1 |
1df17ba9
|
Scott Ullrich
|
<?php
|
2 |
|
|
/* $Id$ */
|
3 |
fab7ff44
|
Bill Marquette
|
/*
|
4 |
1df17ba9
|
Scott Ullrich
|
system_usermanager.php
|
5 |
|
|
part of m0n0wall (http://m0n0.ch/wall)
|
6 |
|
|
|
7 |
6b07c15a
|
Matthew Grooms
|
Copyright (C) 2008 Shrew Soft Inc.
|
8 |
|
|
All rights reserved.
|
9 |
|
|
|
10 |
1df17ba9
|
Scott Ullrich
|
Copyright (C) 2005 Paul Taylor <paultaylor@winn-dixie.com>.
|
11 |
|
|
All rights reserved.
|
12 |
|
|
|
13 |
|
|
Copyright (C) 2003-2005 Manuel Kasper <mk@neon1.net>.
|
14 |
|
|
All rights reserved.
|
15 |
|
|
|
16 |
|
|
Redistribution and use in source and binary forms, with or without
|
17 |
|
|
modification, are permitted provided that the following conditions are met:
|
18 |
|
|
|
19 |
|
|
1. Redistributions of source code must retain the above copyright notice,
|
20 |
|
|
this list of conditions and the following disclaimer.
|
21 |
|
|
|
22 |
|
|
2. Redistributions in binary form must reproduce the above copyright
|
23 |
|
|
notice, this list of conditions and the following disclaimer in the
|
24 |
|
|
documentation and/or other materials provided with the distribution.
|
25 |
|
|
|
26 |
|
|
THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
|
27 |
|
|
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
|
28 |
|
|
AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
|
29 |
|
|
AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
|
30 |
|
|
OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
|
31 |
|
|
SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
|
32 |
|
|
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
|
33 |
|
|
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
34 |
|
|
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
35 |
|
|
POSSIBILITY OF SUCH DAMAGE.
|
36 |
fab7ff44
|
Bill Marquette
|
*/
|
37 |
1d333258
|
Scott Ullrich
|
/*
|
38 |
3ccb9689
|
Charlie Marshall
|
pfSense_BUILDER_BINARIES:
|
39 |
1d333258
|
Scott Ullrich
|
pfSense_MODULE: auth
|
40 |
|
|
*/
|
41 |
fab7ff44
|
Bill Marquette
|
|
42 |
6b07c15a
|
Matthew Grooms
|
##|+PRIV
|
43 |
|
|
##|*IDENT=page-system-usermanager
|
44 |
|
|
##|*NAME=System: User Manager page
|
45 |
|
|
##|*DESCR=Allow access to the 'System: User Manager' page.
|
46 |
|
|
##|*MATCH=system_usermanager.php*
|
47 |
|
|
##|-PRIV
|
48 |
|
|
|
49 |
ead24d63
|
sullrich
|
require("certs.inc");
|
50 |
fab7ff44
|
Bill Marquette
|
require("guiconfig.inc");
|
51 |
|
|
|
52 |
31b53653
|
Scott Ullrich
|
|
53 |
e33be77c
|
Ermal
|
// start admin user code
|
54 |
|
|
$pgtitle = array(gettext("System"),gettext("User Manager"));
|
55 |
fab7ff44
|
Bill Marquette
|
|
56 |
e41ec584
|
Renato Botelho
|
if (is_numericint($_GET['id']))
|
57 |
|
|
$id = $_GET['id'];
|
58 |
|
|
if (isset($_POST['id']) && is_numericint($_POST['id']))
|
59 |
e33be77c
|
Ermal
|
$id = $_POST['id'];
|
60 |
1df17ba9
|
Scott Ullrich
|
|
61 |
3ccb9689
|
Charlie Marshall
|
if (!is_array($config['system']['user']))
|
62 |
e33be77c
|
Ermal
|
$config['system']['user'] = array();
|
63 |
1df17ba9
|
Scott Ullrich
|
|
64 |
e33be77c
|
Ermal
|
$a_user = &$config['system']['user'];
|
65 |
45ee90ed
|
Matthew Grooms
