AZEN-SGG/amnezia-client
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

added diagrams describing the process of obtaining information about clients

Browse source
This commit is contained in:
vladimir.kuznetsov 2023-01-18 19:55:12 +03:00
parent d6d3bf6943
commit c5df7f9bb7
5 changed files with 125 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

4
client/ui/pages_logic/ClientInfoLogic.cpp
View file

@ -52,7 +52,7 @@ void ClientInfoLogic::onUpdatePage()
const QString certId = model->data(modelIndex, ClientManagementModel::ClientRoles::OpenVpnCertIdRole).toString();
QString certData = model->data(modelIndex, ClientManagementModel::ClientRoles::OpenVpnCertDataRole).toString();
if (certData.isEmpty()) {
if (certData.isEmpty() && !certId.isEmpty()) {
QString stdOut;
auto cbReadStdOut = [&](const QString &data, QSharedPointer<QSsh::SshRemoteProcess> proc) {
stdOut += data + "\n";
@ -66,7 +66,7 @@ void ClientInfoLogic::onUpdatePage()
m_serverController->disconnectFromHost(credentials);
if (isErrorOccured(error)) {
set_busyIndicatorIsRunning(false);
uiLogic()->closePage();
emit uiLogic()->closePage();
return;
}
}

6
client/ui/pages_logic/ClientManagementLogic.cpp
View file

@ -30,8 +30,10 @@ void ClientManagementLogic::onUpdatePage()
if (!protocols.empty()) {
m_currentMainProtocol = protocols.front();
ErrorCode error = getClientsList(m_settings->serverCredentials(uiLogic()->selectedServerIndex),
selectedContainer, m_currentMainProtocol, clients);
const ServerCredentials credentials = m_settings->serverCredentials(uiLogic()->selectedServerIndex);
ErrorCode error = getClientsList(credentials, selectedContainer, m_currentMainProtocol, clients);
m_serverController->disconnectFromHost(credentials);
if (error != ErrorCode::NoError) {
QMessageBox::warning(nullptr, APPLICATION_NAME,
tr("An error occurred while getting the list of clients.") + "\n" + errorString(error));

52
docs/openVpnClientInfoWorkFlow.plantuml Normal file
View file

@ -0,0 +1,52 @@
@startuml openVpnRevokeClientCertificate
|client management page|
start
:on update client management page;
:get clientsTable file from container;
:get a list of issued certificates;
repeat
if ( for each issued certificate:
clientsTable contains the issued certificate) then (yes)
else (no)
:add certificate id to clientsTable;
endif
repeat while (is this the last issued certificate?)
if (if clientsTable has been changed) then (yes)
:save the clientsTable file on the server;
else (no)
endif
:add clientsTable to the clientManagementModel;
|client info page|
:on update client info page;
floating note
clicked on one of the clients
on the client management page
end note
:get the certificate data for the selected client;
if (if client name has been changed) then (yes)
:update clientManagementModel;
:get clientsTable from clientManagementModel;
:save the clientsTable file on the server;
else (no)
if (if revoke certificate was clicked) then (yes)
:described in file openVpnRevokeClientCertificate.plantuml;
|client management page|
:return to page client management;
stop
else (no)
|client info page|
:just look at the beautiful page;
stop
endif
endif
stop
@enduml

19
docs/openvpnRevokeClientCertificate.plantuml → docs/openVpnRevokeClientCertificate.plantuml
View file

@ -1,21 +1,18 @@
@startuml openvpnRevokeClientCertificate
@startuml openVpnRevokeClientCertificate
actor Admin as adm
participant "Amnezia Client" as cli
participant "Amnezia Container" as cont
participant "OpenVpn Service" as ovpn
adm -> cli: revoke the selected client certificate
cli -> cli: start progress bar
cli -> cli: start busy indicator
cli -> cont: execute script "revoke openvpn client"
cont -> cont: easyrsa revoke clientName
note right
clientName is the clientId field
of the ConnectionData structure
end note
cont -> cont: cd /opt/amnezia/openvpn
cont -> cont: easyrsa revoke openvpnCertId
cont -> cont: easyrsa gen-crl
cont -> cont: cp crl.pem
cont -> cont: cp pki/crl.pem crl.pem
cont -> cont: add crl-verify crl.pem to server.conf
cont -> ovpn: restart openvpn service
note right
In the OpenVpn config
@ -27,12 +24,12 @@ end note
group#lightgreen #lightgreen if [successful case]
ovpn --> cont: restart result
cont --> cli: display that the selected certificate has been revoked
cont --> cli: back to the client management page
else #pink some kind of failure
cont --> cli: display an error depending on when it occurred
end
cli -> cli: stop progress bar
cli -> cli: stop busy indicator
cli --> adm: return control to the user
@enduml

59
docs/wireGuardClientInfoWorkFlow.plantuml Normal file
View file

@ -0,0 +1,59 @@
@startuml wireGuardRevokeClientCertificate
|client management page|
start
:on update client management page;
:get clientsTable file from server;
:get wireguard config from server;
repeat
if ( for each public key in wireguard config:
clientsTable contains the public key) then (yes)
else (no)
:add public key to clientsTable;
endif
repeat while (is this the last public key?)
if (if clientsTable has been changed) then (yes)
:save the clientsTable file on the server;
else (no)
endif
:add clientsTable to the clientManagementModel;
|client info page|
:on update client info page;
floating note
clicked on one of the clients
on the client management page
end note
:get the certificate data for the selected client;
if (if client name has been changed) then (yes)
:update clientManagementModel;
:get clientsTable from clientManagementModel;
:save the clientsTable file on the server;
else (no)
if (if revoke key was clicked) then (yes)
:update clientManagementModel;
:get clientsTable from clientManagementModel;
:delete section with public key from wireguard config;
:save wireguard config on the server;
:restart wireguard service;
:save the clientsTable file on the server;
|client management page|
:return to page client management;
stop
else (no)
|client info page|
:just look at the beautiful page;
stop
endif
endif
stop
@enduml