diff --git a/lib/function.tcl b/lib/function.tcl index 8eeaa5b..0c7bcda 100644 --- a/lib/function.tcl +++ b/lib/function.tcl @@ -171,7 +171,7 @@ proc InsertClusterItems {tree id} { $tree insert $parent end -id "sessions::$id" -text "Сеансы" -values "sessions-all" $tree insert $parent end -id "locks::$id" -text "Блокировки" -values "blocks-all" $tree insert $parent end -id "connections::$id" -text "Соединения" -values "connections-all" - $tree insert $parent end -id "profiles::$id" -text "Профили безопасности" -values "secureprofiles-all" + $tree insert $parent end -id "profiles::$id" -text "Профили безопасности" -values $id } proc InsertBaseItems {tree id} { @@ -203,6 +203,26 @@ proc InsertWorkServerItems {tree id} { } } +proc InsertProfileItems {tree id} { + set parent "profile::$id" + set lst { + {dir "Виртуальные каталоги"} + {com "Разрешённые COM-классы"} + {addin "Внешние компоненты"} + {module "Внешние отчёты и обработки"} + {app "Разрешённые приложения"} + {inet "Ресурсы интернет"} + } + foreach i $lst { + append item [lindex $i 0] "::$id" + if { [$tree exists $item] == 0 } { + $tree insert $parent end -id $item -text [lindex $i 1] -values "$id" + } + unset item + } +} + + proc GetInfobases {cluster host} { global active_cluster cluster_user cluster_pwd auth if {$cluster_user ne "" && $cluster_pwd ne ""} { @@ -406,7 +426,7 @@ proc Run::servers {tree host values} { } set lst [RunCommand infobase::$values "server list --cluster=$active_cluster $auth $host"] - puts ">>>>>>>$lst<<<<" + if {$lst eq ""} {return} foreach l $lst { foreach i $l { @@ -429,10 +449,11 @@ proc Run::servers {tree host values} { $tree insert "servers::$values" end -id "work_server::$id" \ -text "[lindex $server($x) 1]" -values "$id" } - InsertWorkServerItems $tree $id - } - #Run::List $tree $host $values server + InsertWorkServerItems $tree $id + } + #Run::List $tree $host $values server } + proc Run::work_server {tree host values} { global active_cluster work_list_row_count cluster_user cluster_pwd if {$cluster_user ne "" && $cluster_pwd ne ""} { @@ -446,8 +467,40 @@ proc Run::work_server {tree host values} { InsertItemsWorkList $l } } +proc Run::profile {tree host values} { + return +} proc Run::profiles {tree host values} { - Run::List $tree $host $values profile + global active_cluster work_list_row_count cluster_user cluster_pwd + if {$cluster_user ne "" && $cluster_pwd ne ""} { + set auth "--cluster-user=$cluster_user --cluster-pwd=$cluster_pwd" + } else { + set auth "" + } + .frm_work.tree_work delete [ .frm_work.tree_work children {}] + set lst [RunCommand "" "profile list --cluster=$active_cluster $auth $host"] + + foreach l $lst { + foreach i $l { + set profile_list [split $i ":"] + #InsertItemsWorkList $server_list + if {[string trim [lindex $profile_list 0]] eq "name"} { + set profile_name [string trim [lindex $profile_list 1]] + lappend profiles($profile_name) $profile_name + } + } + #puts $l + InsertItemsWorkList $l + } + foreach x [array names profiles] { + set id [lindex $profiles($x) 0] + if { [$tree exists "profile::$id"] == 0 } { + $tree insert "profiles::$values" end -id "profile::$id" \ + -text $id -values "$id" + } + InsertProfileItems $tree $id + } + } proc Run::processes {tree host values} { Run::List $tree $host $values process @@ -1087,6 +1140,89 @@ proc Add::rule {tree host values} { } return $frm } +proc Add::profiles {tree host