/**************************************************************************** * This file is part of the project AqHome. * AqHome (c) by 2025 Martin Preuss, all rights reserved. * * The license for this file can be found in the file COPYING which you * should have received along with this file. ****************************************************************************/ #ifdef HAVE_CONFIG_H # include #endif #include "./mmodules.h" #include "aqhome-cgi/service/module.h" #include #include /* ------------------------------------------------------------------------------------------------ * defs and enums * ------------------------------------------------------------------------------------------------ */ /* ------------------------------------------------------------------------------------------------ * global vars * ------------------------------------------------------------------------------------------------ */ /* ------------------------------------------------------------------------------------------------ * forward declarations * ------------------------------------------------------------------------------------------------ */ static void _createPermDefList(AQH_MODULE *m); static void _createRoleList(AQH_MODULE *m); static AQH_MODULE *_loadSubModule(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, const char *sModuleName); static int _handleRequest(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, const char *sLastPathElem); static int _handleRqIndex(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf); static int _handleRqEditMod(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf); static int _handleRqEditModGet(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf); static int _handleRqEditModPost(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf); static int _handleRqAddRole(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf); static int _handleRqAddRoleGet(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf); static int _handleRqAddRolePost(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf); static int _handleRqEditRole(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf); static int _handleRqEditRoleGet(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf); static int _handleRqEditRolePost(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf); static int _getHighestUsedRoleId(const AQH_ROLE_LIST *roleList); static int _handleRqDeleteRole(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf); static void _writeEditModForm(const AQH_MODULE *currentMod, const char *sModName, GWEN_BUFFER *dbuf); static void _writeRoleListToForm(const AQH_ROLE_LIST *roleList, const char *sModName, const AQH_PERMDEF_LIST *permDefList, GWEN_BUFFER *dbuf); static void _setLocationHeaderForMod(AQCGI_REQUEST *rq, const char *page, const char *sModName); static void _writePermissionsToForm(const AQH_PERMDEF_LIST *permDefList, uint32_t perms, GWEN_BUFFER *dbuf); static void _writeEnabledPermissions(const AQH_PERMDEF_LIST *permDefList, uint32_t perms, GWEN_BUFFER *dbuf); static uint32_t _readPermissionsFromForm(GWEN_DB_NODE *dbPost, const AQH_PERMDEF_LIST *permDefList); /* ------------------------------------------------------------------------------------------------ * code * ------------------------------------------------------------------------------------------------ */ void AQH_ModAdmModules_Extend(AQH_MODULE *m, AQH_SERVICE *sv, const char *baseFolder) { AQH_ModService_Extend(m, sv, baseFolder); AQH_ModService_SetHandleRequestFn(m, _handleRequest); AQH_ModService_SetLoadSubModuleFn(m, _loadSubModule); } int AQH_ModAdmModules_Create(AQH_SERVICE *sv) { AQH_MODULE *m; int rv; m=AQH_Module_new(); AQH_Module_SetName(m, "modules"); AQH_Module_SetDescr(m, "modules administration module"); AQH_Module_SetGuestPerms(m, 0); _createPermDefList(m); _createRoleList(m); rv=AQH_Service_AddModule(sv, m); if (rv<0) { DBG_INFO(NULL, "here (%d)", rv); } AQH_Module_free(m); return rv; } void _createPermDefList(AQH_MODULE *m) { AQH_PERMDEF_LIST *permDefList; permDefList=AQH_PermDef_List_new(); AQH_ModService_AddPermDef(permDefList, "ModuleRead", 0x001, "Read modules"); AQH_ModService_AddPermDef(permDefList, "ModuleWrite", 0x002, "Modify modules"); AQH_ModService_AddPermDef(permDefList, "ModuleAdd", 0x004, "Add modules"); AQH_ModService_AddPermDef(permDefList, "ModuleDel", 0x008, "Remove modules"); AQH_Module_SetPermDefList(m, permDefList); } void _createRoleList(AQH_MODULE *m) { AQH_ROLE_LIST *roleList; int id=0; roleList=AQH_Role_List_new(); AQH_ModService_AddRole(roleList, id++, "admin", AQH_MODADMMODULES_PERMS_MODULESREAD | AQH_MODADMMODULES_PERMS_MODULESWRITE | AQH_MODADMMODULES_PERMS_MODULESADD | AQH_MODADMMODULES_PERMS_MODULESDEL, "Administrator Role"); AQH_Module_SetRoleList(m, roleList); } AQH_MODULE *_loadSubModule(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, const char *sModuleName) { /* no sub-modules */ return NULL; } int _handleRequest(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, const char *sLastPathElem) { GWEN_BUFFER *dbuf; dbuf=GWEN_Buffer_new(0, 256, 0, 1); AQH_ModService_AddHeader(m, "en", dbuf); if (strcasecmp(sLastPathElem, "index.html")==0) _handleRqIndex(m, rq, session, dbuf); else if (strcasecmp(sLastPathElem, "editmodule.html")==0) _handleRqEditMod(m, rq, session, dbuf); else if (strcasecmp(sLastPathElem, "addrole.html")==0) _handleRqAddRole(m, rq, session, dbuf); else if (strcasecmp(sLastPathElem, "editrole.html")==0) _handleRqEditRole(m, rq, session, dbuf); else if (strcasecmp(sLastPathElem, "delrole.html")==0) _handleRqDeleteRole(m, rq, session, dbuf); else { AQCGI_Request_SetResponseCode(rq, 404); AQCGI_Request_SetResponseText(rq, "Not Found"); } AQH_ModService_AddFooter(m, "en", dbuf); AQCGI_Request_SetBufferResponseBody(rq, dbuf); AQCGI_Request_AddResponseHeaderData(rq, "Content-type: text/html"); return AQCGI_SendResponse(rq); } int _handleRqIndex(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf) { uint32_t perms; perms=AQH_ModService_GetUserPerms(m); DBG_ERROR(NULL, "Perms=%08x", perms); if (perms & AQH_MODADMMODULES_PERMS_MODULESREAD) { AQH_SERVICE *sv; GWEN_STRINGLIST *slModules; sv=AQH_ModService_GetService(m); slModules=AQH_Service_ListModules(sv); if (slModules) { GWEN_STRINGLISTENTRY *se; GWEN_Buffer_AppendString(dbuf, "

