/usr/local/www/system_groupmanager.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/system_groupmanager.php @ 659fa7f2

-            d88c6a9f
+<?php
-            fab7ff44
+/*
-            d88c6a9f
+	$Id: system_groupmanager.php
 	part of m0n0wall (http://m0n0.ch/wall)
-b07c15a
+	Copyright (C) 2008 Shrew Soft Inc.
 	All rights reserved.
-            d88c6a9f
+	Copyright (C) 2005 Paul Taylor <paultaylor@winn-dixie.com>.
 	All rights reserved.
 	Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>.
 	All rights reserved.
 	Redistribution and use in source and binary forms, with or without
 	modification, are permitted provided that the following conditions are met:
 . Redistributions of source code must retain the above copyright notice,
 	   this list of conditions and the following disclaimer.
 . Redistributions in binary form must reproduce the above copyright
 	   notice, this list of conditions and the following disclaimer in the
 	   documentation and/or other materials provided with the distribution.
 	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
 	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
 	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
 	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
 	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
 	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
 	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
 	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 	POSSIBILITY OF SUCH DAMAGE.
-            fab7ff44
+*/
-b07c15a
+##|+PRIV
 ##|*IDENT=page-system-groupmanager
 ##|*NAME=System: Group manager page
 ##|*DESCR=Allow access to the 'System: Group manager' page.
 ##|*MATCH=system_groupmanager.php*
 ##|-PRIV
-            fab7ff44
+            Bill Marquette
-b07c15a
+require("guiconfig.inc");
-            d88c6a9f
+            Scott Ullrich
-b07c15a
+$pgtitle = array("System", "Group manager");
-            fab7ff44
+            Bill Marquette
-b07c15a
+if (!is_array($config['system']['group']))
 	$config['system']['group'] = array();
-            d81c2ad1
+            Scott Ullrich
-b07c15a
+admin_groups_sort();
 $a_group = &$config['system']['group'];
-            d81c2ad1
+            Scott Ullrich
-b07c15a
+$id = $_GET['id'];
 if (isset($_POST['id']))
 	$id = $_POST['id'];
-            d81c2ad1
+            Scott Ullrich
-b07c15a
+if ($_GET['act'] == "delgroup") {
-b53653
+            Scott Ullrich
-b07c15a
+	if (!$a_group[$_GET['id']]) {
 		pfSenseHeader("system_groupmanager.php");
 		exit;
+	}
-b53653
+            Scott Ullrich
-fa7f2
+	local_group_del($a_group[$_GET['id']]);
-b07c15a
+	$groupdeleted = $a_group[$_GET['id']]['name'];
 	unset($a_group[$_GET['id']]);
 	write_config();
 	$savemsg = gettext("Group")." {$groupdeleted} ".
 				gettext("successfully deleted")."<br/>";
-            fab7ff44
+            Bill Marquette
-            d88c6a9f
+            Scott Ullrich
-b07c15a
+if ($_GET['act'] == "delpriv") {
-            fab7ff44
+            Bill Marquette
-b07c15a
+	if (!$a_group[$_GET['id']]) {
 		pfSenseHeader("system_groupmanager.php");
 		exit;
+	}
-            fab7ff44
+            Bill Marquette
-b07c15a
+	$privdeleted = $priv_list[$a_group[$id]['priv'][$_GET['privid']]]['name'];
 	unset($a_group[$id]['priv'][$_GET['privid']]);
 	foreach ($a_group[$id]['member'] as $uid) {
 		$user = getUserEntryByUID($uid);
 		if ($user)
-fa7f2
+			local_user_set($user);
-            d88c6a9f
+            Scott Ullrich
-b07c15a
+            Matthew Grooms
 	write_config();
 	$_GET['act'] = "edit";
 	$savemsg = gettext("Privilege")." {$privdeleted} ".
