/usr/local/www/system_groupmanager.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/system_groupmanager.php @ ead24d63

-            d88c6a9f
+<?php
-            fab7ff44
+/*
-            d88c6a9f
+	$Id: system_groupmanager.php
 	part of m0n0wall (http://m0n0.ch/wall)
-b07c15a
+	Copyright (C) 2008 Shrew Soft Inc.
 	All rights reserved.
-            d88c6a9f
+	Copyright (C) 2005 Paul Taylor <paultaylor@winn-dixie.com>.
 	All rights reserved.
 	Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>.
 	All rights reserved.
 	Redistribution and use in source and binary forms, with or without
 	modification, are permitted provided that the following conditions are met:
 . Redistributions of source code must retain the above copyright notice,
 	   this list of conditions and the following disclaimer.
 . Redistributions in binary form must reproduce the above copyright
 	   notice, this list of conditions and the following disclaimer in the
 	   documentation and/or other materials provided with the distribution.
 	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
 	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
 	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
 	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
 	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
 	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
 	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
 	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 	POSSIBILITY OF SUCH DAMAGE.
-            fab7ff44
+*/
-d333258
+/*
 	pfSense_MODULE:	auth
 */
-            fab7ff44
+            Bill Marquette
-b07c15a
+##|+PRIV
 ##|*IDENT=page-system-groupmanager
 ##|*NAME=System: Group manager page
 ##|*DESCR=Allow access to the 'System: Group manager' page.
 ##|*MATCH=system_groupmanager.php*
 ##|-PRIV
-            fab7ff44
+            Bill Marquette
-b07c15a
+require("guiconfig.inc");
-            ead24d63
+require("priv.defs.inc");
-            d88c6a9f
+            Scott Ullrich
-b07c15a
+$pgtitle = array("System", "Group manager");
-            fab7ff44
+            Bill Marquette
-b07c15a
+if (!is_array($config['system']['group']))
 	$config['system']['group'] = array();
-            d81c2ad1
+            Scott Ullrich
-b07c15a
+$a_group = &$config['system']['group'];
-            d81c2ad1
+            Scott Ullrich
-b07c15a
+$id = $_GET['id'];
 if (isset($_POST['id']))
 	$id = $_POST['id'];
-            d81c2ad1
+            Scott Ullrich
-b07c15a
+if ($_GET['act'] == "delgroup") {
-b53653
+            Scott Ullrich
-b07c15a
+	if (!$a_group[$_GET['id']]) {
 		pfSenseHeader("system_groupmanager.php");
 		exit;
+	}
-b53653
+            Scott Ullrich
-fa7f2
+	local_group_del($a_group[$_GET['id']]);
-b07c15a
+	$groupdeleted = $a_group[$_GET['id']]['name'];
 	unset($a_group[$_GET['id']]);
 	write_config();
 	$savemsg = gettext("Group")." {$groupdeleted} ".
 				gettext("successfully deleted")."<br/>";
-            fab7ff44
+            Bill Marquette
-            d88c6a9f
+            Scott Ullrich
-b07c15a
+if ($_GET['act'] == "delpriv") {
-            fab7ff44
+            Bill Marquette
-b07c15a
+	if (!$a_group[$_GET['id']]) {
 		pfSenseHeader("system_groupmanager.php");
 		exit;
+	}
-            fab7ff44
+            Bill Marquette
-b07c15a
+	$privdeleted = $priv_list[$a_group[$id]['priv'][$_GET['privid']]]['name'];
 	unset($a_group[$id]['priv'][$_GET['privid']]);
 	foreach ($a_group[$id]['member'] as $uid) {
 		$user = getUserEntryByUID($uid);
 		if ($user)
-fa7f2
+			local_user_set($user);
-            d88c6a9f
+            Scott Ullrich
-b07c15a
+            Matthew Grooms
 	write_config();
 	$_GET['act'] = "edit";
 	$savemsg = gettext("Privilege")." {$privdeleted} ".
