예제 #1
0
        public RESTStatus DeleteUser(SQLLib sql, NetString User, NetworkConnectionInfo ni)
        {
            if (ni.HasAcl(ACLFlags.ChangeServerSettings) == false)
            {
                ni.Error   = "Access denied";
                ni.ErrorID = ErrorFlags.AccessDenied;
                return(RESTStatus.Fail);
            }

            if (Convert.ToInt32(sql.ExecSQLScalar("SELECT COUNT(*) FROM Users WHERE Username=@u",
                                                  new SQLParam("@u", User.Data))) == 0)
            {
                ni.Error   = "Invalid User";
                ni.ErrorID = ErrorFlags.InvalidID;
                return(RESTStatus.Fail);
            }

            if (User.Data.ToLower().Trim() == "root")
            {
                ni.Error   = "Invalid User";
                ni.ErrorID = ErrorFlags.InvalidID;
                return(RESTStatus.Fail);
            }

            sql.ExecSQL("DELETE FROM Users WHERE Username=@u",
                        new SQLParam("@u", User.Data));

            return(RESTStatus.Success);
        }
예제 #2
0
        public RESTStatus ChangeUser(SQLLib sql, UserDetailsPassword User, NetworkConnectionInfo ni)
        {
            if (ni.HasAcl(ACLFlags.ChangeServerSettings) == false)
            {
                ni.Error   = "Access denied";
                ni.ErrorID = ErrorFlags.AccessDenied;
                return(RESTStatus.Fail);
            }

            if (Convert.ToInt32(sql.ExecSQLScalar("SELECT COUNT(*) FROM Users WHERE Username=@u",
                                                  new SQLParam("@u", User.Username))) == 0)
            {
                ni.Error   = "Invalid User";
                ni.ErrorID = ErrorFlags.InvalidID;
                return(RESTStatus.Fail);
            }

            if (string.IsNullOrWhiteSpace(User.NewPassword) == false)
            {
                if (MeetPasswordPolicy(User.NewPassword) == false)
                {
                    ni.Error   = "Password policy not met";
                    ni.ErrorID = ErrorFlags.PWPolicyNotMet;
                    return(RESTStatus.Fail);
                }
                string PWMD5REQ = Convert.ToBase64String(Encoding.Unicode.GetBytes(User.NewPassword));
                sql.ExecSQL("UPDATE Users SET Password=@p WHERE Username=@u",
                            new SQLParam("@u", User.Username),
                            new SQLParam("@p", PWMD5REQ));
            }

            if (User.Username.ToLower().Trim() == "root")
            {
                User.Permissions = SQLTest.AllPermissions;
            }

            sql.ExecSQL("UPDATE Users SET Name=@n, Permissions=@p, MustChangePassword=@mchg,EMail=@email,UseLDAP=@UseLDAP,LDAPUsername=@LDAPUsername WHERE Username=@u",
                        new SQLParam("@u", User.Username),
                        new SQLParam("@n", User.Name),
                        new SQLParam("@p", User.Permissions),
                        new SQLParam("@mchg", User.MustChangePassword),
                        new SQLParam("@email", User.EMail),
                        new SQLParam("@useldap", User.UseLDAP),
                        new SQLParam("@LDAPUsername", User.LDAPUsername));

            return(RESTStatus.Success);
        }
예제 #3
0
        public RESTStatus ReportUsersList(SQLLib sql, UsersList users, NetworkConnectionInfo ni)
        {
            if (ni.HasAcl(ACLFlags.ComputerLogin) == false)
            {
                ni.Error   = "Access denied";
                ni.ErrorID = ErrorFlags.AccessDenied;
                return(RESTStatus.Denied);
            }

            if (users == null)
            {
                ni.Error   = "Invalid Items";
                ni.ErrorID = ErrorFlags.InvalidValue;
                return(RESTStatus.Fail);
            }

            users.MachineID = ni.Username;

            lock (ni.sqllock)
            {
                if (Convert.ToInt32(sql.ExecSQLScalar("SELECT COUNT(*) FROM ComputerAccounts WHERE MachineID=@m",
                                                      new SQLParam("@m", users.MachineID))) == 0)
                {
                    ni.Error   = "Invalid MachineID";
                    ni.ErrorID = ErrorFlags.InvalidValue;
                    return(RESTStatus.NotFound);
                }
            }

            lock (ni.sqllock)
            {
                sql.ExecSQL("DELETE FROM UsersList WHERE MachineID=@id", new SQLParam("@id", users.MachineID));
            }

