Inicio Explorar Axuda
Iniciar sesión
rajven
/
Eye
réplica de https://github.com/rajven/Eye
1
0
Fork 0
Ficheiros Incidencias 0 Wiki
Explorar o código

fixed update user auth rules

Roman Dmitriev hai 1 ano
pai
80b6fbac1e
achega
675a71bbde
Modificáronse 5 ficheiros con 67 adicións e 32 borrados
Unificar vista Mostrar estatísticas de Diff
  1. 5 9
      html/admin/users/edit_rules.php
  2. 4 0
      html/admin/users/editauth.php
  3. 8 20
      html/admin/users/edituser.php
  4. 43 0
      html/inc/common.php
  5. 7 3
      scripts/garbage.pl

+ 5 - 9
html/admin/users/edit_rules.php
Ver ficheiro 

@@ -30,10 +30,10 @@ if (isset($_POST['s_save'])) {
 
             if (intval($_POST['n_id'][$j]) != $save_id) { continue; }
 
             if (intval($_POST['n_id'][$j]) != $save_id) { continue; }
 
             $new['type'] = $_POST['s_type'][$j];
 
             $new['type'] = $_POST['s_type'][$j];
 
             $new['rule'] = trim($_POST['s_rule'][$j]);
 
             $new['rule'] = trim($_POST['s_rule'][$j]);
 
-            if ($new['type'] ==2) { 
-                $new['rule'] = mac_dotted($new['rule']); 
+            if ($new['type'] ==2) {
 
+                $new['rule'] = mac_dotted($new['rule']);
 
                 }
 
                 }
 
-            update_record($db_link, "auth_rules", "id='{$save_id}'", $new);
 
+	    update_auth_rule($db_link,$new['rule'],$new['type'],$save_id);
 
         }
 
         }
 
     }
 
     }
 
     header("Location: " . $_SERVER["REQUEST_URI"]);
 
     header("Location: " . $_SERVER["REQUEST_URI"]);
 
@@ -43,12 +43,8 @@ if (isset($_POST['s_save'])) {
 
 if (isset($_POST["s_create"])) {
 
 if (isset($_POST["s_create"])) {
 
     $new_rule = $_POST["s_new_rule"];
 
     $new_rule = $_POST["s_new_rule"];
 
     if (isset($new_rule)) {
 
     if (isset($new_rule)) {
 
-        $new['type'] = $_POST["s_new_type"];
 
-        $new['rule'] = $new_rule;
 
-        $new['user_id'] = $id;
 
-        LOG_INFO($db_link, "Create new rule $new_rule");
 
-        insert_record($db_link, "auth_rules", $new);
 
-    }
 
+	add_auth_rule($db_link,$new_rule,$_POST["s_new_type"],$id);
 
+	}
 
     header("Location: " . $_SERVER["REQUEST_URI"]);
 
     header("Location: " . $_SERVER["REQUEST_URI"]);
 
     exit;
 
     exit;
 
 }
 
 }

+ 4 - 0
html/admin/users/editauth.php
Ver ficheiro 

@@ -6,6 +6,10 @@ require_once($_SERVER['DOCUMENT_ROOT'] . "/inc/idfilter.php");
 
 $msg_error = "";
 
 $msg_error = "";
 
 
 
 $old_auth_info = get_record_sql($db_link, "SELECT * FROM User_auth WHERE id=" . $id);
 
 $old_auth_info = get_record_sql($db_link, "SELECT * FROM User_auth WHERE id=" . $id);
 
+if (empty($old_auth_info)) {
 
+    header("Location: /admin/");
 
+    }
 
+
 
 $parent_id = $old_auth_info['user_id'];
 
 $parent_id = $old_auth_info['user_id'];
 
 
 
 $user_info = get_record_sql($db_link, "SELECT * FROM User_list WHERE id=" . $parent_id);
 
 $user_info = get_record_sql($db_link, "SELECT * FROM User_list WHERE id=" . $parent_id);

+ 8 - 20
html/admin/users/edituser.php
Ver ficheiro 

@@ -12,6 +12,10 @@ $msg_error = "";
 
 $sSQL = "SELECT * FROM User_list WHERE id=$id";
 
 $sSQL = "SELECT * FROM User_list WHERE id=$id";
 
 $user_info = get_record_sql($db_link, $sSQL);
 
 $user_info = get_record_sql($db_link, $sSQL);
 
 
 
+if (empty($user_info)) {
 
+    header("Location: /admin/");
 
+    }
 
+
 
 if (isset($_POST["edituser"])) {
 
 if (isset($_POST["edituser"])) {
 
     unset($new);
 
     unset($new);
 
     $new["ou_id"] = $_POST["f_ou"] * 1;
 
     $new["ou_id"] = $_POST["f_ou"] * 1;
 
@@ -46,16 +50,8 @@ if (isset($_POST["addMacRule"])) {
 
     unset($new);
 
     unset($new);
 
