Commit abc621a2 authored by Franco Fichtner's avatar Franco Fichtner

config: tone down overrides for config revision history

parent be965a7f
......@@ -306,34 +306,28 @@ function set_device_perms() {
}
function make_config_revision_entry($desc = null, $override_user = null)
function make_config_revision_entry($desc = null)
{
global $config;
if (empty($override_user)) {
if (empty($_SESSION["Username"])) {
$username = getenv("USER");
if (empty($username) || $username == "root") {
$username = "(system)";
}
} else {
$username = $_SESSION["Username"];
}
if (!empty($_SERVER['REMOTE_ADDR'])) {
$username .= '@' . $_SERVER['REMOTE_ADDR'];
}
if (!empty($_SESSION['Username'])) {
$username = $_SESSION['Username'];
} else {
$username = $override_user;
$username = '(' . shell_exec('/usr/bin/whoami') . ')';
}
if (!empty($_SERVER['REMOTE_ADDR'])) {
$username .= '@' . $_SERVER['REMOTE_ADDR'];
}
if ($desc == null) {
$desc = sprintf(gettext('%s changed the configuration'), $_SERVER['SCRIPT_NAME']);
}
$revision = array();
$revision['username'] = $username;
$revision['time'] = microtime(true);
if ($desc == null || $desc == 'Unknown') {
$revision['description'] = sprintf(gettext("%s made unknown change"), $_SERVER['SCRIPT_NAME']);
} else {
$revision['description'] = $desc;
}
$revision['description'] = $desc;
return $revision;
}
......
......@@ -644,7 +644,7 @@ function step12_submitphpaction() {
$rule['protocol'] = strtolower($server['protocol']);
$rule['type'] = "pass";
$rule['enabled'] = "on";
$rule['created'] = make_config_revision_entry(null, gettext("OpenVPN Wizard"));
$rule['created'] = make_config_revision_entry();
$config['filter']['rule'][] = $rule;
}
if (isset($pconfig['step11']['ovpnallow'])) {
......@@ -659,7 +659,7 @@ function step12_submitphpaction() {
//$rule['protocol'] = $server['protocol'];
$rule['type'] = "pass";
$rule['enabled'] = "on";
$rule['created'] = make_config_revision_entry(null, gettext("OpenVPN Wizard"));
$rule['created'] = make_config_revision_entry();
$config['filter']['rule'][] = $rule;
}
......
......@@ -121,7 +121,7 @@ function easyrule_block_rule_create($int = 'wan', $ipproto = "inet") {
$filterent['source']['address'] = $blockaliasname . strtoupper($int);
$filterent['destination']['any'] = '';
$filterent['descr'] = gettext("Easy Rule: Blocked from Firewall Log View");
$filterent['created'] = make_config_revision_entry(null, gettext("Easy Rule"));
$filterent['created'] = make_config_revision_entry();
array_splice($a_filter, 0, 0, array($filterent));
......@@ -309,7 +309,7 @@ function easyrule_pass_rule_add($int, $proto, $srchost, $dsthost, $dstport, $ipp
pconfig_to_address($filterent['source'], $srchost, $srcmask);
pconfig_to_address($filterent['destination'], $dsthost, $dstmask, '', $dstport, $dstport);
$filterent['created'] = make_config_revision_entry(null, gettext("Easy Rule"));
$filterent['created'] = make_config_revision_entry();
$a_filter[] = $filterent;
write_config($filterent['descr']);
......
......@@ -365,7 +365,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
// If this is a new rule, create an ID and add the rule
if( isset($pconfig['filter-rule-association']) && $pconfig['filter-rule-association']=='add-associated' ) {
$filterent['associated-rule-id'] = $natent['associated-rule-id'] = uniqid("nat_", true);
$filterent['created'] = make_config_revision_entry(null, gettext("NAT Port Forward"));
$filterent['created'] = make_config_revision_entry();
$config['filter']['rule'][] = $filterent;
}
mark_subsystem_dirty('filter');
......
......@@ -84,7 +84,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
foreach ($automatic_rules as $natent) {
$natent['source']['network'] = $tonathost['subnet'];
$natent['descr'] .= ' - ' . $tonathost['descr'] . ' -> ' . convert_real_interface_to_friendly_descr($natent['interface']);
$natent['created'] = make_config_revision_entry(null, gettext("Manual Outbound NAT Switch"));
$natent['created'] = make_config_revision_entry();
/* Try to detect already auto created rules and avoid duplicate them */
$found = false;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment