/src/usr/local/www/system_groupmanager.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/src/usr/local/www/system_groupmanager.php @ 2a24c162

1	4c291f4c	Renato Botelho	<?php
2	fab7ff44	Bill Marquette	/*
3	c5d81585	Renato Botelho	* system_groupmanager.php
4	191cb31d	Stephen Beaver	*
5	c5d81585	Renato Botelho	* part of pfSense (https://www.pfsense.org)
6	38809d47	Renato Botelho do Couto	* Copyright (c) 2004-2013 BSD Perimeter
7			* Copyright (c) 2013-2016 Electric Sheep Fencing
8	8f2f85c3	Luiz Otavio O Souza	* Copyright (c) 2014-2022 Rubicon Communications, LLC (Netgate)
9	c5d81585	Renato Botelho	* Copyright (c) 2005 Paul Taylor <paultaylor@winn-dixie.com>
10			* Copyright (c) 2008 Shrew Soft Inc
11			* All rights reserved.
12	f74457df	Stephen Beaver	*
13	c5d81585	Renato Botelho	* originally based on m0n0wall (http://m0n0.ch/wall)
14			* Copyright (c) 2003-2004 Manuel Kasper <mk@neon1.net>.
15			* All rights reserved.
16	f74457df	Stephen Beaver	*
17	b12ea3fb	Renato Botelho	* Licensed under the Apache License, Version 2.0 (the "License");
18			* you may not use this file except in compliance with the License.
19			* You may obtain a copy of the License at
20	f74457df	Stephen Beaver	*
21	b12ea3fb	Renato Botelho	* http://www.apache.org/licenses/LICENSE-2.0
22	f74457df	Stephen Beaver	*
23	b12ea3fb	Renato Botelho	* Unless required by applicable law or agreed to in writing, software
24			* distributed under the License is distributed on an "AS IS" BASIS,
25			* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
26			* See the License for the specific language governing permissions and
27			* limitations under the License.
28	f74457df	Stephen Beaver	*/
29	fab7ff44	Bill Marquette
30	6b07c15a	Matthew Grooms	##\|+PRIV
31			##\|*IDENT=page-system-groupmanager
32	48157a04	Phil Davis	##\|*NAME=System: Group Manager
33			##\|*DESCR=Allow access to the 'System: Group Manager' page.
34	57188e47	Phil Davis	##\|*WARN=standard-warning-root
35	6b07c15a	Matthew Grooms	##\|MATCH=system_groupmanager.php
36			##\|-PRIV
37	fab7ff44	Bill Marquette
38	c81ef6e2	Phil Davis	require_once("guiconfig.inc");
39	15c74b5b	doktornotor	require_once("pfsense-utils.inc");
40	d88c6a9f	Scott Ullrich
41	3fa6d462	jim-p	$logging_level = LOG_WARNING;
42			$logging_prefix = gettext("Local User Database");
43
44	c6c398c6	jim-p	init_config_arr(array('system', 'group'));
45	6b07c15a	Matthew Grooms	$a_group = &$config['system']['group'];
46	d81c2ad1	Scott Ullrich
47	7ea27b0d	Renato Botelho	unset($id);
48	4611e283	Steve Beaver	$id = $_REQUEST['groupid'];
49			$act = (isset($_REQUEST['act']) ? $_REQUEST['act'] : '');
50	31b53653	Scott Ullrich
51	e6407b22	Viktor G	if ($act == 'dup') {
52	df14688b	Viktor G	$dup = $id;
53	e6407b22	Viktor G	$act = 'edit';
54			}
55
56	06683083	Stephen Beaver	function cpusercmp($a, $b) {
57			return strcasecmp($a['name'], $b['name']);
58			}
59	23d09a2e	Stephen Beaver
60	06683083	Stephen Beaver	function admin_groups_sort() {
61			global $a_group;
62
63			if (!is_array($a_group)) {
64			return;
65			}
66
67			usort($a_group, "cpusercmp");
68			}
69
70	acd7e560	jim-p	/*
71			* Check user privileges to test if the user is allowed to make changes.
