/usr/local/www/system_usermanager_edit.php - Annotate - pfSense - pfSense bugtracker

8ec2ea96

Bill Marquette

<?php

2

/* $Id$ */

3

/*

4

	system_usermanager_edit.php

5

6

	Copyright (C) 2006 Daniel S. Haischt.

7

	All rights reserved.

8

9

	Redistribution and use in source and binary forms, with or without

10

	modification, are permitted provided that the following conditions are met:

11

12

	1. Redistributions of source code must retain the above copyright notice,

13

	   this list of conditions and the following disclaimer.

14

15

	2. Redistributions in binary form must reproduce the above copyright

16

	   notice, this list of conditions and the following disclaimer in the

17

	   documentation and/or other materials provided with the distribution.

18

19

	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,

20

	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY

21

	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE

22

	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,

23

	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF

24

	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS

25

	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN

26

	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)

27

	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE

28

	POSSIBILITY OF SUCH DAMAGE.

29

*/

30

31

require("guiconfig.inc");

32

34

8ec2ea96

Bill Marquette

35

/*

36

  The following code presumes, that the following XML structure exists or

37

  if it does not exist, it will be created.

38

39

    <priv>

40

      <id>fooid</id>

41

      <name>foo</name>

42

      <descr>foo desc</descr>

43

    </priv>

44

    <priv>

45

      <id>barid</id>

46

      <name>bar</name>

47

      <descr>bar desc</descr>

48

    </priv>

49

*/

50

51

$useract = $_GET['useract'];

52

if (isset($_POST['useract']))

53

	$useract = $_POST['useract'];

54

55

/* USERID must be set no matter whether this is a new entry or an existing entry */

56

$userid = $_GET['userid'];

57

if (isset($_POST['userid']))

58

	$userid = $_POST['userid'];

59

60

/* ID is only set if the user wants to edit an existing entry */

61

$id = $_GET['id'];

62

if (isset($_POST['id']))

63

	$id = $_POST['id'];

64

65

if (empty($config['system']['user'][$userid])) {

66

		pfSenseHeader("system_usermanager.php?id={$userid}&act={$_GET['useract']}");

67

		exit;

68

69

70

if (!is_array($config['system']['user'][$userid]['priv'])) {

71

  $config['system']['user'][$userid]['priv'] = array();

72

73

74

$t_privs = &$config['system']['user'][$userid]['priv'];

75

76

if (isset($id) && $t_privs[$id]) {

77

        $pconfig['pid'] = $t_privs[$id]['id'];

78

        $pconfig['pname'] = $t_privs[$id]['name'];

79

        $pconfig['descr'] = $t_privs[$id]['descr'];

80

} else {

81

        $pconfig['pid'] = $_GET['pid'];

82

        $pconfig['pname'] = $_GET['pname'];

83

        $pconfig['descr'] = $_GET['descr'];

84

85

86

if ($_POST) {

87

88

	unset($input_errors);

89

	$pconfig = $_POST;

90

91

	/* input validation */

92

	$reqdfields = explode(" ", "pid pname");

93

	$reqdfieldsn = explode(",", "ID, Privilege Name");

94

95

	do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);

96

97

	/* check for overlaps */

98

	foreach ($t_privs as $priv) {

99

		if (isset($id) && ($t_privs[$id]) && ($t_privs[$id] === $priv)) {

100

			continue;

101

102

		if ($priv['id'] == $pconfig['pid']) {

103

			$input_errors[] = gettext("This privilege ID already exists.");

104

			break;

  if (hasShellAccess($userindex[$userid]['name']) ||

109

      isAllowedToCopyFiles($userindex[$userid]['name'])) {

110

    if (preg_match("/[^a-zA-Z0-9\.\-_]/", $userindex[$userid]['name']))

111

        $input_errors[] = gettext("The username contains invalid characters " .

112

                                  "((this means this user can't be used to create" .

113

                                  " a shell account).");

114

115

116

	/* if this is an AJAX caller then handle via JSON */

117

	if(isAjax() && is_array($input_errors)) {

118

		input_errors2Ajax($input_errors);

119

		exit;

120

121

122

	if (!$input_errors) {

123

		$priv = array();

124

		$priv['id'] = $pconfig['pid'];

125

		$priv['name'] = $pconfig['pname'];

126

		$priv['descr'] = $pconfig['descr'];

127

128

		if (isset($id) && $t_privs[$id])

129

			$t_privs[$id] = $priv;

130

		else

131

			$t_privs[] = $priv;

141

8ec2ea96

Bill Marquette

143

8ec2ea96

Bill Marquette

148

8ec2ea96

Bill Marquette

    $retval = 0;

149

    config_lock();

150

    config_unlock();

151

152

    $savemsg = get_std_save_message($retval);

153

154

		pfSenseHeader("system_usermanager.php?id={$userid}&act={$useract}");

155

		exit;

/* if ajax is calling, give them an update message */

160

if(isAjax())

161

	print_info_box_np($savemsg);

162

163

include("head.inc");

164

165

$jscriptstr = <<<EOD

166

<script type="text/javascript">

167

<!--

168

169

  var privs = new Array();

170

171

172

EOD;

173

174

$privs =& getSystemPrivs();

175

176

if (is_array($privs)) {

177

  $id = 0;

178

179

  $jscriptstr .= "privs[{$id}] = new Object();\n";

180

  $jscriptstr .= "privs[{$id}]['id'] = 'custom';\n";

181

  $jscriptstr .= "privs[{$id}]['name'] = '*** Custom privilege ***';\n";

182

  $jscriptstr .= "privs[{$id}]['desc'] = 'This is your own, user defined privilege that you may change according to your requirements.';\n";

