/src/usr/local/www/system_groupmanager.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/src/usr/local/www/system_groupmanager.php @ ffa913ec

1	4c291f4c	Renato Botelho	<?php
2	fab7ff44	Bill Marquette	/*
3	c5d81585	Renato Botelho	* system_groupmanager.php
4	191cb31d	Stephen Beaver	*
5	c5d81585	Renato Botelho	* part of pfSense (https://www.pfsense.org)
6	38809d47	Renato Botelho do Couto	* Copyright (c) 2004-2013 BSD Perimeter
7			* Copyright (c) 2013-2016 Electric Sheep Fencing
8	8f585441	Luiz Souza	* Copyright (c) 2014-2021 Rubicon Communications, LLC (Netgate)
9	c5d81585	Renato Botelho	* Copyright (c) 2005 Paul Taylor <paultaylor@winn-dixie.com>
10			* Copyright (c) 2008 Shrew Soft Inc
11			* All rights reserved.
12	f74457df	Stephen Beaver	*
13	c5d81585	Renato Botelho	* originally based on m0n0wall (http://m0n0.ch/wall)
14			* Copyright (c) 2003-2004 Manuel Kasper <mk@neon1.net>.
15			* All rights reserved.
16	f74457df	Stephen Beaver	*
17	b12ea3fb	Renato Botelho	* Licensed under the Apache License, Version 2.0 (the "License");
18			* you may not use this file except in compliance with the License.
19			* You may obtain a copy of the License at
20	f74457df	Stephen Beaver	*
21	b12ea3fb	Renato Botelho	* http://www.apache.org/licenses/LICENSE-2.0
22	f74457df	Stephen Beaver	*
23	b12ea3fb	Renato Botelho	* Unless required by applicable law or agreed to in writing, software
24			* distributed under the License is distributed on an "AS IS" BASIS,
25			* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
26			* See the License for the specific language governing permissions and
27			* limitations under the License.
28	f74457df	Stephen Beaver	*/
29	fab7ff44	Bill Marquette
30	6b07c15a	Matthew Grooms	##\|+PRIV
31			##\|*IDENT=page-system-groupmanager
32	48157a04	Phil Davis	##\|*NAME=System: Group Manager
33			##\|*DESCR=Allow access to the 'System: Group Manager' page.
34	57188e47	Phil Davis	##\|*WARN=standard-warning-root
35	6b07c15a	Matthew Grooms	##\|MATCH=system_groupmanager.php
36			##\|-PRIV
37	fab7ff44	Bill Marquette
38	c81ef6e2	Phil Davis	require_once("guiconfig.inc");
39	15c74b5b	doktornotor	require_once("pfsense-utils.inc");
40	d88c6a9f	Scott Ullrich
41	3fa6d462	jim-p	$logging_level = LOG_WARNING;
42			$logging_prefix = gettext("Local User Database");
43
44	c6c398c6	jim-p	init_config_arr(array('system', 'group'));
45	6b07c15a	Matthew Grooms	$a_group = &$config['system']['group'];
46	d81c2ad1	Scott Ullrich
47	7ea27b0d	Renato Botelho	unset($id);
48	4611e283	Steve Beaver	$id = $_REQUEST['groupid'];
49			$act = (isset($_REQUEST['act']) ? $_REQUEST['act'] : '');
50	31b53653	Scott Ullrich
51	e6407b22	Viktor G	if ($act == 'dup') {
52			$dup = true;
53			$act = 'edit';
54			}
55
56	06683083	Stephen Beaver	function cpusercmp($a, $b) {
57			return strcasecmp($a['name'], $b['name']);
58			}
59	23d09a2e	Stephen Beaver
60	06683083	Stephen Beaver	function admin_groups_sort() {
61			global $a_group;
62
63			if (!is_array($a_group)) {
64			return;
65			}
66
67			usort($a_group, "cpusercmp");
68			}
69
70	acd7e560	jim-p	/*
71			* Check user privileges to test if the user is allowed to make changes.
