aboutsummaryrefslogtreecommitdiffstats
path: root/packages/authng/pkg
diff options
context:
space:
mode:
Diffstat (limited to 'packages/authng/pkg')
-rw-r--r--packages/authng/pkg/authng.inc245
-rw-r--r--packages/authng/pkg/authng_classdefs.inc34
-rw-r--r--packages/authng/pkg/authng_peers.inc64
-rw-r--r--packages/authng/pkg/authng_usermanager.inc247
4 files changed, 539 insertions, 51 deletions
diff --git a/packages/authng/pkg/authng.inc b/packages/authng/pkg/authng.inc
index 509f5a18..06774acd 100644
--- a/packages/authng/pkg/authng.inc
+++ b/packages/authng/pkg/authng.inc
@@ -36,8 +36,13 @@
*/
/* ========================================================================== */
+/* PHP classes like factories users, and groups */
+require_once("authng_classdefs.inc");
+/* PHP classes representing specific auth methods */
require_once("authng_authmethods.inc");
+/* PHP classes representing specific backends */
require_once("authng_backends.inc");
+/* PHP peer classes that are providing a persistence layer */
require_once("authng_peers.inc");
// TODO: Define user- and groupindex array
@@ -61,9 +66,242 @@ $authMethod =& $authMethodFactory->getAuthMethodByName($config['system']['webgui
// get the actual backend
$backend =& $backendFactory->getBackendByName($config['system']['webgui']['backing_method']);
-function syncPackageAuthNG() {
+function getUsermanagerPagetitle() {
+ global $userPeer;
+
+ $result = "";
+
+ if ($userPeer->isSystemAdmin($HTTP_SERVER_VARS['AUTH_USER'])) {
+ // Page title for admins
+ $result = array(gettext("System"), gettext("User manager"));
+ } else {
+ // Page title for non-admins
+ $result = array(gettext("System"), gettext("User password"));
+ }
+
+ return $result;
+}
+
+function processUserManagerPostVars() {
+ global $input_errors, $savemsg, $config;
+
+ if (isset($_POST['save'])) {
+ unset($input_errors);
+
+ /* input validation */
+ $reqdfields = explode(" ", "passwordfld1");
+ $reqdfieldsn = explode(",", "Password");
+
+ do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
+
+ if ($_POST['passwordfld1'] != $_POST['passwordfld2'])
+ $input_errors[] = "The passwords do not match.";
+
+ if (!$input_errors) {
+ // all values are okay --> saving changes
+ $config['system']['user'][$userindex[$HTTP_SERVER_VARS['AUTH_USER']]]['password'] = crypt(trim($_POST['passwordfld1']));
+
+ write_config();
+
+ sync_webgui_passwords();
+
+ $retval = system_password_configure();
+ $savemsg = get_std_save_message($retval);
+ $savemsg = "Password successfully changed<br />";
+ }
+ }
+}
+
+function processUserManagerAdminPostVars() {
+ global $config;
+
+ $id = $_GET['id'];
+ if (isset($_POST['id']))
+ $id = $_POST['id'];
+
+ if (!is_array($config['system']['user'])) {
+ $config['system']['user'] = array();
+ }
+
+ admin_users_sort();
+ $a_user = &$config['system']['user'];
+ $t_privs = $a_user[$id]['priv'];
+
+ if ($_GET['act'] == "del" && $_GET['what'] == "user") {
+ if ($a_user[$_GET['id']]) {
+ $userdeleted = $a_user[$_GET['id']]['name'];
+ unset($a_user[$_GET['id']]);
+ write_config();
+ $retval = system_password_configure();
+ $savemsg = get_std_save_message($retval);
+ $savemsg = gettext("User") . " " . $userdeleted . " " . gettext("successfully deleted") . "<br />";
+ }
+ } else if ($_GET['act'] == "del" && $_GET['what'] == "priv") {
+ if ($t_privs[$_GET['privid']]) {