 				gettext("successfully deleted")."<br/>";
+}
-ee90ed
+            Matthew Grooms
 if($_GET['act']=="edit"){
 	if (isset($id) && $a_group[$id]) {
 		$pconfig['name'] = $a_group[$id]['name'];
-b07c15a
+		$pconfig['gid'] = $a_group[$id]['gid'];
 		$pconfig['gtype'] = $a_group[$id]['scope'];
-ee90ed
+		$pconfig['description'] = $a_group[$id]['description'];
-b07c15a
+		$pconfig['members'] = $a_group[$id]['member'];
 		$pconfig['priv'] = $a_group[$id]['priv'];
-ee90ed
+            Matthew Grooms
+}
-b07c15a
+            Matthew Grooms
-            fab7ff44
+if ($_POST) {
-            d88c6a9f
+	unset($input_errors);
 	$pconfig = $_POST;
 	/* input validation */
 	$reqdfields = explode(" ", "groupname");
 	$reqdfieldsn = explode(",", "Group Name");
 	do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
 	if (preg_match("/[^a-zA-Z0-9\.\-_ ]/", $_POST['groupname']))
 		$input_errors[] = "The group name contains invalid characters.";
 	if (!$input_errors && !(isset($id) && $a_group[$id])) {
 		/* make sure there are no dupes */
 		foreach ($a_group as $group) {
 			if ($group['name'] == $_POST['groupname']) {
 				$input_errors[] = "Another entry with the same group name already exists.";
 				break;
+			}
+		}
+	}
 	if (!$input_errors) {
-ee90ed
+		$group = array();
-            d88c6a9f
+		if (isset($id) && $a_group[$id])
 			$group = $a_group[$id];
 		$group['name'] = $_POST['groupname'];
 		$group['description'] = $_POST['description'];
-ee90ed
+            Matthew Grooms
-b07c15a
+		if ($group['gid'] != 1998) // all group
 			$group['member'] = $_POST['members'];
-ee90ed
+            Matthew Grooms
-            d88c6a9f
+		if (isset($id) && $a_group[$id])
 			$a_group[$id] = $group;
-ee90ed
+		else {
 			$group['gid'] = $config['system']['nextgid']++;
-            d88c6a9f
+			$a_group[] = $group;
-ee90ed
+            Matthew Grooms
-fa7f2
+		local_group_set($group);
-            d88c6a9f
+		write_config();
 		header("Location: system_groupmanager.php");
 		exit;
+	}
-            fab7ff44
+            Bill Marquette
 include("head.inc");
 ?>
-ee90ed
+            Matthew Grooms
 <body link="#000000" vlink="#000000" alink="#000000" onload="<?= $jsevents["body"]["onload"] ?>">
-b07c15a
+<?php include("fbegin.inc"); ?>
 <script language="JavaScript">
 <!--
 function setall_selected(id) {
 	selbox = document.getElementById(id);
 	count = selbox.options.length;
 	for (index = 0; index<count; index++)
 		selbox.options[index].selected = true;
+}
 function clear_selected(id) {
 	selbox = document.getElementById(id);
 	count = selbox.options.length;
 	for (index = 0; index<count; index++)
 		selbox.options[index].selected = false;
+}
 function remove_selected(id) {
 	selbox = document.getElementById(id);
 	index = selbox.options.length - 1;
 	for (; index >= 0; index--)
 		if (selbox.options[index].selected)
 			selbox.remove(index);
+}
 function copy_selected(srcid, dstid) {
 	src_selbox = document.getElementById(srcid);
 	dst_selbox = document.getElementById(dstid);
 	count = src_selbox.options.length;
 	for (index = 0; index < count; index++) {
 		if (src_selbox.options[index].selected) {
 			option = document.createElement('option');
 			option.text = src_selbox.options[index].text;
 			option.value = src_selbox.options[index].value;
 			dst_selbox.add(option, null);
+		}
+	}
+}
 function move_selected(srcid, dstid) {
 	copy_selected(srcid, dstid);
 	remove_selected(srcid);
+}
 function presubmit() {
 	clear_selected('notmembers');
 	setall_selected('members');
+}
 //-->
 </script>
-            fab7ff44
+<?php
-ee90ed
+	if ($input_errors)
 		print_input_errors($input_errors);
 	if ($savemsg)
 		print_info_box($savemsg);
-            fab7ff44
+?>
-ee90ed
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
 	<tr>
-            e30001cf
+		<td>
-ee90ed
+			<?php
 				$tab_array = array();
 				$tab_array[] = array(gettext("Users"), false, "system_usermanager.php");
-b07c15a
+				$tab_array[] = array(gettext("Groups"), true, "system_groupmanager.php");
-ee90ed
+				$tab_array[] = array(gettext("Settings"), false, "system_usermanager_settings.php");
-            d799787e
+				$tab_array[] = array(gettext("Servers"), false, "system_authservers.php");
-ee90ed
+				display_top_tabs($tab_array);
 			?>
 		</td>
 	</tr>
 	<tr>
-            e30001cf
+		<td id="mainarea">
 			<div class="tabcont">
 				<?php if($_GET['act']=="new" || $_GET['act']=="edit"): ?>
 				<form action="system_groupmanager.php" method="post" name="iform" id="iform" onsubmit="presubmit()">
