2019-10-29 14:57:13 +01:00
|
|
|
<?php
|
2019-10-30 00:30:39 +01:00
|
|
|
|
|
|
|
/*
|
2019-11-10 17:48:54 +01:00
|
|
|
* This file is part of RaspiSMS.
|
2019-10-30 00:30:39 +01:00
|
|
|
*
|
2019-11-10 17:48:54 +01:00
|
|
|
* (c) Pierre-Lin Bonnemaison <plebwebsas@gmail.com>
|
2019-10-30 00:30:39 +01:00
|
|
|
*
|
2019-11-10 17:48:54 +01:00
|
|
|
* This source file is subject to the GPL-3.0 license that is bundled
|
2019-10-30 00:30:39 +01:00
|
|
|
* with this source code in the file LICENSE.
|
|
|
|
*/
|
|
|
|
|
2019-10-29 14:57:13 +01:00
|
|
|
namespace controllers\internals;
|
2019-10-29 18:36:25 +01:00
|
|
|
|
2019-11-12 20:46:45 +01:00
|
|
|
class Command extends StandardController
|
2019-10-29 18:36:25 +01:00
|
|
|
{
|
2020-01-17 18:19:25 +01:00
|
|
|
protected $model;
|
2019-11-07 16:17:18 +01:00
|
|
|
|
2019-10-29 18:36:25 +01:00
|
|
|
/**
|
2020-01-17 18:19:25 +01:00
|
|
|
* Create a new command.
|
|
|
|
*
|
|
|
|
* @param int $id_user : User id
|
|
|
|
* @param string $name : Command name
|
|
|
|
* @param string $script : Script file
|
|
|
|
* @param bool $admin : Is command admin only
|
|
|
|
*
|
2019-11-12 20:46:45 +01:00
|
|
|
* @return mixed bool|int : False if cannot create command, id of the new command else
|
2019-10-29 14:57:13 +01:00
|
|
|
*/
|
2019-11-12 20:46:45 +01:00
|
|
|
public function create(int $id_user, string $name, string $script, bool $admin)
|
2019-10-29 14:57:13 +01:00
|
|
|
{
|
|
|
|
$command = [
|
2019-11-12 20:46:45 +01:00
|
|
|
'id_user' => $id_user,
|
2019-10-29 14:57:13 +01:00
|
|
|
'name' => $name,
|
|
|
|
'script' => $script,
|
|
|
|
'admin' => $admin,
|
|
|
|
];
|
|
|
|
|
2019-11-14 02:02:50 +01:00
|
|
|
$result = $this->get_model()->insert($command);
|
2019-10-30 00:30:39 +01:00
|
|
|
if (!$result)
|
|
|
|
{
|
2019-10-29 14:57:13 +01:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2019-11-14 02:02:50 +01:00
|
|
|
$internal_event = new Event($this->bdd);
|
2020-01-17 18:47:08 +01:00
|
|
|
$internal_event->create($id_user, 'COMMAND_ADD', 'Ajout commande : ' . $name . ' => ' . $script);
|
2020-01-17 18:19:25 +01:00
|
|
|
|
2019-10-29 14:57:13 +01:00
|
|
|
return $result;
|
2019-10-29 18:36:25 +01:00
|
|
|
}
|
2020-01-17 18:19:25 +01:00
|
|
|
|
2019-10-29 18:36:25 +01:00
|
|
|
/**
|
2020-01-17 18:19:25 +01:00
|
|
|
* Update a command.
