-
Notifications
You must be signed in to change notification settings - Fork 2
/
thm-authorization.rb
173 lines (163 loc) · 6.18 KB
/
thm-authorization.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
########################################################################
#
# Author: Brian Hood
# Email: <brianh6854@googlemail.com>
# Description: Threatmonitor Authorization
#
# Extends the functionality of the Thm module adding Authorization
#
########################################################################
require 'digest'
require "#{File.dirname(__FILE__)}/lib/thm.rb"
require 'pp'
puts "\e[1;33m\Threatmonitor - User Administration\e[0m\ "
puts "\e[1;33m\===================================\e[0m\ \n\n"
module Thm::Authorization
class AuthTemplate < Thm::DataServices
def initialize
super
@debug = true
end
def setup_privileges(name, obj)
data = obj.new
actiontemplate = { 'userdata' => {
'type' => "#{data.type}",
'group' => "#{data.group}",
'password' => "#{data.password}"
}
}
#pp actiontemplate
if @debug == 1
puts "Action template User data"
puts "User: #{name}"
puts "Type: #{actiontemplate["userdata"]["type"]}"
puts "Group: #{actiontemplate["userdata"]["group"]}"
puts "Password: #{actiontemplate["userdata"]["password"]}"
end
case actiontemplate["userdata"]["type"]
when "adduser"
sqlid = "SELECT gid FROM groups WHERE groupname = '#{actiontemplate["userdata"]["group"]}';"
resgid = @conn.query("#{sqlid}")
rowgid = resgid.fetch_hash
puts "#{rowgid["gid"].to_i}"
if rowgid["gid"] =~ /^[0-9]*$/ # Check the value is numeric
sqlidcnt = "SELECT count(*) as num FROM groups WHERE groupname = '#{actiontemplate["userdata"]["group"]}';"
resgidcnt = @conn.query("#{sqlidcnt}")
rowgidcnt = resgidcnt.fetch_hash
puts "#{rowgidcnt["num"].to_i}"
if rowgidcnt["num"].to_i == 1
sql = "INSERT INTO users (username, password, gid) VALUES ('#{name}', '#{actiontemplate["userdata"]["password"]}', #{rowgid["gid"]});"
begin
@conn.query("#{sql}")
@conn.commit
rescue
puts "There was a issue adding user check database privileges"
end
else
puts "Group #{actiontemplate["userdata"]["group"]} doesn't exist"
end
else
puts "Group #{actiontemplate["userdata"]["group"]} invalid GID ?"
end
when "userexists?"
sqlchkname = "SELECT COUNT(*) as num FROM users WHERE username = '#{name}';"
reschkname = @conn.query("#{sqlchkname}")
rowchknamecnt = reschkname.fetch_hash
puts "#{rowchknamecnt["num"].to_i}"
if rowchknamecnt["num"].to_i == 0
puts "User #{name} doesn't exist"
return false
else
return true
end
when "deleteuser"
if self.user_exists?("#{name}") == true
sqldeluser = "DELETE FROM users WHERE username = '#{name}';"
begin
@conn.query("#{sqldeluser}")
@conn.commit
puts "User #{name} deleted"
rescue
puts "Error deleting User #{name}"
end
end
when "listusers"
sqllsusers = "SELECT uid, username FROM users;"
reslsusers = @conn.query("#{sqllsusers}")
puts "\n"
puts "\e[1;38m| Users Table |\e[0m\ \n"
puts "\e[1;38m\\==========================/\e[0m\ "
while row = reslsusers.fetch_hash do
puts "UID: #{row["uid"]} Username: #{row["username"]}"
end
puts "\n"
when "listgroups"
sqllsusers = "SELECT gid, groupname FROM groups;"
reslsusers = @conn.query("#{sqllsusers}")
puts "\n"
puts "\e[1;38m| Groups Table |\e[0m\ \n"
puts "\e[1;38m\\==========================/\e[0m\ "
while row = reslsusers.fetch_hash do
puts "GID: #{row["gid"]} Groupname: #{row["groupname"]}"
end
puts "\n"
when "groupexists?"
sqlchkname = "SELECT COUNT(*) as num FROM groups WHERE groupname = '#{name}';"
reschkname = @conn.query("#{sqlchkname}")
rowchknamecnt = reschkname.fetch_hash
puts "#{rowchknamecnt["num"].to_i}"
if rowchknamecnt["num"].to_i == 0
if actiontemplate["userdata"]["msg"] == true
puts "Group #{name} doesn't exist"
end
return false
else
return true
end
when "deletegroup"
puts "#{name}"
if self.group_exists?("#{name}") == true
sqldelgroup = "DELETE FROM groups WHERE groupname = '#{name}';"
begin
@conn.query("#{sqldelgroup}")
@conn.commit
puts "Group #{name} deleted"
rescue
puts "Error deleting Group #{name}"
end
end
when "addgroup"
sqlidcnt = "SELECT count(*) as num FROM groups WHERE groupname = '#{name}';"
resgidcnt = @conn.query("#{sqlidcnt}")
rowgidcnt = resgidcnt.fetch_hash
puts "#{rowgidcnt["num"].to_i}"
if rowgidcnt["num"].to_i == 0
sqladdgroup = "INSERT INTO groups (groupname) VALUES ('#{name}');"
begin
@conn.query("#{sqladdgroup}")
@conn.commit
rescue
puts "There was a issue adding group check database privileges"
end
else
puts "Group #{actiontemplate["userdata"]["group"]} doesn't exist"
end
end
end
# Build a class object using a Flat scope so we can pass through variables
# Then pass it as an object to setup_privileges
def objbuilder(user, type="", group="", password="")
# user becomes group when adding / deleting groups
# objbuilder("#{@thmgroupname}", "addgroup")
designobj = Class.new do
attr_reader :type, :group, :password
define_method :initialize do
instance_variable_set("@type", "#{type}")
instance_variable_set("@group", "#{group}")
instance_variable_set("@password", "#{password}")
end
end
setup_privileges("#{user}", designobj)
end
end
end