/src/usr/local/www/system_usermanager.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/src/usr/local/www/system_usermanager.php @ 1ede6e4d

1	1df17ba9	Scott Ullrich	<?php
2	fab7ff44	Bill Marquette	/*
3	c5d81585	Renato Botelho	* system_usermanager.php
4	7d2e572f	Stephen Beaver	*
5	c5d81585	Renato Botelho	* part of pfSense (https://www.pfsense.org)
6	81299b5c	Renato Botelho	* Copyright (c) 2004-2016 Rubicon Communications, LLC (Netgate)
7	c5d81585	Renato Botelho	* Copyright (c) 2008 Shrew Soft Inc.
8			* Copyright (c) 2005 Paul Taylor <paultaylor@winn-dixie.com>
9			* All rights reserved.
10	191cb31d	Stephen Beaver	*
11	c5d81585	Renato Botelho	* originally based on m0n0wall (http://m0n0.ch/wall)
12			* Copyright (c) 2003-2004 Manuel Kasper <mk@neon1.net>.
13			* All rights reserved.
14	7d2e572f	Stephen Beaver	*
15	b12ea3fb	Renato Botelho	* Licensed under the Apache License, Version 2.0 (the "License");
16			* you may not use this file except in compliance with the License.
17			* You may obtain a copy of the License at
18	7d2e572f	Stephen Beaver	*
19	b12ea3fb	Renato Botelho	* http://www.apache.org/licenses/LICENSE-2.0
20	7d2e572f	Stephen Beaver	*
21	b12ea3fb	Renato Botelho	* Unless required by applicable law or agreed to in writing, software
22			* distributed under the License is distributed on an "AS IS" BASIS,
23			* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
24			* See the License for the specific language governing permissions and
25			* limitations under the License.
26	7d2e572f	Stephen Beaver	*/
27	fab7ff44	Bill Marquette
28	6b07c15a	Matthew Grooms	##\|+PRIV
29			##\|*IDENT=page-system-usermanager
30	5230f468	jim-p	##\|*NAME=System: User Manager
31	6b07c15a	Matthew Grooms	##\|*DESCR=Allow access to the 'System: User Manager' page.
32	57188e47	Phil Davis	##\|*WARN=standard-warning-root
33	6b07c15a	Matthew Grooms	##\|MATCH=system_usermanager.php
34			##\|-PRIV
35
36	c81ef6e2	Phil Davis	require_once("certs.inc");
37			require_once("guiconfig.inc");
38	fab7ff44	Bill Marquette
39	e33be77c	Ermal	// start admin user code
40	4611e283	Steve Beaver	if (isset($_REQUEST['userid']) && is_numericint($_REQUEST['userid'])) {
41			$id = $_REQUEST['userid'];
42	73fa304b	Phil Davis	}
43	1df17ba9	Scott Ullrich
44	73fa304b	Phil Davis	if (!isset($config['system']['user']) \|\| !is_array($config['system']['user'])) {
45	e33be77c	Ermal	$config['system']['user'] = array();
46	73fa304b	Phil Davis	}
47	1df17ba9	Scott Ullrich
48	e33be77c	Ermal	$a_user = &$config['system']['user'];
49	4611e283	Steve Beaver	$act = $_REQUEST['act'];
50	45ee90ed	Matthew Grooms
51	73fa304b	Phil Davis	if (isset($_SERVER['HTTP_REFERER'])) {
52	7c2d0050	Renato Botelho	$referer = $_SERVER['HTTP_REFERER'];
53	73fa304b	Phil Davis	} else {
54	7c2d0050	Renato Botelho	$referer = '/system_usermanager.php';
55	73fa304b	Phil Davis	}
56	7c2d0050	Renato Botelho
57	adacdf5f	jim-p	if (isset($id) && $a_user[$id]) {
58			$pconfig['usernamefld'] = $a_user[$id]['name'];
59			$pconfig['descr'] = $a_user[$id]['descr'];
60			$pconfig['expires'] = $a_user[$id]['expires'];
61	8bab524e	Phil Davis	$pconfig['customsettings'] = isset($a_user[$id]['customsettings']);
62			$pconfig['webguicss'] = $a_user[$id]['webguicss'];
63			$pconfig['webguifixedmenu'] = $a_user[$id]['webguifixedmenu'];
64			$pconfig['webguihostnamemenu'] = $a_user[$id]['webguihostnamemenu'];
65			$pconfig['dashboardcolumns'] = $a_user[$id]['dashboardcolumns'];
66	1d3510cf	Phil Davis	$pconfig['interfacessort'] = isset($a_user[$id]['interfacessort']);
67	8bab524e	Phil Davis	$pconfig['dashboardavailablewidgetspanel'] = isset($a_user[$id]['dashboardavailablewidgetspanel']);
68			$pconfig['systemlogsfilterpanel'] = isset($a_user[$id]['systemlogsfilterpanel']);
69			$pconfig['systemlogsmanagelogpanel'] = isset($a_user[$id]['systemlogsmanagelogpanel']);
70			$pconfig['statusmonitoringsettingspanel'] = isset($a_user[$id]['statusmonitoringsettingspanel']);
71			$pconfig['webguileftcolumnhyper'] = isset($a_user[$id]['webguileftcolumnhyper']);
72	d9058974	Phil Davis	$pconfig['disablealiaspopupdetail'] = isset($a_user[$id]['disablealiaspopupdetail']);
73	8bab524e	Phil Davis	$pconfig['pagenamefirst'] = isset($a_user[$id]['pagenamefirst']);
74	adacdf5f	jim-p	$pconfig['groups'] = local_user_get_groups($a_user[$id]);
75			$pconfig['utype'] = $a_user[$id]['scope'];
76			$pconfig['uid'] = $a_user[$id]['uid'];
77			$pconfig['authorizedkeys'] = base64_decode($a_user[$id]['authorizedkeys']);
78			$pconfig['priv'] = $a_user[$id]['priv'];
79			$pconfig['ipsecpsk'] = $a_user[$id]['ipsecpsk'];
80			$pconfig['disabled'] = isset($a_user[$id]['disabled']);
81			}
82
83	f5c9c0c7	Steve Beaver	if ($_POST['act'] == "deluser") {
84	45ee90ed	Matthew Grooms
85	f5c9c0c7	Steve Beaver	if (!isset($_POST['username']) \|\| !isset($a_user[$id]) \|\| ($_POST['username'] != $a_user[$id]['name'])) {
86	e33be77c	Ermal	pfSenseHeader("system_usermanager.php");
87			exit;
88	6b07c15a	Matthew Grooms	}
89
90	f5c9c0c7	Steve Beaver	if ($_POST['username'] == $_SESSION['Username']) {
91			$delete_errors[] = sprintf(gettext("Cannot delete user %s because you are currently logged in as that user."), $_POST['username']);
92	d6b79c39	Phil Davis	} else {
93			local_user_del($a_user[$id]);
94			$userdeleted = $a_user[$id]['name'];
95			unset($a_user[$id]);
96			write_config();
97			$savemsg = sprintf(gettext("User %s successfully deleted."), $userdeleted);
98			}
99	f5c9c0c7	Steve Beaver
100	d61309a0	Phil Davis	} else if ($act == "new") {
101	e33be77c	Ermal	/*
102			* set this value cause the text field is read only
103			* and the user should not be able to mess with this
104			* setting.
