From e1fa969219ad8e25940fb020e32fbb5c4143a2e0 Mon Sep 17 00:00:00 2001
From: PiBa-NL <pba_2k3@yahoo.com>
Date: Tue, 27 Oct 2015 00:23:00 +0100
Subject: haproxy-devel, -acls/actions in backend -prevent filling backend
 selections items that have value none when renaming a backend -example
 template for using multiple domains on 1 frontend

---
 config/haproxy-devel/www/haproxy_pool_edit.php | 269 ++++++++++++++++++++++++-
 1 file changed, 259 insertions(+), 10 deletions(-)

(limited to 'config/haproxy-devel/www/haproxy_pool_edit.php')

diff --git a/config/haproxy-devel/www/haproxy_pool_edit.php b/config/haproxy-devel/www/haproxy_pool_edit.php
index 13444f4d..71da9732 100644
--- a/config/haproxy-devel/www/haproxy_pool_edit.php
+++ b/config/haproxy-devel/www/haproxy_pool_edit.php
@@ -48,7 +48,7 @@ if (isset($_POST['id']))
 	$id = $_POST['id'];
 else
 	$id = $_GET['id'];
-	
+
 $tmp = get_backend_id($id);
 if (is_numeric($tmp))
 	$id = $tmp;
@@ -204,9 +204,113 @@ $errorfileslist = new HaproxyHtmlList("table_errorfile", $fields_errorfile);
 $errorfileslist->keyfield = "errorcode";
 
 
+
+$fields_aclSelectionList=array();
+$fields_aclSelectionList[0]['name']="name";
+$fields_aclSelectionList[0]['columnheader']="Name";
+$fields_aclSelectionList[0]['colwidth']="30%";
+$fields_aclSelectionList[0]['type']="textbox";
+$fields_aclSelectionList[0]['size']="20";
+
+$fields_aclSelectionList[1]['name']="expression";
+$fields_aclSelectionList[1]['columnheader']="Expression";
+$fields_aclSelectionList[1]['colwidth']="30%";
+$fields_aclSelectionList[1]['type']="select";
+$fields_aclSelectionList[1]['size']="10";
+$fields_aclSelectionList[1]['items']=&$a_acltypes;
+
+$fields_aclSelectionList[2]['name']="not";
+$fields_aclSelectionList[2]['columnheader']="Not";
+$fields_aclSelectionList[2]['colwidth']="5%";
+$fields_aclSelectionList[2]['type']="checkbox";
+$fields_aclSelectionList[2]['size']="5";
+
+$fields_aclSelectionList[3]['name']="value";
+$fields_aclSelectionList[3]['columnheader']="Value";
+$fields_aclSelectionList[3]['colwidth']="35%";
+$fields_aclSelectionList[3]['type']="textbox";
+$fields_aclSelectionList[3]['size']="35";
+
+$fields_actions=array();
+$fields_actions[0]['name']="action";
+$fields_actions[0]['columnheader']="Action";
+$fields_actions[0]['colwidth']="30%";
+$fields_actions[0]['type']="select";
+$fields_actions[0]['size']="200px";
+$fields_actions[0]['items']=&$a_action;
+$fields_actions[1]['name']="parameters";
+$fields_actions[1]['columnheader']="Parameters";
+$fields_actions[1]['colwidth']="30%";
+$fields_actions[1]['type']="fixedtext";
+$fields_actions[1]['size']="200px";
+$fields_actions[1]['text']="See below";
+$fields_actions[2]['name']="acl";
+$fields_actions[2]['columnheader']="Condition acl names";
+$fields_actions[2]['colwidth']="15%";
+$fields_actions[2]['type']="textbox";
+$fields_actions[2]['size']="40";
+
+
+$fields_actions_details=array();
+foreach($a_action as $key => $action) {
+	if (is_array($action['fields'])) {
+		foreach($action['fields'] as $field) {
+			$item = $field;
+			$name = $key . $item['name'];
+			$item['name'] = $name;
+			$item['columnheader'] = $field['name'];
+			$item['customdrawcell'] = customdrawcell_actions;
+			$fields_actions_details[$name] = $item;
+		}
+	}
+}
+
+$a_acltypes["backendservercount"]['fields']['backend']['items'] = &$backends;
+$fields_acl_details=array();
+foreach($a_acltypes as $key => $action) {
+	if (is_array($action['fields'])) {
+		foreach($action['fields'] as $field) {
+			$item = $field;
+			$name = $key . $item['name'];
+			$item['name'] = $name;
+			$item['columnheader'] = $field['name'];
+			$item['customdrawcell'] = customdrawcell_actions;
+			$fields_acl_details[$name] = $item;
+		}
+	}
+}
+
+function customdrawcell_actions($object, $item, $itemvalue, $editable, $itemname, $counter) {
+	if ($editable) {
+		$object->haproxy_htmllist_drawcell($item, $itemvalue, $editable, $itemname, $counter);
+	} else {
+		//TODO hide fields not applicable.?.
+		echo $itemvalue;
+	}
+}
+
+$htmllist_acls = new HaproxyHtmlList("table_acls", $fields_aclSelectionList);
+$htmllist_acls->fields_details = $fields_acl_details;
+$htmllist_acls->editmode = true;
+
+$htmllist_actions = new HaproxyHtmlList("table_actions", $fields_actions);
+$htmllist_actions->fields_details = $fields_actions_details;
+$htmllist_actions->keyfield = "name";
+
+
 if (isset($id) && $a_pools[$id]) {
+	$pconfig['a_acl'] = &$a_pools[$id]['a_acl']['item'];
+	if (!is_array($pconfig['a_acl'])) {
+		$pconfig['a_acl'] = array();
+	}
+	$pconfig['a_actionitems'] = &$a_pools[$id]['a_actionitems']['item'];
+	if (!is_array($pconfig['a_actionitems'])) {
+		$pconfig['a_actionitems'] = array();
+	}
 	$pconfig['advanced'] = base64_decode($a_pools[$id]['advanced']);
 	$pconfig['advanced_backend'] = base64_decode($a_pools[$id]['advanced_backend']);
+	
+	
 	$a_servers = &$a_pools[$id]['ha_servers']['item'];	
 	