+ $privdeleted = $t_privs[$_GET['privid']]['id'];
+ unset($t_privs[$_GET['privid']]);
+ write_config();
+ $_GET['act'] = "edit";
+ $retval = 0;
+ $savemsg = get_std_save_message($retval);
+ $savemsg = gettext("Privilege") . " " . $privdeleted . " " . gettext("of user") . " " . $a_user[$_GET['id']]['name'] . " " . gettext("successfully deleted") . "<br />";
+ }
+ }
+
+ if ($_POST) {
+ unset($input_errors);
+ $pconfig = $_POST;
+
+ /* input validation */
+ if (isset($id) && ($a_user[$id])) {
+ $reqdfields = explode(" ", "usernamefld");
+ $reqdfieldsn = explode(",", "Username");
+ } else {
+ $reqdfields = explode(" ", "usernamefld passwordfld1");
+ $reqdfieldsn = explode(",", "Username,Password");
+ }
+
+ do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
+
+ if (hasShellAccess($_POST['usernamefld'])) {
+ if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['usernamefld']))
+ $input_errors[] = gettext("The username contains invalid characters.");
+ } else {
+ if (preg_match("/[^a-zA-Z0-9\@\.\-_]/", $_POST['usernamefld']))
+ $input_errors[] = gettext("The username contains invalid characters.");
+ }
+
+ if (($_POST['passwordfld1']) && ($_POST['passwordfld1'] != $_POST['passwordfld2']))
+ $input_errors[] = gettext("The passwords do not match.");
+
+ if (!$input_errors && !(isset($id) && $a_user[$id])) {
+ /* make sure there are no dupes */
+ foreach ($a_user as $userent) {
+ if ($userent['name'] == $_POST['usernamefld']) {
+ $input_errors[] = gettext("Another entry with the same username already exists.");
+ break;
+ }
+ }
+ }
+
+ if ($pconfig['utype'] <> "system" && !isset($groupindex[$_POST['groupname']])) {
+ $input_errors[] = gettext("group does not exist, please define the group before assigning users.");
+ }
+
+ if (isset($config['system']['ssh']['sshdkeyonly']) &&
+ empty($_POST['authorizedkeys'])) {
+ $input_errors[] = gettext("You must provide an authorized key otherwise you won't be able to login into this system.");
+ }
+
+ /* if this is an AJAX caller then handle via JSON */
+ if (isAjax() && is_array($input_errors)) {
+ input_errors2Ajax($input_errors);
+ exit;
+ }
+
+ if (!$input_errors) {
+ if (isset($id) && $a_user[$id])
+ $userent = $a_user[$id];
+
+ /* the user did change his username */
+ if ($_POST['usernamefld'] <> $_POST['oldusername']) {
+ $_SERVER['REMOTE_USER'] = $_POST['usernamefld'];
+ }
+
+ $userent['name'] = $_POST['usernamefld'];
+ $userent['fullname'] = $_POST['fullname'];
+ if ($pconfig['utype'] <> "system") {
+ $userent['groupname'] = $_POST['groupname'];
+ }
+ isset($_POST['utype']) ? $userent['scope'] = $_POST['utype'] : $userent['scope'] = "system";
+
+ if ($_POST['passwordfld1'])
+ $userent['password'] = crypt($_POST['passwordfld1']);
+
+ if(isset($config['system']['ssh']['sshdkeyonly'])) {
+ $userent['authorizedkeys'] = base64_encode($_POST['authorizedkeys']);
+ }
+
+ if (isset($id) && $a_user[$id])
+ $a_user[$id] = $userent;
+ else
+ $a_user[] = $userent;
+
+ write_config();
+ $retval = system_password_configure();
+ sync_webgui_passwords();
+
+ pfSenseHeader("system_usermanager.php");
+ }
+ }
+}
+
+/**
+ * getWindowJSScriptRefs()
+ *
+ * @return
+ */
+function getWindowJSScriptRefs(){
+ $result = array('<script type="text/javascript" src="/javascript/windows-js/javascript/window.js"></script>',
