<?php
# Copyright(C) 2004-2008 INL
# Written by Eric Leblond <regit@inl.fr>
#            Vincent Deffontaines <gryzor@inl.fr>
#            Jean Gillaux <jean@inl.fr>
#            Damien Boucard <damien.boucard AT inl.fr>
#
# $Id: local.class.php 12488 2008-01-24 10:47:08Z haypo $
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, version 3 of the License.
#
#  This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, see <http://www.gnu.org/licenses/>.

function xmlGetAttribute($node, $name, $default=null)
{
    $value = $node->get_attribute($name);
    if (!$value)
        return $default;
    return $value;
}

class aclbase
{
    var $acltype;
    var $ID;
    var $name;
    var $decision;
    var $from;
    var $to;
    var $proto;
    var $modified;
    var $log;
    var $log_prefix;
    var $comment;
    var $group;

    function aclbase($acltype)
    {
        $this->acltype = $acltype;
    }

    /**
     * String describing the ACL, eg. "INPUT ACL #2"
     */
    function str()
    {
        return sprintf("%s ACL #%s", $this->acltype, $this->ID);
    }

    function loadXML($dom)
    {
        global $NO_LOG;

        $this->ID = $dom->get_attribute('ID');
        $this->name = $dom->get_attribute('name');
        $this->decision = $dom->get_attribute('decision');
        $this->from = $dom->get_attribute('from');
        $this->to = $dom->get_attribute('to');
        $this->proto = xmlGetAttribute($dom, 'proto');
        $this->log = xmlGetAttribute($dom, 'log', $NO_LOG);
        $this->log_prefix = xmlGetAttribute($dom, 'prefix', '');
        $this->modified = $dom->get_attribute('modified');
        $this->comment = xmlGetAttribute($dom, 'comment', '');
        $this->group = (int)xmlGetAttribute($dom, 'group', 1);
    }

    function loadArray($ress)
    {
        global $NO_LOG;
        $this->ID=$ress['ID'];
        $this->decision = array_get($ress, 'decision', 'accept');
        $this->name = $ress['name'];
        $this->from = array_get($ress, 'from');
        $this->to = array_get($ress, 'to');
        $this->log = array_get($ress, 'log', $NO_LOG);
        $this->log_prefix = array_get($ress, 'log_prefix', "");
        $this->modified = array_get($ress, 'modified', modifiedTimestamp());
        $this->comment = array_get($ress, 'comment', "");
        $this->group = array_get($ress, 'group', 1);
        $this->proto = array_get($ress, 'proto');
    }

    function writeXML($node)
    {
        global $NO_LOG;
        $node->set_attribute('ID',$this->ID);
        $node->set_attribute('name', $this->name);
        $node->set_attribute('decision', $this->decision);
        $node->set_attribute('from', $this->from);
        $node->set_attribute('to', $this->to);
        $node->set_attribute('proto', $this->proto);
        if ($this->log != $NO_LOG)
            $node->set_attribute('log', $this->log);
        if ($this->log_prefix)
            $node->set_attribute('prefix', $this->log_prefix);
        if ($this->comment)
            $node->set_attribute('comment', $this->comment);
        $node->set_attribute('modified', $this->modified);
        $node->set_attribute('group', $this->group);
    }

    function check_consistency($ruleset)
    {
        if (!$this->ID)
            return _('Invalid identifier');

        if (!$ruleset->groups->has_elt($this->group)) {
            return sprintf(_('Broken reference of attribute %s=%s'), 'group', $this->group);
        }

        $decision = $this->decision;
        if (!$decision) {
            return _('Missing attribute decision');
        }

        if ($this->proto and !$ruleset->protocols->has_elt($this->proto)) {
            return sprintf(_('Broken reference of attribute %s=%s'), 'proto', $this->proto);
        }

        if ($this->acltype != 'INPUT') {
            $to = $this->to;
            if (!$ruleset->resources->has_elt($to)) {
                return sprintf(_('Broken reference of attribute %s=%s'), 'to', $to);
            }
        }

        if ($this->acltype != 'OUTPUT') {
            $from = $this->from;
            if (!$ruleset->resources->has_elt($from)) {
                return sprintf(_('Broken reference of attribute %s=%s'), 'from', $from);
            }
        }

        return '';
    }
}

function changeAclBase_get()
{
    $ch_group = getHttp('group');
    if (!check_nb($ch_group))
        return;

    $ch_name = getHttp('ch_name');
    if (!check_name($ch_name, 'name'))
        return null;

    $ch_decision=getHttp('decision');
    if (!check_decision($ch_decision))
        return null;

    $ch_comment=getHttp('comment');
    if (!check_input_var('ress', 'comment', $ch_comment))
        return null;

    $ch_protocol = getHttp('protocol');
    if (!check_nb($ch_protocol))
        return;

    $log = aclGetLog();

    $log_prefix =getHttp('log_prefix', "");
    if (!check_log_prefix($log_prefix, 'log_prefix'))
        return null;

    $received = Array(
        'decision' => $ch_decision,
        'comment' => $ch_comment,
        'log' => $log,
        'log_prefix' => $log_prefix,
        'group' => $ch_group,
        'name' => $ch_name,
        'modified' => modifiedTimestamp(),
        'proto' => $ch_protocol,
    );
    return $received;
}

?>