72			* Otherwise users can end up in an inconsistent state where some changes are
73			* performed and others denied. See https://redmine.pfsense.org/issues/9259
74			*/
75			phpsession_begin();
76			$guiuser = getUserEntry($_SESSION['Username']);
77			$read_only = (is_array($guiuser) && userHasPrivilege($guiuser, "user-config-readonly"));
78			phpsession_end();
79
80			if (!empty($_POST) && $read_only) {
81			$input_errors = array(gettext("Insufficient privileges to make the requested change (read only)."));
82			}
83
84			if (($_POST['act'] == "delgroup") && !$read_only) {
85	7ea27b0d	Renato Botelho
86	449cac24	Renato Botelho	if (!isset($id) \|\| !isset($_REQUEST['groupname']) \|\|
87			!isset($a_group[$id]) \|\|
88			($_REQUEST['groupname'] != $a_group[$id]['name'])) {
89	6b07c15a	Matthew Grooms	pfSenseHeader("system_groupmanager.php");
90			exit;
91			}
92	31b53653	Scott Ullrich
93	7ea27b0d	Renato Botelho	local_group_del($a_group[$id]);
94			$groupdeleted = $a_group[$id]['name'];
95			unset($a_group[$id]);
96	449cac24	Renato Botelho	/*
97			* Reindex the array to avoid operating on an incorrect index
98			* https://redmine.pfsense.org/issues/7733
99			*/
100	92c27793	jim-p	$a_group = array_values($a_group);
101	3fa6d462	jim-p
102	449cac24	Renato Botelho	$savemsg = sprintf(gettext("Successfully deleted group: %s"),
103			$groupdeleted);
104	3fa6d462	jim-p	write_config($savemsg);
105			syslog($logging_level, "{$logging_prefix}: {$savemsg}");
106	fab7ff44	Bill Marquette	}
107	d88c6a9f	Scott Ullrich
108	df14688b	Viktor G	if (($_POST['act'] == "delpriv") && !$read_only && !$dup) {
109	6b07c15a	Matthew Grooms
110	7ea27b0d	Renato Botelho	if (!isset($id) \|\| !isset($a_group[$id])) {
111	6b07c15a	Matthew Grooms	pfSenseHeader("system_groupmanager.php");
112			exit;
113			}
114	fab7ff44	Bill Marquette
115	449cac24	Renato Botelho	$privdeleted =
116			$priv_list[$a_group[$id]['priv'][$_REQUEST['privid']]]['name'];
117	4611e283	Steve Beaver	unset($a_group[$id]['priv'][$_REQUEST['privid']]);
118	6b07c15a	Matthew Grooms
119	2ee08031	Erik Fonnesbeck	if (is_array($a_group[$id]['member'])) {
120			foreach ($a_group[$id]['member'] as $uid) {
121			$user = getUserEntryByUID($uid);
122	e0c7b2fe	Phil Davis	if ($user) {
123	2ee08031	Erik Fonnesbeck	local_user_set($user);
124	64600f94	Sjon Hortensius	}
125	2ee08031	Erik Fonnesbeck	}
126	64600f94	Sjon Hortensius	}
127	45ee90ed	Matthew Grooms
128	449cac24	Renato Botelho	$savemsg = sprintf(gettext("Removed Privilege \"%s\" from group %s"),
129			$privdeleted, $a_group[$id]['name']);
130	3fa6d462	jim-p	write_config($savemsg);
131			syslog($logging_level, "{$logging_prefix}: {$savemsg}");
132
133	7ea27b0d	Renato Botelho	$act = "edit";
134	6b07c15a	Matthew Grooms	}
135	45ee90ed	Matthew Grooms
136	7ea27b0d	Renato Botelho	if ($act == "edit") {
137			if (isset($id) && isset($a_group[$id])) {
138	e6407b22	Viktor G	if (!$dup) {
139			$pconfig['name'] = $a_group[$id]['name'];
140			$pconfig['gid'] = $a_group[$id]['gid'];
141			$pconfig['gtype'] = empty($a_group[$id]['scope'])
142			? "local" : $a_group[$id]['scope'];
143			} else {
144			$pconfig['gtype'] = ($a_group[$id]['scope'] == 'system')