Modules

\n"); GWEN_Buffer_AppendString(dbuf, "\n" "" "\n" "\n" "\n"); se=GWEN_StringList_FirstEntry(slModules); while(se) { const char *sModName; sModName=GWEN_StringListEntry_Data(se); if (sModName && *sModName) { AQH_MODULE *currentMod; currentMod=AQH_Service_LoadModule(sv, sModName); if (currentMod) { const char *s; const char *sName; sName=AQH_Module_GetName(currentMod); GWEN_Buffer_AppendString(dbuf, ""); GWEN_Buffer_AppendArgs(dbuf, "", (unsigned long int) AQH_Module_GetId(currentMod)); GWEN_Buffer_AppendArgs(dbuf, "", sName?sName:""); s=AQH_Module_GetDescr(currentMod); GWEN_Buffer_AppendArgs(dbuf, "", s?s:""); GWEN_Buffer_AppendString(dbuf, "\n"); GWEN_Buffer_AppendArgs(dbuf, "\n"); AQH_Module_free(currentMod); } } se=GWEN_StringListEntry_Next(se); } GWEN_Buffer_AppendString(dbuf, "\n" "
IdNameDescriptionActions
%lu%s%s"); if (perms & AQH_MODADMMODULES_PERMS_MODULESWRITE) GWEN_Buffer_AppendArgs(dbuf, "", sName?sName:""); GWEN_Buffer_AppendArgs(dbuf, "
\n"); GWEN_StringList_free(slModules); } GWEN_Buffer_AppendString(dbuf, "
Add Module"); AQCGI_Request_SetResponseCode(rq, 200); AQCGI_Request_SetResponseText(rq, "Ok"); } else { GWEN_Buffer_AppendString(dbuf, "

No permissions to read module list.

"); AQCGI_Request_SetResponseCode(rq, 200); AQCGI_Request_SetResponseText(rq, "Ok"); } return 0; } int _handleRqEditMod(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf) { uint32_t perms; perms=AQH_ModService_GetUserPerms(m); DBG_ERROR(NULL, "Perms=%08x", perms); if (perms & AQH_MODADMMODULES_PERMS_MODULESWRITE) { if (AQCGI_Request_GetRequestMethod(rq)==AQCGI_REQUEST_METHOD_GET) return _handleRqEditModGet(m, rq, session, dbuf); else if (AQCGI_Request_GetRequestMethod(rq)==AQCGI_REQUEST_METHOD_POST) return _handleRqEditModPost(m, rq, session, dbuf); else { DBG_ERROR(NULL, "Invalid request method %d", AQCGI_Request_GetRequestMethod(rq)); AQCGI_Request_SetResponseCode(rq, 405); AQCGI_Request_SetResponseText(rq, "Method Not Allowed"); } } else { GWEN_Buffer_AppendString(dbuf, "

No permissions to edit modules.

