home *** CD-ROM | disk | FTP | other *** search
Text File | 2006-11-29 | 31.1 KB | 1,049 lines |
- /**
- * File: modules/CWMFirewallInterfaces.ycp
- * Package: Common widget manipulation, firewall interfaces widget
- * Summary: Routines for selecting interfaces opened in firewall
- * Authors: Jiri Srain <jsrain@suse.cz>
- *
- * $Id: CWMFirewallInterfaces.ycp 33164 2006-09-27 08:42:24Z jsrain $
- *
- * WARNING: If you want to use this functionality of this module
- * you should allways call 'SuSEFirewall::Read()' in the
- * Read() function of you module
- * and you should call 'SuSEFirewall::Write()' in the
- * Write() function.
- *
- * Functionality of this module only changes the SuSEFirewall
- * settings in memory, it never Reads or Writes the settings.
- *
- * Additionally you may need to call Progress::set(false)
- * before SuSEFirewall::Read() or SuSEFirewall::Write().
- */
-
- {
- module "CWMFirewallInterfaces";
- textdomain "base";
-
-
-
- import "CWM";
- import "Label";
- import "Mode";
- import "NetworkDevices";
- //import "NetworkService";
- import "Popup";
- import "SuSEFirewall";
-
- // used only for (Mode::installation() || Mode::update())
- import "SuSEFirewallProposal";
-
- // private variables
-
- /**
- * List of all interfaces relevant for firewall settings
- */
- list<string> all_interfaces = nil;
-
- /**
- * List of all items of interfaces to the selection box
- */
- list interface_items = nil;
-
- /**
- * List of interfaces that are allowed
- */
- list<string> allowed_interfaces = nil;
-
- /**
- * Information if configuration was changed by user
- */
- boolean configuration_changed = nil;
-
- /**
- * `Any`-feature is supported in the firewall configuration
- */
- boolean any_iface_supported = nil;
-
- // private functions
-
- /**
- * Enable or disable the firewall details widget according to the status
- * of "open firewall" checkbox
- */
- void EnableOrDisableFirewallDetails () {
- if (! UI::WidgetExists (`id ("_cwm_open_firewall")))
- return;
- if (! UI::WidgetExists (`id ("_cwm_firewall_details")))
- return;
- boolean enabled = (boolean)
- UI::QueryWidget (`id ("_cwm_open_firewall"), `Value);
- if (enabled == nil)
- enabled = false;
- if (size (all_interfaces) == 0)
- enabled = false;
-
- //// NetworkManager
- //if (contains(all_interfaces, special_all_nm_interfaces) && enabled) {
- // allowed_interfaces = add (allowed_interfaces, special_all_nm_interfaces);
- //}
-
- UI::ChangeWidget (`id ("_cwm_firewall_details"), `Enabled, enabled);
- }
-
- /**
- * Set the firewall status label
- * @param status symbol one of `off, `closed, `open_all, `custom
- */
- void SetFirewallLabel (symbol status) {
- string label = "";
- if (status == `off)
- {
- // label
- label = _("Firewall is disabled");
- }
- else if (status == `closed)
- {
- // label
- label = _("Firewall port is closed");
- }
- else if (status == `open_all)
- {
- // label
- label = _("Firewall port is open on all interfaces");
- }
- else if (status == `custom)
- {
- // label
- label = _("Firewall port is open on selected interfaces");
- }
- else if (status == `no_ifaces)
- {
- // label
- label = _("No network interfaces are configured");
- }
- UI::ReplaceWidget (`id (`_cwm_firewall_status_rp),
- `Label (label));
- }
-
- /**
- * Initialize the list of all known interfaces
- */
- void InitAllInterfacesList () {
- // Do not read NetworkDevices when they are already read
- if (! Mode::config () && ! Mode::installation () && ! Mode::update ()) {
- y2milestone("Reading NetworkDevices...");
- NetworkDevices::Read ();
- }
- all_interfaces = NetworkDevices::List ("");
- all_interfaces = filter (string i, all_interfaces, {
- return i != "lo";
- });
- if (! Mode::config ())
- {
- interface_items = maplist (string i, all_interfaces, {
- string label = NetworkDevices::GetValue (i, "BOOTPROTO");
