- Updated the tools directory

3eab69f0 · Project Open · 6238d0a7 · 3eab69f0 · 3eab69f0 · 3eab69f0
Commit 3eab69f0 authored Jun 21, 2021 by Project Open
8 changed files
--- a/tools/createserver51.sh
+++ b/tools/createserver51.sh
--- a/tools/dropserver.sh
+++ b/tools/dropserver.sh
@@ -46,7 +46,6 @@ fi
 WEBDIR=/web
 HOMEDIR=$WEBDIR/$POUSER
 SERVICEDIR=/web/service/$POUSER
-
 GRAVEYARD=/web/garbage/backup_canceled_servers

 echo "drop server for '$POUSER'"

--- a/tools/dropserver51.sh
+++ b/tools/dropserver51.sh
+################################################################
+#   v0.1  - USE WITH CAUTION
+#   Last changed: 2016-10-12
+################################################################
+# 
+# Drops ]po[ 4.x and ]po[ 5.x servers   
+#
+################################################################
+# ToDo:
+################################################################
+
+# defaults
+
+# function usage () {
+#        cat <<EOF
+#            Usage: createserver.sh [options] user [password]
+#            -h, --help          help
+#            Example: dropserver.sh worldbank
+#        EOF
+#    exit
+# }
+
+# Must run as root so that we can shutdown backuppc and mount drives 
+if [ $(whoami) != "root" ]; then
+    echo "You need to run this script as root."
+    echo "Use 'sudo ./$script_name' then enter your password when prompted."
+    exit 1
+fi
+
+POUSER=$1
+
+if [ $? != 0 ] ; then
+    echo "wrong option..." >&2 ;
+    # usage
+fi
+
+if test "$POUSER" = ""; then
+    echo "param missing"
+    # usage
+fi
+
+#
+# directories
+#
+
+WEBDIR=/web
+HOMEDIR=$WEBDIR/$POUSER
+SERVICEDIR=/web/service/$POUSER
+
+GRAVEYARD=/web/garbage/backup_canceled_servers
+
+echo "drop server for '$POUSER'"
+read -p "Continue (y/n)?"
+
+if [ $REPLY == "n" ]; then
+    exit 1
+fi
+
+PGDUMP=/usr/bin/pg_dump
+DROPDB=/usr/bin/dropdb
+DROPUSER=/usr/bin/dropuser
+
+
+# Alternatives:
+# PGDUMP="/usr/local/pgsql/bin/pg_dump -p 5433"
+# DROPDB="/usr/local/pgsql/bin/dropdb -p 5433"
+# DROPUSER="/usr/local/pgsql/bin/dropuser -p 5433"
+
+NOW=$(date +"%y%m%d%H%M%S")
+echo "Creating unique folder in /tmp: $NOW"
+mkdir /tmp/$NOW
+
+if ! test -e $SCRIPTDIR/$DBDUMP; then
+    echo "$SCRIPTDIR/$DBDUMP doesn't exist (SCRIPTDIR=$SCRIPTDIR)"
+    exit
+fi
+
+# shut down service
+# svc -d /web/service/$POUSER
+
+# delete old backups & dump database
+
+echo ""
+
+echo "Now Shut down server ..."
+read -p "Continue (y/n)?"
+if [ $REPLY == "y" ]; then
+    systemctl stop po@$POUSER
+    echo "server shut down"
+fi
+
+echo ""
+
+echo "Creating DB dump:"
+echo "/bin/su --login $POUSER --command $PGDUMP --no-owner --clean --disable-dollar-quoting --format=p --file=/web/$POUSER/filestorage/backup/pg_dump.aachen.project-open.net.$POUSER.final.sql"
+read -p "Continue (y/n)?"
+if [ $REPLY == "y" ]; then
+    /bin/su --login $POUSER --command "$PGDUMP --no-owner --clean --disable-dollar-quoting --format=p --file=/web/$POUSER/filestorage/backup/pg_dump.aachen.project-open.net.$POUSER.final.sql"
+    echo "created new db_dump"
+fi
+
+echo ""
+
+echo "Now move old backups to temp folder ...."
+echo "mv /web/$POUSER/filestorage/backup/*.sql /tmp/$NOW/"
+read -p "Continue (y/n)?"
