[Iscs-developers] ISCS/devel-docs/Functions/AccessGroupFunctions AccessGroupFunctions.html,1.67,1.68
Status: Beta
Brought to you by:
jsulliva
Menu
▾
▴
[Iscs-developers] ISCS/devel-docs/Functions/AccessGroupFunctions AccessGroupFunctions.html,1.67,1.68
|
From: <jsu...@us...> - 2003-11-25 06:28:38
|
Update of /cvsroot/iscs/ISCS/devel-docs/Functions/AccessGroupFunctions
In directory sc8-pr-cvs1:/tmp/cvs-serv11066/devel-docs/Functions/AccessGroupFunctions
Modified Files:
AccessGroupFunctions.html
Log Message:
Began edit Access Group functions and documentation
Index: AccessGroupFunctions.html
===================================================================
RCS file: /cvsroot/iscs/ISCS/devel-docs/Functions/AccessGroupFunctions/AccessGroupFunctions.html,v
retrieving revision 1.67
retrieving revision 1.68
diff -C2 -d -r1.67 -r1.68
*** AccessGroupFunctions.html 21 Nov 2003 06:57:59 -0000 1.67
--- AccessGroupFunctions.html 25 Nov 2003 05:12:06 -0000 1.68
***************
*** 8,12 ****
<META NAME="CREATED" CONTENT="20021206;19021600">
<META NAME="CHANGEDBY" CONTENT="John Sullivan">
! <META NAME="CHANGED" CONTENT="20031120;15401900">
<META NAME="DESCRIPTION" CONTENT="Development document outlining functions pertaining to ISCS Access Groups">
<STYLE>
--- 8,12 ----
<META NAME="CREATED" CONTENT="20021206;19021600">
<META NAME="CHANGEDBY" CONTENT="John Sullivan">
! <META NAME="CHANGED" CONTENT="20031124;22353400">
<META NAME="DESCRIPTION" CONTENT="Development document outlining functions pertaining to ISCS Access Groups">
<STYLE>
***************
*** 2699,2716 ****
<P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">set
so->DNListRebuild = true;</P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">if
there were changes, record the new row otherwise delete the current
Row from Rows (since there were no changes)</P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none"> if
(Changed) { // i.e., there were changes to the current edit item</P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none"> NewRows
<< NewDN + ";" + NewCA;</P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none"> }</P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none"> else
{</P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none"> Rows.remove(Row);</P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none"> }</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
--- 2699,2716 ----
<P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">set
so->DNListRebuild = true;</P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">if
there were changes, record the new row otherwise delete the current
Row from Rows (since there were no changes)</P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">if
(Changed) { // i.e., there were changes to the current edit item</P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">NewRows
<< NewDN + ";" + NewCA;</P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">}</P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">else
{</P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">Rows.remove(Row);</P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">}</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
***************
*** 2786,3408 ****
<P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">LVI =
0;</P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in">Everything below this point
! is from the Kylix implementation and is obsolete.</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
! <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT FACE="Charter"><FONT SIZE=3><U>Change
! Accessors: FUNCTIONS NEED TO BE MOVED TO FORM - LEFT OFF
! HERE!!!!!!!!!!!!!!!!</U></FONT></FONT></P>
! <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>Existing Accessors can be selected
! by clicking, shift clicking, control clicking or shift arrow.
