fusionpbx/app/access_controls/app_defaults.php

<?php
/*
	FusionPBX
	Version: MPL 1.1

	The contents of this file are subject to the Mozilla Public License Version
	1.1 (the "License"); you may not use this file except in compliance with
	the License. You may obtain a copy of the License at
	http://www.mozilla.org/MPL/

	Software distributed under the License is distributed on an "AS IS" basis,
	WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
	for the specific language governing rights and limitations under the
	License.

	The Original Code is FusionPBX

	The Initial Developer of the Original Code is
	Mark J Crane <markjcrane@fusionpbx.com>
	Portions created by the Initial Developer are Copyright (C) 2016 - 2023
	the Initial Developer. All Rights Reserved.

	Contributor(s):
	Mark J Crane <markjcrane@fusionpbx.com>
*/

//if the number of rows is 0 then read the acl xml into the database
	if ($domains_processed == 1) {

		//add the access control list to the database
		$sql = "select count(*) from v_access_controls ";
		$num_rows = $database->select($sql, null, 'column');
		if ($num_rows == 0) {

			//set the directory
				$xml_dir = $settings->get('switch','conf').'/autoload_configs';
				$xml_file = $xml_dir."/acl.conf.xml";
				$xml_file_alt = $_SERVER["DOCUMENT_ROOT"].'/'.PROJECT_PATH.'/app/switch/resources/conf/autoload_configs/acl.conf';

			//load the xml and save it into an array
				if (file_exists($xml_file)) {
					$xml_string = file_get_contents($xml_file);
				}
				elseif (file_exists($xml_file_alt)) {
					$xml_string = file_get_contents(xml_file_alt);
				}
				else {
					$xml_string = "<configuration name=\"acl.conf\" description=\"Network Lists\">\n";
					$xml_string .= "	<network-lists>\n";
					$xml_string .= "		<list name=\"rfc1918\" default=\"deny\">\n";
					$xml_string .= "			<node type=\"allow\" cidr=\"10.0.0.0/8\"/>\n";
					$xml_string .= "			<node type=\"allow\" cidr=\"172.16.0.0/12\"/>\n";
					$xml_string .= "			<node type=\"allow\" cidr=\"192.168.0.0/16\"/>\n";
					$xml_string .= "		</list>\n";
					$xml_string .= "		<list name=\"providers\" default=\"deny\">\n";
					$xml_string .= "		</list>\n";
					$xml_string .= "	</network-lists>\n";
					$xml_string .= "</configuration>\n";
				}
				$xml_object = simplexml_load_string($xml_string);
				$json = json_encode($xml_object);
				$conf_array = json_decode($json, true);

			//process the array
				if (is_array($conf_array['network-lists']['list'])) {
					foreach($conf_array['network-lists']['list'] as $list) {
						//get the attributes
						$access_control_name = $list['@attributes']['name'];
						$access_control_default = $list['@attributes']['default'];

						//insert the name, description
						$access_control_uuid = uuid();
						$array['access_controls'][0]['access_control_uuid'] = $access_control_uuid;
						$array['access_controls'][0]['access_control_name'] = $access_control_name;
						$array['access_controls'][0]['access_control_default'] = $access_control_default;

						$p = permissions::new();
						$p->add('access_control_add', 'temp');

						$database->app_name = 'access_controls';
						$database->app_uuid = '1416a250-f6e1-4edc-91a6-5c9b883638fd';
						$database->save($array, false);
						unset($array);

						$p->delete('access_control_add', 'temp');

					//normalize the array - needed because the array is inconsistent when there is only one row vs multiple
					if (!empty($list['node']['@attributes']['type'])) {
						$list['node'][]['@attributes'] = $list['node']['@attributes'];
						unset($list['node']['@attributes']);
					}

					//add the nodes
						if (is_array($list['node'])) {
							foreach ($list['node'] as $row) {
								//get the name and value pair
								$node_type = $row['@attributes']['type'];
								$node_cidr = $row['@attributes']['cidr'];
								$node_description = $row['@attributes']['description'];

								//add the profile settings into the database
								$access_control_node_uuid = uuid();
								$array['access_control_nodes'][0]['access_control_node_uuid'] = $access_control_node_uuid;
								$array['access_control_nodes'][0]['access_control_uuid'] = $access_control_uuid;
								$array['access_control_nodes'][0]['node_type'] = $node_type;
								$array['access_control_nodes'][0]['node_cidr'] = $node_cidr;
								$array['access_control_nodes'][0]['node_description'] = $node_description;

