[Openvas-commits] r11648 - in trunk/openvas-manager: . src
scm-commit@wald.intevation.org
scm-commit at wald.intevation.org
Wed Sep 21 15:46:16 CEST 2011
Author: mattm
Date: 2011-09-21 15:46:10 +0200 (Wed, 21 Sep 2011)
New Revision: 11648
Modified:
trunk/openvas-manager/ChangeLog
trunk/openvas-manager/src/manage.c
trunk/openvas-manager/src/manage.h
trunk/openvas-manager/src/manage_sql.c
trunk/openvas-manager/src/omp.c
Log:
Add task observers.
* src/omp.c (get_configs_data_t, get_configs_data_reset)
(get_lsc_credentials_data_t, get_lsc_credentials_data_reset)
(get_nvts_data_t, get_nvts_data_reset, get_targets_data_t)
(get_targets_data_reset, get_tasks_data_t, get_tasks_data_reset): Add
actions.
(modify_task_data_t, modify_task_data_reset): Add observers.
(client_state_t): Add CLIENT_MODIFY_TASK_OBSERVERS.
(omp_xml_handle_start_element, omp_xml_handle_end_element)
(omp_xml_handle_text): Add OBSERVERS to MODIFY_TASK and GET_TASK. Move
CLIENT_GET_CONFIGS cleanup_iterator into right position. Add actions flag
to GET_TASKS, GET_TARGETS, GET_CONFIGS and GET_LSC_CREDENTIALS.
* src/manage_sql.c (user_t): New type.
(parse_actions, user_has_access_uuid): New functions.
(create_tables): Add table task_users.
(DEF_ACCESS): Move up in file.
(init_task_user_iterator, task_user_iterator_task)
(task_user_iterator_user, task_user_iterator_actions)
(task_user_iterator_name, init_user_task_iterator, task_observers)
(find_user, set_task_observers, find_task_for_actions)
(find_report_for_actions, find_target_for_actions)
(init_user_target_iterator, find_config_for_actions)
(init_user_config_iterator, find_lsc_credential_for_actions)
(init_user_lsc_credential_iterator): New functions.
(init_task_iterator, init_task_iterator, init_config_iterator)
(init_lsc_credential_iterator): Add actions arg to include other
users' tasks to which user has given access. Update callers.
(report_counts): Count GET accessible tasks.
* src/manage.h: Update headers appropriately.
(action_t): New type.
* src/manage.c: Update iterator init callers.
Modified: trunk/openvas-manager/ChangeLog
===================================================================
--- trunk/openvas-manager/ChangeLog 2011-09-21 04:34:36 UTC (rev 11647)
+++ trunk/openvas-manager/ChangeLog 2011-09-21 13:46:10 UTC (rev 11648)
@@ -1,5 +1,43 @@
2011-09-19 Matthew Mundell <matthew.mundell at greenbone.net>
+ Add task observers.
+
+ * src/omp.c (get_configs_data_t, get_configs_data_reset)
+ (get_lsc_credentials_data_t, get_lsc_credentials_data_reset)
+ (get_nvts_data_t, get_nvts_data_reset, get_targets_data_t)
+ (get_targets_data_reset, get_tasks_data_t, get_tasks_data_reset): Add
+ actions.
+ (modify_task_data_t, modify_task_data_reset): Add observers.
+ (client_state_t): Add CLIENT_MODIFY_TASK_OBSERVERS.
+ (omp_xml_handle_start_element, omp_xml_handle_end_element)
+ (omp_xml_handle_text): Add OBSERVERS to MODIFY_TASK and GET_TASK. Move
+ CLIENT_GET_CONFIGS cleanup_iterator into right position. Add actions flag
+ to GET_TASKS, GET_TARGETS, GET_CONFIGS and GET_LSC_CREDENTIALS.
+
+ * src/manage_sql.c (user_t): New type.
+ (parse_actions, user_has_access_uuid): New functions.
+ (create_tables): Add table task_users.
+ (DEF_ACCESS): Move up in file.
+ (init_task_user_iterator, task_user_iterator_task)
+ (task_user_iterator_user, task_user_iterator_actions)
+ (task_user_iterator_name, init_user_task_iterator, task_observers)
+ (find_user, set_task_observers, find_task_for_actions)
+ (find_report_for_actions, find_target_for_actions)
+ (init_user_target_iterator, find_config_for_actions)
+ (init_user_config_iterator, find_lsc_credential_for_actions)
+ (init_user_lsc_credential_iterator): New functions.
+ (init_task_iterator, init_task_iterator, init_config_iterator)
+ (init_lsc_credential_iterator): Add actions arg to include other
+ users' tasks to which user has given access. Update callers.
+ (report_counts): Count GET accessible tasks.
+
+ * src/manage.h: Update headers appropriately.
+ (action_t): New type.
+
+ * src/manage.c: Update iterator init callers.
+
+2011-09-19 Matthew Mundell <matthew.mundell at greenbone.net>
+
* src/manage_sql.c (print_report_xml): Add renaming TODO.
2011-09-19 Michael Wiegand <michael.wiegand at greenbone.net>
Modified: trunk/openvas-manager/src/manage.c
===================================================================
--- trunk/openvas-manager/src/manage.c 2011-09-21 04:34:36 UTC (rev 11647)
+++ trunk/openvas-manager/src/manage.c 2011-09-21 13:46:10 UTC (rev 11648)
@@ -1344,8 +1344,9 @@
if (target_ssh_credential)
{
- init_lsc_credential_iterator (&credentials, target_ssh_credential, 0,
- 1, NULL);
+ init_user_lsc_credential_iterator (&credentials,
+ target_ssh_credential, 0,
+ 1, NULL);
if (next (&credentials))
{
const char *user, *password;
@@ -1382,8 +1383,9 @@
if (target_smb_credential)
{
- init_lsc_credential_iterator (&credentials, target_smb_credential, 0,
- 1, NULL);
+ init_user_lsc_credential_iterator (&credentials,
+ target_smb_credential, 0,
+ 1, NULL);
if (next (&credentials))
{
const char *user, *password;
@@ -1423,7 +1425,7 @@
/* Create the target on the slave. */
- init_target_iterator (&targets, target, 0, 1, NULL);
+ init_user_target_iterator (&targets, target, 0, 1, NULL);
if (next (&targets))
{
const char *hosts;
@@ -2108,7 +2110,8 @@
{
iterator_t credentials;
- init_lsc_credential_iterator (&credentials, ssh_credential, 0, 1, NULL);
+ init_user_lsc_credential_iterator (&credentials, ssh_credential, 0, 1,
+ NULL);
if (next (&credentials))
{
const char *user = lsc_credential_iterator_login (&credentials);
@@ -2191,7 +2194,8 @@
{
iterator_t credentials;
- init_lsc_credential_iterator (&credentials, smb_credential, 0, 1, NULL);
+ init_user_lsc_credential_iterator (&credentials, smb_credential, 0, 1,
+ NULL);
if (next (&credentials))
{
const char *user = lsc_credential_iterator_login (&credentials);
Modified: trunk/openvas-manager/src/manage.h
===================================================================
--- trunk/openvas-manager/src/manage.h 2011-09-21 04:34:36 UTC (rev 11647)
+++ trunk/openvas-manager/src/manage.h 2011-09-21 13:46:10 UTC (rev 11648)
@@ -328,7 +328,7 @@
trash_task_count ();
void
-init_task_iterator (iterator_t*, task_t, int, int, const char*);
+init_task_iterator (iterator_t*, task_t, int, int, const char*, const char *);
task_t
task_iterator_task (iterator_t*);
@@ -502,6 +502,9 @@
gboolean
find_task (const char* id, task_t*);
+gboolean
+find_task_for_actions (const char*, task_t*, const char *);
+
void
reset_task (task_t);
@@ -510,7 +513,13 @@
/*@null@*/ const char*,
/*@null@*/ /*@only@*/ char*);
+char*
+task_observers (task_t);
+
int
+set_task_observers (task_t, const gchar *);
+
+int
request_delete_task_uuid (const char *, int);
int
@@ -602,6 +611,19 @@
next (iterator_t*);
�
+/* Access control. */
+
+/**
+ * @brief Actions.