105			*/
106			$pconfig['utype'] = "user";
107			$pconfig['lifetime'] = 3650;
108			}
109	45ee90ed	Matthew Grooms
110	64c31615	Stephen Beaver	if (isset($_POST['dellall'])) {
111	4e21c82e	bruno
112			$del_users = $_POST['delete_check'];
113	d6b79c39	Phil Davis	$deleted_users = "";
114			$deleted_count = 0;
115			$comma = "";
116	4e21c82e	bruno
117	73fa304b	Phil Davis	if (!empty($del_users)) {
118			foreach ($del_users as $userid) {
119	4e21c82e	bruno	if (isset($a_user[$userid]) && $a_user[$userid]['scope'] != "system") {
120	d6b79c39	Phil Davis	if ($a_user[$userid]['name'] == $_SESSION['Username']) {
121			$delete_errors[] = sprintf(gettext("Cannot delete user %s because you are currently logged in as that user."), $a_user[$userid]['name']);
122			} else {
123			$deleted_users = $deleted_users . $comma . $a_user[$userid]['name'];
124			$comma = ", ";
125			$deleted_count++;
126			local_user_del($a_user[$userid]);
127			unset($a_user[$userid]);
128			}
129			} else {
130			$delete_errors[] = sprintf(gettext("Cannot delete user %s because it is a system user."), $a_user[$userid]['name']);
131	4e21c82e	bruno	}
132			}
133	d6b79c39	Phil Davis
134			if ($deleted_count > 0) {
135			if ($deleted_count == 1) {
136			$savemsg = sprintf(gettext("User %s successfully deleted."), $deleted_users);
137			} else {
138			$savemsg = sprintf(gettext("Users %s successfully deleted."), $deleted_users);
139			}
140			write_config($savemsg);
141			}
142	4e21c82e	bruno	}
143			}
144
145	98402844	Stephen Beaver	if ($_POST['act'] == "delcert") {
146
147			if (!$a_user[$id]) {
148			pfSenseHeader("system_usermanager.php");
149			exit;
150			}
151
152			$certdeleted = lookup_cert($a_user[$id]['cert'][$_POST['certid']]);
153			$certdeleted = $certdeleted['descr'];
154			unset($a_user[$id]['cert'][$_POST['certid']]);
155			write_config();
156			$_POST['act'] = "edit";
157	ed10e389	Phil Davis	$savemsg = sprintf(gettext("Certificate %s association removed."), $certdeleted);
158	98402844	Stephen Beaver	}
159	64c31615	Stephen Beaver
160	945204b1	Stephen Beaver	if ($_POST['act'] == "delprivid") {
161			$privdeleted = $priv_list[$a_user[$id]['priv'][$_POST['privid']]]['name'];
162			unset($a_user[$id]['priv'][$_POST['privid']]);
163			local_user_set($a_user[$id]);
164			write_config();
165			$_POST['act'] = "edit";
166	ed10e389	Phil Davis	$savemsg = sprintf(gettext("Privilege %s removed."), $privdeleted);
167	4c879f95	heper	}
168	98402844	Stephen Beaver
169	1a6769a6	Renato Botelho	if ($_POST['save']) {
170	e33be77c	Ermal	unset($input_errors);
171			$pconfig = $_POST;
172	45ee90ed	Matthew Grooms
173	e33be77c	Ermal	/* input validation */
174			if (isset($id) && ($a_user[$id])) {
175			$reqdfields = explode(" ", "usernamefld");
176			$reqdfieldsn = array(gettext("Username"));
177			} else {
178			if (empty($_POST['name'])) {
179			$reqdfields = explode(" ", "usernamefld passwordfld1");
180			$reqdfieldsn = array(
181			gettext("Username"),
182			gettext("Password"));
183	45ee90ed	Matthew Grooms	} else {
184	e33be77c	Ermal	$reqdfields = explode(" ", "usernamefld passwordfld1 name caref keylen lifetime");
185			$reqdfieldsn = array(
186			gettext("Username"),
187			gettext("Password"),
188			gettext("Descriptive name"),
189			gettext("Certificate authority"),
190			gettext("Key length"),
191			gettext("Lifetime"));
192	45ee90ed	Matthew Grooms	}
193	e33be77c	Ermal	}
194	45ee90ed	Matthew Grooms
195	1e9b4611	Renato Botelho	do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
196	45ee90ed	Matthew Grooms
197	73fa304b	Phil Davis	if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['usernamefld'])) {
198	e33be77c	Ermal	$input_errors[] = gettext("The username contains invalid characters.");
199	73fa304b	Phil Davis	}
200	45ee90ed	Matthew Grooms
201	73fa304b	Phil Davis	if (strlen($_POST['usernamefld']) > 16) {
202	e33be77c	Ermal	$input_errors[] = gettext("The username is longer than 16 characters.");
203	73fa304b	Phil Davis	}
204	94d455da	jim-p
205	73fa304b	Phil Davis	if (($_POST['passwordfld1']) && ($_POST['passwordfld1'] != $_POST['passwordfld2'])) {
206	e33be77c	Ermal	$input_errors[] = gettext("The passwords do not match.");
207	73fa304b	Phil Davis	}
208	45ee90ed	Matthew Grooms
209	73fa304b	Phil Davis	if (isset($_POST['ipsecpsk']) && !preg_match('/^[[:ascii:]]*$/', $_POST['ipsecpsk'])) {
210	123d8700	Renato Botelho	$input_errors[] = gettext("IPsec Pre-Shared Key contains invalid characters.");
211	73fa304b	Phil Davis	}
212	123d8700	Renato Botelho
213	e63321a5	jim-p	/* Check the POSTed groups to ensure they are valid and exist */
214	9d3e8723	Phil Davis	if (is_array($_POST['groups'])) {
215	9f472202	NewEraCracker	foreach ($_POST['groups'] as $newgroup) {
216			if (empty(getGroupEntry($newgroup))) {
217			$input_errors[] = gettext("One or more invalid groups was submitted.");
218			}
219	e63321a5	jim-p	}
220			}
221
222	73fa304b	Phil Davis	if (isset($id) && $a_user[$id]) {
223	e33be77c	Ermal	$oldusername = $a_user[$id]['name'];
224	73fa304b	Phil Davis	} else {
225	e33be77c	Ermal	$oldusername = "";
226	73fa304b	Phil Davis	}
227	e33be77c	Ermal	/* make sure this user name is unique */
228			if (!$input_errors) {
229			foreach ($a_user as $userent) {
230			if ($userent['name'] == $_POST['usernamefld'] && $oldusername != $_POST['usernamefld']) {
231			$input_errors[] = gettext("Another entry with the same username already exists.");
232			break;
233	58664cc9	Scott Ullrich	}
234	3dec33d4	Erik Fonnesbeck	}
235	e33be77c	Ermal	}
236			/* also make sure it is not reserved */
237			if (!$input_errors) {
238			$system_users = explode("\n", file_get_contents("/etc/passwd"));
239			foreach ($system_users as $s_user) {
240			$ent = explode(":", $s_user);
241			if ($ent[0] == $_POST['usernamefld'] && $oldusername != $_POST['usernamefld']) {
242			$input_errors[] = gettext("That username is reserved by the system.");
243			break;
244	8339ab6d	jim-p	}
245	7e4a4513	Scott Ullrich	}
246	e33be77c	Ermal	}
247	1df17ba9	Scott Ullrich
248	e33be77c	Ermal	/*
249	e30050b6	Phil Davis	* Check for a valid expiration date if one is set at all (valid means,
250	4d148b59	Yehuda Katz	* DateTime puts out a time stamp so any DateTime compatible time
251	e33be77c	Ermal	* format may be used. to keep it simple for the enduser, we only
252			* claim to accept MM/DD/YYYY as inputs. Advanced users may use inputs
253			* like "+1 day", which will be converted to MM/DD/YYYY based on "now".
