Subversion Repositories ALCASAR

Rev

Rev 2896 | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log

Rev 2896 Rev 2971
Line 4... Line 4...
4
# This script is distributed under the Gnu General Public License (GPL)
4
# This script is distributed under the Gnu General Public License (GPL)
5
 
5
 
6
# This script tests the following behaviour :
6
# This script tests the following behaviour :
7
# - Retreive 3 special attributes of a user ('test' by default). It Retrieves theses attributes from default group, then from user's group, then from its account 
7
# - Retreive 3 special attributes of a user ('test' by default). It Retrieves theses attributes from default group, then from user's group, then from its account 
8
# - test if the attribute "Alcasar-Status-Page-Must-Stay-Open" is set to "2", then retrieve the "expiration" attribute
8
# - test if the attribute "Alcasar-Status-Page-Must-Stay-Open" is set to "2", then retrieve the "expiration" attribute
9
# - if the "expiration" attribute exists then create a new user (login = user's @MAC) and duplicates all user's attributes 
9
# - (todo) if the "expiration" attribute exists then create a new user (login = user's @MAC) and duplicates all user's attributes 
10
 
10
 
11
 
11
 
12
PASSWD_FILE="/root/ALCASAR-passwords.txt"
12
PASSWD_FILE="/root/ALCASAR-passwords.txt"
13
USER_NAME="test"
13
USER_NAME="test"
14
DB_USER=`cat $PASSWD_FILE|grep ^db_user=|cut -d'=' -f2`
14
DB_USER=`cat $PASSWD_FILE|grep ^db_user=|cut -d'=' -f2`
Line 26... Line 26...
26
filterProto=$(echo "$db_radreply_res"        | awk '$1 == "Alcasar-Protocols-Filter"           { print $2 }')
26
filterProto=$(echo "$db_radreply_res"        | awk '$1 == "Alcasar-Protocols-Filter"           { print $2 }')
27
statusOpenRequired=$(echo "$db_radreply_res" | awk '$1 == "Alcasar-Status-Page-Must-Stay-Open" { print $2 }')
27
statusOpenRequired=$(echo "$db_radreply_res" | awk '$1 == "Alcasar-Status-Page-Must-Stay-Open" { print $2 }')
28
echo "USER_NAME = $USER_NAME; filter = $filter; filterproto = $filterProto; statusOpenRequired = $statusOpenRequired";
28
echo "USER_NAME = $USER_NAME; filter = $filter; filterproto = $filterProto; statusOpenRequired = $statusOpenRequired";
29
 
29
 
30
# If status page isn't required :
30
# If status page isn't required :
31
#	-add user_IP with the flag 'PERM' in /tmp/current_users.txt
-
 