|
|
66 |
adacdf5f
|
jim-p
|
if (isset($id) && $a_user[$id]) {
|
67 |
|
|
$pconfig['usernamefld'] = $a_user[$id]['name'];
|
68 |
|
|
$pconfig['descr'] = $a_user[$id]['descr'];
|
69 |
|
|
$pconfig['expires'] = $a_user[$id]['expires'];
|
70 |
|
|
$pconfig['groups'] = local_user_get_groups($a_user[$id]);
|
71 |
|
|
$pconfig['utype'] = $a_user[$id]['scope'];
|
72 |
|
|
$pconfig['uid'] = $a_user[$id]['uid'];
|
73 |
|
|
$pconfig['authorizedkeys'] = base64_decode($a_user[$id]['authorizedkeys']);
|
74 |
|
|
$pconfig['priv'] = $a_user[$id]['priv'];
|
75 |
|
|
$pconfig['ipsecpsk'] = $a_user[$id]['ipsecpsk'];
|
76 |
|
|
$pconfig['disabled'] = isset($a_user[$id]['disabled']);
|
77 |
|
|
}
|
78 |
|
|
|
79 |
e33be77c
|
Ermal
|
if ($_GET['act'] == "deluser") {
|
80 |
45ee90ed
|
Matthew Grooms
|
|
81 |
e33be77c
|
Ermal
|
if (!$a_user[$id]) {
|
82 |
|
|
pfSenseHeader("system_usermanager.php");
|
83 |
|
|
exit;
|
84 |
6b07c15a
|
Matthew Grooms
|
}
|
85 |
|
|
|
86 |
8a0ae97f
|
Renato Botelho
|
conf_mount_rw();
|
87 |
e33be77c
|
Ermal
|
local_user_del($a_user[$id]);
|
88 |
8a0ae97f
|
Renato Botelho
|
conf_mount_ro();
|
89 |
e33be77c
|
Ermal
|
$userdeleted = $a_user[$id]['name'];
|
90 |
|
|
unset($a_user[$id]);
|
91 |
|
|
write_config();
|
92 |
|
|
$savemsg = gettext("User")." {$userdeleted} ".
|
93 |
8cd558b6
|
ayvis
|
gettext("successfully deleted")."<br />";
|
94 |
e33be77c
|
Ermal
|
}
|
95 |
|
|
else if ($_GET['act'] == "delpriv") {
|
96 |
6b07c15a
|
Matthew Grooms
|
|
97 |
e33be77c
|
Ermal
|
if (!$a_user[$id]) {
|
98 |
|
|
pfSenseHeader("system_usermanager.php");
|
99 |
|
|
exit;
|
100 |
45ee90ed
|
Matthew Grooms
|
}
|
101 |
|
|
|
102 |
e33be77c
|
Ermal
|
$privdeleted = $priv_list[$a_user[$id]['priv'][$_GET['privid']]]['name'];
|
103 |
|
|
unset($a_user[$id]['priv'][$_GET['privid']]);
|
104 |
|
|
local_user_set($a_user[$id]);
|
105 |
|
|
write_config();
|
106 |
|
|
$_GET['act'] = "edit";
|
107 |
|
|
$savemsg = gettext("Privilege")." {$privdeleted} ".
|
108 |
8cd558b6
|
ayvis
|
gettext("successfully deleted")."<br />";
|
109 |
e33be77c
|
Ermal
|
}
|
110 |
|
|
else if ($_GET['act'] == "expcert") {
|
111 |
93823b10
|
Matthew Grooms
|
|
112 |
e33be77c
|
Ermal
|
if (!$a_user[$id]) {
|
113 |
|
|
pfSenseHeader("system_usermanager.php");
|
114 |
93823b10
|
Matthew Grooms
|
exit;
|
115 |
|
|
}
|
116 |
|
|
|
117 |
e33be77c
|
Ermal
|
$cert =& lookup_cert($a_user[$id]['cert'][$_GET['certid']]);
|
118 |
93823b10
|
Matthew Grooms
|
|
119 |
e33be77c
|
Ermal
|
$exp_name = urlencode("{$a_user[$id]['name']}-{$cert['descr']}.crt");
|
120 |
|
|
$exp_data = base64_decode($cert['crt']);
|
121 |
|
|
$exp_size = strlen($exp_data);
|
122 |
93823b10
|
Matthew Grooms
|
|
123 |
e33be77c
|
Ermal
|
header("Content-Type: application/octet-stream");
|
124 |
|
|
header("Content-Disposition: attachment; filename={$exp_name}");
|
125 |
|
|
header("Content-Length: $exp_size");
|
126 |
|
|
echo $exp_data;
|
127 |
|
|
exit;
|
128 |
|
|
}
|
129 |
|
|
else if ($_GET['act'] == "expckey") {
|
130 |
93823b10
|
Matthew Grooms
|
|
131 |
e33be77c
|
Ermal
|
if (!$a_user[$id]) {
|
132 |
|
|
pfSenseHeader("system_usermanager.php");
