git.defcon.no Git - hermes/blob - guc-clients/sippermissions

   1 #!/usr/bin/perl
   2 use strict;
   3
   4 use Data::Dumper;
   5
   6 #TODO: Add support for assigning phone number
   7 #TODO: Add support for overriding default domain ...
   8
   9 use Getopt::Long;
  10 use Net::LDAP;
  11 use Net::LDAP::Control::Paged;
  12 use Net::LDAP::Constant qw( LDAP_CONTROL_PAGED );
  13 use LWP;
  14 use JSON;
  15 use AppConfig;
  16 use Text::Iconv;
  17
  18 my $api_key;
  19
  20 my $help;
  21 my $username;
  22 my $permission = undef;
  23 my $configfile = undef;
  24 my ($g_ua, $session, $api_key, $auth_key, $data, $domain);
  25
  26 my $config = AppConfig->new({ CREATE => 1 });
  27
  28 $config->define("api_url=s");
  29 $config->define("api_keyfile=s");
  30
  31 $config->define("default_domain=s");
  32 $config->default_domain("hig.no");
  33
  34 $config->define("numbers_local_prefix=s");
  35 $config->define("numbers_local_series=s");
  36 $config->define("numbers_countrycode=s");
  37
  38 foreach (
  39         "/usr/local/etc/hermes/hermes_config",
  40         "/usr/local/etc/hermes/config",
  41         "/etc/hermes/config",
  42         $ENV{"HOME"} . "/.hermes/config",
  43         $ENV{"HOME"} . "/.hermes_config",
  44 ) { $configfile = $_ if ( -f $_ ); }
  45
  46 GetOptions(
  47         "help"          => \$help,
  48         "configfile=s"  => \$configfile,
  49         "username=s"    => \$username,
  50         "permission=s"  => \$permission,
  51 );
  52
  53 if (
  54         (not $username) ||
  55         (not $configfile) ||
  56         (( $configfile ) && ( not -f $configfile ))
  57 )
  58 {
  59         $help = 1;
  60 }
  61
  62 $config->file( $configfile );
  63
  64 if (    ( not  $config->api_url ) ||
  65         ( not  $config->api_keyfile ) ||
  66         ( $config->api_keyfile && not -f $config->api_keyfile )
  67 )
  68 {
  69         $help = 1;
  70 }
  71
  72 if ( $help ) {
  73 print <<END_HELP;
  74 Verify that the following options are set:
  75         --username=s|--user|-u
  76         --permission=s|-p (use to set, leave to show)
  77
  78 Verify the contents of the configuration file.
  79 Verify that the key-file exists.
  80 END_HELP
  81 exit; }
  82
  83 open KEY, "<" . $config->api_keyfile;
  84 chomp( $api_key = <KEY> );
  85 close KEY;
  86
  87 if ( not $username =~ m/\w+/ )
  88 { print "Illegal username\n"; exit; }
  89
  90 $g_ua = LWP::UserAgent->new;
  91 $g_ua->cookie_jar({}); # In-memory jar, look at HTTP::Cookies for persistant
  92
  93 login_apikey();
  94
  95 # First: fetch a supported domain from the API...
  96 $data = exec_apinode("domain/list", undef);
  97 if ( $data->{'response'} eq 'ok' )
  98 {
  99         $domain = $data->{'list'}[0];
 100 }
 101 else
 102 {
 103         printf("Unable to get domain name. Aborting\n");
 104         logout();
 105         exit;
 106 }
 107
 108 if ( $username =~ /@/ )
 109 {
 110         ( $username, $domain ) = split /@/, $username;
 111 }
 112
 113 $data = exec_apinode("user/available", { 'username' => $username, 'domain' => $domain });
 114 if ( $data->{'response'} eq 'ok' )
 115 {
 116         printf("Username is not registered.\n");
 117         logout();
 118         exit;
 119 }
 120
 121 if ( not $data->{'cause'} eq 'exists' )
 122 {
 123         printf("Username lookup failed, cause: %s.\n", $data->{'cause'});
 124         logout();
 125         exit;
 126 }
 127 undef $data;
 128
 129 if ( not $permission )
 130 {
 131
 132         undef $data;
 133         $data = exec_apinode("permissions/get", { 'username' => $username, 'domain' => $domain });
 134         if ( $data->{'response'} eq 'ok' )
 135         {
 136                 printf("Current permission number is %d\n", $data->{'permission'});
 137                 logout();
 138                 exit;
 139         }
 140         else
 141         {
 142                 printf("Failed lookup. cause: %s\n", $data->{'cause'});
 143                 logout();
 144                 exit;
 145         }
 146 }
 147 else
 148 {
 149         if ( not $permission =~ m/^\d+$/ )
 150         {
 151                 printf("Provided permission not a number.\n");
 152                 logout();
 153                 exit;
 154         }
 155         if ( ($permission < 1) || ( $permission > 256 ) )
 156         {
 157                 printf("Provided permission is outside valid range.\n");
 158                 logout();
 159                 exit;
 160         }
 161
 162         undef $data;
 163         $data = exec_apinode("permissions/set", { 'username' => $username, 'domain' => $domain, 'permission' => $permission });
 164         if ( $data->{'response'} eq 'ok' )
 165         {
 166                 printf("Set permission to: %d\n", $data->{'permission'});
 167                 logout();
 168                 exit;
 169         }
 170         else
 171         {
 172                 printf("Failed setting permission cause: %s\n", $data->{'cause'});
 173                 logout();
 174                 exit;
 175         }
 176 }
 177
 178 logout();
 179 ################################################################################################
 180 sub exec_apinode($$)
 181 {
 182         my $node = shift;
 183         my $param = shift;
 184
 185         my ( $response, $data );
 186
 187         $session = "" if not defined $session;
 188         $auth_key = "" if not defined $auth_key;
 189         my $url = $config->api_url . "/" . $node;
 190
 191         $param->{'session'} = $session;
 192         $param->{'auth_key'} = $auth_key;
 193
 194         $response = $g_ua->post( $url, $param );
 195         if ( $response->is_success )
 196         {
 197                 if ( $response->content =~ m/\s*{/ )
 198                 {
 199                         $data = decode_json( $response->content);
 200                 }
 201                 else
 202                 {
 203                         $data = $response->content;
 204                 }
 205
 206         }
 207         return $data;
 208 }
 209
 210 sub login_apikey
 211 {
 212         my $response = $g_ua->post( $config->api_url . "/auth/login",
 213                 [ "api_key" => $api_key ] );
 214
 215         my $data = decode_json( $response->content) if $response->is_success;
 216         die("HTTP error") unless $response->is_success;
 217
 218         if ( $data->{'response'} eq "ok" )
 219         {
 220                 $session = $data->{'session'};
 221                 $auth_key = $data->{'auth_key'};
 222         }
 223         else
 224         {
 225                 print "Unable to log in to Hermes API\n";
 226                 exit;
 227         }
 228         undef $data; undef $response;
 229 }
 230
 231 sub logout
 232 {
 233         my $response = $g_ua->post( $config->api_url . "/auth/logout",
 234                 [ "session" => $session ] );
 235         die("HTTP error") unless $response->is_success;
 236         undef $session; undef $auth_key;
 237 }
 238