/src/usr/local/www/system_groupmanager.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/src/usr/local/www/system_groupmanager.php @ a69f79bd

1	4c291f4c	Renato Botelho	<?php
2	fab7ff44	Bill Marquette	/*
3	c5d81585	Renato Botelho	* system_groupmanager.php
4	191cb31d	Stephen Beaver	*
5	c5d81585	Renato Botelho	* part of pfSense (https://www.pfsense.org)
6	38809d47	Renato Botelho do Couto	* Copyright (c) 2004-2013 BSD Perimeter
7			* Copyright (c) 2013-2016 Electric Sheep Fencing
8	8f585441	Luiz Souza	* Copyright (c) 2014-2021 Rubicon Communications, LLC (Netgate)
9	c5d81585	Renato Botelho	* Copyright (c) 2005 Paul Taylor <paultaylor@winn-dixie.com>
10			* Copyright (c) 2008 Shrew Soft Inc
11			* All rights reserved.
12	f74457df	Stephen Beaver	*
13	c5d81585	Renato Botelho	* originally based on m0n0wall (http://m0n0.ch/wall)
14			* Copyright (c) 2003-2004 Manuel Kasper <mk@neon1.net>.
15			* All rights reserved.
16	f74457df	Stephen Beaver	*
17	b12ea3fb	Renato Botelho	* Licensed under the Apache License, Version 2.0 (the "License");
18			* you may not use this file except in compliance with the License.
19			* You may obtain a copy of the License at
20	f74457df	Stephen Beaver	*
21	b12ea3fb	Renato Botelho	* http://www.apache.org/licenses/LICENSE-2.0
22	f74457df	Stephen Beaver	*
23	b12ea3fb	Renato Botelho	* Unless required by applicable law or agreed to in writing, software
24			* distributed under the License is distributed on an "AS IS" BASIS,
25			* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
26			* See the License for the specific language governing permissions and
27			* limitations under the License.
28	f74457df	Stephen Beaver	*/
29	fab7ff44	Bill Marquette
30	6b07c15a	Matthew Grooms	##\|+PRIV
31			##\|*IDENT=page-system-groupmanager
32	48157a04	Phil Davis	##\|*NAME=System: Group Manager
33			##\|*DESCR=Allow access to the 'System: Group Manager' page.
34	57188e47	Phil Davis	##\|*WARN=standard-warning-root
35	6b07c15a	Matthew Grooms	##\|MATCH=system_groupmanager.php
36			##\|-PRIV
37	fab7ff44	Bill Marquette
38	c81ef6e2	Phil Davis	require_once("guiconfig.inc");
39	15c74b5b	doktornotor	require_once("pfsense-utils.inc");
40	d88c6a9f	Scott Ullrich
41	3fa6d462	jim-p	$logging_level = LOG_WARNING;
42			$logging_prefix = gettext("Local User Database");
43
44	c6c398c6	jim-p	init_config_arr(array('system', 'group'));
45	6b07c15a	Matthew Grooms	$a_group = &$config['system']['group'];
46	d81c2ad1	Scott Ullrich
47	7ea27b0d	Renato Botelho	unset($id);
48	4611e283	Steve Beaver	$id = $_REQUEST['groupid'];
49			$act = (isset($_REQUEST['act']) ? $_REQUEST['act'] : '');
50	31b53653	Scott Ullrich
51	06683083	Stephen Beaver	function cpusercmp($a, $b) {
52			return strcasecmp($a['name'], $b['name']);
53			}
54	23d09a2e	Stephen Beaver
55	06683083	Stephen Beaver	function admin_groups_sort() {
56			global $a_group;
57
58			if (!is_array($a_group)) {
59			return;
60			}
61
62			usort($a_group, "cpusercmp");
63			}
64
65	acd7e560	jim-p	/*
66			* Check user privileges to test if the user is allowed to make changes.
