--- /dev/null
+<?php
+/*
+# Copyright (c) 2012, Gjøvik University College
+# All rights reserved.
+
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+# * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above copyright
+# notice, this list of conditions and the following disclaimer in the
+# documentation and/or other materials provided with the distribution.
+# * Neither the name of the Gjøvik University College nor the
+# names of its contributors may be used to endorse or promote products
+# derived from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY Gjøvik University College ''AS IS'' AND ANY
+# EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+# DISCLAIMED. IN NO EVENT SHALL Gjøvik University College BE LIABLE FOR ANY
+# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+*/
+require_once('config.php');
+require_once('lib/auth_base.php');
+require_once('lib/common_functions.php');
+require_once('lib/db_functions.php');
+require_once('lib/permission_functions.php');
+
+$config = get_config();
+
+$config['sql_link'] = @mysql_connect(
+ $config['sql_server'],
+ $config['sql_username'],
+ $config['sql_password']
+);
+if ( !$config['sql_link'] )
+{
+ print json_encode( array( 'response' => 'failed', 'cause' => 'error', 'detail' => 'Database connection failed.'));
+ exit;
+}
+token_auth();
+
+
+//*************************************************************************************
+ switch ( $_SERVER['PATH_INFO'] )
+ {
+ case "/get":
+ // Required GET parameters:
+ // user: authentication username, SIP-username without domain component
+ // domain: Domain/realm of the user. username + '@' + domain == SIP address.
+
+ if ( array_key_exists('user', $_POST) ||
+ ( array_key_exists('username', $_POST) && array_key_exists('domain', $_POST )))
+ {
+ $username = "";
+ $domain = "";
+ if ( array_key_exists('username', $_POST) )
+ {
+ $username = $_POST['username'];
+ $domain = $_POST['domain'];
+ }
+ else
+ {
+ $user = split_sipaddress($_POST['user']);
+ if ( !$user )
+ {
+ print json_encode ( array( 'response' => 'failed', 'cause' => 'invalid', 'detail' => 'Invalid SIP address') );
+ break;
+ }
+ list ( $username, $domain ) = $user;
+ }
+
+ // Dummy-response:
+ $permission = get_permission( $username, $domain );
+ if ( $permission > -1 )
+ {
+ print json_encode( array( 'response' => 'ok', 'permission' => $permission ));
+ }
+ else
+ {
+ if ( $permission == -1 )
+ print json_encode( array ( 'response' => 'failed', 'cause' => 'nonexistant', 'detail' => 'User does not exist.'));
+ else
+ print json_encode( array ( 'response' => 'failed', 'cause' => 'dbfail', 'detail' => 'Database lookup failed.'));
+ }
+ }
+ else
+ print json_encode ( array( 'response' => 'invalid') );
+ break;
+
+ case "/set":
+ // Required GET parameters:
+ // user: authentication username, SIP-username without domain component
+ // domain: Domain/realm of the user. username + '@' + domain == SIP address.
+
+ if ( array_key_exists('permission', $_POST ) &&
+ ( array_key_exists('user', $_POST) ||
+ ( array_key_exists('username', $_POST) && array_key_exists('domain', $_POST ))) )
+ {
+ $permission = 0;
+ $username = "";
+ $domain = "";
+ if ( array_key_exists('permission', $_POST) )
+ $permission = $_POST['permission'];
+
+ if ( array_key_exists('username', $_POST) )
+ {
+ $username = $_POST['username'];
+ $domain = $_POST['domain'];
+ }
+ else
+ {
+ $user = split_sipaddress($_POST['user']);
+ if ( !$user )
+ {
+ print json_encode ( array( 'response' => 'failed', 'cause' => 'invalid', 'detail' => 'Invalid SIP address') );
+ break;
+ }
+ list ( $username, $domain ) = $user;
+ }
+
+ // Dummy-response:
+ $result = set_permission( $username, $domain, $permission );
+ if ( $result == 1 )
+ {
+ print json_encode( array( 'response' => 'ok', 'permission' => $permission ));
+ }
+ else
+ {
+ print json_encode( array ( 'response' => 'failed', 'cause' => 'dbfail', 'detail' => 'Update query to database failed.'));
+ }
+ }
+ else
+ print json_encode ( array( 'response' => 'invalid') );
+ break;
+
+
+ default:
+ print json_encode ( array( 'response' => 'invalid') );
+ }
+mysql_close( $config['sql_link'] );
+?>
git.defcon.no / hermes / blobdiff