[pmg-api.git] / PMG / RuleDB.pm

package PMG::RuleDB;

use strict;
use warnings;
use Carp;
use DBI;
use HTML::Entities;

use PVE::SafeSyslog;

use PMG::Utils;
use PMG::DBTools;

use PMG::RuleDB::Group;

#use Proxmox::Statistic;
use PMG::RuleDB::Object;
use PMG::RuleDB::WhoRegex;
use PMG::RuleDB::ReceiverRegex;
use PMG::RuleDB::EMail;
use PMG::RuleDB::Receiver;
use PMG::RuleDB::IPAddress;
use PMG::RuleDB::IPNet;
use PMG::RuleDB::Domain;
use PMG::RuleDB::ReceiverDomain;
# fixme:
#use Proxmox::RuleDB::LDAP;
#use Proxmox::RuleDB::LDAPUser;
use PMG::RuleDB::TimeFrame;
use PMG::RuleDB::Spam;
use PMG::RuleDB::ReportSpam;
use PMG::RuleDB::Virus;
use PMG::RuleDB::Accept;
use PMG::RuleDB::Remove;
use PMG::RuleDB::ModField;
use PMG::RuleDB::MatchField;
use PMG::RuleDB::MatchFilename;
use PMG::RuleDB::Attach;
use PMG::RuleDB::Disclaimer;
use PMG::RuleDB::BCC;
use PMG::RuleDB::Quarantine;
use PMG::RuleDB::Block;
use PMG::RuleDB::Counter;
use PMG::RuleDB::Notify;
use PMG::RuleDB::Rule;
use PMG::RuleDB::ContentTypeFilter;
use PMG::RuleDB::ArchiveFilter;

sub new {
    my ($type, $dbh) = @_;
	
    $dbh = PMG::DBTools::open_ruledb("Proxmox_ruledb")  if !defined ($dbh);

    my $self = bless { dbh => $dbh }, $type;

    return $self;
}

sub close {
    my ($self) = @_;

    $self->{dbh}->disconnect();
}

sub load_groups {
    my ($self, $rule) = @_;

    defined($rule->{id}) || croak "undefined rule id: ERROR";

    my $sth = $self->{dbh}->prepare(
	"SELECT RuleGroup.Grouptype, Objectgroup.ID, " .
	"Objectgroup.Name, Objectgroup.Info " . 
	"FROM Rulegroup, Objectgroup " .
	"WHERE Rulegroup.Rule_ID = ? and " .
	"Rulegroup.Objectgroup_ID = Objectgroup.ID " .
	"ORDER BY RuleGroup.Grouptype");

    my $groups = ();

    $sth->execute($rule->{id});

    my ($from, $to, $when, $what, $action) = ((), (), (), (), ());

    while (my $ref = $sth->fetchrow_hashref()) {
	my $og = PMG::RuleDB::Group->new($ref->{name}, $ref->{info});
	$og->{id} = $ref->{id};

	if ($ref->{'grouptype'} == 0) {      #from
	    push @$from, $og;
	} elsif ($ref->{'grouptype'} == 1) { # to
	    push @$to, $og;
	} elsif ($ref->{'grouptype'} == 2) { # when
	    push @$when, $og;
	} elsif ($ref->{'grouptype'} == 3) { # what
	    push @$what, $og;
	} elsif ($ref->{'grouptype'} == 4) { # action
	    my $objects = $self->load_group_objects($og->{id});
	    my $obj = @$objects[0];
	    defined($obj) || croak("undefined action object: ERROR");
	    $og->{action} = $obj;
	    push @$action, $og;
	}
    }

    $sth->finish();

    return ($from, $to, $when, $what, $action);
}

sub save_group {
    my ($self, $og) = @_;

    defined($og->{name}) || 
	croak "undefined group attribute - name: ERROR";      
    defined($og->{info}) || 
	croak "undefined group attribute - info: ERROR";      
    defined($og->{class}) || 
	croak "undefined group attribute - class: ERROR";      

    if (defined($og->{id})) {

	$self->{dbh}->do("UPDATE Objectgroup " . 
			 "SET Name = ?, Info = ? " .
			 "WHERE ID = ?", undef, 
			 $og->{name}, $og->{info}, $og->{id});
	
	return $og->{id};

    } else {
	my $sth = $self->{dbh}->prepare(
	    "INSERT INTO Objectgroup (Name, Info, Class) " .
	    "VALUES (?, ?, ?);");

	$sth->execute($og->name, $og->info, $og->class);

	return $og->{id} = PMG::Utils::lastid($self->{dbh}, 'objectgroup_id_seq');
    }

    return undef;
}

sub new_action {
    my ($self, $obj) = @_;
    
    my $og;

    defined($obj) || croak "proxmox: undefined object";
    
    eval {

	$self->{dbh}->begin_work;

        $self->{dbh}->do("INSERT INTO Objectgroup " . 
			  "(Name, Info, Class) " .
			  "VALUES (?, ?, ?)", undef, 
			  decode_entities($obj->otype_text()),
			  $obj->oinfo(), 
			  $obj->oclass());
    		
	my $lid = PMG::Utils::lastid($self->{dbh}, 'objectgroup_id_seq');

	$og = PMG::RuleDB::Group->new();
	$og->{id} = $lid;
 
	$obj->{ogroup} = $lid;
	$obj->save($self, 1);
	
        $self->{dbh}->commit;
    };
    if (my $err = $@) {
	$self->{dbh}->rollback;
	croak $err;
    }

    return $og;
}

sub delete_group {
    my ($self, $groupid) = @_;

    defined($groupid) || croak "undefined group id: ERROR";

    eval {

	$self->{dbh}->begin_work;

	# test if group is used in rules
	$self->{dbh}->do("LOCK TABLE RuleGroup IN EXCLUSIVE MODE");

	my $sth = $self->{dbh}->prepare(
	    "SELECT Rule.Name as rulename, ObjectGroup.Name as groupname " .
	    "FROM RuleGroup, Rule, ObjectGroup WHERE " .
	    "ObjectGroup.ID = ? AND Objectgroup_ID = ObjectGroup.ID AND " .
	    "Rule_ID = Rule.ID");

	$sth->execute($groupid);

	if (my $ref = $sth->fetchrow_hashref()) {
	    croak "Group '$ref->{groupname}' is used by rule '$ref->{rulename}' - unable to delete\n";
	}

        $sth->finish();

	$self->{dbh}->do("DELETE FROM ObjectGroup " . 
			 "WHERE ID = ?", undef, $groupid);

	$self->{dbh}->do("DELETE FROM RuleGroup " . 
			 "WHERE Objectgroup_ID = ?", undef, $groupid);