! Multiselect is enabled. The edit function is initiated by clicking on
! menu/Accessor/Edit Accessor or the Edit Accessor tool bar button or
! right clicking and choosing Edit Accessor from the pop up menu or
! pressing the Enter key or double-clicking an Accessor.</FONT></FONT></P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
! <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>The Edit function can also be
! invoked from the Access Group TTreeView by selecting the Accessor and
! choosing Edit Accessor from the menu, tool bar or pop-up menu (right
! click) or by pressing enter on a selected Accessor or double-clicking
! it. If we edit from the TrreeView, then we will probably need to set
! the active Accessor tab to whichever type of Accessor we choose since
! some of the logic looks at which tab is active to determine which
! routines to run.</FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
- <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
- <FONT FACE="Charter"><FONT SIZE=3>REMEMBER TO TAKE INTO ACCOUNT BEST
- MATCH - NOT YET DONE!!!!!</FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
! <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>We must change the Accessor table
! and the TListView. If the Accessor is a member of an Access Group,
! then we must also change the TTreeView, the AccessGroup table, and
! the iptables rules on the affected PEPs.</FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
! <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>bool success = true, error = false,
! GroupMember = false ; // Used to handle program control</FONT></FONT></P>
! <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>WideString oldKeyString,
! newKeyString; // Holds the pre-edited and post-edited value of the
! unique identifier for an Accessor</FONT></FONT></P>
! <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>int MResult = mrNone; // used to
! preserve ModalResult values for later use - typically flow control
! outside of the loop where the ModalResult was generated</FONT></FONT></P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in"><SPAN STYLE="text-decoration: none"><SPAN LANG="en-US"><A HREF="../UtilityFunctions/UtilityFunctions.html#ClearHoldTTNodesLists" TARGET="_blank">clearHoldTTNodesLists</A><A HREF="../UtilityFunctions/UtilityFunctions.html#ClearPEPStrings" TARGET="_blank">();</A></SPAN></SPAN></P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in"><SPAN STYLE="text-decoration: none"><SPAN LANG="en-US"><A HREF="../UtilityFunctions/UtilityFunctions.html#ClearPtrlists" TARGET="_blank">clearPtrLists</A>();
! // Prepare the shared objects for this action</SPAN></SPAN></P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in"><SPAN STYLE="text-decoration: none"><SPAN LANG="en-US">We
! set <A HREF="../../SPMNVObjects.html#DML SavePoints" TARGET="_blank">SavePoint</A>
! for the SecurityPolicies, AccessGroups, Accessors_Subnets, and the
! appropriate Accessors tables. This can be done in the same switch
! statement as the Open Database check. In that same switch statement
! we can execute other Accessor dependent actions. Use <A HREF="../UtilityFunctions/UtilityFunctions.html#setCDSSavePoints" TARGET="_blank">setCDSSavePoint</A>.
! This section of code is as follows:</SPAN></SPAN></P>
! <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! DML->PtrList1->Add(DML->SecurityPoliciesCDS);</P>
! <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! DML->PtrList2->Add(&(DML->SecurityPoliciesSavePoint));</P>
! <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! DML->PtrList3->Add(&(DML->SecurityPoliciesSavePointRetry));</P>
! <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! DML->PtrList1->Add(DML->AccessGroupsCDS);</P>
! <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! DML->PtrList2->Add(&(DML->AccessGroupsSavePoint));</P>
! <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! DML->PtrList3->Add(&(DML->AccessGroupsSavePointRetry));</P>
! <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! switch (Accessor tab PageIndex) {</P>
! <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! case X.509 Accessor :</P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in"><SPAN STYLE="text-decoration: none"><SPAN LANG="en-US"><A HREF="../../SPMNVObjects.html#DNListRebuildStart" TARGET="_blank">DML->DNListRebuildStart</A>
! = <SPAN STYLE="text-decoration: none"><SPAN LANG="en-US">DML-></SPAN></SPAN>DNListRebuild;
! // Save the <A HREF="../../SPMNVObjects.html#DNListRebuild" TARGET="_blank">DNListRebuild</A>
! flag state. We may not have to do this if the Accessor is not a
! member of an Access Group but it is faster to do it anyway than
! implement the logic to check for Access Group membership. </SPAN></SPAN>
! </P>
! <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! DML->PtrList1->Add(DML->Accessors_X509CDS);</P>
! <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! DML->PtrList2->Add(&(DML->Accessors_X509SavePoint));</P>
! <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>DML->PtrList3->Add(&(DML->Accessors_X509SavePointRetry));</FONT></FONT></P>
! <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>break;</FONT></FONT></P>
! <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! case IP Accessor :</P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in"><SPAN STYLE="text-decoration: none"><SPAN LANG="en-US"><A HREF="../UtilityFunctions/UtilityFunctions.html#ClearPEPStrings" TARGET="_blank">clearPEPStrings</A>();