+ */
+typedef enum
+{
+ MANAGE_ACTION_GET = 1,
+ MANAGE_ACTION_MODIFY = 2,
+ MANAGE_ACTION_USE = 3
+} action_t;
+
+�
/* Results. */
gboolean
@@ -622,6 +644,9 @@
gboolean
find_report (const char*, report_t*);
+gboolean
+find_report_for_actions (const char*, report_t*, const char *);
+
result_t
make_result (task_t, const char*, const char*, const char*, const char*,
const char*, const char*);
@@ -833,6 +858,9 @@
gboolean
find_target (const char*, target_t*);
+gboolean
+find_target_for_actions (const char*, target_t*, const char *);
+
int
create_target (const char*, const char*, const char*, const char*,
lsc_credential_t, const char*, lsc_credential_t, const char*,
@@ -842,8 +870,11 @@
delete_target (const char*, int);
void
-init_target_iterator (iterator_t*, target_t, int, int, const char*);
+init_user_target_iterator (iterator_t*, target_t, int, int, const char*);
+void
+init_target_iterator (iterator_t*, target_t, int, int, const char*, const char*);
+
target_t
target_iterator_target (iterator_t*);
@@ -957,6 +988,9 @@
delete_config (const char*, int);
gboolean
+find_config_for_actions (const char*, config_t*, const char*);
+
+gboolean
find_config (const char*, config_t*);
int
@@ -966,8 +1000,12 @@
config_nvt_timeout (config_t, const char *);
void
-init_config_iterator (iterator_t*, config_t, int, int, const char*);
+init_user_config_iterator (iterator_t*, config_t, int, int, const char*);
+void
+init_config_iterator (iterator_t*, config_t, int, int, const char*,
+ const char*);
+
config_t
config_iterator_config (iterator_t*);
@@ -1225,6 +1263,9 @@
gboolean
find_lsc_credential (const char*, lsc_credential_t*);
+gboolean
+find_lsc_credential_for_actions (const char*, lsc_credential_t*, const char *);
+
int
create_lsc_credential (const char*, const char*, const char*, const char*,
const char*, const char*, lsc_credential_t*);
@@ -1248,8 +1289,12 @@
set_lsc_credential_password (lsc_credential_t, const char *);
void
+init_user_lsc_credential_iterator (iterator_t*, lsc_credential_t, int, int,
+ const char*);
+
+void
init_lsc_credential_iterator (iterator_t*, lsc_credential_t, int, int,
- const char*);
+ const char*, const char*);
lsc_credential_t
lsc_credential_iterator_lsc_credential (iterator_t*);
Modified: trunk/openvas-manager/src/manage_sql.c
===================================================================
--- trunk/openvas-manager/src/manage_sql.c 2011-09-21 04:34:36 UTC (rev 11647)
+++ trunk/openvas-manager/src/manage_sql.c 2011-09-21 13:46:10 UTC (rev 11648)
@@ -71,6 +71,11 @@
typedef long long int resource_t;
/**
+ * @brief A user.
+ */
+typedef long long int user_t;
+
+/**
* @brief Database ROWID of 'Full and fast' config.
*/
#define CONFIG_ID_FULL_AND_FAST 1
@@ -911,6 +916,145 @@
}
/**
+ * @brief Parse an action specifier.
+ *
+ * @param[in] actions_string Specifier.
+ *
+ * @return Actions.
+ */
+static int
+parse_actions (const char *actions_string)
+{
+ int actions;
+ actions = 0;
+ if (strchr (actions_string, 'g'))
+ actions |= MANAGE_ACTION_GET;
+ if (strchr (actions_string, 'm'))
+ actions |= MANAGE_ACTION_MODIFY;
+ if (strchr (actions_string, 'u'))
+ actions |= MANAGE_ACTION_USE;
+ return actions;
+}
+
+/**
+ * @brief Test whether a user may access a resource for a set of actions.
+ *
+ * @param[in] resource Type of resource, for example "task".
+ * @param[in] uuid UUID of resource.
+ * @param[in] actions_string Actions.
+ *
+ * @return 1 if user may access resource, else 0.
+ */
+static int
+user_has_access_uuid (const char *resource, const char *uuid,
+ const char *actions_string)
+{
+ int ret, actions;
+
+ assert (current_credentials.uuid);
+
+ ret = user_owns_uuid (resource, uuid);
+ if (ret)
+ return ret;
+
+ if (actions_string == NULL || strlen (actions_string) == 0)
+ return 0;
+
+ actions = parse_actions (actions_string);
+
+ if (actions == 0)
+ return 0;
+
+ if (strcmp (resource, "report") == 0)
+ return sql_int (0, 0,
+ "SELECT count(*) FROM tasks"
+ " WHERE ROWID = (SELECT task FROM %ss WHERE uuid = '%s')"
+ " AND"
+ " ((owner IS NULL) OR (owner ="
+ " (SELECT users.ROWID FROM users WHERE users.uuid = '%s'))"
+ " OR ROWID IN"
+ " (SELECT task FROM task_users WHERE user ="
+ " (SELECT ROWID FROM users"
+ " WHERE users.uuid = '%s')"
+ " AND actions & %u = %u));",
+ resource,
+ uuid,
+ current_credentials.uuid,
+ current_credentials.uuid,
+ actions,
+ actions);
+
+ if (strcmp (resource, "lsc_credential") == 0)
+ return sql_int (0, 0,
+ "SELECT count(*) FROM tasks, targets"
+ " WHERE tasks.target = targets.ROWID"
+ " AND (targets.lsc_credential ="
+ " (SELECT %ss.ROWID FROM %ss WHERE uuid = '%s')"
+ " OR"
+ " targets.smb_lsc_credential ="
+ " (SELECT %ss.ROWID FROM %ss WHERE uuid = '%s'))"
+ " AND"
+ " ((tasks.owner IS NULL) OR (tasks.owner ="
+ " (SELECT users.ROWID FROM users WHERE users.uuid = '%s'))"
+ " OR tasks.ROWID IN"
+ " (SELECT task FROM task_users WHERE user ="
+ " (SELECT users.ROWID FROM users"
+ " WHERE users.uuid = '%s')"
+ " AND actions & %u = %u));",
+ resource,
+ resource,
+ uuid,
+ resource,
+ resource,
+ uuid,
+ current_credentials.uuid,
+ current_credentials.uuid,
+ actions,
+ actions);
+
+ if (strcmp (resource, "task"))
+ return sql_int (0, 0,
+ "SELECT count(*) FROM tasks"
+ " WHERE %s = (SELECT ROWID FROM %ss WHERE uuid = '%s')"
+ " AND"
+ " ((owner IS NULL) OR (owner ="
+ " (SELECT users.ROWID FROM users WHERE users.uuid = '%s'))"
+ " OR ROWID IN"
+ " (SELECT task FROM task_users WHERE user ="
+ " (SELECT ROWID FROM users"
+ " WHERE users.uuid = '%s')"
+ " AND actions & %u = %u));",
+ resource,
+ resource,
+ uuid,
+ current_credentials.uuid,
+ current_credentials.uuid,
+ actions,
+ actions);
+
+ ret = sql_int (0, 0,
+ "SELECT count(*) FROM %ss"
+ " WHERE uuid = '%s'"
+ " AND ((owner IS NULL) OR (owner ="
+ " (SELECT users.ROWID FROM users WHERE users.uuid = '%s'))"
+ " OR ROWID IN"
+ " (SELECT %s FROM %s_users WHERE user ="
+ " (SELECT ROWID FROM users"
+ " WHERE users.uuid = '%s')"
+ " AND actions & %u = %u));",
+ resource,
+ uuid,
+ current_credentials.uuid,
+ resource,
+ resource,
+ current_credentials.uuid,
+ actions,
+ actions);
+
+ return ret;
+}
+
+/**
* @brief Test whether a user owns a resource.
*
* @param[in] resource Type of resource, for example "task".