	$sth = $self->{dbh}->prepare("SELECT * FROM Object " .
				      "where Objectgroup_ID = ?");
	$sth->execute($groupid);
    
	while (my $ref = $sth->fetchrow_hashref()) {
	    $self->{dbh}->do("DELETE FROM Attribut " . 
			     "WHERE Object_ID = ?", undef, $ref->{id});
	}
	
	$sth->finish();

	$self->{dbh}->do("DELETE FROM Object " . 
			 "WHERE Objectgroup_ID = ?", undef, $groupid);
	
	$self->{dbh}->commit;
    };
    if (my $err = $@) {
	$self->{dbh}->rollback;
	syslog('err', "$err");
	return $err;
    }

    return undef;
}

sub load_objectgroups {
    my ($self, $class, $id) = @_;
    
    my $sth;
	
    defined($class) || croak "undefined object class";
    
    if (!(defined($id))) {
        $sth = $self->{dbh}->prepare(
	    "SELECT * FROM Objectgroup where Class = ? ORDER BY name");
        $sth->execute($class);
    
    } else {
        $sth = $self->{dbh}->prepare(
	    "SELECT * FROM Objectgroup where Class like ? and id = ? " .
	    "order by name");
        $sth->execute($class,$id);
    }
    
    my $arr_og = ();
    while (my $ref = $sth->fetchrow_hashref()) {
    	my $og = PMG::RuleDB::Group->new($ref->{name}, $ref->{info},
					 $ref->{class});
    	$og->{id} = $ref->{id};

	if ($class eq 'action') {
	    my $objects = $self->load_group_objects($og->{id});
	    my $obj = @$objects[0];
	    defined($obj) || croak("undefined action object: ERROR");
	    $og->{action} = $obj;
	}
    	push @$arr_og, $og;
    }
    
    $sth->finish();

    return $arr_og;
}

sub get_object {
    my ($self, $otype) = @_;

     my $obj;
    
    # WHO OBJECTS
    if ($otype == PMG::RuleDB::Domain::otype()) {
	$obj = PMG::RuleDB::Domain->new();
    } 
    elsif ($otype == PMG::RuleDB::ReceiverDomain::otype) {
	$obj = PMG::RuleDB::ReceiverDomain->new();
    } 
    elsif ($otype == PMG::RuleDB::WhoRegex::otype) {
	$obj = PMG::RuleDB::WhoRegex->new();
    } 
    elsif ($otype == PMG::RuleDB::ReceiverRegex::otype) {
	$obj = PMG::RuleDB::ReceiverRegex->new();
    } 
    elsif ($otype == PMG::RuleDB::EMail::otype) {
	$obj = PMG::RuleDB::EMail->new();
    } 
    elsif ($otype == PMG::RuleDB::Receiver::otype) {
	$obj = PMG::RuleDB::Receiver->new();
    } 
    elsif ($otype == PMG::RuleDB::IPAddress::otype) {
	$obj = PMG::RuleDB::IPAddress->new();
    } 
    elsif ($otype == PMG::RuleDB::IPNet::otype) {
	$obj = PMG::RuleDB::IPNet->new();
    } 
# fixme
#    elsif ($otype == Proxmox::RuleDB::LDAP::otype) {
#	$obj = Proxmox::RuleDB::LDAP->new();
#    } 
#    elsif ($otype == Proxmox::RuleDB::LDAPUser::otype) {
#	$obj = Proxmox::RuleDB::LDAPUser->new();
#    } 
    # WHEN OBJECTS
    elsif ($otype == PMG::RuleDB::TimeFrame::otype) {
	$obj = PMG::RuleDB::TimeFrame->new();
    } 
    # WHAT OBJECTS
    elsif ($otype == PMG::RuleDB::Spam::otype) {
        $obj = PMG::RuleDB::Spam->new();
    }
    elsif ($otype == PMG::RuleDB::Virus::otype) {
        $obj = PMG::RuleDB::Virus->new();
    }
    elsif ($otype == PMG::RuleDB::MatchField::otype) {
        $obj = PMG::RuleDB::MatchField->new();
    }
    elsif ($otype == PMG::RuleDB::MatchFilename::otype) {
        $obj = PMG::RuleDB::MatchFilename->new();
    }
    elsif ($otype == PMG::RuleDB::ContentTypeFilter::otype) {
        $obj = PMG::RuleDB::ContentTypeFilter->new();
    }
    elsif ($otype == PMG::RuleDB::ArchiveFilter::otype) {
        $obj = PMG::RuleDB::ArchiveFilter->new();
    }
    # ACTION OBJECTS
    elsif ($otype == PMG::RuleDB::ModField::otype) {
        $obj = PMG::RuleDB::ModField->new();
    }
    elsif ($otype == PMG::RuleDB::Accept::otype()) {
        $obj = PMG::RuleDB::Accept->new();
    }
    elsif ($otype == PMG::RuleDB::ReportSpam::otype()) {
        $obj = PMG::RuleDB::ReportSpam->new();
    }
    elsif ($otype == PMG::RuleDB::Attach::otype) {
        $obj = PMG::RuleDB::Attach->new();
    }
    elsif ($otype == PMG::RuleDB::Disclaimer::otype) {
        $obj = PMG::RuleDB::Disclaimer->new();
    }
    elsif ($otype == PMG::RuleDB::BCC::otype) {
        $obj = PMG::RuleDB::BCC->new();
    }
    elsif ($otype == PMG::RuleDB::Quarantine::otype) {
        $obj = PMG::RuleDB::Quarantine->new();
    }
    elsif ($otype == PMG::RuleDB::Block::otype) {
        $obj = PMG::RuleDB::Block->new();
    }
    elsif ($otype == PMG::RuleDB::Counter::otype) {
        $obj = PMG::RuleDB::Counter->new();
    }
    elsif ($otype == PMG::RuleDB::Remove::otype) {
        $obj = PMG::RuleDB::Remove->new();
    }
    elsif ($otype == PMG::RuleDB::Notify::otype) {
        $obj = PMG::RuleDB::Notify->new();
    }
    else {
	    croak "proxmox: unknown object type: ERROR";
    }
    
    return $obj;
}

sub load_counters_data {
    my ($self) = @_;
    
    my $sth = $self->{dbh}->prepare(
	"SELECT Object.id, Objectgroup.name, Object.Value, Objectgroup.info " .
	"FROM Object, Objectgroup " . 
	"WHERE objectgroup.id = object.objectgroup_id and ObjectType = ? " .
	"order by Objectgroup.name, Value");

    my @data;

    $sth->execute(PMG::RuleDB::Counter->otype());

    while (my $ref = $sth->fetchrow_hashref()) {  	
    	my $tmp = [$ref->{id},$ref->{name},$ref->{value},$ref->{info}];
    	push (@data, $tmp);
    }
 
