/usr/local/www/system_groupmanager.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/system_groupmanager.php @ cffc7ec1

1	4c291f4c	Renato Botelho	<?php
2	fab7ff44	Bill Marquette	/*
3	4c291f4c	Renato Botelho	$Id: system_groupmanager.php
4	d88c6a9f	Scott Ullrich	part of m0n0wall (http://m0n0.ch/wall)
5	29aef6c4	Jim Thompson	part of pfSense
6
7	ce77a9c4	Phil Davis	Copyright (C) 2013-2015 Electric Sheep Fencing, LP
8	29aef6c4	Jim Thompson	All rights reserved.
9	d88c6a9f	Scott Ullrich
10	6b07c15a	Matthew Grooms	Copyright (C) 2008 Shrew Soft Inc.
11	4c291f4c	Renato Botelho	All rights reserved.
12	6b07c15a	Matthew Grooms
13	d88c6a9f	Scott Ullrich	Copyright (C) 2005 Paul Taylor <paultaylor@winn-dixie.com>.
14	4c291f4c	Renato Botelho	All rights reserved.
15	d88c6a9f	Scott Ullrich
16			Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>.
17			All rights reserved.
18	4c291f4c	Renato Botelho
19	d88c6a9f	Scott Ullrich	Redistribution and use in source and binary forms, with or without
20			modification, are permitted provided that the following conditions are met:
21	4c291f4c	Renato Botelho
22	d88c6a9f	Scott Ullrich	1. Redistributions of source code must retain the above copyright notice,
23			this list of conditions and the following disclaimer.
24	4c291f4c	Renato Botelho
25	d88c6a9f	Scott Ullrich	2. Redistributions in binary form must reproduce the above copyright
26			notice, this list of conditions and the following disclaimer in the
27			documentation and/or other materials provided with the distribution.
28	4c291f4c	Renato Botelho
29	d88c6a9f	Scott Ullrich	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
30			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
31			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
32			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
33			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
34			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
35			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
36			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
37			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
38			POSSIBILITY OF SUCH DAMAGE.
39	fab7ff44	Bill Marquette	*/
40	1d333258	Scott Ullrich	/*
41			pfSense_MODULE: auth
42			*/
43	fab7ff44	Bill Marquette
44	6b07c15a	Matthew Grooms	##\|+PRIV
45			##\|*IDENT=page-system-groupmanager
46			##\|*NAME=System: Group manager page
47			##\|*DESCR=Allow access to the 'System: Group manager' page.
48			##\|MATCH=system_groupmanager.php
49			##\|-PRIV
50	fab7ff44	Bill Marquette
51	3fa86ecd	sullrich	require("guiconfig.inc");
52	d88c6a9f	Scott Ullrich
53	bbf825ab	Vinicius Coque	$pgtitle = array(gettext("System"), gettext("Group manager"));
54	fab7ff44	Bill Marquette
55	6b07c15a	Matthew Grooms	if (!is_array($config['system']['group']))
56			$config['system']['group'] = array();
57	d81c2ad1	Scott Ullrich
58	6b07c15a	Matthew Grooms	$a_group = &$config['system']['group'];
59	d81c2ad1	Scott Ullrich
60	7ea27b0d	Renato Botelho	unset($id);
61			if (isset($_POST['groupid']) && is_numericint($_POST['groupid']))
62			$id = $_POST['groupid'];
63	64600f94	Sjon Hortensius	elseif (isset($_GET['groupid']) && is_numericint($_GET['groupid']))
64			$id = $_GET['groupid'];
65	d81c2ad1	Scott Ullrich
66	64600f94	Sjon Hortensius	if ($_POST['act'] == "delgroup") {
67	7ea27b0d	Renato Botelho
68			if (!isset($id) \|\| !isset($_POST['groupname']) \|\| !isset($a_group[$id]) \|\| ($_POST['groupname'] != $a_group[$id]['name'])) {
69	6b07c15a	Matthew Grooms	pfSenseHeader("system_groupmanager.php");
70			exit;
71			}
72	31b53653	Scott Ullrich
73	920dbb26	Renato Botelho	conf_mount_rw();
74	7ea27b0d	Renato Botelho	local_group_del($a_group[$id]);
75	920dbb26	Renato Botelho	conf_mount_ro();
76	7ea27b0d	Renato Botelho	$groupdeleted = $a_group[$id]['name'];
77			unset($a_group[$id]);
78	6b07c15a	Matthew Grooms	write_config();
79			$savemsg = gettext("Group")." {$groupdeleted} ".