 				gettext("successfully deleted")."<br/>";
+}
-ee90ed
+            Matthew Grooms
 if($_GET['act']=="edit"){
 	if (isset($id) && $a_group[$id]) {
 		$pconfig['name'] = $a_group[$id]['name'];
-b07c15a
+		$pconfig['gid'] = $a_group[$id]['gid'];
 		$pconfig['gtype'] = $a_group[$id]['scope'];
-ee90ed
+		$pconfig['description'] = $a_group[$id]['description'];
-b07c15a
+		$pconfig['members'] = $a_group[$id]['member'];
 		$pconfig['priv'] = $a_group[$id]['priv'];
-ee90ed
+            Matthew Grooms
+}
-b07c15a
+            Matthew Grooms
-            fab7ff44
+if ($_POST) {
-            d88c6a9f
+	unset($input_errors);
 	$pconfig = $_POST;
 	/* input validation */
 	$reqdfields = explode(" ", "groupname");
 	$reqdfieldsn = explode(",", "Group Name");
 	do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
 	if (preg_match("/[^a-zA-Z0-9\.\-_ ]/", $_POST['groupname']))
 		$input_errors[] = "The group name contains invalid characters.";
 	if (!$input_errors && !(isset($id) && $a_group[$id])) {
 		/* make sure there are no dupes */
 		foreach ($a_group as $group) {
 			if ($group['name'] == $_POST['groupname']) {
 				$input_errors[] = "Another entry with the same group name already exists.";
 				break;
+			}
+		}
+	}
 	if (!$input_errors) {
-ee90ed
+		$group = array();
-            d88c6a9f
+		if (isset($id) && $a_group[$id])
 			$group = $a_group[$id];
 		$group['name'] = $_POST['groupname'];
 		$group['description'] = $_POST['description'];
-ee90ed
+            Matthew Grooms
-b07c15a
+		if ($group['gid'] != 1998) // all group
 			$group['member'] = $_POST['members'];
-ee90ed
+            Matthew Grooms
-            d88c6a9f
+		if (isset($id) && $a_group[$id])
 			$a_group[$id] = $group;
-ee90ed
+		else {
 			$group['gid'] = $config['system']['nextgid']++;
-            d88c6a9f
+			$a_group[] = $group;
-ee90ed
+            Matthew Grooms
-fa7f2
+		local_group_set($group);
-            d88c6a9f
+		write_config();
 		header("Location: system_groupmanager.php");
 		exit;
+	}
-            fab7ff44
+            Bill Marquette
 include("head.inc");
 ?>
-ee90ed
+            Matthew Grooms
 <body link="#000000" vlink="#000000" alink="#000000" onload="<?= $jsevents["body"]["onload"] ?>">
-b07c15a
+<?php include("fbegin.inc"); ?>
 <script language="JavaScript">
 <!--
 function setall_selected(id) {
 	selbox = document.getElementById(id);
 	count = selbox.options.length;
 	for (index = 0; index<count; index++)
 		selbox.options[index].selected = true;
+}
 function clear_selected(id) {
 	selbox = document.getElementById(id);
 	count = selbox.options.length;
 	for (index = 0; index<count; index++)
 		selbox.options[index].selected = false;
+}
 function remove_selected(id) {
 	selbox = document.getElementById(id);
 	index = selbox.options.length - 1;
 	for (; index >= 0; index--)
 		if (selbox.options[index].selected)
 			selbox.remove(index);
+}
 function copy_selected(srcid, dstid) {
 	src_selbox = document.getElementById(srcid);
 	dst_selbox = document.getElementById(dstid);
 	count = src_selbox.options.length;
 	for (index = 0; index < count; index++) {
 		if (src_selbox.options[index].selected) {
 			option = document.createElement('option');
 			option.text = src_selbox.options[index].text;
 			option.value = src_selbox.options[index].value;
 			dst_selbox.add(option, null);
+		}
+	}
+}
 function move_selected(srcid, dstid) {
 	copy_selected(srcid, dstid);
 	remove_selected(srcid);
+}
 function presubmit() {
 	clear_selected('notmembers');
 	setall_selected('members');
+}
 //-->
 </script>
-            fab7ff44
+<?php
-ee90ed
+	if ($input_errors)
 		print_input_errors($input_errors);
 	if ($savemsg)
 		print_info_box($savemsg);
-            fab7ff44
+?>
-ee90ed
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
 	<tr>
 		<td class="tabnavtbl">
 			<ul id="tabnav">
 			<?php
 				$tab_array = array();
 				$tab_array[] = array(gettext("Users"), false, "system_usermanager.php");
-b07c15a
+				$tab_array[] = array(gettext("Groups"), true, "system_groupmanager.php");
-ee90ed
+				$tab_array[] = array(gettext("Settings"), false, "system_usermanager_settings.php");
 				display_top_tabs($tab_array);
 			?>
 			</ul>
 		</td>
 	</tr>
 	<tr>
 		<td class="tabcont">
 			<?php if($_GET['act']=="new" || $_GET['act']=="edit"): ?>
 			<script src="/javascript/scriptaculous/prototype.js" type="text/javascript"></script>
 			<script type="text/javascript">
 				function checkall() {
 					var el = document.getElementById('iform');
 					for (var i = 0; i < el.elements.length; i++)