     $first_auth = get_record_sql($db_link,"SELECT mac FROM User_auth WHERE user_id=".$id." AND deleted=0 AND LENGTH(mac)>0 ORDER BY id");
 
     $first_auth = get_record_sql($db_link,"SELECT mac FROM User_auth WHERE user_id=".$id." AND deleted=0 AND LENGTH(mac)>0 ORDER BY id");
 
     if (!empty($first_auth) and !empty($first_auth['mac'])) {
 
     if (!empty($first_auth) and !empty($first_auth['mac'])) {
 
-        $auth_rules_user = get_record_sql($db_link,"SELECT * FROM auth_rules WHERE user_id=".$id." AND type=2");
 
-        $auth_rules_mac = get_record_sql($db_link,"SELECT * FROM auth_rules WHERE rule='".$first_auth['mac']."' AND type=2");
 
-        if (empty($auth_rules_user) and empty($auth_rules_mac)) {
 
-            $new['user_id']=$id;
 
-            $new['type']=2;
 
-            $new['rule']=$first_auth['mac'];
 
-	        insert_record($db_link,"auth_rules",$new);
 
-	        LOG_INFO($db_link,"Create auto rule at id: ".$id." login: ".$user_info["login"]." for mac ".$first_auth['mac']);
 
-            }
 
-	    }
 
+	add_auth_rule($db_link,$first_auth['mac'],2,$id);
 
+        }
 
     header("Location: " . $_SERVER["REQUEST_URI"]);
 
     header("Location: " . $_SERVER["REQUEST_URI"]);
 
     exit;
 
     exit;
 
 }
 
 }
 
@@ -71,16 +67,8 @@ if (isset($_POST["addIPRule"])) {
 
     unset($new);
 
     unset($new);
 
     $first_auth = get_record_sql($db_link,"SELECT ip FROM User_auth WHERE user_id=".$id." AND deleted=0 AND LENGTH(ip)>0 ORDER BY id");
 
     $first_auth = get_record_sql($db_link,"SELECT ip FROM User_auth WHERE user_id=".$id." AND deleted=0 AND LENGTH(ip)>0 ORDER BY id");
 
     if (!empty($first_auth) and !empty($first_auth['ip'])) {
 
     if (!empty($first_auth) and !empty($first_auth['ip'])) {
 
-        $auth_rules_user = get_record_sql($db_link,"SELECT * FROM auth_rules WHERE user_id=".$id." AND type=1");
 
-        $auth_rules_ip = get_record_sql($db_link,"SELECT * FROM auth_rules WHERE rule='".$first_auth['ip']."' AND type=1");
 
-        if (empty($auth_rules_user) and empty($auth_rules_ip)) {
 
-            $new['user_id']=$id;
 
-            $new['type']=1;
 
-            $new['rule']=$first_auth['ip'];
 
-	        insert_record($db_link,"auth_rules",$new);
 
-	        LOG_INFO($db_link,"Create auto rule id: ".$id." login: ".$user_info["login"]." for ip ".$first_auth['ip']);
 
-            }
 
-	    }
 
+	add_auth_rule($db_link,$first_auth['ip'],1,$id);
 
+        }
 
     header("Location: " . $_SERVER["REQUEST_URI"]);
 
     header("Location: " . $_SERVER["REQUEST_URI"]);
 
     exit;
 
     exit;
 
 }
 
 }

+ 43 - 0
html/inc/common.php
Ver ficheiro 

@@ -1604,6 +1604,11 @@ function clean_dns_cache($db)
 
     run_sql($db, "DELETE FROM dns_cache WHERE `timestamp`<='" . $clean_date . "'");
 
     run_sql($db, "DELETE FROM dns_cache WHERE `timestamp`<='" . $clean_date . "'");
 
 }
 
 }
 
 
 
+function clean_unreferensed_rules($db)
 
+{
 
+    run_sql($db, "DELETE FROM `auth_rules` WHERE user_id NOT IN (SELECT id FROM User_list)");
 
+}
 
+
 
 function FormatDateStr($format = 'Y-m-d H:i:s', $date_str)
 
 function FormatDateStr($format = 'Y-m-d H:i:s', $date_str)
 
 {
 
 {
 
     $date1 = GetDateTimeFromString($date_str);
 
     $date1 = GetDateTimeFromString($date_str);
 
@@ -2007,6 +2012,43 @@ function get_auth_mac($db, $current_auth)
 
     return $result;
 
     return $result;
 
 }
 
 }
 
 
 
+function add_auth_rule($db,$rule,$type,$user_id) 
+{
 
+$new['user_id']=$user_id;
 
+$new['type']=$type;
 
+$new['rule']=$rule;
 
+$rule_id=0;
 
+$auth_rules = get_record_sql($db,"SELECT * FROM auth_rules WHERE rule='".$rule."' AND type=".$type);
 
+if (empty($auth_rules)) {
 
+    $rule_id = insert_record($db,"auth_rules",$new);
 
