Created a temporary password-manager. This will probably be moved somewhere else.

git-svn-id: svn://svn.alpinelinux.org/acf/alpine-baselayout/trunk@749 ab2d0c66-481e-0410-8bed-d214d4d58bed

7 files changed, 316 insertions, 0 deletions

diff --git a/Makefile b/Makefile
index 091891e..7a7a3fa 100644
--- a/Makefile
+++ b/Makefile
@@ -6,6 +6,7 @@ APP_DIST=\
 	template-logfiles-download-html.lsp	\
 	alpineversion*		\
 	health*			\
+	tmppassword* \
 	hostname*			\
 	interfaces*		\
 	logfiles*			\
diff --git a/tmppassword-controller.lua b/tmppassword-controller.lua
new file mode 100755
index 0000000..c19d6b4
--- /dev/null
+++ b/tmppassword-controller.lua
@@ -0,0 +1,47 @@
+module(..., package.seeall)
+
+local list_redir = function (self)
+	self.conf.action = "status"
+	self.conf.type = "redir"
+	error (self.conf)
+end
+
+mvc = {}
+mvc.on_load = function(self, parent)
+	if (self.worker[self.conf.action] == nil ) or ( self.conf.action == "init" ) then
+		self.worker[self.conf.action] = list_redir(self)
+	end
+end
+
+function status(self)
+	local status=self.model.getstatus(self)
+	status.cmdnew = cfe ({
+		name="cmdnew",
+		type="submit",
+		label="Create new account",
+		value="Create",
+		disabled="yes",
+		})
+	return { status=status }
+end
+
+function edit(self)
+	local config=self.model.getsettings(self.clientdata.userid)
+	config.cmdsave = cfe ({
+		name="cmdsave",
+		type="submit",
+		label="Save changes",
+		value="Save",
+		disabled="yes",
+		})
+	config.cmddelete = cfe ({
+		name="cmddelete",
+		type="submit",
+		label="Delete this account",
+		value="Delete",
+		disabled="yes",
+		})
+
+	return { config=config, clientdata=self.clientdata }
+end
+
diff --git a/tmppassword-edit-html.lsp b/tmppassword-edit-html.lsp
new file mode 100755
index 0000000..8b295b5
--- /dev/null
+++ b/tmppassword-edit-html.lsp
@@ -0,0 +1,72 @@
+<? local form = ... ?>
+<?
+--[[ DEBUG INFORMATION
+io.write("<H1>DEBUGGING</H1><span style='color:red'><H2>DEBUG INFO: CFE</H2>")
+io.write(html.cfe_unpack(form))
+io.write("</span>")
+--]]
+?>
+<?
+function displayinfo(myform,tags,viewonly)
+	io.write("\n<DL>")
+	for k,v in pairs(tags) do 
+		if (myform[v]) and (myform[v]["value"]) then
+			local val = myform[v] 
+			io.write("\n\t<DT")
+			if (#val.errtxt > 0) then 
+				val.class = "error"
+				io.write(" class='error'")
+			end
+			io.write(">" .. val.label .. "</DT>\n")
+			if (viewonly) then
+				io.write("\t\t<DD>" .. val.value .. "\n")
+			else
+				io.write("\t\t<DD>" .. html.form[val.type](val) .. "\n")
+			end
+			if (#val.errtxt > 0) then io.write("\t\t<P CLASS='error'>" .. string.gsub(val.errtxt, "\n", "<BR>") .. "</P>\n") end
+			io.write("\t\t</DD>\n")
+		end
+	end
+	io.write("</DL>")
+end
+?>
+
+<H1>CONFIG</H1>
+<H2>Settings</H2>
+<? 
+local myform = form.config 
+local tags = { "userid", }
+displayinfo(myform,tags,"viewonly")
+local tags = { "descr", }
+displayinfo(myform,tags)
+?>
+
+<?
+-- The following code is a bit special because I want to display checkboxes for available roles.
+local myform = form.config.roles
+io.write("\n<DL>")
+io.write("\n\t<DT")
+if (#myform.errtxt > 0) then 
+	myform.class = "error"
+	io.write(" class='error'")
+end
+io.write(">" .. myform.label .. "</DT>")
+io.write("\n\t\t<DD>")
+for k,v in pairs(myform.option) do
+	local checked = ""
+	if (form.config.userid.roles[v]) then checked = "checked='yes'" end
+	io.write("\n\t\t\t" ..v .. ":<input class='checkbox' type='checkbox'  name='roles'  value='' " .. checked .. "> ")
+end
+if (#myform.errtxt > 0) then io.write("\t\t<P CLASS='error'>" .. string.gsub(myform.errtxt, "\n", "<BR>") .. "</P>\n") end
+io.write("\n\t\t</DD>\n")
+io.write("</DL>")
+?>
+
+<H2>Actions</H2>
+<? 
