Implement node flags

2 years ago · bfbdc16036
parent 78b97c5094
commit bfbdc16036
15 changed files with 200 additions and 38 deletions
--- a/asset.php
+++ b/asset.php
@ -167,7 +167,7 @@ $sth->execute([$id]);
 $asset = $sth->fetch(PDO::FETCH_OBJ);
 $smarty->assign("asset", $asset);

-$sql = "SELECT node_id, node_ip, 
+$sql = "SELECT node_id, node_ip, node.node_flags & 0x1 = 1 AS deleted,
            CONCAT(LEFT(node_info, 40), IF(CHAR_LENGTH(node_info)>40,'...','')) AS node_info
        FROM node
        WHERE asset_id=?
--- a/includes.php
+++ b/includes.php
@ -12,7 +12,9 @@ session_start();

 // check for user_id, if unnkown, redirect to login
 if (empty($_SESSION['suser_id'])) {
-    $_SESSION['prelogin'] = $_SERVER['REQUEST_URI'];
+    if (isset($_SERVER['REQUEST_URI'])) {
+        $_SESSION['prelogin'] = $_SERVER['REQUEST_URI'];
+    }
    header("Location: login.php");
    exit;
 }
--- a/install/index.php
+++ b/install/index.php
@ -0,0 +1,121 @@
+<?php
+$failure = false;
+?>
+<!DOCTYPE html>
+<html>
+<head>
+<title>Install</title>
+</head>
+<body>
+<h1>Installation check</h1>
+<?php
+
+// PDO
+$ext = get_loaded_extensions();
+$msg = '<p>PDO database interface: <span style="color:%s">%s</span>'."</p>\n";
+$failure = ! in_array('PDO', $ext);
+$res = $failure ? ['red', 'Error'] : ['green', 'OK'];
+echo vsprintf($msg, $res);
+
+// config file
+if (! $failure) {
+    $conffile = '../config.php';
+    $perms = fileperms($conffile);
+    if ($perms & 0x07) {
+        echo '<p>Config file world readable: <span style="color:red">Error</span>', "</p>\n";
+    }
+    if ($perms & 0x10) {
+        echo '<p>Config file writeable by webserver: <span style="color:red">Error</span>', "</p>\n";
+    }
+    $msg = '<p>Read config file: <span style="color:%s">%s</span>'."</p>\n";
+    $failure = (! include($conffile));
+    $res = $failure ? ['red', 'Error'] : ['green', 'OK'];
+    echo vsprintf($msg, $res);
+} else {
+    echo "<p>Configfile correct?</p>";
+}
+
+// Database connection
+if (! $failure) {
+    try {
+        $dbh = new PDO("mysql:host=$config_mysql_host", $config_mysql_username, $config_mysql_password);
+        $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+    } catch (PDOException $e) {
+        $details = "<pre>" . $e->getMessage() . "</pre>\n";
+        $failure = true;
+    }
+    $msg = '<p>Database connection: <span style="color:%s">%s</span>'."</p>\n";
+    $res = $failure ? ['red', 'Error'] : ['green', 'OK'];
+    echo vsprintf($msg, $res);
+    if ($failure) {
+        echo $details;
+    }
+} else {
+    echo "<p>Database connection available?</p>\n";
+}
+
+// Ipreg database exists
+if (! $failure) {
+    $sql = "SELECT SCHEMA_NAME FROM
