Browse code
added acl command
Jiri Kuthan authored on 14/06/2002 22:30:32
Showing 1 changed files
| ... | ... |
@@ -34,6 +34,10 @@ USRLOC=location |
| 34 | 34 |
PASSWORD_COLUMN=password |
| 35 | 35 |
SUBSCRIBER_COLUMN='user_id' |
| 36 | 36 |
EMAIL_COLUMN=email_address |
| 37 |
+# acl table |
|
| 38 |
+ACL_TABLE=grp |
|
| 39 |
+ACL_USER_COLUMN=user |
|
| 40 |
+ACL_GROUP_COLUMN=grp |
|
| 37 | 41 |
|
| 38 | 42 |
|
| 39 | 43 |
|
| ... | ... |
@@ -47,10 +51,101 @@ usage() {
|
| 47 | 51 |
echo " $0 rm <name> ... delete a user (*)" |
| 48 | 52 |
echo " $0 passwd <user> <passwd> ... change user's password (*)" |
| 49 | 53 |
echo " $0 stat ... show runnig processes + $0 show" |
| 54 |
+ echo " $0 acl show [<user>] ... show user membership" |
|
| 55 |
+ echo " $0 acl grant <user> <group> ... grant user memberhsip (*)" |
|
| 56 |
+ echo " $0 acl revoke <user> [<group>] ... grant user memberhsip(s) (*)" |
|
| 50 | 57 |
echo |
| 51 | 58 |
echo " commands labeled with (*) will prompt for a MySQL password" |
| 59 |
+ echo |
|
| 52 | 60 |
} |
| 53 | 61 |
|
| 62 |
+acl() {
|
|
| 63 |
+ case $1 in |
|
| 64 |
+ show) |
|
| 65 |
+ if [ $# -eq 2 ] ; then |
|
| 66 |
+ CLAUSE=" WHERE $ACL_USER_COLUMN='$2' " |
|
| 67 |
+ elif [ $# -ne 1 ] ; then |
|
| 68 |
+ usage |
|
| 69 |
+ exit 1 |
|
| 70 |
+ fi |
|
| 71 |
+ QUERY="select * FROM $ACL_TABLE $CLAUSE ; " |
|
| 72 |
+ $MYSQL -h $SQL_HOST -u $RO_USER "-p$RO_PW" \ |
|
| 73 |
+ -e "$QUERY ;" $SQL_DB |
|
| 74 |
+ ;; |
|
| 75 |
+ |
|
| 76 |
+ grant) |
|
| 77 |
+ if [ $# -ne 3 ] ; then |
|
| 78 |
+ usage |
|
| 79 |
+ exit 1 |
|
| 80 |
+ fi |
|
| 81 |
+ |
|
| 82 |
+ $MYSQL -h $SQL_HOST -u $SQL_USER -p$PW \ |
|
| 83 |
+ -e "use $SQL_DB; insert into $ACL_TABLE \ |
|
| 84 |
+ ($ACL_USER_COLUMN,$ACL_GROUP_COLUMN) \ |
|
| 85 |
+ values ('$2','$3');";
|
|
| 86 |
+ |
|
| 87 |
+ ;; |
|
| 88 |
+ |
|
| 89 |
+ revoke) |
|
| 90 |
+ if [ $# -eq 3 ] ; then |
|
| 91 |
+ CLAUSE=" and $ACL_GROUP_COLUMN='$3' " |
|
| 92 |
+ elif [ $# -ne 2 ] ; then |
|
| 93 |
+ usage |
|
| 94 |
+ exit 1 |
|
| 95 |
+ fi |
|
| 96 |
+ |
|
| 97 |
+ QUERY="delete from $ACL_TABLE where \ |
|
| 98 |
+ $ACL_TABLE.$ACL_USER_COLUMN='$2' $CLAUSE" |
|
| 99 |
+ $MYSQL -h $SQL_HOST -u $SQL_USER "-p$PW" -e "$QUERY ;" $SQL_DB |
|
| 100 |
+ |
|
| 101 |
+ ;; |
|
| 102 |
+ |
|
| 103 |
+ *) |
|
| 104 |
+ usage |
|
| 105 |
+ exit 1 |
|
| 106 |
+ ;; |
|
| 107 |
+ esac |
|
| 108 |
+} |
|
| 109 |
+ |
|
| 110 |
+# params: user |
|
| 111 |