    $sth->finish();
 
    return @data;   
}

sub load_object {
    my ($self, $objid) = @_;
    
    my $value = '';

    defined($objid) || croak "undefined object id";

    my $sth = $self->{dbh}->prepare("SELECT * FROM Object where ID = ?");
    $sth->execute($objid);
    
    my $ref = $sth->fetchrow_hashref();

    $sth->finish();

    if (defined($ref->{'value'})) { 
        $value = $ref->{'value'}; 
    }

    if (!(defined($ref->{'objecttype'}) && 
	  defined($ref->{'objectgroup_id'}))) {
	return undef;
    }

    my $ogroup = $ref->{'objectgroup_id'};
    
    my $otype = $ref->{'objecttype'};
    my $obj = $self->get_object($otype);

    $obj->load_attr($self, $objid, $ogroup, $value);
}

sub load_group_by_name {
    my ($self, $name) = @_;

    my $sth = $self->{dbh}->prepare("SELECT * FROM Objectgroup " . 
				    "WHERE name = ?");

    $sth->execute($name);
    
    while (my $ref = $sth->fetchrow_hashref()) {
   	my $og = PMG::RuleDB::Group->new($ref->{name}, $ref->{info},
					 $ref->{class});
    	$og->{id} = $ref->{id};

	$sth->finish();

	if ($ref->{'class'} eq 'action') {
	    my $objects = $self->load_group_objects($og->{id});
	    my $obj = @$objects[0];
	    defined($obj) || croak("undefined action object: ERROR");
	    $og->{action} = $obj;
	}
	
	return $og;
    }

    $sth->finish();

    return undef;
}

sub greylistexclusion_groupid {
    my ($self) = @_;
 
    my $sth = $self->{dbh}->prepare(
	"select id from objectgroup where class='greylist' limit 1;"); 
    
    $sth->execute();
    
    my $ref = $sth->fetchrow_hashref();
    
    return $ref->{id};
}

sub load_group_objects {
    my ($self, $ogid) = @_;

    defined($ogid) || croak "undefined group id: ERROR";

    my $sth = $self->{dbh}->prepare( 
	"SELECT * FROM Object " . 
	"WHERE Objectgroup_ID = ? order by ObjectType,Value");

    my $objects = ();

    $sth->execute($ogid);

    while (my $ref = $sth->fetchrow_hashref()) {
	my $obj = $self->load_object($ref->{id});
	push @$objects, $obj;
    }

    $sth->finish();

    return $objects;
}


sub save_object {
    my ($self, $obj) = @_;
    
    $obj->save($self);

    return $obj->{id};
}

sub group_add_object {
    my ($self, $group, $obj) = @_;
    
    ($obj->oclass() eq $group->{class}) ||
	croak "wrong object class: ERROR";

    $obj->{ogroup} = $group->{id};
    
    $self->save_object($obj);
}

sub delete_object {
    my ($self, $obj) = @_;

    defined($obj->{id}) || croak "undefined object id";

    eval {

	$self->{dbh}->begin_work;

	$self->{dbh}->do("DELETE FROM Attribut " . 
			  "WHERE Object_ID = ?", undef, $obj->{id});
	
	$self->{dbh}->do("DELETE FROM Object " . 
			  "WHERE ID = ?",
			  undef, $obj->{id});

	$self->{dbh}->commit;
    };
    if (my $err = $@) {
	$self->{dbh}->rollback;
	syslog('err', $err);
	return undef;
    }

    $obj->{id} = undef;

    return 1;
}

sub save_rule {
    my ($self, $rule) = @_;

    defined($rule->{name}) || 
	croak "undefined rule attribute - name: ERROR";
    defined($rule->{priority}) || 
	croak "undefined rule attribute - priority: ERROR";
    defined($rule->{active}) || 
	croak "undefined rule attribute - active: ERROR";
    defined($rule->{direction}) || 
	croak "undefined rule attribute - direction: ERROR";

    if (defined($rule->{id})) {

	$self->{dbh}->do(
	    "UPDATE Rule " . 
	    "SET Name = ?, Priority = ?, Active = ?, Direction = ? " .
	    "WHERE ID = ?", undef, 
	    $rule->{name}, $rule->{priority}, $rule->{active}, 
	    $rule->{direction}, $rule->{id});

	return $rule->{id};

    } else {
	my $sth = $self->{dbh}->prepare(
	    "INSERT INTO Rule (Name, Priority, Active, Direction) " .
	    "VALUES (?, ?, ?, ?);");

	$sth->execute($rule->name, $rule->priority, $rule->active, 
		      $rule->direction);   

	return $rule->{id} = PMG::Utils::lastid($self->{dbh}, 'rule_id_seq');
    }

    return undef;
}

sub delete_rule {
    my ($self, $ruleid) = @_;

    defined($ruleid) || croak "undefined rule id: ERROR";

    eval {
	$self->{dbh}->begin_work;

	$self->{dbh}->do("DELETE FROM Rule " . 
			 "WHERE ID = ?", undef, $ruleid);
	$self->{dbh}->do("DELETE FROM RuleGroup " . 
			 "WHERE Rule_ID = ?", undef, $ruleid);

	$self->{dbh}->commit;
    };
    if (my $err = $@) {
	$self->{dbh}->rollback;
	syslog('err', $err);
	return undef;
    }

    return 1;
}

sub delete_testrules {
    my ($self) = @_;

    eval {
	$self->{dbh}->begin_work;

	my $sth = $self->{dbh}->prepare("Select id FROM Rule " .
					"WHERE name = 'testrule'");
	$sth->execute();

	while(my $ref = $sth->fetchrow_hashref()) {
	    $self->{dbh}->do("DELETE FROM Rule " . 
			     "WHERE ID = ?", undef, $ref->{id});
	    $self->{dbh}->do("DELETE FROM RuleGroup " . 
			     "WHERE Rule_ID = ?", undef, $ref->{id});
	}
	$sth->finish();

	$self->{dbh}->commit;
    };
    if (my $err = $@) {
	$self->{dbh}->rollback;
	croak $err;
    }

    return 1;    
}

sub create_group_with_obj {
    my ($self, $obj, $name, $desc) = @_;

    my $og = PMG::RuleDB::Group->new($name, $desc, $obj->oclass());
    $self->save_group($og);
    $self->group_add_object($og, $obj);

    return $og;
}

sub rule_add_group {
    my ($self, $ruleid, $groupid, $gtype) = @_;

    defined($ruleid) || croak "undefined rule id: ERROR";
    defined($groupid) || croak "undefined group id: ERROR";
    defined($gtype) || croak "undefined group type: ERROR";
    
    $self->{dbh}->do("INSERT INTO RuleGroup " . 
		     "(Objectgroup_ID, Rule_ID, Grouptype) " .
		     "VALUES (?, ?, ?)", undef, 
		     $groupid, $ruleid, $gtype);
    return 1;
}

sub rule_add_from_group {
    my ($self, $rule, $group) = @_;
   