+            INFORMATION_SCHEMA.SCHEMATA
+            WHERE SCHEMA_NAME=?";
+    $sth = $dbh->prepare($sql);
+    $sth->execute([$config_mysql_dbname]);
+    $failure = ! $sth->fetchColumn();
+    $msg = '<p>Database exists: <span style="color:%s">%s</span>'."</p>\n";
+    $res = $failure ? ['red', 'Error'] : ['green', 'OK'];
+    echo vsprintf($msg, $res);
+    $dbh->query("USE $config_mysql_dbname");
+} else {
+    echo "<p>Database available?</p>\n";
+}
+?>
+
+<h2>Rights</h2>
+<?php
+// Admin-user?
+if (! $failure) {
+    $admincount = 0;
+
+    // Admin count
+    $sql = "SELECT user_id FROM user WHERE FIND_IN_SET('admin',user_role)>0";
+    $sth = $dbh->query($sql);
+    $adminlist = $sth->fetchAll(PDO::FETCH_ASSOC);
+    $admincount = count($adminlist);
+    if ($admincount == 0) {
+        echo '<p>No admin user exists: <span style="color:red">Error</span>'."</p>\n";
+    }
+
+    // Default admin
+    $sql = "SELECT user_pass FROM user WHERE user_name='admin' AND FIND_IN_SET('admin',user_role)>0";
+    $sth = $dbh->query($sql);
+    if ($rec = $sth->fetchColumn()) {
+        // Check default password
+        if ($rec == '$2y$10$HTs0lSaFrfr.q4Gmy5zWfeDg3jhYZkqEGZEnDkMiHZ641nso38mt6') {
+           echo '<p>Password for default admin has not been changed: <span style="color:yellow">Warnung</span>'."</p>\n";
+        } else {
+           echo '<p>Default admin exists: <span style="color:green">OK</span>'."</p>\n";
+        }
+    } else {
+        echo "<p>Default admin does not exist.</p>\n";
+        if ($admincount > 0) {
+            echo '<p>There are more admin accounts: <span style="color:green">OK</span>', "</p>\n";
+        }
+    }
+} else {
+    echo "<p>Administrative user available?</p>\n";
+}
+
+// Smarty
+$compiledir = '../tpl_c';
+$failure = ! is_writeable($compiledir);
+$msg = '<p>Smarty compile directory writable: <span style="color:%s">%s</span>'."</p>\n";
+$res = $failure ? ['red', 'Error'] : ['green', 'OK'];
+echo vsprintf($msg, $res);
+
+?>
+<h2>Summary</h2>
+<p>If everything here checks ok the installation directory <tt>install</tt>
+should be removed.</p>
+</body>
+</html>
--- a/install/mysql.sql
+++ b/install/mysql.sql
@ -99,6 +99,7 @@ CREATE TABLE node (
  zone_id int(10) DEFAULT NULL,
  node_info text DEFAULT NULL,
  node_type enum('v4','v6') NOT NULL DEFAULT 'v4',
+  node_flags set('deleted','reserved') DEFAULT NULL,
  PRIMARY KEY (node_id),
  INDEX ix_ip (node_ip),
  INDEX ix_mac (node_mac)
--- a/lang/de.php
+++ b/lang/de.php
@ -53,6 +53,8 @@ $lang = array(
    'lang_source' => 'Quelle',
    'lang_target' => 'Ziel',
    'lang_length' => 'L&auml;nge',
+    'lang_flag_deleted' => 'gelöscht',
+    'lang_flag_reserved' => 'reserviert',

