/src/usr/local/www/system_groupmanager.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/src/usr/local/www/system_groupmanager.php @ e5c893cd

1	4c291f4c	Renato Botelho	<?php
2	fab7ff44	Bill Marquette	/*
3	c5d81585	Renato Botelho	* system_groupmanager.php
4	191cb31d	Stephen Beaver	*
5	c5d81585	Renato Botelho	* part of pfSense (https://www.pfsense.org)
6	4a762cf0	Steve Beaver	* Copyright (c) 2004-2019 Rubicon Communications, LLC (Netgate)
7	c5d81585	Renato Botelho	* Copyright (c) 2005 Paul Taylor <paultaylor@winn-dixie.com>
8			* Copyright (c) 2008 Shrew Soft Inc
9			* All rights reserved.
10	f74457df	Stephen Beaver	*
11	c5d81585	Renato Botelho	* originally based on m0n0wall (http://m0n0.ch/wall)
12			* Copyright (c) 2003-2004 Manuel Kasper <mk@neon1.net>.
13			* All rights reserved.
14	f74457df	Stephen Beaver	*
15	b12ea3fb	Renato Botelho	* Licensed under the Apache License, Version 2.0 (the "License");
16			* you may not use this file except in compliance with the License.
17			* You may obtain a copy of the License at
18	f74457df	Stephen Beaver	*
19	b12ea3fb	Renato Botelho	* http://www.apache.org/licenses/LICENSE-2.0
20	f74457df	Stephen Beaver	*
21	b12ea3fb	Renato Botelho	* Unless required by applicable law or agreed to in writing, software
22			* distributed under the License is distributed on an "AS IS" BASIS,
23			* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
24			* See the License for the specific language governing permissions and
25			* limitations under the License.
26	f74457df	Stephen Beaver	*/
27	fab7ff44	Bill Marquette
28	6b07c15a	Matthew Grooms	##\|+PRIV
29			##\|*IDENT=page-system-groupmanager
30	48157a04	Phil Davis	##\|*NAME=System: Group Manager
31			##\|*DESCR=Allow access to the 'System: Group Manager' page.
32	57188e47	Phil Davis	##\|*WARN=standard-warning-root
33	6b07c15a	Matthew Grooms	##\|MATCH=system_groupmanager.php
34			##\|-PRIV
35	fab7ff44	Bill Marquette
36	c81ef6e2	Phil Davis	require_once("guiconfig.inc");
37	15c74b5b	doktornotor	require_once("pfsense-utils.inc");
38	d88c6a9f	Scott Ullrich
39	3fa6d462	jim-p	$logging_level = LOG_WARNING;
40			$logging_prefix = gettext("Local User Database");
41
42	ea0dd417	jim-p	init_config_arr(array('system', 'group'));
43	6b07c15a	Matthew Grooms	$a_group = &$config['system']['group'];
44	d81c2ad1	Scott Ullrich
45	7ea27b0d	Renato Botelho	unset($id);
46	4611e283	Steve Beaver	$id = $_REQUEST['groupid'];
47			$act = (isset($_REQUEST['act']) ? $_REQUEST['act'] : '');
48	31b53653	Scott Ullrich
49	06683083	Stephen Beaver	function cpusercmp($a, $b) {
50			return strcasecmp($a['name'], $b['name']);
51			}
52	23d09a2e	Stephen Beaver
53	06683083	Stephen Beaver	function admin_groups_sort() {
54			global $a_group;
55
56			if (!is_array($a_group)) {
57			return;
58			}
59
60			usort($a_group, "cpusercmp");
61			}
62
63	585bbbd3	jim-p	/*
64			* Check user privileges to test if the user is allowed to make changes.
