Daryu/RF-AD
1
0
Fork 0
forked from jeanGaston/RF-AD
Code Pull Requests Activity

Add group page on the webgui

Browse Source 
- Add the page groupsdb
- Update menu on other pages
- Add 2 function in webserver.py to display groups and delete them (not fully implemented for now)
This commit is contained in:
jeanGaston 2024-06-03 11:02:06 +00:00
parent 8cc5c2431b
commit 6f96516374
8 changed files with 94 additions and 100 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
Server/Program/WebAPI.py
View File

@ -1,65 +0,0 @@
from threading import Thread
from flask import Flask, request, jsonify
from env import *
import sqlite3
app = Flask(__name__)
# Function to verify if the user is allowed to open the door
def check_access(rfid_uid, door_id):
try:
conn = sqlite3.connect(DBFILE) # Update with your database file path
cursor = conn.cursor()
# Get the user's UPN and group memberships based on the RFID UID
cursor.execute("SELECT upn, MemberOf FROM Users WHERE rFIDUID = ?", (rfid_uid,))
user_data = cursor.fetchone()
if user_data is None:
return False, None # User not found
upn, user_groups = user_data
# Get the group associated with the door
cursor.execute("SELECT GroupCn FROM Doors WHERE id = ?", (door_id,))
door_group = cursor.fetchone()
if door_group is None:
return False, None # Door not found
door_group = door_group[0]
# Check if the user's group is allowed to open the door
if door_group in user_groups.split(','):
return True, upn # Access granted
else:
return False, None # Access denied
except sqlite3.Error as e:
print(f"SQLite Error: {e}")
return False, None
# Route to handle door access requests
@app.route('/access', methods=['POST'])
def door_access():
data = request.get_json()
rfid_uid = data.get('rfid_uid')
door_id = data.get('door_id')
if rfid_uid is None or door_id is None:
return jsonify({'error': 'RFID UID and door ID are required'}), 400
access_granted, upn = check_access(rfid_uid, door_id)
if access_granted:
return jsonify({'access_granted': True, 'upn': upn}), 200
else:
return jsonify({'access_granted': False}), 200
def run_flask_app():
app.run(debug=True, use_reloader=False, port=WebAPIPORT)
def run_webAPI_thread():
print(f"STARTING API on port {WebAPIPORT}")
flask_thread = Thread(target=run_flask_app)
flask_thread.start()
flask_thread.join()
if __name__ == '__main__':
app.run(debug=True)

18
Server/Program/Webserver.py
View File

@ -8,19 +8,16 @@ from env import *
app = Flask(__name__)
# Route to the home
@app.route('/')
def add_door_form():
def index():
existing_groups = get_existing_groups(DBFILE) # Update with your database file path
logs = get_latest_logs(DBFILE,5)
#print(logs[0])
return render_template('./index.html', existing_groups=existing_groups, logs=logs)
# Route to display the fuser db
@app.route('/UserDB')
def index():
def usersdb():
users = get_users()
return render_template('userdb.html', users=users)
# Route to display the fuser db
@ -51,6 +48,16 @@ def export_logs():
headers={"Content-disposition": "attachment; filename=logs.csv"}
)
@app.route('/GroupsDB')
def groupsdb():
doors = get_doors()
groups = get_existing_groups(DBFILE)
return render_template('groupsdb.html', doors=doors, groups=groups)
@app.route('/delete_group/<group_cn>', methods=['POST'])
def delete_group(group_cn):
delete_group_from_database(group_cn)
return render_template('./index.html')
# Route to handle form submission and add the door to the database
@app.route('/add_door', methods=['POST'])
def add_door():
@ -69,7 +76,6 @@ def add_door():
def sync():
sync_ldap_to_database(DBFILE)
return render_template('./LDAP.html')
redirect('/')
# Route to handle door access requests

