diff options
| author | Karl 'vollmerk' Vollmer <vollmer@ampache.org> | 2009-01-31 23:48:46 +0000 |
|---|---|---|
| committer | Karl 'vollmerk' Vollmer <vollmer@ampache.org> | 2009-01-31 23:48:46 +0000 |
| commit | 1891fd835cc3cd60d7c3a2ec8bf90b51ca261bf0 (patch) | |
| tree | ff43d8cdfef537a33f87076a2fdab8fc897bcbe8 | |
| parent | 75d22768ec66353cc2e28489865acbba002b0aae (diff) | |
| download | ampache-1891fd835cc3cd60d7c3a2ec8bf90b51ca261bf0.tar.gz ampache-1891fd835cc3cd60d7c3a2ec8bf90b51ca261bf0.tar.bz2 ampache-1891fd835cc3cd60d7c3a2ec8bf90b51ca261bf0.zip | |
ACL with IPv6 should be working / testing now
| -rw-r--r-- | admin/access.php | 68 | ||||
| -rw-r--r-- | lib/class/access.class.php | 45 | ||||
| -rw-r--r-- | templates/show_add_access.inc.php | 2 | ||||
| -rw-r--r-- | templates/show_add_access_current.inc.php | 2 | ||||
| -rw-r--r-- | templates/show_add_access_local.inc.php | 8 | ||||
| -rw-r--r-- | templates/show_add_access_rpc.inc.php | 8 | ||||
| -rw-r--r-- | templates/show_edit_access.inc.php | 48 |
7 files changed, 142 insertions, 39 deletions
diff --git a/admin/access.php b/admin/access.php index 6ffaa167..0fa88a15 100644 --- a/admin/access.php +++ b/admin/access.php @@ -35,9 +35,70 @@ switch ($_REQUEST['action']) { show_confirmation(_('Deleted'),_('Your Access List Entry has been removed'),$url); break; case 'add_host': - Access::create($_POST); - $url = Config::get('web_path') . '/admin/access.php'; - show_confirmation(_('Added'),_('Your new Access List Entry has been created'),$url); + + // Make sure we've got a valid form submission + if (!Core::form_verify('add_acl','post')) { + access_denied(); + exit; + } + + // We need to pre-process this a little bit as stuff is coming in from all over + switch ($_GET['method']) { + case 'advanced': + Access::create($_POST); + break; + case 'local': + $_POST['type'] = 'network'; + Access::create($_POST); + + // Create Additional stuff based on the type + if ($_POST['addtype'] == 'streamnetwork' OR $_POST['addtype'] == 'allnetwork') { + $_POST['type'] = 'stream'; + Access::create($_POST); + } + if ($_POST['addtype'] == 'allnetwork') { + $_POST['type'] = 'interface'; + Access::create($_POST); + } + break; + case 'current': + $_POST['type'] = 'interface'; + Access::create($_POST); + $_POST['type'] = 'stream'; + Access::create($_POST); + break; + case 'rpc': + $_POST['type'] = 'rpc'; + Access::create($_POST); + + // Create Additional stuff based on the type + if ($_POST['addtype'] == 'streamrpc' OR $_POST['addtype'] == 'allrpc') { + $_POST['type'] = 'stream'; + Access::create($_POST); + } + if ($_POST['addtype'] == 'allrpc') { + $_POST['type'] = 'interface'; + Access::create($_POST); + } + break; + default: + // Do nothing they f'ed something up + break; + } // end switch on method + + if (!Error::occurred()) { + $url = Config::get('web_path') . '/admin/access.php'; + show_confirmation(_('Added'),_('Your new Access Control List(s) have been created'),$url); + } + else { + switch ($_GET['method']) { + case 'rpc': require_once Config::get('prefix') . '/templates/show_add_access_rpc.inc.php'; break; + case 'local': require_once Config::get('prefix') . '/templates/show_add_access_local.inc.php'; break; + case 'current': require_once Config::get('prefix') . '/templates/show_add_access_current.inc.php'; break; + case 'advanced': require_once Config::get('prefix') . '/templates/show_add_access.inc.php'; break; + default: require_once Config::get('prefix') . '/templates/show_access_list.inc.php'; break; + } + } break; case 'update_record': $access = new Access($_REQUEST['access_id']); @@ -58,6 +119,7 @@ switch ($_REQUEST['action']) { break; case 'show_edit_record': $access = new Access($_REQUEST['access_id']); + $access->format(); require_once Config::get('prefix') . '/templates/show_edit_access.inc.php'; break; default: diff --git a/lib/class/access.class.php b/lib/class/access.class.php index 9f8e6016..28a98073 100644 --- a/lib/class/access.class.php +++ b/lib/class/access.class.php @@ -120,9 +120,27 @@ class Access { public static function create($data) { /* We need to verify the incomming data a littlebit */ + $start = @inet_pton($data['start']); + $end = @inet_pton($data['end']); - $start = Dba::escape(inet_pton($data['start'])); - $end = Dba::escape(inet_pton($data['end'])); + if (!$start AND $data['start'] != '0.0.0.0' AND $data['start'] != '::') { + Error::add('start',_('Invalid IPv4 / IPv6 Address Entered')); + return false; + } + if (!$end) { + Error::add('end',_('Invalid IPv4 / IPv6 Address Entered')); + return false; + } + + // Check existing ACL's to make sure we're not duplicating values here + if (self::exists($data)) { + debug_event('ACL Create','Error did not create duplicate ACL entrie for ' . $data['start'] . ' - ' . $data['end'],'1'); + return false; + } + + + $start = Dba::escape($start); + $end = Dba::escape($end); $name = Dba::escape($data['name']); $key = Dba::escape($data['key']); $user = $data['user'] ? Dba::escape($data['user']) : '-1'; @@ -139,6 +157,29 @@ class Access { } // create /** + * exists + * this sees if the ACL that we've specified already exists, prevent duplicates. This ignores the name + */ + public static function exists($data) { + + $start = Dba::escape(inet_pton($data['start'])); + $end = Dba::escape(inet_pton($data['end'])); + $type = self::validate_type($data['type']); + $user = $data['user'] ? Dba::escape($data['user']) : '-1'; + + $sql = "SELECT * FROM `access_list` WHERE `start`='$start' AND `end` = '$end' " . + "AND `type`='$type' AND `user`='$user'"; + $db_results = Dba::read($sql); + + if (Dba::fetch_assoc($db_results)) { + return true; + } + + return false; + + } // exists + + /** * delete * deletes the specified access_list entry */ diff --git a/templates/show_add_access.inc.php b/templates/show_add_access.inc.php index 79d3de38..d2e537c5 100644 --- a/templates/show_add_access.inc.php +++ b/templates/show_add_access.inc.php @@ -20,7 +20,7 @@ */ ?> <?php show_box_top(_('Advanced Add')); ?> -<form name="update_catalog" method="post" enctype="multipart/form-data" action="<?php echo Config::get('web_path'); ?>/admin/access.php?action=add_host"> +<form name="update_catalog" method="post" enctype="multipart/form-data" action="<?php echo Config::get('web_path'); ?>/admin/access.php?action=add_host&method=advanced"> <table class="tabledata" cellpadding="5" cellspacing="0"> <tr> <td><?php echo _('Name'); ?>:</td> diff --git a/templates/show_add_access_current.inc.php b/templates/show_add_access_current.inc.php index e999ad57..64e9e5eb 100644 --- a/templates/show_add_access_current.inc.php +++ b/templates/show_add_access_current.inc.php @@ -20,7 +20,7 @@ */ ?> <?php show_box_top(_('Add Current Host')); ?> -<form name="update_catalog" method="post" enctype="multipart/form-data" action="<?php echo Config::get('web_path'); ?>/admin/access.php?action=add_host"> +<form name="update_catalog" method="post" enctype="multipart/form-data" action="<?php echo Config::get('web_path'); ?>/admin/access.php?action=add_host&method=current"> <table class="tabledata" cellpadding="5" cellspacing="0"> <tr> <td><?php echo _('Name'); ?