chore: factorize user@host:port display in machine_display()

This commit is contained in:
Stéphane Lesimple 2024-12-18 10:16:15 +00:00 committed by Stéphane Lesimple
parent 9e357333db
commit 58354cc305
8 changed files with 31 additions and 22 deletions

View file

@ -81,9 +81,7 @@ if (not grep { $action eq $_ } qw{ add del }) {
#<PARAMS:ACTION
#>CODE
my $machine = $ip;
$port and $machine .= ":$port";
$user and $machine = $user . '@' . $machine;
my $machine = OVH::Bastion::machine_display(ip => $ip, port => $port, user => $user)->value;
my $plugin = ($target eq 'self' ? 'self' : 'account') . 'AddPersonalAccess';

View file

@ -86,9 +86,7 @@ $fnret = OVH::Bastion::Helper::acquire_lock($lock_fh);
$fnret or HEXIT($fnret);
#>CODE
my $machine = $ip;
$port and $machine .= ":$port";
$user and $machine = $user . '@' . $machine;
my $machine = OVH::Bastion::machine_display(ip => $ip, port => $port, user => $user)->value;
# access_modify validates all its parameters, don't do it ourselves here for clarity
$fnret = OVH::Bastion::access_modify(

View file

@ -1131,7 +1131,11 @@ $user = $user || $config->{'defaultLogin'} || $remoteself || $sysself;
# log request
osh_debug("final request : " . "$user\@$ip -p $port -- $command'\n");
my $displayLine = "$hostfrom:$portfrom => $self\@$bastionhost:$bastionport => $user\@$hostto:$port";
my $displayLine = sprintf("%s => %s => %s",
OVH::Bastion::machine_display(ip => $hostfrom, port => $portfrom)->value,
OVH::Bastion::machine_display(ip => $bastionhost, port => $bastionport, user => $self)->value,
OVH::Bastion::machine_display(ip => $hostto, port => $port, user => $user)->value,
);
if (!$quiet) {
osh_print("$displayLine ...");

View file

@ -750,6 +750,19 @@ sub is_valid_remote_user {
return R('ERR_INVALID_PARAMETER', msg => "Specified user doesn't seem to be valid");
}
sub machine_display {
my %params = @_;
my $ip = $params{'ip'};
my $port = $params{'port'};
my $user = $params{'user'};
my $machine = (index($ip, ':') >= 0 ? "[$ip]" : $ip);
$machine .= ":$port" if $port;
$machine = $user . '@' . $machine if $user;
return R('OK', value => $machine);
}
sub touch_file {
my $file = shift;
my $perms = shift;

View file

@ -206,10 +206,12 @@ sub act {
# foreach guest access, delete
foreach my $access (@acl) {
my $machine = $access->{'ip'};
$machine .= ':' . $access->{'port'} if defined $access->{'port'};
$machine = $access->{'user'} . '@' . $machine if defined $access->{'user'};
$fnret = OVH::Bastion::Plugin::groupSetRole::act(
my $machine = OVH::Bastion::machine_display(
ip => $access->{'ip'},
port => $access->{'port'},
user => $access->{'user'}
)->value;
$fnret = OVH::Bastion::Plugin::groupSetRole::act(
account => $account,
group => $shortGroup,
action => 'del',
@ -251,9 +253,7 @@ sub act {
# in that case, we need to handle the add/del of the guest access to $user@$host:$port
# check if group has access to $user@$ip:$port
my $machine = $host;
$port and $machine .= ":$port";
$user and $machine = $user . '@' . $machine;
my $machine = OVH::Bastion::machine_display(ip => $host, port => $port, user => $user)->value;
osh_debug(
"groupSetRole::act, checking if group $group has access to $machine to $action $type access to $account");

View file

@ -27,7 +27,7 @@ sub has_protocol_access {
return R('ERR_MISSING_PARAMETERS', msg => "Missing mandatory parameters for has_protocol_access");
}
my $machine = "$user\@$ip:$port";
my $machine = OVH::Bastion::machine_display(ip => $ip, port => $port, user => $user)->value;
my %keys;
osh_debug("Checking access 1/2 of $account to $machine...");

View file

@ -918,9 +918,7 @@ sub is_access_granted {
return R('OK', value => \@grants) if @grants;
my $machine = $ip;
$machine .= ":$port" if $port;
$machine = $user . '@' . $machine if $user;
my $machine = OVH::Bastion::machine_display(ip => $ip, port => $port, user => $user)->value;
return R('KO_ACCESS_DENIED', msg => "Access denied for $account to $machine");
}

View file

@ -582,10 +582,8 @@ sub access_modify {
}
# build the line we're either adding or looking for (to delete it)
my $entry = $ip;
$entry = $user . "@" . $entry if defined $user;
$entry = $entry . ":" . $port if defined $port;
my $machine = $entry;
my $machine = OVH::Bastion::machine_display(ip => $ip, port => $port, user => $user)->value;
my $entry = $machine;
my $t = localtime(time);
my $fmt = "%Y-%m-%d %H:%M:%S";