67			* Otherwise users can end up in an inconsistent state where some changes are
68			* performed and others denied. See https://redmine.pfsense.org/issues/9259
69			*/
70			phpsession_begin();
71			$guiuser = getUserEntry($_SESSION['Username']);
72			$read_only = (is_array($guiuser) && userHasPrivilege($guiuser, "user-config-readonly"));
73			phpsession_end();
74
75			if (!empty($_POST) && $read_only) {
76			$input_errors = array(gettext("Insufficient privileges to make the requested change (read only)."));
77			}
78
79			if (($_POST['act'] == "delgroup") && !$read_only) {
80	7ea27b0d	Renato Botelho
81	449cac24	Renato Botelho	if (!isset($id) \|\| !isset($_REQUEST['groupname']) \|\|
82			!isset($a_group[$id]) \|\|
83			($_REQUEST['groupname'] != $a_group[$id]['name'])) {
84	6b07c15a	Matthew Grooms	pfSenseHeader("system_groupmanager.php");
85			exit;
86			}
87	31b53653	Scott Ullrich
88	7ea27b0d	Renato Botelho	local_group_del($a_group[$id]);
89			$groupdeleted = $a_group[$id]['name'];
90			unset($a_group[$id]);
91	449cac24	Renato Botelho	/*
92			* Reindex the array to avoid operating on an incorrect index
93			* https://redmine.pfsense.org/issues/7733
94			*/
95	92c27793	jim-p	$a_group = array_values($a_group);
96	3fa6d462	jim-p
97	449cac24	Renato Botelho	$savemsg = sprintf(gettext("Successfully deleted group: %s"),
98			$groupdeleted);
99	3fa6d462	jim-p	write_config($savemsg);
100			syslog($logging_level, "{$logging_prefix}: {$savemsg}");
101	fab7ff44	Bill Marquette	}
102	d88c6a9f	Scott Ullrich
103	acd7e560	jim-p	if (($_POST['act'] == "delpriv") && !$read_only) {
104	6b07c15a	Matthew Grooms
105	7ea27b0d	Renato Botelho	if (!isset($id) \|\| !isset($a_group[$id])) {
106	6b07c15a	Matthew Grooms	pfSenseHeader("system_groupmanager.php");
107			exit;
108			}
109	fab7ff44	Bill Marquette
110	449cac24	Renato Botelho	$privdeleted =
111			$priv_list[$a_group[$id]['priv'][$_REQUEST['privid']]]['name'];
112	4611e283	Steve Beaver	unset($a_group[$id]['priv'][$_REQUEST['privid']]);
113	6b07c15a	Matthew Grooms
114	2ee08031	Erik Fonnesbeck	if (is_array($a_group[$id]['member'])) {
115			foreach ($a_group[$id]['member'] as $uid) {
116			$user = getUserEntryByUID($uid);
117	e0c7b2fe	Phil Davis	if ($user) {
118	2ee08031	Erik Fonnesbeck	local_user_set($user);
119	64600f94	Sjon Hortensius	}
120	2ee08031	Erik Fonnesbeck	}
121	64600f94	Sjon Hortensius	}
122	45ee90ed	Matthew Grooms
123	449cac24	Renato Botelho	$savemsg = sprintf(gettext("Removed Privilege \"%s\" from group %s"),
124			$privdeleted, $a_group[$id]['name']);
125	3fa6d462	jim-p	write_config($savemsg);
126			syslog($logging_level, "{$logging_prefix}: {$savemsg}");
127
128	7ea27b0d	Renato Botelho	$act = "edit";
129	6b07c15a	Matthew Grooms	}
130	45ee90ed	Matthew Grooms
131	7ea27b0d	Renato Botelho	if ($act == "edit") {
132			if (isset($id) && isset($a_group[$id])) {
133	45ee90ed	Matthew Grooms	$pconfig['name'] = $a_group[$id]['name'];
134	6b07c15a	Matthew Grooms	$pconfig['gid'] = $a_group[$id]['gid'];
135	449cac24	Renato Botelho	$pconfig['gtype'] = empty($a_group[$id]['scope'])
136			? "local" : $a_group[$id]['scope'];