145			? "local" : $a_group[$id]['scope'];
146			}
147	df14688b	Viktor G	$pconfig['priv'] = $a_group[$id]['priv'];
148	45ee90ed	Matthew Grooms	$pconfig['description'] = $a_group[$id]['description'];
149	6b07c15a	Matthew Grooms	$pconfig['members'] = $a_group[$id]['member'];
150	45ee90ed	Matthew Grooms	}
151			}
152	6b07c15a	Matthew Grooms
153	acd7e560	jim-p	if (isset($_POST['dellall_x']) && !$read_only) {
154	c0c5b8cc	bruno
155	20231404	Steve Beaver	$del_groups = $_POST['delete_check'];
156	3fa6d462	jim-p	$deleted_groups = array();
157	c0c5b8cc	bruno
158	e0c7b2fe	Phil Davis	if (!empty($del_groups)) {
159			foreach ($del_groups as $groupid) {
160	449cac24	Renato Botelho	if (isset($a_group[$groupid]) &&
161			$a_group[$groupid]['scope'] != "system") {
162	3fa6d462	jim-p	$deleted_groups[] = $a_group[$groupid]['name'];
163	c0c5b8cc	bruno	local_group_del($a_group[$groupid]);
164			unset($a_group[$groupid]);
165			}
166			}
167	3fa6d462	jim-p
168	449cac24	Renato Botelho	$savemsg = sprintf(gettext("Successfully deleted %s: %s"),
169			(count($deleted_groups) == 1)
170			? gettext("group") : gettext("groups"),
171			implode(', ', $deleted_groups));
172			/*
173			* Reindex the array to avoid operating on an incorrect index
174			* https://redmine.pfsense.org/issues/7733
175			*/
176	92c27793	jim-p	$a_group = array_values($a_group);
177	c0c5b8cc	bruno	write_config($savemsg);
178	3fa6d462	jim-p	syslog($logging_level, "{$logging_prefix}: {$savemsg}");
179	c0c5b8cc	bruno	}
180			}
181
182	acd7e560	jim-p	if (isset($_POST['save']) && !$read_only) {
183	d88c6a9f	Scott Ullrich	unset($input_errors);
184			$pconfig = $_POST;
185
186			/* input validation */
187			$reqdfields = explode(" ", "groupname");
188	b4fd804b	Carlos Eduardo Ramos	$reqdfieldsn = array(gettext("Group Name"));
189	4c291f4c	Renato Botelho
190	1e9b4611	Renato Botelho	do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
191	4c291f4c	Renato Botelho
192	d7689b2c	Stephen Beaver	if ($_POST['gtype'] != "remote") {
193	79ed8ce0	Stephen Beaver	if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['groupname'])) {
194	449cac24	Renato Botelho	$input_errors[] = sprintf(gettext(
195			"The (%s) group name contains invalid characters."),
196			$_POST['gtype']);
197	79ed8ce0	Stephen Beaver	}
198	8d4f79cd	jim-p	if (strlen($_POST['groupname']) > 16) {
199			$input_errors[] = gettext(
200			"The group name is longer than 16 characters.");
201			}
202	79ed8ce0	Stephen Beaver	} else {
203			if (preg_match("/[^a-zA-Z0-9\.\- _]/", $_POST['groupname'])) {
204	449cac24	Renato Botelho	$input_errors[] = sprintf(gettext(
205			"The (%s) group name contains invalid characters."),
206			$_POST['gtype']);
207	79ed8ce0	Stephen Beaver	}
208	e0c7b2fe	Phil Davis	}
209	4c291f4c	Renato Botelho
210	5bef2407	jim-p	/* Check the POSTed members to ensure they are valid and exist */
211	9d3e8723	Phil Davis	if (is_array($_POST['members'])) {
212	9f472202	NewEraCracker	foreach ($_POST['members'] as $newmember) {
213	449cac24	Renato Botelho	if (!is_numeric($newmember) \|\|
214			empty(getUserEntryByUID($newmember))) {
215			$input_errors[] = gettext("One or more " .