"); AQCGI_Request_SetResponseCode(rq, 200); AQCGI_Request_SetResponseText(rq, "Ok"); } return 0; } int _handleRqEditModGet(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf) { AQH_SERVICE *sv; GWEN_DB_NODE *dbQuery; const char *sModName; AQH_MODULE *currentMod; sv=AQH_ModService_GetService(m); dbQuery=AQCGI_Request_GetDbQuery(rq); sModName=dbQuery?GWEN_DB_GetCharValue(dbQuery, "name", 0, NULL):NULL; currentMod=(sModName && *sModName)?AQH_Service_LoadModule(sv, sModName):NULL; if (currentMod) { _writeEditModForm(currentMod, sModName, dbuf); AQCGI_Request_SetResponseCode(rq, 200); AQCGI_Request_SetResponseText(rq, "Ok"); AQH_Module_free(currentMod); } else { AQCGI_Request_AddResponseHeaderData(rq, "Location: index.html"); AQCGI_Request_SetResponseCode(rq, 303); AQCGI_Request_SetResponseText(rq, "See other"); } return 0; } void _writeEditModForm(const AQH_MODULE *currentMod, const char *sModName, GWEN_BUFFER *dbuf) { const char *sName; const char *sDescr; const AQH_PERMDEF_LIST *permDefList; const AQH_ROLE_LIST *roleList; permDefList=AQH_Module_GetPermDefList(currentMod); roleList=AQH_Module_GetRoleList(currentMod); sName=AQH_Module_GetName(currentMod); sDescr=AQH_Module_GetDescr(currentMod); /* write module info */ GWEN_Buffer_AppendString(dbuf, "

Module Info

\n"); GWEN_Buffer_AppendArgs(dbuf, "
\n" "\n" "" "" "" "\n" "" "" "" "\n", sName?sName:"", sDescr?sDescr:""); if (permDefList) { GWEN_Buffer_AppendArgs(dbuf, "" "\n" "" ""); } GWEN_Buffer_AppendString(dbuf, "
"); _writePermissionsToForm(permDefList, AQH_Module_GetGuestPerms(currentMod), dbuf); GWEN_Buffer_AppendArgs(dbuf, "
\n"); GWEN_Buffer_AppendArgs(dbuf, "\n", sModName?sModName:""); GWEN_Buffer_AppendString(dbuf, "\n
\n\n"); /* write role list */ GWEN_Buffer_AppendString(dbuf, "

User Roles

\n"); if (roleList) _writeRoleListToForm(roleList, sModName, permDefList, dbuf); else GWEN_Buffer_AppendString(dbuf, "

none

"); GWEN_Buffer_AppendArgs(dbuf, "" "Add Role\n", sModName?sModName:""); } void _writeRoleListToForm(const AQH_ROLE_LIST *roleList, const char *sModName, const AQH_PERMDEF_LIST *permDefList, GWEN_BUFFER *dbuf) { const AQH_ROLE *role; GWEN_Buffer_AppendString(dbuf, "\n" "" "\n" "\n" "\n"); role=AQH_Role_List_First(roleList); while(role) { uint8_t id; const char *s; GWEN_Buffer_AppendString(dbuf, ""); /* id */ id=AQH_Role_GetId(role); GWEN_Buffer_AppendArgs(dbuf, "", id); /* name */ s=AQH_Role_GetName(role); GWEN_Buffer_AppendArgs(dbuf, "", s?s:""); /* permissions */ GWEN_Buffer_AppendString(dbuf, ""); /* description */ s=AQH_Role_GetDescr(role); GWEN_Buffer_AppendArgs(dbuf, "", s?s:""); /* actions */ GWEN_Buffer_AppendArgs(dbuf, ""); GWEN_Buffer_AppendString(dbuf, "\n"); role=AQH_Role_List_Next(role); } GWEN_Buffer_AppendString(dbuf, "\n" "
IdNamePermissionsDescriptionActions
%d%s"); if (permDefList) _writeEnabledPermissions(permDefList, AQH_Role_GetPerms(role), dbuf); GWEN_Buffer_AppendString(dbuf, "%s"); GWEN_Buffer_AppendArgs(dbuf, "" "", sModName?sModName:"", id); GWEN_Buffer_AppendArgs(dbuf, "" "", sModName?sModName:"", id); GWEN_Buffer_AppendArgs(dbuf, "
\n"); } int _handleRqEditModPost(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf) { AQH_SERVICE *sv; GWEN_DB_NODE *dbPost; const char *sModName; AQH_MODULE *currentMod; DBG_ERROR(NULL, "Post request received"); sv=AQH_ModService_GetService(m); dbPost=AQCGI_Request_GetDbPostBody(rq); sModName=dbPost?GWEN_DB_GetCharValue(dbPost, "module", 0, NULL):NULL; currentMod=(sModName && *sModName)?AQH_Service_LoadModule(sv, sModName):NULL; if (currentMod) { const char *sNewModName; const char *sDescr; int rv; uint32_t perms; const AQH_PERMDEF_LIST *permDefList; permDefList=AQH_Module_GetPermDefList(currentMod); sNewModName=GWEN_DB_GetCharValue(dbPost, "name", 0, NULL); sDescr=GWEN_DB_GetCharValue(dbPost, "descr", 0, NULL); perms=_readPermissionsFromForm(dbPost, permDefList); if (sNewModName && *sNewModName) AQH_Module_SetName(currentMod, sNewModName); AQH_Module_SetDescr(currentMod, sDescr); AQH_Module_SetGuestPerms(currentMod, perms); rv=AQH_Service_SaveModule(sv, currentMod); if (rv<0) { GWEN_Buffer_AppendString(dbuf, "

