2014-01-20 01:08:03 +01:00
|
|
|
|
package DNSManager;
|
|
|
|
|
|
|
|
|
|
use Dancer ':syntax';
|
|
|
|
|
use strict;
|
|
|
|
|
use warnings;
|
|
|
|
|
use v5.14;
|
|
|
|
|
use Modern::Perl;
|
|
|
|
|
use Data::Dump qw( dump );
|
|
|
|
|
use Data::Structure::Util qw ( unbless );
|
|
|
|
|
use File::Basename;
|
|
|
|
|
use Config::Simple;
|
2014-02-07 23:56:45 +01:00
|
|
|
|
use Crypt::Digest::SHA256 qw( sha256_hex ) ;
|
2014-01-20 01:08:03 +01:00
|
|
|
|
use Storable qw( freeze thaw );
|
|
|
|
|
$Storable::Deparse = true;
|
|
|
|
|
$Storable::Eval=true;
|
2014-02-07 23:56:45 +01:00
|
|
|
|
use encoding 'utf-8'; # TODO check if this works well
|
2014-01-20 01:08:03 +01:00
|
|
|
|
|
|
|
|
|
# Include other libs relative to current path
|
2014-01-20 22:58:30 +01:00
|
|
|
|
use Find::Lib '../../'; # TODO remove it when it won't be usefull anymore
|
2014-01-20 01:08:03 +01:00
|
|
|
|
use app::app;
|
|
|
|
|
|
|
|
|
|
our $VERSION = '0.1';
|
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
# TODO we can check if dn matches our domain name
|
|
|
|
|
sub is_domain_name {
|
|
|
|
|
my ($dn) = @_;
|
|
|
|
|
my $ndd = qr/^([a-zA-Z0-9]+[a-zA-Z0-9-]*[a-zA-Z0-9]*.)*[a-zA-Z0-9]+[a-zA-Z0-9-]*[a-zA-Z0-9]$/;
|
|
|
|
|
return $dn =~ $ndd;
|
|
|
|
|
}
|
|
|
|
|
|
2014-01-20 22:58:30 +01:00
|
|
|
|
# eventually change place
|
|
|
|
|
sub initco {
|
|
|
|
|
|
|
|
|
|
my $cfg = new Config::Simple(dirname(__FILE__).'/../conf/config.ini');
|
2014-01-25 18:49:58 +01:00
|
|
|
|
my $app = app->new( zdir => $cfg->param('zones_path')
|
|
|
|
|
, dbname => $cfg->param('dbname')
|
|
|
|
|
, dbhost => $cfg->param('host')
|
|
|
|
|
, dbport => $cfg->param('port')
|
|
|
|
|
, dbuser => $cfg->param('user')
|
|
|
|
|
, dbpass => $cfg->param('passwd')
|
|
|
|
|
, sgbd => $cfg->param('sgbd')
|
|
|
|
|
, sshhost => $cfg->param('sshhost')
|
|
|
|
|
, sshuser => $cfg->param('sshuser')
|
|
|
|
|
, dnsapp => $cfg->param('dnsapp') );
|
2014-01-20 22:58:30 +01:00
|
|
|
|
|
|
|
|
|
$app->init();
|
|
|
|
|
|
|
|
|
|
return $app;
|
|
|
|
|
}
|
|
|
|
|
|
2014-01-24 22:37:02 +01:00
|
|
|
|
sub get_errmsg {
|
|
|
|
|
my $err = session 'errmsg';
|
|
|
|
|
session errmsg => '';
|
|
|
|
|
$err;
|
|
|
|
|
}
|
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
# TODO check if the referer was from our website
|
2014-01-24 22:37:02 +01:00
|
|
|
|
sub get_route {
|
|
|
|
|
my $route = '/';
|
|
|
|
|
$route = request->referer if (defined request->referer);
|
|
|
|
|
$route;
|
|
|
|
|
}
|
|
|
|
|
|
2014-01-20 01:08:03 +01:00
|
|
|
|
get '/' => sub {
|
|
|
|
|
if( session('login') )
|
|
|
|
|
{
|
2014-01-24 22:37:02 +01:00
|
|
|
|
|
2014-01-20 22:58:30 +01:00
|
|
|
|
my $app = initco();
|
2014-01-22 17:01:34 +01:00
|
|
|
|
my ($success, @domains) = $app->get_domains( session('login') );
|
|
|
|
|
|
|
|
|
|
if( $success ) {
|
|
|
|
|
|
|
|
|
|
template index => {
|
2014-01-23 00:25:33 +01:00
|
|
|
|
login => session('login')
|
2014-01-22 17:01:34 +01:00
|
|
|
|
, admin => session('admin')
|
2014-01-24 22:37:02 +01:00
|
|
|
|
, errmsg => get_errmsg
|
2014-01-22 17:01:34 +01:00
|
|
|
|
, domains => [ @domains ] };
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
session->destroy;
|
|
|
|
|
template 'index';
|
|
|
|
|
}
|
2014-01-24 22:37:02 +01:00
|
|
|
|
|
2014-01-20 01:08:03 +01:00