+if [ $REPLY == "y" ]; then
+    mv /web/$POUSER/filestorage/backup/*.sql /tmp/$NOW/
+    echo "moved files to tmp folder"
+fi
+
+echo ""
+
+
+
+
+echo "Drop DB:"
+
+echo "/bin/su --login $POUSER --command '$DROPDB $POUSER'"
+read -p "Continue (y/n)?"
+if [ $REPLY == "y" ]; then
+    /bin/su --login $POUSER --command "$DROPDB $POUSER"
+    echo "dropped db"
+fi
+
+echo ""
+
+echo "Now tar filstorage and move to grave yard ..."
+echo "tar czvf $GRAVEYARD/filestorage_$POUSER.tgz /web/$POUSER/filestorage"
+read -p "Continue (y/n)?"
+if [ $REPLY == "y" ]; then
+    tar czvf $GRAVEYARD/filestorage_$POUSER.tgz /web/$POUSER/filestorage
+    echo "Filestorage moved to grave yard"
+fi
+
+echo ""
+
+echo "Now removing server:"
+echo "mv /web/$POUSER /tmp/$NOW/"
+read -p "Continue (y/n)?"
+if [ $REPLY == "y" ]; then
+    mv /web/$POUSER /tmp/$NOW/
+    echo "Moved server to tmp folder"
+fi
+
+echo ""
+
+# echo "Now removing service ..."
+# echo "mv /web/service/$POUSER /tmp/$NOW"
+# read -p "Continue (y/n)?"
+# if [ $REPLY == "y" ]; then
+#    mv /web/service/$POUSER /tmp/$NOW
+#    echo "Moved server to tmp folder"
+# fi
+# echo ""
+
+echo "Now delete user ..."
+echo "userdel $POUSER"
+read -p "Continue (y/n)?"
+if [ $REPLY == "y" ]; then
+    userdel $POUSER
+    echo "User deleted"
+fi
+
+echo ""
+
+echo " /bin/su --login postgres --command '$DROPUSER $POUSER'"
+read -p "Continue (y/n)?"
+if [ $REPLY == "y" ]; then
+    /bin/su --login postgres --command "$DROPUSER $POUSER"
+    echo "db user dropped"
+fi
+
+echo "Now removing service ..."
+echo "mv /web/service/$POUSER /tmp/$NOW/ttt"
+read -p "Continue (y/n)?"
+if [ $REPLY == "y" ]; then
+    mv /web/service/$POUSER /tmp/$NOW/ttt
+    echo "Moved service directory to tmp folder"
+fi
+
+echo ""
+echo ""
+echo ""
+echo "*** Finished script ***"
+echo ""
+echo ""
+
+exit 0
+
--- a/tools/git-clone-nocust.sh
+++ b/tools/git-clone-nocust.sh
--- a/tools/git-clone-vanilla.sh
+++ b/tools/git-clone-vanilla.sh
@@ -108,6 +108,7 @@ git clone https://gitlab.project-open.net/project-open/ref-timezones.git
 git clone https://gitlab.project-open.net/project-open/ref-us-counties.git
 git clone https://gitlab.project-open.net/project-open/ref-us-states.git
 git clone https://gitlab.project-open.net/project-open/ref-us-zipcodes.git
+git clone https://gitlab.project-open.net/project-open/richtext-ckeditor4
 git clone https://gitlab.project-open.net/project-open/rss-support.git
 git clone https://gitlab.project-open.net/project-open/search.git
 git clone https://gitlab.project-open.net/project-open/sencha-core.git

--- a/tools/git-pull.sh
+++ b/tools/git-pull.sh
+#!/bin/bash
+
+# No directory has been provided, use current
+dir="$1"
+if [ -z "$dir" ]
+then
+    dir="`pwd`"
+fi
+
+# Make sure directory ends with "/"
+if [[ $dir != */ ]]
+then
+    dir="$dir/*"
+else
+    dir="$dir*"
+fi
+
+# Loop all sub-directories
+for f in $dir
+do
+    # Only interested in directories
+    [ -d "${f}" ] || continue
+
+    # Only interested in GIT repositories
+    [ -d "$f/.git" ] || continue
+
+    cd $f
+
+    # Format the output - use colors only in terminal
+    if test -t 1; then
+	echo ""
+	echo -en "\033[0;35m"
+	echo "${f}"
+	echo -en "\033[0m"
+    else
+	echo "${f}"
+    fi
+
+    git pull
+done
--- a/tools/po-security-check.sh
+++ b/tools/po-security-check.sh
+#!/usr/bin/perl
+
+# --------------------------------------------------------------
+# po_security_check
+#
+# Automatic Security Check
+# Copyright (c) 2004  - 2009 ]project-open[
+#
+# @author: Frank Bergmann <frank.bergmann@project-open.com>
+# --------------------------------------------------------------
+
+use strict;
+
+# Constants, variables and parameters
+#
+my $debug = 0;
+my $folder_root = "/web/projop/packages/intranet-*";
+
+
+print "ToDo: Add a search for 'eval' and 'exec' to the security check to see potential vulnerabilities\n";
+
+
+# Write a .CSV Header line so that the output can 
+# be opened by Excel directly.
