-Custom so modules support on php sandbox

-Liman permissions added to Role mapping -Restricted mode interface added -Configuration file fixes -Better restrict mode redirection. -Language change support added to restricted mode.

-Custom so modules support on php sandbox
-Liman permissions added to Role mapping -Restricted mode interface added -Configuration file fixes -Better restrict mode redirection. -Language change support added to restricted mode.
643a5803 · mertcelen · a474e700 · 643a5803 · 643a5803 · 643a5803
Kaydet (Commit) 643a5803 authored May 11, 2020 tarafından mertcelen
17 changed files
--- a/.github/workflows/liman.yml
+++ b/.github/workflows/liman.yml
@@ -67,7 +67,7 @@ jobs:
          chmod 775 DEBIAN/postinst

          echo """Package: Liman
-          Version: $VERSION$GITHUB_RUN_ID
+          Version: $VERSION-$GITHUB_RUN_ID
          Installed-Size: 29892
          Maintainer: Mert CELEN <mcelen@havelsan.com.tr>
          Section: admin
@@ -79,4 +79,4 @@ jobs:
          """ > DEBIAN/control
          cd ../
          dpkg-deb -Zgzip --build package
-          [ "$GITHUB_REF" == "refs/heads/master" ] && curl -F "file=@/home/runner/work/liman/liman/package.deb" "https://slack.com/api/files.upload?token=xoxb-474187933397-695167035444-NFLf9tgYahuMsmeT7rwp5wnD&channels=liman-release&filename=liman-$VERSION$GITHUB_RUN_ID.deb&pretty=1" || echo
+          [ "$GITHUB_REF" == "refs/heads/master" ] && curl -F "file=@/home/runner/work/liman/liman/package.deb" "https://slack.com/api/files.upload?token=xoxb-474187933397-695167035444-NFLf9tgYahuMsmeT7rwp5wnD&channels=liman-release&filename=liman-$VERSION-$GITHUB_RUN_ID.deb&pretty=1" || echo
--- a/app/Classes/Sandbox/PHPSandbox.php
+++ b/app/Classes/Sandbox/PHPSandbox.php
@@ -154,9 +154,12 @@ class PHPSandbox implements Sandbox

        $keyPath = '/liman/keys' . DIRECTORY_SEPARATOR . extension()->id;

+        $soPath = "/liman/extensions/" . strtolower(extension()->name) . "/liman.so";
+
+        $extra = is_file($soPath) ? "-dextension=$soPath ": "";
        return "sudo runuser " .
            cleanDash(extension()->id) .
-            " -c 'timeout 30 /usr/bin/php -d display_errors=on $combinerFile $keyPath $encrypted'";
+            " -c 'timeout 30 /usr/bin/php $extra-d display_errors=on $combinerFile $keyPath $encrypted'";
    }

    public function getInitialFiles()

--- a/app/Http/Controllers/Extension/OneController.php
+++ b/app/Http/Controllers/Extension/OneController.php
@@ -228,7 +228,7 @@ class OneController extends Controller
            }
        }
        
-        if(config('liman.liman_restricted') == true && !user()->isAdmin()){
+        if(env('LIMAN_RESTRICTED') == true && !user()->isAdmin()){
            return response()->view('extension_pages.setup_restricted', [
                'extension' => $extension,
                'similar' => $similar,

--- a/app/Http/Controllers/Extension/Sandbox/MainController.php
+++ b/app/Http/Controllers/Extension/Sandbox/MainController.php
@@ -94,7 +94,7 @@ class MainController extends Controller
            }

            if (
-                config('liman.liman_restricted') == true &&
+                env('LIMAN_RESTRICTED') == true &&
                !user()->isAdmin()
            ) {
                return view('extension_pages.server_restricted', [