values} { + Add::profile $tree $host $values +} +proc Add::profile {tree host values} { + global default active_cluster server agent_user agent_pwd cluster_user cluster_pwd auth + global config priv crypto right_extension right_extension_definition_roles \ + all_modules_extension modules_available_for_extension modules_not_available_for_extension + if {$cluster_user ne "" && $cluster_pwd ne ""} { + set auth "--cluster-user=$cluster_user --cluster-pwd=$cluster_pwd" + } else { + set auth "" + } + set var_list {config priv crypto right_extension all_modules_extension } + foreach v $var_list {set $v "off"; puts $v} + set var_list {right_extension_definition_roles modules_available_for_extension modules_not_available_for_extension} + foreach v $var_list {set $v 0; puts $v} + unset var_list + puts ">>>$right_extension_definition_roles" + + set frm [AddToplevel "Профиль безопасности" security_grey_64] + + label $frm.lbl_name -text "Имя профиля" + entry $frm.ent_name + label $frm.lbl_descr -text "Описание" + entry $frm.ent_descr + label $frm.lbl_config -justify left -anchor nw -text "Использование профиля из конфигурации" + checkbutton $frm.check_config -variable config -onvalue yes -offvalue no + label $frm.lbl_priv -justify left -anchor nw -text "Привилегированный режим" + checkbutton $frm.check_priv -variable priv -onvalue yes -offvalue no + label $frm.lbl_crypto -justify left -anchor nw -text "Разрешено использование криптографии" + checkbutton $frm.check_crypto -variable crypto -onvalue yes -offvalue no + label $frm.lbl_right_extension -justify left -anchor nw -text "Любое расширение прав доступа" + checkbutton $frm.check_right_extension -variable right_extension -onvalue yes -offvalue no + label $frm.lbl_right_extension_definition_roles -justify left -anchor nw -text "Роли, ограничивающие расширение прав доступа" + ttk::combobox $frm.cb_right_extension_definition_roles -textvariable right_extension_definition_roles + label $frm.lbl_all_modules_extension -justify left -anchor nw -text "Расширение всех модулей" + checkbutton $frm.check_all_modules_extension -variable all_modules_extension -onvalue yes -offvalue no + label $frm.lbl_modules_available_for_extension -text "Доступные для расширения модули" + ttk::combobox $frm.cb_modules_available_for_extension -textvariable modules_available_for_extension + label $frm.lbl_modules_not_available_for_extension -text "Недоступные для расширения модули" + ttk::combobox $frm.cb_modules_not_available_for_extension -textvariable modules_not_available_for_extension + + grid $frm.lbl_name -row 0 -column 0 -sticky nw -padx 5 -pady 5 + grid $frm.ent_name -row 0 -column 1 -sticky nsew -padx 5 -pady 5 + grid $frm.lbl_descr -row 1 -column 0 -sticky nw -padx 5 -pady 5 + grid $frm.ent_descr -row 1 -column 1 -sticky nsew -padx 5 -pady 5 + grid $frm.lbl_config -row 2 -column 0 -sticky nw -padx 5 -pady 5 + grid $frm.check_config -row 2 -column 1 -sticky nw -padx 5 -pady 5 + grid $frm.lbl_priv -row 3 -column 0 -sticky nw -padx 5 -pady 5 + grid $frm.check_priv -row 3 -column 1 -sticky nw -padx 5 -pady 5 + grid $frm.lbl_crypto -row 4 -column 0 -sticky nw -padx 5 -pady 5 + grid $frm.check_crypto -row 4 -column 1 -sticky nw -padx 5 -pady 5 + grid $frm.lbl_right_extension -row 5 -column 0 -sticky nw -padx 5 -pady 5 + grid $frm.check_right_extension -row 5 -column 1 -sticky nw -padx 5 -pady 5 + grid $frm.lbl_right_extension_definition_roles -row 6 -column 0 -sticky nw -padx 5 -pady 5 + grid $frm.cb_right_extension_definition_roles -row 6 -column 1 -sticky nsew -padx 5 -pady 5 + grid $frm.lbl_all_modules_extension -row 7 -column 0 -sticky nw -padx 5 -pady 5 + grid $frm.check_all_modules_extension -row 7 -column 1 -sticky nw -padx 5 -pady 5 + grid $frm.lbl_modules_available_for_extension -row 8 -column 0 -sticky nw -padx 5 -pady 5 + grid $frm.cb_modules_available_for_extension -row 8 -column 1 -sticky nsew -padx 5 -pady 5 + grid $frm.lbl_modules_not_available_for_extension -row 9 -column 0 -sticky nw -padx 5 -pady 5 + grid $frm.cb_modules_not_available_for_extension -row 9 -column 1 -sticky nsew -padx 5 -pady 5 + + + .add.frm_btn.btn_ok configure -command { + RunCommand "" "profile update \ + --cluster=$active_cluster $auth \ + --name=[.add.frm.ent_name get] \ + --descr=[.add.frm.ent_descr get] \ + --config=$config \ + --priv=$priv \ + --crypto=$crypto \ + --right-extension=$right_extension \ + --right-extension-definition-roles=$right_extension_definition_roles \ + --all-modules-extension=$all_modules_extension \ + --modules-available-for-extension=$modules_available_for_extension \ + --modules-not-available-for-extension=$modules_not_available_for_extension \ + $host" + Run::profiles $tree $host $server + destroy .add + } + return $frm +} proc Edit {} { global active_cluster host @@ -1772,3 +1908,4 @@ proc Del::server {tree host values} { } } + diff --git a/lib/images.tcl b/lib/images.tcl index 03fb5be..68924d7 100644 --- a/lib/images.tcl +++ b/lib/images.tcl @@ -461,3 +461,25 @@ image create photo administrator_grey_64 -data { N20hJbui9z9hKspOzhtNboxLDDBSvSAxV0TNbGIjr9BqrILLzFEAosSeCmFlsoxxk98Y1jMLqopV Pc0kSbCSJppYSiONVZDKzDHDNDnuMsUkd7SlRz0E+8H/VYKZPhwAAAAASUVORK5CYII= } +image create photo security_grey_64 -data { + iVBORw0KGgoAAAANSUhEUgAAAEAAAABACAQAAAAAYLlVAAAAAmJLR0QA/4ePzL8AAAAJcEhZcwAA + CxMAAAsTAQCanBgAAAAHdElNRQfiBhgICCh+yumzAAAD+UlEQVRo3sWZXWgUVxTHf9mui9ggS2hE + QhrsF9igQdYoaUBJtDS21FhpY4sgmFDB+2ChRbAl5GkJWhAqvhxEsPhmxYIVwRhSGqykQdJaNH6g + QZdtCKI2LCGEZQmhL5LurDOz587O6H2aOffM//w59845555bRYBhkrzPezRSTzUwyyS3+YMhydlj + VVkb34ZhGwmXqQIDiAxESMC08gMbyyhd42sZiYCASfA9XxFTqC5wnENSCJWAeY1faLVw1gg75Glo + BMxKfmO15Wa5S7s8CoWAqeZ31nlMzgNxj7m/2SSz5dA1a3rSxfwkR2inVpbIEmpp5wiTz+ms42QI + HjC7+KlENM13nJL5Er04PRympkT3czlbEQGzjPvUOUSjfCpTHtp1/EyLQzTFOzJXyRLsLzE/zFYv + 8yBTbGXYIapjfwUeMDEe0lAkyLBepsv4rIY/WVUkyPKGLAT1QJvDPOwrZx5kmn0OQQNtwZdgh+Nt + UIY0AUCGGPRBsSKw2YmsDkLig6InYOI0Fr3m0ee5AfJFb40mHswD9Y6kOy55tQPyjBe9JqgPRsAZ + VLJWmSDrg6Qm4Cw65qwIzPkgWeeC/9MO4WvHeMnjpROIB//ULCdJDFggJzMvkIBZxS46SJEskuX4 + i8uclUzEBMwa0nS6LFySLWzhsLlAn4xHRMDESXPQ94sYn/CxOUpfFARq+NU/qi8ifksruTAIrHS8 + dVr4dbMvkq4gMcu5WVINBB9Z1nr9J95xIB2aeWggbekB8zZ3KokRLqH5XZmw8UBvqOYhTq+FB8wK + /vHLYIFGgdflsdYDu0M3Dwl265egSwU5wzG66OIYukzQpVwCk+SJYgfc5kN5VveYBi456kevjVj7 + fBPHzQMtCvMFdspi2SVZdlJQbMQW3RI0Kdx5Ue45ytB7XFR81aQj8JYC6rpCokJ2I1CngHpVIVEh + uxGoVkB9oJCokIPWhCmz1/Hn7CUVXlGqa7CdMD2L5ns4oYyGKgKq9hoJ9iw+71FGTmUofhBZDZ7R + EbgVGYFbOgKjkREYVRGQDBORmJ+QjPY3PB8JgfP6dHw6EgKn1QRkvKTb5z6Wujx5j2H3E5NXJOxX + QDabFIBJ0azQ7rc9F1xWRPdZzgBfKLLHoHTYnowOcJ1lZZPLl8qGzQGvqVe8Jsb+3TDDRyFtv2/k + kjUBGLu2YTVrQjB/Rg4FbdF0c6Vi81foDtwjkjzbuVqR+ats929wlilIZIYOzgU2f46Oct0j3a3Z + Qfqtz0oFeuVoeTXtvWETYnlvaOSGRtHi6tZ8Rp/qzHCDtKiXzfLy2rTRTWdxg84xclzgRxm2Qayy + 31kmTjOtrOVNVrAUyPOYB9xkhDGZt0X7D6zc881zDmwYAAAAAElFTkSuQmCC +}