#!/bin/sh

. ../common/ajax_common


load_group_list()
{
    printf "{";
    printf "\"all_group\":`list_group`"

    if [ "${CGI_keyword}" != "" -o "${CGI_disable}" != "" ]; then
        printf ",\"need_show\":`search_group`"
    fi

    printf "}";
}


list_group()
{
    printf "["
    ${FLOWEYE} aclgroup list name=${CGI_group}
    printf "]"
}


list_policy()
{
    printf "["
    ${FLOWEYE} aclrule list group=${CGI_gid}
    printf "]"
}


search_group()
{
    if [ ! -f ${PGETC}/panabit.conf ]; then
        printf "{}"
        return
    fi
    
    awk -v keyword="${CGI_keyword}" -v disable="${CGI_disable}" '{
        if($1 == "aclgroup") {
            if(disable != "" && $0 !~ " disable="disable )
                next;
                
            if(keyword != "" && $0 !~ keyword)
                next;

            split($3, name, "=");
            group[name[2]] = 0;
        } else if($1 == "aclrule") {
            if(disable == "")
                next;

            if(disable == "1") {
                if($0 !~ " disable=1") next;
            } else if(disable == "0") {
                if($0 ~ " disable=1") next;
            }
            if(keyword != ""){
                find = 0;

                for(i = 3; i <= NF; i++){
                    if($i ~ keyword)
                    find = 1;
                }

                if(find == 0) next;
            }

            split($2, name, "=");
            group[name[2]]++;
        }
    }END{
        dot = "";
        printf "{";

        for(key in group){
            printf "%s\"%s\":\"%s\"", dot, key, group[key];
            if(dot == "") dot = ",";
        }

        printf "}";
    }' ${PGETC}/panabit.conf
}


add_group()
{
    [ "${CGI_src}" = "" ] && CGI_src="any"
    [ "${CGI_dst}" = "" ] && CGI_dst="any"
    [ "${CGI_ifname}" = "" ] && CGI_ifname="NULL"
    [ "${CGI_disable}" = "on" ] && CGI_disable="0" || CGI_disable="1"

    cmdargs="name=${CGI_name} src=${CGI_submit_srcip} dst=${CGI_submit_dstip} ifname=${CGI_ifname} ifbps=${CGI_ifbps}"
    cmdargs="${cmdargs} month=${CGI_month} startday=${CGI_startday} endday=${CGI_endday}"
    cmdargs="${cmdargs} start=${CGI_start_time} end=${CGI_end_time} disable=${CGI_disable}"

    if [ "${CGI_action}" = "copy_group" ]; then
        cmdargs="clonerules=${CGI_clonerules} ${cmdargs}"
    fi

    if [ "${CGI_action}" = "edit_group" ]; then
        cmdargs="set id=${CGI_id} newname=${CGI_name} ${cmdargs}"
    else
        cmdargs="add ${cmdargs}"
    fi

    errmsg=`${FLOWEYE} aclgroup ${cmdargs}`

    if [ $? -ne 0 ]; then
        retjson 1 "ʧ:${errmsg}"
    else
        sync_floweye "aclgroup ${cmdargs}"
        WEB_LOGGER "ACL" "${cmdargs}"
        retjson 0 "ɹ"
    fi
}


load_addgroup_env()
{
    . ../common/ajax_object_lib

    printf "{"
    printf "\"interface_list\":`lib_interface_list`"
    printf ",\"link_group\":`get_link_group`"
    if [ "${CGI_id}" != "" ]; then
        printf ",\"policy\":`get_group_detail`"
    fi

    printf "}"
}


get_group_detail()
{
    ${FLOWEYE} aclgroup get id=${CGI_id} | awk -F "=" \
    'BEGIN{
        dot = "";
        printf "{";
    }{
        printf "%s", dot;
        printf "\"%s\":\"%s\"", $1, $2;
        if (dot == "") dot = ",";
    }END{
        printf "}";
    }'
}


get_link_group()
{
    ${FLOWEYE} if list | awk \
    'BEGIN{
        dot = "";
        printf "[";
    }{
        link=$(NF-2);
        if(link == 0) next;

