From c5df7f9bb7b86b87444551a76dcaa9c1a29ab46f Mon Sep 17 00:00:00 2001 From: "vladimir.kuznetsov" Date: Wed, 18 Jan 2023 19:55:12 +0300 Subject: [PATCH] added diagrams describing the process of obtaining information about clients --- client/ui/pages_logic/ClientInfoLogic.cpp | 4 +- .../ui/pages_logic/ClientManagementLogic.cpp | 6 +- docs/openVpnClientInfoWorkFlow.plantuml | 52 ++++++++++++++++ ...> openVpnRevokeClientCertificate.plantuml} | 19 +++--- docs/wireGuardClientInfoWorkFlow.plantuml | 59 +++++++++++++++++++ 5 files changed, 125 insertions(+), 15 deletions(-) create mode 100644 docs/openVpnClientInfoWorkFlow.plantuml rename docs/{openvpnRevokeClientCertificate.plantuml => openVpnRevokeClientCertificate.plantuml} (68%) create mode 100644 docs/wireGuardClientInfoWorkFlow.plantuml diff --git a/client/ui/pages_logic/ClientInfoLogic.cpp b/client/ui/pages_logic/ClientInfoLogic.cpp index 30a03317..61d86ad1 100644 --- a/client/ui/pages_logic/ClientInfoLogic.cpp +++ b/client/ui/pages_logic/ClientInfoLogic.cpp @@ -52,7 +52,7 @@ void ClientInfoLogic::onUpdatePage() const QString certId = model->data(modelIndex, ClientManagementModel::ClientRoles::OpenVpnCertIdRole).toString(); QString certData = model->data(modelIndex, ClientManagementModel::ClientRoles::OpenVpnCertDataRole).toString(); - if (certData.isEmpty()) { + if (certData.isEmpty() && !certId.isEmpty()) { QString stdOut; auto cbReadStdOut = [&](const QString &data, QSharedPointer proc) { stdOut += data + "\n"; @@ -66,7 +66,7 @@ void ClientInfoLogic::onUpdatePage() m_serverController->disconnectFromHost(credentials); if (isErrorOccured(error)) { set_busyIndicatorIsRunning(false); - uiLogic()->closePage(); + emit uiLogic()->closePage(); return; } } diff --git a/client/ui/pages_logic/ClientManagementLogic.cpp b/client/ui/pages_logic/ClientManagementLogic.cpp index aaacb96a..57707f11 100644 --- a/client/ui/pages_logic/ClientManagementLogic.cpp +++ b/client/ui/pages_logic/ClientManagementLogic.cpp @@ -30,8 +30,10 @@ void ClientManagementLogic::onUpdatePage() if (!protocols.empty()) { m_currentMainProtocol = protocols.front(); - ErrorCode error = getClientsList(m_settings->serverCredentials(uiLogic()->selectedServerIndex), - selectedContainer, m_currentMainProtocol, clients); + const ServerCredentials credentials = m_settings->serverCredentials(uiLogic()->selectedServerIndex); + + ErrorCode error = getClientsList(credentials, selectedContainer, m_currentMainProtocol, clients); + m_serverController->disconnectFromHost(credentials); if (error != ErrorCode::NoError) { QMessageBox::warning(nullptr, APPLICATION_NAME, tr("An error occurred while getting the list of clients.") + "\n" + errorString(error)); diff --git a/docs/openVpnClientInfoWorkFlow.plantuml b/docs/openVpnClientInfoWorkFlow.plantuml new file mode 100644 index 00000000..ff4ec9ef --- /dev/null +++ b/docs/openVpnClientInfoWorkFlow.plantuml @@ -0,0 +1,52 @@ +@startuml openVpnRevokeClientCertificate + +|client management page| +start + +:on update client management page; +:get clientsTable file from container; +:get a list of issued certificates; + +repeat + +if ( for each issued certificate: +clientsTable contains the issued certificate) then (yes) +else (no) + :add certificate id to clientsTable; +endif + +repeat while (is this the last issued certificate?) + +if (if clientsTable has been changed) then (yes) + :save the clientsTable file on the server; +else (no) +endif + +:add clientsTable to the clientManagementModel; + +|client info page| +:on update client info page; +floating note + clicked on one of the clients + on the client management page +end note + +:get the certificate data for the selected client; +if (if client name has been changed) then (yes) + :update clientManagementModel; + :get