65			* Otherwise users can end up in an inconsistent state where some changes are
66			* performed and others denied. See https://redmine.pfsense.org/issues/9259
67			*/
68			phpsession_begin();
69			$guiuser = getUserEntry($_SESSION['Username']);
70			$read_only = (is_array($guiuser) && userHasPrivilege($guiuser, "user-config-readonly"));
71			phpsession_end();
72
73			if (!empty($_POST) && $read_only) {
74			$input_errors = array(gettext("Insufficient privileges to make the requested change (read only)."));
75			}
76
77			if (($_POST['act'] == "delgroup") && !$read_only) {
78	7ea27b0d	Renato Botelho
79	449cac24	Renato Botelho	if (!isset($id) \|\| !isset($_REQUEST['groupname']) \|\|
80			!isset($a_group[$id]) \|\|
81			($_REQUEST['groupname'] != $a_group[$id]['name'])) {
82	6b07c15a	Matthew Grooms	pfSenseHeader("system_groupmanager.php");
83			exit;
84			}
85	31b53653	Scott Ullrich
86	7ea27b0d	Renato Botelho	local_group_del($a_group[$id]);
87			$groupdeleted = $a_group[$id]['name'];
88			unset($a_group[$id]);
89	449cac24	Renato Botelho	/*
90			* Reindex the array to avoid operating on an incorrect index
91			* https://redmine.pfsense.org/issues/7733
92			*/
93	92c27793	jim-p	$a_group = array_values($a_group);
94	3fa6d462	jim-p
95	449cac24	Renato Botelho	$savemsg = sprintf(gettext("Successfully deleted group: %s"),
96			$groupdeleted);
97	3fa6d462	jim-p	write_config($savemsg);
98			syslog($logging_level, "{$logging_prefix}: {$savemsg}");
99	fab7ff44	Bill Marquette	}
100	d88c6a9f	Scott Ullrich
101	585bbbd3	jim-p	if (($_POST['act'] == "delpriv") && !$read_only) {
102	6b07c15a	Matthew Grooms
103	7ea27b0d	Renato Botelho	if (!isset($id) \|\| !isset($a_group[$id])) {
104	6b07c15a	Matthew Grooms	pfSenseHeader("system_groupmanager.php");
105			exit;
106			}
107	fab7ff44	Bill Marquette
108	449cac24	Renato Botelho	$privdeleted =
109			$priv_list[$a_group[$id]['priv'][$_REQUEST['privid']]]['name'];
110	4611e283	Steve Beaver	unset($a_group[$id]['priv'][$_REQUEST['privid']]);
111	6b07c15a	Matthew Grooms
112	2ee08031	Erik Fonnesbeck	if (is_array($a_group[$id]['member'])) {
113			foreach ($a_group[$id]['member'] as $uid) {
114			$user = getUserEntryByUID($uid);
115	e0c7b2fe	Phil Davis	if ($user) {
116	2ee08031	Erik Fonnesbeck	local_user_set($user);
117	64600f94	Sjon Hortensius	}
118	2ee08031	Erik Fonnesbeck	}
119	64600f94	Sjon Hortensius	}
120	45ee90ed	Matthew Grooms
121	449cac24	Renato Botelho	$savemsg = sprintf(gettext("Removed Privilege \"%s\" from group %s"),
122			$privdeleted, $a_group[$id]['name']);
123	3fa6d462	jim-p	write_config($savemsg);
124			syslog($logging_level, "{$logging_prefix}: {$savemsg}");
125
126	7ea27b0d	Renato Botelho	$act = "edit";
127	6b07c15a	Matthew Grooms	}
128	45ee90ed	Matthew Grooms
129	7ea27b0d	Renato Botelho	if ($act == "edit") {
130			if (isset($id) && isset($a_group[$id])) {
131	45ee90ed	Matthew Grooms	$pconfig['name'] = $a_group[$id]['name'];
132	6b07c15a	Matthew Grooms	$pconfig['gid'] = $a_group[$id]['gid'];
133	449cac24	Renato Botelho	$pconfig['gtype'] = empty($a_group[$id]['scope'])
134			? "local" : $a_group[$id]['scope'];