- string ipaddr = NetworkDevices::GetValue (i, "IPADDR");
- if (label == "static" || label == "" || label == nil)
- {
- label = ipaddr;
- }
- else
- {
- label = toupper (label);
- if (ipaddr != nil && ipaddr != "")
- label = sformat ("%1/%2", label, ipaddr);
- }
- if (label == nil || label == "")
- {
- label = i;
- }
- else
- {
- label = sformat ("%1 (%2)", i, label);
- }
- return `item (`id (i), label);
- });
- }
- else
- {
- interface_items = maplist (string i, all_interfaces, {
- return `item (`id (i), i);
- });
- }
-
- any_iface_supported = SuSEFirewall::IsAnyNetworkInterfaceSupported();
-
- // if (NetworkService::IsManaged()) {
- // nm_managed = true;
- // if (all_interfaces == nil) all_interfaces = [];
- // all_interfaces = add (all_interfaces, special_all_nm_interfaces);
- //
- // if (interface_items == nil) interface_items = [];
- // interface_items = add (interface_items,
- // // multi selection box item
- // `item (`id (special_all_nm_interfaces), _("All NetworkManager Interfaces"))
- // );
- //
- // // handled by NetworkManager and also any-feature is supported
- // if (any_iface_supported) {
- // nm_ifaces_have_to_be_supported = true;
- // } else {
- // nm_ifaces_have_to_be_supported = false;
- // }
- // } else {
- // nm_managed = false;
- // }
- }
-
- /**
- * Update the firewall status label according to the current status
- */
- void UpdateFirewallStatus () {
- if (all_interfaces == nil)
- InitAllInterfacesList ();
- symbol status = `custom;
-
- if (! SuSEFirewall::GetEnableService())
- status = `off;
- else if (size (all_interfaces) == 0)
- status = `no_ifaces;
- else if (size (all_interfaces) == size (allowed_interfaces))
- status = `open_all;
- else if (size (allowed_interfaces) == 0)
- status = `closed;
-
- y2milestone("Status: %1, All: %2, Allowed: %3", status, all_interfaces, allowed_interfaces);
- SetFirewallLabel (status);
- boolean open = status == `open_all || status == `custom;
- UI::ChangeWidget (`id ("_cwm_open_firewall"), `Value, open);
- }
-
- /**
- * Get the list of all interfaces that will be selected
- * @param ifaces a list of interfaces selected by the user
- * @params nm_ifaces_have_to_be_selected defines whether also NetworkManager have to be selected too
- * @return a list of interfaces that will be opened
- */
- list<string> Selected2Opened (list<string> ifaces, boolean nm_ifaces_have_to_be_selected) {
- y2milestone("Selected ifaces: %1", ifaces);
- list<string> groups = maplist (string i, ifaces, {
- return SuSEFirewall::GetZoneOfInterface (i);
- });
-
- // string 'any' is in the EXT zone
- // all interfaces without zone assigned are covered by this case
- // so, check also the EXT zone
- if (SuSEFirewall::IsAnyNetworkInterfaceSupported()) {
- groups = add (groups, SuSEFirewall::special_all_interface_zone);
- }
-
- groups = toset (groups);
- groups = filter (string g, groups, {
- return g != nil;
- });
- list<list<string> > iface_groups = maplist (string g, groups, {
- list <string> ifaces_also_supported_by_any = SuSEFirewall::GetInterfacesInZoneSupportingAnyFeature (g);
- // If all interfaces in EXT zone are covered by the special 'any' string
- // and none of these interfaces are selected to be open, we can remove all of them
- // disable the service in whole EXT zone
- if (g == SuSEFirewall::special_all_interface_zone) {
- list <string> ifaces_left_explicitely = filter(string iface, ifaces_also_supported_by_any, {
- return contains(ifaces, iface);
- });
- y2milestone("Ifaces left in zone: %1", ifaces_left_explicitely);
- // there are no interfaces left that would be explicitely mentioned in the EXT zone
- if (ifaces_left_explicitely == []) {
- return [];
- // Hmm, some interfaces left
- } else {
- return ifaces_also_supported_by_any;
- }
- // Just report all interfaces mentioned in zone
- } else {
- return ifaces_also_supported_by_any;
