summaryrefslogtreecommitdiffstats
path: root/tinydns-model.lua
diff options
context:
space:
mode:
authorTed Trask <ttrask01@yahoo.com>2008-07-23 12:34:44 +0000
committerTed Trask <ttrask01@yahoo.com>2008-07-23 12:34:44 +0000
commitda2aa81f7cf24ec58c78f781d13fb6dda0c18dd1 (patch)
treeeaac59fe4cb99026f51220ebffac406b64a26c17 /tinydns-model.lua
parentc8a55ba7d09fa091ff64a79b9a8347b6d3191da6 (diff)
downloadacf-tinydns-da2aa81f7cf24ec58c78f781d13fb6dda0c18dd1.tar.bz2
acf-tinydns-da2aa81f7cf24ec58c78f781d13fb6dda0c18dd1.tar.xz
Modified tinydns to implement access control.
git-svn-id: svn://svn.alpinelinux.org/acf/tinydns/trunk@1316 ab2d0c66-481e-0410-8bed-d214d4d58bed
Diffstat (limited to 'tinydns-model.lua')
-rw-r--r--tinydns-model.lua70
1 files changed, 45 insertions, 25 deletions
diff --git a/tinydns-model.lua b/tinydns-model.lua
index 7a0f411..9f73000 100644
--- a/tinydns-model.lua
+++ b/tinydns-model.lua
@@ -91,21 +91,27 @@ local function split_config_items(orgitem)
return output
end
--- Feed the configfiles table with list of all availage configfiles
-local function searchforconfigfiles()
+-- Feed the configfiles table with list of all available and allowed configfiles
+local function searchforconfigfiles(allowedlist)
+ if #configfiles > 0 then return configfiles end
local cnffile = {}
recursedir(configdir, cnffile)
- for k,v in pairs(cnffile) do
- local configcontent = get_value_from_file(v)
- if (configcontent) then
- table.insert(configfiles, v)
+ if allowedlist then
+ local reverseallowed = {}
+ for x,name in ipairs(allowedlist) do reverseallowed[name] = x end
+ for k,v in pairs(cnffile) do
+ if reverseallowed[v] then
+ table.insert(configfiles, v)
+ end
end
+ else
+ configfiles = cnffile
end
+ return configfiles
end
-searchforconfigfiles()
local function validfilename(path)
- for k,v in pairs(getfilelist().value) do
+ for k,v in pairs(configfiles) do
if (v == path) then
return true
end
@@ -129,12 +135,6 @@ function getstatus()
value=configdir,
})
- status.value.configfiles = cfe({
- type="list",
- label="Config files",
- value=configfiles,
- })
-
local config = getconfig()
status.value.listen = config.value.listen
@@ -171,7 +171,8 @@ end
-- If you enter 'filter_type' (this should be one of the options found in local function check_signs() ) then
-- the output will be filtered to only contain this type of data.
-function getconfigobjects(file_name, filter_type)
+function getconfigobjects(file_name, allowedfiles, filter_type)
+ configfiles = searchforconfigfiles(allowedfiles)
local configobjects = {}
--Loop through all available configfiles
for i,filename in pairs(configfiles) do
@@ -228,18 +229,24 @@ function getconfigobjects(file_name, filter_type)
return cfe({ type="structure", value=configobjects, label="DNS Entries", filename=file_name, fieldlabels=descr.fieldlabels })
end
-function getfilelist ()
- local listed_files = {}
- recursedir(configdir, listed_files)
-
- return cfe({ type="list", value=listed_files, label="List of config files" })
+function getfilelist(allowedfiles)
+ configfiles = searchforconfigfiles(allowedfiles)
+ return cfe({ type="list", value=configfiles, label="List of config files" })
end
-function get_filedetails(path)
- return modelfunctions.getfiledetails(path)
+function get_filedetails(path, allowedfiles)
+ configfiles = searchforconfigfiles(allowedfiles)
+ if not validfilename(path) then
+ local result = modelfunctions.getfiledetails("")
+ result.value.filename.value = path
+ return result
+ else
+ return modelfunctions.getfiledetails(path)
+ end
end
-function set_filedetails (filedetails)
+function set_filedetails (filedetails, allowedfiles)
+ configfiles = searchforconfigfiles(allowedfiles)
filedetails.value.filecontent.value = string.gsub(format.dostounix(filedetails.value.filecontent.value), "\n+$", "")
local success, errtxt = validfilename(filedetails.value.filename.value)
if success then
@@ -259,7 +266,7 @@ function getnewconfigfile()
return cfe({ type="group", value=options, label="New config file" })
end
-function createconfigfile(configfile)
+function createconfigfile(self, configfile, allowedfiles)
configfile.errtxt = "Failed to create file"
local path = configfile.value.filename.value
local validfilepath, filepatherror = validator.is_valid_filename(path,configdir)
@@ -270,6 +277,18 @@ function createconfigfile(configfile)
local file = io.open(path, "w")
file:close()
configfile.errtxt = nil
+
+ -- We have to add this file to the allowed list
+ local found = false
+ for i,name in ipairs(allowedfiles) do
+ if name == configfile.value.filename.value then found = true break end
+ end
+ if not found then
+ -- this modifies the session
+ allowedfiles[#allowedfiles + 1] = configfile.value.filename.value
+ require("authenticator")
+ authenticator.change_setting(self, self.sessiondata.userinfo.userid, "dnsfiles", allowedfiles)
+ end
end
else
configfile.value.filename.errtxt = filepatherror
@@ -278,7 +297,8 @@ function createconfigfile(configfile)
return configfile
end
-function remove_file(path)
+function remove_file(path, allowedfiles)
+ configfiles = searchforconfigfiles(allowedfiles)
local success = "Failed to delete file"
local errtxt
if not (fs.is_file(path)) then