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2014-01-24 22:37:02 +01:00
|
|
|
|
|
|
|
|
|
template 'index' => {
|
|
|
|
|
errmsg => get_errmsg
|
|
|
|
|
};
|
2014-01-20 01:08:03 +01:00
|
|
|
|
}
|
|
|
|
|
};
|
|
|
|
|
|
2014-01-21 20:06:10 +01:00
|
|
|
|
prefix '/domain' => sub {
|
2014-01-21 01:33:17 +01:00
|
|
|
|
|
2014-01-24 22:42:34 +01:00
|
|
|
|
any ['post', 'get'] => '/updateraw/:domain' => sub {
|
2014-01-20 22:58:30 +01:00
|
|
|
|
|
2014-01-21 20:06:10 +01:00
|
|
|
|
# check if user is logged & if domain parameter is set
|
|
|
|
|
unless( session('login') && param('domain'))
|
|
|
|
|
{
|
|
|
|
|
redirect '/';
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2014-01-24 22:37:02 +01:00
|
|
|
|
|
2014-01-21 20:06:10 +01:00
|
|
|
|
my $app = initco();
|
2014-02-07 23:56:45 +01:00
|
|
|
|
my ($auth_ok, $user, $isadmin) = $app->auth(session('login'),
|
|
|
|
|
session('password') );
|
2014-01-20 22:58:30 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
if($auth_ok && ($isadmin || grep { $_ eq param('domain') }
|
|
|
|
|
@{$user->domains}) ) {
|
2014-01-20 22:58:30 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
my $success = $app->update_domain_raw( param('zoneupdated')
|
|
|
|
|
, param('domain'));
|
|
|
|
|
|
|
|
|
|
unless($success) {
|
|
|
|
|
session errmsg => q{Problème de mise à jour du domaine.};
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
redirect '/domain/details/' . param('domain');
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
session errmsg => q{Donnée privée, petit coquin. ;) };
|
|
|
|
|
redirect '/';
|
|
|
|
|
}
|
2014-01-25 14:08:01 +01:00
|
|
|
|
}
|
2014-01-24 22:42:34 +01:00
|
|
|
|
|
2014-01-25 14:08:01 +01:00
|
|
|
|
};
|
2014-01-24 22:42:34 +01:00
|
|
|
|
|
|
|
|
|
any ['post', 'get'] => '/update/:domain' => sub {
|
2014-02-07 23:56:45 +01:00
|
|
|
|
|
|
|
|
|
unless( session('login') && param('domain') )
|
|
|
|
|
{
|
2014-01-24 22:42:34 +01:00
|
|
|
|
redirect '/';
|
2014-01-21 20:06:10 +01:00
|
|
|
|
}
|
2014-01-24 22:42:34 +01:00
|
|
|
|
else
|
|
|
|
|
{
|
2014-02-07 23:56:45 +01:00
|
|
|
|
|
2014-01-25 14:08:01 +01:00
|
|
|
|
my $type = param('type');
|
|
|
|
|
my $name = param('name');
|
|
|
|
|
my $value = param('value');
|
|
|
|
|
my $ttl = param('ttl');
|
|
|
|
|
my $priority = param('priority');
|
2014-01-21 01:33:17 +01:00
|
|
|
|
|
2014-01-25 14:08:01 +01:00
|
|
|
|
my $app = initco();
|
2014-02-07 23:56:45 +01:00
|
|
|
|
my ($auth_ok, $user, $isadmin) = $app->auth(session('login'),
|
|
|
|
|
session('password') );
|
|
|
|
|
|
|
|
|
|
unless($auth_ok && ($isadmin || grep { $_ eq param('domain') }
|
|
|
|
|
@{$user->domains}) ) {
|
|
|
|
|
|
|
|
|
|
session errmsg => q{Donnée privée, petit coquin. ;) };
|
|
|
|
|
redirect '/';
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
my $zone = $app->get_domain( param('domain') );
|
2014-01-25 14:08:01 +01:00
|
|
|
|
given( $type )
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
when ('A') {
|
|
|
|
|
my $a = $zone->a();
|
|
|
|
|
push( @$a, {name => $name
|
|
|
|
|
, class => "IN"
|
|
|
|
|
, host => $value
|
|
|
|
|
, ttl => $ttl
|
|
|
|
|
, ORIGIN => $zone->origin} );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
when ('AAAA') {
|
|
|
|
|
my $aaaa = $zone->aaaa;
|
|
|
|
|