    $self->rule_add_group($rule->{id}, $group->{id}, 0);
}

sub rule_add_to_group {
    my ($self, $rule, $group) = @_;
   
    $self->rule_add_group($rule->{id}, $group->{id}, 1);
}

sub rule_add_when_group {
    my ($self, $rule, $group) = @_;
   
    $self->rule_add_group($rule->{id}, $group->{id}, 2);
}

sub rule_add_what_group {
    my ($self, $rule, $group) = @_;
   
    $self->rule_add_group($rule->{id}, $group->{id}, 3);
}

sub rule_add_action {
    my ($self, $rule, $group) = @_;
   
    $self->rule_add_group($rule->{id}, $group->{id}, 4);
}

sub rule_remove_group {
    my ($self, $ruleid, $groupid, $gtype) = @_;

    defined($ruleid) || croak "undefined rule id: ERROR";
    defined($groupid) || croak "undefined group id: ERROR";
    defined($gtype) || croak "undefined group type: ERROR";

    $self->{dbh}->do("DELETE FROM RuleGroup WHERE " . 
		     "Objectgroup_ID = ? and Rule_ID = ? and Grouptype = ?",
		     undef, $groupid, $ruleid, $gtype);
    return 1;
}

sub load_rule {
    my ($self, $id) = @_;
    
    defined($id) || croak "undefined id: ERROR";
    
    my $sth = $self->{dbh}->prepare(
	"SELECT * FROM Rule where id = ? ORDER BY Priority DESC");

    my $rules = ();

    $sth->execute($id);

    my $ref = $sth->fetchrow_hashref();
    
    my $rule = PMG::RuleDB::Rule->new($ref->{name}, $ref->{priority},
				      $ref->{active}, $ref->{direction});
    $rule->{id} = $ref->{id};
	
    return $rule; 
}

sub load_rules {
    my ($self) = @_;

    my $sth = $self->{dbh}->prepare(
	"SELECT * FROM Rule ORDER BY Priority DESC");

    my $rules = ();

    $sth->execute();
    
    while (my $ref = $sth->fetchrow_hashref()) {
	my $rule = PMG::RuleDB::Rule->new($ref->{name}, $ref->{priority},
					  $ref->{active}, $ref->{direction});
	$rule->{id} = $ref->{id};
	push @$rules, $rule;
    }

    $sth->finish();

    return $rules;
}


1;

__END__

=head1 PMG::RuleDB

The RuleDB Object manages the database connection and provides an interface to manipulate the database without SQL. A typical application first create a RuleDB object:

    use PMG::RuleDB;

    $ruledb = PMG::RuleDB->new();

=head2 Database Overview

=head3 Rules

Rules contains sets of Groups, grouped by classes (FROM, TO, WHEN, WHAT and ACTION). Each rule has an associated priority and and active/inactive marker.

=head3 Groups

A Group is a set of Objects.

=head3 Objects

Objects contains the filter data.

=head3 Rule Semantics

The classes have 'and' semantics. A rule matches if the checks in FROM, TO, WHEN and WHAT classes returns TRUE.

Within a class the objects are or'ed together.

=head2 Managing Rules

=head3 $ruledb->load_rules()

    Returns an array of Rules containing all rules in the database.

=head3 $ruledb->save_rule ($rule)

One can use the following code to add a new rule to the database:

    my $rule = PMG::RuleDB::Rule->new ($name, $priority, $active);
    $ruledb->save_rule ($rule);

You can also use save_rule() to commit changes back to the database. 

=head3 $ruledb->delete_rule ($ruleid)

Removes the rule from the database.

=head3  $ruledb->rule_add_group ($rule, $og, $gtype)

Add an object group to the rule.

Possible values for $gtype are:

    0 = FROM, 1 = TO, 2 = WHEN, 3 = WHAT, 4 = ACTION

=head3  $ruledb->rule_remove_group ($rule, $og, $gtype)

Removes an object group from the rule.

=head2 Managing Objects and Groups

=head3 $ruledb->load_groups ($rule)

Return all object groups belonging to a rule. Data is divided into separate arrays:

    my ($from, $to, $when, $what, $action) = 
	$ruledb->load_groups($rule);

=head3 $ruledb->save_group ($og)

This can be used to add or modify an Group. This code segemnt creates
a new object group:

    $og = PMG::RuleDB::Group->new ($name, $desc);
    $ruledb->save_group ($og);


=head3 $ruledb->delete_group ($groupid)

Deletes the object group, all reference to the group and all objects 
belonging to this group from the Database. 

=head3 $ruledb->group_add_object ($og, $obj)

Attach an object to an object group.

=head3 $ruledb->save_object ($obj)

Save or update an object. This can be used to add new objects 
to the database (although group_add_object() is the prefered way):

    $obj =  PMG::RuleDB::EMail->new ('.*@mydomain.com');
    # we need to set the object group manually
    $obj->ogroup ($group->id);
    $ruledb->save_object ($obj);
 

=head3 $ruledb->delete_object ($obj)

