From ef0c53e829cd96fdc18166e0bf854ea8ede0215f Mon Sep 17 00:00:00 2001 From: zhao Date: Mon, 14 Apr 2025 11:36:19 +0800 Subject: [PATCH] =?UTF-8?q?=E6=B7=BB=E5=8A=A0=2006=5Fcreate=5Facl=5Ffor=5F?= =?UTF-8?q?luci.sh?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: zhao --- 06_create_acl_for_luci.sh | 115 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 115 insertions(+) create mode 100644 06_create_acl_for_luci.sh diff --git a/06_create_acl_for_luci.sh b/06_create_acl_for_luci.sh new file mode 100644 index 0000000..3838033 --- /dev/null +++ b/06_create_acl_for_luci.sh @@ -0,0 +1,115 @@ +#!/bin/bash +# [CTCGFW]immortalwrt +# Use it under GPLv3, please. +# -------------------------------------------------------- +# Script for creating ACL file for each LuCI APP + +error_font="\033[31m[Error]$\033[0m " +success_font="\033[32m[Success]\033[0m " +info_font="\033[36m[Info]\033[0m " + +function echo_green_bg() { + echo -e "\033[42;37m$1\033[0m" +} + +function echo_yellow_bg() { + echo -e "\033[43;37m$1\033[0m" +} + +function echo_red_bg() { + echo -e "\033[41;37m$1\033[0m" +} + +function clean_outdated_files() { + rm -f "create_acl_for_luci.err" "create_acl_for_luci.warn" "create_acl_for_luci.ok" +} + +function check_if_acl_exist() { + ls "$1"/root/usr/share/rpcd/acl.d/*.json >/dev/null 2>&1 && return 0 || return 1 +} + +function check_config_files() { + [ "$(ls "$1"/root/etc/config/* 2>/dev/null | wc -l)" -ne "1" ] && return 0 || return 1 +} + +function get_config_name() { + ls "$1"/root/etc/config/* 2>/dev/null | awk -F '/' '{print $NF}' +} + +function create_acl_file() { + mkdir -p "$1" + echo -e "{ + \"$2\": { + \"description\": \"Grant UCI access for $2\", + \"read\": { + \"uci\": [ \"$3\" ] + }, + \"write\": { + \"uci\": [ \"$3\" ] + } + } +}" >"$1/$2.json" +} + +function auto_create_acl() { + luci_app_list="$(find package -maxdepth 2 | grep -Eo "package/.+/luci-app-[a-zA-Z0-9_-]+" | sort -s)" + + [ "$(echo -e "${luci_app_list}" | wc -l)" -gt "0" ] && for i in ${luci_app_list}; do + if check_if_acl_exist "$i"; then + echo_yellow_bg "$i: has ACL file already, skipping..." | tee -a create_acl_for_luci.warn + elif check_config_files "$i"; then + echo_red_bg "$i: has no/multi config file(s), skipping..." | tee -a create_acl_for_luci.err + else + create_acl_file "$i/root/usr/share/rpcd/acl.d" "${i##*/}" "$(get_config_name "$i")" + echo_green_bg "$i: ACL file has been generated." | tee -a create_acl_for_luci.ok + fi + done +} + +while getopts "achml:n:p:" input_arg; do + case $input_arg in + a) + clean_outdated_files + auto_create_acl + exit + ;; + m) + manual_mode=1 + ;; + p) + acl_path="$OPTARG" + ;; + l) + luci_name="$OPTARG" + ;; + n) + conf_name="$OPTARG" + ;; + c) + clean_outdated_files + exit + ;; + h | ? | *) + echo -e "${info_font}Usage: $0 [-a|-m (-p ) -l -n |-c]" + exit 2 + ;; + esac +done + +[ "$?" -ne "0" ] && exit + +if [ "*${manual_mode}*" == "*1*" ]; then + acl_path="${acl_path:-root/usr/share/rpcd/acl.d}" + if create_acl_file "${acl_path}" "${luci_name}" "${conf_name}"; then + echo -e "${success_font}Output file: $(ls "${acl_path}/${luci_name}.json")" + echo_green_bg "$(cat "${acl_path}/${luci_name}.json")" + echo_green_bg "${luci_name}: ACL file has been generated." >>"create_acl_for_luci.ok" + [ -e "create_acl_for_luci.err" ] && sed -i "/${luci_name}/d" "create_acl_for_luci.err" + else + echo -e "${error_font}Failed to create file ${acl_path}/${luci_name}.json" + echo_red_bg "${luci_name}: Failed to create ACL file." >>"create_acl_for_luci.err" + fi +else + echo -e "${info_font}Usage: $0 [-a|-m -p -l -n |-c]" + exit 2 +fi \ No newline at end of file