1 |
1df17ba9
|
Scott Ullrich
|
<?php
|
2 |
fab7ff44
|
Bill Marquette
|
/*
|
3 |
c5d81585
|
Renato Botelho
|
* system_usermanager.php
|
4 |
7d2e572f
|
Stephen Beaver
|
*
|
5 |
c5d81585
|
Renato Botelho
|
* part of pfSense (https://www.pfsense.org)
|
6 |
b8f91b7c
|
Luiz Souza
|
* Copyright (c) 2004-2018 Rubicon Communications, LLC (Netgate)
|
7 |
c5d81585
|
Renato Botelho
|
* Copyright (c) 2008 Shrew Soft Inc.
|
8 |
|
|
* Copyright (c) 2005 Paul Taylor <paultaylor@winn-dixie.com>
|
9 |
|
|
* All rights reserved.
|
10 |
191cb31d
|
Stephen Beaver
|
*
|
11 |
c5d81585
|
Renato Botelho
|
* originally based on m0n0wall (http://m0n0.ch/wall)
|
12 |
|
|
* Copyright (c) 2003-2004 Manuel Kasper <mk@neon1.net>.
|
13 |
|
|
* All rights reserved.
|
14 |
7d2e572f
|
Stephen Beaver
|
*
|
15 |
b12ea3fb
|
Renato Botelho
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
16 |
|
|
* you may not use this file except in compliance with the License.
|
17 |
|
|
* You may obtain a copy of the License at
|
18 |
7d2e572f
|
Stephen Beaver
|
*
|
19 |
b12ea3fb
|
Renato Botelho
|
* http://www.apache.org/licenses/LICENSE-2.0
|
20 |
7d2e572f
|
Stephen Beaver
|
*
|
21 |
b12ea3fb
|
Renato Botelho
|
* Unless required by applicable law or agreed to in writing, software
|
22 |
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
23 |
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
24 |
|
|
* See the License for the specific language governing permissions and
|
25 |
|
|
* limitations under the License.
|
26 |
7d2e572f
|
Stephen Beaver
|
*/
|
27 |
fab7ff44
|
Bill Marquette
|
|
28 |
6b07c15a
|
Matthew Grooms
|
##|+PRIV
|
29 |
|
|
##|*IDENT=page-system-usermanager
|
30 |
5230f468
|
jim-p
|
##|*NAME=System: User Manager
|
31 |
6b07c15a
|
Matthew Grooms
|
##|*DESCR=Allow access to the 'System: User Manager' page.
|
32 |
57188e47
|
Phil Davis
|
##|*WARN=standard-warning-root
|
33 |
6b07c15a
|
Matthew Grooms
|
##|*MATCH=system_usermanager.php*
|
34 |
|
|
##|-PRIV
|
35 |
|
|
|
36 |
c81ef6e2
|
Phil Davis
|
require_once("certs.inc");
|
37 |
|
|
require_once("guiconfig.inc");
|
38 |
43e07671
|
doktornotor
|
require_once("pfsense-utils.inc");
|
39 |
fab7ff44
|
Bill Marquette
|
|
40 |
e33be77c
|
Ermal
|
// start admin user code
|
41 |
4611e283
|
Steve Beaver
|
if (isset($_REQUEST['userid']) && is_numericint($_REQUEST['userid'])) {
|
42 |
|
|
$id = $_REQUEST['userid'];
|
43 |
73fa304b
|
Phil Davis
|
}
|
44 |
1df17ba9
|
Scott Ullrich
|
|
45 |
73fa304b
|
Phil Davis
|
if (!isset($config['system']['user']) || !is_array($config['system']['user'])) {
|
46 |
e33be77c
|
Ermal
|
$config['system']['user'] = array();
|
47 |
73fa304b
|
Phil Davis
|
}
|
48 |
1df17ba9
|
Scott Ullrich
|
|
49 |
e33be77c
|
Ermal
|
$a_user = &$config['system']['user'];
|
50 |
4611e283
|
Steve Beaver
|
$act = $_REQUEST['act'];
|
51 |
45ee90ed
|
Matthew Grooms
|
|
52 |
73fa304b
|
Phil Davis
|
if (isset($_SERVER['HTTP_REFERER'])) {
|
53 |
7c2d0050
|
Renato Botelho
|
$referer = $_SERVER['HTTP_REFERER'];
|
54 |
73fa304b
|
Phil Davis
|
} else {
|
55 |
7c2d0050
|
Renato Botelho
|
$referer = '/system_usermanager.php';
|
56 |
73fa304b
|
Phil Davis
|
}
|
57 |
7c2d0050
|
Renato Botelho
|
|
58 |
adacdf5f
|
jim-p
|
if (isset($id) && $a_user[$id]) {
|
59 |
|
|
$pconfig['usernamefld'] = $a_user[$id]['name'];
|
60 |
|
|
$pconfig['descr'] = $a_user[$id]['descr'];
|
61 |
|
|
$pconfig['expires'] = $a_user[$id]['expires'];
|
62 |
8bab524e
|
Phil Davis
|
$pconfig['customsettings'] = isset($a_user[$id]['customsettings']);
|
63 |
|
|
$pconfig['webguicss'] = $a_user[$id]['webguicss'];
|
64 |
|
|
$pconfig['webguifixedmenu'] = $a_user[$id]['webguifixedmenu'];
|
65 |
|
|
$pconfig['webguihostnamemenu'] = $a_user[$id]['webguihostnamemenu'];
|
66 |
|
|
$pconfig['dashboardcolumns'] = $a_user[$id]['dashboardcolumns'];
|
67 |
1d3510cf
|
Phil Davis
|
$pconfig['interfacessort'] = isset($a_user[$id]['interfacessort']);
|
68 |
8bab524e
|
Phil Davis
|
$pconfig['dashboardavailablewidgetspanel'] = isset($a_user[$id]['dashboardavailablewidgetspanel']);
|
69 |
|
|
$pconfig['systemlogsfilterpanel'] = isset($a_user[$id]['systemlogsfilterpanel']);
|
70 |
|
|
$pconfig['systemlogsmanagelogpanel'] = isset($a_user[$id]['systemlogsmanagelogpanel']);
|
71 |
|
|
$pconfig['statusmonitoringsettingspanel'] = isset($a_user[$id]['statusmonitoringsettingspanel']);
|
72 |
|
|
$pconfig['webguileftcolumnhyper'] = isset($a_user[$id]['webguileftcolumnhyper']);
|
73 |
d9058974
|
Phil Davis
|
$pconfig['disablealiaspopupdetail'] = isset($a_user[$id]['disablealiaspopupdetail']);
|
74 |
8bab524e
|
Phil Davis
|
$pconfig['pagenamefirst'] = isset($a_user[$id]['pagenamefirst']);
|
75 |
adacdf5f
|
jim-p
|
$pconfig['groups'] = local_user_get_groups($a_user[$id]);
|
76 |
|
|
$pconfig['utype'] = $a_user[$id]['scope'];
|
77 |
|
|
$pconfig['uid'] = $a_user[$id]['uid'];
|
78 |
|
|
$pconfig['authorizedkeys'] = base64_decode($a_user[$id]['authorizedkeys']);
|
79 |
|
|
$pconfig['priv'] = $a_user[$id]['priv'];
|
80 |
|
|
$pconfig['ipsecpsk'] = $a_user[$id]['ipsecpsk'];
|
81 |
|
|
$pconfig['disabled'] = isset($a_user[$id]['disabled']);
|
82 |
|
|
}
|
83 |
|
|
|
84 |
f5c9c0c7
|
Steve Beaver
|
if ($_POST['act'] == "deluser") {
|
85 |
45ee90ed
|
Matthew Grooms
|
|
86 |
f5c9c0c7
|
Steve Beaver
|
if (!isset($_POST['username']) || !isset($a_user[$id]) || ($_POST['username'] != $a_user[$id]['name'])) {
|
87 |
e33be77c
|
Ermal
|
pfSenseHeader("system_usermanager.php");
|
88 |
|
|
exit;
|
89 |
6b07c15a
|
Matthew Grooms
|
}
|
90 |
|
|
|
91 |
f5c9c0c7
|
Steve Beaver
|
if ($_POST['username'] == $_SESSION['Username']) {
|
92 |
|
|
$delete_errors[] = sprintf(gettext("Cannot delete user %s because you are currently logged in as that user."), $_POST['username']);
|
93 |
d6b79c39
|
Phil Davis
|
} else {
|
94 |
|
|
local_user_del($a_user[$id]);
|
95 |
|
|
$userdeleted = $a_user[$id]['name'];
|
96 |
|
|
unset($a_user[$id]);
|
97 |
92c27793
|
jim-p
|
/* Reindex the array to avoid operating on an incorrect index https://redmine.pfsense.org/issues/7733 */
|
98 |
|
|
$a_user = array_values($a_user);
|
99 |
d6b79c39
|
Phil Davis
|
write_config();
|
100 |
|
|
$savemsg = sprintf(gettext("User %s successfully deleted."), $userdeleted);
|
101 |
|
|
}
|
102 |
f5c9c0c7
|
Steve Beaver
|
|
103 |
d61309a0
|
Phil Davis
|
} else if ($act == "new") {
|
104 |
e33be77c
|
Ermal
|
/*
|
105 |
|
|
* set this value cause the text field is read only
|
106 |
|
|
* and the user should not be able to mess with this
|
107 |
|
|
* setting.
