source: rtems/cpukit/httpd/umui.c @ f26145b

4.104.114.84.95
Last change on this file since f26145b was 2e7f00fc, checked in by Joel Sherrill <joel.sherrill@…>, on 04/11/03 at 16:34:49

2003-04-11 Joel Sherrill <joel@…>

  • rtems_webserver/cgi.c, rtems_webserver/sockGen.c, rtems_webserver/umui.c, rtems_webserver/websSSL.c, rtems_webserver/websSSL.h, rtems_webserver/websda.c, rtems_webserver/websda.h: New files. Not included in previous commit.
  • Property mode set to 100644
File size: 16.2 KB
Line 
1/*
2 * umui.c -- User Management GoForm Processing
3 *
4 * Copyright (c) GoAhead Software Inc., 1995-2000. All Rights Reserved.
5 *
6 * See the file "license.txt" for usage and redistribution license requirements
7 *
8 *      $Id$
9 */
10
11/******************************** Description *********************************/
12
13/*
14 *      This module provides GoForm functions for User management
15 */
16
17/********************************* Includes ***********************************/
18
19#include        "wsIntrn.h"
20#include        "um.h"
21
22/********************************* Defines ************************************/
23
24#define         NONE_OPTION             T("<NONE>")
25#define         MSG_START               T("<body><h2>")
26#define         MSG_END                 T("</h2></body>")
27
28/**************************** Forward Declarations ****************************/
29
30static void             formAddUser(webs_t wp, char_t *path, char_t *query);
31static void             formDeleteUser(webs_t wp, char_t *path, char_t *query);
32static void             formDisplayUser(webs_t wp, char_t *path, char_t *query);
33static int              aspGenerateUserList(int eid, webs_t wp,
34                                                                        int argc, char_t **argv);
35
36static void             formAddGroup(webs_t wp, char_t *path, char_t *query);
37static void             formDeleteGroup(webs_t wp, char_t *path, char_t *query);
38static int              aspGenerateGroupList(int eid, webs_t wp,
39                                                                         int argc, char_t **argv);
40
41static void             formAddAccessLimit(webs_t wp, char_t *path, char_t *query);
42static void             formDeleteAccessLimit(webs_t wp, char_t *path, char_t *query);
43static int              aspGenerateAccessLimitList(int eid, webs_t wp,
44                                                                                   int argc, char_t **argv);
45
46static int              aspGenerateAccessMethodList(int eid, webs_t wp,
47                                                                                        int argc, char_t **argv);
48static int              aspGeneratePrivilegeList(int eid, webs_t wp,
49                                                                                 int argc, char_t **argv);
50
51static void             formSaveUserManagement(webs_t wp, char_t *path, char_t *query);
52static void             formLoadUserManagement(webs_t wp, char_t *path, char_t *query);
53
54static void             websMsgStart(webs_t wp);
55static void             websMsgEnd(webs_t wp);
56
57/*********************************** Code *************************************/
58/*
59 *      Set up the User Management form handlers
60 */
61
62void formDefineUserMgmt(void)
63{
64        websAspDefine(T("MakeGroupList"), aspGenerateGroupList);
65        websAspDefine(T("MakeUserList"), aspGenerateUserList);
66        websAspDefine(T("MakeAccessLimitList"), aspGenerateAccessLimitList);
67        websAspDefine(T("MakeAccessMethodList"), aspGenerateAccessMethodList);
68        websAspDefine(T("MakePrivilegeList"), aspGeneratePrivilegeList);
69
70        websFormDefine(T("AddUser"), formAddUser);
71        websFormDefine(T("DeleteUser"), formDeleteUser);
72        websFormDefine(T("DisplayUser"), formDisplayUser);
73        websFormDefine(T("AddGroup"), formAddGroup);
74        websFormDefine(T("DeleteGroup"), formDeleteGroup);
75        websFormDefine(T("AddAccessLimit"), formAddAccessLimit);
76        websFormDefine(T("DeleteAccessLimit"), formDeleteAccessLimit);
77
78        websFormDefine(T("SaveUserManagement"), formSaveUserManagement);
79        websFormDefine(T("LoadUserManagement"), formLoadUserManagement);
80}
81
82/******************************************************************************/
83/*
84 *  Add a user
85 */
86
87static void formAddUser(webs_t wp, char_t *path, char_t *query)
88{
89        char_t  *userid, *pass1, *pass2, *group, *enabled, *ok;
90        bool_t bDisable;
91        int     nCheck;
92
93        a_assert(wp);
94
95        userid = websGetVar(wp, T("user"), T(""));
96        pass1 = websGetVar(wp, T("password"), T(""));
