From 61f69f45b0e613806db9ca28ab916107d5cf7713 Mon Sep 17 00:00:00 2001 From: Martin Preuss Date: Mon, 15 Sep 2025 18:04:44 +0200 Subject: [PATCH] More work on aqhome-cgi. --- apps/aqhome-cgi/main.c | 3 +- apps/aqhome-cgi/modules/madmin.c | 115 ++- apps/aqhome-cgi/modules/madmin.h | 6 + apps/aqhome-cgi/modules/mdevices.h | 15 + apps/aqhome-cgi/modules/mmodules.c | 1096 ++++++++++++++++++----- apps/aqhome-cgi/modules/mmodules.h | 10 + apps/aqhome-cgi/modules/mservice.c | 139 ++- apps/aqhome-cgi/modules/mservice.h | 6 + apps/aqhome-cgi/modules/mservice_p.h | 1 + apps/aqhome-cgi/service/moduleperms.t2d | 6 +- apps/aqhome-cgi/service/role.t2d | 7 + apps/aqhome-cgi/service/user.t2d | 4 + 12 files changed, 1166 insertions(+), 242 deletions(-) diff --git a/apps/aqhome-cgi/main.c b/apps/aqhome-cgi/main.c index a53bded..fdef593 100644 --- a/apps/aqhome-cgi/main.c +++ b/apps/aqhome-cgi/main.c @@ -98,6 +98,7 @@ void _handleRequest(AQCGI_REQUEST *rq, const char *sPathStaticFiles, const char rv=_handlePath(sv, rq, sPathStaticFiles); if (rv<0) { + DBG_INFO(NULL, "here (%d)", rv); } AQH_Service_free(sv); } @@ -114,6 +115,7 @@ int _handlePath(AQH_SERVICE *sv, AQCGI_REQUEST *rq, const char *sPathStaticFiles mRoot=AQH_ModRoot_new(sv, sPathStaticFiles); mParent=mRoot; session=AQH_ModService_ReadSession(mRoot, rq); + AQH_ModService_CalcSessionModPerms(mRoot, session); sl=AQCGI_Request_GetStringlistPath(rq); if (sl) { @@ -135,7 +137,6 @@ int _handlePath(AQH_SERVICE *sv, AQCGI_REQUEST *rq, const char *sPathStaticFiles if (m==NULL) { AQH_Session_free(session); AQH_Module_free(mRoot); - AQCGI_SendResponseWithStatus(rq, 404, "Not found"); return GWEN_ERROR_GENERIC; } mParent=m; diff --git a/apps/aqhome-cgi/modules/madmin.c b/apps/aqhome-cgi/modules/madmin.c index 1d7082f..0d123e4 100644 --- a/apps/aqhome-cgi/modules/madmin.c +++ b/apps/aqhome-cgi/modules/madmin.c @@ -36,9 +36,12 @@ * ------------------------------------------------------------------------------------------------ */ +static void _createPermDefList(AQH_MODULE *m); +static void _createRoleList(AQH_MODULE *m); + static AQH_MODULE *_loadSubModule(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, const char *sModuleName); static int _handleRequest(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, const char *sLastPathElem); -static int _handleRqIndex(AQH_MODULE *m, AQCGI_REQUEST *rq); +static int _handleRqIndex(AQH_MODULE *m, AQCGI_REQUEST *rq, GWEN_BUFFER *dbuf); /* ------------------------------------------------------------------------------------------------ @@ -55,6 +58,56 @@ void AQH_ModAdmin_Extend(AQH_MODULE *m, AQH_SERVICE *sv, const char *baseFolder) +int AQH_ModAdmin_Create(AQH_SERVICE *sv) +{ + AQH_MODULE *m; + int rv; + + m=AQH_Module_new(); + AQH_Module_SetName(m, "admin"); + AQH_Module_SetDescr(m, "administration module"); + AQH_Module_SetGuestPerms(m, 0); + + _createPermDefList(m); + _createRoleList(m); + + rv=AQH_Service_AddModule(sv, m); + if (rv<0) { + DBG_INFO(NULL, "here (%d)", rv); + } + AQH_Module_free(m); + return rv; +} + + + +void _createPermDefList(AQH_MODULE *m) +{ + AQH_PERMDEF_LIST *permDefList; + + permDefList=AQH_PermDef_List_new(); + + AQH_ModService_AddPermDef(permDefList, "AdminUsers", 0x001, "User Administration"); + AQH_ModService_AddPermDef(permDefList, "AdminModules", 0x002, "Module Administration"); + + AQH_Module_SetPermDefList(m, permDefList); +} + + + +void _createRoleList(AQH_MODULE *m) +{ + AQH_ROLE_LIST *roleList; + int id=0; + + roleList=AQH_Role_List_new(); + AQH_ModService_AddRole(roleList, id++, "userAdmin", AQH_MODADM_PERMS_ADMINUSERS, "User administrator"); + AQH_ModService_AddRole(roleList, id++, "moduleAdmin", AQH_MODADM_PERMS_ADMINMODULES, "Module administrator"); + AQH_Module_SetRoleList(m, roleList); +} + + + AQH_MODULE *_loadSubModule(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, const char *sModuleName) { AQH_SERVICE *sv; @@ -74,7 +127,7 @@ AQH_MODULE *_loadSubModule(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *sessio AQH_ModAdmModules_Extend(mSub, AQH_ModService_GetService(m), GWEN_Buffer_GetStart(nbuf)); AQH_Module_Tree2_AddChild(m, mSub); - GWEN_Buffer_free(nbuf); + GWEN_Buffer_free(nbuf); return mSub; } } @@ -85,22 +138,60 @@ AQH_MODULE *_loadSubModule(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *sessio int _handleRequest(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, const char *sLastPathElem) { - if (strcasecmp(sLastPathElem, "index.html")==0) - return _handleRqIndex(m, rq); - else { - AQCGI_SendResponseWithStatus(rq, 404, "Not Found"); - return GWEN_ERROR_NOT_IMPLEMENTED; + GWEN_BUFFER *dbuf; + int rv=0; + + dbuf=GWEN_Buffer_new(0, 256, 0, 1); + AQH_ModService_AddHeader(m, "en", dbuf); + + if (strcasecmp(sLastPathElem, "index.html")==0) { + if (AQH_ModService_GetUserPerms(m) & (AQH_MODADM_PERMS_ADMINUSERS | AQH_MODADM_PERMS_ADMINMODULES)) + rv=_handleRqIndex(m, rq, dbuf); + else { + AQCGI_Request_SetResponseCode(rq, 403); + AQCGI_Request_SetResponseText(rq, "Forbidden"); + } } + else { + AQCGI_Request_SetResponseCode(rq, 404); + AQCGI_Request_SetResponseText(rq, "Not Found"); + } + AQH_ModService_AddFooter(m, "en", dbuf); + AQCGI_Request_SetBufferResponseBody(rq, dbuf); + AQCGI_Request_AddResponseHeaderData(rq, "Content-type: text/html"); + + return AQCGI_SendResponse(rq); } -int _handleRqIndex(AQH_MODULE *m, AQCGI_REQUEST *rq) +int _handleRqIndex(AQH_MODULE *m, AQCGI_REQUEST *rq, GWEN_BUFFER *dbuf) { - if (AQCGI_Request_GetRequestMethod(rq)==AQCGI_REQUEST_METHOD_GET) - return AQH_ModService_RespondWithFile(m, rq, "en", "index.html"); - AQCGI_SendResponseWithStatus(rq, 404, "Not Found"); - return GWEN_ERROR_GENERIC; + if (AQCGI_Request_GetRequestMethod(rq)==AQCGI_REQUEST_METHOD_GET) { + uint32_t userPerms; + + GWEN_Buffer_AppendString(dbuf, ""); + userPerms=AQH_ModService_GetUserPerms(m); + if (userPerms & AQH_MODADM_PERMS_ADMINUSERS) + GWEN_Buffer_AppendString(dbuf, + "" + "" + "" + "\n"); + if (userPerms & AQH_MODADM_PERMS_ADMINMODULES) + GWEN_Buffer_AppendString(dbuf, + "" + "" + "" + "\n"); + GWEN_Buffer_AppendString(dbuf, "
User administrationAdd, remove or modify users
Module administrationAdd, remove or modify modules
\n"); + AQCGI_Request_SetResponseCode(rq, 200); + AQCGI_Request_SetResponseText(rq, "Ok"); + return 0; + } + AQCGI_Request_SetResponseCode(rq, 405); + AQCGI_Request_SetResponseText(rq, "Method Not Allowed"); + return 0; } diff --git a/apps/aqhome-cgi/modules/madmin.h b/apps/aqhome-cgi/modules/madmin.h index 488897a..1227936 100644 --- a/apps/aqhome-cgi/modules/madmin.h +++ b/apps/aqhome-cgi/modules/madmin.h @@ -16,8 +16,14 @@ #include +#define AQH_MODADM_PERMS_ADMINUSERS 0x001 +#define AQH_MODADM_PERMS_ADMINMODULES 0x002 + + void AQH_ModAdmin_Extend(AQH_MODULE *m, AQH_SERVICE *sv, const char *baseFolder); +int AQH_ModAdmin_Create(AQH_SERVICE *sv); + diff --git a/apps/aqhome-cgi/modules/mdevices.h b/apps/aqhome-cgi/modules/mdevices.h index e61cbb1..373e365 100644 --- a/apps/aqhome-cgi/modules/mdevices.h +++ b/apps/aqhome-cgi/modules/mdevices.h @@ -18,6 +18,21 @@ #include +#define AQH_MODDEVICES_PERMS_DEVICELIST 0x001 +#define AQH_MODDEVICES_PERMS_DEVICEREAD 0x002 +#define AQH_MODDEVICES_PERMS_DEVICEWRITE 0x004 +#define AQH_MODDEVICES_PERMS_DEVICEADD 0x008 +#define AQH_MODDEVICES_PERMS_DEVICEDEL 