80	7ea27b0d	Renato Botelho	gettext("successfully deleted")."<br />";
81	fab7ff44	Bill Marquette	}
82	d88c6a9f	Scott Ullrich
83	64600f94	Sjon Hortensius	if ($_GET['act'] == "edit") {
84			// This used to be a separate act=delpriv
85			if (isset($a_group[$id]) && !empty($_POST['delpriv'])) {
86			foreach ($_POST['delpriv'] as $i)
87			unset($a_group[$id]['priv'][ $i ]);
88	6b07c15a	Matthew Grooms
89	64600f94	Sjon Hortensius	if (is_array($a_group[$id]['member'])) {
90			foreach ($a_group[$id]['member'] as $uid) {
91			$user = getUserEntryByUID($uid);
92			if ($user)
93			local_user_set($user);
94			}
95	2ee08031	Erik Fonnesbeck	}
96	6b07c15a	Matthew Grooms
97	64600f94	Sjon Hortensius	write_config();
98			}
99	45ee90ed	Matthew Grooms
100	7ea27b0d	Renato Botelho	if (isset($id) && isset($a_group[$id])) {
101	45ee90ed	Matthew Grooms	$pconfig['name'] = $a_group[$id]['name'];
102	6b07c15a	Matthew Grooms	$pconfig['gid'] = $a_group[$id]['gid'];
103			$pconfig['gtype'] = $a_group[$id]['scope'];
104	45ee90ed	Matthew Grooms	$pconfig['description'] = $a_group[$id]['description'];
105	6b07c15a	Matthew Grooms	$pconfig['members'] = $a_group[$id]['member'];
106			$pconfig['priv'] = $a_group[$id]['priv'];
107	45ee90ed	Matthew Grooms	}
108			}
109	6b07c15a	Matthew Grooms
110	7ea27b0d	Renato Botelho	if (isset($_POST['save'])) {
111	d88c6a9f	Scott Ullrich	unset($input_errors);
112			$pconfig = $_POST;
113
114			/* input validation */
115			$reqdfields = explode(" ", "groupname");
116	b4fd804b	Carlos Eduardo Ramos	$reqdfieldsn = array(gettext("Group Name"));
117	4c291f4c	Renato Botelho
118	1e9b4611	Renato Botelho	do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
119	4c291f4c	Renato Botelho
120	d88c6a9f	Scott Ullrich	if (preg_match("/[^a-zA-Z0-9\.\-_ ]/", $_POST['groupname']))
121	bbf825ab	Vinicius Coque	$input_errors[] = gettext("The group name contains invalid characters.");
122	4c291f4c	Renato Botelho
123	3db408b3	PiBa-NL	if (strlen($_POST['groupname']) > 16)
124			$input_errors[] = gettext("The group name is longer than 16 characters.");
125	4c291f4c	Renato Botelho
126	d88c6a9f	Scott Ullrich	if (!$input_errors && !(isset($id) && $a_group[$id])) {
127			/* make sure there are no dupes */
128			foreach ($a_group as $group) {
129			if ($group['name'] == $_POST['groupname']) {
130	bbf825ab	Vinicius Coque	$input_errors[] = gettext("Another entry with the same group name already exists.");
131	d88c6a9f	Scott Ullrich	break;
132			}
133			}
134			}
135	4c291f4c	Renato Botelho
136	d88c6a9f	Scott Ullrich	if (!$input_errors) {
137	45ee90ed	Matthew Grooms	$group = array();
138	d88c6a9f	Scott Ullrich	if (isset($id) && $a_group[$id])
139			$group = $a_group[$id];
140	4c291f4c	Renato Botelho
141	d88c6a9f	Scott Ullrich	$group['name'] = $_POST['groupname'];
142			$group['description'] = $_POST['description'];
143	45ee90ed	Matthew Grooms
144	70d6b5c4	Ermal	if (empty($_POST['members']))
145			unset($group['member']);
146			else if ($group['gid'] != 1998) // all group