! //We clear <A HREF="../../SPMNVObjects.html#PEPChangeCount" TARGET="_blank">PEPChangeCount,</A>
! <A HREF="../../SPMNVObjects.html#PEPChangeCountRetry" TARGET="_blank">PEPChangeCountRetry</A>,<A HREF="../../SPMNVObjects.html#PEPChangeCountCancel" TARGET="_blank">PEPChangeCountCancel</A>
! We may not have to do this if the Accessor is not a member of an
! Access Group but it is faster to do it anyway than implement the
! logic to check for Access Group membership. </SPAN></SPAN>
! </P>
! <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! DML->PtrList1->Add(DML->Acc_IPCDS);</P>
! <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! DML->PtrList2->Add(&(DML->Acc_IPSavePoint));</P>
! <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>DML->PtrList3->Add(&(DML->Acc_IPSavePointRetry));</FONT></FONT></P>
! <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! DML->PtrList1->Add(DML->Acc_SubnetsCDS);</P>
! <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>DML->PtrList3->Add(&(DML->Acc_SubnetsSavePointRetry));</FONT></FONT></P>
! <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! DML->PtrList2->Add(&(DML->Acc_SubnetsSavePoint));</P>
! <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>break;</FONT></FONT></P>
! <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! }</P>
! <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! setCDSSavePoints(DML->PtrList1, DML->PtrList2);</P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in"><SPAN STYLE="text-decoration: none"><SPAN LANG="en-US">It
! appears that the TListView->Selected routine in Kylix is buggy so
! we cannot merely cycle through the selected items. We set a savepoint
! for the affected tables before starting the edit. If any one edit
! fails, we backout all the changes. First we make sure that something
! is selected. If SelCount (number of items selected) == 1, then we can
! just use ItemFocused() and set <A HREF="../../SPMNVObjects.html#MultiSelect" TARGET="_blank">MultiSelect</A>
! = false. If not, we will need to set MultiSelect =true and cycle
! through the entire ListView and check the Selected status of each
! item. If it is selected, we:</SPAN></SPAN></P>
! <OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>oldKeyString = The value of the
! original KeyString</FONT></FONT></P>
! <LI><P ALIGN=LEFT STYLE="margin-bottom: 0in"><SPAN STYLE="text-decoration: none"><SPAN LANG="en-US">DML->setCDSSavePoints(DML->PtrList1,
! DML->PtrList3); // Set <A HREF="../../SPMNVObjects.html#DML SavePointRetry" TARGET="_blank">SavePointRetry</A>
! for SecurityPolicies, AccessGroups and the appropriate Accessor
! ClientDataSet.</SPAN></SPAN></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! DML->HoldTTNodesRevert->Assign(DML->HoldTTNodes); // take a
! snapshot of HoldTTNodes in case we have to back out the changes</P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! do { // we need a do/while loop in case we have to process the same
! Accessor after a failure - we won't want to hit the next Accessor in
! line to be processed in that case but rather return to the beginning
! of the processing of the same Accessor.</P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! success = true; // set the condition for breaking the loop as we
! enter it</P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! error = false; // in case we return here after an exception</P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! switch (AccessGroupsPageControl->ActivePageIndex) // Set other
! Accessor dependent parameters in a switch statement based upon tab:</P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! case IP Accessor :</P>
! </OL>
! <OL>
! <OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>DML->PEPChangeCountRetry->Clear();
! // <FONT COLOR="#000000">Prepare to capture any changes for just
! this change.</FONT></FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>DML->PEPChangeCountCancel->Assign(PEPChangeCount);
! // Capture the current state of PEPChangeCount in case we have to
! retry.</FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>Set the appropriate fields for
! the IP Accessors edit dialog box</FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>MResult = Show the IP Accessor
! edit dialog box with ShowModal().</FONT></FONT></P>
! </OL>
! </OL>
! <OL START=5>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>case X.509 Accessor :</FONT></FONT></P>
! <OL>
! <LI><P ALIGN=LEFT STYLE="margin-bottom: 0in"><SPAN STYLE="text-decoration: none"><SPAN LANG="en-US"><A HREF="../../SPMNVObjects.html#DNListRebuildMiddle" TARGET="_blank">DML->DNListRebuildMiddle</A>
! = <SPAN STYLE="text-decoration: none"><SPAN LANG="en-US">DML-></SPAN></SPAN>DNListRebuild;
! // save the state of DNListRebuild before starting this sequence</SPAN></SPAN></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>Set the appropriate fields for
! the X.509 Accessors edit dialog box</FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>MResult = Show the X.509 Accessor
! edit dialog box with ShowModal().</FONT></FONT></P>
! </OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in"><FONT FACE="Charter"><FONT SIZE=3><SPAN STYLE="text-decoration: none">The
! Accessor edit dialog box is just like the create dialog box except
! that the fields are filled in and there are buttons to Cancel </SPAN><U>A</U><SPAN STYLE="text-decoration: none">ll
! and Cancel <U>P</U><SPAN STYLE="text-decoration: none">ending</SPAN>.