0x010 + +#define AQH_MODDEVICES_PERMS_VALUELIST 0x020 +#define AQH_MODDEVICES_PERMS_VALUEREAD 0x040 +#define AQH_MODDEVICES_PERMS_VALUEWRITE 0x080 +#define AQH_MODDEVICES_PERMS_VALUEADD 0x100 +#define AQH_MODDEVICES_PERMS_VALUEDEL 0x200 +#define AQH_MODDEVICES_PERMS_VALUESET 0x400 + + + void AQH_ModDevices_Extend(AQH_MODULE *m, AQH_SERVICE *sv, const char *baseFolder); diff --git a/apps/aqhome-cgi/modules/mmodules.c b/apps/aqhome-cgi/modules/mmodules.c index 05eaf59..6b54f07 100644 --- a/apps/aqhome-cgi/modules/mmodules.c +++ b/apps/aqhome-cgi/modules/mmodules.c @@ -11,7 +11,7 @@ #endif -#include "./madmin.h" +#include "./mmodules.h" #include "aqhome-cgi/service/module.h" @@ -35,17 +35,41 @@ * ------------------------------------------------------------------------------------------------ */ +static void _createPermDefList(AQH_MODULE *m); +static void _createRoleList(AQH_MODULE *m); + static AQH_MODULE *_loadSubModule(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, const char *sModuleName); static int _handleRequest(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, const char *sLastPathElem); static int _handleRqIndex(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf); static int _handleRqEditMod(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf); static int _handleRqEditModGet(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf); static int _handleRqEditModPost(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf); -static int _handleRqEditPerm(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf); -static int _handleRqEditPermGet(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf); -static int _handleRqEditPermPost(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf); +//static int _handleRqEditPerm(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf); +//static int _handleRqEditPermGet(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf); +//static int _handleRqEditPermPost(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf); + +static int _handleRqAddRole(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf); +static int _handleRqAddRoleGet(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf); +static int _handleRqAddRolePost(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf); + +static int _handleRqEditRole(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf); +static int _handleRqEditRoleGet(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf); +static int _handleRqEditRolePost(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf); +static int _getHighestUsedRoleId(const AQH_ROLE_LIST *roleList); + +static int _handleRqDeleteRole(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf); + +static void _writeEditModForm(const AQH_MODULE *currentMod, const char *sModName, GWEN_BUFFER *dbuf); +//static void _writePermDefListToForm(const AQH_PERMDEF_LIST *permDefList, const char *sModName, GWEN_BUFFER *dbuf); +static void _writeRoleListToForm(const AQH_ROLE_LIST *roleList, + const char *sModName, + const AQH_PERMDEF_LIST *permDefList, + GWEN_BUFFER *dbuf); + +static void _setLocationHeaderForMod(AQCGI_REQUEST *rq, const char *page, const char *sModName); static void _writePermissionsToForm(const AQH_PERMDEF_LIST *permDefList, uint32_t perms, GWEN_BUFFER *dbuf); +static void _writeEnabledPermissions(const AQH_PERMDEF_LIST *permDefList, uint32_t perms, GWEN_BUFFER *dbuf); static uint32_t _readPermissionsFromForm(GWEN_DB_NODE *dbPost, const AQH_PERMDEF_LIST *permDefList); @@ -64,6 +88,62 @@ void AQH_ModAdmModules_Extend(AQH_MODULE *m, AQH_SERVICE *sv, const char *baseFo +int AQH_ModAdmModules_Create(AQH_SERVICE *sv) +{ + AQH_MODULE *m; + int rv; + + m=AQH_Module_new(); + AQH_Module_SetName(m, "modules"); + AQH_Module_SetDescr(m, "modules administration module"); + AQH_Module_SetGuestPerms(m, 0); + + _createPermDefList(m); + _createRoleList(m); + + rv=AQH_Service_AddModule(sv, m); + if (rv<0) { + DBG_INFO(NULL, "here (%d)", rv); + } + AQH_Module_free(m); + return rv; +} + + + +void _createPermDefList(AQH_MODULE *m) +{ + AQH_PERMDEF_LIST *permDefList; + + permDefList=AQH_PermDef_List_new(); + + AQH_ModService_AddPermDef(permDefList, "ModuleRead", 0x001, "Read modules"); + AQH_ModService_AddPermDef(permDefList, "ModuleWrite", 0x002, "Modify modules"); + AQH_ModService_AddPermDef(permDefList, "ModuleAdd", 0x004, "Add modules"); + AQH_ModService_AddPermDef(permDefList, "ModuleDel", 0x008, "Remove modules"); + + AQH_Module_SetPermDefList(m, permDefList); +} + + + +void _createRoleList(AQH_MODULE *m) +{ + AQH_ROLE_LIST *roleList; + int id=0; + + roleList=AQH_Role_List_new(); + AQH_ModService_AddRole(roleList, id++, "admin", + AQH_MODADMMODULES_PERMS_MODULESREAD | + AQH_MODADMMODULES_PERMS_MODULESWRITE | + AQH_MODADMMODULES_PERMS_MODULESADD | + AQH_MODADMMODULES_PERMS_MODULESDEL, + "Administrator Role"); + AQH_Module_SetRoleList(m, roleList); +} + + + AQH_MODULE *_loadSubModule(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, const char *sModuleName) { /* no sub-modules */ @@ -75,100 +155,105 @@ AQH_MODULE *_loadSubModule(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *sessio int _handleRequest(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, const char *sLastPathElem) { GWEN_BUFFER *dbuf; - int rv; dbuf=GWEN_Buffer_new(0, 256, 0, 1); AQH_ModService_AddHeader(m, "en", dbuf); if (strcasecmp(sLastPathElem, "index.html")==0) - rv=_handleRqIndex(m, rq, session, dbuf); + _handleRqIndex(m, rq, session, dbuf); else if (strcasecmp(sLastPathElem, "editmodule.html")==0) - rv=_handleRqEditMod(m, rq, session, dbuf); + _handleRqEditMod(m, rq, session, dbuf); +#if 0 else if (strcasecmp(sLastPathElem, "editperm.html")==0) - rv=_handleRqEditPerm(m, rq, session, dbuf); + _handleRqEditPerm(m, rq, session, dbuf); +#endif + else if (strcasecmp(sLastPathElem, "addrole.html")==0) + _handleRqAddRole(m, rq, session, dbuf); + else if (strcasecmp(sLastPathElem, "editrole.html")==0) + _handleRqEditRole(m, rq, session, dbuf); + else if (strcasecmp(sLastPathElem, "delrole.html")==0) + _handleRqDeleteRole(m, rq, session, dbuf); else { - AQH_ModService_AddFooter(m, "en", dbuf); - AQCGI_Request_SetBufferResponseBody(rq, dbuf); - AQCGI_Request_AddResponseHeaderData(rq, "Content-type: text/html"); - AQCGI_SendResponseWithStatus(rq, 404, "Not Found"); - GWEN_Buffer_free(dbuf); - return GWEN_ERROR_NOT_IMPLEMENTED; + AQCGI_Request_SetResponseCode(rq, 404); + AQCGI_Request_SetResponseText(rq, "Not Found"); } AQH_ModService_AddFooter(m, "en", dbuf); AQCGI_Request_SetBufferResponseBody(rq, dbuf); AQCGI_Request_AddResponseHeaderData(rq, "Content-type: text/html"); - if (rv==1) - AQCGI_SendResponseWithStatus(rq, 302, "See other"); - else - AQCGI_SendResponseWithStatus(rq, 200, "Ok"); - GWEN_Buffer_free(dbuf); - return 0; + return AQCGI_SendResponse(rq); } int _handleRqIndex(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf) { - AQH_SERVICE *sv; - GWEN_STRINGLIST *slModules; + uint32_t perms; - sv=AQH_ModService_GetService(m); - slModules=AQH_Service_ListModules(sv); - if (slModules) { - GWEN_STRINGLISTENTRY *se; + perms=AQH_ModService_GetUserPerms(m); + DBG_ERROR(NULL, "Perms=%08x", perms); + if (perms & AQH_MODADMMODULES_PERMS_MODULESREAD) { + AQH_SERVICE *sv; + GWEN_STRINGLIST *slModules; - GWEN_Buffer_AppendString(dbuf, "