254	e30050b6	Phil Davis	* Otherwise such an entry would lead to an invalid expiration data.
255	e33be77c	Ermal	*/
256	73fa304b	Phil Davis	if ($_POST['expires']) {
257	4d148b59	Yehuda Katz	try {
258			$expdate = new DateTime($_POST['expires']);
259			//convert from any DateTime compatible date to MM/DD/YYYY
260			$_POST['expires'] = $expdate->format("m/d/Y");
261	73fa304b	Phil Davis	} catch (Exception $ex) {
262	e33be77c	Ermal	$input_errors[] = gettext("Invalid expiration date format; use MM/DD/YYYY instead.");
263	0092b3bd	mgrooms	}
264	e33be77c	Ermal	}
265	0092b3bd	mgrooms
266	e33be77c	Ermal	if (!empty($_POST['name'])) {
267			$ca = lookup_ca($_POST['caref']);
268	73fa304b	Phil Davis	if (!$ca) {
269	4c291f4c	Renato Botelho	$input_errors[] = gettext("Invalid internal Certificate Authority") . "\n";
270	73fa304b	Phil Davis	}
271	e33be77c	Ermal	}
272	c9794c06	Ermal
273	e33be77c	Ermal	if (!$input_errors) {
274	4ee51131	Sjon Hortensius
275	e33be77c	Ermal	$userent = array();
276	73fa304b	Phil Davis	if (isset($id) && $a_user[$id]) {
277	e33be77c	Ermal	$userent = $a_user[$id];
278	73fa304b	Phil Davis	}
279	e879fc81	Ermal
280	e33be77c	Ermal	isset($_POST['utype']) ? $userent['scope'] = $_POST['utype'] : $userent['scope'] = "system";
281
282			/* the user name was modified */
283	926e0a2f	Phil Davis	if (!empty($_POST['oldusername']) && ($_POST['usernamefld'] <> $_POST['oldusername'])) {
284	e33be77c	Ermal	$_SERVER['REMOTE_USER'] = $_POST['usernamefld'];
285	fdcf104c	jim-p	local_user_del($userent);
286			}
287	1df17ba9	Scott Ullrich
288	e30050b6	Phil Davis	/* the user password was modified */
289	73fa304b	Phil Davis	if ($_POST['passwordfld1']) {
290	e33be77c	Ermal	local_user_set_password($userent, $_POST['passwordfld1']);
291	73fa304b	Phil Davis	}
292	1df17ba9	Scott Ullrich
293	5cde9005	NewEraCracker	/* only change description if sent */
294			if (isset($_POST['descr'])) {
295			$userent['descr'] = $_POST['descr'];
296			}
297
298	e33be77c	Ermal	$userent['name'] = $_POST['usernamefld'];
299			$userent['expires'] = $_POST['expires'];
300	8bab524e	Phil Davis	$userent['dashboardcolumns'] = $_POST['dashboardcolumns'];
301	e33be77c	Ermal	$userent['authorizedkeys'] = base64_encode($_POST['authorizedkeys']);
302			$userent['ipsecpsk'] = $_POST['ipsecpsk'];
303	3ccb9689	Charlie Marshall
304	73fa304b	Phil Davis	if ($_POST['disabled']) {
305	e33be77c	Ermal	$userent['disabled'] = true;
306	73fa304b	Phil Davis	} else {
307	e33be77c	Ermal	unset($userent['disabled']);
308	73fa304b	Phil Davis	}
309	e33be77c	Ermal
310	8bab524e	Phil Davis	if ($_POST['customsettings']) {
311			$userent['customsettings'] = true;
312			} else {
313			unset($userent['customsettings']);
314			}
315
316			if ($_POST['webguicss']) {
317			$userent['webguicss'] = $_POST['webguicss'];
318			} else {
319			unset($userent['webguicss']);
320			}
321
322			if ($_POST['webguifixedmenu']) {
323			$userent['webguifixedmenu'] = $_POST['webguifixedmenu'];
324			} else {
325			unset($userent['webguifixedmenu']);
326			}
327
328			if ($_POST['webguihostnamemenu']) {
329			$userent['webguihostnamemenu'] = $_POST['webguihostnamemenu'];
330			} else {
331			unset($userent['webguihostnamemenu']);
332			}
333
334	1d3510cf	Phil Davis	if ($_POST['interfacessort']) {
335			$userent['interfacessort'] = true;
336			} else {
337			unset($userent['interfacessort']);
338			}
339
340	8bab524e	Phil Davis	if ($_POST['dashboardavailablewidgetspanel']) {
341			$userent['dashboardavailablewidgetspanel'] = true;
342			} else {
343			unset($userent['dashboardavailablewidgetspanel']);
344			}
345
346			if ($_POST['systemlogsfilterpanel']) {
347			$userent['systemlogsfilterpanel'] = true;
348			} else {
349			unset($userent['systemlogsfilterpanel']);
350			}
351
352			if ($_POST['systemlogsmanagelogpanel']) {
353			$userent['systemlogsmanagelogpanel'] = true;
354			} else {
355			unset($userent['systemlogsmanagelogpanel']);
356			}
357
358			if ($_POST['statusmonitoringsettingspanel']) {
359			$userent['statusmonitoringsettingspanel'] = true;
360			} else {
361			unset($userent['statusmonitoringsettingspanel']);
362			}
363
364			if ($_POST['webguileftcolumnhyper']) {
365			$userent['webguileftcolumnhyper'] = true;
366			} else {
367			unset($userent['webguileftcolumnhyper']);
368			}
369
370	d9058974	Phil Davis	if ($_POST['disablealiaspopupdetail']) {
371			$userent['disablealiaspopupdetail'] = true;
372			} else {
373			unset($userent['disablealiaspopupdetail']);
374			}
375
376	8bab524e	Phil Davis	if ($_POST['pagenamefirst']) {
377			$userent['pagenamefirst'] = true;
378			} else {
379			unset($userent['pagenamefirst']);
380			}
381
382	73fa304b	Phil Davis	if (isset($id) && $a_user[$id]) {
383	e33be77c	Ermal	$a_user[$id] = $userent;
384	73fa304b	Phil Davis	} else {
385	e33be77c	Ermal	if (!empty($_POST['name'])) {
386			$cert = array();
387			$cert['refid'] = uniqid();
388	4c291f4c	Renato Botelho	$userent['cert'] = array();
389	e33be77c	Ermal
390			$cert['descr'] = $_POST['name'];
391
392	4c291f4c	Renato Botelho	$subject = cert_get_subject_array($ca['crt']);
393	e33be77c	Ermal
394	4c291f4c	Renato Botelho	$dn = array(
395			'countryName' => $subject[0]['v'],
396			'stateOrProvinceName' => $subject[1]['v'],
397			'localityName' => $subject[2]['v'],
398			'organizationName' => $subject[3]['v'],
