diff options
author | Ted Trask <ttrask01@yahoo.com> | 2011-06-09 06:45:30 +0000 |
---|---|---|
committer | Ted Trask <ttrask01@yahoo.com> | 2011-06-09 06:45:30 +0000 |
commit | 4512d2436bbb338900520cae66a762f9ab00d545 (patch) | |
tree | 85db409dedc752022fe8c3d4b3fc598f1a3efd04 /provisioning-model.lua | |
parent | 70190e54e41ce5c64bf895e18492df1c4f83ab2f (diff) | |
download | acf-provisioning-4512d2436bbb338900520cae66a762f9ab00d545.tar.bz2 acf-provisioning-4512d2436bbb338900520cae66a762f9ab00d545.tar.xz |
Added lua validate code into provisioning_params table, added example for mac address
Diffstat (limited to 'provisioning-model.lua')
-rw-r--r-- | provisioning-model.lua | 77 |
1 files changed, 61 insertions, 16 deletions
diff --git a/provisioning-model.lua b/provisioning-model.lua index 683b90d..bb68af6 100644 --- a/provisioning-model.lua +++ b/provisioning-model.lua @@ -219,13 +219,42 @@ validateparam = function(p) return true end +-- These are the functions that may be called from within loaded Lua code +local functions = { + getselectresponse=getselectresponse, + runsqlcommand=runsqlcommand, + get_device=get_device, + get_device_params=get_device_params, +} + +local validateparamcoded +validateparamcoded = function(p, top) + top = top or p + local success = true + if p.type == "group" then + for n,p2 in pairs(p.value) do + success = validateparamcoded(p2, top) and success + end + return success + end + if p.validate and p.validate ~= "" then + -- We have Lua validation code + local env = {} + setmetatable (env, {__index = _G}) + -- loadfile loads into the global environment + -- so we set env 0, not env 1 + setfenv (0, env) + local f = loadstring(p.validate) + if (f) then + p.value, p.errtxt = f(p.value, functions, top) + if p.errtxt then success = false end + end + setfenv (0, _G) + end + return success +end + local function callscript(script, ...) - local functions = { - getselectresponse=getselectresponse, - runsqlcommand=runsqlcommand, - get_device=get_device, - get_device_params=get_device_params, - } local env = {} setmetatable (env, {__index = _G}) -- loadfile loads into the global environment @@ -236,23 +265,30 @@ local function callscript(script, ...) setfenv (0, _G) end -local function validatefiledetails(filedetails) +local function validateluacode(code) local success = true - + -- Validate that contents are valid lua code local env = {} setmetatable (env, {__index = _G}) -- loadfile loads into the global environment -- so we set env 0, not env 1 setfenv (0, env) - local f,err = loadstring(filedetails.value.filecontent.value) - if not (f) then + local f,errtxt = loadstring(code) + if not f then success = false - filedetails.value.filecontent.errtxt = "Invalid Lua code\n"..(err or "") end setfenv (0, _G) -- setmetatable (self.conf.app_hooks, {}) + return success, errtxt +end + +local function validatefiledetails(filedetails) + local success, errtxt = validateluacode(filedetails.value.filecontent.value) + if not success then + filedetails.value.filecontent.errtxt = "Invalid Lua code\n"..(errtxt or "") + end return success, filedetails end @@ -1003,8 +1039,8 @@ get_param = function(param_id) retval.descr = cfe({label="Description", seq=5}) retval.value = cfe({label="Default Value", descr="Warning, this value is not validated", seq=6}) retval.regexp = cfe({label="Regular Expression", descr="Lua regular expression for validating the text parameter value", seq=7}) - retval.seq = cfe({label="Sequence", seq=8}) --- FIXME - we should add validation and option stuff here + retval.validate = cfe({type="longtext", label="Validation Code", descr="Lua code to validate the parameter value. Returns updated value and error text. Not used to validate group defaults.", seq=8}) + retval.seq = cfe({label="Sequence", seq=9}) local errtxt local res, err = pcall(function() local connected = databaseconnect() @@ -1049,6 +1085,14 @@ update_param = function(param, create) success = false param.value.seq.errtxt = "Must be an integer" end + local s,e = validateluacode(param.value.validate.value) + if not s then + success = false + param.value.validate.errtxt = "Invalid Lua code" + if e and e ~= "" then + param.value.validate.errtxt = param.value.validate.errtxt.."