135	45ee90ed	Matthew Grooms	$pconfig['description'] = $a_group[$id]['description'];
136	6b07c15a	Matthew Grooms	$pconfig['members'] = $a_group[$id]['member'];
137			$pconfig['priv'] = $a_group[$id]['priv'];
138	45ee90ed	Matthew Grooms	}
139			}
140	6b07c15a	Matthew Grooms
141	585bbbd3	jim-p	if (isset($_POST['dellall_x']) && !$read_only) {
142	c0c5b8cc	bruno
143	20231404	Steve Beaver	$del_groups = $_POST['delete_check'];
144	3fa6d462	jim-p	$deleted_groups = array();
145	c0c5b8cc	bruno
146	e0c7b2fe	Phil Davis	if (!empty($del_groups)) {
147			foreach ($del_groups as $groupid) {
148	449cac24	Renato Botelho	if (isset($a_group[$groupid]) &&
149			$a_group[$groupid]['scope'] != "system") {
150	3fa6d462	jim-p	$deleted_groups[] = $a_group[$groupid]['name'];
151	c0c5b8cc	bruno	local_group_del($a_group[$groupid]);
152			unset($a_group[$groupid]);
153			}
154			}
155	3fa6d462	jim-p
156	449cac24	Renato Botelho	$savemsg = sprintf(gettext("Successfully deleted %s: %s"),
157			(count($deleted_groups) == 1)
158			? gettext("group") : gettext("groups"),
159			implode(', ', $deleted_groups));
160			/*
161			* Reindex the array to avoid operating on an incorrect index
162			* https://redmine.pfsense.org/issues/7733
163			*/
164	92c27793	jim-p	$a_group = array_values($a_group);
165	c0c5b8cc	bruno	write_config($savemsg);
166	3fa6d462	jim-p	syslog($logging_level, "{$logging_prefix}: {$savemsg}");
167	c0c5b8cc	bruno	}
168			}
169
170	585bbbd3	jim-p	if (isset($_POST['save']) && !$read_only) {
171	d88c6a9f	Scott Ullrich	unset($input_errors);
172			$pconfig = $_POST;
173
174			/* input validation */
175			$reqdfields = explode(" ", "groupname");
176	b4fd804b	Carlos Eduardo Ramos	$reqdfieldsn = array(gettext("Group Name"));
177	4c291f4c	Renato Botelho
178	1e9b4611	Renato Botelho	do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
179	4c291f4c	Renato Botelho
180	d7689b2c	Stephen Beaver	if ($_POST['gtype'] != "remote") {
181	79ed8ce0	Stephen Beaver	if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['groupname'])) {
182	449cac24	Renato Botelho	$input_errors[] = sprintf(gettext(
183			"The (%s) group name contains invalid characters."),
184			$_POST['gtype']);
185	79ed8ce0	Stephen Beaver	}
186	399e1385	jim-p	if (strlen($_POST['groupname']) > 16) {
187			$input_errors[] = gettext(
188			"The group name is longer than 16 characters.");
189			}
190	79ed8ce0	Stephen Beaver	} else {
191			if (preg_match("/[^a-zA-Z0-9\.\- _]/", $_POST['groupname'])) {
192	449cac24	Renato Botelho	$input_errors[] = sprintf(gettext(
193			"The (%s) group name contains invalid characters."),
194			$_POST['gtype']);
195	79ed8ce0	Stephen Beaver	}
196	e0c7b2fe	Phil Davis	}
197	4c291f4c	Renato Botelho
198	5bef2407	jim-p	/* Check the POSTed members to ensure they are valid and exist */
199	9d3e8723	Phil Davis	if (is_array($_POST['members'])) {
200	9f472202	NewEraCracker	foreach ($_POST['members'] as $newmember) {
201	449cac24	Renato Botelho	if (!is_numeric($newmember) \|\|
202			empty(getUserEntryByUID($newmember))) {
203			$input_errors[] = gettext("One or more " .