137	45ee90ed	Matthew Grooms	$pconfig['description'] = $a_group[$id]['description'];
138	6b07c15a	Matthew Grooms	$pconfig['members'] = $a_group[$id]['member'];
139			$pconfig['priv'] = $a_group[$id]['priv'];
140	45ee90ed	Matthew Grooms	}
141			}
142	6b07c15a	Matthew Grooms
143	acd7e560	jim-p	if (isset($_POST['dellall_x']) && !$read_only) {
144	c0c5b8cc	bruno
145	20231404	Steve Beaver	$del_groups = $_POST['delete_check'];
146	3fa6d462	jim-p	$deleted_groups = array();
147	c0c5b8cc	bruno
148	e0c7b2fe	Phil Davis	if (!empty($del_groups)) {
149			foreach ($del_groups as $groupid) {
150	449cac24	Renato Botelho	if (isset($a_group[$groupid]) &&
151			$a_group[$groupid]['scope'] != "system") {
152	3fa6d462	jim-p	$deleted_groups[] = $a_group[$groupid]['name'];
153	c0c5b8cc	bruno	local_group_del($a_group[$groupid]);
154			unset($a_group[$groupid]);
155			}
156			}
157	3fa6d462	jim-p
158	449cac24	Renato Botelho	$savemsg = sprintf(gettext("Successfully deleted %s: %s"),
159			(count($deleted_groups) == 1)
160			? gettext("group") : gettext("groups"),
161			implode(', ', $deleted_groups));
162			/*
163			* Reindex the array to avoid operating on an incorrect index
164			* https://redmine.pfsense.org/issues/7733
165			*/
166	92c27793	jim-p	$a_group = array_values($a_group);
167	c0c5b8cc	bruno	write_config($savemsg);
168	3fa6d462	jim-p	syslog($logging_level, "{$logging_prefix}: {$savemsg}");
169	c0c5b8cc	bruno	}
170			}
171
172	acd7e560	jim-p	if (isset($_POST['save']) && !$read_only) {
173	d88c6a9f	Scott Ullrich	unset($input_errors);
174			$pconfig = $_POST;
175
176			/* input validation */
177			$reqdfields = explode(" ", "groupname");
178	b4fd804b	Carlos Eduardo Ramos	$reqdfieldsn = array(gettext("Group Name"));
179	4c291f4c	Renato Botelho
180	1e9b4611	Renato Botelho	do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
181	4c291f4c	Renato Botelho
182	d7689b2c	Stephen Beaver	if ($_POST['gtype'] != "remote") {
183	79ed8ce0	Stephen Beaver	if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['groupname'])) {
184	449cac24	Renato Botelho	$input_errors[] = sprintf(gettext(
185			"The (%s) group name contains invalid characters."),
186			$_POST['gtype']);
187	79ed8ce0	Stephen Beaver	}
188	8d4f79cd	jim-p	if (strlen($_POST['groupname']) > 16) {
189			$input_errors[] = gettext(
190			"The group name is longer than 16 characters.");
191			}
192	79ed8ce0	Stephen Beaver	} else {
193			if (preg_match("/[^a-zA-Z0-9\.\- _]/", $_POST['groupname'])) {
194	449cac24	Renato Botelho	$input_errors[] = sprintf(gettext(
195			"The (%s) group name contains invalid characters."),
196			$_POST['gtype']);
197	79ed8ce0	Stephen Beaver	}
198	e0c7b2fe	Phil Davis	}
199	4c291f4c	Renato Botelho
200	5bef2407	jim-p	/* Check the POSTed members to ensure they are valid and exist */
201	9d3e8723	Phil Davis	if (is_array($_POST['members'])) {
202	9f472202	NewEraCracker	foreach ($_POST['members'] as $newmember) {
203	449cac24	Renato Botelho	if (!is_numeric($newmember) \|\|
204			empty(getUserEntryByUID($newmember))) {
205			$input_errors[] = gettext("One or more " .