72			* Otherwise users can end up in an inconsistent state where some changes are
73			* performed and others denied. See https://redmine.pfsense.org/issues/9259
74			*/
75			phpsession_begin();
76			$guiuser = getUserEntry($_SESSION['Username']);
77			$read_only = (is_array($guiuser) && userHasPrivilege($guiuser, "user-config-readonly"));
78			phpsession_end();
79
80			if (!empty($_POST) && $read_only) {
81			$input_errors = array(gettext("Insufficient privileges to make the requested change (read only)."));
82			}
83
84			if (($_POST['act'] == "delgroup") && !$read_only) {
85	7ea27b0d	Renato Botelho
86	449cac24	Renato Botelho	if (!isset($id) \|\| !isset($_REQUEST['groupname']) \|\|
87			!isset($a_group[$id]) \|\|
88			($_REQUEST['groupname'] != $a_group[$id]['name'])) {
89	6b07c15a	Matthew Grooms	pfSenseHeader("system_groupmanager.php");
90			exit;
91			}
92	31b53653	Scott Ullrich
93	7ea27b0d	Renato Botelho	local_group_del($a_group[$id]);
94			$groupdeleted = $a_group[$id]['name'];
95			unset($a_group[$id]);
96	449cac24	Renato Botelho	/*
97			* Reindex the array to avoid operating on an incorrect index
98			* https://redmine.pfsense.org/issues/7733
99			*/
100	92c27793	jim-p	$a_group = array_values($a_group);
101	3fa6d462	jim-p
102	449cac24	Renato Botelho	$savemsg = sprintf(gettext("Successfully deleted group: %s"),
103			$groupdeleted);
104	3fa6d462	jim-p	write_config($savemsg);
105			syslog($logging_level, "{$logging_prefix}: {$savemsg}");
106	fab7ff44	Bill Marquette	}
107	d88c6a9f	Scott Ullrich
108	acd7e560	jim-p	if (($_POST['act'] == "delpriv") && !$read_only) {
109	6b07c15a	Matthew Grooms
110	7ea27b0d	Renato Botelho	if (!isset($id) \|\| !isset($a_group[$id])) {
111	6b07c15a	Matthew Grooms	pfSenseHeader("system_groupmanager.php");
112			exit;
113			}
114	fab7ff44	Bill Marquette
115	449cac24	Renato Botelho	$privdeleted =
116			$priv_list[$a_group[$id]['priv'][$_REQUEST['privid']]]['name'];
117	4611e283	Steve Beaver	unset($a_group[$id]['priv'][$_REQUEST['privid']]);
118	6b07c15a	Matthew Grooms
119	2ee08031	Erik Fonnesbeck	if (is_array($a_group[$id]['member'])) {
120			foreach ($a_group[$id]['member'] as $uid) {
121			$user = getUserEntryByUID($uid);
122	e0c7b2fe	Phil Davis	if ($user) {
123	2ee08031	Erik Fonnesbeck	local_user_set($user);
124	64600f94	Sjon Hortensius	}
125	2ee08031	Erik Fonnesbeck	}
126	64600f94	Sjon Hortensius	}
127	45ee90ed	Matthew Grooms
128	449cac24	Renato Botelho	$savemsg = sprintf(gettext("Removed Privilege \"%s\" from group %s"),
129			$privdeleted, $a_group[$id]['name']);
130	3fa6d462	jim-p	write_config($savemsg);
131			syslog($logging_level, "{$logging_prefix}: {$savemsg}");
132
133	7ea27b0d	Renato Botelho	$act = "edit";
134	6b07c15a	Matthew Grooms	}
135	45ee90ed	Matthew Grooms
136	7ea27b0d	Renato Botelho	if ($act == "edit") {
137			if (isset($id) && isset($a_group[$id])) {
138	e6407b22	Viktor G	if (!$dup) {
139			$pconfig['name'] = $a_group[$id]['name'];
140			$pconfig['gid'] = $a_group[$id]['gid'];
141			$pconfig['gtype'] = empty($a_group[$id]['scope'])
142			? "local" : $a_group[$id]['scope'];
143			} else {
144			$pconfig['gtype'] = ($a_group[$id]['scope'] == 'system')
145			? "local" : $a_group[$id]['scope'];