@@ -1114,6 +1258,7 @@
sql ("CREATE TABLE IF NOT EXISTS task_escalators (id INTEGER PRIMARY KEY, task INTEGER, escalator INTEGER, escalator_location INTEGER);");
sql ("CREATE TABLE IF NOT EXISTS task_preferences (id INTEGER PRIMARY KEY, task INTEGER, name, value);");
sql ("CREATE TABLE IF NOT EXISTS tasks (id INTEGER PRIMARY KEY, uuid, owner INTEGER, name, hidden INTEGER, time, comment, description, run_status INTEGER, start_time, end_time, config INTEGER, target INTEGER, schedule INTEGER, schedule_next_time, slave INTEGER, config_location INTEGER, target_location INTEGER, schedule_location INTEGER, slave_location INTEGER, upload_result_count INTEGER);");
+ sql ("CREATE TABLE IF NOT EXISTS task_users (id INTEGER PRIMARY KEY, task INTEGER, user INTEGER, actions INTEGER);");
sql ("CREATE TABLE IF NOT EXISTS users (id INTEGER PRIMARY KEY, uuid UNIQUE, name, password);");
sql ("ANALYZE;");
@@ -5358,6 +5503,88 @@
}
�
+/* Access control. */
+
+/** @brief Define an iterator row accessor function.
+ *
+ * @param[in] name Name of function.
+ * @param[in] col Column number to access.
+ */
+#define DEF_ACCESS(name, col) \
+const char* \
+name (iterator_t* iterator) \
+{ \
+ const char *ret; \
+ if (iterator->done) return NULL; \
+ ret = (const char*) sqlite3_column_text (iterator->stmt, col); \
+ return ret; \
+}
+
+/**
+ * @brief Initialise an escalator data iterator.
+ *
+ * @param[in] iterator Iterator.
+ * @param[in] task Task.
+ * @param[in] action Action.
+ */
+void
+init_task_user_iterator (iterator_t *iterator, task_t task, action_t action)
+{
+ init_iterator (iterator,
+ "SELECT task_users.ROWID, task, user, actions,"
+ " (SELECT name FROM users WHERE users.ROWID = task_users.user)"
+ " FROM task_users"
+ " WHERE task = %llu AND actions & %u = %u;",
+ task,
+ action,
+ action);
+}
+
+/**
+ * @brief Return the task from a task user iterator.
+ *
+ * @param[in] iterator Iterator.
+ *
+ * @return Task of the iterator or NULL if iteration is complete.
+ */
+task_t
+task_user_iterator_task (iterator_t* iterator)
+{
+ if (iterator->done) return 0;
+ return sqlite3_column_int64 (iterator->stmt, 1);
+}
+
+/**
+ * @brief Return the user from a user user iterator.
+ *
+ * @param[in] iterator Iterator.
+ *
+ * @return User of the iterator or NULL if iteration is complete.
+ */
+user_t
+task_user_iterator_user (iterator_t* iterator)
+{
+ if (iterator->done) return 0;
+ return sqlite3_column_int64 (iterator->stmt, 2);
+}
+
+/**
+ * @brief Return the actions from a actions user iterator.
+ *
+ * @param[in] iterator Iterator.
+ *
+ * @return Actions of the iterator or NULL if iteration is complete.
+ */
+int
+task_user_iterator_actions (iterator_t* iterator)
+{
+ if (iterator->done) return 0;
+ return sqlite3_column_int64 (iterator->stmt, 3);
+}
+
+DEF_ACCESS (task_user_iterator_name, 4);
+
+�
/* Events and Escalators. */
/**
@@ -7363,49 +7590,129 @@
}
/**
+ * @brief Initialise a task iterator, limited to current user's tasks.
+ *
+ * @param[in] iterator Task iterator.
+ * @param[in] task Task to limit iteration to. 0 for all.
+ * @param[in] trash Whether to iterate over trashcan tasks.
+ * @param[in] ascending Whether to sort ascending or descending.
+ * @param[in] sort_field Field to sort on, or NULL for "ROWID".
+ */
+void
+init_user_task_iterator (iterator_t* iterator,
+ task_t task,
+ int trash,
+ int ascending,
+ const char *sort_field)
+{
+ assert (current_credentials.uuid);
+
+ if (task)
+ init_iterator (iterator,
+ "SELECT ROWID, uuid, run_status FROM tasks"
+ /* Include NULL so everyone can see the example task. */
+ " WHERE ((owner IS NULL) OR owner ="
+ " (SELECT ROWID FROM users"
+ " WHERE users.uuid = '%s'))"
+ " AND ROWID = %llu"
+ "%s"
+ " ORDER BY %s %s;",
+ current_credentials.uuid,
+ task,
+ trash ? " AND hidden = 2" : " AND hidden < 2",
+ sort_field ? sort_field : "ROWID",
+ ascending ? "ASC" : "DESC");
+ else
+ init_iterator (iterator,
+ "SELECT ROWID, uuid, run_status FROM tasks WHERE owner ="
+ " (SELECT ROWID FROM users"
+ " WHERE users.uuid = '%s')"
+ "%s"
+ " ORDER BY %s %s;",
+ current_credentials.uuid,
+ trash ? " AND hidden = 2" : " AND hidden < 2",
+ sort_field ? sort_field : "ROWID",
+ ascending ? "ASC" : "DESC");
+}
+
+/**
* @brief Initialise a task iterator.
*
- * If there is a current user select that user's tasks, otherwise select
- * all tasks.
+ * If there is a current user select that user's tasks and any tasks that user
+ * is observing (according to actions_string), otherwise select all tasks.
*
* @param[in] iterator Task iterator.
* @param[in] task Task to limit iteration to. 0 for all.
* @param[in] trash Whether to iterate over trashcan tasks.
* @param[in] ascending Whether to sort ascending or descending.
* @param[in] sort_field Field to sort on, or NULL for "ROWID".
+ * @param[in] actions_string Actions.
*/
void
init_task_iterator (iterator_t* iterator,
task_t task,
int trash,
int ascending,
- const char *sort_field)
+ const char *sort_field,
+ const char *actions_string)
{
if (current_credentials.uuid)
{
+ int actions;
+
+ if (actions_string == NULL || strlen (actions_string) == 0)
+ {
+ init_user_task_iterator (iterator, task, trash, ascending, sort_field);
+ return;
+ }
+
+ actions = parse_actions (actions_string);
+
+ if (actions == 0)
+ {
+ init_user_task_iterator (iterator, task, trash, ascending, sort_field);
+ return;
+ }
+
if (task)
init_iterator (iterator,
"SELECT ROWID, uuid, run_status FROM tasks"
/* Include NULL so everyone can see the example task. */
" WHERE ((owner IS NULL) OR owner ="
" (SELECT ROWID FROM users"
- " WHERE users.uuid = '%s'))"
+ " WHERE users.uuid = '%s')"
+ " OR ROWID IN"
+ " (SELECT task FROM task_users WHERE user ="
+ " (SELECT ROWID FROM users"
+ " WHERE users.uuid = '%s')"
+ " AND actions & %u = %u))"
" AND ROWID = %llu"
"%s"
" ORDER BY %s %s;",
current_credentials.uuid,
+ current_credentials.uuid,
+ actions,
+ actions,
task,
trash ? " AND hidden = 2" : " AND hidden < 2",
sort_field ? sort_field : "ROWID",
ascending ? "ASC" : "DESC");
else
init_iterator (iterator,
- "SELECT ROWID, uuid, run_status FROM tasks WHERE owner ="
+ "SELECT ROWID, uuid, run_status FROM tasks WHERE (owner ="
" (SELECT ROWID FROM users"
" WHERE users.uuid = '%s')"
+ " OR ROWID IN"
+ " (SELECT task FROM task_users WHERE user ="
+ " (SELECT ROWID FROM users"
+ " WHERE users.uuid = '%s')"
+ " AND actions & %u = %u))"
"%s"
" ORDER BY %s %s;",
current_credentials.uuid,
+ current_credentials.uuid,
+ actions,
+ actions,
trash ? " AND hidden = 2" : " AND hidden < 2",
sort_field ? sort_field : "ROWID",
ascending ? "ASC" : "DESC");
@@ -8381,7 +8688,7 @@
/* Set requested, paused and running tasks to stopped. */
assert (current_credentials.uuid == NULL);
- init_task_iterator (&tasks, 0, 0, 1, NULL);
+ init_task_iterator (&tasks, 0, 0, 1, NULL, NULL);
while (next (&tasks))
{
switch (task_iterator_run_status (&tasks))
@@ -8693,6 +9000,35 @@
}
/**
+ * @brief Return the observers of a task.
+ *
+ * @param[in] task Task.
+ *
+ * @return Observers of task.