! Cancel </SPAN><U>A</U><SPAN STYLE="text-decoration: none">ll will
! return a ModalResult of mrAbort. If this is returned, we cease
! processing any changes and back out the ones we have made by
! deleting <SPAN STYLE="text-decoration: none">the HoldTTNodes
! TStringList and nulling the pointer</SPAN>. Cancel <U>P</U><SPAN STYLE="text-decoration: none">ending
! will return a ModalResult of mrNo and cease processing any changes
! but will preserve the ones already made by deleting the last string
! added to HoldTTNodes and breaking the loop to check for selected
! Accessors. Cancel All and Cancel Pending should only appear if
! MultiSelect == true. OK is still default and Cancel escape</SPAN></SPAN></FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>We collect the new information
! just as in the Add process. We need to make sure that if one of the
! subnet mask parameters is changed in a subnet, that we change the
! other parameter even if we do not ever exit the subnet field. That
! is, if this is a subnet with an existing subnet mask and we change
! the subnet mask length field and press enter, the subnet mask field
! will still contain the old subnet mask; we must make sure it
! updates. It normally updates when the user leaves the subnet mask
! length field but, if the user just presses enter, that will not
! happen.</FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>if(MResult == mrOk) { // If the
! user presses OK, we do the following:</FONT></FONT></P>
! <OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>Once we have validated the input
! the same way we do when we add an Accessor, we do the following:</FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>try { // open a try block in case
! there is an exception during db updates or TStringList additions</FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>switch
! (AccessGroupsPageControl->ActivePageIndex) { // i.e., choose
! based upon what type of Accessor this is</FONT></FONT></P>
! <OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>case IP Accessor :</FONT></FONT></P>
! <OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>newKeyString = the new
! KeyString value pulled from the IPAccessorForm</FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>Find the Accessor in the
! Accessor table</FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>If the comment field is
! different, update the Accessor table</FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>If oldKeyString does not equal
! the new KeyString, we do the following:</FONT></FONT></P>
! <OL>
! <LI><P ALIGN=LEFT STYLE="margin-bottom: 0in"><SPAN STYLE="text-decoration: none"><SPAN LANG="en-US">GroupMember
! = <A HREF="#memberAccessGroup">memberAccessGroup</A>(oldKeyString);
! // determine and remember if this Accessor is a member of an
! Access Group.</SPAN></SPAN></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>Determine the subnets for the
! new range and put them in a TStringList</FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>Cycle through all the subnets
! in Accessors_Subnets for this Range</FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>For each one search the subnet
! TStringList for a match. The idea is that, if the existing
! subnets in the database match the new subnets, there is no need
! for a change (this would happen in the case where one changes
! the bounds of a range that produces multiple subnets) but if the
! existing subnet is not found in the new list of subnets, it
! needs to be deleted.</FONT></FONT></P>
! <OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>If there is a match, update
! the range field in the Accessors_Subnets table and set the
! subnet string from the subnet TStringList to "" (we
! can't delete it or it will throw off the index and we will
! actually skip the string below it since, if we delete the
! current string, the next string assumes its index number -
! since we are in a for loop and looping by index number, we will
! not evaluate the string which now has the index number of the
! string just deleted)</FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>If there is not a match,</FONT></FONT></P>
! <OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>if (GroupMember) { // i.e.,
! this Accessor is a member of an Access Group</FONT></FONT></P>
! <OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>Create a PEPChange string
! to delete the VPN_ALLOW rule for that subnet - REMEMBER TO
! ALTER BOTH PEPChangeCount and PEPChangeCountRetry</FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>Cycle through the filtered
! AccessGroups table to (remember to start at First()):</FONT></FONT></P>