 						el.elements[i].checked = true;
+				}
 				function checknone() {
 					var el = document.getElementById('iform');
 					for (var i = 0; i < el.elements.length; i++)
 						el.elements[i].checked = false;
-f2
+            Scott Ullrich
-ee90ed
+			</script>
-b07c15a
+			<form action="system_groupmanager.php" method="post" name="iform" id="iform" onsubmit="presubmit()">
-ee90ed
+				<table width="100%" border="0" cellpadding="6" cellspacing="0">
-b07c15a
+                    <?php
                         $ro = "";
                         if ($pconfig['gtype'] == "system")
                             $ro = "readonly = \"readonly\"";
                     ?>
 					<tr>
 						<td width="22%" valign="top" class="vncell"><?=gettext("Defined by");?></td>
 						<td width="78%" class="vtable">
 							<strong><?=strtoupper($pconfig['gtype']);?></strong>
 							<input name="gtype" type="hidden" value="<?=$pconfig['gtype']?>"/>
 						</td>
 					</tr>
-ee90ed
+					<tr>
 						<td width="22%" valign="top" class="vncellreq">Group name</td>
 						<td width="78%" class="vtable">
-b07c15a
+							<input name="groupname" type="text" class="formfld group" id="groupname" size="20" value="<?=htmlspecialchars($pconfig['name']);?>" <?=$ro;?>>
-ee90ed
+						</td>
 					</tr>
 					<tr>
 						<td width="22%" valign="top" class="vncell">Description</td>
 						<td width="78%" class="vtable">
-b07c15a
+							<input name="description" type="text" class="formfld unknown" id="description" size="20" value="<?=htmlspecialchars($pconfig['description']);?>">
-ee90ed
+							<br>
 							Group description, for your own information only
 						</td>
 					</tr>
-b07c15a
+            Matthew Grooms
 					<?php if ($pconfig['gid'] != 1998): // all users group ?>
-ee90ed
+					<tr>
-b07c15a
+						<td width="22%" valign="top" class="vncell"><?=gettext("Group Memberships");?></td>
 						<td width="78%" class="vtable" align="center">
 							<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
 								<tr>
 									<td align="center" width="50%">
 										<strong>Not Members</strong><br/>
 										<br/>
 											<select size="10" style="width: 75%" name="notmembers[]" class="formselect" id="notmembers" onChange="clear_selected('members')" multiple>
 											<?php
 												foreach ($config['system']['user'] as $user):
 													if (in_array($user['uid'],$pconfig['members']))
 														continue;
 											?>
 											<option value="<?=$user['uid'];?>" <?=$selected;?>>
 												<?=htmlspecialchars($user['name']);?>
 											</option>
 											<?php endforeach; ?>
 										</select>
 										<br/>
 									</td>
 									<td>
 										<br/>
 										<a href="javascript:move_selected('notmembers','members')">
 											<img src="/themes/<?= $g['theme'];?>/images/icons/icon_plus.gif" title="Add Members" alt="Add Members" width="17" height="17" border="0" />
 										</a>
 										<br/><br/>
 										<a href="javascript:move_selected('members','notmembers')">
 											<img src="/themes/<?= $g['theme'];?>/images/icons/icon_x.gif" title="Remove Members" alt="Remove Members" width="17" height="17" border="0" />
 										</a>
 									</td>
 									<td align="center" width="50%">
 										<strong>Members</strong><br/>
 										<br/>
 										<select size="10" style="width: 75%" name="members[]" class="formselect" id="members" onChange="clear_selected('notmembers')" multiple>
 											<?php
 												foreach ($config['system']['user'] as $user):
 													if (!in_array($user['uid'],$pconfig['members']))
 														continue;
 											?>
 											<option value="<?=$user['uid'];?>">
 												<?=htmlspecialchars($user['name']);?>
 											</option>
 											<?php endforeach; ?>
 										</select>
 										<br/>
 									</td>
 								</tr>
 							</table>
 							<?=gettext("Hold down CTRL (pc)/COMMAND (mac) key to select multiple items");?>
-ee90ed
+						</td>
 					</tr>
-b07c15a
+            Matthew Grooms
 					<?php endif; ?>
-ee90ed
+					<tr>
-b07c15a
+						<td width="22%" valign="top" class="vncell"><?=gettext("Effective Privileges");?></td>
 						<td width="78%" class="vtable">
 							<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
-ee90ed
+								<tr>
-b07c15a
+									<td width="40%" class="listhdrr"><?=gettext("Name");?></td>
 									<td width="60%" class="listhdrr"><?=gettext("Description");?></td>
 									<td class="list"></td>
 								</tr>
 								<?php