        printf "%s%s", dot, link;
        if(dot == "") dot = ",";
    }END{
        printf "]";   
    }'
}


set_enable_group()
{
    cmdargs="id=${CGI_id} disable=${CGI_disable}"
    errmsg=`${FLOWEYE} aclgroup set ${cmdargs}`

    if [ $? -ne 0 ]; then
        retjson 1 "ʧܣ${errmsg}"
    else
        sync_floweye "aclgroup set ${cmdargs}"
        WEB_LOGGER "޸ACL" "${cmdargs}"
        retjson 0 "ɹ"
    fi
}


remove_group()
{
    errmsg=`${FLOWEYE} aclgroup remove id=${CGI_id}`

    if [ $? -ne 0 ]; then
        retjson 1 "ʧ:${errmsg}"
    else
        sync_floweye "aclgroup remove id=${CGI_id}"
        WEB_LOGGER "ɾACL" "id=${CGI_id}"
        retjson 0 "ɹ"
    fi
}

move_group()
{
    cmdargs="id=${CGI_moveup} moveto=${CGI_movedown}"

    errmsg=`${FLOWEYE} aclgroup set ${cmdargs}`

    if [ $? -ne 0 ]; then
        retjson 1 "ʧܣ${errmsg}"
    else
        sync_floweye "aclgroup set ${cmdargs}"
        WEB_LOGGER "ȫ˳" "${cmdargs}"
        retjson 0 "ɹ"
    fi

}

export_group()
{
    group_name=`${FLOWEYE} aclgroup get name=${CGI_group} | grep "^name=" | cut -d"=" -f2`

    file_name="alc_${group_name}.conf"
    file_path="${WEB_DOWNLOAD}/${file_name}"

    mkdir -p ${WEB_DOWNLOAD}
    grep "aclrule group=${CGI_group} " "${PGETC}/panabit.conf" | cut -d" " -f3- > ${file_path}

    retjson 0 "OK" "{\"file_name\":\"${file_name}\"}"
}


import_group()
{
    cat ${CGI_file} | while read cfg
    do
         [ "${cfg}" = "" ] && continue

        policy_id=$(echo "${cfg}" | awk -F'=' '{print $2}' | awk '{print $1}')
        if [ -n "${policy_id}" ]; then
            ${FLOWEYE} aclrule remove group=${CGI_group} id=${policy_id}
        fi
        errmsg=`${FLOWEYE} aclrule add group=${CGI_group} ${cfg}`
        [ $? -ne 0 ] && retjson 1 "ʧܣ${errmsg}"
    done

    WEB_LOGGER "${LANG017:=ACL}"
    retjson 0 "ɹ"
}


add_policy()
{
    [ "${CGI_group}" = "" ] && retjson 1 "INV_GROUP"
    [ "${CGI_action}" = "edit_policy" ] && action="set group=${CGI_group} id=${CGI_oldid} newid=${CGI_id}" || action="add group=${CGI_group} id=${CGI_id}"

    [ "${CGI_submit_srcip}" = "" ] && CGI_submit_srcip="any"
    [ "${CGI_submit_dstip}" = "" ] && CGI_submit_dstip="any"

    id=${CGI_polno}
    [ "${CGI_oldid}" != "" ] && id=${CGI_oldid}
    CGI_inif="${CGI_inif}/${CGI_inpxy}"

    cmdargs="${cmdargs} sport=${CGI_sport} dport=${CGI_dport} src=${CGI_submit_srcip} dst=${CGI_submit_dstip}"
    cmdargs="${cmdargs} app=${CGI_appid} proto=${CGI_proto} action=${CGI_pact} inif=${CGI_inif}"
    cmdargs="${cmdargs} vlan=${CGI_vlan} pool=${CGI_pool} disable=${CGI_disable}"
    cmdargs="${cmdargs} log=${CGI_log} logsend=${CGI_logsend}"

    if [ "${CGI_desc}" != "NULL" -o "${CGI_desc}" != "" ]; then
        [ "${PALANG}" = "en" ] && CGI_desc=`echo ${CGI_desc} | sed -r 's/ /\%20/g'`
        cmdargs="${cmdargs} desc=${CGI_desc}"
    fi
    errmsg=`${FLOWEYE} aclrule ${action} ${cmdargs}`