- }
- });
- y2milestone("Ifaces touched: %1", iface_groups);
- list<string> new_ifaces = toset (flatten (iface_groups));
- new_ifaces = filter (string i, new_ifaces, {
- return i != nil;
- });
-
- //if (nm_ifaces_have_to_be_selected) {
- // new_ifaces = toset(add(new_ifaces, special_all_nm_interfaces));
- //}
-
- return toset (new_ifaces);
- }
-
- /**
- * Display popup with firewall settings details
- */
- void DisplayFirewallDetailsPopupHandler (map<string,any> widget) {
-
- void (map<string,any>) common_details_handler = (void(map<string,any>))
- widget["common_details_handler"]:nil;
- if (common_details_handler != nil)
- common_details_handler (widget);
- }
-
- // public functions
-
- // general functions
-
- /**
- * Initialize the list of allowed interfaces
- * Changes the internal variables
- * @param services a list of services
- */
- global void InitAllowedInterfaces (list<string> services) {
- map<string,boolean> service_status = $[];
-
- map<string,map<string,boolean> > ifaces_info
- = SuSEFirewall::GetServicesInZones (services);
- foreach (string s, map<string,boolean> status, ifaces_info, {
- foreach (string iface, boolean en, status, {
- service_status[iface] = service_status[iface]:true && en;
- });
- });
- service_status = filter (string iface, boolean en, service_status, {
- return en;
- });
- y2milestone("Status: %1", service_status);
- allowed_interfaces = maplist (string iface, boolean en, service_status, {
- return iface;
- });
-
- // Checking whether the string 'any' is in the 'EXT' zone
- // If it is, checking the status of services for this zone
- // If it is enabled, adding it these interfaces into the list of allowed interfaces
- // and setting this zone to enabled
- if (SuSEFirewall::IsAnyNetworkInterfaceSupported()) {
- list <string> interfaces_supported_by_any =
- SuSEFirewall::InterfacesSupportedByAnyFeature(SuSEFirewall::special_all_interface_zone);
- if (size(interfaces_supported_by_any)>0) {
- foreach (string service, services, {
- service_status[SuSEFirewall::special_all_interface_zone] =
- SuSEFirewall::IsServiceSupportedInZone(service, SuSEFirewall::special_all_interface_zone)
- && service_status[SuSEFirewall::special_all_interface_zone]:true;
- });
- if (service_status[SuSEFirewall::special_all_interface_zone]:false) {
- allowed_interfaces = (list <string>) union (allowed_interfaces, interfaces_supported_by_any);
- }
- }
- }
-
- //if (contains(all_interfaces, special_all_nm_interfaces)) {
- // boolean special_all_nm_enabled = size(services) > 0;
- // foreach (string sr, services, {
- // if (! SuSEFirewall::IsServiceSupportedInZone (sr, SuSEFirewall::special_all_interface_zone)) {
- // special_all_nm_enabled = false;
- // break;
- // }
- // });
- //
- // if (special_all_nm_enabled) allowed_interfaces = toset(add(allowed_interfaces, special_all_nm_interfaces));
- //}
-
- configuration_changed = false;
- }
-
- /**
- * Store the list of allowed interfaces
- * Users the internal variables
- * @param services a list of services
- */
- global void StoreAllowedInterfaces (list<string> services) {
- // do not save anything if configuration didn't change
- if (! configuration_changed)
- return;
- list<string> forbidden_interfaces = filter (string i, all_interfaces, {
- return ! contains (allowed_interfaces, i);
- });
-
- // If configuring firewall in any type of installation
- // proposal must be set to 'modified'
- if (Mode::installation() || Mode::update()) {
- y2milestone("Firewall proposal modified by user");
- SuSEFirewallProposal::SetChangedByUser(true);
- }
-
- //boolean set_nm_enable = false;
- //if (contains(allowed_interfaces, special_all_nm_interfaces)) {
- // set_nm_enable = true;
- // // to hide the special interface name
- // allowed_interfaces = filter(string i, allowed_interfaces, { return i != special_all_nm_interfaces; });
