2021-05-29 07:31:33 -05:00
|
|
|
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4; fill-column: 100 -*- */
|
|
|
|
/*
|
2023-11-09 12:23:00 -06:00
|
|
|
* Copyright the Collabora Online contributors.
|
|
|
|
*
|
|
|
|
* SPDX-License-Identifier: MPL-2.0
|
|
|
|
*
|
2021-05-29 07:31:33 -05:00
|
|
|
* This Source Code Form is subject to the terms of the Mozilla Public
|
|
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include <config.h>
|
|
|
|
#include <string>
|
2021-09-17 08:49:06 -05:00
|
|
|
#include <unordered_set>
|
2021-05-29 07:31:33 -05:00
|
|
|
#include "ConfigUtil.hpp"
|
|
|
|
#include "Util.hpp"
|
2021-09-13 14:24:50 -05:00
|
|
|
#include "CommandControl.hpp"
|
2021-05-29 07:31:33 -05:00
|
|
|
|
2021-09-13 14:24:50 -05:00
|
|
|
namespace CommandControl
|
2021-05-29 07:31:33 -05:00
|
|
|
{
|
2022-02-10 05:22:47 -06:00
|
|
|
bool LockManager::_isLockedUser = false;
|
2022-02-07 23:50:09 -06:00
|
|
|
bool LockManager::_isHostReadOnly = false;
|
2022-02-10 05:22:47 -06:00
|
|
|
std::unordered_set<std::string> LockManager::LockedCommandList;
|
|
|
|
std::string LockManager::LockedCommandListString;
|
2022-02-07 23:50:09 -06:00
|
|
|
Util::RegexListMatcher LockManager::readOnlyWopiHosts;
|
|
|
|
Util::RegexListMatcher LockManager::disabledCommandWopiHosts;
|
2022-07-14 05:26:58 -05:00
|
|
|
std::map<std::string, std::string> LockManager::unlockLinkMap;
|
2022-02-07 23:50:09 -06:00
|
|
|
bool LockManager::lockHostEnabled = false;
|
2022-07-05 07:03:14 -05:00
|
|
|
std::string LockManager::translationPath = std::string();
|
2022-07-14 05:26:58 -05:00
|
|
|
std::string LockManager::unlockLink = std::string();
|
2021-05-29 07:31:33 -05:00
|
|
|
|
2022-02-10 05:22:47 -06:00
|
|
|
LockManager::LockManager() {}
|
2021-05-29 07:31:33 -05:00
|
|
|
|
2022-02-10 05:22:47 -06:00
|
|
|
void LockManager::generateLockedCommandList()
|
2021-05-29 07:31:33 -05:00
|
|
|
{
|
2022-02-10 05:22:47 -06:00
|
|
|
#ifdef ENABLE_FEATURE_LOCK
|
2021-05-29 07:31:33 -05:00
|
|
|
|
2022-02-10 05:22:47 -06:00
|
|
|
LockedCommandListString = config::getString("feature_lock.locked_commands", "");
|
|
|
|
Util::trim(LockedCommandListString);
|
2022-03-29 20:37:57 -05:00
|
|
|
StringVector commandList = StringVector::tokenize(LockedCommandListString);
|
2021-05-29 07:31:33 -05:00
|
|
|
|
|
|
|
std::string command;
|
|
|
|
for (std::size_t i = 0; i < commandList.size(); i++)
|
|
|
|
{
|
2022-03-20 05:33:56 -05:00
|
|
|
command = commandList[i];
|
2022-02-10 05:22:47 -06:00
|
|
|
if (!command.empty())
|
2021-05-29 07:31:33 -05:00
|
|
|
{
|
2022-02-10 05:22:47 -06:00
|
|
|
LockedCommandList.emplace(command);
|
2021-05-29 07:31:33 -05:00
|
|
|
}
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
}
|
|
|
|
|
2022-02-10 05:22:47 -06:00
|
|
|
const std::unordered_set<std::string>& LockManager::getLockedCommandList()
|
2021-05-29 07:31:33 -05:00
|
|
|
{
|
2022-02-10 05:22:47 -06:00
|
|
|
if (LockedCommandList.empty())
|
|
|
|
generateLockedCommandList();
|
2021-05-29 07:31:33 -05:00
|
|
|
|
2022-02-10 05:22:47 -06:00
|
|
|
return LockedCommandList;
|
2021-05-29 07:31:33 -05:00
|
|
|
}
|
|
|
|
|
2022-02-10 05:22:47 -06:00
|
|
|
const std::string LockManager::getLockedCommandListString()
|
2021-05-29 07:31:33 -05:00
|
|
|
{
|
2022-02-10 05:22:47 -06:00
|
|
|
if (LockedCommandListString.empty())
|
|
|
|
generateLockedCommandList();
|
2021-05-29 07:31:33 -05:00
|
|
|
|
2022-02-10 05:22:47 -06:00
|
|
|
return LockedCommandListString;
|
2021-05-29 07:31:33 -05:00
|
|
|
}
|
2021-09-13 15:02:43 -05:00
|
|
|
|
2022-02-07 23:50:09 -06:00
|
|
|
void LockManager::parseLockedHost(Poco::Util::LayeredConfiguration& conf)
|
|
|
|
{
|
|
|
|
readOnlyWopiHosts.clear();
|
|
|
|
disabledCommandWopiHosts.clear();
|
|
|
|
|
|
|
|
lockHostEnabled = config::getBool("feature_lock.locked_hosts[@allow]", false);
|
|
|
|
|
|
|
|
if (lockHostEnabled)
|
|
|
|
{
|
|
|
|
for (size_t i = 0;; i++)
|
|
|
|
{
|
|
|
|
const std::string path = "feature_lock.locked_hosts.host[" + std::to_string(i) + ']';
|
|
|
|
const std::string host = conf.getString(path, "");
|
|
|
|
if (!host.empty())
|
|
