1package App::Netdisco::Web::Plugin::AdminTask::Users; 2 3use Dancer ':syntax'; 4use Dancer::Plugin::Ajax; 5use Dancer::Plugin::DBIC; 6use Dancer::Plugin::Auth::Extensible; 7use Dancer::Plugin::Passphrase; 8 9use App::Netdisco::Web::Plugin; 10use Digest::MD5 (); 11 12register_admin_task({ 13 tag => 'users', 14 label => 'User Management', 15 provides_csv => 1, 16}); 17 18sub _sanity_ok { 19 return 0 unless param('username') 20 and param('username') =~ m/^[[:print:] ]+$/; 21 return 1; 22} 23 24sub _make_password { 25 my $pass = (shift || passphrase->generate_random); 26 if (setting('safe_password_store')) { 27 return passphrase($pass)->generate; 28 } 29 else { 30 return Digest::MD5::md5_hex($pass), 31 } 32} 33 34ajax '/ajax/control/admin/users/add' => require_role setting('defanged_admin') => sub { 35 send_error('Bad Request', 400) unless _sanity_ok(); 36 37 schema('netdisco')->txn_do(sub { 38 my $user = schema('netdisco')->resultset('User') 39 ->create({ 40 username => param('username'), 41 password => _make_password(param('password')), 42 fullname => param('fullname'), 43 ldap => (param('ldap') ? \'true' : \'false'), 44 radius => (param('radius') ? \'true' : \'false'), 45 tacacs => (param('tacacs') ? \'true' : \'false'), 46 port_control => (param('port_control') ? \'true' : \'false'), 47 admin => (param('admin') ? \'true' : \'false'), 48 note => param('note'), 49 }); 50 }); 51}; 52 53ajax '/ajax/control/admin/users/del' => require_role setting('defanged_admin') => sub { 54 send_error('Bad Request', 400) unless _sanity_ok(); 55 56 schema('netdisco')->txn_do(sub { 57 schema('netdisco')->resultset('User') 58 ->find({username => param('username')})->delete; 59 }); 60}; 61 62ajax '/ajax/control/admin/users/update' => require_role setting('defanged_admin') => sub { 63 send_error('Bad Request', 400) unless _sanity_ok(); 64 65 schema('netdisco')->txn_do(sub { 66 my $user = schema('netdisco')->resultset('User') 67 ->find({username => param('username')}); 68 return unless $user; 69 70 $user->update({ 71 ((param('password') ne '********') 72 ? (password => _make_password(param('password'))) 73 : ()), 74 fullname => param('fullname'), 75 ldap => (param('ldap') ? \'true' : \'false'), 76 radius => (param('radius') ? \'true' : \'false'), 77 tacacs => (param('tacacs') ? \'true' : \'false'), 78 port_control => (param('port_control') ? \'true' : \'false'), 79 admin => (param('admin') ? \'true' : \'false'), 80 note => param('note'), 81 }); 82 }); 83}; 84 85get '/ajax/content/admin/users' => require_role admin => sub { 86 my @results = schema('netdisco')->resultset('User') 87 ->search(undef, { 88 '+columns' => { 89 created => \"to_char(creation, 'YYYY-MM-DD HH24:MI')", 90 last_seen => \"to_char(last_on, 'YYYY-MM-DD HH24:MI')", 91 }, 92 order_by => [qw/fullname username/] 93 })->hri->all; 94 95 return unless scalar @results; 96 97 if ( request->is_ajax ) { 98 template 'ajax/admintask/users.tt', 99 { results => \@results, }, 100 { layout => undef }; 101 } 102 else { 103 header( 'Content-Type' => 'text/comma-separated-values' ); 104 template 'ajax/admintask/users_csv.tt', 105 { results => \@results, }, 106 { layout => undef }; 107 } 108}; 109 110true; 111