399			'emailAddress' => $subject[4]['v'],
400			'commonName' => $userent['name']);
401	e33be77c	Ermal
402			cert_create($cert, $_POST['caref'], $_POST['keylen'],
403			(int)$_POST['lifetime'], $dn);
404
405	73fa304b	Phil Davis	if (!is_array($config['cert'])) {
406	e33be77c	Ermal	$config['cert'] = array();
407	73fa304b	Phil Davis	}
408	e33be77c	Ermal	$config['cert'][] = $cert;
409			$userent['cert'][] = $cert['refid'];
410			}
411			$userent['uid'] = $config['system']['nextuid']++;
412			/* Add the user to All Users group. */
413			foreach ($config['system']['group'] as $gidx => $group) {
414			if ($group['name'] == "all") {
415	73fa304b	Phil Davis	if (!is_array($config['system']['group'][$gidx]['member'])) {
416	e33be77c	Ermal	$config['system']['group'][$gidx]['member'] = array();
417	73fa304b	Phil Davis	}
418	e33be77c	Ermal	$config['system']['group'][$gidx]['member'][] = $userent['uid'];
419			break;
420			}
421			}
422	970db70b	Scott Ullrich
423	e33be77c	Ermal	$a_user[] = $userent;
424	45ee90ed	Matthew Grooms	}
425	e33be77c	Ermal
426	900ce3b0	jim-p	/* Add user to groups so PHP can see the memberships properly or else the user's shell account does not get proper permissions (if applicable) See #5152. */
427	d61309a0	Phil Davis	local_user_set_groups($userent, $_POST['groups']);
428	e33be77c	Ermal	local_user_set($userent);
429	900ce3b0	jim-p	/* Add user to groups again to ensure they are set everywhere, otherwise the user may not appear to be a member of the group. See commit:5372d26d9d25d751d16865ed9d46869d3b0ec5e1. */
430	73fa304b	Phil Davis	local_user_set_groups($userent, $_POST['groups']);
431	e33be77c	Ermal	write_config();
432
433	73fa304b	Phil Davis	if (is_dir("/etc/inc/privhooks")) {
434	e33be77c	Ermal	run_plugins("/etc/inc/privhooks");
435	73fa304b	Phil Davis	}
436	e33be77c	Ermal
437	3ccb9689	Charlie Marshall
438	e33be77c	Ermal	pfSenseHeader("system_usermanager.php");
439	45ee90ed	Matthew Grooms	}
440	e33be77c	Ermal	}
441	fab7ff44	Bill Marquette
442	7411c285	Stephen Beaver	function build_priv_table() {
443			global $a_user, $id;
444
445			$privhtml = '<div class="table-responsive">';
446			$privhtml .= '<table class="table table-striped table-hover table-condensed">';
447			$privhtml .= '<thead>';
448	7d2e572f	Stephen Beaver	$privhtml .= '<tr>';
449			$privhtml .= '<th>' . gettext('Inherited from') . '</th>';
450			$privhtml .= '<th>' . gettext('Name') . '</th>';
451			$privhtml .= '<th>' . gettext('Description') . '</th>';
452	f460db90	NOYB	$privhtml .= '<th>' . gettext('Action') . '</th>';
453	7d2e572f	Stephen Beaver	$privhtml .= '</tr>';
454	7411c285	Stephen Beaver	$privhtml .= '</thead>';
455			$privhtml .= '<tbody>';
456
457	945204b1	Stephen Beaver	$i = 0;
458	57188e47	Phil Davis	$user_has_root_priv = false;
459	945204b1	Stephen Beaver
460			foreach (get_user_privdesc($a_user[$id]) as $priv) {
461			$group = false;
462			if ($priv['group']) {
463			$group = $priv['group'];
464			}
465
466	7411c285	Stephen Beaver	$privhtml .= '<tr>';
467			$privhtml .= '<td>' . htmlspecialchars($priv['group']) . '</td>';
468			$privhtml .= '<td>' . htmlspecialchars($priv['name']) . '</td>';
469	57188e47	Phil Davis	$privhtml .= '<td>' . htmlspecialchars($priv['descr']);
470			if (isset($priv['warn']) && ($priv['warn'] == 'standard-warning-root')) {
471	21312954	Phil Davis	$privhtml .= ' ' . gettext('(admin privilege)');
472	57188e47	Phil Davis	$user_has_root_priv = true;
473			}
474			$privhtml .= '</td>';
475	945204b1	Stephen Beaver	$privhtml .= '<td>';
476	d61309a0	Phil Davis	if (!$group) {
477	f460db90	NOYB	$privhtml .= '<a class="fa fa-trash no-confirm icon-pointer" title="' . gettext('Delete Privilege') . '" id="delprivid' . $i . '"></a>';
478	d61309a0	Phil Davis	}
479	945204b1	Stephen Beaver
480			$privhtml .= '</td>';
481	7411c285	Stephen Beaver	$privhtml .= '</tr>';
482	945204b1	Stephen Beaver
483	d61309a0	Phil Davis	if (!$group) {
484	945204b1	Stephen Beaver	$i++;
485	d61309a0	Phil Davis	}
486	7411c285	Stephen Beaver	}
487
488	57188e47	Phil Davis	if ($user_has_root_priv) {
489			$privhtml .= '<tr>';
490			$privhtml .= '<td colspan="3">';
491	9187d6f7	Phil Davis	$privhtml .= '<b>' . gettext('Security notice: This user effectively has administrator-level access') . '</b>';
492	57188e47	Phil Davis	$privhtml .= '</td>';
493			$privhtml .= '<td>';
494			$privhtml .= '</td>';
495			$privhtml .= '</tr>';
496	f5c9c0c7	Steve Beaver
497	57188e47	Phil Davis	}
498
499	7411c285	Stephen Beaver	$privhtml .= '</tbody>';
500			$privhtml .= '</table>';
501			$privhtml .= '</div>';
502
503			$privhtml .= '<nav class="action-buttons">';
504	4611e283	Steve Beaver	$privhtml .= '<a href="system_usermanager_addprivs.php?userid=' . $id . '" class="btn btn-success"><i class="fa fa-plus icon-embed-btn"></i>' . gettext("Add") . '</a>';
505	7411c285	Stephen Beaver	$privhtml .= '</nav>';
506
507			return($privhtml);
508			}
509	98402844	Stephen Beaver
510	7411c285	Stephen Beaver	function build_cert_table() {
511			global $a_user, $id;
512
513			$certhtml = '<div class="table-responsive">';
514			$certhtml .= '<table class="table table-striped table-hover table-condensed">';
515			$certhtml .= '<thead>';
516	7d2e572f	Stephen Beaver	$certhtml .= '<tr>';
517			$certhtml .= '<th>' . gettext('Name') . '</th>';