Modules

\n"); - GWEN_Buffer_AppendString(dbuf, - "\n" - "" - "" - "" - "" - "" - "" - "" - "\n" - "\n"); - se=GWEN_StringList_FirstEntry(slModules); - while(se) { - const char *sModName; + sv=AQH_ModService_GetService(m); + slModules=AQH_Service_ListModules(sv); + if (slModules) { + GWEN_STRINGLISTENTRY *se; - sModName=GWEN_StringListEntry_Data(se); - if (sModName && *sModName) { - AQH_MODULE *currentMod; + GWEN_Buffer_AppendString(dbuf, "

Modules

\n"); + GWEN_Buffer_AppendString(dbuf, + "
IdNameDescriptionActions
\n" + "" + "\n" + "\n" + "\n"); + se=GWEN_StringList_FirstEntry(slModules); + while(se) { + const char *sModName; - currentMod=AQH_Service_LoadModule(sv, sModName); - if (currentMod) { - const char *s; - const char *sName; + sModName=GWEN_StringListEntry_Data(se); + if (sModName && *sModName) { + AQH_MODULE *currentMod; - sName=AQH_Module_GetName(currentMod); + currentMod=AQH_Service_LoadModule(sv, sModName); + if (currentMod) { + const char *s; + const char *sName; - GWEN_Buffer_AppendString(dbuf, ""); - /* id */ - GWEN_Buffer_AppendArgs(dbuf, "", (unsigned long int) AQH_Module_GetId(currentMod)); + sName=AQH_Module_GetName(currentMod); + GWEN_Buffer_AppendString(dbuf, ""); + GWEN_Buffer_AppendArgs(dbuf, "", (unsigned long int) AQH_Module_GetId(currentMod)); + GWEN_Buffer_AppendArgs(dbuf, "", sName?sName:""); + s=AQH_Module_GetDescr(currentMod); + GWEN_Buffer_AppendArgs(dbuf, "", s?s:""); - GWEN_Buffer_AppendArgs(dbuf, "", sName?sName:""); - - s=AQH_Module_GetDescr(currentMod); - GWEN_Buffer_AppendArgs(dbuf, "", s?s:""); - - GWEN_Buffer_AppendArgs(dbuf, - "", - sName?sName:""); - GWEN_Buffer_AppendArgs(dbuf, "\n"); - AQH_Module_free(currentMod); - } + GWEN_Buffer_AppendString(dbuf, "\n"); + GWEN_Buffer_AppendArgs(dbuf, "\n"); + AQH_Module_free(currentMod); + } + } + se=GWEN_StringListEntry_Next(se); } - se=GWEN_StringListEntry_Next(se); + GWEN_Buffer_AppendString(dbuf, + "\n" + "
IdNameDescriptionActions
%lu
%lu%s%s%s%s
"); + if (perms & AQH_MODADMMODULES_PERMS_MODULESWRITE) + GWEN_Buffer_AppendArgs(dbuf, + "", + sName?sName:""); + GWEN_Buffer_AppendArgs(dbuf, "
\n"); + GWEN_StringList_free(slModules); } - GWEN_Buffer_AppendString(dbuf, - "\n" - "\n"); - GWEN_StringList_free(slModules); + GWEN_Buffer_AppendString(dbuf, "
Add Module"); + AQCGI_Request_SetResponseCode(rq, 200); + AQCGI_Request_SetResponseText(rq, "Ok"); + } + else { + GWEN_Buffer_AppendString(dbuf, "

No permissions to read module list.

"); + AQCGI_Request_SetResponseCode(rq, 200); + AQCGI_Request_SetResponseText(rq, "Ok"); } - GWEN_Buffer_AppendString(dbuf, "
Add Module"); return 0; } @@ -176,14 +261,25 @@ int _handleRqIndex(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_ int _handleRqEditMod(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf) { - if (AQCGI_Request_GetRequestMethod(rq)==AQCGI_REQUEST_METHOD_GET) - return _handleRqEditModGet(m, rq, session, dbuf); - else if (AQCGI_Request_GetRequestMethod(rq)==AQCGI_REQUEST_METHOD_POST) - return _handleRqEditModPost(m, rq, session, dbuf); + uint32_t perms; + + perms=AQH_ModService_GetUserPerms(m); + DBG_ERROR(NULL, "Perms=%08x", perms); + if (perms & AQH_MODADMMODULES_PERMS_MODULESWRITE) { + if (AQCGI_Request_GetRequestMethod(rq)==AQCGI_REQUEST_METHOD_GET) + return _handleRqEditModGet(m, rq, session, dbuf); + else if (AQCGI_Request_GetRequestMethod(rq)==AQCGI_REQUEST_METHOD_POST) + return _handleRqEditModPost(m, rq, session, dbuf); + else { + DBG_ERROR(NULL, "Invalid request method %d", AQCGI_Request_GetRequestMethod(rq)); + AQCGI_Request_SetResponseCode(rq, 405); + AQCGI_Request_SetResponseText(rq, "Method Not Allowed"); + } + } else { - DBG_ERROR(NULL, "Invalid request method %d", AQCGI_Request_GetRequestMethod(rq)); - AQCGI_SendResponseWithStatus(rq, 405, "Method No Allowed"); - return GWEN_ERROR_INVALID; + GWEN_Buffer_AppendString(dbuf, "

No permissions to edit modules.