183

  $id++;

184

185

  foreach($privs as $priv){

186

    $jscriptstr .= "privs[{$id}] = new Object();\n";

187

    $jscriptstr .= "privs[{$id}]['id'] = '{$priv['id']}';\n";

188

    $jscriptstr .= "privs[{$id}]['name'] = '{$priv['name']}';\n";

189

    $jscriptstr .= "privs[{$id}]['desc'] = '{$priv['desc']}';\n";

190

    $id++;

$jscriptstr .= <<<EOD

195

  function setTextFields() {

196

    var idx = document.iform.sysprivs.selectedIndex;

197

    var value = document.iform.sysprivs.options[idx].value;

198

199

    for (var i = 0; i < privs.length; i++) {

200

      if (privs[i]['id'] == value && privs[i]['id'] != 'custom') {

201

        document.iform.pid.value = privs[i]['id'];

202

        document.iform.pid.readOnly = true;

203

        document.iform.pname.value = privs[i]['name'];

204

        document.iform.pname.readOnly = true;

205

        document.iform.descr.value = privs[i]['desc'];

206

        document.iform.descr.readOnly = true;

207

        break;

208

      } else if (privs[i]['id'] == value) {

209

        document.iform.pid.value = privs[i]['id'];

210

        document.iform.pid.readOnly = false;

211

        document.iform.pname.value = privs[i]['name'];

212

        document.iform.pname.readOnly = false;

213

        document.iform.descr.value = privs[i]['desc'];

214

        document.iform.descr.readOnly = false;

215

        break;

//-->

221

</script>

222

223

EOD;

224

225

include("head.inc");

226

227

?>

228

229

<body link="#0000CC" vlink="#0000CC" alink="#0000CC" onload="<?= $jsevents["body"]["onload"] ?>">

230

<?php include("fbegin.inc"); ?>

232

8ec2ea96

Bill Marquette

<?php if ($input_errors) print_input_errors($input_errors); ?>

233

<?php if ($savemsg) print_info_box($savemsg); ?>

234

            <form action="system_usermanager_edit.php" method="post" name="iform" id="iform">

235

            <div id="inputerrors"></div>

236

              <table width="100%" border="0" cellpadding="6" cellspacing="0">

237

                <tr>

238

                  <td width="22%" valign="top" class="vncellreq"><?=gettext("System Privileges");?></td>

239

                  <td width="78%" class="vtable">

240

                    <select name="sysprivs" id="sysprivs" class="formselect" onchange="setTextFields();">

241

                      <option value="custom">*** Custom privilege ***</option>

242

                    <?php

243

                      $privs =& getSystemPrivs();

244

245

                      if (is_array($privs)) {

246

                        foreach($privs as $priv){

247

                          if (isset($config['system']['ssh']['sshdkeyonly']) &&  $priv['name'] <> "copyfiles")

248

                              echo "<option value=\"{$priv['id']}\">${priv['name']}</option>";

249

                          else if (empty($config['system']['ssh']['sshdkeyonly']))

250

                              echo "<option value=\"{$priv['id']}\">${priv['name']}</option>";

251

252

253

?>

254

                    </select><br />

255

                    (If you do not want to define your own privilege, you may

256

                    select one from this list)

257

                  </td>

258

                </tr>

259

                <tr>

260

                  <td width="22%" valign="top" class="vncellreq"><?=gettext("Privilege Identifier");?></td>

261

                  <td width="78%" class="vtable">

262

                    <input name="pid" type="text" class="formfld unknown" id="pid" size="30" value="<?=htmlspecialchars($pconfig['pid']);?>" />

263

                  </td>

264

                </tr>

265

                <tr>

266

                  <td width="22%" valign="top" class="vncellreq"><?=gettext("Privilege Name");?></td>

267

                  <td width="78%" class="vtable">

268

                    <input name="pname" type="text" class="formfld unknown" id="pname" size="30" value="<?=htmlspecialchars($pconfig['pname']);?>" />

269

                  </td>

270

                </tr>

271

                <tr>

272

                  <td width="22%" valign="top" class="vncell"><?=gettext("Description");?></td>

273

                  <td width="78%" class="vtable">

274

                    <input name="descr" type="text" class="formfld unknown" id="descr" size="60" value="<?=htmlspecialchars($pconfig['descr']);?>" />

275

                    <br /> <span class="vexpl"><?=gettext("You may enter a description here

276

                    for your reference (not parsed).");?></span></td>

277

                </tr>

278

                <tr>

279

                  <td width="22%" valign="top">&nbsp;</td>

280

                  <td width="78%">

281

                    <input id="submitt"  name="Submit" type="submit" class="formbtn" value="<?=gettext("Save");?>" />

282

                    <input id="cancelbutton" class="formbtn" type="button" value="<?=gettext("Cancel");?>" onclick="history.back()" />

283

                    <?php if (isset($id) && $t_privs[$id]): ?>

284

                    <input name="id" type="hidden" value="<?=$id;?>" />

285

                    <?php endif; ?>

286

                    <?php if (isset($userid)): ?>

287

                    <input name="userid" type="hidden" value="<?=$userid;?>" />

288

                    <?php endif; ?>

289

                    <?php if (isset($useract)): ?>

290

                    <input name="useract" type="hidden" value="<?=$useract;?>" />

291

                    <?php endif; ?>

292

                  </td>

293

                </tr>

294

              </table>

295

            </form>

296

<?php include("fend.inc"); ?>

297

</body>

298

</html>

Project

General

Profile

pfSense

Project

General

Profile

pfSense

root/usr/local/www/system_usermanager_edit.php @ 9c9fd516