97        pass2 = websGetVar(wp, T("passconf"), T(""));
98        group = websGetVar(wp, T("group"), T(""));
99        enabled = websGetVar(wp, T("enabled"), T(""));
100        ok = websGetVar(wp, T("ok"), T(""));
101
102        websHeader(wp);
103        websMsgStart(wp);
104
105        if (gstricmp(ok, T("ok")) != 0) {
106                websWrite(wp, T("Add User Cancelled"));
107        } else if (gstrcmp(pass1, pass2) != 0) {
108                websWrite(wp, T("Confirmation Password did not match."));
109        } else {
110                if (enabled && *enabled && (gstrcmp(enabled, T("on")) == 0)) {
111                        bDisable = FALSE;
112                } else {
113                        bDisable = TRUE;
114                }
115
116                nCheck = umAddUser(userid, pass1, group, 0, bDisable);
117                if (nCheck != 0) {
118                        char_t * strError;
119
120                        switch (nCheck) {
121                        case UM_ERR_DUPLICATE:
122                                strError = T("User already exists.");
123                                break;
124
125                        case UM_ERR_BAD_NAME:
126                                strError = T("Invalid user name.");
127                                break;
128
129                        case UM_ERR_BAD_PASSWORD:
130                                strError = T("Invalid password.");
131                                break;
132
133                        case UM_ERR_NOT_FOUND:
134                                strError = T("Invalid or unselected group.");
135                                break;
136
137                        default:
138                                strError = T("Error writing user record.");
139                                break;
140                        }
141
142                        websWrite(wp, T("Unable to add user, \"%s\".  %s"),
143                                userid, strError);
144                } else {
145                        websWrite(wp, T("User, \"%s\" was successfully added."),
146                                userid);
147                }
148        }
149
150        websMsgEnd(wp);
151        websFooter(wp);
152        websDone(wp, 200);
153}
154
155/******************************************************************************/
156/*
157 *  Delete a user
158 */
159
160static void formDeleteUser(webs_t wp, char_t *path, char_t *query)
161{
162        char_t  *userid, *ok;
163
164        a_assert(wp);
165
166        userid = websGetVar(wp, T("user"), T(""));
167        ok = websGetVar(wp, T("ok"), T(""));
168
169        websHeader(wp);
170        websMsgStart(wp);
171
172        if (gstricmp(ok, T("ok")) != 0) {
173                websWrite(wp, T("Delete User Cancelled"));
174        } else if (umUserExists(userid) == FALSE) {
175                websWrite(wp, T("ERROR: User \"%s\" not found"), userid);
176        } else if (umGetUserProtected(userid)) {
177                websWrite(wp, T("ERROR: User, \"%s\" is delete-protected."), userid);
178        } else if (umDeleteUser(userid) != 0) {
179                websWrite(wp, T("ERROR: Unable to delete user, \"%s\" "), userid);
180        } else {
181                websWrite(wp, T("User, \"%s\" was successfully deleted."), userid);
182        }
183
184        websMsgEnd(wp);
185        websFooter(wp);
186        websDone(wp, 200);
187}
188
189/******************************************************************************/
190/*
191 *  Display the user info
192 */
193
194static void formDisplayUser(webs_t wp, char_t *path, char_t *query)
195{
196        char_t  *userid, *ok, *temp;
197        bool_t  enabled;
198
199        a_assert(wp);
200
201        userid = websGetVar(wp, T("user"), T(""));
202        ok = websGetVar(wp, T("ok"), T(""));
203
204        websHeader(wp);
205        websWrite(wp, T("<body>"));
206
207        if (gstricmp(ok, T("ok")) != 0) {
208                websWrite(wp, T("Display User Cancelled"));
209        } else if (umUserExists(userid) == FALSE) {
210                websWrite(wp, T("ERROR: User <b>%s</b> not found.\n"), userid);
211        } else {
212                websWrite(wp, T("<h2>User ID: <b>%s</b></h2>\n"), userid);
213                temp = umGetUserGroup(userid);
214                websWrite(wp, T("<h3>User Group: <b>%s</b></h3>\n"), temp);
215                enabled = umGetUserEnabled(userid);
216                websWrite(wp, T("<h3>Enabled: <b>%d</b></h3>\n"), enabled);
217        }
218
219        websWrite(wp, T("</body>\n"));
220        websFooter(wp);
221        websDone(wp, 200);
222}
223
224
225/******************************************************************************/
226/*
227 *  Generate HTML to create a list box containing the users
228 */
229