! <OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>Delete any ACCESS_GROUPS
! PEP iptables entries for the subnet</FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>If there are any DENY
! policies, delete any ACCESS_GROUPS_DENY iptables PEP rules
! for the subnet</FONT></FONT></P>
! </OL>
! </OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>Delete the subnet from the
! Accessors_Subnets table</FONT></FONT></P>
! </OL>
! </OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>Cycle through the subnets
! TStringList. The idea is that, if there are subnets in the
! TStringList that are not in the database, they need to be added.</FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>if the string is not ""
! then</FONT></FONT></P>
! <OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>Add the Range and Subnet to
! the Accessors_Subnets table</FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>if (GroupMember) { // i.e.,
! this Accessor is a member of an Access Group</FONT></FONT></P>
! <OL>
! <OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>Create a PEPChange string
! to add the VPN_ALLOW rule for that subnet - REMEMBER TO ALTER
! BOTH PEPChangeCount and PEPChangeCountRetry</FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>Cycle through the filtered
! AccessGroups table to (remember to start at First()):</FONT></FONT></P>
! <OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>Add any ACCESS_GROUPS PEP
! iptables entries for the subnet (-A for hosts, -I for
! subnets)</FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>If there are any DENY
! policies, add any ACCESS_GROUPS_DENY iptables PEP rules for
! the subnet (-A for hosts, -I for subnets)</FONT></FONT></P>
! </OL>
! </OL>
! </OL>
! </OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>update the Accessor_IP table
! with the new Range</FONT></FONT></P>
! </OL>
! </OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>case X.509 Accessor :</FONT></FONT></P>
! <OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>newKeyString = the new
! KeyString value pulled from the X509AccessorForm</FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>Find the Accessor in the
! Accessor table</FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>If the comment field is
! different, update the Accessor table</FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>If oldKeyString does not equal
! the new KeyString, we do the following:</FONT></FONT></P>
! <OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>GroupMember =
! memberAccessGroup(oldKeyString); // determine and remember if
! this Accessor is a member of an Access Group.</FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>if (GroupMember) {</FONT></FONT></P>
! <OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>DNListRebuild = true; // flag
! the DNList to be rebuilt</FONT></FONT></P>
! </OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>}</FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>update the KeyString in the
! Accessors_X509 table</FONT></FONT></P>
! </OL>
! </OL>
! </OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>if (GroupMember) { // update
! AccessGroupsCDS</FONT></FONT></P>
! <OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>DML->AGCDS->First(); //
! We're already filtered for this Accessor</FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>while (! DML->AGCDS->Eof)
! { // Loop through them all to change the KeyString</FONT></FONT></P>
! <OL>
! <LI><P ALIGN=LEFT STYLE="margin-bottom: 0in"><SPAN STYLE="text-decoration: none"><SPAN LANG="en-US">DML->TNode
! = TTreeNode->Items->getFirstNode(); // set TNode before
! calling <A HREF="../UtilityFunctions/UtilityFunctions.html#findTNode" TARGET="_blank">findTNode</A></SPAN></SPAN></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>DML->TNFQN =
! AGCDS->FieldByName("AccessGroup")->AsString; //
! find the AccessGroup associated with this Accessor.</FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>findTNode(oldKeyString); //
! find the TTreeNode and make it the object in HoldTTNodes along
! with newKeyString</FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>HoldTTNodes->AddObject(AnsiString(newKeyString),
! TNode);</FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>DML->AGCDS->FieldByName("KeyString")->AsString
! = AnsiString(newKeyString);</FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>DML->AGCDS->Next();</FONT></FONT></P>
! </OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>}</FONT></FONT></P>
! </OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>DML->AGCDS->Filtered =
! false;</FONT></FONT></P>
