]> git.defcon.no Git - hermes/blob - api/phone.php
First stab at a naive permissions-tool
[hermes] / api / phone.php
1 <?php
2 /*
3 # Copyright (c) 2012, Gjøvik University College
4 # All rights reserved.
5
6 # Redistribution and use in source and binary forms, with or without
7 # modification, are permitted provided that the following conditions are met:
8 # * Redistributions of source code must retain the above copyright
9 # notice, this list of conditions and the following disclaimer.
10 # * Redistributions in binary form must reproduce the above copyright
11 # notice, this list of conditions and the following disclaimer in the
12 # documentation and/or other materials provided with the distribution.
13 # * Neither the name of the Gjøvik University College nor the
14 # names of its contributors may be used to endorse or promote products
15 # derived from this software without specific prior written permission.
16 #
17 # THIS SOFTWARE IS PROVIDED BY Gjøvik University College ''AS IS'' AND ANY
18 # EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
19 # WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
20 # DISCLAIMED. IN NO EVENT SHALL Gjøvik University College BE LIABLE FOR ANY
21 # DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
22 # (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
23 # LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
24 # ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
25 # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
26 # SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27 */
28 require_once('config.php');
29 require_once('lib/auth_base.php');
30 require_once('lib/user_functions.php');
31 require_once('lib/common_functions.php');
32 require_once('lib/db_functions.php');
33 require_once('lib/phone_functions.php');
34
35 $config = get_config();
36
37 $config['sql_link'] = @mysql_connect(
38 $config['sql_server'],
39 $config['sql_username'],
40 $config['sql_password']
41 );
42 if ( !$config['sql_link'] )
43 {
44 print json_encode( array( 'response' => 'failed', 'cause' => 'error', 'detail' => 'Database connection failed.'));
45 exit;
46 }
47 token_auth();
48
49 //*************************************************************************************
50 switch ( $_SERVER['PATH_INFO'] )
51 {
52 case "/get":
53 // Required GET parameters:
54 // user: authentication username, SIP-username without domain component
55 // domain: Domain/realm of the user. username + '@' + domain == SIP address.
56 if ( array_key_exists( 'mac', $_POST) )
57 {
58 $mac = $_POST['mac'];
59 $relations = get_phone_users ( $mac );
60 if ( $relations )
61 {
62 print json_encode( array( 'response' => 'ok', 'list' => $relations ));
63 }
64 else print json_encode( array ( 'response' => 'failed', 'cause' => 'nonexistant', 'detail' => 'No results.'));
65 }
66 else if ( ( array_key_exists( 'username', $_POST) && array_key_exists( 'domain', $_POST ) ) || array_key_exists('user', $_POST) )
67 {
68 $username = "";
69 $domain = "";
70 if ( array_key_exists('username', $_POST) )
71 {
72 $username = $_POST['username'];
73 $domain = $_POST['domain'];
74 }
75 else
76 {
77 $user = split_sipaddress($_POST['user']);
78 if ( !$user )
79 {
80 print json_encode ( array( 'response' => 'failed', 'cause' => 'invalid', 'detail' => 'Invalid SIP address') );
81 break;
82 }
83 list ( $username, $domain ) = $user;
84 }
85
86 $userdata = get_user_phones( $username, $domain );
87 if ( $userdata )
88 {
89 print json_encode( array( 'response' => 'ok', 'list' => $userdata ));
90 }
91 else print json_encode( array ( 'response' => 'failed', 'cause' => 'nonexistant', 'detail' => 'No results.'));
92
93 }
94 else
95 print json_encode ( array( 'response' => 'invalid') );
96 break;
97 case "/list":
98 // List all (distinct) phone MAC-adresses registered...
99 $search = null;
100 if ( array_key_exists('search', $_POST ) )
101 $search = $_POST['search'];
102
103 $phones = list_phones( $search );
104 print json_encode( array( 'response' => 'ok', 'list' => $phones ));
105 break;
106 case "/add":
107 // Add a MAC+user...
