diff --git a/debian/ahenk.install b/debian/ahenk.install index c4555ce..d969e03 100644 --- a/debian/ahenk.install +++ b/debian/ahenk.install @@ -258,6 +258,10 @@ usr/share/ahenk/plugins/sudoers/safe.py usr/share/ahenk/plugins/sudoers/main.py usr/share/ahenk/plugins/sudoers/policy.py usr/share/ahenk/plugins/sudoers +usr/share/ahenk/plugins/browser-chrome/safe.py +usr/share/ahenk/plugins/browser-chrome/main.py +usr/share/ahenk/plugins/browser-chrome/policy.py +usr/share/ahenk/plugins/browser-chrome usr/share/ahenk/plugins/usb/manage-usb.py usr/share/ahenk/plugins/usb/scripts/ENABLED_printer.sh usr/share/ahenk/plugins/usb/scripts/ENABLED_usbstorage.sh diff --git a/usr/share/ahenk/base/system/system.py b/usr/share/ahenk/base/system/system.py index f6e8445..5e31b1b 100644 --- a/usr/share/ahenk/base/system/system.py +++ b/usr/share/ahenk/base/system/system.py @@ -292,12 +292,15 @@ class System: @staticmethod def display(username): - system = System() - if "\\" in username: - user_parser = username.split("\\") - username = user_parser[1] - display = system.db_service.select_one_result('session', 'display', " username='{0}'".format(username)) - return display + try: + system = System() + if "\\" in username: + user_parser = username.split("\\") + username = user_parser[1] + display = system.db_service.select_one_result('session', 'display', " username='{0}'".format(username)) + return display + except Exception as e: + return None @staticmethod def desktop(username): diff --git a/usr/share/ahenk/base/util/util.py b/usr/share/ahenk/base/util/util.py index 40ad67e..f52fd52 100644 --- a/usr/share/ahenk/base/util/util.py +++ b/usr/share/ahenk/base/util/util.py @@ -498,3 +498,10 @@ class Util: return version else: return None + + # return active user in sessions list + @staticmethod + def get_active_user(): + result_code, p_out, p_err = Util.execute("for sessionid in $(loginctl list-sessions --no-legend | awk '{ print $1 }'); do loginctl show-session -p Id -p Name -p User -p State -p Type -p Remote $sessionid | sort; done | awk -F= '/Name/ { name = $2 } /User/ { user = $2 } /State/ { state = $2 } /Type/ { type = $2 } /Remote/ { remote = $2 } /User/ && remote == \"no\" && state == \"active\" && (type == \"x11\" || type == \"wayland\") { print name }\'") + p_out = str(p_out).rstrip() + return p_out diff --git a/usr/share/ahenk/plugins/browser-chrome/main.py b/usr/share/ahenk/plugins/browser-chrome/main.py new file mode 100644 index 0000000..d87b112 --- /dev/null +++ b/usr/share/ahenk/plugins/browser-chrome/main.py @@ -0,0 +1,17 @@ +#!/usr/bin/env python3 +# -*- coding: utf-8 -*- +# Author: Ebru Arslan <16ebruarslan@gmail.com> + + +def info(): + inf = dict() + inf['name'] = 'browser-chrome' + inf['version'] = '1.0.0' + inf['support'] = 'debian' + inf['description'] = 'Browser chrome profile ' + inf['task'] = True + inf['user_oriented'] = True + inf['machine_oriented'] = True + inf['developer'] = '16ebruarslan@gmail.com' + + return inf diff --git a/usr/share/ahenk/plugins/browser-chrome/policy.py b/usr/share/ahenk/plugins/browser-chrome/policy.py new file mode 100644 index 0000000..b8617f7 --- /dev/null +++ b/usr/share/ahenk/plugins/browser-chrome/policy.py @@ -0,0 +1,141 @@ +#!/usr/bin/env python3 +# -*- coding: utf-8 -*- +# Author: Ebru Arslan <16ebruarslan@gmail.com> + +import json +import os +from pathlib import Path +from base.plugin.abstract_plugin import AbstractPlugin + +class BrowserChrome(AbstractPlugin): + + def __init__(self, data, context): + super(AbstractPlugin, self).__init__() + self.data = data + self.context = context + self.logger = self.get_logger() + self.message_code = self.get_message_code() + self.local_settings_path_suffix = 'policies/managed/' + self.local_settings_path = '/etc/opt/chrome/' + self.user_js_file = "liderahenk_browser_chrome_preferences.json" + + self.logger.info('Parameters were initialized.') + + def create_chrome_file(self): + try: + return os.makedirs(self.local_settings_path+self.local_settings_path_suffix, mode=0o777, exist_ok=True) + except: + raise + + def handle_policy(self): + self.logger.info('Browser Chrome plugin handling...') + try: + self.create_chrome_file() + username = self.get_username() + self.logger.info('Username: {}'.format(username)) + self.logger.debug('Writing preferences to user