147	6b07c15a	Matthew Grooms	$group['member'] = $_POST['members'];
148	45ee90ed	Matthew Grooms
149	d88c6a9f	Scott Ullrich	if (isset($id) && $a_group[$id])
150			$a_group[$id] = $group;
151	45ee90ed	Matthew Grooms	else {
152			$group['gid'] = $config['system']['nextgid']++;
153	d88c6a9f	Scott Ullrich	$a_group[] = $group;
154	45ee90ed	Matthew Grooms	}
155
156	920dbb26	Renato Botelho	conf_mount_rw();
157	659fa7f2	Matthew Grooms	local_group_set($group);
158	920dbb26	Renato Botelho	conf_mount_ro();
159	2a0e8512	jim-p
160			/* Refresh users in this group since their privileges may have changed. */
161	5709072a	jim-p	if (is_array($group['member'])) {
162			$a_user = &$config['system']['user'];
163			foreach ($a_user as & $user) {
164			if (in_array($user['uid'], $group['member']))
165			local_user_set($user);
166			}
167	2a0e8512	jim-p	}
168
169	d88c6a9f	Scott Ullrich	write_config();
170	4c291f4c	Renato Botelho
171	d88c6a9f	Scott Ullrich	header("Location: system_groupmanager.php");
172			exit;
173			}
174	fab7ff44	Bill Marquette	}
175
176			include("head.inc");
177
178	64600f94	Sjon Hortensius	if ($input_errors)
179			print_input_errors($input_errors);
180			if ($savemsg)
181			print_info_box($savemsg);
182
183			$tab_array = array();
184			$tab_array[] = array(gettext("Users"), false, "system_usermanager.php");
185			$tab_array[] = array(gettext("Groups"), true, "system_groupmanager.php");
186			$tab_array[] = array(gettext("Settings"), false, "system_usermanager_settings.php");
187			$tab_array[] = array(gettext("Servers"), false, "system_authservers.php");
188			display_top_tabs($tab_array);
189
190			if (!($_GET['act'] == "new" \|\| $_GET['act'] == "edit"))
191			{
192			?>
193	94404d94	Sander van Leeuwen	<div class="table-responsive">
194			<table class="table table-striped table-hover">
195			<thead>
196			<tr>
197			<th><?=gettext("Group name")?></th>
198			<th><?=gettext("Description")?></th>
199			<th><?=gettext("Member Count")?></th>
200			<th></th>
201			</tr>
202			</thead>
203			<tbody>
204	64600f94	Sjon Hortensius	<?php
205			foreach($a_group as $i => $group):
206			if ($group["name"] == "all")
207			$groupcount = count($config['system']['user']);
208			else
209			$groupcount = count($group['member']);
210			?>
211	94404d94	Sander van Leeuwen	<tr>
212			<td>
213			<?=htmlspecialchars($group['name'])?>
214			</td>
215			<td>
216			<?=htmlspecialchars($group['description'])?>
217			</td>
218			<td>
219			<?=$groupcount?>
220			</td>
221			<td>
222			<a href="?act=edit&groupid=<?=$i?>" class="btn btn-xs btn-primary">edit</a>
223			<?php if($group['scope'] != "system"): ?>
224			<a href="?act=delgroup&groupid=<?=$i?>&groupname=<?=$group['name']?>" class="btn btn-xs btn-danger">delete</a>
225			<?php endif;?>
226			</td>
227			</tr>
228	64600f94	Sjon Hortensius	<?php
229			endforeach;
230	fab7ff44	Bill Marquette	?>
231	94404d94	Sander van Leeuwen	</tbody>
232			</table>
233			</div>
234	45ee90ed	Matthew Grooms
235	94404d94	Sander van Leeuwen	<nav class="action-buttons">
