github-personal/sysadm
1
0
Fork 0
mirror of https://github.com/outbackdingo/sysadm.git synced 2026-01-27 18:20:23 +00:00
Code Issues Packages Projects Releases Wiki Activity
152 Commits 2 Branches 3 Tags
0077d68208d10c403954a32ca8cd0de45e60f143
Commit Graph

28 Commits

Author SHA1 Message Date
Ken Moore
0077d68208 Commit some debugging work on the sysadm server. 2016-01-18 16:53:12 -05:00
Ken Moore
f30b6cf947 Finish up the overhaul of the Events subsystem and start adding in the Life Preserver event handling/systems. 2016-01-18 12:37:40 -05:00
Ken Moore
82b549ead3 Split off the Events subsystem from the server class and set it up for easy expansion later. 2016-01-15 15:36:04 -05:00
Ken Moore
ec7f25d804 Add a new API call: namespace=rpc, name=query 
This will probe all the known subsystems and return which ones are currently available and what level of access the user has (read/write).

REST Request:
-------------------------------
PUT /rpc/query
{
   "junk" : "junk"
}

REST Response:
-------------------------------
{
    "args": {
        "rpc/dispatcher": "read/write",
        "rpc/syscache": "read",
        "sysadm/lifepreserver": "read/write",
        "sysadm/network": "read/write"
    }
}

WebSocket Request:
-------------------------------
{
   "id" : "fooid",
   "name" : "query",
   "namespace" : "rpc",
   "args" : {
      "junk" : "junk"
   }
}

WebSocket Response:
-------------------------------
{
  "args": {
    "rpc/dispatcher": "read/write",
    "rpc/syscache": "read",
    "sysadm/lifepreserver": "read/write",
    "sysadm/network": "read/write"
  },
  "id": "fooid",
  "name": "response",
  "namespace": "rpc"
}
 2016-01-13 14:21:45 -05:00
Ken Moore
d93b0a5ba7 Add a new auth subsystem to teh backend of the server. 
Now the user's who login are divided up into "Full Access" users or not. This allows for additional restrictions in the backend subsystems to restrict certain types of operations to only the "full access" (root-permissioned) users.
The users are divided up like this:
1) The user must be in either the "wheel" or "operator" groups to get any access whatsoever (restricting automated services from connecting).
2) If the user is in the "wheel" group, they get full access to the server's capabilities
3) If the user is in the "operator" group instead, then they only get limited access to the server's capabilities.

While here, also allow password-less logins to the server if the client is connecting to a server on the same system (local access). User restrictions still apply.
 2016-01-13 13:12:10 -05:00
Ken Moore
262ddb637d Commit some more work on on updating the websocket server to use wss. 2016-01-08 14:01:49 -05:00
Ken Moore
ba654808db Get the TCP server running with SSL encryption all the time now (TLS1.2) 2016-01-08 12:07:17 -05:00
Ken Moore
cce21a7677 Switch the sysadm server over to the secure socket protocols (wss/https) 2016-01-07 16:07:35 -05:00
Ken Moore
40a7e41213 Fix a bug with event notifications and the new output structure (ensure it sets the output data properly). 2016-01-07 15:14:46 -05:00
Ken Moore
7ffec5003b Add PUT REST support, and clean up the bytes calculation for the output JSON data. 2016-01-05 16:20:37 -05:00
Ken Moore
b425c7bb89 Allow "Post" Requests from REST input. 2016-01-05 15:54:55 -05:00
Ken Moore
838a5d9f60 Fix up some REST input parsing. 2016-01-05 15:50:38 -05:00
Ken Moore
35a90406ec Oops, forgot to comment out the auth user/pass line from the log file (don't need to keep that around). 2016-01-05 15:12:07 -05:00
Ken Moore
858ed83611 Add in the REST authorization protocols so REST communications now get through to the backend systems if valid requests. 2016-01-05 15:11:01 -05:00
Ken Moore
c08a458127 Quick fix for the unauthorized return value for bad requests. 2016-01-05 14:46:00 -05:00
Ken Moore
a1ba1044ee Don't 'close' a socket after a TCP reply - instead just disconnect from the host after all data has been transmitted. 2016-01-05 14:17:46 -05:00
Ken Moore
a5fcddcbbe Separate out the reply systems within the websocket.[cpp/h] files, and ensure that we close the TCP socket after sending back a reply. 2016-01-05 13:46:55 -05:00
Kris Moore
ea0bbad1f6 Merge branch 'master' of https://github.com/pcbsd/sysadm 2016-01-05 13:19:16 -05:00
Kris Moore
528c247607 Add LifePreserver API first list-cron call 2016-01-05 13:19:01 -05:00
Ken Moore
adda4e7931 Merge branch 'master' of github.com:pcbsd/sysadm 2016-01-05 13:18:43 -05:00
Ken Moore
1c7dab4ab2 Fix a typo in the signal/slots for a tcp server. 2016-01-05 13:18:20 -05:00
Ken Moore
fdf06cac1e Clean up a bit more of the websocket class. 2016-01-04 13:44:58 -05:00
Ken Moore
7d53e59a1d Oops, forgot to turn off debug mode before committing. 2016-01-04 13:33:44 -05:00
Ken Moore
8d57413401 A few more updates to the input message parsing systems for the server: Ensure that both the namespace and the name of the input message are passed through to the backend parser/system (if authorized). 2016-01-04 13:30:49 -05:00
Ken Moore
87ab5f2a22 Fix the input argument parsing for sysadm-server. 2016-01-04 13:01:39 -05:00
Ken Moore
b0bfcb4c03 Convert the REST/JSON input/output structures quite a bit so the backend usage is now agnostic as to the type of input used. It will then convert the output format to match what was input (REST -> REST, JSON -> JSON). 2015-12-30 16:05:08 -05:00
Ken Moore
9fe2914da3 Convert sysadm-server to run either in TCP or WebSocket mode. 
New CLI flags:
"-ws": Use the websocket protocols instead of tcp
"-p <port number>": Use the designated port number for the server.
 2015-12-29 12:43:29 -05:00
Ken Moore
f5dab0048c Add a copy of the syscache-webclient server into the sysadm/src/server. 
Also setup the server to make it easier to extend for API/library support in the backend. All backend functionality can now be added to the new "WebBackend.cpp" file (and WebSocket.h file for headers).
 2015-12-15 13:06:42 -05:00