aboutsummaryrefslogtreecommitdiffstats
path: root/config/authng/www/php/system_usermanager_edit.php
diff options
context:
space:
mode:
Diffstat (limited to 'config/authng/www/php/system_usermanager_edit.php')
-rw-r--r--config/authng/www/php/system_usermanager_edit.php294
1 files changed, 294 insertions, 0 deletions
diff --git a/config/authng/www/php/system_usermanager_edit.php b/config/authng/www/php/system_usermanager_edit.php
new file mode 100644
index 00000000..25dc2ac3
--- /dev/null
+++ b/config/authng/www/php/system_usermanager_edit.php
@@ -0,0 +1,294 @@
+<?php
+/* $Id$ */
+/*
+ system_usermanager_edit.php
+
+ Copyright (C) 2006 Daniel S. Haischt.
+ All rights reserved.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+*/
+
+$pgtitle = array(gettext("System"),
+ gettext("User manager"),
+ gettext("Edit Privilege"));
+
+require("guiconfig.inc");
+
+/*
+ The following code presumes, that the following XML structure exists or
+ if it does not exist, it will be created.
+
+ <priv>
+ <id>fooid</id>
+ <name>foo</name>
+ <descr>foo desc</descr>
+ </priv>
+ <priv>
+ <id>barid</id>
+ <name>bar</name>
+ <descr>bar desc</descr>
+ </priv>
+*/
+
+$useract = $_GET['useract'];
+if (isset($_POST['useract']))
+ $useract = $_POST['useract'];
+
+/* USERID must be set no matter whether this is a new entry or an existing entry */
+$userid = $_GET['userid'];
+if (isset($_POST['userid']))
+ $userid = $_POST['userid'];
+
+/* ID is only set if the user wants to edit an existing entry */
+$id = $_GET['id'];
+if (isset($_POST['id']))
+ $id = $_POST['id'];
+
+if (empty($config['system']['user'][$userid])) {
+ pfSenseHeader("system_usermanager.php?id={$userid}&act={$_GET['useract']}");
+ exit;
+}
+
+if (!is_array($config['system']['user'][$userid]['priv'])) {
+ $config['system']['user'][$userid]['priv'] = array();
+}
+
+$t_privs = &$config['system']['user'][$userid]['priv'];
+
+if (isset($id) && $t_privs[$id]) {
+ $pconfig['pid'] = $t_privs[$id]['id'];
+ $pconfig['pname'] = $t_privs[$id]['name'];
+ $pconfig['descr'] = $t_privs[$id]['descr'];
+} else {
+ $pconfig['pid'] = $_GET['pid'];
+ $pconfig['pname'] = $_GET['pname'];
+ $pconfig['descr'] = $_GET['descr'];
+}
+
+if ($_POST) {
+
+ unset($input_errors);
+ $pconfig = $_POST;
+
+ /* input validation */
+ $reqdfields = explode(" ", "pid pname");
+ $reqdfieldsn = explode(",", "ID, Privilege Name");
+
+ do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
+
+ /* check for overlaps */
+ foreach ($t_privs as $priv) {
+ if (isset($id) && ($t_privs[$id]) && ($t_privs[$id] === $priv)) {
+ continue;
+ }
+ if ($priv['id'] == $pconfig['pid']) {
+ $input_errors[] = gettext("This privilege ID already exists.");
+ break;
+ }
+ }
+
+ if (hasShellAccess($userindex[$userid]['name']) ||
+ isAllowedToCopyFiles($userindex[$userid]['name'])) {
+ if (preg_match("/[^a-zA-Z0-9\.\-_]/", $userindex[$userid]['name']))
+ $input_errors[] = gettext("The username contains invalid characters " .
+ "((this means this user can't be used to create" .