+ */
+char*
+task_observers (task_t task)
+{
+ iterator_t users;
+ GString *observers;
+
+ observers = g_string_new ("");
+
+ init_task_user_iterator (&users, task, MANAGE_ACTION_GET);
+ if (next (&users))
+ {
+ g_string_append (observers, task_user_iterator_name (&users));
+ while (next (&users))
+ g_string_append_printf (observers,
+ " %s",
+ task_user_iterator_name (&users));
+ }
+ cleanup_iterator (&users);
+
+ return observers->str;
+}
+
+/**
* @brief Return the config of a task.
*
* @param[in] task Task.
@@ -9732,6 +10068,161 @@
}
/**
+ * @brief Find a user given an identifier.
+ *
+ * @param[in] uuid A user identifier.
+ * @param[out] user User return, 0 if succesfully failed to find user.
+ *
+ * @return FALSE on success (including if failed to find user), TRUE on error.
+ */
+static gboolean
+find_user (const char* name, user_t *user)
+{
+ gchar *quoted_name;
+ quoted_name = sql_quote (name);
+ switch (sql_int64 (user, 0, 0,
+ "SELECT ROWID FROM users WHERE name = '%s'",
+ quoted_name))
+ {
+ case 0:
+ break;
+ case 1: /* Too few rows in result of query. */
+ *user = 0;
+ break;
+ default: /* Programming error. */
+ assert (0);
+ case -1:
+ g_free (quoted_name);
+ return TRUE;
+ break;
+ }
+
+ g_free (quoted_name);
+ return FALSE;
+}
+
+/**
+ * @brief Set the observers of a task.
+ *
+ * @param[in] task Task.
+ * @param[in] observers Observers.
+ *
+ * @return 0 success, -1 error, 1 user name validation failed, 2 failed to find
+ * user.
+ */
+int
+set_task_observers (task_t task, const gchar *observers)
+{
+ gchar **split, **point;
+ GList *added;
+
+ assert (current_credentials.username);
+
+ added = NULL;
+ split = g_strsplit (observers, " ", 0);
+
+ sql ("BEGIN IMMEDIATE;");
+
+ sql ("DELETE FROM task_users WHERE task = %llu;", task);
+
+ point = split;
+ while (*point)
+ {
+ user_t user;
+ gchar *name;
+
+ name = *point;
+
+ g_strstrip (name);
+
+ if ((strcmp (name, current_credentials.username) == 0)
+ || g_list_find_custom (added, name, (GCompareFunc) strcmp))
+ {
+ point++;
+ continue;
+ }
+
+ added = g_list_prepend (added, name);
+
+ if (openvas_user_exists (name) == 0)
+ {
+ g_list_free (added);
+ g_strfreev (split);
+ sql ("ROLLBACK;");
+ return 2;
+ }
+
+ if (find_user (name, &user))
+ {
+ g_list_free (added);
+ g_strfreev (split);
+ sql ("ROLLBACK;");
+ return -1;
+ }
+
+ if (user == 0)
+ {
+ gchar *uuid;
+
+ /** @todo Similar to validate_user in openvas-administrator. */
+ if (g_regex_match_simple ("^[[:alnum:]-_]+$", name, 0, 0) == 0)
+ {
+ g_list_free (added);
+ g_strfreev (split);
+ sql ("ROLLBACK;");
+ return 1;
+ }
+
+ uuid = openvas_user_uuid (name);
+
+ if (uuid == NULL)
+ {
+ g_list_free (added);
+ g_strfreev (split);
+ sql ("ROLLBACK;");
+ return -1;
+ }
+
+ if (sql_int (0, 0,
+ "SELECT count(*) FROM users WHERE uuid = '%s';",
+ uuid)
+ == 0)
+ {
+ gchar *quoted_name;
+ quoted_name = sql_quote (name);
+ sql ("INSERT INTO users (uuid, name) VALUES ('%s', '%s');",
+ uuid,
+ quoted_name);
+ g_free (quoted_name);
+
+ user = sqlite3_last_insert_rowid (task_db);
+ }
+ else
+ {
+ /* user_find should have found it. */
+ assert (0);
+ g_list_free (added);
+ g_strfreev (split);
+ sql ("ROLLBACK;");
+ return -1;
+ }
+ }
+
+ sql ("INSERT INTO task_users (task, user, actions)"
+ " VALUES (%llu, %llu, %llu)",
+ task, user, (unsigned long long int) MANAGE_ACTION_GET);
+
+ point++;
+ }
+
+ g_list_free (added);
+ g_strfreev (split);
+ sql ("COMMIT;");
+ return 0;
+}
+
+
+/**
* @brief Generate rcfile in task from config and target.
*
* @param[in] task The task.
@@ -9983,16 +10474,6 @@
�
/* Prognostics. */
-#define DEF_ACCESS(name, col) \
-const char* \
-name (iterator_t* iterator) \
-{ \
- const char *ret; \
- if (iterator->done) return NULL; \
- ret = (const char*) sqlite3_column_text (iterator->stmt, col); \
- return ret; \
-}
-
/**
* @brief Initialise a prognosis iterator.
*
@@ -12905,7 +13386,8 @@
int* logs, int* warnings, int* false_positives, int override)
{
report_t report;
- if (find_report (report_id, &report)) return -1;
+ if (find_report_for_actions (report_id, &report, "g"))
+ return -1;
return report_counts_id (report, debugs, holes, infos, logs, warnings,
false_positives, override, NULL);
}
@@ -18386,7 +18868,7 @@
{
iterator_t tasks;
- init_task_iterator (&tasks, 0, 1, 1, NULL);
+ init_user_task_iterator (&tasks, 0, 1, 1, NULL);
while (next (&tasks))
{
task_t task;
@@ -18520,6 +19002,43 @@
}
/**
+ * @brief Find a task for an action, given an identifier.
+ *
+ * @param[in] uuid A task identifier.
+ * @param[out] task Task return, 0 if succesfully failed to find task.
+ * @param[in] actions Actions.
+ *
+ * @return FALSE on success (including if failed to find task), TRUE on error.
+ */
+gboolean
+find_task_for_actions (const char* uuid, task_t* task, const char *actions)
+{
+ if (user_has_access_uuid ("task", uuid, actions) == 0)
+ {
+ *task = 0;
+ return FALSE;
+ }
+ switch (sql_int64 (task, 0, 0,
+ "SELECT ROWID FROM tasks WHERE uuid = '%s'"
+ " AND hidden != 2;",
+ uuid))
+ {
+ case 0:
+ break;
+ case 1: /* Too few rows in result of query. */
+ *task = 0;
+ break;
+ default: /* Programming error. */
+ assert (0);
+ case -1:
+ return TRUE;
+ break;
+ }
+
+ return FALSE;
+}
+
+/**
* @brief Find a task in the trashcan, given an identifier.
*
* @param[in] uuid A task identifier.
@@ -18591,6 +19110,43 @@
}
/**
+ * @brief Find a report given an identifier.
+ *
+ * @param[in] uuid A report identifier.
+ * @param[out] report Report return, 0 if succesfully failed to find report.
+ * @param[in] actions Actions.
+ *
+ * @return FALSE on success (including if failed to find report), TRUE on error.
+ */
+gboolean
+find_report_for_actions (const char* uuid, report_t* report,
+ const char *actions)
+{
+ if (user_has_access_uuid ("report", uuid, actions) == 0)
+ {
+ *report = 0;
+ return FALSE;
+ }
+ switch (sql_int64 (report, 0, 0,
+ "SELECT ROWID FROM reports WHERE uuid = '%s';",
+ uuid))
+ {
+ case 0:
+ break;
+ case 1: /* Too few rows in result of query. */
+ *report = 0;
+ break;
+ default: /* Programming error. */
+ assert (0);
+ case -1:
+ return TRUE;
+ break;
+ }
+
+ return FALSE;
+}
+
+/**
* @brief Reset all running information for a task.
*
* @param[in] task Task.
@@ -18784,6 +19340,47 @@
}
/**
+ * @brief Find a target for a set of actions, given a UUID.
+ *
+ * @param[in] uuid UUID of target.
+ * @param[out] target Target return, 0 if succesfully failed to find target.
+ * @param[in] actions Actions.
+ *
+ * @return FALSE on success (including if failed to find target), TRUE on error.
