Project

General

Profile

Download (6.18 KB) Statistics
| Branch: | Tag: | Revision:
1
<?php
2
/* $Id$ */
3
/*
4
	system_usermanager_addprivs.php
5

    
6
	Copyright (C) 2006 Daniel S. Haischt.
7
	All rights reserved.
8

    
9
	Redistribution and use in source and binary forms, with or without
10
	modification, are permitted provided that the following conditions are met:
11

    
12
	1. Redistributions of source code must retain the above copyright notice,
13
	   this list of conditions and the following disclaimer.
14

    
15
	2. Redistributions in binary form must reproduce the above copyright
16
	   notice, this list of conditions and the following disclaimer in the
17
	   documentation and/or other materials provided with the distribution.
18

    
19
	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
20
	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
21
	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
22
	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
23
	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
24
	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25
	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
26
	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
27
	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
28
	POSSIBILITY OF SUCH DAMAGE.
29
*/
30
/*
31
	pfSense_MODULE:	auth
32
*/
33

    
34
##|+PRIV
35
##|*IDENT=page-system-usermanager-addprivs
36
##|*NAME=System: User Manager: Add Privileges page
37
##|*DESCR=Allow access to the 'System: User Manager: Add Privileges' page.
38
##|*MATCH=system_usermanager_addprivs.php*
39
##|-PRIV
40

    
41
function admusercmp($a, $b) {
42
	return strcasecmp($a['name'], $b['name']);
43
}
44

    
45
function admin_users_sort() {
46
        global $g, $config;
47

    
48
        if (!is_array($config['system']['user']))
49
                return;
50

    
51
        usort($config['system']['user'], "admusercmp");
52
}
53

    
54
require("guiconfig.inc");
55
require("priv.defs.inc");
56
require("priv.inc");
57

    
58
$pgtitle = array("System","User manager","Add privileges");
59

    
60
$userid = $_GET['userid'];
61
if (isset($_POST['userid']))
62
	$userid = $_POST['userid'];
63

    
64
admin_users_sort();
65
$a_user = & $config['system']['user'][$userid];
66
if (!is_array($a_user)) {
67
	pfSenseHeader("system_usermanager.php?id={$userid}");
68
	exit;
69
}
70

    
71
if (!is_array($a_user)) {
72
	pfSenseHeader("system_usermanager.php");
73
	exit;
74
}
75

    
76
if (!is_array($a_user['priv']))
77
	$a_user['priv'] = array();
78

    
79
if ($_POST) {
80
	conf_mount_rw();
81

    
82
	unset($input_errors);
83
	$pconfig = $_POST;
84

    
85
	/* input validation */
86
	$reqdfields = explode(" ", "sysprivs");
87
	$reqdfieldsn = explode(",", "Selected priveleges");
88

    
89
	do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
90

    
91
	/* if this is an AJAX caller then handle via JSON */
92
	if(isAjax() && is_array($input_errors)) {
93
		input_errors2Ajax($input_errors);
94
		exit;
95
	}
96

    
97
	if (!$input_errors) {
98

    
99
		if (!is_array($pconfig['sysprivs']))
100
			$pconfig['sysprivs'] = array();
101

    
102
		if (!count($a_user['priv']))
103
			$a_user['priv'] = $pconfig['sysprivs'];
104
		else
105
			$a_user['priv'] = array_merge($a_user['priv'], $pconfig['sysprivs']);
106

    
107
		admin_users_sort();
108
		local_user_set($a_user);
109
		$retval = write_config();
110
		$savemsg = get_std_save_message($retval);
111
		conf_mount_ro();
112
		
113
		pfSenseHeader("system_usermanager.php?act=edit&id={$userid}");
114
		
115
		exit;
116
	}
117
	conf_mount_ro();
118
}
119

    
120
/* if ajax is calling, give them an update message */
121
if(isAjax())
122
	print_info_box_np($savemsg);
123