206			"invalid group members was submitted.");
207	9f472202	NewEraCracker	}
208	5bef2407	jim-p	}
209			}
210
211	d88c6a9f	Scott Ullrich	if (!$input_errors && !(isset($id) && $a_group[$id])) {
212			/* make sure there are no dupes */
213			foreach ($a_group as $group) {
214			if ($group['name'] == $_POST['groupname']) {
215	449cac24	Renato Botelho	$input_errors[] = gettext("Another entry " .
216			"with the same group name already exists.");
217	d88c6a9f	Scott Ullrich	break;
218			}
219			}
220			}
221	4c291f4c	Renato Botelho
222	d88c6a9f	Scott Ullrich	if (!$input_errors) {
223	45ee90ed	Matthew Grooms	$group = array();
224	e0c7b2fe	Phil Davis	if (isset($id) && $a_group[$id]) {
225	d88c6a9f	Scott Ullrich	$group = $a_group[$id];
226	e0c7b2fe	Phil Davis	}
227	4c291f4c	Renato Botelho
228	d88c6a9f	Scott Ullrich	$group['name'] = $_POST['groupname'];
229			$group['description'] = $_POST['description'];
230	79ed8ce0	Stephen Beaver	$group['scope'] = $_POST['gtype'];
231	45ee90ed	Matthew Grooms
232	e0c7b2fe	Phil Davis	if (empty($_POST['members'])) {
233	70d6b5c4	Ermal	unset($group['member']);
234	e0c7b2fe	Phil Davis	} else if ($group['gid'] != 1998) { // all group
235	6b07c15a	Matthew Grooms	$group['member'] = $_POST['members'];
236	e0c7b2fe	Phil Davis	}
237	45ee90ed	Matthew Grooms
238	e0c7b2fe	Phil Davis	if (isset($id) && $a_group[$id]) {
239	d88c6a9f	Scott Ullrich	$a_group[$id] = $group;
240	e0c7b2fe	Phil Davis	} else {
241	45ee90ed	Matthew Grooms	$group['gid'] = $config['system']['nextgid']++;
242	d88c6a9f	Scott Ullrich	$a_group[] = $group;
243	45ee90ed	Matthew Grooms	}
244
245	06683083	Stephen Beaver	admin_groups_sort();
246
247	659fa7f2	Matthew Grooms	local_group_set($group);
248	2a0e8512	jim-p
249	449cac24	Renato Botelho	/*
250			* Refresh users in this group since their privileges may have
251			* changed.
252			*/
253	5709072a	jim-p	if (is_array($group['member'])) {
254	c6c398c6	jim-p	init_config_arr(array('system', 'user'));
255	5709072a	jim-p	$a_user = &$config['system']['user'];
256			foreach ($a_user as & $user) {
257	e0c7b2fe	Phil Davis	if (in_array($user['uid'], $group['member'])) {
258	5709072a	jim-p	local_user_set($user);
259	e0c7b2fe	Phil Davis	}
260	5709072a	jim-p	}
261	2a0e8512	jim-p	}
262
263	dc3bc1f8	Renato Botelho	/* Sort it alphabetically */
264			usort($config['system']['group'], function($a, $b) {
265			return strcmp($a['name'], $b['name']);
266			});
267
268	449cac24	Renato Botelho	$savemsg = sprintf(gettext("Successfully %s group %s"),
269			(strlen($id) > 0) ? gettext("edited") : gettext("created"),
270			$group['name']);
271	3fa6d462	jim-p	write_config($savemsg);
272			syslog($logging_level, "{$logging_prefix}: {$savemsg}");
273	4c291f4c	Renato Botelho
274	d88c6a9f	Scott Ullrich	header("Location: system_groupmanager.php");
275			exit;
276			}
277	23d09a2e	Stephen Beaver
278			$pconfig['name'] = $_POST['groupname'];
279	fab7ff44	Bill Marquette	}
280
281	2f1e91e4	Stephen Beaver	function build_priv_table() {
282	acd7e560	jim-p	global $a_group, $id, $read_only;
283	2f1e91e4	Stephen Beaver