clientsTable from clientManagementModel; + :save the clientsTable file on the server; +else (no) + if (if revoke certificate was clicked) then (yes) + :described in file openVpnRevokeClientCertificate.plantuml; + |client management page| + :return to page client management; + stop + else (no) + |client info page| + :just look at the beautiful page; + stop + endif +endif +stop +@enduml \ No newline at end of file diff --git a/docs/openvpnRevokeClientCertificate.plantuml b/docs/openVpnRevokeClientCertificate.plantuml similarity index 68% rename from docs/openvpnRevokeClientCertificate.plantuml rename to docs/openVpnRevokeClientCertificate.plantuml index f453ae71..c33045e6 100644 --- a/docs/openvpnRevokeClientCertificate.plantuml +++ b/docs/openVpnRevokeClientCertificate.plantuml @@ -1,21 +1,18 @@ -@startuml openvpnRevokeClientCertificate +@startuml openVpnRevokeClientCertificate actor Admin as adm participant "Amnezia Client" as cli participant "Amnezia Container" as cont participant "OpenVpn Service" as ovpn adm -> cli: revoke the selected client certificate -cli -> cli: start progress bar +cli -> cli: start busy indicator cli -> cont: execute script "revoke openvpn client" -cont -> cont: easyrsa revoke clientName -note right - clientName is the clientId field - of the ConnectionData structure -end note - +cont -> cont: cd /opt/amnezia/openvpn +cont -> cont: easyrsa revoke openvpnCertId cont -> cont: easyrsa gen-crl -cont -> cont: cp crl.pem +cont -> cont: cp pki/crl.pem crl.pem +cont -> cont: add crl-verify crl.pem to server.conf cont -> ovpn: restart openvpn service note right In the OpenVpn config @@ -27,12 +24,12 @@ end note group#lightgreen #lightgreen if [successful case] ovpn --> cont: restart result - cont --> cli: display that the selected certificate has been revoked + cont --> cli: back to the client management page else #pink some kind of failure cont --> cli: display an error depending on when it occurred end -cli -> cli: stop progress bar +cli -> cli: stop busy indicator cli --> adm: return control to the user @enduml \ No newline at end of file diff --git a/docs/wireGuardClientInfoWorkFlow.plantuml b/docs/wireGuardClientInfoWorkFlow.plantuml new file mode 100644 index 00000000..96876c39 --- /dev/null +++ b/docs/wireGuardClientInfoWorkFlow.plantuml @@ -0,0 +1,59 @@ +@startuml wireGuardRevokeClientCertificate + +|client management page| +start + +:on update client management page; +:get clientsTable file from server; +:get wireguard config from server; + +repeat + +if ( for each public key in wireguard config: +clientsTable contains the public key) then (yes) +else (no) + :add public key to clientsTable; +endif + +repeat while (is this the last public key?) + +if (if clientsTable has been changed) then (yes) + :save the clientsTable file on the server; +else (no) +endif + +:add clientsTable to the clientManagementModel; + +|client info page| +:on update client info page; +floating note + clicked on one of the clients + on the client management page +end note + +:get the certificate data for the selected client; +if (if client name has been changed) then (yes) + :update clientManagementModel; + :get clientsTable from clientManagementModel; + :save the clientsTable file on the server; +else (no) + if (if revoke key was clicked) then (yes) + :update clientManagementModel; + :get clientsTable from clientManagementModel; + + :delete section with public key from wireguard config; + :save wireguard config on the server; + :restart wireguard service; + + :save the clientsTable file on the server; + |client management page| + :return to page client management; + stop + else (no) + |client info page| + :just look at the beautiful page; + stop + endif +endif +stop +@enduml \ No newline at end of file