|
108 |
|
|
*/
|
109 |
|
|
$pconfig['utype'] = "user";
|
110 |
|
|
$pconfig['lifetime'] = 3650;
|
111 |
fc1913fe
|
jim-p
|
|
112 |
|
|
$nonPrvCas = array();
|
113 |
|
|
if (is_array($config['ca']) && count($config['ca']) > 0) {
|
114 |
|
|
foreach ($config['ca'] as $ca) {
|
115 |
|
|
if (!$ca['prv']) {
|
116 |
|
|
continue;
|
117 |
|
|
}
|
118 |
|
|
|
119 |
|
|
$nonPrvCas[ $ca['refid'] ] = $ca['descr'];
|
120 |
|
|
}
|
121 |
|
|
}
|
122 |
|
|
|
123 |
e33be77c
|
Ermal
|
}
|
124 |
45ee90ed
|
Matthew Grooms
|
|
125 |
64c31615
|
Stephen Beaver
|
if (isset($_POST['dellall'])) {
|
126 |
4e21c82e
|
bruno
|
|
127 |
|
|
$del_users = $_POST['delete_check'];
|
128 |
d6b79c39
|
Phil Davis
|
$deleted_users = "";
|
129 |
|
|
$deleted_count = 0;
|
130 |
|
|
$comma = "";
|
131 |
4e21c82e
|
bruno
|
|
132 |
73fa304b
|
Phil Davis
|
if (!empty($del_users)) {
|
133 |
|
|
foreach ($del_users as $userid) {
|
134 |
4e21c82e
|
bruno
|
if (isset($a_user[$userid]) && $a_user[$userid]['scope'] != "system") {
|
135 |
d6b79c39
|
Phil Davis
|
if ($a_user[$userid]['name'] == $_SESSION['Username']) {
|
136 |
|
|
$delete_errors[] = sprintf(gettext("Cannot delete user %s because you are currently logged in as that user."), $a_user[$userid]['name']);
|
137 |
|
|
} else {
|
138 |
|
|
$deleted_users = $deleted_users . $comma . $a_user[$userid]['name'];
|
139 |
|
|
$comma = ", ";
|
140 |
|
|
$deleted_count++;
|
141 |
|
|
local_user_del($a_user[$userid]);
|
142 |
|
|
unset($a_user[$userid]);
|
143 |
|
|
}
|
144 |
|
|
} else {
|
145 |
|
|
$delete_errors[] = sprintf(gettext("Cannot delete user %s because it is a system user."), $a_user[$userid]['name']);
|
146 |
4e21c82e
|
bruno
|
}
|
147 |
|
|
}
|
148 |
d6b79c39
|
Phil Davis
|
|
149 |
|
|
if ($deleted_count > 0) {
|
150 |
|
|
if ($deleted_count == 1) {
|
151 |
|
|
$savemsg = sprintf(gettext("User %s successfully deleted."), $deleted_users);
|
152 |
|
|
} else {
|
153 |
|
|
$savemsg = sprintf(gettext("Users %s successfully deleted."), $deleted_users);
|
154 |
|
|
}
|
155 |
92c27793
|
jim-p
|
/* Reindex the array to avoid operating on an incorrect index https://redmine.pfsense.org/issues/7733 */
|
156 |
|
|
$a_user = array_values($a_user);
|
157 |
d6b79c39
|
Phil Davis
|
write_config($savemsg);
|
158 |
|
|
}
|
159 |
4e21c82e
|
bruno
|
}
|
160 |
|
|
}
|
161 |
|
|
|
162 |
98402844
|
Stephen Beaver
|
if ($_POST['act'] == "delcert") {
|
163 |
|
|
|
164 |
|
|
if (!$a_user[$id]) {
|
165 |
|
|
pfSenseHeader("system_usermanager.php");
|
166 |
|
|
exit;
|
167 |
|
|
}
|
168 |
|
|
|
169 |
|
|
$certdeleted = lookup_cert($a_user[$id]['cert'][$_POST['certid']]);
|
170 |
|
|
$certdeleted = $certdeleted['descr'];
|
171 |
|
|
unset($a_user[$id]['cert'][$_POST['certid']]);
|
172 |
|
|
write_config();
|
173 |
|
|
$_POST['act'] = "edit";
|
174 |
ed10e389
|
Phil Davis
|
$savemsg = sprintf(gettext("Certificate %s association removed."), $certdeleted);
|
175 |
98402844
|
Stephen Beaver
|
}
|
176 |
64c31615
|
Stephen Beaver
|
|
177 |
945204b1
|
Stephen Beaver
|
if ($_POST['act'] == "delprivid") {
|
178 |
|
|
$privdeleted = $priv_list[$a_user[$id]['priv'][$_POST['privid']]]['name'];
|
179 |
|
|
unset($a_user[$id]['priv'][$_POST['privid']]);
|
180 |
|
|
local_user_set($a_user[$id]);
|
181 |
|
|
write_config();
|
182 |
|
|
$_POST['act'] = "edit";
|
183 |
ed10e389
|
Phil Davis
|
$savemsg = sprintf(gettext("Privilege %s removed."), $privdeleted);
|
184 |
4c879f95
|
heper
|
}
|
185 |
98402844
|
Stephen Beaver
|
|
186 |
1a6769a6
|
Renato Botelho
|
if ($_POST['save']) {
|
187 |
e33be77c
|
Ermal
|
unset($input_errors);
|
188 |
|
|
$pconfig = $_POST;
|
189 |
45ee90ed
|
Matthew Grooms
|
|
190 |
e33be77c
|
Ermal
|
/* input validation */
|
191 |
|
|
if (isset($id) && ($a_user[$id])) {
|
192 |
|
|
$reqdfields = explode(" ", "usernamefld");
|
193 |
|
|
$reqdfieldsn = array(gettext("Username"));
|
194 |
|
|
} else {
|
195 |
|
|
if (empty($_POST['name'])) {
|
196 |
|
|
$reqdfields = explode(" ", "usernamefld passwordfld1");
|
197 |
|
|
$reqdfieldsn = array(
|
198 |
|
|
gettext("Username"),
|
199 |
|
|
gettext("Password"));
|
200 |
45ee90ed
|
Matthew Grooms
|
} else {
|
201 |
e33be77c
|
Ermal
|
$reqdfields = explode(" ", "usernamefld passwordfld1 name caref keylen lifetime");
|
202 |
|
|
$reqdfieldsn = array(
|
203 |
|
|
gettext("Username"),
|
204 |
|
|
gettext("Password"),
|
205 |
|
|
gettext("Descriptive name"),
|
206 |
|
|
gettext("Certificate authority"),
|
207 |
|
|
gettext("Key length"),
|
208 |
|
|
gettext("Lifetime"));
|
209 |
45ee90ed
|
Matthew Grooms
|
}
|
210 |
e33be77c
|
Ermal
|
}
|
211 |
45ee90ed
|
Matthew Grooms
|
|
212 |
1e9b4611
|
Renato Botelho
|
do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
|
213 |
45ee90ed
|
Matthew Grooms
|
|
214 |
73fa304b
|
Phil Davis
|
if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['usernamefld'])) {
|
215 |
e33be77c
|
Ermal
|
$input_errors[] = gettext("The username contains invalid characters.");
|
216 |
73fa304b
|
Phil Davis
|
}
|
217 |
45ee90ed
|
Matthew Grooms
|
|
218 |
a84fb545
|
Andrei Miu
|
if (strlen($_POST['usernamefld']) > 32) {
|
219 |
|
|
$input_errors[] = gettext("The username is longer than 32 characters.");
|
220 |
73fa304b
|
Phil Davis
|
}
|
221 |
94d455da
|
jim-p
|
|
222 |
73fa304b
|
Phil Davis
|
if (($_POST['passwordfld1']) && ($_POST['passwordfld1'] != $_POST['passwordfld2'])) {
|
223 |
e33be77c
|
Ermal
|
$input_errors[] = gettext("The passwords do not match.");
|
224 |
73fa304b
|
Phil Davis
|
}
|
225 |
45ee90ed
|
Matthew Grooms
|
|
226 |
73fa304b
|
Phil Davis
|
if (isset($_POST['ipsecpsk']) && !preg_match('/^[[:ascii:]]*$/', $_POST['ipsecpsk'])) {
|
227 |
123d8700
|
Renato Botelho
|
$input_errors[] = gettext("IPsec Pre-Shared Key contains invalid characters.");
|
228 |
73fa304b
|
Phil Davis
|
}
|
229 |
123d8700
|
Renato Botelho
|
|
230 |
e63321a5
|
jim-p
|
/* Check the POSTed groups to ensure they are valid and exist */
|
231 |
9d3e8723
|
Phil Davis
|
if (is_array($_POST['groups'])) {
|
232 |
9f472202
|
NewEraCracker
|
foreach ($_POST['groups'] as $newgroup) {
|
233 |
|
|
if (empty(getGroupEntry($newgroup))) {
|
234 |
|
|
$input_errors[] = gettext("One or more invalid groups was submitted.");
|
235 |
|
|
}
|
236 |
e63321a5
|
jim-p
|
}
|
237 |
|
|
}
|
238 |
|
|
|
239 |
73fa304b
|
Phil Davis
|
if (isset($id) && $a_user[$id]) {
|
240 |
e33be77c
|
Ermal
|
$oldusername = $a_user[$id]['name'];
|
241 |
73fa304b
|
Phil Davis
|
} else {
|
242 |
e33be77c
|
Ermal
|
$oldusername = "";
|
243 |
73fa304b
|
Phil Davis
|
}
|
244 |
e33be77c
|
Ermal
|
/* make sure this user name is unique */
|
245 |
|
|
if (!$input_errors) {
|
246 |
|
|
foreach ($a_user as $userent) {
|
247 |
|
|
if ($userent['name'] == $_POST['usernamefld'] && $oldusername != $_POST['usernamefld']) {
|
248 |
|
|
$input_errors[] = gettext("Another entry with the same username already exists.");
|
249 |
|
|
break;
|
250 |
58664cc9
|
Scott Ullrich
|
}
|
251 |
3dec33d4
|
Erik Fonnesbeck
|
}
|
252 |
e33be77c
|
Ermal
|
}
|
253 |
|
|
/* also make sure it is not reserved */
|
254 |
|
|
if (!$input_errors) {
|
255 |
|
|
$system_users = explode("\n", file_get_contents("/etc/passwd"));
|
256 |
|
|
foreach ($system_users as $s_user) {
|
257 |
|
|
$ent = explode(":", $s_user);
|
258 |
|
|
if ($ent[0] == $_POST['usernamefld'] && $oldusername != $_POST['usernamefld']) {
|
259 |
|
|
$input_errors[] = gettext("That username is reserved by the system.");
|
260 |
|
|
break;
|
261 |
8339ab6d
|
jim-p
|
}
|
262 |
7e4a4513
|
Scott Ullrich
|
}
|
263 |
e33be77c
|
Ermal
|
}
|
264 |
1df17ba9
|
Scott Ullrich
|
|
265 |
e33be77c
|
Ermal
|
/*
|
266 |
e30050b6
|
Phil Davis
|
* Check for a valid expiration date if one is set at all (valid means,
|
267 |
4d148b59
|
Yehuda Katz
|
* DateTime puts out a time stamp so any DateTime compatible time
|
268 |
e33be77c
|
Ermal
|
* format may be used. to keep it simple for the enduser, we only
|
269 |
|
|
* claim to accept MM/DD/YYYY as inputs. Advanced users may use inputs
|
270 |
|
|
* like "+1 day", which will be converted to MM/DD/YYYY based on "now".