+ " a shell account).");
+ }
+
+ /* if this is an AJAX caller then handle via JSON */
+ if(isAjax() && is_array($input_errors)) {
+ input_errors2Ajax($input_errors);
+ exit;
+ }
+
+ if (!$input_errors) {
+ $priv = array();
+ $priv['id'] = $pconfig['pid'];
+ $priv['name'] = $pconfig['pname'];
+ $priv['descr'] = $pconfig['descr'];
+
+ if (isset($id) && $t_privs[$id])
+ $t_privs[$id] = $priv;
+ else
+ $t_privs[] = $priv;
+
+ if ($priv['id'] == "hasshell") {
+ assignUID($user['name']);
+ assignGID($user['groupname']);
+ }
+
+ write_config();
+
+ $retval = 0;
+ config_lock();
+ config_unlock();
+
+ $savemsg = get_std_save_message($retval);
+
+ pfSenseHeader("system_usermanager.php?id={$userid}&act={$useract}");
+ exit;
+ }
+}
+
+/* if ajax is calling, give them an update message */
+if(isAjax())
+ print_info_box_np($savemsg);
+
+include("head.inc");
+/* put your custom HTML head content here */
+/* using some of the $pfSenseHead function calls */
+
+$jscriptstr = <<<EOD
+<script type="text/javascript">
+<!--
+
+ var privs = new Array();
+
+
+EOD;
+
+$privs =& getSystemPrivs();
+
+if (is_array($privs)) {
+ $id = 0;
+
+ $jscriptstr .= "privs[{$id}] = new Object();\n";
+ $jscriptstr .= "privs[{$id}]['id'] = 'custom';\n";
+ $jscriptstr .= "privs[{$id}]['name'] = '*** Custom privilege ***';\n";
+ $jscriptstr .= "privs[{$id}]['desc'] = 'This is your own, user defined privilege that you may change according to your requirements.';\n";
+ $id++;
+
+ foreach($privs as $priv){
+ $jscriptstr .= "privs[{$id}] = new Object();\n";
+ $jscriptstr .= "privs[{$id}]['id'] = '{$priv['id']}';\n";
+ $jscriptstr .= "privs[{$id}]['name'] = '{$priv['name']}';\n";
+ $jscriptstr .= "privs[{$id}]['desc'] = '{$priv['desc']}';\n";
+ $id++;
+ }
+}
+
+$jscriptstr .= <<<EOD
+ function setTextFields() {
+ var idx = document.iform.sysprivs.selectedIndex;
+ var value = document.iform.sysprivs.options[idx].value;
+
+ for (var i = 0; i < privs.length; i++) {
+ if (privs[i]['id'] == value && privs[i]['id'] != 'custom') {
+ document.iform.pid.value = privs[i]['id'];
+ document.iform.pid.readOnly = true;
+ document.iform.pname.value = privs[i]['name'];
+ document.iform.pname.readOnly = true;
+ document.iform.descr.value = privs[i]['desc'];
+ document.iform.descr.readOnly = true;
+ break;
+ } else if (privs[i]['id'] == value) {
+ document.iform.pid.value = privs[i]['id'];
+ document.iform.pid.readOnly = false;
+ document.iform.pname.value = privs[i]['name'];
+ document.iform.pname.readOnly = false;
+ document.iform.descr.value = privs[i]['desc'];
+ document.iform.descr.readOnly = false;
+ break;
+ }
+ }
+ }
+
+//-->
+</script>
+
+EOD;
+
+$pfSenseHead->addScript($jscriptstr);
+echo $pfSenseHead->getHTML();
+
+?>
+
+<body link="#0000CC" vlink="#0000CC" alink="#0000CC" onload="<?= $jsevents["body"]["onload"] ?>">
+<?php include("fbegin.inc"); ?>
+<?php if ($input_errors) print_input_errors($input_errors); ?>
+<?php if ($savemsg) print_info_box($savemsg); ?>
+ <form action="system_usermanager_edit.php" method="post" name="iform" id="iform">
+ <div id="inputerrors"></div>
+ <table width="100%" border="0" cellpadding="6" cellspacing="0">
+ <tr>
+ <td width="22%" valign="top" class="vncellreq"><?=gettext("System Privileges");?></td>
+ <td width="78%" class="vtable">
+ <select name="sysprivs" id="sysprivs" class="formselect" onchange="setTextFields();">
+ <option value="custom">*** Custom privilege ***</option>
+ <?php
+ $privs =& getSystemPrivs();
+
+ if (is_array($privs)) {
+ foreach($privs as $priv){
+ if (isset($config['system']['ssh']['sshdkeyonly']) && $priv['name'] <> "copyfiles")
+ echo "<option value=\"{$priv['id']}\">${priv['name']}</option>";
+ else if (empty($config['system']['ssh']['sshdkeyonly']))
+ echo "<option value=\"{$priv['id']}\">${priv['name']}</option>";
+ }
+ }
+ ?>
+ </select><br />
+ (If you do not want to define your own privilege, you may
+ select one from this list)
+ </td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncellreq"><?=gettext("Privilege Identifier");?></td>
+ <td width="78%" class="vtable">
+ <input name="pid" type="text" class="formfld unknown" id="pid" size="30" value="<?=htmlspecialchars($pconfig['pid']);?>" />
+ </td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncellreq"><?=gettext("Privilege Name");?></td>
+ <td width="78%" class="vtable">
+ <input name="pname" type="text" class="formfld unknown" id="pname" size="30" value="<?=htmlspecialchars($pconfig['pname']);?>" />
+ </td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top" class="vncell"><?=gettext("Description");?></td>
+ <td width="78%" class="vtable">
+ <input name="descr" type="text" class="formfld unknown" id="descr" size="60" value="<?=htmlspecialchars($pconfig['descr']);?>" />
+ <br /> <span class="vexpl"><?=gettext("You may enter a description here
+ for your reference (not parsed).");?></span></td>
+ </tr>
+ <tr>
+ <td width="22%" valign="top">&nbsp;</td>
+ <td width="78%">
+ <input id="submitt" name="Submit" type="submit" class="formbtn" value="<?=gettext("Save");?>" />
+ <input id="cancelbutton" class="formbtn" type="button" value="<?=gettext("Cancel");?>" onclick="history.back()" />
+ <?php if (isset($id) && $t_privs[$id]): ?>
+ <input name="id" type="hidden" value="<?=$id;?>" />
+ <?php endif; ?>
+ <?php if (isset($userid)): ?>
+ <input name="userid" type="hidden" value="<?=$userid;?>" />
+ <?php endif; ?>
+ <?php if (isset($useract)): ?>
+ <input name="useract" type="hidden" value="<?=$useract;?>" />
+ <?php endif; ?>
+ </td>
+ </tr>
+ </table>
+ </form>
+<?php include("fend.inc"); ?>
+</body>
+</html>