- //}
-
- list <string> interfaces_supported_by_any =
- SuSEFirewall::InterfacesSupportedByAnyFeature(SuSEFirewall::special_all_interface_zone);
-
- if (size (forbidden_interfaces) > 0)
- {
- SuSEFirewall::SetServices (services, forbidden_interfaces, false);
- }
- if (size (allowed_interfaces) > 0)
- {
- SuSEFirewall::SetServices (services, allowed_interfaces, true);
- }
-
- //if (contains(all_interfaces, special_all_nm_interfaces)) {
- // SuSEFirewall::SetServicesForZones(services, [SuSEFirewall::special_all_interface_zone], set_nm_enable);
- //}
- }
-
- /**
- * Init function of the widget
- * @param map widget a widget description map
- * @param key strnig the widget key
- */
- global define void InterfacesInit (map<string,any> widget, string key) {
- // set the list of ifaces
- if (all_interfaces == nil)
- {
- InitAllInterfacesList ();
- }
- UI::ReplaceWidget (`id ("_cwm_interface_list_rp"),
- `MultiSelectionBox (
- `id ("_cwm_interface_list"),
- // transaltors: selection box title
- _("&Network Interfaces with Open Port in Firewall"),
- interface_items
- )
- );
- // mark open ifaces as open
- UI::ChangeWidget (`id ("_cwm_interface_list"),
- `SelectedItems,
- allowed_interfaces);
- }
-
- /**
- * Handle function of the widget
- * @param map widget a widget description map
- * @param key strnig the widget key
- * @param event map event to be handled
- * @return symbol for wizard sequencer or nil
- */
- global define symbol InterfacesHandle (map<string,any> widget, string key, map event) {
- any event_id = event["ID"]:nil;
- if (event_id == "_cwm_interface_select_all")
- {
- UI::ChangeWidget (`id ("_cwm_interface_list"), `SelectedItems,
- all_interfaces);
- return nil;
- }
- if (event_id == "_cwm_interface_select_none")
- {
- UI::ChangeWidget (`id ("_cwm_interface_list"), `SelectedItems, []);
- return nil;
- }
- //if (contains((list <string>) UI::QueryWidget(`id ("_cwm_interface_list"), `SelectedItems), special_all_nm_interfaces)) {
- // nm_ifaces_have_to_be_supported = true;
- //} else {
- // nm_ifaces_have_to_be_supported = false;
- //}
- return nil;
- }
-
- /**
- * Store function of the widget
- * @param map widget a widget description map
- * @param key strnig the widget key
- * @param event map that caused widget data storing
- */
- global define void InterfacesStore (map<string,any> widget, string key, map event) {
- allowed_interfaces = (list<string>)
- UI::QueryWidget (`id ("_cwm_interface_list"), `SelectedItems);
- //allowed_interfaces = Selected2Opened (allowed_interfaces, nm_ifaces_have_to_be_supported);
- allowed_interfaces = Selected2Opened (allowed_interfaces, false);
- configuration_changed = true;
- }
-
- /**
- * Validate function of the widget
- * @param map widget a widget description map
- * @param key strnig the widget key
- * @param event map event that caused the validation
- * @return true if validation succeeded, false otherwise
- */
- global boolean InterfacesValidate (map<string,any> widget, string key, map event) {
- list<string> ifaces = (list<string>)
- UI::QueryWidget (`id ("_cwm_interface_list"), `SelectedItems);
- ifaces = toset (ifaces);
- y2milestone("Selected ifaces: %1", ifaces);
- if (size (ifaces) == 0)
- {
- // question popup
- if (! Popup::YesNo (_("No interface is selected. Service will not
- be available for other computers.
-
- Continue?")))
- {
- return false;
- }
- }
-
- // NetworkManager interfaces have to be supported
- //if (contains(ifaces, special_all_nm_interfaces)) {
- // y2milestone("All Network Interfaces were selected.");
- // if (any_iface_supported) {
- // y2milestone("any-feature is supported.");
- // } else {
- // y2warning("any-feature is NOT supported.");
- // // yes-no popup
- // if (! Popup::YesNo ("Because of the SuSE Firewall settings, the port
- //for All NetworkManager Interfaces cannot be open.