push(@$aaaa, {name => $name
|
|
|
|
|
, class => "IN"
|
|
|
|
|
, host => $value
|
|
|
|
|
, ttl => $ttl
|
|
|
|
|
, ORIGIN => $zone->origin} );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
when ('CNAME') {
|
|
|
|
|
my $cname = $zone->cname;
|
|
|
|
|
push(@$cname,
|
|
|
|
|
{name => $name
|
|
|
|
|
, class => "IN"
|
|
|
|
|
, host => $value
|
|
|
|
|
, ttl => $ttl
|
|
|
|
|
, ORIGIN => $zone->origin} );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
when ('MX') {
|
|
|
|
|
my $mx = $zone->mx;
|
|
|
|
|
push(@$mx, { name => $name
|
|
|
|
|
, class => "IN"
|
|
|
|
|
, host => $value
|
|
|
|
|
, priority => $priority
|
|
|
|
|
, ttl => $ttl
|
|
|
|
|
, ORIGIN => $zone->origin} );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
when ('PTR') {
|
|
|
|
|
my $ptr = $zone->ptr;
|
|
|
|
|
push(@$ptr, {name => $name
|
|
|
|
|
, class => "IN"
|
|
|
|
|
, host => $value
|
|
|
|
|
, ttl => $ttl
|
|
|
|
|
, ORIGIN => $zone->origin} );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
when ('NS') {
|
|
|
|
|
my $ns = $zone->ns;
|
|
|
|
|
push(@$ns, {name => $name
|
|
|
|
|
, class => "IN"
|
|
|
|
|
, host => $value
|
|
|
|
|
, ttl => $ttl
|
|
|
|
|
, ORIGIN => $zone->origin} );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$zone->new_serial();
|
2014-02-07 23:56:45 +01:00
|
|
|
|
dump($zone);
|
2014-01-25 14:08:01 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
$app->update_domain( $zone , param('domain'));
|
2014-01-24 22:42:34 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
redirect '/domain/details/' . param('domain');
|
2014-01-25 14:08:01 +01:00
|
|
|
|
}
|
|
|
|
|
};
|
2014-01-20 22:58:30 +01:00
|
|
|
|
|
2014-01-21 20:06:10 +01:00
|
|
|
|
get '/details/:domain' => sub {
|
|
|
|
|
|
|
|
|
|
# check if user is logged & if domain parameter is set
|
|
|
|
|
unless( session('login') && param('domain'))
|
|
|
|
|
{
|
|
|
|
|
redirect '/';
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
my $app = initco();
|
2014-02-07 23:56:45 +01:00
|
|
|
|
|
|
|
|
|
my ($auth_ok, $user, $isadmin) = $app->auth(session('login'),
|
|
|
|
|
session('password') );
|
|
|
|
|
|
|
|
|
|
unless ( $auth_ok && ( $isadmin
|
|
|
|
|
|| grep { $_ =~ param('domain') } @{$user->domains})) {
|
|
|
|
|
|
|
|
|
|
session errmsg => q{Auth non OK.};
|
|
|
|
|
redirect '/ ';
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
my $zone = $app->get_domain(param('domain'));
|
|
|
|
|
|
|
|
|
|
if( param( 'expert' ) )
|
|
|
|
|
{
|
|
|
|
|
template details => {
|
|
|
|
|
login => session('login')
|
|
|
|
|
, admin => session('admin')
|
|
|
|
|
, domain => param('domain')
|
|
|
|
|
, domain_zone => $zone->output()
|
|
|
|
|
, expert => true };
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
# say dump( $zone->cname());
|
|
|
|
|
template details => {
|
|
|
|
|
login => session('login')
|
|
|
|
|
, admin => session('admin')
|
|
|
|
|
, domain => param('domain')
|
|
|
|
|
, domain_zone => $zone->output()
|
|
|
|
|
, a => $zone->a()
|
|
|
|
|
, aaaa => $zone->aaaa()
|
|
|
|
|
, cname => $zone->cname()
|
|
|
|
|
, ptr => $zone->ptr()
|
|
|
|
|
, mx => $zone->mx()
|
|
|
|
|
, ns => $zone->ns() };
|
|
|
|
|
}
|
2014-01-21 20:06:10 +01:00
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
post '/add/' => sub {
|
|
|
|
|
|
|
|
|
|