+ '<script type="text/javascript" src="/javascript/windows-js/javascript/window_effects.js"></script>',
+ '<script type="text/javascript" src="/javascript/windows-js/javascript/debug.js"></script>');
+
+ return $result;
+}
+
+function gotNoUsers() {
+ global $config;
+ return empty($config['installedpackages']['authng']['config']);
+}
+
+/**
+ * openNoUserDefsDialog()
+ *
+ * @param mixed $effectClass
+ * @return
+ */
+function openNoUserDefsDialog($effectClass) {
+ if (gotNoUsers()) {
+ $alertMessage = gettext("No users or groups found. You will be forwarded to the AuthNG wizard to be able to define users and groups.");
+ $dialogScript = "
+ <script type='text/javascript'>
+ var anchor = document.getElementById('popupanchor');
+
+ function forwardToWizard() {
+ window.location.href = '/wizard.php?xml=authng_wizard.xml';
+ }
+
+ function openNoUserDefsDialog(html) {
+ var effect = new PopupEffect(html, {className: '${effectClass}'});
+ Dialog.alert('${alertMessage}',{className:'alphacube', top:150, width:400, height:null, showEffect:effect.show.bind(effect), hideEffect:effect.hide.bind(effect), onOk:forwardToWizard});
+ }
+
+ openNoUserDefsDialog(anchor);
+ </script>
+ ";
+
+ return $dialogScript;
+ }
+}
+
+/**
+ * getWindowJSStyleRefs()
+ *
+ * @return
+ */
+function getWindowJSStyleRefs(){
+ $result = array('<link href="/javascript/windows-js/themes/default.css" rel="stylesheet" type="text/css" />',
+ '<link href="/javascript/windows-js/themes/alert.css" rel="stylesheet" type="text/css" />',
+ '<link href="/javascript/windows-js/themes/alphacube.css" rel="stylesheet" type="text/css" />');
+
+ return $result;
}
+/**
+ * installPackageAuthNG()
+ *
+ * @return
+ */
function installPackageAuthNG() {
mwexec("cd / && /usr/bin/patch < /usr/local/pkg/authng-pfSenseHead.diff");
mwexec("cd / && /usr/bin/patch < /usr/local/pkg/authng-fbegin.inc.diff");
@@ -71,6 +309,11 @@ function installPackageAuthNG() {
mwexec("cd / && /usr/bin/patch < /usr/local/pkg/authng-globals.inc.diff");
}
+/**
+ * deinstallPackageAuthNG()
+ *
+ * @return
+ */
function deinstallPackageAuthNG() {
mwexec("cd / && /usr/bin/patch -R < /usr/local/pkg/authng-pfSenseHead.diff");
mwexec("cd / && /usr/bin/patch -R < /usr/local/pkg/authng-fbegin.inc.diff");
diff --git a/packages/authng/pkg/authng_classdefs.inc b/packages/authng/pkg/authng_classdefs.inc
index 7315bb6f..64f0ff14 100644
--- a/packages/authng/pkg/authng_classdefs.inc
+++ b/packages/authng/pkg/authng_classdefs.inc
@@ -67,19 +67,19 @@ class SingletonInterface extends Object {
}
}
-class AuthMethodFactory extends SingletonInterface {
+class BackendFactory extends SingletonInterface {
function __construct() {
// Perform object initialization here.
parent::__construct();
}
function &getInstance() {
- return parent::__getInstanceImp('AuthMethodFactory');
+ return parent::__getInstanceImp('BackendFactory');
}
-
- function &getAuthMethodByName($name) {
+
+ function &getBackendByName($name) {
$result = null;
-
+
/* Each name links to an entry in config.xml
* Example: <auth_method>session</auth_method>
*/
@@ -101,24 +101,24 @@ class AuthMethodFactory extends SingletonInterface {
break;
default:
}
-
+
return $result;
}
}
-class BackendFactory extends SingletonInterface {
+class AuthMethodFactory extends SingletonInterface {
function __construct() {
// Perform object initialization here.