|
271 |
e30050b6
|
Phil Davis
|
* Otherwise such an entry would lead to an invalid expiration data.
|
272 |
e33be77c
|
Ermal
|
*/
|
273 |
73fa304b
|
Phil Davis
|
if ($_POST['expires']) {
|
274 |
4d148b59
|
Yehuda Katz
|
try {
|
275 |
|
|
$expdate = new DateTime($_POST['expires']);
|
276 |
|
|
//convert from any DateTime compatible date to MM/DD/YYYY
|
277 |
|
|
$_POST['expires'] = $expdate->format("m/d/Y");
|
278 |
73fa304b
|
Phil Davis
|
} catch (Exception $ex) {
|
279 |
e33be77c
|
Ermal
|
$input_errors[] = gettext("Invalid expiration date format; use MM/DD/YYYY instead.");
|
280 |
0092b3bd
|
mgrooms
|
}
|
281 |
e33be77c
|
Ermal
|
}
|
282 |
0092b3bd
|
mgrooms
|
|
283 |
e33be77c
|
Ermal
|
if (!empty($_POST['name'])) {
|
284 |
|
|
$ca = lookup_ca($_POST['caref']);
|
285 |
73fa304b
|
Phil Davis
|
if (!$ca) {
|
286 |
4c291f4c
|
Renato Botelho
|
$input_errors[] = gettext("Invalid internal Certificate Authority") . "\n";
|
287 |
73fa304b
|
Phil Davis
|
}
|
288 |
e33be77c
|
Ermal
|
}
|
289 |
c9794c06
|
Ermal
|
|
290 |
e33be77c
|
Ermal
|
if (!$input_errors) {
|
291 |
4ee51131
|
Sjon Hortensius
|
|
292 |
e33be77c
|
Ermal
|
$userent = array();
|
293 |
73fa304b
|
Phil Davis
|
if (isset($id) && $a_user[$id]) {
|
294 |
e33be77c
|
Ermal
|
$userent = $a_user[$id];
|
295 |
73fa304b
|
Phil Davis
|
}
|
296 |
e879fc81
|
Ermal
|
|
297 |
e33be77c
|
Ermal
|
isset($_POST['utype']) ? $userent['scope'] = $_POST['utype'] : $userent['scope'] = "system";
|
298 |
|
|
|
299 |
|
|
/* the user name was modified */
|
300 |
926e0a2f
|
Phil Davis
|
if (!empty($_POST['oldusername']) && ($_POST['usernamefld'] <> $_POST['oldusername'])) {
|
301 |
e33be77c
|
Ermal
|
$_SERVER['REMOTE_USER'] = $_POST['usernamefld'];
|
302 |
fdcf104c
|
jim-p
|
local_user_del($userent);
|
303 |
|
|
}
|
304 |
1df17ba9
|
Scott Ullrich
|
|
305 |
e30050b6
|
Phil Davis
|
/* the user password was modified */
|
306 |
73fa304b
|
Phil Davis
|
if ($_POST['passwordfld1']) {
|
307 |
e33be77c
|
Ermal
|
local_user_set_password($userent, $_POST['passwordfld1']);
|
308 |
73fa304b
|
Phil Davis
|
}
|
309 |
1df17ba9
|
Scott Ullrich
|
|
310 |
5cde9005
|
NewEraCracker
|
/* only change description if sent */
|
311 |
|
|
if (isset($_POST['descr'])) {
|
312 |
|
|
$userent['descr'] = $_POST['descr'];
|
313 |
|
|
}
|
314 |
|
|
|
315 |
e33be77c
|
Ermal
|
$userent['name'] = $_POST['usernamefld'];
|
316 |
|
|
$userent['expires'] = $_POST['expires'];
|
317 |
8bab524e
|
Phil Davis
|
$userent['dashboardcolumns'] = $_POST['dashboardcolumns'];
|
318 |
e33be77c
|
Ermal
|
$userent['authorizedkeys'] = base64_encode($_POST['authorizedkeys']);
|
319 |
|
|
$userent['ipsecpsk'] = $_POST['ipsecpsk'];
|
320 |
3ccb9689
|
Charlie Marshall
|
|
321 |
73fa304b
|
Phil Davis
|
if ($_POST['disabled']) {
|
322 |
e33be77c
|
Ermal
|
$userent['disabled'] = true;
|
323 |
73fa304b
|
Phil Davis
|
} else {
|
324 |
e33be77c
|
Ermal
|
unset($userent['disabled']);
|
325 |
73fa304b
|
Phil Davis
|
}
|
326 |
e33be77c
|
Ermal
|
|
327 |
8bab524e
|
Phil Davis
|
if ($_POST['customsettings']) {
|
328 |
|
|
$userent['customsettings'] = true;
|
329 |
|
|
} else {
|
330 |
|
|
unset($userent['customsettings']);
|
331 |
|
|
}
|
332 |
|
|
|
333 |
|
|
if ($_POST['webguicss']) {
|
334 |
|
|
$userent['webguicss'] = $_POST['webguicss'];
|
335 |
|
|
} else {
|
336 |
|
|
unset($userent['webguicss']);
|
337 |
|
|
}
|
338 |
|
|
|
339 |
|
|
if ($_POST['webguifixedmenu']) {
|
340 |
|
|
$userent['webguifixedmenu'] = $_POST['webguifixedmenu'];
|
341 |
|
|
} else {
|
342 |
|
|
unset($userent['webguifixedmenu']);
|
343 |
|
|
}
|
344 |
|
|
|
345 |
|
|
if ($_POST['webguihostnamemenu']) {
|
346 |
|
|
$userent['webguihostnamemenu'] = $_POST['webguihostnamemenu'];
|
347 |
|
|
} else {
|
348 |
|
|
unset($userent['webguihostnamemenu']);
|
349 |
|
|
}
|
350 |
|
|
|
351 |
1d3510cf
|
Phil Davis
|
if ($_POST['interfacessort']) {
|
352 |
|
|
$userent['interfacessort'] = true;
|
353 |
|
|
} else {
|
354 |
|
|
unset($userent['interfacessort']);
|
355 |
|
|
}
|
356 |
|
|
|
357 |
8bab524e
|
Phil Davis
|
if ($_POST['dashboardavailablewidgetspanel']) {
|
358 |
|
|
$userent['dashboardavailablewidgetspanel'] = true;
|
359 |
|
|
} else {
|
360 |
|
|
unset($userent['dashboardavailablewidgetspanel']);
|
361 |
|
|
}
|
362 |
|
|
|
363 |
|
|
if ($_POST['systemlogsfilterpanel']) {
|
364 |
|
|
$userent['systemlogsfilterpanel'] = true;
|
365 |
|
|
} else {
|
366 |
|
|
unset($userent['systemlogsfilterpanel']);
|
367 |
|
|
}
|
368 |
|
|
|
369 |
|
|
if ($_POST['systemlogsmanagelogpanel']) {
|
370 |
|
|
$userent['systemlogsmanagelogpanel'] = true;
|
371 |
|
|
} else {
|
372 |
|
|
unset($userent['systemlogsmanagelogpanel']);
|
373 |
|
|
}
|
374 |
|
|
|
375 |
|
|
if ($_POST['statusmonitoringsettingspanel']) {
|
376 |
|
|
$userent['statusmonitoringsettingspanel'] = true;
|
377 |
|
|
} else {
|
378 |
|
|
unset($userent['statusmonitoringsettingspanel']);
|
379 |
|
|
}
|
380 |
|
|
|
381 |
|
|
if ($_POST['webguileftcolumnhyper']) {
|
382 |
|
|
$userent['webguileftcolumnhyper'] = true;
|
383 |
|
|
} else {
|
384 |
|
|
unset($userent['webguileftcolumnhyper']);
|
385 |
|
|
}
|
386 |
|
|
|
387 |
d9058974
|
Phil Davis
|
if ($_POST['disablealiaspopupdetail']) {
|
388 |
|
|
$userent['disablealiaspopupdetail'] = true;
|
389 |
|
|
} else {
|
390 |
|
|
unset($userent['disablealiaspopupdetail']);
|
391 |
|
|
}
|
392 |
|
|
|
393 |
8bab524e
|
Phil Davis
|
if ($_POST['pagenamefirst']) {
|
394 |
|
|
$userent['pagenamefirst'] = true;
|
395 |
|
|
} else {
|
396 |
|
|
unset($userent['pagenamefirst']);
|
397 |
|
|
}
|
398 |
|
|
|
399 |
73fa304b
|
Phil Davis
|
if (isset($id) && $a_user[$id]) {
|
400 |
e33be77c
|
Ermal
|
$a_user[$id] = $userent;
|
401 |
73fa304b
|
Phil Davis
|
} else {
|
402 |
e33be77c
|
Ermal
|
if (!empty($_POST['name'])) {
|
403 |
|
|
$cert = array();
|
404 |
|
|
$cert['refid'] = uniqid();
|
405 |
4c291f4c
|
Renato Botelho
|
$userent['cert'] = array();
|
406 |
e33be77c
|
Ermal
|
|
407 |
|
|
$cert['descr'] = $_POST['name'];
|
408 |
|
|
|
409 |
4c291f4c
|
Renato Botelho
|
$subject = cert_get_subject_array($ca['crt']);
|
410 |
e33be77c
|
Ermal
|
|
411 |
4c291f4c
|
Renato Botelho
|
$dn = array(
|
412 |
|
|
'countryName' => $subject[0]['v'],
|
413 |
|
|
'stateOrProvinceName' => $subject[1]['v'],
|
414 |
|
|
'localityName' => $subject[2]['v'],
|
415 |
|