|
133 |
93823b10
|
Matthew Grooms
|
exit;
|
134 |
|
|
}
|
135 |
|
|
|
136 |
e33be77c
|
Ermal
|
$cert =& lookup_cert($a_user[$id]['cert'][$_GET['certid']]);
|
137 |
58fdb8ad
|
Matthew Grooms
|
|
138 |
e33be77c
|
Ermal
|
$exp_name = urlencode("{$a_user[$id]['name']}-{$cert['descr']}.key");
|
139 |
|
|
$exp_data = base64_decode($cert['prv']);
|
140 |
|
|
$exp_size = strlen($exp_data);
|
141 |
58fdb8ad
|
Matthew Grooms
|
|
142 |
e33be77c
|
Ermal
|
header("Content-Type: application/octet-stream");
|
143 |
|
|
header("Content-Disposition: attachment; filename={$exp_name}");
|
144 |
|
|
header("Content-Length: $exp_size");
|
145 |
|
|
echo $exp_data;
|
146 |
|
|
exit;
|
147 |
|
|
}
|
148 |
|
|
else if ($_GET['act'] == "delcert") {
|
149 |
58fdb8ad
|
Matthew Grooms
|
|
150 |
e33be77c
|
Ermal
|
if (!$a_user[$id]) {
|
151 |
|
|
pfSenseHeader("system_usermanager.php");
|
152 |
|
|
exit;
|
153 |
45ee90ed
|
Matthew Grooms
|
}
|
154 |
|
|
|
155 |
e33be77c
|
Ermal
|
$certdeleted = lookup_cert($a_user[$id]['cert'][$_GET['certid']]);
|
156 |
|
|
$certdeleted = $certdeleted['descr'];
|
157 |
|
|
unset($a_user[$id]['cert'][$_GET['certid']]);
|
158 |
|
|
write_config();
|
159 |
|
|
$_GET['act'] = "edit";
|
160 |
|
|
$savemsg = gettext("Certificate")." {$certdeleted} ".
|
161 |
8cd558b6
|
ayvis
|
gettext("association removed.")."<br />";
|
162 |
e33be77c
|
Ermal
|
}
|
163 |
|
|
else if ($_GET['act'] == "new") {
|
164 |
|
|
/*
|
165 |
|
|
* set this value cause the text field is read only
|
166 |
|
|
* and the user should not be able to mess with this
|
167 |
|
|
* setting.
|
168 |
|
|
*/
|
169 |
|
|
$pconfig['utype'] = "user";
|
170 |
|
|
$pconfig['lifetime'] = 3650;
|
171 |
|
|
}
|
172 |
45ee90ed
|
Matthew Grooms
|
|
173 |
e33be77c
|
Ermal
|
if ($_POST) {
|
174 |
|
|
unset($input_errors);
|
175 |
|
|
$pconfig = $_POST;
|
176 |
45ee90ed
|
Matthew Grooms
|
|
177 |
e33be77c
|
Ermal
|
/* input validation */
|
178 |
|
|
if (isset($id) && ($a_user[$id])) {
|
179 |
|
|
$reqdfields = explode(" ", "usernamefld");
|
180 |
|
|
$reqdfieldsn = array(gettext("Username"));
|
181 |
|
|
} else {
|
182 |
|
|
if (empty($_POST['name'])) {
|
183 |
|
|
$reqdfields = explode(" ", "usernamefld passwordfld1");
|
184 |
|
|
$reqdfieldsn = array(
|
185 |
|
|
gettext("Username"),
|
186 |
|
|
gettext("Password"));
|
187 |
45ee90ed
|
Matthew Grooms
|
} else {
|
188 |
e33be77c
|
Ermal
|
$reqdfields = explode(" ", "usernamefld passwordfld1 name caref keylen lifetime");
|
189 |
|
|
$reqdfieldsn = array(
|
190 |
|
|
gettext("Username"),
|
191 |
|
|
gettext("Password"),
|
192 |
|
|
gettext("Descriptive name"),
|
193 |
|
|
gettext("Certificate authority"),
|
194 |
|
|
gettext("Key length"),
|
195 |
|
|
gettext("Lifetime"));
|
196 |
45ee90ed
|
Matthew Grooms
|
}
|
197 |
e33be77c
|
Ermal
|
}
|
198 |
45ee90ed
|
Matthew Grooms
|
|
199 |
1e9b4611
|
Renato Botelho
|
do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
|
200 |
45ee90ed
|
Matthew Grooms
|
|
201 |
e33be77c
|
Ermal
|
if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['usernamefld']))
|
202 |
|
|
$input_errors[] = gettext("The username contains invalid characters.");