"); + AQCGI_Request_SetResponseCode(rq, 200); + AQCGI_Request_SetResponseText(rq, "Ok"); } return 0; } @@ -194,185 +290,277 @@ int _handleRqEditModGet(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, { AQH_SERVICE *sv; GWEN_DB_NODE *dbQuery; + const char *sModName; + AQH_MODULE *currentMod; sv=AQH_ModService_GetService(m); dbQuery=AQCGI_Request_GetDbQuery(rq); - if (dbQuery) { - const char *sModName; + sModName=dbQuery?GWEN_DB_GetCharValue(dbQuery, "name", 0, NULL):NULL; + currentMod=(sModName && *sModName)?AQH_Service_LoadModule(sv, sModName):NULL; + if (currentMod) { + _writeEditModForm(currentMod, sModName, dbuf); + AQCGI_Request_SetResponseCode(rq, 200); + AQCGI_Request_SetResponseText(rq, "Ok"); + AQH_Module_free(currentMod); + } + else { + AQCGI_Request_AddResponseHeaderData(rq, "Location: index.html"); + AQCGI_Request_SetResponseCode(rq, 303); + AQCGI_Request_SetResponseText(rq, "See other"); + } + return 0; +} - sModName=GWEN_DB_GetCharValue(dbQuery, "name", 0, NULL); - if (sModName && *sModName) { - AQH_MODULE *currentMod; - currentMod=AQH_Service_LoadModule(sv, sModName); - if (currentMod) { - const char *sName; - const char *sDescr; - const AQH_PERMDEF_LIST *permDefList; - permDefList=AQH_Module_GetPermDefList(currentMod); - sName=AQH_Module_GetName(currentMod); - sDescr=AQH_Module_GetDescr(currentMod); - GWEN_Buffer_AppendString(dbuf, "

Module Info

\n"); - GWEN_Buffer_AppendArgs(dbuf, - "
\n" - "\n" - "" - "" - "" - "\n" - "" - "" - "" - "\n", - sName?sName:"", sDescr?sDescr:""); +void _writeEditModForm(const AQH_MODULE *currentMod, const char *sModName, GWEN_BUFFER *dbuf) +{ + const char *sName; + const char *sDescr; + const AQH_PERMDEF_LIST *permDefList; + const AQH_ROLE_LIST *roleList; - if (permDefList) { - GWEN_Buffer_AppendArgs(dbuf, - "" - "\n" - "" ""); - } + permDefList=AQH_Module_GetPermDefList(currentMod); + roleList=AQH_Module_GetRoleList(currentMod); + sName=AQH_Module_GetName(currentMod); + sDescr=AQH_Module_GetDescr(currentMod); + /* write module info */ + GWEN_Buffer_AppendString(dbuf, "

Module Info

\n"); + GWEN_Buffer_AppendArgs(dbuf, + "\n" + "
"); - _writePermissionsToForm(permDefList, AQH_Module_GetGuestPerms(currentMod), dbuf); - GWEN_Buffer_AppendArgs(dbuf, "
\n" + "" + "" + "" + "\n" + "" + "" + "" + "\n", + sName?sName:"", sDescr?sDescr:""); + + if (permDefList) { + GWEN_Buffer_AppendArgs(dbuf, + "" + "\n" + "" ""); + } + + GWEN_Buffer_AppendString(dbuf, "
"); + _writePermissionsToForm(permDefList, AQH_Module_GetGuestPerms(currentMod), dbuf); + GWEN_Buffer_AppendArgs(dbuf, "
\n"); + + GWEN_Buffer_AppendArgs(dbuf, "\n", sModName?sModName:""); + GWEN_Buffer_AppendString(dbuf, "\n
\n\n"); - GWEN_Buffer_AppendString(dbuf, "\n"); +#if 0 + /* write permission def list */ + GWEN_Buffer_AppendString(dbuf, "

Permission Definitions

\n"); + if (permDefList) + _writePermDefListToForm(permDefList, sModName, dbuf); + else + GWEN_Buffer_AppendString(dbuf, "

none

"); + GWEN_Buffer_AppendArgs(dbuf, + "" + "Add Permission\n", + sModName?sModName:""); +#endif - GWEN_Buffer_AppendArgs(dbuf, "\n", sModName?sModName:""); - GWEN_Buffer_AppendString(dbuf, "\n\n\n"); + /* write role list */ + GWEN_Buffer_AppendString(dbuf, "

User Roles

\n"); + if (roleList) + _writeRoleListToForm(roleList, sModName, permDefList, dbuf); + else + GWEN_Buffer_AppendString(dbuf, "

none

"); + GWEN_Buffer_AppendArgs(dbuf, + "" + "Add Role\n", + sModName?sModName:""); +} - GWEN_Buffer_AppendString(dbuf, "

Permission Definitions

\n"); - if (permDefList) { - const AQH_PERMDEF *permDef; - GWEN_Buffer_AppendString(dbuf, - "\n" - "" - "\n" - "\n" - "\n"); - permDef=AQH_PermDef_List_First(permDefList); - while(permDef) { - const char *sId; - const char *s; - GWEN_Buffer_AppendString(dbuf, ""); - /* id */ - sId=AQH_PermDef_GetId(permDef); - GWEN_Buffer_AppendArgs(dbuf, "", sId?sId:""); - /* mask */ - GWEN_Buffer_AppendArgs(dbuf, "", AQH_PermDef_GetMask(permDef)); - /* description */ - s=AQH_PermDef_GetDescr(permDef); - GWEN_Buffer_AppendArgs(dbuf, "", s?s:""); - /* actions */ - GWEN_Buffer_AppendArgs(dbuf, ""); +#if 0 +void _writePermDefListToForm(const AQH_PERMDEF_LIST *permDefList, const char *sModName, GWEN_BUFFER *dbuf) +{ + const AQH_PERMDEF *permDef; - GWEN_Buffer_AppendString(dbuf, "\n"); + GWEN_Buffer_AppendString(dbuf, + "
IdMaskDescriptionActions
%s0x%x%s"); - GWEN_Buffer_AppendArgs(dbuf, - "" - "", - sModName?sModName:"", sId?sId:""); - GWEN_Buffer_AppendArgs(dbuf, - "" - "", - sModName?sModName:"", sId?sId:""); - GWEN_Buffer_AppendArgs(dbuf, "
\n" + "" + "\n" + "\n" + "\n"); + permDef=AQH_PermDef_List_First(permDefList); + while(permDef) { + const char *sId; + const char *s; - permDef=AQH_PermDef_List_Next(permDef); - } - GWEN_Buffer_AppendString(dbuf, - "\n" - "
IdMaskDescriptionActions
\n"); - } - else { - GWEN_Buffer_AppendString(dbuf, "none"); - } - GWEN_Buffer_AppendArgs(dbuf, - "" - "Add Permission\n", - sModName?sModName:""); + GWEN_Buffer_AppendString(dbuf, ""); + /* id */ + sId=AQH_PermDef_GetId(permDef); + GWEN_Buffer_AppendArgs(dbuf, "%s", sId?sId:""); + /* mask */ + GWEN_Buffer_AppendArgs(dbuf, "0x%x", AQH_PermDef_GetMask(permDef)); + /* description */ + s=AQH_PermDef_GetDescr(permDef); + GWEN_Buffer_AppendArgs(dbuf, "%s", s?s:""); + /* actions */ + GWEN_Buffer_AppendArgs(dbuf, ""); + GWEN_Buffer_AppendArgs(dbuf, + "" + "", + sModName?sModName:"", sId?sId:""); + GWEN_Buffer_AppendArgs(dbuf, + "" + "", + sModName?sModName:"", sId?sId:""); + GWEN_Buffer_AppendArgs(dbuf, ""); - return 0; - } - } + GWEN_Buffer_AppendString(dbuf, "\n"); + + permDef=AQH_PermDef_List_Next(permDef); + } + GWEN_Buffer_AppendString(dbuf, + "\n" + "\n"); +} +#endif + + + +void _writeRoleListToForm(const AQH_ROLE_LIST *roleList, + const char *sModName, + const AQH_PERMDEF_LIST *permDefList, + GWEN_BUFFER *dbuf) +{ + const AQH_ROLE *role; + + GWEN_Buffer_AppendString(dbuf, + "\n" + "" + "\n" + "\n" + "\n"); + role=AQH_Role_List_First(roleList); + while(role) { + uint8_t id; + const char *s; + + GWEN_Buffer_AppendString(dbuf, ""); + /* id */ + id=AQH_Role_GetId(role); + GWEN_Buffer_AppendArgs(dbuf, "", id); + /* name */ + s=AQH_Role_GetName(role); + GWEN_Buffer_AppendArgs(dbuf, "", s?s:""); + /* permissions */ + GWEN_Buffer_AppendString(dbuf, ""); + /* description */ + s=AQH_Role_GetDescr(role); + GWEN_Buffer_AppendArgs(dbuf, "", s?s:""); + /* actions */ + GWEN_Buffer_AppendArgs(dbuf, ""); + + GWEN_Buffer_AppendString(dbuf, "\n"); + role=AQH_Role_List_Next(role); } - AQCGI_Request_AddResponseHeaderData(rq, "Location: index.html"); - return 1; /* redirect */ + GWEN_Buffer_AppendString(dbuf, + "\n" + "
IdNamePermissionsDescriptionActions
%d%s"); + if (permDefList) + _writeEnabledPermissions(permDefList, AQH_Role_GetPerms(role), dbuf); + GWEN_Buffer_AppendString(dbuf, "%s"); + GWEN_Buffer_AppendArgs(dbuf, + "" + "", + sModName?sModName:"", id); + GWEN_Buffer_AppendArgs(dbuf, + "" + "", + sModName?sModName:"", id); + GWEN_Buffer_AppendArgs(dbuf, "
\n"); } + int _handleRqEditModPost(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf) { AQH_SERVICE *sv; GWEN_DB_NODE *dbPost; + const char *sModName; + AQH_MODULE *currentMod; DBG_ERROR(NULL, "Post request received"); sv=AQH_ModService_GetService(m); dbPost=AQCGI_Request_GetDbPostBody(rq); - if (dbPost) { - const char *sModName; + sModName=dbPost?GWEN_DB_GetCharValue(dbPost, "module", 0, NULL):NULL; + currentMod=(sModName && *sModName)?AQH_Service_LoadModule(sv, sModName):NULL; + if (currentMod) { + const char *sNewModName; + const char *sDescr; + int rv; + uint32_t perms; + const AQH_PERMDEF_LIST *permDefList; - sModName=GWEN_DB_GetCharValue(dbPost, "module", 0, NULL); - if (sModName && *sModName) { - AQH_MODULE *currentMod; + permDefList=AQH_Module_GetPermDefList(currentMod); + sNewModName=GWEN_DB_GetCharValue(dbPost, "name", 0, NULL); + sDescr=GWEN_DB_GetCharValue(dbPost, "descr", 0, NULL); + perms=_readPermissionsFromForm(dbPost, permDefList); + if (sNewModName && *sNewModName) + AQH_Module_SetName(currentMod, sNewModName); + AQH_Module_SetDescr(currentMod, sDescr); + AQH_Module_SetGuestPerms(currentMod, perms); - currentMod=AQH_Service_LoadModule(sv, sModName); - if (currentMod) { - const char *sNewModName; - const char *sDescr; - int rv; - uint32_t perms; - const AQH_PERMDEF_LIST *permDefList; - - permDefList=AQH_Module_GetPermDefList(currentMod); - sNewModName=GWEN_DB_GetCharValue(dbPost, "name", 0, NULL); - sDescr=GWEN_DB_GetCharValue(dbPost, "descr", 0, NULL); - perms=_readPermissionsFromForm(dbPost, permDefList); - if (sNewModName && *sNewModName) - AQH_Module_SetName(currentMod, sNewModName); - AQH_Module_SetDescr(currentMod, sDescr); - AQH_Module_SetGuestPerms(currentMod, perms); - rv=AQH_Service_SaveModule(sv, currentMod); - if (rv<0) { - GWEN_Buffer_AppendString(dbuf, "