--- a/app/Http/Controllers/Roles/RoleController.php
+++ b/app/Http/Controllers/Roles/RoleController.php
@@ -161,6 +161,23 @@ class RoleController extends Controller
                $display = ["id:id", "name"];
                break;
            case "liman":
+                $data = [
+                    [
+                        "id" => "view_logs",
+                        "name" => "Sunucu Günlük Kayıtlarını Görüntüleme"
+                    ],
+                    [
+                        "id" => "add_server",
+                        "name" => "Sunucu Ekleme"
+                    ],
+                    [
+                        "id" => "server_services",
+                        "name" => "Sunucu Servislerini Görüntüleme"
+                    ]
+                ];
+                $title = ["*hidden*", "İsim"];
+                $display = ["id:id", "name"];
+                break;
            default:
                abort(504, "Tip Bulunamadı");
        }

--- a/app/Http/Controllers/Settings/MainController.php
+++ b/app/Http/Controllers/Settings/MainController.php
@@ -498,4 +498,18 @@ input(type=\"imtcp\" port=\"514\")";
            "interval" => $interval != "" ? $interval : "10",
        ]);
    }
+
+    public function restrictedMode()
+    {
+        $flag = setenv([
+            "LIMAN_RESTRICTED" => request('LIMAN_RESTRICTED') ? 'true' : 'false',
+            "LIMAN_RESTRICTED_SERVER" => request('LIMAN_RESTRICTED_SERVER'),
+            "LIMAN_RESTRICTED_EXTENSION" => request('LIMAN_RESTRICTED_EXTENSION')
+        ]);
+        if($flag){
+            return respond("Kısıtlı mod ayarları başarıyla güncellendi!");
+        }else{
+            return respond("Kısıtlı mod ayarları güncellenemedi!",201);
+        }
+    }
 }
--- a/app/Http/Controllers/Settings/_routes.php
+++ b/app/Http/Controllers/Settings/_routes.php
@@ -59,6 +59,13 @@ Route::post(
    ->name('delete_server_group')
    ->middleware('admin');

+Route::post(
+    '/ayar/kisitliMod',
+    'Settings\MainController@restrictedMode'
+)
+    ->name('restricted_mode_update')
+    ->middleware('admin');
+
 Route::view('/ayar/sunucu', 'settings.server')
    ->middleware('admin')
    ->name('settings_server');

--- a/app/Http/Middleware/PermissionManager.php
+++ b/app/Http/Middleware/PermissionManager.php
@@ -22,7 +22,7 @@ class PermissionManager
            auth()
                ->user()
                ->isAdmin() ||
-            config('liman.liman_restricted') == true
+            env('LIMAN_RESTRICTED') == true
        ) {
            $this->initializeObjects();
            return $next($request);

--- a/app/Http/Middleware/RestrictedMode.php
+++ b/app/Http/Middleware/RestrictedMode.php
@@ -24,20 +24,21 @@ class RestrictedMode
            "logout",
            "password_change",
            "password_change_save",
+            "set_locale"
        ];
-        if (config('liman.liman_restricted') == true && user() && !user()->isAdmin()) {
+        if (env('LIMAN_RESTRICTED') == true && user() && !user()->isAdmin()) {
            $request->request->add([
-                'server_id' => config('liman.liman_restricted_server'),
-                'extension_id' => config('liman.liman_restricted_extension'),
-                "server" => \App\Server::find(config('liman.liman_restricted_server')),
+                'server_id' => env('LIMAN_RESTRICTED_SERVER'),
+                'extension_id' => env('LIMAN_RESTRICTED_EXTENSION'),
+                "server" => \App\Server::find(env('LIMAN_RESTRICTED_SERVER')),
                "extension" => \App\Extension::find(
-                    config('liman.liman_restricted_extension')
+                    env('LIMAN_RESTRICTED_EXTENSION')
                ),
            ]);
            if (!in_array(\Request::route()->getName(), $safeRoutes)) {
                return redirect()->route("extension_server", [
-                    "extension_id" => config('liman.liman_restricted_extension'),
-                    "server_id" => config('liman.liman_restricted_server'),
+                    "extension_id" => env('LIMAN_RESTRICTED_EXTENSION'),
+                    "server_id" => env('LIMAN_RESTRICTED_SERVER'),
                    "city" => server()->city,
                ]);
            }