>:</td> diff --git a/templates/show_add_access_local.inc.php b/templates/show_add_access_local.inc.php index f7332f9d..cb6f4d43 100644 --- a/templates/show_add_access_local.inc.php +++ b/templates/show_add_access_local.inc.php @@ -20,7 +20,7 @@ */ ?> <?php show_box_top(_('Add Local Network Definition')); ?> -<form name="update_catalog" method="post" enctype="multipart/form-data" action="<?php echo Config::get('web_path'); ?>/admin/access.php?action=add_host"> +<form name="update_catalog" method="post" enctype="multipart/form-data" action="<?php echo Config::get('web_path'); ?>/admin/access.php?action=add_host&method=local"> <table class="tabledata" cellpadding="5" cellspacing="0"> <tr> <td><?php echo _('Name'); ?>:</td> @@ -47,9 +47,9 @@ <tr> <td valign="top"><?php echo _('Type'); ?>:</td> <td colspan="3"> - <input type="radio" name="type" value="network" /><?php echo _('Local Network Definition'); ?><br /> - <input type="radio" name="type" value="streamnetwork" /><?php echo _('Local Network Definition'); ?> + <?php echo _('Stream Access'); ?> + <?php echo _('Web Interface'); ?><br /> - <input type="radio" name="type" value="allnetwork" checked="checked" /><?php echo _('Local Network Definition'); ?> + <?php echo _('All'); ?><br /> + <input type="radio" name="addtype" value="network" /><?php echo _('Local Network Definition'); ?><br /> + <input type="radio" name="addtype" value="streamnetwork" /><?php echo _('Local Network Definition'); ?> + <?php echo _('Stream Access'); ?> + <?php echo _('Web Interface'); ?><br /> + <input type="radio" name="addtype" value="allnetwork" checked="checked" /><?php echo _('Local Network Definition'); ?> + <?php echo _('All'); ?><br /> </td> </tr> <tr> diff --git a/templates/show_add_access_rpc.inc.php b/templates/show_add_access_rpc.inc.php index c23bfb36..c4600562 100644 --- a/templates/show_add_access_rpc.inc.php +++ b/templates/show_add_access_rpc.inc.php @@ -20,7 +20,7 @@ */ ?> <?php show_box_top(_('Add API / RPC Host')); ?> -<form name="update_catalog" method="post" enctype="multipart/form-data" action="<?php echo Config::get('web_path'); ?>/admin/access.php?action=add_host"> +<form name="update_catalog" method="post" enctype="multipart/form-data" action="<?php echo Config::get('web_path'); ?>/admin/access.php?action=add_host&method=rpc"> <table class="tabledata" cellpadding="5" cellspacing="0"> <tr> <td><?php echo _('Name'); ?>:</td> @@ -47,9 +47,9 @@ <tr> <td valign="top"><?php echo _('Type'); ?>:</td> <td colspan="3"> - <input type="radio" name="type" value="rpc" /><?php echo _('RPC'); ?><br /> - <input type="radio" name="type" value="streamrpc" checked="checked" /><?php echo _('RPC'); ?> + <?php echo _('Stream Access'); ?><br /> - <input type="radio" name="type" value="allrpc" /><?php echo _('RPC'); ?> + <?php echo _('All'); ?> + <input type="radio" name="addtype" value="rpc" /><?php echo _('RPC'); ?><br /> + <input type="radio" name="addtype" value="streamrpc" checked="checked" /><?php echo _('RPC'); ?> + <?php echo _('Stream Access'); ?><br /> + <input type="radio" name="addtype" value="allrpc" /><?php echo _('RPC'); ?> + <?php echo _('All'); ?> </td> </tr> <tr> diff --git a/templates/show_edit_access.inc.php b/templates/show_edit_access.inc.php index 9aa6c25e..72404892 100644 --- a/templates/show_edit_access.inc.php +++ b/templates/show_edit_access.inc.php @@ -1,7 +1,7 @@ <?php /* - Copyright (c) 2001 - 2007 Ampache.org + Copyright (c) Ampache.org All rights reserved. This program is free software; you can redistribute it and/or @@ -19,16 +19,16 @@ */ ?