37 if (!
$mem->checkRight()) {
50 'title' => _(
"FTP Access Security"),
51 'link' =>
'ip_main.php',
72 if ($whitelist &&
$mem->checkRight()) {
79 $db->query(
"SELECT * FROM authorised_ip WHERE uid= ? order by ip,subnet;", array(
$cuid));
80 while (
$db->next_record()) {
84 $r[
$db->f(
'id')][
'ip_human'] =
$db->f(
'ip');
86 $r[
$db->f(
'id')][
'ip_human'] =
$db->f(
'ip') .
"/" .
$db->f(
'subnet');
109 $db->query(
"SELECT id FROM authorised_ip_affected where authorised_ip_id = ?;", array(
$id));
110 while (
$db->next_record()) {
113 if (!
$db->query(
"delete from authorised_ip where id= ? and ( uid= ? or uid=0) limit 1;", array(
$id,
$cuid))) {
114 $msg->raise(
"ERROR",
'authip', _(
"query failed: " .
$db->Error));
132 if (!
$db->query(
"select ai.ip, ai.subnet, ai.infos, aia.parameters from authorised_ip ai, authorised_ip_affected aia where aia.protocol= ? and aia.authorised_ip_id = ai.id and ai.uid= ?;", array($s,
$cuid))) {
133 $msg->raise(
"ERROR",
'authip', _(
"query failed: " .
$db->Error));
137 while (
$db->next_record()) {
138 $r[] = Array(
"ip" =>
$db->f(
"ip"),
"subnet" =>
$db->f(
"subnet"),
"infos" =>
$db->f(
"infos"),
"parameters" =>
$db->f(
"parameters"));
152 if (!
$db->query(
"select ai.ip, ai.subnet from authorised_ip ai where ai.uid='0';")) {
153 $msg->raise(
"ERROR",
'authip', _(
"query failed: " .
$db->Error));
156 while (
$db->next_record()) {
174 $ip = inet_pton($ip);
177 if ($o >= $ip && $o <= ($ip +
$sub)) {
191 if (!
$mem->checkRight()) {
218 if (
$uid === 0 &&
$mem->checkRight()) {
228 $tmp = explode(
'/', $ipsub);
233 $msg->raise(
"ERROR",
'authip', _(
"Failed : not an IP address"));
238 if (isset($tmp[1])) {
239 $subnet = intval($tmp[1]);
249 if (
checkip($ip) && $subnet > 32) {
255 foreach ($list_affected as $k => $v) {
258 if (!
$db->query(
"update authorised_ip set ip= ?, subnet= ?, infos= ? where id= ? and uid=? ;", array($ip, $subnet,
$infos,
$id,
$cuid))) {
259 $msg->raise(
"ERROR",
'authip', _(
"query failed: " .
$db->Error));
262 foreach ($list_affected as $k => $v) {
266 if (!
$db->query(
"insert into authorised_ip (uid, ip, subnet, infos) values (?, ?, ?, ?);", array(
$cuid, $ip, $subnet,
$infos))) {
267 $msg->raise(
"ERROR",
'authip', _(
"query failed: " .
$db->Error));
284 $db->query(
"SELECT id FROM authorised_ip WHERE uid = ?;", array(
$cuid));
285 while (
$db->next_record()) {
300 $authclass =
$hooks->invoke(
'authip_class');
304 foreach ($authclass as $k => $v) {
305 $authclass[$k][
'class'] = $k;
326 $authorised_ip_id = intval($authorised_ip_id);
331 if (!$db->query(
"update authorised_ip_affected set authorised_ip_id= ?, protocol= ?, parameters= ? where id = ? limit 1;", array($authorised_ip_id, $protocol, $parameters,
$id))) {
332 $msg->raise(
"ERROR",
'authip', _(
"query failed: " .
$db->Error));
337 if (!$db->query(
"insert into authorised_ip_affected (authorised_ip_id, protocol, parameters) values (?, ?, ?);", array($authorised_ip_id, $protocol, $parameters))) {
338 $msg->raise(
"ERROR",
'authip', _(
"query failed: " .
$db->Error));
341 $this->
call_hooks(
"authip_on_create", $db->lastid());
363 if (!$db->query(
"delete from authorised_ip_affected where id= ? limit 1;", array(
$id))) {
364 $msg->raise(
"ERROR",
'authip', _(
"query failed: " .
$db->Error));
386 if (!isset(
$d[$affectation_id])) {
387 $msg->raise(
"ERROR",
'authip', _(
"Object not available"));
391 $affectation =
$d[$affectation_id];
395 if (!isset($e[$affectation[
'protocol']])) {
396 $msg->raise(
"ERROR",
'authip', sprintf(_(
"Can't identified class for the protocole %s"), $affectation[
'protocol']));
399 $c = $e[$affectation[
'protocol']][
'class'];
402 $hooks->invoke($function, Array($affectation), Array(
$c));
420 if (is_null($ip_id)) {
421 $db->query(
"select aia.* from authorised_ip_affected aia, authorised_ip ai where ai.uid= ? and aia.authorised_ip_id = ai.id order by protocol, parameters;", array(
$cuid));
423 $db->query(
"select aia.* from authorised_ip_affected aia, authorised_ip ai where ai.uid= ? and aia.authorised_ip_id = ? order by protocol, parameters;", array(
$cuid, intval($ip_id)));
425 while (
$db->next_record()) {
ip_delete($id)
Supprime une IP des IP de l'utilisateur et supprime les droits attaché en cascade.
get_auth_class()
Analyse les classes et récupéres les informations des classes voulant de la restriction IP.
call_hooks($function, $affectation_id)
Appel les hooks demandé avec en parametres les affectationt ip<=>ressource dont l'id est en parametre...
list_ip($whitelist=false)
Retourne la liste des ip spécifiées par cet utilisateur.
ip_save_whitelist($id, $ipsub, $infos)
Sauvegarde une IP dans les IP TOUJOURS authorisée.
ip_affected_delete($id)
Supprime une affectation ip<=>ressource Nota : lance des hooks dans la classe correspondante pour inf...
list_ip_whitelist()
Retourne la liste des ip whitelist.
ip_save($id, $ipsub, $infos, $uid=null)
Sauvegarde une IP dans les IP authorisée.
is_in_subnet($o, $ip, $sub)
Retourne si l'ip appartient au subnet.
alternc_del_member()
Fonction appelée par Alternc lors de la suppression d'un utilisateur.
get_allowed($s)
Liste les IP et subnet authorisés pour une classe donnée.
list_affected($ip_id=null)
Liste les affectation ip<=>ressource d'un utilisateur.
ip_affected_save($authorised_ip_id, $protocol, $parameters, $id=null)
Enregistre ou modifie une affectation ip<=>ressource Nota : lance des hooks sur la classe corresponda...
checkipv6($ip)
Check that $ip is a correct ipv6 ip.
checkip($ip)
Check that $ip is a correct 4 Dotted ip.
if(!isset($is_include)) if(! $key &&! $crt) $id
if(in_array($action, array('start', 'stop', 'monit'))) switch($action) if($lxc->error &&! $script) $infos