146			}
147	45ee90ed	Matthew Grooms	$pconfig['description'] = $a_group[$id]['description'];
148	6b07c15a	Matthew Grooms	$pconfig['members'] = $a_group[$id]['member'];
149			$pconfig['priv'] = $a_group[$id]['priv'];
150	45ee90ed	Matthew Grooms	}
151			}
152	6b07c15a	Matthew Grooms
153	acd7e560	jim-p	if (isset($_POST['dellall_x']) && !$read_only) {
154	c0c5b8cc	bruno
155	20231404	Steve Beaver	$del_groups = $_POST['delete_check'];
156	3fa6d462	jim-p	$deleted_groups = array();
157	c0c5b8cc	bruno
158	e0c7b2fe	Phil Davis	if (!empty($del_groups)) {
159			foreach ($del_groups as $groupid) {
160	449cac24	Renato Botelho	if (isset($a_group[$groupid]) &&
161			$a_group[$groupid]['scope'] != "system") {
162	3fa6d462	jim-p	$deleted_groups[] = $a_group[$groupid]['name'];
163	c0c5b8cc	bruno	local_group_del($a_group[$groupid]);
164			unset($a_group[$groupid]);
165			}
166			}
167	3fa6d462	jim-p
168	449cac24	Renato Botelho	$savemsg = sprintf(gettext("Successfully deleted %s: %s"),
169			(count($deleted_groups) == 1)
170			? gettext("group") : gettext("groups"),
171			implode(', ', $deleted_groups));
172			/*
173			* Reindex the array to avoid operating on an incorrect index
174			* https://redmine.pfsense.org/issues/7733
175			*/
176	92c27793	jim-p	$a_group = array_values($a_group);
177	c0c5b8cc	bruno	write_config($savemsg);
178	3fa6d462	jim-p	syslog($logging_level, "{$logging_prefix}: {$savemsg}");
179	c0c5b8cc	bruno	}
180			}
181
182	acd7e560	jim-p	if (isset($_POST['save']) && !$read_only) {
183	d88c6a9f	Scott Ullrich	unset($input_errors);
184			$pconfig = $_POST;
185
186	e6407b22	Viktor G	if ($dup) {
187			unset($id);
188			}
189
190	d88c6a9f	Scott Ullrich	/* input validation */
191			$reqdfields = explode(" ", "groupname");
192	b4fd804b	Carlos Eduardo Ramos	$reqdfieldsn = array(gettext("Group Name"));
193	4c291f4c	Renato Botelho
194	1e9b4611	Renato Botelho	do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
195	4c291f4c	Renato Botelho
196	d7689b2c	Stephen Beaver	if ($_POST['gtype'] != "remote") {
197	79ed8ce0	Stephen Beaver	if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['groupname'])) {
198	449cac24	Renato Botelho	$input_errors[] = sprintf(gettext(
199			"The (%s) group name contains invalid characters."),
200			$_POST['gtype']);
201	79ed8ce0	Stephen Beaver	}
202	8d4f79cd	jim-p	if (strlen($_POST['groupname']) > 16) {
203			$input_errors[] = gettext(
204			"The group name is longer than 16 characters.");
205			}
206	79ed8ce0	Stephen Beaver	} else {
207			if (preg_match("/[^a-zA-Z0-9\.\- _]/", $_POST['groupname'])) {
208	449cac24	Renato Botelho	$input_errors[] = sprintf(gettext(
209			"The (%s) group name contains invalid characters."),
210			$_POST['gtype']);
211	79ed8ce0	Stephen Beaver	}
212	e0c7b2fe	Phil Davis	}
213	4c291f4c	Renato Botelho
214	5bef2407	jim-p	/* Check the POSTed members to ensure they are valid and exist */
215	9d3e8723	Phil Davis	if (is_array($_POST['members'])) {
216	9f472202	NewEraCracker	foreach ($_POST['members'] as $newmember) {
217	449cac24	Renato Botelho	if (!is_numeric($newmember) \|\|
218			empty(getUserEntryByUID($newmember))) {
219			$input_errors[] = gettext("One or more " .