204			"invalid group members was submitted.");
205	9f472202	NewEraCracker	}
206	5bef2407	jim-p	}
207			}
208
209	d88c6a9f	Scott Ullrich	if (!$input_errors && !(isset($id) && $a_group[$id])) {
210			/* make sure there are no dupes */
211			foreach ($a_group as $group) {
212			if ($group['name'] == $_POST['groupname']) {
213	449cac24	Renato Botelho	$input_errors[] = gettext("Another entry " .
214			"with the same group name already exists.");
215	d88c6a9f	Scott Ullrich	break;
216			}
217			}
218			}
219	4c291f4c	Renato Botelho
220	d88c6a9f	Scott Ullrich	if (!$input_errors) {
221	45ee90ed	Matthew Grooms	$group = array();
222	e0c7b2fe	Phil Davis	if (isset($id) && $a_group[$id]) {
223	d88c6a9f	Scott Ullrich	$group = $a_group[$id];
224	e0c7b2fe	Phil Davis	}
225	4c291f4c	Renato Botelho
226	d88c6a9f	Scott Ullrich	$group['name'] = $_POST['groupname'];
227			$group['description'] = $_POST['description'];
228	79ed8ce0	Stephen Beaver	$group['scope'] = $_POST['gtype'];
229	45ee90ed	Matthew Grooms
230	e0c7b2fe	Phil Davis	if (empty($_POST['members'])) {
231	70d6b5c4	Ermal	unset($group['member']);
232	e0c7b2fe	Phil Davis	} else if ($group['gid'] != 1998) { // all group
233	6b07c15a	Matthew Grooms	$group['member'] = $_POST['members'];
234	e0c7b2fe	Phil Davis	}
235	45ee90ed	Matthew Grooms
236	e0c7b2fe	Phil Davis	if (isset($id) && $a_group[$id]) {
237	d88c6a9f	Scott Ullrich	$a_group[$id] = $group;
238	e0c7b2fe	Phil Davis	} else {
239	45ee90ed	Matthew Grooms	$group['gid'] = $config['system']['nextgid']++;
240	d88c6a9f	Scott Ullrich	$a_group[] = $group;
241	45ee90ed	Matthew Grooms	}
242
243	06683083	Stephen Beaver	admin_groups_sort();
244
245	659fa7f2	Matthew Grooms	local_group_set($group);
246	2a0e8512	jim-p
247	449cac24	Renato Botelho	/*
248			* Refresh users in this group since their privileges may have
249			* changed.
250			*/
251	5709072a	jim-p	if (is_array($group['member'])) {
252	ea0dd417	jim-p	init_config_arr(array('system', 'user'));
253	5709072a	jim-p	$a_user = &$config['system']['user'];
254			foreach ($a_user as & $user) {
255	e0c7b2fe	Phil Davis	if (in_array($user['uid'], $group['member'])) {
256	5709072a	jim-p	local_user_set($user);
257	e0c7b2fe	Phil Davis	}
258	5709072a	jim-p	}
259	2a0e8512	jim-p	}
260
261	dc3bc1f8	Renato Botelho	/* Sort it alphabetically */
262			usort($config['system']['group'], function($a, $b) {
263			return strcmp($a['name'], $b['name']);
264			});
265
266	449cac24	Renato Botelho	$savemsg = sprintf(gettext("Successfully %s group %s"),
267			(strlen($id) > 0) ? gettext("edited") : gettext("created"),
268			$group['name']);
269	3fa6d462	jim-p	write_config($savemsg);
270			syslog($logging_level, "{$logging_prefix}: {$savemsg}");
271	4c291f4c	Renato Botelho
272	d88c6a9f	Scott Ullrich	header("Location: system_groupmanager.php");
273			exit;
274			}
275	23d09a2e	Stephen Beaver
276			$pconfig['name'] = $_POST['groupname'];
277	fab7ff44	Bill Marquette	}
278
279	2f1e91e4	Stephen Beaver	function build_priv_table() {
280	585bbbd3	jim-p	global $a_group, $id, $read_only;
