From efa856a4e2b769a95b3a4a7d7c082c0bb3872d66 Mon Sep 17 00:00:00 2001 From: Daniel Stefan Haischt Date: Sun, 9 Sep 2007 22:31:01 +0000 Subject: * added appropriated methods for authgui to peer classes --- packages/authng/pkg/authng.inc | 2 +- packages/authng/pkg/authng_authgui.inc | 12 +- packages/authng/pkg/authng_classdefs.inc | 2 +- packages/authng/pkg/authng_peers.inc | 32 +- packages/authng/www/js/headjs.inc | 157 ++++ packages/authng/www/php/head.inc | 669 +++++++++++++++++ packages/authng/www/php/system_groupmanager.php | 797 +++++++++++++++++++++ packages/authng/www/php/system_usermanager.php | 482 +++++++++++++ .../authng/www/php/system_usermanager_edit.php | 294 ++++++++ .../authng/www/php/system_usermanager_settings.php | 110 +++ 10 files changed, 2548 insertions(+), 9 deletions(-) create mode 100644 packages/authng/www/js/headjs.inc create mode 100644 packages/authng/www/php/head.inc create mode 100644 packages/authng/www/php/system_groupmanager.php create mode 100644 packages/authng/www/php/system_usermanager.php create mode 100644 packages/authng/www/php/system_usermanager_edit.php create mode 100755 packages/authng/www/php/system_usermanager_settings.php diff --git a/packages/authng/pkg/authng.inc b/packages/authng/pkg/authng.inc index a9b95838..dbe2cc9d 100644 --- a/packages/authng/pkg/authng.inc +++ b/packages/authng/pkg/authng.inc @@ -2,7 +2,7 @@ /* $Id$ */ /* ========================================================================== */ /* - authng_peers.xml + authng.inc part of pfSense (http://www.pfSense.com) Copyright (C) 2007 Daniel S. Haischt All rights reserved. diff --git a/packages/authng/pkg/authng_authgui.inc b/packages/authng/pkg/authng_authgui.inc index 0556883e..944c9b89 100644 --- a/packages/authng/pkg/authng_authgui.inc +++ b/packages/authng/pkg/authng_authgui.inc @@ -2,7 +2,7 @@ /* $Id$ */ /* ========================================================================== */ /* - authng_authmethods.inc + authng_authgui.inc part of pfSense (http://www.pfSense.com) Copyright (C) 2007 Daniel S. Haischt All rights reserved. @@ -46,7 +46,7 @@ if (!$authMethod->authenticate($backend)) { exit; } /* scriptname is set in headjs.php if the user did try to access a page other * than index.php without beeing logged in. */ -if (isset($_POST['scriptname']) && isSystemAdmin($HTTP_SERVER_VARS['AUTH_USER'])) { +if (isset($_POST['scriptname']) && $userPeer->isSystemAdmin($HTTP_SERVER_VARS['AUTH_USER'])) { pfSenseHeader("{$_POST['scriptname']}"); exit; } @@ -55,7 +55,7 @@ $allowed = array(); // Once here, the user has authenticated with the web server. // Now, we give them access only to the appropriate pages for their group. -if (!(isSystemAdmin($HTTP_SERVER_VARS['AUTH_USER']))) { +if (!($userPeer->isSystemAdmin($HTTP_SERVER_VARS['AUTH_USER']))) { $allowed[] = ''; if (isset($config['system']['group'][$groupindex[$config['system']['user'][$userindex[$HTTP_SERVER_VARS['AUTH_USER']]]['groupname']]]['pages'][0]['page'])) { $useridx = $userindex[$HTTP_SERVER_VARS['AUTH_USER']]; @@ -67,7 +67,7 @@ if (!(isSystemAdmin($HTTP_SERVER_VARS['AUTH_USER']))) { /* get the group homepage, to be able to forward * the user to this particular PHP page. */ - getGroupHomePage($group) == "" ? $home = "/index.php" : $home = "/" . getGroupHomePage($group); + $groupPeer->getGroupHomePage($group) == "" ? $home = "/index.php" : $home = "/" . $groupPeer->getGroupHomePage($group); /* okay but if the user realy tries to explicitely access a particular * page, set $home to that page instead. @@ -248,8 +248,8 @@ function display_login_form() { $('inputerrors').innerHTML=''; } //--> diff --git a/packages/authng/pkg/authng_classdefs.inc b/packages/authng/pkg/authng_classdefs.inc index a61361b3..a64dc415 100644 --- a/packages/authng/pkg/authng_classdefs.inc +++ b/packages/authng/pkg/authng_classdefs.inc @@ -2,7 +2,7 @@ /* $Id$ */ /* ========================================================================== */ /* - authng_classdefs.xml + authng_classdefs.inc part of pfSense (http://www.pfSense.com) Copyright (C) 2007 Daniel S. Haischt All rights reserved. diff --git a/packages/authng/pkg/authng_peers.inc b/packages/authng/pkg/authng_peers.inc index cc75c94c..65546c41 100644 --- a/packages/authng/pkg/authng_peers.inc +++ b/packages/authng/pkg/authng_peers.inc @@ -2,7 +2,7 @@ /* $Id$ */ /* ========================================================================== */ /* - authng_peers.xml + authng_peers.inc part of pfSense (http://www.pfSense.com) Copyright (C) 2007 Daniel S. Haischt All rights reserved. @@ -194,6 +194,21 @@ class AbstractUserPeer { function getUserByIndex($index) { return $this->users[$index]; } + + function getUserByName($username) { + return $this->users[$username]; + } + + function isSystemAdmin($username) { + $result = false; + $user = getUserByName($username); + + if ($user) { + $result = $user->isSystemAdmin(); + } + + return $result; + } } /** @@ -230,6 +245,21 @@ class AbstractGroupPeer { function getGroupByIndex($index) { return $this->groups[$index]; } + + function getGroupByName($groupname) { + return $this->groups[$groupname]; + } + + function getGroupHomePage($groupname) { + $result = false; + $group = getGroupByName($groupname); + + if ($group) { + $result = $group->getHome(); + } + + return $result; + } } /** diff --git a/packages/authng/www/js/headjs.inc b/packages/authng/www/js/headjs.inc new file mode 100644 index 00000000..73c0a4db --- /dev/null +++ b/packages/authng/www/js/headjs.inc @@ -0,0 +1,157 @@ +<\/div>\"; + new Insertion.Before('submit', to_insert); + } + } + + function submit_form(e){ + // debugging helper + //alert(Form.serialize($('iform'))); + + if($('inputerrors')) + $('inputerrors').innerHTML = ''; + + /* dsh: Introduced because pkg_edit tries to set some hidden fields + * if executing submit's onclick event. Tho click gets deleted + * by Ajax. Hence using onkeydown instead. + */ + if($('submit') && $('submit').onkeydown) + $('submit').onkeydown(); + if($('submit')) + $('submit').style.visibility = 'hidden'; + if($('cancelbutton')) + $('cancelbutton').style.visibility = 'hidden'; + $('loading').style.visibility = 'visible'; + // submit the form using Ajax + "; + + + isset($HTTP_SERVER_VARS['AUTH_USER']) ? $scriptName = split("/", $_SERVER["SCRIPT_FILENAME"]) : $scriptName = split("/", "/index.php"); + isset($HTTP_SERVER_VARS['AUTH_USER']) ? $loggedin = "var isLoggedIn = true;" : $loggedin = "var isLoggedIn = false;"; + $scriptElms = count($scriptName); + $scriptName = $scriptName[$scriptElms-1]; + $realScriptName = $_SERVER["SCRIPT_NAME"]; + + $headjs .