Changeset 221


Ignore:
Timestamp:
Apr 13, 2005, 1:24:15 PM (17 years ago)
Author:
Kris Deugau
Message:

/branches/acl

Basic ACL support - load ACL data from db, do or don't display
"Add Master" link, do or don't display "Admin tools" link.
Added tabledef for users/ACLs

Location:
branches/acl/cgi-bin
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • branches/acl/cgi-bin/IPDB.pm

    r189 r221  
    2323@EXPORT_OK    = qw(
    2424        %disp_alloctypes %list_alloctypes %def_custids @citylist @poplist @masterblocks
    25         %allocated %free %routed %bigfree
     25        %allocated %free %routed %bigfree %IPDBacl
    2626        &initIPDBGlobals &connectDB &finish &checkDBSanity &allocateBlock &deleteBlock
    2727        &mailNotify
     
    3131%EXPORT_TAGS    = ( ALL => [qw(
    3232                %disp_alloctypes %list_alloctypes %def_custids @citylist @poplist
    33                 @masterblocks %allocated %free %routed %bigfree
     33                @masterblocks %allocated %free %routed %bigfree %IPDBacl
    3434                &initIPDBGlobals &connectDB &finish &checkDBSanity &allocateBlock
    3535                &deleteBlock &mailNotify
     
    5050our %routed;
    5151our %bigfree;
     52our %IPDBacl;
    5253
    5354# Let's initialize the globals.
     
    8384  $sth = $dbh->prepare("select cidr from masterblocks order by cidr");
    8485  $sth->execute;
     86  return (undef,$sth->errstr) if $sth->err;
    8587  for (my $i=0; my @data = $sth->fetchrow_array(); $i++) {
    8688    $masterblocks[$i] = new NetAddr::IP $data[0];
     
    9193    $routed{"$masterblocks[$i]"} = 0;
    9294  }
     95
     96  # Load ACL data.  Specific username checks are done at a different level.
     97  $sth = $dbh->prepare("select username,acl from users");
     98  $sth->execute;
    9399  return (undef,$sth->errstr) if $sth->err;
     100  while (my @data = $sth->fetchrow_array) {
     101    $IPDBacl{$data[0]} = $data[1];
     102  }
    94103
    95104  return (1,"OK");
  • branches/acl/cgi-bin/ipdb.psql

    r189 r221  
    182182pr      Dynamic-route DSL netblock      Dynamic-route DSL       203     
    183183\.
     184
     185
     186--
     187-- User data table - required for proper ACLs
     188--
     189
     190CREATE TABLE "users" (
     191        "user" varchar(16) NOT NULL PRIMARY KEY,
     192        "password" varchar(16) DEFAULT '',
     193        "acl" varchar(16) DEFAULT 'b'
     194);
  • branches/acl/cgi-bin/main.cgi

    r214 r221  
    2222openlog "IPDB","pid","local2";
    2323
     24# Present HTTP AUTH headers, as well as opening content-type.
     25#print 'WWW-Authenticate: Basic realm="ViaNet IP Database"\n';
    2426# Collect the username from HTTP auth.  If undefined, we're in a test environment.
    2527my $authuser;
     
    171173print qq(<div align=right style="position: absolute; right: 30px;">).
    172174        qq(<a href="/ip/cgi-bin/admin.cgi">Admin tools</a></div><br>\n)
    173         if $authuser =~ /kdeugau|jodyh|jipp/;
     175        if $IPDBacl{$authuser} =~ /A/;
    174176
    175177# We print the footer here, so we don't have to do it elsewhere.
     
    448450  }
    449451  print "</table>\n";
    450   print qq(<a href="/ip/addmaster.shtml">Add new master block</a><br><br>\n);
     452  if ($IPDBacl{$authuser} =~ /a/) {
     453    print qq(<a href="/ip/addmaster.shtml">Add new master block</a><br><br>\n);
     454  }
    451455  print "Note:  Free blocks noted here include both routed and unrouted blocks.\n";
    452456
Note: See TracChangeset for help on using the changeset viewer.