Error

Error saving module

"); - DBG_ERROR(NULL, "Could not save module \"%s\"", sModName); - return 0; - } - else { - DBG_ERROR(NULL, "Module \"%s\" saved", sModName); - } - AQH_Module_free(currentMod); - } - else { - DBG_ERROR(NULL, "Could not load module \"%s\"", sModName); - } - } - else { - DBG_ERROR(NULL, "No module name"); + rv=AQH_Service_SaveModule(sv, currentMod); + if (rv<0) { + GWEN_Buffer_AppendString(dbuf, "

Error

Error saving module

"); + DBG_ERROR(NULL, "Could not save module \"%s\"", sModName); + AQCGI_Request_SetResponseCode(rq, 200); + AQCGI_Request_SetResponseText(rq, "Ok"); + return 0; } + DBG_ERROR(NULL, "Module \"%s\" saved", sModName); + AQH_Module_free(currentMod); + AQCGI_Request_AddResponseHeaderData(rq, "Location: index.html"); + AQCGI_Request_SetResponseCode(rq, 303); + AQCGI_Request_SetResponseText(rq, "See other"); } else { - DBG_ERROR(NULL, "dbPost missing"); + DBG_ERROR(NULL, "Could not load module \"%s\"", sModName?sModName:""); + GWEN_Buffer_AppendString(dbuf, "

Error loading module.

\n"); + AQCGI_Request_SetResponseCode(rq, 200); + AQCGI_Request_SetResponseText(rq, "Ok"); } - AQCGI_Request_AddResponseHeaderData(rq, "Location: index.html"); - return 1; /* redirect! */ + return 0; } - +#if 0 int _handleRqEditPerm(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf) { - if (AQCGI_Request_GetRequestMethod(rq)==AQCGI_REQUEST_METHOD_GET) - return _handleRqEditPermGet(m, rq, session, dbuf); - else if (AQCGI_Request_GetRequestMethod(rq)==AQCGI_REQUEST_METHOD_POST) - return _handleRqEditPermPost(m, rq, session, dbuf); + uint32_t perms; + + perms=AQH_ModService_GetUserPerms(m); + DBG_ERROR(NULL, "Perms=%08x", perms); + if (perms & AQH_MODADMMODULES_PERMS_MODULESWRITE) { + if (AQCGI_Request_GetRequestMethod(rq)==AQCGI_REQUEST_METHOD_GET) + return _handleRqEditPermGet(m, rq, session, dbuf); + else if (AQCGI_Request_GetRequestMethod(rq)==AQCGI_REQUEST_METHOD_POST) + return _handleRqEditPermPost(m, rq, session, dbuf); + else { + DBG_ERROR(NULL, "Invalid request method %d", AQCGI_Request_GetRequestMethod(rq)); + AQCGI_SendResponseWithStatus(rq, 405, "Method Not Allowed"); + AQCGI_Request_SetResponseCode(rq, 405); + AQCGI_Request_SetResponseText(rq, "Method Not Allowed"); + } + } else { - DBG_ERROR(NULL, "Invalid request method %d", AQCGI_Request_GetRequestMethod(rq)); - AQCGI_SendResponseWithStatus(rq, 405, "Method Not Allowed"); - return GWEN_ERROR_INVALID; + GWEN_Buffer_AppendString(dbuf, "

No permissions to edit modules.

"); + AQCGI_Request_SetResponseCode(rq, 200); + AQCGI_Request_SetResponseText(rq, "Ok"); } return 0; } @@ -425,16 +613,15 @@ int _handleRqEditPermGet(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_Buffer_AppendArgs(dbuf, "\n", sId?sId:""); GWEN_Buffer_AppendString(dbuf, "\n"); GWEN_Buffer_AppendString(dbuf, "\n\n"); + AQCGI_Request_SetResponseCode(rq, 200); + AQCGI_Request_SetResponseText(rq, "Ok"); return 0; } else { - GWEN_BUFFER *tbuf; - - tbuf=GWEN_Buffer_new(0, 256, 0, 1); - GWEN_Buffer_AppendArgs(tbuf, "Location: editmodule.html?name=%s", sModName?sModName:""); - AQCGI_Request_AddResponseHeaderData(rq, GWEN_Buffer_GetStart(tbuf)); - GWEN_Buffer_free(tbuf); - return 1; /* redirect */ + _setLocationHeaderForMod(rq, "editmodule.html", sModName); + AQCGI_Request_SetResponseCode(rq, 303); + AQCGI_Request_SetResponseText(rq, "See Other"); + return 0; } } @@ -455,7 +642,6 @@ int _handleRqEditPermPost(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session AQH_PERMDEF *permDef; long int i; int rv; - GWEN_BUFFER *tbuf; /* sample data */ sv=AQH_ModService_GetService(m); @@ -492,11 +678,449 @@ int _handleRqEditPermPost(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session return 0; } + _setLocationHeaderForMod(rq, "editmodule.html", sModName); + AQCGI_Request_SetResponseCode(rq, 303); + AQCGI_Request_SetResponseText(rq, "See Other"); + return 0; +} +#endif + + + +int _handleRqAddRole(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf) +{ + uint32_t perms; + + perms=AQH_ModService_GetUserPerms(m); + DBG_ERROR(NULL, "Perms=%08x", perms); + if (perms & AQH_MODADMMODULES_PERMS_MODULESWRITE) { + if (AQCGI_Request_GetRequestMethod(rq)==AQCGI_REQUEST_METHOD_GET) + return _handleRqAddRoleGet(m, rq, session, dbuf); + else if (AQCGI_Request_GetRequestMethod(rq)==AQCGI_REQUEST_METHOD_POST) + return _handleRqAddRolePost(m, rq, session, dbuf); + else { + DBG_ERROR(NULL, "Invalid request method %d", AQCGI_Request_GetRequestMethod(rq)); + AQCGI_SendResponseWithStatus(rq, 405, "Method Not Allowed"); + AQCGI_Request_SetResponseCode(rq, 405); + AQCGI_Request_SetResponseText(rq, "Method Not Allowed"); + } + } + else { + GWEN_Buffer_AppendString(dbuf, "

No permissions to edit modules.