--- a/config/liman.php
+++ b/config/liman.php
@@ -6,8 +6,5 @@ return [
    "extension_developer_mode" => true,
    "nav_extension_hide_count" => 10,
    "widget_refresh_time" => 30000, //ms
-    "liman_restricted" => false,
-    "liman_restricted_server" => null,
-    "liman_restricted_extension" => null,
    "brand" => "Havelsan © 2020"
 ];
--- a/resources/views/extension_pages/manager.blade.php
+++ b/resources/views/extension_pages/manager.blade.php
@@ -90,7 +90,7 @@
        ],
        "submit_text" => "Yükle"
    ])
-    @if(env("EXTENSION_DEVELOPER_MODE"))
+    @if(config('liman.extension_developer_mode') == true)
        <?php
            $input_extensions = [];
            foreach(extensions() as $extension){
@@ -191,14 +191,6 @@
            });
        }
    }
-    
-    function downloadDebFile(form){
-        window.location.assign('/indir/eklenti_deb/' + form.getElementsByTagName('select')[0].value);
-        setTimeout(function(){
-            Swal.close();
-        }, 1000);
-        return false;
-    }

    @if(config('liman.extension_developer_mode') == true)
        function details(element){

--- a/resources/views/extension_pages/setup.blade.php
+++ b/resources/views/extension_pages/setup.blade.php
-@if(config('liman.liman_restricted') == true && !user()->isAdmin())
-    @include('extension_pages.setup_restricted');
-    @php(die())
-@endif
-
 @extends('layouts.app')

 @section('content')

--- a/resources/views/layouts/navbar.blade.php
+++ b/resources/views/layouts/navbar.blade.php
@@ -4,7 +4,7 @@
          <li class="nav-item">
            <a class="nav-link" data-widget="pushmenu" href="#" onclick="request('{{route('set_collapse')}}',new FormData(),null)"><i class="fas fa-bars"></i></a>
          </li>
-          @if(config('liman.liman_restricted') == true && !user()->isAdmin())
+          @if(env('LIMAN_RESTRICTED') == true && !user()->isAdmin())
          <li class="nav-item d-none d-sm-inline-block">
            <a href="/" class="nav-link">{{__("Ana Sayfa")}}</a>
          </li>

--- a/resources/views/settings/index.blade.php
+++ b/resources/views/settings/index.blade.php
@@ -37,6 +37,9 @@
                <li class="nav-item">
                    <a class="nav-link" data-toggle="tab" href="#externalNotifications" onclick="">{{__("Dış Bildirimler")}}</a>
                </li>
+                <li class="nav-item">
+                    <a class="nav-link" data-toggle="tab" href="#restrictedMode" onclick="">{{__("Kısıtlı Mod")}}</a>
+                </li>
                {!! settingsModuleButtons() !!}
            </ul>
        </div>
@@ -152,6 +155,51 @@
                    </ul>
                </div>

