/usr/share/netdisco/html/admin.html is in netdisco-frontend 1.0-2.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 | <h1 class="pagehead">Administration Panel</h1>
<TABLE BORDER=0 CELLSPACING=0 CELLPADDING=0>
<TR>
<TD ALIGN=CENTER VALIGN=TOP>
<h2 class="subheader"><A HREF="admin_dev.html">Device Control</A></h2>
<A HREF="admin_dev.html"><IMG SRC="admin_plug.gif" ALT="Device Admin" WIDTH=158 HEIGHT=131 style="border: none; vertical-align: middle;"></A>
<hr class="noshade">
<h2 class="subheader"><A HREF="admin_user.html">User Control</A></h2>
<A HREF="admin_user.html"><IMG SRC="admin_chimp.gif" ALT="User Admin" HEIGHT=127 WIDTH=80 style="border: thin solid; vertical-align: middle;"></A>
<hr class="noshade">
<h2 class="subheader">Maintenance</h2>
<FORM ACTION="admin_dev.html" METHOD=POST>
<DIV>
<INPUT TYPE="HIDDEN" NAME="cmd" VALUE="add">
<TABLE CLASS="adm-search">
<TR>
<TH>Action:</TH>
<TD><SELECT NAME="action" SIZE=3>
% foreach my $c (sort keys %actions){
% next unless $c;
<OPTION VALUE="<%$c|h%>"><%$actions{$c}->[0]%>
% }
</SELECT></TD>
</TR>
<TR>
<TH>Debug:</TH>
<TD>
<INPUT TYPE="checkbox" NAME="debug" VALUE="yes">
<INPUT TYPE="submit" CLASS="navbutton" VALUE="Queue New Job">
<A CLASS="navbutton" HREF="<%$r->uri%>">Reset</A>
</TD>
</TR>
</TABLE>
</DIV>
</FORM>
<FORM ACTION="admin_dev.html" METHOD=GET>
<DIV style="text-align: center">
<INPUT TYPE="SUBMIT" CLASS="navbutton" VALUE="View Job Queue">
</DIV>
</FORM>
</TD>
<TD CLASS="match-1"> </TD>
<TD>
<h2 class="subheader">Admin Log</h2>
<& SELF:show_log &>
<P>
<FORM ACTION="<%$r->uri%>" METHOD=GET>
<DIV>
<TABLE CLASS="adm-search">
<TR>
<TH>Type:</TH>
<TD><SELECT MULTIPLE NAME="type" SIZE=4>
% foreach my $this_event (sort keys %$events) {
<OPTION VALUE="<%$this_event%>" <% grep(/^$this_event$/,@type) ? 'SELECTED' : ''%>><%$log_events{$this_event} || $this_event%>
% }
</SELECT></TD>
</TR><TR>
<TH>Entries:</TH>
<TD><SELECT NAME="entries" SIZE=3>
% foreach (qw/All 10 20 50 100 200 500/){
<OPTION VALUE="<% $_|h %>"<% $_ eq $entries ? ' SELECTED' : ''%>><%$_|h%>
%}
</SELECT>
</TD>
</TR>
<TR><TD> </TD>
<TD><INPUT TYPE="submit" CLASS="navbutton" VALUE="Refresh Log">
<A CLASS="navbutton" HREF="<%$r->uri%>">Reset</A>
</TD>
</TR>
</TABLE>
</DIV>
</FORM>
</TD></TR>
</TABLE>
<hr class="noshade">
<b>Note:</b>
<UL>
<LI>Some maintenance jobs can take up to half an hour to complete.
<LI>Database cleanup jobs PERMANENTLY remove data. Make sure you understand what they do before executing them.
</UL>
<%args>
$entries => 20
@type => ()
</%args>
<%shared>
my ($arg_entries,$logs);
my $user = $m->session->{user};
my $domain = $netdisco::CONFIG{domain};
my %actions = (
# action => [longname, confirm action?]
'expire_ips' => ['Database Cleanup - Expire IPs [-I]',1],
'graph' => ['Regenerate Graph',1],
'backup' => ['Run Nightly Backup',1],
'clean_nodes' => ['Database Cleanup - Nodes [-K]',1],
'clean_alias' => ['Database Cleanup - Aliases [-k]',1]
);
my %log_events = (
'user_add' => 'User Added',
'user_change' => 'User Changed',
'user_del' => 'User Deleted',
'login' => 'Login',
'http_login' => 'Login via HTTP',
'logout' => 'Logout',
'login_failure' => 'Login Failed',
'pw_change' => 'Passwd Changed',
);
</%shared>
<%init>
# Enforce secure + admin
$m->comp('SELF:force_secure_admin');
$arg_entries = $entries;
# Get names of events in db
my $events = sql_column('user_log',['distinct(event)','true']);
# Limit by Type
my $where = {};
foreach my $this_type (@type){
next unless defined $this_type and $this_type;
push (@{$where->{event}},$this_type);
}
# Fetch Admin Log Entries
# TODO: this is going to get slower and slower, so I need to use the DB to limit it.
$logs = sql_rows('user_log',['username','userip','event','details',
'extract(epoch from creation) as creation'],
$where,1);
</%init>
<%method force_secure_admin>
<%perl>
# Send to https if not secure.
unless (&is_secure){
my $url = url_secure($r->uri);
$m->redirect($url);
}
# Send to login if not admin.
unless ($m->session->{user_admin}) {
my $url = $m->interp->apply_escapes( $r->uri, 'u' );
my $title = $m->scomp('REQUEST:title');
$title =~ s/^\s*-\s+//;
$title =~ s/\s+$//;
$m->session->{_login_msg} = "Please log in as a netdisco administrator in order to use the ${title}.";
$m->redirect("login.html?done=$url");
}
</%perl>
</%method>
%#
%# show_log() - Barfs out contents of @$logs
%#
<%method show_log>
<TABLE CELLSPACING=0 CLASS="box" BORDER=0>
<TR>
<TH>Date</TH>
<TH>User</TH>
<TH>Event</TH>
<TH>IP</TH>
<TH>Log</TH>
</TR>
<TR><TD COLSPAN=5><hr class="noshade"></TD></TR>
% my $count = 0;
% foreach my $log (sort {$b->{creation} <=> $a->{creation} }@$logs){
% my $event = $log_events{$log->{event}} || $log->{event};
<TR CLASS="match-<%$count%2%>">
<TD><span class="nobr"><%scalar localtime($log->{creation})%></span></TD>
<TD><%$log->{username}%></TD>
<TD><%$event%></TD>
<TD><%$log->{userip}%></TD>
<TD><%$log->{details}|h%></TD>
</TR>
% $count++; last if ($arg_entries ne 'All' and $count >= $arg_entries);
%}
</TABLE>
</%method>
<%method title>
- Administration Panel \
</%method>
%# $Id: admin.html,v 1.21 2007/12/19 06:24:34 maxbaker Exp $
%# vim:syntax=mason
|