284			$privhtml = '<div class="table-responsive">';
285			$privhtml .= '<table class="table table-striped table-hover table-condensed">';
286			$privhtml .= '<thead>';
287	70da45c9	NOYB	$privhtml .= '<tr>';
288			$privhtml .= '<th>' . gettext('Name') . '</th>';
289			$privhtml .= '<th>' . gettext('Description') . '</th>';
290			$privhtml .= '<th>' . gettext('Action') . '</th>';
291			$privhtml .= '</tr>';
292	2f1e91e4	Stephen Beaver	$privhtml .= '</thead>';
293			$privhtml .= '<tbody>';
294
295	57188e47	Phil Davis	$user_has_root_priv = false;
296
297	2f1e91e4	Stephen Beaver	foreach (get_user_privdesc($a_group[$id]) as $i => $priv) {
298			$privhtml .= '<tr>';
299			$privhtml .= '<td>' . htmlspecialchars($priv['name']) . '</td>';
300	57188e47	Phil Davis	$privhtml .= '<td>' . htmlspecialchars($priv['descr']);
301			if (isset($priv['warn']) && ($priv['warn'] == 'standard-warning-root')) {
302	21312954	Phil Davis	$privhtml .= ' ' . gettext('(admin privilege)');
303	57188e47	Phil Davis	$user_has_root_priv = true;
304			}
305			$privhtml .= '</td>';
306	acd7e560	jim-p	if (!$read_only) {
307			$privhtml .= '<td><a class="fa fa-trash" title="' . gettext('Delete Privilege') . '" href="system_groupmanager.php?act=delpriv&groupid=' . $id . '&privid=' . $i . '" usepost></a></td>';
308			}
309	2f1e91e4	Stephen Beaver	$privhtml .= '</tr>';
310	d61309a0	Phil Davis
311	2f1e91e4	Stephen Beaver	}
312
313	57188e47	Phil Davis	if ($user_has_root_priv) {
314			$privhtml .= '<tr>';
315			$privhtml .= '<td colspan="2">';
316	9187d6f7	Phil Davis	$privhtml .= '<b>' . gettext('Security notice: Users in this group effectively have administrator-level access') . '</b>';
317	57188e47	Phil Davis	$privhtml .= '</td>';
318			$privhtml .= '<td>';
319			$privhtml .= '</td>';
320			$privhtml .= '</tr>';
321	20231404	Steve Beaver
322	57188e47	Phil Davis	}
323
324	2f1e91e4	Stephen Beaver	$privhtml .= '</tbody>';
325			$privhtml .= '</table>';
326			$privhtml .= '</div>';
327
328			$privhtml .= '<nav class="action-buttons">';
329	acd7e560	jim-p	if (!$read_only) {
330			$privhtml .= '<a href="system_groupmanager_addprivs.php?groupid=' . $id . '" class="btn btn-success"><i class="fa fa-plus icon-embed-btn"></i>' . gettext("Add") . '</a>';
331			}
332	2f1e91e4	Stephen Beaver	$privhtml .= '</nav>';
333
334			return($privhtml);
335			}
336
337	8f1ab2a4	k-paulius	$pgtitle = array(gettext("System"), gettext("User Manager"), gettext("Groups"));
338	edcd7535	Phil Davis	$pglinks = array("", "system_usermanager.php", "system_groupmanager.php");
339	8f1ab2a4	k-paulius
340			if ($act == "new" \|\| $act == "edit") {
341			$pgtitle[] = gettext('Edit');
342	edcd7535	Phil Davis	$pglinks[] = "@self";
343	8f1ab2a4	k-paulius	}
344	23d09a2e	Stephen Beaver
345	fab7ff44	Bill Marquette	include("head.inc");
346
347	d61309a0	Phil Davis	if ($input_errors) {
348	64600f94	Sjon Hortensius	print_input_errors($input_errors);
349	d61309a0	Phil Davis	}
350	23d09a2e	Stephen Beaver
351	d61309a0	Phil Davis	if ($savemsg) {
352	f78bbe16	Phil Davis	print_info_box($savemsg, 'success');
353	d61309a0	Phil Davis	}