+local myform = form.config 
+local tags = { "cmdsave", "cmddelete", }
+displayinfo(myform,tags)
+
+?>
+
diff --git a/tmppassword-model.lua b/tmppassword-model.lua
new file mode 100755
index 0000000..e2e4293
--- /dev/null
+++ b/tmppassword-model.lua
@@ -0,0 +1,109 @@
+module(..., package.seeall)
+
+local configfile = "/etc/acf/passwd"
+
+-- ################################################################################
+-- LOCAL FUNCTIONS
+
+local function get_roles()
+	local output = cfe({
+		name="roles",
+		label="Available roles",
+		type="checkbox",
+		option={"CREATE","UPDATE","DELETE","READ"},
+		})
+	return output
+end
+
+-- Return a table with the account-details
+local function get_usersettings(userid)
+	local output = {}
+	local filecontent = fs.read_file_as_array(configfile)
+	for i=1,table.maxn(filecontent) do
+		local l = filecontent[i]
+		if not (string.find ( l, "^[;#].*" )) and not (string.find (l, "^%s*$")) then
+			local useroptions = format.string_to_table(l,":")
+			local userroles = {}
+			for k,v in pairs(format.string_to_table(useroptions[4],",")) do
+				userroles[v] = true
+			end
+			if not (userid) or ( (userid) and (userid == useroptions[1]) ) then
+				table.insert(output, cfe({ 
+					name=useroptions[1],
+					value=useroptions[1],
+					label=useroptions[1],
+					fulltext=string.match(l,"(.-)%s*$"),
+	--				password=useroptions[2],
+					descr=useroptions[3],
+					roles=userroles,
+	--				errtxt="Account is locked!",
+					}))
+			end
+		end
+	end
+	return output
+end
+
+--setup so that it will compare password input
+local function set (self, userid, cmd1, cmd2) 
+	if cmd1 ~= cmd2 then report = "Invalid or non matching password. Try again" 
+	else
+	command = "/usr/bin/cryptpw" .. " " .. cmd1
+	f = io.popen(command)
+	c = f:read("*l")
+	f:close()
+	--this is hardcoded for root should be easy to change
+	newpass = "root:" .. c
+	t = fs.search_replace("/etc/shadow", "root:[!%w%$%/%.]+", newpass)
+	fs.write_file("/etc/shadow", fs.ipairs_string(t))
+	report = "Success. New password set."
+	end
+	return( cfe{value=report, name="report"})
+end
+
+-- ################################################################################
+-- PUBLIC FUNCTIONS
+
+-- Present some general status
+function getstatus()
+	local status = {}
+	status.users = get_usersettings()
+
+	local roles = ""
+	--Rewrite roles into a presentable textstring
+	for k,v in pairs(status.users) do
+		for kk,vv in pairs(v.roles) do
+			roles = kk.. " / " .. roles
+		end
+		v.roles = roles
+		roles = ""
+	end
+	
+
+--	status.roles = get_roles()
+	return status
+end
+
+function getsettings(userid)
+	local settings = {}
+	local usersettings = get_usersettings(userid)
+
+	settings.userid = usersettings[1]
+	settings.userid.label = "User id"
+
+	settings.roles = get_roles()
+
+---[[	
+	settings.descr = cfe({ 
+		name="descr",
+		value=usersettings[1].descr,
+		label="Description",
+--		fulltext=string.match(l,"(.-)%s*$"),
+--		password=useroptions[2],
+--		descr=useroptions[3],
+--		roles=userroles,
+--		errtxt="Account is locked!",
+		})
+--]]
+	return settings
+end
diff --git a/tmppassword-read-html.lsp b/tmppassword-read-html.lsp
new file mode 100755
index 0000000..9ab91bf
--- /dev/null
+++ b/tmppassword-read-html.lsp
@@ -0,0 +1,2 @@
+<? local view = ... ?>
+<p>The local root password is <?= view.password.value ?></p>
diff --git a/tmppassword-status-html.lsp b/tmppassword-status-html.lsp
new file mode 100755
index 0000000..45bed4f
--- /dev/null
+++ b/tmppassword-status-html.lsp
@@ -0,0 +1,82 @@
+<? local form = ... ?>
+<?
