diff options
author | Jo-Philipp Wich <jo@mein.io> | 2018-05-18 16:44:33 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-05-18 16:44:33 +0200 |
commit | 828202ef5237f48e6f53d15ca198e2c6815b7cd7 (patch) | |
tree | a59276e5df1ebe77edca65b06b2a3b72f10ba70c /modules/luci-mod-admin-full/luasrc | |
parent | 80cb4fef8c7db0dadc373fef122d7abb092a7191 (diff) | |
parent | 9f796fad3a0cc89df57d4e27ef6d7223a093071c (diff) |
Merge pull request #1769 from jow-/master
UCI apply/rollback workflow
Diffstat (limited to 'modules/luci-mod-admin-full/luasrc')
6 files changed, 167 insertions, 130 deletions
diff --git a/modules/luci-mod-admin-full/luasrc/controller/admin/uci.lua b/modules/luci-mod-admin-full/luasrc/controller/admin/uci.lua index ba317f9f4f..9533ff5e6e 100644 --- a/modules/luci-mod-admin-full/luasrc/controller/admin/uci.lua +++ b/modules/luci-mod-admin-full/luasrc/controller/admin/uci.lua @@ -11,54 +11,91 @@ function index() entry({"admin", "uci"}, nil, _("Configuration")) entry({"admin", "uci", "changes"}, call("action_changes"), _("Changes"), 40).query = {redir=redir} entry({"admin", "uci", "revert"}, post("action_revert"), _("Revert"), 30).query = {redir=redir} - entry({"admin", "uci", "apply"}, post("action_apply"), _("Apply"), 20).query = {redir=redir} - entry({"admin", "uci", "saveapply"}, post("action_apply"), _("Save & Apply"), 10).query = {redir=redir} + + local node + local authen = function(checkpass, allowed_users) + return "root", luci.http.formvalue("sid") + end + + node = entry({"admin", "uci", "apply_rollback"}, post("action_apply_rollback"), nil) + node.cors = true + node.sysauth_authenticator = authen + + node = entry({"admin", "uci", "apply_unchecked"}, post("action_apply_unchecked"), nil) + node.cors = true + node.sysauth_authenticator = authen + + node = entry({"admin", "uci", "confirm"}, post("action_confirm"), nil) + node.cors = true + node.sysauth_authenticator = authen end + function action_changes() - local uci = luci.model.uci.cursor() + local uci = require "luci.model.uci" local changes = uci:changes() luci.template.render("admin_uci/changes", { - changes = next(changes) and changes + changes = next(changes) and changes, + timeout = timeout }) end -function action_apply() - local path = luci.dispatcher.context.path - local uci = luci.model.uci.cursor() +function action_revert() + local uci = require "luci.model.uci" local changes = uci:changes() - local reload = {} - -- Collect files to be applied and commit changes + -- Collect files to be reverted + local r, tbl for r, tbl in pairs(changes) do - table.insert(reload, r) - if path[#path] ~= "apply" then - uci:load(r) - uci:commit(r) - uci:unload(r) - end + uci:revert(r) end - luci.template.render("admin_uci/apply", { - changes = next(changes) and changes, - configs = reload + luci.template.render("admin_uci/revert", { + changes = next(changes) and changes }) end -function action_revert() - local uci = luci.model.uci.cursor() - local changes = uci:changes() +local function ubus_state_to_http(errstr) + local map = { + ["Invalid command"] = 400, + ["Invalid argument"] = 400, + ["Method not found"] = 404, + ["Entry not found"] = 404, + ["No data"] = 204, + ["Permission denied"] = 403, + ["Timeout"] = 504, + ["Not supported"] = 500, + ["Unknown error"] = 500, + ["Connection failed"] = 503 + } - -- Collect files to be reverted - for r, tbl in pairs(changes) do - uci:load(r) - uci:revert(r) - uci:unload(r) + local code = map[errstr] or 200 + local msg = errstr or "OK" + + luci.http.status(code, msg) + + if code ~= 204 then + luci.http.prepare_content("text/plain") + luci.http.write(msg) end +end - luci.template.render("admin_uci/revert", { - changes = next(changes) and changes - }) +function action_apply_rollback() + local uci = require "luci.model.uci" + local _, errstr = uci:apply(true) + ubus_state_to_http(errstr) +end + +function action_apply_unchecked() + local uci = require "luci.model.uci" + local _, errstr = uci:apply(false) + ubus_state_to_http(errstr) +end + +function action_confirm() + local uci = require "luci.model.uci" + local _, errstr = uci:confirm() + ubus_state_to_http(errstr) end diff --git a/modules/luci-mod-admin-full/luasrc/model/cbi/admin_network/wifi.lua b/modules/luci-mod-admin-full/luasrc/model/cbi/admin_network/wifi.lua index a574d35979..a3e28fe589 100644 --- a/modules/luci-mod-admin-full/luasrc/model/cbi/admin_network/wifi.lua +++ b/modules/luci-mod-admin-full/luasrc/model/cbi/admin_network/wifi.lua @@ -7,6 +7,17 @@ local ut = require "luci.util" local nt = require "luci.sys".net local fs = require "nixio.fs" +local acct_port, acct_secret, acct_server, anonymous_identity, ant1, ant2, + auth, auth_port, auth_secret, auth_server, bssid, cacert, cacert2, + cc, ch, cipher, clientcert, clientcert2, ea, eaptype, en, encr, + ft_protocol, ft_psk_generate_local, hidden, htmode, identity, + ieee80211r, ieee80211w, ifname, ifsection, isolate, key_retries, + legacyrates, max_timeout, meshfwd, meshid, ml, mobility_domain, mode, + mp, nasid, network, password, pmk_r1_push, privkey, privkey2, privkeypwd, + privkeypwd2, r0_key_lifetime, r0kh, r1_key_holder, r1kh, + reassociation_deadline, retry_timeout, ssid, st, tp, wepkey, wepslot, + wmm, wpakey, wps + arg[1] = arg[1] or "" m = Map("wireless", "", @@ -19,8 +30,6 @@ m:chain("network") m:chain("firewall") m.redirect = luci.dispatcher.build_url("admin/network/wireless") -local ifsection - function m.on_commit(map) local wnet = nw:get_wifinet(arg[1]) if ifsection and wnet then @@ -40,38 +49,6 @@ if not wnet or not wdev then return end --- wireless toggle was requested, commit and reload page -function m.parse(map) - local new_cc = m:formvalue("cbid.wireless.%s.country" % wdev:name()) - local old_cc = m:get(wdev:name(), "country") - - if m:formvalue("cbid.wireless.%s.__toggle" % wdev:name()) then - if wdev:get("disabled") == "1" or wnet:get("disabled") == "1" then - wnet:set("disabled", nil) - else - wnet:set("disabled", "1") - end - wdev:set("disabled", nil) - - nw:commit("wireless") - luci.sys.call("(env -i /bin/ubus call network reload) >/dev/null 2>/dev/null") - - luci.http.redirect(luci.dispatcher.build_url("admin/network/wireless", arg[1])) - return - end - - Map.parse(map) - - if m:get(wdev:name(), "type") == "mac80211" and new_cc and new_cc ~= old_cc then - luci.sys.call("iw reg set %s" % ut.shellquote(new_cc)) - luci.http.redirect(luci.dispatcher.build_url("admin/network/wireless", arg[1])) - return - end -end - -m.title = luci.util.pcdata(wnet:get_i18n()) - - local function txpower_list(iw) local list = iw.txpwrlist or { } local off = tonumber(iw.txpower_offset) or 0 @@ -112,6 +89,57 @@ local hw_modes = iw.hwmodelist or { } local tx_power_list = txpower_list(iw) local tx_power_cur = txpower_current(wdev:get("txpower"), tx_power_list) +-- wireless toggle was requested, commit and reload page +function m.parse(map) + local new_cc = m:formvalue("cbid.wireless.%s.country" % wdev:name()) + local old_cc = m:get(wdev:name(), "country") + + if m:formvalue("cbid.wireless.%s.__toggle" % wdev:name()) then + if wdev:get("disabled") == "1" or wnet:get("disabled") == "1" then + wnet:set("disabled", nil) + else + wnet:set("disabled", "1") + end + wdev:set("disabled", nil) + m.apply_needed = true + m.redirect = nil + end + + Map.parse(map) + + if m:get(wdev:name(), "type") == "mac80211" and new_cc and new_cc ~= old_cc then + luci.sys.call("iw reg set %s" % ut.shellquote(new_cc)) + + local old_ch = tonumber(m:formvalue("cbid.wireless.%s._mode_freq.channel" % wdev:name()) or "") + if old_ch then + local _, c, new_ch + for _, c in ipairs(iw.freqlist) do + if c.channel > old_ch or (old_ch <= 14 and c.channel > 14) then + break + end + new_ch = c.channel + end + if new_ch ~= old_ch then + wdev:set("channel", new_ch) + m.message = translatef("Channel %d is not available in the %s regulatory domain and has been auto-adjusted to %d.", + old_ch, new_cc, new_ch) + end + end + end + + if wdev:get("disabled") == "1" or wnet:get("disabled") == "1" then + en.title = translate("Wireless network is disabled") + en.inputtitle = translate("Enable") + en.inputstyle = "apply" + else + en.title = translate("Wireless network is enabled") + en.inputtitle = translate("Disable") + en.inputstyle = "reset" + end +end + +m.title = luci.util.pcdata(wnet:get_i18n()) + s = m:section(NamedSection, wdev:name(), "wifi-device", translate("Device Configuration")) s.addremove = false @@ -119,29 +147,12 @@ s:tab("general", translate("General Setup")) s:tab("macfilter", translate("MAC-Filter")) s:tab("advanced", translate("Advanced Settings")) ---[[ -back = s:option(DummyValue, "_overview", translate("Overview")) -back.value = "" -back.titleref = luci.dispatcher.build_url("admin", "network", "wireless") -]] - st = s:taboption("general", DummyValue, "__status", translate("Status")) st.template = "admin_network/wifi_status" st.ifname = arg[1] en = s:taboption("general", Button, "__toggle") -if wdev:get("disabled") == "1" or wnet:get("disabled") == "1" then - en.title = translate("Wireless network is disabled") - en.inputtitle = translate("Enable") - en.inputstyle = "apply" -else - en.title = translate("Wireless network is enabled") - en.inputtitle = translate("Disable") - en.inputstyle = "reset" -end - - local hwtype = wdev:get("type") -- NanoFoo @@ -170,9 +181,7 @@ if found_sta then found_sta.channel or "(auto)", table.concat(found_sta.names, ", ")) else ch = s:taboption("general", Value, "_mode_freq", '<br />'..translate("Operating frequency")) - ch.hwmodes = hw_modes - ch.htmodes = iw.htmodelist - ch.freqlist = iw.freqlist + ch.iwinfo = iw ch.template = "cbi/wireless_modefreq" function ch.cfgvalue(self, section) @@ -1049,7 +1058,7 @@ if hwtype == "mac80211" then retry_timeout.rmempty = true end - local key_retries = s:taboption("encryption", Flag, "wpa_disable_eapol_key_retries", + key_retries = s:taboption("encryption", Flag, "wpa_disable_eapol_key_retries", translate("Enable key reinstallation (KRACK) countermeasures"), translate("Complicates key reinstallation attacks on the client side by disabling retransmission of EAPOL-Key frames that are used to install keys. This workaround might cause interoperability issues and reduced robustness of key negotiation especially in environments with heavy traffic load.")) diff --git a/modules/luci-mod-admin-full/luasrc/view/admin_uci/apply.htm b/modules/luci-mod-admin-full/luasrc/view/admin_uci/apply.htm deleted file mode 100644 index 370027e510..0000000000 --- a/modules/luci-mod-admin-full/luasrc/view/admin_uci/apply.htm +++ /dev/null @@ -1,23 +0,0 @@ -<%# - Copyright 2008 Steven Barth <steven@midlink.org> - Copyright 2008 Jo-Philipp Wich <jow@openwrt.org> - Licensed to the public under the Apache License 2.0. --%> - -<%+header%> - -<h2 name="content"><%:Configuration%> / <%:Apply%></h2> - -<% if changes then %> - <%+cbi/apply_xhr%> - <%+admin_uci/changelog%> - - <%- cbi_apply_xhr('uci-apply', configs) -%> - - <p><strong><%:The following changes have been committed%>:</strong></p> - <%- uci_changelog(changes) -%> -<% else %> - <p><strong><%:There are no pending changes to apply!%></strong></p> -<% end %> - -<%+footer%> diff --git a/modules/luci-mod-admin-full/luasrc/view/admin_uci/changes.htm b/modules/luci-mod-admin-full/luasrc/view/admin_uci/changes.htm index 6e725c8888..9e9ce2be2a 100644 --- a/modules/luci-mod-admin-full/luasrc/view/admin_uci/changes.htm +++ b/modules/luci-mod-admin-full/luasrc/view/admin_uci/changes.htm @@ -1,40 +1,41 @@ <%# Copyright 2008 Steven Barth <steven@midlink.org> - Copyright 2008-2015 Jo-Philipp Wich <jow@openwrt.org> + Copyright 2008-2018 Jo-Philipp Wich <jo@mein.io> Licensed to the public under the Apache License 2.0. -%> <%+header%> +<%- + local node, redir_url = luci.dispatcher.lookup(luci.http.formvalue("redir")) + + include("cbi/apply_widget") + include("admin_uci/changelog") + + cbi_apply_widget(redir_url or url("admin/uci/changes")) +-%> + <h2 name="content"><%:Configuration%> / <%:Changes%></h2> <% if changes then %> - <%+admin_uci/changelog%> <%- uci_changelog(changes) -%> <% else %> <p><strong><%:There are no pending changes!