-
Notifications
You must be signed in to change notification settings - Fork 22
/
create_acl_for_luci.sh
executable file
·113 lines (100 loc) · 2.92 KB
/
create_acl_for_luci.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
#!/bin/bash
# SPDX-License-Identifier: GPL-2.0-only
# --------------------------------------------------------
# Script for creating ACL file for each LuCI APP
error_font="\033[31m[Error]$\033[0m "
success_font="\033[32m[Success]\033[0m "
info_font="\033[36m[Info]\033[0m "
function echo_green_bg(){
echo -e "\033[42;37m$1\033[0m"
}
function echo_yellow_bg(){
echo -e "\033[43;37m$1\033[0m"
}
function echo_red_bg(){
echo -e "\033[41;37m$1\033[0m"
}
function clean_outdated_files(){
rm -f "create_acl_for_luci.err" "create_acl_for_luci.warn" "create_acl_for_luci.ok"
}
function check_if_acl_exist(){
ls "$1"/root/usr/share/rpcd/acl.d/*.json >/dev/null 2>&1 && return 0 || return 1
}
function check_config_files(){
[ "$(ls "$1"/root/etc/config/* 2>/dev/null | wc -l)" -ne "1" ] && return 0 || return 1
}
function get_config_name(){
ls "$1"/root/etc/config/* 2>/dev/null | awk -F '/' '{print $NF}'
}
function create_acl_file(){
mkdir -p "$1"
echo -e "{
\"$2\": {
\"description\": \"Grant UCI access for $2\",
\"read\": {
\"uci\": [ \"$3\" ]
},
\"write\": {
\"uci\": [ \"$3\" ]
}
}
}" > "$1/$2.json"
}
function auto_create_acl(){
luci_app_list="$(find package -maxdepth 2 | grep -Eo "package/.+/luci-app-[a-zA-Z0-9_-]+" | sort -s)"
[ "$(echo -e "${luci_app_list}" | wc -l)" -gt "0" ] && for i in ${luci_app_list}
do
if check_if_acl_exist "$i"; then
echo_yellow_bg "$i: has ACL file already, skipping..." | tee -a create_acl_for_luci.warn
elif check_config_files "$i"; then
echo_red_bg "$i: has no/multi config file(s), skipping..." | tee -a create_acl_for_luci.err
else
create_acl_file "$i/root/usr/share/rpcd/acl.d" "${i##*/}" "$(get_config_name "$i")"
echo_green_bg "$i: ACL file has been generated." | tee -a create_acl_for_luci.ok
fi
done
}
while getopts "achml:n:p:" input_arg
do
case $input_arg in
a)
auto_create_acl
exit
;;
m)
manual_mode=1
;;
p)
acl_path="$OPTARG"
;;
l)
luci_name="$OPTARG"
;;
n)
conf_name="$OPTARG"
;;
c)
clean_outdated_files
exit
;;
h|?|*)
echo -e "${info_font}Usage: $0 [-a|-m (-p <path-to-acl>) -l <luci-name> -n <conf-name>|-c]"
exit 2
;;
esac
done
if [ "*${manual_mode}*" == "*1*" ] && [ -n "${luci_name}" ] && [ -n "${conf_name}" ]; then
acl_path="${acl_path:-root/usr/share/rpcd/acl.d}"
if create_acl_file "${acl_path}" "${luci_name}" "${conf_name}"; then
echo -e "${success_font}Output file: $(ls "${acl_path}/${luci_name}.json")"
echo_green_bg "$(cat "${acl_path}/${luci_name}.json")"
echo_green_bg "${luci_name}: ACL file has been generated." >> "create_acl_for_luci.ok"
[ -e "create_acl_for_luci.err" ] && sed -i "/${luci_name}/d" "create_acl_for_luci.err"
else
echo -e "${error_font}Failed to create file ${acl_path}/${luci_name}.json"
echo_red_bg "${luci_name}: Failed to create ACL file." >> "create_acl_for_luci.err"
fi
else
echo -e "${info_font}Usage: $0 [-a|-m -p <path-to-acl> -l <luci-name> -n <conf-name>|-c]"
exit 2
fi