518			$certhtml .= '<th>' . gettext('CA') . '</th>';
519	98402844	Stephen Beaver	$certhtml .= '<th></th>';
520	7d2e572f	Stephen Beaver	$certhtml .= '</tr>';
521	7411c285	Stephen Beaver	$certhtml .= '</thead>';
522			$certhtml .= '<tbody>';
523
524			$a_cert = $a_user[$id]['cert'];
525			if (is_array($a_cert)) {
526			$i = 0;
527			foreach ($a_cert as $certref) {
528	7d2e572f	Stephen Beaver	$cert = lookup_cert($certref);
529			$ca = lookup_ca($cert['caref']);
530			$revokedstr = is_cert_revoked($cert) ? '<b> Revoked</b>':'';
531
532	7411c285	Stephen Beaver	$certhtml .= '<tr>';
533	7d2e572f	Stephen Beaver	$certhtml .= '<td>' . htmlspecialchars($cert['descr']) . $revokedstr . '</td>';
534	7411c285	Stephen Beaver	$certhtml .= '<td>' . htmlspecialchars($ca['descr']) . '</td>';
535	db676e5b	Stephen Beaver	$certhtml .= '<td>';
536	945204b1	Stephen Beaver	$certhtml .= '<a id="delcert' . $i .'" class="fa fa-trash no-confirm icon-pointer" title="';
537	f14ff867	Phil Davis	$certhtml .= gettext('Remove this certificate association? (Certificate will not be deleted)') . '"></a>';
538	db676e5b	Stephen Beaver	$certhtml .= '</td>';
539	7411c285	Stephen Beaver	$certhtml .= '</tr>';
540	db676e5b	Stephen Beaver	$i++;
541	7411c285	Stephen Beaver	}
542	db676e5b	Stephen Beaver
543	7411c285	Stephen Beaver	}
544
545			$certhtml .= '</tbody>';
546			$certhtml .= '</table>';
547			$certhtml .= '</div>';
548
549			$certhtml .= '<nav class="action-buttons">';
550	4611e283	Steve Beaver	$certhtml .= '<a href="system_certmanager.php?act=new&userid=' . $id . '" class="btn btn-success"><i class="fa fa-plus icon-embed-btn"></i>' . gettext("Add") . '</a>';
551	7411c285	Stephen Beaver	$certhtml .= '</nav>';
552
553			return($certhtml);
554			}
555
556	8f1ab2a4	k-paulius	$pgtitle = array(gettext("System"), gettext("User Manager"), gettext("Users"));
557	edcd7535	Phil Davis	$pglinks = array("", "system_usermanager.php", "system_usermanager.php");
558	8f1ab2a4	k-paulius
559			if ($act == "new" \|\| $act == "edit" \|\| $input_errors) {
560			$pgtitle[] = gettext('Edit');
561	edcd7535	Phil Davis	$pglinks[] = "@self";
562	8f1ab2a4	k-paulius	}
563	4611e283	Steve Beaver
564	e33be77c	Ermal	include("head.inc");
565	fab7ff44	Bill Marquette
566	d6b79c39	Phil Davis	if ($delete_errors) {
567			print_input_errors($delete_errors);
568			}
569
570	d61309a0	Phil Davis	if ($input_errors) {
571	4ee51131	Sjon Hortensius	print_input_errors($input_errors);
572	d61309a0	Phil Davis	}
573	98402844	Stephen Beaver
574	d61309a0	Phil Davis	if ($savemsg) {
575	98402844	Stephen Beaver	print_info_box($savemsg, 'success');
576	d61309a0	Phil Davis	}
577	4ee51131	Sjon Hortensius
578			$tab_array = array();
579			$tab_array[] = array(gettext("Users"), true, "system_usermanager.php");
580			$tab_array[] = array(gettext("Groups"), false, "system_groupmanager.php");
581			$tab_array[] = array(gettext("Settings"), false, "system_usermanager_settings.php");
582	2d1f33d9	k-paulius	$tab_array[] = array(gettext("Authentication Servers"), false, "system_authservers.php");
583	4ee51131	Sjon Hortensius	display_top_tabs($tab_array);
584
585	7411c285	Stephen Beaver	if (!($act == "new" \|\| $act == "edit" \|\| $input_errors)) {
586	64600f94	Sjon Hortensius	?>
587	64c31615	Stephen Beaver	<form method="post">
588	060ed238	Stephen Beaver	<div class="panel panel-default">
589			<div class="panel-heading"><h2 class="panel-title"><?=gettext('Users')?></h2></div>
590			<div class="panel-body">
591			<div class="table-responsive">
592	1c10ce97	PiBa-NL	<table class="table table-striped table-hover table-condensed sortable-theme-bootstrap table-rowdblclickedit" data-sortable>
593	060ed238	Stephen Beaver	<thead>
594			<tr>
595			<th> </th>
596			<th><?=gettext("Username")?></th>
597			<th><?=gettext("Full name")?></th>
598	edd88334	NOYB	<th><?=gettext("Status")?></th>
599	060ed238	Stephen Beaver	<th><?=gettext("Groups")?></th>
600	70dc5cd6	Phil Davis	<th><?=gettext("Actions")?></th>
601	060ed238	Stephen Beaver	</tr>
602			</thead>
603			<tbody>
604	a0165602	Sjon Hortensius	<?php
605	d61309a0	Phil Davis	foreach ($a_user as $i => $userent):
606	a0165602	Sjon Hortensius	?>
607	060ed238	Stephen Beaver	<tr>
608			<td>
609	d6b79c39	Phil Davis	<input type="checkbox" id="frc<?=$i?>" name="delete_check[]" value="<?=$i?>" <?=((($userent['scope'] == "system") \|\| ($userent['name'] == $_SESSION['Username'])) ? 'disabled' : '')?>/>
610	060ed238	Stephen Beaver	</td>
611			<td>
612	a0165602	Sjon Hortensius	<?php
613	d61309a0	Phil Davis	if ($userent['scope'] != "user") {
614	a0165602	Sjon Hortensius	$usrimg = 'eye-open';
615	d61309a0	Phil Davis	} else {
616	a0165602	Sjon Hortensius	$usrimg = 'user';
617	d61309a0	Phil Davis	}
618	a0165602	Sjon Hortensius	?>
619	060ed238	Stephen Beaver	<i class="fa fa-<?=$usrimg?>"></i>
620			<?=htmlspecialchars($userent['name'])?>
621			</td>
622			<td><?=htmlspecialchars($userent['descr'])?></td>
623	0fdbaca8	NOYB	<td><i class="fa fa-<?= (isset($userent['disabled'])) ? 'ban" title="' . gettext("Disabled") . '"' : 'check" title="' . gettext("Enabled") . '"' ; ?>><span style='display: none'><?= (isset($userent['disabled'])) ? gettext("Disabled") : gettext("Enabled") ; ?></span></i></td>
624	060ed238	Stephen Beaver	<td><?=implode(",", local_user_get_groups($userent))?></td>
625			<td>