 									if(is_array($pconfig['priv'])):
 										$i = 0;
 										foreach ($pconfig['priv'] as $priv):
 								?>
 								<tr>
 									<td class="listr">
 										<?=htmlspecialchars($priv_list[$priv]['name']);?>
 									</td>
 									<td class="listbg">
 										<font color="#FFFFFF">
 											<?=htmlspecialchars($priv_list[$priv]['descr']);?>
 										</font>
 									</td>
 									<td valign="middle" nowrap class="list">
 										<a href="system_groupmanager.php?act=delpriv&id=<?=$id?>&privid=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this privilege?");?>')">
 											<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" alt="" />
 										</a>
 									</td>
-ee90ed
+								</tr>
-b07c15a
+								<?php
 										$i++;
                       					endforeach;
 									endif;
-ee90ed
+								?>
 								<tr>
-b07c15a
+									<td class="list" colspan="2"></td>
 									<td class="list">
 										<a href="system_groupmanager_addprivs.php?groupid=<?=$id?>">
 											<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" alt="" />
 										</a>
-ee90ed
+									</td>
 								</tr>
 							</table>
 						</td>
 					</tr>
 					<tr>
 						<td width="22%" valign="top">&nbsp;</td>
 						<td width="78%">
 							<input name="save" type="submit" class="formbtn" value="Save">
 							<?php if (isset($id) && $a_group[$id]): ?>
 							<input name="id" type="hidden" value="<?=$id;?>">
-b07c15a
+							<input name="gid" type="hidden" value="<?=$pconfig['gid'];?>">
 							<?php endif; ?>
-ee90ed
+						</td>
 					</tr>
 				</table>
 			</form>
 			<?php else: ?>
 			<table width="100%" border="0" cellpadding="0" cellspacing="0">
 				<tr>
 					<td width="25%" class="listhdrr">Group name</td>
 					<td width="25%" class="listhdrr">Description</td>
-b07c15a
+					<td width="30%" class="listhdrr">Member Count</td>
-ee90ed
+					<td width="10%" class="list"></td>
-            d88c6a9f
+				</tr>
-ee90ed
+				<?php
 					$i = 0;
 					foreach($a_group as $group):
-b07c15a
+            Matthew Grooms
 						if($group['scope'] == "system")
 							$grpimg = "/themes/{$g['theme']}/images/icons/icon_system-group-grey.png";
 						else
 							$grpimg = "/themes/{$g['theme']}/images/icons/icon_system-group.png";
-ee90ed
+				?>
 				<tr>
 					<td class="listlr">
-b07c15a
+						<table border="0" cellpadding="0" cellspacing="0">
 							<tr>
 								<td align="left" valign="center">
 									<img src="<?=$grpimg;?>" alt="User" title="User" border="0" height="16" width="16" />
 								</td>
 								</td>
 								<td align="left" valign="middle">
 									<?=htmlspecialchars($group['name']); ?>&nbsp;
 								</td>
 							</tr>
 						</table>
-ee90ed
+					</td>
 					<td class="listr">
 						<?=htmlspecialchars($group['description']);?>&nbsp;
 					</td>
 					<td class="listbg">
 						<font color="white">
-b07c15a
+							<?=count($group['member'])?>
-ee90ed
+						</font>
 					</td>
 					<td valign="middle" nowrap class="list">
 						<a href="system_groupmanager.php?act=edit&id=<?=$i;?>">
 							<img src="./themes/<?=$g['theme'];?>/images/icons/icon_e.gif" title="edit group" width="17" height="17" border="0">
 						</a>
 						&nbsp;
-b07c15a
+						<?php if($group['scope'] != "system"): ?>
 						<a href="system_groupmanager.php?act=delgroup&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this group?')">
-ee90ed
+							<img src="/themes/<?=$g['theme'];?>/images/icons/icon_x.gif" title="delete group" width="17" height="17" border="0">
 						</a>
-b07c15a
+						<?php endif; ?>
-ee90ed
+					</td>
 				</tr>
 				<?php
 					$i++;
 					endforeach;
 				?>
 				<tr>
-b07c15a
+					<td class="list" colspan="3"></td>
-ee90ed
+					<td class="list">
 						<a href="system_groupmanager.php?act=new"><img src="./themes/<?=$g['theme'];?>/images/icons/icon_plus.gif" title="add group" width="17" height="17" border="0">
 						</a>
 					</td>
 				</tr>
 				<tr>
 					<td colspan="4">
 						Additional webGui admin groups can be added here.
 						Each group can be restricted to specific portions of the webGUI.
 						Individually select the desired web pages each group may access.
 						For example, a troubleshooting group could be created which has
 						access only to selected Status and Diagnostics pages.
 					</td>
 				</tr>
 			</table>
 			<? endif; ?>
-            d88c6a9f
+            Scott Ullrich
-ee90ed
+		</td>
 	</tr>
 </table>
 </body>
-e321df2
+<?php include("fend.inc"); ?>

Project

General

Profile

pfSense