    
124
include("head.inc");
125
?>
126

    
127
<body link="#0000CC" vlink="#0000CC" alink="#0000CC" onload="<?= $jsevents["body"]["onload"] ?>">
128
<?php include("fbegin.inc"); ?>
129
<script type="text/javascript">
130
<!--
131

    
132
<?php
133

    
134
if (is_array($priv_list)) {
135
	$id = 0;
136

    
137
	$jdescs = "var descs = new Array();\n";
138
	foreach($priv_list as $pname => $pdata) {
139
		if (in_array($pname, $a_user['priv']))
140
			continue;
141
		$desc = addslashes($pdata['descr']);
142
		$jdescs .= "descs[{$id}] = '{$desc}';\n";
143
		$id++;
144
	}
145

    
146
	echo $jdescs;
147
}
148

    
149
?>
150

    
151
function update_description() {
152
	var index = document.iform.sysprivs.selectedIndex;
153
	document.getElementById("pdesc").innerHTML = descs[index];
154
}
155

    
156
//-->
157
</script>
158
<?php
159
	if ($input_errors)
160
		print_input_errors($input_errors);
161
	if ($savemsg)
162
		print_info_box($savemsg);
163
?>
164
<table width="100%" border="0" cellpadding="0" cellspacing="0">
165
	<tr>
166
		<td>
167
		<?php
168
			$tab_array = array();
169
			$tab_array[] = array(gettext("Users"), true, "system_usermanager.php");
170
			$tab_array[] = array(gettext("Groups"), false, "system_groupmanager.php");
171
			$tab_array[] = array(gettext("Settings"), false, "system_usermanager_settings.php");
172
			$tab_array[] = array(gettext("Servers"), false, "system_authservers.php");
173
			display_top_tabs($tab_array);
174
		?>
175
		</td>
176
	</tr>
177
	<tr>
178
		<td id="mainarea">
179
			<div class="tabcont">
180
				<form action="system_usermanager_addprivs.php" method="post" name="iform" id="iform">
181
					<table width="100%" border="0" cellpadding="6" cellspacing="0">
182
						<tr>
183
							<td width="22%" valign="top" class="vncellreq"><?=gettext("System Privileges");?></td>
184
							<td width="78%" class="vtable">
185
								<select name="sysprivs[]" id="sysprivs" class="formselect" onchange="update_description();" multiple>
186
									<?php
187
										foreach($priv_list as $pname => $pdata):
188
											if (in_array($pname, $a_user['priv']))
189
												continue;
190
									?>
191
									<option value="<?=$pname;?>"><?=$pdata['name'];?></option>
192
									<?php endforeach; ?>
193
								</select>
194
								<br/>
195
								<?=gettext("Hold down CTRL (pc)/COMMAND (mac) key to select multiple items");?>
196
							</td>
197
						</tr>
198
						<tr height="60">
199
							<td width="22%" valign="top" class="vncell"><?=gettext("Description");?></td>
200
							<td width="78%" valign="top" class="vtable" id="pdesc">
201
								<em>Select a privilege from the list above for a description</em>
202
							</td>
203
						</tr>
204
						<tr>
205
							<td width="22%" valign="top">&nbsp;</td>
206
							<td width="78%">
207
								<input id="submitt"  name="Submit" type="submit" class="formbtn" value="<?=gettext("Save");?>" />
208
								<input id="cancelbutton" class="formbtn" type="button" value="<?=gettext("Cancel");?>" onclick="history.back()" />
209
								<?php if (isset($userid)): ?>
210
								<input name="userid" type="hidden" value="<?=$userid;?>" />
211
								<?php endif; ?>
212
							</td>
213
						</tr>
214
					</table>
215
				</form>
216
			</div>
217
		</td>
218
	</tr>
219
</table>
220
<?php include("fend.inc"); ?>
221
</body>
222
</html>
(191-191/215)