATTR, "uid", uinf, recid, 4);
00139 sqlite_xml_value(user_n, XML_NODE, "username", uinf, recid, 0);
00140
00141 uid = atoi_nullsafe(sqlite_get_value(uinf, recid, 4));
00142 username = sqlite_get_value(uinf, recid, 0);
00143
00144 if( infoType & USERINFO_user ) {
00145 info_n = xmlNewChild(user_n, NULL, (xmlChar *) "flags", NULL);
00146 assert( info_n != NULL );
00147
00148
00149 xml_set_flag(info_n, "DEACTIVATED", (sqlite_get_value(uinf, recid, 2) != NULL));
00150
00151
00152 xml_set_flag(info_n, "BLACKLISTED", (atoi_nullsafe(sqlite_get_value(uinf, recid, 5))==1));
00153
00154
00155 xml_set_flag(info_n, "OPENSESSION", (atoi_nullsafe(sqlite_get_value(uinf, recid, 6))==1));
00156
00157
00158 xml_set_flag(info_n, "ERRATTEMPT", (atoi_nullsafe(sqlite_get_value(uinf, recid, 8))==1));
00159
00160
00161 flag = xml_set_flag(info_n, "NEVERUSED", ((atoi_nullsafe(sqlite_get_value(uinf,0, 7))==0)
00162 && (sqlite_get_value(uinf, recid, 3) == NULL)));
00163
00164
00165 xml_set_flag(info_n, "RSETLASTUSED", !flag && (sqlite_get_value(uinf,0,3)) == NULL);
00166
00167
00168 xml_set_flag(info_n, "RSETLOGINCNT", ((atoi_nullsafe(sqlite_get_value(uinf,0, 7))==0)
00169 && (sqlite_get_value(uinf,0,3)) != NULL));
00170
00171 sqlite_xml_value(user_n, XML_NODE, "activated", uinf, recid, 1);
00172 sqlite_xml_value(user_n, XML_NODE, "deactivated", uinf, recid, 2);
00173 info_n = sqlite_xml_value(user_n, XML_NODE, "last_accessed", uinf, recid, 3);
00174 sqlite_xml_value(user_n, XML_ATTR, "logincount", uinf, recid, 7);
00175 }
00176
00177 if( infoType & USERINFO_certs ) {
00178
00179 qres = sqlite_query(ctx,
00180 "SELECT depth, lower(digest), common_name, organisation, email, "
00181 " c.registered, c.certid, uc.accessprofile, access_descr,"
00182 " fw_profile"
00183 " FROM openvpn_certificates c"
00184 " LEFT JOIN openvpn_usercerts uc ON (c.certid = uc.certid)"
00185 " LEFT JOIN openvpn_accesses a "
00186 " ON (uc.accessprofile = a.accessprofile)"
00187 " WHERE uid = '%i' ORDER BY c.certid DESC", uid);
00188
00189 info_n = xmlNewChild(user_n, NULL, (xmlChar *) "certificates", NULL);
00190 assert( info_n != NULL );
00191 if( (qres != NULL) && (sqlite_get_numtuples(qres) > 0) ) {
00192 int i;
00193 xmlNode *cert, *acpr;
00194 xmlChar *tmp = NULL;
00195
00196 for( i = 0; i < sqlite_get_numtuples(qres); i++ ) {
00197 cert = xmlNewChild(info_n, NULL, (xmlChar *) "certificate", NULL);
00198 assert( cert != NULL );
00199
00200 sqlite_xml_value(cert, XML_ATTR, "certid", qres, i, 6);
00201 sqlite_xml_value(cert, XML_ATTR, "depth", qres, i, 0);
00202 sqlite_xml_value(cert, XML_ATTR, "registered", qres, i, 5);
00203 sqlite_xml_value(cert, XML_NODE, "digest", qres, i, 1);
00204
00205 tmp = (xmlChar *)sqlite_get_value(qres, i, 2);
00206 xmlReplaceChars(tmp, '_', ' ');
00207 xmlNewChild(cert, NULL, (xmlChar *) "common_name", tmp);
00208
00209 tmp = (xmlChar *)sqlite_get_value(qres, i, 3);
00210 xmlReplaceChars(tmp, '_', ' ');
00211 xmlNewChild(cert, NULL, (xmlChar *) "organisation", tmp);
