diff options
Diffstat (limited to 'packages/authng/www/php/system_usermanager_edit.php')
-rw-r--r-- | packages/authng/www/php/system_usermanager_edit.php | 294 |
1 files changed, 0 insertions, 294 deletions
diff --git a/packages/authng/www/php/system_usermanager_edit.php b/packages/authng/www/php/system_usermanager_edit.php deleted file mode 100644 index 25dc2ac3..00000000 --- a/packages/authng/www/php/system_usermanager_edit.php +++ /dev/null @@ -1,294 +0,0 @@ -<?php -/* $Id$ */ -/* - system_usermanager_edit.php - - Copyright (C) 2006 Daniel S. Haischt. - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -$pgtitle = array(gettext("System"), - gettext("User manager"), - gettext("Edit Privilege")); - -require("guiconfig.inc"); - -/* - The following code presumes, that the following XML structure exists or - if it does not exist, it will be created. - - <priv> - <id>fooid</id> - <name>foo</name> - <descr>foo desc</descr> - </priv> - <priv> - <id>barid</id> - <name>bar</name> - <descr>bar desc</descr> - </priv> -*/ - -$useract = $_GET['useract']; -if (isset($_POST['useract'])) - $useract = $_POST['useract']; - -/* USERID must be set no matter whether this is a new entry or an existing entry */ -$userid = $_GET['userid']; -if (isset($_POST['userid'])) - $userid = $_POST['userid']; - -/* ID is only set if the user wants to edit an existing entry */ -$id = $_GET['id']; -if (isset($_POST['id'])) - $id = $_POST['id']; - -if (empty($config['system']['user'][$userid])) { - pfSenseHeader("system_usermanager.php?id={$userid}&act={$_GET['useract']}"); - exit; -} - -if (!is_array($config['system']['user'][$userid]['priv'])) { - $config['system']['user'][$userid]['priv'] = array(); -} - -$t_privs = &$config['system']['user'][$userid]['priv']; - -if (isset($id) && $t_privs[$id]) { - $pconfig['pid'] = $t_privs[$id]['id']; - $pconfig['pname'] = $t_privs[$id]['name']; - $pconfig['descr'] = $t_privs[$id]['descr']; -} else { - $pconfig['pid'] = $_GET['pid']; - $pconfig['pname'] = $_GET['pname']; - $pconfig['descr'] = $_GET['descr']; -} - -if ($_POST) { - - unset($input_errors); - $pconfig = $_POST; - - /* input validation */ - $reqdfields = explode(" ", "pid pname"); - $reqdfieldsn = explode(",", "ID, Privilege Name"); - - do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); - - /* check for overlaps */ - foreach ($t_privs as $priv) { - if (isset($id) && ($t_privs[$id]) && ($t_privs[$id] === $priv)) { - continue; - } - if ($priv['id'] == $pconfig['pid']) { - $input_errors[] = gettext("This privilege ID already exists."); - break; - } - } - - if (hasShellAccess($userindex[$userid]['name']) || - isAllowedToCopyFiles($userindex[$userid]['name'])) { - if (preg_match("/[^a-zA-Z0-9\.\-_]/", $userindex[$userid]['name'])) - $input_errors[] = gettext("The username contains invalid characters " . - "((this means this user can't be used to create" . - " a shell account)."); - } - - /* if this is an AJAX caller then handle via JSON */ - if(isAjax() && is_array($input_errors)) { - input_errors2Ajax($input_errors); - exit; - } - - if (!$input_errors) { - $priv = array(); - $priv['id'] = $pconfig['pid']; - $priv['name'] = $pconfig['pname']; - $priv['descr'] = $pconfig['descr']; - - if (isset($id) && $t_privs[$id]) - $t_privs[$id] = $priv; - else - $t_privs[] = $priv; - - if ($priv['id'] == "hasshell") { - assignUID($user['name']); - assignGID($user['groupname']); - } - - write_config(); - - $retval = 0; - config_lock(); - config_unlock(); - - $savemsg = get_std_save_message($retval); - - pfSenseHeader("system_usermanager.php?id={$userid}&act={$useract}"); - exit; - } -} - -/* if ajax is calling, give them an update message */ -if(isAjax()) - print_info_box_np($savemsg); - -include("head.inc"); -/* put your custom HTML head content here */ -/* using some of the $pfSenseHead function calls */ - -$jscriptstr = <<<EOD -<script type="text/javascript"> -<!-- - - var privs = new Array(); - - -EOD; - -$privs =& getSystemPrivs(); - -if (is_array($privs)) { - $id = 0; - - $jscriptstr .= "privs[{$id}] = new Object();\n"; - $jscriptstr .= "privs[{$id}]['id'] = 'custom';\n"; - $jscriptstr .= "privs[{$id}]['name'] = '*** Custom privilege ***';\n"; - $jscriptstr .