Deletes the object, all references to the object  and all object 
attributes from the database.
Commit	Line	Data
72d8bf49 DM	1	package PMG::RuleDB;
	2
	3	use strict;
	4	use warnings;
	5	use Carp;
	6	use DBI;
	7	use HTML::Entities;
	8
	9	use PVE::SafeSyslog;
	10
	11	use PMG::Utils;
	12	use PMG::DBTools;
	13
	14	use PMG::RuleDB::Group;
	15
	16	#use Proxmox::Statistic;
	17	use PMG::RuleDB::Object;
	18	use PMG::RuleDB::WhoRegex;
	19	use PMG::RuleDB::ReceiverRegex;
	20	use PMG::RuleDB::EMail;
	21	use PMG::RuleDB::Receiver;
	22	use PMG::RuleDB::IPAddress;
	23	use PMG::RuleDB::IPNet;
	24	use PMG::RuleDB::Domain;
	25	use PMG::RuleDB::ReceiverDomain;
	26	# fixme:
	27	#use Proxmox::RuleDB::LDAP;
	28	#use Proxmox::RuleDB::LDAPUser;
	29	use PMG::RuleDB::TimeFrame;
	30	use PMG::RuleDB::Spam;
	31	use PMG::RuleDB::ReportSpam;
	32	use PMG::RuleDB::Virus;
	33	use PMG::RuleDB::Accept;
	34	use PMG::RuleDB::Remove;
	35	use PMG::RuleDB::ModField;
	36	use PMG::RuleDB::MatchField;
	37	use PMG::RuleDB::MatchFilename;
	38	use PMG::RuleDB::Attach;
	39	use PMG::RuleDB::Disclaimer;
	40	use PMG::RuleDB::BCC;
	41	use PMG::RuleDB::Quarantine;
	42	use PMG::RuleDB::Block;
	43	use PMG::RuleDB::Counter;
	44	use PMG::RuleDB::Notify;
	45	use PMG::RuleDB::Rule;
	46	use PMG::RuleDB::ContentTypeFilter;
c4741113	47	use PMG::RuleDB::ArchiveFilter;
72d8bf49 DM	48
	49	sub new {
	50	my ($type, $dbh) = @_;
	51
	52	$dbh = PMG::DBTools::open_ruledb("Proxmox_ruledb") if !defined ($dbh);
	53
	54	my $self = bless { dbh => $dbh }, $type;
	55
	56	return $self;
	57	}
	58
	59	sub close {
	60	my ($self) = @_;
	61
	62	$self->{dbh}->disconnect();
	63	}
	64
	65	sub load_groups {
	66	my ($self, $rule) = @_;
	67
	68	defined($rule->{id}) \|\| croak "undefined rule id: ERROR";
	69
	70	my $sth = $self->{dbh}->prepare(
	71	"SELECT RuleGroup.Grouptype, Objectgroup.ID, " .
	72	"Objectgroup.Name, Objectgroup.Info " .
	73	"FROM Rulegroup, Objectgroup " .
	74	"WHERE Rulegroup.Rule_ID = ? and " .
	75	"Rulegroup.Objectgroup_ID = Objectgroup.ID " .
	76	"ORDER BY RuleGroup.Grouptype");
	77
	78	my $groups = ();
	79
	80	$sth->execute($rule->{id});
	81
	82	my ($from, $to, $when, $what, $action) = ((), (), (), (), ());
	83
	84	while (my $ref = $sth->fetchrow_hashref()) {
	85	my $og = PMG::RuleDB::Group->new($ref->{name}, $ref->{info});
	86	$og->{id} = $ref->{id};
	87
	88	if ($ref->{'grouptype'} == 0) { #from
	89	push @$from, $og;
	90	} elsif ($ref->{'grouptype'} == 1) { # to
	91	push @$to, $og;
	92	} elsif ($ref->{'grouptype'} == 2) { # when
	93	push @$when, $og;
	94	} elsif ($ref->{'grouptype'} == 3) { # what
	95	push @$what, $og;
	96	} elsif ($ref->{'grouptype'} == 4) { # action
	97	my $objects = $self->load_group_objects($og->{id});
	98	my $obj = @$objects[0];
	99	defined($obj) \|\| croak("undefined action object: ERROR");
	100	$og->{action} = $obj;
	101	push @$action, $og;
	102	}
	103	}
	104
	105	$sth->finish();
	106
	107	return ($from, $to, $when, $what, $action);
	108	}
	109
	110	sub save_group {
	111	my ($self, $og) = @_;
112
113	defined($og->{name}) \|\|
114	croak "undefined group attribute - name: ERROR";
115	defined($og->{info}) \|\|
116	croak "undefined group attribute - info: ERROR";
117	defined($og->{class}) \|\|
118	croak "undefined group attribute - class: ERROR";
119
120	if (defined($og->{id})) {
121
122	$self->{dbh}->do("UPDATE Objectgroup " .
123	"SET Name = ?, Info = ? " .
124	"WHERE ID = ?", undef,
125	$og->{name}, $og->{info}, $og->{id});
126
127	return $og->{id};
128
129	} else {
130	my $sth = $self->{dbh}->prepare(
131	"INSERT INTO Objectgroup (Name, Info, Class) " .
132	"VALUES (?, ?, ?);");
133
134	$sth->execute($og->name, $og->info, $og->class);
135
136	return $og->{id} = PMG::Utils::lastid($self->{dbh}, 'objectgroup_id_seq');
137	}
138
139	return undef;
140	}
141
142	sub new_action {
143	my ($self, $obj) = @_;
144
145	my $og;
146
147	defined($obj) \|\| croak "proxmox: undefined object";
148
149	eval {
150
151	$self->{dbh}->begin_work;
152
153	$self->{dbh}->do("INSERT INTO Objectgroup " .
154	"(Name, Info, Class) " .
155	"VALUES (?, ?, ?)", undef,
156	decode_entities($obj->otype_text()),
157	$obj->oinfo(),
158	$obj->oclass());
159
160	my $lid = PMG::Utils::lastid($self->{dbh}, 'objectgroup_id_seq');
161
162	$og = PMG::RuleDB::Group->new();
163	$og->{id} = $lid;
164
165	$obj->{ogroup} = $lid;
166	$obj->save($self, 1);
167
168	$self->{dbh}->commit;
169	};
170	if (my $err = $@) {
171	$self->{dbh}->rollback;
172	croak $err;
173	}
174
175	return $og;
176	}
177
178	sub delete_group {
179	my ($self, $groupid) = @_;
180
181	defined($groupid) \|\| croak "undefined group id: ERROR";
182
183	eval {
184
185	$self->{dbh}->begin_work;
186
187	# test if group is used in rules
188	$self->{dbh}->do("LOCK TABLE RuleGroup IN EXCLUSIVE MODE");
189
190	my $sth = $self->{dbh}->prepare(
191	"SELECT Rule.Name as rulename, ObjectGroup.Name as groupname " .
192	"FROM RuleGroup, Rule, ObjectGroup WHERE " .
193	"ObjectGroup.ID = ? AND Objectgroup_ID = ObjectGroup.ID AND " .
194	"Rule_ID = Rule.ID");
195
196	$sth->execute($groupid);
197
198	if (my $ref = $sth->fetchrow_hashref()) {
199	croak "Group '$ref->{groupname}' is used by rule '$ref->{rulename}' - unable to delete\n";
200	}
201
202	$sth->finish();
203
204	$self->{dbh}->do("DELETE FROM ObjectGroup " .
205	"WHERE ID = ?", undef, $groupid);
206
207	$self->{dbh}->do("DELETE FROM RuleGroup " .
208	"WHERE Objectgroup_ID = ?", undef, $groupid);