281	2f1e91e4	Stephen Beaver
282			$privhtml = '<div class="table-responsive">';
283			$privhtml .= '<table class="table table-striped table-hover table-condensed">';
284			$privhtml .= '<thead>';
285	70da45c9	NOYB	$privhtml .= '<tr>';
286			$privhtml .= '<th>' . gettext('Name') . '</th>';
287			$privhtml .= '<th>' . gettext('Description') . '</th>';
288			$privhtml .= '<th>' . gettext('Action') . '</th>';
289			$privhtml .= '</tr>';
290	2f1e91e4	Stephen Beaver	$privhtml .= '</thead>';
291			$privhtml .= '<tbody>';
292
293	57188e47	Phil Davis	$user_has_root_priv = false;
294
295	2f1e91e4	Stephen Beaver	foreach (get_user_privdesc($a_group[$id]) as $i => $priv) {
296			$privhtml .= '<tr>';
297			$privhtml .= '<td>' . htmlspecialchars($priv['name']) . '</td>';
298	57188e47	Phil Davis	$privhtml .= '<td>' . htmlspecialchars($priv['descr']);
299			if (isset($priv['warn']) && ($priv['warn'] == 'standard-warning-root')) {
300	21312954	Phil Davis	$privhtml .= ' ' . gettext('(admin privilege)');
301	57188e47	Phil Davis	$user_has_root_priv = true;
302			}
303			$privhtml .= '</td>';
304	585bbbd3	jim-p	if (!$read_only) {
305			$privhtml .= '<td><a class="fa fa-trash" title="' . gettext('Delete Privilege') . '" href="system_groupmanager.php?act=delpriv&groupid=' . $id . '&privid=' . $i . '" usepost></a></td>';
306			}
307	2f1e91e4	Stephen Beaver	$privhtml .= '</tr>';
308	d61309a0	Phil Davis
309	2f1e91e4	Stephen Beaver	}
310
311	57188e47	Phil Davis	if ($user_has_root_priv) {
312			$privhtml .= '<tr>';
313			$privhtml .= '<td colspan="2">';
314	9187d6f7	Phil Davis	$privhtml .= '<b>' . gettext('Security notice: Users in this group effectively have administrator-level access') . '</b>';
315	57188e47	Phil Davis	$privhtml .= '</td>';
316			$privhtml .= '<td>';
317			$privhtml .= '</td>';
318			$privhtml .= '</tr>';
319	20231404	Steve Beaver
320	57188e47	Phil Davis	}
321
322	2f1e91e4	Stephen Beaver	$privhtml .= '</tbody>';
323			$privhtml .= '</table>';
324			$privhtml .= '</div>';
325
326			$privhtml .= '<nav class="action-buttons">';
327	585bbbd3	jim-p	if (!$read_only) {
328			$privhtml .= '<a href="system_groupmanager_addprivs.php?groupid=' . $id . '" class="btn btn-success"><i class="fa fa-plus icon-embed-btn"></i>' . gettext("Add") . '</a>';
329			}
330	2f1e91e4	Stephen Beaver	$privhtml .= '</nav>';
331
332			return($privhtml);
333			}
334
335	8f1ab2a4	k-paulius	$pgtitle = array(gettext("System"), gettext("User Manager"), gettext("Groups"));
336	edcd7535	Phil Davis	$pglinks = array("", "system_usermanager.php", "system_groupmanager.php");
337	8f1ab2a4	k-paulius
338			if ($act == "new" \|\| $act == "edit") {
339			$pgtitle[] = gettext('Edit');
340	edcd7535	Phil Davis	$pglinks[] = "@self";
341	8f1ab2a4	k-paulius	}
342	23d09a2e	Stephen Beaver
343	fab7ff44	Bill Marquette	include("head.inc");
344
345	d61309a0	Phil Davis	if ($input_errors) {
346	64600f94	Sjon Hortensius	print_input_errors($input_errors);
347	d61309a0	Phil Davis	}
348	23d09a2e	Stephen Beaver
349	d61309a0	Phil Davis	if ($savemsg) {