00212
00213 sqlite_xml_value(cert, XML_NODE, "email", qres, i, 4);
00214
00215 acpr = sqlite_xml_value(cert, XML_NODE, "access_profile", qres, i, 8);
00216 sqlite_xml_value(acpr, XML_ATTR, "accessprofile", qres, i, 7);
00217 sqlite_xml_value(acpr, XML_ATTR, "fwdestination", qres, i, 9);
00218 }
00219 }
00220 sqlite_free_results(qres);
00221 }
00222
00223 if( infoType & USERINFO_lastlog ) {
00224 int i = 0;
00225 xmlNode *lastl = NULL, *sess = NULL, *tmp1 = NULL, *tmp2 = NULL;
00226 xmlChar *tmp = NULL;
00227
00228 qres = sqlite_query(ctx,
00229 "SELECT llid, ll.certid,protocol,remotehost,remoteport,macaddr,"
00230 " vpnipaddr, vpnipmask, sessionstatus, sessionkey,"
00231 " login, logout, session_duration, session_deleted,"
00232 " bytes_sent, bytes_received, uicid, accessprofile,"
00233 " access_descr, fw_profile, depth, lower(digest),"
00234 " common_name, organisation, email"
00235 " FROM openvpn_lastlog ll"
00236 " LEFT JOIN openvpn_usercerts USING (uid, certid)"
00237 " LEFT JOIN openvpn_accesses USING (accessprofile)"
00238 " LEFT JOIN openvpn_certificates cert ON(ll.certid=cert.certid)"
00239 " WHERE uid = '%i' ORDER BY login, logout", uid);
00240
00241 if( qres == NULL ) {
00242 eurephia_log(ctx, LOG_ERROR, 0, "Quering the lastlog failed");
00243 xmlFreeDoc(doc);
00244 return eurephiaXML_ResultMsg(ctx, exmlERROR, NULL,
00245 "Failed to query the lastlog");
00246 }
00247
00248 lastl = xmlNewChild(user_n, NULL, (xmlChar *) "lastlog", NULL);
00249 for( i = 0; i < sqlite_get_numtuples(qres); i++ ) {
00250
00251 sess = xmlNewChild(lastl, NULL, (xmlChar*) "session", NULL);
00252 assert( sess != NULL );
00253
00254 sqlite_xml_value(sess, XML_ATTR, "llid", qres, i, 0);
00255 xmlNewProp(sess, (xmlChar *) "session_status",
00256 (xmlChar *)SESSION_STATUS[atoi_nullsafe(sqlite_get_value(qres, i, 8))]);
00257 sqlite_xml_value(sess, XML_ATTR, "session_duration", qres, i, 12);
00258 sqlite_xml_value(sess, XML_NODE, "sessionkey", qres, i, 9);
00259 sqlite_xml_value(sess, XML_NODE, "login", qres, i, 10);
00260 sqlite_xml_value(sess, XML_NODE, "logout", qres, i, 11);
00261 sqlite_xml_value(sess, XML_NODE, "session_closed", qres, i, 13);
00262
00263 tmp1 = xmlNewChild(sess, NULL, (xmlChar *) "connection", NULL);
00264 assert( tmp1 != NULL );
00265 sqlite_xml_value(tmp1, XML_ATTR, "bytes_sent", qres, i, 14);
00266 sqlite_xml_value(tmp1, XML_ATTR, "bytes_received", qres, i, 15);
00267 sqlite_xml_value(tmp1, XML_NODE, "protocol", qres, i, 2);
00268 sqlite_xml_value(tmp1, XML_NODE, "remote_host", qres, i, 3);
00269 sqlite_xml_value(tmp1, XML_NODE, "remote_port", qres, i, 4);
00270 sqlite_xml_value(tmp1, XML_NODE, "vpn_macaddr", qres, i, 5);
00271 sqlite_xml_value(tmp1, XML_NODE, "vpn_ipaddr" , qres, i, 6);
00272 sqlite_xml_value(tmp1, XML_NODE, "vpn_netmask", qres, i, 7);
00273
00274 tmp1 = xmlNewChild(sess, NULL, (xmlChar *) "certificate", NULL);
00275 assert( tmp1 != NULL );
00276 sqlite_xml_value(tmp1, XML_ATTR, "certid", qres, i, 1);