209
210	$sth = $self->{dbh}->prepare("SELECT * FROM Object " .
211	"where Objectgroup_ID = ?");
212	$sth->execute($groupid);
213
214	while (my $ref = $sth->fetchrow_hashref()) {
215	$self->{dbh}->do("DELETE FROM Attribut " .
216	"WHERE Object_ID = ?", undef, $ref->{id});
217	}
218
219	$sth->finish();
220
221	$self->{dbh}->do("DELETE FROM Object " .
222	"WHERE Objectgroup_ID = ?", undef, $groupid);
223
224	$self->{dbh}->commit;
225	};
226	if (my $err = $@) {
227	$self->{dbh}->rollback;
228	syslog('err', "$err");
229	return $err;
230	}
231
232	return undef;
233	}
234
235	sub load_objectgroups {
236	my ($self, $class, $id) = @_;
237
238	my $sth;
239
240	defined($class) \|\| croak "undefined object class";
241
242	if (!(defined($id))) {
243	$sth = $self->{dbh}->prepare(
244	"SELECT * FROM Objectgroup where Class = ? ORDER BY name");
245	$sth->execute($class);
246
247	} else {
248	$sth = $self->{dbh}->prepare(
249	"SELECT * FROM Objectgroup where Class like ? and id = ? " .
250	"order by name");
251	$sth->execute($class,$id);
252	}
253
254	my $arr_og = ();
255	while (my $ref = $sth->fetchrow_hashref()) {
256	my $og = PMG::RuleDB::Group->new($ref->{name}, $ref->{info},
257	$ref->{class});
258	$og->{id} = $ref->{id};
259
260	if ($class eq 'action') {
261	my $objects = $self->load_group_objects($og->{id});
262	my $obj = @$objects[0];
263	defined($obj) \|\| croak("undefined action object: ERROR");
264	$og->{action} = $obj;
265	}
266	push @$arr_og, $og;
267	}
268
269	$sth->finish();
270
271	return $arr_og;
272	}
273
274	sub get_object {
275	my ($self, $otype) = @_;
276
277	my $obj;
278
279	# WHO OBJECTS
280	if ($otype == PMG::RuleDB::Domain::otype()) {
281	$obj = PMG::RuleDB::Domain->new();
282	}
283	elsif ($otype == PMG::RuleDB::ReceiverDomain::otype) {
284	$obj = PMG::RuleDB::ReceiverDomain->new();
285	}
286	elsif ($otype == PMG::RuleDB::WhoRegex::otype) {
287	$obj = PMG::RuleDB::WhoRegex->new();
288	}
289	elsif ($otype == PMG::RuleDB::ReceiverRegex::otype) {
290	$obj = PMG::RuleDB::ReceiverRegex->new();
291	}
292	elsif ($otype == PMG::RuleDB::EMail::otype) {
293	$obj = PMG::RuleDB::EMail->new();
294	}
295	elsif ($otype == PMG::RuleDB::Receiver::otype) {
296	$obj = PMG::RuleDB::Receiver->new();
297	}
298	elsif ($otype == PMG::RuleDB::IPAddress::otype) {
299	$obj = PMG::RuleDB::IPAddress->new();
300	}
301	elsif ($otype == PMG::RuleDB::IPNet::otype) {
302	$obj = PMG::RuleDB::IPNet->new();
303	}
304	# fixme
305	# elsif ($otype == Proxmox::RuleDB::LDAP::otype) {
306	# $obj = Proxmox::RuleDB::LDAP->new();
307	# }
308	# elsif ($otype == Proxmox::RuleDB::LDAPUser::otype) {
309	# $obj = Proxmox::RuleDB::LDAPUser->new();
310	# }
311	# WHEN OBJECTS
312	elsif ($otype == PMG::RuleDB::TimeFrame::otype) {
313	$obj = PMG::RuleDB::TimeFrame->new();
314	}
315	# WHAT OBJECTS
316	elsif ($otype == PMG::RuleDB::Spam::otype) {
317	$obj = PMG::RuleDB::Spam->new();
318	}
319	elsif ($otype == PMG::RuleDB::Virus::otype) {
320	$obj = PMG::RuleDB::Virus->new();
321	}
322	elsif ($otype == PMG::RuleDB::MatchField::otype) {
323	$obj = PMG::RuleDB::MatchField->new();
324	}
325	elsif ($otype == PMG::RuleDB::MatchFilename::otype) {
326	$obj = PMG::RuleDB::MatchFilename->new();
327	}
328	elsif ($otype == PMG::RuleDB::ContentTypeFilter::otype) {
329	$obj = PMG::RuleDB::ContentTypeFilter->new();
330	}
c4741113 DM	331	elsif ($otype == PMG::RuleDB::ArchiveFilter::otype) {
	332	$obj = PMG::RuleDB::ArchiveFilter->new();
	333	}
72d8bf49 DM	334	# ACTION OBJECTS
	335	elsif ($otype == PMG::RuleDB::ModField::otype) {
	336	$obj = PMG::RuleDB::ModField->new();
	337	}
	338	elsif ($otype == PMG::RuleDB::Accept::otype()) {
	339	$obj = PMG::RuleDB::Accept->new();
	340	}
	341	elsif ($otype == PMG::RuleDB::ReportSpam::otype()) {
	342	$obj = PMG::RuleDB::ReportSpam->new();
	343	}
	344	elsif ($otype == PMG::RuleDB::Attach::otype) {
	345	$obj = PMG::RuleDB::Attach->new();
	346	}
	347	elsif ($otype == PMG::RuleDB::Disclaimer::otype) {
	348	$obj = PMG::RuleDB::Disclaimer->new();
	349	}
	350	elsif ($otype == PMG::RuleDB::BCC::otype) {
	351	$obj = PMG::RuleDB::BCC->new();
	352	}
	353	elsif ($otype == PMG::RuleDB::Quarantine::otype) {
	354	$obj = PMG::RuleDB::Quarantine->new();
	355	}
	356	elsif ($otype == PMG::RuleDB::Block::otype) {
	357	$obj = PMG::RuleDB::Block->new();
	358	}
	359	elsif ($otype == PMG::RuleDB::Counter::otype) {
	360	$obj = PMG::RuleDB::Counter->new();
	361	}
	362	elsif ($otype == PMG::RuleDB::Remove::otype) {
	363	$obj = PMG::RuleDB::Remove->new();
	364	}
	365	elsif ($otype == PMG::RuleDB::Notify::otype) {
	366	$obj = PMG::RuleDB::Notify->new();
	367	}
	368	else {
	369	croak "proxmox: unknown object type: ERROR";
	370	}
	371
	372	return $obj;
	373	}
	374
	375	sub load_counters_data {
	376	my ($self) = @_;
	377
	378	my $sth = $self->{dbh}->prepare(
	379	"SELECT Object.id, Objectgroup.name, Object.Value, Objectgroup.info " .
	380	"FROM Object, Objectgroup " .
	381	"WHERE objectgroup.id = object.objectgroup_id and ObjectType = ? " .
	382	"order by Objectgroup.name, Value");
	383
	384	my @data;
	385
	386	$sth->execute(PMG::RuleDB::Counter->otype());
	387
	388	while (my $ref = $sth->fetchrow_hashref()) {
	389	my $tmp = [$ref->{id},$ref->{name},$ref->{value},$ref->{info}];
	390	push (@data, $tmp);
	391	}
	392
	393	$sth->finish();
	394
	395	return @data;
	396	}
	397
398	sub load_object {
399	my ($self, $objid) = @_;
400
401	my $value = '';
402