            if (users.Users == null)
            {
                users.Users = new Dictionary <string, string>();
            }

            foreach (KeyValuePair <string, string> kvp in users.Users)
            {
                if (string.IsNullOrWhiteSpace(kvp.Key) == true || string.IsNullOrWhiteSpace(kvp.Value) == true)
                {
                    continue;
                }

                lock (ni.sqllock)
                {
                    sql.InsertMultiData("UsersList",
                                        new SQLData("MachineID", users.MachineID),
                                        new SQLData("SID", kvp.Key),
                                        new SQLData("Username", kvp.Value));
                }
            }

            return(RESTStatus.Success);
        }
예제 #4
0
파일: Chat.cs 프로젝트: VulpesSARL/Fox-SDC
        public RESTStatus ConfirmChat(SQLLib sql, object dummy, NetworkConnectionInfo ni, Int64 ID)
        {
            if (ni.HasAcl(ACLFlags.ComputerLogin) == false)
            {
                ni.Error   = "Access denied";
                ni.ErrorID = ErrorFlags.AccessDenied;
                return(RESTStatus.Denied);
            }
            string MachineID = ni.Username;

            lock (ni.sqllock)
            {
                sql.ExecSQL("UPDATE Chats SET [Read]=1 WHERE MachineID=@m AND ID=@id",
                            new SQLParam("@m", MachineID),
                            new SQLParam("@id", ID));
            }
            return(RESTStatus.Success);
        }
예제 #5
0
파일: Chat.cs 프로젝트: VulpesSARL/Fox-SDC
        public RESTStatus GetPendingChatData(SQLLib sql, object dummy, NetworkConnectionInfo ni, string MachineID)
        {
            if (ni.HasAcl(ACLFlags.ChangeServerSettings) == false)
            {
                ni.Error   = "Access denied";
                ni.ErrorID = ErrorFlags.AccessDenied;
                return(RESTStatus.Denied);
            }

            ChatList      = new PushChatMessageList();
            ChatList.List = new List <PushChatMessage>();
            List <Int64> IDs = new List <long>();

            lock (ni.sqllock)
            {
                SqlDataReader dr = sql.ExecSQLReader("select * from Chats where [Read]=0 AND MachineID=@m AND ToClient=0 ORDER BY DT ASC",
                                                     new SQLParam("@m", MachineID));
                while (dr.Read())
                {
                    IDs.Add(Convert.ToInt64(dr["ID"]));
                    PushChatMessage pch = new PushChatMessage();
                    pch.ID   = Convert.ToInt64(dr["ID"]);
                    pch.DT   = SQLLib.GetDTUTC(dr["DT"]);
                    pch.Name = Convert.ToString(dr["Name"]);
                    pch.Text = Convert.ToString(dr["Text"]);
                    ChatList.List.Add(pch);
                }
                dr.Close();
            }

            foreach (Int64 id in IDs)
            {
                lock (ni.sqllock)
                {
                    sql.ExecSQL("UPDATE Chats SET [Read]=1 WHERE ID=@id",
                                new SQLParam("@id", id));
                }
            }

            return(RESTStatus.Success);
        }
예제 #6
0
        public static void DeleteAllFiles(SQLLib sql, string MachineID)
        {
            SqlDataReader dr = sql.ExecSQLReader("SELECT * FROM FileTransfers WHERE MachineID=@m",
                                                 new SQLParam("@m", MachineID));

            while (dr.Read())
            {
                string Filename = Settings.Default.DataPath + Convert.ToString(dr["ServerFile"]);

                if (File.Exists(Filename) == true)
                {
                    try
                    {
                        CommonUtilities.SpecialDeleteFile(Filename);
                    }
                    catch
                    { }
                }
            }
            dr.Close();

            sql.ExecSQL("DELETE FROM FileTransfers WHERE MachineID=@m", new SQLParam("@m", MachineID));
        }
예제 #7
0
        public RESTStatus ReportNetadapterConfig(SQLLib sql, ListNetworkAdapterConfiguration netadapters, NetworkConnectionInfo ni)
        {
            if (ni.HasAcl(ACLFlags.ComputerLogin) == false)
            {
                ni.Error   = "Access denied";
                ni.ErrorID = ErrorFlags.AccessDenied;
                return(RESTStatus.Denied);
            }

            if (netadapters == null)
            {
                ni.Error   = "Invalid Items";
                ni.ErrorID = ErrorFlags.InvalidValue;
                return(RESTStatus.Fail);
            }