%></strong></p> <% end %> +<div class="alert-message" id="cbi_apply_status" style="display:none"></div> + <div class="cbi-page-actions"> - <% local node, url = luci.dispatcher.lookup(luci.http.formvalue("redir")); if url then %> + <% if redir_url then %> <div style="float:left"> - <form class="inline" method="get" action="<%=luci.util.pcdata(url)%>"> + <form class="inline" method="get" action="<%=luci.util.pcdata(redir_url)%>"> <input class="cbi-button cbi-button-link" style="float:left; margin:0" type="submit" value="<%:Back%>" /> </form> </div> <% end %> <div style="text-align:right"> - <form class="inline" method="post" action="<%=controller%>/admin/uci/apply"> - <input type="hidden" name="token" value="<%=token%>" /> - <input type="hidden" name="redir" value="<%=pcdata(luci.http.formvalue("redir"))%>" /> - <input class="cbi-button cbi-button-apply" type="submit" value="<%:Apply%>" /> - </form> - <form class="inline" method="post" action="<%=controller%>/admin/uci/saveapply"> - <input type="hidden" name="token" value="<%=token%>" /> - <input type="hidden" name="redir" value="<%=pcdata(luci.http.formvalue("redir"))%>" /> - <input class="cbi-button cbi-button-save" type="submit" value="<%:Save & Apply%>" /> - </form> + <input class="cbi-button cbi-button-save" type="button" id="apply_button" value="<%:Save & Apply%>" onclick="uci_apply(true); this.blur()" /> <form class="inline" method="post" action="<%=controller%>/admin/uci/revert"> <input type="hidden" name="token" value="<%=token%>" /> <input type="hidden" name="redir" value="<%=pcdata(luci.http.formvalue("redir"))%>" /> diff --git a/modules/luci-mod-admin-full/luasrc/view/admin_uci/revert.htm b/modules/luci-mod-admin-full/luasrc/view/admin_uci/revert.htm index 20327adff3..dff53420aa 100644 --- a/modules/luci-mod-admin-full/luasrc/view/admin_uci/revert.htm +++ b/modules/luci-mod-admin-full/luasrc/view/admin_uci/revert.htm @@ -1,26 +1,39 @@ <%# Copyright 2008 Steven Barth <steven@midlink.org> - Copyright 2008 Jo-Philipp Wich <jow@openwrt.org> + Copyright 2008-2018 Jo-Philipp Wich <jo@mein.io> Licensed to the public under the Apache License 2.0. -%> <%+header%> +<%- + local node, redir_url = luci.dispatcher.lookup(luci.http.formvalue("redir")) + + include("cbi/apply_widget") + include("admin_uci/changelog") + + cbi_apply_widget(redir_url or url("admin/uci/revert")) +-%> + <h2 name="content"><%:Configuration%> / <%:Revert%></h2> <% if changes then %> - <%+cbi/apply_xhr%> - <%+admin_uci/changelog%> - <p><strong><%:The following changes have been reverted%>:</strong></p> <%- uci_changelog(changes) -%> <% else %> <p><strong><%:There are no pending changes to revert!%></strong></p> <% end %> -<% local node, url = luci.dispatcher.lookup(luci.http.formvalue("redir")); if url then %> +<div class="alert-message" id="cbi_apply_status" style="display:none"></div> +<script type="text/javascript"> + document.addEventListener("DOMContentLoaded", function() { + uci_apply(true); + }); +</script> + +<% if redir_url then %> <div class="cbi-page-actions"> - <form class="inline" method="get" action="<%=luci.util.pcdata(url)%>"> + <form class="inline" method="get" action="<%=luci.util.pcdata(redir_url)%>"> <input class="cbi-button cbi-button-link" style="margin:0" type="submit" value="<%:Back%>" /> </form> </div> diff --git a/modules/luci-mod-admin-full/luasrc/view/cbi/wireless_modefreq.htm b/modules/luci-mod-admin-full/luasrc/view/cbi/wireless_modefreq.htm index 2fb64b3c42..ebb02e489b 100644 --- a/modules/luci-mod-admin-full/luasrc/view/cbi/wireless_modefreq.htm +++ b/modules/luci-mod-admin-full/luasrc/view/cbi/wireless_modefreq.htm @@ -1,9 +1,9 @@ <%+cbi/valueheader%> <script type="text/javascript">//<![CDATA[ - var freqlist = <%= luci.http.write_json(self.freqlist) %>; - var hwmodes = <%= luci.http.write_json(self.hwmodes) %>; - var htmodes = <%= luci.http.write_json(self.htmodes) %>; + var freqlist = <%= luci.http.write_json(self.iwinfo.freqlist) %>; + var hwmodes = <%= luci.http.write_json(self.iwinfo.hwmodelist or {}) %>; + var htmodes = <%= luci.http.write_json(self.iwinfo.htmodelist) %>; var channels = { '11g': [ |