Error

Error saving module

"); DBG_ERROR(NULL, "Could not save module \"%s\"", sModName); AQCGI_Request_SetResponseCode(rq, 200); AQCGI_Request_SetResponseText(rq, "Ok"); AQH_Module_free(currentMod); return 0; } DBG_ERROR(NULL, "Module \"%s\" saved", sModName); AQH_Module_free(currentMod); AQCGI_Request_AddResponseHeaderData(rq, "Location: index.html"); AQCGI_Request_SetResponseCode(rq, 303); AQCGI_Request_SetResponseText(rq, "See other"); } else { DBG_ERROR(NULL, "Could not load module \"%s\"", sModName?sModName:""); GWEN_Buffer_AppendString(dbuf, "

Error loading module.

\n"); AQCGI_Request_SetResponseCode(rq, 200); AQCGI_Request_SetResponseText(rq, "Ok"); } return 0; } int _handleRqAddRole(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf) { uint32_t perms; perms=AQH_ModService_GetUserPerms(m); DBG_ERROR(NULL, "Perms=%08x", perms); if (perms & AQH_MODADMMODULES_PERMS_MODULESWRITE) { if (AQCGI_Request_GetRequestMethod(rq)==AQCGI_REQUEST_METHOD_GET) return _handleRqAddRoleGet(m, rq, session, dbuf); else if (AQCGI_Request_GetRequestMethod(rq)==AQCGI_REQUEST_METHOD_POST) return _handleRqAddRolePost(m, rq, session, dbuf); else { DBG_ERROR(NULL, "Invalid request method %d", AQCGI_Request_GetRequestMethod(rq)); AQCGI_SendResponseWithStatus(rq, 405, "Method Not Allowed"); AQCGI_Request_SetResponseCode(rq, 405); AQCGI_Request_SetResponseText(rq, "Method Not Allowed"); } } else { GWEN_Buffer_AppendString(dbuf, "

No permissions to edit modules.

"); AQCGI_Request_SetResponseCode(rq, 200); AQCGI_Request_SetResponseText(rq, "Ok"); } return 0; } int _handleRqAddRoleGet(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf) { AQH_SERVICE *sv; GWEN_DB_NODE *dbQuery; const char *sModName; AQH_MODULE *currentMod; const AQH_PERMDEF_LIST *permDefList; uint32_t guestPerms; sv=AQH_ModService_GetService(m); dbQuery=AQCGI_Request_GetDbQuery(rq); sModName=dbQuery?GWEN_DB_GetCharValue(dbQuery, "mod", 0, NULL):NULL; currentMod=(sModName && *sModName)?AQH_Service_LoadModule(sv, sModName):NULL; guestPerms=currentMod?AQH_Module_GetGuestPerms(currentMod):0; permDefList=currentMod?AQH_Module_GetPermDefList(currentMod):NULL; if (currentMod) { if (permDefList) { GWEN_Buffer_AppendArgs(dbuf, "

