From 1891fd835cc3cd60d7c3a2ec8bf90b51ca261bf0 Mon Sep 17 00:00:00 2001
From: Karl 'vollmerk' Vollmer <vollmer@ampache.org>
Date: Sat, 31 Jan 2009 23:48:46 +0000
Subject: [PATCH] ACL with IPv6 should be working / testing now

---
 admin/access.php                          | 68 ++++++++++++++++++++++-
 lib/class/access.class.php                | 45 ++++++++++++++-
 templates/show_add_access.inc.php         |  2 +-
 templates/show_add_access_current.inc.php |  2 +-
 templates/show_add_access_local.inc.php   |  8 +--
 templates/show_add_access_rpc.inc.php     |  8 +--
 templates/show_edit_access.inc.php        | 48 ++++++++--------
 7 files changed, 142 insertions(+), 39 deletions(-)

diff --git a/admin/access.php b/admin/access.php
index 6ffaa167..0fa88a15 100644
--- a/admin/access.php
+++ b/admin/access.php
@@ -35,9 +35,70 @@ switch ($_REQUEST['action']) {
 		show_confirmation(_('Deleted'),_('Your Access List Entry has been removed'),$url);
 	break;
 	case 'add_host':
-		Access::create($_POST); 
-		$url = Config::get('web_path') . '/admin/access.php';
-		show_confirmation(_('Added'),_('Your new Access List Entry has been created'),$url);
+
+		// Make sure we've got a valid form submission
+		if (!Core::form_verify('add_acl','post')) { 
+			access_denied(); 
+			exit; 
+		} 
+
+		// We need to pre-process this a little bit as stuff is coming in from all over
+		switch ($_GET['method']) { 
+			case 'advanced': 
+				Access::create($_POST); 
+			break; 
+			case 'local': 
+				$_POST['type'] = 'network'; 
+				Access::create($_POST); 
+				
+				// Create Additional stuff based on the type
+				if ($_POST['addtype'] == 'streamnetwork' OR $_POST['addtype'] == 'allnetwork') { 
+					$_POST['type'] = 'stream'; 
+					Access::create($_POST); 
+				} 
+				if ($_POST['addtype'] == 'allnetwork') { 
+					$_POST['type'] = 'interface'; 
+					Access::create($_POST); 
+				} 
+			break; 
+			case 'current': 
+				$_POST['type'] = 'interface'; 
+				Access::create($_POST); 
+				$_POST['type'] = 'stream'; 
+				Access::create($_POST); 
+			break; 
+			case 'rpc': 
+				$_POST['type'] = 'rpc';
+				Access::create($_POST); 
+
+				// Create Additional stuff based on the type
+				if ($_POST['addtype'] == 'streamrpc' OR $_POST['addtype'] == 'allrpc') { 
+					$_POST['type'] = 'stream'; 
+					Access::create($_POST); 
+				}
+				if ($_POST['addtype'] == 'allrpc') { 
+					$_POST['type'] = 'interface'; 
+					Access::create($_POST); 
+				} 
+			break; 
+			default: 
+				// Do nothing they f'ed something up
+			break; 
+		} // end switch on method
+
+		if (!Error::occurred()) { 
+			$url = Config::get('web_path') . '/admin/access.php';
+			show_confirmation(_('Added'),_('Your new Access Control List(s) have been created'),$url);
+		} 
+		else { 
+			switch ($_GET['method']) { 
+				case 'rpc': require_once Config::get('prefix') . '/templates/show_add_access_rpc.inc.php'; break;
+				case 'local': require_once Config::get('prefix') . '/templates/show_add_access_local.inc.php'; break; 
+				case 'current': require_once Config::get('prefix') . '/templates/show_add_access_current.inc.php'; break;
+				case 'advanced': require_once Config::get('prefix') . '/templates/show_add_access.inc.php'; break; 
+				default: require_once Config::get('prefix') . '/templates/show_access_list.inc.php'; break; 
+			} 
+		} 
 	break;
 	case 'update_record':
 		$access = new Access($_REQUEST['access_id']); 
@@ -58,6 +119,7 @@ switch ($_REQUEST['action']) {
 	break;
 	case 'show_edit_record':
 		$access = new Access($_REQUEST['access_id']);
+		$access->format(); 
 		require_once Config::get('prefix') . '/templates/show_edit_access.inc.php';
 	break;
 	default:
diff --git a/lib/class/access.class.php b/lib/class/access.class.php
index 9f8e6016..28a98073 100644
--- a/lib/class/access.class.php
+++ b/lib/class/access.class.php
@@ -120,9 +120,27 @@ class Access {
 	public static function create($data) { 
 