+ */
+gboolean
+find_target_for_actions (const char* uuid, target_t* target,
+ const char *actions)
+{
+ gchar *quoted_uuid = sql_quote (uuid);
+ if (user_has_access_uuid ("target", quoted_uuid, actions) == 0)
+ {
+ g_free (quoted_uuid);
+ *target = 0;
+ return FALSE;
+ }
+ switch (sql_int64 (target, 0, 0,
+ "SELECT ROWID FROM targets WHERE uuid = '%s';",
+ quoted_uuid))
+ {
+ case 0:
+ break;
+ case 1: /* Too few rows in result of query. */
+ *target = 0;
+ break;
+ default: /* Programming error. */
+ assert (0);
+ case -1:
+ g_free (quoted_uuid);
+ return TRUE;
+ break;
+ }
+
+ g_free (quoted_uuid);
+ return FALSE;
+}
+
+/**
* @brief Make a copy of a target.
*
* @param[in] target Target to copy.
@@ -19581,7 +20178,7 @@
}
/**
- * @brief Initialise a target iterator.
+ * @brief Initialise a target iterator, limited to the current user's targets.
*
* @param[in] iterator Iterator.
* @param[in] target Target to limit iteration to. 0 for all.
@@ -19590,8 +20187,8 @@
* @param[in] sort_field Field to sort on, or NULL for "ROWID".
*/
void
-init_target_iterator (iterator_t* iterator, target_t target, int trash,
- int ascending, const char* sort_field)
+init_user_target_iterator (iterator_t* iterator, target_t target, int trash,
+ int ascending, const char* sort_field)
{
assert (current_credentials.uuid);
@@ -19628,6 +20225,97 @@
}
/**
+ * @brief Initialise a target iterator, including observed targets.
+ *
+ * @param[in] iterator Iterator.
+ * @param[in] target Target to limit iteration to. 0 for all.
+ * @param[in] trash Whether to iterate over trashcan targets.
+ * @param[in] ascending Whether to sort ascending or descending.
+ * @param[in] sort_field Field to sort on, or NULL for "ROWID".
+ * @param[in] actions_string Actions.
+ */
+void
+init_target_iterator (iterator_t* iterator, target_t target, int trash,
+ int ascending, const char* sort_field,
+ const char *actions_string)
+{
+ int actions;
+
+ assert (current_credentials.uuid);
+
+ if (actions_string == NULL || strlen (actions_string) == 0)
+ {
+ init_user_target_iterator (iterator, target, trash, ascending,
+ sort_field);
+ return;
+ }
+
+ actions = parse_actions (actions_string);
+
+ if (actions == 0)
+ {
+ init_user_target_iterator (iterator, target, trash, ascending,
+ sort_field);
+ return;
+ }
+
+ if (target)
+ init_iterator (iterator,
+ "SELECT ROWID, uuid, name, hosts, comment, lsc_credential,"
+ " ssh_port, smb_lsc_credential, port_range, %s, %s"
+ " FROM targets%s"
+ " WHERE ROWID = %llu"
+ " AND"
+ " ((owner IS NULL) OR (owner ="
+ " (SELECT ROWID FROM users WHERE users.uuid = '%s'))"
+ " OR"
+ " (SELECT tasks.ROWID FROM tasks"
+ " WHERE target = targets.ROWID)"
+ " IN"
+ " (SELECT task FROM task_users WHERE user ="
+ " (SELECT ROWID FROM users"
+ " WHERE users.uuid = '%s')"
+ " AND actions & %u = %u))"
+ " ORDER BY %s %s;",
+ trash ? "ssh_location" : "0",
+ trash ? "smb_location" : "0",
+ trash ? "_trash" : "",
+ target,
+ current_credentials.uuid,
+ current_credentials.uuid,
+ actions,
+ actions,
+ sort_field ? sort_field : "ROWID",
+ ascending ? "ASC" : "DESC");
+ else
+ init_iterator (iterator,
+ "SELECT ROWID, uuid, name, hosts, comment, lsc_credential,"
+ " ssh_port, smb_lsc_credential, port_range, %s, %s"
+ " FROM targets%s"
+ " WHERE"
+ " ((owner IS NULL) OR (owner ="
+ " (SELECT ROWID FROM users WHERE users.uuid = '%s'))"
+ " OR"
+ " (SELECT tasks.ROWID FROM tasks"
+ " WHERE target = targets.ROWID)"
+ " IN"
+ " (SELECT task FROM task_users WHERE user ="
+ " (SELECT ROWID FROM users"
+ " WHERE users.uuid = '%s')"
+ " AND actions & %u = %u))"
+ " ORDER BY %s %s;",
+ trash ? "ssh_location" : "0",
+ trash ? "smb_location" : "0",
+ trash ? "_trash" : "",
+ current_credentials.uuid,
+ current_credentials.uuid,
+ actions,
+ actions,
+ sort_field ? sort_field : "ROWID",
+ ascending ? "ASC" : "DESC");
+}
+
+/**
* @brief Get the target from a target iterator.
*
* @param[in] iterator Iterator.
@@ -20095,6 +20783,46 @@
}
/**
+ * @brief Find a config for a set of actions, given a UUID.
+ *
+ * @param[in] uuid Config UUID.
+ * @param[out] config Config return, 0 if succesfully failed to find config.
+ * @param[in] actions Actions.
+ *
+ * @return FALSE on success (including if failed to find config), TRUE on error.
+ */
+gboolean
+find_config_for_actions (const char* uuid, config_t* config,
+ const char *actions)
+{
+ gchar *quoted_uuid = sql_quote (uuid);
+ if (user_has_access_uuid ("config", quoted_uuid, actions) == 0)
+ {
+ g_free (quoted_uuid);
+ *config = 0;
+ return FALSE;
+ }
+ switch (sql_int64 (config, 0, 0,
+ "SELECT ROWID FROM configs WHERE uuid = '%s';",
+ quoted_uuid))
+ {
+ case 0:
+ break;
+ case 1: /* Too few rows in result of query. */
+ *config = 0;
+ break;
+ default: /* Programming error. */
+ assert (0);
+ case -1:
+ g_free (quoted_uuid);
+ return TRUE;
+ break;
+ }
+ g_free (quoted_uuid);
+ return FALSE;
+}
+
+/**
* @brief Insert preferences into a config.
*
* @param[in] config Config.
@@ -21093,7 +21821,7 @@
#define CONFIG_ITERATOR_FIELDS "ROWID, uuid, name, nvt_selector, comment, families_growing, nvts_growing"
/**
- * @brief Initialise a config iterator.
+ * @brief Initialise a config iterator, limited to user's configs.
*
* @param[in] iterator Iterator.
* @param[in] config Config. 0 for all.
@@ -21102,9 +21830,8 @@
* @param[in] sort_field Field to sort on, or NULL for "ROWID".
*/
void
-init_config_iterator (iterator_t* iterator, config_t config, int trash,
- int ascending, const char* sort_field)
-
+init_user_config_iterator (iterator_t* iterator, config_t config, int trash,
+ int ascending, const char* sort_field)
{
gchar *sql;
@@ -21139,6 +21866,92 @@
}
/**
+ * @brief Initialise a config iterator.
+ *
+ * @param[in] iterator Iterator.
+ * @param[in] config Config. 0 for all.
+ * @param[in] trash Whether to iterate over trashcan configs.
+ * @param[in] ascending Whether to sort ascending or descending.
+ * @param[in] sort_field Field to sort on, or NULL for "ROWID".
+ * @param[in] actions_string Actions.