230static int aspGenerateUserList(int eid, webs_t wp, int argc, char_t **argv)
231{
232        char_t  *userid;
233        int             row, nBytesSent, nBytes;
234
235        a_assert(wp);
236
237        nBytes = websWrite(wp,
238                T("<SELECT NAME=\"user\" SIZE=\"3\" TITLE=\"Select a User\">"));
239        row = 0;
240        userid = umGetFirstUser();
241        nBytesSent = 0;
242
243        while (userid && (nBytes > 0)) {
244                nBytes = websWrite(wp, T("<OPTION VALUE=\"%s\">%s\n"),
245                        userid, userid);
246                userid = umGetNextUser(userid);
247                nBytesSent += nBytes;
248        }
249
250        nBytesSent += websWrite(wp, T("</SELECT>"));
251
252        return nBytesSent;
253}
254
255/******************************************************************************/
256/*
257 *  Add a group
258 */
259
260static void formAddGroup(webs_t wp, char_t *path, char_t *query)
261{
262        char_t                  *group, *enabled, *privilege, *method, *ok, *pChar;
263        int                             nCheck;
264        short                   priv;
265        accessMeth_t    am;
266        bool_t                  bDisable;
267
268        a_assert(wp);
269
270        group = websGetVar(wp, T("group"), T(""));
271        method = websGetVar(wp, T("method"), T(""));
272        enabled = websGetVar(wp, T("enabled"), T(""));
273        privilege = websGetVar(wp, T("privilege"), T(""));
274        ok = websGetVar(wp, T("ok"), T(""));
275
276        websHeader(wp);
277        websMsgStart(wp);
278
279        if (gstricmp(ok, T("ok")) != 0) {
280                websWrite(wp, T("Add Group Cancelled."));
281        } else if ((group == NULL) || (*group == 0)) {
282                websWrite(wp, T("No Group Name was entered."));
283        } else if (umGroupExists(group)) {
284                websWrite(wp, T("ERROR: Group, \"%s\" already exists."), group);
285        } else {
286                if (privilege && *privilege) {
287/*
288 *                      privilege is a mulitple <SELECT> var, and must be parsed.
289 *                      Values for these variables are space delimited.
290 */
291                        priv = 0;
292                        for (pChar = privilege; *pChar; pChar++) {
293                                if (*pChar == ' ') {
294                                        *pChar = '\0';
295                                        priv |= gatoi(privilege);
296                                        *pChar = ' ';
297                                        privilege = pChar + 1;
298                                }
299                        }
300                        priv |= gatoi(privilege);
301                } else {
302                        priv = 0;
303                }
304
305                if (method && *method) {
306                        am = (accessMeth_t) gatoi(method);
307                } else {
308                        am = AM_FULL;
309                }
310
311                if (enabled && *enabled && (gstrcmp(enabled, T("on")) == 0)) {
312                        bDisable = FALSE;
313                } else {
314                        bDisable = TRUE;
315                }
316
317                nCheck = umAddGroup(group, priv, am, 0, bDisable);
318                if (nCheck != 0) {
319                        websWrite(wp, T("Unable to add group, \"%s\", code: %d "),
320                                group, nCheck);
321                } else {
322                        websWrite(wp, T("Group, \"%s\" was successfully added."),
323                                group);
324                }
325        }
326
327        websMsgEnd(wp);
328        websFooter(wp);
329        websDone(wp, 200);
330}
331
332/******************************************************************************/
333/*
334 *  Delete a group
335 */
336
337static void formDeleteGroup(webs_t wp, char_t *path, char_t *query)
338{
339        char_t  *group, *ok;
340
341        a_assert(wp);
342
343        group = websGetVar(wp, T("group"), T(""));
344        ok = websGetVar(wp, T("ok"), T(""));
345
346        websHeader(wp);
347        websMsgStart(wp);
348
349        if (gstricmp(ok, T("ok")) != 0) {
350                websWrite(wp, T("Delete Group Cancelled."));
351        } else if ((group == NULL) || (*group == '\0')) {
352                websWrite(wp, T("ERROR: No group was selected."));
353        } else if (umGetGroupProtected(group)) {
354                websWrite(wp, T("ERROR: Group, \"%s\" is delete-protected."), group);
355        } else if (umGetGroupInUse(group)) {
356                websWrite(wp, T("ERROR: Group, \"%s\" is being used."), group);
357        } else if (umDeleteGroup(group) != 0) {