\n"..e + end + end if success then local res, err = pcall(function() local connected = databaseconnect() @@ -1064,7 +1108,7 @@ update_param = function(param, create) local sql = "BEGIN TRANSACTION" runsqlcommand(sql) if create then - sql = "INSERT INTO provisioning_params VALUES(DEFAULT, '"..escape(param.value.name.value).."', '"..escape(param.value.type.value).."', '"..escape(param.value.label.value).."', '"..escape(param.value.descr.value).."', '"..escape(param.value.value.value).."', '"..escape(param.value.seq.value).."', '"..escape(param.value.regexp.value).."')" + sql = "INSERT INTO provisioning_params VALUES(DEFAULT, '"..escape(param.value.name.value).."', '"..escape(param.value.type.value).."', '"..escape(param.value.label.value).."', '"..escape(param.value.descr.value).."', '"..escape(param.value.value.value).."', '"..escape(param.value.seq.value).."', '"..escape(param.value.regexp.value).."', '"..escape(param.value.validate.value).."')" runsqlcommand(sql, true) sql = "SELECT param_id FROM provisioning_params WHERE name='"..escape(param.value.name.value).."' AND label='"..escape(param.value.label.value).."'" local tmp = getselectresponse(sql, true) @@ -1072,7 +1116,7 @@ update_param = function(param, create) param.value.param_id.value = tmp[1].param_id end else - sql = "UPDATE provisioning_params SET (name, type, label, descr, value, seq, regexp) = ('"..escape(param.value.name.value).."', '"..escape(param.value.type.value).."', '"..escape(param.value.label.value).."', '"..escape(param.value.descr.value).."', '"..escape(param.value.value.value).."', '"..escape(param.value.seq.value).."', '"..escape(param.value.regexp.value).."') WHERE param_id='"..escape(param.value.param_id.value).."'" + sql = "UPDATE provisioning_params SET (name, type, label, descr, value, seq, regexp, validate) = ('"..escape(param.value.name.value).."', '"..escape(param.value.type.value).."', '"..escape(param.value.label.value).."', '"..escape(param.value.descr.value).."', '"..escape(param.value.value.value).."', '"..escape(param.value.seq.value).."', '"..escape(param.value.regexp.value).."', '"..escape(param.value.validate.value).."') WHERE param_id='"..escape(param.value.param_id.value).."'" runsqlcommand(sql, true) end @@ -1323,7 +1367,7 @@ get_device_params = function(device_id, editable) retval[g.name].type="group" end -- Then, get all of the parameters for this device - sql = "SELECT g.name AS group, g.label AS grouplabel, p.param_id, p.name, p.type, p.label, p.descr, p.seq, p.regexp, CASE WHEN v.value IS NOT NULL THEN v.value WHEN g2p.value IS NOT NULL THEN g2p.value ELSE p.value END AS value, CASE WHEN g2p.value IS NOT NULL THEN g2p.value ELSE p.value END AS default ".. + sql = "SELECT g.name AS group, g.label AS grouplabel, p.param_id, p.name, p.type, p.label, p.descr, p.seq, p.regexp, p.validate, CASE WHEN v.value IS NOT NULL THEN v.value WHEN g2p.value IS NOT NULL THEN g2p.value ELSE p.value END AS value, CASE WHEN g2p.value IS NOT NULL THEN g2p.value ELSE p.value END AS default ".. "FROM (devices_to_classes d2t JOIN provisioning_classes t USING(class_id) JOIN classes_to_param_groups t2g USING (class_id) JOIN provisioning_groups g USING(group_id) ".. "JOIN param_groups_to_params g2p USING(group_id) JOIN provisioning_params p USING(param_id)) LEFT JOIN provisioning_values v ON(d2t.device_id=v.device_id AND p.param_id=v.param_id AND g.name=v.group_name ) ".. "WHERE d2t.device_id='"..escape(device_id).."'" @@ -1380,6 +1424,7 @@ set_device_params = function(params, editable) if success then local res, err = pcall(function() local connected = databaseconnect() + success = validateparamcoded(params) if not create then local sql = "SELECT * FROM devices_to_classes WHERE device_id='"..escape(params.value.device_id.value).."' LIMIT 1" local tmp = getselectresponse(sql) |