diff options
| author | Ted Trask <ttrask01@yahoo.com> | 2008-07-23 12:34:44 +0000 |
|---|---|---|
| committer | Ted Trask <ttrask01@yahoo.com> | 2008-07-23 12:34:44 +0000 |
| commit | da2aa81f7cf24ec58c78f781d13fb6dda0c18dd1 (patch) | |
| tree | eaac59fe4cb99026f51220ebffac406b64a26c17 /tinydns-model.lua | |
| parent | c8a55ba7d09fa091ff64a79b9a8347b6d3191da6 (diff) | |
| download | acf-tinydns-da2aa81f7cf24ec58c78f781d13fb6dda0c18dd1.tar.bz2 acf-tinydns-da2aa81f7cf24ec58c78f781d13fb6dda0c18dd1.tar.xz | |
Modified tinydns to implement access control.
git-svn-id: svn://svn.alpinelinux.org/acf/tinydns/trunk@1316 ab2d0c66-481e-0410-8bed-d214d4d58bed
Diffstat (limited to 'tinydns-model.lua')
| -rw-r--r-- | tinydns-model.lua | 70 |
1 files changed, 45 insertions, 25 deletions
diff --git a/tinydns-model.lua b/tinydns-model.lua index 7a0f411..9f73000 100644 --- a/tinydns-model.lua +++ b/tinydns-model.lua @@ -91,21 +91,27 @@ local function split_config_items(orgitem) return output end --- Feed the configfiles table with list of all availage configfiles -local function searchforconfigfiles() +-- Feed the configfiles table with list of all available and allowed configfiles +local function searchforconfigfiles(allowedlist) + if #configfiles > 0 then return configfiles end local cnffile = {} recursedir(configdir, cnffile) - for k,v in pairs(cnffile) do - local configcontent = get_value_from_file(v) - if (configcontent) then - table.insert(configfiles, v) + if allowedlist then + local reverseallowed = {} + for x,name in ipairs(allowedlist) do reverseallowed[name] = x end + for k,v in pairs(cnffile) do + if reverseallowed[v] then + table.insert(configfiles, v) + end end + else + configfiles = cnffile end + return configfiles end -searchforconfigfiles() local function validfilename(path) - for k,v in pairs(getfilelist().value) do + for k,v in pairs(configfiles) do if (v == path) then return true end @@ -129,12 +135,6 @@ function getstatus() value=configdir, }) - status.value.configfiles = cfe({ - type="list", - label="Config files", - value=configfiles, - }) - local config = getconfig() status.value.listen = config.value.listen @@ -171,7 +171,8 @@ end -- If you enter 'filter_type' (this should be one of the options found in local function check_signs() ) then -- the output will be filtered to only contain this type of data. -function getconfigobjects(file_name, filter_type) +function getconfigobjects(file_name, allowedfiles, filter_type) + configfiles = searchforconfigfiles(allowedfiles) local configobjects = {} --Loop through all available configfiles for i,filename in pairs(configfiles) do @@ -228,18 +229,24 @@ function getconfigobjects(file_name, filter_type) return cfe({ type="structure", value=configobjects, label="DNS Entries", filename=file_name, fieldlabels=descr.fieldlabels }) end -function getfilelist () - local listed_files = {} - recursedir(configdir, listed_files) - - return cfe({ type="list", value=listed_files, label="List of config files" }) +function getfilelist(allowedfiles) + configfiles = searchforconfigfiles(allowedfiles) + return cfe({ type="list", value=configfiles, label="List of config files" }) end -function get_filedetails(path) - return modelfunctions.getfiledetails(path) +function get_filedetails(path, allowedfiles) + configfiles = searchforconfigfiles(allowedfiles) + if not validfilename(path) then + local result = modelfunctions.getfiledetails("") + result.value.filename.value = path + return result + else + return modelfunctions.getfiledetails(path) + end end -function set_filedetails (filedetails) +function set_filedetails (filedetails, allowedfiles) + configfiles = searchforconfigfiles(allowedfiles) filedetails.value.filecontent.value = string.gsub(format.dostounix(filedetails.value.filecontent.value), "\n+$", "") local success, errtxt = validfilename(filedetails.value.filename.value) if success then @@ -259,7 +266,7 @@ function getnewconfigfile() return cfe({ type="group", value=options, label="New config file" }) end -function createconfigfile(configfile) +function createconfigfile(self, configfile, allowedfiles) configfile.errtxt = "Failed to create file" local path = configfile.value.filename.value local validfilepath, filepatherror = validator.is_valid_filename(path,configdir) @@ -270,6 +277,18 @@ function createconfigfile(configfile) local file = io.open(path, "w") file:close() configfile.errtxt = nil + + -- We have to add this file to the allowed list + local found = false + for i,name in ipairs(allowedfiles) do + if name == configfile.value.filename.value then found = true break end + end + if not found then + -- this modifies the session + allowedfiles[#allowedfiles + 1] = configfile.value.filename.value + require("authenticator") + authenticator.change_setting(self, self.sessiondata.userinfo.userid, "dnsfiles", allowedfiles) + end end else configfile.value.filename.errtxt = filepatherror @@ -278,7 +297,8 @@ function createconfigfile(configfile) return configfile end -function remove_file(path) +function remove_file(path, allowedfiles) + configfiles = searchforconfigfiles(allowedfiles) local success = "Failed to delete file" local errtxt if not (fs.is_file(path)) then |