    if [ $? -ne 0 ]; then
        retjson 1 "${LANG001:=ʧ}${errmsg}"
    else
        sync_floweye "aclrule ${action} ${cmdargs}"
        WEB_LOGGER "${LANG010:=ACL}" "action=${CGI_action} ${cmdargs}"
        retjson 0 "${LANG002:=ɹ}"
    fi
}


load_addpolicy_env()
{
    . ../common/ajax_object_lib

    printf "{"
    printf "\"ippool_list\":`lib_ippool_list`"
    printf ",\"proxy_list\":`lib_proxy_list`"
	printf ",\"plink_list\":`lib_plink_list`"
    printf ",\"wangroup_list\":`lib_wangroup_list`"
    printf ",\"interface_list\":`lib_interface_list`"
    printf ",\"dnsgrp_list\":`lib_dnsgrp_list`"
    printf ",\"datapie_list\":`lib_datapie_list`"
    printf ",\"ntmso_list\":[`${FLOWEYE} ntmso list`]"

    if [ "${CGI_id}" != "" ]; then
        printf ",\"policy\":`get_policy`"
    fi

    printf "}"
}


get_policy()
{
    ${FLOWEYE} aclrule get group=${CGI_group} id=${CGI_id} | awk -F "=" \
    'BEGIN{
        dot = "";
        printf "{";
    }{
        printf "%s", dot;
        printf "\"%s\":\"%s\"", $1, $2;
        if (dot == "") dot = ",";
    }END{
        printf "}";
    }'
}


disable_policy()
{
    [ "${CGI_group}" = "" ] && retjson 1 "INV_GROUP"
    [ "${CGI_id}" = "" ] && retjson 1 "INV_ID"

    cmdargs="group=${CGI_group} id=${CGI_id} disable=${CGI_disable}"
    errmsg=`${FLOWEYE} aclrule set ${cmdargs}`

    if [ $? -ne 0 ]; then
        retjson 1 "ʧܣ${errmsg}"
    else
        sync_floweye "aclrule set ${cmdargs}"
        WEB_LOGGER "޸ACL" "${cmdargs}"
        retjson 0 "ɹ"
    fi
}


remove_policy()
{
    [ "${CGI_group}" = "" ] && retjson 1 "INV_GROUP"
    [ "${CGI_id}" = "" ] && retjson 1 "INV_ID"

    errmsg=`${FLOWEYE} aclrule remove group=${CGI_group} id=${CGI_id}`

    if [ $? -ne 0 ]; then
        retjson 1 "ʧܣ${errmsg}"
    else
        sync_floweye "aclrule remove group=${CGI_group} id=${CGI_id}"
        WEB_LOGGER "ɾACL" "group=${CGI_group},id=${CGI_id}"
        retjson 0 "ɹ"
    fi
}


deal_policy_para()
{   
    num=$((${num}+1))
    # 
    [ "${CGI_proto}" = "" ] && CGI_proto="${L_proto}"
    [ "${CGI_appid}" = "" ] && CGI_appid="${L_app}"
    [ "${CGI_pact}" = "" ] && CGI_pact="${L_action}"
    [ "${CGI_inpxy}" = "" ] && CGI_inpxy="${L_inpxy}"
    [ "${CGI_inif}" = "" ] && CGI_inif="${L_inif}"
    [ "${CGI_log}" = "" ] && CGI_log="${L_log}"
    [ "${CGI_logsend}" = "" ] && CGI_logsend="${L_logsend}"
    
    cmdargs="${cmdargs}group=${CGI_group} id=${L_id} app=${CGI_appid} proto=${CGI_proto} log=${CGI_log} logsend=${CGI_logsend} action=${CGI_pact}"
    