            netadapters.MachineID = ni.Username;

            lock (ni.sqllock)
            {
                if (Convert.ToInt32(sql.ExecSQLScalar("SELECT COUNT(*) FROM ComputerAccounts WHERE MachineID=@m",
                                                      new SQLParam("@m", netadapters.MachineID))) == 0)
                {
                    ni.Error   = "Invalid MachineID";
                    ni.ErrorID = ErrorFlags.InvalidValue;
                    return(RESTStatus.NotFound);
                }
            }

            lock (ni.sqllock)
            {
                sql.ExecSQL("DELETE FROM NetworkConfigSuppl WHERE MachineID=@id", new SQLParam("@id", netadapters.MachineID));
                sql.ExecSQL("DELETE FROM NetworkConfig WHERE MachineID=@id", new SQLParam("@id", netadapters.MachineID));
            }

            if (netadapters.Items == null)
            {
                netadapters.Items = new List <NetworkAdapterConfiguration>();
            }

            List <int> IFIndex = new List <int>();

            foreach (NetworkAdapterConfiguration ncfg in netadapters.Items)
            {
                if (IFIndex.Contains(ncfg.InterfaceIndex) == true)
                {
                    continue;
                }
                IFIndex.Add(ncfg.InterfaceIndex);

                lock (ni.sqllock)
                {
                    sql.InsertMultiData("NetworkConfig",
                                        new SQLData("MachineID", netadapters.MachineID),
                                        new SQLData("InterfaceIndex", ncfg.InterfaceIndex),
                                        new SQLData("IPEnabled", ncfg.IPEnabled),
                                        new SQLData("MACAddress", ncfg.MACAddress == null ? "" : ncfg.MACAddress.Trim()),
                                        new SQLData("ServiceName", ncfg.ServiceName == null ? "" : ncfg.ServiceName.Trim()),
                                        new SQLData("SettingsID", ncfg.SettingsID == null ? "" : ncfg.SettingsID.Trim()),
                                        new SQLData("Description", ncfg.Description == null ? "" : ncfg.Description.Trim()),
                                        new SQLData("DHCPEnabled", ncfg.DHCPEnabled),
                                        new SQLData("DHCPServer", ncfg.DHCPServer == null ? "" : ncfg.DHCPServer.Trim()),
                                        new SQLData("DNSDomain", ncfg.DNSDomain == null ? "" : ncfg.DNSDomain.Trim()),
                                        new SQLData("DNSHostName", ncfg.DNSHostName == null ? "" : ncfg.DNSHostName.Trim()),
                                        new SQLData("Caption", ncfg.Caption == null ? "" : ncfg.Caption.Trim()),
                                        new SQLData("DHCPLeaseExpires", ncfg.DHCPLeaseExpires),
                                        new SQLData("DHCPLeaseObtained", ncfg.DHCPLeaseObtained),
                                        new SQLData("WINSEnableLMHostsLookup", ncfg.WINSEnableLMHostsLookup),
                                        new SQLData("WINSHostLookupFile", ncfg.WINSHostLookupFile == null ? "" : ncfg.WINSHostLookupFile.Trim()),
                                        new SQLData("WINSPrimaryServer", ncfg.WINSPrimaryServer == null ? "" : ncfg.WINSPrimaryServer.Trim()),
                                        new SQLData("WINSSecondaryServer", ncfg.WINSSecondaryServer == null ? "" : ncfg.WINSSecondaryServer.Trim()),
                                        new SQLData("WINSScopeID", ncfg.WINSScopeID == null ? "" : ncfg.WINSScopeID.Trim()));
                }

                if (ncfg.IPAddress == null)
                {
                    ncfg.IPAddress = new List <string>();
                }
                if (ncfg.IPSubnet == null)
                {
                    ncfg.IPSubnet = new List <string>();
                }
                if (ncfg.DefaultIPGateway == null)
                {
                    ncfg.DefaultIPGateway = new List <string>();
                }
                if (ncfg.DNSDomainSuffixSearchOrder == null)
                {
                    ncfg.DNSDomainSuffixSearchOrder = new List <string>();
                }
                if (ncfg.DNSServerSearchOrder == null)
                {
                    ncfg.DNSServerSearchOrder = new List <string>();
                }