"); + AQCGI_Request_SetResponseCode(rq, 200); + AQCGI_Request_SetResponseText(rq, "Ok"); + } + return 0; +} + + + +int _handleRqAddRoleGet(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf) +{ + AQH_SERVICE *sv; + GWEN_DB_NODE *dbQuery; + const char *sModName; + AQH_MODULE *currentMod; + const AQH_PERMDEF_LIST *permDefList; + uint32_t guestPerms; + + sv=AQH_ModService_GetService(m); + dbQuery=AQCGI_Request_GetDbQuery(rq); + sModName=dbQuery?GWEN_DB_GetCharValue(dbQuery, "mod", 0, NULL):NULL; + currentMod=(sModName && *sModName)?AQH_Service_LoadModule(sv, sModName):NULL; + guestPerms=currentMod?AQH_Module_GetGuestPerms(currentMod):0; + permDefList=currentMod?AQH_Module_GetPermDefList(currentMod):NULL; + + if (permDefList) { + GWEN_Buffer_AppendArgs(dbuf, "

Add Role for Module %s

\n", sModName?sModName:""); + GWEN_Buffer_AppendString(dbuf, + "
\n" + "\n" + "" + "" + "" + "" + "" + "" + "\n"); + + GWEN_Buffer_AppendString(dbuf, "\n"); + +#if 0 + GWEN_Buffer_AppendString(dbuf, "\n"); + + GWEN_Buffer_AppendString(dbuf, "\n"); +#endif + + GWEN_Buffer_AppendString(dbuf, "
"); + _writePermissionsToForm(permDefList, guestPerms, dbuf); + GWEN_Buffer_AppendString(dbuf, "
"); + _writePermissionsToForm(permDefList, 0, dbuf); + GWEN_Buffer_AppendString(dbuf, "
"); + _writePermissionsToForm(permDefList, 0, dbuf); + GWEN_Buffer_AppendString(dbuf, "
\n"); + GWEN_Buffer_AppendArgs(dbuf, "\n", sModName?sModName:""); + GWEN_Buffer_AppendString(dbuf, "\n"); + GWEN_Buffer_AppendString(dbuf, "
\n\n"); + AQCGI_Request_SetResponseCode(rq, 200); + AQCGI_Request_SetResponseText(rq, "Ok"); + } + else { + GWEN_Buffer_AppendString(dbuf, "

Please add permission definitions first.

\n"); + GWEN_Buffer_AppendArgs(dbuf, "

back to module

\n", sModName?sModName:""); + AQCGI_Request_SetResponseCode(rq, 200); + AQCGI_Request_SetResponseText(rq, "Ok"); + } + return 0; +} + + + +int _handleRqAddRolePost(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf) +{ + AQH_SERVICE *sv; + GWEN_DB_NODE *dbPost; + const char *sModName; + AQH_MODULE *currentMod; + int newId; + const char *sName; + const char *sDescr; + uint32_t perms; +#if 0 + uint32_t explAddPerms; + uint32_t explDelPerms; +#endif + AQH_PERMDEF_LIST *permDefList; + AQH_ROLE_LIST *roleList; + AQH_ROLE *role; + int rv; + + /* sample data */ + DBG_ERROR(NULL, "Handling POST request"); + sv=AQH_ModService_GetService(m); + dbPost=AQCGI_Request_GetDbPostBody(rq); + sModName=dbPost?GWEN_DB_GetCharValue(dbPost, "mod", 0, NULL):NULL; + currentMod=(sModName && *sModName)?AQH_Service_LoadModule(sv, sModName):NULL; + permDefList=currentMod?AQH_Module_GetPermDefList(currentMod):NULL; + roleList=currentMod?AQH_Module_GetRoleList(currentMod):NULL; + /* read role values */ + newId=(roleList?_getHighestUsedRoleId(roleList):0)+1; + sName=dbPost?GWEN_DB_GetCharValue(dbPost, "name", 0, NULL):NULL; + sDescr=dbPost?GWEN_DB_GetCharValue(dbPost, "descr", 0, NULL):NULL; + perms=(dbPost && permDefList)?_readPermissionsFromForm(dbPost, permDefList):0; + + /* validate */ + if (!(sName && *sName)) { + DBG_ERROR(NULL, "Missing value for \"name\""); + GWEN_Buffer_AppendString(dbuf, "

Missing name.

\n"); + GWEN_Buffer_AppendArgs(dbuf, "

back to module

\n", sModName?sModName:""); + AQCGI_Request_SetResponseCode(rq, 200); + AQCGI_Request_SetResponseText(rq, "Ok"); + return 0; + } + + /* set new values */ + role=AQH_Role_new(); + AQH_Role_SetId(role, newId); + AQH_Role_SetName(role, sName); + AQH_Role_SetDescr(role, sDescr); + AQH_Role_SetPerms(role, perms); + /* add role */ + if (roleList==NULL) { + roleList=AQH_Role_List_new(); + AQH_Module_SetRoleList(currentMod, roleList); + } + AQH_Role_List_Add(role, roleList); + + /* save module */ + rv=AQH_Service_SaveModule(sv, currentMod); + if (rv<0) { + GWEN_Buffer_AppendString(dbuf, "

Error saving module.

\n"); + GWEN_Buffer_AppendArgs(dbuf, "

back to module

\n", sModName?sModName:""); + AQCGI_Request_SetResponseCode(rq, 200); + AQCGI_Request_SetResponseText(rq, "Ok"); + return 0; + } + + _setLocationHeaderForMod(rq, "editmodule.html", sModName); + AQCGI_Request_SetResponseCode(rq, 303); + AQCGI_Request_SetResponseText(rq, "See Other"); + return 0; +} + + + +int _getHighestUsedRoleId(const AQH_ROLE_LIST *roleList) +{ + int id=0; + + if (roleList) { + const AQH_ROLE *role; + + role=AQH_Role_List_First(roleList); + while(role) { + int rid; + + rid=AQH_Role_GetId(role); + id=(rid>id)?rid:id; + role=AQH_Role_List_Next(role); + } + } + return id; +} + + + +int _handleRqEditRole(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf) +{ + uint32_t perms; + + perms=AQH_ModService_GetUserPerms(m); + DBG_ERROR(NULL, "Perms=%08x", perms); + if (perms & AQH_MODADMMODULES_PERMS_MODULESWRITE) { + if (AQCGI_Request_GetRequestMethod(rq)==AQCGI_REQUEST_METHOD_GET) + return _handleRqEditRoleGet(m, rq, session, dbuf); + else if (AQCGI_Request_GetRequestMethod(rq)==AQCGI_REQUEST_METHOD_POST) + return _handleRqEditRolePost(m, rq, session, dbuf); + else { + DBG_ERROR(NULL, "Invalid request method %d", AQCGI_Request_GetRequestMethod(rq)); + AQCGI_Request_SetResponseCode(rq, 405); + AQCGI_Request_SetResponseText(rq, "Method Not Allowed"); + } + } + else { + GWEN_Buffer_AppendString(dbuf, "

No permissions to edit modules.