- //
- //Continue?")) return false;
- // }
- //
- // nm_ifaces_have_to_be_supported = true;
- // ifaces = filter (string i, ifaces, { return i != special_all_nm_interfaces; });
- //} else {
- // nm_ifaces_have_to_be_supported = false;
- //}
-
- // list<string> firewall_ifaces = toset (Selected2Opened (ifaces, nm_ifaces_have_to_be_supported));
- list<string> firewall_ifaces = toset (Selected2Opened (ifaces, false));
- y2milestone("firewall_ifaces: %1", firewall_ifaces);
-
- list<string> added_ifaces = filter (string i, firewall_ifaces, {
- return ! contains (ifaces, i);
- });
- y2milestone("added_ifaces: %1", added_ifaces);
-
- list<string> removed_ifaces = filter (string i, ifaces, {
- return ! contains (firewall_ifaces, i);
- });
- y2milestone("removed_ifaces: %1", removed_ifaces);
-
- //// to hide that special string
- //added_ifaces = filter (string i, added_ifaces, { return i != special_all_nm_interfaces; });
- if (size (added_ifaces) > 0)
- {
- string ifaces_list = mergestring (added_ifaces, "\n");
- if (! Popup::YesNo (sformat (
- // yes-no popup
- _("Because of SuSE Firewall settings, the port
- on the following interfaces will additionally be open:
- %1
-
- Continue?"),
- ifaces_list)))
- {
- return false;
- }
- }
- //// to hide that special string
- //removed_ifaces = filter (string i, removed_ifaces, { return i != special_all_nm_interfaces; });
- if (size (removed_ifaces) > 0)
- {
- string ifaces_list = mergestring (removed_ifaces, "\n");
- if (! Popup::YesNo (sformat (
- // yes-no popup
- _("Because of SuSE Firewall settings, the port
- on the following interfaces cannot be opened:
- %1
-
- Continue?"),
- ifaces_list)))
- {
- return false;
- }
- }
- return true;
- }
-
- list <string> buggy_ifaces = [];
-
- /**
- * Checks whether it is possible to change the firewall status
- */
- boolean CheckPossbilityToChangeFirewall (boolean new_status) {
- // Reset buggy ifaces
- buggy_ifaces = [];
-
- // User want's to disable the service in firewall
- // that works always
- if (new_status == false)
- return true;
-
- // BTW: new_status == true
-
- // 'any' in 'EXT'
- // interfaces are mentioned in some zone or they are covered by the special string
- // enable-on-all or disable-on-all will work
- if (SuSEFirewall::IsAnyNetworkInterfaceSupported())
- return true;
-
- // every network interface must have its zone assigned
- boolean all_ok = true;
- list <map <string, string> > all_ifaces = SuSEFirewall::GetAllKnownInterfaces();
- foreach (map <string, string> one_interface, SuSEFirewall::GetAllKnownInterfaces(), {
- if (one_interface["zone"]:nil == nil || one_interface["zone"]:"" == "") {
- y2warning("Cannot enable service because interface %1 is not mentioned anywhere...", one_interface["id"]:"ID");
- buggy_ifaces = add(buggy_ifaces, one_interface["id"]:"interface");
- all_ok = false;
- }
- });
- if (all_ok) {
- return true;
- } else {
- string ifaces_list = mergestring (buggy_ifaces, "\n");
- // yes-no popup
- if (Popup::YesNo (sformat(_("Because of SuSE Firewall settings, the port
- on the following interfaces cannot be opened:
- %1
-
- Continue?"), ifaces_list))) {
- // all known ifaces are buggy
- if (size(buggy_ifaces) == size(all_ifaces))
- return false;
- else
- // at least one iface isn't buggy
- return true;
- } else {
- // cancel
- buggy_ifaces = all_interfaces;
- return false;
- }
- }
-
- return false;
- }
-
- /**
- * Init function of the widget
- * @param key strnig the widget key
- */
- global define void InterfacesInitWrapper (string key) {
- InterfacesInit (CWM::GetProcessedWidget (), key);
- }
-
- /**
- * Handle function of the widget
- * @param key strnig the widget key
- * @param event map event to be handled
- * @return symbol for wizard sequencer or nil
- */
- global define symbol InterfacesHandleWrapper (string key, map event) {
- return InterfacesHandle (CWM::GetProcessedWidget (), key, event);
- }
-
- /**
- * Store function of the widget
- * @param key strnig the widget key
- * @param event map that caused widget data storing
- */
- global define void InterfacesStoreWrapper (string key, map event) {
- InterfacesStore (CWM::GetProcessedWidget (), key, event);
- }
-
- /**
- * Validate function of the widget
- * @param key strnig the widget key