236			<a href="?act=new" class="btn btn-success">add new</a>
237			</nav>
238	64600f94	Sjon Hortensius	<?php
239			include('foot.inc');
240			exit;
241	6b07c15a	Matthew Grooms	}
242
243	64600f94	Sjon Hortensius	require('classes/Form.class.php');
244			$form = new Form;
245			$form->setAction('system_groupmanager.php?act=edit');
246			$form->addGlobal(new Form_Input(
247			'groupid',
248			null,
249			'hidden',
250			$id
251			));
252
253			if (isset($id) && $a_group[$id]){
254			$form->addGlobal(new Form_Input(
255			'id',
256			null,
257			'hidden',
258			$id
259			));
260
261			$form->addGlobal(new Form_Input(
262			'gid',
263			null,
264			'hidden',
265			$pconfig['gid']
266			));
267	61dec0b0	Renato Botelho	}
268
269	64600f94	Sjon Hortensius	$section = new Form_Section('Group properties');
270
271			if ($_GET['act'] != "new")
272			{
273			$section->addInput(new Form_StaticText(
274			'Defined by',
275			strtoupper($pconfig['gtype'])
276			));
277	6b07c15a	Matthew Grooms	}
278
279	e6acc2ee	Sjon Hortensius	$section->addInput($input = new Form_Input(
280	64600f94	Sjon Hortensius	'groupname',
281			'Group name',
282			'text',
283			$pconfig['name']
284			));
285
286	e6acc2ee	Sjon Hortensius	if ($pconfig['gtype'] == "system")
287	1192840b	Sjon Hortensius	$input->setReadonly();
288	e6acc2ee	Sjon Hortensius
289	64600f94	Sjon Hortensius	$section->addInput(new Form_Input(
290			'description',
291			'Description',
292			'text',
293			$pconfig['description']
294			))->setHelp('Group description, for your own information only');
295
296			$form->add($section);
297			if ($pconfig['gid'] != 1998) // all users group
298			{
299			$section = new Form_Section('Group Memberships');
300
301			$allUsers = array_map(function($u){ return $u['name']; }, $config['system']['user']);
302			$section->addInput(new Form_Select(
303			'members',
304			'Members',
305			$pconfig['members'],
306			$allUsers,
307			true
308			))->setHelp('Hold down CTRL (pc)/COMMAND (mac) key to select');
309
310			$form->add($section);
311	6b07c15a	Matthew Grooms	}
312
313	64600f94	Sjon Hortensius	if ($_GET['act'] != "new")
314			{
315			$section = new Form_Section('Assigned Privileges');
316
317			foreach ((array)$pconfig['priv'] as $i => $priv)
318			{
319			// We reverse name and action for readability of longer names
320			$group = new Form_Group('Revoke privilege');
321
322			$group->add(new Form_Checkbox(
323			'delpriv[]',
324			null,
325			$priv_list[ $priv ]['name'],
326			false,
327			$i
328			));
329
330			$section->add($group);
331	6b07c15a	Matthew Grooms	}
332
333	64600f94	Sjon Hortensius	$section->addInput(new Form_StaticText(
334			null,
335			new Form_Button(null, 'grant more privileges', 'system_groupmanager_addprivs.php?groupid='. $id)
336			));
337	6b07c15a	Matthew Grooms
338	64600f94	Sjon Hortensius	$form->add($section);
339	6b07c15a	Matthew Grooms	}
340
341	64600f94	Sjon Hortensius	print $form;
342	e30001cf	Matthew Grooms
343	64600f94	Sjon Hortensius	include('foot.inc');

Project

General

Profile

pfSense