+# output: false if exists, true otherwise |
|
| 112 |
+is_user() {
|
|
| 113 |
+ CNT=`$MYSQL -B -h $SQL_HOST -u $SQL_USER -p$PW \ |
|
| 114 |
+ -e "use $SQL_DB; select count(*) from $TABLE \ |
|
| 115 |
+ where $SUBSCRIBER_COLUMN='$1' and $REALM_COLUMN='$DOMAIN';" \ |
|
| 116 |
+ | grep -v ERROR | tail -n1` |
|
| 117 |
+ if [ "0$CNT" -eq 0 ] ; then |
|
| 118 |
+ false |
|
| 119 |
+ else |
|
| 120 |
+ true |
|
| 121 |
+ fi |
|
| 122 |
+ |
|
| 123 |
+} |
|
| 124 |
+ |
|
| 125 |
+#params: none |
|
| 126 |
+# output: PW |
|
| 127 |
+prompt_pw() {
|
|
| 128 |
+ read -s -p "MySql Password: " PW |
|
| 129 |
+ echo |
|
| 130 |
+} |
|
| 131 |
+ |
|
| 132 |
+# params: user, password |
|
| 133 |
+# output: HA1, HA1B |
|
| 134 |
+credentials() |
|
| 135 |
+{
|
|
| 136 |
+ HA1=`$GENHA1 $1 $DOMAIN $2` |
|
| 137 |
+ if [ $? -ne 0 ] ; then |
|
| 138 |
+ echo "HA1 calculation failed" |
|
| 139 |
+ exit 1 |
|
| 140 |
+ fi |
|
| 141 |
+ HA1B=`$GENHA1 "$1@$DOMAIN" $DOMAIN $2` |
|
| 142 |
+ if [ $? -ne 0 ] ; then |
|
| 143 |
+ echo "HA1B calculation failed" |
|
| 144 |
+ exit 1 |
|
| 145 |
+ fi |
|
| 146 |
+} |
|
| 147 |
+ |
|
| 148 |
+ |
|
| 54 | 149 |
|
| 55 | 150 |
case $1 in |
| 56 | 151 |
|
| ... | ... |
@@ -60,25 +155,12 @@ case $1 in |
| 60 | 155 |
exit 1 |
| 61 | 156 |
fi |
| 62 | 157 |
shift |
| 158 |
+ credentials |
|
| 63 | 159 |
|
| 64 |
- HA1=`$GENHA1 $1 $DOMAIN $2` |
|
| 65 |
- if [ $? -ne 0 ] ; then |
|
| 66 |
- echo "HA1 calculation failed" |
|
| 67 |
- exit 1 |
|
| 68 |
- fi |
|
| 69 |
- HA1B=`$GENHA1 "$1@$DOMAIN" $DOMAIN $2` |
|
| 160 |
+ prompt_pw |
|
| 161 |
+ is_user $1 |
|
| 70 | 162 |
if [ $? -ne 0 ] ; then |
| 71 |
- echo "HA1B calculation failed" |
|
| 72 |
- exit 1 |
|
| 73 |
- fi |
|
| 74 |
- read -s -p "MySql Password: " PW |
|
| 75 |
- echo |
|
| 76 |
- CNT=`$MYSQL -B -h $SQL_HOST -u $SQL_USER -p$PW \ |
|
| 77 |
- -e "use $SQL_DB; select count(*) from $TABLE \ |
|
| 78 |
- where $SUBSCRIBER_COLUMN='$1' and $REALM_COLUMN='$DOMAIN';" \ |
|
| 79 |
- | tail -n1` |
|
| 80 |
- if [ $CNT -eq 0 ] ; then |
|
| 81 |
- echo "No such user exists" |
|
| 163 |
+ echo non-existent user |
|
| 82 | 164 |
exit 1 |
| 83 | 165 |
fi |
| 84 | 166 |
$MYSQL -h $SQL_HOST -u $SQL_USER -p$PW \ |
| ... | ... |
@@ -101,29 +183,14 @@ case $1 in |
| 101 | 183 |
exit 1 |
| 102 | 184 |
fi |
| 103 | 185 |
shift |
| 186 |
+ credentials |
|
| 187 |
+ prompt_pw |
|
| 188 |
+ is_user $1 |
|
| 189 |
+ if [ $? -eq 0 ] ; then |
|
| 190 |