+ */
+void
+init_config_iterator (iterator_t* iterator, config_t config, int trash,
+ int ascending, const char* sort_field,
+ const char *actions_string)
+{
+ gchar *sql;
+ int actions;
+
+ assert (current_credentials.uuid);
+
+ if (actions_string == NULL || strlen (actions_string) == 0)
+ {
+ init_user_config_iterator (iterator, config, trash, ascending,
+ sort_field);
+ return;
+ }
+
+ actions = parse_actions (actions_string);
+
+ if (actions == 0)
+ {
+ init_user_config_iterator (iterator, config, trash, ascending,
+ sort_field);
+ return;
+ }
+
+ if (config)
+ sql = g_strdup_printf ("SELECT " CONFIG_ITERATOR_FIELDS
+ " FROM configs%s"
+ " WHERE ROWID = %llu"
+ " AND"
+ " ((owner IS NULL) OR (owner ="
+ " (SELECT ROWID FROM users WHERE users.uuid = '%s'))"
+ " OR"
+ " (SELECT tasks.ROWID FROM tasks"
+ " WHERE config = configs.ROWID)"
+ " IN"
+ " (SELECT task FROM task_users WHERE user ="
+ " (SELECT ROWID FROM users"
+ " WHERE users.uuid = '%s')"
+ " AND actions & %u = %u))"
+ " ORDER BY %s %s;",
+ trash ? "_trash" : "",
+ config,
+ current_credentials.uuid,
+ current_credentials.uuid,
+ actions,
+ actions,
+ sort_field ? sort_field : "ROWID",
+ ascending ? "ASC" : "DESC");
+ else
+ sql = g_strdup_printf ("SELECT " CONFIG_ITERATOR_FIELDS
+ " FROM configs%s"
+ " WHERE"
+ " ((owner IS NULL) OR (owner ="
+ " (SELECT ROWID FROM users WHERE users.uuid = '%s'))"
+ " OR"
+ " (SELECT tasks.ROWID FROM tasks"
+ " WHERE config = config.ROWID)"
+ " IN"
+ " (SELECT task FROM task_users WHERE user ="
+ " (SELECT ROWID FROM users"
+ " WHERE users.uuid = '%s')"
+ " AND actions & %u = %u))"
+ " ORDER BY %s %s;",
+ trash ? "_trash" : "",
+ current_credentials.uuid,
+ current_credentials.uuid,
+ actions,
+ actions,
+ sort_field ? sort_field : "ROWID",
+ ascending ? "ASC" : "DESC");
+ init_iterator (iterator, sql);
+ g_free (sql);
+}
+
+/**
* @brief Get the config from a config iterator.
*
* @param[in] iterator Iterator.
@@ -22529,7 +23342,7 @@
{
iterator_t configs;
- init_config_iterator (&configs, config, 0, 1, NULL);
+ init_user_config_iterator (&configs, config, 0, 1, NULL);
while (next (&configs))
update_config_cache (&configs);
cleanup_iterator (&configs);
@@ -24473,6 +25286,50 @@
}
/**
+ * @brief Find an LSC credential given a UUID.
+ *
+ * @param[in] uuid UUID of LSC credential.
+ * @param[out] lsc_credential LSC credential return, 0 if succesfully failed
+ * to find credential.
+ * @param[in] actions_string Actions.
+ *
+ * @return FALSE on success (including if failed to find LSC credential),
+ * TRUE on error.
+ */
+gboolean
+find_lsc_credential_for_actions (const char* uuid,
+ lsc_credential_t* lsc_credential,
+ const char *actions)
+{
+ gchar *quoted_uuid = sql_quote (uuid);
+ if (user_has_access_uuid ("lsc_credential", quoted_uuid, actions) == 0)
+ {
+ g_free (quoted_uuid);
+ *lsc_credential = 0;
+ return FALSE;
+ }
+ switch (sql_int64 (lsc_credential, 0, 0,
+ "SELECT ROWID FROM lsc_credentials WHERE uuid = '%s';",
+ quoted_uuid))
+ {
+ case 0:
+ break;
+ case 1: /* Too few rows in result of query. */
+ *lsc_credential = 0;
+ break;
+ default: /* Programming error. */
+ assert (0);
+ case -1:
+ g_free (quoted_uuid);
+ return TRUE;
+ break;
+ }
+
+ g_free (quoted_uuid);
+ return FALSE;
+}
+
+/**
* @brief Length of password generated in create_lsc_credential.
*/
#define PASSWORD_LENGTH 10
@@ -24864,7 +25721,7 @@
}
/**
- * @brief Initialise an LSC Credential iterator.
+ * @brief Initialise an LSC Credential iterator, limiting to user's credentials.
*
* @param[in] iterator Iterator.
* @param[in] lsc_credential Single LSC credential to iterate, 0 for all.
@@ -24873,9 +25730,9 @@
* @param[in] sort_field Field to sort on, or NULL for "ROWID".
*/
void
-init_lsc_credential_iterator (iterator_t* iterator,
- lsc_credential_t lsc_credential, int trash,
- int ascending, const char* sort_field)
+init_user_lsc_credential_iterator (iterator_t* iterator,
+ lsc_credential_t lsc_credential, int trash,
+ int ascending, const char* sort_field)
{
assert (current_credentials.uuid);
@@ -24924,6 +25781,120 @@
}
/**
+ * @brief Initialise an LSC Credential iterator, limiting to user's credentials.
+ *
+ * @param[in] iterator Iterator.
+ * @param[in] lsc_credential Single LSC credential to iterate, 0 for all.
+ * @param[in] trash Whether to iterate over trashcan credentials.
+ * @param[in] ascending Whether to sort ascending or descending.
+ * @param[in] sort_field Field to sort on, or NULL for "ROWID".
+ * @param[in] actions_string Actions.
+ */
+void
+init_lsc_credential_iterator (iterator_t* iterator,
+ lsc_credential_t lsc_credential, int trash,
+ int ascending, const char* sort_field,
+ const char *actions_string)
+{
+ int actions;
+
+ assert (current_credentials.uuid);
+
+ if (actions_string == NULL || strlen (actions_string) == 0)
+ {
+ init_user_lsc_credential_iterator (iterator, lsc_credential, trash,
+ ascending, sort_field);
+ return;
+ }
+
+ actions = parse_actions (actions_string);
+
+ if (actions == 0)
+ {
+ init_user_lsc_credential_iterator (iterator, lsc_credential, trash,
+ ascending, sort_field);
+ return;
+ }
+
+ if (lsc_credential)
+ init_iterator (iterator,
+ "SELECT ROWID, uuid, name, login, password, comment,"
+ " public_key, private_key, rpm, deb, exe,"
+ " (SELECT count(*) > 0 FROM targets%s"
+ " WHERE lsc_credential = lsc_credentials%s.ROWID)"
+ " + (SELECT count(*) > 0 FROM targets%s"
+ " WHERE smb_lsc_credential = lsc_credentials%s.ROWID)"
+ " FROM lsc_credentials%s"
+ " WHERE ROWID = %llu"
+ " AND"
+ " ((owner IS NULL) OR (owner ="
+ " (SELECT ROWID FROM users WHERE users.uuid = '%s'))"
+ " OR"
+ " (SELECT tasks.ROWID FROM tasks"
+ " WHERE tasks.target ="
+ " (SELECT ROWID FROM targets"
+ " WHERE lsc_credential = lsc_credentials%s.ROWID"
+ " OR smb_lsc_credential = lsc_credentials%s.ROWID))"
+ " IN"
+ " (SELECT task FROM task_users WHERE user ="
+ " (SELECT ROWID FROM users"
+ " WHERE users.uuid = '%s')"
+ " AND actions & %u = %u))"
+ " ORDER BY %s %s;",
+ trash ? "_trash" : "",
+ trash ? "_trash" : "",
+ trash ? "_trash" : "",
+ trash ? "_trash" : "",
+ trash ? "_trash" : "",
+ lsc_credential,
+ current_credentials.uuid,
+ trash ? "_trash" : "",
+ trash ? "_trash" : "",
+ current_credentials.uuid,
+ actions,
+ actions,
+ sort_field ? sort_field : "ROWID",
+ ascending ? "ASC" : "DESC");
+ else
+ init_iterator (iterator,
+ "SELECT ROWID, uuid, name, login, password, comment,"
+ " public_key, private_key, rpm, deb, exe,"
+ " (SELECT count(*) > 0 FROM targets%s"
+ " WHERE lsc_credential = lsc_credentials%s.ROWID)"
+ " + (SELECT count(*) > 0 FROM targets%s"
+ " WHERE smb_lsc_credential = lsc_credentials%s.ROWID)"
+ " FROM lsc_credentials%s"
+ " WHERE"
+ " ((owner IS NULL) OR (owner ="
+ " (SELECT ROWID FROM users WHERE users.uuid = '%s'))"
+ " OR"
+ " (SELECT tasks.ROWID FROM tasks"
+ " WHERE target ="
+ " (SELECT ROWID FROM targets"
+ " WHERE lsc_credential = lsc_credentials%s.ROWID"
+ " OR smb_lsc_credential = lsc_credentials%s.ROWID))"
+ " IN"
+ " (SELECT task FROM task_users WHERE user ="
+ " (SELECT ROWID FROM users"
+ " WHERE users.uuid = '%s')"
+ " AND actions & %u = %u))"
+ " ORDER BY %s %s;",
+ trash ? "_trash" : "",
+ trash ? "_trash" : "",
+ trash ? "_trash" : "",
+ trash ? "_trash" : "",
+ trash ? "_trash" : "",
+ current_credentials.uuid,
+ trash ? "_trash" : "",
+ trash ? "_trash" : "",
+ current_credentials.uuid,
+ actions,
+ actions,
+ sort_field ? sort_field : "ROWID",
+ ascending ? "ASC" : "DESC");
+}
+
+/**
* @brief Get the LSC credential from an LSC credential iterator.