+    LOG_INFO($db,"Create auto rule for user_id: ".$user_id." rule: ".$rule." type: ".$type);
 
+    } else {
 
+    if ($auth_rules['user_id'] === $user_id) {
 
+	$rule_id = update_record($db, "auth_rules", "id=".$auth_rules['id'], $new);
 
+        LOG_INFO($db,"Replaced auto rule for user_id: ".$user_id." rule: ".$rule." type: ".$type);
 
+	} else {
 
+        LOG_WARNING($db,"Create auto rule for user_id: ".$user_id." rule: ".$rule." type: ".$type." failed! Already exists at user_id: ".$auth_rules['user_id']);
 
+	$rule_id=0;
 
+	}
 
+    }
 
+return $rule_id;
 
+}
 
+
 
+function update_auth_rule($db,$rule,$type,$rule_id)
 
+{
 
+$new['type']=$type;
 
+$new['rule']=$rule;
 
+$rule_id=0;
 
+$auth_rules = get_record_sql($db,"SELECT * FROM auth_rules WHERE rule='".$rule."' AND type=".$type." AND id<>".$rule_id);
 
+if (empty($auth_rules)) {
 
+    $rule_id = update_record($db, "auth_rules", "id=".$rule_id, $new);
 
+    } else {
 
+    LOG_WARNING($db,"Create auto rule id: ".$rule_id." rule: ".$rule." type: ".$type." failed! Already exists at user_id: ".$auth_rules['user_id']);
 
+    $rule_id=0;
 
+    }
 
+return $rule_id;
 
+}
 
+
 
 function isRO($db, $table)
 
 function isRO($db, $table)
 
 {
 
 {
 
     $result = 1;
 
     $result = 1;
 
@@ -4948,6 +4990,7 @@ if (empty($ou)) {
 
 $config["init"] = 1;
 
 $config["init"] = 1;
 
 
 
 clean_dns_cache($db_link);
 
 clean_dns_cache($db_link);
 
+clean_unreferensed_rules($db_link);
 
 
 
 snmp_set_valueretrieval(SNMP_VALUE_LIBRARY);
 
 snmp_set_valueretrieval(SNMP_VALUE_LIBRARY);
 
 snmp_set_enum_print(1);
 
 snmp_set_enum_print(1);

+ 7 - 3
scripts/garbage.pl
Ver ficheiro 

@@ -194,10 +194,11 @@ if ($user_device) {
 
     }
 
     }
 
 }
 
 }
 
 
 
-##### clean empty user account and corresponded devices if there are no rules for automatic linking ################
 
+##### clean empty user account and corresponded devices ################
 
 if ($config_ref{clean_empty_user}) {
 
 if ($config_ref{clean_empty_user}) {
 
-    db_log_info($dbh,'Clearing empty user account and corresponded devices if there are no rules for automatic linking');
 
-    my $u_sql = "SELECT * FROM User_list as U WHERE (SELECT COUNT(*) FROM User_auth WHERE User_auth.deleted=0 AND User_auth.user_id = U.id)=0 AND (SELECT COUNT(*) FROM auth_rules WHERE auth_rules.user_id = U.id)=0";
 
+    db_log_info($dbh,'Clearing empty user account and corresponded devices');
 
+#    my $u_sql = "SELECT * FROM User_list as U WHERE (SELECT COUNT(*) FROM User_auth WHERE User_auth.deleted=0 AND User_auth.user_id = U.id)=0 AND (SELECT COUNT(*) FROM auth_rules WHERE auth_rules.user_id = U.id)=0";
 
+    my $u_sql = "SELECT * FROM User_list as U WHERE (SELECT COUNT(*) FROM User_auth WHERE User_auth.deleted=0 AND User_auth.user_id = U.id)=0";
 
     my @u_ref = get_records_sql($dbh,$u_sql);
 
     my @u_ref = get_records_sql($dbh,$u_sql);
 
     foreach my $row (@u_ref) {
 
     foreach my $row (@u_ref) {
 
         do_sql($dbh,"DELETE FROM User_list WHERE id='".$row->{id}."'");
 
         do_sql($dbh,"DELETE FROM User_list WHERE id='".$row->{id}."'");
 
@@ -215,6 +216,9 @@ if ($config_ref{clean_empty_user}) {
 
         }
 
         }
 
     }
 
     }
 
 
 
+##### Remove unreferensed auth rules
 
+do_sql($dbh, "DELETE FROM `auth_rules` WHERE user_id NOT IN (SELECT id FROM User_list)");
 
+
 
 ##### unknown mac clean ############
 
 ##### unknown mac clean ############
 
 db_log_info($dbh,'Clearing unknown mac if it found in current User_auth table');
 
 db_log_info($dbh,'Clearing unknown mac if it found in current User_auth table');
 
 $users_sql = "SELECT mac FROM User_auth WHERE deleted=0";
 
 $users_sql = "SELECT mac FROM User_auth WHERE deleted=0";