-- system/system is from mod-admin-full
toplevel_page(page, "admin/system/system", alias("admin", "system", "system"))
+ -- Only used if applications add items
+ page = node("admin", "vpn")
+ page.title = _("VPN")
+ page.order = 30
+ page.index = true
+ toplevel_page(page, false, false)
+
-- Only used if applications add items
page = node("admin", "services")
page.title = _("Services")
page.index = true
toplevel_page(page, false, false)
- if nixio.fs.access("/etc/config/dhcp") then
- page = entry({"admin", "dhcplease_status"}, call("lease_status"), nil)
- page.leaf = true
- end
-
- local has_wifi = false
-
- uci:foreach("wireless", "wifi-device",
- function(s)
- has_wifi = true
- return false
- end)
-
- if has_wifi then
- page = entry({"admin", "wireless_assoclist"}, call("wifi_assoclist"), nil)
- page.leaf = true
-
- page = entry({"admin", "wireless_deauth"}, post("wifi_deauth"), nil)
- page.leaf = true
- end
-
page = entry({"admin", "translations"}, call("action_translations"), nil)
page.leaf = true
page = entry({"admin", "ubus"}, call("action_ubus"), nil)
+ page.sysauth = false
page.leaf = true
-- Logout is last
code = code,
message = errmsg
}
+ elseif type(code) == "table" then
+ reply.result = code
else
reply.result = { code, data }
end
"double"
}
+local function ubus_access(sid, obj, fun)
+ local res, code = luci.util.ubus("session", "access", {
+ ubus_rpc_session = sid,
+ scope = "ubus",
+ object = obj,
+ ["function"] = fun
+ })
+
+ return (type(res) == "table" and res.access == true)
+end
+
local function ubus_request(req)
- if type(req) ~= "table" or type(req.method) ~= "string" or type(req.params) ~= "table" or
- #req.params < 2 or req.jsonrpc ~= "2.0" or req.id == nil then
- return ubus_reply(req.id, nil, -32600, "Invalid request")
+ if type(req) ~= "table" or type(req.method) ~= "string" or req.jsonrpc ~= "2.0" or req.id == nil then
+ return ubus_reply(nil, nil, -32600, "Invalid request")
elseif req.method == "call" then
+ if type(req.params) ~= "table" or #req.params < 3 then
+ return ubus_reply(nil, nil, -32600, "Invalid parameters")
+ end
+
local sid, obj, fun, arg =
req.params[1], req.params[2], req.params[3], req.params[4] or {}
if type(arg) ~= "table" or arg.ubus_rpc_session ~= nil then
return ubus_reply(req.id, nil, -32602, "Invalid parameters")
end
- if sid == "00000000000000000000000000000000" then
+ if sid == "00000000000000000000000000000000" and luci.dispatcher.context.authsession then
sid = luci.dispatcher.context.authsession
end
+ if not ubus_access(sid, obj, fun) then
+ return ubus_reply(req.id, nil, -32002, "Access denied")
+ end
+
arg.ubus_rpc_session = sid
local res, code = luci.util.ubus(obj, fun, arg)
return ubus_reply(req.id, res, code or 0)
elseif req.method == "list" then
- if type(params) ~= "table" or #params == 0 then
- local objs = { luci.util.ubus() }
- return ubus_reply(req.id, objs, 0)
- else
+ if req.params == nil or (type(req.params) == "table" and #req.params == 0) then
+ local objs = luci.util.ubus()
+ return ubus_reply(req.id, nil, objs)
+
+ elseif type(req.params) == "table" then
local n, rv = nil, {}
- for n = 1, #params do
- if type(params[n]) ~= "string" then
+ for n = 1, #req.params do
+ if type(req.params[n]) ~= "string" then
return ubus_reply(req.id, nil, -32602, "Invalid parameters")
end
- local sig = luci.util.ubus(params[n])
+ local sig = luci.util.ubus(req.params[n])
if sig and type(sig) == "table" then
- rv[params[n]] = {}
+ rv[req.params[n]] = {}
local m, p
for m, p in pairs(sig) do
if type(p) == "table" then
- rv[params[n]][m] = {}
+ rv[req.params[n]][m] = {}
local pn, pt
for pn, pt in pairs(p) do
- rv[params[n]][m][pn] = ubus_types[pt] or "unknown"
+ rv[req.params[n]][m][pn] = ubus_types[pt] or "unknown"
end
end
end
end
end
- return ubus_reply(req.id, rv, 0)
+ return ubus_reply(req.id, nil, rv)
+
+ else
+ return ubus_reply(req.id, nil, -32602, "Invalid parameters")
end
end
function action_ubus()
local parser = require "luci.jsonc".new()
- luci.http.context.request:setfilehandler(function(_, s) parser:parse(s or "") end)
+
+ luci.http.context.request:setfilehandler(function(_, s)
+ if not s then
+ return nil
+ end
+
+ local ok, err = parser:parse(s)
+ return (not err or nil)
+ end)
+
luci.http.context.request:content()
local json = parser:get()
luci.http.prepare_content("application/json")
luci.http.write_json(response)
end
-
-function lease_status()
- local s = require "luci.tools.status"
-
- luci.http.prepare_content("application/json")
- luci.http.write('[')
- luci.http.write_json(s.dhcp_leases())
- luci.http.write(',')
- luci.http.write_json(s.dhcp6_leases())
- luci.http.write(']')
-end
-
-function wifi_assoclist()
- local s = require "luci.tools.status"
-
- luci.http.prepare_content("application/json")
- luci.http.write_json(s.wifi_assoclist())
-end
-
-function wifi_deauth()
- local iface = luci.http.formvalue("iface")
- local bssid = luci.http.formvalue("bssid")
-
- if iface and bssid then
- luci.util.ubus("hostapd.%s" % iface, "del_client", {
- addr = bssid,
- deauth = true,
- reason = 5,
- ban_time = 60000
- })
- end
- luci.http.status(200, "OK")
-end