= " + {$loggedin} + + if (! isLoggedIn) { + var newInput = document.createElement('input'); + newInput.setAttribute('id', 'scriptname'); + newInput.setAttribute('name', 'scriptname'); + newInput.setAttribute('value', '$realScriptName'); + newInput.setAttribute('type', 'hidden'); + + $('iform').appendChild(newInput); + } + + new Ajax.Request('{$scriptName}', { + method : 'post', + parameters : Form.serialize($('iform')), + onSuccess : formSubmitted, + onFailure : formFailure + }); + } + + function formSubmitted(resp) { + var responseText = resp.responseText; + + // debugging helper + //alert(responseText); + + if(responseText.indexOf('html') > 0) { + /* somehow we have been fed an html page! */ + //alert('Somehow we have been fed an html page! Forwarding to /.'); + document.location.href = '/'; + } + + eval(responseText); + } + + /* this function will be called if an HTTP error will be triggered */ + function formFailure(resp) { + alert('An error occured while saving the data ' + resp.responseText); + } + + function showajaxmessage(message) { + var message_html; + + if (message == '') { + NiftyCheck(); + Rounded(\"div#redbox\",\"all\",\"#FFF\",\"#990000\",\"smooth\"); + Rounded(\"td#blackbox\",\"all\",\"#FFF\",\"#000000\",\"smooth\"); + + if($('submit')) + $('submit').style.visibility = 'visible'; + if($('cancelbutton')) + $('cancelbutton').style.visibility = 'visible'; + if($('loading')) + $('loading').style.visibility = 'hidden'; + + return; + } + + message_html = '
'; + message_html += '
'; + message_html += ' +
'; + message_html += '   '; + message_html += ''; + message_html += '<\/td>'; + message_html += '' + message + '<\/b><\/font><\/td>'; + + if(message.indexOf('apply') > 0) { + message_html += ''; + message_html += ''; + message_html += '<\/td>'; + } + + message_html += '<\/tr><\/table><\/div><\/td><\/table>
'; + $('inputerrors').innerHTML = message_html; + + NiftyCheck(); + Rounded(\"div#redbox\",\"all\",\"#FFF\",\"#990000\",\"smooth\"); + Rounded(\"td#blackbox\",\"all\",\"#FFF\",\"#000000\",\"smooth\"); + + if($('submit')) + $('submit').style.visibility = 'visible'; + if($('cancelbutton')) + $('cancelbutton').style.visibility = 'visible'; + if($('loading')) + $('loading').style.visibility = 'hidden'; + if($('inputerrors')) + window.scrollTo(0, 0); + if($('inputerrors')) + new Effect.Shake($('inputerrors')); + } + "; + + return $headjs; +} + +?> diff --git a/packages/authng/www/php/head.inc b/packages/authng/www/php/head.inc new file mode 100644 index 00000000..dbbf7a49 --- /dev/null +++ b/packages/authng/www/php/head.inc @@ -0,0 +1,669 @@ + + All rights reserved. + + Based on m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2003-2006 Manuel Kasper . + All rights reserved. + */ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ +require("headjs.inc"); + +/* if user has selected a custom template, use it. + * otherwise default to pfsense tempalte + */ +if($config['theme'] <> "") { + $g['theme'] = $config['theme']; +} else { + $g['theme'] = "pfsense"; +} + +// navigation level separator string +$navlevelsep = ": "; + +//function gentitle($title) { +// global $navlevelsep; +// +// if(!is_array($title)) { +// return $title; +// } +// +// return join($navlevelsep, $title); +//} + +function genhtmltitle($title) { + global $config; + //return $config['system']['hostname'] . "." . $config['system']['domain'] . " - " . gentitle($title); + return gentitle($title); +} + +$scriptName = split("/", $_SERVER["SCRIPT_FILENAME"]); +$scriptElms = count($scriptName); +$scriptName = $scriptName[$scriptElms-1]; + +$pfSenseHead = new pfSenseHTMLHead(); +$pfSenseHead->setCloseHead(true); +$pfSenseHead->setTitle(genhtmltitle($pgtitle)); + +/* all.css has to be treated a bit different, compared to generic stylesheets */ +$allID = $pfSenseHead->addLink("\n"); +$pfSenseHead->setAllCssID($allID); + +$pfSenseHead->addLink("\n"); +$pfSenseHead->addScript("\n", 1); +$pfSenseHead->addScript("\n", 2); +//TODO: if ((($_POST || $_GET || isAjax()) && +if ((($_POST || $_GET) && + is_array($error_bucket)) || + strpos($_SERVER['SCRIPT_NAME'], "wizard.php") !== false) { + $pfSenseHead->addScript("", 500); + $pfSenseHead->addScript("", 510); + $pfSenseHead->addScript("", 520); + $pfSenseHead->addScript("", 530); +} + +/* + * Find all javascript files that need to be included + * for this page ... from the arrays ... :) + * Coded by: Erik Kristensen + */ +$scriptWeight = 100; + +$dir = trim(basename($_SERVER["SCRIPT_FILENAME"]), '.php'); +$path = "/usr/local/www/javascript/" . $dir . "/"; +if (is_dir($path)) { + if ($dh = opendir($path)) { + while (($file = readdir($dh)) !== false) { + if (is_dir($file)) { continue; } + if (strpos($file, ".js") === false) { continue; } + + $pfSenseHead->addScript("\n", $scriptWeight); + $scriptWeight++; + } + closedir($dh); + } +} + +/* + * Find all JavaScript files that may be provided by the current theme + * TODO: Commented because this pulls in PHP5 specific stuff from the theme. + * + */ +//$path = "/usr/local/www/themes/{$g['theme']}/javascript/"; + +//if (is_dir($path)) { +// if ($dh = opendir($path)) { +// while (($file = readdir($dh)) !== false) { +// if (is_dir($file)) { continue; } +// if (strpos($file, ".js") !== false) { +// $pfSenseHead->addScript("\n", $scriptWeight); +// } else if (strpos($file, ".php") !== false && +// strpos($file, "-head") !== false && +// strpos($file, ".disabled") === false) { +// $filename = ucfirst(trim(trim($file, '.php'), '-head')); +// require_once("themes/{$g['theme']}/javascript/{$file}"); + +// if (function_exists("{$g['theme']}{$filename}GetHeadJS")) { +// $jsfunction = "{$g['theme']}{$filename}GetHeadJS"; +// $jscript = $jsfunction(); +// $pfSenseHead->addScript("\n", $scriptWeight); +// } +// } else { +// continue; +// } + +// $scriptWeight++; +// } +// closedir($dh); +// } +//} + +/* + * Find all JavaScript events that may be provided by the current theme + * + */ +$path = "/usr/local/www/themes/{$g['theme']}/jsevents/"; +if (is_dir($path)) { + if ($dh = opendir($path)) { + while (($file = readdir($dh)) !== false) { + if (is_dir($file)) { continue; } + if (strpos($file, ".def") !