 		/* We need to verify the incomming data a littlebit */
+		$start = @inet_pton($data['start']); 
+		$end = @inet_pton($data['end']); 
 
-		$start 	= Dba::escape(inet_pton($data['start'])); 
-		$end 	= Dba::escape(inet_pton($data['end']));
+		if (!$start AND $data['start'] != '0.0.0.0' AND $data['start'] != '::') { 
+			Error::add('start',_('Invalid IPv4 / IPv6 Address Entered')); 
+			return false; 
+		} 
+		if (!$end) { 
+			Error::add('end',_('Invalid IPv4 / IPv6 Address Entered')); 
+			return false; 
+		} 
+
+		// Check existing ACL's to make sure we're not duplicating values here
+		if (self::exists($data)) { 
+			debug_event('ACL Create','Error did not create duplicate ACL entrie for ' . $data['start'] . ' - ' . $data['end'],'1'); 
+			return false; 
+		} 
+
+
+		$start 	= Dba::escape($start); 
+		$end 	= Dba::escape($end);
 		$name	= Dba::escape($data['name']);
 		$key	= Dba::escape($data['key']);
 		$user	= $data['user'] ? Dba::escape($data['user']) : '-1'; 
@@ -138,6 +156,29 @@ class Access {
 
 	} // create
 
+	/**
+	 * exists
+	 * this sees if the ACL that we've specified already exists, prevent duplicates. This ignores the name
+	 */
+	public static function exists($data) { 
+
+		$start = Dba::escape(inet_pton($data['start'])); 
+		$end = Dba::escape(inet_pton($data['end'])); 
+		$type = self::validate_type($data['type']); 
+		$user = $data['user'] ? Dba::escape($data['user']) : '-1'; 
+
+		$sql = "SELECT * FROM `access_list` WHERE `start`='$start' AND `end` = '$end' " . 
+			"AND `type`='$type' AND `user`='$user'"; 
+		$db_results = Dba::read($sql); 
+
+		if (Dba::fetch_assoc($db_results)) { 
+			return true; 
+		} 
+
+		return false; 
+
+	} // exists
+
 	/**
 	 * delete
 	 * deletes the specified access_list entry
diff --git a/templates/show_add_access.inc.php b/templates/show_add_access.inc.php
index 79d3de38..d2e537c5 100644
--- a/templates/show_add_access.inc.php
+++ b/templates/show_add_access.inc.php
@@ -20,7 +20,7 @@
 */
 ?>
 <?php show_box_top(_('Advanced Add')); ?>
-<form name="update_catalog" method="post" enctype="multipart/form-data" action="<?php echo Config::get('web_path'); ?>/admin/access.php?action=add_host">
+<form name="update_catalog" method="post" enctype="multipart/form-data" action="<?php echo Config::get('web_path'); ?>/admin/access.php?action=add_host&method=advanced">
 <table class="tabledata" cellpadding="5" cellspacing="0">
 <tr>
 	<td><?php echo _('Name'); ?>:</td>
diff --git a/templates/show_add_access_current.inc.php b/templates/show_add_access_current.inc.php
index e999ad57..64e9e5eb 100644
--- a/templates/show_add_access_current.inc.php
+++ b/templates/show_add_access_current.inc.php
@@ -20,7 +20,7 @@
 */
 ?>
 <?php show_box_top(_('Add Current Host')); ?>
-<form name="update_catalog" method="post" enctype="multipart/form-data" action="<?php echo Config::get('web_path'); ?>/admin/access.php?action=add_host">
+<form name="update_catalog" method="post" enctype="multipart/form-data" action="<?php echo Config::get('web_path'); ?>/admin/access.php?action=add_host&method=current">
 <table class="tabledata" cellpadding="5" cellspacing="0">
 <tr>
 	<td><?php echo _('Name'); ?>:</td>
diff --git a/templates/show_add_access_local.inc.php b/templates/show_add_access_local.inc.php
index f7332f9d..cb6f4d43 100644
--- a/templates/show_add_access_local.inc.php