+                <div class="tab-pane fade show" id="restrictedMode" role="tabpanel">
+                    <p>{{__("Liman'ı kısıtlamak ve kullanıcıların yalnızca bir eklentiyi kullanması için bu modu kullanabilirsiniz. Bu modu kullandığınız taktirde, kullanıcılar varsayılan olarak eklenti ve sunucu yetkisine sahip olacak, ancak fonksiyon yetkilerine sahip olmayacaklardır. Yöneticiler mevcut liman arayüzünü görmeye devam edecek, kullanıcılar ise yalnızca eklenti çerçevesini görüntüleyebilecektir.")}}</p>
+                    <form onsubmit="return saveRestricted(this);">
+                        <div class="form-check">
+                            <input name="LIMAN_RESTRICTED" type="checkbox" class="form-check-input" id="rectricedModeToggle" @if(env("LIMAN_RESTRICTED")) checked @endif>
+                            <label class="form-check-label" for="rectricedModeToggle">{{__("Kısıtlı Modu Aktifleştir.")}}</label>
+                        </div><br>
+
+                        <div class="form-group">
+                            <label for="restrictedServer">{{__("Gösterilecek Sunucu")}}</label>
+                            <select name="LIMAN_RESTRICTED_SERVER" id="restrictedServer" class="form-control select2" required>
+                                <option value="" disabled selected>{{__('Lütfen bir sunucu seçin.')}}</option>
+                                        @foreach(servers() as $server)
+                                            <option value="{{$server->id}}" @if(env("LIMAN_RESTRICTED_SERVER") == $server->id) selected @endif>{{$server->name}}</option>
+                                        @endforeach
+                            </select>
+                        </div>
+
+                        <div class="form-group">
+                        <label for="restrictedExtension">{{__("Gösterilecek Eklenti")}}</label>
+                            <select name="LIMAN_RESTRICTED_EXTENSION" id="restrictedExtension" class="form-control select2" required>
+                                <option value="" disabled selected>{{__('Lütfen bir eklenti seçin.')}}</option>
+                                        @foreach(extensions() as $extension)
+                                            <option value="{{$extension->id}}" @if(env("LIMAN_RESTRICTED_EXTENSION") == $extension->id) selected @endif>{{$extension->name}}</option>
+                                        @endforeach
+                            </select>
+                        </div>
+                        <button type="submit" class="btn btn-primary">{{__("Ayarları Kaydet")}}</button>
+                    </form>
+                    <script>
+                        function saveRestricted(form){
+                            return request('{{route("restricted_mode_update")}}',form,function(success){
+                                let json = JSON.parse(success);
+                                showSwal(json.message,'success');
+                                setTimeout(() => {
+                                    reload();
+                                }, 2000);
+                            },function(error){
+                                let json = JSON.parse(error);
+                                showSwal(json.message,'danger',2000);
+                            });
+                        }
+                    </script>
+                </div>
+
                <div class="tab-pane fade show" id="externalNotifications" role="tabpanel">
                @include('modal-button',[
                        "class" => "btn-primary",

--- a/resources/views/settings/role.blade.php
+++ b/resources/views/settings/role.blade.php
@@ -24,6 +24,9 @@
                <li class="nav-item">
                    <a class="nav-link" data-toggle="pill" href="#function" role="tab">{{__("Fonksiyon Yetkileri")}}</a>
                </li>
+                <li class="nav-item">
+                    <a class="nav-link" data-toggle="pill" href="#liman" role="tab">{{__("Liman Yetkileri")}}</a>
+                </li>
            </ul>
        </div>
        <div class="card-body">
@@ -93,7 +96,7 @@
                    <button onclick="removePermission('liman')" class="btn btn-danger"><i data-toggle="tooltip" title="Kaldır" class="fa fa-minus"></i></button><br><br>
                    @include('table',[
                        "id" => "liman_table",
-                        "value" => $role->permissions->where('type','liman'),
+                        "value" => getLimanPermissions($role->id),
                        "title" => [
                            "Adı" , "*hidden*"
                        ],
@@ -151,6 +154,12 @@
        "submit_text" => "Seçili Eklentilere Yetki Ver",
        "onsubmit" => "addData"
    ])
+    @include('modal',[
+            "id" => "liman_modal",
+            "title" => "Özellik Listesi",
+            "submit_text" => "Seçili Özelliklere Yetki Ver",
+            "onsubmit" => "addData"
+    ])

    <script>
        function getFunctionList(){

--- a/storage/VERSION
+++ b/storage/VERSION
-1.0-RC2
\ No newline at end of file
+1.0-RC3
\ No newline at end of file
--- a/storage/liman.php
+++ b/storage/liman.php
@@ -7,8 +7,5 @@ return [
    "extension_developer_mode" => true,
    "nav_extension_hide_count" => 10,
    "widget_refresh_time" => 30000, //ms
-    "liman_restricted" => false,
-    "liman_restricted_server" => null,
-    "liman_restricted_extension" => null,
    "brand" => "Havelsan © 2020"
 ];