/* FILE $Id$ PURPOSE Non-schema dependent tclient.c expansion. AUTHOR GPL License applies, see www.fsf.org for details See LICENSE file in this distribution (C) 2001-2009 Gary Wallis and Hugo Urquiza. */ #define BO_CUSTOMER "Back-Office Customer" #define BO_RESELLER "Back-Office Reseller" #define BO_ADMIN "Back-Office Admin" #define BO_ROOT "Back-Office Root" #define ORG_CUSTOMER "Organization Customer" #define ORG_WEBMASTER "Organization Webmaster" #define ORG_SALES "Organization Sales Force" #define ORG_SERVICE "Organization Customer Service" #define ORG_ACCT "Organization Bookkeeper" #define ORG_ADMIN "Organization Admin" #define BO_ROOT_VAL 12 #define BO_ADMIN_VAL 10 #define BO_RESELLER_VAL 8 #define BO_CUSTOMER_VAL 7 #define ORG_CUSTOMER_VAL 1 #define ORG_WEBMASTER_VAL 2 #define ORG_SALES_VAL 3 #define ORG_SERVICE_VAL 4 #define ORG_ACCT_VAL 5 #define ORG_ADMIN_VAL 6 static char cPasswd[36]={""}; static char cLogin[33]={""}; static char cExtLabel[16]={""}; static char cuPerm[33]={ORG_ADMIN}; static unsigned uPerm=0; static unsigned uOnlyASPs=0; static char cSearch[100]={""}; //Aux drop/pull downs static char cForClientPullDown[256]={"---"}; static unsigned uForClient=0; unsigned IsAuthUser(char *cLabel, unsigned uOwner, unsigned uCertClient); void PermLevelDropDown(char *cuPerm); void EncryptPasswdWithSalt(char *cPasswd,char *cSalt); void GetClientMaxParams(unsigned uClient,unsigned *uMaxSites,unsigned *uMaxIPs); const char *cUserLevel(unsigned uPermLevel); unsigned uMaxClientsReached(unsigned uClient); void tTablePullDownResellers(unsigned uSelector); void ContactsNavList(void); void htmlRecordContext(void); void ExtProcesstClientVars(pentry entries[], int x) { register int i; for(i=0;i=10) { ProcesstClientVars(entries,x); if(guLoginClient!=1 && uMaxClientsReached(guCompany)) { guMode=0; tClient("Your reseller maximum of customers has been reached"); } guMode=2000; //These just for GUI cleanup uModDate=0; uModBy=0; tClient(LANG_NB_CONFIRMNEW); } else tClient("Error: Denied by permissions settings"); } else if(!strcmp(gcCommand,LANG_NB_CONFIRMNEW)) { if(guPermLevel>=10) { ProcesstClientVars(entries,x); //Validate guMode=2000; if(guLoginClient!=1 && uMaxClientsReached(guCompany)) { guMode=0; tClient("Your maximum of customers has been reached"); } if(strlen(cLabel)<3) tClient("Error: Invalid cLabel!"); guMode=0; if(!uForClient) uOwner=guCompany; else uOwner=uForClient; uClient=0;//Update .c this is dumb uCreatedBy=guLoginClient; //These just for GUI cleanup uModDate=0; uModBy=0; NewtClient(0); } else tClient("Error: Denied by permissions settings"); } else if(!strcmp(gcCommand,LANG_NB_DELETE)) { ProcesstClientVars(entries,x); if(uAllowDel(uOwner,uCreatedBy)) { guMode=2001; tClient(LANG_NB_CONFIRMDEL); } else tClient("Error: Denied by permissions settings"); } else if(!strcmp(gcCommand,LANG_NB_CONFIRMDEL)) { ProcesstClientVars(entries,x); if(uAllowDel(uOwner,uCreatedBy)) { guMode=2001; //This must be customized sprintf(gcQuery,"SELECT uZone FROM tZone WHERE uOwner=%u OR uCreatedBy=%u",uClient,uClient); mysql_query(&gMysql,gcQuery); if(mysql_errno(&gMysql)) tClient(mysql_error(&gMysql)); res=mysql_store_result(&gMysql); if(mysql_num_rows(res)) tClient("Can't delete client with resources"); mysql_free_result(res); sprintf(gcQuery,"DELETE FROM " TAUTHORIZE " WHERE (cLabel='%s' OR uCertClient=%u)" " AND (uOwner=%u OR uOwner=%u)",cLabel,uClient,uClient,guLoginClient); mysql_query(&gMysql,gcQuery); if(mysql_errno(&gMysql)) tClient(mysql_error(&gMysql)); guMode=5; DeletetClient(); } else tClient("Error: Denied by permissions settings"); } else if(!strcmp(gcCommand,LANG_NB_MODIFY)) { ProcesstClientVars(entries,x); if(uAllowMod(uOwner,uCreatedBy)) { guMode=2002; tClient(LANG_NB_CONFIRMMOD); } else tClient("Error: Denied by permissions settings"); } else if(!strcmp(gcCommand,LANG_NB_CONFIRMMOD)) { ProcesstClientVars(entries,x); if(uAllowMod(uOwner,uCreatedBy)) { //Validate guMode=2002; if(strlen(cLabel)<3) tClient("Error: Invalid cLabel!"); guMode=0; uModBy=guLoginClient; if(uForClient && uClient>1) { sprintf(gcQuery,"UPDATE " TCLIENT " SET uOwner=%u WHERE uClient=%u", uForClient,uClient); mysql_query(&gMysql,gcQuery); if(mysql_errno(&gMysql)) htmlPlainTextError(mysql_error(&gMysql)); uOwner=uForClient; } ModtClient(); } else tClient("Error: Denied by permissions settings"); } else if(!strcmp(gcCommand,"Authorize")) { ProcesstClientVars(entries,x); if(uAllowMod(uOwner,uCreatedBy)) { guMode=3000; tClient("Enter login, passwd, user level and confirm." " To authorize a new user to use an interface or this back-office."); } else tClient("Error: Denied by permissions settings"); } else if(!strcmp(gcCommand,"Confirm Authorize")) { ProcesstClientVars(entries,x); if(uAllowMod(uOwner,uCreatedBy)) { time_t clock; char cClrPasswd[33]; time(&clock); if(strlen(cLogin)<6) { guMode=3000; tClient("Login must be at least 6 chars!"); } if(strlen(cPasswd)<4) { guMode=3000; tClient("Passwd must be at least 4 chars!"); } if(uPerm<1 || uPerm>12) { guMode=3000; sprintf(gcQuery,"uPerm level error:%u",uPerm); tClient(gcQuery); } sprintf(cClrPasswd,"%.32s",cPasswd); EncryptPasswdWithSalt(cPasswd,".."); if(uPerm==12) uClient=1;//uCertClient root alias temp hack sprintf(gcQuery,"INSERT INTO " TAUTHORIZE " SET cLabel='%s',uPerm=%u," "uCertClient=%u,cPasswd='%s',uOwner=%u,uCreatedBy=%u," "uCreatedDate=UNIX_TIMESTAMP(NOW()),cIPMask='0.0.0.0',cClrPasswd='%s'", cLogin,uPerm,uClient,cPasswd,uOwner,guLoginClient,cClrPasswd); mysql_query(&gMysql,gcQuery); if(mysql_errno(&gMysql)) { printf("Content-type: text/plain\n\n"); printf("mysql_error: %s\n",mysql_error(&gMysql)); exit(0); } tClient("Contact Authorized"); } else tClient("Error: Denied by permissions settings"); }//Confirm auth } }//void ExttClientCommands(pentry entries[], int x) void ExttClientButtons(void) { unsigned uDefault=0; OpenFieldSet("tClient Aux Panel",100); switch(guMode) { case 2000: printf("New: Step 1 Tips
"); printf("Here you would usually enter a new company name into cLabel. Optionally some standardized company info in cInfo, like addresses phone numbers and such. A main company email is usually helpful, and cCode can be used for easy matching with other databases you may have for your customers like a CRM or accounting software etc.
If you are creating a contact for an existing company select that company from the drop down select below and use cLabel for the contact name (Ex. Anne Flechter) and the cInfo would be the contacts personal phone numbers and or address etc."); if(guPermLevel>7) { if(uOwner==1) tTablePullDownResellers(uClient); else tTablePullDownResellers(uOwner); } printf(LANG_NBB_CONFIRMNEW); printf("
\n"); break; case 2001: printf(LANG_NBB_CONFIRMDEL); printf("
Note: Will also delete tAuthorize entries related to this uClient. Probably not a good idea to delete Root owned tClient records this way, even if you have the permissions to do so.\n"); break; case 2002: printf("Modify: Step 1 Tips
"); printf("Here you can modify the contact or company name. In the later case still keeping all associated contacts. You can update the cInfo text area. Add an email or company or contact code.
A much more advanced operation and one that must be done with care is the use of the 'Change or Create' drop down select: It is meant primarily to associate or change the association of contacts or other orphan tClient records with a given company. In any case the 'Change or Create' feature must be used with caution since it may affect many other tClient and tAuthorize records indirectly, especially if used on a company record."); htmlRecordContext(); if(guPermLevel>7) { tTablePullDownResellers(uForClient); } printf("