== false) { + if (empty($jsevents)) { $jsevents = array(); } + + switch ($file) { + case "body.def": + $contents = file_get_contents("/usr/local/www/themes/{$g['theme']}/jsevents/{$file}"); + $contents_a = split("\n", $contents); + foreach ($contents_a as $line) { + if (strpos($line, "#") === 0) { continue; } + if (strpos($line, "!") !== false) { + $events_forbidden_pages = split("!", $line); + $keyval = split("=", $events_forbidden_pages[0]); + + if (strpos($events_forbidden_pages[1], basename($_SERVER['SCRIPT_NAME'])) !== false) { continue; } + } else { + $keyval = split("=", $line); + } + $jsevents["body"][$keyval[0]] = $keyval[1]; + } + break; + } + } else { + continue; + } + } + closedir($dh); + } +} + +/* + * Find all CSS files that may be provided by the current theme + * TODO: Not needed right now. + */ +//$path = "/usr/local/www/themes/{$g['theme']}/styles/"; +//if (is_dir($path)) { +// if ($dh = opendir($path)) { +// while (($file = readdir($dh)) !== false) { +// if (is_dir($file)) { continue; } +// if (strpos($file, ".css") === false) { continue; } + +// $pfSenseHead->addLink("\n"); +// } +// closedir($dh); +// } +//} + +if ($oSajax) { +$pfSenseHead->addScript("\n", ++$scriptWeight); +} + +// TODO: This line needs to be commented if any PHP calls +// $pfSenseHead->getHTML(); on its own. +//echo $pfSenseHead->getHTML(); + +/** + * pfSenseHTMLHead + * + * @package www + * @author Daniel S. Haischt + * @copyright Copyright (c) 2006 + * @version $Id$ + * @access public + **/ +class pfSenseHTMLHead +{ + var $xmlHead = "\n"; + var $docType = "\n"; + var $title = "UNSET"; + var $meta = array(); + var $link = array(); + var $script = array(); + var $style = array(); + var $html = "\n\n%TITLE%\n%META%\n%STYLE%\n%LINK%\n%SCRIPT%"; + var $closehead = true; + var $returnedHTML = false; + var $allCSSID = "NOT-SET"; + + /** + * pfSenseHTMLHead::pfSenseHTMLHead() + * + * Class Konstructor + **/ + function pfSenseHTMLHead() { + $this->meta[] = array("meta" => " ", + "ID" => "meta-" . strval(microtime())); + $this->link[] = array("link" => " ", + "ID" => "link-" . strval(microtime())); + $this->script[] = array("script" => " ", + "weight" => 3, + "ID" => "script-" . strval(microtime())); + $this->script[] = array("script" => " ", + "weight" => 4, + "ID" => "script-" . strval(microtime())); +// $this->script[] = array("script" => " ", +// "weight" => 5, +// "ID" => "script-" . strval(microtime())); + } + + /** + * pfSenseHTMLHead::getAllCssID() + * + * Allows to store the ID associated with the all CSS file. + * @return an ID + **/ + function getAllCssID() { + return $this->allCSSID; + } + + /** + * pfSenseHTMLHead::setAllCssID() + * + * Allows to set the ID associated with the all CSS file. + * @param mixed $myID a string representing an ID that was already generated. + **/ + function setAllCssID($myID = "") { + if ($myID == "") { return; } + + $this->allCSSID = $myID; + } + + /** + * pfSenseHTMLHead::setCloseHead() + * + * Should the HTML <head /> element be closed by the class or + * do you want to close it manually? + * @param mixed $myCloseHead Boolean value which indicates whether <head /> should be closed by the class + * @return + **/ + function setCloseHead($myCloseHead = true) { + $this->closehead = $myCloseHead; + } + + /** + * pfSenseHTMLHead::setTitle() + * + * Set the HTML <title /> element. + * @param string $myTitle The title (without any markup) + * @return NULL + **/ + function setTitle($myTitle = "") { + $this->title = $myTitle; + } + + /** + * pfSenseHTMLHead::addStyle() + * + * Allows to add a complete HTML <style /> element to the current + * meta element array. You can provide an ID if you want to access your + * particular element at a later time, for example to delete it from the + * array etc.. If you don't provide an ID, a random ID will be generated + * and returned. + * @param string $myStyleElement an HTML string that represents a <style /> tag. + * @param string $myID an ID that identifies this element. + * @return the ID that identifies the particular element that you've just added. + **/ + function addStyle($myStyleElement = "", $myID = "") { + if ($myID == "") { $myID = "style-" . strval(microtime()); } + + $this->style[] = array("style" => $myStyleElement, + "ID" => $myID); + + return $myID; + } + + /** + * pfSenseHTMLHead::getStyleArray() + * + * @return a reference to the meta element array. + **/ + function &getStyleArray() { + return $this->style; + } + + /** + * pfSenseHTMLHead::getStyleByID() + * + * Returns a reference to an array element that is identified by an ID. + * Can be used for example to manipulate an array element after it was + * already stored in the array. + * @param string $myID an ID that identifies the element that should be retrieved. + * @return a reference to an array element or NULL if the element does not exist. + **/ + function &getStyleByID($myID = "") { + foreach($this->style as $styleel){ + if ($styleel["ID"] == $myID) { + return $styleel; + } + } + return NULL; + } + + /** + * pfSenseHTMLHead::removeStyleByID() + * + * Provides a way to delete an element from an HTML element array. + * You must provide an ID which identifies the element to be deleted. + * @param string $myID an ID the identifies the element. + * @return 1 if the element was found or 0 if it does not exist. + **/ + function removeStyleByID($myID = "") { + foreach($this->style as $styleel){ + if ($styleel["ID"] == $myID) { + unset($styleel); + return 1; + } + } + return 0; + } + + /** + * pfSenseHTMLHead::addMeta() + * + * Allows to add a complete HTML <meta /> element to the current + * meta element array. You can provide an ID if you want to access your + * particular element at a later time, for example to delete it from the + * array etc.. If you don't provide an ID, a random ID will be generated + * and returned. + * @param string $myMetaElement an HTML string that represents a <meta /> tag. + * @param string $myID an ID that identifies this element. + * @return the ID that identifies the particular element that you've just added. + **/ + function addMeta($myMetaElement = "", $myID = "") { + if ($myID == "") { $myID = "meta-" . strval(microtime()); } + + $this->meta[] = array("meta" => $myMetaElement, + "ID" => $myID); + + return $myID; + } + + /** + * pfSenseHTMLHead::getMetaArray() + * + * @return a reference to the meta element array. + **/ + function &getMetaArray() { + return $this->meta; + } + + /** + * pfSenseHTMLHead::getMetaByID() + * + * Returns a reference to an array element that is identified by an ID. + * Can be used for example to manipulate an array