AZEN-SGG/amnezia-client
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

added diagrams describing the process of obtaining information about clients

Browse source
This commit is contained in:
vladimir.kuznetsov 2023-01-18 19:55:12 +03:00
parent d6d3bf6943
commit c5df7f9bb7
5 changed files with 125 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

4
client/ui/pages_logic/ClientInfoLogic.cpp
View file

@ -52,7 +52,7 @@ void ClientInfoLogic::onUpdatePage()
const QString certId = model->data(modelIndex, ClientManagementModel::ClientRoles::OpenVpnCertIdRole).toString(); const QString certId = model->data(modelIndex, ClientManagementModel::ClientRoles::OpenVpnCertIdRole).toString();
QString certData = model->data(modelIndex, ClientManagementModel::ClientRoles::OpenVpnCertDataRole).toString(); QString certData = model->data(modelIndex, ClientManagementModel::ClientRoles::OpenVpnCertDataRole).toString();
if (certData.isEmpty()) { if (certData.isEmpty() && !certId.isEmpty()) {
QString stdOut; QString stdOut;
auto cbReadStdOut = [&](const QString &data, QSharedPointer<QSsh::SshRemoteProcess> proc) { auto cbReadStdOut = [&](const QString &data, QSharedPointer<QSsh::SshRemoteProcess> proc) {
stdOut += data + "\n"; stdOut += data + "\n";
@ -66,7 +66,7 @@ void ClientInfoLogic::onUpdatePage()
m_serverController->disconnectFromHost(credentials); m_serverController->disconnectFromHost(credentials);
if (isErrorOccured(error)) { if (isErrorOccured(error)) {
set_busyIndicatorIsRunning(false); set_busyIndicatorIsRunning(false);
uiLogic()->closePage(); emit uiLogic()->closePage();
return; return;
} }
} }

6
client/ui/pages_logic/ClientManagementLogic.cpp
View file

@ -30,8 +30,10 @@ void ClientManagementLogic::onUpdatePage()
if (!protocols.empty()) { if (!protocols.empty()) {
m_currentMainProtocol = protocols.front(); m_currentMainProtocol = protocols.front();
ErrorCode error = getClientsList(m_settings->serverCredentials(uiLogic()->selectedServerIndex), const ServerCredentials credentials = m_settings->serverCredentials(uiLogic()->selectedServerIndex);
selectedContainer, m_currentMainProtocol, clients);
ErrorCode error = getClientsList(credentials, selectedContainer, m_currentMainProtocol, clients);
m_serverController->disconnectFromHost(credentials);
if (error != ErrorCode::NoError) { if (error != ErrorCode::NoError) {
QMessageBox::warning(nullptr, APPLICATION_NAME, QMessageBox::warning(nullptr, APPLICATION_NAME,
tr("An error occurred while getting the list of clients.") + "\n" + errorString(error)); tr("An error occurred while getting the list of clients.") + "\n" + errorString(error));

52
docs/openVpnClientInfoWorkFlow.plantuml Normal file
View file

@ -0,0 +1,52 @@
@startuml openVpnRevokeClientCertificate
|client management page|
start
:on update client management page;
:get clientsTable file from container;
:get a list of issued certificates;
repeat
if ( for each issued certificate:
clientsTable contains the issued certificate) then (yes)
else (no)
:add certificate id to clientsTable;
endif
repeat while (is this the last issued certificate?)
if (if clientsTable has been changed) then (yes)
:save the clientsTable file on the server;
else (no)
endif
:add clientsTable to the clientManagementModel;
|client info page|
:on update client info page;
floating note
clicked on one of the clients
on the client management page
end note
:get the certificate data for the selected client;
if (if client name has been changed) then (yes)
:update clientManagementModel;
:get clientsTable from clientManagementModel;
:save the clientsTable file on the server;
else (no)
if (if revoke certificate was clicked) then (yes)
:described in file openVpnRevokeClientCertificate.plantuml;
|client management page|
:return to page client management;
stop
else (no)
|client info page|
:just look at the beautiful page;
stop
endif
endif
stop
@enduml

19
docs/openvpnRevokeClientCertificate.plantuml → docs/openVpnRevokeClientCertificate.plantuml
View file

@ -1,21 +1,18 @@
@startuml openvpnRevokeClientCertificate @startuml openVpnRevokeClientCertificate
actor Admin as adm actor Admin as adm
participant "Amnezia Client" as cli participant "Amnezia Client" as cli
participant "Amnezia Container" as cont participant "Amnezia Container" as cont
participant "OpenVpn Service" as ovpn participant "OpenVpn Service" as ovpn
adm -> cli: revoke the selected client certificate adm -> cli: revoke the selected client certificate
cli -> cli: start progress bar cli -> cli: start busy indicator
cli -> cont: execute script "revoke openvpn client" cli -> cont: execute script "revoke openvpn client"
cont -> cont: easyrsa revoke clientName cont -> cont: cd /opt/amnezia/openvpn
note right cont -> cont: easyrsa revoke openvpnCertId
clientName is the clientId field
of the ConnectionData structure
end note
cont -> cont: easyrsa gen-crl cont -> cont: easyrsa gen-crl
cont -> cont: cp crl.pem cont -> cont: cp pki/crl.pem crl.pem
cont -> cont: add crl-verify crl.pem to server.conf
cont -> ovpn: restart openvpn service cont -> ovpn: restart openvpn service
note right note right
In the OpenVpn config In the OpenVpn config
@ -27,12 +24,12 @@ end note
group#lightgreen #lightgreen if [successful case] group#lightgreen #lightgreen if [successful case]
ovpn --> cont: restart result ovpn --> cont: restart result
cont --> cli: display that the selected certificate has been revoked cont --> cli: back to the client management page
else #pink some kind of failure else #pink some kind of failure
cont --> cli: display an error depending on when it occurred cont --> cli: display an error depending on when it occurred
end end
cli -> cli: stop progress bar cli -> cli: stop busy indicator
cli --> adm: return control to the user cli --> adm: return control to the user
@enduml @enduml

59
docs/wireGuardClientInfoWorkFlow.plantuml Normal file
View file

@ -0,0 +1,59 @@
@startuml wireGuardRevokeClientCertificate
|client management page|
start
:on update client management page;
:get clientsTable file from server;
:get wireguard config from server;
repeat
if ( for each public key in wireguard config:
clientsTable contains the public key) then (yes)
else (no)
:add public key to clientsTable;
endif
repeat while (is this the last public key?)
if (if clientsTable has been changed) then (yes)
:save the clientsTable file on the server;
else (no)
endif
:add clientsTable to the clientManagementModel;
|client info page|
:on update client info page;
floating note
clicked on one of the clients
on the client management page
end note
:get the certificate data for the selected client;
if (if client name has been changed) then (yes)
:update clientManagementModel;
:get clientsTable from clientManagementModel;
:save the clientsTable file on the server;
else (no)
if (if revoke key was clicked) then (yes)
:update clientManagementModel;
:get clientsTable from clientManagementModel;
:delete section with public key from wireguard config;
:save wireguard config on the server;
:restart wireguard service;
:save the clientsTable file on the server;
|client management page|
:return to page client management;
stop
else (no)
|client info page|
:just look at the beautiful page;
stop
endif
endif
stop
@enduml