"); printf(LANG_NBB_CONFIRMMOD); break; case 3000: printf("Authorize: Step 1 Tips
Depending on the user level you may authorize a contact to access interfaces (like the organization/contact portal.) Or even to use this back-office. In the 'Login' you would enter a login (that can be the same as the tClient.cLabel) for this contact and a password. The most common user permission level is 'Organization Admin' that would allow this contact to login to the idnsOrg.cgi interface and have full control over the companies DNS resource records. The second most common user level is 'Back-Office Root' that will allow the user full access to this back-office iDNS.cgi interface.

\n"); if(guPermLevel>7) PermLevelDropDown(cuPerm); printf("
Login \n",cLabel); printf("
Passwd "); printf(""); break; default: if(guPermLevel>9) { uDefault=1; printf("Table Tips
"); printf("Here you can create new companies (organizations in general) or add new contacts" " to existing companies. Once a new contact is made you can authorize her to use" " interfaces or even this backoffice web interface." " The system wide hierachical model used is: A single root user, under this root" " user application service provider companies (ASPs) exist, at least one ASP needs" " to be created. Under (or as part of) the ASP at least one admin level contact must" " be created, this contact can then create or reseller companies or end user" " companies. The reseller companies may in turn create other end user companies" " that they can manage. End user companies only manage their own resources, via" " their contacts. Finally the contacts are assigned a role that limits the" " operations they can perform for their company and the interfaces they can use."); printf("

Search Tools
"); printf("Enter the complete or the first part of a company or contact name below. Not case sensitive. You can use %% and _ SQL LIKE matching chars. The check box further limits your search.
"); printf("
",cSearch); printf("Only ASPs
"); else printf(">
"); htmlRecordContext(); } if(uClient && guPermLevel>9 && uClient!=guLoginClient && !IsAuthUser(cLabel,uOwner,uClient) &&guMode!=5 && uOwner!=1) { printf("