216			"invalid group members was submitted.");
217	9f472202	NewEraCracker	}
218	5bef2407	jim-p	}
219			}
220
221	d88c6a9f	Scott Ullrich	if (!$input_errors && !(isset($id) && $a_group[$id])) {
222			/* make sure there are no dupes */
223			foreach ($a_group as $group) {
224			if ($group['name'] == $_POST['groupname']) {
225	449cac24	Renato Botelho	$input_errors[] = gettext("Another entry " .
226			"with the same group name already exists.");
227	d88c6a9f	Scott Ullrich	break;
228			}
229			}
230			}
231	4c291f4c	Renato Botelho
232	d88c6a9f	Scott Ullrich	if (!$input_errors) {
233	45ee90ed	Matthew Grooms	$group = array();
234	e0c7b2fe	Phil Davis	if (isset($id) && $a_group[$id]) {
235	d88c6a9f	Scott Ullrich	$group = $a_group[$id];
236	e0c7b2fe	Phil Davis	}
237	4c291f4c	Renato Botelho
238	d88c6a9f	Scott Ullrich	$group['name'] = $_POST['groupname'];
239			$group['description'] = $_POST['description'];
240	79ed8ce0	Stephen Beaver	$group['scope'] = $_POST['gtype'];
241	45ee90ed	Matthew Grooms
242	e0c7b2fe	Phil Davis	if (empty($_POST['members'])) {
243	70d6b5c4	Ermal	unset($group['member']);
244	e0c7b2fe	Phil Davis	} else if ($group['gid'] != 1998) { // all group
245	6b07c15a	Matthew Grooms	$group['member'] = $_POST['members'];
246	e0c7b2fe	Phil Davis	}
247	45ee90ed	Matthew Grooms
248	e0c7b2fe	Phil Davis	if (isset($id) && $a_group[$id]) {
249	d88c6a9f	Scott Ullrich	$a_group[$id] = $group;
250	e0c7b2fe	Phil Davis	} else {
251	45ee90ed	Matthew Grooms	$group['gid'] = $config['system']['nextgid']++;
252	df14688b	Viktor G	if ($_POST['dup']) {
253			$group['priv'] = $a_group[$_POST['dup']]['priv'];
254			}
255	d88c6a9f	Scott Ullrich	$a_group[] = $group;
256	45ee90ed	Matthew Grooms	}
257
258	06683083	Stephen Beaver	admin_groups_sort();
259
260	659fa7f2	Matthew Grooms	local_group_set($group);
261	2a0e8512	jim-p
262	449cac24	Renato Botelho	/*
263			* Refresh users in this group since their privileges may have
264			* changed.
265			*/
266	5709072a	jim-p	if (is_array($group['member'])) {
267	c6c398c6	jim-p	init_config_arr(array('system', 'user'));
268	5709072a	jim-p	$a_user = &$config['system']['user'];
269			foreach ($a_user as & $user) {
270	e0c7b2fe	Phil Davis	if (in_array($user['uid'], $group['member'])) {
271	5709072a	jim-p	local_user_set($user);
272	e0c7b2fe	Phil Davis	}
273	5709072a	jim-p	}
274	2a0e8512	jim-p	}
275
276	dc3bc1f8	Renato Botelho	/* Sort it alphabetically */
277			usort($config['system']['group'], function($a, $b) {
278			return strcmp($a['name'], $b['name']);
279			});
280
281	449cac24	Renato Botelho	$savemsg = sprintf(gettext("Successfully %s group %s"),
282			(strlen($id) > 0) ? gettext("edited") : gettext("created"),
283			$group['name']);
284	3fa6d462	jim-p	write_config($savemsg);
285			syslog($logging_level, "{$logging_prefix}: {$savemsg}");
286	4c291f4c	Renato Botelho
287	d88c6a9f	Scott Ullrich	header("Location: system_groupmanager.php");
288			exit;
289			}
290	23d09a2e	Stephen Beaver
291			$pconfig['name'] = $_POST['groupname'];
292	fab7ff44	Bill Marquette	}
293
294	2f1e91e4	Stephen Beaver	function build_priv_table() {
295	df14688b	Viktor G	global $a_group, $id, $read_only, $dup;
296	2f1e91e4	Stephen Beaver