"); + AQCGI_Request_SetResponseCode(rq, 200); + AQCGI_Request_SetResponseText(rq, "Ok"); + } + return 0; +} + + + +int _handleRqEditRoleGet(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf) +{ + AQH_SERVICE *sv; + GWEN_DB_NODE *dbQuery; + const char *sModName; + int id; + const char *sName; + const char *sDescr; + uint32_t perms; +#if 0 + uint32_t explAddPerms; + uint32_t explDelPerms; +#endif + AQH_MODULE *currentMod; + const AQH_PERMDEF_LIST *permDefList; + const AQH_ROLE_LIST *roleList; + const AQH_ROLE *role; + + sv=AQH_ModService_GetService(m); + dbQuery=AQCGI_Request_GetDbQuery(rq); + sModName=dbQuery?GWEN_DB_GetCharValue(dbQuery, "mod", 0, NULL):NULL; + id=dbQuery?GWEN_DB_GetIntValue(dbQuery, "id", 0, 0):0; + currentMod=(sModName && *sModName)?AQH_Service_LoadModule(sv, sModName):NULL; + permDefList=currentMod?AQH_Module_GetPermDefList(currentMod):NULL; + roleList=currentMod?AQH_Module_GetRoleList(currentMod):NULL; + role=roleList?AQH_Role_List_GetById(roleList, id):NULL; + sName=role?AQH_Role_GetName(role):NULL; + sDescr=role?AQH_Role_GetDescr(role):NULL; + perms=role?AQH_Role_GetPerms(role):0; +#if 0 + explAddPerms=role?AQH_Role_GetExplAddPerms(role):0; + explDelPerms=role?AQH_Role_GetExplDelPerms(role):0; +#endif + + if (role) { + GWEN_Buffer_AppendArgs(dbuf, "

Edit Role for Module %s

\n", sModName?sModName:""); + GWEN_Buffer_AppendArgs(dbuf, + "
\n" + "\n" + "\n" + "" + "" + "\n" + "" + "" + "" + "\n", + sName, sDescr?sDescr:""); + + GWEN_Buffer_AppendString(dbuf, "\n"); + +#if 0 + GWEN_Buffer_AppendString(dbuf, "\n"); + + GWEN_Buffer_AppendString(dbuf, "\n"); +#endif + + GWEN_Buffer_AppendString(dbuf, "
"); + _writePermissionsToForm(permDefList, perms, dbuf); + GWEN_Buffer_AppendString(dbuf, "
"); + _writePermissionsToForm(permDefList, explAddPerms, dbuf); + GWEN_Buffer_AppendString(dbuf, "
"); + _writePermissionsToForm(permDefList, explDelPerms, dbuf); + GWEN_Buffer_AppendString(dbuf, "
\n"); + + GWEN_Buffer_AppendArgs(dbuf, "\n", sModName?sModName:""); + GWEN_Buffer_AppendArgs(dbuf, "\n", id); + GWEN_Buffer_AppendString(dbuf, "\n"); + GWEN_Buffer_AppendString(dbuf, "
\n\n"); + } + else { + GWEN_Buffer_AppendString(dbuf, "

Role not found.

\n"); + GWEN_Buffer_AppendArgs(dbuf, "

back to module

\n", sModName?sModName:""); + } + AQCGI_Request_SetResponseCode(rq, 200); + AQCGI_Request_SetResponseText(rq, "Ok"); + return 0; +} + + + +int _handleRqEditRolePost(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf) +{ + AQH_SERVICE *sv; + GWEN_DB_NODE *dbPost; + const char *sModName; + AQH_MODULE *currentMod; + int oldId; + const char *sName; + const char *sDescr; + uint32_t perms; +#if 0 + uint32_t explAddPerms; + uint32_t explDelPerms; +#endif + AQH_PERMDEF_LIST *permDefList; + AQH_ROLE_LIST *roleList; + AQH_ROLE *role; + int rv; + + /* sample data */ + sv=AQH_ModService_GetService(m); + dbPost=AQCGI_Request_GetDbPostBody(rq); + sModName=dbPost?GWEN_DB_GetCharValue(dbPost, "mod", 0, NULL):NULL; + currentMod=(sModName && *sModName)?AQH_Service_LoadModule(sv, sModName):NULL; + permDefList=currentMod?AQH_Module_GetPermDefList(currentMod):NULL; + roleList=currentMod?AQH_Module_GetRoleList(currentMod):NULL; + /* read role data */ + oldId=dbPost?GWEN_DB_GetIntValue(dbPost, "oldId", 0, -1):-1; + sName=dbPost?GWEN_DB_GetCharValue(dbPost, "name", 0, NULL):NULL; + sDescr=dbPost?GWEN_DB_GetCharValue(dbPost, "descr", 0, NULL):NULL; + role=roleList?AQH_Role_List_GetById(roleList, oldId):NULL; + perms=(dbPost && permDefList)?_readPermissionsFromForm(dbPost, permDefList):0; + + /* validate */ + if (!(sName && *sName)) { + DBG_ERROR(NULL, "Missing value for \"name\""); + GWEN_Buffer_AppendString(dbuf, "

Missing name.

\n"); + GWEN_Buffer_AppendArgs(dbuf, "

back to module

\n", sModName?sModName:""); + AQCGI_Request_SetResponseCode(rq, 200); + AQCGI_Request_SetResponseText(rq, "Ok"); + return 0; + } + if (role==NULL) { + DBG_ERROR(NULL, "Role %d not found", oldId); + GWEN_Buffer_AppendString(dbuf, "

Role not found.

\n"); + GWEN_Buffer_AppendArgs(dbuf, "

back to module

\n", sModName?sModName:""); + AQCGI_Request_SetResponseCode(rq, 200); + AQCGI_Request_SetResponseText(rq, "Ok"); + return 0; + } + + /* set new values */ + AQH_Role_SetName(role, sName); + AQH_Role_SetDescr(role, sDescr); + AQH_Role_SetPerms(role, perms); + + /* save module */ + rv=AQH_Service_SaveModule(sv, currentMod); + if (rv<0) { + GWEN_Buffer_AppendString(dbuf, "

Error saving module.

\n"); + GWEN_Buffer_AppendArgs(dbuf, "

back to module

\n", sModName?sModName:""); + AQCGI_Request_SetResponseCode(rq, 200); + AQCGI_Request_SetResponseText(rq, "Ok"); + return 0; + } + + _setLocationHeaderForMod(rq, "editmodule.html", sModName); + AQCGI_Request_SetResponseCode(rq, 303); + AQCGI_Request_SetResponseText(rq, "See Other"); + return 0; +} + + + +int _handleRqDeleteRole(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf) +{ + uint32_t perms; + + perms=AQH_ModService_GetUserPerms(m); + DBG_ERROR(NULL, "Perms=%08x", perms); + if (perms & AQH_MODADMMODULES_PERMS_MODULESWRITE) { + AQH_SERVICE *sv; + GWEN_DB_NODE *dbQuery; + const char *sModName; + int id; + AQH_MODULE *currentMod; + const AQH_ROLE_LIST *roleList; + AQH_ROLE *role; + + sv=AQH_ModService_GetService(m); + dbQuery=AQCGI_Request_GetDbQuery(rq); + sModName=dbQuery?GWEN_DB_GetCharValue(dbQuery, "mod", 0, NULL):NULL; + id=dbQuery?GWEN_DB_GetIntValue(dbQuery, "id", 0, 0):0; + currentMod=(sModName && *sModName)?AQH_Service_LoadModule(sv, sModName):NULL; + roleList=currentMod?AQH_Module_GetRoleList(currentMod):NULL; + role=roleList?AQH_Role_List_GetById(roleList, id):NULL; + + if (role) { + int rv; + + AQH_Role_List_Del(role); + AQH_Role_free(role); + + /* save module */ + rv=AQH_Service_SaveModule(sv, currentMod); + if (rv<0) { + GWEN_Buffer_AppendString(dbuf, "

Error saving module.

\n"); + GWEN_Buffer_AppendArgs(dbuf, "

back to module

\n", sModName?sModName:""); + AQCGI_Request_SetResponseCode(rq, 200); + AQCGI_Request_SetResponseText(rq, "Ok"); + return 0; + } + + _setLocationHeaderForMod(rq, "editmodule.html", sModName); + AQCGI_Request_SetResponseCode(rq, 303); + AQCGI_Request_SetResponseText(rq, "See Other"); + } + else { + GWEN_Buffer_AppendString(dbuf, "

Role not found.