    'lang_asset_add' => 'Objekt hinzufügen',
    'lang_asset_del' => 'Objekt löschen',
--- a/lang/en.php
+++ b/lang/en.php
@ -53,6 +53,8 @@ $lang = array(
    'lang_source' => 'Source',
    'lang_target' => 'Target',
    'lang_length' => 'Length',
+    'lang_flag_deleted' => 'deleted',
+    'lang_flag_reserved' => 'reserved',

    'lang_asset_add' => 'Add asset',
    'lang_asset_del' => 'Delete asset',
--- a/node.php
+++ b/node.php
@ -83,14 +83,24 @@ switch ($submit = form_get_action()) {
        $node_dns2 = sanitize($_POST['node_dns2']);
        $node_info = sanitize($_POST['node_info']);
        $zone_id = sanitize($_POST['zone_id']);
+        $flag_deleted = isset($_POST['flag_deleted']) or false;
+        $flag_reserved = isset($_POST['flag_reserved']) or false;
+
+        // construct flags
+        $flags = array();
+        if ($flag_deleted) $flags[] = 'deleted';
+        if ($flag_reserved) $flags[] = 'reserved';
+        $flags = empty($flags) ? NULL : implode(',', $flags);

        $sql = "UPDATE node SET
                    asset_id=?, node_ip=?, subnet_id=?, node_mac=?,
-                    node_dns1=?, node_dns2=?, node_info=?, zone_id=?
+                    node_dns1=?, node_dns2=?, node_info=?, zone_id=?,
+                    node_flags=?
                WHERE node_id=?";
        $sth = $dbh->prepare($sql);
        $sth->execute([$asset_id, $node_ip, $subnet_id, $node_mac, 
                       $node_dns1, $node_dns2, $node_info, $zone_id,
+                       $flags,
                       $id]);
        $action = ACT_VIEW;
        break;
@ -138,19 +148,24 @@ if(isset($_GET['subnet_id'])) {
    $smarty->assign("subnet_id", '');
 }

+// deleted records only for admin or manager
+if (($_SESSION['suser_role_admin'] == 0) and ($_SESSION['suser_role_manage'] == 0)) {
+    $w[] = "((n.node_flags IS NULL) OR (n.node_flags & 0x1 = 0))";
+}
+
 // create sql with optional filter
 $where = join(' AND ', $w);

 $sql = "SELECT a.asset_id,
            CONCAT(LEFT(a.asset_info,30), IF(CHAR_LENGTH(a.asset_info)>30,'...','')) AS asset_info,
            REPLACE(a.asset_name, ' ', '&nbsp;') AS asset_name,
-            n.node_id, n.node_ip,
+            n.node_id, n.node_ip, (n.node_flags & 0x1)=1 AS deleted,
            CONCAT(LEFT(n.node_info,30), IF(CHAR_LENGTH(n.node_info)>30,'...','')) AS node_info,
            c.assetclass_id, c.assetclass_name
        FROM node AS n LEFT JOIN asset AS a USING (asset_id)
            LEFT JOIN assetclass AS c USING (assetclass_id)";
 if ($where) {
-    $sql .= ' WHERE ' . $where;
+    $sql .= ' WHERE ' . $where . ' ';
 }
 $sql .= "GROUP BY n.node_id ORDER BY INET_ATON(n.node_ip)";
 $sth = $dbh->prepare($sql);
@ -201,7 +216,8 @@ elseif ($action == ACT_VIEW):
 // node
 $sql = "SELECT n.node_id AS id, n.node_ip AS ip, n.node_mac AS mac,
            n.node_dns1 AS dns1, n.node_dns2 AS dns2, n.node_info AS info,
-            n.node_type AS type,
+            n.node_type AS type, n.node_flags AS flags, 
+            (n.node_flags & 0x1)=1 AS deleted, (n.node_flags & 0x2)=2 AS reserved,
            a.asset_id, a.asset_name,
            c.assetclass_id, c.assetclass_name,
            s.subnet_id, s.subnet_address, s.subnet_mask,
@ -259,12 +275,14 @@ elseif ($action == ACT_EDIT):

 $sql = "SELECT node_id AS id, node_ip AS ip, node_mac AS mac,
            node_dns1 AS dns1, node_dns2 AS dns2, node_info AS info,
-            zone_id, asset_id, subnet_id
+            zone_id, asset_id, subnet_id, node_flags AS flags
 	FROM node
 	WHERE node_id=?";
 $sth = $dbh->prepare($sql);
 $sth->execute([$id]);
-$smarty->assign("node", $sth->fetch(PDO::FETCH_OBJ));
+$node = $sth->fetch(PDO::FETCH_OBJ);
+$node->flags = explode(',', $node->flags);
+$smarty->assign("node", $node);

 $smarty->assign("asset_options", db_get_options_asset());
 $smarty->assign("subnet_options", db_get_options_subnet());
--- a/options.php
+++ b/options.php
@ -49,6 +49,7 @@ switch ($submit = form_get_action()) {
        if ($menu_subnets) $menu[] = 'subnet';
        if ($menu_vlans) $menu[] = 'vlan';
        if ($menu_zones) $menu[] = 'zone';
+        $menu = empty($menu) ? NULL : implode(',', $menu);

        $sql = "UPDATE user SET
                user_language=?, user_imagesize=?, user_imagecount=?,
@ -59,7 +60,7 @@ switch ($submit = form_get_action()) {
        $sth = $dbh->prepare($sql);
        $sth->execute([$language, $imagesize, $imagecount,
                       $mac, $dateformat, $dns1suffix,
-                       $dns2suffix, $tooltips, implode(',', $menu),
+                       $dns2suffix, $tooltips, $menu,
                       $id]);