 	foreach($simplefields as $stat)
@@ -214,7 +318,9 @@ if (isset($id) && $a_pools[$id]) {
 		
 	
 	$a_errorfiles = &$a_pools[$id]['errorfiles']['item'];
-	if (!is_array($a_errorfiles)) $a_errorfiles = array();
+	if (!is_array($a_errorfiles)) {
+		$a_errorfiles = array();
+	}
 }
 
 if (isset($_GET['dup']))
@@ -276,6 +382,8 @@ if ($_POST) {
 		if (($_POST['name'] == $config['installedpackages']['haproxy']['ha_pools']['item'][$i]['name']) && ($i != $id))
 			$input_errors[] = "This pool name has already been used.  Pool names must be unique.";
 
+	$pconfig['a_acl'] = $htmllist_acls->haproxy_htmllist_get_values();
+	$pconfig['a_actionitems'] = $htmllist_actions->haproxy_htmllist_get_values();
 	$a_servers = $serverslist->haproxy_htmllist_get_values();
 	foreach($a_servers as $server){
 		$server_name    = $server['name'];
@@ -314,23 +422,39 @@ if ($_POST) {
 	if(isset($id) && $a_pools[$id])
 		$pool = $a_pools[$id];
 		
-	if ($pool['name'] != $_POST['name']) {
+	if (!empty($pool['name']) && ($pool['name'] != $_POST['name'])) {
+		//old $pool['name'] can be empty if a new or cloned item is saved, nothing should be renamed then
 		// name changed:
-		if (!is_array($config['installedpackages']['haproxy']['ha_backends']['item'])) {
-			$config['installedpackages']['haproxy']['ha_backends']['item'] = array();
-		}
+		$oldvalue = $pool['name'];
+		$newvalue = $_POST['name'];
+		
 		$a_backend = &$config['installedpackages']['haproxy']['ha_backends']['item'];
+		if (!is_array($a_backend)) {
+			$a_backend = array();
+		}
 
 		for ( $i = 0; $i < count($a_backend); $i++) {
-			if ($a_backend[$i]['backend_serverpool'] == $pool['name'])
-				$a_backend[$i]['backend_serverpool'] = $_POST['name'];
+			$backend = &$a_backend[$i];
+			if ($a_backend[$i]['backend_serverpool'] == $oldvalue) {
+				$a_backend[$i]['backend_serverpool'] = $newvalue;
+			}
+			if (is_array($backend['a_actionitems']['item'])) {
+				foreach($backend['a_actionitems']['item'] as &$item) {
+					if ($item['action'] == "use_backend") {
+						if ($item['use_backendbackend'] == $oldvalue) {
+							$item['use_backendbackend'] = $newvalue;
+						}
+					}
+				}
+			}
 		}
 	}
 
 	if($pool['name'] != "")
 		$changedesc .= " modified pool: '{$pool['name']}'";
-
-	$pool['ha_servers']['item']=$a_servers;
+	$pool['ha_servers']['item'] = $a_servers;
+	$pool['a_acl']['item'] = $pconfig['a_acl'];
+	$pool['a_actionitems']['item'] = $pconfig['a_actionitems'];
 