# check if user is logged & if domain parameter is set
|
|
|
|
|
unless( session('login') && param('domain'))
|
|
|
|
|
{
|
|
|
|
|
redirect '/';
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
|
2014-01-24 22:37:02 +01:00
|
|
|
|
my $creationSuccess = '';
|
|
|
|
|
|
2014-01-21 00:16:26 +01:00
|
|
|
|
if( param('domain') =~ /^[a-zA-Z0-9]+[a-zA-Z0-9-]+[a-zA-Z0-9]+$|^[a-zA-Z0-9]+$/ )
|
|
|
|
|
{
|
|
|
|
|
|
2014-01-22 17:01:34 +01:00
|
|
|
|
my $cfg = new Config::Simple(dirname(__FILE__).'/../conf/config.ini');
|
2014-01-21 00:16:26 +01:00
|
|
|
|
my $domain = param('domain').$cfg->param('tld');
|
2014-01-22 17:01:34 +01:00
|
|
|
|
my $app = initco();
|
2014-01-24 22:37:02 +01:00
|
|
|
|
my ($success) = $app->add_domain( session('login'), $domain );
|
|
|
|
|
|
|
|
|
|
if ($success) {
|
|
|
|
|
$creationSuccess = q{Le nom de domaine a bien été réservé ! };
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
session errmsg => q{Le nom de domaine est déjà pris.};
|
|
|
|
|
}
|
2014-01-21 00:16:26 +01:00
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2014-01-24 22:37:02 +01:00
|
|
|
|
session errmsg =>
|
|
|
|
|
q{Le nom de domaine entré contient des caractères invalides};
|
2014-01-21 00:16:26 +01:00
|
|
|
|
}
|
|
|
|
|
|
2014-01-24 22:37:02 +01:00
|
|
|
|
session creationSuccess => $creationSuccess;
|
|
|
|
|
session domainName => param('domain');
|
2014-02-07 23:56:45 +01:00
|
|
|
|
redirect '/user/home';
|
2014-01-21 20:06:10 +01:00
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
get '/del/:domain' => sub {
|
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
my $app = initco();
|
|
|
|
|
my ($auth_ok, $user, $isadmin) = $app->auth(session('login'),
|
|
|
|
|
session('password') );
|
|
|
|
|
|
|
|
|
|
unless ( $auth_ok && ( $isadmin
|
|
|
|
|
|| grep { $_ =~ param('domain') } @{$user->domains})) {
|
|
|
|
|
|
|
|
|
|
session errmsg => q{Auth non OK.};
|
|
|
|
|
redirect '/ ';
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2014-01-24 22:37:02 +01:00
|
|
|
|
unless( defined param('domain') ) {
|
|
|
|
|
session errmsg => q<Domaine non renseigné.>;
|
|
|
|
|
redirect get_route;
|
2014-02-07 23:56:45 +01:00
|
|
|
|
return;
|
2014-01-24 22:37:02 +01:00
|
|
|
|
}
|
2014-01-23 02:46:16 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
if( ! is_domain_name(param('domain'))) {
|
|
|
|
|
session errmsg => q<Domaine non conforme.>;
|
|
|
|
|
redirect get_route;
|
|
|
|
|
return;
|
|
|
|
|
}
|
2014-01-23 02:46:16 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
my $success = $app->delete_domain(session('login'), param('domain'));
|
2014-01-24 22:37:02 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
unless($success) {
|
|
|
|
|
session errmsg => q{Impossible de supprimer le domaine.};
|
|
|
|
|
}
|
2014-01-24 22:37:02 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
if( request->referer =~ "/domain/details" ) {
|
|
|
|
|
redirect '/user/home';
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
redirect request->referer;
|
2014-01-23 02:46:16 +01:00
|
|
|
|
}
|
2014-01-21 20:06:10 +01:00
|
|
|
|
|
|
|
|
|
};
|
2014-01-21 01:33:17 +01:00
|
|
|
|
|
2014-01-25 23:35:26 +01:00
|
|
|
|
get '/del/:domain/:name/:type/:host/:ttl' => sub {
|
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