220			"invalid group members was submitted.");
221	9f472202	NewEraCracker	}
222	5bef2407	jim-p	}
223			}
224
225	d88c6a9f	Scott Ullrich	if (!$input_errors && !(isset($id) && $a_group[$id])) {
226			/* make sure there are no dupes */
227			foreach ($a_group as $group) {
228			if ($group['name'] == $_POST['groupname']) {
229	449cac24	Renato Botelho	$input_errors[] = gettext("Another entry " .
230			"with the same group name already exists.");
231	d88c6a9f	Scott Ullrich	break;
232			}
233			}
234			}
235	4c291f4c	Renato Botelho
236	d88c6a9f	Scott Ullrich	if (!$input_errors) {
237	45ee90ed	Matthew Grooms	$group = array();
238	e0c7b2fe	Phil Davis	if (isset($id) && $a_group[$id]) {
239	d88c6a9f	Scott Ullrich	$group = $a_group[$id];
240	e0c7b2fe	Phil Davis	}
241	4c291f4c	Renato Botelho
242	d88c6a9f	Scott Ullrich	$group['name'] = $_POST['groupname'];
243			$group['description'] = $_POST['description'];
244	79ed8ce0	Stephen Beaver	$group['scope'] = $_POST['gtype'];
245	45ee90ed	Matthew Grooms
246	e0c7b2fe	Phil Davis	if (empty($_POST['members'])) {
247	70d6b5c4	Ermal	unset($group['member']);
248	e0c7b2fe	Phil Davis	} else if ($group['gid'] != 1998) { // all group
249	6b07c15a	Matthew Grooms	$group['member'] = $_POST['members'];
250	e0c7b2fe	Phil Davis	}
251	45ee90ed	Matthew Grooms
252	e0c7b2fe	Phil Davis	if (isset($id) && $a_group[$id]) {
253	d88c6a9f	Scott Ullrich	$a_group[$id] = $group;
254	e0c7b2fe	Phil Davis	} else {
255	45ee90ed	Matthew Grooms	$group['gid'] = $config['system']['nextgid']++;
256	d88c6a9f	Scott Ullrich	$a_group[] = $group;
257	45ee90ed	Matthew Grooms	}
258
259	06683083	Stephen Beaver	admin_groups_sort();
260
261	659fa7f2	Matthew Grooms	local_group_set($group);
262	2a0e8512	jim-p
263	449cac24	Renato Botelho	/*
264			* Refresh users in this group since their privileges may have
265			* changed.
266			*/
267	5709072a	jim-p	if (is_array($group['member'])) {
268	c6c398c6	jim-p	init_config_arr(array('system', 'user'));
269	5709072a	jim-p	$a_user = &$config['system']['user'];
270			foreach ($a_user as & $user) {
271	e0c7b2fe	Phil Davis	if (in_array($user['uid'], $group['member'])) {
272	5709072a	jim-p	local_user_set($user);
273	e0c7b2fe	Phil Davis	}
274	5709072a	jim-p	}
275	2a0e8512	jim-p	}
276
277	dc3bc1f8	Renato Botelho	/* Sort it alphabetically */
278			usort($config['system']['group'], function($a, $b) {
279			return strcmp($a['name'], $b['name']);
280			});
281
282	449cac24	Renato Botelho	$savemsg = sprintf(gettext("Successfully %s group %s"),
283			(strlen($id) > 0) ? gettext("edited") : gettext("created"),
284			$group['name']);
285	3fa6d462	jim-p	write_config($savemsg);
286			syslog($logging_level, "{$logging_prefix}: {$savemsg}");
287	4c291f4c	Renato Botelho
288	d88c6a9f	Scott Ullrich	header("Location: system_groupmanager.php");
289			exit;
290			}
291	23d09a2e	Stephen Beaver
292			$pconfig['name'] = $_POST['groupname'];
293	fab7ff44	Bill Marquette	}
294
295	2f1e91e4	Stephen Beaver	function build_priv_table() {
296	acd7e560	jim-p	global $a_group, $id, $read_only;
297	2f1e91e4	Stephen Beaver
298			$privhtml = '<div class="table-responsive">';