        $_SESSION['suser_language'] = $language;
--- a/subnet.php
+++ b/subnet.php
@ -186,12 +186,12 @@ if ($action == ACT_DEFAULT):
 // ========== VARIANT: default behavior =======================================

 $sql = "SELECT s.subnet_id, s.subnet_address, s.subnet_mask,
-        s.ntp_server, 
-        CONCAT(LEFT(s.subnet_info, 50), IF(CHAR_LENGTH(s.subnet_info)>50,'...','')) AS subnet_info,
-        COUNT(node.subnet_id) AS node_counter
-    FROM subnet AS s LEFT JOIN node USING (subnet_id)
-    GROUP BY s.subnet_id
-    ORDER BY INET_ATON(s.subnet_address)";
+            s.ntp_server, 
+            CONCAT(LEFT(s.subnet_info, 50), IF(CHAR_LENGTH(s.subnet_info)>50,'...','')) AS subnet_info,
+            COUNT(node.subnet_id) AS node_counter
+        FROM subnet AS s LEFT JOIN node USING (subnet_id)
+        GROUP BY s.subnet_id
+        ORDER BY INET_ATON(s.subnet_address)";
 $sth = $dbh->query($sql);

 $smarty->assign("subnets", $sth->fetchAll());
@ -215,22 +215,15 @@ if(isset($_GET['page'])) {
 }

 // subnet
-$sql = "SELECT
-            s.subnet_id AS id, 
-            s.subnet_address AS address,
-            s.subnet_mask AS mask,
-            s.subnet_dhcp_start AS dhcp_start,
-            s.subnet_dhcp_end AS dhcp_end,
-            s.subnet_info AS info,
-            s.protocol_version AS proto_vers,
+$sql = "SELECT s.subnet_id AS id, s.subnet_address AS address, s.subnet_mask AS mask,
+            s.subnet_dhcp_start AS dhcp_start, s.subnet_dhcp_end AS dhcp_end,
+            s.subnet_info AS info, s.protocol_version AS proto_vers,
            s.ntp_server,
-            COUNT(node.subnet_id) AS node_counter
-        FROM
-            subnet AS s LEFT JOIN node USING (subnet_id)
-        WHERE
-            s.subnet_id=?
-        GROUP BY
-            s.subnet_id";
+            COUNT(n.subnet_id) AS node_counter
+        FROM subnet AS s LEFT JOIN node AS n USING (subnet_id)
+        WHERE s.subnet_id=? 
+          AND ((n.node_flags IS NULL) OR (n.node_flags & 0x1 = 0))
+        GROUP BY s.subnet_id";
 $sth = $dbh->prepare($sql);
 $sth->execute([$id]);