= "privs[{$id}]['desc'] = 'This is your own, user defined privilege that you may change according to your requirements.';\n"; - $id++; - - foreach($privs as $priv){ - $jscriptstr .= "privs[{$id}] = new Object();\n"; - $jscriptstr .= "privs[{$id}]['id'] = '{$priv['id']}';\n"; - $jscriptstr .= "privs[{$id}]['name'] = '{$priv['name']}';\n"; - $jscriptstr .= "privs[{$id}]['desc'] = '{$priv['desc']}';\n"; - $id++; - } -} - -$jscriptstr .= <<<EOD - function setTextFields() { - var idx = document.iform.sysprivs.selectedIndex; - var value = document.iform.sysprivs.options[idx].value; - - for (var i = 0; i < privs.length; i++) { - if (privs[i]['id'] == value && privs[i]['id'] != 'custom') { - document.iform.pid.value = privs[i]['id']; - document.iform.pid.readOnly = true; - document.iform.pname.value = privs[i]['name']; - document.iform.pname.readOnly = true; - document.iform.descr.value = privs[i]['desc']; - document.iform.descr.readOnly = true; - break; - } else if (privs[i]['id'] == value) { - document.iform.pid.value = privs[i]['id']; - document.iform.pid.readOnly = false; - document.iform.pname.value = privs[i]['name']; - document.iform.pname.readOnly = false; - document.iform.descr.value = privs[i]['desc']; - document.iform.descr.readOnly = false; - break; - } - } - } - -//--> -</script> - -EOD; - -$pfSenseHead->addScript($jscriptstr); -echo $pfSenseHead->getHTML(); - -?> - -<body link="#0000CC" vlink="#0000CC" alink="#0000CC" onload="<?= $jsevents["body"]["onload"] ?>"> -<?php include("fbegin.inc"); ?> -<?php if ($input_errors) print_input_errors($input_errors); ?> -<?php if ($savemsg) print_info_box($savemsg); ?> - <form action="system_usermanager_edit.php" method="post" name="iform" id="iform"> - <div id="inputerrors"></div> - <table width="100%" border="0" cellpadding="6" cellspacing="0"> - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("System Privileges");?></td> - <td width="78%" class="vtable"> - <select name="sysprivs" id="sysprivs" class="formselect" onchange="setTextFields();"> - <option value="custom">*** Custom privilege ***</option> - <?php - $privs =& getSystemPrivs(); - - if (is_array($privs)) { - foreach($privs as $priv){ - if (isset($config['system']['ssh']['sshdkeyonly']) && $priv['name'] <> "copyfiles") - echo "<option value=\"{$priv['id']}\">${priv['name']}</option>"; - else if (empty($config['system']['ssh']['sshdkeyonly'])) - echo "<option value=\"{$priv['id']}\">${priv['name']}</option>"; - } - } - ?> - </select><br /> - (If you do not want to define your own privilege, you may - select one from this list) - </td> - </tr> - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Privilege Identifier");?></td> - <td width="78%" class="vtable"> - <input name="pid" type="text" class="formfld unknown" id="pid" size="30" value="<?=htmlspecialchars($pconfig['pid']);?>" /> - </td> - </tr> - <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Privilege Name");?></td> - <td width="78%" class="vtable"> - <input name="pname" type="text" class="formfld unknown" id="pname" size="30" value="<?=htmlspecialchars($pconfig['pname']);?>" /> - </td> - </tr> - <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("Description");?></td> - <td width="78%" class="vtable"> - <input name="descr" type="text" class="formfld unknown" id="descr" size="60" value="<?=htmlspecialchars($pconfig['descr']);?>" /> - <br /> <span class="vexpl"><?=gettext("You may enter a description here - for your reference (not parsed).");?></span></td> - </tr> - <tr> - <td width="22%" valign="top"> </td> - <td width="78%"> - <input id="submitt" name="Submit" type="submit" class="formbtn" value="<?=gettext("Save");?>" /> - <input id="cancelbutton" class="formbtn" type="button" value="<?=gettext("Cancel");?>" onclick="history.back()" /> - <?php if (isset($id) && $t_privs[$id]): ?> - <input name="id" type="hidden" value="<?=$id;?>" /> - <?php endif; ?> - <?php if (isset($userid)): ?> - <input name="userid" type="hidden" value="<?=$userid;?>" /> - <?php endif; ?> - <?php if (isset($useract)): ?> - <input name="useract" type="hidden" value="<?=$useract;?>" /> - <?php endif; ?> - </td> - </tr> - </table> - </form> -<?php include("fend.inc"); ?> -</body> -</html> |