! <LI><P ALIGN=LEFT STYLE="margin-bottom: 0in"><SPAN STYLE="text-decoration: none"><SPAN LANG="en-US"><A HREF="../UtilityFunctions/UtilityFunctions.html#postAllCDS" TARGET="_blank">postAllCDS</A>(DML->PtrList1);
! // post all ClientDataSets just in case we have a dangling,
! unposted record</SPAN></SPAN></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>} // end the try block</FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>catch(EOutOfMemory &EOM) {</FONT></FONT></P>
! <OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>ShowMessage("Update failed
! - Low on memory. Please try closing some applications before
! retrying");</FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>error = true;</FONT></FONT></P>
! </OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>}</FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>catch(EOutOfResources &EOR) {</FONT></FONT></P>
! <OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>ShowMessage("Update failed
! - Low on resources. Please try closing some applications before
! retrying");</FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>error = true;</FONT></FONT></P>
! </OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>}</FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>catch(EDBClient &EDBC) {</FONT></FONT></P>
! <OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>ShowMessage("Update failed
! - database error." + WideString(DML->NEWLINE + "Error
! Message: " + EDBC.Message + DML->NEWLINE + "Error
! Code: " + AnsiString(EDBC.ErrorCode)));</FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>error = true;</FONT></FONT></P>
! </OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>}</FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>if (error) {</FONT></FONT></P>
! </OL>
! </OL>
! <OL>
! <OL>
! <OL>
! <LI><P STYLE="margin-bottom: 0in">success == false; // signal the
! do/while loop to repeat.</P>
! <LI><P STYLE="margin-bottom: 0in">revertCDSSavePoints(DML->PtrList1,
! DML->PtrList3); roll the used ClientDataSets back to
! SavePointRetry</P>
! <LI><P LANG="en-US" STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>switch
! (AccessGroupsPageControl->ActivePageIndex) {</FONT></FONT></P>
! <LI><P STYLE="margin-bottom: 0in">case IP Accessor :</P>
! <OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>retryIPAccessor(); // reset the
! PEPChange Lists to where they were before we started this change</FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>break;</FONT></FONT></P>
! </OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>case X.509 Accessor :</FONT></FONT></P>
! <OL>
! <LI><P ALIGN=LEFT STYLE="margin-bottom: 0in"><SPAN STYLE="text-decoration: none"><SPAN LANG="en-US"><A HREF="../../SPMNVObjects.html#DNListRebuild" TARGET="_blank">DML->DNListRebuild</A>
! = DML-><A HREF="../../SPMNVObjects.html#DNListRebuildMiddle" TARGET="_blank">DNListRebuildMiddle</A>;
! // Revert DNListRebuild to its state before the failed update.</SPAN></SPAN></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! break;</P>
! </OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! }</P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>DML->HoldTTNodes->Assign(DML->HoldTTNodesRevert);
! // Revert HoldTTNodes to the state it was before starting this
! failed change</FONT></FONT></P>
! </OL>
! </OL>
! </OL>
! <OL START=5>
! <OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>}</FONT></FONT></P>
! </OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>} // end of mrOk if statement</FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>Clear the Accessor Form fields</FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>} while (!success); // end of
! do/while loop - we should only loop if we have to retry the same
! Accessor because of a failure</FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>if(MResult == mrAbort) { // user
! pressed CancelAll</FONT></FONT></P>
! <OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>revertCDSSavePoints(DML->PtrList1,
! DML->PtrList2); roll the used ClientDataSets back to SavePoint</FONT></FONT></P>
! </OL>
! </OL>
! <OL>
! <OL>
! <LI><P LANG="en-US" STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>switch
! (AccessGroupsPageControl->ActivePageIndex) {</FONT></FONT></P>
! <LI><P LANG="en-US" STYLE="margin-bottom: 0in; text-decoration: none">
! case IP Accessor :</P>
! <OL>
! <LI><P STYLE="margin-bottom: 0in"><SPAN STYLE="text-decoration: none"><SPAN LANG="en-US"><A HREF="../UtilityFunctions/UtilityFunctions.html#UndoPEPChanges" TARGET="_blank">undoPEPChanges</A>(<SPAN STYLE="text-decoration: none"><SPAN LANG="en-US">DML-></SPAN></SPAN>PEPChangeCount);
! // back out any PEP changes</SPAN></SPAN></P>
! <LI><P LANG="en-US" STYLE="margin-bottom: 0in; text-decoration: none">