								$p = permissions::new();
								$p->add('access_control_node_add', 'temp');

								$database->app_name = 'access_controls';
								$database->app_uuid = '1416a250-f6e1-4edc-91a6-5c9b883638fd';
								$database->save($array, false);
								unset($array);

								$p->delete('access_control_node_add', 'temp');
							}
						}
					}
				}

			//rename the file
				if (file_exists($xml_dir.'/acl.conf.xml')) {
					rename($xml_dir.'/acl.conf.xml', $xml_dir.'/acl.conf');
				}
		}
		unset($sql, $num_rows);

		//rename domains access control to providers
		$sql = "select count(*) from v_access_controls ";
		$sql .= "where access_control_name = 'domains' ";
		$num_rows = $database->select($sql, null, 'column');
		if ($num_rows > 0) {
			//update the access control name
			$sql = "update v_access_controls set access_control_name = 'providers' ";
			$sql .= "where access_control_name = 'domains' ";
			$database->execute($sql, null);
			unset($sql);

			//update the sip profile settings
			$sql = "update v_sip_profile_settings set sip_profile_setting_value = 'providers' ";
			$sql .= "where (sip_profile_setting_name = 'apply-inbound-acl' or sip_profile_setting_name = 'apply-register-acl') ";
			$sql .= "and sip_profile_setting_value = 'domains'; ";
			$database->execute($sql, null);
			unset($sql);

			//clear the cache
			$cache = new cache;
			$cache->delete("configuration:acl.conf");
			$cache->delete("configuration:sofia.conf:".gethostname());

			//create the event socket connection
			$esl = event_socket::create();

			//reload the acl
			event_socket::async("reloadacl");

			//rescan each sip profile
			$sql = "select sip_profile_name from v_sip_profiles ";
			$sql .= "where sip_profile_enabled = 'true'; ";
			$sip_profiles = $database->select($sql, null, 'all');
			if (is_array($sip_profiles)) {
				foreach ($sip_profiles as $row) {
					if ($esl->is_connected()) {
						$command = "sofia profile '".$row['sip_profile_name']."' rescan";
						//echo $command."\n";
						$result = event_socket::api($command);
						//echo $result."\n";
					}
				}
			}
		}

		//remove orphaned access control nodes
		$sql = "delete from v_access_control_nodes ";
		$sql .= "where access_control_uuid not in ( ";
		$sql .= "	select access_control_uuid from v_access_controls ";
		$sql .= ")";
		$database->execute($sql, null);
		unset($sql);

	}

?>
Add the Access Controls as the new interface for ACL Lists. 2015-08-13 07:09:07 +02:00			`<?php`
			`/*`
			`FusionPBX`
			`Version: MPL 1.1`

			`The contents of this file are subject to the Mozilla Public License Version`
			`1.1 (the "License"); you may not use this file except in compliance with`
			`the License. You may obtain a copy of the License at`
			`http://www.mozilla.org/MPL/`

			`Software distributed under the License is distributed on an "AS IS" basis,`
			`WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License`
			`for the specific language governing rights and limitations under the`
			`License.`

			`The Original Code is FusionPBX`

			`The Initial Developer of the Original Code is`
			`Mark J Crane <markjcrane@fusionpbx.com>`
Change Access Control from domains to providers. 2023-04-22 01:43:34 +02:00			`Portions created by the Initial Developer are Copyright (C) 2016 - 2023`
Add the Access Controls as the new interface for ACL Lists. 2015-08-13 07:09:07 +02:00			`the Initial Developer. All Rights Reserved.`

			`Contributor(s):`
			`Mark J Crane <markjcrane@fusionpbx.com>`
			`*/`

			`//if the number of rows is 0 then read the acl xml into the database`
			`if ($domains_processed == 1) {`