element after it was + * already stored in the array. + * @param string $myID an ID that identifies the element that should be retrieved. + * @return a reference to an array element or NULL if the element does not exist. + **/ + function &getMetaByID($myID = "") { + foreach($this->meta as $metael){ + if ($metael["ID"] == $myID) { + return $metael; + } + } + return NULL; + } + + /** + * pfSenseHTMLHead::removeMetaByID() + * + * Provides a way to delete an element from an HTML element array. + * You must provide an ID which identifies the element to be deleted. + * @param string $myID an ID the identifies the element. + * @return 1 if the element was found or 0 if it does not exist. + **/ + function removeMetaByID($myID = "") { + foreach($this->meta as $metael){ + if ($metael["ID"] == $myID) { + unset($metael); + return 1; + } + } + return 0; + } + + /** + * pfSenseHTMLHead::addLink() + * + * Allows to add a complete HTML <link /> element to the current + * link element array. You can provide an ID if you want to access your + * particular element at a later time, for example to delete it from the + * array etc.. If you don't provide an ID, a random ID will be generated + * and returned. + * @param string $myLinkElement an HTML string that represents a <link /> tag. + * @param string $myID an ID that identifies this element. + * @return the ID that identifies the particular element that you've just added. + **/ + function addLink ($myLinkElement = "", $myID = "") { + if ($myID == "") { $myID = "link-" . strval(microtime()); } + + $this->link[] = array("link" => $myLinkElement, + "ID" => $myID); + + return $myID; + } + + /** + * pfSenseHTMLHead::getLinkArray() + * + * @return a reference to the link element array. + **/ + function &getLinkArray() { + return $this->link; + } + + /** + * pfSenseHTMLHead::getLinkByID() + * + * Returns a reference to an array element that is identified by an ID. + * Can be used for example to manipulate an array element after it was + * already stored in the array. + * @param string $myID an ID that identifies the element that should be retrieved. + * @return a reference to an array element or NULL if the element does not exist. + **/ + function &getLinkByID($myID = "") { + foreach($this->link as $linkel){ + if ($linkel["ID"] == $myID) { + return $linkel; + } + } + return NULL; + } + + /** + * pfSenseHTMLHead::removeLinkByID() + * + * Provides a way to delete an element from an HTML element array. + * You must provide an ID which identifies the element to be deleted. + * @param string $myID an ID the identifies the element. + * @return 1 if the element was found or 0 if it does not exist. + **/ + function removeLinkByID($myID = "") { + foreach($this->link as $linkel){ + if ($linkel["ID"] == $myID) { + unset($linkel); + return 1; + } + } + return 0; + } + + /** + * pfSenseHTMLHead::replaceLinkByID() + * + * Provides a way to replace an element from an HTML element array. + * You must provide an ID which identifies the element to be replace. + * @param string $myID an ID the identifies the element. + * @return 1 if the element was found or 0 if it does not exist. + **/ + function replaceLinkByID($myID = "", $byWhat = "") { + for ($i = 0; $i < count($this->link); $i++) { + $linkel =& $this->link[$i]; + if ($linkel["ID"] == $myID) { + $linkel["link"] = $byWhat; + return 1; + } + } + + return 0; + } + + /** + * pfSenseHTMLHead::addScript() + * + * Allows to add a complete HTML <link /> element to the current + * link element array. You can provide an ID if you want to access your + * particular element at a later time, for example to delete it from the + * array etc.. If you don't provide an ID, a random ID will be generated + * and returned. + * + * The weight parameter can be used to force the <script /> + * element to appear at the beginning of the HTML <head /> element or at + * its end. The greater the value for weight, the later the <script /> + * element will appear within the HTML <head /> element. + * @param string $myScriptElement an HTML string that represents a <script /> tag. + * @param integer $weight allows to position this element within the HTML <head /> + * @param string $myID an ID that identifies this element. + * @return the ID that identifies the particular element that you've just added. + **/ + function addScript($myScriptElement = "", $weight = 1000000, $myID = "") { + if ($myID == "") { $myID = "script-" . strval(microtime()); } + + $this->script[] = array("script" => $myScriptElement, + "weight" => $weight, + "ID" => $myID); + } + + /** + * pfSenseHTMLHead::getScriptArray() + * + * @return a reference to the script element array. + **/ + function &getScriptArray() { + return $this->script; + } + + /** + * pfSenseHTMLHead::getScriptByID() + * + * Returns a reference to an array element that is identified by an ID. + * Can be used for example to manipulate an array element after it was + * already stored in the array. + * @param string $myID an ID that identifies the element that should be retrieved. + * @return a reference to an array element or NULL if the element does not exist. + **/ + function &getScriptByID($myID = "") { + foreach($this->script as $scriptel){ + if ($scriptel["ID"] == $myID) { + return $scriptel; + } + } + return NULL; + } + + /** + * pfSenseHTMLHead::removeScriptByID() + * + * Provides a way to delete an element from an HTML element array. + * You must provide an ID which identifies the element to be deleted. + * @param string $myID an ID the identifies the element. + * @return 1 if the element was found or 0 if it does not exist. + **/ + function removeScriptByID($myID = "") { + foreach($this->script as $scriptel){ + if ($scriptel["ID"] == $myID) { + unset($scriptel); + return 1; + } + } + return 0; + } + + /** + * pfSenseHTMLHead::getHTML() + * + * This function finally renders the HTML string representation of the + * HTML document header that is represented by this class. If you did + * specify to not close the HTML <head /> element via closehead + * you need to close it manually. + * + * @return a string that contains a HTML <head /> element. + **/ + function getHTML () { + $language = $GLOBALS['config']['system']['language']; + + if ($this->returnedHTML) { + return; + } else { + $metastr = ""; + if (is_array($this->meta) && count($this->meta) > 0) + foreach($this->meta as $metael) { + $metastr .