|
'organizationName' => $subject[3]['v'],
|
416 |
|
|
'emailAddress' => $subject[4]['v'],
|
417 |
|
|
'commonName' => $userent['name']);
|
418 |
e562fca2
|
jim-p
|
$cn_altname = cert_add_altname_type($userent['name']);
|
419 |
|
|
if (!empty($cn_altname)) {
|
420 |
|
|
$dn['subjectAltName'] = $cn_altname;
|
421 |
b767fe6c
|
jim-p
|
}
|
422 |
e33be77c
|
Ermal
|
|
423 |
|
|
cert_create($cert, $_POST['caref'], $_POST['keylen'],
|
424 |
|
|
(int)$_POST['lifetime'], $dn);
|
425 |
|
|
|
426 |
73fa304b
|
Phil Davis
|
if (!is_array($config['cert'])) {
|
427 |
e33be77c
|
Ermal
|
$config['cert'] = array();
|
428 |
73fa304b
|
Phil Davis
|
}
|
429 |
e33be77c
|
Ermal
|
$config['cert'][] = $cert;
|
430 |
|
|
$userent['cert'][] = $cert['refid'];
|
431 |
|
|
}
|
432 |
|
|
$userent['uid'] = $config['system']['nextuid']++;
|
433 |
|
|
/* Add the user to All Users group. */
|
434 |
|
|
foreach ($config['system']['group'] as $gidx => $group) {
|
435 |
|
|
if ($group['name'] == "all") {
|
436 |
73fa304b
|
Phil Davis
|
if (!is_array($config['system']['group'][$gidx]['member'])) {
|
437 |
e33be77c
|
Ermal
|
$config['system']['group'][$gidx]['member'] = array();
|
438 |
73fa304b
|
Phil Davis
|
}
|
439 |
e33be77c
|
Ermal
|
$config['system']['group'][$gidx]['member'][] = $userent['uid'];
|
440 |
|
|
break;
|
441 |
|
|
}
|
442 |
|
|
}
|
443 |
970db70b
|
Scott Ullrich
|
|
444 |
e33be77c
|
Ermal
|
$a_user[] = $userent;
|
445 |
45ee90ed
|
Matthew Grooms
|
}
|
446 |
e33be77c
|
Ermal
|
|
447 |
900ce3b0
|
jim-p
|
/* Add user to groups so PHP can see the memberships properly or else the user's shell account does not get proper permissions (if applicable) See #5152. */
|
448 |
d61309a0
|
Phil Davis
|
local_user_set_groups($userent, $_POST['groups']);
|
449 |
e33be77c
|
Ermal
|
local_user_set($userent);
|
450 |
900ce3b0
|
jim-p
|
/* Add user to groups again to ensure they are set everywhere, otherwise the user may not appear to be a member of the group. See commit:5372d26d9d25d751d16865ed9d46869d3b0ec5e1. */
|
451 |
73fa304b
|
Phil Davis
|
local_user_set_groups($userent, $_POST['groups']);
|
452 |
e33be77c
|
Ermal
|
write_config();
|
453 |
|
|
|
454 |
73fa304b
|
Phil Davis
|
if (is_dir("/etc/inc/privhooks")) {
|
455 |
e33be77c
|
Ermal
|
run_plugins("/etc/inc/privhooks");
|
456 |
73fa304b
|
Phil Davis
|
}
|
457 |
e33be77c
|
Ermal
|
|
458 |
3ccb9689
|
Charlie Marshall
|
|
459 |
e33be77c
|
Ermal
|
pfSenseHeader("system_usermanager.php");
|
460 |
45ee90ed
|
Matthew Grooms
|
}
|
461 |
e33be77c
|
Ermal
|
}
|
462 |
fab7ff44
|
Bill Marquette
|
|
463 |
7411c285
|
Stephen Beaver
|
function build_priv_table() {
|
464 |
|
|
global $a_user, $id;
|
465 |
|
|
|
466 |
|
|
$privhtml = '<div class="table-responsive">';
|
467 |
|
|
$privhtml .= '<table class="table table-striped table-hover table-condensed">';
|
468 |
|
|
$privhtml .= '<thead>';
|
469 |
7d2e572f
|
Stephen Beaver
|
$privhtml .= '<tr>';
|
470 |
|
|
$privhtml .= '<th>' . gettext('Inherited from') . '</th>';
|
471 |
|
|
$privhtml .= '<th>' . gettext('Name') . '</th>';
|
472 |
|
|
$privhtml .= '<th>' . gettext('Description') . '</th>';
|
473 |
f460db90
|
NOYB
|
$privhtml .= '<th>' . gettext('Action') . '</th>';
|
474 |
7d2e572f
|
Stephen Beaver
|
$privhtml .= '</tr>';
|
475 |
7411c285
|
Stephen Beaver
|
$privhtml .= '</thead>';
|
476 |
|
|
$privhtml .= '<tbody>';
|
477 |
|
|
|
478 |
945204b1
|
Stephen Beaver
|
$i = 0;
|
479 |
57188e47
|
Phil Davis
|
$user_has_root_priv = false;
|
480 |
945204b1
|
Stephen Beaver
|
|
481 |
|
|
foreach (get_user_privdesc($a_user[$id]) as $priv) {
|
482 |
|
|
$group = false;
|
483 |
|
|
if ($priv['group']) {
|
484 |
|
|
$group = $priv['group'];
|
485 |
|
|
}
|
486 |
|
|
|
487 |
7411c285
|
Stephen Beaver
|
$privhtml .= '<tr>';
|
488 |
|
|
$privhtml .= '<td>' . htmlspecialchars($priv['group']) . '</td>';
|
489 |
|
|
$privhtml .= '<td>' . htmlspecialchars($priv['name']) . '</td>';
|
490 |
57188e47
|
Phil Davis
|
$privhtml .= '<td>' . htmlspecialchars($priv['descr']);
|
491 |
|
|
if (isset($priv['warn']) && ($priv['warn'] == 'standard-warning-root')) {
|
492 |
21312954
|
Phil Davis
|
$privhtml .= ' ' . gettext('(admin privilege)');
|
493 |
57188e47
|
Phil Davis
|
$user_has_root_priv = true;
|
494 |
|
|
}
|
495 |
|
|
$privhtml .= '</td>';
|
496 |
945204b1
|
Stephen Beaver
|
$privhtml .= '<td>';
|
497 |
d61309a0
|
Phil Davis
|
if (!$group) {
|
498 |
f460db90
|
NOYB
|
$privhtml .= '<a class="fa fa-trash no-confirm icon-pointer" title="' . gettext('Delete Privilege') . '" id="delprivid' . $i . '"></a>';
|
499 |
d61309a0
|
Phil Davis
|
}
|
500 |
945204b1
|
Stephen Beaver
|
|
501 |
|
|
$privhtml .= '</td>';
|
502 |
7411c285
|
Stephen Beaver
|
$privhtml .= '</tr>';
|
503 |
945204b1
|
Stephen Beaver
|
|
504 |
d61309a0
|
Phil Davis
|
if (!$group) {
|
505 |
945204b1
|
Stephen Beaver
|
$i++;
|
506 |
d61309a0
|
Phil Davis
|
}
|
507 |
7411c285
|
Stephen Beaver
|
}
|
508 |
|
|
|
509 |
57188e47
|
Phil Davis
|
if ($user_has_root_priv) {
|
510 |
|
|
$privhtml .= '<tr>';
|
511 |
|
|
$privhtml .= '<td colspan="3">';
|
512 |
9187d6f7
|
Phil Davis
|
$privhtml .= '<b>' . gettext('Security notice: This user effectively has administrator-level access') . '</b>';
|
513 |
57188e47
|
Phil Davis
|
$privhtml .= '</td>';
|
514 |
|
|
$privhtml .= '<td>';
|
515 |
|
|
$privhtml .= '</td>';
|
516 |
|
|
$privhtml .= '</tr>';
|
517 |
f5c9c0c7
|
Steve Beaver
|
|
518 |
57188e47
|
Phil Davis
|
}
|
519 |
|
|
|
520 |
7411c285
|
Stephen Beaver
|
$privhtml .= '</tbody>';
|
521 |
|
|
$privhtml .= '</table>';
|
522 |
|
|
$privhtml .= '</div>';
|
523 |
|
|
|
524 |
|
|
$privhtml .= '<nav class="action-buttons">';
|
525 |
4611e283
|
Steve Beaver
|
$privhtml .= '<a href="system_usermanager_addprivs.php?userid=' . $id . '" class="btn btn-success"><i class="fa fa-plus icon-embed-btn"></i>' . gettext("Add") . '</a>';
|
526 |
7411c285
|
Stephen Beaver
|
$privhtml .= '</nav>';
|
527 |
|
|
|
528 |
|
|
return($privhtml);
|
529 |
|
|
}
|
530 |
98402844
|
Stephen Beaver
|
|
531 |
7411c285
|
Stephen Beaver
|
function build_cert_table() {
|
532 |
|
|
global $a_user, $id;
|
533 |
|
|
|
534 |
|
|
$certhtml = '<div class="table-responsive">';
|
535 |
|
|
$certhtml .= '<table class="table table-striped table-hover table-condensed">';
|
536 |
|
|
$certhtml .= '<thead>';
|
537 |
7d2e572f
|