00277 sqlite_xml_value(tmp1, XML_ATTR, "uicid", qres, i, 16);
00278 sqlite_xml_value(tmp1, XML_ATTR, "depth", qres, i, 20);
00279 sqlite_xml_value(tmp1, XML_NODE, "digest", qres, i, 21);
00280
00281 tmp = (xmlChar *)sqlite_get_value(qres, 0, 22);
00282 xmlReplaceChars(tmp, '_', ' ');
00283 xmlNewChild(tmp1, NULL, (xmlChar *) "common_name", tmp);
00284
00285 tmp = (xmlChar *)sqlite_get_value(qres, 0, 23);
00286 xmlReplaceChars(tmp, '_', ' ');
00287 xmlNewChild(tmp1, NULL, (xmlChar *) "organisation", tmp);
00288
00289 sqlite_xml_value(tmp1, XML_NODE, "email", qres, i, 24);
00290
00291 tmp2 = sqlite_xml_value(tmp1, XML_NODE, "access_profile", qres, i, 18);
00292 sqlite_xml_value(tmp2, XML_ATTR, "accessprofile", qres, i, 17);
00293 sqlite_xml_value(tmp2, XML_ATTR, "fwdestination", qres, i, 19);
00294 }
00295 sqlite_free_results(qres);
00296 }
00297
00298 if( infoType & USERINFO_attempts ) {
00299 xmlNode *atmpt = NULL;
00300
00301 qres = sqlite_query(ctx,
00302 "SELECT attempts, registered, last_attempt, atpid"
00303 " FROM openvpn_attempts "
00304 " WHERE username = '%q'", username);
00305
00306 if( (qres == NULL) || (sqlite_get_numtuples(qres) > 1) ) {
00307 eurephia_log(ctx, LOG_ERROR, 0, "Quering for login attempts failed");
00308 sqlite_free_results(qres);
00309 xmlFreeDoc(doc);
00310 return eurephiaXML_ResultMsg(ctx, exmlERROR, NULL,
00311 "Failed to query the login attempts log");
00312 }
00313
00314 atmpt = xmlNewChild(user_n, NULL, (xmlChar *) "attempts", NULL);
00315 assert( atmpt != NULL );
00316
00317 if( sqlite_get_numtuples(qres) == 1 ) {
00318 sqlite_xml_value(atmpt, XML_ATTR, "atpid", qres, 0, 3);
00319 sqlite_xml_value(atmpt, XML_ATTR, "attempts", qres, 0, 0);
00320 sqlite_xml_value(atmpt, XML_NODE, "first_attempt", qres, 0, 1);
00321 sqlite_xml_value(atmpt, XML_NODE, "last_attempt", qres, 0, 2);
00322 }
00323 sqlite_free_results(qres);
00324 }
00325
00326 if( infoType & USERINFO_blacklist ) {
00327 xmlNode *atmpt = NULL;
00328
00329 qres = sqlite_query(ctx,
00330 "SELECT registered, last_accessed, blid"
00331 " FROM openvpn_blacklist "
00332 " WHERE username = '%q'", username);
00333
00334 if( (qres == NULL) || (sqlite_get_numtuples(qres) > 1) ) {
00335 eurephia_log(ctx, LOG_ERROR, 0, "Quering blacklist log failed");
00336 sqlite_free_results(qres);
00337 xmlFreeDoc(doc);
00338 return eurephiaXML_ResultMsg(ctx, exmlERROR, NULL,
00339 "Failed to query the blacklist log");
00340 }
00341
00342 atmpt = xmlNewChild(user_n, NULL, (xmlChar *) "blacklist", NULL);
00343 assert( atmpt != NULL );
00344
00345 if( sqlite_get_numtuples(qres) == 1 ) {
00346 sqlite_xml_value(atmpt, XML_ATTR, "blid", qres, 0, 2);
00347 sqlite_xml_value(atmpt, XML_NODE, "blacklisted", qres, 0, 0);
00348 sqlite_xml_value(atmpt, XML_NODE, "last_accessed", qres, 0, 1);
00349 }
00350 sqlite_free_results(qres);
00351 }
00352
00353 }
00354 sqlite_free_results(uinf);
00355 return doc;
00356 }
00357
00358