297			$privhtml = '<div class="table-responsive">';
298			$privhtml .= '<table class="table table-striped table-hover table-condensed">';
299			$privhtml .= '<thead>';
300	70da45c9	NOYB	$privhtml .= '<tr>';
301			$privhtml .= '<th>' . gettext('Name') . '</th>';
302			$privhtml .= '<th>' . gettext('Description') . '</th>';
303			$privhtml .= '<th>' . gettext('Action') . '</th>';
304			$privhtml .= '</tr>';
305	2f1e91e4	Stephen Beaver	$privhtml .= '</thead>';
306			$privhtml .= '<tbody>';
307
308	57188e47	Phil Davis	$user_has_root_priv = false;
309
310	2f1e91e4	Stephen Beaver	foreach (get_user_privdesc($a_group[$id]) as $i => $priv) {
311			$privhtml .= '<tr>';
312			$privhtml .= '<td>' . htmlspecialchars($priv['name']) . '</td>';
313	57188e47	Phil Davis	$privhtml .= '<td>' . htmlspecialchars($priv['descr']);
314			if (isset($priv['warn']) && ($priv['warn'] == 'standard-warning-root')) {
315	21312954	Phil Davis	$privhtml .= ' ' . gettext('(admin privilege)');
316	57188e47	Phil Davis	$user_has_root_priv = true;
317			}
318			$privhtml .= '</td>';
319	df14688b	Viktor G	if (!$read_only && !$dup) {
320	acd7e560	jim-p	$privhtml .= '<td><a class="fa fa-trash" title="' . gettext('Delete Privilege') . '" href="system_groupmanager.php?act=delpriv&groupid=' . $id . '&privid=' . $i . '" usepost></a></td>';
321			}
322	2f1e91e4	Stephen Beaver	$privhtml .= '</tr>';
323	d61309a0	Phil Davis
324	2f1e91e4	Stephen Beaver	}
325
326	57188e47	Phil Davis	if ($user_has_root_priv) {
327			$privhtml .= '<tr>';
328			$privhtml .= '<td colspan="2">';
329	9187d6f7	Phil Davis	$privhtml .= '<b>' . gettext('Security notice: Users in this group effectively have administrator-level access') . '</b>';
330	57188e47	Phil Davis	$privhtml .= '</td>';
331			$privhtml .= '<td>';
332			$privhtml .= '</td>';
333			$privhtml .= '</tr>';
334	20231404	Steve Beaver
335	57188e47	Phil Davis	}
336
337	2f1e91e4	Stephen Beaver	$privhtml .= '</tbody>';
338			$privhtml .= '</table>';
339			$privhtml .= '</div>';
340
341			$privhtml .= '<nav class="action-buttons">';
342	df14688b	Viktor G	if (!$read_only && !$dup) {
343	acd7e560	jim-p	$privhtml .= '<a href="system_groupmanager_addprivs.php?groupid=' . $id . '" class="btn btn-success"><i class="fa fa-plus icon-embed-btn"></i>' . gettext("Add") . '</a>';
344			}
345	2f1e91e4	Stephen Beaver	$privhtml .= '</nav>';
346
347			return($privhtml);
348			}
349
350	8f1ab2a4	k-paulius	$pgtitle = array(gettext("System"), gettext("User Manager"), gettext("Groups"));
351	edcd7535	Phil Davis	$pglinks = array("", "system_usermanager.php", "system_groupmanager.php");
352	8f1ab2a4	k-paulius
353			if ($act == "new" \|\| $act == "edit") {
354			$pgtitle[] = gettext('Edit');
355	edcd7535	Phil Davis	$pglinks[] = "@self";
356	8f1ab2a4	k-paulius	}
357	23d09a2e	Stephen Beaver
358	fab7ff44	Bill Marquette	include("head.inc");
359
360	d61309a0	Phil Davis	if ($input_errors) {
361	64600f94	Sjon Hortensius	print_input_errors($input_errors);
362	d61309a0	Phil Davis	}
363	23d09a2e	Stephen Beaver
364	d61309a0	Phil Davis	if ($savemsg) {
365	f78bbe16	Phil Davis	print_info_box($savemsg, 'success');
366	d61309a0	Phil Davis	}
367	64600f94	Sjon Hortensius