# Load :domain and search for corresponding data
|
|
|
|
|
my $app = initco();
|
|
|
|
|
|
|
|
|
|
my ($auth_ok, $user, $isadmin) = $app->auth(session('login'),
|
|
|
|
|
session('password') );
|
|
|
|
|
|
|
|
|
|
unless ( $auth_ok && ( $isadmin
|
|
|
|
|
|| grep { $_ =~ param('domain') } @{$user->domains})) {
|
|
|
|
|
|
|
|
|
|
session errmsg => q{Auth non OK.};
|
|
|
|
|
redirect '/ ';
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2014-01-25 23:35:26 +01:00
|
|
|
|
unless( session( 'user' ) and defined param('domain') ) {
|
|
|
|
|
session errmsg => q<Domaine non renseigné.>;
|
|
|
|
|
redirect get_route;
|
2014-02-07 23:56:45 +01:00
|
|
|
|
return;
|
2014-01-25 23:35:26 +01:00
|
|
|
|
}
|
2014-02-07 23:56:45 +01:00
|
|
|
|
|
|
|
|
|
$app->delete_entry( param('domain'),
|
|
|
|
|
{
|
|
|
|
|
type => param('type'),
|
|
|
|
|
name => param('name'),
|
|
|
|
|
host => param('host'),
|
|
|
|
|
ttl => param('ttl')
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
redirect '/domain/details/'. param('domain');
|
|
|
|
|
};
|
2014-01-25 23:35:26 +01:00
|
|
|
|
|
2014-01-26 20:21:39 +01:00
|
|
|
|
get '/mod/:domain/:name/:type/:host/:ttl' => sub {
|
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
my $app = initco();
|
|
|
|
|
my ($auth_ok, $user, $isadmin) = $app->auth(session('login'),
|
|
|
|
|
session('password') );
|
|
|
|
|
|
|
|
|
|
unless ( $auth_ok && ( $isadmin
|
|
|
|
|
|| grep { $_ =~ param('domain') } @{$user->domains})) {
|
|
|
|
|
|
|
|
|
|
session errmsg => q{Auth non OK.};
|
|
|
|
|
redirect '/ ';
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2014-01-26 20:21:39 +01:00
|
|
|
|
unless( session( 'user' ) and defined param('domain') ) {
|
|
|
|
|
session errmsg => q<Domaine non renseigné.>;
|
|
|
|
|
redirect get_route;
|
2014-02-07 23:56:45 +01:00
|
|
|
|
return;
|
2014-01-26 20:21:39 +01:00
|
|
|
|
}
|
2014-02-07 23:56:45 +01:00
|
|
|
|
|
|
|
|
|
$app->modify_entry( param('domain'),
|
|
|
|
|
{
|
|
|
|
|
type => param('type'),
|
|
|
|
|
name => param('name'),
|
|
|
|
|
host => param('host'),
|
|
|
|
|
ttl => param('ttl')
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
newtype => param('newtype'),
|
|
|
|
|
newname => param('newname'),
|
|
|
|
|
newhost => param('newhost'),
|
|
|
|
|
newttl => param('newttl'),
|
|
|
|
|
newpriority => param('newpriority')
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
redirect '/domain/details/'. param('domain');
|
|
|
|
|
};
|
2014-01-26 21:05:19 +01:00
|
|
|
|
};
|
2014-01-25 23:35:26 +01:00
|
|
|
|
|
2014-01-26 21:05:19 +01:00
|
|
|
|
any ['get', 'post'] => '/admin' => sub {
|
2014-01-26 17:27:04 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
unless( session('login') )
|
|
|
|
|
{
|
|
|
|
|
redirect '/';
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
my $app = initco();
|
|
|
|
|
my ($auth_ok, $user, $isadmin) = $app->auth(session('login'),
|
|
|
|
|
session('password') );
|
2014-01-20 01:08:03 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
unless ( $auth_ok && $isadmin ) {
|
|
|
|
|
session errmsg => q{Donnée privée, petit coquin. ;) };
|
|
|
|
|
redirect '/ ';
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
my %alldomains = $app->get_all_domains;
|
|
|
|
|
my %allusers = $app->get_all_users;
|
|
|
|
|