                lock (ni.sqllock)
                    InsertSupplData(sql, netadapters.MachineID, ncfg.InterfaceIndex, 1, ncfg.IPAddress);
                lock (ni.sqllock)
                    InsertSupplData(sql, netadapters.MachineID, ncfg.InterfaceIndex, 2, ncfg.IPSubnet);
                lock (ni.sqllock)
                    InsertSupplData(sql, netadapters.MachineID, ncfg.InterfaceIndex, 3, ncfg.DefaultIPGateway);
                lock (ni.sqllock)
                    InsertSupplData(sql, netadapters.MachineID, ncfg.InterfaceIndex, 4, ncfg.DNSDomainSuffixSearchOrder);
                lock (ni.sqllock)
                    InsertSupplData(sql, netadapters.MachineID, ncfg.InterfaceIndex, 5, ncfg.DNSServerSearchOrder);
            }


            return(RESTStatus.Success);
        }
예제 #8
0
        public RESTStatus AddPaperTemplate(SQLLib sql, ReportPaper req, NetworkConnectionInfo ni)
        {
#if !TXTREPORT
            if (ni.HasAcl(ACLFlags.ChangeServerSettings) == false)
            {
                ni.Error   = "Access denied";
                ni.ErrorID = ErrorFlags.AccessDenied;
                return(RESTStatus.Denied);
            }

            if (req == null)
            {
                ni.Error   = "Invalid data";
                ni.ErrorID = ErrorFlags.InvalidData;
                return(RESTStatus.Fail);
            }

            if (string.IsNullOrWhiteSpace(req.Name) == true)
            {
                ni.Error   = "Invalid data";
                ni.ErrorID = ErrorFlags.InvalidData;
                return(RESTStatus.Fail);
            }

            req.Name = req.Name.ToUpper().Trim();

            if (SupportedNames.Contains(req.Name) == false)
            {
                ni.Error   = "Invalid data";
                ni.ErrorID = ErrorFlags.InvalidData;
                return(RESTStatus.Fail);
            }

            if (req.data == null)
            {
                lock (ni.sqllock)
                {
                    sql.ExecSQL("DELETE from ReportPapers WHERE ID=@id",
                                new SQLParam("@id", req.Name));
                }
                return(RESTStatus.Success);
            }
            else
            {
                if (RenderReport.RenderReportData(req.data, new Dictionary <string, object>()) == null)
                {
                    ni.Error   = "Rendering of report failed";
                    ni.ErrorID = ErrorFlags.InvalidData;
                    return(RESTStatus.Fail);
                }

                lock (ni.sqllock)
                {
                    if (sql.ExecSQL("if exists(select * from ReportPapers where [ID]=@ID) update ReportPapers set [Data]=@data,DT=getutcdate() where [ID]=@ID else insert into ReportPapers ([ID],[Data]) values(@ID,@data)",
                                    new SQLParam("@ID", req.Name),
                                    new SQLParam("@data", req.data)) == false)
                    {
                        ni.Error   = "SQL Error";
                        ni.ErrorID = ErrorFlags.SQLError;
                        return(RESTStatus.Fail);
                    }
                }
            }
            return(RESTStatus.Success);
#else
            ni.Error   = "Unsupported functionality";
            ni.ErrorID = ErrorFlags.SystemError;
            return(RESTStatus.Fail);
#endif
        }
예제 #9
0
        public RESTStatus AppendUpload(SQLLib sql, FileUploadAppendData upload, NetworkConnectionInfo ni)
        {
            if (ni.HasAcl(ACLFlags.ChangeServerSettings) == false)
            {
                ni.Error   = "Access denied";
                ni.ErrorID = ErrorFlags.AccessDenied;
                return(RESTStatus.Denied);
            }

            if (upload == null)
            {
                ni.Error   = "Invalid data";
                ni.ErrorID = ErrorFlags.InvalidValue;
                return(RESTStatus.Fail);
            }

            lock (ni.sqllock)
            {
                if (Computers.MachineExists(sql, upload.MachineID) == false)
                {
                    ni.Error   = "Invalid data";
                    ni.ErrorID = ErrorFlags.InvalidValue;
                    return(RESTStatus.Fail);
                }
            }

            if (upload.Data.Length != upload.Size)
            {
                ni.Error   = "Invalid SZ";
                ni.ErrorID = ErrorFlags.InvalidValue;
                return(RESTStatus.Fail);
            }

            if (string.IsNullOrWhiteSpace(upload.MD5) == true)
            {
                ni.Error   = "No MD5";
                ni.ErrorID = ErrorFlags.InvalidValue;
                return(RESTStatus.Fail);
            }