368			$tab_array = array();
369	451b6419	Augustin-FL	if (!isAllowedPage("system_usermanager.php")) {
370	f94e5cc6	Augustin-FL	$tab_array[] = array(gettext("User Password"), false, "system_usermanager_passwordmg.php");
371			} else {
372			$tab_array[] = array(gettext("Users"), false, "system_usermanager.php");
373			}
374	64600f94	Sjon Hortensius	$tab_array[] = array(gettext("Groups"), true, "system_groupmanager.php");
375			$tab_array[] = array(gettext("Settings"), false, "system_usermanager_settings.php");
376	2d1f33d9	k-paulius	$tab_array[] = array(gettext("Authentication Servers"), false, "system_authservers.php");
377	64600f94	Sjon Hortensius	display_top_tabs($tab_array);
378
379	4611e283	Steve Beaver	if (!($act == "new" \|\| $act == "edit")) {
380	64600f94	Sjon Hortensius	?>
381	060ed238	Stephen Beaver	<div class="panel panel-default">
382			<div class="panel-heading"><h2 class="panel-title"><?=gettext('Groups')?></h2></div>
383			<div class="panel-body">
384			<div class="table-responsive">
385	1c10ce97	PiBa-NL	<table class="table table-striped table-hover table-condensed sortable-theme-bootstrap table-rowdblclickedit" data-sortable>
386	060ed238	Stephen Beaver	<thead>
387			<tr>
388			<th><?=gettext("Group name")?></th>
389			<th><?=gettext("Description")?></th>
390			<th><?=gettext("Member Count")?></th>
391			<th><?=gettext("Actions")?></th>
392			</tr>
393			</thead>
394			<tbody>
395	64600f94	Sjon Hortensius	<?php
396	d61309a0	Phil Davis	foreach ($a_group as $i => $group):
397			if ($group["name"] == "all") {
398	64600f94	Sjon Hortensius	$groupcount = count($config['system']['user']);
399	19028049	Renato Botelho	} elseif (is_array($group['member'])) {
400	64600f94	Sjon Hortensius	$groupcount = count($group['member']);
401	19028049	Renato Botelho	} else {
402			$groupcount = 0;
403	d61309a0	Phil Davis	}
404	64600f94	Sjon Hortensius	?>
405	060ed238	Stephen Beaver	<tr>
406			<td>
407			<?=htmlspecialchars($group['name'])?>
408			</td>
409			<td>
410			<?=htmlspecialchars($group['description'])?>
411			</td>
412			<td>
413			<?=$groupcount?>
414			</td>
415			<td>
416	4611e283	Steve Beaver	<a class="fa fa-pencil" title="<?=gettext("Edit group"); ?>" href="?act=edit&groupid=<?=$i?>"></a>
417	e6407b22	Viktor G	<a class="fa fa-clone" title="<?=gettext("Copy group"); ?>" href="?act=dup&groupid=<?=$i?>"></a>
418	acd7e560	jim-p	<?php if (($group['scope'] != "system") && !$read_only): ?>
419	20231404	Steve Beaver	<a class="fa fa-trash" title="<?=gettext("Delete group")?>" href="?act=delgroup&groupid=<?=$i?>&groupname=<?=$group['name']?>" usepost></a>
420	060ed238	Stephen Beaver	<?php endif;?>
421			</td>
422			</tr>
423	64600f94	Sjon Hortensius	<?php
424			endforeach;
425	fab7ff44	Bill Marquette	?>
426	060ed238	Stephen Beaver	</tbody>
427			</table>
428			</div>
429	94404d94	Sander van Leeuwen	</div>
430	060ed238	Stephen Beaver	</div>
431
432			<nav class="action-buttons">
433	acd7e560	jim-p	<?php if (!$read_only): ?>
434	4611e283	Steve Beaver	<a href="?act=new" class="btn btn-success btn-sm">
435	060ed238	Stephen Beaver	<i class="fa fa-plus icon-embed-btn"></i>
436			<?=gettext("Add")?>
437			</a>