299			$privhtml .= '<table class="table table-striped table-hover table-condensed">';
300			$privhtml .= '<thead>';
301	70da45c9	NOYB	$privhtml .= '<tr>';
302			$privhtml .= '<th>' . gettext('Name') . '</th>';
303			$privhtml .= '<th>' . gettext('Description') . '</th>';
304			$privhtml .= '<th>' . gettext('Action') . '</th>';
305			$privhtml .= '</tr>';
306	2f1e91e4	Stephen Beaver	$privhtml .= '</thead>';
307			$privhtml .= '<tbody>';
308
309	57188e47	Phil Davis	$user_has_root_priv = false;
310
311	2f1e91e4	Stephen Beaver	foreach (get_user_privdesc($a_group[$id]) as $i => $priv) {
312			$privhtml .= '<tr>';
313			$privhtml .= '<td>' . htmlspecialchars($priv['name']) . '</td>';
314	57188e47	Phil Davis	$privhtml .= '<td>' . htmlspecialchars($priv['descr']);
315			if (isset($priv['warn']) && ($priv['warn'] == 'standard-warning-root')) {
316	21312954	Phil Davis	$privhtml .= ' ' . gettext('(admin privilege)');
317	57188e47	Phil Davis	$user_has_root_priv = true;
318			}
319			$privhtml .= '</td>';
320	acd7e560	jim-p	if (!$read_only) {
321			$privhtml .= '<td><a class="fa fa-trash" title="' . gettext('Delete Privilege') . '" href="system_groupmanager.php?act=delpriv&groupid=' . $id . '&privid=' . $i . '" usepost></a></td>';
322			}
323	2f1e91e4	Stephen Beaver	$privhtml .= '</tr>';
324	d61309a0	Phil Davis
325	2f1e91e4	Stephen Beaver	}
326
327	57188e47	Phil Davis	if ($user_has_root_priv) {
328			$privhtml .= '<tr>';
329			$privhtml .= '<td colspan="2">';
330	9187d6f7	Phil Davis	$privhtml .= '<b>' . gettext('Security notice: Users in this group effectively have administrator-level access') . '</b>';
331	57188e47	Phil Davis	$privhtml .= '</td>';
332			$privhtml .= '<td>';
333			$privhtml .= '</td>';
334			$privhtml .= '</tr>';
335	20231404	Steve Beaver
336	57188e47	Phil Davis	}
337
338	2f1e91e4	Stephen Beaver	$privhtml .= '</tbody>';
339			$privhtml .= '</table>';
340			$privhtml .= '</div>';
341
342			$privhtml .= '<nav class="action-buttons">';
343	acd7e560	jim-p	if (!$read_only) {
344			$privhtml .= '<a href="system_groupmanager_addprivs.php?groupid=' . $id . '" class="btn btn-success"><i class="fa fa-plus icon-embed-btn"></i>' . gettext("Add") . '</a>';
345			}
346	2f1e91e4	Stephen Beaver	$privhtml .= '</nav>';
347
348			return($privhtml);
349			}
350
351	8f1ab2a4	k-paulius	$pgtitle = array(gettext("System"), gettext("User Manager"), gettext("Groups"));
352	edcd7535	Phil Davis	$pglinks = array("", "system_usermanager.php", "system_groupmanager.php");
353	8f1ab2a4	k-paulius
354			if ($act == "new" \|\| $act == "edit") {
355			$pgtitle[] = gettext('Edit');
356	edcd7535	Phil Davis	$pglinks[] = "@self";
357	8f1ab2a4	k-paulius	}
358	23d09a2e	Stephen Beaver
359	fab7ff44	Bill Marquette	include("head.inc");
360
361	d61309a0	Phil Davis	if ($input_errors) {
362	64600f94	Sjon Hortensius	print_input_errors($input_errors);
363	d61309a0	Phil Davis	}
364	23d09a2e	Stephen Beaver
365	d61309a0	Phil Davis	if ($savemsg) {
366	f78bbe16	Phil Davis	print_info_box($savemsg, 'success');
367	d61309a0	Phil Davis	}
368	64600f94	Sjon Hortensius
369			$tab_array = array();
