]> git.defcon.no Git - hermes/blob - api/permissions.php
First stab at a naive permissions-tool
[hermes] / api / permissions.php
1 <?php
2 /*
3 # Copyright (c) 2012, Gjøvik University College
4 # All rights reserved.
5
6 # Redistribution and use in source and binary forms, with or without
7 # modification, are permitted provided that the following conditions are met:
8 # * Redistributions of source code must retain the above copyright
9 # notice, this list of conditions and the following disclaimer.
10 # * Redistributions in binary form must reproduce the above copyright
11 # notice, this list of conditions and the following disclaimer in the
12 # documentation and/or other materials provided with the distribution.
13 # * Neither the name of the Gjøvik University College nor the
14 # names of its contributors may be used to endorse or promote products
15 # derived from this software without specific prior written permission.
16 #
17 # THIS SOFTWARE IS PROVIDED BY Gjøvik University College ''AS IS'' AND ANY
18 # EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
19 # WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
20 # DISCLAIMED. IN NO EVENT SHALL Gjøvik University College BE LIABLE FOR ANY
21 # DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
22 # (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
23 # LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
24 # ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
25 # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
26 # SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27 */
28 require_once('config.php');
29 require_once('lib/auth_base.php');
30 require_once('lib/common_functions.php');
31 require_once('lib/db_functions.php');
32 require_once('lib/permission_functions.php');
33
34 $config = get_config();
35
36 $config['sql_link'] = @mysql_connect(
37 $config['sql_server'],
38 $config['sql_username'],
39 $config['sql_password']
40 );
41 if ( !$config['sql_link'] )
42 {
43 print json_encode( array( 'response' => 'failed', 'cause' => 'error', 'detail' => 'Database connection failed.'));
44 exit;
45 }
46 token_auth();
47
48
49 //*************************************************************************************
50 switch ( $_SERVER['PATH_INFO'] )
51 {
52 case "/get":
53 // Required GET parameters:
54 // user: authentication username, SIP-username without domain component
55 // domain: Domain/realm of the user. username + '@' + domain == SIP address.
56
57 if ( array_key_exists('user', $_POST) ||
58 ( array_key_exists('username', $_POST) && array_key_exists('domain', $_POST )))
59 {
60 $username = "";
61 $domain = "";
62 if ( array_key_exists('username', $_POST) )
63 {
64 $username = $_POST['username'];
65 $domain = $_POST['domain'];
66 }
67 else
68 {
69 $user = split_sipaddress($_POST['user']);
70 if ( !$user )
71 {
72 print json_encode ( array( 'response' => 'failed', 'cause' => 'invalid', 'detail' => 'Invalid SIP address') );
73 break;
74 }
75 list ( $username, $domain ) = $user;
76 }
77
78 // Dummy-response:
79 $permission = get_permission( $username, $domain );
80 if ( $permission > -1 )
81 {
82 print json_encode( array( 'response' => 'ok', 'permission' => $permission ));
83 }
84 else
85 {
86 if ( $permission == -1 )
87 print json_encode( array ( 'response' => 'failed', 'cause' => 'nonexistant', 'detail' => 'User does not exist.'));
88 else
89 print json_encode( array ( 'response' => 'failed', 'cause' => 'dbfail', 'detail' => 'Database lookup failed.'));
90 }
91 }
92 else
93 print json_encode ( array( 'response' => 'invalid') );
94 break;
95
96 case "/set":
97 // Required GET parameters:
98 // user: authentication username, SIP-username without domain component
99 // domain: Domain/realm of the user. username + '@' + domain == SIP address.
100
101 if ( array_key_exists('permission', $_POST ) &&
102 ( array_key_exists('user', $_POST) ||
103 ( array_key_exists('username', $_POST) && array_key_exists('domain', $_POST ))) )
104 {
105 $permission = 0;
106 $username = "";
107 $domain = "";
108 if ( array_key_exists('permission', $_POST) )
109 $permission = $_POST['permission'];
110
111 if ( array_key_exists('username', $_POST) )
112 {
113 $username = $_POST['username'];
114 $domain = $_POST['domain'];
115 }
116 else
117 {
118 $user = split_sipaddress($_POST['user']);
119 if ( !$user )
120 {
121 print json_encode ( array( 'response' => 'failed', 'cause' => 'invalid', 'detail' => 'Invalid SIP address') );
122 break;
123 }
124 list ( $username, $domain ) = $user;
125 }
126
127 // Dummy-response:
128 $result = set_permission( $username, $domain, $permission );
129 if ( $result == 1 )
130 {
131 print json_encode( array( 'response' => 'ok', 'permission' => $permission ));
132 }
133 else
134 {
135 print json_encode( array ( 'response' => 'failed', 'cause' => 'dbfail', 'detail' => 'Update query to database failed.'));
136 }
137 }
138 else
139 print json_encode ( array( 'response' => 'invalid') );
140 break;
141
142
143 default:
144 print json_encode ( array( 'response' => 'invalid') );
145 }
146 mysql_close( $config['sql_link'] );
147 ?>