Changes between Version 1 and Version 2 of doc/developer/MACBlacklisting

Show
Ignore:
Timestamp:
12/23/07 20:53:07 (12 years ago)
Author:
Robin Jones
Comment:

added some sample code...

Legend:

Unmodified
Added
Removed
Modified
  • doc/developer/MACBlacklisting

    v1 v2  
    55 
    66 * Add a network_had_blacklist and blacklist table in the db.  The latter would (for now) only have a guid, MAC address, and a ban reason field. 
     7 
     8 
     9{{{ 
     10CREATE TABLE blacklist 
     11         guid text NOT NULL, 
     12         MAC text NOT NULL, 
     13         reason text,                               //will tell the user why they have been banned (if you wish to tell them) 
     14         reinstatement_date date,                   //date device will be allowed to access the network again (if any) 
     15         banned_date date,                          //timestamp user banned from network 
     16 
     17}}} 
     18 
     19 
    720 * Add a UI for it.  This implied writing a very simple "Blacklist" object that inherits from generic object, and hooking it in from Network::getAdminUI() and Network::processAdminUI() 
     21 
     22 
     23{{{ 
     24/**  
     25* Blacklist A MAC Address  
     26*  
     27* @package    WiFiDogAuthServer  
     28* @author     Robin Jones <www.networkfusion.co.uk>  
     29* @copyright  2007-2008 Robin Jones, NetworkFusion. 
     30*/ 
     31 
     32 
     33 
     34/**Add blacklisted MAC to DB 
     35*/ 
     36 
     37static function BlacklistMAC($id, $MAC, $reason, $reinstatement) {  
     38      $db = AbstractDb::getObject();  
     39  
     40        $object = null;  
     41        $id_str = $db->escapeString($id);  
     42        $MAC_str = $db->escapeString($MAC);   
     43        $reason_str = $db->escapeString($reason);  
     44        $duration_str = $db->escapeString($reinstatement);  
     45  
     46        $db->execSqlUpdate("INSERT INTO Blacklist (guid, MAC, reason, reinstatement, bannedDate) VALUES ('$id_str','MAC_str','$reason_str','$reinstatement_str',CURRENT_TIMESTAMP)");  
     47  
     48        $object = self::getObject($id);  
     49        return $object;  
     50    }  
     51 
     52 
     53 
     54    /** Return all the Blacklisted MAC's 
     55     */  
     56    static function getAllBlacklistedMACs() {  
     57        $db = AbstractDb::getObject();  
     58 
     59       $db->execSql("SELECT * FROM blacklist", $objects, false);  
     60        if ($objects == null) {  
     61            throw new Exception(_("No Blacklisted MAC's could not be found in the database"));  
     62        }  
     63       return $objects;  
     64    }  
     65 
     66 
     67}}} 
     68 
     69 
    870 * Actually use the blacklist during login attempt (at the token creation stage. This should be authenticator independent. 
    971 * Optionally, also prevent creating an account from that computer.  This MUST somehow be done within the AuthenticatorLocalUser code even if additional hooks have to be written), not in the general auth or signup code.