403	defined($objid) \|\| croak "undefined object id";
404
405	my $sth = $self->{dbh}->prepare("SELECT * FROM Object where ID = ?");
406	$sth->execute($objid);
407
408	my $ref = $sth->fetchrow_hashref();
409
410	$sth->finish();
411
412	if (defined($ref->{'value'})) {
413	$value = $ref->{'value'};
414	}
415
416	if (!(defined($ref->{'objecttype'}) &&
417	defined($ref->{'objectgroup_id'}))) {
418	return undef;
419	}
420
421	my $ogroup = $ref->{'objectgroup_id'};
422
423	my $otype = $ref->{'objecttype'};
424	my $obj = $self->get_object($otype);
425
426	$obj->load_attr($self, $objid, $ogroup, $value);
427	}
428
429	sub load_group_by_name {
430	my ($self, $name) = @_;
431
432	my $sth = $self->{dbh}->prepare("SELECT * FROM Objectgroup " .
433	"WHERE name = ?");
434
435	$sth->execute($name);
436
437	while (my $ref = $sth->fetchrow_hashref()) {
438	my $og = PMG::RuleDB::Group->new($ref->{name}, $ref->{info},
439	$ref->{class});
440	$og->{id} = $ref->{id};
441
442	$sth->finish();
443
444	if ($ref->{'class'} eq 'action') {
445	my $objects = $self->load_group_objects($og->{id});
446	my $obj = @$objects[0];
447	defined($obj) \|\| croak("undefined action object: ERROR");
448	$og->{action} = $obj;
449	}
450
451	return $og;
452	}
453
454	$sth->finish();
455
456	return undef;
457	}
458
459	sub greylistexclusion_groupid {
460	my ($self) = @_;
461
462	my $sth = $self->{dbh}->prepare(
463	"select id from objectgroup where class='greylist' limit 1;");
464
465	$sth->execute();
466
467	my $ref = $sth->fetchrow_hashref();
468
469	return $ref->{id};
470	}
471
472	sub load_group_objects {
473	my ($self, $ogid) = @_;
474
475	defined($ogid) \|\| croak "undefined group id: ERROR";
476
477	my $sth = $self->{dbh}->prepare(
478	"SELECT * FROM Object " .
479	"WHERE Objectgroup_ID = ? order by ObjectType,Value");
480
481	my $objects = ();
482
483	$sth->execute($ogid);
484
485	while (my $ref = $sth->fetchrow_hashref()) {
486	my $obj = $self->load_object($ref->{id});
487	push @$objects, $obj;
488	}
489
490	$sth->finish();
491
492	return $objects;
493	}
494
495
496	sub save_object {
497	my ($self, $obj) = @_;
498
499	$obj->save($self);
500
501	return $obj->{id};
502	}
503
504	sub group_add_object {
505	my ($self, $group, $obj) = @_;
506
507	($obj->oclass() eq $group->{class}) \|\|
508	croak "wrong object class: ERROR";
509
510	$obj->{ogroup} = $group->{id};
511
512	$self->save_object($obj);
513	}
514
515	sub delete_object {
516	my ($self, $obj) = @_;
517
518	defined($obj->{id}) \|\| croak "undefined object id";
519
520	eval {
521
522	$self->{dbh}->begin_work;
523
524	$self->{dbh}->do("DELETE FROM Attribut " .
525	"WHERE Object_ID = ?", undef, $obj->{id});
526
527	$self->{dbh}->do("DELETE FROM Object " .
528	"WHERE ID = ?",
529	undef, $obj->{id});
530
531	$self->{dbh}->commit;
532	};
533	if (my $err = $@) {
534	$self->{dbh}->rollback;
535	syslog('err', $err);
536	return undef;
537	}
538
539	$obj->{id} = undef;
540
541	return 1;
542	}
543
544	sub save_rule {
545	my ($self, $rule) = @_;
546
547	defined($rule->{name}) \|\|
548	croak "undefined rule attribute - name: ERROR";
549	defined($rule->{priority}) \|\|
550	croak "undefined rule attribute - priority: ERROR";
551	defined($rule->{active}) \|\|
552	croak "undefined rule attribute - active: ERROR";
553	defined($rule->{direction}) \|\|
554	croak "undefined rule attribute - direction: ERROR";
555
556	if (defined($rule->{id})) {
557
558	$self->{dbh}->do(
559	"UPDATE Rule " .
560	"SET Name = ?, Priority = ?, Active = ?, Direction = ? " .
561	"WHERE ID = ?", undef,
562	$rule->{name}, $rule->{priority}, $rule->{active},
563	$rule->{direction}, $rule->{id});
564
565	return $rule->{id};
566
567	} else {
568	my $sth = $self->{dbh}->prepare(
569	"INSERT INTO Rule (Name, Priority, Active, Direction) " .
570	"VALUES (?, ?, ?, ?);");
571
572	$sth->execute($rule->name, $rule->priority, $rule->active,
573	$rule->direction);
574
575	return $rule->{id} = PMG::Utils::lastid($self->{dbh}, 'rule_id_seq');
576	}
577
578	return undef;
579	}
580
581	sub delete_rule {
582	my ($self, $ruleid) = @_;
583
584	defined($ruleid) \|\| croak "undefined rule id: ERROR";
585
586	eval {
587	$self->{dbh}->begin_work;
588
589	$self->{dbh}->do("DELETE FROM Rule " .
590	"WHERE ID = ?", undef, $ruleid);
591	$self->{dbh}->do("DELETE FROM RuleGroup " .
592	"WHERE Rule_ID = ?", undef, $ruleid);
593
594	$self->{dbh}->commit;
595	};
596	if (my $err = $@) {
597	$self->{dbh}->rollback;
598	syslog('err', $err);
599	return undef;
600	}
601
602	return 1;
603	}
604
605	sub delete_testrules {
606	my ($self) = @_;
607
608	eval {
609	$self->{dbh}->begin_work;
610
611	my $sth = $self->{dbh}->prepare("Select id FROM Rule " .
612	"WHERE name = 'testrule'");
613	$sth->execute();
614
615	while(my $ref = $sth->fetchrow_hashref()) {
616	$self->{dbh}->do("DELETE FROM Rule " .
617	"WHERE ID = ?", undef, $ref->{id});
618	$self->{dbh}->do("DELETE FROM RuleGroup " .
619	"WHERE Rule_ID = ?", undef, $ref->{id});
620	}
621	$sth->finish();
622
623	$self->{dbh}->commit;
624	};
625	if (my $err = $@) {
626	$self->{dbh}->rollback;
627	croak $err;
628	}
629
630	return 1;
631	}
632
633	sub create_group_with_obj {
634	my ($self, $obj, $name, $desc) = @_;
635
636	my $og = PMG::RuleDB::Group->new($name, $desc, $obj->oclass());
637	$self->save_group($og);
638	$self->group_add_object($og, $obj);
639
640	return $og;
641	}
642
643	sub rule_add_group {
644	my ($self, $ruleid, $groupid, $gtype) = @_;
