diff options
author | Daniel Stefan Haischt <dsh@pfsense.org> | 2007-09-16 19:08:07 +0000 |
---|---|---|
committer | Daniel Stefan Haischt <dsh@pfsense.org> | 2007-09-16 19:08:07 +0000 |
commit | 8b857b14855f7639fdf7ee9e5f4eb22a7c6779aa (patch) | |
tree | 8ad408fd5d8801ecf3340e1202207a83fe562ba7 /packages/authng/pkg | |
parent | 92776fa26b8a5af6434826ce0f26a19f3c142b07 (diff) | |
download | pfsense-packages-8b857b14855f7639fdf7ee9e5f4eb22a7c6779aa.tar.gz pfsense-packages-8b857b14855f7639fdf7ee9e5f4eb22a7c6779aa.tar.bz2 pfsense-packages-8b857b14855f7639fdf7ee9e5f4eb22a7c6779aa.zip |
* added user manager GUI stuff
* split usermanager GUI into several files to improve maintainability
* added windows JavaScript files to provide eye candy to alert boxes
* added initial wizard
* TODO: factor out auth usermanager related logic from authng.inc to authng_usermanager.inc
Diffstat (limited to 'packages/authng/pkg')
-rw-r--r-- | packages/authng/pkg/authng.inc | 245 | ||||
-rw-r--r-- | packages/authng/pkg/authng_classdefs.inc | 34 | ||||
-rw-r--r-- | packages/authng/pkg/authng_peers.inc | 64 | ||||
-rw-r--r-- | packages/authng/pkg/authng_usermanager.inc | 247 |
4 files changed, 539 insertions, 51 deletions
diff --git a/packages/authng/pkg/authng.inc b/packages/authng/pkg/authng.inc index 509f5a18..06774acd 100644 --- a/packages/authng/pkg/authng.inc +++ b/packages/authng/pkg/authng.inc @@ -36,8 +36,13 @@ */ /* ========================================================================== */ +/* PHP classes like factories users, and groups */ +require_once("authng_classdefs.inc"); +/* PHP classes representing specific auth methods */ require_once("authng_authmethods.inc"); +/* PHP classes representing specific backends */ require_once("authng_backends.inc"); +/* PHP peer classes that are providing a persistence layer */ require_once("authng_peers.inc"); // TODO: Define user- and groupindex array @@ -61,9 +66,242 @@ $authMethod =& $authMethodFactory->getAuthMethodByName($config['system']['webgui // get the actual backend $backend =& $backendFactory->getBackendByName($config['system']['webgui']['backing_method']); -function syncPackageAuthNG() { +function getUsermanagerPagetitle() { + global $userPeer; + + $result = ""; + + if ($userPeer->isSystemAdmin($HTTP_SERVER_VARS['AUTH_USER'])) { + // Page title for admins + $result = array(gettext("System"), gettext("User manager")); + } else { + // Page title for non-admins + $result = array(gettext("System"), gettext("User password")); + } + + return $result; +} + +function processUserManagerPostVars() { + global $input_errors, $savemsg, $config; + + if (isset($_POST['save'])) { + unset($input_errors); + + /* input validation */ + $reqdfields = explode(" ", "passwordfld1"); + $reqdfieldsn = explode(",", "Password"); + + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + + if ($_POST['passwordfld1'] != $_POST['passwordfld2']) + $input_errors[] = "The passwords do not match."; + + if (!$input_errors) { + // all values are okay --> saving changes + $config['system']['user'][$userindex[$HTTP_SERVER_VARS['AUTH_USER']]]['password'] = crypt(trim($_POST['passwordfld1'])); + + write_config(); + + sync_webgui_passwords(); + + $retval = system_password_configure(); + $savemsg = get_std_save_message($retval); + $savemsg = "Password successfully changed<br />"; + } + } +} + +function processUserManagerAdminPostVars() { + global $config; + + $id = $_GET['id']; + if (isset($_POST['id'])) + $id = $_POST['id']; + + if (!is_array($config['system']['user'])) { + $config['system']['user'] = array(); + } + + admin_users_sort(); + $a_user = &$config['system']['user']; + $t_privs = $a_user[$id]['priv']; + + if ($_GET['act'] == "del" && $_GET['what'] == "user") { + if ($a_user[$_GET['id']]) { + $userdeleted = $a_user[$_GET['id']]['name']; + unset($a_user[$_GET['id']]); + write_config(); + $retval = system_password_configure(); + $savemsg = get_std_save_message($retval); + $savemsg = gettext("User") . " " . $userdeleted . " " . gettext("successfully deleted") . "<br />"; + } + } else if ($_GET['act'] == "del" && $_GET['what'] == "priv") { + if ($t_privs[$_GET['privid']]) { + $privdeleted = $t_privs[$_GET['privid']]['id']; + unset($t_privs[$_GET['privid']]); + write_config(); + $_GET['act'] = "edit"; + $retval = 0; + $savemsg = get_std_save_message($retval); + $savemsg = gettext("Privilege") . " " . $privdeleted . " " . gettext("of user") . " " . $a_user[$_GET['id']]['name'] . " " . gettext("successfully deleted") . "<br />"; + } + } + + if ($_POST) { + unset($input_errors); + $pconfig = $_POST; + + /* input validation */ + if (isset($id) && ($a_user[$id])) { + $reqdfields = explode(" ", "usernamefld"); + $reqdfieldsn = explode(",", "Username"); + } else { + $reqdfields = explode(" ", "usernamefld passwordfld1"); + $reqdfieldsn = explode(",", "Username,Password"); + } + + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + + if (hasShellAccess($_POST['usernamefld'])) { + if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['usernamefld'])) + $input_errors[] = gettext("The username contains invalid characters."); + } else { + if (preg_match("/[^a-zA-Z0-9\@\.\-_]/", $_POST['usernamefld'])) + $input_errors[] = gettext("The username contains invalid characters."); + } + + if (($_POST['passwordfld1']) && ($_POST['passwordfld1'] != $_POST['passwordfld2'])) + $input_errors[] = gettext("The passwords do not match."); + + if (!$input_errors && !(isset($id) && $a_user[$id])) { + /* make sure there are no dupes */ + foreach ($a_user as $userent) { + if ($userent['name'] == $_POST['usernamefld']) { + $input_errors[] = gettext("Another entry with the same username already exists."); + break; + } + } + } + + if ($pconfig['utype'] <> "system" && !isset($groupindex[$_POST['groupname']])) { + $input_errors[] = gettext("group does not exist, please define the group before assigning users."); + } + + if (isset($config['system']['ssh']['sshdkeyonly']) && + empty($_POST['authorizedkeys'])) { + $input_errors[] = gettext("You must provide an authorized key otherwise you won't be able to login into this system."); + } + + /* if this is an AJAX caller then handle via JSON */ + if (isAjax() && is_array($input_errors)) { + input_errors2Ajax($input_errors); + exit; + } + + if (!$input_errors) { + if (isset($id) && $a_user[$id]) + $userent = $a_user[$id]; + + /* the user did change his username */ + if ($_POST['usernamefld'] <> $_POST['oldusername']) { + $_SERVER['REMOTE_USER'] = $_POST['usernamefld']; + } + + $userent['name'] = $_POST['usernamefld']; + $userent['fullname'] = $_POST['fullname']; + if ($pconfig['utype'] <> "system") { + $userent['groupname'] = $_POST['groupname']; + } + isset($_POST['utype']) ? $userent['scope'] = $_POST['utype'] : $userent['scope'] = "system"; + + if ($_POST['passwordfld1']) + $userent['password'] = crypt($_POST['passwordfld1']); + + if(isset($config['system']['ssh']['sshdkeyonly'])) { + $userent['authorizedkeys'] = base64_encode($_POST['authorizedkeys']); + } + + if (isset($id) && $a_user[$id]) + $a_user[$id] = $userent; + else + $a_user[] = $userent; + + write_config(); + $retval = system_password_configure(); + sync_webgui_passwords(); + + pfSenseHeader("system_usermanager.php"); + } + } +} + +/** + * getWindowJSScriptRefs() + * + * @return + */ +function getWindowJSScriptRefs(){ + $result = array('<script type="text/javascript" src="/javascript/windows-js/javascript/window.js"></script>', + '<script type="text/javascript" src="/javascript/windows-js/javascript/window_effects.js"></script>', + '<script type="text/javascript" src="/javascript/windows-js/javascript/debug.js"></script>'); + + return $result; +} + +function gotNoUsers() { + global $config; + return empty($config['installedpackages']['authng']['config']); +} + +/** + * openNoUserDefsDialog() + * + * @param mixed $effectClass + * @return + */ +function openNoUserDefsDialog($effectClass) { + if (gotNoUsers()) { + $alertMessage = gettext("No users or groups found. You will be forwarded to the