00368 static xmlDoc *useracc_add(eurephiaCTX *ctx, eDBfieldMap *usrinf_map) {
00369 xmlDoc *res_d = NULL;
00370 dbresult *res = NULL;
00371
00372 DEBUG(ctx, 21, "Function call: useracc_add(ctx, eDBfieldMap)");
00373 assert( (ctx != NULL) && (usrinf_map != NULL) );
00374
00375 if( (ctx->context_type != ECTX_ADMIN_CONSOLE) && (ctx->context_type != ECTX_ADMIN_WEB) ) {
00376 eurephia_log(ctx, LOG_CRITICAL, 0,
00377 "eurephia admin function call attempted with wrong context type");
00378 return NULL;
00379 }
00380
00381
00382 res = sqlite_query_mapped(ctx, SQL_INSERT, "INSERT INTO openvpn_users", usrinf_map, NULL, NULL);
00383 if( (res == NULL) || (sqlite_get_affected_rows(res) == 0) ) {
00384 eurephia_log(ctx, LOG_FATAL, 0, "Could not register the new user account");
00385 res_d = eurephiaXML_ResultMsg(ctx, exmlERROR, NULL,
00386 "Failed to register the user account");
00387 } else {
00388 xmlChar *uid = malloc_nullsafe(ctx, 34);
00389 xmlNode *info_n = NULL;
00390 assert( uid != NULL );
00391
00392
00393 xmlStrPrintf(uid, 32, (xmlChar *) "%ld", res->last_insert_id);
00394 info_n = xmlNewNode(NULL, (xmlChar *)"UserAccount");
00395 xmlNewProp(info_n, (xmlChar *) "mode", (xmlChar *) "add");
00396 xmlNewProp(info_n, (xmlChar *) "uid", uid);
00397
00398 eurephia_log(ctx, LOG_INFO, 1, "New user account created (uid %i)", res->last_insert_id);
00399 res_d = eurephiaXML_ResultMsg(ctx, exmlRESULT, info_n,
00400 "New user account created with uid %i", res->last_insert_id);
00401 free_nullsafe(ctx, uid);
00402 xmlFreeNode(info_n);
00403 }
00404 sqlite_free_results(res);
00405
00406 return res_d;
00407 }
00408
00409
00420 static xmlDoc *useracc_update(eurephiaCTX *ctx, const int uid, eDBfieldMap *value_map) {
00421 dbresult *uinf = NULL;
00422 xmlDoc *res_d = NULL, *srch_xml = NULL;
00423 xmlNode *srch_n = NULL;
00424 xmlChar *xmluid = NULL;
00425 eDBfieldMap *srch_map = NULL;
00426
00427 DEBUG(ctx, 21, "Function call: useracc_update(ctx, %i, eDBfieldMap)", uid);
00428 assert( (ctx != NULL) && (value_map != NULL) );
00429
00430 if( (ctx->context_type != ECTX_ADMIN_CONSOLE) && (ctx->context_type != ECTX_ADMIN_WEB) ) {
00431 eurephia_log(ctx, LOG_CRITICAL, 0,
00432 "eurephia admin function call attempted with wrong context type");
00433 return NULL;
00434 }
00435
00436
00437 xmluid = (xmlChar *) malloc_nullsafe(ctx, 34);
00438 xmlStrPrintf(xmluid, 32, (xmlChar *) "%ld", uid);
00439 eurephiaXML_CreateDoc(ctx, 1, "fieldMapping", &srch_xml, &srch_n);
00440 xmlNewProp(srch_n, (xmlChar *) "table", (xmlChar *) "users");
00441 xmlNewChild(srch_n, NULL, (xmlChar *) "uid", xmluid);
00442 srch_map = eDBxmlMapping(ctx, tbl_sqlite_users, NULL, srch_n);
00443 assert( srch_map != NULL );
00444
00445
00446 uinf = sqlite_query_mapped(ctx, SQL_UPDATE, "UPDATE openvpn_users", value_map, srch_map, NULL);
00447
00448 if( uinf == NULL ) {
00449 eurephia_log(ctx, LOG_ERROR, 0, "Error querying the database for a user");
00450 eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, "Failed to update user (uid %i)", uid);
