- Timestamp:
- Jun 18, 2006 8:50:35 AM (18 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/bin/acl.cli.php
r173 r174 14 14 ********************************************************************/ 15 15 16 $this_script = basename($_SERVER['argv'][0]); 17 16 18 // Give them a fighting chance. Show the help message. ;P 17 19 if ($_SERVER['argc'] <= 1) { … … 23 25 $db_quth_file = COMMON_BASE . '/global/db_auth.inc.php'; 24 26 if (!file_exists($db_quth_file)) { 25 die(sprintf("%s error: the current directory must be common site directory (i.e. the parent directory of the document root) AND the global/db_auth.inc.php file must exist.\n", $ _SERVER['argv'][0]));27 die(sprintf("%s error: the current directory must be common site directory (i.e. the parent directory of the document root) AND the global/db_auth.inc.php file must exist.\n", $this_script)); 26 28 } 27 29 28 30 if (fileowner($db_quth_file) != getmyuid()) { 29 die(sprintf("%s error: you must execute this script as the owner of the web files.\n", $ _SERVER['argv'][0]));31 die(sprintf("%s error: you must execute this script as the owner of the web files.\n", $this_script)); 30 32 } 31 33 … … 55 57 'display_errors' => true, 56 58 'error_reporting' => E_ALL, 57 'log_file_priority' => LOG_ DEBUG,58 'log_screen_priority' => LOG_ NOTICE,59 'log_file_priority' => LOG_INFO, 60 'log_screen_priority' => LOG_ERR, 59 61 'log_directory' => COMMON_BASE . '/log', 60 62 'log_filename' => 'site_log', … … 82 84 switch ($op) { 83 85 case 'list' : 84 $type = isset($_SERVER['argv'][2]) ? $_SERVER['argv'][2] : null; 85 if (isset($type)) { 86 listACL('root', $type); 87 } else { 88 89 echo "\n_______________________Access Request Objects________________________\n\n"; 90 listACL('root', 'aro'); 91 echo "\n_______________________Access Control Objects________________________\n\n"; 92 listACL('root', 'aco'); 93 echo "\n______________________Access eXtension Objects_______________________\n\n"; 94 listACL('root', 'axo'); 95 } 96 break; 86 $type = isset($_SERVER['argv'][2]) ? $_SERVER['argv'][2] : null; 87 switch ($type) { 88 case 'aro' : 89 case 'aco' : 90 case 'axo' : 91 listObjects('root', $type); 92 break; 93 case 'all' : 94 listObjects('root', 'aro'); 95 listObjects('root', 'aco'); 96 listObjects('root', 'axo'); 97 break; 98 case 'perms' : 99 default : 100 listPerms(); 101 break; 102 } 103 break; 97 104 98 105 case 'addaro' : … … 107 114 break; 108 115 116 case 'mvaro' : 117 case 'mvaco' : 118 case 'mvaxo' : 119 $object = isset($_SERVER['argv'][2]) ? $_SERVER['argv'][2] : null; 120 $parent = isset($_SERVER['argv'][3]) ? $_SERVER['argv'][3] : null; 121 if (!isset($object)) { 122 echo "'mv*' commands require at least one argument. Try 'help' if you are lost.\n"; 123 } 124 echo $acl->move($object, $parent, str_replace('mv', '', $op)) ? "Ok\n" : "Error!\n"; 125 break; 126 109 127 case 'rmaro' : 110 128 case 'rmaco' : … … 167 185 function help() 168 186 { 187 global $this_script; 188 169 189 ?> 170 190 Access Control List command line tool. … … 176 196 177 197 Three types of objects are managed by this interface: ARO - Access 178 Request Objects, ACO - Access Control Objects, and AXO - Access eXtention198 Request Objects, ACO - Access Control Objects, and AXO - Access Xtra 179 199 Objects. These are most often used as a USER -> ACTION -> OBJECT model, 180 200 but can just as easily be SPICES -> CUISINES -> DISHES A privilege is … … 190 210 "anything" since it is at the top of all branches. 191 211 192 Usage: <?php echo $_SERVER['argv'][0]; ?> <command> [args] 193 194 195 <?php echo $_SERVER['argv'][0]; ?> initdb 196 <?php echo $_SERVER['argv'][0]; ?> list [aro | aco | axo] 197 <?php echo $_SERVER['argv'][0]; ?> addaro <aro_object> [parent] 198 <?php echo $_SERVER['argv'][0]; ?> addaco <aco_object> [parent] 199 <?php echo $_SERVER['argv'][0]; ?> addaxo <axo_object> [parent] 200 <?php echo $_SERVER['argv'][0]; ?> rmaro <aro_object> 201 <?php echo $_SERVER['argv'][0]; ?> rmaco <aco_object> 202 <?php echo $_SERVER['argv'][0]; ?