From 7322419072402e8095d4bc8e9523375f33a89a4f Mon Sep 17 00:00:00 2001
From: Ted Trask <ttrask01@yahoo.com>
Date: Tue, 29 Oct 2013 02:26:45 +0000
Subject: Add sourcename to viewweblog and ability to filter on sourcename

Also fix bug where boolean defaults were ignored in viewweblog, caused by using handle_clientdata
---
 weblog-controller.lua      |  1 -
 weblog-model.lua           | 54 +++++++++++++++++++++++++++++++++-------------
 weblog-viewweblog-html.lsp |  2 ++
 3 files changed, 41 insertions(+), 16 deletions(-)

diff --git a/weblog-controller.lua b/weblog-controller.lua
index c3e47bd..54f3936 100644
--- a/weblog-controller.lua
+++ b/weblog-controller.lua
@@ -38,7 +38,6 @@ function mymodule.viewweblog(self)
 	local retval = self.handle_form(self, self.model.getweblogparameters, self.model.getweblog, self.clientdata, "Update", "Display Weblog")
 	-- We want to get the weblog even if form wasn't submitted
 	if not self.clientdata.submit then
-		self.handle_clientdata(retval, self.clientdata)
 		retval = self.model.getweblog(self, retval)
 	end
 	return retval
diff --git a/weblog-model.lua b/weblog-model.lua
index 103948d..7ca9c2c 100644
--- a/weblog-model.lua
+++ b/weblog-model.lua
@@ -286,7 +286,7 @@ local groompublogs = function()
 	logme("Deleted " .. res .. " old records from pubweblog_history")
 end
 
-local generatewhereclause = function(clientuserid, starttime, endtime, clientip, badyesno, deniedyesno, bypassyesno, score, urisearch, selected)
+local generatewhereclause = function(clientuserid, starttime, endtime, clientip, badyesno, deniedyesno, bypassyesno, score, urisearch, selected, sourcename)
 	local sql = ""
 	local where = {}
 	if clientuserid and clientuserid ~= "" then
@@ -319,6 +319,13 @@ local generatewhereclause = function(clientuserid, starttime, endtime, clientip,
 	if selected then
 		where[#where+1] = "selected = 'true'"
 	end
+	if sourcename and #sourcename > 0 then
+		tmp = {}
+		for i,s in pairs(sourcename) do
+			tmp[#tmp+1] = "sourcename = '"..escape(s).."'"
+		end
+		where[#where+1] = "("..table.concat(tmp, " OR ")..")"
+	end
 
 	if #where > 0 then
 		sql = " WHERE " .. table.concat(where, " AND ")
@@ -327,11 +334,11 @@ local generatewhereclause = function(clientuserid, starttime, endtime, clientip,
 	return sql
 end
 
-local listlogentries = function(activelog, clientuserid, starttime, endtime, clientip, badyesno, deniedyesno, bypassyesno, score, urisearch, sortby, selected)
+local listlogentries = function(activelog, clientuserid, starttime, endtime, clientip, badyesno, deniedyesno, bypassyesno, score, urisearch, sortby, selected, sourcename)
 	local entries = {}
 	-- retrieve a cursor
 	local sql = "SELECT * FROM "..escape(activelog)
-	sql = sql .. generatewhereclause(clientuserid, starttime, endtime, clientip, badyesno, deniedyesno, bypassyesno, score, urisearch, selected)
+	sql = sql .. generatewhereclause(clientuserid, starttime, endtime, clientip, badyesno, deniedyesno, bypassyesno, score, urisearch, selected, sourcename)
 	sql = sql .. " ORDER BY "..escape(sortby)
 	cur = assert (con:execute(sql))
 	row = cur:fetch ({}, "a")
@@ -1098,6 +1105,7 @@ end
 local validateweblogparameters = function(params)
 	local success = modelfunctions.validateselect(params.value.activelog)
 	success = modelfunctions.validateselect(params.value.sortby) and success
+	success = modelfunctions.validatemulti(params.value.sourcename) and success
 	if params.value.clientip.value ~= "" and string.find(params.value.clientip.value, "[^%d%.]") then
 		params.value.clientip.errtxt = "Invalid IP Address"
 		success = false
@@ -1132,22 +1140,38 @@ local validateweblogparameters = function(params)
 	return success
 end
 
