1
|
<?php
|
2
|
/* $Id$ */
|
3
|
/*
|
4
|
system_usermanager_settings.php
|
5
|
|
6
|
part of pfSense (https://www.pfsense.org/)
|
7
|
|
8
|
Copyright (C) 2007 Scott Ullrich <sullrich@gmail.com>
|
9
|
Copyright (C) 2007 Bill Marquette <bill.marquette@gmail.com>
|
10
|
Copyright (C) 2013-2015 Electric Sheep Fencing, LP
|
11
|
All rights reserved.
|
12
|
|
13
|
Redistribution and use in source and binary forms, with or without
|
14
|
modification, are permitted provided that the following conditions are met:
|
15
|
|
16
|
1. Redistributions of source code must retain the above copyright notice,
|
17
|
this list of conditions and the following disclaimer.
|
18
|
|
19
|
2. Redistributions in binary form must reproduce the above copyright
|
20
|
notice, this list of conditions and the following disclaimer in the
|
21
|
documentation and/or other materials provided with the distribution.
|
22
|
|
23
|
THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
|
24
|
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
|
25
|
AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
|
26
|
AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
|
27
|
OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
28
|
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
29
|
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
|
30
|
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
31
|
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
32
|
POSSIBILITY OF SUCH DAMAGE.
|
33
|
*/
|
34
|
/*
|
35
|
pfSense_MODULE: auth
|
36
|
*/
|
37
|
|
38
|
##|+PRIV
|
39
|
##|*IDENT=page-system-usermanager-settings
|
40
|
##|*NAME=System: User Manager: settings page
|
41
|
##|*DESCR=Allow access to the 'System: User Manager: settings' page.
|
42
|
##|*MATCH=system_usermanager_settings.php*
|
43
|
##|-PRIV
|
44
|
|
45
|
require("guiconfig.inc");
|
46
|
|
47
|
$pconfig['session_timeout'] = &$config['system']['webgui']['session_timeout'];
|
48
|
$pconfig['authmode'] = &$config['system']['webgui']['authmode'];
|
49
|
$pconfig['backend'] = &$config['system']['webgui']['backend'];
|
50
|
|
51
|
// Page title for main admin
|
52
|
$pgtitle = array(gettext("System"),gettext("User manager settings"));
|
53
|
|
54
|
$save_and_test = false;
|
55
|
if ($_POST) {
|
56
|
unset($input_errors);
|
57
|
$pconfig = $_POST;
|
58
|
|
59
|
if(isset($_POST['session_timeout'])) {
|
60
|
$timeout = intval($_POST['session_timeout']);
|
61
|
if ($timeout != "" && (!is_numeric($timeout) || $timeout <= 0))
|
62
|
$input_errors[] = gettext("Session timeout must be an integer value.");
|
63
|
}
|
64
|
|
65
|
if (!$input_errors) {
|
66
|
if ($_POST['authmode'] != "local") {
|
67
|
$authsrv = auth_get_authserver($_POST['authmode']);
|
68
|
if ($_POST['savetest'])
|
69
|
if (1||$authsrv['type'] == "ldap")
|
70
|
$save_and_test = true;
|
71
|
else
|
72
|
$savemsg = gettext("The test was not performed because it is supported only for ldap based backends.");
|
73
|
}
|
74
|
|
75
|
if(isset($_POST['session_timeout']) && $_POST['session_timeout'] != "")
|
76
|
$config['system']['webgui']['session_timeout'] = intval($_POST['session_timeout']);
|
77
|
else
|
78
|
unset($config['system']['webgui']['session_timeout']);
|
79
|
|
80
|
if($_POST['authmode'])
|
81
|
$config['system']['webgui']['authmode'] = $_POST['authmode'];
|
82
|
else
|
83
|
unset($config['system']['webgui']['authmode']);
|
84
|
|
85
|
write_config();
|
86
|
|
87
|
}
|
88
|
}
|
89
|
|
90
|
include("head.inc");
|
91
|
|
92
|
if ($input_errors)
|
93
|
print_input_errors($input_errors);
|
94
|
if ($savemsg)
|
95
|
print_info_box($savemsg);
|
96
|
|
97
|
if($save_and_test) {
|
98
|
echo "<script>\n";
|
99
|
echo "myRef = window.open('system_usermanager_settings_test.php?authserver=".$pconfig['authmode']."','mywin','left=20,top=20,width=700,height=550,toolbar=1,resizable=0');\n";
|
100
|
echo "if (myRef==null || typeof(myRef)=='undefined') alert('" . gettext("Popup blocker detected. Action aborted.") ."');\n";
|
101
|
echo "</script>\n";
|
102
|
}
|
103
|
|
104
|
$tab_array = array();
|
105
|
$tab_array[] = array(gettext("Users"), false, "system_usermanager.php");
|
106
|
$tab_array[] = array(gettext("Groups"), false, "system_groupmanager.php");
|
107
|
$tab_array[] = array(gettext("Settings"), true, "system_usermanager_settings.php");
|
108
|
$tab_array[] = array(gettext("Servers"), false, "system_authservers.php");
|
109
|
display_top_tabs($tab_array);
|
110
|
|
111
|
/* Default to pfsense backend type if none is defined */
|
112
|
if(!$pconfig['backend'])
|
113
|
$pconfig['backend'] = "pfsense";
|
114
|
|
115
|
require('classes/Form.class.php');
|
116
|
$form = new Form;
|
117
|
|
118
|
$section = new Form_Section('Settings');
|
119
|
|
120
|
$section->addInput(new Form_Input(
|
121
|
'session_timeout',
|
122
|
'Session timeout',
|
123
|
'number',
|
124
|
$pconfig['session_timeout']
|
125
|
))->setHelp('Time in minutes to expire idle management sessions. The default is 4 '.
|
126
|
'hours (240 minutes).Enter 0 to never expire sessions. NOTE: This is a security '.
|
127
|
'risk!');
|
128
|
|
129
|
$auth_servers = array();
|
130
|
foreach (auth_get_authserver_list() as $auth_server)
|
131
|
$auth_servers[ $auth_server['name'] ] = $auth_server['name'];
|
132
|
|
133
|
$section->addInput(new Form_Select(
|
134
|
'authmode',
|
135
|
'Authentication Server',
|
136
|
$pconfig['authmode'],
|
137
|
$auth_servers
|
138
|
));
|
139
|
|
140
|
$form->addGlobal(new Form_Button(
|
141
|
'savetest',
|
142
|
'Save & Test'
|
143
|
))->removeClass('btn-primary')->addClass('btn-default');
|
144
|
|
145
|
$form->add($section);
|
146
|
print $form;
|
147
|
|
148
|
include("fend.inc");
|