Add Role for Module %s

\n", sModName?sModName:""); GWEN_Buffer_AppendString(dbuf, "
\n" "\n" "" "" "" "" "" "" "\n"); GWEN_Buffer_AppendString(dbuf, "\n"); #if 0 GWEN_Buffer_AppendString(dbuf, "\n"); GWEN_Buffer_AppendString(dbuf, "\n"); #endif GWEN_Buffer_AppendString(dbuf, "
"); _writePermissionsToForm(permDefList, guestPerms, dbuf); GWEN_Buffer_AppendString(dbuf, "
"); _writePermissionsToForm(permDefList, 0, dbuf); GWEN_Buffer_AppendString(dbuf, "
"); _writePermissionsToForm(permDefList, 0, dbuf); GWEN_Buffer_AppendString(dbuf, "
\n"); GWEN_Buffer_AppendArgs(dbuf, "\n", sModName?sModName:""); GWEN_Buffer_AppendString(dbuf, "\n"); GWEN_Buffer_AppendString(dbuf, "
\n\n"); AQCGI_Request_SetResponseCode(rq, 200); AQCGI_Request_SetResponseText(rq, "Ok"); } else { GWEN_Buffer_AppendString(dbuf, "

Please add permission definitions first.

\n"); GWEN_Buffer_AppendArgs(dbuf, "

back to module

\n", sModName?sModName:""); AQCGI_Request_SetResponseCode(rq, 200); AQCGI_Request_SetResponseText(rq, "Ok"); } AQH_Module_free(currentMod); } else { GWEN_Buffer_AppendString(dbuf, "

Error loading module.

\n"); GWEN_Buffer_AppendString(dbuf, "

back to module list

\n"); AQCGI_Request_SetResponseCode(rq, 200); AQCGI_Request_SetResponseText(rq, "Ok"); } return 0; } int _handleRqAddRolePost(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf) { AQH_SERVICE *sv; GWEN_DB_NODE *dbPost; const char *sModName; AQH_MODULE *currentMod; int newId; const char *sName; const char *sDescr; uint32_t perms; #if 0 uint32_t explAddPerms; uint32_t explDelPerms; #endif AQH_PERMDEF_LIST *permDefList; AQH_ROLE_LIST *roleList; int rv; /* sample data */ DBG_ERROR(NULL, "Handling POST request"); sv=AQH_ModService_GetService(m); dbPost=AQCGI_Request_GetDbPostBody(rq); sModName=dbPost?GWEN_DB_GetCharValue(dbPost, "mod", 0, NULL):NULL; currentMod=(sModName && *sModName)?AQH_Service_LoadModule(sv, sModName):NULL; permDefList=currentMod?AQH_Module_GetPermDefList(currentMod):NULL; roleList=currentMod?AQH_Module_GetRoleList(currentMod):NULL; /* read role values */ newId=(roleList?_getHighestUsedRoleId(roleList):0)+1; sName=dbPost?GWEN_DB_GetCharValue(dbPost, "name", 0, NULL):NULL; sDescr=dbPost?GWEN_DB_GetCharValue(dbPost, "descr", 0, NULL):NULL; perms=(dbPost && permDefList)?_readPermissionsFromForm(dbPost, permDefList):0; /* validate */ if (!(sName && *sName)) { DBG_ERROR(NULL, "Missing value for \"name\""); GWEN_Buffer_AppendString(dbuf, "

Missing name.

\n"); GWEN_Buffer_AppendArgs(dbuf, "

back to module

\n", sModName?sModName:""); AQCGI_Request_SetResponseCode(rq, 200); AQCGI_Request_SetResponseText(rq, "Ok"); return 0; } if (currentMod) { AQH_ROLE *role; /* set new values */ role=AQH_Role_new(); AQH_Role_SetId(role, newId); AQH_Role_SetName(role, sName); AQH_Role_SetDescr(role, sDescr); AQH_Role_SetPerms(role, perms); /* add role */ if (roleList==NULL) { roleList=AQH_Role_List_new(); AQH_Module_SetRoleList(currentMod, roleList); } AQH_Role_List_Add(role, roleList); /* save module */ rv=AQH_Service_SaveModule(sv, currentMod); if (rv<0) { GWEN_Buffer_AppendString(dbuf, "

Error saving module.

\n"); GWEN_Buffer_AppendArgs(dbuf, "

back to module

\n", sModName?sModName:""); AQCGI_Request_SetResponseCode(rq, 200); AQCGI_Request_SetResponseText(rq, "Ok"); AQH_Module_free(currentMod); return 0; } _setLocationHeaderForMod(rq, "editmodule.html", sModName); AQCGI_Request_SetResponseCode(rq, 303); AQCGI_Request_SetResponseText(rq, "See Other"); AQH_Module_free(currentMod); } else { GWEN_Buffer_AppendString(dbuf, "

Error loading module.