Stephen Beaver
|
$certhtml .= '<tr>';
|
538 |
|
|
$certhtml .= '<th>' . gettext('Name') . '</th>';
|
539 |
|
|
$certhtml .= '<th>' . gettext('CA') . '</th>';
|
540 |
98402844
|
Stephen Beaver
|
$certhtml .= '<th></th>';
|
541 |
7d2e572f
|
Stephen Beaver
|
$certhtml .= '</tr>';
|
542 |
7411c285
|
Stephen Beaver
|
$certhtml .= '</thead>';
|
543 |
|
|
$certhtml .= '<tbody>';
|
544 |
|
|
|
545 |
|
|
$a_cert = $a_user[$id]['cert'];
|
546 |
|
|
if (is_array($a_cert)) {
|
547 |
|
|
$i = 0;
|
548 |
|
|
foreach ($a_cert as $certref) {
|
549 |
7d2e572f
|
Stephen Beaver
|
$cert = lookup_cert($certref);
|
550 |
|
|
$ca = lookup_ca($cert['caref']);
|
551 |
|
|
$revokedstr = is_cert_revoked($cert) ? '<b> Revoked</b>':'';
|
552 |
|
|
|
553 |
7411c285
|
Stephen Beaver
|
$certhtml .= '<tr>';
|
554 |
7d2e572f
|
Stephen Beaver
|
$certhtml .= '<td>' . htmlspecialchars($cert['descr']) . $revokedstr . '</td>';
|
555 |
7411c285
|
Stephen Beaver
|
$certhtml .= '<td>' . htmlspecialchars($ca['descr']) . '</td>';
|
556 |
db676e5b
|
Stephen Beaver
|
$certhtml .= '<td>';
|
557 |
945204b1
|
Stephen Beaver
|
$certhtml .= '<a id="delcert' . $i .'" class="fa fa-trash no-confirm icon-pointer" title="';
|
558 |
f14ff867
|
Phil Davis
|
$certhtml .= gettext('Remove this certificate association? (Certificate will not be deleted)') . '"></a>';
|
559 |
db676e5b
|
Stephen Beaver
|
$certhtml .= '</td>';
|
560 |
7411c285
|
Stephen Beaver
|
$certhtml .= '</tr>';
|
561 |
db676e5b
|
Stephen Beaver
|
$i++;
|
562 |
7411c285
|
Stephen Beaver
|
}
|
563 |
db676e5b
|
Stephen Beaver
|
|
564 |
7411c285
|
Stephen Beaver
|
}
|
565 |
|
|
|
566 |
|
|
$certhtml .= '</tbody>';
|
567 |
|
|
$certhtml .= '</table>';
|
568 |
|
|
$certhtml .= '</div>';
|
569 |
|
|
|
570 |
|
|
$certhtml .= '<nav class="action-buttons">';
|
571 |
4611e283
|
Steve Beaver
|
$certhtml .= '<a href="system_certmanager.php?act=new&userid=' . $id . '" class="btn btn-success"><i class="fa fa-plus icon-embed-btn"></i>' . gettext("Add") . '</a>';
|
572 |
7411c285
|
Stephen Beaver
|
$certhtml .= '</nav>';
|
573 |
|
|
|
574 |
|
|
return($certhtml);
|
575 |
|
|
}
|
576 |
|
|
|
577 |
8f1ab2a4
|
k-paulius
|
$pgtitle = array(gettext("System"), gettext("User Manager"), gettext("Users"));
|
578 |
edcd7535
|
Phil Davis
|
$pglinks = array("", "system_usermanager.php", "system_usermanager.php");
|
579 |
8f1ab2a4
|
k-paulius
|
|
580 |
|
|
if ($act == "new" || $act == "edit" || $input_errors) {
|
581 |
|
|
$pgtitle[] = gettext('Edit');
|
582 |
edcd7535
|
Phil Davis
|
$pglinks[] = "@self";
|
583 |
8f1ab2a4
|
k-paulius
|
}
|
584 |
4611e283
|
Steve Beaver
|
|
585 |
e33be77c
|
Ermal
|
include("head.inc");
|
586 |
fab7ff44
|
Bill Marquette
|
|
587 |
d6b79c39
|
Phil Davis
|
if ($delete_errors) {
|
588 |
|
|
print_input_errors($delete_errors);
|
589 |
|
|
}
|
590 |
|
|
|
591 |
d61309a0
|
Phil Davis
|
if ($input_errors) {
|
592 |
4ee51131
|
Sjon Hortensius
|
print_input_errors($input_errors);
|
593 |
d61309a0
|
Phil Davis
|
}
|
594 |
98402844
|
Stephen Beaver
|
|
595 |
d61309a0
|
Phil Davis
|
if ($savemsg) {
|
596 |
98402844
|
Stephen Beaver
|
print_info_box($savemsg, 'success');
|
597 |
d61309a0
|
Phil Davis
|
}
|
598 |
4ee51131
|
Sjon Hortensius
|
|
599 |
|
|
$tab_array = array();
|
600 |
|
|
$tab_array[] = array(gettext("Users"), true, "system_usermanager.php");
|
601 |
|
|
$tab_array[] = array(gettext("Groups"), false, "system_groupmanager.php");
|
602 |
|
|
$tab_array[] = array(gettext("Settings"), false, "system_usermanager_settings.php");
|
603 |
2d1f33d9
|
k-paulius
|
$tab_array[] = array(gettext("Authentication Servers"), false, "system_authservers.php");
|
604 |
4ee51131
|
Sjon Hortensius
|
display_top_tabs($tab_array);
|
605 |
|
|
|
606 |
7411c285
|
Stephen Beaver
|
if (!($act == "new" || $act == "edit" || $input_errors)) {
|
607 |
64600f94
|
Sjon Hortensius
|
?>
|
608 |
64c31615
|
Stephen Beaver
|
<form method="post">
|
609 |
060ed238
|
Stephen Beaver
|
<div class="panel panel-default">
|
610 |
|
|
<div class="panel-heading"><h2 class="panel-title"><?=gettext('Users')?></h2></div>
|
611 |
|
|
<div class="panel-body">
|
612 |
|
|
<div class="table-responsive">
|
613 |
1c10ce97
|
PiBa-NL
|
<table class="table table-striped table-hover table-condensed sortable-theme-bootstrap table-rowdblclickedit" data-sortable>
|
614 |
060ed238
|
Stephen Beaver
|
<thead>
|
615 |
|
|
<tr>
|
616 |
|
|
<th> </th>
|
617 |
|
|
<th><?=gettext("Username")?></th>
|
618 |
|
|
<th><?=gettext("Full name")?></th>
|
619 |
edd88334
|
NOYB
|
<th><?=gettext("Status")?></th>
|
620 |
060ed238
|
Stephen Beaver
|
<th><?=gettext("Groups")?></th>
|
621 |
70dc5cd6
|
Phil Davis
|
<th><?=gettext("Actions")?></th>
|
622 |
060ed238
|
Stephen Beaver
|
</tr>
|
623 |
|
|
</thead>
|
624 |
|
|
<tbody>
|
625 |
a0165602
|
Sjon Hortensius
|
<?php
|
626 |
d61309a0
|
Phil Davis
|
foreach ($a_user as $i => $userent):
|
627 |
a0165602
|
Sjon Hortensius
|
?>
|
628 |
060ed238
|
Stephen Beaver
|
<tr>
|
629 |
|
|
<td>
|
630 |
d6b79c39
|
Phil Davis
|
<input type="checkbox" id="frc<?=$i?>" name="delete_check[]" value="<?=$i?>" <?=((($userent['scope'] == "system") || ($userent['name'] == $_SESSION['Username'])) ? 'disabled' : '')?>/>
|
631 |
060ed238
|
Stephen Beaver
|
</td>
|
632 |
|
|
<td>
|
633 |
a0165602
|
Sjon Hortensius
|
<?php
|
634 |
d61309a0
|
Phil Davis
|
if ($userent['scope'] != "user") {
|
635 |
a0165602
|
Sjon Hortensius
|
$usrimg = 'eye-open';
|
636 |
d61309a0
|
Phil Davis
|
} else {
|
637 |
a0165602
|
Sjon Hortensius
|
$usrimg = 'user';
|
638 |
d61309a0
|
Phil Davis
|
}
|
639 |
a0165602
|
Sjon Hortensius
|
?>
|
640 |
060ed238
|
Stephen Beaver
|
<i class="fa fa-<?=$usrimg?>"></i>
|
641 |
|
|
<?=htmlspecialchars($userent['name'])?>
|
642 |
|
|
</td>
|
643 |
|
|
<td><?=htmlspecialchars($userent['descr'])?></td>
|
644 |
0fdbaca8
|
NOYB
|
<td><i class="fa fa-<?= (isset($userent['disabled'])) ? 'ban" title="' . gettext("Disabled") . '"' : 'check" title="' . gettext("Enabled") . '"' ; ?>><span style='display: none'><?= (isset($userent['disabled'])) ? gettext("Disabled") : gettext("Enabled") ; ?></span></i></td>
|
645 |
060ed238
|
Stephen Beaver
|
<td><?=implode(",", local_user_get_groups($userent))?></td>
|
646 |
|
|
<td>
|
647 |
4611e283
|
Steve Beaver
|
<a class="fa fa-pencil" title="<?=gettext("Edit user"); ?>" href="?act=edit&userid=<?=$i?>"></a>