- * @param event map event that caused the validation
- * @return true if validation succeeded, false otherwise
- */
- global boolean InterfacesValidateWrapper (string key, map event) {
- return InterfacesValidate (CWM::GetProcessedWidget (), key, event);
- }
-
- /**
- * Get the widget description map
- * @param settings a map of all parameters needed to create the widget properly
- * <pre>
- *
- * Behavior manipulating functions (mandatory)
- * - "get_allowed_interfaces" : list<string>() -- function that returns
- * the list of allowed network interfaces
- * - "set_allowed_interfaces" : void (list<string>) -- function that sets
- * the list of allowed interfaces
- *
- * Additional settings:
- * - "help" : string -- help to the whole widget. If not specified, generic help
- * is used (button labels are patched correctly)
- * </pre>
- * @return map the widget description map
- */
- global define map<string,any> CreateInterfacesWidget (map<string,any> settings){
- term widget = `HBox (
- `HSpacing (1),
- `VBox (
- `HSpacing (48),
- `VSpacing (1),
- `ReplacePoint (`id ("_cwm_interface_list_rp"),
- `MultiSelectionBox (
- `id ("_cwm_interface_list"),
- // translators: selection box title
- _("Network &Interfaces with Open Port in Firewall"),
- []
- )
- ),
- `VSpacing (1),
- `HBox (
- `HStretch (),
- `HWeight (1, `PushButton (`id ("_cwm_interface_select_all"),
- // push button to select all network intefaces for firewall
- _("Select &All"))),
- `HWeight (1, `PushButton (`id ("_cwm_interface_select_none"),
- // push button to deselect all network intefaces for firewall
- _("Select &None"))),
- `HStretch ()
- ),
- `VSpacing (1)
- ),
- `HSpacing (1)
- );
-
- string help = ""; // TODO
-
- if (haskey (settings, "help"))
- {
- help = settings["help"]:"";
- }
-
- map<string,any> ret = (map<string,any>)union (settings, $[
- "widget" : `custom,
- "custom_widget" : widget,
- "help" : help,
- "init" : InterfacesInitWrapper,
- "store" : InterfacesStoreWrapper,
- "handle" : InterfacesHandleWrapper,
- "validate_type" : `function,
- "validate_function" : InterfacesValidateWrapper,
- ]);
-
- return ret;
- }
-
- /**
- * Display the firewall interfaces selection as a popup
- * @return symbol return value of the dialog
- */
- global symbol DisplayDetailsPopup (map<string,any> settings) {
- // FIXME breaks help if run in dialog with Tab!!!!!!
- // settings stack must be created in CWM::Run
- list<map <string, any> > w = CWM::CreateWidgets (
- ["firewall_ifaces"],
- $[
- "firewall_ifaces" : CreateInterfacesWidget (settings),
- ]
- );
- string help = CWM::MergeHelps (w);
- term contents = `VBox (
- "firewall_ifaces",
- `HBox (
- `HStretch (),
- `PushButton (`id (`ok), Label::OKButton ()),
- `PushButton (`id (`cancel), Label::CancelButton ()),
- `HStretch ()
- )
- );
- contents = CWM::PrepareDialog (contents, w);
- UI::OpenDialog (contents);
- symbol ret = CWM::Run (w, $[]);
- UI::CloseDialog ();
- return ret;
- }
-
-
- // firewall openning widget
-
- /**
- * Initialize the open firewall widget
- * @param widget a map describing the whole widget
- */
- global void OpenFirewallInit (map<string,any> widget, string key) {
- if (! UI::WidgetExists (`id ("_cwm_open_firewall")))
- {
- y2error ("Firewall widget doesn't exist");
- return;
- }
- list<string> services = widget["services"]:[];
- InitAllInterfacesList ();
- InitAllowedInterfaces (services);
- boolean open_firewall = size (allowed_interfaces) > 0;
- boolean firewall_enabled = SuSEFirewall::GetEnableService()
- && size (all_interfaces) > 0;
- if (! firewall_enabled)
- {
- open_firewall = false;
- UI::ChangeWidget (`id ("_cwm_open_firewall"), `Enabled, false);
- }
- UI::ChangeWidget (`id ("_cwm_open_firewall"), `Value, open_firewall);
- UpdateFirewallStatus ();
- EnableOrDisableFirewallDetails ();
- }
-
- /**
- * Store function of the widget
- * @param key strnig the widget key
- * @param event map that caused widget data storing
- */
- global void OpenFirewallStore (map<string,any> widget, string key, map event) {
- if (! UI::WidgetExists (`id ("_cwm_open_firewall")))
- {
- y2error ("Widget _cwm_open_firewall does not exist");
- return;
- }
- list<string> services = widget["services"]:[];
- StoreAllowedInterfaces (services);
- }
-
- /**
- * Handle the immediate start and stop of the service