\n"); GWEN_Buffer_AppendString(dbuf, "

back to module list

\n"); AQCGI_Request_SetResponseCode(rq, 200); AQCGI_Request_SetResponseText(rq, "Ok"); } return 0; } int _getHighestUsedRoleId(const AQH_ROLE_LIST *roleList) { int id=0; if (roleList) { const AQH_ROLE *role; role=AQH_Role_List_First(roleList); while(role) { int rid; rid=AQH_Role_GetId(role); id=(rid>id)?rid:id; role=AQH_Role_List_Next(role); } } return id; } int _handleRqEditRole(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf) { uint32_t perms; perms=AQH_ModService_GetUserPerms(m); DBG_ERROR(NULL, "Perms=%08x", perms); if (perms & AQH_MODADMMODULES_PERMS_MODULESWRITE) { if (AQCGI_Request_GetRequestMethod(rq)==AQCGI_REQUEST_METHOD_GET) return _handleRqEditRoleGet(m, rq, session, dbuf); else if (AQCGI_Request_GetRequestMethod(rq)==AQCGI_REQUEST_METHOD_POST) return _handleRqEditRolePost(m, rq, session, dbuf); else { DBG_ERROR(NULL, "Invalid request method %d", AQCGI_Request_GetRequestMethod(rq)); AQCGI_Request_SetResponseCode(rq, 405); AQCGI_Request_SetResponseText(rq, "Method Not Allowed"); } } else { GWEN_Buffer_AppendString(dbuf, "

No permissions to edit modules.

"); AQCGI_Request_SetResponseCode(rq, 200); AQCGI_Request_SetResponseText(rq, "Ok"); } return 0; } int _handleRqEditRoleGet(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf) { AQH_SERVICE *sv; GWEN_DB_NODE *dbQuery; const char *sModName; int id; const char *sName; const char *sDescr; uint32_t perms; #if 0 uint32_t explAddPerms; uint32_t explDelPerms; #endif AQH_MODULE *currentMod; const AQH_PERMDEF_LIST *permDefList; const AQH_ROLE_LIST *roleList; const AQH_ROLE *role; sv=AQH_ModService_GetService(m); dbQuery=AQCGI_Request_GetDbQuery(rq); sModName=dbQuery?GWEN_DB_GetCharValue(dbQuery, "mod", 0, NULL):NULL; id=dbQuery?GWEN_DB_GetIntValue(dbQuery, "id", 0, 0):0; currentMod=(sModName && *sModName)?AQH_Service_LoadModule(sv, sModName):NULL; permDefList=currentMod?AQH_Module_GetPermDefList(currentMod):NULL; roleList=currentMod?AQH_Module_GetRoleList(currentMod):NULL; role=roleList?AQH_Role_List_GetById(roleList, id):NULL; sName=role?AQH_Role_GetName(role):NULL; sDescr=role?AQH_Role_GetDescr(role):NULL; perms=role?AQH_Role_GetPerms(role):0; #if 0 explAddPerms=role?AQH_Role_GetExplAddPerms(role):0; explDelPerms=role?AQH_Role_GetExplDelPerms(role):0; #endif if (role) { GWEN_Buffer_AppendArgs(dbuf, "

Edit Role for Module %s

\n", sModName?sModName:""); GWEN_Buffer_AppendArgs(dbuf, "
\n" "\n" "\n" "" "" "\n" "" "" "" "\n", sName, sDescr?sDescr:""); GWEN_Buffer_AppendString(dbuf, "\n"); #if 0 GWEN_Buffer_AppendString(dbuf, "\n"); GWEN_Buffer_AppendString(dbuf, "\n"); #endif GWEN_Buffer_AppendString(dbuf, "
"); _writePermissionsToForm(permDefList, perms, dbuf); GWEN_Buffer_AppendString(dbuf, "
"); _writePermissionsToForm(permDefList, explAddPerms, dbuf); GWEN_Buffer_AppendString(dbuf, "
"); _writePermissionsToForm(permDefList, explDelPerms, dbuf); GWEN_Buffer_AppendString(dbuf, "
\n"); GWEN_Buffer_AppendArgs(dbuf, "\n", sModName?sModName:""); GWEN_Buffer_AppendArgs(dbuf, "\n", id); GWEN_Buffer_AppendString(dbuf, "\n"); GWEN_Buffer_AppendString(dbuf, "
\n\n"); } else { GWEN_Buffer_AppendString(dbuf, "

Role not found.