354	64600f94	Sjon Hortensius
355			$tab_array = array();
356	451b6419	Augustin-FL	if (!isAllowedPage("system_usermanager.php")) {
357	f94e5cc6	Augustin-FL	$tab_array[] = array(gettext("User Password"), false, "system_usermanager_passwordmg.php");
358			} else {
359			$tab_array[] = array(gettext("Users"), false, "system_usermanager.php");
360			}
361	64600f94	Sjon Hortensius	$tab_array[] = array(gettext("Groups"), true, "system_groupmanager.php");
362			$tab_array[] = array(gettext("Settings"), false, "system_usermanager_settings.php");
363	2d1f33d9	k-paulius	$tab_array[] = array(gettext("Authentication Servers"), false, "system_authservers.php");
364	64600f94	Sjon Hortensius	display_top_tabs($tab_array);
365
366	4611e283	Steve Beaver	if (!($act == "new" \|\| $act == "edit")) {
367	64600f94	Sjon Hortensius	?>
368	060ed238	Stephen Beaver	<div class="panel panel-default">
369			<div class="panel-heading"><h2 class="panel-title"><?=gettext('Groups')?></h2></div>
370			<div class="panel-body">
371			<div class="table-responsive">
372	1c10ce97	PiBa-NL	<table class="table table-striped table-hover table-condensed sortable-theme-bootstrap table-rowdblclickedit" data-sortable>
373	060ed238	Stephen Beaver	<thead>
374			<tr>
375			<th><?=gettext("Group name")?></th>
376			<th><?=gettext("Description")?></th>
377			<th><?=gettext("Member Count")?></th>
378			<th><?=gettext("Actions")?></th>
379			</tr>
380			</thead>
381			<tbody>
382	64600f94	Sjon Hortensius	<?php
383	d61309a0	Phil Davis	foreach ($a_group as $i => $group):
384			if ($group["name"] == "all") {
385	64600f94	Sjon Hortensius	$groupcount = count($config['system']['user']);
386	19028049	Renato Botelho	} elseif (is_array($group['member'])) {
387	64600f94	Sjon Hortensius	$groupcount = count($group['member']);
388	19028049	Renato Botelho	} else {
389			$groupcount = 0;
390	d61309a0	Phil Davis	}
391	64600f94	Sjon Hortensius	?>
392	060ed238	Stephen Beaver	<tr>
393			<td>
394			<?=htmlspecialchars($group['name'])?>
395			</td>
396			<td>
397			<?=htmlspecialchars($group['description'])?>
398			</td>
399			<td>
400			<?=$groupcount?>
401			</td>
402			<td>
403	4611e283	Steve Beaver	<a class="fa fa-pencil" title="<?=gettext("Edit group"); ?>" href="?act=edit&groupid=<?=$i?>"></a>
404	acd7e560	jim-p	<?php if (($group['scope'] != "system") && !$read_only): ?>
405	20231404	Steve Beaver	<a class="fa fa-trash" title="<?=gettext("Delete group")?>" href="?act=delgroup&groupid=<?=$i?>&groupname=<?=$group['name']?>" usepost></a>
406	060ed238	Stephen Beaver	<?php endif;?>
407			</td>
408			</tr>
409	64600f94	Sjon Hortensius	<?php
410			endforeach;
411	fab7ff44	Bill Marquette	?>
412	060ed238	Stephen Beaver	</tbody>
413			</table>
414			</div>
415	94404d94	Sander van Leeuwen	</div>
416	060ed238	Stephen Beaver	</div>
417
418			<nav class="action-buttons">
419	acd7e560	jim-p	<?php if (!$read_only): ?>
420	4611e283	Steve Beaver	<a href="?act=new" class="btn btn-success btn-sm">
421	060ed238	Stephen Beaver	<i class="fa fa-plus icon-embed-btn"></i>
422			<?=gettext("Add")?>
423			</a>