626	4611e283	Steve Beaver	<a class="fa fa-pencil" title="<?=gettext("Edit user"); ?>" href="?act=edit&userid=<?=$i?>"></a>
627	d6b79c39	Phil Davis	<?php if (($userent['scope'] != "system") && ($userent['name'] != $_SESSION['Username'])): ?>
628	f5c9c0c7	Steve Beaver	<a class="fa fa-trash" title="<?=gettext("Delete user")?>" href="?act=deluser&userid=<?=$i?>&username=<?=$userent['name']?>" usepost></a>
629	a0165602	Sjon Hortensius	<?php endif; ?>
630	060ed238	Stephen Beaver	</td>
631			</tr>
632	a0165602	Sjon Hortensius	<?php endforeach; ?>
633	060ed238	Stephen Beaver	</tbody>
634			</table>
635			</div>
636			</div>
637	94404d94	Sander van Leeuwen	</div>
638	c10cb196	Stephen Beaver	<nav class="action-buttons">
639	4611e283	Steve Beaver	<a href="?act=new" class="btn btn-sm btn-success">
640	9d5a20cf	heper	<i class="fa fa-plus icon-embed-btn"></i>
641	b921ab63	Stephen Beaver	<?=gettext("Add")?>
642			</a>
643	64c31615	Stephen Beaver
644			<button type="submit" class="btn btn-sm btn-danger" name="dellall" value="dellall" title="<?=gettext('Delete selected users')?>">
645			<i class="fa fa-trash icon-embed-btn"></i>
646			<?=gettext("Delete")?>
647			</button>
648	f5c9c0c7	Steve Beaver
649	94404d94	Sander van Leeuwen	</nav>
650	d825dfea	NOYB	</form>
651	3c3ede28	Stephen Beaver	<div class="infoblock">
652	a0165602	Sjon Hortensius	<?php
653	a0d084fe	k-paulius	print_callout('<p>' . gettext("Additional users can be added here. User permissions for accessing " .
654			"the webConfigurator can be assigned directly or inherited from group memberships. " .
655			"Some system object properties can be modified but they cannot be deleted.") . '</p>' .
656			'<p>' . gettext("Accounts added here are also used for other parts of the system " .
657			"such as OpenVPN, IPsec, and Captive Portal.") . '</p>'
658			);
659	f5c9c0c7	Steve Beaver
660	d3f59a8c	Steve Beaver	?></div>
661
662	f5c9c0c7	Steve Beaver	<?php
663	a0165602	Sjon Hortensius	include("foot.inc");
664			exit;
665			}
666	4ee51131	Sjon Hortensius
667			$form = new Form;
668
669	7411c285	Stephen Beaver	if ($act == "new" \|\| $act == "edit" \|\| $input_errors):
670	4ee51131	Sjon Hortensius
671	7411c285	Stephen Beaver	$form->addGlobal(new Form_Input(
672			'act',
673			null,
674			'hidden',
675			''
676			));
677	4ee51131	Sjon Hortensius
678	7411c285	Stephen Beaver	$form->addGlobal(new Form_Input(
679			'userid',
680			null,
681			'hidden',
682			isset($id) ? $id:''
683			));
684	4ee51131	Sjon Hortensius
685	7411c285	Stephen Beaver	$form->addGlobal(new Form_Input(
686			'privid',
687			null,
688			'hidden',
689			''
690			));
691	4ee51131	Sjon Hortensius
692	7411c285	Stephen Beaver	$form->addGlobal(new Form_Input(
693			'certid',
694			null,
695			'hidden',
696			''
697			));
698	4ee51131	Sjon Hortensius
699	7411c285	Stephen Beaver	$ro = "";
700			if ($pconfig['utype'] == "system") {
701	c4b60a9a	Colin Fleming	$ro = "readonly";
702	7411c285	Stephen Beaver	}
703	4ee51131	Sjon Hortensius
704	7411c285	Stephen Beaver	$section = new Form_Section('User Properties');
705	4ee51131	Sjon Hortensius
706	7411c285	Stephen Beaver	$section->addInput(new Form_StaticText(
707			'Defined by',
708			strtoupper($pconfig['utype'])
709			));
710	4ee51131	Sjon Hortensius
711	7411c285	Stephen Beaver	$form->addGlobal(new Form_Input(
712			'utype',
713			null,
714			'hidden',
715			$pconfig['utype']
716			));
717	4ee51131	Sjon Hortensius
718	7411c285	Stephen Beaver	$section->addInput(new Form_Checkbox(
719			'disabled',
720			'Disabled',
721			'This user cannot login',
722			$pconfig['disabled']
723			));
724	6b07c15a	Matthew Grooms
725	7411c285	Stephen Beaver	$section->addInput($input = new Form_Input(
726			'usernamefld',
727	153c3aa6	Phil Davis	'*Username',
728	7411c285	Stephen Beaver	'text',
729			$pconfig['usernamefld']
730			));
731	61dec0b0	Renato Botelho
732	d61309a0	Phil Davis	if ($ro) {
733	1fe9cc38	Stephen Beaver	$input->setReadonly();
734	d61309a0	Phil Davis	}
735	7411c285	Stephen Beaver
736			$form->addGlobal(new Form_Input(
737			'oldusername',
738	4ee51131	Sjon Hortensius	null,
739	7411c285	Stephen Beaver	'hidden',
740			$pconfig['usernamefld']
741	4ee51131	Sjon Hortensius	));
742	6b07c15a	Matthew Grooms
743	153c3aa6	Phil Davis	if ($act == "edit") {
744			$pwd_required = "";
745			} else {
746			$pwd_required = "*";
747			}
748
749			$group = new Form_Group($pwd_required . 'Password');
750	7411c285	Stephen Beaver	$group->add(new Form_Input(
751			'passwordfld1',
752			'Password',
753			'password'
754			));
755			$group->add(new Form_Input(
756			'passwordfld2',
757			'Confirm Password',
758			'password'
759			));
760
761			$section->add($group);
762
763			$section->addInput($input = new Form_Input(
764			'descr',
765			'Full name',
766			'text',
767			htmlspecialchars($pconfig['descr'])
768	89140b63	NOYB	))->setHelp('User\'s full name, for administrative information only');
769	7411c285	Stephen Beaver
770	d61309a0	Phil Davis	if ($ro) {
771	7411c285	Stephen Beaver	$input->setDisabled();
772	d61309a0	Phil Davis	}
773	7411c285	Stephen Beaver
774			$section->addInput(new Form_Input(
775			'expires',
776			'Expiration date',
777	d78dbc34	Stephen Beaver	'text',
778	7411c285	Stephen Beaver	$pconfig['expires']
779			))->setHelp('Leave blank if the account shouldn\'t expire, otherwise enter '.