358                websWrite(wp, T("ERROR: Unable to delete group, \"%s\" "), group);
359        } else {
360                websWrite(wp, T("Group, \"%s\" was successfully deleted."), group);
361        }
362
363        websMsgEnd(wp);
364        websFooter(wp);
365        websDone(wp, 200);
366}
367
368/******************************************************************************/
369/*
370 *  Generate HTML to create a list box containing the groups
371 */
372
373static int aspGenerateGroupList(int eid, webs_t wp, int argc, char_t **argv)
374{
375        char_t  *group;
376        int             row, nBytesSent, nBytes;
377
378        a_assert(wp);
379
380        row = 0;
381        nBytesSent = 0;
382        nBytes = websWrite(wp,
383                T("<SELECT NAME=\"group\" SIZE=\"3\" TITLE=\"Select a Group\">"));
384/*
385 *  Add a special "<NONE>" element to allow de-selection
386 */
387        nBytes = websWrite(wp, T("<OPTION VALUE=\"\">[NONE]\n"));
388
389        group = umGetFirstGroup();
390        while (group && (nBytes > 0)) {
391                nBytes = websWrite(wp, T("<OPTION VALUE=\"%s\">%s\n"), group, group);
392                group = umGetNextGroup(group);
393                nBytesSent += nBytes;
394        }
395
396        nBytesSent += websWrite(wp, T("</SELECT>"));
397
398        return nBytesSent;
399}
400
401/******************************************************************************/
402/*
403 *  Add an access limit
404 */
405
406static void formAddAccessLimit(webs_t wp, char_t *path, char_t *query)
407{
408        char_t                  *url, *method, *group, *secure, *ok;
409        int                             nCheck;
410        accessMeth_t    am;
411        short                   nSecure;
412
413        a_assert(wp);
414
415        url = websGetVar(wp, T("url"), T(""));
416        group = websGetVar(wp, T("group"), T(""));
417        method = websGetVar(wp, T("method"), T(""));
418        secure = websGetVar(wp, T("secure"), T(""));
419        ok = websGetVar(wp, T("ok"), T(""));
420
421        websHeader(wp);
422        websMsgStart(wp);
423
424        if (gstricmp(ok, T("ok")) != 0) {
425                websWrite(wp, T("Add Access Limit Cancelled."));
426        } else if ((url == NULL) || (*url == 0)) {
427                websWrite(wp, T("ERROR:  No URL was entered."));
428        } else if (umAccessLimitExists(url)) {
429                websWrite(wp, T("ERROR:  An Access Limit for [%s] already exists."),
430                        url);
431        } else {
432                if (method && *method) {
433                        am = (accessMeth_t) gatoi(method);
434                } else {
435                        am = AM_FULL;
436                }
437
438                if (secure && *secure) {
439                        nSecure = (short) gatoi(secure);
440                } else {
441                        nSecure = 0;
442                }
443
444                nCheck = umAddAccessLimit(url, am, nSecure, group);
445                if (nCheck != 0) {
446                        websWrite(wp, T("Unable to add Access Limit for [%s]"), url);
447                } else {
448                        websWrite(wp, T("Access limit for [%s], was successfully added."),
449                                url);
450                }
451        }
452
453        websMsgEnd(wp);
454        websFooter(wp);
455        websDone(wp, 200);
456}
457
458/******************************************************************************/
459/*
460 *  Delete an Access Limit
461 */
462
463static void formDeleteAccessLimit(webs_t wp, char_t *path, char_t *query)
464{
465        char_t  *url, *ok;
466
467        a_assert(wp);
468
469        url = websGetVar(wp, T("url"), T(""));
470        ok = websGetVar(wp, T("ok"), T(""));
471
472        websHeader(wp);
473        websMsgStart(wp);
474
475        if (gstricmp(ok, T("ok")) != 0) {
476                websWrite(wp, T("Delete Access Limit Cancelled"));
477        } else if (umDeleteAccessLimit(url) != 0) {
478                websWrite(wp, T("ERROR: Unable to delete Access Limit for [%s]"),
479                        url);
480        } else {
481                websWrite(wp, T("Access Limit for [%s], was successfully deleted."),
482                        url);
483        }
484
485        websMsgEnd(wp);
486        websFooter(wp);
487        websDone(wp, 200);
488}
489
490/******************************************************************************/
491/*
492 *  Generate HTML to create a list box containing the access limits
493 */
494
495static int aspGenerateAccessLimitList(int eid, webs_t wp,
496                                                                          int argc, char_t **argv)
497{
498        char_t  *url;