parent::__construct();
}
function &getInstance() {
- return parent::__getInstanceImp('BackendFactory');
+ return parent::__getInstanceImp('AuthMethodFactory');
}
-
- function &getBackendByName($name) {
+
+ function &getAuthMethodByName($name) {
$result = null;
-
+
/* Each name links to an entry in config.xml
* Example: <backing_method>htpasswd</backing_method>
*/
@@ -131,7 +131,7 @@ class BackendFactory extends SingletonInterface {
break;
default:
}
-
+
return $result;
}
}
@@ -154,7 +154,7 @@ class AuthngAuxiliary {
return $adminUsers;
} // end function
-
+
function assignUID($username = "") {
global $userindex, $config, $g;
@@ -323,19 +323,19 @@ class AuthngUser {
/* ========================================================================== */
/* == Accessors == */
/* ========================================================================== */
-
+
function isSystemAdmin() {
return $this->systemAdmin;
}
-
+
function setIsSystemAdmin($flag = false) {
$this->systemAdmin = $flag;
}
-
+
function isUNIXRoot() {
return $this->unixRoot;
}
-
+
function setIsUNIXRoot($flag = false) {
$this->unixRoot = $flag;
}
diff --git a/packages/authng/pkg/authng_peers.inc b/packages/authng/pkg/authng_peers.inc
index e1640edc..bce3c494 100644
--- a/packages/authng/pkg/authng_peers.inc
+++ b/packages/authng/pkg/authng_peers.inc
@@ -36,8 +36,6 @@
*/
/* ========================================================================== */
-require_once("authng_classdefs.inc");
-
class PeerFactory extends SingletonInterface {
function __construct() {
// Perform object initialization here.
@@ -47,10 +45,10 @@ class PeerFactory extends SingletonInterface {
function &getInstance() {
return parent::__getInstanceImp('PeerFactory');
}
-
+
function &getGroupPeerByPrincipalStore($store) {
$result = null;
-
+
/* Each name links to an entry in config.xml
* Example: <principal_store>xml</principal_store>
*/
@@ -66,13 +64,13 @@ class PeerFactory extends SingletonInterface {
break;
default:
}
-
+
return $result;
}
-
+
function &getUserPeerByPrincipalStore($store) {
$result = null;
-
+
/* Each name links to an entry in config.xml
* Example: <principal_store>xml</principal_store>
*/
@@ -88,7 +86,7 @@ class PeerFactory extends SingletonInterface {
break;
default:
}
-
+
return $result;
}
}
@@ -116,11 +114,11 @@ class AbstractPrivilegePeer {
/* ========================================================================== */
/* == Accessors == */
/* ========================================================================== */
-
+
function setUserPeer($peer) {
$this->userPeer = $peer;
}
-
+
function getUserPeer() {
return $this->userPeer;
}
@@ -194,19 +192,19 @@ class AbstractUserPeer {
function getUserByIndex($index) {
return $this->users[$index];
}
-
+
function getUserByName($username) {
return $this->users[$username];
}
-
+
function isSystemAdmin($username) {
$result = false;
$user = $this->getUserByName($username);
-
+
if ($user) {
$result = $user->isSystemAdmin();
}
-
+
return $result;
}
}
@@ -245,19 +243,19 @@ class AbstractGroupPeer {
function getGroupByIndex($index) {
return $this->groups[$index];
}
-
+
function getGroupByName($groupname) {
return $this->groups[$groupname];
}
-
+
function getGroupHomePage($groupname) {
$result = false;