438	acd7e560	jim-p	<?php endif; ?>
439	060ed238	Stephen Beaver	</nav>
440	64600f94	Sjon Hortensius	<?php
441			include('foot.inc');
442			exit;
443	6b07c15a	Matthew Grooms	}
444
445	64600f94	Sjon Hortensius	$form = new Form;
446			$form->setAction('system_groupmanager.php?act=edit');
447	df14688b	Viktor G	if (!$dup) {
448			$form->addGlobal(new Form_Input(
449			'groupid',
450			null,
451			'hidden',
452			$id
453			));
454			} else {
455			$form->addGlobal(new Form_Input(
456			'dup',
457			null,
458			'hidden',
459			$dup
460			));
461			}
462	64600f94	Sjon Hortensius
463	9d3e8723	Phil Davis	if (isset($id) && $a_group[$id]) {
464	64600f94	Sjon Hortensius	$form->addGlobal(new Form_Input(
465			'id',
466			null,
467			'hidden',
468			$id
469			));
470
471			$form->addGlobal(new Form_Input(
472			'gid',
473			null,
474			'hidden',
475			$pconfig['gid']
476			));
477	61dec0b0	Renato Botelho	}
478
479	5f88f964	k-paulius	$section = new Form_Section('Group Properties');
480	82833610	Stephen Beaver
481	e6acc2ee	Sjon Hortensius	$section->addInput($input = new Form_Input(
482	64600f94	Sjon Hortensius	'groupname',
483	153c3aa6	Phil Davis	'*Group name',
484	64600f94	Sjon Hortensius	'text',
485			$pconfig['name']
486			));
487
488	d61309a0	Phil Davis	if ($pconfig['gtype'] == "system") {
489	1192840b	Sjon Hortensius	$input->setReadonly();
490	79ed8ce0	Stephen Beaver
491			$section->addInput(new Form_Input(
492			'gtype',
493	153c3aa6	Phil Davis	'*Scope',
494	79ed8ce0	Stephen Beaver	'text',
495			$pconfig['gtype']
496			))->setReadonly();
497			} else {
498			$section->addInput(new Form_Select(
499			'gtype',
500	153c3aa6	Phil Davis	'*Scope',
501	79ed8ce0	Stephen Beaver	$pconfig['gtype'],
502	82833610	Stephen Beaver	["local" => gettext("Local"), "remote" => gettext("Remote")]
503	449cac24	Renato Botelho	))->setHelp("<span class=\"text-danger\">Warning: Changing this " .
504			"setting may affect the local groups file, in which case a " .
505			"reboot may be required for the changes to take effect.</span>");
506	d61309a0	Phil Davis	}
507	e6acc2ee	Sjon Hortensius
508	64600f94	Sjon Hortensius	$section->addInput(new Form_Input(
509			'description',
510			'Description',
511			'text',
512			$pconfig['description']
513	89140b63	NOYB	))->setHelp('Group description, for administrative information only');
514	64600f94	Sjon Hortensius
515			$form->add($section);
516	d61309a0	Phil Davis
517	449cac24	Renato Botelho	/* all users group */
518			if ($pconfig['gid'] != 1998) {
519			/* Group membership */
520	2f1e91e4	Stephen Beaver	$group = new Form_Group('Group membership');
521
522	449cac24	Renato Botelho	/*
523			* Make a list of all the groups configured on the system, and a list of
524			* those which this user is a member of
525			*/
526	2f1e91e4	Stephen Beaver	$systemGroups = array();
527			$usersGroups = array();
528
529			foreach ($config['system']['user'] as $user) {
530	449cac24	Renato Botelho	if (is_array($pconfig['members']) && in_array($user['uid'],
531			$pconfig['members'])) {
532			/* Add it to the user's list */
533			$usersGroups[ $user['uid'] ] = $user['name'];
534	d61309a0	Phil Davis	} else {
535	449cac24	Renato Botelho	/* Add it to the 'not a member of' list */