+++ b/templates/show_add_access_local.inc.php
@@ -20,7 +20,7 @@
 */
 ?>
 <?php show_box_top(_('Add Local Network Definition')); ?>
-<form name="update_catalog" method="post" enctype="multipart/form-data" action="<?php echo Config::get('web_path'); ?>/admin/access.php?action=add_host">
+<form name="update_catalog" method="post" enctype="multipart/form-data" action="<?php echo Config::get('web_path'); ?>/admin/access.php?action=add_host&method=local">
 <table class="tabledata" cellpadding="5" cellspacing="0">
 <tr>
 	<td><?php echo _('Name'); ?>:</td>
@@ -47,9 +47,9 @@
 <tr>
 	<td valign="top"><?php echo _('Type'); ?>:</td>
 	<td colspan="3">
-		<input type="radio" name="type" value="network" /><?php echo _('Local Network Definition'); ?><br />
-		<input type="radio" name="type" value="streamnetwork" /><?php echo _('Local Network Definition'); ?> + <?php echo _('Stream Access'); ?> + <?php echo _('Web Interface'); ?><br />
-		<input type="radio" name="type" value="allnetwork" checked="checked" /><?php echo _('Local Network Definition'); ?> + <?php echo _('All'); ?><br />
+		<input type="radio" name="addtype" value="network" /><?php echo _('Local Network Definition'); ?><br />
+		<input type="radio" name="addtype" value="streamnetwork" /><?php echo _('Local Network Definition'); ?> + <?php echo _('Stream Access'); ?> + <?php echo _('Web Interface'); ?><br />
+		<input type="radio" name="addtype" value="allnetwork" checked="checked" /><?php echo _('Local Network Definition'); ?> + <?php echo _('All'); ?><br />
 	</td>
 </tr>
 <tr>
diff --git a/templates/show_add_access_rpc.inc.php b/templates/show_add_access_rpc.inc.php
index c23bfb36..c4600562 100644
--- a/templates/show_add_access_rpc.inc.php
+++ b/templates/show_add_access_rpc.inc.php
@@ -20,7 +20,7 @@
 */
 ?>
 <?php show_box_top(_('Add API / RPC Host')); ?>
-<form name="update_catalog" method="post" enctype="multipart/form-data" action="<?php echo Config::get('web_path'); ?>/admin/access.php?action=add_host">
+<form name="update_catalog" method="post" enctype="multipart/form-data" action="<?php echo Config::get('web_path'); ?>/admin/access.php?action=add_host&method=rpc">
 <table class="tabledata" cellpadding="5" cellspacing="0">
 <tr>
 	<td><?php echo _('Name'); ?>:</td>
@@ -47,9 +47,9 @@
 <tr>
 	<td valign="top"><?php echo _('Type'); ?>:</td>
 	<td colspan="3">
-		<input type="radio" name="type" value="rpc" /><?php echo _('RPC'); ?><br />
-		<input type="radio" name="type" value="streamrpc" checked="checked" /><?php echo _('RPC'); ?> + <?php echo _('Stream Access'); ?><br />
-		<input type="radio" name="type" value="allrpc" /><?php echo _('RPC'); ?> + <?php echo _('All'); ?>
+		<input type="radio" name="addtype" value="rpc" /><?php echo _('RPC'); ?><br />
+		<input type="radio" name="addtype" value="streamrpc" checked="checked" /><?php echo _('RPC'); ?> + <?php echo _('Stream Access'); ?><br />
+		<input type="radio" name="addtype" value="allrpc" /><?php echo _('RPC'); ?> + <?php echo _('All'); ?>
 	</td>
 </tr>
 <tr>
diff --git a/templates/show_edit_access.inc.php b/templates/show_edit_access.inc.php
index 9aa6c25e..72404892 100644
--- a/templates/show_edit_access.inc.php
+++ b/templates/show_edit_access.inc.php
@@ -1,7 +1,7 @@
 <?php
 /*
 
- Copyright (c) 2001 - 2007 Ampache.org
+ Copyright (c) Ampache.org
  All rights reserved.
 