780	98b87cfa	Jonathon Anderson	'the expiration date as MM/DD/YYYY');
781	7411c285	Stephen Beaver
782	8bab524e	Phil Davis	$section->addInput(new Form_Checkbox(
783			'customsettings',
784			'Custom Settings',
785			'Use individual customized GUI options and dashboard layout for this user.',
786			$pconfig['customsettings']
787			));
788
789			gen_user_settings_fields($section, $pconfig);
790
791	7411c285	Stephen Beaver	// ==== Group membership ==================================================
792			$group = new Form_Group('Group membership');
793
794	7d2e572f	Stephen Beaver	// Make a list of all the groups configured on the system, and a list of
795	7411c285	Stephen Beaver	// those which this user is a member of
796			$systemGroups = array();
797			$usersGroups = array();
798
799			$usergid = [$pconfig['usernamefld']];
800
801			foreach ($config['system']['group'] as $Ggroup) {
802	d61309a0	Phil Davis	if ($Ggroup['name'] != "all") {
803			if (($act == 'edit') && $Ggroup['member'] && in_array($pconfig['uid'], $Ggroup['member'])) {
804	b4333696	Stephen Beaver	$usersGroups[ $Ggroup['name'] ] = $Ggroup['name']; // Add it to the user's list
805	d61309a0	Phil Davis	} else {
806	b4333696	Stephen Beaver	$systemGroups[ $Ggroup['name'] ] = $Ggroup['name']; // Add it to the 'not a member of' list
807	d61309a0	Phil Davis	}
808	b4333696	Stephen Beaver	}
809	7411c285	Stephen Beaver	}
810
811			$group->add(new Form_Select(
812			'sysgroups',
813			null,
814			array_combine((array)$pconfig['groups'], (array)$pconfig['groups']),
815			$systemGroups,
816			true
817	953385a3	heper	))->setHelp('Not member of');
818	6b07c15a	Matthew Grooms
819	7411c285	Stephen Beaver	$group->add(new Form_Select(
820			'groups',
821			null,
822			array_combine((array)$pconfig['groups'], (array)$pconfig['groups']),
823			$usersGroups,
824			true
825	953385a3	heper	))->setHelp('Member of');
826	7411c285	Stephen Beaver
827			$section->add($group);
828
829			$group = new Form_Group('');
830
831			$group->add(new Form_Button(
832			'movetoenabled',
833	faab522f	Renato Botelho	'Move to "Member of" list',
834	37676f4e	jim-p	null,
835			'fa-angle-double-right'
836	347c0214	Phil Davis	))->setAttribute('type','button')->removeClass('btn-primary')->addClass('btn-info btn-sm');
837	7411c285	Stephen Beaver
838			$group->add(new Form_Button(
839			'movetodisabled',
840	faab522f	Renato Botelho	'Move to "Not member of" list',
841	37676f4e	jim-p	null,
842			'fa-angle-double-left'
843	347c0214	Phil Davis	))->setAttribute('type','button')->removeClass('btn-primary')->addClass('btn-info btn-sm');
844	4ee51131	Sjon Hortensius
845	e4c7d45f	NewEraCracker	$group->setHelp('Hold down CTRL (PC)/COMMAND (Mac) key to select multiple items.');
846	7411c285	Stephen Beaver	$section->add($group);
847	4ee51131	Sjon Hortensius
848	7411c285	Stephen Beaver	// ==== Button for adding user certificate ================================
849	d61309a0	Phil Davis	if ($act == 'new') {
850	4ee51131	Sjon Hortensius	$section->addInput(new Form_Checkbox(
851	7411c285	Stephen Beaver	'showcert',
852			'Certificate',
853			'Click to create a user certificate',
854			false
855	4ee51131	Sjon Hortensius	));
856	6b07c15a	Matthew Grooms	}
857
858	7411c285	Stephen Beaver	$form->add($section);
859	6b07c15a	Matthew Grooms
860	7411c285	Stephen Beaver	// ==== Effective privileges section ======================================
861			if (isset($pconfig['uid'])) {
862			// We are going to build an HTML table and add it to an Input_StaticText. It may be ugly, but it
863			// is the best way to make the display we need.
864	6b07c15a	Matthew Grooms
865	7411c285	Stephen Beaver	$section = new Form_Section('Effective Privileges');
866	4ee51131	Sjon Hortensius
867	7411c285	Stephen Beaver	$section->addInput(new Form_StaticText(
868			null,
869			build_priv_table()
870			));
871	4ee51131	Sjon Hortensius
872	7411c285	Stephen Beaver	$form->add($section);
873	4ee51131	Sjon Hortensius
874	7411c285	Stephen Beaver	// ==== Certificate table section =====================================
875	5f88f964	k-paulius	$section = new Form_Section('User Certificates');
876	7411c285	Stephen Beaver
877			$section->addInput(new Form_StaticText(
878			null,
879			build_cert_table()
880			));
881	64600f94	Sjon Hortensius
882			$form->add($section);
883	c9794c06	Ermal	}
884	7411c285	Stephen Beaver
885	f14ff867	Phil Davis	// ==== Add user certificate for a new user
886			if (is_array($config['ca']) && count($config['ca']) > 0) {
887	5f88f964	k-paulius	$section = new Form_Section('Create Certificate for User');
888	f14ff867	Phil Davis	$section->addClass('cert-options');
889	c9794c06	Ermal
890	f14ff867	Phil Davis	$nonPrvCas = array();
891	9d3e8723	Phil Davis	foreach ($config['ca'] as $ca) {
892	f14ff867	Phil Davis	if (!$ca['prv']) {
893			continue;
894			}
895	7411c285	Stephen Beaver
896	f14ff867	Phil Davis	$nonPrvCas[ $ca['refid'] ] = $ca['descr'];
897			}
898	7411c285	Stephen Beaver
899	f14ff867	Phil Davis	if (!empty($nonPrvCas)) {
900			$section->addInput(new Form_Input(
901			'name',
902			'Descriptive name',
903			'text',
904			$pconfig['name']
905			));
906	7411c285	Stephen Beaver
907	f14ff867	Phil Davis	$section->addInput(new Form_Select(
908			'caref',
909			'Certificate authority',
910			null,
911			$nonPrvCas
912			));
913	7411c285	Stephen Beaver
914	f14ff867	Phil Davis	$section->addInput(new Form_Select(
915			'keylen',
916			'Key length',
917			2048,
918			array(
919			512 => '512 bits',
920			1024 => '1024 bits',
921	16897690	jim-p	2048 => '2048 bits',
922	d5018c6a	stilez	3072 => '3072 bits',
923	f14ff867	Phil Davis	4096 => '4096 bits',
924	d5018c6a	stilez	7680 => '7680 bits',
925			8192 => '8192 bits',
926			15360 => '15360 bits',
927			16384 => '16384 bits'
928	f14ff867	Phil Davis	)
929	4dd437e4	Phil Davis	))->setHelp('The larger the key, the more security it offers, but larger keys take considerably more time to generate, ' .
