Portions created by the Initial Developer are Copyright (C) 2018 - 2022 the Initial Developer. All Rights Reserved. */ //includes require_once "root.php"; require_once "resources/require.php"; require_once "resources/check_auth.php"; //check permissions if (permission_exists('access_control_add') || permission_exists('access_control_edit')) { //access granted } else { echo "access denied"; exit; } //add multi-lingual support $language = new text; $text = $language->get(); //action add or update if (is_uuid($_REQUEST["id"])) { $action = "update"; $access_control_uuid = $_REQUEST["id"]; $id = $_REQUEST["id"]; } else { $action = "add"; } //get http post variables and set them to php variables if (is_array($_POST) && @sizeof($_POST) != 0) { $access_control_name = $_POST["access_control_name"]; $access_control_default = $_POST["access_control_default"]; $access_control_nodes = $_POST["access_control_nodes"]; $access_control_description = $_POST["access_control_description"]; } //process the user data and save it to the database if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) { //enforce valid data if ($access_control_name == 'providers' || $access_control_name == 'domains') { $access_control_default = 'deny'; } if ($access_control_default != 'allow' && $access_control_default != 'deny') { $access_control_default = 'deny'; } //validate the token $token = new token; if (!$token->validate($_SERVER['PHP_SELF'])) { message::add($text['message-invalid_token'],'negative'); header('Location: access_controls.php'); exit; } //process the http post data by submitted action if ($_POST['action'] != '' && strlen($_POST['action']) > 0) { //prepare the array(s) $x = 0; foreach ($_POST['access_control_nodes'] as $row) { if (is_uuid($row['access_control_uuid']) && $row['checked'] === 'true') { $array['access_controls'][$x]['checked'] = $row['checked']; $array['access_controls'][$x]['access_control_nodes'][]['access_control_node_uuid'] = $row['access_control_node_uuid']; $x++; } } //send the array to the database class switch ($_POST['action']) { case 'copy': if (permission_exists('access_control_add')) { $obj = new database; $obj->copy($array); } break; case 'delete': if (permission_exists('access_control_delete')) { $obj = new database; $obj->delete($array); } break; case 'toggle': if (permission_exists('access_control_update')) { $obj = new database; $obj->toggle($array); } break; } //clear the cache, reloadacl and redirect the user if (in_array($_POST['action'], array('copy', 'delete', 'toggle'))) { //clear the cache $cache = new cache; $cache->delete("configuration:acl.conf"); //create the event socket connection $fp = event_socket_create($_SESSION['event_socket_ip_address'], $_SESSION['event_socket_port'], $_SESSION['event_socket_password']); if ($fp) { event_socket_request($fp, "api reloadacl"); } //redirect the user header('Location: access_control_edit.php?id='.$id); exit; } } //check for all required data $msg = ''; if (strlen($access_control_name) == 0) { $msg .= $text['message-required']." ".$text['label-access_control_name']."
\n"; } if (strlen($access_control_default) == 0) { $msg .= $text['message-required']." ".$text['label-access_control_default']."
\n"; } //if (strlen($access_control_nodes) == 0) { $msg .= $text['message-required']." ".$text['label-access_control_nodes']."
\n"; } //if (strlen($access_control_description) == 0) { $msg .= $text['message-required']." ".$text['label-access_control_description']."
\n"; } if (strlen($msg) > 0 && strlen($_POST["persistformvar"]) == 0) { require_once "resources/header.php"; require_once "resources/persist_form_var.php"; echo "

\n"; echo "

\n"; echo $msg."
"; echo "

\n"; persistformvar($_POST); echo "