|
|
{
|
|
|
|
if (conf.getBool(path + "[@read_only]", false))
|
|
|
|
{
|
|
|
|
readOnlyWopiHosts.allow(host);
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
readOnlyWopiHosts.deny(host);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (conf.getBool(path + "[@disabled_commands]", false))
|
|
|
|
{
|
|
|
|
disabledCommandWopiHosts.allow(host);
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
disabledCommandWopiHosts.deny(host);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else if (!conf.has(path))
|
|
|
|
{
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
bool LockManager::isHostReadOnly(const std::string& host)
|
|
|
|
{
|
|
|
|
return LockManager::lockHostEnabled && LockManager::readOnlyWopiHosts.match(host);
|
|
|
|
}
|
|
|
|
|
|
|
|
bool LockManager::isHostCommandDisabled(const std::string& host)
|
|
|
|
{
|
|
|
|
return LockManager::lockHostEnabled && LockManager::disabledCommandWopiHosts.match(host);
|
|
|
|
}
|
|
|
|
|
|
|
|
bool LockManager::hostExist(const std::string& host)
|
|
|
|
{
|
|
|
|
return LockManager::lockHostEnabled && LockManager::readOnlyWopiHosts.matchExist(host);
|
|
|
|
}
|
|
|
|
|
2022-07-05 07:03:14 -05:00
|
|
|
void LockManager::setTranslationPath(const std::string& lockedDialogLang)
|
|
|
|
{
|
|
|
|
for (size_t i = 0;; ++i)
|
|
|
|
{
|
|
|
|
const std::string path =
|
|
|
|
"feature_lock.translations.language[" + std::to_string(i) + "][@name]";
|
|
|
|
|
|
|
|
if (!config::has(path))
|
|
|
|
{
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
if (config::getString(path, "") == lockedDialogLang)
|
|
|
|
{
|
|
|
|
LockManager::translationPath =
|
|
|
|
"feature_lock.translations.language[" + std::to_string(i) + ']';
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2022-07-14 05:26:58 -05:00
|
|
|
void LockManager::mapUnlockLink(const std::string& host, const std::string& path)
|
|
|
|
{
|
|
|
|
if (!config::has(path + ".unlock_link"))
|
|
|
|
{
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
const std::string link = config::getString(path + ".unlock_link" , "");
|
|
|
|
if (!link.empty())
|
|
|
|
{
|
|
|
|
unlockLinkMap.insert({host, link });
|
|
|
|
}
|
|
|
|
}
|
2022-07-05 07:03:14 -05:00
|
|
|
|
2021-09-13 15:02:43 -05:00
|
|
|
bool RestrictionManager::_isRestrictedUser = false;
|
2021-09-17 08:49:06 -05:00
|
|
|
std::unordered_set<std::string> RestrictionManager::RestrictedCommandList;
|
2021-09-13 15:02:43 -05:00
|
|
|
std::string RestrictionManager::RestrictedCommandListString;
|
|
|
|
|
|
|
|
RestrictionManager::RestrictionManager() {}
|
|
|
|
|
|
|
|
void RestrictionManager::generateRestrictedCommandList()
|
|
|
|
{
|
|
|
|
#ifdef ENABLE_FEATURE_RESTRICTION
|
|
|
|
RestrictedCommandListString = config::getString("restricted_commands", "");
|
|
|
|
Util::trim(RestrictedCommandListString);
|
2022-03-29 20:37:57 -05:00
|
|
|
StringVector commandList = StringVector::tokenize(RestrictedCommandListString);
|
2021-09-13 15:02:43 -05:00
|
|
|
|
|
|
|
std::string command;
|
|
|
|
for (std::size_t i = 0; i < commandList.size(); i++)
|
|
|
|
{
|
2022-03-20 05:33:56 -05:00
|
|
|
command = commandList[i];
|
2022-02-10 05:22:47 -06:00
|
|
|
if (!command.empty())
|
2021-09-13 15:02:43 -05:00
|
|
|
{
|
2021-09-17 08:49:06 -05:00
|
|
|
RestrictedCommandList.emplace(command);
|
2021-09-13 15:02:43 -05:00
|
|
|
}
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
}
|
|
|
|
|
2021-09-17 08:49:06 -05:00
|
|
|
const std::unordered_set<std::string>& RestrictionManager::getRestrictedCommandList()
|
2021-09-13 15:02:43 -05:00
|
|
|
{
|
|
|
|
if (RestrictedCommandList.empty())
|
|
|
|
generateRestrictedCommandList();
|
|
|
|
|
|
|
|
return RestrictedCommandList;
|
|
|
|
}
|
|
|
|
|
|
|
|
const std::string RestrictionManager::getRestrictedCommandListString()
|
|
|
|
{
|
|
|
|
if (RestrictedCommandListString.empty())
|
|
|
|
generateRestrictedCommandList();
|
|
|
|
|
|
|
|
return RestrictedCommandListString;
|
|
|
|
}
|
2021-09-13 14:24:50 -05:00
|
|
|
} // namespace CommandControl
|
2021-05-29 07:31:33 -05:00
|
|
|
|
|
|
|
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
|