Implementing .blashrc and chmod

This commit is contained in:
BlackLight 2011-01-07 11:42:38 +01:00
parent 8ebfc30165
commit ba0a57c469
13 changed files with 349 additions and 15 deletions

66
commands/chmod.json Normal file
View file

@ -0,0 +1,66 @@
{
"name" : "chmod",
"info" : {
"syntax" : "chmod <perms> <file|directory>",
"brief" : "Change the access permissions to a file or directory for one or more users or groups, for example chmod user1,user2,@group1,@group2+r"
},
"action" : function ( arg )
{
var out = '';
if ( !arg.match ( /^\s*([^+|-]*)(\+|\-)((r|w)+)\s+(.+)\s*$/ ))
{
return "Usage: " + this.info.syntax + "<br/>\n";
}
shell.auto_prompt_refresh = false;
var userlist = RegExp.$1;
var resource = RegExp.$5;
var perm_string = RegExp.$3;
var perms = 0;
// Unset R/W perms: 011. Unset R perms: 010. Unset W perms: 001
// Set R/W perms: 111. Set R perms: 110. Set W perms: 101
perms |= (( RegExp.$2 == '+' ) ? 4 : 0 );
perms |= (( perm_string.match ( 'r' )) ? 2 : 0 );
perms |= (( perm_string.match ( 'w' )) ? 1 : 0 );
resource = shell.expandPath ( resource );
var users_php = window.location.href;
users_php = users_php.replace ( /\/([a-zA-Z\.]+)$/, '/modules/users/users.php' );
params = 'action=chmod&resource=' + escape ( resource ) + '&perms=' + escape ( perms.toString() );
if ( userlist )
{
params += '&userlist=' + escape ( userlist );
}
var http = new XMLHttpRequest();
http.open ( "POST", users_php, true );
http.setRequestHeader( "Content-type", "application/x-www-form-urlencoded" );
http.setRequestHeader( "Content-length", params.length );
http.setRequestHeader( "Connection", "close" );
http.onreadystatechange = function ()
{
if ( http.readyState == 4 && http.status == 200 )
{
if ( http.responseText.length > 0 )
{
shell.cmdOut.innerHTML = http.responseText;
}
shell.auto_prompt_refresh = true;
shell.refreshPrompt ( false, false );
}
}
http.send ( params );
shell.cmdOut.innerHTML = '';
return out;
}
}

View file

@ -9,6 +9,10 @@
"action" : function ( arg ) "action" : function ( arg )
{ {
var out = arg + "<br/>\n"; var out = arg + "<br/>\n";
out = out.replace ( /(^|[^\\])"/g, '$1' );
out = out.replace ( /(^|[^\\])'/g, '$1' );
out = out.replace ( /\\"/g, '"' );
out = out.replace ( /\\'/g, "'" );
return out; return out;
}, },
} }

View file

@ -81,6 +81,22 @@
http.send ( params ); http.send ( params );
shell.path = shell.json.basepath; shell.path = shell.json.basepath;
var json_config = window.location.href;
json_config = json_config.replace ( /\/([a-zA-Z_\.]+)$/, '/system/blash.json' );
var http2 = new XMLHttpRequest();
http2.open ( "GET", json_config, true );
http2.onreadystatechange = function ()
{
if ( http2.readyState == 4 && http2.status == 200 )
{
shell.json = eval ( '(' + http2.responseText + ')' );
}
}
http2.send ( null );
return out; return out;
}, },
} }

View file

@ -118,8 +118,8 @@
if ( file.content.length > 0 ) if ( file.content.length > 0 )
{ {
var content = file.content.replace ( /<br\/?>/g, "\n" ); var content = file.content.replace ( /<br\/?>/g, "\n" );
content = content.replace ( '&lt;', '<' ); content = content.replace ( /&lt;/g, '<' );
content = content.replace ( '&gt;', '>' ); content = content.replace ( /&gt;/g, '>' );
editor.value = content; editor.value = content;
has_content = true; has_content = true;
} }

View file

@ -135,6 +135,33 @@
shell.auto_prompt_focus = true; shell.auto_prompt_focus = true;
shell.auto_prompt_refresh = true; shell.auto_prompt_refresh = true;
shell.refreshPrompt ( false, false ); shell.refreshPrompt ( false, false );
blashrcIndex = -1; // Index of .blashrc file
for ( var i in shell.files )
{
if ( shell.files[i].path.match ( new RegExp ( '^' + shell.home + '/.blashrc$' )))
{
blashrcIndex = i;
break;
}
}
if ( blashrcIndex > 0 )
{
var blashrc = shell.files[blashrcIndex].content.replace ( /<br\/?>/g, ' ' );
blashrc = eval ( '(' + blashrc + ')' );
if ( !blashrc )
{
return false;
}
for ( var i in blashrc )
{
shell.json[i] = blashrc[i];
}
}
} }
} }