! break;</P>
! </OL>
! <LI><P LANG="en-US" STYLE="margin-bottom: 0in; text-decoration: none">
! case X.509 Accessor:</P>
! <OL>
! <LI><P STYLE="margin-bottom: 0in"><SPAN STYLE="text-decoration: none"><SPAN LANG="en-US">DML->DNListRebuild
! = <SPAN STYLE="text-decoration: none"><SPAN LANG="en-US">DML-></SPAN></SPAN><A HREF="../../SPMNVObjects.html#DNListRebuildStart" TARGET="_blank">DNListRebuildStart</A>;
! // Revert DNListRebuild to its state before starting the entire
! series of updates</SPAN></SPAN></P>
! <LI><P LANG="en-US" STYLE="margin-bottom: 0in; text-decoration: none">
! break;</P>
! </OL>
! <LI><P LANG="en-US" STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>DML->HoldTTNodes->Clear();
! // back out any TTreeNodes schedules for change</FONT></FONT></P>
! <LI><P LANG="en-US" STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>break;<FONT COLOR="#000000"> //
! Leave the loop that is cycling through each of the selected
! Accessors</FONT></FONT></FONT></P>
! </OL>
! </OL>
! <OL START=5>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>}</FONT></FONT></P>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>if(MResult == mrNo) { // user
! pressed CancelPending</FONT></FONT></P>
! <OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>break; // don't process any more
! selected Accessors;</FONT></FONT></P>
! </OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>}</FONT></FONT></P>
! </OL>
! <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>If it is not selected, we do
! nothing.</FONT></FONT></P>
! <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>We go to the next item in the
! TListView</FONT></FONT></P>
! <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>Process the HoldTTNodes TStringList
! as follows:</FONT></FONT></P>
! <OL>
! <OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>for (int i = 0; i <
! DML->HoldTTNodes->Count; i++) {</FONT></FONT></P>
! <OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>((TTreeNode
! *)DML->HoldTTNodes->Objects[i])->Caption =
! WideString(DML->HoldTTNodes->Strings[i]);</FONT></FONT></P>
! </OL>
! <LI><P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>} // Change the captions in the
! TTreeView to the new values</FONT></FONT></P>
! </OL>
! </OL>
! <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>Repaint the appropriate Accessor
! ListView</FONT></FONT></P>
! <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>if (check4UncommittedCDS()) {</FONT></FONT></P>
! <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! FlagChangesExecute(this); // if there have been any changes, make the
! appropriate changes to the application</P>
! <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>}</FONT></FONT></P>
! <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
! <FONT FACE="Charter"><FONT SIZE=3>Clean up various shared objects so
! they can be used by another call.</FONT></FONT></P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in"><SPAN STYLE="text-decoration: none"><SPAN LANG="en-US"><A HREF="../UtilityFunctions/UtilityFunctions.html#ClearPtrlists" TARGET="_blank">clearPtrLists</A>();
! </SPAN></SPAN>
! </P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in"><SPAN STYLE="text-decoration: none"><SPAN LANG="en-US"><A HREF="../UtilityFunctions/UtilityFunctions.html#clearHoldTTNodesLists" TARGET="_blank">clearHoldTTNodesLists</A>();</SPAN></SPAN></P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in"><SPAN STYLE="text-decoration: none"><SPAN LANG="en-US"><A HREF="../UtilityFunctions/UtilityFunctions.html#ClearPEPStrings" TARGET="_blank">clearPEPStrings</A>();</SPAN></SPAN></P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
<P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
--- 2786,2886 ----
<P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">LVI =
0;</P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none"><BR>
</P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none"><BR>
</P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none"><U>Edit
! Access Group:</U><SPAN STYLE="text-decoration: none"> </SPAN>
</P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">What
! does it mean to edit an Access Group?</P>
! <OL>
! <LI><P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">If
! the short name has changed, the name must be changed in the
! access_groups and security_policies database tables for the Access
! Group and all it descendants. The parent name must also change for
! all descendants.</P>
! <LI><P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">If
! the parent has changed, not only must the parent change for this
! Access Group but its name must change to reflect the new parent.