+--[[ DEBUG INFORMATION
+io.write("<H1>DEBUGGING</H1><span style='color:red'><H2>DEBUG INFO: CFE</H2>")
+io.write(html.cfe_unpack(form))
+io.write("</span>")
+--]]
+?>
+
+<?
+function displayinfo(myform,tags,viewonly)
+	io.write("<DL>")
+	for k,v in pairs(tags) do 
+		if (myform[v]) and (myform[v]["value"]) then
+			local val = myform[v] 
+			io.write("\t<DT")
+			if (#val.errtxt > 0) then 
+				val.class = "error"
+				io.write(" class='error'")
+			end
+			io.write(">" .. val.label .. "</DT>\n")
+			if (viewonly) then
+				io.write("\t\t<DD>" .. val.value .. "\n")
+			else
+				io.write("\t\t<DD>" .. html.form[val.type](val) .. "\n")
+			end
+			if (val.descr) and (#val.descr > 0) then io.write("\t\t<P CLASS='descr'>" .. string.gsub(val.descr, "\n", "<BR>") .. "</P>\n") end
+			if (#val.errtxt > 0) then io.write("\t\t<P CLASS='error'>" .. string.gsub(val.errtxt, "\n", "<BR>") .. "</P>\n") end
+			io.write("\t\t</DD>\n")
+		end
+	end
+	io.write("</DL>")
+end
+?>
+
+<H1>USER ACCOUNTS</H1>
+<H2>Create new account</H2>
+<? 
+local myform = form.status
+local tags = { "cmdnew", }
+displayinfo(myform,tags)
+?>
+
+<H2>Existing account</H2>
+<?
+--function displayinfo(myform,tags,viewonly)
+local myform = form.status.users
+
+io.write("<DL>")
+if (type(myform) == "table") then
+	for k,v in pairs(myform) do
+		local myform = myform[k]
+		io.write("\t<DT")
+		if (#myform.errtxt > 0) then 
+			myform.class = "error"
+			io.write(" class='error'")
+		end
+		io.write("><IMG SRC='/static/tango/16x16/apps/system-users.png' HEIGHT='16' WIDTH='16'> " .. myform.label .. "</DT>\n")
+		io.write("\t\t<DD>\n\t\t<TABLE>")
+		io.write("\n\t\t\t<TR>\n\t\t\t\t<TD><B>Account name:</B></TD>\n\t\t\t\t<TD WIDTH='90%'>" .. myform.value .. "</TD>\n\t\t\t</TR>")
+		io.write("\n\t\t\t<TR>\n\t\t\t\t<TD><B>Description:</B></TD>\n\t\t\t\t<TD>" .. (myform.descr or "") .. "</TD>\n\t\t\t</TR>")
+		io.write("\n\t\t\t<TR>\n\t\t\t\t<TD><B>Roles:</B></TD>\n\t\t\t\t<TD>")
+		io.write(tostring(myform.roles))
+		io.write("</TD>\n\t\t\t</TR>")
+		io.write("\n\t\t\t<TR>\n\t\t\t\t<TD><B>Options:</B></TD>\n\t\t\t\t<TD>[<A HREF='edit?userid=".. myform.value .. "'>Edit this account</A>]</TD>\n\t\t\t</TR>")
+		io.write("\n\t\t</TABLE>\n")
+		if (#myform.errtxt > 0) then io.write("\t\t<P CLASS='error'>" .. string.gsub(myform.errtxt, "\n", "<BR>") .. "</P>\n") end
+		io.write("\t\t</DD>\n")
+	end
+end
+io.write("</DL>")
+?>
+
+
+<?
+--[[ DEBUG INFORMATION
+io.write("<H1>DEBUGGING</H1><span style='color:red'><H2>DEBUG INFO: CFE</H2>")
+io.write(html.cfe_unpack(form))
+io.write("</span>")
+--]]
+?>
+
diff --git a/tmppassword.menu b/tmppassword.menu
new file mode 100755
index 0000000..3965745
--- /dev/null
+++ b/tmppassword.menu
@@ -0,0 +1,3 @@
+#CAT  		GROUP/DESC		TAB		ACTION
+System		01Password		Status		status
+