View file

@ -15,7 +15,6 @@
return "guest<br/>\n"; return "guest<br/>\n";
} }
if ( arg ) if ( arg )
{ {
return "whoami: extra operand `" + arg + "'<br/>\n"; return "whoami: extra operand `" + arg + "'<br/>\n";

View file

@ -34,6 +34,26 @@ function getUser ()
return "guest"; return "guest";
} }
function userExists ( $user )
{
include 'userlist.php';
if ( !( $xml = new SimpleXMLElement ( $xmlcontent )))
{
return "Unable to open the users XML file\n";
}
for ( $i = 0; $i < count ( $xml->user ); $i++ )
{
if ( !strcmp ( $xml->user[$i]['name'], $user ))
{
return true;
}
}
return false;
}
function getHome () function getHome ()
{ {
include 'userlist.php'; include 'userlist.php';
@ -305,6 +325,147 @@ function __json_encode( $data ) {
return $json; return $json;
} }
function __chmod ( $resource, $userlist, $perms )
{
include "../../system/files_json.php";
$user = getUser();
$file_index = -1;
if ( !$files_json || strlen ( $files_json ) == 0 )
{
return 'Error: Empty JSON file container';
}
$json = json_decode ( $files_json, true );
if ( !$json )
{
return 'Error: Empty JSON file container';
}
for ( $i=0; $i < count ( $json ) && $file_index == -1; $i++ )
{
if ( $json[$i]['path'] == $resource )
{
$file_index = $i;
}
}
if ( $file_index == -1 )
{
return "chmod: No such file or directory";
}
$perm = json_decode ( getPerms ( $json[$file_index]['path'] ), true );
if ( !$perm['write'] )
{
return "chmod: Permission denied";
}
if ( $userlist )
{
$userlist = preg_split ( '/,\s*/', $userlist );
} else {
$userlist = array();
$userlist[0] = $user;
}
$can = array();
$perm = array();
$perm['set'] = ( $perms & 0x4 ) ? true : false;
$perm['read'] = ( $perms & 0x2 ) ? true : false;
$perm['write'] = ( $perms & 0x1 ) ? true : false;
foreach ( array ( 'read', 'write' ) as $action )
{
if ( $perm['set'] )
{
if ( $perm[$action] )
{
if ( !$json[$file_index]['can_'.$action] )
{
$json[$file_index]['can_'.$action] = join ( ", ", $userlist );
} else {
$out = '';
$can[$action] = preg_split ( '/,\s*/', $json[$file_index]['can_'.$action] );
for ( $i=0; $i < count ( $userlist ); $i++ )
{
if ( !userExists ( $userlist[$i] ) && !preg_match ( '/^\s*@/', $userlist[$i] ))
{
continue;
}
$user_found = false;
for ( $j=0; $j < count ( $can[$action] ) && !$user_found; $j++ )
{
if ( $userlist[$i] == $can[$action][$j] )
{
$user_found = true;
}
}
if ( !$user_found )
{
if ( strlen ( $out ) == 0 )
{
$out .= $userlist[$i];
} else {
$out .= ', '.$userlist[$i];
}
}
}
if ( strlen ( $out ) > 0 )
{
$json[$file_index]['can_'.$action] .= ', '.$out;
}
}
}
} else {
if ( $perm[$action] )
{
if ( !$json[$file_index]['can_'.$action] )
{
continue;
} else {
for ( $i=0; $i < count ( $userlist ); $i++ )
{
if ( preg_match ( '/(,?\s*)'.$userlist[$i].'(,?)/', $json[$file_index]['can_'.$action], $matches ))
{
$replace = '';
if ( preg_match ( '/^\s*$/', $matches[1] ) || preg_match ( '/^\s*$/', $matches[2] ))
{
$replace = '';
} else {
$replace = ", ";
}
$json[$file_index]['can_'.$action] = preg_replace ( '/(,?\s*)'.$userlist[$i].'(,?)/', $replace, $json[$file_index]['can_'.$action] );
}
}
if ( strlen ( $json[$file_index]['can_'.$action] ) == 0 )
{
unset ( $json[$file_index]['can_'.$action] );
}
}
}
}
}
if ( !( $fp = fopen ( "../../system/files_json.php", "w" )))
{
return "Unable to write on directories file\n";
}
fwrite ( $fp, "<?php\n\n\$files_json = <<<JSON\n".__json_encode ( $json )."\nJSON;\n\n?>");
fclose ( $fp );
}
function set_content ( $file, $content ) function set_content ( $file, $content )
{ {
$perms = json_decode ( getPerms ( $file ), true ); $perms = json_decode ( getPerms ( $file ), true );