- * @param widget a map describing the widget
- * @param key strnig the widget key
- * @param event_id any the ID of the occurred event
- * @return always nil
- */
- global symbol OpenFirewallHandle (map<string,any> widget, string key, map event) {
- any event_id = event["ID"]:nil;
- if (event_id == "_cwm_firewall_details")
- {
- symbol() handle_firewall_details
- = (symbol())widget["firewall_details_handler"]:nil;
- y2milestone("FD: %1", handle_firewall_details);
- symbol ret = nil;
- y2milestone("RT: %1", ret);
- if (handle_firewall_details != nil)
- {
- ret = handle_firewall_details ();
- }
- else
- {
- map<string,any> w = filter (string k, any v, widget, {
- return "services" == k;
- });
- DisplayDetailsPopup (w);
- }
- UpdateFirewallStatus ();
- EnableOrDisableFirewallDetails ();
- return ret;
- }
- if (event_id == "_cwm_open_firewall")
- {
- boolean value = (boolean)UI::QueryWidget (
- `id ("_cwm_open_firewall"),
- `Value);
- y2milestone("OF: %1", value);
- if (value)
- allowed_interfaces = all_interfaces;
- else
- allowed_interfaces = [];
-
- buggy_ifaces = [];
- // Checks whether it's possible to enable or disable the service for all interfaces
- // opens a popup message when needed
- if (! CheckPossbilityToChangeFirewall(value)) {
- // change the checkbox state back
- UI::ChangeWidget(`id ("_cwm_open_firewall"), `Value, !value);
- }
- // Filtering out buggy ifaces
- foreach (string one_iface, buggy_ifaces, {
- allowed_interfaces = filter(string one_allowed, allowed_interfaces, {
- return one_allowed != one_iface;
- });
- });
-
- UpdateFirewallStatus ();
- EnableOrDisableFirewallDetails ();
- configuration_changed = true;
- }
- return nil;
- }
-
- /**
- * Init function of the widget
- * @param key strnig the widget key
- */
- global void OpenFirewallInitWrapper (string key) {
- OpenFirewallInit (CWM::GetProcessedWidget (), key);
- }
-
- /**
- * Store function of the widget
- * @param key strnig the widget key
- * @param event map that caused widget data storing
- */
- global void OpenFirewallStoreWrapper (string key, map event) {
- OpenFirewallStore (CWM::GetProcessedWidget (), key, event);
- }
-
- /**
- * Handle the immediate start and stop of the service
- * @param key strnig the widget key
- * @param event_id any the ID of the occurred event
- * @return always nil
- */
- global symbol OpenFirewallHandleWrapper (string key, map event) {
- return OpenFirewallHandle (CWM::GetProcessedWidget (), key, event);
- }
-
- /**
- * Check if the widget was modified
- * @param key strnig the widget key
- * @return boolean true if widget was modified
- */
- global boolean OpenFirewallModified (string key) {
- return configuration_changed;
- }
-
- /**
- * Enable the whole firewal widget
- * @param key strnig the widget key
- */
- global void EnableOpenFirewallWidget () {
- if (! UI::WidgetExists (`id ("_cwm_open_firewall")))
- return;
- if (! UI::WidgetExists (`id ("_cwm_firewall_details")))
- return;
- UI::ChangeWidget (`id ("_cwm_open_firewall"), `Enabled, true);
- EnableOrDisableFirewallDetails ();
- }
-
- /**
- * Disable the whole firewal widget
- * @param key strnig the widget key
- */
- global void DisableOpenFirewallWidget () {
- if (! UI::WidgetExists (`id ("_cwm_open_firewall")))
- return;
- if (! UI::WidgetExists (`id ("_cwm_firewall_details")))
- return;
- UI::ChangeWidget (`id ("_cwm_open_firewall"), `Enabled, false);
- UI::ChangeWidget (`id ("_cwm_firewall_details"), `Enabled, false);
- }
-
- /**
- * Get the template for the help text to the firewall opening widget
- * @param restart_displayed shold be true if "Save and restart" is displayed
- * @return string help text template with %1 and %2 placeholders
- */
- global string OpenFirewallHelpTemplate (boolean restart_displayed) {
- // help text for firewall settings widget 1/3,
- // %1 is check box label, eg. "Open Port in Firewall" (without quotes)
- string help = _("<p><b><big>Firewall Settings</big></b><br>
- To open the firewall to allow access to the service from remote computers,
- set <b>%1</b>.<br>");
- if (restart_displayed)
- {
- // help text for firewall port openning widget 2/3, optional
- // %1 is push button label, eg. "Firewall &Details" (without quotes)
- // note: %2 is correct, do not replace with %1!!!