350	f78bbe16	Phil Davis	print_info_box($savemsg, 'success');
351	d61309a0	Phil Davis	}
352	64600f94	Sjon Hortensius
353			$tab_array = array();
354			$tab_array[] = array(gettext("Users"), false, "system_usermanager.php");
355			$tab_array[] = array(gettext("Groups"), true, "system_groupmanager.php");
356			$tab_array[] = array(gettext("Settings"), false, "system_usermanager_settings.php");
357	2d1f33d9	k-paulius	$tab_array[] = array(gettext("Authentication Servers"), false, "system_authservers.php");
358	64600f94	Sjon Hortensius	display_top_tabs($tab_array);
359
360	4611e283	Steve Beaver	if (!($act == "new" \|\| $act == "edit")) {
361	64600f94	Sjon Hortensius	?>
362	060ed238	Stephen Beaver	<div class="panel panel-default">
363			<div class="panel-heading"><h2 class="panel-title"><?=gettext('Groups')?></h2></div>
364			<div class="panel-body">
365			<div class="table-responsive">
366	1c10ce97	PiBa-NL	<table class="table table-striped table-hover table-condensed sortable-theme-bootstrap table-rowdblclickedit" data-sortable>
367	060ed238	Stephen Beaver	<thead>
368			<tr>
369			<th><?=gettext("Group name")?></th>
370			<th><?=gettext("Description")?></th>
371			<th><?=gettext("Member Count")?></th>
372			<th><?=gettext("Actions")?></th>
373			</tr>
374			</thead>
375			<tbody>
376	64600f94	Sjon Hortensius	<?php
377	d61309a0	Phil Davis	foreach ($a_group as $i => $group):
378			if ($group["name"] == "all") {
379	64600f94	Sjon Hortensius	$groupcount = count($config['system']['user']);
380	19028049	Renato Botelho	} elseif (is_array($group['member'])) {
381	64600f94	Sjon Hortensius	$groupcount = count($group['member']);
382	19028049	Renato Botelho	} else {
383			$groupcount = 0;
384	d61309a0	Phil Davis	}
385	64600f94	Sjon Hortensius	?>
386	060ed238	Stephen Beaver	<tr>
387			<td>
388			<?=htmlspecialchars($group['name'])?>
389			</td>
390			<td>
391			<?=htmlspecialchars($group['description'])?>
392			</td>
393			<td>
394			<?=$groupcount?>
395			</td>
396			<td>
397	4611e283	Steve Beaver	<a class="fa fa-pencil" title="<?=gettext("Edit group"); ?>" href="?act=edit&groupid=<?=$i?>"></a>
398	585bbbd3	jim-p	<?php if (($group['scope'] != "system") && !$read_only): ?>
399	20231404	Steve Beaver	<a class="fa fa-trash" title="<?=gettext("Delete group")?>" href="?act=delgroup&groupid=<?=$i?>&groupname=<?=$group['name']?>" usepost></a>
400	060ed238	Stephen Beaver	<?php endif;?>
401			</td>
402			</tr>
403	64600f94	Sjon Hortensius	<?php
404			endforeach;
405	fab7ff44	Bill Marquette	?>
406	060ed238	Stephen Beaver	</tbody>
407			</table>
408			</div>
409	94404d94	Sander van Leeuwen	</div>
410	060ed238	Stephen Beaver	</div>
411
412			<nav class="action-buttons">
413	585bbbd3	jim-p	<?php if (!$read_only): ?>
414	4611e283	Steve Beaver	<a href="?act=new" class="btn btn-success btn-sm">
415	060ed238	Stephen Beaver	<i class="fa fa-plus icon-embed-btn"></i>
416			<?=gettext("Add")?>
417			</a>
418	585bbbd3	jim-p	<?php endif; ?>
419	060ed238	Stephen Beaver	</nav>
420	64600f94	Sjon Hortensius	<?php