00451 } else if( sqlite_get_affected_rows(uinf) == 0 ) {
00452 res_d = eurephiaXML_ResultMsg(ctx, exmlERROR, NULL,
00453 "Could not find any user account with uid %i", uid);
00454 } else {
00455 res_d = eurephiaXML_ResultMsg(ctx, exmlRESULT, NULL,
00456 "User account with uid %i is updated", uid);
00457 }
00458 sqlite_free_results(uinf);
00459 eDBfreeMapping(srch_map);
00460 xmlFreeDoc(srch_xml);
00461 free_nullsafe(ctx, xmluid);
00462
00463 return res_d;
00464 }
00465
00466
00476 static xmlDoc *useracc_delete(eurephiaCTX *ctx, const unsigned int uid) {
00477 xmlDoc *res_d = NULL;
00478 dbresult *res = NULL;
00479
00480 DEBUG(ctx, 21, "Function call: useracc_delete(ctx, %i)", uid);
00481 assert( ctx != NULL );
00482
00483 if( (ctx->context_type != ECTX_ADMIN_CONSOLE) && (ctx->context_type != ECTX_ADMIN_WEB) ) {
00484 eurephia_log(ctx, LOG_CRITICAL, 0,
00485 "eurephia admin function call attempted with wrong context type");
00486 return NULL;
00487 }
00488
00489
00490 res = sqlite_query(ctx, "DELETE FROM openvpn_users WHERE uid = '%i'", uid);
00491 if( res == NULL ) {
00492 eurephia_log(ctx, LOG_FATAL, 0, "Could not delete the user account (uid %i)", uid);
00493 res_d = eurephiaXML_ResultMsg(ctx, exmlERROR, NULL,
00494 "Failed to delete the user account (uid %i)", uid);
00495 } else if( sqlite_get_affected_rows(res) == 0 ) {
00496 res_d = eurephiaXML_ResultMsg(ctx, exmlERROR, NULL,
00497 "Could not find any user account with uid %i", uid);
00498 } else {
00499 res_d = eurephiaXML_ResultMsg(ctx, exmlRESULT, NULL,
00500 "User account with uid %i is deleted", uid);
00501 }
00502 sqlite_free_results(res);
00503 return res_d;
00504 }
00505
00506
00510 xmlDoc *eDBadminUserAccount(eurephiaCTX *ctx, xmlDoc *qryxml) {
00511 xmlDoc *res_d = NULL;
00512 xmlNode *qry_n = NULL, *fmap_n = NULL;
00513 eDBfieldMap *fmap_m = NULL;
00514 char *mode = NULL;
00515 int uid;
00516
00517 DEBUG(ctx, 20, "Function call: eDBadminUserAccount(ctx, xmlDoc)");
00518 assert( (ctx != NULL) && (qryxml != NULL) );
00519
00520 if( (ctx->context_type != ECTX_ADMIN_CONSOLE) && (ctx->context_type != ECTX_ADMIN_WEB) ) {
00521 eurephia_log(ctx, LOG_CRITICAL, 0,
00522 "eurephia admin function call attempted with wrong context type");
00523 return NULL;
00524 }
00525
00526 qry_n = eurephiaXML_getRoot(ctx, qryxml, "UserAccount", 1);
00527 if( qry_n == NULL ) {
00528 eurephia_log(ctx, LOG_ERROR, 0, "Could not find a valid XML for the user account request");
00529 return NULL;
00530 }
00531 mode = xmlGetAttrValue(qry_n->properties, "mode");
00532 if( mode == NULL ) {
00533 eurephia_log(ctx, LOG_ERROR, 0, "Invalid user account request (1).");
00534 return NULL;
00535 }
00536
00537 fmap_n = xmlFindNode(qry_n, "fieldMapping");
00538 if( fmap_n == NULL ) {
00539 eurephia_log(ctx, LOG_ERROR, 0, "Invalid user account request (2).");
00540 return NULL;
00541 }
00542 fmap_m = eDBxmlMapping(ctx, tbl_sqlite_users, "users", fmap_n);