			`//add the access control list to the database`
Database class integration. 2019-07-29 17:26:52 +02:00			`$sql = "select count(*) from v_access_controls ";`
			`$num_rows = $database->select($sql, null, 'column');`
			`if ($num_rows == 0) {`
Use is_array around foreach 2022-10-12 22:59:13 +02:00
Database class integration. 2019-07-29 17:26:52 +02:00			`//set the directory`
Change $setting to $settings (#7318) * Change $setting to $settings * Update app_defaults.php * Update fax_queue.php * Update xml_cdr.php * Update email_queue.php * Update transcribe.php * Update send.php * Update fax_queue.php * Update fax_send.php * Update app_defaults.php * Update email_queue.php * Update app_defaults.php * Update app_defaults.php * Update app_defaults.php * Update app_defaults.php * Update app_defaults.php * Update app_defaults.php * Update app_defaults.php * Update app_defaults.php * Update app_defaults.php * Update app_defaults.php * Update app_defaults.php 2025-03-14 23:19:49 +01:00			`$xml_dir = $settings->get('switch','conf').'/autoload_configs';`
Database class integration. 2019-07-29 17:26:52 +02:00			`$xml_file = $xml_dir."/acl.conf.xml";`
Update the to point to app/switch/resources/conf 2023-06-26 21:37:08 +02:00			`$xml_file_alt = $_SERVER["DOCUMENT_ROOT"].'/'.PROJECT_PATH.'/app/switch/resources/conf/autoload_configs/acl.conf';`
Use is_array around foreach 2022-10-12 22:59:13 +02:00
Database class integration. 2019-07-29 17:26:52 +02:00			`//load the xml and save it into an array`
			`if (file_exists($xml_file)) {`
			`$xml_string = file_get_contents($xml_file);`
			`}`
			`elseif (file_exists($xml_file_alt)) {`
			`$xml_string = file_get_contents(xml_file_alt);`
			`}`
			`else {`
			`$xml_string = "<configuration name=\"acl.conf\" description=\"Network Lists\">\n";`
			`$xml_string .= " <network-lists>\n";`
Change default from allow to deny for the LAN rfc198 ACL 2022-08-04 23:02:41 +02:00			`$xml_string .= " <list name=\"rfc1918\" default=\"deny\">\n";`
Change lan to rfc1918 2022-01-27 16:40:08 +01:00			`$xml_string .= " <node type=\"allow\" cidr=\"10.0.0.0/8\"/>\n";`
			`$xml_string .= " <node type=\"allow\" cidr=\"172.16.0.0/12\"/>\n";`
			`$xml_string .= " <node type=\"allow\" cidr=\"192.168.0.0/16\"/>\n";`
			`$xml_string .= " </list>\n";`
Change domains ACL to providers for new installs. 2022-08-07 01:13:38 +02:00			`$xml_string .= " <list name=\"providers\" default=\"deny\">\n";`
Database class integration. 2019-07-29 17:26:52 +02:00			`$xml_string .= " </list>\n";`
			`$xml_string .= " </network-lists>\n";`
			`$xml_string .= "</configuration>\n";`
			`}`
			`$xml_object = simplexml_load_string($xml_string);`
			`$json = json_encode($xml_object);`
			`$conf_array = json_decode($json, true);`