    [ "${CGI_submit_srcip}" != "" ] && cmdargs="${cmdargs} src=${CGI_submit_srcip}"
    [ "${CGI_submit_dstip}" != "" ] && cmdargs="${cmdargs} dst=${CGI_submit_dstip}"
    cmdargs="${cmdargs} inif=${CGI_inif}/${CGI_inpxy}"

    if [ "${CGI_desc}" != "NULL" -o "${CGI_desc}" != "" ]; then
        [ "${PALANG}" = "en" ] && CGI_desc=`echo ${CGI_desc} | sed -r 's/ /\%20/g'`
        cmdargs="${cmdargs} desc=${CGI_desc}"
    fi
    
    params_list="sport;dport;vlan;disable;pool"

     for para in `echo ${params_list} | tr ";" " "`
    do
        eval name="\$CGI_${para}"
        eval Lname="\$L_${para}"
        if [ "${name}" != "" ]; then
            cmdargs="${cmdargs} ${para}=${name}"
        else
            cmdargs="${cmdargs} ${para}=${Lname}"
        fi
    done
    errmsg=`${FLOWEYE} aclrule set ${cmdargs}`
    [ $? -ne 0 ] && retjson 1 "${num}${errmsg}"
    sync_floweye "aclrule set ${cmdargs}"
}


batch_edit_policy()
{    
   [ "${CGI_group}" = "" ] && retjson 1 "INV_GROUP"
    for id in `echo ${CGI_items} | tr ";" " "`
    do
        for line in `${FLOWEYE} aclrule get group=${CGI_group} id=${id}`
		do
            eval "L_${line}"
		done
        deal_policy_para
    done

    WEB_LOGGER "${LANG011:=༭ACL}" "group=${CGI_group} items=${CGI_items}"
	retjson 0 "${LANG002:=ɹ}"
}


btndisable_policy()
{
    for id in `echo ${CGI_items} | tr ";" " "`
    do
        errmsg=`${FLOWEYE} aclrule set group=${CGI_group} id=${id} disable=${CGI_disable}`
        [ $? -ne 0 ] && retjson 1 "ʧܣ${errmsg}"
        sync_floweye "aclrule set group=${CGI_group} id=${CGI_id}}"
    done

    WEB_LOGGER "ACL" "group=${CGI_group} ids=${CGI_items}"
	retjson 0 "ɹ"
}


btnremove_policy()
{
    for id in `echo ${CGI_items} | tr ";" " "`
    do
        errmsg=`${FLOWEYE} aclrule remove group=${CGI_group} id=${id}`
        [ $? -ne 0 ] && retjson 1 "ʧܣ${errmsg}"
        sync_floweye "aclrule remove group=${CGI_group} id=${id}"
    done

    WEB_LOGGER "ɾACL" "group=${CGI_group} ids=${CGI_items}"
	retjson 0 "ɹ"
}


load_acl_list_log()
{
    
    result=`${FLOWEYE} aclrule list log=1 | grep "${CGI_keyword}"`
    printf "["
    printf "%s" "$result" 
    printf "]"
}


case "${CGI_action}" in
    "load_addgroup_env")
        retjson 0 "OK" "`load_addgroup_env`"
        ;;
    "load_group_list")
        retjson 0 "OK" "`load_group_list`"
        ;;

    "list_policy")
        retjson 0 "OK" "`list_policy`"
        ;;
    
    "add_group"|"edit_group"|"copy_group")
        action_check
        add_group
        ;;
    "remove_group")
        action_check
        remove_group
        ;;
    
    "move_group")
        action_check
        move_group
        ;;

    "export_group")
        action_check
        export_group
        ;;

    "add_policy"|"edit_policy")
        action_check
        add_policy
        ;;

    "load_addpolicy_env")
        retjson 0 "OK" "`load_addpolicy_env`"
        ;;

    "disable_policy")
        action_check
        disable_policy
        ;;

    "remove_policy")
        action_check
        remove_policy
        ;;

    "set_enable_group")
        action_check
        set_enable_group
        ;;

    "import_group")
        action_check
        import_group
        ;;

    "batch_edit_policy")
        action_check
        batch_edit_policy
        ;;

    "btndisable_policy")
        action_check
        btndisable_policy
        ;;

    "btnremove_policy")
        action_check
        btnremove_policy
        ;;

    "load_acl_list_log")
        retjson 0 "OK" "`load_acl_list_log`"
        ;;

    *)
        retjson 1 "UNKNOW_ACTION"
        ;;
esac