421			include('foot.inc');
422			exit;
423	6b07c15a	Matthew Grooms	}
424
425	64600f94	Sjon Hortensius	$form = new Form;
426			$form->setAction('system_groupmanager.php?act=edit');
427			$form->addGlobal(new Form_Input(
428			'groupid',
429			null,
430			'hidden',
431			$id
432			));
433
434	9d3e8723	Phil Davis	if (isset($id) && $a_group[$id]) {
435	64600f94	Sjon Hortensius	$form->addGlobal(new Form_Input(
436			'id',
437			null,
438			'hidden',
439			$id
440			));
441
442			$form->addGlobal(new Form_Input(
443			'gid',
444			null,
445			'hidden',
446			$pconfig['gid']
447			));
448	61dec0b0	Renato Botelho	}
449
450	5f88f964	k-paulius	$section = new Form_Section('Group Properties');
451	82833610	Stephen Beaver
452	e6acc2ee	Sjon Hortensius	$section->addInput($input = new Form_Input(
453	64600f94	Sjon Hortensius	'groupname',
454	153c3aa6	Phil Davis	'*Group name',
455	64600f94	Sjon Hortensius	'text',
456			$pconfig['name']
457			));
458
459	d61309a0	Phil Davis	if ($pconfig['gtype'] == "system") {
460	1192840b	Sjon Hortensius	$input->setReadonly();
461	79ed8ce0	Stephen Beaver
462			$section->addInput(new Form_Input(
463			'gtype',
464	153c3aa6	Phil Davis	'*Scope',
465	79ed8ce0	Stephen Beaver	'text',
466			$pconfig['gtype']
467			))->setReadonly();
468			} else {
469			$section->addInput(new Form_Select(
470			'gtype',
471	153c3aa6	Phil Davis	'*Scope',
472	79ed8ce0	Stephen Beaver	$pconfig['gtype'],
473	82833610	Stephen Beaver	["local" => gettext("Local"), "remote" => gettext("Remote")]
474	449cac24	Renato Botelho	))->setHelp("<span class=\"text-danger\">Warning: Changing this " .
475			"setting may affect the local groups file, in which case a " .
476			"reboot may be required for the changes to take effect.</span>");
477	d61309a0	Phil Davis	}
478	e6acc2ee	Sjon Hortensius
479	64600f94	Sjon Hortensius	$section->addInput(new Form_Input(
480			'description',
481			'Description',
482			'text',
483			$pconfig['description']
484	89140b63	NOYB	))->setHelp('Group description, for administrative information only');
485	64600f94	Sjon Hortensius
486			$form->add($section);
487	d61309a0	Phil Davis
488	449cac24	Renato Botelho	/* all users group */
489			if ($pconfig['gid'] != 1998) {
490			/* Group membership */
491	2f1e91e4	Stephen Beaver	$group = new Form_Group('Group membership');
492
493	449cac24	Renato Botelho	/*
494			* Make a list of all the groups configured on the system, and a list of
495			* those which this user is a member of
496			*/
497	2f1e91e4	Stephen Beaver	$systemGroups = array();
498			$usersGroups = array();
499
500			foreach ($config['system']['user'] as $user) {
501	449cac24	Renato Botelho	if (is_array($pconfig['members']) && in_array($user['uid'],
502			$pconfig['members'])) {
503			/* Add it to the user's list */
504			$usersGroups[ $user['uid'] ] = $user['name'];
505	d61309a0	Phil Davis	} else {
506	449cac24	Renato Botelho	/* Add it to the 'not a member of' list */
507			$systemGroups[ $user['uid'] ] = $user['name'];
508	d61309a0	Phil Davis	}
509	2f1e91e4	Stephen Beaver	}