AuthNG wizard to be able to define users and groups."); + $dialogScript = " + <script type='text/javascript'> + var anchor = document.getElementById('popupanchor'); + + function forwardToWizard() { + window.location.href = '/wizard.php?xml=authng_wizard.xml'; + } + + function openNoUserDefsDialog(html) { + var effect = new PopupEffect(html, {className: '${effectClass}'}); + Dialog.alert('${alertMessage}',{className:'alphacube', top:150, width:400, height:null, showEffect:effect.show.bind(effect), hideEffect:effect.hide.bind(effect), onOk:forwardToWizard}); + } + + openNoUserDefsDialog(anchor); + </script> + "; + + return $dialogScript; + } +} + +/** + * getWindowJSStyleRefs() + * + * @return + */ +function getWindowJSStyleRefs(){ + $result = array('<link href="/javascript/windows-js/themes/default.css" rel="stylesheet" type="text/css" />', + '<link href="/javascript/windows-js/themes/alert.css" rel="stylesheet" type="text/css" />', + '<link href="/javascript/windows-js/themes/alphacube.css" rel="stylesheet" type="text/css" />'); + + return $result; } +/** + * installPackageAuthNG() + * + * @return + */ function installPackageAuthNG() { mwexec("cd / && /usr/bin/patch < /usr/local/pkg/authng-pfSenseHead.diff"); mwexec("cd / && /usr/bin/patch < /usr/local/pkg/authng-fbegin.inc.diff"); @@ -71,6 +309,11 @@ function installPackageAuthNG() { mwexec("cd / && /usr/bin/patch < /usr/local/pkg/authng-globals.inc.diff"); } +/** + * deinstallPackageAuthNG() + * + * @return + */ function deinstallPackageAuthNG() { mwexec("cd / && /usr/bin/patch -R < /usr/local/pkg/authng-pfSenseHead.diff"); mwexec("cd / && /usr/bin/patch -R < /usr/local/pkg/authng-fbegin.inc.diff"); diff --git a/packages/authng/pkg/authng_classdefs.inc b/packages/authng/pkg/authng_classdefs.inc index 7315bb6f..64f0ff14 100644 --- a/packages/authng/pkg/authng_classdefs.inc +++ b/packages/authng/pkg/authng_classdefs.inc @@ -67,19 +67,19 @@ class SingletonInterface extends Object { } } -class AuthMethodFactory extends SingletonInterface { +class BackendFactory extends SingletonInterface { function __construct() { // Perform object initialization here. parent::__construct(); } function &getInstance() { - return parent::__getInstanceImp('AuthMethodFactory'); + return parent::__getInstanceImp('BackendFactory'); } - - function &getAuthMethodByName($name) { + + function &getBackendByName($name) { $result = null; - + /* Each name links to an entry in config.xml * Example: <auth_method>session</auth_method> */ @@ -101,24 +101,24 @@ class AuthMethodFactory extends SingletonInterface { break; default: } - + return $result; } } -class BackendFactory extends SingletonInterface { +class AuthMethodFactory extends SingletonInterface { function __construct() { // Perform object initialization here. parent::__construct(); } function &getInstance() { - return parent::__getInstanceImp('BackendFactory'); + return parent::__getInstanceImp('AuthMethodFactory'); } - - function &getBackendByName($name) { + + function &getAuthMethodByName($name) { $result = null; - + /* Each name links to an entry in config.xml * Example: <backing_method>htpasswd</backing_method> */ @@ -131,7 +131,7 @@ class BackendFactory extends SingletonInterface { break; default: } - + return $result; } } @@ -154,7 +154,7 @@ class AuthngAuxiliary { return $adminUsers; } // end function - + function assignUID($username = "") { global $userindex, $config, $g; @@ -323,19 +323,19 @@ class AuthngUser { /* ========================================================================== */ /* == Accessors == */ /* ========================================================================== */ - + function isSystemAdmin() { return $this->systemAdmin; } - + function setIsSystemAdmin($flag = false) { $this->systemAdmin = $flag; } - + function isUNIXRoot() { return $this->unixRoot; } - + function setIsUNIXRoot($flag = false) { $this->unixRoot = $flag; } diff --git a/packages/authng/pkg/authng_peers.inc b/packages/authng/pkg/authng_peers.inc index e1640edc..bce3c494 