ACC SHELL

/**
 * File:	clients/security.ycp
 * Package:	Security configuration
 * Summary:	Main file
 * Authors:	Michal Svec <msvec@suse.cz>
 *
 * $Id: security.ycp 57402 2009-06-02 20:40:08Z jsuchome $
 *
 * This is a main file of the module. There is in the file
 * only some calls to the basic functions. The settings are
 * initialized, main dialog is called and then settings are
 * saved.
 */

{

/***
 * <h3> Security configuration
 */

textdomain "security";

/* The main () */
y2milestone("----------------------------------------");
y2milestone("Security module started");

import "CommandLine";
import "Report";
import "Security";

include "security/wizards.ycp";

// --------------------------------------------------------------------------
// --------------------------------- cmd-line handlers

/**
 * Print security summary
 * @return boolean false
 */
define boolean SecuritySummaryHandler (map options) {

    list sum = Security::Summary ();
    CommandLine::Print (sum[0]:"");
    return false; // do not call Write...
}

/**
 * Set security level
 * @return boolean successfully modified?
 */
define boolean SecurityLevelHandler (map options) {

    any current = `custom;
    maplist (string key, map level, Levels, {
	if(level == Security::Settings)
	    current = key;
    });
    string lvl	= "";
    if (haskey (options, "home"))
	lvl	= "Level1";
    else if (haskey (options, "network"))
	lvl	= "Level2";
    else if (haskey (options, "server"))
	lvl	= "Level3";

    if (current != lvl)
    {
	Security::Settings = Levels[lvl]:$[];
	Security::modified = true;
	return true;
    }
    return false;
}

/**
 * Set value of specific security option
 * @return boolean false
 */
define boolean SecuritySetHandler (map options) {

    if (haskey (options, "passwd") &&
	options["passwd"]:"" != Security::Settings["PASSWD_ENCRYPTION"]:"")
    {
	Security::Settings["PASSWD_ENCRYPTION"]	= options["passwd"]:"des";
	Security::modified = true;
    }
    if (haskey (options, "crack") &&
	options["crack"]:"" != Security::Settings["PASSWD_USE_CRACKLIB"]:"")
    {
	Security::Settings["PASSWD_USE_CRACKLIB"] = options["crack"]:"yes";
	Security::modified = true;
    }
    if (haskey (options, "permissions") &&
	! issubstring (Security::Settings["PERMISSION_SECURITY"]:"",
	options["permissions"]:""))
    {
	Security::Settings["PERMISSION_SECURITY"] =
	    options["permissions"]:"" + " local";
	Security::modified = true;
    }

    if (haskey (options, "remember") &&
	Security::Settings["PASSWD_REMEMBER_HISTORY"]:"0" != options["remember"]:"0")
    {
	integer to_remember	= tointeger (options["remember"]:"0");
	if (to_remember == nil || to_remember < 0 || to_remember > 400)
	{
	    // error message
	    Report::Error (_("The number of passwords to remember must be between 0 an 400."));
	    return false;
	}
	Security::Settings["PASSWD_REMEMBER_HISTORY"] = options["remember"]:"0";
	Security::modified = true;
    }
    return Security::modified;
}



/* the command line description map */
map cmdline = $[
    "id"		: "security",
    // translators: command line help text for Securoty module
    "help"		: _("Security configuration module"),
    "guihandler"	: SecuritySequence,
    "initialize"	: Security::Read,
    "finish"		: Security::Write,
    "actions"		: $[
	"summary" :$[
	    "handler"	: SecuritySummaryHandler,
	    // command line help text for 'summary' action
	    "help"	: _("View summary of current configuration"),
	],
	"level" :$[
	    "handler"	: SecurityLevelHandler,
	    // command line help text for 'level' action
	    "help"	: _("Set the security level"),
	],
	"set" :$[
	    "handler"	: SecuritySetHandler,
	    // command line help text for 'set' action
	    "help"	: _("Set the value of the specific option"),
	],
    ],
    "options"		: $[
	"home"		: $[
	    // command line help text for 'level home' option
	    "help"	: _("Home Workstation security level (without network)")
	],
	"network"	: $[
	    // command line help text for 'level network' option
	    "help"	: _("Networked Workstation security level")
	],
	"server"	: $[
	    // command line help text for 'level server' option
	    "help"	: _("Network Server security level")
	],
	"passwd"	: $[
	    // command line help text for 'set passwd' option
	    "help"	: _("Password encryption method"),
	    "type"	: "enum",
	    "typespec"	: [ "des", "md5", "blowfish" ],
	],
	"crack"	: $[
	    // command line help text for 'set crack' option
	    "help"	: _("Check new passwords"),
	    "type"	: "enum",
	    "typespec"	: [ "yes", "no" ],
	],
	"permissions" : $[
	    // command line help text for 'set permissions' option
	    "help"	: _("Set file permissions to desired type"),
	    "type"	: "enum",
	    "typespec"	: [ "easy", "secure", "paranoid" ],
	],
	"remember"	: $[
	    // command line help text for 'set remember' option
	    "help"	: _("Set the number of remembered user passwords"),
	    "type"	: "string",
	],
    ],
    "mappings"		: $[
	"summary"	: [],
	"level"		: [ "home", "network", "server" ],//FIXME 1,2,3 aliases
	"set"		: [ "passwd", "crack", "permissions", "remember" ],
    ]
];

any ret = CommandLine::Run (cmdline);
y2debug("ret == %1", ret);

/* Finish */
y2milestone("Security module finished");
y2milestone("----------------------------------------");
return ret;

/* EOF */
}