499        int             row, nBytesSent, nBytes;
500
501        a_assert(wp);
502
503        row = nBytesSent = 0;
504        url = umGetFirstAccessLimit();
505        nBytes = websWrite(wp,
506                T("<SELECT NAME=\"url\" SIZE=\"3\" TITLE=\"Select a URL\">"));
507
508        while (url && (nBytes > 0)) {
509                nBytes = websWrite(wp, T("<OPTION VALUE=\"%s\">%s\n"), url, url);
510                url = umGetNextAccessLimit(url);
511                nBytesSent += nBytes;
512        }
513
514        nBytesSent += websWrite(wp, T("</SELECT>"));
515
516        return nBytesSent;
517}
518
519/******************************************************************************/
520/*
521 *  Generate HTML to create a list box containing the access methods
522 */
523
524static int aspGenerateAccessMethodList(int eid, webs_t wp,
525                                                                           int argc, char_t **argv)
526{
527        int             nBytes;
528
529        a_assert(wp);
530
531        nBytes = websWrite(wp,
532                T("<SELECT NAME=\"method\" SIZE=\"3\" TITLE=\"Select a Method\">"));
533        nBytes += websWrite(wp, T("<OPTION VALUE=\"%d\">FULL ACCESS\n"),
534                AM_FULL);
535        nBytes += websWrite(wp, T("<OPTION VALUE=\"%d\">BASIC ACCESS\n"),
536                AM_BASIC);
537        nBytes += websWrite(wp, T("<OPTION VALUE=\"%d\" SELECTED>DIGEST ACCESS\n"),
538                AM_DIGEST);
539        nBytes += websWrite(wp, T("<OPTION VALUE=\"%d\">NO ACCESS\n"),
540                AM_NONE);
541        nBytes += websWrite(wp, T("</SELECT>"));
542
543        return nBytes;
544}
545/******************************************************************************/
546/*
547 *  Generate HTML to create a list box containing privileges
548 */
549
550static int aspGeneratePrivilegeList(int eid, webs_t wp,
551                                                                        int argc, char_t **argv)
552{
553        int             nBytes;
554
555        a_assert(wp);
556
557        nBytes = websWrite(wp, T("<SELECT NAME=\"privilege\" SIZE=\"3\" "));
558        nBytes += websWrite(wp, T("MULTIPLE TITLE=\"Choose Privileges\">"));
559        nBytes += websWrite(wp, T("<OPTION VALUE=\"%d\">READ\n"), PRIV_READ);
560        nBytes += websWrite(wp, T("<OPTION VALUE=\"%d\">EXECUTE\n"), PRIV_WRITE);
561        nBytes += websWrite(wp, T("<OPTION VALUE=\"%d\">ADMINISTRATE\n"),
562                PRIV_ADMIN);
563        nBytes += websWrite(wp, T("</SELECT>"));
564
565        return nBytes;
566}
567
568/******************************************************************************/
569/*
570 *  Save the user management configuration to a file
571 */
572
573static void formSaveUserManagement(webs_t wp, char_t *path, char_t *query)
574{
575        char_t  *ok;
576
577        a_assert(wp);
578
579        ok = websGetVar(wp, T("ok"), T(""));
580
581        websHeader(wp);
582        websMsgStart(wp);
583
584        if (gstricmp(ok, T("ok")) != 0) {
585                websWrite(wp, T("Save Cancelled."));
586        } else if (umCommit(NULL) != 0) {
587                websWrite(wp, T("ERROR: Unable to save user configuration."));
588        } else {
589                websWrite(wp, T("User configuration was saved successfully."));
590        }
591
592        websMsgEnd(wp);
593        websFooter(wp);
594        websDone(wp, 200);
595}
596
597/******************************************************************************/
598/*
599 *  Load the user management configuration from a file
600 */
601
602static void formLoadUserManagement(webs_t wp, char_t *path, char_t *query)
603{
604        char_t  *ok;
605
606        a_assert(wp);
607
608        ok = websGetVar(wp, T("ok"), T(""));
609
610        websHeader(wp);
611        websMsgStart(wp);
612
613        if (gstricmp(ok, T("ok")) != 0) {
614                websWrite(wp, T("Load Cancelled."));
615        } else if (umRestore(NULL) != 0) {
616                websWrite(wp, T("ERROR: Unable to load user configuration."));
617        } else {
618                websWrite(wp, T("User configuration was re-loaded successfully."));
619        }
620
621        websMsgEnd(wp);
622        websFooter(wp);
623        websDone(wp, 200);
624}
625
626/******************************************************************************/
627/*
628 *  Message start and end convenience functions
629 */
630
631static void     websMsgStart(webs_t wp)
632{
633        websWrite(wp, MSG_START);
634}
635
636static void     websMsgEnd(webs_t wp)
637{
638        websWrite(wp, MSG_END);
639}
640
641/******************************************************************************/
Note: See TracBrowser for help on using the repository browser.