  This program is free software; you can redistribute it and/or
@@ -19,16 +19,16 @@
 
 */
 ?>
-<?php show_box_top(_('Edit ACL')); ?>
-<form name="edit_access" method="post" enctype="multipart/form-data" action="<?php echo Config::get('web_path'); ?>/admin/access.php?action=update_record&amp;access_id=<?php echo intval($access->id); ?>">
+<?php show_box_top(_('Edit Access Control List')); ?>
+<form name="edit_access" method="post" enctype="multipart/form-data" action="<?php echo Config::get('web_path'); ?>/admin/access.php?action=update_record&access_id=<?php echo intval($access->id); ?>">
 <table class="table-data">
 <tr>
 	<td><?php echo _('Name'); ?>: </td>
-	<td><input type="text" name="name" value="<?php echo scrub_out($access->name); ?>" /></td>
+	<td colspan="3"><input type="text" name="name" value="<?php echo scrub_out($access->name); ?>" /></td>
 </tr>
 <tr>
 	<td><?php echo _('ACL Type'); ?>: </td>
-        <td>
+        <td colspan="3">
                 <select name="type">
 			<?php $name = 'sl_' . $access->type; ${$name} = ' selected="selected"'; ?>
                         <option value="stream"<?php echo $sl_stream; ?>><?php echo _('Stream Access'); ?></option>
@@ -40,46 +40,46 @@
 
 </tr>
 <tr>
-	<td><?php echo _('Start IP Address'); ?>:</td>
-	<td>
-		<input type="text" name="start" value="<?php echo long2ip($access->start); ?>" size="20" maxlength="15" />
-		<span class="information">(0.0.0.0)</span>
-	</td>
+        <td colspan="4"><h3><?php echo _('IPv4 or IPv6 Addresses'); ?></h3>
+                <span class="information">(255.255.255.255) / (ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff)</span>
+        </td>
 </tr>
 <tr>
-	<td><?php echo _('End IP Address'); ?>:</td>
+	<td><?php echo _('Start'); ?>:</td>
 	<td>
-		<input type="text" name="end" value="<?php echo long2ip($access->end); ?>" size="20" maxlength="15" />
-		<span class="information">(0.0.0.0)</span>
+		<input type="text" name="start" value="<?php echo $access->f_start; ?>" size="20" maxlength="15" />
+	</td>
+	<td><?php echo _('End'); ?>:</td>
+	<td>
+		<input type="text" name="end" value="<?php echo $access->f_end; ?>" size="20" maxlength="15" />
 	</td>
 </tr>
 <tr>
 	<td><?php echo _('User'); ?>:</td>
-	<td>
+	<td colspan="3">
 		<?php show_user_select('user',$access->user); ?>
 	</td>
 </tr>
 <tr>
 	<td><?php echo _('Remote Key'); ?></td>
-	<td>
+	<td colspan="3">
 		<input type="text" name="key" value="<?php echo scrub_out($access->key); ?>" size="32" maxlength="32" />
 	</td>
 </tr>
 <tr>
 	<td><?php echo _('Level'); ?>:</td>
-	<td>
-		<select name="level">
-			<?php $name = 'level_' . $access->level; ${$name} = 'selected="selected"'; ?>
-			<option value="5"  <?php echo $level_5;  ?>><?php echo _('View'); ?></option>
-			<option value="25" <?php echo $level_25; ?>><?php echo _('Read'); ?></option>
-			<option value="50" <?php echo $level_50; ?>><?php echo _('Read/Write'); ?></option>
-			<option value="75" <?php echo $level_75; ?>><?php echo _('All'); ?></option>
-		</select>
+	<td colspan="3">
+		<?php $name = 'level_' . $access->level; ${$name} = 'checked="checked"'; ?>
+		<input type="radio" name="level" value="5"  <?php echo $level_5;  ?>><?php echo _('View'); ?>
+		<input type="radio" name="level" value="25" <?php echo $level_25; ?>><?php echo _('Read'); ?>
+		<input type="radio" name="level" value="50" <?php echo $level_50; ?>><?php echo _('Read/Write'); ?>
+		<input type="radio" name="level" value="75" <?php echo $level_75; ?>><?php echo _('All'); ?>
 	</td>
 </tr>
 </table>
 <div class="formValidation">
-  <input type="submit" value="<?php echo _('Update'); ?>" />
+	<?php Core::form_register('edit_acl'); ?>
+	<input type="submit" value="<?php echo _('Update'); ?>" />
 </div>
 </form>
 <?php show_box_bottom(); ?>