\n"); + GWEN_Buffer_AppendArgs(dbuf, "

back to module

\n", sModName?sModName:""); + AQCGI_Request_SetResponseCode(rq, 200); + AQCGI_Request_SetResponseText(rq, "Ok"); + } + } + else { + GWEN_Buffer_AppendString(dbuf, "

No permissions to edit modules.

"); + AQCGI_Request_SetResponseCode(rq, 200); + AQCGI_Request_SetResponseText(rq, "Ok"); + } + return 0; +} + + + +void _setLocationHeaderForMod(AQCGI_REQUEST *rq, const char *page, const char *sModName) +{ + GWEN_BUFFER *tbuf; + tbuf=GWEN_Buffer_new(0, 256, 0, 1); - GWEN_Buffer_AppendArgs(tbuf, "Location: editmodule.html?name=%s", sModName?sModName:""); + GWEN_Buffer_AppendArgs(tbuf, "Location: %s?name=%s", page?page:"", sModName?sModName:""); AQCGI_Request_AddResponseHeaderData(rq, GWEN_Buffer_GetStart(tbuf)); GWEN_Buffer_free(tbuf); - return 1; /* redirect */ } @@ -508,6 +1132,9 @@ int _handleRqEditPermPost(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session + + + void _writePermissionsToForm(const AQH_PERMDEF_LIST *permDefList, uint32_t perms, GWEN_BUFFER *dbuf) { if (permDefList) { @@ -533,6 +1160,27 @@ void _writePermissionsToForm(const AQH_PERMDEF_LIST *permDefList, uint32_t perms +void _writeEnabledPermissions(const AQH_PERMDEF_LIST *permDefList, uint32_t perms, GWEN_BUFFER *dbuf) +{ + if (permDefList) { + const AQH_PERMDEF *permDef; + + permDef=AQH_PermDef_List_First(permDefList); + while(permDef) { + const char *s; + uint32_t mask; + + s=AQH_PermDef_GetId(permDef); + mask=AQH_PermDef_GetMask(permDef); + if (perms & mask) + GWEN_Buffer_AppendArgs(dbuf, "%s ", s?s:""); + permDef=AQH_PermDef_List_Next(permDef); + } + } +} + + + uint32_t _readPermissionsFromForm(GWEN_DB_NODE *dbPost, const AQH_PERMDEF_LIST *permDefList) { uint32_t result=0; diff --git a/apps/aqhome-cgi/modules/mmodules.h b/apps/aqhome-cgi/modules/mmodules.h index 16f56bb..fca173b 100644 --- a/apps/aqhome-cgi/modules/mmodules.h +++ b/apps/aqhome-cgi/modules/mmodules.h @@ -16,8 +16,18 @@ #include + +#define AQH_MODADMMODULES_PERMS_MODULESREAD 0x001 +#define AQH_MODADMMODULES_PERMS_MODULESWRITE 0x002 +#define AQH_MODADMMODULES_PERMS_MODULESADD 0x004 +#define AQH_MODADMMODULES_PERMS_MODULESDEL 0x008 + + + void AQH_ModAdmModules_Extend(AQH_MODULE *m, AQH_SERVICE *sv, const char *baseFolder); +int AQH_ModAdmModules_Create(AQH_SERVICE *sv); + diff --git a/apps/aqhome-cgi/modules/mservice.c b/apps/aqhome-cgi/modules/mservice.c index 4e68ebe..26326cf 100644 --- a/apps/aqhome-cgi/modules/mservice.c +++ b/apps/aqhome-cgi/modules/mservice.c @@ -44,6 +44,8 @@ GWEN_INHERIT(AQH_MODULE, AQH_MOD_SERVICE) */ static void GWENHYWFAR_CB _freeData(void *bp, void *p); +static void _calcUserModPerms(AQH_MODULE *m, const AQH_USER *user); +static uint32_t _calcRolePerms(const AQH_MODULE *m, const AQH_MODULE_PERMS *modPerms); @@ -106,6 +108,21 @@ const char *AQH_ModService_GetBaseFolder(const AQH_MODULE *m) +uint32_t AQH_ModService_GetUserPerms(const AQH_MODULE *m) +{ + if (m) { + AQH_MOD_SERVICE *xm; + + xm=GWEN_INHERIT_GETDATA(AQH_MODULE, AQH_MOD_SERVICE, m); + if (xm) { + return xm->userPerms; + } + } + return 0; +} + + + void AQH_ModService_SetHandleRequestFn(AQH_MODULE *m, AQH_MODSERVICE_HANDLEREQUEST_FN fn) { if (m) { @@ -252,8 +269,14 @@ AQH_MODULE *AQH_ModService_LoadSubModule(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_S AQH_MOD_SERVICE *xm; xm=GWEN_INHERIT_GETDATA(AQH_MODULE, AQH_MOD_SERVICE, m); - if (xm && xm->loadSubModuleFn) - return xm->loadSubModuleFn(m, rq, session, sModuleName); + if (xm && xm->loadSubModuleFn) { + AQH_MODULE *mReturn; + + mReturn=xm->loadSubModuleFn(m, rq, session, sModuleName); + if (mReturn) + AQH_ModService_CalcSessionModPerms(mReturn, session); + return mReturn; + } } return NULL; } @@ -323,6 +346,9 @@ AQH_SESSION *AQH_ModService_ReadSession(AQH_MODULE *m, AQCGI_REQUEST *rq) AQH_Session_free(session); return NULL; } + else { + DBG_ERROR(NULL, "User is \"%s\"", sUserName); + } AQH_Session_SetUser(session, user); } return session; @@ -336,6 +362,115 @@ AQH_SESSION *AQH_ModService_ReadSession(AQH_MODULE *m, AQCGI_REQUEST *rq) +void AQH_ModService_CalcSessionModPerms(AQH_MODULE *m, const AQH_SESSION *session) +{ + const AQH_USER *user; + + user=session?AQH_Session_GetUser(session):NULL; + _calcUserModPerms(m, user); +} + + + +void _calcUserModPerms(AQH_MODULE *m, const AQH_USER *user) +{ + if (m) { + AQH_MOD_SERVICE *xm; + + xm=GWEN_INHERIT_GETDATA(AQH_MODULE, AQH_MOD_SERVICE, m); + if (xm) { + uint32_t perms=0; + + if (user) { + if (AQH_User_GetFlags(user) & AQH_USER_FLAGS_ADMIN) + perms=0xffffffff; + else { + const char *sModName; + const AQH_MODULE_PERMS_LIST *modPermsList; + AQH_MODULE_PERMS *modPerms; + + sModName=AQH_Module_GetName(m); + modPermsList=AQH_User_GetModulePermList(user); + modPerms=(sModName && modPermsList)?AQH_ModulePerms_List_GetByModuleId(modPermsList, sModName):NULL; + if (modPerms) + perms=_calcRolePerms(m, modPerms); + else + perms=AQH_Module_GetGuestPerms(m); + } + } /* if (user) */ + else + perms=AQH_Module_GetGuestPerms(m); + xm->userPerms=perms; + } + } /* if (m) */ +} + + + +uint32_t _calcRolePerms(const AQH_MODULE *m, const AQH_MODULE_PERMS *modPerms) +{ + uint32_t perms=0; + const AQH_ROLE_LIST *roleList; + + roleList=AQH_Module_GetRoleList(m); + if (roleList) { + int roleArraySize; + int i; + uint32_t explAddPerms=0; + uint32_t explDelPerms=0; + + roleArraySize=AQH_ModulePerms_GetRoleArrayArraySize(); + for (i=0; i - + 0 0 public with_getbymember - + 0 0 public - + 0 0 public diff --git a/apps/aqhome-cgi/service/role.t2d b/apps/aqhome-cgi/service/role.t2d index da88084..a6b5b94 100644 --- a/apps/aqhome-cgi/service/role.t2d +++ b/apps/aqhome-cgi/service/role.t2d @@ -43,6 +43,13 @@ own + + 0 + 0 + public + own + + 0 0 diff --git a/apps/aqhome-cgi/service/user.t2d b/apps/aqhome-cgi/service/user.t2d index 946dad2..b8398c2 100644 --- a/apps/aqhome-cgi/service/user.t2d +++ b/apps/aqhome-cgi/service/user.t2d @@ -32,6 +32,10 @@ + + + +