\n"; require_once "resources/footer.php"; return; } //add the access_control_uuid if (!is_uuid($_POST["access_control_uuid"])) { $access_control_uuid = uuid(); } //prepare the array $array['access_controls'][0]['access_control_uuid'] = $access_control_uuid; $array['access_controls'][0]['access_control_name'] = $access_control_name; $array['access_controls'][0]['access_control_default'] = $access_control_default; $array['access_controls'][0]['access_control_description'] = $access_control_description; $y = 0; if (is_array($access_control_nodes)) { foreach ($access_control_nodes as $row) { //validate the data if (!is_uuid($row["access_control_node_uuid"])) { continue; } if ($row["node_type"] != 'allow' && $row["node_type"] != 'deny') { continue; } if (isset($row["node_cidr"]) && $row["node_cidr"] != '') { $cidr_array = explode("/", str_replace("\\", "/", $row["node_cidr"])); if (filter_var($cidr_array[0], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) { if (isset($cidr_array[1]) && is_numeric($cidr_array[1])) { //valid IPv4 address and cidr notation $node_cidr = $row["node_cidr"]; } else { //valid IPv4 address add the missing cidr notation $node_cidr = $row["node_cidr"].'/32'; } } elseif(filter_var($cidr_array[0], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { //valid IPv6 address $node_cidr = $row["node_cidr"]; } //if the cidr is provided ignore the domain. $row["node_domain"] = ''; } //build the sub array $array['access_controls'][0]['access_control_nodes'][$y]['access_control_node_uuid'] = $row["access_control_node_uuid"]; $array['access_controls'][0]['access_control_nodes'][$y]['node_type'] = $row["node_type"]; $array['access_controls'][0]['access_control_nodes'][$y]['node_cidr'] = $node_cidr; $array['access_controls'][0]['access_control_nodes'][$y]['node_domain'] = $row["node_domain"]; $array['access_controls'][0]['access_control_nodes'][$y]['node_description'] = $row["node_description"]; $y++; //unset values unset($cidr_array, $node_cidr); } } //save the data if (is_array($array)) { $database = new database; $database->app_name = 'access controls'; $database->app_uuid = '1416a250-f6e1-4edc-91a6-5c9b883638fd'; $database->save($array); } //clear the cache $cache = new cache; $cache->delete("configuration:acl.conf"); //create the event socket connection $fp = event_socket_create($_SESSION['event_socket_ip_address'], $_SESSION['event_socket_port'], $_SESSION['event_socket_password']); if ($fp) { event_socket_request($fp, "api reloadacl"); } //redirect the user if (isset($action)) { if ($action == "add") { $_SESSION["message"] = $text['message-add']; } if ($action == "update") { $_SESSION["message"] = $text['message-update']; } //header('Location: access_controls.php'); header('Location: access_control_edit.php?id='.urlencode($access_control_uuid)); return; } } //pre-populate the form if (is_array($_GET) && $_POST["persistformvar"] != "true") { $sql = "select * from v_access_controls "; $sql .= "where access_control_uuid = :access_control_uuid "; $parameters['access_control_uuid'] = $access_control_uuid; $database = new database; $row = $database->select($sql, $parameters, 'row'); if (is_array($row) && @sizeof($row) != 0) { $access_control_name = $row["access_control_name"]; $access_control_default = $row["access_control_default"]; $access_control_description = $row["access_control_description"]; } unset($sql, $parameters, $row); } //get the child data if (is_uuid($access_control_uuid)) { $sql = "select * from v_access_control_nodes "; $sql .= "where access_control_uuid = :access_control_uuid "; $sql .= "order by node_cidr asc"; $parameters['access_control_uuid'] = $access_control_uuid; $database = new database; $access_control_nodes = $database->select($sql, $parameters, 'all'); unset ($sql, $parameters); } //add the $access_control_node_uuid if (!is_uuid($access_control_node_uuid)) { $access_control_node_uuid = uuid(); } //add an empty row if (is_array($access_control_nodes) && @sizeof($access_control_nodes) != 0) { $x = count($access_control_nodes); } else { $access_control_nodes = array(); $x = 0; } $access_control_nodes[$x]['access_control_uuid'] = $access_control_uuid; $access_control_nodes[$x]['access_control_node_uuid'] = uuid(); $access_control_nodes[$x]['node_type'] = ''; $access_control_nodes[$x]['node_cidr'] = ''; $access_control_nodes[$x]['node_domain'] = ''; $access_control_nodes[$x]['node_description'] = ''; //create token $object = new token; $token = $object->create($_SERVER['PHP_SELF']); //show the header $document['title'] = $text['title-access_control']; require_once "resources/header.php"; //show the content echo "

\n"; echo "\n"; echo "

\n"; echo "

".$text['title-access_control']."