 					<table width="100%" border="0" cellpadding="6" cellspacing="0">
 	                    <?php
 	                        $ro = "";
 	                        if ($pconfig['gtype'] == "system")
 	                            $ro = "readonly = \"readonly\"";
 	                    ?>
 						<tr>
 							<td width="22%" valign="top" class="vncell"><?=gettext("Defined by");?></td>
 							<td width="78%" class="vtable">
 								<strong><?=strtoupper($pconfig['gtype']);?></strong>
 								<input name="gtype" type="hidden" value="<?=$pconfig['gtype']?>"/>
 							</td>
 						</tr>
 						<tr>
 							<td width="22%" valign="top" class="vncellreq">Group name</td>
 							<td width="78%" class="vtable">
 								<input name="groupname" type="text" class="formfld group" id="groupname" size="20" value="<?=htmlspecialchars($pconfig['name']);?>" <?=$ro;?>>
 							</td>
 						</tr>
 						<tr>
 							<td width="22%" valign="top" class="vncell">Description</td>
 							<td width="78%" class="vtable">
 								<input name="description" type="text" class="formfld unknown" id="description" size="20" value="<?=htmlspecialchars($pconfig['description']);?>">
 								<br>
 								Group description, for your own information only
 							</td>
 						</tr>
 						<?php if ($pconfig['gid'] != 1998): // all users group ?>
 						<tr>
 							<td width="22%" valign="top" class="vncell"><?=gettext("Group Memberships");?></td>
 							<td width="78%" class="vtable" align="center">
 								<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
 									<tr>
 										<td align="center" width="50%">
 											<strong>Not Members</strong><br/>
 											<br/>
 												<select size="10" style="width: 75%" name="notmembers[]" class="formselect" id="notmembers" onChange="clear_selected('members')" multiple>
 												<?php
 													foreach ($config['system']['user'] as $user):
 														if (in_array($user['uid'],$pconfig['members']))
 															continue;
 												?>
 												<option value="<?=$user['uid'];?>" <?=$selected;?>>
 													<?=htmlspecialchars($user['name']);?>
 												</option>
 												<?php endforeach; ?>
 											</select>
 											<br/>
 										</td>
 										<td>
 											<br/>
 											<a href="javascript:move_selected('notmembers','members')">
 												<img src="/themes/<?= $g['theme'];?>/images/icons/icon_right.gif" title="Add Members" alt="Add Members" width="17" height="17" border="0" />
 											</a>
 											<br/><br/>
 											<a href="javascript:move_selected('members','notmembers')">
 												<img src="/themes/<?= $g['theme'];?>/images/icons/icon_left.gif" title="Remove Members" alt="Remove Members" width="17" height="17" border="0" />
 											</a>
 										</td>
 										<td align="center" width="50%">
 											<strong>Members</strong><br/>
 											<br/>
 											<select size="10" style="width: 75%" name="members[]" class="formselect" id="members" onChange="clear_selected('notmembers')" multiple>
 												<?php
 													foreach ($config['system']['user'] as $user):
 														if (!in_array($user['uid'],$pconfig['members']))
 															continue;
 												?>
 												<option value="<?=$user['uid'];?>">
 													<?=htmlspecialchars($user['name']);?>
 												</option>
 												<?php endforeach; ?>
 											</select>
 											<br/>
 										</td>
 									</tr>
 								</table>
 								<?=gettext("Hold down CTRL (pc)/COMMAND (mac) key to select multiple items");?>
 							</td>
 						</tr>
-ee90ed
+            Matthew Grooms
-            e30001cf
+						<?php endif; ?>
-d86a13d
+						<?php if($_GET['act'] != "new"): ?>
-            e30001cf
+						<tr>
 							<td width="22%" valign="top" class="vncell"><?=gettext("Assigned Privileges");?></td>
 							<td width="78%" class="vtable">
 								<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0">
 									<tr>
 										<td width="40%" class="listhdrr"><?=gettext("Name");?></td>
 										<td width="60%" class="listhdrr"><?=gettext("Description");?></td>
 										<td class="list"></td>
 									</tr>
 									<?php
 										if(is_array($pconfig['priv'])):
 											$i = 0;
 											foreach ($pconfig['priv'] as $priv):
 									?>
 									<tr>
 										<td class="listr">
 											<?=htmlspecialchars($priv_list[$priv]['name']);?>
 										</td>
 										<td class="listbg">
-c73
+											<?=htmlspecialchars($priv_list[$priv]['descr']);?>