my ($success, @domains) = $app->get_domains( session('login') );
|
|
|
|
|
|
|
|
|
|
template administration => {
|
|
|
|
|
login => session('login')
|
|
|
|
|
, admin => session('admin')
|
|
|
|
|
, errmsg => get_errmsg
|
|
|
|
|
, domains => [ @domains ]
|
|
|
|
|
, alldomains => { %alldomains }
|
|
|
|
|
, allusers => { %allusers } };
|
|
|
|
|
};
|
2014-01-26 21:05:19 +01:00
|
|
|
|
|
2014-01-21 20:06:10 +01:00
|
|
|
|
prefix '/user' => sub {
|
2014-01-20 01:08:03 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
get '/home' => sub {
|
2014-01-20 22:58:30 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
unless( session('login') ) {
|
|
|
|
|
redirect '/';
|
|
|
|
|
return;
|
|
|
|
|
}
|
2014-01-22 23:04:54 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
my $app = initco();
|
2014-01-24 22:37:02 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
my ($auth_ok, $user, $isadmin) = $app->auth(session('login'),
|
|
|
|
|
session('password') );
|
2014-01-22 23:04:54 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
unless( $auth_ok ) {
|
|
|
|
|
session errmsg => q/problème de connexion à votre compte/;
|
|
|
|
|
redirect '/';
|
|
|
|
|
return;
|
|
|
|
|
}
|
2014-01-22 23:04:54 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
my ($success, @domains) = $app->get_domains( session('login') );
|
2014-01-22 23:04:54 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
if( $success ) {
|
2014-01-22 23:04:54 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
my $cs = session('creationSuccess');
|
|
|
|
|
my $dn = session('domainName');
|
2014-01-22 23:04:54 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
session creationSuccess => '';
|
|
|
|
|
session domainName => '';
|
2014-01-22 23:04:54 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
template home => {
|
|
|
|
|
login => session('login')
|
|
|
|
|
, admin => session('admin')
|
|
|
|
|
, domains => [@domains]
|
|
|
|
|
, creationSuccess => $cs
|
|
|
|
|
, errmsg => get_errmsg
|
|
|
|
|
, domainName => $dn };
|
2014-01-23 21:30:52 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
session->destroy;
|
|
|
|
|
redirect '/ ';
|
|
|
|
|
}
|
2014-01-23 21:30:52 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
};
|
2014-01-23 21:30:52 +01:00
|
|
|
|
|
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
get '/logout' => sub {
|
|
|
|
|
session->destroy;
|
|
|
|
|
redirect '/';
|
|
|
|
|
};
|
2014-01-23 21:30:52 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
# add a user => registration
|
|
|
|
|
post '/add/' => sub {
|
2014-01-23 21:30:52 +01:00
|
|
|
|
|
2014-02-08 16:14:41 +01:00
|
|
|
|
unless ( param('login') && param('password') && param('password2') ) {
|
|
|
|
|
session errmsg => q/Identifiant ou mot de passe non renseigné./;
|
|
|
|
|
redirect '/user/subscribe';
|
|
|
|
|
return;
|
|
|
|
|
}
|
2014-01-23 21:30:52 +01:00
|
|
|
|
|
2014-02-08 16:14:41 +01:00
|
|
|
|
unless ( param('password') eq param('password2')) {
|
|
|
|
|
session errmsg => q/Les mots de passes ne sont pas identiques./;
|
|
|
|
|
redirect '/user/subscribe';
|
|
|
|
|
return;
|
|
|
|
|
}
|
2014-01-23 21:30:52 +01:00
|
|
|
|
|
2014-02-08 16:14:41 +01:00
|
|
|
|
my $pass = sha256_hex(param('password'));
|
2014-01-23 21:30:52 +01:00
|
|
|
|
|
2014-02-08 16:14:41 +01:00
|
|
|
|