\n"; echo "

\n"; echo button::create(['type'=>'button','label'=>$text['button-back'],'icon'=>$_SESSION['theme']['button_icon_back'],'id'=>'btn_back','collapse'=>'hide-xs','style'=>'margin-right: 15px;','link'=>'access_controls.php']); if ($action == 'update') { if (permission_exists('access_control_node_add')) { echo button::create(['type'=>'button','label'=>$text['button-copy'],'icon'=>$_SESSION['theme']['button_icon_copy'],'id'=>'btn_copy','name'=>'btn_copy','style'=>'display: none;','onclick'=>"modal_open('modal-copy','btn_copy');"]); } if (permission_exists('access_control_node_delete')) { echo button::create(['type'=>'button','label'=>$text['button-delete'],'icon'=>$_SESSION['theme']['button_icon_delete'],'id'=>'btn_delete','name'=>'btn_delete','style'=>'display: none; margin-right: 15px;','onclick'=>"modal_open('modal-delete','btn_delete');"]); } } echo button::create(['type'=>'submit','label'=>$text['button-save'],'icon'=>$_SESSION['theme']['button_icon_save'],'id'=>'btn_save','collapse'=>'hide-xs']); echo "

\n"; echo "

\n"; echo "

\n"; echo $text['title_description-access_controls']."\n"; echo "

\n"; if ($action == 'update') { if (permission_exists('access_control_add')) { echo modal::create(['id'=>'modal-copy','type'=>'copy','actions'=>button::create(['type'=>'submit','label'=>$text['button-continue'],'icon'=>'check','id'=>'btn_copy','style'=>'float: right; margin-left: 15px;','collapse'=>'never','name'=>'action','value'=>'copy','onclick'=>"modal_close();"])]); } if (permission_exists('access_control_delete')) { echo modal::create(['id'=>'modal-delete','type'=>'delete','actions'=>button::create(['type'=>'submit','label'=>$text['button-continue'],'icon'=>'check','id'=>'btn_delete','style'=>'float: right; margin-left: 15px;','collapse'=>'never','name'=>'action','value'=>'delete','onclick'=>"modal_close();"])]); } } if ($action == 'update') { if (permission_exists('access_control_add')) { echo modal::create(['id'=>'modal-copy','type'=>'copy','actions'=>button::create(['type'=>'submit','label'=>$text['button-continue'],'icon'=>'check','id'=>'btn_copy','style'=>'float: right; margin-left: 15px;','collapse'=>'never','name'=>'action','value'=>'copy','onclick'=>"modal_close();"])]); } if (permission_exists('access_control_delete')) { echo modal::create(['id'=>'modal-delete','type'=>'delete','actions'=>button::create(['type'=>'submit','label'=>$text['button-continue'],'icon'=>'check','id'=>'btn_delete','style'=>'float: right; margin-left: 15px;','collapse'=>'never','name'=>'action','value'=>'delete','onclick'=>"modal_close();"])]); } } echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "

\n"; echo " ".$text['label-access_control_name']."\n"; echo "

\n"; echo " \n"; echo "
\n"; echo $text['description-access_control_name']."\n"; echo "

\n"; echo " ".$text['label-access_control_default']."\n"; echo "

\n"; echo " \n"; echo "
\n"; echo $text['description-access_control_default']."\n"; echo "

\n"; echo " ".$text['label-access_control_nodes']."\n"; echo "

\n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; if (is_array($access_control_nodes) && @sizeof($access_control_nodes) > 1 && permission_exists('access_control_node_delete')) { echo " \n"; } echo " \n"; $x = 0; foreach($access_control_nodes as $row) { echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; echo " \n"; if (is_array($access_control_nodes) && @sizeof($access_control_nodes) > 1 && permission_exists('access_control_node_delete')) { if (is_uuid($row['access_control_node_uuid'])) { echo " \n"; } else { echo " \n"; } } echo " \n"; $x++; } echo "

".$text['label-node_type']."	".$text['label-node_cidr']."	".$text['label-node_domain']."	".$text['label-node_description']."	\n"; echo " ".$text['label-action']."\n"; echo " \n"; echo "
\n"; echo " \n"; echo "	\n"; echo " \n"; echo "	\n"; echo " \n"; echo "	\n"; echo " \n"; echo "	\n"; echo " \n"; echo "

\n"; echo "
\n"; echo $text['description-node_description']."\n"; echo "

\n"; echo " ".$text['label-access_control_description']."\n"; echo "

\n"; echo " \n"; echo "
\n"; echo $text['description-access_control_description']."\n"; echo "

"; echo "

"; echo "\n"; echo "

"; //include the footer require_once "resources/footer.php"; ?>