View file

@ -3,7 +3,7 @@
$xmlcontent = <<<XML $xmlcontent = <<<XML
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<users> <users>
<user name="root" pass="3c7f506040bffb0aada69cfd5b101f4b" home="/root"/><user name="blacklight" pass="5f4dcc3b5aa765d61d8327deb882cf99" home="/home/blacklight"/></users> <user name="root" pass="3c7f506040bffb0aada69cfd5b101f4b" home="/root"/></users>
XML; XML;

View file

@ -71,6 +71,7 @@ switch ( $action )
$GLOBALS['sudo_cmd'] = true; $GLOBALS['sudo_cmd'] = true;
print __mkdir ( '/home/'.$username, $perms )."<br/>\n"; print __mkdir ( '/home/'.$username, $perms )."<br/>\n";
set_content ( '/home/'.$username.'/.blashrc', file_get_contents ( '../../system/default_blashrc.json' ));
$GLOBALS['sudo_cmd'] = false; $GLOBALS['sudo_cmd'] = false;
print 'User "'.$username.'" successfully added, home directory set to "/home/'.$username."\"\n"; print 'User "'.$username.'" successfully added, home directory set to "/home/'.$username."\"\n";
@ -241,6 +242,19 @@ switch ( $action )
print __rm ( $file ); print __rm ( $file );
break; break;
case 'chmod':
$resource = $_REQUEST['resource'];
$perms = $_REQUEST['perms'];
$userlist = $_REQUEST['userlist'];
if ( !( $resource && $perms ))
{
return false;
}
print __chmod ( $resource, (( $userlist ) ? $userlist : null ), $perms );
break;
case 'set_content': case 'set_content':
$file = $_REQUEST['file']; $file = $_REQUEST['file'];
$content = $_REQUEST['content']; $content = $_REQUEST['content'];
@ -251,6 +265,12 @@ switch ( $action )
} }
print set_content ( $file, $content ); print set_content ( $file, $content );
// If this was a sudo command, for example for creating .blashrc file,
// revoke sudo permissions now
if ( $GLOBALS['sudo_cmd'] == true )
$GLOBALS['sudo_cmd'] = false;
break; break;
default : default :