00543 assert(fmap_m != NULL);
00544
00545
00546 uid = atoi_nullsafe(defaultValue(xmlGetAttrValue(qry_n->properties, "uid"), "-1"));
00547
00548 if( strcmp(mode, "view") == 0 ) {
00549 unsigned int flags = atoi_nullsafe(defaultValue(xmlGetNodeContent(qry_n,"extractFlags"),"0"));
00550 const char *sortkeys = xmlGetNodeContent(qry_n, "sortkeys");
00551 res_d = useracc_view(ctx, flags, fmap_m, eDBmkSortKeyString(fmap_m, sortkeys));
00552 } else if( strcmp(mode, "add") == 0 ) {
00553 res_d = useracc_add(ctx, fmap_m);
00554 } else if( strcmp(mode, "update") == 0 ) {
00555 if( uid == -1 ) {
00556 res_d = eurephiaXML_ResultMsg(ctx, exmlERROR, NULL,
00557 "Can not update user account without an uid value");
00558 } else {
00559 res_d = useracc_update(ctx, uid, fmap_m);
00560 }
00561 } else if( strcmp(mode, "delete") == 0 ) {
00562 if( uid == -1 ) {
00563 res_d = eurephiaXML_ResultMsg(ctx, exmlERROR, NULL,
00564 "Can not delete user account without an uid value");
00565 } else {
00566 res_d = useracc_delete(ctx, uid);
00567 }
00568 } else {
00569 eurephia_log(ctx, LOG_ERROR, 0, "UserAccount - Unknown mode: '%s'", mode);
00570 res_d = eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, "Unknown mode '%s'", mode);
00571 }
00572 eDBfreeMapping(fmap_m);
00573
00574 return res_d;
00575 }
00576
00577
00587 xmlDoc *adminacclvl_Get(eurephiaCTX *ctx, eDBfieldMap *fmap) {
00588 dbresult *res = NULL;
00589 int last_uid = -1, i = 0;
00590
00591 xmlDoc *doc = NULL;
00592 xmlNode *root_n = NULL, *rec_n = NULL, *acl_n = NULL, *tmp_n;
00593
00594 DEBUG(ctx, 21, "Function call: adminacclvl_Get(ctx, {fieldMapping})");
00595 assert( (ctx != NULL) && (fmap != NULL) );
00596
00597 if( (ctx->context_type != ECTX_ADMIN_CONSOLE) && (ctx->context_type != ECTX_ADMIN_WEB) ) {
00598 eurephia_log(ctx, LOG_CRITICAL, 0,
00599 "eurephia admin function call attempted with wrong context type");
00600 return 0;
00601 }
00602
00603
00604 res = sqlite_query_mapped(ctx, SQL_SELECT,
00605 "SELECT eac.uid, username, interface, access"
00606 " FROM eurephia_adminaccess eac"
00607 " LEFT JOIN openvpn_users USING(uid)",
00608 NULL, fmap, "uid, interface, access");
00609 if( res == NULL ) {
00610 eurephia_log(ctx, LOG_ERROR, 0, "Error querying the database for a access levels");
00611 return eurephiaXML_ResultMsg(ctx, exmlERROR, NULL,
00612 "Error querying the database for a access levels");
00613 }
00614
00615 eurephiaXML_CreateDoc(ctx, 1, "admin_access_list", &doc, &root_n);
00616 for( i = 0; i < sqlite_get_numtuples(res); i++ ) {
00617 if( last_uid != atoi_nullsafe(sqlite_get_value(res, i, 0)) ) {
00618
00619 rec_n = xmlNewChild(root_n, NULL, (xmlChar *) "user_access", NULL);
00620 last_uid = atoi_nullsafe(sqlite_get_value(res, i, 0));
00621
00622 tmp_n = sqlite_xml_value(rec_n, XML_NODE, "username", res, i, 1);
00623 sqlite_xml_value(tmp_n, XML_ATTR, "uid", res, i, 0);
00624
00625 acl_n = xmlNewChild(rec_n, NULL, (xmlChar *) "access_levels", NULL);
00626 }