$group = $this->getGroupByName($groupname);
-
+
if ($group) {
$result = $group->getHome();
}
-
+
return $result;
}
}
@@ -276,11 +274,11 @@ class XMLPrivilegePeer extends AbstractPrivilegePeer {
function XMLPrivilegePeer($userPeer) {
global $g, $config;
-
+
parent::AbstractPrivilegePeer();
-
+
$this->setUserPeer($peer);
-
+
foreach ($peer->users as $userent) {
foreach ($userent->getPrivileges() as $privent) {
$this->privileges[$userent->getName()] = $privent;
@@ -311,22 +309,22 @@ class XMLPrivilegePeer extends AbstractPrivilegePeer {
$userid = getPrivilegeIndexByName($username);
$user = $config['system']['user'][$userid];
}
-
+
function setFullName($id, $name) {
$userid = getUserIndexByName($id);
$config['system']['user'][$userid]['fullname'] = $name;
}
-
+
function setGroupName($id, $name) {
$userid = getUserIndexByName($id);
$config['system']['user'][$userid]['groupname'] = $name;
}
-
+
function setPassword($id, $pwd) {
$userid = getUserIndexByName($id);
$config['system']['user'][$userid]['password'] = $pwd;
}
-
+
function setUid($id, $uid) {
$userid = getUserIndexByName($id);
$config['system']['user'][$userid]['uid'] = $uid;
@@ -347,7 +345,7 @@ class XMLUserPeer extends AbstractUserPeer {
function XMLUserPeer() {
global $g, $config;
-
+
parent::AbstractUserPeer();
if (isset($config['system']['user'])) {
@@ -358,7 +356,7 @@ class XMLUserPeer extends AbstractUserPeer {
$this->addUserFromEnt($userent);
$i++;
}
- }
+ }
}
/* ========================================================================== */
@@ -384,7 +382,7 @@ class XMLUserPeer extends AbstractUserPeer {
$newPrivilege->setId($privent['id']);
$newPrivilege->setName($privent['name']);
$newPrivilege->setDescription($privent['description']);
-
+
$newUser->addPrivilege($newPrivilege);
}
}
@@ -396,22 +394,22 @@ class XMLUserPeer extends AbstractUserPeer {
$userid = getUserIndexByName($id);
$config['system']['user'][$userid]['name'] = $name;
}
-
+
function setFullName($id, $name) {
$userid = getUserIndexByName($id);
$config['system']['user'][$userid]['fullname'] = $name;
}
-
+
function setGroupName($id, $name) {
$userid = getUserIndexByName($id);
$config['system']['user'][$userid]['groupname'] = $name;
}
-
+
function setPassword($id, $pwd) {
$userid = getUserIndexByName($id);
$config['system']['user'][$userid]['password'] = $pwd;
}
-
+
function setUid($id, $uid) {
$userid = getUserIndexByName($id);
$config['system']['user'][$userid]['uid'] = $uid;
@@ -432,7 +430,7 @@ class XMLGroupPeer extends AbstractGroupPeer {
function XMLGroupPeer() {
global $g, $config;
-
+
parent::AbstractGroupPeer();
if (isset($config['system']['group'])) {
diff --git a/packages/authng/pkg/authng_usermanager.inc b/packages/authng/pkg/authng_usermanager.inc
new file mode 100644
index 00000000..f96759fb
--- /dev/null
+++ b/packages/authng/pkg/authng_usermanager.inc
@@ -0,0 +1,247 @@
+<?php
+/* $Id$ */
+/* ========================================================================== */
+/*
+ authng_usermanager.inc
+ part of pfSense (http://www.pfSense.com)
+ Copyright (C) 2007 Daniel S. Haischt <me@daniel.stefan.haischt.name>
+ All rights reserved.
+
+ Based on m0n0wall (http://m0n0.ch/wall)
+ Copyright (C) 2003-2006 Manuel Kasper <mk@neon1.net>.
+ All rights reserved.