+print "filename;status;require_login;ad_maybe_redirect_for_registration;ad_verify_and_get_user_id;unsave_dollar;im_permission;comment\n";
+
+# Main loop: use "find" to get the list of all TCL
+# files in $folder_root.
+#
+my $last_package_key = "";
+open(FILES, "find $folder_root -type f | grep -v CVS |");
+while (my $file=<FILES>) {
+	# Remove trailing "\n"
+	chomp($file);
+	my $is_library_tcl = 0;
+
+	# Print a header line for every package
+	&print_header($file);
+	
+	# Extract the file extension
+	$file =~ /\.([^\.]*)$/;
+	my $file_ext=$1;
+
+	# Check if this is a library file
+	if ($file =~ /\/tcl\//) { $is_library_tcl = 1; }
+	
+	# Treat the files according to their extension
+	&analyze_tcl_page($file) if ($file_ext =~ /tcl$/ and 0 == $is_library_tcl);
+	&analyze_tcl_lib($file) if ($file_ext =~ /tcl$/ and 1 == $is_library_tcl);
+#	&analyze_xql($file) if ($file_ext =~ /xql$/);
+
+#	&analyze_adp($file) if ($file_ext =~ /adp$/);
+}
+close(FILES);
+
+
+# Print a new line in the CSV file for every 
+# package that we find...
+# file may look like: "N:\aimdev\packages\nesta-static\..."
+#
+sub print_header {
+	(my $file) = @_;
+	print "print_header: file='$file'\n" if ($debug > 1);
+
+	if ($file =~ /packages\/([^\/]*)\//) {
+		my $package_key = $1;
+		if ($last_package_key ne $package_key) {
+			print "$package_key\n";
+			$last_package_key = $package_key;
+		}
+	
+	}
+}
+
+
+# Analyze a single TCL page:
+# We're currently checking for the the presence of 
+# autentication only ([auth::require_login] or similar).
+#
+sub analyze_tcl_page {
+	(my $file) = @_;
+	print "analyze_tcl_page: file='$file'\n" if ($debug);
+
+	my $require_login = 0;
+	my $ad_maybe_redirect_for_registration = 0;
+	my $ad_verify_and_get_user_id = 0;
+	my $unsave_dollar = 0;
+	my $im_permission = 0;
+	my $comment = "";
+	
+	open(F, $file);
+	while (my $line = <F>) {
+		$require_login++ if ($line =~ /require_login/);
+		$im_permission++ if ($line =~ /im_permission/);
+		$ad_maybe_redirect_for_registration++ if ($line =~ /ad_maybe_redirect_for_registration/);
+		$ad_verify_and_get_user_id++ if ($line =~ /ad_verify_and_get_user_id/);
+	}	
+	close(F);
+
+	# Calculate the status - green, yellow or red
+	my $sum = $require_login + $ad_maybe_redirect_for_registration + $ad_verify_and_get_user_id;
+	my $status = "undefined";
+	if ($sum == 0) {
+		$status = "red";
+		$comment = "Didn't find any authentication in file";
+	}
+	if ($sum > 0) {
+		$status = "yellow";
+		$comment = "Authentication found, but deprecated";
+	}
+	$status = "green" if ($require_login > 0);
+
+	print "$file;$status;$require_login;$ad_maybe_redirect_for_registration;$ad_verify_and_get_user_id;$unsave_dollar;$im_permission;\"$comment\"\n";
+}
+
+
+# Analyze a single XQL file:
+# We just check that it doesn't contain "$"-variables.
