Project

General

Profile

Feature #1010 » permission-setting-for-captive-portal2.patch

Erik Fonnesbeck, 11/29/2010 06:29 PM

View differences:

etc/inc/globals.inc
89 89
	"disablehelpmenu" => false,
90 90
	"disablehelpicon" => false,
91 91
	"debug" => false,
92
	"latest_config" => "7.5",
92
	"latest_config" => "7.6",
93 93
	"nopkg_platforms" => array("cdrom"),
94 94
	"minimum_ram_warning" => "105",
95 95
	"minimum_ram_warning_text" => "128 MB",
etc/inc/priv/user.priv.inc
2 2

  
3 3
global $priv_list;
4 4

  
5
$priv_list['user-services-captiveportal-login'] = array();
6
$priv_list['user-services-captiveportal-login']['name']  = gettext("User - Services - Captive portal login");
7
$priv_list['user-services-captiveportal-login']['descr'] = gettext("Indicates whether the user is able to login on ".
8
										   "the captive portal.");
9

  
5 10
$priv_list['user-shell-access'] = array();
6 11
$priv_list['user-shell-access']['name']  = "User - System - Shell account access";
7 12
$priv_list['user-shell-access']['descr'] = "Indicates whether the user is able to login for ".
etc/inc/upgrade_config.inc
1885 1885
		$config['system']['user'] = array();
1886 1886
	/* migrate captivate portal to user manager */
1887 1887
	if (is_array($config['captiveportal']['user'])) {
1888
		$config['cpusernames_temp'] = array();
1888 1889
		foreach($config['captiveportal']['user'] as $user) {
1889 1890
			// avoid user conflicts
1890 1891
			$found = false;
......
1907 1908
			}
1908 1909
			$user['uid'] = $config['system']['nextuid']++;
1909 1910
			$config['system']['user'][] = $user;
1911
			$config['cpusernames_temp'][] = $user['name'];
1910 1912
		}
1911 1913
		unset($config['captiveportal']['user']);
1912 1914
	}
......
2279 2281
		rename_field($config['crl'], 'name', 'descr');
2280 2282
}
2281 2283

  
2284
function upgrade_075_to_076() {
2285
	global $config;
2286

  
2287
	if (!isset($config['captiveportal']['enable']) && !isset($config['cpusernames_temp']))
2288
		return;
2289

  
2290
	$cpusers = array();
2291
	$cpusers['name'] = "cpusers";
2292

  
2293
	// Search for a group name that doesn't conflict, in case cpusers already exists
2294
	if (is_array($config['system']['group'])) {
2295
		do {
2296
			$found = false;
2297
			foreach ($config['system']['group'] as $groupent)
2298
				if ($groupent['name'] == $cpusers['name']) {
2299
					$found = true;
2300
					$cpusers['name'] = "cpusers" . (substr($cpusers['name'], 7) + 1);
2301
					break;
2302
				}
2303
		} while ($found);
2304
	} else
2305
		$config['system']['group'] = array();
2306

  
2307
	$cpusers['description'] = gettext("Captive Portal Users");
2308
	$cpusers['gid'] = $config['system']['nextgid']++;
2309
	$cpusers['priv'] = array("user-services-captiveportal-login");
2310
	$cpusers['member'] = array();
2311

  
2312
	if (is_array($config['system']['user'])) {
2313
		if (isset($config['cpusernames_temp'])) {
2314
			foreach ($config['system']['user'] as $userent)
2315
				if (in_array($userent['name'], $config['cpusernames_temp']))
2316
					$cpusers['member'][] = $userent['uid'];
2317
		} else {
2318
			foreach ($config['system']['user'] as $userent)
2319
				if ($userent['uid'] != 0)
2320
					$cpusers['member'][] = $userent['uid'];
2321
		}
2322
	}
2323

  
2324
	if (isset($config['cpusernames_temp']))
2325
		unset($config['cpusernames_temp']);
2326

  
2327
	if (empty($cpusers['member']))
2328
		unset($cpusers['member']);
2329

  
2330
	$config['system']['group'][] = $cpusers;
2331
}
2332

  
2282 2333
?>
usr/local/captiveportal/index.php
187 187

  
188 188
	//check against local user manager
189 189
	$loginok = local_backed($_POST['auth_user'], $_POST['auth_pass']);
190
	if ($loginok)
191
		if (!userHasPrivilege(getUserEntry($_POST['auth_user']), "user-services-captiveportal-login"))
192
			$loginok = false;
190 193
    if ($loginok){
191 194
        captiveportal_logportalauth($_POST['auth_user'],$clientmac,$clientip,"LOGIN");
192 195
        portal_allow($clientip, $clientmac,$_POST['auth_user']);
usr/local/www/services_captiveportal.php
469 469
		  <td>&nbsp;</td>
470 470
		  <td>&nbsp;</td>
471 471
		  </tr>
472
		<tr>
473
		  <td colspan="2"><span class="vexpl"><span class="red"><strong><?=gettext("Note:"); ?></strong></span><br>
474
		  <?=gettext("When using the local user manager for authentication, only users with the Captive Portal Login privilege are allowed access.  This may be given by adding the user to a Captive Portal Users group that has the privilege or by assigning the privilege directly."); ?></span></td>
475
		  </tr><tr>
476
		  <td>&nbsp;</td>
477
		  <td>&nbsp;</td>
478
		  </tr>
472 479
		</table>
473 480
		<table width="100%" border="0" cellpadding="6" cellspacing="0">
474 481
        	<tr>
(2-2/2)