            if (upload.MD5.ToLower() != MD5Utilities.CalcMD5(upload.Data).ToLower())
            {
                ni.Error   = "MD5 Error";
                ni.ErrorID = ErrorFlags.CheckSumError;
                return(RESTStatus.Fail);
            }

            lock (ni.sqllock)
            {
                if (Convert.ToInt32(sql.ExecSQLScalar("SELECT COUNT(*) FROM FileTransfers WHERE ID=@id AND MachineID=@mid AND [Size]!=[ProgressSize] AND Direction=3",
                                                      new SQLParam("@mid", upload.MachineID),
                                                      new SQLParam("@id", upload.ID))) == 0)
                {
                    ni.Error   = "Invalid ID";
                    ni.ErrorID = ErrorFlags.InvalidData;
                    return(RESTStatus.Fail);
                }
            }

            Int64 TotalSZ; Int64 ProgressSize;

            lock (ni.sqllock)
            {
                TotalSZ = Convert.ToInt64(sql.ExecSQLScalar("SELECT [Size] FROM FileTransfers WHERE ID=@id AND MachineID=@mid",
                                                            new SQLParam("@mid", upload.MachineID),
                                                            new SQLParam("@id", upload.ID)));
            }

            lock (ni.sqllock)
            {
                ProgressSize = Convert.ToInt64(sql.ExecSQLScalar("SELECT ProgressSize FROM FileTransfers WHERE ID=@id AND MachineID=@mid",
                                                                 new SQLParam("@mid", upload.MachineID),
                                                                 new SQLParam("@id", upload.ID)));
            }

            if (ProgressSize + upload.Size > TotalSZ)
            {
                ni.Error   = "Too many data";
                ni.ErrorID = ErrorFlags.ChunkTooLarge;
                return(RESTStatus.Fail);
            }

            string Filename = null;

            lock (ni.sqllock)
            {
                Filename = Settings.Default.DataPath + Convert.ToString(sql.ExecSQLScalar("SELECT ServerFile FROM FileTransfers WHERE ID=@id AND MachineID=@mid",
                                                                                          new SQLParam("@mid", upload.MachineID),
                                                                                          new SQLParam("@id", upload.ID)));
            }

            if (File.Exists(Filename) == false)
            {
                if (ProgressSize > 0)
                {
                    ni.Error   = "FS Error - Missing";
                    ni.ErrorID = ErrorFlags.FileSystemError;
                    return(RESTStatus.Fail);
                }
            }

            using (FileStream str = File.Open(Filename, FileMode.OpenOrCreate, FileAccess.ReadWrite, FileShare.None))
            {
                str.Seek(0, SeekOrigin.End);
                str.Write(upload.Data, 0, upload.Size);
            }

            FileInfo fi = new FileInfo(Filename);

            if (ProgressSize + upload.Size != fi.Length)
            {
                ni.Error   = "FS Error - Final SZ Error";
                ni.ErrorID = ErrorFlags.FileSystemError;
                return(RESTStatus.Fail);
            }

            lock (ni.sqllock)
            {
                sql.ExecSQL("UPDATE FileTransfers SET ProgressSize=@psz, DTUpdated=getutcdate() WHERE ID=@id AND MachineID=@mid",
                            new SQLParam("@mid", upload.MachineID),
                            new SQLParam("@psz", fi.Length),
                            new SQLParam("@id", upload.ID));
            }

            if (fi.Length == TotalSZ)
            {
                string MD5   = MD5Utilities.CalcMD5File(Filename);
                string MD5DB = "";
                lock (ni.sqllock)
                {
                    MD5DB = Convert.ToString(sql.ExecSQLScalar("SELECT MD5Sum FROM FileTransfers WHERE ID=@id AND MachineID=@mid",
                                                               new SQLParam("@mid", upload.MachineID),
                                                               new SQLParam("@id", upload.ID)));
                }
                if (MD5.ToLower() != MD5DB.ToLower())
                {
                    ni.Error   = "Final MD5 error";
                    ni.ErrorID = ErrorFlags.InvalidData;
                    return(RESTStatus.Fail);
                }

                lock (ni.sqllock)
                {
                    sql.ExecSQL("UPDATE FileTransfers SET Direction=0 WHERE ID=@id AND MachineID=@mid",
                                new SQLParam("@mid", upload.MachineID),
                                new SQLParam("@id", upload.ID));
                }
            }
            return(RESTStatus.Success);
        }