 	update_if_changed("advanced", $pool['advanced'], base64_encode($_POST['advanced']));
 	update_if_changed("advanced_backend", $pool['advanced_backend'], base64_encode($_POST['advanced_backend']));
@@ -667,6 +791,71 @@ foreach($simplefields as $field){
 				<br/>
 				NOTE: paste text into this box that you would like to pass thru. Applied to the backend section.
 			</td>
+		</tr>	
+		<tr>
+			<td width="22%" valign="top" class="vncell">Access Control lists</td>
+			<td width="78%" class="vtable" colspan="2" valign="top">
+			<?
+			$a_acl = $pconfig['a_acl'];
+			$htmllist_acls->Draw($a_acl);
+			?>
+			<br/>
+				Example:
+				<table border='1' style='border-collapse:collapse'>
+					<tr>
+						<td><b>Name</b></td>
+						<td><b>Expression</b></td>
+						<td><b>Not</b></td>
+						<td><b>Value</b></td>
+					</tr>
+					<tr>
+						<td>Backend1acl</td>
+						<td>Host matches</td>
+						<td></td>
+						<td>www.yourdomain.tld</td>
+					</tr>
+					<tr>
+						<td>addHeaderAcl</td>
+						<td>SSL Client certificate valid</td>
+						<td></td>
+						<td></td>
+					</tr>
+				</table>
+			<br/>
+			acl's with the same name will be 'combined' using OR criteria.<br/>
+			For more information about ACL's please see <a href='http://haproxy.1wt.eu/download/1.5/doc/configuration.txt' target='_blank'>HAProxy Documentation</a> Section 7 - Using ACL's<br/><br/>
+			<strong>NOTE Important change in behaviour, since package version 0.32</strong><br/>
+			-acl's are no longer combined with logical AND operators, list multiple acl's below where needed.<br/>
+			-acl's alone no longer implicitly generate use_backend configuration. Add 'actions' below to accomplish this behaviour.
+			</td>
+		</tr>
+		<tr>
+			<td width="22%" valign="top" class="vncellreq">Actions</td>
+			<td width="78%" class="vtable" colspan="2" valign="top">
+				<?
+				$a_actionitems = $pconfig['a_actionitems'];
+				$htmllist_actions->Draw($a_actionitems);
+				?>
+				<br/>
+				Example:
+				<table border='1' style='border-collapse:collapse'>
+					<tr>
+						<td><b>Action</b></td>
+						<td><b>Parameters</b></td>
+						<td><b>Condition</b></td>
+					</tr>
+					<tr>
+						<td>Use Backend</td>
+						<td>Website1Backend</td>
+						<td>Backend1acl</td>
+					</tr>
+					<tr>
+						<td>http-request header set</td>
+						<td>Headername: X-HEADER-ClientCertValid<br/>New logformat value: YES</td>
+						<td>addHeaderAcl</td>
+					</tr>
+				</table>
+			</td>
 		</tr>
 		<tr><td>&nbsp;</td></tr>
 		<tr>
@@ -1067,12 +1256,72 @@ set by the 'retries' parameter.</div>
 	phparray_to_javascriptarray($a_sticky_type,"sticky_type",Array('/*','/*/descr','/*/cookiedescr'));
 	//phparray_to_javascriptarray($a_files,"a_files",Array('/*','/*/name','/*/descr'));
 
+	phparray_to_javascriptarray($a_action, "showhide_actionfields",
+		Array('/*', '/*/fields', '/*/fields/*', '/*/fields/*/name'));
+	phparray_to_javascriptarray($a_acltypes, "showhide_aclfields",
+		Array('/*', '/*/fields', '/*/fields/*', '/*/fields/*/name'));
+		
 	$serverslist->outputjavascript();
 	$errorfileslist->outputjavascript();
+	$htmllist_acls->outputjavascript();
+	$htmllist_actions->outputjavascript();
 ?>
 	browser_InnerText_support = (document.getElementsByTagName("body")[0].innerText != undefined) ? true : false;
 	
 	totalrows =  <?php echo $counter; ?>;
+	
+	function table_acls_listitem_change(tableId, fieldId, rowNr, field) {
+		if (fieldId = "toggle_details") {
+			fieldId = "expression";
+			field = d.getElementById(tableId+"expression"+rowNr);
+		}
+		if (fieldId = "expression") {
+			var actiontype = field.value;
+			
+			var table = d.getElementById(tableId);
+			
+			for(var actionkey in showhide_aclfields) {
+				var fields = showhide_aclfields[actionkey]['fields'];
+				for(var fieldkey in fields){
+					var fieldname = fields[fieldkey]['name'];
+					var rowid = "tr_edititemdetails_"+rowNr+"_"+actionkey+fieldname;
+					var element = d.getElementById(rowid);
+					
+					if (actionkey == actiontype)
+						element.style.display = '';
+					else
+						element.style.display = 'none';
+				}
+			}
+		}
+	}
+	
+	function table_actions_listitem_change(tableId, fieldId, rowNr, field) {
+		if (fieldId = "toggle_details") {
+			fieldId = "action";
+			field = d.getElementById(tableId+"action"+rowNr);
+		}
+		if (fieldId = "action") {
+			var actiontype = field.value;
+			
+			var table = d.getElementById(tableId);
+			
+			for(var actionkey in showhide_actionfields) {
+				var fields = showhide_actionfields[actionkey]['fields'];
+				for(var fieldkey in fields){
+					var fieldname = fields[fieldkey]['name'];
+					var rowid = "tr_edititemdetails_"+rowNr+"_"+actionkey+fieldname;
+					var element = d.getElementById(rowid);
+					
+					if (actionkey == actiontype)
+						element.style.display = '';
+					else
+						element.style.display = 'none';
+				}
+			}
+		}
+	}
+	
 	updatevisibility();
 </script>
 <?php
-- 
cgit v1.2.3