+ echo user already exists |
|
| 191 |
+ exit 1 |
|
| 192 |
+ fi |
|
| 104 | 193 |
|
| 105 |
- HA1=`$GENHA1 $1 $DOMAIN $2` |
|
| 106 |
- if [ $? -ne 0 ] ; then |
|
| 107 |
- echo "HA1 calculation failed" |
|
| 108 |
- exit 1 |
|
| 109 |
- fi |
|
| 110 |
- HA1B=`$GENHA1 "$1@$DOMAIN" $DOMAIN $2` |
|
| 111 |
- if [ $? -ne 0 ] ; then |
|
| 112 |
- echo "HA1B calculation failed" |
|
| 113 |
- exit 1 |
|
| 114 |
- fi |
|
| 115 |
- |
|
| 116 |
- read -s -p "MySql Password: " PW |
|
| 117 |
- echo |
|
| 118 |
- |
|
| 119 |
- CNT=`$MYSQL -B -h $SQL_HOST -u $SQL_USER -p$PW \ |
|
| 120 |
- -e "use $SQL_DB; select count(*) from $TABLE \ |
|
| 121 |
- where $SUBSCRIBER_COLUMN='$1' and $REALM_COLUMN='$DOMAIN';" \ |
|
| 122 |
- | tail -n1` |
|
| 123 |
- if [ $CNT -ne 0 ] ; then |
|
| 124 |
- echo "user '$1' already exists" |
|
| 125 |
- exit 1 |
|
| 126 |
- fi |
|
| 127 | 194 |
$MYSQL -h $SQL_HOST -u $SQL_USER -p$PW \ |
| 128 | 195 |
-e "use $SQL_DB; insert into $TABLE \ |
| 129 | 196 |
($SUBSCRIBER_COLUMN,$REALM_COLUMN,$HA1_COLUMN,\ |
| ... | ... |
@@ -142,17 +209,16 @@ case $1 in |
| 142 | 209 |
usage |
| 143 | 210 |
exit 1 |
| 144 | 211 |
fi |
| 145 |
- read -s -p "MySql Password: " PW |
|
| 146 |
- echo |
|
| 212 |
+ prompt_pw |
|
| 147 | 213 |
CNT=`$MYSQL -B -h $SQL_HOST -u $SQL_USER -p$PW \ |
| 148 | 214 |
-e "use $SQL_DB; select count(*) from $USRLOC \ |
| 149 |
- where $USRLOC.$USER_COLUMN='$2';" | tail -n1` |
|
| 150 |
- if [ $CNT -eq 0 ] ; then |
|
| 215 |
+ where $USRLOC.$USER_COLUMN='$2';" | grep -v ERROR | tail -n1` |
|
| 216 |
+ if [ "0$CNT" -eq 0 ] ; then |
|
| 151 | 217 |
echo Nothing to delete |
| 152 | 218 |
exit 1 |
| 153 | 219 |
fi |
| 154 | 220 |
QUERY="delete from $USRLOC where $USRLOC.$USER_COLUMN='$2'" |
| 155 |
- mysql -h $SQL_HOST -u $SQL_USER "-p$PW" -e "$QUERY ;" $SQL_DB |
|
| 221 |
+ $MYSQL -h $SQL_HOST -u $SQL_USER "-p$PW" -e "$QUERY ;" $SQL_DB |
|
| 156 | 222 |
if [ $? -ne 0 ] ; then |
| 157 | 223 |
echo "database operation failed" |
| 158 | 224 |
else |
| ... | ... |
@@ -169,8 +235,8 @@ case $1 in |
| 169 | 235 |
shift |
| 170 | 236 |
QUERY="select $TABLE.$EMAIL_COLUMN from $TABLE where \ |
| 171 | 237 |
$TABLE.$SUBSCRIBER_COLUMN='$1'" |
| 172 |
- EA=`mysql -B -h $SQL_HOST -u $RO_USER "-p$RO_PW" \ |
|
| 173 |
- -e "$QUERY ;" $SQL_DB|tail -n1` |
|
| 238 |
+ EA=`$MYSQL -B -h $SQL_HOST -u $RO_USER "-p$RO_PW" \ |
|
| 239 |
+ -e "$QUERY ;" $SQL_DB| grep -v ERROR | tail -n1` |
|
| 174 | 240 |