profile') + self.write_to_profile() + self.write_to_chrome_proxy() + self.context.create_response(code=self.message_code.POLICY_PROCESSED.value, message='Kullanıcı browser chrome profili başarıyla uygulandı.') + except Exception as e: + self.logger.error('A problem occurred while handling chrome browser profile: {0}'.format(str(e))) + self.context.create_response(code=self.message_code.POLICY_ERROR.value, message='Browser Chrome profili uygulanırken bir hata oluştu.') + + def silent_remove(self, filename): + try: + if self.is_exist(filename): + self.delete_file(filename) + self.logger.debug('{0} removed successfully'.format(filename)) + else: + self.logger.warning('{0} was tried to delete but not found.'.format(filename)) + except Exception as e: + self.logger.error('Problem occurred while removing file {0}. Exception Message is: {1}'.format(filename, str(e))) + + + def write_to_profile(self): + file_full_path = self.local_settings_path+self.local_settings_path_suffix+self.user_js_file + self.silent_remove(file_full_path) + self.create_file(file_full_path) + preferences = json.loads(self.data) + self.logger.debug('Writing preferences chrome to file ...') + content = "{\n" + for pref in preferences["preferencesChrome"]: + line = "" + if pref["value"] == "false" or pref["value"] == "true": + line = '"'+pref["preferenceName"]+'":' + str(pref["value"])+',\n' + elif type(pref["value"]).__name__ == "int": + line = '"'+pref["preferenceName"]+'":' + str(pref["value"])+',\n' + else: + line = '"'+pref["preferenceName"]+'":"' + str(pref["value"])+'",\n' + content += line + + content += "\n}" + self.write_file(file_full_path, content) + + self.logger.debug('User chrome preferences were wrote successfully') + + + def write_to_chrome_proxy(self): + #self.default_proxy_settings() + proxy_type = "0" + proxy_preferences = json.loads(self.data) + username = self.get_username() + if username is None: + username = self.get_active_user() + if len(proxy_preferences) > 0: + proxy_data = proxy_preferences["proxyListChrome"] + for pref in proxy_data: + if pref["preferenceName"] == "type": + proxy_type = pref['value'] + + if proxy_type == '0': + self.execute("su - {0} -c 'gsettings set org.gnome.system.proxy mode 'none''".format(username)) + elif proxy_type == '1': + self.execute("su - {0} -c 'gsettings set org.gnome.system.proxy mode 'manual''".format(username)) + for pref in proxy_data: + if pref["preferenceName"] == "httpHost": + self.execute("su - {0} -c 'gsettings set org.gnome.system.proxy.http host '{1}''".format(username,str(pref['value']))) + if pref["preferenceName"] == "httpPort": + self.execute("su - {0} -c ' gsettings set org.gnome.system.proxy.http port '{1}''".format(username,str(pref['value']))) + if pref["preferenceName"] == "httpsHost": + self.execute("su - {0} -c 'gsettings set org.gnome.system.proxy.https host '{1}''".format(username,str(pref['value']))) + if pref["preferenceName"] == "httpsPort": + self.execute("su - {0} -c 'gsettings set org.gnome.system.proxy.https port '{1}''".format(username,str(pref['value']))) + if pref["preferenceName"] == "ftpHost": + self.execute("su - {0} -c 'gsettings set org.gnome.system.proxy.ftp host '{1}''".format(username,str(pref['value']))) + if pref["preferenceName"] == "ftpPort": + self.execute("su - {0} -c 'gsettings set org.gnome.system.proxy.ftp port '{1}''".format(username,str(pref['value']))) + if pref["preferenceName"] == "socksHost": + self.execute("su - {0} -c 'gsettings set org.gnome.system.proxy.socks port '{1}''".format(username,str(pref['value']))) + if pref["preferenceName"] == "socksPort": + self.execute("su - {0} -c 'gsettings set org.gnome.system.proxy.socks port '{1}''".format(username,str(pref['value']))) + elif proxy_type == '2': + self.execute("su - {0} -c 'gsettings set org.gnome.system.proxy mode 'auto''".format(username)) + self.execute("su - {0} -c 'gsettings set org.gnome.system.proxy autoconfig-url '{1}''".format(username,str(pref['value']))) + + else: + self.logger.debug("Proxy preferences files is empty!!") + self.logger.debug('User proxy preferences were wrote successfully') + + def default_proxy_settings(self): + username = self.get_username() + if username is None: + username = self.get_active_user() + if (self.execute("su - {0} -c 'gsettings get org.gnome.system.proxy mode'".format(self.username))) != 'none': + self.execute("su - {0} -c 'gsettings set org.gnome.system.proxy