|
|
|
|
*
|
|
|
|
* @param int $id_user : User id
|
|
|
|
* @param int $id : Command id
|
|
|
|
* @param string $name : Command name
|
|
|
|
* @param string $script : Script file
|
|
|
|
* @param bool $admin : Is command admin only
|
|
|
|
*
|
2019-11-12 20:46:45 +01:00
|
|
|
* @return mixed bool|int : False if cannot create command, id of the new command else
|
2019-10-29 18:36:25 +01:00
|
|
|
*/
|
2019-11-12 20:46:45 +01:00
|
|
|
public function update_for_user(int $id_user, int $id, string $name, string $script, bool $admin)
|
2019-10-29 14:57:13 +01:00
|
|
|
{
|
2019-11-13 06:13:55 +01:00
|
|
|
$datas = [
|
2019-10-29 14:57:13 +01:00
|
|
|
'name' => $name,
|
|
|
|
'script' => $script,
|
|
|
|
'admin' => $admin,
|
|
|
|
];
|
|
|
|
|
2019-11-14 02:02:50 +01:00
|
|
|
return $this->get_model()->update_for_user($id_user, $id, $datas);
|
2019-10-29 14:57:13 +01:00
|
|
|
}
|
2020-01-06 23:38:45 +01:00
|
|
|
|
|
|
|
/**
|
2020-04-02 18:40:39 +02:00
|
|
|
* Analyse a message to check if it's a command so execute it
|
2020-01-17 18:19:25 +01:00
|
|
|
*
|
|
|
|
* @param int $id_user : User id to search a command for
|
2020-04-02 18:40:39 +02:00
|
|
|
* @param string $message : Message to analyse
|
2020-01-17 18:19:25 +01:00
|
|
|
*
|
2020-04-02 18:40:39 +02:00
|
|
|
* @return mixed bool|string : false if not a valid command, anonymized message if valid command
|
2020-01-06 23:38:45 +01:00
|
|
|
*/
|
2020-04-02 18:40:39 +02:00
|
|
|
public function analyze_and_process (int $id_user, string $message)
|
2020-01-06 23:38:45 +01:00
|
|
|
{
|
|
|
|
$extracted_command = [];
|
|
|
|
|
2020-01-07 17:55:16 +01:00
|
|
|
$decode_message = json_decode(trim($message), true);
|
2020-01-17 18:19:25 +01:00
|
|
|
if (null === $decode_message)
|
2020-01-06 23:38:45 +01:00
|
|
|
{
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2020-01-08 16:17:12 +01:00
|
|
|
if (!isset($decode_message['login'], $decode_message['password'], $decode_message['command']))
|
2020-01-06 23:38:45 +01:00
|
|
|
{
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
//Check for user
|
2020-01-08 16:17:12 +01:00
|
|
|
$internal_user = new \controllers\internals\User($this->bdd);
|
2020-01-06 23:38:45 +01:00
|
|
|
$user = $internal_user->check_credentials($decode_message['login'], $decode_message['password']);
|
2020-01-17 18:19:25 +01:00
|
|
|
if (!$user || $user['id'] !== $id_user)
|
2020-01-06 23:38:45 +01:00
|
|
|
{
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
//Find command
|
|
|
|
$commands = $this->gets_for_user($user['id']);
|
|
|
|
$find_command = false;
|
|
|
|
foreach ($commands as $command)
|
|
|
|
{
|
2020-01-08 16:17:12 +01:00
|
|
|
if ($decode_message['command'] === $command['name'])
|
2020-01-06 23:38:45 +01:00
|
|
|
{
|
2020-01-08 16:17:12 +01:00
|
|
|
$find_command = $command;
|
2020-01-17 18:19:25 +01:00
|
|
|
|
2020-01-06 23:38:45 +01:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-01-08 16:17:12 +01:00
|
|
|
if (false === $find_command)
|
|
|
|
{
|
|
|
|
return false;
|
|
|
|
}
|
2020-01-17 18:19:25 +01:00
|
|
|
|
2020-01-08 16:17:12 +01:00
|
|
|
//Check for admin rights
|
|
|
|
if ($find_command['admin'] && !$user['admin'])
|
2020-01-06 23:38:45 +01:00
|
|
|
{
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
//Forge command and return
|
|
|
|
$decode_message['password'] = '******';
|
|
|
|
$updated_text = json_encode($decode_message);
|
2020-01-17 18:19:25 +01:00
|
|
|
|
2020-01-17 18:47:08 +01:00
|
|
|
$generated_command = PWD_SCRIPTS . '/' . $find_command['script'];
|
2020-01-06 23:38:45 +01:00
|
|
|
$args = $decode_message['args'] ?? '';
|
2020-01-17 18:47:08 +01:00
|
|
|
$generated_command .= ' ' . escapeshellcmd($args);
|
2020-01-06 23:38:45 +01:00
|
|
|
|
2020-04-02 18:40:39 +02:00
|
|
|
exec($generated_command);
|
|
|
|
|
|
|
|
return $updated_text;
|
2020-01-06 23:38:45 +01:00
|
|
|
}
|
2020-01-17 18:19:25 +01:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Get the model for the Controller.
|
|
|
|
*
|
|
|
|
* @return \descartes\Model
|
|
|
|
*/
|
|
|
|
protected function get_model(): \descartes\Model
|
|
|
|
{
|
|
|
|
$this->model = $this->model ?? new \models\Command($this->bdd);
|
|
|
|
|
|
|
|
return $this->model;
|
|
|
|
}
|
2019-10-29 18:36:25 +01:00
|
|
|
}
|