+ */
+/* ========================================================================== */
+/*
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are met:
+
+ 1. Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ 2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+ */
+/* ========================================================================== */
+
+function initUserFromGetVars() {
+ if ($_GET['act'] == "edit") {
+ if (isset($id) && $a_user[$id]) {
+ $pconfig['usernamefld'] = $a_user[$id]['name'];
+ $pconfig['fullname'] = $a_user[$id]['fullname'];
+ $pconfig['groupname'] = $a_user[$id]['groupname'];
+ $pconfig['utype'] = $a_user[$id]['scope'];
+ $pconfig['authorizedkeys'] = base64_decode($a_user[$id]['authorizedkeys']);
+ }
+ } else if ($_GET['act'] == "new") {
+ /* set this value cause the text field is read only
+ * and the user should not be able to mess with this
+ * setting.
+ */
+ $pconfig['utype'] = "user";
+ }
+}
+function processUserManagerPostVarsUser() {
+ if (isset($_POST['save'])) {
+ unset($input_errors);
+
+ /* input validation */
+ $reqdfields = explode(" ", "passwordfld1");
+ $reqdfieldsn = explode(",", "Password");
+
+ do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
+
+ if ($_POST['passwordfld1'] != $_POST['passwordfld2'])
+ $input_errors[] = "The passwords do not match.";
+
+ if (!$input_errors) {
+ // all values are okay --> saving changes
+ $config['system']['user'][$userindex[$HTTP_SERVER_VARS['AUTH_USER']]]['password'] = crypt(trim($_POST['passwordfld1']));
+
+ write_config();
+
+ sync_webgui_passwords();
+
+ $retval = system_password_configure();
+ $savemsg = get_std_save_message($retval);
+ $savemsg = "Password successfully changed<br />";
+ }
+ }
+}
+
+function processUserManagerPostVarsAdmin() {
+ $id = $_GET['id'];
+ if (isset($_POST['id']))
+ $id = $_POST['id'];
+
+ if (!is_array($config['system']['user'])) {
+ $config['system']['user'] = array();
+ }
+
+ admin_users_sort();
+ $a_user = &$config['system']['user'];
+ $t_privs = $a_user[$id]['priv'];
+
+ if ($_GET['act'] == "del" && $_GET['what'] == "user") {
+ if ($a_user[$_GET['id']]) {
+ $userdeleted = $a_user[$_GET['id']]['name'];
+ unset($a_user[$_GET['id']]);
+ write_config();
+ $retval = system_password_configure();
+ $savemsg = get_std_save_message($retval);
+ $savemsg = gettext("User") . " " . $userdeleted . " " . gettext("successfully deleted") . "<br />";
+ }
+ } else if ($_GET['act'] == "del" && $_GET['what'] == "priv") {
+ if ($t_privs[$_GET['privid']]) {
+ $privdeleted = $t_privs[$_GET['privid']]['id'];
+ unset($t_privs[$_GET['privid']]);
+ write_config();
+ $_GET['act'] = "edit";
+ $retval = 0;
+ $savemsg = get_std_save_message($retval);
+ $savemsg = gettext("Privilege") . " " . $privdeleted . " " . gettext("of user") . " " . $a_user[$_GET['id']]['name'] . " " . gettext("successfully deleted") . "<br />";
+ }
+ }
+
+ if ($_POST) {
+ unset($input_errors);
+ $pconfig = $_POST;
+
+ /* input validation */
+ if (isset($id) && ($a_user[$id])) {
+ $reqdfields = explode(" ", "usernamefld");
+ $reqdfieldsn = explode(",", "Username");
+ } else {
+ $reqdfields = explode(" ", "usernamefld passwordfld1");
+ $reqdfieldsn = explode(",", "Username,Password");
+ }
+
+ do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
+
+ if (hasShellAccess($_POST['usernamefld'])) {
+ if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['usernamefld']))
+ $input_errors[] = gettext("The username contains invalid characters.");
+ } else {
+ if (preg_match("/[^a-zA-Z0-9\@\.\-_]/", $_POST['usernamefld']))