|
648 |
d6b79c39
|
Phil Davis
|
<?php if (($userent['scope'] != "system") && ($userent['name'] != $_SESSION['Username'])): ?>
|
649 |
f5c9c0c7
|
Steve Beaver
|
<a class="fa fa-trash" title="<?=gettext("Delete user")?>" href="?act=deluser&userid=<?=$i?>&username=<?=$userent['name']?>" usepost></a>
|
650 |
a0165602
|
Sjon Hortensius
|
<?php endif; ?>
|
651 |
060ed238
|
Stephen Beaver
|
</td>
|
652 |
|
|
</tr>
|
653 |
a0165602
|
Sjon Hortensius
|
<?php endforeach; ?>
|
654 |
060ed238
|
Stephen Beaver
|
</tbody>
|
655 |
|
|
</table>
|
656 |
|
|
</div>
|
657 |
|
|
</div>
|
658 |
94404d94
|
Sander van Leeuwen
|
</div>
|
659 |
c10cb196
|
Stephen Beaver
|
<nav class="action-buttons">
|
660 |
4611e283
|
Steve Beaver
|
<a href="?act=new" class="btn btn-sm btn-success">
|
661 |
9d5a20cf
|
heper
|
<i class="fa fa-plus icon-embed-btn"></i>
|
662 |
b921ab63
|
Stephen Beaver
|
<?=gettext("Add")?>
|
663 |
|
|
</a>
|
664 |
64c31615
|
Stephen Beaver
|
|
665 |
|
|
<button type="submit" class="btn btn-sm btn-danger" name="dellall" value="dellall" title="<?=gettext('Delete selected users')?>">
|
666 |
|
|
<i class="fa fa-trash icon-embed-btn"></i>
|
667 |
|
|
<?=gettext("Delete")?>
|
668 |
|
|
</button>
|
669 |
f5c9c0c7
|
Steve Beaver
|
|
670 |
94404d94
|
Sander van Leeuwen
|
</nav>
|
671 |
d825dfea
|
NOYB
|
</form>
|
672 |
3c3ede28
|
Stephen Beaver
|
<div class="infoblock">
|
673 |
a0165602
|
Sjon Hortensius
|
<?php
|
674 |
a0d084fe
|
k-paulius
|
print_callout('<p>' . gettext("Additional users can be added here. User permissions for accessing " .
|
675 |
|
|
"the webConfigurator can be assigned directly or inherited from group memberships. " .
|
676 |
|
|
"Some system object properties can be modified but they cannot be deleted.") . '</p>' .
|
677 |
|
|
'<p>' . gettext("Accounts added here are also used for other parts of the system " .
|
678 |
|
|
"such as OpenVPN, IPsec, and Captive Portal.") . '</p>'
|
679 |
|
|
);
|
680 |
f5c9c0c7
|
Steve Beaver
|
|
681 |
d3f59a8c
|
Steve Beaver
|
?></div>
|
682 |
|
|
|
683 |
f5c9c0c7
|
Steve Beaver
|
<?php
|
684 |
a0165602
|
Sjon Hortensius
|
include("foot.inc");
|
685 |
|
|
exit;
|
686 |
|
|
}
|
687 |
4ee51131
|
Sjon Hortensius
|
|
688 |
|
|
$form = new Form;
|
689 |
|
|
|
690 |
7411c285
|
Stephen Beaver
|
if ($act == "new" || $act == "edit" || $input_errors):
|
691 |
4ee51131
|
Sjon Hortensius
|
|
692 |
7411c285
|
Stephen Beaver
|
$form->addGlobal(new Form_Input(
|
693 |
|
|
'act',
|
694 |
|
|
null,
|
695 |
|
|
'hidden',
|
696 |
|
|
''
|
697 |
|
|
));
|
698 |
4ee51131
|
Sjon Hortensius
|
|
699 |
7411c285
|
Stephen Beaver
|
$form->addGlobal(new Form_Input(
|
700 |
|
|
'userid',
|
701 |
|
|
null,
|
702 |
|
|
'hidden',
|
703 |
|
|
isset($id) ? $id:''
|
704 |
|
|
));
|
705 |
4ee51131
|
Sjon Hortensius
|
|
706 |
7411c285
|
Stephen Beaver
|
$form->addGlobal(new Form_Input(
|
707 |
|
|
'privid',
|
708 |
|
|
null,
|
709 |
|
|
'hidden',
|
710 |
|
|
''
|
711 |
|
|
));
|
712 |
4ee51131
|
Sjon Hortensius
|
|
713 |
7411c285
|
Stephen Beaver
|
$form->addGlobal(new Form_Input(
|
714 |
|
|
'certid',
|
715 |
|
|
null,
|
716 |
|
|
'hidden',
|
717 |
|
|
''
|
718 |
|
|
));
|
719 |
4ee51131
|
Sjon Hortensius
|
|
720 |
7411c285
|
Stephen Beaver
|
$ro = "";
|
721 |
|
|
if ($pconfig['utype'] == "system") {
|
722 |
c4b60a9a
|
Colin Fleming
|
$ro = "readonly";
|
723 |
7411c285
|
Stephen Beaver
|
}
|
724 |
4ee51131
|
Sjon Hortensius
|
|
725 |
7411c285
|
Stephen Beaver
|
$section = new Form_Section('User Properties');
|
726 |
4ee51131
|
Sjon Hortensius
|
|
727 |
7411c285
|
Stephen Beaver
|
$section->addInput(new Form_StaticText(
|
728 |
|
|
'Defined by',
|
729 |
|
|
strtoupper($pconfig['utype'])
|
730 |
|
|
));
|
731 |
4ee51131
|
Sjon Hortensius
|
|
732 |
7411c285
|
Stephen Beaver
|
$form->addGlobal(new Form_Input(
|
733 |
|
|
'utype',
|
734 |
|
|
null,
|
735 |
|
|
'hidden',
|
736 |
|
|
$pconfig['utype']
|
737 |
|
|
));
|
738 |
4ee51131
|
Sjon Hortensius
|
|
739 |
7411c285
|
Stephen Beaver
|
$section->addInput(new Form_Checkbox(
|
740 |
|
|
'disabled',
|
741 |
|
|
'Disabled',
|
742 |
|
|
'This user cannot login',
|
743 |
|
|
$pconfig['disabled']
|
744 |
|
|
));
|
745 |
6b07c15a
|
Matthew Grooms
|
|
746 |
7411c285
|
Stephen Beaver
|
$section->addInput($input = new Form_Input(
|
747 |
|
|
'usernamefld',
|
748 |
153c3aa6
|
Phil Davis
|
'*Username',
|
749 |
7411c285
|
Stephen Beaver
|
'text',
|
750 |
|
|
$pconfig['usernamefld']
|
751 |
|
|
));
|
752 |
61dec0b0
|
Renato Botelho
|
|
753 |
d61309a0
|
Phil Davis
|
if ($ro) {
|
754 |
1fe9cc38
|
Stephen Beaver
|
$input->setReadonly();
|
755 |
d61309a0
|
Phil Davis
|
}
|
756 |
7411c285
|
Stephen Beaver
|
|
757 |
|
|
$form->addGlobal(new Form_Input(
|
758 |
|
|
'oldusername',
|
759 |
4ee51131
|
Sjon Hortensius
|
null,
|
760 |
7411c285
|
Stephen Beaver
|
'hidden',
|
761 |
|
|
$pconfig['usernamefld']
|
762 |
4ee51131
|
Sjon Hortensius
|
));
|
763 |
6b07c15a
|
Matthew Grooms
|
|
764 |
153c3aa6
|
Phil Davis
|
if ($act == "edit") {
|
765 |
|
|
$pwd_required = "";
|
766 |
|
|
} else {
|
767 |
|
|
$pwd_required = "*";
|
768 |
|
|
}
|
769 |
|
|
|
770 |
|
|
$group = new Form_Group($pwd_required . 'Password');
|
771 |
7411c285
|
Stephen Beaver
|
$group->add(new Form_Input(
|
772 |
|
|
'passwordfld1',
|
773 |
|
|
'Password',
|
774 |
|
|
'password'
|
775 |
|
|
));
|
776 |
|
|
$group->add(new Form_Input(
|
777 |
|
|
'passwordfld2',
|
778 |
|
|
'Confirm Password',
|
779 |
|
|
'password'
|
780 |
|
|
));
|
781 |
|
|
|
782 |
|
|
$section->add($group);
|
783 |
|
|
|
784 |
|
|
$section->addInput($input = new Form_Input(
|
785 |
|
|
'descr',
|
786 |
|
|
'Full name',
|
787 |
|
|
'text',
|
788 |
|
|
htmlspecialchars($pconfig['descr'])
|
789 |
89140b63
|
NOYB
|
))->setHelp('User\'s full name, for administrative information only');
|
790 |
7411c285
|
Stephen Beaver
|
|
791 |
d61309a0
|
Phil Davis
|
if ($ro) {
|
792 |
7411c285
|
Stephen Beaver
|
$input->setDisabled();
|
793 |
d61309a0
|
Phil Davis
|
}
|
794 |
7411c285
|
Stephen Beaver
|
|
795 |
|
|
$section->addInput(new Form_Input(
|
796 |
|
|
'expires',
|
797 |
|
|
'Expiration date',
|
798 |
d78dbc34
|
Stephen Beaver
|
'text',
|
799 |
7411c285
|
Stephen Beaver
|
$pconfig['expires']
|
800 |
|
|
))->setHelp('Leave blank if the account shouldn\'t expire, otherwise enter '.