100644 --- a/packages/authng/pkg/authng_peers.inc +++ b/packages/authng/pkg/authng_peers.inc @@ -36,8 +36,6 @@ */ /* ========================================================================== */ -require_once("authng_classdefs.inc"); - class PeerFactory extends SingletonInterface { function __construct() { // Perform object initialization here. @@ -47,10 +45,10 @@ class PeerFactory extends SingletonInterface { function &getInstance() { return parent::__getInstanceImp('PeerFactory'); } - + function &getGroupPeerByPrincipalStore($store) { $result = null; - + /* Each name links to an entry in config.xml * Example: <principal_store>xml</principal_store> */ @@ -66,13 +64,13 @@ class PeerFactory extends SingletonInterface { break; default: } - + return $result; } - + function &getUserPeerByPrincipalStore($store) { $result = null; - + /* Each name links to an entry in config.xml * Example: <principal_store>xml</principal_store> */ @@ -88,7 +86,7 @@ class PeerFactory extends SingletonInterface { break; default: } - + return $result; } } @@ -116,11 +114,11 @@ class AbstractPrivilegePeer { /* ========================================================================== */ /* == Accessors == */ /* ========================================================================== */ - + function setUserPeer($peer) { $this->userPeer = $peer; } - + function getUserPeer() { return $this->userPeer; } @@ -194,19 +192,19 @@ class AbstractUserPeer { function getUserByIndex($index) { return $this->users[$index]; } - + function getUserByName($username) { return $this->users[$username]; } - + function isSystemAdmin($username) { $result = false; $user = $this->getUserByName($username); - + if ($user) { $result = $user->isSystemAdmin(); } - + return $result; } } @@ -245,19 +243,19 @@ class AbstractGroupPeer { function getGroupByIndex($index) { return $this->groups[$index]; } - + function getGroupByName($groupname) { return $this->groups[$groupname]; } - + function getGroupHomePage($groupname) { $result = false; $group = $this->getGroupByName($groupname); - + if ($group) { $result = $group->getHome(); } - + return $result; } } @@ -276,11 +274,11 @@ class XMLPrivilegePeer extends AbstractPrivilegePeer { function XMLPrivilegePeer($userPeer) { global $g, $config; - + parent::AbstractPrivilegePeer(); - + $this->setUserPeer($peer); - + foreach ($peer->users as $userent) { foreach ($userent->getPrivileges() as $privent) { $this->privileges[$userent->getName()] = $privent; @@ -311,22 +309,22 @@ class XMLPrivilegePeer extends AbstractPrivilegePeer { $userid = getPrivilegeIndexByName($username); $user = $config['system']['user'][$userid]; } - + function setFullName($id, $name) { $userid = getUserIndexByName($id); $config['system']['user'][$userid]['fullname'] = $name; } - + function setGroupName($id, $name) { $userid = getUserIndexByName($id); $config['system']['user'][$userid]['groupname'] = $name; } - + function setPassword($id, $pwd) { $userid = getUserIndexByName($id); $config['system']['user'][$userid]['password'] = $pwd; } - + function setUid($id, $uid) { $userid = getUserIndexByName($id); $config['system']['user'][$userid]['uid'] = $uid; @@ -347,7 +345,7 @@ class XMLUserPeer extends AbstractUserPeer { function XMLUserPeer() { global $g, $config; - + parent::AbstractUserPeer(); if (isset($config['system']['user'])) { @@ -358,7 +356,7 @@ class XMLUserPeer extends AbstractUserPeer { $this->addUserFromEnt($userent); $i++; } - } + } } /* ========================================================================== */ @@ -384,7 +382,7 @@ class XMLUserPeer extends AbstractUserPeer { $newPrivilege->setId($privent['id']); $newPrivilege->setName($privent['name']); $newPrivilege->setDescription($privent['description']); - + $newUser->addPrivilege($newPrivilege); } } @@ -396,22 +394,22 @@ class XMLUserPeer extends AbstractUserPeer { $userid = getUserIndexByName($id); $config['system']['user'][$userid]['name'] = $name; } - + function setFullName($id, $name) { $userid = getUserIndexByName($id); $config['system']['user'][$userid]['fullname'] = $name; } - + function setGroupName($id, $name) { $userid = getUserIndexByName($id); $config['system']['user'][$userid]['groupname'] = $name; } - + function setPassword($id, $pwd) { $userid = getUserIndexByName($id); $config['system']['user'][$userid]['password'] = $pwd; } - + function setUid($id, $uid) { $userid = getUserIndexByName($id); $config['system']['user'][$userid]['uid'] = $uid; @@ -432,7 +430,7 @@ class XMLGroupPeer extends AbstractGroupPeer { function XMLGroupPeer() { global $g, $config; - + parent::AbstractGroupPeer(); if (isset($config['system']['group'])) { diff --git a/packages/authng/pkg/authng_usermanager.inc b/packages/authng/pkg/authng_usermanager.inc new file mode 100644 index 00000000..f96759fb --- /dev/null +++ b/packages/authng/pkg/authng_usermanager.inc @@ -0,0 +1,247 @@ +<?php +/* $Id$ */ +/* ========================================================================== */ +/* + authng_usermanager.inc + part of pfSense (http://www.pfSense.com) + Copyright (C) 2007 Daniel S. Haischt <me@daniel.stefan.haischt.name> + All rights reserved. + + Based on m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>. + All rights reserved. + */ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + +function initUserFromGetVars() { + if ($_GET['act'] == "edit") { + if (isset($id) && $a_user[$id]) { + $pconfig['usernamefld'] = $a_user[$id]['name']; + $pconfig['fullname'] = $a_user[$id]['fullname']; + $pconfig['groupname'] = $a_user[$id]['groupname']; + $pconfig['utype'] = $a_user[$id]['scope']; + $pconfig['authorizedkeys'] = base64_decode($a_user[$id]['authorizedkeys']); + } + } else if ($_GET['act'] == "new") { + /* set this value cause the text field is read only + * and the user should not be able to mess with this + * setting. + */ + $pconfig['utype'] = "user"; + } +} +function processUserManagerPostVarsUser() { + if (isset($_POST['save'])) { + unset($input_errors); + + /* input validation */ + $reqdfields = explode(" ", "passwordfld1"); + $reqdfieldsn = explode(",", "Password"); + + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + + if ($_POST['passwordfld1'] != $_POST['passwordfld2']) + $input_errors[] = "The passwords do not match."; + + if (!$input_errors) { + // all values are okay --> saving changes + $config['system']['user'][$userindex[$HTTP_SERVER_VARS['AUTH_USER']]]['password'] = crypt(trim($_POST['passwordfld1'])); + + write_config(); + + sync_webgui_passwords(); + + $retval = system_password_configure(); + $savemsg = get_std_save_message($retval); + $savemsg = "Password successfully changed<br />"; + } + } +} + +function processUserManagerPostVarsAdmin() { + $id = $_GET['id']; + if (isset($_POST['id'])) + $id = $_POST['id']; + + if (!is_array($config['system']['user'])) { + $config['system']['user'] = array(); + } + + admin_users_sort(); + $a_user = &$config['system']['user']; + $t_privs = $a_user[$id]['priv']; + + if ($_GET['act'] == "del" && $_GET['what'] == "user") { + if ($a_user[$_GET['id']]) { + $userdeleted = $a_user[$_GET['id']]['name']; + unset($a_user[$_GET['id']]); + write_config(); + $retval = system_password_configure(); + $savemsg = get_std_save_message($retval); + $savemsg = gettext("User") . " " . $userdeleted . " " . gettext("successfully deleted") . "<br />"; + } + } else if ($_GET['act'] == "del" && $_GET['what'] == "priv") { + if ($t_privs[$_GET['privid']]) { + $privdeleted = $t_privs[$_GET['privid']]['id']; + unset($t_privs[$_GET['privid']]); + write_config(); + $_GET['act'] = "edit"; + $retval = 0; + $savemsg = get_std_save_message($retval); + $savemsg = gettext("Privilege") . " " . $privdeleted . " " . gettext("of user") . " " . $a_user[$_GET['id']]['name'] . " " . gettext("successfully deleted") . "<br />"; + } + } + + if ($_POST) { + unset($input_errors); + $pconfig = $_POST; + + /* input validation */ + if (isset($id) && ($a_user[$id])) { + $reqdfields = explode(" ", "usernamefld"); + $reqdfieldsn = explode(",", "Username"); + } else { + $reqdfields = explode(" ", "usernamefld passwordfld1"); + $reqdfieldsn = explode(",", "Username,Password"); + } + + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + + if (hasShellAccess($_POST['usernamefld'])) { + if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['usernamefld'])) + $input_errors[] = gettext("The username contains invalid characters."); + } else { + if (preg_match("/[^a-zA-Z0-9\@\.