Browse code

added acl command

Jiri Kuthan authored on 14/06/2002 22:30:32
Showing 1 changed files
... ...
@@ -34,6 +34,10 @@ USRLOC=location
34 34
 PASSWORD_COLUMN=password
35 35
 SUBSCRIBER_COLUMN='user_id'
36 36
 EMAIL_COLUMN=email_address
37
+# acl table
38
+ACL_TABLE=grp
39
+ACL_USER_COLUMN=user
40
+ACL_GROUP_COLUMN=grp
37 41
 
38 42
 
39 43
 
... ...
@@ -47,10 +51,101 @@ usage() {
47 51
 	echo "   $0 rm <name> ... delete a user (*)"
48 52
 	echo "   $0 passwd <user> <passwd> ... change user's password (*)"
49 53
 	echo "   $0 stat ... show runnig processes + $0 show"
54
+	echo "   $0 acl show [<user>] ... show user membership"
55
+	echo "   $0 acl grant <user> <group> ... grant user memberhsip (*)"
56
+	echo "   $0 acl revoke <user> [<group>] ... grant user memberhsip(s) (*)"
50 57
 	echo 
51 58
 	echo "   commands labeled with (*) will prompt for a MySQL password"
59
+	echo
52 60
 }
53 61
 
62
+acl() {
63
+	case $1 in
64
+		show)
65
+			if [ $# -eq 2 ] ; then
66
+				CLAUSE=" WHERE $ACL_USER_COLUMN='$2' "
67
+			elif [ $# -ne 1 ] ; then
68
+				usage
69
+				exit 1
70
+			fi
71
+			QUERY="select * FROM $ACL_TABLE $CLAUSE ; "
72
+			$MYSQL -h $SQL_HOST -u $RO_USER "-p$RO_PW" \
73
+				-e "$QUERY ;" $SQL_DB
74
+			;;
75
+
76
+		grant)
77
+			if [ $# -ne 3 ] ; then
78
+				usage
79
+				exit 1
80
+			fi
81
+
82
+        	$MYSQL -h $SQL_HOST -u $SQL_USER -p$PW \
83
+            	-e "use $SQL_DB; insert into $ACL_TABLE \
84
+                ($ACL_USER_COLUMN,$ACL_GROUP_COLUMN) \
85
+                values ('$2','$3');";
86
+
87
+			;;
88
+
89
+		revoke)
90
+			if [ $# -eq 3 ] ; then
91
+				CLAUSE=" and $ACL_GROUP_COLUMN='$3' "
92
+			elif [ $# -ne 2 ] ; then
93
+				usage
94
+				exit 1
95
+			fi	
96
+
97
+			QUERY="delete from $ACL_TABLE where \
98
+				$ACL_TABLE.$ACL_USER_COLUMN='$2' $CLAUSE"
99
+			$MYSQL -h $SQL_HOST -u $SQL_USER "-p$PW" -e "$QUERY ;" $SQL_DB
100
+
101
+			;;
102
+
103
+		*)
104
+			usage
105
+			exit 1
106
+			;;
107
+	esac
108
+}
109
+
110
+# params: user
111
+# output: false if exists, true otherwise
112
+is_user() {
113
+	CNT=`$MYSQL -B -h $SQL_HOST -u $SQL_USER -p$PW \
114
+		-e "use $SQL_DB; select count(*) from $TABLE \
115
+		where $SUBSCRIBER_COLUMN='$1' and $REALM_COLUMN='$DOMAIN';" \
116
+		| grep -v ERROR | tail -n1`
117
+	if [ "0$CNT" -eq 0 ] ; then
118
+		false
119
+	else
120
+		true
121
+	fi
122
+
123
+}
124
+
125
+#params: none
126
+# output: PW
127
+prompt_pw() {
128
+	read -s -p "MySql Password: " PW
129
+	echo 
130
+}
131
+
132
+# params: user, password
133
+# output: HA1, HA1B
134
+credentials()
135
+{
136
+	HA1=`$GENHA1 $1 $DOMAIN $2`
137
+	if [ $? -ne 0 ] ; then
138
+		echo "HA1 calculation failed"
139
+		exit 1
140
+	fi
141
+	HA1B=`$GENHA1 "$1@$DOMAIN" $DOMAIN $2`
142
+	if [ $? -ne 0 ] ; then
143
+		echo "HA1B calculation failed"
144
+		exit 1
145
+	fi
146
+}
147
+
148
+
54 149
 