*
* @param[in] iterator Iterator.
Modified: trunk/openvas-manager/src/omp.c
===================================================================
--- trunk/openvas-manager/src/omp.c 2011-09-21 04:34:36 UTC (rev 11647)
+++ trunk/openvas-manager/src/omp.c 2011-09-21 13:46:10 UTC (rev 11648)
@@ -1520,6 +1520,7 @@
*/
typedef struct
{
+ char *actions; ///< Actions.
int export; ///< Boolean. Whether to format for create_config.
int families; ///< Boolean. Whether to include config families.
char *config_id; ///< ID of single config to iterate over.
@@ -1537,6 +1538,7 @@
static void
get_configs_data_reset (get_configs_data_t *data)
{
+ free (data->actions);
free (data->config_id);
free (data->sort_field);
@@ -1594,6 +1596,7 @@
*/
typedef struct
{
+ char *actions; ///< Actions.
char *format; ///< Format requested: "key", "deb", ....
char *lsc_credential_id; ///< Single LSC credential to iterate over.
char *sort_field; ///< Field to sort results on.
@@ -1609,6 +1612,7 @@
static void
get_lsc_credentials_data_reset (get_lsc_credentials_data_t *data)
{
+ free (data->actions);
free (data->format);
free (data->lsc_credential_id);
free (data->sort_field);
@@ -1650,6 +1654,7 @@
*/
typedef struct
{
+ char *actions; ///< Actions.
char *config_id; ///< ID of config to which to limit NVT selection.
int details; ///< Boolean. Whether to include full NVT details.
char *family; ///< Name of family to which to limit NVT selection.
@@ -1669,6 +1674,7 @@
static void
get_nvts_data_reset (get_nvts_data_t *data)
{
+ free (data->actions);
free (data->config_id);
free (data->family);
free (data->nvt_oid);
@@ -1966,6 +1972,7 @@
*/
typedef struct
{
+ char *actions; ///< Actions.
char *sort_field; ///< Field to sort results on.
int sort_order; ///< Result sort order: 0 descending, else ascending.
char *target_id; ///< ID of single target to get.
@@ -1981,6 +1988,7 @@
static void
get_targets_data_reset (get_targets_data_t *data)
{
+ free (data->actions);
free (data->target_id);
free (data->sort_field);
@@ -2018,6 +2026,7 @@
*/
typedef struct
{
+ char *actions; ///< Actions.
int apply_overrides; ///< Boolean. Whether to apply overrides.
int details; ///< Boolean. Whether to include task details.
char *task_id; ///< ID of single task to get.
@@ -2035,6 +2044,7 @@
static void
get_tasks_data_reset (get_tasks_data_t *data)
{
+ free (data->actions);
free (data->task_id);
free (data->sort_field);
@@ -2184,6 +2194,7 @@
char *file; ///< File to attach to task.
char *file_name; ///< Name of file to attach to task.
char *name; ///< New name for task.
+ char *observers; ///< Space separated list of observer user names.
name_value_t *preference; ///< Current preference.
array_t *preferences; ///< Preferences.
char *rcfile; ///< New definition for task, as an RC file.
@@ -2206,6 +2217,7 @@
free (data->file);
free (data->file_name);
free (data->name);
+ free (data->observers);
if (data->preferences)
{
guint index = data->preferences->len;
@@ -3289,6 +3301,7 @@
CLIENT_MODIFY_TASK_ESCALATOR,
CLIENT_MODIFY_TASK_FILE,
CLIENT_MODIFY_TASK_NAME,
+ CLIENT_MODIFY_TASK_OBSERVERS,
CLIENT_MODIFY_TASK_PREFERENCES,
CLIENT_MODIFY_TASK_PREFERENCES_PREFERENCE,
CLIENT_MODIFY_TASK_PREFERENCES_PREFERENCE_NAME,
@@ -4001,6 +4014,8 @@
const gchar* attribute;
append_attribute (attribute_names, attribute_values, "config_id",
&get_configs_data->config_id);
+ append_attribute (attribute_names, attribute_values, "actions",
+ &get_configs_data->actions);
if (find_attribute (attribute_names, attribute_values,
"families", &attribute))
get_configs_data->families = atoi (attribute);
@@ -4063,6 +4078,8 @@
append_attribute (attribute_names, attribute_values,
"lsc_credential_id",
&get_lsc_credentials_data->lsc_credential_id);
+ append_attribute (attribute_names, attribute_values, "actions",
+ &get_lsc_credentials_data->actions);
append_attribute (attribute_names, attribute_values, "format",
&get_lsc_credentials_data->format);
if (find_attribute (attribute_names, attribute_values,
@@ -4125,6 +4142,8 @@
else if (strcasecmp ("GET_NVTS", element_name) == 0)
{
const gchar* attribute;
+ append_attribute (attribute_names, attribute_values, "actions",
+ &get_nvts_data->actions);
append_attribute (attribute_names, attribute_values, "nvt_oid",
&get_nvts_data->nvt_oid);
append_attribute (attribute_names, attribute_values, "config_id",
@@ -4507,6 +4526,8 @@
const gchar* attribute;
append_attribute (attribute_names, attribute_values, "target_id",
&get_targets_data->target_id);
+ append_attribute (attribute_names, attribute_values, "actions",
+ &get_targets_data->actions);
if (find_attribute (attribute_names, attribute_values,
"tasks", &attribute))
get_targets_data->tasks = strcmp (attribute, "0");
@@ -4533,6 +4554,9 @@
append_attribute (attribute_names, attribute_values, "task_id",
&get_tasks_data->task_id);
+ append_attribute (attribute_names, attribute_values, "actions",
+ &get_tasks_data->actions);
+
if (find_attribute (attribute_names, attribute_values,
"rcfile", &attribute))
get_tasks_data->rcfile = atoi (attribute);
@@ -5722,6 +5746,11 @@
}
else if (strcasecmp ("NAME", element_name) == 0)
set_client_state (CLIENT_MODIFY_TASK_NAME);
+ else if (strcasecmp ("OBSERVERS", element_name) == 0)
+ {
+ openvas_append_string (&modify_task_data->observers, "");
+ set_client_state (CLIENT_MODIFY_TASK_OBSERVERS);
+ }
else if (strcasecmp ("PREFERENCES", element_name) == 0)
{
modify_task_data->preferences = make_array ();
@@ -9251,8 +9280,9 @@
}
}
else if (get_nvts_data->config_id
- && find_config (get_nvts_data->config_id,
- &config))
+ && find_config_for_actions (get_nvts_data->config_id,
+ &config,
+ get_nvts_data->actions))
SEND_TO_CLIENT_OR_FAIL
(XML_INTERNAL_ERROR ("get_nvts"));
else if (get_nvts_data->config_id && (config == 0))
@@ -9769,7 +9799,9 @@
if ((strcmp (get_reports_data->type, "scan") == 0)
&& get_reports_data->report_id
- && find_report (get_reports_data->report_id, &request_report))
+ && find_report_for_actions (get_reports_data->report_id,
+ &request_report,
+ "g"))
{
get_reports_data_reset (get_reports_data);
SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("get_reports"));
@@ -9779,7 +9811,9 @@
if (get_reports_data->delta_report_id
&& strcmp (get_reports_data->delta_report_id, "0")
- && find_report (get_reports_data->delta_report_id, &delta_report))
+ && find_report_for_actions (get_reports_data->delta_report_id,
+ &delta_report,
+ "g"))
{
get_reports_data_reset (get_reports_data);
SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("get_reports"));
@@ -11656,6 +11690,33 @@