370	451b6419	Augustin-FL	if (!isAllowedPage("system_usermanager.php")) {
371	f94e5cc6	Augustin-FL	$tab_array[] = array(gettext("User Password"), false, "system_usermanager_passwordmg.php");
372			} else {
373			$tab_array[] = array(gettext("Users"), false, "system_usermanager.php");
374			}
375	64600f94	Sjon Hortensius	$tab_array[] = array(gettext("Groups"), true, "system_groupmanager.php");
376			$tab_array[] = array(gettext("Settings"), false, "system_usermanager_settings.php");
377	2d1f33d9	k-paulius	$tab_array[] = array(gettext("Authentication Servers"), false, "system_authservers.php");
378	64600f94	Sjon Hortensius	display_top_tabs($tab_array);
379
380	4611e283	Steve Beaver	if (!($act == "new" \|\| $act == "edit")) {
381	64600f94	Sjon Hortensius	?>
382	060ed238	Stephen Beaver	<div class="panel panel-default">
383			<div class="panel-heading"><h2 class="panel-title"><?=gettext('Groups')?></h2></div>
384			<div class="panel-body">
385			<div class="table-responsive">
386	1c10ce97	PiBa-NL	<table class="table table-striped table-hover table-condensed sortable-theme-bootstrap table-rowdblclickedit" data-sortable>
387	060ed238	Stephen Beaver	<thead>
388			<tr>
389			<th><?=gettext("Group name")?></th>
390			<th><?=gettext("Description")?></th>
391			<th><?=gettext("Member Count")?></th>
392			<th><?=gettext("Actions")?></th>
393			</tr>
394			</thead>
395			<tbody>
396	64600f94	Sjon Hortensius	<?php
397	d61309a0	Phil Davis	foreach ($a_group as $i => $group):
398			if ($group["name"] == "all") {
399	64600f94	Sjon Hortensius	$groupcount = count($config['system']['user']);
400	19028049	Renato Botelho	} elseif (is_array($group['member'])) {
401	64600f94	Sjon Hortensius	$groupcount = count($group['member']);
402	19028049	Renato Botelho	} else {
403			$groupcount = 0;
404	d61309a0	Phil Davis	}
405	64600f94	Sjon Hortensius	?>
406	060ed238	Stephen Beaver	<tr>
407			<td>
408			<?=htmlspecialchars($group['name'])?>
409			</td>
410			<td>
411			<?=htmlspecialchars($group['description'])?>
412			</td>
413			<td>
414			<?=$groupcount?>
415			</td>
416			<td>
417	4611e283	Steve Beaver	<a class="fa fa-pencil" title="<?=gettext("Edit group"); ?>" href="?act=edit&groupid=<?=$i?>"></a>
418	e6407b22	Viktor G	<a class="fa fa-clone" title="<?=gettext("Copy group"); ?>" href="?act=dup&groupid=<?=$i?>"></a>
419	acd7e560	jim-p	<?php if (($group['scope'] != "system") && !$read_only): ?>
420	20231404	Steve Beaver	<a class="fa fa-trash" title="<?=gettext("Delete group")?>" href="?act=delgroup&groupid=<?=$i?>&groupname=<?=$group['name']?>" usepost></a>
421	060ed238	Stephen Beaver	<?php endif;?>
422			</td>
423			</tr>
424	64600f94	Sjon Hortensius	<?php
425			endforeach;
426	fab7ff44	Bill Marquette	?>
427	060ed238	Stephen Beaver	</tbody>
428			</table>
429			</div>
430	94404d94	Sander van Leeuwen	</div>
431	060ed238	Stephen Beaver	</div>
432
433			<nav class="action-buttons">
434	acd7e560	jim-p	<?php if (!$read_only): ?>
435	4611e283	Steve Beaver	<a href="?act=new" class="btn btn-success btn-sm">
436	060ed238	Stephen Beaver	<i class="fa fa-plus icon-embed-btn"></i>