> -<?php show_box_top(_('Edit ACL')); ?> -<form name="edit_access" method="post" enctype="multipart/form-data" action="<?php echo Config::get('web_path'); ?>/admin/access.php?action=update_record&access_id=<?php echo intval($access->id); ?>"> +<?php show_box_top(_('Edit Access Control List')); ?> +<form name="edit_access" method="post" enctype="multipart/form-data" action="<?php echo Config::get('web_path'); ?>/admin/access.php?action=update_record&access_id=<?php echo intval($access->id); ?>"> <table class="table-data"> <tr> <td><?php echo _('Name'); ?>: </td> - <td><input type="text" name="name" value="<?php echo scrub_out($access->name); ?>" /></td> + <td colspan="3"><input type="text" name="name" value="<?php echo scrub_out($access->name); ?>" /></td> </tr> <tr> <td><?php echo _('ACL Type'); ?>: </td> - <td> + <td colspan="3"> <select name="type"> <?php $name = 'sl_' . $access->type; ${$name} = ' selected="selected"'; ?> <option value="stream"<?php echo $sl_stream; ?>><?php echo _('Stream Access'); ?></option> @@ -40,46 +40,46 @@ </tr> <tr> - <td><?php echo _('Start IP Address'); ?>:</td> - <td> - <input type="text" name="start" value="<?php echo long2ip($access->start); ?>" size="20" maxlength="15" /> - <span class="information">(0.0.0.0)</span> - </td> + <td colspan="4"><h3><?php echo _('IPv4 or IPv6 Addresses'); ?></h3> + <span class="information">(255.255.255.255) / (ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff)</span> + </td> </tr> <tr> - <td><?php echo _('End IP Address'); ?>:</td> + <td><?php echo _('Start'); ?>:</td> + <td> + <input type="text" name="start" value="<?php echo $access->f_start; ?>" size="20" maxlength="15" /> + </td> + <td><?php echo _('End'); ?>:</td> <td> - <input type="text" name="end" value="<?php echo long2ip($access->end); ?>" size="20" maxlength="15" /> - <span class="information">(0.0.0.0)</span> + <input type="text" name="end" value="<?php echo $access->f_end; ?>" size="20" maxlength="15" /> </td> </tr> <tr> <td><?php echo _('User'); ?>:</td> - <td> + <td colspan="3"> <?php show_user_select('user',$access->user); ?> </td> </tr> <tr> <td><?php echo _('Remote Key'); ?></td> - <td> + <td colspan="3"> <input type="text" name="key" value="<?php echo scrub_out($access->key); ?>" size="32" maxlength="32" /> </td> </tr> <tr> <td><?php echo _('Level'); ?>:</td> - <td> - <select name="level"> - <?php $name = 'level_' . $access->level; ${$name} = 'selected="selected"'; ?> - <option value="5" <?php echo $level_5; ?>><?php echo _('View'); ?></option> - <option value="25" <?php echo $level_25; ?>><?php echo _('Read'); ?></option> - <option value="50" <?php echo $level_50; ?>><?php echo _('Read/Write'); ?></option> - <option value="75" <?php echo $level_75; ?>><?php echo _('All'); ?></option> - </select> + <td colspan="3"> + <?php $name = 'level_' . $access->level; ${$name} = 'checked="checked"'; ?> + <input type="radio" name="level" value="5" <?php echo $level_5; ?>><?php echo _('View'); ?> + <input type="radio" name="level" value="25" <?php echo $level_25; ?>><?php echo _('Read'); ?> + <input type="radio" name="level" value="50" <?php echo $level_50; ?>><?php echo _('Read/Write'); ?> + <input type="radio" name="level" value="75" <?php echo $level_75; ?>><?php echo _('All'); ?> </td> </tr> </table> <div class="formValidation"> - <input type="submit" value="<?php echo _('Update'); ?>" /> + <?php Core::form_register('edit_acl'); ?> + <input type="submit" value="<?php echo _('Update'); ?>" /> </div> </form> <?php show_box_bottom(); ?> |