}
}
+ if (fail == 0 && modify_task_data->observers)
+ {
+ fail = set_task_observers (task,
+ modify_task_data->observers);
+ switch (fail)
+ {
+ case 0:
+ break;
+ case 1:
+ case 2:
+ SEND_TO_CLIENT_OR_FAIL
+ (XML_ERROR_SYNTAX ("modify_task",
+ "User name error"));
+ g_log ("event task", G_LOG_LEVEL_MESSAGE,
+ "Task %s could not be modified",
+ modify_task_data->task_id);
+ break;
+ case -1:
+ default:
+ SEND_TO_CLIENT_OR_FAIL
+ (XML_INTERNAL_ERROR ("modify_task"));
+ g_log ("event task", G_LOG_LEVEL_MESSAGE,
+ "Task %s could not be modified",
+ modify_task_data->task_id);
+ }
+ }
+
if (fail == 0 && modify_task_data->escalator_id)
{
escalator_t escalator = 0;
@@ -11787,6 +11848,10 @@
assert (strcasecmp ("NAME", element_name) == 0);
set_client_state (CLIENT_MODIFY_TASK);
break;
+ case CLIENT_MODIFY_TASK_OBSERVERS:
+ assert (strcasecmp ("OBSERVERS", element_name) == 0);
+ set_client_state (CLIENT_MODIFY_TASK);
+ break;
case CLIENT_MODIFY_TASK_PREFERENCES:
assert (strcasecmp ("PREFERENCES", element_name) == 0);
set_client_state (CLIENT_MODIFY_TASK);
@@ -15297,7 +15362,9 @@
assert (strcasecmp ("GET_CONFIGS", element_name) == 0);
if (get_configs_data->config_id
- && find_config (get_configs_data->config_id, &request_config))
+ && find_config_for_actions (get_configs_data->config_id,
+ &request_config,
+ get_configs_data->actions))
SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("get_configs"));
else if (get_configs_data->config_id && (request_config == 0))
{
@@ -15328,7 +15395,8 @@
request_config,
get_configs_data->trash,
get_configs_data->sort_order,
- get_configs_data->sort_field);
+ get_configs_data->sort_field,
+ get_configs_data->actions);
while (next (&configs))
{
int config_nvts_growing, config_families_growing;
@@ -15533,8 +15601,8 @@
SENDF_TO_CLIENT_OR_FAIL ("</config>");
}
+ cleanup_iterator (&configs);
}
- cleanup_iterator (&configs);
get_configs_data_reset (get_configs_data);
SEND_TO_CLIENT_OR_FAIL ("</get_configs_response>");
set_client_state (CLIENT_AUTHENTIC);
@@ -15731,9 +15799,10 @@
"GET_LSC_CREDENTIALS format attribute should"
" be \"key\", \"rpm\", \"deb\" or \"exe\"."));
else if (get_lsc_credentials_data->lsc_credential_id
- && find_lsc_credential
+ && find_lsc_credential_for_actions
(get_lsc_credentials_data->lsc_credential_id,
- &lsc_credential))
+ &lsc_credential,
+ get_lsc_credentials_data->actions))
SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("get_lsc_credentials"));
else if (get_lsc_credentials_data->lsc_credential_id
&& (lsc_credential == 0))
@@ -15758,7 +15827,8 @@
lsc_credential,
get_lsc_credentials_data->trash,
get_lsc_credentials_data->sort_order,
- get_lsc_credentials_data->sort_field);
+ get_lsc_credentials_data->sort_field,
+ get_lsc_credentials_data->actions);
while (next (&credentials))
{
switch (format)
@@ -16099,7 +16169,9 @@
(XML_ERROR_SYNTAX ("get_target",
"GET_TARGETS tasks given with trash"));
else if (get_targets_data->target_id
- && find_target (get_targets_data->target_id, &target))
+ && find_target_for_actions (get_targets_data->target_id,
+ &target,
+ get_targets_data->actions))
SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("get_targets"));
else if (get_targets_data->target_id && target == 0)
{
@@ -16124,7 +16196,8 @@
target,
get_targets_data->trash,
get_targets_data->sort_order,
- get_targets_data->sort_field);
+ get_targets_data->sort_field,
+ get_targets_data->actions);
while (next (&targets))
{
char *ssh_lsc_name, *ssh_lsc_uuid, *smb_lsc_name, *smb_lsc_uuid;
@@ -16244,7 +16317,9 @@
(XML_ERROR_SYNTAX ("get_task",
"GET_TASKS details given with trash"));
else if (get_tasks_data->task_id
- && find_task (get_tasks_data->task_id, &task))
+ && find_task_for_actions (get_tasks_data->task_id,
+ &task,
+ get_tasks_data->actions))
SEND_TO_CLIENT_OR_FAIL (XML_INTERNAL_ERROR ("get_tasks"));
else if (get_tasks_data->task_id && task == 0)
{
@@ -16296,7 +16371,8 @@
task,
get_tasks_data->trash,
get_tasks_data->sort_order,
- get_tasks_data->sort_field);
+ get_tasks_data->sort_field,
+ get_tasks_data->actions);
while (next (&tasks))
if (get_tasks_data->details)
{
@@ -16312,7 +16388,7 @@
char *task_slave_uuid, *task_slave_name;
char *task_schedule_uuid, *task_schedule_name, *comment;
gchar *first_report_id, *first_report;
- char* description;
+ char *description, *owner, *observers;
gchar *description64, *last_report_id, *last_report;
gchar *second_last_report_id, *second_last_report;
report_t running_report;
@@ -16573,6 +16649,8 @@
name = task_name (task);
comment = task_comment (task);
+ owner = task_owner_name (task);
+ observers = task_observers (task);
escalator = task_escalator_name (task);
escalator_uuid = task_escalator_uuid (task);
config = task_config_name (task);
@@ -16597,6 +16675,8 @@
("<task id=\"%s\">"
"<name>%s</name>"
"<comment>%s</comment>"
+ "<owner><name>%s</name></owner>"
+ "<observers>%s</observers>"
"<config id=\"%s\">"
"<name>%s</name>"
"</config>"
@@ -16624,6 +16704,8 @@
task_iterator_uuid (&tasks),
name,
comment,
+ owner,
+ observers,
config_uuid ? config_uuid : "",
config ? config : "",
escalator_uuid ? escalator_uuid : "",
@@ -16661,6 +16743,8 @@
g_free (response);
g_free (name);
g_free (comment);
+ g_free (owner);
+ g_free (observers);
g_free (description64);
free (task_schedule_uuid);
free (task_schedule_name);
@@ -16724,6 +16808,8 @@
gchar *line, *progress_xml;
char *name = task_name (index);
char *comment = task_comment (index);
+ char *observers = task_observers (index);
+ char *owner = task_owner_name (index);
target_t target;
slave_t slave;
char *tsk_uuid, *config, *config_uuid;
@@ -17041,6 +17127,8 @@
" id=\"%s\">"
"<name>%s</name>"
"<comment>%s</comment>"
+ "<owner><name>%s</name></owner>"
+ "<observers>%s</observers>"
"<config id=\"%s\">"
"<name>%s</name>"
"<trash>%i</trash>"
@@ -17073,6 +17161,8 @@
tsk_uuid,
name,
comment,
+ owner,
+ observers,
config_uuid ? config_uuid : "",
config ? config : "",
task_config_in_trash (index),
@@ -17115,6 +17205,8 @@
g_free (second_last_report);
free (name);
free (comment);
+ free (owner);
+ free (observers);
g_free (description64);
free (tsk_uuid);
free (task_schedule_uuid);
@@ -17417,6 +17509,9 @@
case CLIENT_MODIFY_TASK_NAME:
openvas_append_text (&modify_task_data->name, text, text_len);
break;
+ case CLIENT_MODIFY_TASK_OBSERVERS:
+ openvas_append_text (&modify_task_data->observers, text, text_len);
+ break;
case CLIENT_MODIFY_TASK_RCFILE:
openvas_append_text (&modify_task_data->rcfile, text, text_len);
break;
More information about the Openvas-commits
mailing list