= $metael["meta"] . "\n"; + } + + $linkstr = ""; + if (is_array($this->link) && count($this->link) > 0) + foreach($this->link as $linkel) { + $linkstr .= $linkel["link"] . "\n"; + } + + $stylestr = ""; + if (is_array($this->style) && count($this->style) > 0) + foreach($this->style as $styleel) { + $stylestr .= $styleel["style"] . "\n"; + } + + $scriptstr = ""; + usort($this->script, "sortScriptArray"); + if (is_array($this->script) && count($this->script) > 0) + foreach($this->script as $scriptel) { + + $scriptstr .= $scriptel["script"] . "\n"; + } + + $this->html = str_replace("%TITLE%", $this->title, $this->html); + $this->html = str_replace("%META%", $metastr, $this->html); + $this->html = str_replace("%STYLE%", $stylestr, $this->html); + $this->html = str_replace("%LINK%", $linkstr, $this->html); + $this->html = str_replace("%SCRIPT%", $scriptstr, $this->html); + $this->html = str_replace("%LANG%", $language, $this->html); + $this->html = $this->xmlHead . $this->docType . $this->html; + + $this->returnedHTML = true; + + return $this->closehead ? ($this->html . "") : ($this->html); + } + } +} + +/** + * sortScriptArray() + * + * Sorts the script array according of the weight of a particular + * script element. + * @param mixed $a + * @param mixed $b + * @return + **/ +function sortScriptArray($a, $b) { + if ($a["weigth"] == $b["weight"]) { + return 0; + } + + return (intval($a["weight"]) > intval($b["weight"])) ? 1 : -1; +} + +?> diff --git a/packages/authng/www/php/system_groupmanager.php b/packages/authng/www/php/system_groupmanager.php new file mode 100644 index 00000000..13259e63 --- /dev/null +++ b/packages/authng/www/php/system_groupmanager.php @@ -0,0 +1,797 @@ +. + All rights reserved. + + Copyright (C) 2005 Paul Taylor . + All rights reserved. + + Copyright (C) 2003-2005 Manuel Kasper . + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +require("guiconfig.inc"); + +$_SESSION['NO_AJAX'] = true; + +$pgtitle = array(gettext("System"), gettext("Group manager")); +$treeItemID = 0; + +function walkArea($title, + $t, + $area, + $id, + &$counter, + &$script_tag, + $tmpfname, + &$group) { + global $treeItemID; + + foreach($area as $a => $aa) { + if (is_array($aa) && count($aa) > 0) { + $title .= "_{$a}"; + echo "
  • $a
      "; + $treeItemID++; + walkArea($title, + $a, + $aa, + $id, + $counter, + $script_tag, + $tmpfname, + $group); + echo "
    \n"; + } else { + $tmp_string = "{$t}"; + $tmp_string .= ": "; + $tmp_string .= $a; + $trimmed_title = trim($title); + $trimmed_a = trim($a); + $this_id = "{$trimmed_title}_{$trimmed_a}_{$counter}"; + $this_id = str_replace(" ", "", $this_id); + $this_id = str_replace("/", "", $this_id); + $stripped_session = str_replace("/tmp/", "", $tmpfname); + $allowed = false; + if (is_array($group['pages'][0]['page'])) { + foreach($group['pages'][0]['page'] as $page) { + if (stristr($aa, $page)) + $allowed = true; + // echo "$page || $aa"; + } + } + $allowed ? $checked = " checked=\"checked\"" : $checked = ""; + echo "
  •  "; + $idForOnClick = $treeItemID; + $treeItemID++; + echo " "; + $treeItemID++; + echo "{$a}
    • \n"; + $idForScript = $treeItemID; + $treeItemID++; + +//echo "$script_tag
    "; + $script_tag .= "var item = document.getElementById('treeitem_{$idForScript}');\n"; + if ($allowed) { + $script_tag .= "item.style.backgroundImage = \"url('/tree/page-file_play.gif')\";\n"; + } else { + $script_tag .= "item.style.backgroundImage = \"url('/tree/page-file_x.gif')\";\n"; + } + $counter++; + } // end if + } // end foreach +} + +function init_ajax_helper_file($tmpfname) +{ + global $config, $id, $global; + $a_group = &$config['system']['group']; + $id = $_GET['id']; + if (isset($id) && $a_group[$id]) + $group = $a_group[$id]; + else + $group = array(); + $fd = fopen("/tmp/{$tmpfname}", "w"); + if ($group['pages'][0]['page']) + foreach($group['pages'][0]['page'] as $page) { + fwrite($fd, $page . "\n"); + } + fclose($fd); + return; +} + +if ($_GET['toggle'] <> "") { + /* AJAX is calling, lets take care of it */ + if (!file_exists("/tmp/" . $_GET['session'])) { + init_ajax_helper_file($_GET['session']); + } + $fc = file_get_contents("/tmp/" . $_GET['session']); + $file_split = split("\n", $fc); + $found = -1; + for($x = 0; $x < count($file_split); $x++) { + if ($file_split[$x] == $_GET['toggle']) { + $found = $x; + } + } + if ($found == -1) { + $file_split[] = $_GET['toggle']; + $image = "/tree/page-file_play.gif"; + } else { + unset($file_split[$found]); + $image = "/tree/page-file_x.gif"; + } + $fd = fopen("/tmp/{$_GET['session']}", "w"); + if ($file_split) + foreach($file_split as $fs) { + if ($fs) + fwrite($fd, $fs . "\n"); + } + fclose($fd); + echo $_GET['item'] . "_a||" . "{$image}"; + exit; +} + +function convert_array_to_pgtitle($orig) +{ + $newstring = ""; + foreach($orig as $o) { + if ($newstring <> "") + $newstring .= ": "; + $newstring .= $o; + } + return $newstring; +} +// Returns an array of pages with their descriptions +function getAdminPageList() +{ + global $g; + + $tmp = Array(); + + if ($dir = opendir($g['www_path'])) { + while ($file = readdir($dir)) { + // Make sure the file exists and is not a directory + if ($file == "." or $file == ".." or $file[0] == '.') + continue; + // Is this a .inc.php file? pfSense! + if (fnmatch('guiconfig.inc', $file)) + continue; + if (fnmatch('*.inc', $file)) + continue; + if (fnmatch('*.inc.php', $file)) + continue; + if (fnmatch('*.php', $file)) { + // Read the description out of the file + $contents = file_get_contents($file); + $contents_split = split("\n", $contents); + $mlinestr = ""; + foreach($contents_split as $contents) { + $pgtitle = ""; + // Looking for a line like: + // $pgtitle = array(gettext("System"), gettext("Group manager")); // - DO NOT REMOVE. + if ($mlinestr == "" && stristr($contents, "\$pgtitle") == false) + continue; + if ($mlinestr == "" && stristr($contents, "=") == false) + continue; + if (stristr($contents, "<")) + continue; + if (stristr($contents, ">")) + continue; + /* at this point its evalable */ + $contents = trim ($contents); + $lastchar = substr($contents, strlen($contents) - 1, strlen($contents)); + $firstchar = substr($contents, 0, 1); + + /* check whether pgtitle is on one or multible lines */ + if ($firstchar <> "/" && $firstchar <> "#" && $lastchar <> ";") { + /* remember the partitial pgtitle string for the next loop iteration */ + $mlinestr .= $contents; + continue; + } else if ($mlinestr <> "" && $lastchar == ";") { + /* this is the final pgtitle part including the semicolon */ + $mlinestr .