my $app = initco();
|
|
|
|
|
my ($success) = $app->register_user(param('login'), $pass);
|
2014-01-23 21:30:52 +01:00
|
|
|
|
|
2014-02-08 16:14:41 +01:00
|
|
|
|
if($success) {
|
|
|
|
|
session login => param('login');
|
|
|
|
|
session password => $pass;
|
|
|
|
|
redirect '/user/home';
|
2014-02-07 23:56:45 +01:00
|
|
|
|
}
|
|
|
|
|
else {
|
2014-02-08 16:14:41 +01:00
|
|
|
|
session errmsg => q/Ce pseudo est déjà pris./;
|
2014-02-07 23:56:45 +01:00
|
|
|
|
redirect '/user/subscribe';
|
|
|
|
|
}
|
2014-01-23 21:30:52 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
};
|
2014-01-23 21:30:52 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
get '/subscribe' => sub {
|
2014-01-23 21:30:52 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
if( defined session('login') ) {
|
|
|
|
|
redirect '/user/home';
|
|
|
|
|
}
|
|
|
|
|
else {
|
2014-01-23 21:30:52 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
template subscribe => {
|
|
|
|
|
errmsg => get_errmsg
|
|
|
|
|
, admin => session('admin')
|
|
|
|
|
};
|
|
|
|
|
}
|
2014-01-23 21:30:52 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
};
|
2014-01-23 21:30:52 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
get '/unsetadmin/:user' => sub {
|
2014-01-23 21:30:52 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
unless( defined param('user') ) {
|
2014-01-23 21:30:52 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
session errmsg => "L'administrateur n'est pas défini." ;
|
|
|
|
|
redirect request->referer;
|
|
|
|
|
return;
|
2014-01-23 21:30:52 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
}
|
2014-01-23 21:30:52 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
if(! defined session('login') ) {
|
2014-01-23 21:30:52 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
session errmsg => "Vous n'êtes pas connecté." ;
|
|
|
|
|
redirect '/';
|
|
|
|
|
return;
|
|
|
|
|
}
|
2014-01-23 21:30:52 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
my $app = initco();
|
|
|
|
|
|
|
|
|
|
my ($auth_ok, $user, $isadmin) = $app->auth(session('login'),
|
|
|
|
|
session('password') );
|
|
|
|
|
|
|
|
|
|
unless ( $auth_ok && $isadmin ) {
|
|
|
|
|
session errmsg => q/Vous n'êtes pas administrateur./;
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
$app->set_admin(param('user'), 0);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if( request->referer =~ "/admin" ) {
|
|
|
|
|
redirect request->referer;
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
redirect '/';
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
};
|
2014-01-23 21:30:52 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
get '/setadmin/:user' => sub {
|
|
|
|
|
|
|
|
|
|
unless( defined param('user') ) {
|
|
|
|
|
|
|
|
|
|
session errmsg => "L'utilisateur n'est pas défini." ;
|
|
|
|
|
redirect request->referer;
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if(! defined session('login') ) {
|
|
|
|
|
|
|
|
|
|
session errmsg => "Vous n'êtes pas connecté." ;
|
|
|
|
|
redirect '/';
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
my $app = initco();
|
|
|
|
|
|
|
|
|
|
my ($auth_ok, $user, $isadmin) = $app->auth(session('login'),
|
|
|
|
|
session('password') );
|
|
|
|
|
|
|
|
|
|
unless ( $auth_ok && $isadmin ) {
|
|
|
|
|