510
511			$group->add(new Form_Select(
512			'notmembers',
513			null,
514	449cac24	Renato Botelho	array_combine((array)$pconfig['groups'],
515			(array)$pconfig['groups']),
516	2f1e91e4	Stephen Beaver	$systemGroups,
517			true
518	6ef8f2e9	heper	))->setHelp('Not members');
519	64600f94	Sjon Hortensius
520	2f1e91e4	Stephen Beaver	$group->add(new Form_Select(
521	64600f94	Sjon Hortensius	'members',
522	2f1e91e4	Stephen Beaver	null,
523	449cac24	Renato Botelho	array_combine((array)$pconfig['groups'],
524			(array)$pconfig['groups']),
525	2f1e91e4	Stephen Beaver	$usersGroups,
526	64600f94	Sjon Hortensius	true
527	6ef8f2e9	heper	))->setHelp('Members');
528	2f1e91e4	Stephen Beaver
529			$section->add($group);
530
531			$group = new Form_Group('');
532
533			$group->add(new Form_Button(
534			'movetoenabled',
535	faab522f	Renato Botelho	'Move to "Members"',
536	37676f4e	jim-p	null,
537			'fa-angle-double-right'
538	449cac24	Renato Botelho	))->setAttribute('type','button')->removeClass('btn-primary')->addClass(
539			'btn-info btn-sm');
540	2f1e91e4	Stephen Beaver
541			$group->add(new Form_Button(
542			'movetodisabled',
543	faab522f	Renato Botelho	'Move to "Not members',
544	37676f4e	jim-p	null,
545			'fa-angle-double-left'
546	449cac24	Renato Botelho	))->setAttribute('type','button')->removeClass('btn-primary')->addClass(
547			'btn-info btn-sm');
548	2f1e91e4	Stephen Beaver
549	449cac24	Renato Botelho	$group->setHelp(
550			'Hold down CTRL (PC)/COMMAND (Mac) key to select multiple items.');
551	2f1e91e4	Stephen Beaver	$section->add($group);
552	64600f94	Sjon Hortensius
553	6b07c15a	Matthew Grooms	}
554
555	7af38087	jim-p	if (isset($pconfig['gid'])) {
556	64600f94	Sjon Hortensius	$section = new Form_Section('Assigned Privileges');
557
558			$section->addInput(new Form_StaticText(
559			null,
560	2f1e91e4	Stephen Beaver	build_priv_table()
561	64600f94	Sjon Hortensius	));
562	6b07c15a	Matthew Grooms
563	2f1e91e4	Stephen Beaver
564	64600f94	Sjon Hortensius	$form->add($section);
565	6b07c15a	Matthew Grooms	}
566
567	64600f94	Sjon Hortensius	print $form;
568	2f1e91e4	Stephen Beaver	?>
569	8fd9052f	Colin Fleming	<script type="text/javascript">
570	2f1e91e4	Stephen Beaver	//<![CDATA[
571	d61309a0	Phil Davis	events.push(function() {
572	2f1e91e4	Stephen Beaver
573			// On click . .
574			$("#movetodisabled").click(function() {
575	449cac24	Renato Botelho	moveOptions($('[name="members[]"] option'),
576			$('[name="notmembers[]"]'));
577	2f1e91e4	Stephen Beaver	});
578
579			$("#movetoenabled").click(function() {
580	449cac24	Renato Botelho	moveOptions($('[name="notmembers[]"] option'),
581			$('[name="members[]"]'));
582	2f1e91e4	Stephen Beaver	});
583
584			// On submit mark all the user's groups as "selected"
585	d61309a0	Phil Davis	$('form').submit(function() {
586	2f1e91e4	Stephen Beaver	AllServers($('[name="members[]"] option'), true);
587			});
588			});
589			//]]>
590			</script>
591			<?php
592	854fa106	heper	include('foot.inc');

Project

General

Profile

pfSense