= $contents; + } else if ($mlinestr == "" && $lastchar == ";") { + /* this is a single line pgtitle, hence just + * copy its contents into mlinestr + */ + $mlinestr = $contents; + } else if ($firstchar == "/" || $firstchar == "#") { + /* same applies for comment lines */ + $mlinestr = $contents; + } + + eval($mlinestr); + + /* after eval, if not an array, continue */ + if (!is_array($pgtitle)) { + /* reset mlinestr for the next loop iteration */ + $mlinestr = ""; + continue; + } + + $tmp[$file] = convert_array_to_pgtitle($pgtitle); + + /* break out of the for loop, on to next file */ + break; + } + } + } + + /* loop through and read in wizard information */ + if ($dir = opendir("{$g['www_path']}/wizards")) { + while ($file = readdir($dir)) { + // Make sure the file exists and is not directory + if ($file == "." or $file == ".." or $file[0] == '.') + continue; + // Is this a .xml file? pfSense! + if (fnmatch('*.xml', $file)) { + /* parse package and retrieve the package title */ + $pkg = parse_xml_config_pkg("{$g['www_path']}/wizards/{$file}", "pfsensewizard"); + $title = $pkg['title']; + if ($title) + $tmp[$file] = trim($title); + } + } + } + + /* loop through and read in package information */ + if ($dir = opendir("{$g['pkg_path']}")) { + while ($file = readdir($dir)) { + // Make sure the file exists and is not directory + if ($file == "." or $file == ".." or $file[0] == '.') + continue; + // Is this a .xml file? pfSense! + if (fnmatch('*.xml', $file)) { + /* parse package and retrieve the package title */ + $pkg = parse_xml_config_pkg("{$g['pkg_path']}/{$file}", "packagegui"); + $title = $pkg['title']; + if ($title) + $tmp[$file] = trim($title); + } + } + } + + closedir($dir); + // Sets Interfaces:Optional page that didn't read in properly with the above method, + // and pages that don't have descriptions. + $tmp['interfaces_opt.php'] = ("Interfaces: Optional"); + $tmp['graph.php'] = ("Status: Traffic Graph"); + $tmp['graph_cpu.php'] = ("Diagnostics: CPU Utilization"); + $tmp['exec_raw.php'] = ("Hidden: Exec Raw"); + $tmp['uploadconfig.php'] = ("Hidden: Upload Configuration"); + $tmp['index.php'] = ("Status: System"); + $tmp['system_usermanager.php'] = ("System: User Password"); + $tmp['diag_logs_settings.php'] = ("Diagnostics: Logs: Settings"); + $tmp['diag_logs_vpn.php'] = ("Diagnostics: Logs: PPTP VPN"); + $tmp['diag_logs_filter.php'] = ("Diagnostics: Logs: Firewall"); + $tmp['diag_logs_portal.php'] = ("Diagnostics: Logs: Captive Portal"); + $tmp['diag_logs_dhcp.php'] = ("Diagnostics: Logs: DHCP"); + $tmp['diag_logs.php'] = ("Diagnostics: Logs: System"); + + $tmp['ifstats.php'] = ("Hidden: *XMLRPC Interface Stats"); + $tmp['license.php'] = ("System: License"); + $tmp['progress.php'] = ("Hidden: *No longer included"); + $tmp['diag_logs_filter_dynamic.php'] = ("Hidden: *No longer included"); + $tmp['preload.php'] = ("Hidden: *XMLRPC Preloader"); + $tmp['xmlrpc.php'] = ("Hidden: *XMLRPC Library"); + $tmp['pkg.php'] = ("System: *Renderer for XML based package GUIs (Part I)"); + $tmp['pkg_edit.php'] = ("System: *Renderer for XML based package GUIs (Part II)"); + + $tmp['functions.inc.php'] = ("Hidden: Ajax Helper 1"); + $tmp['javascript.inc.php'] = ("Hidden: Ajax Helper 2 "); + $tmp['sajax.class.php'] = ("Hidden: Ajax Helper 3"); + + asort($tmp); + + return $tmp; + } +} +// Get a list of all admin pages & Descriptions +$pages = getAdminPageList(); + +if (!is_array($config['system']['group'])) { + $config['system']['group'] = array(); +} +admin_groups_sort(); +$a_group = &$config['system']['group']; + +$id = $_GET['id']; +if (isset($_POST['id'])) + $id = $_POST['id']; + +if ($_GET['act'] == "del") { + if ($a_group[$_GET['id']]) { + $ok_to_delete = true; + if (isset($config['system']['user'])) { + foreach ($config['system']['user'] as $userent) { + if ($userent['groupname'] == $a_group[$_GET['id']]['name']) { + $ok_to_delete = false; + $input_errors[] = gettext("users still exist who are members of this group!"); + break; + } + } + } + if ($ok_to_delete) { + unset($a_group[$_GET['id']]); + write_config(); + pfSenseHeader("system_groupmanager.php"); + exit; + } + } +} + +if ($_POST) { + unset($input_errors); + $pconfig = $_POST; + /* input validation */ + $reqdfields = explode(" ", "groupname"); + $reqdfieldsn = explode(",", "Group Name"); + + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + + if (preg_match("/[^a-zA-Z0-9\.\-_ ]/", $_POST['groupname'])) + $input_errors[] = gettext("The group name contains invalid characters."); + + if (!$input_errors && !(isset($id) && $a_group[$id])) { + /* make sure there are no dupes */ + foreach ($a_group as $group) { + if ($group['name'] == $_POST['groupname']) { + $input_errors[] = gettext("Another entry with the same group name already exists."); + break; + } + } + } + + if (!$input_errors) { + if (isset($id) && $a_group[$id]) + $group = $a_group[$id]; + + $group['name'] = $_POST['groupname']; + isset($_POST['homepage']) ? $group['home'] = $_POST['homepage'] : $group['home'] = "index.php"; + isset($_POST['gtype']) ? $group['scope'] = $_POST['gtype'] : $group['scope'] = "system"; + $group['description'] = $_POST['description']; + unset($group['pages'][0]['page']); + + $file_split = split("\n", file_get_contents("/tmp/" . $_POST['session'])); + for($x = 0; $x < count($file_split); $x++) { + if ($file_split[$x]) + $group['pages'][0]['page'][] = $file_split[$x]; + } + + if (isset($id) && $a_group[$id]) + $a_group[$id] = $group; + else + $a_group[] = $group; + + write_config(); + + unlink_if_exists("/tmp/" . $_GET['session']); + + pfSenseHeader("system_groupmanager.php"); + exit; + } +} + +include("head.inc"); + +$checkallstr = <<= 0) { + document.iform.elements[i].checked = true; + document.iform.elements[i].click(); + } + } + } + +EOD; + +$pfSenseHead->addScript("\n"); +$pfSenseHead->addLink(""); +echo $pfSenseHead->getHTML(); + +?> +"> + + + + + + + + + + +
    + +
    + +
    +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + + + +
    + + + +
    + +
    + + + +
    + +
    + +
    + +
    + + $title) { + $identifier = str_replace('.php', '', $fname); + $identifier = $fname; + $title_split = split(": ", $title); + $tmp = "\$menu_array"; + foreach($title_split as $ts) + $tmp .= "['{$ts}']"; + $tmp .= " = \"{$identifier}\";"; + echo "\n"; + eval($tmp); + } + + echo "" . gettext("webConfigurator") . "