! That will have the same effect as changing the name in #1 above
! including the implications for the descendants and the changes to
! the security_policies database table.</P>
! <LI><P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">If
! the comment changes, we merely update the comment field in the
! access_groups database table.</P>
! <LI><P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">If
! the name has changed by either changing the short name (the name
! without the hierarchy, e.g., Admin rather than NexNet/Nexus/Admin)
! or the parent, all chains and DENY chains of the Access Group and
! all descendants must be renamed. Any inheritance, ACCESS_GROUPS or
! ACCESS_GROUPS_DENY jumps will be automatically renamed if we use
! iptables -E.</P>
! <LI><P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">If
! the Access Group or any of its descendants have X.509 accessors,
! DNList must be rebuilt to reflect the new group names.</P>
! <LI><P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">If
! the short name has been changed, AGListView must reflect the new
! name.</P>
! <LI><P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">If
! the parent has been changed, the QListViewItem and all its children
! must be moved to the new parent.</P>
! </OL>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">Multiple
! Access Groups can be chosen at once for edit. The edit function is
! invoked by highlighting one or more Access Groups and pressing the
! <Enter> key, double clicking or choosing the Edit Access Group
! option from the menu, popup menu or tool bar. The Edit Access Group
! Action should not be enabled unless an Access Group is selected.</P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none"><BR>
</P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">We
! must handle the following events:</P>
! <OL>
! <LI><P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">Access
! Groups are selected</P>
! <LI><P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">Accessors
! are selected</P>
! <LI><P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">Access
! Groups and Accessors are Selected</P>
! <LI><P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">Access
! Groups and some of their descendants are selected</P>
! </OL>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none"><BR>
</P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">We
! will process Accessors before Access Groups. We iterate through
! AGListView and find all selected QListViewItems. We will find the
! associated row for each selected Accessor, add it to the
! QValueList<int> IPAccs or X509Accs if it does not already exist
! in in the list and pass it to editIPAcc. Selected Access Groups are
! added to the QPtrList<QListViewItem> AGList. I do not think we
! need to worry about Access Group ancestors and descendants being
! processed together as long as we always use the current information,
! i.e., current after the immediately previous edit, not from the
! beginning of the group edit.</P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none"><BR>
</P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">int
! Row;</P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">QString
! FQN;</P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">QValueList<int>
! IPAccs, X509Accs;</P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">QListViewItem
! * LVI;</P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">QPtrList<QListViewItem>
! AGList;</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
! <P ALIGN=LEFT STYLE="margin-bottom: 0in">Everything below this point
! is from the Kylix implementation and is obsolete.</P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
! <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
<P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
***************
*** 3668,3680 ****
<P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
<FONT FACE="Charter"><FONT SIZE=3><U>Move Access Group:</U></FONT></FONT></P>
- <P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
- </P>
- <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
- <FONT FACE="Charter"><FONT SIZE=3>Add Accessors to Access Groups</FONT></FONT></P>
- <P ALIGN=LEFT STYLE="margin-bottom: 0in">If it is and IP Accessor and
- not a protected Accessor, we MUST make the entry for this address is
- VPN_ALLOW</P>
- <P LANG="en-US" ALIGN=LEFT STYLE="margin-bottom: 0in; text-decoration: none">
- <FONT FACE="Charter"><FONT SIZE=3>Remove Accessors from Access Groups</FONT></FONT></P>
<P ALIGN=LEFT STYLE="margin-bottom: 0in"><BR>
</P>
--- 3146,3149 ----
|