			`//process the array`
Use is_array around foreach 2022-10-12 22:59:13 +02:00			`if (is_array($conf_array['network-lists']['list'])) {`
			`foreach($conf_array['network-lists']['list'] as $list) {`
			`//get the attributes`
Remove access_control_nodes node_domain This is handled automatically to make it easier and prevent mistakes 2023-04-21 17:55:04 +02:00			`$access_control_name = $list['@attributes']['name'];`
			`$access_control_default = $list['@attributes']['default'];`
Use is_array around foreach 2022-10-12 22:59:13 +02:00
			`//insert the name, description`
Remove access_control_nodes node_domain This is handled automatically to make it easier and prevent mistakes 2023-04-21 17:55:04 +02:00			`$access_control_uuid = uuid();`
			`$array['access_controls'][0]['access_control_uuid'] = $access_control_uuid;`
			`$array['access_controls'][0]['access_control_name'] = $access_control_name;`
			`$array['access_controls'][0]['access_control_default'] = $access_control_default;`
Database class integration. 2019-07-29 17:26:52 +02:00
Fix temporary permissions 2024-11-29 21:57:01 +01:00			`$p = permissions::new();`
Remove access_control_nodes node_domain This is handled automatically to make it easier and prevent mistakes 2023-04-21 17:55:04 +02:00			`$p->add('access_control_add', 'temp');`
Database class integration. 2019-07-29 17:26:52 +02:00
Remove access_control_nodes node_domain This is handled automatically to make it easier and prevent mistakes 2023-04-21 17:55:04 +02:00			`$database->app_name = 'access_controls';`
			`$database->app_uuid = '1416a250-f6e1-4edc-91a6-5c9b883638fd';`
			`$database->save($array, false);`
			`unset($array);`
Database class integration. 2019-07-29 17:26:52 +02:00
Remove access_control_nodes node_domain This is handled automatically to make it easier and prevent mistakes 2023-04-21 17:55:04 +02:00			`$p->delete('access_control_add', 'temp');`
Use is_array around foreach 2022-10-12 22:59:13 +02:00
			`//normalize the array - needed because the array is inconsistent when there is only one row vs multiple`
Frytimo pr patches for php8.1 (#6630) * Passing null to parameter #2 ($string) of type string is deprecated * Passing null to parameter #1 ($string) of type string is deprecated * php 8.1 fixes * php 8.1 fixes - replace strlen($var) > 0 with !empty($var) * php 8.1 fixes - replace ${var} with {$var} * php 8.1 fixes - replace ${var} with {$var} * php 8.1 fixes - replace ${var} with {$var} * php 8.1 fixes - replace ${var} with {$var} * php 8.1 fixes - strlower with null * php 8.1 fixes - strreplace with null * php 8.1 fixes - passing null to base64_decode * php 8.1 fixes - check for false and check for null on $this->dir * php 8.1 fixes - remove assignment of $db variable to modules object * php 8.1 fixes - avoid sending null to substr * php 8.1 fixes - change ${var} to {$var} * php 8.1 fixes - check for null before preg_replace * php 8.1 fixes - remove setting db variable on domains object * php 8.1 fixes - set empty string if $row['domain_setting_subcategory'] is null * php 8.1 fixes - set empty string if $_REQUEST['show'] is not available * php 8.1 fixes * php 8.1 fixes - correct $_POST checking syntax * php 8.1 fixes - correct $_POST variables * php 8.1 fixes * Use brackets consistently * Update user_setting_edit.php * Change to not empty * Update device.php * Update text.php --------- Co-authored-by: Tim Fry <tim@voipstratus.com> Co-authored-by: FusionPBX <markjcrane@gmail.com> 2023-05-05 18:46:37 +02:00			`if (!empty($list['node']['@attributes']['type'])) {`
Remove access_control_nodes node_domain This is handled automatically to make it easier and prevent mistakes 2023-04-21 17:55:04 +02:00			`$list['node'][]['@attributes'] = $list['node']['@attributes'];`
			`unset($list['node']['@attributes']);`
			`}`
Use is_array around foreach 2022-10-12 22:59:13 +02:00
			`//add the nodes`
			`if (is_array($list['node'])) {`
			`foreach ($list['node'] as $row) {`
			`//get the name and value pair`
Remove access_control_nodes node_domain This is handled automatically to make it easier and prevent mistakes 2023-04-21 17:55:04 +02:00			`$node_type = $row['@attributes']['type'];`
			`$node_cidr = $row['@attributes']['cidr'];`
			`$node_description = $row['@attributes']['description'];`

Use is_array around foreach 2022-10-12 22:59:13 +02:00			`//add the profile settings into the database`
Remove access_control_nodes node_domain This is handled automatically to make it easier and prevent mistakes 2023-04-21 17:55:04 +02:00			`$access_control_node_uuid = uuid();`
			`$array['access_control_nodes'][0]['access_control_node_uuid'] = $access_control_node_uuid;`
			`$array['access_control_nodes'][0]['access_control_uuid'] = $access_control_uuid;`
			`$array['access_control_nodes'][0]['node_type'] = $node_type;`
			`$array['access_control_nodes'][0]['node_cidr'] = $node_cidr;`
			`$array['access_control_nodes'][0]['node_description'] = $node_description;`

Fix temporary permissions 2024-11-29 21:57:01 +01:00			`$p = permissions::new();`
Remove access_control_nodes node_domain This is handled automatically to make it easier and prevent mistakes 2023-04-21 17:55:04 +02:00			`$p->add('access_control_node_add', 'temp');`

			`$database->app_name = 'access_controls';`
			`$database->app_uuid = '1416a250-f6e1-4edc-91a6-5c9b883638fd';`
			`$database->save($array, false);`
			`unset($array);`

			`$p->delete('access_control_node_add', 'temp');`
Use is_array around foreach 2022-10-12 22:59:13 +02:00			`}`
			`}`
Update app_defaults.php Check to see if the file exists before renaming it. 2017-01-10 07:26:54 +01:00			`}`
Database class integration. 2019-07-29 17:26:52 +02:00			`}`

