[dss-developer] Scenes 11 & 12 (decrement-increment)

Andreas Dröscher dss at anticat.ch
Sat Feb 20 16:50:14 CET 2016


Hi Jean-Marc

Disclaimer: I'm using a brutal hack. It weakens the security of the system.
Hence you should only use it if you understand the implications of enabling
unauthenticated access from localhost to your dss.

I ran into the same issue two years ago. Since then I keep patch the lighthttpd
server to accept json recquest from localhost without authentication. This
enables the stock Scene Responder to fire JSON request. That in turn grants me
full access to the systems capabilities.

e.g.:
http://localhost:80/json/device/callScene?sceneNumber=11&groupID=2&dsid=350....

See attached diff as reference.

Best Wishes
Andreas


Am 20.02.16 um 15:00 schrieb Jean-Marc Trinon:
> I have been looking deeper in the implementation of the User defined Actions
> add-on to try to understand why scenes 11 and 12 were never presented in the UI.
> 
> If I understand correctly (not 100% sure),  the list of scenes to present in the
> UI comes from the getScenes function implemented in the dss-datamodel.js file.
> 
> The definition of the function starts like this:
> 
> dss.staticDataModel.getScenes = function(zoneId, groupId) {
> if (dss.staticDataModel.nameCache == null)
> dss.staticDataModel.initCaches();
> var oDeviceArray = dss.staticDataModel.getDevicesForZone(zoneId, groupId);
> 
>     var oRetArray = [];
>     var sceneArray = [ 0, 5, 17, 18, 19, 1, 6, 2, 7, 3, 8, 4, 9, 32, 33, 20, 21,
> 22, 34, 35, 23, 24, 25, 36, 37, 26, 27, 28, 38, 39, 29, 30, 31, 67,
>             64, 68, 69, 70, 72, 71, 73, 65, 76, 74, 83, 84, 85, 88, 89];
>     if (groupId==1)
>     sceneArray = [ 0, 40, 5, 17, 18, 19, 1, 6, 2, 7, 3, 8, 4, 9, 32, 33, 20, 21,
> 22, 34, 35, 23, 24, 25, 36, 37, 26, 27, 28, 38, 39, 29, 30, 31, 67,
>                                   64, 68, 69, 70, 72, 71, 73, 65, 76, 74, 83,
> 84, 85, 88, 89];
>     if (zoneId==0)
>     if (groupId==0) {
>     sceneArray.push(90);
>     sceneArray.push(91);
>     }
>     if (groupId == 2)
>     {
>         sceneArray.splice(5,0,56);
>         sceneArray.splice(34,0,15);
>     }
> ...
> 
> 
> The scenes 11 and 12 are never listed in the sceneArray. So even if they are
> actually defined in the system, they never get presented as an option for the
> actions.
> 
> I understand I can probably code myself a dss-addon to enable triggers to call
> those scenes. But it seems like an overkill and I think it would be better for
> user experience if those scenes were presented as options for user defined
> actions and event responders.
> 
> 
> jmt
> 
> 
> 
> _______________________________________________
> dss-developer mailing list
> dss-developer at forum.digitalstrom.org
> http://forum.digitalstrom.org/cgi-bin/mailman/listinfo/dss-developer
> 


-------------- next part --------------
--- lighttpd.conf.orig	2013-11-09 22:11:18.427104665 +0100
+++ lighttpd.conf	2013-11-09 22:36:09.763698706 +0100
@@ -20,7 +20,7 @@
 #                               "mod_trigger_b4_dl",
                                "mod_auth",
 #                               "mod_status",
-#                               "mod_setenv",
+                               "mod_setenv",
 #                               "mod_fastcgi",
                                "mod_proxy",
 #                               "mod_simple_vhost",
@@ -218,10 +218,23 @@
 
 #### proxy module
 ## read proxy.txt for more info
-$HTTP["url"] =~ "^/(json|dss|download|icons)/(.+)" {
+$HTTP["url"] =~ "^/(dss|download|icons)/(.+)" {
     proxy.server  = ( "" => ( ( "host" => "127.0.0.1", "port" => 8088 ) ) )
 }
 
+$HTTP["url"] =~ "^/(json)/(.+)" {
+  $HTTP["remoteip"] != "127.0.0.1" {
+    proxy.server  = ( "" => ( ( "host" => "127.0.0.1", "port" => 8088 ) ) )
+  }
+}
+
+$HTTP["url"] =~ "^/(json)/(.+)" {
+  $HTTP["remoteip"] == "127.0.0.1" {
+    setenv.add-request-header = ( "Authorization" => "Digest username=\"dssadmin\"" )
+    proxy.server  = ( "" => ( ( "host" => "127.0.0.1", "port" => 8088 ) ) )
+  }
+}
+
 $HTTP["url"] =~ "^/(dsa)/(.+)" {
     proxy.server  = ( "" => ( ( "host" => "127.0.0.1", "port" => 8087 ) ) )
 }
@@ -270,13 +283,15 @@
 #auth.backend.ldap.filter   = "(uid=$)"
 
 $HTTP["url"] !~ "^/local-feed/" {
-  auth.require               = ( "/" =>
-                                 (
-                                   "method"  => "digest",
-                                   "realm"   => "dSS11",
-                                   "require" => "user=dssadmin"
+  $HTTP["remoteip"] != "127.0.0.1" { 
+    auth.require               = ( "/" =>
+                                   (
+                                     "method"  => "digest",
+                                     "realm"   => "dSS11",
+                                     "require" => "user=dssadmin"
+                                   )
                                  )
-                               )
+  }
 }
 
 #### url handling modules (rewrite, redirect, access)


More information about the dss-developer mailing list