      \n"; + $counter = 0; + /* XXX: we may wanna pull from or add to each row a +e item (+edit) */ + $script_tag = ""; + + if (is_array($menu_array) && count($menu_array) > 0) { + foreach($menu_array as $title => $m) { + echo "
    • $title
        "; + $treeItemID++; + if (is_array($m) && count($m) > 0) { + foreach($m as $t => $area) { + if (is_array($area) && count($area) > 0) { + echo "
      • $t
          "; + $treeItemID++; + walkArea("{$title}_{$t}", + $t, + $area, + $id, + $counter, + $script_tag, + $tmpfname, + $group); + echo "
        \n"; + } else { + $trimmed_title = trim($title); + $trimmed_t = trim($t); + $this_id = "{$trimmed_title}_{$trimmed_t}_{$counter}"; + $this_id = str_replace(" ", "", $this_id); + $this_id = str_replace("/", "", $this_id); + $allowed = false; + if (is_array($group['pages'][0]['page'])) { + foreach($group['pages'][0]['page'] as $page) { + if (stristr($area, $page)) + $allowed = true; + // echo "$page || $area || $t"; + } + } + $allowed ? $checked = " checked=\"checked\"" : $checked = ""; + $stripped_session = str_replace("/tmp/", "", $tmpfname); + echo"
      •  "; + $idForOnClick = $treeItemID; + $treeItemID++; + echo "  "; + echo " {$t}
        • \n"; + $treeItemID++; + $script_tag .= "var item = document.getElementById('treeitem_{$idForScript}');\n"; + if ($allowed) { + $script_tag .= "item.style.backgroundImage = \"url('/tree/page-file_play.gif')\";\n"; + } else { + $script_tag .= "item.style.backgroundImage = \"url('/tree/page-file_x.gif')\";\n"; + } + $counter++; + } + } + } + echo "
      \n"; + } + } + echo "
    \n"; + +?> +
    + + + + + + + + + + + + + +
    +
    + +
    + " /> + + + +

    + + + : + + + +

    +
    +
    +
    + + + + + + + + + + + + + + + + + + + + + + + + + +
    + + + + + +
    + + Group + + Group + +   + + +
    +     		+ + + + + + + + + + + + " width="17" height="17" border="0" alt="" /> + + ')"> + " width="17" height="17" border="0" alt="" /> + +
    + + " width="17" height="17" border="0" alt="" /> + +
    +

    + +

    +

    + +

    +
    +
    + + + + + + diff --git a/packages/authng/www/php/system_usermanager.php b/packages/authng/www/php/system_usermanager.php new file mode 100644 index 00000000..1af4bdc3 --- /dev/null +++ b/packages/authng/www/php/system_usermanager.php @@ -0,0 +1,482 @@ + + All rights reserved. + + Based on m0n0wall (http://m0n0.ch/wall) + Copyright (C) 2003-2006 Manuel Kasper . + All rights reserved. + */ +/* ========================================================================== */ +/* + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + */ +/* ========================================================================== */ + +require("guiconfig.inc"); +// The page title for non-admins +$pgtitle = array(gettext("System"), gettext("User password")); + +if ($userPeer->isSystemAdmin($HTTP_SERVER_VARS['AUTH_USER'])) { + // Page title for main admin + $pgtitle = array(gettext("System"), gettext("User manager")); + + $id = $_GET['id']; + if (isset($_POST['id'])) + $id = $_POST['id']; + + if (!is_array($config['system']['user'])) { + $config['system']['user'] = array(); + } + + admin_users_sort(); + $a_user = &$config['system']['user']; + $t_privs = $a_user[$id]['priv']; + + if ($_GET['act'] == "del" && $_GET['what'] == "user") { + if ($a_user[$_GET['id']]) { + $userdeleted = $a_user[$_GET['id']]['name']; + unset($a_user[$_GET['id']]); + write_config(); + $retval = system_password_configure(); + $savemsg = get_std_save_message($retval); + $savemsg = gettext("User") . " " . $userdeleted . " " . gettext("successfully deleted") . "
    "; + } + } else if ($_GET['act'] == "del" && $_GET['what'] == "priv") { + if ($t_privs[$_GET['privid']]) { + $privdeleted = $t_privs[$_GET['privid']]['id']; + unset($t_privs[$_GET['privid']]); + write_config(); + $_GET['act'] = "edit"; + $retval = 0; + $savemsg = get_std_save_message($retval); + $savemsg = gettext("Privilege") . " " . $privdeleted . " " . gettext("of user") . " " . $a_user[$_GET['id']]['name'] . " " . gettext("successfully deleted") . "
    "; + } + } + + if ($_POST) { + unset($input_errors); + $pconfig = $_POST; + + /* input validation */ + if (isset($id) && ($a_user[$id])) { + $reqdfields = explode(" ", "usernamefld"); + $reqdfieldsn = explode(",", "Username"); + } else { + $reqdfields = explode(" ", "usernamefld passwordfld1"); + $reqdfieldsn = explode(",", "Username,Password"); + } + + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + + if (hasShellAccess($_POST['usernamefld'])) { + if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['usernamefld'])) + $input_errors[] = gettext("The username contains invalid characters."); + } else { + if (preg_match("/[^a-zA-Z0-9\@\.\-_]/", $_POST['usernamefld'])) + $input_errors[] = gettext("The username contains invalid characters."); + } + + if (($_POST['passwordfld1']) && ($_POST['passwordfld1'] != $_POST['passwordfld2'])) + $input_errors[] = gettext("The passwords do not match."); + + if (!$input_errors && !(isset($id) && $a_user[$id])) { + /* make sure there are no dupes */ + foreach ($a_user as $userent) { + if ($userent['name'] == $_POST['usernamefld']) { + $input_errors[] = gettext("Another entry with the same username already exists."); + break; + } + } + } + + if ($pconfig['utype'] <> "system" && !isset($groupindex[$_POST['groupname']])) { + $input_errors[] = gettext("group does not exist, please define the group before assigning users."); + } + + if (isset($config['system']['ssh']['sshdkeyonly']) && + empty($_POST['authorizedkeys'])) { + $input_errors[] = gettext("You must provide an authorized key otherwise you won't be able to login into this system."); + } + + /* if this is an AJAX caller then handle via JSON */ + if (isAjax() && is_array($input_errors)) { + input_errors2Ajax($input_errors); + exit; + } + + if (!$input_errors) { + if (isset($id) && $a_user[$id]) + $userent = $a_user[$id]; + + /* the user did change his username */ + if ($_POST['usernamefld'] <> $_POST['oldusername']) { + $_SERVER['REMOTE_USER'] = $_POST['usernamefld']; + } + + $userent['name'] = $_POST['usernamefld']; + $userent['fullname'] = $_POST['fullname']; + if ($pconfig['utype'] <> "system") { + $userent['groupname'] = $_POST['groupname']; + } + isset($_POST['utype']) ? $userent['scope'] = $_POST['utype'] : $userent['scope'] = "system"; + + if ($_POST['passwordfld1']) + $userent['password'] = crypt($_POST['passwordfld1']); + + if(isset($config['system']['ssh']['sshdkeyonly'])) { + $userent['authorizedkeys'] = base64_encode($_POST['authorizedkeys']); + } + + if (isset($id) && $a_user[$id]) + $a_user[$id] = $userent; + else + $a_user[] = $userent; + + write_config(); + $retval = system_password_configure(); + sync_webgui_passwords(); + + pfSenseHeader("system_usermanager.php"); + } + } + + include("head.inc"); + echo $pfSenseHead->getHTML(); +?> + +"> + + + + + + + + + + +
