Начата работа с профилями безопасности. Рализован вывод списка профилей и добавление профиля
This commit is contained in:
parent
7b78146d81
commit
72cae7dc26
149
lib/function.tcl
149
lib/function.tcl
|
@ -171,7 +171,7 @@ proc InsertClusterItems {tree id} {
|
|||
$tree insert $parent end -id "sessions::$id" -text "Сеансы" -values "sessions-all"
|
||||
$tree insert $parent end -id "locks::$id" -text "Блокировки" -values "blocks-all"
|
||||
$tree insert $parent end -id "connections::$id" -text "Соединения" -values "connections-all"
|
||||
$tree insert $parent end -id "profiles::$id" -text "Профили безопасности" -values "secureprofiles-all"
|
||||
$tree insert $parent end -id "profiles::$id" -text "Профили безопасности" -values $id
|
||||
}
|
||||
|
||||
proc InsertBaseItems {tree id} {
|
||||
|
@ -203,6 +203,26 @@ proc InsertWorkServerItems {tree id} {
|
|||
}
|
||||
}
|
||||
|
||||
proc InsertProfileItems {tree id} {
|
||||
set parent "profile::$id"
|
||||
set lst {
|
||||
{dir "Виртуальные каталоги"}
|
||||
{com "Разрешённые COM-классы"}
|
||||
{addin "Внешние компоненты"}
|
||||
{module "Внешние отчёты и обработки"}
|
||||
{app "Разрешённые приложения"}
|
||||
{inet "Ресурсы интернет"}
|
||||
}
|
||||
foreach i $lst {
|
||||
append item [lindex $i 0] "::$id"
|
||||
if { [$tree exists $item] == 0 } {
|
||||
$tree insert $parent end -id $item -text [lindex $i 1] -values "$id"
|
||||
}
|
||||
unset item
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
proc GetInfobases {cluster host} {
|
||||
global active_cluster cluster_user cluster_pwd auth
|
||||
if {$cluster_user ne "" && $cluster_pwd ne ""} {
|
||||
|
@ -406,7 +426,7 @@ proc Run::servers {tree host values} {
|
|||
}
|
||||
|
||||
set lst [RunCommand infobase::$values "server list --cluster=$active_cluster $auth $host"]
|
||||
puts ">>>>>>>$lst<<<<"
|
||||
|
||||
if {$lst eq ""} {return}
|
||||
foreach l $lst {
|
||||
foreach i $l {
|
||||
|
@ -429,10 +449,11 @@ proc Run::servers {tree host values} {
|
|||
$tree insert "servers::$values" end -id "work_server::$id" \
|
||||
-text "[lindex $server($x) 1]" -values "$id"
|
||||
}
|
||||
InsertWorkServerItems $tree $id
|
||||
}
|
||||
#Run::List $tree $host $values server
|
||||
InsertWorkServerItems $tree $id
|
||||
}
|
||||
#Run::List $tree $host $values server
|
||||
}
|
||||
|
||||
proc Run::work_server {tree host values} {
|
||||
global active_cluster work_list_row_count cluster_user cluster_pwd
|
||||
if {$cluster_user ne "" && $cluster_pwd ne ""} {
|
||||
|
@ -446,8 +467,40 @@ proc Run::work_server {tree host values} {
|
|||
InsertItemsWorkList $l
|
||||
}
|
||||
}
|
||||
proc Run::profile {tree host values} {
|
||||
return
|
||||
}
|
||||
proc Run::profiles {tree host values} {
|
||||
Run::List $tree $host $values profile
|
||||
global active_cluster work_list_row_count cluster_user cluster_pwd
|
||||