19
Server/Program/database.py
View File

@ -144,7 +144,7 @@ def print_database_content(db_file):
print_users_table(cursor)
print_groups_table(cursor)
print_doors_table(cursor)
print_log_table(cursor)
#print_log_table(cursor)
conn.close()
@ -201,7 +201,21 @@ def get_existing_groups(db_file):
except sqlite3.Error as e:
print(f"SQLite Error: {e}")
return []
def delete_group_from_database(group_cn):
conn = sqlite3.connect(DBFILE)
cursor = conn.cursor()
cursor.execute("DELETE FROM Groups WHERE cn = ?", (group_cn,))
conn.commit()
conn.close()
def get_doors():
conn = sqlite3.connect(DBFILE)
cursor = conn.cursor()
cursor.execute("SELECT * FROM Doors")
doors = cursor.fetchall()
conn.close()
return doors
def get_users():
"""
Fetch all users from the Users table in the database.
@ -215,6 +229,7 @@ def get_users():
conn.close()
return users
# Function to add a door to the database
def add_door_to_database(db_file, group_cn, Door_id):
try:

59
Server/Program/templates/groupsdb.html Normal file
View File

@ -0,0 +1,59 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Access Logs</title>
<link rel="stylesheet" href="{{ url_for('static', filename='style.css') }}">
</head>
<body>
<div class="navbar">
<a href="/">Home</a>
<a href="/UserDB">Users</a>
<a href="/GroupsDB">Groups</a>
<a href="/LogsDB">Logs</a>
</div>
<div class="container"><h1>Doors and Groups Associations</h1>
<h2>Doors</h2>
<table>
<thead>
<tr>
<th>ID</th>
<th>Group CN</th>
</tr>
</thead>
<tbody>
{% for door in doors %}
<tr>
<td>{{ door[0] }}</td>
<td>{{ door[1] }}</td>
</tr>
{% endfor %}
</tbody>
</table>
<h2>Groups</h2>
<table>
<thead>
<tr>
<th>CN</th>
<th>Action</th>
</tr>
</thead>
<tbody>
{% for group in groups %}
<tr>
<td>{{group}}</td>
<td>
<form action="{{ url_for('delete_group', group_cn=group['cn']) }}" method="post">
<button type="submit" class="delete-btn">Delete</button>
</form>
</td>
</tr>
{% endfor %}
</tbody>
</table>
</div>
</body>
</html>

2
Server/Program/templates/index.html
View File

@ -10,7 +10,9 @@
<div class="navbar">
<a href="/">Home</a>
<a href="/UserDB">Users</a>
<a href="/GroupsDB">Groups</a>
<a href="/LogsDB">Logs</a>
</div>
<div class="container">
<h1>Latest Access Logs</h1>

2
Server/Program/templates/logsdb.html
View File

@ -44,7 +44,9 @@
<div class="navbar">
<a href="/">Home</a>
<a href="/UserDB">Users</a>
<a href="/GroupsDB">Groups</a>
<a href="/LogsDB">Logs</a>
</div>
<div class="container">
<h1>Access Logs</h1>

2
Server/Program/templates/userdb.html
View File

@ -11,7 +11,9 @@
<div class="navbar">
<a href="/">Home</a>
<a href="/UserDB">Users</a>
<a href="/GroupsDB">Groups</a>
<a href="/LogsDB">Logs</a>
</div>
<div class="container">
<h1>Users Database</h1>

27
Server/Program/templates/webgui.html
View File

@ -1,27 +0,0 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Add Door</title>
</head>
<body>
<h1>Add Door</h1>
<form action="/add_door" method="post">
<label for="Door_id" name="Door_id">Door ID:</label>
<input type="integer" id="Door_id" name="Door_id" required><br><br>
<label for="group_cn">Group CN:</label>
<select id="group_cn" name="group_cn" required>
{% for group in existing_groups %}
<option value="{{ group }}">{{ group }}</option>
{% endfor %}
</select><br><br>
<input type="submit" value="Submit">
</form>
<br>
<h1>Force LDAP Synchronization</h1>
<form action="/sync">
<input type="submit" value="Sync LDAP">
</form>
</body>
</html>