645
646	defined($ruleid) \|\| croak "undefined rule id: ERROR";
647	defined($groupid) \|\| croak "undefined group id: ERROR";
648	defined($gtype) \|\| croak "undefined group type: ERROR";
649
650	$self->{dbh}->do("INSERT INTO RuleGroup " .
651	"(Objectgroup_ID, Rule_ID, Grouptype) " .
652	"VALUES (?, ?, ?)", undef,
653	$groupid, $ruleid, $gtype);
654	return 1;
655	}
656
657	sub rule_add_from_group {
658	my ($self, $rule, $group) = @_;
659
660	$self->rule_add_group($rule->{id}, $group->{id}, 0);
661	}
662
663	sub rule_add_to_group {
664	my ($self, $rule, $group) = @_;
665
666	$self->rule_add_group($rule->{id}, $group->{id}, 1);
667	}
668
669	sub rule_add_when_group {
670	my ($self, $rule, $group) = @_;
671
672	$self->rule_add_group($rule->{id}, $group->{id}, 2);
673	}
674
675	sub rule_add_what_group {
676	my ($self, $rule, $group) = @_;
677
678	$self->rule_add_group($rule->{id}, $group->{id}, 3);
679	}
680
681	sub rule_add_action {
682	my ($self, $rule, $group) = @_;
683
684	$self->rule_add_group($rule->{id}, $group->{id}, 4);
685	}
686
687	sub rule_remove_group {
688	my ($self, $ruleid, $groupid, $gtype) = @_;
689
690	defined($ruleid) \|\| croak "undefined rule id: ERROR";
691	defined($groupid) \|\| croak "undefined group id: ERROR";
692	defined($gtype) \|\| croak "undefined group type: ERROR";
693
694	$self->{dbh}->do("DELETE FROM RuleGroup WHERE " .
695	"Objectgroup_ID = ? and Rule_ID = ? and Grouptype = ?",
696	undef, $groupid, $ruleid, $gtype);
697	return 1;
698	}
699
700	sub load_rule {
701	my ($self, $id) = @_;
702
703	defined($id) \|\| croak "undefined id: ERROR";
704
705	my $sth = $self->{dbh}->prepare(
706	"SELECT * FROM Rule where id = ? ORDER BY Priority DESC");
707
708	my $rules = ();
709
710	$sth->execute($id);
711
712	my $ref = $sth->fetchrow_hashref();
713
714	my $rule = PMG::RuleDB::Rule->new($ref->{name}, $ref->{priority},
715	$ref->{active}, $ref->{direction});
716	$rule->{id} = $ref->{id};
717
718	return $rule;
719	}
720
721	sub load_rules {
722	my ($self) = @_;
723
724	my $sth = $self->{dbh}->prepare(
725	"SELECT * FROM Rule ORDER BY Priority DESC");
726
727	my $rules = ();
728
729	$sth->execute();
730
731	while (my $ref = $sth->fetchrow_hashref()) {
732	my $rule = PMG::RuleDB::Rule->new($ref->{name}, $ref->{priority},
733	$ref->{active}, $ref->{direction});
734	$rule->{id} = $ref->{id};
735	push @$rules, $rule;
736	}
737
738	$sth->finish();
739
740	return $rules;
741	}
742
743
744
745	1;
746
747	__END__
748
749	=head1 PMG::RuleDB
750
751	The RuleDB Object manages the database connection and provides an interface to manipulate the database without SQL. A typical application first create a RuleDB object:
752
753	use PMG::RuleDB;
754
755	$ruledb = PMG::RuleDB->new();
756
757	=head2 Database Overview
758
759	=head3 Rules
760
761	Rules contains sets of Groups, grouped by classes (FROM, TO, WHEN, WHAT and ACTION). Each rule has an associated priority and and active/inactive marker.
762
763	=head3 Groups
764
765	A Group is a set of Objects.
766
767	=head3 Objects
768
769	Objects contains the filter data.
770
771	=head3 Rule Semantics
772
773	The classes have 'and' semantics. A rule matches if the checks in FROM, TO, WHEN and WHAT classes returns TRUE.
774
775	Within a class the objects are or'ed together.
776
777	=head2 Managing Rules
778
779	=head3 $ruledb->load_rules()
780
781	Returns an array of Rules containing all rules in the database.
782
783	=head3 $ruledb->save_rule ($rule)
784
785	One can use the following code to add a new rule to the database:
786
787	my $rule = PMG::RuleDB::Rule->new ($name, $priority, $active);
788	$ruledb->save_rule ($rule);
789
790	You can also use save_rule() to commit changes back to the database.
791
792	=head3 $ruledb->delete_rule ($ruleid)
793
794	Removes the rule from the database.
795
796	=head3 $ruledb->rule_add_group ($rule, $og, $gtype)
797
798	Add an object group to the rule.
799
800	Possible values for $gtype are:
801
802	0 = FROM, 1 = TO, 2 = WHEN, 3 = WHAT, 4 = ACTION
803
804	=head3 $ruledb->rule_remove_group ($rule, $og, $gtype)
805
806	Removes an object group from the rule.
807
808	=head2 Managing Objects and Groups
809
810	=head3 $ruledb->load_groups ($rule)
811
812	Return all object groups belonging to a rule. Data is divided into separate arrays:
813
814	my ($from, $to, $when, $what, $action) =
815	$ruledb->load_groups($rule);
816
817	=head3 $ruledb->save_group ($og)
818
819	This can be used to add or modify an Group. This code segemnt creates
820	a new object group:
821
822	$og = PMG::RuleDB::Group->new ($name, $desc);
823	$ruledb->save_group ($og);
824
825
826	=head3 $ruledb->delete_group ($groupid)
827
828	Deletes the object group, all reference to the group and all objects
829	belonging to this group from the Database.
830
831	=head3 $ruledb->group_add_object ($og, $obj)
832
833	Attach an object to an object group.
834
835	=head3 $ruledb->save_object ($obj)
836
837	Save or update an object. This can be used to add new objects
838	to the database (although group_add_object() is the prefered way):
839
840	$obj = PMG::RuleDB::EMail->new ('.*@mydomain.com');
841	# we need to set the object group manually
842	$obj->ogroup ($group->id);
843	$ruledb->save_object ($obj);
844
845
846	=head3 $ruledb->delete_object ($obj)
847
848	Deletes the object, all references to the object and all object
849	attributes from the database.