32
#	-add user_@MAC as an authenticated (with the same user's attributes)
-
 
33
if [ "$statusOpenRequired" == '2' ]; then	# Status page is not required
31
if [ "$statusOpenRequired" == '2' ]; then	# Status page is not required
34
	echo ""
32
	echo ""
35
# Retrieve "expiration" attribute from radcheck
33
# Retrieve "expiration" attribute from radcheck
36
db_query="SELECT attribute, value FROM ( \
34
db_query="SELECT attribute, value FROM ( \
37
 	( SELECT attribute, value FROM radcheck WHERE username = '$USER_NAME' AND attribute = 'Expiration' ) UNION \
35
 	( SELECT attribute, value FROM radcheck WHERE username = '$USER_NAME' AND attribute = 'Expiration' ) UNION \
Line 40... Line 38...
40
	) attrs GROUP BY attribute;"
38
	) attrs GROUP BY attribute;"
41
db_radcheck_expiration_res=$(mysql -u$DB_USER -p$DB_PASSWORD -D radius -e "$db_query" -Ns) 
39
db_radcheck_expiration_res=$(mysql -u$DB_USER -p$DB_PASSWORD -D radius -e "$db_query" -Ns) 
42
# if a expiration date exists we retrieve all radreply attributes
40
# if a expiration date exists we retrieve all radreply attributes
43
	if [ `echo $db_radcheck_expiration_res|wc -l` == '1' ]; then
41
	if [ `echo $db_radcheck_expiration_res|wc -l` == '1' ]; then
44
		echo "###########################"
42
		echo "###########################"
45
		echo "## Attributs radreply"
43
		echo "## Radreply attributes"
46
		db_query="SELECT attribute, value FROM ( \
44
		db_query="SELECT attribute, value FROM ( \
47
 			( SELECT attribute, value FROM radreply WHERE username = '$USER_NAME' ) UNION \
45
 			( SELECT attribute, value FROM radreply WHERE username = '$USER_NAME' ) UNION \
48
			( SELECT attribute, value FROM radgroupreply gr LEFT JOIN radusergroup ug ON gr.groupname = ug.groupname WHERE username = '$USER_NAME' ORDER BY ug.priority ) UNION \
46
			( SELECT attribute, value FROM radgroupreply gr LEFT JOIN radusergroup ug ON gr.groupname = ug.groupname WHERE username = '$USER_NAME' ORDER BY ug.priority ) UNION \
49
			( SELECT attribute, value FROM radgroupreply WHERE groupname = 'default' ) \
47
			( SELECT attribute, value FROM radgroupreply WHERE groupname = 'default' ) \
50
			) attrs GROUP BY attribute;"
48
			) attrs GROUP BY attribute;"
51
		mysql -u root -p$(cat $PASSWD_FILE | grep ^db_root= | cut -d'=' -f2-) -D radius -e "$db_query" -Ns |  while IFS= read -r loop
49
		mysql -u$DB_USER -p$DB_PASSWORD -D radius -e "$db_query" -Ns |  while IFS= read -r loop
52
		do
50
		do
53
			attr=`echo $loop|cut -d" " -f1`
51
			attr=`echo $loop|cut -d" " -f1`
54
			attr_value=`echo $loop|cut -d" " -f2-`
52
			attr_value=`echo $loop|cut -d" " -f2-`
55
			echo "$attr = $attr_value"
53
			echo "$attr = $attr_value"
56
		done 
54
		done 
57
# if a expiration date exists we retrieve all radcheck attributes
55
# if a expiration date exists we retrieve all radcheck attributes
58
		echo "## Attributs radcheck"
56
		echo "## Radcheck attributes"
59
		db_query="SELECT attribute, value FROM ( \
57
		db_query="SELECT attribute, value FROM ( \
60
		( SELECT attribute, value FROM radcheck WHERE username = '$USER_NAME' ) UNION \
58
		( SELECT attribute, value FROM radcheck WHERE username = '$USER_NAME' ) UNION \
61
		( SELECT attribute, value FROM radgroupcheck gr LEFT JOIN radusergroup ug ON gr.groupname = ug.groupname WHERE username = '$USER_NAME' ORDER BY ug.priority ) UNION \
59
		( SELECT attribute, value FROM radgroupcheck gr LEFT JOIN radusergroup ug ON gr.groupname = ug.groupname WHERE username = '$USER_NAME' ORDER BY ug.priority ) UNION \
62
		( SELECT attribute, value FROM radgroupcheck WHERE groupname = 'default' ) \
60
		( SELECT attribute, value FROM radgroupcheck WHERE groupname = 'default' ) \
63
		) attrs GROUP BY attribute;"
61
		) attrs GROUP BY attribute;"
64
		mysql -u root -p$(cat $PASSWD_FILE | grep ^db_root= | cut -d'=' -f2-) -D radius -e "$db_query" -Ns |  while IFS= read -r loop
62
		mysql -u$DB_USER -p$DB_PASSWORD -D radius -e "$db_query" -Ns |  while IFS= read -r loop
65
		do
63
		do
66
			attr=`echo $loop|cut -d" " -f1`
64
			attr=`echo $loop|cut -d" " -f1`
67
			attr_value=`echo $loop|cut -d" " -f2-`
65
			attr_value=`echo $loop|cut -d" " -f2-`
68
			echo "$attr = $attr_value"
66
			echo "$attr = $attr_value"
69
		done
67
		done