> rmaxo <axo_object> 203 <?php echo $_SERVER['argv'][0]; ?> grant <aro_object> [aco_object] [axo_object] 204 <?php echo $_SERVER['argv'][0]; ?> revoke <aro_object> [aco_object] [axo_object] 205 206 For the add*, grant, and revoke commands, if any of the optional 212 Usage: <?php echo $this_script; ?> <command> [args] 213 214 Where <command> is any of the following (with arguments): 215 216 initdb 217 list [aro | aco | axo | all | perms] 218 addaro <aro_object> [parent] 219 addaco <aco_object> [parent] 220 addaxo <axo_object> [parent] 221 mvaro <aro_object> [parent] 222 mvaco <aco_object> [parent] 223 mvaxo <axo_object> [parent] 224 rmaro <aro_object> 225 rmaco <aco_object> 226 rmaxo <axo_object> 227 grant <aro_object> [aco_object] [axo_object] 228 revoke <aro_object> [aco_object] [axo_object] 229 230 For the add*, mv*, grant, and revoke commands if any of the optional 207 231 args are not provided, 'root' is assumed. 208 232 … … 213 237 214 238 215 function listACL($root, $type) 239 /* 240 * Print the tree structure of a specified table (aro_tbl, aco_tbl, or axo_tbl). 241 * 242 * @access public 243 * @param string $root Root node from which to begin calculating. 244 * @param string $type Table to call, one of: aro, aco, or axo. 245 * @return bool Returns false on error. 246 * @author Quinn Comendant <quinn@strangecode.com> 247 * @version 1.0 248 * @since 17 Jun 2006 23:41:22 249 */ 250 function listObjects($root, $type) 216 251 { 217 252 $app =& App::getInstance(); 218 253 $db =& DB::getInstance(); 219 254 global $this_script; 255 256 echo "\n"; 257 220 258 switch ($type) { 221 259 case 'aro' : 222 260 $tbl = 'aro_tbl'; 261 printf("%-35s %-5s %-5s %s\n", 'Request objects', 'lft', 'rgt', 'Added'); 223 262 break; 224 263 case 'aco' : 225 264 $tbl = 'aco_tbl'; 265 printf("%-35s %-5s %-5s %s\n", 'Control objects', 'lft', 'rgt', 'Added'); 226 266 break; 227 267 case 'axo' : 228 268 $tbl = 'axo_tbl'; 269 printf("%-35s %-5s %-5s %s\n", 'Xtra objects', 'lft', 'rgt', 'Added'); 229 270 break; 230 271 default : … … 233 274 break; 234 275 } 235 276 277 echo "-----------------------------------------------------------\n"; 278 236 279 // Retrieve the left and right value of the $root node. 237 280 $qid = $db->query("SELECT lft, rgt FROM $tbl WHERE name = '" . $db->escapeString($root) . "'"); … … 249 292 250 293 // Display indented node title. 251 printf("%- 20s %-5s %-5s %s\n", str_repeat(' ', sizeof($depth)) . $name, $lft, $rgt, $added_datetime);294 printf("%-35s %-5s %-5s %s\n", str_repeat(' ', sizeof($depth)) . $name, $lft, $rgt, date($app->getParam('date_format'), strtotime($added_datetime))); 252 295 253 296 // Add this node to the stack. … … 256 299 } 257 300 301 /* 302 * List all entries in the acl_tbl. 303 * 304 * @access public 305 * @author Quinn Comendant <quinn@strangecode.com> 306 * @version 1.0 307 * @since 17 Jun 2006 15:11:53 308 */ 309 function listPerms() 310 { 311 $app =& App::getInstance(); 312 $db =& DB::getInstance(); 313 global $this_script; 314 315 // Retreive access value from db. 316 $qid = $db->query(" 317 SELECT aro_tbl.name AS aro, aco_tbl.name AS aco, axo_tbl.name AS axo, acl_tbl.access, acl_tbl.added_datetime 318 FROM acl_tbl 319 LEFT JOIN aro_tbl ON (acl_tbl.aro_id = aro_tbl.aro_id) 320 LEFT JOIN aco_tbl ON (acl_tbl.aco_id = aco_tbl.aco_id) 321 LEFT JOIN axo_tbl ON (acl_tbl.axo_id = axo_tbl.axo_id) 322 ORDER BY aro_tbl.aro_id ASC, aco_tbl.aco_id ASC, axo_tbl.axo_id ASC 323 "); 324 echo "\n"; 325 printf("%-25s %-25s %-25s %-6s %-10s\n", 'Request objects', 'Control objects', 'Xtra objects', '', 'Added'); 326 echo "------------------------------------------------------------------------------------------------\n"; 327 while ($p = mysql_fetch_assoc($qid)) { 328 printf("%-25s %-25s %-25s \033[0;%sm%-6s\033[0m %-10s\n", $p['aro'], $p['aco'], $p['axo'], ('allow' == $p['access'] ? '32' : '31'), $p['access'], date($app->getParam('date_format'), strtotime($p['added_datetime']))); 329 } 330 } 331 258 332 259 333 ?>
Note: See TracChangeset
for help on using the changeset viewer.