424	acd7e560	jim-p	<?php endif; ?>
425	060ed238	Stephen Beaver	</nav>
426	64600f94	Sjon Hortensius	<?php
427			include('foot.inc');
428			exit;
429	6b07c15a	Matthew Grooms	}
430
431	64600f94	Sjon Hortensius	$form = new Form;
432			$form->setAction('system_groupmanager.php?act=edit');
433			$form->addGlobal(new Form_Input(
434			'groupid',
435			null,
436			'hidden',
437			$id
438			));
439
440	9d3e8723	Phil Davis	if (isset($id) && $a_group[$id]) {
441	64600f94	Sjon Hortensius	$form->addGlobal(new Form_Input(
442			'id',
443			null,
444			'hidden',
445			$id
446			));
447
448			$form->addGlobal(new Form_Input(
449			'gid',
450			null,
451			'hidden',
452			$pconfig['gid']
453			));
454	61dec0b0	Renato Botelho	}
455
456	5f88f964	k-paulius	$section = new Form_Section('Group Properties');
457	82833610	Stephen Beaver
458	e6acc2ee	Sjon Hortensius	$section->addInput($input = new Form_Input(
459	64600f94	Sjon Hortensius	'groupname',
460	153c3aa6	Phil Davis	'*Group name',
461	64600f94	Sjon Hortensius	'text',
462			$pconfig['name']
463			));
464
465	d61309a0	Phil Davis	if ($pconfig['gtype'] == "system") {
466	1192840b	Sjon Hortensius	$input->setReadonly();
467	79ed8ce0	Stephen Beaver
468			$section->addInput(new Form_Input(
469			'gtype',
470	153c3aa6	Phil Davis	'*Scope',
471	79ed8ce0	Stephen Beaver	'text',
472			$pconfig['gtype']
473			))->setReadonly();
474			} else {
475			$section->addInput(new Form_Select(
476			'gtype',
477	153c3aa6	Phil Davis	'*Scope',
478	79ed8ce0	Stephen Beaver	$pconfig['gtype'],
479	82833610	Stephen Beaver	["local" => gettext("Local"), "remote" => gettext("Remote")]
480	449cac24	Renato Botelho	))->setHelp("<span class=\"text-danger\">Warning: Changing this " .
481			"setting may affect the local groups file, in which case a " .
482			"reboot may be required for the changes to take effect.</span>");
483	d61309a0	Phil Davis	}
484	e6acc2ee	Sjon Hortensius
485	64600f94	Sjon Hortensius	$section->addInput(new Form_Input(
486			'description',
487			'Description',
488			'text',
489			$pconfig['description']
490	89140b63	NOYB	))->setHelp('Group description, for administrative information only');
491	64600f94	Sjon Hortensius
492			$form->add($section);
493	d61309a0	Phil Davis
494	449cac24	Renato Botelho	/* all users group */
495			if ($pconfig['gid'] != 1998) {
496			/* Group membership */
497	2f1e91e4	Stephen Beaver	$group = new Form_Group('Group membership');
498
499	449cac24	Renato Botelho	/*
500			* Make a list of all the groups configured on the system, and a list of
501			* those which this user is a member of
502			*/
503	2f1e91e4	Stephen Beaver	$systemGroups = array();
504			$usersGroups = array();
505
506			foreach ($config['system']['user'] as $user) {
507	449cac24	Renato Botelho	if (is_array($pconfig['members']) && in_array($user['uid'],
508			$pconfig['members'])) {
509			/* Add it to the user's list */
510			$usersGroups[ $user['uid'] ] = $user['name'];
511	d61309a0	Phil Davis	} else {
512	449cac24	Renato Botelho	/* Add it to the 'not a member of' list */
513			$systemGroups[ $user['uid'] ] = $user['name'];
514	d61309a0	Phil Davis	}
515	2f1e91e4	Stephen Beaver	}
516
517			$group->add(new Form_Select(
518			'notmembers',
519			null,
520	449cac24	Renato Botelho	array_combine((array)$pconfig['groups'],
521			(array)$pconfig['groups']),
522	2f1e91e4	Stephen Beaver	$systemGroups,
523			true
524	6ef8f2e9	heper	))->setHelp('Not members');
525	64600f94	Sjon Hortensius
526	2f1e91e4	Stephen Beaver	$group->add(new Form_Select(
527	64600f94	Sjon Hortensius	'members',
528	2f1e91e4	Stephen Beaver	null,
529	449cac24	Renato Botelho	array_combine((array)$pconfig['groups'],
530			(array)$pconfig['groups']),
531	2f1e91e4	Stephen Beaver	$usersGroups,
532	64600f94	Sjon Hortensius	true
533	6ef8f2e9	heper	))->setHelp('Members');
534	2f1e91e4	Stephen Beaver
535			$section->add($group);
536
537			$group = new Form_Group('');
538
539			$group->add(new Form_Button(
540			'movetoenabled',
541	faab522f	Renato Botelho	'Move to "Members"',
542	37676f4e	jim-p	null,
543			'fa-angle-double-right'
544	449cac24	Renato Botelho	))->setAttribute('type','button')->removeClass('btn-primary')->addClass(
545			'btn-info btn-sm');
546	2f1e91e4	Stephen Beaver
547			$group->add(new Form_Button(
548			'movetodisabled',
549	faab522f	Renato Botelho	'Move to "Not members',
550	37676f4e	jim-p	null,
551			'fa-angle-double-left'
552	449cac24	Renato Botelho	))->setAttribute('type','button')->removeClass('btn-primary')->addClass(
553			'btn-info btn-sm');
554	2f1e91e4	Stephen Beaver
555	449cac24	Renato Botelho	$group->setHelp(
556			'Hold down CTRL (PC)/COMMAND (Mac) key to select multiple items.');
557	2f1e91e4	Stephen Beaver	$section->add($group);
558	64600f94	Sjon Hortensius
559	6b07c15a	Matthew Grooms	}
560
561	7af38087	jim-p	if (isset($pconfig['gid'])) {
562	64600f94	Sjon Hortensius	$section = new Form_Section('Assigned Privileges');
563
564			$section->addInput(new Form_StaticText(
565			null,
566	2f1e91e4	Stephen Beaver	build_priv_table()
567	64600f94	Sjon Hortensius	));
568	6b07c15a	Matthew Grooms
569	2f1e91e4	Stephen Beaver
570	64600f94	Sjon Hortensius	$form->add($section);
571	6b07c15a	Matthew Grooms	}
572
573	64600f94	Sjon Hortensius	print $form;
574	2f1e91e4	Stephen Beaver	?>
575	8fd9052f	Colin Fleming	<script type="text/javascript">
576	2f1e91e4	Stephen Beaver	//<![CDATA[
577	d61309a0	Phil Davis	events.push(function() {
578	2f1e91e4	Stephen Beaver
579			// On click . .
580			$("#movetodisabled").click(function() {
581	449cac24	Renato Botelho	moveOptions($('[name="members[]"] option'),
582			$('[name="notmembers[]"]'));
583	2f1e91e4	Stephen Beaver	});
584
585			$("#movetoenabled").click(function() {
586	449cac24	Renato Botelho	moveOptions($('[name="notmembers[]"] option'),
587			$('[name="members[]"]'));
588	2f1e91e4	Stephen Beaver	});
589
590			// On submit mark all the user's groups as "selected"
591	d61309a0	Phil Davis	$('form').submit(function() {
592	2f1e91e4	Stephen Beaver	AllServers($('[name="members[]"] option'), true);
593			});
594			});
595			//]]>
596			</script>
597			<?php
598	854fa106	heper	include('foot.inc');

Project

General

Profile

pfSense