437			<?=gettext("Add")?>
438			</a>
439	acd7e560	jim-p	<?php endif; ?>
440	060ed238	Stephen Beaver	</nav>
441	64600f94	Sjon Hortensius	<?php
442			include('foot.inc');
443			exit;
444	6b07c15a	Matthew Grooms	}
445
446	64600f94	Sjon Hortensius	$form = new Form;
447			$form->setAction('system_groupmanager.php?act=edit');
448			$form->addGlobal(new Form_Input(
449			'groupid',
450			null,
451			'hidden',
452			$id
453			));
454
455	9d3e8723	Phil Davis	if (isset($id) && $a_group[$id]) {
456	64600f94	Sjon Hortensius	$form->addGlobal(new Form_Input(
457			'id',
458			null,
459			'hidden',
460			$id
461			));
462
463			$form->addGlobal(new Form_Input(
464			'gid',
465			null,
466			'hidden',
467			$pconfig['gid']
468			));
469	61dec0b0	Renato Botelho	}
470
471	5f88f964	k-paulius	$section = new Form_Section('Group Properties');
472	82833610	Stephen Beaver
473	e6acc2ee	Sjon Hortensius	$section->addInput($input = new Form_Input(
474	64600f94	Sjon Hortensius	'groupname',
475	153c3aa6	Phil Davis	'*Group name',
476	64600f94	Sjon Hortensius	'text',
477			$pconfig['name']
478			));
479
480	d61309a0	Phil Davis	if ($pconfig['gtype'] == "system") {
481	1192840b	Sjon Hortensius	$input->setReadonly();
482	79ed8ce0	Stephen Beaver
483			$section->addInput(new Form_Input(
484			'gtype',
485	153c3aa6	Phil Davis	'*Scope',
486	79ed8ce0	Stephen Beaver	'text',
487			$pconfig['gtype']
488			))->setReadonly();
489			} else {
490			$section->addInput(new Form_Select(
491			'gtype',
492	153c3aa6	Phil Davis	'*Scope',
493	79ed8ce0	Stephen Beaver	$pconfig['gtype'],
494	82833610	Stephen Beaver	["local" => gettext("Local"), "remote" => gettext("Remote")]
495	449cac24	Renato Botelho	))->setHelp("<span class=\"text-danger\">Warning: Changing this " .
496			"setting may affect the local groups file, in which case a " .
497			"reboot may be required for the changes to take effect.</span>");
498	d61309a0	Phil Davis	}
499	e6acc2ee	Sjon Hortensius
500	64600f94	Sjon Hortensius	$section->addInput(new Form_Input(
501			'description',
502			'Description',
503			'text',
504			$pconfig['description']
505	89140b63	NOYB	))->setHelp('Group description, for administrative information only');
506	64600f94	Sjon Hortensius
507			$form->add($section);
508	d61309a0	Phil Davis
509	449cac24	Renato Botelho	/* all users group */
510			if ($pconfig['gid'] != 1998) {
511			/* Group membership */
512	2f1e91e4	Stephen Beaver	$group = new Form_Group('Group membership');
513
514	449cac24	Renato Botelho	/*
515			* Make a list of all the groups configured on the system, and a list of
516			* those which this user is a member of
517			*/
518	2f1e91e4	Stephen Beaver	$systemGroups = array();
519			$usersGroups = array();
520
521			foreach ($config['system']['user'] as $user) {
522	449cac24	Renato Botelho	if (is_array($pconfig['members']) && in_array($user['uid'],
523			$pconfig['members'])) {
524			/* Add it to the user's list */
525			$usersGroups[ $user['uid'] ] = $user['name'];
526	d61309a0	Phil Davis	} else {
527	449cac24	Renato Botelho	/* Add it to the 'not a member of' list */
528			$systemGroups[ $user['uid'] ] = $user['name'];