|
801 |
98b87cfa
|
Jonathon Anderson
|
'the expiration date as MM/DD/YYYY');
|
802 |
7411c285
|
Stephen Beaver
|
|
803 |
8bab524e
|
Phil Davis
|
$section->addInput(new Form_Checkbox(
|
804 |
|
|
'customsettings',
|
805 |
|
|
'Custom Settings',
|
806 |
|
|
'Use individual customized GUI options and dashboard layout for this user.',
|
807 |
|
|
$pconfig['customsettings']
|
808 |
|
|
));
|
809 |
|
|
|
810 |
|
|
gen_user_settings_fields($section, $pconfig);
|
811 |
|
|
|
812 |
7411c285
|
Stephen Beaver
|
// ==== Group membership ==================================================
|
813 |
|
|
$group = new Form_Group('Group membership');
|
814 |
|
|
|
815 |
7d2e572f
|
Stephen Beaver
|
// Make a list of all the groups configured on the system, and a list of
|
816 |
7411c285
|
Stephen Beaver
|
// those which this user is a member of
|
817 |
|
|
$systemGroups = array();
|
818 |
|
|
$usersGroups = array();
|
819 |
|
|
|
820 |
|
|
$usergid = [$pconfig['usernamefld']];
|
821 |
|
|
|
822 |
|
|
foreach ($config['system']['group'] as $Ggroup) {
|
823 |
d61309a0
|
Phil Davis
|
if ($Ggroup['name'] != "all") {
|
824 |
|
|
if (($act == 'edit') && $Ggroup['member'] && in_array($pconfig['uid'], $Ggroup['member'])) {
|
825 |
b4333696
|
Stephen Beaver
|
$usersGroups[ $Ggroup['name'] ] = $Ggroup['name']; // Add it to the user's list
|
826 |
d61309a0
|
Phil Davis
|
} else {
|
827 |
b4333696
|
Stephen Beaver
|
$systemGroups[ $Ggroup['name'] ] = $Ggroup['name']; // Add it to the 'not a member of' list
|
828 |
d61309a0
|
Phil Davis
|
}
|
829 |
b4333696
|
Stephen Beaver
|
}
|
830 |
7411c285
|
Stephen Beaver
|
}
|
831 |
|
|
|
832 |
|
|
$group->add(new Form_Select(
|
833 |
|
|
'sysgroups',
|
834 |
|
|
null,
|
835 |
|
|
array_combine((array)$pconfig['groups'], (array)$pconfig['groups']),
|
836 |
|
|
$systemGroups,
|
837 |
|
|
true
|
838 |
953385a3
|
heper
|
))->setHelp('Not member of');
|
839 |
6b07c15a
|
Matthew Grooms
|
|
840 |
7411c285
|
Stephen Beaver
|
$group->add(new Form_Select(
|
841 |
|
|
'groups',
|
842 |
|
|
null,
|
843 |
|
|
array_combine((array)$pconfig['groups'], (array)$pconfig['groups']),
|
844 |
|
|
$usersGroups,
|
845 |
|
|
true
|
846 |
953385a3
|
heper
|
))->setHelp('Member of');
|
847 |
7411c285
|
Stephen Beaver
|
|
848 |
|
|
$section->add($group);
|
849 |
|
|
|
850 |
|
|
$group = new Form_Group('');
|
851 |
|
|
|
852 |
|
|
$group->add(new Form_Button(
|
853 |
|
|
'movetoenabled',
|
854 |
faab522f
|
Renato Botelho
|
'Move to "Member of" list',
|
855 |
37676f4e
|
jim-p
|
null,
|
856 |
|
|
'fa-angle-double-right'
|
857 |
347c0214
|
Phil Davis
|
))->setAttribute('type','button')->removeClass('btn-primary')->addClass('btn-info btn-sm');
|
858 |
7411c285
|
Stephen Beaver
|
|
859 |
|
|
$group->add(new Form_Button(
|
860 |
|
|
'movetodisabled',
|
861 |
faab522f
|
Renato Botelho
|
'Move to "Not member of" list',
|
862 |
37676f4e
|
jim-p
|
null,
|
863 |
|
|
'fa-angle-double-left'
|
864 |
347c0214
|
Phil Davis
|
))->setAttribute('type','button')->removeClass('btn-primary')->addClass('btn-info btn-sm');
|
865 |
4ee51131
|
Sjon Hortensius
|
|
866 |
e4c7d45f
|
NewEraCracker
|
$group->setHelp('Hold down CTRL (PC)/COMMAND (Mac) key to select multiple items.');
|
867 |
7411c285
|
Stephen Beaver
|
$section->add($group);
|
868 |
4ee51131
|
Sjon Hortensius
|
|
869 |
7411c285
|
Stephen Beaver
|
// ==== Button for adding user certificate ================================
|
870 |
d61309a0
|
Phil Davis
|
if ($act == 'new') {
|
871 |
fc1913fe
|
jim-p
|
if (count($nonPrvCas) > 0) {
|
872 |
|
|
$section->addInput(new Form_Checkbox(
|
873 |
|
|
'showcert',
|
874 |
|
|
'Certificate',
|
875 |
|
|
'Click to create a user certificate',
|
876 |
|
|
false
|
877 |
|
|
));
|
878 |
|
|
} else {
|
879 |
|
|
$section->addInput(new Form_StaticText(
|
880 |
|
|
'Certificate',
|
881 |
|
|
gettext('No private CAs found. A private CA is required to create a new user certificate. ' .
|
882 |
|
|
'Save the user first to import an external certificate.')
|
883 |
|
|
));
|
884 |
|
|
}
|
885 |
6b07c15a
|
Matthew Grooms
|
}
|
886 |
|
|
|
887 |
7411c285
|
Stephen Beaver
|
$form->add($section);
|
888 |
6b07c15a
|
Matthew Grooms
|
|
889 |
7411c285
|
Stephen Beaver
|
// ==== Effective privileges section ======================================
|
890 |
|
|
if (isset($pconfig['uid'])) {
|
891 |
|
|
// We are going to build an HTML table and add it to an Input_StaticText. It may be ugly, but it
|
892 |
|
|
// is the best way to make the display we need.
|
893 |
6b07c15a
|
Matthew Grooms
|
|
894 |
7411c285
|
Stephen Beaver
|
$section = new Form_Section('Effective Privileges');
|
895 |
4ee51131
|
Sjon Hortensius
|
|
896 |
7411c285
|
Stephen Beaver
|
$section->addInput(new Form_StaticText(
|
897 |
|
|
null,
|
898 |
|
|
build_priv_table()
|
899 |
|
|
));
|
900 |
4ee51131
|
Sjon Hortensius
|
|
901 |
7411c285
|
Stephen Beaver
|
$form->add($section);
|
902 |
4ee51131
|
Sjon Hortensius
|
|
903 |
7411c285
|
Stephen Beaver
|
// ==== Certificate table section =====================================
|
904 |
5f88f964
|
k-paulius
|
$section = new Form_Section('User Certificates');
|
905 |
7411c285
|
Stephen Beaver
|
|
906 |
|
|
$section->addInput(new Form_StaticText(
|
907 |
|
|
null,
|
908 |
|
|
build_cert_table()
|
909 |
|
|
));
|
910 |
64600f94
|
Sjon Hortensius
|
|
911 |
|
|
$form->add($section);
|
912 |
c9794c06
|
Ermal
|
}
|
913 |
7411c285
|
Stephen Beaver
|
|
914 |
f14ff867
|
Phil Davis
|
// ==== Add user certificate for a new user
|
915 |
|
|
if (is_array($config['ca']) && count($config['ca']) > 0) {
|
916 |
5f88f964
|
k-paulius
|
$section = new Form_Section('Create Certificate for User');
|
917 |
f14ff867
|
Phil Davis
|
$section->addClass('cert-options');
|
918 |
c9794c06
|
Ermal
|
|
919 |
f14ff867
|
Phil Davis
|
if (!empty($nonPrvCas)) {
|
920 |
|
|
$section->addInput(new Form_Input(
|
921 |
|
|
'name',
|
922 |
|
|
'Descriptive name',
|
923 |
|
|
'text',
|
924 |
|
|
$pconfig['name']
|
925 |
|
|
));
|
926 |
7411c285
|
Stephen Beaver
|
|
927 |
f14ff867
|
Phil Davis
|
$section->addInput(new Form_Select(
|
928 |
|
|
'caref',
|
929 |
|
|
'Certificate authority',
|
930 |
|
|
null,
|
931 |
|
|
$nonPrvCas
|
932 |
|
|
));
|
933 |
7411c285
|
Stephen Beaver
|
|
934 |
f14ff867
|
Phil Davis
|
$section->addInput(new Form_Select(
|
935 |
|
|
'keylen',
|
936 |
|
|
'Key length',
|
937 |
|
|
2048,
|
938 |
|
|
array(
|
939 |
|
|
512 => '512 bits',
|
940 |
|
|
1024 => '1024 bits',
|
941 |
16897690
|
jim-p
|
2048 => '2048 bits',
|
942 |
d5018c6a
|
stilez
|
3072 => '3072 bits',
|
943 |
f14ff867
|
Phil Davis
|
4096 => '4096 bits',
|
944 |
d5018c6a
|
stilez
|
7680 => '7680 bits',
|
945 |
|
|
8192 => '8192 bits',
|
946 |
|
|
15360 => '15360 bits',
|
947 |
|
|
16384 => '16384 bits'
|
948 |
f14ff867
|
Phil Davis
|
)
|
949 |
4dd437e4
|
Phil Davis
|
))->setHelp('The larger the key, the more security it offers, but larger keys take considerably more time to generate, ' .