+# 
+#
+sub analyze_xql {
+	(my $file) = @_;
+	print "analyze_xql: file='$file'\n" if ($debug);
+
+	my $dollar_count = 0;
+	my $status = "undefined";
+	my $comment = "";
+
+	open(F, $file);
+	while (my $line = <F>) {
+		if ($line =~ /\$(\w*)/) {
+			$dollar_count++;
+			$comment = $comment." \$$1";
+		}
+	}	
+	close(F);
+
+	# Calculate the status - green, yellow or red
+	$status = "green";
+	if ($dollar_count > 0) {
+		$status = "yellow";
+		$comment = $comment." - Found a \$ character in XQL file";
+	}
+
+	print "$file;$status;;;;$dollar_count;;\"$comment\"\n";
+}
+
+
+# Analyze a single TCL library file
+#
+sub analyze_tcl_lib {
+	(my $file) = @_;
+	print "analyze_tcl_lib: file='$file'\n" if ($debug);
+}
+
+
+
+
--- a/tools/restore-po51demo.sh
+++ b/tools/restore-po51demo.sh
+################################################################
+#   (c)  klaus.hofeditz@project-open.com and
+#        frank.bergmann@project-open.com
+# 
+#   v0.4  - USE WITH CAUTION
+#
+#   Last changed: 2020-12-17
+#
+#   restores po51demo, daily cronjob  
+#
+################################################################
+
+echo "******************************************"
+echo "restore-po51demo.sh"
+echo "******************************************"
+
+
+
+echo "systemctl stop po@po51demo"
+systemctl stop po@po51demo
+sleep 1
+
+echo "killall -9 nsd; dropdb po51demo"
+/bin/su --login po51demo --command "rm /web/po51demo/log/error*.*"
+/bin/su --login po51demo --command "killall -9 nsd; dropdb po51demo"
+sleep 1
+
+echo "createdb --owner po51demo po51demo --encoding=utf8"
+/bin/su --login postgres --command "createdb --owner po51demo po51demo --encoding=utf8"
+sleep 1
+
+# echo "sed -i 's/projop/po51demo/g' /web/po51demo/filestorage/backup/po51demo.default.sql"
+# /bin/su --login po51demo --command "/bin/sed -i 's/projop/po51demo/g' /web/po51demo/filestorage/backup/po51demo.default.sql"
+
+echo "psql -f po51demo.default.sql"
+/bin/su --login po51demo --command "/usr/bin/psql -f /web/po51demo/filestorage/backup/po51demo.default.sql > /web/po51demo/filestorage/backup/import.log 2>&1 "
+
+echo "psql -c 'update persons set demo_password = null where ...'"
+/bin/su --login po51demo --command "psql -c '
+update persons set demo_password = null where person_id in (select member_id from group_distinct_member_map where group_id = 459)'"
+
+echo "psql -c 'update persons set demo_group = ...'"
+/bin/su --login po51demo --command "psql -c \"
+update persons set demo_group = '1st - Senior Managers' where demo_group = 'Senior Managers'\""
+
+echo "psql -c 'update users set password, salt = ...'"
+/bin/su --login po51demo --command "psql -c \"
+update users set
+	password = 'F0C92552298A6F2E831F31BEA324E7988FB47E8A',
+	salt = '015330F10DAAE596590EAB22EE460FFF840B6884'
+where user_id in (
+	select member_id from group_distinct_member_map where group_id = 459
+)\""
+
+echo "psql -c 'update apm_parameters where ...parameter_name = 'SuppressHttpPort''"
+/bin/su --login po51demo --command "psql -c \"update apm_parameter_values set attr_value = '1' where parameter_id in (select parameter_id from apm_parameters where parameter_name = 'SuppressHttpPort')\""
+/bin/su --login po51demo --command "psql -c \"update apm_parameter_values set attr_value = '1' where parameter_id in (select parameter_id from apm_parameters where parameter_name = 'MoveDemoProjectsWithNextRestartP')\""
+
+
+echo "systemctl start po@po51demo"
+systemctl start po@po51demo