if {$cluster_user ne "" && $cluster_pwd ne ""} {
|
||||
set auth "--cluster-user=$cluster_user --cluster-pwd=$cluster_pwd"
|
||||
} else {
|
||||
set auth ""
|
||||
}
|
||||
.frm_work.tree_work delete [ .frm_work.tree_work children {}]
|
||||
set lst [RunCommand "" "profile list --cluster=$active_cluster $auth $host"]
|
||||
|
||||
foreach l $lst {
|
||||
foreach i $l {
|
||||
set profile_list [split $i ":"]
|
||||
#InsertItemsWorkList $server_list
|
||||
if {[string trim [lindex $profile_list 0]] eq "name"} {
|
||||
set profile_name [string trim [lindex $profile_list 1]]
|
||||
lappend profiles($profile_name) $profile_name
|
||||
}
|
||||
}
|
||||
#puts $l
|
||||
InsertItemsWorkList $l
|
||||
}
|
||||
foreach x [array names profiles] {
|
||||
set id [lindex $profiles($x) 0]
|
||||
if { [$tree exists "profile::$id"] == 0 } {
|
||||
$tree insert "profiles::$values" end -id "profile::$id" \
|
||||
-text $id -values "$id"
|
||||
}
|
||||
InsertProfileItems $tree $id
|
||||
}
|
||||
|
||||
}
|
||||
proc Run::processes {tree host values} {
|
||||
Run::List $tree $host $values process
|
||||
|
@ -1087,6 +1140,89 @@ proc Add::rule {tree host values} {
|
|||
}
|
||||
return $frm
|
||||
}
|
||||
proc Add::profiles {tree host values} {
|
||||
Add::profile $tree $host $values
|
||||
}
|
||||
proc Add::profile {tree host values} {
|
||||
global default active_cluster server agent_user agent_pwd cluster_user cluster_pwd auth
|
||||
global config priv crypto right_extension right_extension_definition_roles \
|
||||
all_modules_extension modules_available_for_extension modules_not_available_for_extension
|
||||
if {$cluster_user ne "" && $cluster_pwd ne ""} {
|
||||
set auth "--cluster-user=$cluster_user --cluster-pwd=$cluster_pwd"
|
||||
} else {
|
||||
set auth ""
|
||||
}
|
||||
set var_list {config priv crypto right_extension all_modules_extension }
|
||||
foreach v $var_list {set $v "off"; puts $v}
|
||||
set var_list {right_extension_definition_roles modules_available_for_extension modules_not_available_for_extension}
|
||||
foreach v $var_list {set $v 0; puts $v}
|
||||
unset var_list
|
||||
puts ">>>$right_extension_definition_roles"
|
||||
|
||||
set frm [AddToplevel "Профиль безопасности" security_grey_64]
|
||||
|
||||
label $frm.lbl_name -text "Имя профиля"
|
||||
entry $frm.ent_name
|
||||
label $frm.lbl_descr -text "Описание"
|
||||
entry $frm.ent_descr
|
||||
label $frm.lbl_config -justify left -anchor nw -text "Использование профиля из конфигурации"
|
||||
checkbutton $frm.check_config -variable config -onvalue yes -offvalue no
|
||||
label $frm.lbl_priv -justify left -anchor nw -text "Привилегированный режим"
|
||||
checkbutton $frm.check_priv -variable priv -onvalue yes -offvalue no
|
||||
label $frm.lbl_crypto -justify left -anchor nw -text "Разрешено использование криптографии"
|
||||
