Set groups first, since local_user_set checks a privilege that relies on the groups being accurate when run.
Fix "all users" group member array test.
Validate for duplicate user names when editing, too.
Prevent the GUI from adding a user that already exists in /etc/passwd (root, operator, daemon, etc)
Fixes #613. Add correctly users to all users group.
Add IPsec PSK field to User Manager. No backend code to use this value yet.
Removed gettext call
Add gettext call
add gettext() calls on missing places
Fixing multiline gettext()
Adding gettext()
Fix gettext issues
Fixing gettext implementation
Fixing gettext() implementation
Use array instead of explode for reqdfieldsn to fit it better with gettext() calls
Reviewing gettext() implementation
Default to 2048 bits.
Ticket #423. Remove priv.inc/priv.defs.inc from files. They used require() instead of required once so produced errors or redefinitions of functions. These includes are now included on authgui.inc.
Default to 3650 days. Requested-by: cmb@
fix text
Make the certificate table look better.
Allow user certificate to be created with the user.
Run /etc/inc/privhooks if they exist
fix typos
remove authorized_keys check, many users won't have SSH access anyway, this check is much too restrictive
include priv.inc
Disabled is not a required field
Include priv.defs.inc
Add disabled checkbox. Add code to check for disabled accounts.
Allow expiration date to lie in the past which has the side effect of disabling the account Ticket #65
Add necessary include. Reported-by: http://forum.pfsense.org/index.php/topic,19193.0.html
Add pfSense_BUILDER_BINARIES: and pfSense_MODULE:. Adjust Copyright to include 2009 on files that I have asserted (C) on
Clear guiconfig from all sort junk functions and put them on the specific pages where they are needed.Remove some sort functions not used.
Correct the path of the javascript after Bills cleanup.
Modify captive portal to use centralized user management. The user manager hasbeen modified to include an account expiration option to support this service.
Mount image rw during changes
Do not hard code white
Cleanup the tab format of the system user/group/server management pages.The edges were square instead of rounded like most pfSense pages. Alsomake sure tabs and cancel buttons are present in the add privilege andadd certificate pages.
Moves the protocol and certificate options out of the general config pageto the Advanced admin access tab. The thought is that they should be nextto each other. The certificate management has also been modified to usethe centralized certificate manager. I took the liberty of removing the...
Disallow creation of user certificates until the user has actually beencreated. This obviously won't work.
Add options to export ca, certificate and user certificate data from thewebui.
Rework most of the OpenVPN support. The interfaces have been updated tonot use the pkg system and the configuration has been migrated to anopenvpn prefix. The centralized user and certificate manager is now usedto support the openvpn configurations. Most of the files removed in this...
Add a certificate list to the user object that can be managed using the caand user manager screens.
Implement a certificate authority and certificate webui that can be usedto centrally manage this data. There are no consumers at this time. Thisinterface allow for the following ...
Certificate Authority Manager:- List certificates authorities- Import existing certificate authority...
Add a right arrow icon supplied by hoba. This compliments the existingleft arrow icon. Use the left and right arrow icons instead of the plusand x icons for moving users and groups between selection lists in theuser and group manager screens.
Add an interface to manage external authentication servers. The two typessupported currently are LDAP and Radius.
Cleanup authentication code. The basic auth method, the passwd, htpasswdand pam backing functions have been removed. The basic auth method waslegacy code and the backing functions were redundant with no added valuethat I could see. A simplified replacement backing function named...
Rewrite the pfsense privilege system with the following goals in mind ...
1) Redefine page privileges to not use static urls2) Accurate generation of privilege definitions from source3) Merging the user and group privileges into a single set4) Allow any privilege to be added to users or groups w/ inheritance...
Rewrite portions of the user manager to ensure data is properly synced tothe system password and group databases. This is to provide better supportfor centralized user management when local account administration ispreferred.
I also took this opportunity to do some housekeeping. A lot of funtions...
Admin automatically defaults to the admin groups. Do not worry aboutlack of group being sent.
Ticket #1752
At least one group is required for saving.
Correctly deterimine if user is local
Do not allow password change for non local user.
Back commit. Wrong branch.
Sync w/ RELENG_1
Check if item is an array. admin user has permission to all without array.
Add custom priv for granting access to the user manager.
Only assign &$ if item is an array.
Only iterate groups if it is an array.
Allow multiple groups to be assigned per user.
Work sponsored-by: Centipede Networks
Add product_copyright re-branding supportAdd product_copyright_years re-branding supportAdd product_website re-branding supportAdd product_email re-branding support
unset() priv correctly.
Convert page title to use an array like all other pages where previously done.
Hide privs section. It will not be making it into 1.3.
Switch icon locations to pfSense style themes.
Switch over to array style page titles. Obtained-from: m0n0wall
Reset $userent - it gets set somewhere and grants users full priviledgesafter creation
fix html alignment and pgtitle
Backport usermanager code from HEAD so I can get it in the snaps andstart testing it properlyThere's still some CSS/HTML fixes needed but the code seems to work