- help = help + _("To select interfaces on which to open the port,
- click <b>%2</b>.<br>");
- }
- // help text for firewall settings widget 3/3,
- help = help + _("This option is available only if the firewall
- is enabled.</p>");
- return help;
- }
-
- /**
- * Get the help text to the firewall opening widget
- * @param restart_displayed shold be true if "Save and restart" is displayed
- * @return string help text
- */
- global string OpenFirewallHelp (boolean restart_displayed) {
- return sformat (OpenFirewallHelpTemplate (restart_displayed),
- // part of help text - check box label, NO SHORTCUT!!!
- _("Open Port in Firewall"),
- // part of help text - push button label, NO SHORTCUT!!!
- _("Firewall Details"));
- }
-
- /**
- * Get the widget description map of the firewall enablement widget
- * @param settings a map of all parameters needed to create the widget properly
- * <pre>
- *
- * - "services" : list<string> -- services identifications for the Firewall.ycp
- * module
- * - "display_details" : boolean -- true if the details button should be
- * displayed
- * - "firewall_details_handler" : symbol () -- function to handle the firewall
- * details button. If returns something else than nil, dialog is
- * exited with the returned symbol as value for wizard sequencer.
- * If not specified, but "display_details" is true, common popup
- * is used.
- * - "open_firewall_checkbox" : string -- label of the check box
- * - "firewall_details_button" : string -- label of the push button for
- * changing firewall details
- * - "help" : string -- help to the widget. If not specified, generic help
- * is used
- * </pre>
- * @return map the widget description map
- */
- global map<string,any> CreateOpenFirewallWidget (map<string,any> settings) {
- string help = "";
- string open_firewall_checkbox
- // check box
- = settings["open_firewall_checkbox"]:_("Open Port in &Firewall");
- string firewall_details_button
- // push button
- = settings["firewall_details_button"]:_("Firewall &Details");
- boolean display_firewall_details
- = haskey (settings, "firewall_details_handler")
- || settings["display_details"]:false;
- if (haskey (settings, "help"))
- {
- help = settings["help"]:"";
- }
- else
- {
- help = OpenFirewallHelp (display_firewall_details);
- }
-
- term firewall_settings = `CheckBox (`id ("_cwm_open_firewall"),
- `opt (`notify),
- open_firewall_checkbox);
- if (display_firewall_details)
- {
- firewall_settings = `HBox (
- firewall_settings,
- `HSpacing (2),
- `PushButton (`id ("_cwm_firewall_details"),
- firewall_details_button)
- );
- }
- firewall_settings = `VBox (
- `Left (firewall_settings),
- `Left (`ReplacePoint (`id (`_cwm_firewall_status_rp),
- // label text
- `Label (_("Firewall is open")))
- )
- );
-
- if (! haskey (settings, "services"))
- {
- firewall_settings = `VBox ();
- help = "";
- y2error ("Firewall services not specified");
- }
-
- map<string,any> ret = (map<string,any>)union ($[
- "widget" : `custom,
- "custom_widget" : firewall_settings,
- "help" : help,
- "init" : OpenFirewallInitWrapper,
- "store" : OpenFirewallStoreWrapper,
- "handle" : OpenFirewallHandleWrapper,
- "handle_events" : [ "_cwm_firewall_details", "_cwm_open_firewall" ],
- ], settings);
-
- return ret;
- }
-
- /**
- * Check if settings were modified by the user
- * @return boolean true if settings were modified
- */
- global boolean Modified () {
- return SuSEFirewall::GetModified ();
- }
-
-
- // EOF
- }
-