checkbutton $frm.check_crypto -variable crypto -onvalue yes -offvalue no
|
||||
label $frm.lbl_right_extension -justify left -anchor nw -text "Любое расширение прав доступа"
|
||||
checkbutton $frm.check_right_extension -variable right_extension -onvalue yes -offvalue no
|
||||
label $frm.lbl_right_extension_definition_roles -justify left -anchor nw -text "Роли, ограничивающие расширение прав доступа"
|
||||
ttk::combobox $frm.cb_right_extension_definition_roles -textvariable right_extension_definition_roles
|
||||
label $frm.lbl_all_modules_extension -justify left -anchor nw -text "Расширение всех модулей"
|
||||
checkbutton $frm.check_all_modules_extension -variable all_modules_extension -onvalue yes -offvalue no
|
||||
label $frm.lbl_modules_available_for_extension -text "Доступные для расширения модули"
|
||||
ttk::combobox $frm.cb_modules_available_for_extension -textvariable modules_available_for_extension
|
||||
label $frm.lbl_modules_not_available_for_extension -text "Недоступные для расширения модули"
|
||||
ttk::combobox $frm.cb_modules_not_available_for_extension -textvariable modules_not_available_for_extension
|
||||
|
||||
grid $frm.lbl_name -row 0 -column 0 -sticky nw -padx 5 -pady 5
|
||||
grid $frm.ent_name -row 0 -column 1 -sticky nsew -padx 5 -pady 5
|
||||
grid $frm.lbl_descr -row 1 -column 0 -sticky nw -padx 5 -pady 5
|
||||
grid $frm.ent_descr -row 1 -column 1 -sticky nsew -padx 5 -pady 5
|
||||
grid $frm.lbl_config -row 2 -column 0 -sticky nw -padx 5 -pady 5
|
||||
grid $frm.check_config -row 2 -column 1 -sticky nw -padx 5 -pady 5
|
||||
grid $frm.lbl_priv -row 3 -column 0 -sticky nw -padx 5 -pady 5
|
||||
grid $frm.check_priv -row 3 -column 1 -sticky nw -padx 5 -pady 5
|
||||
grid $frm.lbl_crypto -row 4 -column 0 -sticky nw -padx 5 -pady 5
|
||||
grid $frm.check_crypto -row 4 -column 1 -sticky nw -padx 5 -pady 5
|
||||
grid $frm.lbl_right_extension -row 5 -column 0 -sticky nw -padx 5 -pady 5
|
||||
grid $frm.check_right_extension -row 5 -column 1 -sticky nw -padx 5 -pady 5
|
||||
grid $frm.lbl_right_extension_definition_roles -row 6 -column 0 -sticky nw -padx 5 -pady 5
|
||||
grid $frm.cb_right_extension_definition_roles -row 6 -column 1 -sticky nsew -padx 5 -pady 5
|
||||
grid $frm.lbl_all_modules_extension -row 7 -column 0 -sticky nw -padx 5 -pady 5
|
||||
grid $frm.check_all_modules_extension -row 7 -column 1 -sticky nw -padx 5 -pady 5
|
||||
grid $frm.lbl_modules_available_for_extension -row 8 -column 0 -sticky nw -padx 5 -pady 5
|
||||
grid $frm.cb_modules_available_for_extension -row 8 -column 1 -sticky nsew -padx 5 -pady 5
|
||||
grid $frm.lbl_modules_not_available_for_extension -row 9 -column 0 -sticky nw -padx 5 -pady 5
|
||||
grid $frm.cb_modules_not_available_for_extension -row 9 -column 1 -sticky nsew -padx 5 -pady 5
|
||||
|
||||
|
||||
.add.frm_btn.btn_ok configure -command {
|
||||
RunCommand "" "profile update \