+ $input_errors[] = gettext("The username contains invalid characters.");
+ }
+
+ if (($_POST['passwordfld1']) && ($_POST['passwordfld1'] != $_POST['passwordfld2']))
+ $input_errors[] = gettext("The passwords do not match.");
+
+ if (!$input_errors && !(isset($id) && $a_user[$id])) {
+ /* make sure there are no dupes */
+ foreach ($a_user as $userent) {
+ if ($userent['name'] == $_POST['usernamefld']) {
+ $input_errors[] = gettext("Another entry with the same username already exists.");
+ break;
+ }
+ }
+ }
+
+ if ($pconfig['utype'] <> "system" && !isset($groupindex[$_POST['groupname']])) {
+ $input_errors[] = gettext("group does not exist, please define the group before assigning users.");
+ }
+
+ if (isset($config['system']['ssh']['sshdkeyonly']) &&
+ empty($_POST['authorizedkeys'])) {
+ $input_errors[] = gettext("You must provide an authorized key otherwise you won't be able to login into this system.");
+ }
+
+ /* if this is an AJAX caller then handle via JSON */
+ if (isAjax() && is_array($input_errors)) {
+ input_errors2Ajax($input_errors);
+ exit;
+ }
+
+ if (!$input_errors) {
+ if (isset($id) && $a_user[$id])
+ $userent = $a_user[$id];
+
+ /* the user did change his username */
+ if ($_POST['usernamefld'] <> $_POST['oldusername']) {
+ $_SERVER['REMOTE_USER'] = $_POST['usernamefld'];
+ }
+
+ $userent['name'] = $_POST['usernamefld'];
+ $userent['fullname'] = $_POST['fullname'];
+ if ($pconfig['utype'] <> "system") {
+ $userent['groupname'] = $_POST['groupname'];
+ }
+ isset($_POST['utype']) ? $userent['scope'] = $_POST['utype'] : $userent['scope'] = "system";
+
+ if ($_POST['passwordfld1'])
+ $userent['password'] = crypt($_POST['passwordfld1']);
+
+ if(isset($config['system']['ssh']['sshdkeyonly'])) {
+ $userent['authorizedkeys'] = base64_encode($_POST['authorizedkeys']);
+ }
+
+ if (isset($id) && $a_user[$id])
+ $a_user[$id] = $userent;
+ else
+ $a_user[] = $userent;
+
+ write_config();
+ $retval = system_password_configure();
+ sync_webgui_passwords();
+
+ pfSenseHeader("system_usermanager.php");
+ }
+ }
+}
+
+/**
+ * getWindowJSScriptRefs()
+ *
+ * @return
+ */
+function getWindowJSScriptRefs(){
+ $result = array('<script type="text/javascript" src="/javascripts/windows-js/javascript/effects.js"></script>',
+ '<script type="text/javascript" src="/javascripts/windows-js/javascript/window.js"></script>',
+ '<script type="text/javascript" src="/javascripts/windows-js/javascript/window_effects.js"></script>',
+ '<script type="text/javascript" src="/javascripts/windows-js/javascript/window_effects.js"></script>',
+ '<script type="text/javascript" src="/javascripts/windows-js/javascript/debug.js"></script>');
+
+ return $result;
+}
+
+/**
+ * openNoUserDefsDialog()
+ *
+ * @param mixed $effectClass
+ * @return
+ */
+function openNoUserDefsDialog($effectClass) {
+ if (empty($config['installedpackages']['authng']['config'])) {
+ $alertMessage = gettext("No users or group found. You will be forwarded to the AuthNG wizard to be able to define users and groups.");
+ $dialogScript = "
+ <script type='text/javascript'>
+ function forwardToWizard() {
+ window.location.href = '/wizard.php?xml=authng_wizard.xml';
+ }
+
+ function openNoUserDefsDialog(html) {
+ var effect = new PopupEffect(html, {className: '${effectClass}'});
+ Dialog.alert('${alertMessage},{className:'alphacube', width: 400, height:null, showEffect:effect.show.bind(effect), hideEffect:effect.hide.bind(effect), onOk:forwardToWizard});
+ }
+ </script>
+ ";
+
+ return $dialogScript;
+ }
+}
+
+?> \ No newline at end of file
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-16 11:32:03 +0000