\n"); GWEN_Buffer_AppendArgs(dbuf, "

back to module

\n", sModName?sModName:""); } AQCGI_Request_SetResponseCode(rq, 200); AQCGI_Request_SetResponseText(rq, "Ok"); return 0; } int _handleRqEditRolePost(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf) { AQH_SERVICE *sv; GWEN_DB_NODE *dbPost; const char *sModName; AQH_MODULE *currentMod; int oldId; const char *sName; const char *sDescr; uint32_t perms; #if 0 uint32_t explAddPerms; uint32_t explDelPerms; #endif AQH_PERMDEF_LIST *permDefList; AQH_ROLE_LIST *roleList; AQH_ROLE *role; int rv; /* sample data */ sv=AQH_ModService_GetService(m); dbPost=AQCGI_Request_GetDbPostBody(rq); sModName=dbPost?GWEN_DB_GetCharValue(dbPost, "mod", 0, NULL):NULL; currentMod=(sModName && *sModName)?AQH_Service_LoadModule(sv, sModName):NULL; permDefList=currentMod?AQH_Module_GetPermDefList(currentMod):NULL; roleList=currentMod?AQH_Module_GetRoleList(currentMod):NULL; /* read role data */ oldId=dbPost?GWEN_DB_GetIntValue(dbPost, "oldId", 0, -1):-1; sName=dbPost?GWEN_DB_GetCharValue(dbPost, "name", 0, NULL):NULL; sDescr=dbPost?GWEN_DB_GetCharValue(dbPost, "descr", 0, NULL):NULL; role=roleList?AQH_Role_List_GetById(roleList, oldId):NULL; perms=(dbPost && permDefList)?_readPermissionsFromForm(dbPost, permDefList):0; /* validate */ if (!(sName && *sName)) { DBG_ERROR(NULL, "Missing value for \"name\""); GWEN_Buffer_AppendString(dbuf, "

Missing name.

\n"); GWEN_Buffer_AppendArgs(dbuf, "

back to module

\n", sModName?sModName:""); AQCGI_Request_SetResponseCode(rq, 200); AQCGI_Request_SetResponseText(rq, "Ok"); return 0; } if (role==NULL) { DBG_ERROR(NULL, "Role %d not found", oldId); GWEN_Buffer_AppendString(dbuf, "

Role not found.

\n"); GWEN_Buffer_AppendArgs(dbuf, "

back to module

\n", sModName?sModName:""); AQCGI_Request_SetResponseCode(rq, 200); AQCGI_Request_SetResponseText(rq, "Ok"); return 0; } if (currentMod) { /* set new values */ AQH_Role_SetName(role, sName); AQH_Role_SetDescr(role, sDescr); AQH_Role_SetPerms(role, perms); /* save module */ rv=AQH_Service_SaveModule(sv, currentMod); if (rv<0) { GWEN_Buffer_AppendString(dbuf, "

Error saving module.

\n"); GWEN_Buffer_AppendArgs(dbuf, "

back to module

\n", sModName?sModName:""); AQCGI_Request_SetResponseCode(rq, 200); AQCGI_Request_SetResponseText(rq, "Ok"); AQH_Module_free(currentMod); return 0; } _setLocationHeaderForMod(rq, "editmodule.html", sModName); AQCGI_Request_SetResponseCode(rq, 303); AQCGI_Request_SetResponseText(rq, "See Other"); AQH_Module_free(currentMod); } else { GWEN_Buffer_AppendString(dbuf, "

Error loading module.

\n"); GWEN_Buffer_AppendString(dbuf, "

back to module list

\n"); AQCGI_Request_SetResponseCode(rq, 200); AQCGI_Request_SetResponseText(rq, "Ok"); } return 0; } int _handleRqDeleteRole(AQH_MODULE *m, AQCGI_REQUEST *rq, AQH_SESSION *session, GWEN_BUFFER *dbuf) { uint32_t perms; perms=AQH_ModService_GetUserPerms(m); DBG_ERROR(NULL, "Perms=%08x", perms); if (perms & AQH_MODADMMODULES_PERMS_MODULESWRITE) { AQH_SERVICE *sv; GWEN_DB_NODE *dbQuery; const char *sModName; int id; AQH_MODULE *currentMod; const AQH_ROLE_LIST *roleList; AQH_ROLE *role; sv=AQH_ModService_GetService(m); dbQuery=AQCGI_Request_GetDbQuery(rq); sModName=dbQuery?GWEN_DB_GetCharValue(dbQuery, "mod", 0, NULL):NULL; id=dbQuery?GWEN_DB_GetIntValue(dbQuery, "id", 0, 0):0; currentMod=(sModName && *sModName)?AQH_Service_LoadModule(sv, sModName):NULL; if (currentMod) { roleList=currentMod?AQH_Module_GetRoleList(currentMod):NULL; role=roleList?AQH_Role_List_GetById(roleList, id):NULL; if (role) { int rv; AQH_Role_List_Del(role); AQH_Role_free(role); /* save module */ rv=AQH_Service_SaveModule(sv, currentMod); if (rv<0) { GWEN_Buffer_AppendString(dbuf, "