|
||||
--cluster=$active_cluster $auth \
|
||||
--name=[.add.frm.ent_name get] \
|
||||
--descr=[.add.frm.ent_descr get] \
|
||||
--config=$config \
|
||||
--priv=$priv \
|
||||
--crypto=$crypto \
|
||||
--right-extension=$right_extension \
|
||||
--right-extension-definition-roles=$right_extension_definition_roles \
|
||||
--all-modules-extension=$all_modules_extension \
|
||||
--modules-available-for-extension=$modules_available_for_extension \
|
||||
--modules-not-available-for-extension=$modules_not_available_for_extension \
|
||||
$host"
|
||||
Run::profiles $tree $host $server
|
||||
destroy .add
|
||||
}
|
||||
return $frm
|
||||
}
|
||||
|
||||
proc Edit {} {
|
||||
global active_cluster host
|
||||
|
@ -1772,3 +1908,4 @@ proc Del::server {tree host values} {
|
|||
}
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -461,3 +461,25 @@ image create photo administrator_grey_64 -data {
|
|||
N20hJbui9z9hKspOzhtNboxLDDBSvSAxV0TNbGIjr9BqrILLzFEAosSeCmFlsoxxk98Y1jMLqopV
|
||||
Pc0kSbCSJppYSiONVZDKzDHDNDnuMsUkd7SlRz0E+8H/VYKZPhwAAAAASUVORK5CYII=
|
||||
}
|
||||
image create photo security_grey_64 -data {
|
||||
iVBORw0KGgoAAAANSUhEUgAAAEAAAABACAQAAAAAYLlVAAAAAmJLR0QA/4ePzL8AAAAJcEhZcwAA
|
||||
CxMAAAsTAQCanBgAAAAHdElNRQfiBhgICCh+yumzAAAD+UlEQVRo3sWZXWgUVxTHf9mui9ggS2hE
|
||||
QhrsF9igQdYoaUBJtDS21FhpY4sgmFDB+2ChRbAl5GkJWhAqvhxEsPhmxYIVwRhSGqykQdJaNH6g
|
||||
QZdtCKI2LCGEZQmhL5LurDOz587O6H2aOffM//w59845555bRYBhkrzPezRSTzUwyyS3+YMhydlj
|
||||
VVkb34ZhGwmXqQIDiAxESMC08gMbyyhd42sZiYCASfA9XxFTqC5wnENSCJWAeY1faLVw1gg75Glo
|
||||
BMxKfmO15Wa5S7s8CoWAqeZ31nlMzgNxj7m/2SSz5dA1a3rSxfwkR2inVpbIEmpp5wiTz+ms42QI
|
||||
HjC7+KlENM13nJL5Er04PRympkT3czlbEQGzjPvUOUSjfCpTHtp1/EyLQzTFOzJXyRLsLzE/zFYv
|
||||
8yBTbGXYIapjfwUeMDEe0lAkyLBepsv4rIY/WVUkyPKGLAT1QJvDPOwrZx5kmn0OQQNtwZdgh+Nt
|
||||
UIY0AUCGGPRBsSKw2YmsDkLig6InYOI0Fr3m0ee5AfJFb40mHswD9Y6kOy55tQPyjBe9JqgPRsAZ
|
||||
VLJWmSDrg6Qm4Cw65qwIzPkgWeeC/9MO4WvHeMnjpROIB//ULCdJDFggJzMvkIBZxS46SJEskuX4
|
||||
i8uclUzEBMwa0nS6LFySLWzhsLlAn4xHRMDESXPQ94sYn/CxOUpfFARq+NU/qi8ifksruTAIrHS8
|
||||
dVr4dbMvkq4gMcu5WVINBB9Z1nr9J95xIB2aeWggbekB8zZ3KokRLqH5XZmw8UBvqOYhTq+FB8wK
|
||||
/vHLYIFGgdflsdYDu0M3Dwl265egSwU5wzG66OIYukzQpVwCk+SJYgfc5kN5VveYBi456kevjVj7
|
||||
fBPHzQMtCvMFdspi2SVZdlJQbMQW3RI0Kdx5Ue45ytB7XFR81aQj8JYC6rpCokJ2I1CngHpVIVEh
|
||||
uxGoVkB9oJCokIPWhCmz1/Hn7CUVXlGqa7CdMD2L5ns4oYyGKgKq9hoJ9iw+71FGTmUofhBZDZ7R
|
||||
EbgVGYFbOgKjkREYVRGQDBORmJ+QjPY3PB8JgfP6dHw6EgKn1QRkvKTb5z6Wujx5j2H3E5NXJOxX
|
||||
QDabFIBJ0azQ7rc9F1xWRPdZzgBfKLLHoHTYnowOcJ1lZZPLl8qGzQGvqVe8Jsb+3TDDRyFtv2/k
|
||||
kjUBGLu2YTVrQjB/Rg4FbdF0c6Vi81foDtwjkjzbuVqR+ats929wlilIZIYOzgU2f46Oct0j3a3Z
|
||||
Qfqtz0oFeuVoeTXtvWETYnlvaOSGRtHi6tZ8Rp/qzHCDtKiXzfLy2rTRTWdxg84xclzgRxm2Qayy
|
||||
31kmTjOtrOVNVrAUyPOYB9xkhDGZt0X7D6zc881zDmwYAAAAAElFTkSuQmCC
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue
Block a user