108 /*
109 Parameters:
110 mac The MAC-address of the phone to add an entry for
111 Either:
112 user A registered username on user@domain form (SIP address)
113 Or:
114 username A registered username, combines with:
115 domain A valid domain .. to form a registered user@domain combo :)
116
117 */
118 if ( array_key_exists('mac', $_POST ) &&
119 ( array_key_exists('user', $_POST) ||
120 ( array_key_exists('username', $_POST) && array_key_exists('domain', $_POST ))))
121 {
122 $username = "";
123 $domain = "";
124 if ( array_key_exists('username', $_POST) )
125 {
126 $username = $_POST['username'];
127 $domain = $_POST['domain'];
128 }
129 else
130 {
131 $user = split_sipaddress($_POST['user']);
132 if ( !$user )
133 {
134 print json_encode ( array( 'response' => 'failed', 'cause' => 'invalid', 'detail' => 'Invalid SIP address') );
135 break;
136 }
137 list ( $username, $domain ) = $user;
138 }
139 $mac = clean_mac($_POST['mac']);
140 if ( !$mac )
141 {
142 print json_encode ( array( 'response' => 'failed', 'cause' => 'invalid', 'detail' => 'No valid MAC address given.') );
143 break;
144 }
145
146 if ( !is_provision_user ( $username, $domain ) )
147 {
148 print json_encode( array ( 'response' => 'failed', 'cause' => 'nonexistant', 'detail' => 'User not registered.'));
149 break;
150 }
151 $phones = get_user_phones ( $username, $domain);
152 if ( $phones && in_array( $mac, $phones ) )
153 {
154 print json_encode( array ( 'response' => 'failed', 'cause' => 'exists', 'detail' => 'This phone and user combination is already configured..'));
155 break;
156 }
157 $res = add_phone_user ( $mac, $username, $domain );
158 if ( !$res )
159 {
160 print json_encode( array ( 'response' => 'failed', 'cause' =>'dbfail', 'detail' => 'Failed to add phone to database.'));
161 break;
162 }
163 else
164 {
165 print json_encode( array ( 'response' => 'ok', 'mac' => $mac, 'username' => $username, 'domain' => $domain) );
166 break;
167 }
168 break;
169 }
170 else
171 print json_encode ( array( 'response' => 'invalid') );
172 break;
173
174
175 case "/remove":
176 // Del a MAC+user...
177 /*
178 Parameters:
179 mac The MAC-address of the phone to add an entry for
180 Either:
181 user A registered username on user@domain form (SIP address)
182 Or:
183 username A registered username, combines with:
184 domain A valid domain .. to form a registered user@domain combo :)
185
186 */
187 if ( array_key_exists('mac', $_POST ) &&
188 ( array_key_exists('user', $_POST) ||
189 ( array_key_exists('username', $_POST) && array_key_exists('domain', $_POST ))))
190 {
191 $username = "";
192 $domain = "";
193 if ( array_key_exists('username', $_POST) )
194 {
195 $username = $_POST['username'];
196 $domain = $_POST['domain'];
197 }
198 else
199 {
200 $user = split_sipaddress($_POST['user']);
201 if ( !$user )
202 {
203 print json_encode ( array( 'response' => 'failed', 'cause' => 'invalid', 'detail' => 'Invalid SIP address') );
204 break;
205 }
206 list ( $username, $domain ) = $user;
207 }
208 $mac = clean_mac($_POST['mac']);
209 if ( !$mac )
210 {
211 print json_encode ( array( 'response' => 'failed', 'cause' => 'invalid', 'detail' => 'No valid MAC address given.') );
212 break;
213 }
214
215 $phones = get_user_phones ( $username, $domain);
216 if ( ! $phones || !in_array( $mac, $phones ) )
217 {
218 print json_encode( array ( 'response' => 'failed', 'cause' => 'nonexistant', 'detail' => 'Unable to locate requested combination'));
219 break;
220 }
221 $res = delete_phone_user ( $mac, $username, $domain );
222 if ( !$res )
223 {
224 print json_encode( array ( 'response' => 'failed', 'cause' =>'dbfail', 'detail' => 'Failed to remove phone from database.'));
225 break;
226 }
227 else
228 {
229 print json_encode( array ( 'response' => 'ok', 'mac' => $mac, 'username' => $username, 'domain' => $domain ));
230 break;
231 }
232 break;
233 }
234 else
235 print json_encode ( array( 'response' => 'invalid') );
236 break;
237
238
239 default:
240 print json_encode ( array( 'response' => 'invalid') );
241 }
242 mysql_close( $config['sql_link'] );
243 ?>