930			'and take slightly longer to validate leading to a slight slowdown in setting up new sessions (not always noticeable). ' .
931			'As of 2016, 2048 bit is the minimum and most common selection and 4096 is the maximum in common use. ' .
932			'For more information see %1$s.', '<a href="https://keylength.com">keylength.com</a>');
933	7411c285	Stephen Beaver
934	f14ff867	Phil Davis	$section->addInput(new Form_Input(
935			'lifetime',
936			'Lifetime',
937			'number',
938			$pconfig['lifetime']
939			));
940	7411c285	Stephen Beaver	}
941
942	f14ff867	Phil Davis	$form->add($section);
943			}
944
945	7411c285	Stephen Beaver	endif;
946			// ==== Paste a key for the new user
947	4ee51131	Sjon Hortensius	$section = new Form_Section('Keys');
948
949	35e0cd70	Stephen Beaver	$section->addInput(new Form_Checkbox(
950			'showkey',
951			'Authorized keys',
952			'Click to paste an authorized key',
953			false
954			));
955
956	4ee51131	Sjon Hortensius	$section->addInput(new Form_Textarea(
957			'authorizedkeys',
958	d1e73829	Stephen Beaver	'Authorized SSH Keys',
959	4ee51131	Sjon Hortensius	$pconfig['authorizedkeys']
960	d1e73829	Stephen Beaver	))->setHelp('Enter authorized SSH keys for this user');
961	4ee51131	Sjon Hortensius
962	35e0cd70	Stephen Beaver	$section->addInput(new Form_Input(
963	4ee51131	Sjon Hortensius	'ipsecpsk',
964			'IPsec Pre-Shared Key',
965			'text',
966			$pconfig['ipsecpsk']
967			));
968
969			$form->add($section);
970	7411c285	Stephen Beaver
971	a0165602	Sjon Hortensius	print $form;
972	8bab524e	Phil Davis
973			$csswarning = sprintf(gettext("%sUser-created themes are unsupported, use at your own risk."), "<br />");
974	7411c285	Stephen Beaver	?>
975	8fd9052f	Colin Fleming	<script type="text/javascript">
976	7411c285	Stephen Beaver	//<![CDATA[
977	d61309a0	Phil Davis	events.push(function() {
978	7411c285	Stephen Beaver
979	8bab524e	Phil Davis	function setcustomoptions() {
980			var adv = $('#customsettings').prop('checked');
981
982			hideInput('webguicss', !adv);
983			hideInput('webguifixedmenu', !adv);
984			hideInput('webguihostnamemenu', !adv);
985			hideInput('dashboardcolumns', !adv);
986	1d3510cf	Phil Davis	hideCheckbox('interfacessort', !adv);
987	8bab524e	Phil Davis	hideCheckbox('dashboardavailablewidgetspanel', !adv);
988			hideCheckbox('systemlogsfilterpanel', !adv);
989			hideCheckbox('systemlogsmanagelogpanel', !adv);
990			hideCheckbox('statusmonitoringsettingspanel', !adv);
991			hideCheckbox('webguileftcolumnhyper', !adv);
992	d9058974	Phil Davis	hideCheckbox('disablealiaspopupdetail', !adv);
993	8bab524e	Phil Davis	hideCheckbox('pagenamefirst', !adv);
994			}
995
996			// Handle displaying a warning message if a user-created theme is selected.
997			function setThemeWarning() {
998			if ($('#webguicss').val().startsWith("pfSense")) {
999			$('#csstxt').html("").addClass("text-default");
1000			} else {
1001			$('#csstxt').html("<?=$csswarning?>").addClass("text-danger");
1002			}
1003			}
1004
1005			$('#webguicss').change(function() {
1006			setThemeWarning();
1007			});
1008
1009			setThemeWarning();
1010
1011	7411c285	Stephen Beaver	// On click . .
1012	8bab524e	Phil Davis	$('#customsettings').click(function () {
1013			setcustomoptions();
1014			});
1015
1016	7411c285	Stephen Beaver	$("#movetodisabled").click(function() {
1017			moveOptions($('[name="groups[]"] option'), $('[name="sysgroups[]"]'));
1018			});
1019
1020			$("#movetoenabled").click(function() {
1021			moveOptions($('[name="sysgroups[]"] option'), $('[name="groups[]"]'));
1022			});
1023
1024			$("#showcert").click(function() {
1025			hideClass('cert-options', !this.checked);
1026			});
1027
1028			$("#showkey").click(function() {
1029	35e0cd70	Stephen Beaver	hideInput('authorizedkeys', false);
1030			hideCheckbox('showkey', true);
1031	7411c285	Stephen Beaver	});
1032
1033	98402844	Stephen Beaver	$('[id^=delcert]').click(function(event) {
1034	d61309a0	Phil Davis	if (confirm(event.target.title)) {
1035	98402844	Stephen Beaver	$('#certid').val(event.target.id.match(/\d+$/)[0]);
1036			$('#userid').val('<?=$id;?>');
1037			$('#act').val('delcert');
1038			$('form').submit();
1039			}
1040			});
1041	945204b1	Stephen Beaver
1042	408d0882	heper	$('[id^=delprivid]').click(function(event) {
1043	d61309a0	Phil Davis	if (confirm(event.target.title)) {
1044	4c879f95	heper	$('#privid').val(event.target.id.match(/\d+$/)[0]);
1045	408d0882	heper	$('#userid').val('<?=$id;?>');
1046			$('#act').val('delprivid');
1047			$('form').submit();
1048			}
1049			});
1050	64c31615	Stephen Beaver
1051	53c38ff1	Stephen Beaver	$('#expires').datepicker();
1052	98402844	Stephen Beaver
1053	eef93144	Jared Dillard	// ---------- On initial page load ------------------------------------------------------------
1054
1055			hideClass('cert-options', true);
1056			//hideInput('authorizedkeys', true);
1057	d1e73829	Stephen Beaver	hideCheckbox('showkey', true);
1058	8bab524e	Phil Davis	setcustomoptions();
1059	7411c285	Stephen Beaver
1060			// On submit mark all the user's groups as "selected"
1061	d61309a0	Phil Davis	$('form').submit(function() {
1062	7411c285	Stephen Beaver	AllServers($('[name="groups[]"] option'), true);
1063			});
1064	f5c9c0c7	Steve Beaver
1065	7411c285	Stephen Beaver	});
1066			//]]>
1067			</script>
1068			<?php
1069	bb1b5c6f	heper	include('foot.inc');
1070	d6b79c39	Phil Davis	?>

Project

General

Profile

pfSense