@ -441,6 +434,7 @@ $sql = "SELECT
            LEFT JOIN assetclass AS c USING (assetclass_id)
            LEFT JOIN assetclassgroup AS g USING (assetclassgroup_id)
        WHERE n.subnet_id=:subnet_id
+          AND ((n.node_flags IS NULL) OR (n.node_flags & 0x1 = 0))
          AND INET_ATON(n.node_ip) BETWEEN :ipfrom AND :ipto";
 // Debug $smarty->assign("sql",array_key_first($subnetdata) .  " - " . array_key_last($subnetdata) );
 $sth = $dbh->prepare($sql);
@ -556,6 +550,7 @@ $sql = "SELECT assetclass_id AS id, assetclass_name AS name,
                  LEFT JOIN assetclass USING (assetclass_id)
                  LEFT JOIN assetclassgroup USING (assetclassgroup_id)
        WHERE subnet_id=?
+          AND ((node.node_flags IS NULL) OR (node.node_flags & 0x1 = 0))
        GROUP BY assetclass_id
        ORDER BY assetclass_name";
 $sth = $dbh->prepare($sql);
--- a/tpl/assetview.tpl
+++ b/tpl/assetview.tpl
@ -106,8 +106,15 @@
    </td>
    <td class="value">
        {foreach item=node from=$nodes}
-        <a href="node.php?f=view&id={$node.node_id}">{if $node.node_ip}{$node.node_ip}{else}(leer){/if}</a>
-        {if $node.node_info}{$node.node_info}{/if}<br>
+        {if !$node.deleted}
+            <a href="node.php?f=view&id={$node.node_id}">{if $node.node_ip}{$node.node_ip}{else}(leer){/if}</a>
+            {if $node.node_info}{$node.node_info}{/if}<br>
+        {else}
+            {if $suser_admin or $suser_manage}
+                <s>{if $node.node_ip}{$node.node_ip}{else}(leer){/if}</s>
+                {if $node.node_info}{$node.node_info}{/if}<br>
+            {/if}
+        {/if}
        {/foreach}
    </td>
 </tr>
--- a/tpl/node.tpl
+++ b/tpl/node.tpl
@ -30,9 +30,10 @@
        </td>
    </tr>
    {foreach item=node from=$nodes}
+    {if not $node.deleted or $suser_admin or $suser_manage}
    <tr>
        <td class="label">
-            <a href="node.php?f=view&id={$node.node_id}">{if $node.node_ip}{$node.node_ip}{else}(leer){/if}</a>
+            <a href="node.php?f=view&id={$node.node_id}">{if $node.node_ip}{if $node.deleted}<s>{$node.node_ip}</s>{else}{$node.node_ip}{/if}{else}(leer){/if}</a>
        </td>
        <td class="value">
            {$node.node_info}
@ -47,9 +48,10 @@
            {$node.asset_info}
        </td>
    </tr>
+    {/if}
    {foreachelse}
    <tr>
-        <td colspan="4">
+        <td colspan="5">
            {$lang_node_none}
        </td>
    </tr>
--- a/tpl/nodeedit.tpl
+++ b/tpl/nodeedit.tpl
@ -63,6 +63,15 @@
        <textarea name="node_info">{$node->info}</textarea>
    </td>
 </tr>
+<tr>
+    <td class="label">
+        Flags
+    </td>
+    <td class="label">
+        <input type="checkbox" id="ck1" name="flag_deleted"{if in_array('deleted', $node->flags)} checked="checked"{/if}> {$lang_flag_deleted}<br>
+        <input type="checkbox" id="ck1" name="flag_reserved"{if in_array('reserved', $node->flags)} checked="checked"{/if}> {$lang_flag_reserved}
+    </td>
+</tr>
 </table>

 <table class="info">
--- a/tpl/nodeview.tpl
+++ b/tpl/nodeview.tpl
@ -29,7 +29,8 @@
            {$lang_ip}
        </td>
        <td class="value">
-            <a href="node.php?f=view&id={$node->id}">{$node->ip}</a>
+            {if $node->deleted}<s>{$node->ip}</s>{else}{$node->ip}{/if}
+            {if $node->flags}({$node->flags}){/if}
        </td>
    </tr>
    <tr>
--- a/tpl/useredit.tpl
+++ b/tpl/useredit.tpl
@ -73,6 +73,7 @@
        <input type="checkbox" name="role_edit" {if in_array('edit', $user->role)} checked="checked"{/if}
    </td>
 </tr>
+{if $suser_admin}
 <tr>
    <td class="label">
        {$lang_user_role_delete}
@ -82,7 +83,6 @@
        <input type="checkbox" name="role_delete" {if in_array('delete', $user->role)} checked="checked"{/if}
    </td>
 </tr>
-{if $suser_admin}
 <tr>
    <td class="label">
        {$lang_user_role_manage}
--- a/user.php
+++ b/user.php
@ -61,13 +61,14 @@ switch ($submit = form_get_action()) {
        $role_manage = sanitize($_POST['role_manage']);
        $role_admin = sanitize($_POST['role_admin']);

-        // construct menu set
+        // construct role set
        $role = array();
        if ($role_add) $role[] = 'add';
        if ($role_edit) $role[] = 'edit';
        if ($role_delete) $role[] = 'delete';
        if ($role_manage) $role[] = 'manage';
        if ($role_admin) $role[] = 'admin';
+        $role = empty($role) ? NULL : implode(',', $role);

        $sql = "UPDATE user SET
                    user_name=?, user_displayname=?, user_realm=?,
@ -75,7 +76,7 @@ switch ($submit = form_get_action()) {
                WHERE user_id=?";
        $sth = $dbh->prepare($sql);
        $sth->execute([$user_name ,$user_displayname, $user_realm,
-                       implode(',', $role), $id]);
+                       $role, $id]);
        $action = ACT_VIEW;
        break;