",cLabel); } ContactsNavList(); } if(!uDefault) { if(cSearch[0]) printf("",cSearch); if(uOnlyASPs) printf(""); } CloseFieldSet(); }//void ExttClientButtons(void) void ExttClientAuxTable(void) { }//void ExttClientAuxTable(void) void ExttClientGetHook(entry gentries[], int x) { register int i; for(i=0;i11)//Root can read access all sprintf(gcQuery,"SELECT " VAR_LIST_tClient " FROM " TCLIENT " ORDER BY uClient"); else sprintf(gcQuery,"SELECT " VAR_LIST_tClient " FROM " TCLIENT " WHERE (uClient=%1$u OR uOwner" " IN (SELECT uClient FROM " TCLIENT " WHERE uOwner=%1$u OR uClient=%1$u))" " ORDER BY uClient",guCompany); }//void ExttClientSelect(void) void ExttClientSelectRow(void) { ExtSelectRow("tClient",VAR_LIST_tClient,uClient); if(guLoginClient==1 && guPermLevel>11)//Root can read access all sprintf(gcQuery,"SELECT " VAR_LIST_tClient " FROM tClient WHERE uClient=%u ORDER BY uClient", uClient); else sprintf(gcQuery,"SELECT " VAR_LIST_tClient " FROM " TCLIENT " WHERE uClient=%2$u AND (uClient=%1$u OR uOwner" " IN (SELECT uClient FROM " TCLIENT " WHERE uOwner=%1$u OR uClient=%1$u))" " ORDER BY uClient",guCompany,uClient); }//void ExttClientSelectRow(void) void ExttClientListSelect(void) { char cCat[512]; ExtListSelect("tClient",VAR_LIST_tClient); if(guLoginClient==1 && guPermLevel>11)//Root can read access all sprintf(gcQuery,"SELECT " VAR_LIST_tClient " FROM " TCLIENT); else sprintf(gcQuery,"SELECT " VAR_LIST_tClient " FROM " TCLIENT " WHERE (uClient=%1$u OR uOwner" " IN (SELECT uClient FROM " TCLIENT " WHERE uOwner=%1$u OR uClient=%1$u))" ,guCompany); //Changes here must be reflected below in ExttClientListFilter() if(!strcmp(gcFilter,"uClient")) { sscanf(gcCommand,"%u",&uClient); if(guPermLevel<10) strcat(gcQuery," AND "); else strcat(gcQuery," WHERE "); sprintf(cCat,"uClient=%u ORDER BY uClient", uClient); strcat(gcQuery,cCat); } else if(!strcmp(gcFilter,"cLabel")) { if(guPermLevel<10) strcat(gcQuery," AND "); else strcat(gcQuery," WHERE "); sprintf(cCat,"cLabel LIKE '%s' ORDER BY cLabel",gcCommand); strcat(gcQuery,cCat); } else if(1) { //None NO FILTER strcpy(gcFilter,"None"); strcat(gcQuery," ORDER BY uClient"); } }//void ExttClientListSelect(void) void ExttClientListFilter(void) { //Filter printf("Select "); printf(""); }//void ExttClientListFilter(void) void ExttClientNavBar(void) { printf(LANG_NBB_SKIPFIRST); printf(LANG_NBB_SKIPBACK); printf(LANG_NBB_SEARCH); if(guPermLevel>=10 && !guListMode) printf(LANG_NBB_NEW); if(uAllowMod(uOwner,uCreatedBy)) printf(LANG_NBB_MODIFY); if(uAllowDel(uOwner,uCreatedBy)) printf(LANG_NBB_DELETE); if(uOwner) printf(LANG_NBB_LIST); printf(LANG_NBB_SKIPNEXT); printf(LANG_NBB_SKIPLAST); }//void ExttClientNavBar(void) unsigned IsAuthUser(char *cLabel, unsigned uOwner, unsigned uCertClient) { unsigned uRetVal=0; MYSQL_RES *res; MYSQL_ROW field; if(uOwner==1) return(0); sprintf(gcQuery,"SELECT uPerm FROM " TAUTHORIZE " WHERE (cLabel='%s' OR uCertClient=%u ) AND uOwner=%u ",cLabel,uCertClient,uOwner); mysql_query(&gMysql,gcQuery); if(mysql_errno(&gMysql)) { printf("%s",mysql_error(&gMysql)); return(0); } res=mysql_store_result(&gMysql); if((field=mysql_fetch_row(res))) sscanf(field[0],"%u",&uRetVal); mysql_free_result(res); return(uRetVal); }//unsigned IsAuthUser() unsigned uMaxClientsReached(unsigned uClient) { MYSQL_RES *res; MYSQL_ROW field; unsigned uRetVal=1; unsigned uMaxClients=2; unsigned uClients=0; sprintf(gcQuery,"SELECT cInfo FROM " TCLIENT " WHERE uClient=%u",uClient); mysql_query(&gMysql,gcQuery); if(mysql_errno(&gMysql)) tClient(mysql_error(&gMysql)); res=mysql_store_result(&gMysql); if((field=mysql_fetch_row(res))) { char *cp; if((cp=strstr(field[0],"uMaxClients="))) sscanf(cp+12,"%u",&uMaxClients); } mysql_free_result(res); sprintf(gcQuery,"SELECT COUNT(uClient) FROM " TCLIENT " WHERE uOwner=%u",uClient); mysql_query(&gMysql,gcQuery); if(mysql_errno(&gMysql)) tClient(mysql_error(&gMysql)); res=mysql_store_result(&gMysql); if((field=mysql_fetch_row(res))) sscanf(field[0],"%u",&uClients); mysql_free_result(res); if(uClients11) { sprintf(gcQuery,"SELECT uClient,cLabel FROM " TCLIENT " WHERE uOwner=1 AND uClient!=1" " ORDER BY cLabel"); } else { sprintf(gcQuery,"SELECT uClient,cLabel FROM " TCLIENT " WHERE cLabel!='%s'" " AND (uClient=%u OR uOwner" " IN (SELECT uClient FROM " TCLIENT " WHERE uOwner=%u OR uClient=%u))" " ORDER BY cLabel", gcUser, guCompany, guCompany, guCompany); } mysql_query(&gMysql,gcQuery); if(mysql_errno(&gMysql)) { printf("%s",mysql_error(&gMysql)); return; } res=mysql_store_result(&gMysql); i=mysql_num_rows(res); if(i>0) { printf("