55 150
 case $1 in
56 151
 
... ...
@@ -60,25 +155,12 @@ case $1 in
60 155
 			exit 1
61 156
 		fi
62 157
 		shift
158
+		credentials
63 159
 
64
-		HA1=`$GENHA1 $1 $DOMAIN $2`
65
-		if [ $? -ne 0 ] ; then
66
-			echo "HA1 calculation failed"
67
-			exit 1
68
-		fi
69
-		HA1B=`$GENHA1 "$1@$DOMAIN" $DOMAIN $2`
160
+		prompt_pw
161
+		is_user $1
70 162
 		if [ $? -ne 0 ] ; then
71
-			echo "HA1B calculation failed"
72
-			exit 1
73
-		fi
74
-		read -s -p "MySql Password: " PW
75
-		echo 
76
-		CNT=`$MYSQL -B -h $SQL_HOST -u $SQL_USER -p$PW \
77
-			-e "use $SQL_DB; select count(*) from $TABLE \
78
-			where $SUBSCRIBER_COLUMN='$1' and $REALM_COLUMN='$DOMAIN';" \
79
-			| tail -n1`
80
-		if [ $CNT -eq 0 ] ; then
81
-			echo "No such user exists"
163
+			echo non-existent user
82 164
 			exit 1
83 165
 		fi
84 166
 		$MYSQL -h $SQL_HOST -u $SQL_USER -p$PW \
... ...
@@ -101,29 +183,14 @@ case $1 in
101 183
 			exit 1
102 184
 		fi
103 185
 		shift
186
+		credentials
187
+		prompt_pw
188
+        is_user $1
189
+        if [ $? -eq 0 ] ; then
190
+            echo user already exists
191
+            exit 1
192
+        fi
104 193
 
105
-		HA1=`$GENHA1 $1 $DOMAIN $2`
106
-		if [ $? -ne 0 ] ; then
107
-			echo "HA1 calculation failed"
108
-			exit 1
109
-		fi
110
-		HA1B=`$GENHA1 "$1@$DOMAIN" $DOMAIN $2`
111
-		if [ $? -ne 0 ] ; then
112
-			echo "HA1B calculation failed"
113
-			exit 1
114
-		fi
115
-
116
-		read -s -p "MySql Password: " PW
117
-		echo
118
-		
119
-		CNT=`$MYSQL -B -h $SQL_HOST -u $SQL_USER -p$PW \
120
-			-e "use $SQL_DB; select count(*) from $TABLE \
121
-			where $SUBSCRIBER_COLUMN='$1' and $REALM_COLUMN='$DOMAIN';" \
122
-			| tail -n1`
123
-		if [ $CNT -ne 0 ] ; then
124
-			echo "user '$1' already exists"
125
-			exit 1
126
-		fi
127 194
 		$MYSQL -h $SQL_HOST -u $SQL_USER -p$PW \
128 195
 			-e "use $SQL_DB; insert into $TABLE \
129 196
 				($SUBSCRIBER_COLUMN,$REALM_COLUMN,$HA1_COLUMN,\
... ...
@@ -142,17 +209,16 @@ case $1 in
142 209
 			usage
143 210
 			exit 1
144 211
 		fi
145
-		read -s -p "MySql Password: " PW
146
-		echo
212
+		prompt_pw
147 213
 		CNT=`$MYSQL -B -h $SQL_HOST -u $SQL_USER -p$PW \
148 214
 			 -e "use $SQL_DB; select count(*) from $USRLOC \
149
-			where $USRLOC.$USER_COLUMN='$2';" | tail -n1`
150
-		if [ $CNT -eq 0 ] ; then
215
+			where $USRLOC.$USER_COLUMN='$2';" | grep -v ERROR | tail -n1`
216
+		if [ "0$CNT" -eq 0 ] ; then
151 217
 			echo Nothing to delete
152 218
 			exit 1
153 219
 		fi
154 220
 		QUERY="delete from $USRLOC where $USRLOC.$USER_COLUMN='$2'"
155
-		mysql -h $SQL_HOST -u $SQL_USER "-p$PW" -e "$QUERY ;" $SQL_DB
221
+		$MYSQL -h $SQL_HOST -u $SQL_USER "-p$PW" -e "$QUERY ;" $SQL_DB
156 222
 		if [ $? -ne 0 ] ; then
157 223
 			echo "database operation failed"
158 224
 		else
... ...
@@ -169,8 +235,8 @@ case $1 in
169 235
 		shift
170 236
 		QUERY="select $TABLE.$EMAIL_COLUMN from $TABLE where  \
171 237
 			$TABLE.$SUBSCRIBER_COLUMN='$1'"
172
-		EA=`mysql -B -h $SQL_HOST -u $RO_USER "-p$RO_PW" \
173
-			-e "$QUERY ;" $SQL_DB|tail -n1`
238
+		EA=`$MYSQL -B -h $SQL_HOST -u $RO_USER "-p$RO_PW" \
239
+			-e "$QUERY ;" $SQL_DB| grep -v ERROR | tail -n1`
174 240
 		if [ $? -ne 0 ] ; then
175 241
 			echo "MySql query failed"
176 242
 			exit 1
... ...
@@ -194,16 +260,19 @@ case $1 in
194 260
 