    + +
    + +
    +
    + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
    + /> + +
    + +
    +   +
    + /> +
    + +
    + +
    + +
    + + + + + + + + + + + ""): ?> + + + + + + + + + + + + + + + + +
    > + + > + + > +   + + + + + + + +
    ')">
    + +
    + + + + +
    +
    +
    + +
    + +
    + +
    + +
      + + + + +
    +
    + + + + + + + + + + + + + + + + + + + + + + + +
    UsernameFull nameGroup
    + + + + + +
    + + User + + User + +   + + +
    +     		  +   + + + edit user + + +   + ')"> + delete user + + +
    + + add user + +
    +

    + +

    +

    + +

    +
    + +
    + saving changes + $config['system']['user'][$userindex[$HTTP_SERVER_VARS['AUTH_USER']]]['password'] = crypt(trim($_POST['passwordfld1'])); + + write_config(); + + sync_webgui_passwords(); + + $retval = system_password_configure(); + $savemsg = get_std_save_message($retval); + $savemsg = "Password successfully changed
    "; + } + } +?> + +getHTML(); +?> + + + + "> +
    + + + + + + + + + + + + + + + +
    's Password
    Password + +
    + +   +
    + +
      + " /> +
    +
    + + + + + diff --git a/packages/authng/www/php/system_usermanager_edit.php b/packages/authng/www/php/system_usermanager_edit.php new file mode 100644 index 00000000..25dc2ac3 --- /dev/null +++ b/packages/authng/www/php/system_usermanager_edit.php @@ -0,0 +1,294 @@ + + fooid + foo + foo desc + + + barid + bar + bar desc + +*/ + +$useract = $_GET['useract']; +if (isset($_POST['useract'])) + $useract = $_POST['useract']; + +/* USERID must be set no matter whether this is a new entry or an existing entry */ +$userid = $_GET['userid']; +if (isset($_POST['userid'])) + $userid = $_POST['userid']; + +/* ID is only set if the user wants to edit an existing entry */ +$id = $_GET['id']; +if (isset($_POST['id'])) + $id = $_POST['id']; + +if (empty($config['system']['user'][$userid])) { + pfSenseHeader("system_usermanager.php?id={$userid}&act={$_GET['useract']}"); + exit; +} + +if (!is_array($config['system']['user'][$userid]['priv'])) { + $config['system']['user'][$userid]['priv'] = array(); +} + +$t_privs = &$config['system']['user'][$userid]['priv']; + +if (isset($id) && $t_privs[$id]) { + $pconfig['pid'] = $t_privs[$id]['id']; + $pconfig['pname'] = $t_privs[$id]['name']; + $pconfig['descr'] = $t_privs[$id]['descr']; +} else { + $pconfig['pid'] = $_GET['pid']; + $pconfig['pname'] = $_GET['pname']; + $pconfig['descr'] = $_GET['descr']; +} + +if ($_POST) { + + unset($input_errors); + $pconfig = $_POST; + + /* input validation */ + $reqdfields = explode(" ", "pid pname"); + $reqdfieldsn = explode(",", "ID, Privilege Name"); + + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + + /* check for overlaps */ + foreach ($t_privs as $priv) { + if (isset($id) && ($t_privs[$id]) && ($t_privs[$id] === $priv)) { + continue; + } + if ($priv['id'] == $pconfig['pid']) { + $input_errors[] = gettext("This privilege ID already exists."); + break; + } + } + + if (hasShellAccess($userindex[$userid]['name']) || + isAllowedToCopyFiles($userindex[$userid]['name'])) { + if (preg_match("/[^a-zA-Z0-9\.\-_]/", $userindex[$userid]['name'])) + $input_errors[] = gettext("The username contains invalid characters " . + "((this means this user can't be used to create" . + " a shell account)."); + } + + /* if this is an AJAX caller then handle via JSON */ + if(isAjax() && is_array($input_errors)) { + input_errors2Ajax($input_errors); + exit; + } + + if (!$input_errors) { + $priv = array(); + $priv['id'] = $pconfig['pid']; + $priv['name'] = $pconfig['pname']; + $priv['descr'] = $pconfig['descr']; + + if (isset($id) && $t_privs[$id]) + $t_privs[$id] = $priv; + else + $t_privs[] = $priv; + + if ($priv['id'] == "hasshell") { + assignUID($user['name']); + assignGID($user['groupname']); + } + + write_config(); + + $retval = 0; + config_lock(); + config_unlock(); + + $savemsg = get_std_save_message($retval); + + pfSenseHeader("system_usermanager.php?id={$userid}&act={$useract}"); + exit; + } +} + +/* if ajax is calling, give them an update message */ +if(isAjax()) + print_info_box_np($savemsg); + +include("head.inc"); +/* put your custom HTML head content here */ +/* using some of the $pfSenseHead function calls */ + +$jscriptstr = << + + + +EOD; + +$pfSenseHead->addScript($jscriptstr); +echo $pfSenseHead->getHTML(); + +?> + +"> + + + +
    +
    + + + + + + + + + + + + + + + + + + + + + +
    +
    + (If you do not want to define your own privilege, you may + select one from this list) +
    + +
    + +
    + +
      + " /> + " onclick="history.back()" /> + + + + + + + + + +
    +
    + + + diff --git a/packages/authng/www/php/system_usermanager_settings.php b/packages/authng/www/php/system_usermanager_settings.php new file mode 100755 index 00000000..5853fab4 --- /dev/null +++ b/packages/authng/www/php/system_usermanager_settings.php @@ -0,0 +1,110 @@ + + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ +require("guiconfig.inc"); + +$pconfig['session_timeout'] = &$config['system']['webgui']['session_timeout']; + +// Page title for main admin +$pgtitle = array(gettext("System"), gettext("User manager settings")); + +if ($_POST) { + unset($input_errors); + + /* input validation */ + $reqdfields = explode(" ", "session_timeout"); + $reqdfieldsn = explode(",", "Session Timeout"); + + do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); + + if ($_POST['session_timeout'] != "" && !is_numeric($_POST['session_timeout'])) + $input_errors[] = gettext("Session timeout must be an integer with value 0 or greater."); + + /* if this is an AJAX caller then handle via JSON */ + if (isAjax() && is_array($input_errors)) { + input_errors2Ajax($input_errors); + exit; + } + + + if (!$input_errors) { + $pconfig['session_timeout'] = $_POST['session_timeout']; + + write_config(); + pfSenseHeader("system_usermanager_settings.php"); + } +} + +include("head.inc"); +echo $pfSenseHead->getHTML(); +?> + +"> + + + + + + + + + +
    + +
    +
    +
    + + + + + + + + + + +
    Session Timeout +
    +
    +
      " /> +
    +
    +
    +
    + + + + -- cgit v1.2.3