Optionally Select an Existing Company
"); printf("

\n"); } }//tTablePullDownResellers() void PermLevelDropDown(char *cuPerm) { printf("User Level "); printf("\n"); }//void PermLevelDropDown(char *cuPerm) const char *cUserLevel(unsigned uPermLevel) { switch(uPermLevel) { case BO_ROOT_VAL: return(BO_ROOT); break; case BO_ADMIN_VAL: return(BO_ADMIN); break; case BO_RESELLER_VAL: return(BO_RESELLER); break; case BO_CUSTOMER_VAL: return(BO_CUSTOMER); break; case ORG_ADMIN_VAL: return(ORG_ADMIN); break; case ORG_ACCT_VAL: return(ORG_ACCT); break; case ORG_SERVICE_VAL: return(ORG_SERVICE); break; case ORG_SALES_VAL: return(ORG_SALES); break; case ORG_WEBMASTER_VAL: return(ORG_WEBMASTER); break; case ORG_CUSTOMER_VAL: return(ORG_CUSTOMER); break; default: return("---"); break; } }//const char *cUserLevel(unsigned uPermLevel) void tAuthorizeNavList(void);//tauthorizefunc.h void ContactsNavList(void) { MYSQL_RES *res; MYSQL_ROW field; if(guPermLevel<10 || !uClient) return; //Login info if(uOwner!=1) { tAuthorizeNavList(); } //NavList proper sprintf(gcQuery,"SELECT uClient,cLabel FROM " TCLIENT " WHERE uOwner=%u AND uOwner!=1",uClient); mysql_query(&gMysql,gcQuery); if(mysql_errno(&gMysql)) { printf("

Controlled Companies or Contacts NavList
\n"); printf("%s
\n",mysql_error(&gMysql)); return; } res=mysql_store_result(&gMysql); if(mysql_num_rows(res)) { printf("

Controlled Companies or Contacts NavList
\n"); while((field=mysql_fetch_row(res))) { printf("%s
",field[1]); } } mysql_free_result(res); }//void ContactsNavList(void) void htmlRecordContext(void) { printf("

Record Context Info
"); if(uOwner>1) printf("'%s' appears to be an ASP or a reseller owned company or a contact of '%s'",cLabel,uOwner,ForeignKey(TCLIENT,"cLabel",uOwner)); else if(uOwner==1 && strcmp(cLabel,"Root")) printf("'%s' appears to be an ASP root company",cLabel); else if(uOwner==1 && !strcmp(cLabel,"Root")) printf("'Root' is the system created root user. This user is the only user that can" " create ASP level companies. Make sure the passwd is changed" " regularly via the tAuthorize table."); }//void htmlRecordContext(void)