session errmsg => q/Vous n'êtes pas administrateur./;
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
$app->set_admin(param('user'), 1);
|
|
|
|
|
}
|
2014-01-22 23:04:54 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
if( request->referer =~ "/admin" ) {
|
|
|
|
|
redirect request->referer;
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
redirect '/';
|
|
|
|
|
}
|
2014-01-22 23:04:54 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
};
|
2014-01-22 17:01:34 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
get '/del/:user' => sub {
|
2014-01-22 17:01:34 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
if(defined param 'user') {
|
2014-01-24 22:37:02 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
my $app = initco();
|
2014-01-22 17:01:34 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
my ($auth_ok, $user, $isadmin) = $app->auth(session('login'),
|
|
|
|
|
session('password') );
|
2014-01-22 17:01:34 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
if ( $auth_ok && $isadmin || session('login') eq param('user')) {
|
|
|
|
|
unless ( $app->delete_user(param('user'))) {
|
|
|
|
|
session errmsg => "L'utilisateur "
|
|
|
|
|
. param 'user'
|
|
|
|
|
. " n'a pas pu être supprimé.";
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
session errmsg => q{Le nom d'utilisateur n'est pas renseigné.};
|
|
|
|
|
}
|
2014-01-22 17:01:34 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
if( defined request->referer) {
|
|
|
|
|
redirect request->referer;
|
|
|
|
|
}
|
|
|
|
|
else {
|
|
|
|
|
redirect '/';
|
|
|
|
|
}
|
2014-01-22 17:01:34 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
};
|
2014-01-20 01:08:03 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
post '/login' => sub {
|
2014-01-21 20:06:10 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
# Check if user is already logged
|
|
|
|
|
unless ( session('login') )
|
|
|
|
|
{
|
|
|
|
|
# Check user login and password
|
|
|
|
|
if ( param('login') && param('password') )
|
|
|
|
|
{
|
2014-01-22 17:01:34 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
my $app = initco();
|
|
|
|
|
my $pass = sha256_hex(param('password'));
|
|
|
|
|
my ($auth_ok, $user, $isadmin) = $app->auth(param('login'),
|
|
|
|
|
$pass );
|
2014-01-21 20:06:10 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
if( $auth_ok )
|
|
|
|
|
{
|
2014-01-21 20:06:10 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
session login => param('login');
|
|
|
|
|
session password => $pass;
|
|
|
|
|
session user => freeze( $user );
|
|
|
|
|
session admin => $isadmin;
|
2014-01-22 17:01:34 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
if( $isadmin ) {
|
|
|
|
|
redirect '/admin';
|
|
|
|
|
return;
|
|
|
|
|
}
|
2014-01-24 22:37:02 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2014-01-24 22:37:02 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
session errmsg => q<Impossible de se connecter (login ou mot de passe incorrect).>;
|
|
|
|
|
redirect '/';
|
2014-01-20 01:08:03 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2014-01-20 01:08:03 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
redirect '/user/home';
|
2014-01-20 01:08:03 +01:00
|
|
|
|
|
2014-02-07 23:56:45 +01:00
|
|
|
|
};
|
2014-01-21 20:06:10 +01:00
|
|
|
|
};
|