536			$systemGroups[ $user['uid'] ] = $user['name'];
537	d61309a0	Phil Davis	}
538	2f1e91e4	Stephen Beaver	}
539
540			$group->add(new Form_Select(
541			'notmembers',
542			null,
543	449cac24	Renato Botelho	array_combine((array)$pconfig['groups'],
544			(array)$pconfig['groups']),
545	2f1e91e4	Stephen Beaver	$systemGroups,
546			true
547	6ef8f2e9	heper	))->setHelp('Not members');
548	64600f94	Sjon Hortensius
549	2f1e91e4	Stephen Beaver	$group->add(new Form_Select(
550	64600f94	Sjon Hortensius	'members',
551	2f1e91e4	Stephen Beaver	null,
552	449cac24	Renato Botelho	array_combine((array)$pconfig['groups'],
553			(array)$pconfig['groups']),
554	2f1e91e4	Stephen Beaver	$usersGroups,
555	64600f94	Sjon Hortensius	true
556	6ef8f2e9	heper	))->setHelp('Members');
557	2f1e91e4	Stephen Beaver
558			$section->add($group);
559
560			$group = new Form_Group('');
561
562			$group->add(new Form_Button(
563			'movetoenabled',
564	faab522f	Renato Botelho	'Move to "Members"',
565	37676f4e	jim-p	null,
566			'fa-angle-double-right'
567	449cac24	Renato Botelho	))->setAttribute('type','button')->removeClass('btn-primary')->addClass(
568			'btn-info btn-sm');
569	2f1e91e4	Stephen Beaver
570			$group->add(new Form_Button(
571			'movetodisabled',
572	faab522f	Renato Botelho	'Move to "Not members',
573	37676f4e	jim-p	null,
574			'fa-angle-double-left'
575	449cac24	Renato Botelho	))->setAttribute('type','button')->removeClass('btn-primary')->addClass(
576			'btn-info btn-sm');
577	2f1e91e4	Stephen Beaver
578	449cac24	Renato Botelho	$group->setHelp(
579			'Hold down CTRL (PC)/COMMAND (Mac) key to select multiple items.');
580	2f1e91e4	Stephen Beaver	$section->add($group);
581	64600f94	Sjon Hortensius
582	6b07c15a	Matthew Grooms	}
583
584	e6407b22	Viktor G	if (isset($pconfig['gid']) \|\| $dup) {
585	64600f94	Sjon Hortensius	$section = new Form_Section('Assigned Privileges');
586
587			$section->addInput(new Form_StaticText(
588			null,
589	2f1e91e4	Stephen Beaver	build_priv_table()
590	64600f94	Sjon Hortensius	));
591	6b07c15a	Matthew Grooms
592	2f1e91e4	Stephen Beaver
593	64600f94	Sjon Hortensius	$form->add($section);
594	6b07c15a	Matthew Grooms	}
595
596	64600f94	Sjon Hortensius	print $form;
597	2f1e91e4	Stephen Beaver	?>
598	8fd9052f	Colin Fleming	<script type="text/javascript">
599	2f1e91e4	Stephen Beaver	//<![CDATA[
600	d61309a0	Phil Davis	events.push(function() {
601	2f1e91e4	Stephen Beaver
602			// On click . .
603			$("#movetodisabled").click(function() {
604	449cac24	Renato Botelho	moveOptions($('[name="members[]"] option'),
605			$('[name="notmembers[]"]'));
606	2f1e91e4	Stephen Beaver	});
607
608			$("#movetoenabled").click(function() {
609	449cac24	Renato Botelho	moveOptions($('[name="notmembers[]"] option'),
610			$('[name="members[]"]'));
611	2f1e91e4	Stephen Beaver	});
612
613			// On submit mark all the user's groups as "selected"
614	d61309a0	Phil Davis	$('form').submit(function() {
615	2f1e91e4	Stephen Beaver	AllServers($('[name="members[]"] option'), true);
616			});
617			});
618			//]]>
619			</script>
620			<?php
621	854fa106	heper	include('foot.inc');

Project

General

Profile

pfSense