-function mymodule.getweblogparameters()
+function mymodule.getweblogparameters(self, clientdata)
 	local c = mymodule.getconfig()
 	local result = {}
 	result.activelog = cfe({ type="select", value="pubweblog", option={"pubweblog", "pubweblog_history"}, label="Active Weblog", seq=1 })
 	result.starttime = cfe({ value=c.value.auditstart.value, label="Start Time", seq=2 })
 	result.endtime = cfe({ value=c.value.auditend.value, label="End Time", seq=3 })
-	result.clientuserid = cfe({ value="", label="User ID", seq=4 })
-	result.clientip = cfe({ value="", label="Client IP", seq=5 })
-	result.urisearch = cfe({ value="", label="URI Contains", descr="Retrieve records where the URI contains this word", seq=6 })
-	result.score = cfe({ value=c.value.score.value, label="Minimum Score", descr="Minimum score to search on", seq=7 })
-	result.sortby = cfe({ type="select", value=c.value.sortby.value, option=c.value.sortby.option, label="Sort By field", descr="Sort by this field when displaying records", seq=8 })
-	result.badyesno = cfe({ type="boolean", value=c.value.badyesno.value, label="Show Suspect Records", descr="Limit search to records marked as suspect", seq=9 })
-	result.deniedyesno = cfe({ type="boolean", value=c.value.deniedyesno.value, label="Show Denied Records", descr="Limit search to Denied URIs", seq=10 })
-	result.bypassyesno = cfe({ type="boolean", value=c.value.bypassyesno.value, label="Show Bypass Records", descr="Limit search to Bypass attempts", seq=11 })
-	result.selected = cfe({ type="boolean", value=false, label="Show Selected Records", descr="Limit search to records that have been selected", seq=12 })
-	result.focus = cfe({ value="", label="Focus Time", seq=13 })
+	result.sourcename = cfe({ type="multi", value={}, label="Source", option={}, seq=4 })
+	result.clientuserid = cfe({ value=clientdata.clientuserid or "", label="User ID", seq=5 })
+	result.clientip = cfe({ value=clientdata.clientip or "", label="Client IP", seq=6 })
+	result.urisearch = cfe({ value="", label="URI Contains", descr="Retrieve records where the URI contains this word", seq=7 })
+	result.score = cfe({ value=c.value.score.value, label="Minimum Score", descr="Minimum score to search on", seq=8 })
+	result.sortby = cfe({ type="select", value=c.value.sortby.value, option=c.value.sortby.option, label="Sort By field", descr="Sort by this field when displaying records", seq=9 })
+	result.badyesno = cfe({ type="boolean", value=c.value.badyesno.value, label="Show Suspect Records", descr="Limit search to records marked as suspect", seq=10 })
+	result.deniedyesno = cfe({ type="boolean", value=c.value.deniedyesno.value, label="Show Denied Records", descr="Limit search to Denied URIs", seq=11 })
+	result.bypassyesno = cfe({ type="boolean", value=c.value.bypassyesno.value, label="Show Bypass Records", descr="Limit search to Bypass attempts", seq=12 })
+	result.selected = cfe({ type="boolean", value=false, label="Show Selected Records", descr="Limit search to records that have been selected", seq=13 })
+	result.focus = cfe({ value="", label="Focus Time", seq=14 })
+
+	-- Get the source options
+	local res, err = pcall(function()
+		databaseconnect(DatabaseUser)
+		local sources = listsourceentries()
+		for i,s in ipairs(sources) do
+			result.sourcename.value[#result.sourcename.value + 1] = s.sourcename
+			result.sourcename.option[#result.sourcename.option + 1] = s.sourcename
+		end
+		databasedisconnect()
+	end)
+	if err and not res then
+		result.source.errtxt = err
+	end
+
 	return cfe({ type="group", value=result, label="Weblog Access Log" })
 end
 
@@ -1159,7 +1183,7 @@ function mymodule.getweblog(self, result)
 	if success then
 		local res, err = pcall(function()
 			databaseconnect(DatabaseUser)
-			result.value.log.value = listlogentries(result.value.activelog.value, result.value.clientuserid.value, result.value.starttime.value, result.value.endtime.value, result.value.clientip.value, result.value.badyesno.value, result.value.deniedyesno.value, result.value.bypassyesno.value, result.value.score.value, result.value.urisearch.value, result.value.sortby.value, result.value.selected.value ) or {}
+			result.value.log.value = listlogentries(result.value.activelog.value, result.value.clientuserid.value, result.value.starttime.value, result.value.endtime.value, result.value.clientip.value, result.value.badyesno.value, result.value.deniedyesno.value, result.value.bypassyesno.value, result.value.score.value, result.value.urisearch.value, result.value.sortby.value, result.value.selected.value, result.value.sourcename.value ) or {}
 			databasedisconnect()
 		end)
 		if not res then
diff --git a/weblog-viewweblog-html.lsp b/weblog-viewweblog-html.lsp
index e7f1a6a..51c158d 100644
--- a/weblog-viewweblog-html.lsp
+++ b/weblog-viewweblog-html.lsp
@@ -145,6 +145,7 @@ for i,watch in ipairs(subdata) do
 end %>
 		<TH><input type="checkbox" id="chkHead"<% if checkhead then %> checked<% end %>></TH>
 		<TH>Timestamp</TH>
+		<TH>Source</TH>
 		<TH>Client IP</TH>
 		<TH>User ID</TH>
 		<TH>Size</TH>
@@ -174,6 +175,7 @@ end %>
 			"&endtime="..os.date("%Y-%m-%d %H:%M:%S", time + 60*(tonumber(data.value.window.value)))..
 			"&focus="..watch.logdatetime,
 			label=watch.logdatetime} %></TD>
+		<TD> <%= html.html_escape(watch.sourcename) %></TD>
 		<TD <% if data.value.clientip.value == watch.clientip then %> style="font-weight:bold;" <% end %> ><%= html.html_escape(watch.clientip) %></TD>
 		<TD <% if data.value.clientuserid.value == watch.clientuserid then %> style="font-weight:bold;" <% end %> ><%= html.html_escape(watch.clientuserid) %></TD>
 		<TD><%= html.html_escape(watch.bytes) %></TD>
-- 
cgit v1.2.3