			`//rename the file`
			`if (file_exists($xml_dir.'/acl.conf.xml')) {`
			`rename($xml_dir.'/acl.conf.xml', $xml_dir.'/acl.conf');`
			`}`
Add the Access Controls as the new interface for ACL Lists. 2015-08-13 07:09:07 +02:00			`}`
Database class integration. 2019-07-29 17:26:52 +02:00			`unset($sql, $num_rows);`
Fix the path problems for the reading the acl.conf.xml. 2015-08-20 17:06:45 +02:00
Change Access Control from domains to providers. 2023-04-22 01:43:34 +02:00			`//rename domains access control to providers`
			`$sql = "select count(*) from v_access_controls ";`
			`$sql .= "where access_control_name = 'domains' ";`
			`$num_rows = $database->select($sql, null, 'column');`
			`if ($num_rows > 0) {`
			`//update the access control name`
			`$sql = "update v_access_controls set access_control_name = 'providers' ";`
			`$sql .= "where access_control_name = 'domains' ";`
			`$database->execute($sql, null);`
			`unset($sql);`

			`//update the sip profile settings`
			`$sql = "update v_sip_profile_settings set sip_profile_setting_value = 'providers' ";`
			`$sql .= "where (sip_profile_setting_name = 'apply-inbound-acl' or sip_profile_setting_name = 'apply-register-acl') ";`
			`$sql .= "and sip_profile_setting_value = 'domains'; ";`
			`$database->execute($sql, null);`
			`unset($sql);`

			`//clear the cache`
			`$cache = new cache;`
			`$cache->delete("configuration:acl.conf");`
			`$cache->delete("configuration:sofia.conf:".gethostname());`

			`//create the event socket connection`
Event socket bug fix and more docs (#6823) * Add documentation to methods. Use is_resource for added type detection * Allow connect to specify timeout in microseconds with default 30,000 * Update calling mechanism for event sockets * Update project for new singleton event sockets * remove unused variable * catch errors on closing the socket 2023-12-03 01:16:18 +01:00			`$esl = event_socket::create();`
Change Access Control from domains to providers. 2023-04-22 01:43:34 +02:00
			`//reload the acl`
Event socket bug fix and more docs (#6823) * Add documentation to methods. Use is_resource for added type detection * Allow connect to specify timeout in microseconds with default 30,000 * Update calling mechanism for event sockets * Update project for new singleton event sockets * remove unused variable * catch errors on closing the socket 2023-12-03 01:16:18 +01:00			`event_socket::async("reloadacl");`
Change Access Control from domains to providers. 2023-04-22 01:43:34 +02:00
			`//rescan each sip profile`
			`$sql = "select sip_profile_name from v_sip_profiles ";`
			`$sql .= "where sip_profile_enabled = 'true'; ";`
			`$sip_profiles = $database->select($sql, null, 'all');`
			`if (is_array($sip_profiles)) {`
			`foreach ($sip_profiles as $row) {`
Event socket bug fix and more docs (#6823) * Add documentation to methods. Use is_resource for added type detection * Allow connect to specify timeout in microseconds with default 30,000 * Update calling mechanism for event sockets * Update project for new singleton event sockets * remove unused variable * catch errors on closing the socket 2023-12-03 01:16:18 +01:00			`if ($esl->is_connected()) {`
Change Access Control from domains to providers. 2023-04-22 01:43:34 +02:00			`$command = "sofia profile '".$row['sip_profile_name']."' rescan";`
			`//echo $command."\n";`
Event socket bug fix and more docs (#6823) * Add documentation to methods. Use is_resource for added type detection * Allow connect to specify timeout in microseconds with default 30,000 * Update calling mechanism for event sockets * Update project for new singleton event sockets * remove unused variable * catch errors on closing the socket 2023-12-03 01:16:18 +01:00			`$result = event_socket::api($command);`
Change Access Control from domains to providers. 2023-04-22 01:43:34 +02:00			`//echo $result."\n";`
			`}`
			`}`
			`}`
			`}`

Remove orphaned access control nodes 2022-07-27 21:28:52 +02:00			`//remove orphaned access control nodes`
			`$sql = "delete from v_access_control_nodes ";`
			`$sql .= "where access_control_uuid not in ( ";`
			`$sql .= " select access_control_uuid from v_access_controls ";`
			`$sql .= ")";`
			`$database->execute($sql, null);`
			`unset($sql);`

Add the Access Controls as the new interface for ACL Lists. 2015-08-13 07:09:07 +02:00			`}`

Update app_defaults.php Check to see if the file exists before renaming it. 2017-01-10 07:26:54 +01:00			`?>`