Error saving module.

\n"); GWEN_Buffer_AppendArgs(dbuf, "

back to module

\n", sModName?sModName:""); AQCGI_Request_SetResponseCode(rq, 200); AQCGI_Request_SetResponseText(rq, "Ok"); AQH_Module_free(currentMod); return 0; } _setLocationHeaderForMod(rq, "editmodule.html", sModName); AQCGI_Request_SetResponseCode(rq, 303); AQCGI_Request_SetResponseText(rq, "See Other"); } else { GWEN_Buffer_AppendString(dbuf, "

Role not found.

\n"); GWEN_Buffer_AppendArgs(dbuf, "

back to module

\n", sModName?sModName:""); AQCGI_Request_SetResponseCode(rq, 200); AQCGI_Request_SetResponseText(rq, "Ok"); } AQH_Module_free(currentMod); } else { GWEN_Buffer_AppendString(dbuf, "

Error loading module.

\n"); GWEN_Buffer_AppendString(dbuf, "

back to module list

\n"); AQCGI_Request_SetResponseCode(rq, 200); AQCGI_Request_SetResponseText(rq, "Ok"); } } else { GWEN_Buffer_AppendString(dbuf, "

No permissions to edit modules.

"); AQCGI_Request_SetResponseCode(rq, 200); AQCGI_Request_SetResponseText(rq, "Ok"); } return 0; } void _setLocationHeaderForMod(AQCGI_REQUEST *rq, const char *page, const char *sModName) { GWEN_BUFFER *tbuf; tbuf=GWEN_Buffer_new(0, 256, 0, 1); GWEN_Buffer_AppendArgs(tbuf, "Location: %s?name=%s", page?page:"", sModName?sModName:""); AQCGI_Request_AddResponseHeaderData(rq, GWEN_Buffer_GetStart(tbuf)); GWEN_Buffer_free(tbuf); } void _writePermissionsToForm(const AQH_PERMDEF_LIST *permDefList, uint32_t perms, GWEN_BUFFER *dbuf) { if (permDefList) { const AQH_PERMDEF *permDef; permDef=AQH_PermDef_List_First(permDefList); while(permDef) { const char *s; uint32_t mask; s=AQH_PermDef_GetId(permDef); mask=AQH_PermDef_GetMask(permDef); if (perms & mask) GWEN_Buffer_AppendArgs(dbuf, "", s?s:""); else GWEN_Buffer_AppendArgs(dbuf, "", s?s:""); GWEN_Buffer_AppendArgs(dbuf, "", s?s:"", s?s:""); permDef=AQH_PermDef_List_Next(permDef); } } } void _writeEnabledPermissions(const AQH_PERMDEF_LIST *permDefList, uint32_t perms, GWEN_BUFFER *dbuf) { if (permDefList) { const AQH_PERMDEF *permDef; permDef=AQH_PermDef_List_First(permDefList); while(permDef) { const char *s; uint32_t mask; s=AQH_PermDef_GetId(permDef); mask=AQH_PermDef_GetMask(permDef); if (perms & mask) GWEN_Buffer_AppendArgs(dbuf, "%s ", s?s:""); permDef=AQH_PermDef_List_Next(permDef); } } } uint32_t _readPermissionsFromForm(GWEN_DB_NODE *dbPost, const AQH_PERMDEF_LIST *permDefList) { uint32_t result=0; if (permDefList) { const AQH_PERMDEF *permDef; permDef=AQH_PermDef_List_First(permDefList); while(permDef) { const char *id; uint32_t mask; const char *s; id=AQH_PermDef_GetId(permDef); mask=AQH_PermDef_GetMask(permDef); s=GWEN_DB_GetCharValue(dbPost, id, 0, NULL); if (s && *s) result|=mask; permDef=AQH_PermDef_List_Next(permDef); } } return result; }