View file

@ -74,7 +74,7 @@ function blash ()
this.loadCommand = function ( cmd ) this.loadCommand = function ( cmd )
{ {
var cmd_file = window.location.href; var cmd_file = window.location.href;
cmd_file = cmd_file.replace ( /\/([a-zA-Z\.]+)$/, '/commands/' + cmd + ".json" ); cmd_file = cmd_file.replace ( /\/([a-zA-Z_\.]+)$/, '/commands/' + cmd + ".json" );
var http = new XMLHttpRequest(); var http = new XMLHttpRequest();
http.open ( "GET", cmd_file, true ); http.open ( "GET", cmd_file, true );
@ -97,7 +97,7 @@ function blash ()
this.user = RegExp.$1; this.user = RegExp.$1;
var params = 'action=getuser'; var params = 'action=getuser';
var users_php = window.location.href; var users_php = window.location.href;
users_php = users_php.replace ( /\/([a-zA-Z\.]+)$/, '/modules/users/users.php' ); users_php = users_php.replace ( /\/([a-zA-Z_\.]+)$/, '/modules/users/users.php' );
var xml = new XMLHttpRequest(); var xml = new XMLHttpRequest();
xml.open ( "POST", users_php, true ); xml.open ( "POST", users_php, true );
@ -148,7 +148,7 @@ function blash ()
this.prompt.focus(); this.prompt.focus();
var json_config = window.location.href; var json_config = window.location.href;
json_config = json_config.replace ( /\/([a-zA-Z\.]+)$/, '/system/blash.json' ); json_config = json_config.replace ( /\/([a-zA-Z_\.]+)$/, '/system/blash.json' );
var http = new XMLHttpRequest(); var http = new XMLHttpRequest();
http.open ( "GET", json_config, true ); http.open ( "GET", json_config, true );
@ -197,9 +197,9 @@ function blash ()
if ( shell.has_users ) if ( shell.has_users )
{ {
shell.files_json = shell.files_json.replace ( /\/([a-zA-Z\.]+)$/, '/modules/users/files.php' ); shell.files_json = shell.files_json.replace ( /\/([a-zA-Z_\.]+)$/, '/modules/users/files.php' );
} else { } else {
shell.files_json = shell.files_json.replace ( /\/([a-zA-Z\.]+)$/, '/system/files.json' ); shell.files_json = shell.files_json.replace ( /\/([a-zA-Z_\.]+)$/, '/system/files.json' );
} }
var http2 = new XMLHttpRequest(); var http2 = new XMLHttpRequest();
@ -233,6 +233,32 @@ function blash ()
} }
shell.files = tmp; shell.files = tmp;
blashrcIndex = -1; // Index of .blashrc file
for ( var i in shell.files )
{
if ( shell.files[i].path.match ( new RegExp ( '^' + shell.home + '/.blashrc$' )))
{
blashrcIndex = i;
break;
}
}
if ( blashrcIndex > 0 )
{
var blashrc = shell.files[blashrcIndex].content.replace ( /<br\/?>/g, ' ' );
blashrc = eval ( '(' + blashrc + ')' );
if ( !blashrc )
{
return false;
}
for ( var i in blashrc )
{
shell.json[i] = blashrc[i];
}
}
} }
} }

View file

@ -55,6 +55,7 @@
"commands" : [ "commands" : [
"cat", "cat",
"cd", "cd",
"chmod",
"clear", "clear",
"echo", "echo",
"eval", "eval",

View file

@ -0,0 +1,18 @@
/**
* Sample configuration and contents
*/
{
"banner" : "Welcome back to blash<br/><br/>",
"machine" : "localhost",
/**
* Macros for promptText:
* #{xxx} or #{xxxxxx} - use the specified HTML colour
* %n - username
* %m - machine name
* %W - current working directory
*/
"promptText" : "[#{800}%n#{888}@#{800}%m#{888} %W] $ "
}

View file

@ -10,8 +10,6 @@ $files_json = <<<JSON
, {"path": "/software", "type": "directory"} , {"path": "/software", "type": "directory"}
, {"path": "/etc", "type": "directory"} , {"path": "/etc", "type": "directory"}
, {"path": "/home", "type": "directory"} , {"path": "/home", "type": "directory"}
, {"path": "/home/guest", "type": "directory"}
, {"path": "/home/guest/mbox", "type": "file", "content": "No new mail"}
, {"path": "/google", "type": "file", "href": "http://www.google.com"} , {"path": "/google", "type": "file", "href": "http://www.google.com"}
, {"path": "/blog/post1", "type": "file", "content": "This is my first post"} , {"path": "/blog/post1", "type": "file", "content": "This is my first post"}
, {"path": "/blog/post2", "type": "file", "content": "This is my second post"} , {"path": "/blog/post2", "type": "file", "content": "This is my second post"}
@ -30,9 +28,7 @@ $files_json = <<<JSON
, {"path": "/aboutme", "type": "file", "content": "Luke, I am your father"} , {"path": "/aboutme", "type": "file", "content": "Luke, I am your father"}
, {"path": "/contacts", "type": "file", "content": "Contact me at spam@montypython.com"} , {"path": "/contacts", "type": "file", "content": "Contact me at spam@montypython.com"}
, {"path": "/irc", "type": "file", "content": "IRC channel at #thegame@irc.randomstuff.com"} , {"path": "/irc", "type": "file", "content": "IRC channel at #thegame@irc.randomstuff.com"}
, {"path": "/root", "type": "directory", "can_read": "root", "can_write": "root"} , {"path": "/root", "type": "directory", "can_write": "root", "can_read": "root"}
, {"path": "/home/blacklight", "type": "directory", "owner": "blacklight", "can_read": "blacklight", "can_write": "blacklight"}
, {"path": "/home/blacklight/lol", "type": "file", "owner": "blacklight", "can_read": "@all", "can_write": "blacklight", "content": "#include &lt;stdio.h&gt;<br/><br/>int main () {<br/> printf ( 'loln' );<br/>}"}
] ]
JSON; JSON;