-            e30001cf
+										</td>
 										<td valign="middle" nowrap class="list">
 											<a href="system_groupmanager.php?act=delpriv&id=<?=$id?>&privid=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this privilege?");?>')">
 												<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" alt="" />
 											</a>
 										</td>
 									</tr>
 									<?php
 											$i++;
 	                      					endforeach;
 										endif;
 									?>
 									<tr>
 										<td class="list" colspan="2"></td>
 										<td class="list">
 											<a href="system_groupmanager_addprivs.php?groupid=<?=$id?>">
 												<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" alt="" />
 											</a>
-d86a13d
+            Scott Ullrich
-            e30001cf
+										</td>
 									</tr>
-d86a13d
+            Scott Ullrich
-            e30001cf
+								</table>
 							</td>
 						</tr>
-d86a13d
+						<?php endif; ?>
-            e30001cf
+						<tr>
 							<td width="22%" valign="top">&nbsp;</td>
 							<td width="78%">
 								<input name="save" type="submit" class="formbtn" value="Save">
 								<?php if (isset($id) && $a_group[$id]): ?>
 								<input name="id" type="hidden" value="<?=$id;?>">
 								<input name="gid" type="hidden" value="<?=$pconfig['gid'];?>">
 								<?php endif; ?>
 							</td>
 						</tr>
 					</table>
 				</form>
 				<?php else: ?>
 				<table width="100%" border="0" cellpadding="0" cellspacing="0">
-b07c15a
+					<tr>
-            e30001cf
+						<td width="25%" class="listhdrr">Group name</td>
 						<td width="25%" class="listhdrr">Description</td>
 						<td width="30%" class="listhdrr">Member Count</td>
 						<td width="10%" class="list"></td>
-ee90ed
+					</tr>
-            e30001cf
+					<?php
 						$i = 0;
 						foreach($a_group as $group):
 							if($group['scope'] == "system")
 								$grpimg = "/themes/{$g['theme']}/images/icons/icon_system-group-grey.png";
 							else
 								$grpimg = "/themes/{$g['theme']}/images/icons/icon_system-group.png";
 					?>
-ee90ed
+					<tr>
-            e30001cf
+						<td class="listlr">
 							<table border="0" cellpadding="0" cellspacing="0">
-b07c15a
+								<tr>
-            e30001cf
+									<td align="left" valign="center">
 										<img src="<?=$grpimg;?>" alt="User" title="User" border="0" height="16" width="16" />
-b07c15a
+									</td>
 									</td>
-            e30001cf
+									<td align="left" valign="middle">
 										<?=htmlspecialchars($group['name']); ?>&nbsp;
-b07c15a
+									</td>
 								</tr>
 							</table>
-ee90ed
+						</td>
-            e30001cf
+						<td class="listr">
 							<?=htmlspecialchars($group['description']);?>&nbsp;
 						</td>
 						<td class="listbg">
-c73
+							<?=count($group['member'])?>
-            e30001cf
+						</td>
 						<td valign="middle" nowrap class="list">
 							<a href="system_groupmanager.php?act=edit&id=<?=$i;?>">
 								<img src="./themes/<?=$g['theme'];?>/images/icons/icon_e.gif" title="edit group" width="17" height="17" border="0">
 							</a>
 							&nbsp;
 							<?php if($group['scope'] != "system"): ?>
 							<a href="system_groupmanager.php?act=delgroup&id=<?=$i;?>" onclick="return confirm('Do you really want to delete this group?')">
 								<img src="/themes/<?=$g['theme'];?>/images/icons/icon_x.gif" title="delete group" width="17" height="17" border="0">
 							</a>
 							<?php endif; ?>
-ee90ed
+						</td>
 					</tr>
-            e30001cf
+					<?php
 						$i++;
 						endforeach;
 					?>
-ee90ed
+					<tr>
-            e30001cf
+						<td class="list" colspan="3"></td>
 						<td class="list">
 							<a href="system_groupmanager.php?act=new"><img src="./themes/<?=$g['theme'];?>/images/icons/icon_plus.gif" title="add group" width="17" height="17" border="0">
 							</a>
 						</td>
 					</tr>
 					<tr>
 						<td colspan="3">
 							<p>
 								<?=gettext("Additional webConfigurator groups can be added here.");?>
 								<?=gettext("Group permissions can be assinged which will be inherited by users.");?>
 								<?=gettext("An icon that appears grey indicates that it is a system defined object.");?>
 								<?=gettext("Some system object properties can be modified but they cannot be deleted.");?>
 							</p>
-ee90ed
+						</td>
 					</tr>
 				</table>
-            e30001cf
+				<? endif; ?>
 			</div>
-ee90ed
+		</td>
 	</tr>
 </table>
 </body>
-e321df2
+<?php include("fend.inc"); ?>

Project

General

Profile

pfSense