X-Git-Url: http://git.roojs.org/?a=blobdiff_plain;f=DataObjects%2FCore_setting.php;h=b09acb20351bdde6c18bd1c69cbff05187929672;hb=cd0367f0b1c72b3bf7140f594c7e54ef2ed94c9e;hp=9afdef41393a90dd9d451aa5104034b9e48b8c11;hpb=69c348543f5679494e4209eb5855627df1f0d584;p=Pman.Core diff --git a/DataObjects/Core_setting.php b/DataObjects/Core_setting.php index 9afdef41..b09acb20 100644 --- a/DataObjects/Core_setting.php +++ b/DataObjects/Core_setting.php @@ -8,11 +8,11 @@ class Pman_Core_DataObjects_Core_setting extends DB_DataObject function initKeys() { - $d = HTML_FlexyFramework::get()->Pman['storedir'].'/key'; + $dir = $this->getKeyDirectory(); if( - file_exists("{$d}/pub.key") || - file_exists("{$d}/pri.key") + file_exists("{$dir}/pub.key") || + file_exists("{$dir}/pri.key") ){ return; } @@ -27,11 +27,11 @@ class Pman_Core_DataObjects_Core_setting extends DB_DataObject $pub_key = openssl_pkey_get_details($ssl); $pub_key = $pub_key["key"]; - file_put_contents("{$d}/pub.key",$pub_key); - file_put_contents("{$d}/pri.key",$pri_key); + file_put_contents("{$dir}/pub.key",$pub_key); + file_put_contents("{$dir}/pri.key",$pri_key); } - function getSetting($m,$n) + function lookup($m,$n) { $s = DB_DataObject::factory('core_setting'); $s->setFrom(array( @@ -47,63 +47,92 @@ class Pman_Core_DataObjects_Core_setting extends DB_DataObject function beforeInsert($q, $roo) { exit; - - return; } + function getKeyDirectory() + { + $client_dir = HTML_FlexyFramework::get()->Pman['storedir']; + $key_dir = $client_dir.'/keys'; + if(!file_exists($key_dir)) { + $this->checkWritable(get_class($this),__FUNCTION__,$client_dir); + exec("mkdir -m775 {$key_dir}"); + } + return $key_dir; + } + + // FIXME - this needs to go in beforeInsert/beforeUpdate + // should not be sending this the values.. function initSetting($a) { - $d = HTML_FlexyFramework::get()->Pman['storedir'].'/key'; - - if(empty($a) || empty($d)) { + if(empty($a)) { return; } - $c = $this->getSetting($a['module'], $a['name']); + $c = $this->lookup($a['module'], $a['name']); if($c) { return; } - //$ff->pman['storedir']/key generic for all projects? - - $this->setStoreDir($dir); - $this->initKeys(); - $val = $a['val']; - if(!isset($a['is_encrypt']) || $a['is_encrypt'] == 1) { - $val = $this->encrypt($val); - } - $s = DB_DataObject::factory('core_setting'); + $s->setFrom(array( - 'module' => $a['module'], - 'name' => $a['name'], - 'description' => $a['description'], - 'val' =>$val, + 'module' => $a['module'], + 'name' => $a['name'], + 'description' => $a['description'], + 'val' => (!isset($a['is_encrypt']) || $a['is_encrypt'] == 1) ? + $this->encrypt($a['val']) : $a['val'], 'is_encrypt' => isset($a['is_encrypt']) ? $a['is_encrypt'] : 1 )); $s->insert(); } + //one key for encrypting all the settings function encrypt($v) { - $pub_key = file_get_contents("{$this->storedir}/pub.key"); + $key_dir = "{$this->getKeyDirectory()}/pub.key"; + + if(!file_exists($key_dir)) { + print_r("Cannot find {$key_dir}"); + exit; + } + + $pub_key = file_get_contents($key_dir); if(!$pub_key) { return; } - openssl_public_encrypt($v, $cipher, $pub_key); - return $cipher; + openssl_public_encrypt($v, $ciphertext, $pub_key); + return $ciphertext; + } + + function decrypt($v) + { + $key_dir = "{$this->getKeyDirectory()}/pri.key"; + + if(!file_exists($key_dir)) { + print_r("Cannot find {$key_dir}"); + exit; + } + + $pri_key = file_get_contents($key_dir); + if(!$pri_key) { + return; + } + + openssl_private_decrypt($v, $plaintext, $pri_key); + return $plaintext; } - function setStoreDir($dir) + function checkWritable($cls_name,$func_name,$dir) { - if(!file_exists($dir)) { - $oldumask = umask(0); - mkdir($dir, 0775, true); - umask($oldumask); + if(!is_writable($dir)) { + print_r("Cannot run {$cls_name} :: {$func_name}\n"); + print_r("Directory: {$dir} is not writable by current user\n"); + exit; } - $this->storedir = $dir; + + return true; } }