|
950 |
|
|
'and take slightly longer to validate leading to a slight slowdown in setting up new sessions (not always noticeable). ' .
|
951 |
|
|
'As of 2016, 2048 bit is the minimum and most common selection and 4096 is the maximum in common use. ' .
|
952 |
|
|
'For more information see %1$s.', '<a href="https://keylength.com">keylength.com</a>');
|
953 |
7411c285
|
Stephen Beaver
|
|
954 |
f14ff867
|
Phil Davis
|
$section->addInput(new Form_Input(
|
955 |
|
|
'lifetime',
|
956 |
|
|
'Lifetime',
|
957 |
|
|
'number',
|
958 |
|
|
$pconfig['lifetime']
|
959 |
|
|
));
|
960 |
7411c285
|
Stephen Beaver
|
}
|
961 |
|
|
|
962 |
f14ff867
|
Phil Davis
|
$form->add($section);
|
963 |
|
|
}
|
964 |
|
|
|
965 |
7411c285
|
Stephen Beaver
|
endif;
|
966 |
|
|
// ==== Paste a key for the new user
|
967 |
4ee51131
|
Sjon Hortensius
|
$section = new Form_Section('Keys');
|
968 |
|
|
|
969 |
35e0cd70
|
Stephen Beaver
|
$section->addInput(new Form_Checkbox(
|
970 |
|
|
'showkey',
|
971 |
|
|
'Authorized keys',
|
972 |
|
|
'Click to paste an authorized key',
|
973 |
|
|
false
|
974 |
|
|
));
|
975 |
|
|
|
976 |
4ee51131
|
Sjon Hortensius
|
$section->addInput(new Form_Textarea(
|
977 |
|
|
'authorizedkeys',
|
978 |
d1e73829
|
Stephen Beaver
|
'Authorized SSH Keys',
|
979 |
4ee51131
|
Sjon Hortensius
|
$pconfig['authorizedkeys']
|
980 |
d1e73829
|
Stephen Beaver
|
))->setHelp('Enter authorized SSH keys for this user');
|
981 |
4ee51131
|
Sjon Hortensius
|
|
982 |
35e0cd70
|
Stephen Beaver
|
$section->addInput(new Form_Input(
|
983 |
4ee51131
|
Sjon Hortensius
|
'ipsecpsk',
|
984 |
|
|
'IPsec Pre-Shared Key',
|
985 |
|
|
'text',
|
986 |
|
|
$pconfig['ipsecpsk']
|
987 |
|
|
));
|
988 |
|
|
|
989 |
|
|
$form->add($section);
|
990 |
7411c285
|
Stephen Beaver
|
|
991 |
a0165602
|
Sjon Hortensius
|
print $form;
|
992 |
8bab524e
|
Phil Davis
|
|
993 |
|
|
$csswarning = sprintf(gettext("%sUser-created themes are unsupported, use at your own risk."), "<br />");
|
994 |
7411c285
|
Stephen Beaver
|
?>
|
995 |
8fd9052f
|
Colin Fleming
|
<script type="text/javascript">
|
996 |
7411c285
|
Stephen Beaver
|
//<![CDATA[
|
997 |
d61309a0
|
Phil Davis
|
events.push(function() {
|
998 |
7411c285
|
Stephen Beaver
|
|
999 |
8bab524e
|
Phil Davis
|
function setcustomoptions() {
|
1000 |
|
|
var adv = $('#customsettings').prop('checked');
|
1001 |
|
|
|
1002 |
|
|
hideInput('webguicss', !adv);
|
1003 |
|
|
hideInput('webguifixedmenu', !adv);
|
1004 |
|
|
hideInput('webguihostnamemenu', !adv);
|
1005 |
|
|
hideInput('dashboardcolumns', !adv);
|
1006 |
1d3510cf
|
Phil Davis
|
hideCheckbox('interfacessort', !adv);
|
1007 |
8bab524e
|
Phil Davis
|
hideCheckbox('dashboardavailablewidgetspanel', !adv);
|
1008 |
|
|
hideCheckbox('systemlogsfilterpanel', !adv);
|
1009 |
|
|
hideCheckbox('systemlogsmanagelogpanel', !adv);
|
1010 |
|
|
hideCheckbox('statusmonitoringsettingspanel', !adv);
|
1011 |
|
|
hideCheckbox('webguileftcolumnhyper', !adv);
|
1012 |
d9058974
|
Phil Davis
|
hideCheckbox('disablealiaspopupdetail', !adv);
|
1013 |
8bab524e
|
Phil Davis
|
hideCheckbox('pagenamefirst', !adv);
|
1014 |
|
|
}
|
1015 |
|
|
|
1016 |
|
|
// Handle displaying a warning message if a user-created theme is selected.
|
1017 |
|
|
function setThemeWarning() {
|
1018 |
|
|
if ($('#webguicss').val().startsWith("pfSense")) {
|
1019 |
|
|
$('#csstxt').html("").addClass("text-default");
|
1020 |
|
|
} else {
|
1021 |
|
|
$('#csstxt').html("<?=$csswarning?>").addClass("text-danger");
|
1022 |
|
|
}
|
1023 |
|
|
}
|
1024 |
|
|
|
1025 |
|
|
$('#webguicss').change(function() {
|
1026 |
|
|
setThemeWarning();
|
1027 |
|
|
});
|
1028 |
|
|
|
1029 |
|
|
setThemeWarning();
|
1030 |
|
|
|
1031 |
7411c285
|
Stephen Beaver
|
// On click . .
|
1032 |
8bab524e
|
Phil Davis
|
$('#customsettings').click(function () {
|
1033 |
|
|
setcustomoptions();
|
1034 |
|
|
});
|
1035 |
|
|
|
1036 |
7411c285
|
Stephen Beaver
|
$("#movetodisabled").click(function() {
|
1037 |
|
|
moveOptions($('[name="groups[]"] option'), $('[name="sysgroups[]"]'));
|
1038 |
|
|
});
|
1039 |
|
|
|
1040 |
|
|
$("#movetoenabled").click(function() {
|
1041 |
|
|
moveOptions($('[name="sysgroups[]"] option'), $('[name="groups[]"]'));
|
1042 |
|
|
});
|
1043 |
|
|
|
1044 |
|
|
$("#showcert").click(function() {
|
1045 |
|
|
hideClass('cert-options', !this.checked);
|
1046 |
|
|
});
|
1047 |
|
|
|
1048 |
|
|
$("#showkey").click(function() {
|
1049 |
35e0cd70
|
Stephen Beaver
|
hideInput('authorizedkeys', false);
|
1050 |
|
|
hideCheckbox('showkey', true);
|
1051 |
7411c285
|
Stephen Beaver
|
});
|
1052 |
|
|
|
1053 |
98402844
|
Stephen Beaver
|
$('[id^=delcert]').click(function(event) {
|
1054 |
d61309a0
|
Phil Davis
|
if (confirm(event.target.title)) {
|
1055 |
98402844
|
Stephen Beaver
|
$('#certid').val(event.target.id.match(/\d+$/)[0]);
|
1056 |
|
|
$('#userid').val('<?=$id;?>');
|
1057 |
|
|
$('#act').val('delcert');
|
1058 |
|
|
$('form').submit();
|
1059 |
|
|
}
|
1060 |
|
|
});
|
1061 |
945204b1
|
Stephen Beaver
|
|
1062 |
408d0882
|
heper
|
$('[id^=delprivid]').click(function(event) {
|
1063 |
d61309a0
|
Phil Davis
|
if (confirm(event.target.title)) {
|
1064 |
4c879f95
|
heper
|
$('#privid').val(event.target.id.match(/\d+$/)[0]);
|
1065 |
408d0882
|
heper
|
$('#userid').val('<?=$id;?>');
|
1066 |
|
|
$('#act').val('delprivid');
|
1067 |
|
|
$('form').submit();
|
1068 |
|
|
}
|
1069 |
|
|
});
|
1070 |
64c31615
|
Stephen Beaver
|
|
1071 |
53c38ff1
|
Stephen Beaver
|
$('#expires').datepicker();
|
1072 |
98402844
|
Stephen Beaver
|
|
1073 |
eef93144
|
Jared Dillard
|
// ---------- On initial page load ------------------------------------------------------------
|
1074 |
|
|
|
1075 |
|
|
hideClass('cert-options', true);
|
1076 |
|
|
//hideInput('authorizedkeys', true);
|
1077 |
d1e73829
|
Stephen Beaver
|
hideCheckbox('showkey', true);
|
1078 |
8bab524e
|
Phil Davis
|
setcustomoptions();
|
1079 |
7411c285
|
Stephen Beaver
|
|
1080 |
|
|
// On submit mark all the user's groups as "selected"
|
1081 |
d61309a0
|
Phil Davis
|
$('form').submit(function() {
|
1082 |
7411c285
|
Stephen Beaver
|
AllServers($('[name="groups[]"] option'), true);
|
1083 |
|
|
});
|
1084 |
f5c9c0c7
|
Steve Beaver
|
|
1085 |
7411c285
|
Stephen Beaver
|
});
|
1086 |
|
|
//]]>
|
1087 |
|
|
</script>
|
1088 |
|
|
<?php
|
1089 |
bb1b5c6f
|
heper
|
include('foot.inc');
|
1090 |
d6b79c39
|
Phil Davis
|
?>
|