autoconfig-url '''".format(username)) + self.execute("su - {0} -c 'gsettings set org.gnome.system.proxy ignore-hosts ['localhost', '127.0.0.0/8']".format(username)) + self.execute("su - {0} -c 'gsettings set org.gnome.system.proxy mode 'none''".format(username)) + #self.execute("su - {0} -c 'gsettings set org.gnome.system.proxy use-same-proxy true'".format(username)) + self.execute("su - {0} -c 'gsettings set org.gnome.system.proxy.ftp host '''".format(username)) + self.execute("su - {0} -c 'gsettings set org.gnome.system.proxy.ftp port 0'".format(username)) + self.execute("su - {0} -c 'gsettings set org.gnome.system.proxy.http host '''".format(username)) + self.execute("su - {0} -c 'gsettings set org.gnome.system.proxy.http port 8080'".format(username)) + self.execute("su - {0} -c 'gsettings set org.gnome.system.proxy.https host '''".format(username)) + self.execute("su - {0} -c 'gsettings set org.gnome.system.proxy.https port 0'".format(username)) + self.execute("su - {0} -c 'gsettings set org.gnome.system.proxy.socks host '''".format(username)) + self.execute("su - {0} -c 'gsettings set org.gnome.system.proxy.socks port 0'".format(username)) + #self.execute("su - {0} -c 'gsettings set org.gnome.system.proxy.http use-authentication false'".format(username)) + +def handle_policy(profile_data, context): + browser = BrowserChrome(profile_data, context) + browser.handle_policy() diff --git a/usr/share/ahenk/plugins/browser-chrome/safe.py b/usr/share/ahenk/plugins/browser-chrome/safe.py new file mode 100644 index 0000000..1bba963 --- /dev/null +++ b/usr/share/ahenk/plugins/browser-chrome/safe.py @@ -0,0 +1,29 @@ +from base.plugin.abstract_plugin import AbstractPlugin + + +class Safe(AbstractPlugin): + def __init__(self, context): + super(Safe, self).__init__() + self.context = context + self.logger = self.get_logger() + self.local_settings_path_suffix = 'policies/managed/' + self.local_settings_path = '/etc/opt/chrome/' + self.user_js_file = 'liderahenk_browser_chrome_preferences.json' + self.logger.info('Parameters were initialized.') + self.username = self.context.get('username') + + def handle_safe_mode(self): + profil_full_path = self.local_settings_path+self.local_settings_path_suffix+self.user_js_file + if self.is_exist(profil_full_path): + self.delete_file(profil_full_path) + else: + self.logger.debug("{0} user's privilege file not found".format(self.username)) + self.default_proxy_settings() + + def default_proxy_settings(self): + if (self.execute("su - {0} -c 'gsettings get org.gnome.system.proxy mode'".format(self.username))) != "'none'": + self.execute("su - {0} -c 'gsettings set org.gnome.system.proxy mode 'none''".format(self.username)) + +def handle_mode(context): + init = Safe(context) + init.handle_safe_mode() diff --git a/usr/share/ahenk/plugins/remote-access/setup-vnc-server.py b/usr/share/ahenk/plugins/remote-access/setup-vnc-server.py index 5ada38c..409efb0 100644 --- a/usr/share/ahenk/plugins/remote-access/setup-vnc-server.py +++ b/usr/share/ahenk/plugins/remote-access/setup-vnc-server.py @@ -51,6 +51,8 @@ class SetupVnc(AbstractPlugin): def run_vnc_server(self): # user_name = self.db_service.select_one_result('session', 'username', " 1=1 order by id desc ") user_name = self.get_username() + if user_name is None: + user_name = self.get_active_user() self.logger.info('get logon username is {0}'.format(user_name)) self.logger.debug('Is VNC server installed?') if self.is_installed('x11vnc') is False: @@ -65,6 +67,8 @@ class SetupVnc(AbstractPlugin): self.logger.debug('Getting display and username...') # display_number = self.get_username_display(user_name) display_number = self.Sessions.display(user_name) + if display_number is None: + display_number = self.get_username_display() desktop_env = self.get_desktop_env() if desktop_env == "gnome": display_number = self.get_username_display_gnome(user_name) @@ -73,6 +77,8 @@ class SetupVnc(AbstractPlugin): #self.logger.info("Get home directory of {0} is {1}".format(user_name, homedir)) # this user_name for execute method user_name = self.get_as_user() + if user_name is None: + user_name = self.get_active_user() self.logger.debug('Username:{0} Display:{1}'.format(user_name, display_number)) #if self.is_exist('{0}/.vncahenk{1}'.format(homedir, user_name)) is True: # self.delete_folder('{0}/.vncahenk{1}'.format(homedir, user_name))