]> git.defcon.no Git - hermes/blob - guc-clients/assignphone
First stab at a naive permissions-tool
[hermes] / guc-clients / assignphone
1 #!/usr/bin/perl
2 use strict;
3
4 use Getopt::Long;
5 use Net::LDAP;
6 use Net::LDAP::Control::Paged;
7 use Net::LDAP::Constant qw( LDAP_CONTROL_PAGED );
8 use LWP;
9 use JSON;
10 use AppConfig;
11
12 my $api_key;
13
14 my $help;
15 my $username;
16 my $configfile = undef;
17 my $remove = 0;
18 my $dryrun = 0;
19 my ($g_ua, $session, $api_key, $auth_key, $data, $domain);
20 my ($user, $sipuser, $mac);
21
22 my $config = AppConfig->new({ CREATE => 1 });
23
24 $config->define("api_url=s");
25 $config->define("api_keyfile=s");
26
27 foreach (
28 "/usr/local/etc/hermes/hermes_config",
29 "/usr/local/etc/hermes/config",
30 "/etc/hermes/config",
31 $ENV{"HOME"} . "/.hermes/config",
32 $ENV{"HOME"} . "/.hermes_config",
33 ) { $configfile = $_ if ( -f $_ ); }
34
35 GetOptions(
36 "help" => \$help,
37 "macaddress=s" => \$mac,
38 "username=s" => \$username,
39 "configfile=s" => \$configfile,
40 "remove" => \$remove,
41 "dryrun" => \$dryrun,
42 );
43
44 if (
45 (not $username) ||
46 (not $mac) ||
47 (( $configfile ) && ( not -f $configfile ))
48 )
49 {
50 $help = 1;
51 }
52
53 $config->file( $configfile );
54
55 if ( ( not $config->api_url ) ||
56 ( not $config->api_keyfile ) ||
57 ( $config->api_keyfile && not -f $config->api_keyfile ) )
58 {
59 $help = 1;
60 }
61
62 if ( $help ) {
63 print <<END_HELP;
64 WARNING: This tool assumes that only one domain
65 is registered with Kamailio. For Multidomain-setup,
66 this tool must be rewritten!
67
68 Verify that the following options are set:
69 --configfile=s|--config|-c
70 --username=s|--user|-u
71 --macaddress=s|--mac|-m
72 --remove|-r
73 --dryrun|--dry|-d
74
75 Verify the contents of the configuration file.
76 Verify that the key-file exists.
77 END_HELP
78 exit; }
79
80 open KEY, "<" . $config->api_keyfile;
81 chomp( $api_key = <KEY> );
82 close KEY;
83
84 if ( not $username =~ m/\w+/ )
85 { print "Illegal username\n"; exit; }
86
87 # Do stuff to the MAC adress.
88 $mac =~ s/[:-]//g if ( $mac =~ m/((?:[0-9a-f]{2}[:-]){5}[0-9a-f]{2})/i);
89 $mac = lc $mac;
90 if ( not $mac =~ m/^[a-f0-9]{12}/ )
91 {
92 printf("Malformed MAC adress.\n");
93 exit;
94 }
95
96 $g_ua = LWP::UserAgent->new;
97 $g_ua->cookie_jar({}); # In-memory jar, look at HTTP::Cookies for persistant
98
99 login_apikey();
100
101 # First: fetch a supported domain from the API...
102 $data = exec_apinode("domain/list", undef);
103 if ( $data->{'response'} eq 'ok' )
104 {
105 $domain = $data->{'list'}[0];
106 }
107 else
108 {
109 printf("Unable to get domain name. Aborting\n");
110 logout();
111 exit;
112 }
113 $sipuser = $username . '@' . $domain;
114
115 $data = exec_apinode("user/get", { 'user' => $sipuser });
116 if ( not $data->{'response'} eq 'ok' )
117 {
118 printf("Failed to verify that user exists. Aborting\n");
119 logout();
120 exit;
121 }
122 if ( $remove )
123 {
124 $data = exec_apinode("phone/get", { 'user' => $sipuser, 'mac' => $mac });
125 if ( not $data->{'response'} eq 'ok' )
126 {
127 printf("Unable to remove phone+user, lookup gave: '%s'\n", $data->{'cause'});
128 logout();
129 exit;
130 }
131 }
132 if ( $dryrun ) {
133 print("Dryrun specified. All OK so far, stopping before add.\n");
134 logout();
135 exit;
136 }
137 if ( $remove )
138 {
139 $data = exec_apinode("phone/remove", { 'user' => $sipuser, 'mac' => $mac });
140
141 printf("Failed to remove phone+user, cause given: '%s'\n", $data->{'cause'})
142 if ( not $data->{'response'} eq 'ok' );
143
144 printf("Removed assigned phone with mac '%s' from user '%s'\n", $mac, $sipuser)
145 if ( $data->{'response'} eq 'ok' );
146 }
147 else
148 {
149 $data = exec_apinode("phone/add", { 'user' => $sipuser, 'mac' => $mac });
150
151 printf("Failed to add phone+user, cause given: '%s'\n", $data->{'cause'})
152 if ( not $data->{'response'} eq 'ok' );
153
154 printf("Assigned phone with mac '%s' to user '%s'\n", $mac, $sipuser)
155 if ( $data->{'response'} eq 'ok' );
156 }
157 logout();
158 ################################################################################################
159 sub exec_apinode($$)
160 {
161 my $node = shift;
162 my $param = shift;
163
164 my ( $response, $data );
165
166 $session = "" if not defined $session;
167 $auth_key = "" if not defined $auth_key;
168 my $url = $config->api_url . "/" . $node;
169
170 $param->{'session'} = $session;
171 $param->{'auth_key'} = $auth_key;
172
173 $response = $g_ua->post( $url, $param );
174 if ( $response->is_success )
175 {
176 if ( $response->content =~ m/\s*{/ )
177 {
178 $data = decode_json( $response->content);
179 }
180 else
181 {
182 $data = $response->content;
183 }
184
185 }
186 return $data;
187 }
188
189 sub login_apikey
190 {
191 my $response = $g_ua->post( $config->api_url . "/auth/login",
192 [ "api_key" => $api_key ] );
193
194 my $data = decode_json( $response->content) if $response->is_success;
195 die("HTTP error") unless $response->is_success;
196
197 if ( $data->{'response'} eq "ok" )
198 {
199 $session = $data->{'session'};
200 $auth_key = $data->{'auth_key'};
201 }
202 else
203 {
204 print "Unable to log in to Hermes API\n";
205 exit;
206 }
207 undef $data; undef $response;
208 }
209
210 sub logout
211 {
212 my $response = $g_ua->post( $config->api_url . "/auth/logout",
213 [ "session" => $session ] );
214 die("HTTP error") unless $response->is_success;
215 undef $session; undef $auth_key;
216 }