529	d61309a0	Phil Davis	}
530	2f1e91e4	Stephen Beaver	}
531
532			$group->add(new Form_Select(
533			'notmembers',
534			null,
535	449cac24	Renato Botelho	array_combine((array)$pconfig['groups'],
536			(array)$pconfig['groups']),
537	2f1e91e4	Stephen Beaver	$systemGroups,
538			true
539	6ef8f2e9	heper	))->setHelp('Not members');
540	64600f94	Sjon Hortensius
541	2f1e91e4	Stephen Beaver	$group->add(new Form_Select(
542	64600f94	Sjon Hortensius	'members',
543	2f1e91e4	Stephen Beaver	null,
544	449cac24	Renato Botelho	array_combine((array)$pconfig['groups'],
545			(array)$pconfig['groups']),
546	2f1e91e4	Stephen Beaver	$usersGroups,
547	64600f94	Sjon Hortensius	true
548	6ef8f2e9	heper	))->setHelp('Members');
549	2f1e91e4	Stephen Beaver
550			$section->add($group);
551
552			$group = new Form_Group('');
553
554			$group->add(new Form_Button(
555			'movetoenabled',
556	faab522f	Renato Botelho	'Move to "Members"',
557	37676f4e	jim-p	null,
558			'fa-angle-double-right'
559	449cac24	Renato Botelho	))->setAttribute('type','button')->removeClass('btn-primary')->addClass(
560			'btn-info btn-sm');
561	2f1e91e4	Stephen Beaver
562			$group->add(new Form_Button(
563			'movetodisabled',
564	faab522f	Renato Botelho	'Move to "Not members',
565	37676f4e	jim-p	null,
566			'fa-angle-double-left'
567	449cac24	Renato Botelho	))->setAttribute('type','button')->removeClass('btn-primary')->addClass(
568			'btn-info btn-sm');
569	2f1e91e4	Stephen Beaver
570	449cac24	Renato Botelho	$group->setHelp(
571			'Hold down CTRL (PC)/COMMAND (Mac) key to select multiple items.');
572	2f1e91e4	Stephen Beaver	$section->add($group);
573	64600f94	Sjon Hortensius
574	6b07c15a	Matthew Grooms	}
575
576	e6407b22	Viktor G	if (isset($pconfig['gid']) \|\| $dup) {
577	64600f94	Sjon Hortensius	$section = new Form_Section('Assigned Privileges');
578
579			$section->addInput(new Form_StaticText(
580			null,
581	2f1e91e4	Stephen Beaver	build_priv_table()
582	64600f94	Sjon Hortensius	));
583	6b07c15a	Matthew Grooms
584	2f1e91e4	Stephen Beaver
585	64600f94	Sjon Hortensius	$form->add($section);
586	6b07c15a	Matthew Grooms	}
587
588	64600f94	Sjon Hortensius	print $form;
589	2f1e91e4	Stephen Beaver	?>
590	8fd9052f	Colin Fleming	<script type="text/javascript">
591	2f1e91e4	Stephen Beaver	//<![CDATA[
592	d61309a0	Phil Davis	events.push(function() {
593	2f1e91e4	Stephen Beaver
594			// On click . .
595			$("#movetodisabled").click(function() {
596	449cac24	Renato Botelho	moveOptions($('[name="members[]"] option'),
597			$('[name="notmembers[]"]'));
598	2f1e91e4	Stephen Beaver	});
599
600			$("#movetoenabled").click(function() {
601	449cac24	Renato Botelho	moveOptions($('[name="notmembers[]"] option'),
602			$('[name="members[]"]'));
603	2f1e91e4	Stephen Beaver	});
604
605			// On submit mark all the user's groups as "selected"
606	d61309a0	Phil Davis	$('form').submit(function() {
607	2f1e91e4	Stephen Beaver	AllServers($('[name="members[]"] option'), true);
608			});
609			});
610			//]]>
611			</script>
612			<?php
613	854fa106	heper	include('foot.inc');

Project

General

Profile

pfSense