if [ $? -ne 0 ] ; then |
| 175 | 241 |
echo "MySql query failed" |
| 176 | 242 |
exit 1 |
| ... | ... |
@@ -194,16 +260,19 @@ case $1 in |
| 194 | 260 |
|
| 195 | 261 |
shift |
| 196 | 262 |
|
| 197 |
- QUERY1="select $TABLE.$EMAIL_COLUMN from $TABLE where $TABLE.$SUBSCRIBER_COLUMN='$1'" |
|
| 198 |
- QUERY2="select $USRLOC.* from $USRLOC where $USRLOC.$USER_COLUMN='$1' order by expires desc" |
|
| 199 |
- QUERY3="select $USRLOC.$USER_COLUMN, $TABLE.$EMAIL_COLUMN from $TABLE, $USRLOC where \ |
|
| 263 |
+ QUERY1="select $TABLE.$EMAIL_COLUMN from $TABLE where \ |
|
| 264 |
+ $TABLE.$SUBSCRIBER_COLUMN='$1'" |
|
| 265 |
+ QUERY2="select $USRLOC.* from $USRLOC where \ |
|
| 266 |
+ $USRLOC.$USER_COLUMN='$1' order by expires desc" |
|
| 267 |
+ QUERY3="select $USRLOC.$USER_COLUMN, $TABLE.$EMAIL_COLUMN \ |
|
| 268 |
+ from $TABLE, $USRLOC where \ |
|
| 200 | 269 |
$TABLE.$SUBSCRIBER_COLUMN=$USRLOC.$USER_COLUMN" |
| 201 | 270 |
|
| 202 | 271 |
if [ $# -eq 1 ] ; then |
| 203 |
- mysql -h $SQL_HOST -u $RO_USER "-p$RO_PW" -e "$QUERY1 ;" $SQL_DB |
|
| 204 |
- mysql -h $SQL_HOST -u $RO_USER "-p$RO_PW" -e "$QUERY2 ;" $SQL_DB |
|
| 272 |
+ $MYSQL -h $SQL_HOST -u $RO_USER "-p$RO_PW" -e "$QUERY1 ;" $SQL_DB |
|
| 273 |
+ $MYSQL -h $SQL_HOST -u $RO_USER "-p$RO_PW" -e "$QUERY2 ;" $SQL_DB |
|
| 205 | 274 |
else |
| 206 |
- mysql -h $SQL_HOST -u $RO_USER "-p$RO_PW" -e "$QUERY3 ;" $SQL_DB |
|
| 275 |
+ $MYSQL -h $SQL_HOST -u $RO_USER "-p$RO_PW" -e "$QUERY3 ;" $SQL_DB |
|
| 207 | 276 |
fi |
| 208 | 277 |
|
| 209 | 278 |
;; |
| ... | ... |
@@ -213,8 +282,16 @@ case $1 in |
| 213 | 282 |
usage |
| 214 | 283 |
exit 1 |
| 215 | 284 |
fi |
| 216 |
- QUERY="delete from $TABLE where $TABLE.$SUBSCRIBER_COLUMN='$2'" |
|
| 217 |
- mysql -h $SQL_HOST -u $SQL_USER "-p" -e "$QUERY ;" $SQL_DB |
|
| 285 |
+ shift |
|
| 286 |
+ prompt_pw |
|
| 287 |
+ is_user $1 |
|
| 288 |
+ if [ $? -ne 0 ] ; then |
|
| 289 |
+ echo non-existent user |
|
| 290 |
+ exit 1 |
|
| 291 |
+ fi |
|
| 292 |
+ |
|
| 293 |
+ QUERY="delete from $TABLE where $TABLE.$SUBSCRIBER_COLUMN='$1'" |
|
| 294 |
+ $MYSQL -h $SQL_HOST -u $SQL_USER "-p$PW" -e "$QUERY ;" $SQL_DB |
|
| 218 | 295 |
;; |
| 219 | 296 |
|
| 220 | 297 |
stat) |
| ... | ... |
@@ -226,6 +303,11 @@ case $1 in |
| 226 | 303 |
$0 show |
| 227 | 304 |
|
| 228 | 305 |
;; |
| 306 |
+ |
|
| 307 |
+ acl) |
|
| 308 |
+ shift |
|
| 309 |
+ acl "$@" |
|
| 310 |
+ ;; |
|
| 229 | 311 |
|
| 230 | 312 |
*) |
| 231 | 313 |
usage |