195 261
 		shift
196 262
 
197
-		QUERY1="select $TABLE.$EMAIL_COLUMN from $TABLE where  $TABLE.$SUBSCRIBER_COLUMN='$1'"
198
-		QUERY2="select $USRLOC.* from $USRLOC where $USRLOC.$USER_COLUMN='$1' order by expires desc"
199
-		QUERY3="select $USRLOC.$USER_COLUMN, $TABLE.$EMAIL_COLUMN from $TABLE, $USRLOC where  \
263
+		QUERY1="select $TABLE.$EMAIL_COLUMN from $TABLE where  \
264
+			$TABLE.$SUBSCRIBER_COLUMN='$1'"
265
+		QUERY2="select $USRLOC.* from $USRLOC where \
266
+			$USRLOC.$USER_COLUMN='$1' order by expires desc"
267
+		QUERY3="select $USRLOC.$USER_COLUMN, $TABLE.$EMAIL_COLUMN \
268
+			from $TABLE, $USRLOC where  \
200 269
 			$TABLE.$SUBSCRIBER_COLUMN=$USRLOC.$USER_COLUMN" 
201 270
 
202 271
 		if [ $# -eq 1 ] ; then
203
-			mysql -h $SQL_HOST -u $RO_USER "-p$RO_PW" -e "$QUERY1 ;" $SQL_DB
204
-			mysql -h $SQL_HOST -u $RO_USER "-p$RO_PW" -e "$QUERY2 ;" $SQL_DB
272
+			$MYSQL -h $SQL_HOST -u $RO_USER "-p$RO_PW" -e "$QUERY1 ;" $SQL_DB
273
+			$MYSQL -h $SQL_HOST -u $RO_USER "-p$RO_PW" -e "$QUERY2 ;" $SQL_DB
205 274
 		else
206
-			mysql -h $SQL_HOST -u $RO_USER "-p$RO_PW" -e "$QUERY3 ;" $SQL_DB
275
+			$MYSQL -h $SQL_HOST -u $RO_USER "-p$RO_PW" -e "$QUERY3 ;" $SQL_DB
207 276
 		fi
208 277
 
209 278
 		;;
... ...
@@ -213,8 +282,16 @@ case $1 in
213 282
             usage
214 283
             exit 1
215 284
         fi
216
-        QUERY="delete from $TABLE where $TABLE.$SUBSCRIBER_COLUMN='$2'"
217
-        mysql -h $SQL_HOST -u $SQL_USER "-p" -e "$QUERY ;" $SQL_DB
285
+		shift 
286
+		prompt_pw
287
+        is_user $1
288
+        if [ $? -ne 0 ] ; then
289
+            echo non-existent user
290
+            exit 1
291
+        fi
292
+
293
+        QUERY="delete from $TABLE where $TABLE.$SUBSCRIBER_COLUMN='$1'"
294
+        $MYSQL -h $SQL_HOST -u $SQL_USER "-p$PW" -e "$QUERY ;" $SQL_DB
218 295
         ;;
219 296
 			
220 297
 	stat)
... ...
@@ -226,6 +303,11 @@ case $1 in
226 303
 		$0 show
227 304
 
228 305
 		;;
306
+
307
+	acl)
308
+		shift
309
+		acl "$@"
310
+		;;
229 311
 		
230 312
 	*)
231 313
 		usage