\-_]/", $_POST['usernamefld'])) + $input_errors[] = gettext("The username contains invalid characters."); + } + + if (($_POST['passwordfld1']) && ($_POST['passwordfld1'] != $_POST['passwordfld2'])) + $input_errors[] = gettext("The passwords do not match."); + + if (!$input_errors && !(isset($id) && $a_user[$id])) { + /* make sure there are no dupes */ + foreach ($a_user as $userent) { + if ($userent['name'] == $_POST['usernamefld']) { + $input_errors[] = gettext("Another entry with the same username already exists."); + break; + } + } + } + + if ($pconfig['utype'] <> "system" && !isset($groupindex[$_POST['groupname']])) { + $input_errors[] = gettext("group does not exist, please define the group before assigning users."); + } + + if (isset($config['system']['ssh']['sshdkeyonly']) && + empty($_POST['authorizedkeys'])) { + $input_errors[] = gettext("You must provide an authorized key otherwise you won't be able to login into this system."); + } + + /* if this is an AJAX caller then handle via JSON */ + if (isAjax() && is_array($input_errors)) { + input_errors2Ajax($input_errors); + exit; + } + + if (!$input_errors) { + if (isset($id) && $a_user[$id]) + $userent = $a_user[$id]; + + /* the user did change his username */ + if ($_POST['usernamefld'] <> $_POST['oldusername']) { + $_SERVER['REMOTE_USER'] = $_POST['usernamefld']; + } + + $userent['name'] = $_POST['usernamefld']; + $userent['fullname'] = $_POST['fullname']; + if ($pconfig['utype'] <> "system") { + $userent['groupname'] = $_POST['groupname']; + } + isset($_POST['utype']) ? $userent['scope'] = $_POST['utype'] : $userent['scope'] = "system"; + + if ($_POST['passwordfld1']) + $userent['password'] = crypt($_POST['passwordfld1']); + + if(isset($config['system']['ssh']['sshdkeyonly'])) { + $userent['authorizedkeys'] = base64_encode($_POST['authorizedkeys']); + } + + if (isset($id) && $a_user[$id]) + $a_user[$id] = $userent; + else + $a_user[] = $userent; + + write_config(); + $retval = system_password_configure(); + sync_webgui_passwords(); + + pfSenseHeader("system_usermanager.php"); + } + } +} + +/** + * getWindowJSScriptRefs() + * + * @return + */ +function getWindowJSScriptRefs(){ + $result = array('<script type="text/javascript" src="/javascripts/windows-js/javascript/effects.js"></script>', + '<script type="text/javascript" src="/javascripts/windows-js/javascript/window.js"></script>', + '<script type="text/javascript" src="/javascripts/windows-js/javascript/window_effects.js"></script>', + '<script type="text/javascript" src="/javascripts/windows-js/javascript/window_effects.js"></script>', + '<script type="text/javascript" src="/javascripts/windows-js/javascript/debug.js"></script>'); + + return $result; +} + +/** + * openNoUserDefsDialog() + * + * @param mixed $effectClass + * @return + */ +function openNoUserDefsDialog($effectClass) { + if (empty($config['installedpackages']['authng']['config'])) { + $alertMessage = gettext("No users or group found. You will be forwarded to the AuthNG wizard to be able to define users and groups."); + $dialogScript = " + <script type='text/javascript'> + function forwardToWizard() { + window.location.href = '/wizard.php?xml=authng_wizard.xml'; + } + + function openNoUserDefsDialog(html) { + var effect = new PopupEffect(html, {className: '${effectClass}'}); + Dialog.alert('${alertMessage},{className:'alphacube', width: 400, height:null, showEffect:effect.show.bind(effect), hideEffect:effect.hide.bind(effect), onOk:forwardToWizard}); + } + </script> + "; + + return $dialogScript; + } +} + +?>
\ No newline at end of file |