00627
00628 tmp_n = sqlite_xml_value(acl_n, XML_NODE, "access", res, i, 3);
00629 sqlite_xml_value(tmp_n, XML_ATTR, "interface", res, i, 2);
00630 }
00631 sqlite_free_results(res);
00632 return doc;
00633 }
00634
00635
00639 xmlDoc *eDBadminAccessLevel(eurephiaCTX *ctx, xmlDoc *qryxml) {
00640 dbresult *sqlres = NULL;
00641 xmlDoc *res_d = NULL;
00642 xmlNode *qry_n = NULL, *fmap_n = NULL;
00643 eDBfieldMap *fmap_m = NULL;
00644 char *mode = NULL;
00645
00646 DEBUG(ctx, 20, "Function call: eDBadminAccessLevel(ctx, xmlDoc)");
00647 assert( (ctx != NULL) && (qryxml != NULL) );
00648
00649 if( (ctx->context_type != ECTX_ADMIN_CONSOLE) && (ctx->context_type != ECTX_ADMIN_WEB) ) {
00650 eurephia_log(ctx, LOG_CRITICAL, 0,
00651 "eurephia admin function call attempted with wrong context type");
00652 return 0;
00653 }
00654
00655 qry_n = eurephiaXML_getRoot(ctx, qryxml, "admin_access", 1);
00656 if( qry_n == NULL ) {
00657 eurephia_log(ctx, LOG_ERROR, 0, "Could not find a valid XML for the user-certs link request");
00658 return 0;
00659 }
00660 mode = xmlGetAttrValue(qry_n->properties, "mode");
00661 if( mode == NULL ) {
00662 eurephia_log(ctx, LOG_ERROR, 0, "Invalid edit admin access request (1).");
00663 return 0;
00664 }
00665
00666 fmap_n = xmlFindNode(qry_n, "fieldMapping");
00667 if( fmap_n == NULL ) {
00668 eurephia_log(ctx, LOG_ERROR, 0, "Invalid edit admin access request (2).");
00669 return 0;
00670 }
00671
00672 fmap_m = eDBxmlMapping(ctx, tbl_sqlite_eurephiaadmacc, NULL, fmap_n);
00673 assert(fmap_m != NULL);
00674
00675 if( strcmp(mode, "grant") == 0 ) {
00676 sqlres = sqlite_query_mapped(ctx, SQL_INSERT, "INSERT INTO eurephia_adminaccess",
00677 fmap_m, NULL, NULL);
00678 if( sqlres && (sqlite_get_affected_rows(sqlres) > 0) ) {
00679 res_d = eurephiaXML_ResultMsg(ctx, exmlRESULT, NULL,
00680 "Access level %s (%s) was granted to uid %s",
00681 eDBmappingGetValue(fmap_m, FIELD_ACCESSLVL),
00682 eDBmappingGetValue(fmap_m, FIELD_INTERFACE),
00683 eDBmappingGetValue(fmap_m, FIELD_UID));
00684 }
00685 } else if( strcmp(mode, "revoke") == 0 ) {
00686 sqlres = sqlite_query_mapped(ctx, SQL_DELETE, "DELETE FROM eurephia_adminaccess",
00687 NULL, fmap_m, NULL);
00688 if( sqlres && (sqlite_get_affected_rows(sqlres) > 0) ) {
00689 res_d = eurephiaXML_ResultMsg(ctx, exmlRESULT, NULL,
00690 "Access level %s (%s) was revoked from uid %s",
00691 eDBmappingGetValue(fmap_m, FIELD_ACCESSLVL),
00692 eDBmappingGetValue(fmap_m, FIELD_INTERFACE),
00693 eDBmappingGetValue(fmap_m, FIELD_UID));
00694 }
00695 } else if( strcmp(mode, "list") == 0 ) {
00696 res_d = adminacclvl_Get(ctx, fmap_m);
00697 }
00698
00699 if( res_d == NULL ) {
00700 eurephia_log(ctx, LOG_ERROR, 0, "Failed to update admin access");
00701 res_d = eurephiaXML_ResultMsg(ctx, exmlERROR, NULL, "Failed to complete %s operation", mode);
00702 }
00703 if( sqlres ) {
00704 sqlite_free_results(sqlres);
00705 }
00706 eDBfreeMapping(fmap_m);
00707
00708 return res_d;
00709 }
1.7.1
