Assign default group to newly created devices
[strongswan.git] / src / libimcv / imv / imv_policy_manager.c
index 641f8a2..737929a 100644 (file)
 
 #include <stdlib.h>
 #include <stdio.h>
+#include <time.h>
+
+/* The default policy group #1 is assumed to always exist */
+#define DEFAULT_GROUP_ID       1
 
 /**
  * global debug output variables
@@ -52,13 +56,15 @@ bool policy_start(database_t *db, int session_id)
        enumerator_t *e;
        int id, gid, device_id, product_id, group_id = 0, parent;
        int type, file, dir, arg_int, rec_fail, rec_noresult;
+       u_int created;
        char *argument;
 
        /* get session data */
        e = db->query(db,
-                       "SELECT device, product FROM sessions WHERE id = ? ",
-                        DB_INT, session_id, DB_INT, DB_INT);
-       if (!e || !e->enumerate(e, &device_id, &product_id))
+                       "SELECT s.device, s.product, d.created FROM sessions AS s "
+                       "LEFT JOIN devices AS d ON s.device = d.id WHERE s.id = ?",
+                        DB_INT, session_id, DB_INT, DB_INT, DB_UINT);
+       if (!e || !e->enumerate(e, &device_id, &product_id, &created))
        {
                DESTROY_IF(e);
                fprintf(stderr, "session %d not found\n", session_id);
@@ -70,7 +76,7 @@ bool policy_start(database_t *db, int session_id)
        if (device_id)
        {
                e = db->query(db,
-                               "SELECT group_id FROM group_members WHERE device = ?",
+                               "SELECT group_id FROM groups_members WHERE device_id = ?",
                                 DB_INT, device_id, DB_INT);
                if (e)
                {
@@ -80,14 +86,26 @@ bool policy_start(database_t *db, int session_id)
                        }
                        e->destroy(e);
                }
+
+               /* set the creation date if hasn't been set yet */
+               if (!created)
+               {
+                       if (db->execute(db, NULL,
+                                       "UPDATE devices SET created = ? WHERE id = ?",
+                                       DB_UINT, time(NULL), DB_INT, device_id) != 1)
+                       {
+                               fprintf(stderr, "creation date of device could not be set\n");
+                               return FALSE;
+                       }
+               }
        }
 
        /* if no group membership found, try default product group */
        if (!group_id)
        {
                e = db->query(db,
-                               "SELECT group_id FROM default_product_groups WHERE product = ?",
-                                DB_INT, product_id, DB_INT);
+                               "SELECT group_id FROM groups_product_defaults "
+                               "WHERE product_id = ?", DB_INT, product_id, DB_INT);
                if (e)
                {
                        if (e->enumerate(e, &gid))
@@ -98,6 +116,15 @@ bool policy_start(database_t *db, int session_id)
                }
        }
 
+       /* assign a newly created device to a default group */
+       if (device_id && !created)
+       {
+               db->execute(db, NULL,
+                       "INSERT INTO groups_members (device_id, group_id) "
+                       "VALUES (?, ?)", DB_INT, device_id,
+                       DB_INT, group_id ? group_id : DEFAULT_GROUP_ID);
+       }
+
        /* get iteratively enforcements for given group */
        while (group_id)
        {
@@ -276,4 +303,3 @@ int main(int argc, char *argv[])
 
        exit(EXIT_SUCCESS);
 }
-