1package App::Netdisco::Web::Plugin::AdminTask::Users;
2
3use Dancer ':syntax';
4use Dancer::Plugin::Ajax;
5use Dancer::Plugin::DBIC;
6use Dancer::Plugin::Auth::Extensible;
7use Dancer::Plugin::Passphrase;
8
9use App::Netdisco::Web::Plugin;
10use Digest::MD5 ();
11
12register_admin_task({
13  tag => 'users',
14  label => 'User Management',
15  provides_csv => 1,
16});
17
18sub _sanity_ok {
19    return 0 unless param('username')
20      and param('username') =~ m/^[[:print:] ]+$/;
21    return 1;
22}
23
24sub _make_password {
25  my $pass = (shift || passphrase->generate_random);
26  if (setting('safe_password_store')) {
27      return passphrase($pass)->generate;
28  }
29  else {
30      return Digest::MD5::md5_hex($pass),
31  }
32}
33
34ajax '/ajax/control/admin/users/add' => require_role setting('defanged_admin') => sub {
35    send_error('Bad Request', 400) unless _sanity_ok();
36
37    schema('netdisco')->txn_do(sub {
38      my $user = schema('netdisco')->resultset('User')
39        ->create({
40          username => param('username'),
41          password => _make_password(param('password')),
42          fullname => param('fullname'),
43          ldap => (param('ldap') ? \'true' : \'false'),
44          radius => (param('radius') ? \'true' : \'false'),
45          tacacs => (param('tacacs') ? \'true' : \'false'),
46          port_control => (param('port_control') ? \'true' : \'false'),
47          admin => (param('admin') ? \'true' : \'false'),
48          note => param('note'),
49        });
50    });
51};
52
53ajax '/ajax/control/admin/users/del' => require_role setting('defanged_admin') => sub {
54    send_error('Bad Request', 400) unless _sanity_ok();
55
56    schema('netdisco')->txn_do(sub {
57      schema('netdisco')->resultset('User')
58        ->find({username => param('username')})->delete;
59    });
60};
61
62ajax '/ajax/control/admin/users/update' => require_role setting('defanged_admin') => sub {
63    send_error('Bad Request', 400) unless _sanity_ok();
64
65    schema('netdisco')->txn_do(sub {
66      my $user = schema('netdisco')->resultset('User')
67        ->find({username => param('username')});
68      return unless $user;
69
70      $user->update({
71        ((param('password') ne '********')
72          ? (password => _make_password(param('password')))
73          : ()),
74        fullname => param('fullname'),
75        ldap => (param('ldap') ? \'true' : \'false'),
76        radius => (param('radius') ? \'true' : \'false'),
77        tacacs => (param('tacacs') ? \'true' : \'false'),
78        port_control => (param('port_control') ? \'true' : \'false'),
79        admin => (param('admin') ? \'true' : \'false'),
80        note => param('note'),
81      });
82    });
83};
84
85get '/ajax/content/admin/users' => require_role admin => sub {
86    my @results = schema('netdisco')->resultset('User')
87      ->search(undef, {
88        '+columns' => {
89          created   => \"to_char(creation, 'YYYY-MM-DD HH24:MI')",
90          last_seen => \"to_char(last_on,  'YYYY-MM-DD HH24:MI')",
91        },
92        order_by => [qw/fullname username/]
93      })->hri->all;
94
95    return unless scalar @results;
96
97    if ( request->is_ajax ) {
98        template 'ajax/admintask/users.tt',
99            { results => \@results, },
100            { layout  => undef };
101    }
102    else {
103        header( 'Content-Type' => 'text/comma-separated-values' );
104        template 'ajax/admintask/users_csv.tt',
105            { results => \@results, },
106            { layout  => undef };
107    }
108};
109
110true;
111