|
203 |
45ee90ed
|
Matthew Grooms
|
|
204 |
e33be77c
|
Ermal
|
if (strlen($_POST['usernamefld']) > 16)
|
205 |
|
|
$input_errors[] = gettext("The username is longer than 16 characters.");
|
206 |
94d455da
|
jim-p
|
|
207 |
e33be77c
|
Ermal
|
if (($_POST['passwordfld1']) && ($_POST['passwordfld1'] != $_POST['passwordfld2']))
|
208 |
|
|
$input_errors[] = gettext("The passwords do not match.");
|
209 |
45ee90ed
|
Matthew Grooms
|
|
210 |
e33be77c
|
Ermal
|
if (isset($id) && $a_user[$id])
|
211 |
|
|
$oldusername = $a_user[$id]['name'];
|
212 |
|
|
else
|
213 |
|
|
$oldusername = "";
|
214 |
|
|
/* make sure this user name is unique */
|
215 |
|
|
if (!$input_errors) {
|
216 |
|
|
foreach ($a_user as $userent) {
|
217 |
|
|
if ($userent['name'] == $_POST['usernamefld'] && $oldusername != $_POST['usernamefld']) {
|
218 |
|
|
$input_errors[] = gettext("Another entry with the same username already exists.");
|
219 |
|
|
break;
|
220 |
58664cc9
|
Scott Ullrich
|
}
|
221 |
3dec33d4
|
Erik Fonnesbeck
|
}
|
222 |
e33be77c
|
Ermal
|
}
|
223 |
|
|
/* also make sure it is not reserved */
|
224 |
|
|
if (!$input_errors) {
|
225 |
|
|
$system_users = explode("\n", file_get_contents("/etc/passwd"));
|
226 |
|
|
foreach ($system_users as $s_user) {
|
227 |
|
|
$ent = explode(":", $s_user);
|
228 |
|
|
if ($ent[0] == $_POST['usernamefld'] && $oldusername != $_POST['usernamefld']) {
|
229 |
|
|
$input_errors[] = gettext("That username is reserved by the system.");
|
230 |
|
|
break;
|
231 |
8339ab6d
|
jim-p
|
}
|
232 |
7e4a4513
|
Scott Ullrich
|
}
|
233 |
e33be77c
|
Ermal
|
}
|
234 |
1df17ba9
|
Scott Ullrich
|
|
235 |
e33be77c
|
Ermal
|
/*
|
236 |
|
|
* Check for a valid expirationdate if one is set at all (valid means,
|
237 |
4d148b59
|
Yehuda Katz
|
* DateTime puts out a time stamp so any DateTime compatible time
|
238 |
e33be77c
|
Ermal
|
* format may be used. to keep it simple for the enduser, we only
|
239 |
|
|
* claim to accept MM/DD/YYYY as inputs. Advanced users may use inputs
|
240 |
|
|
* like "+1 day", which will be converted to MM/DD/YYYY based on "now".
|
241 |
|
|
* Otherwhise such an entry would lead to an invalid expiration data.
|
242 |
|
|
*/
|
243 |
|
|
if ($_POST['expires']){
|
244 |
4d148b59
|
Yehuda Katz
|
try {
|
245 |
|
|
$expdate = new DateTime($_POST['expires']);
|
246 |
|
|
//convert from any DateTime compatible date to MM/DD/YYYY
|
247 |
|
|
$_POST['expires'] = $expdate->format("m/d/Y");
|
248 |
|
|
} catch ( Exception $ex ) {
|
249 |
e33be77c
|
Ermal
|
$input_errors[] = gettext("Invalid expiration date format; use MM/DD/YYYY instead.");
|
250 |
0092b3bd
|
mgrooms
|
}
|
251 |
e33be77c
|
Ermal
|
}
|
252 |
0092b3bd
|
mgrooms
|
|
253 |
e33be77c
|
Ermal
|
if (!empty($_POST['name'])) {
|
254 |
|
|
$ca = lookup_ca($_POST['caref']);
|
255 |
|
|
if (!$ca)
|
256 |
|
|
$input_errors[] = gettext("Invalid internal Certificate Authority") . "\n";
|
257 |
|
|
}
|
258 |
c9794c06
|
Ermal
|
|
259 |
e33be77c
|
Ermal
|
/* if this is an AJAX caller then handle via JSON */
|
260 |
|
|
if (isAjax() && is_array($input_errors)) {
|
261 |
|
|
input_errors2Ajax($input_errors);
|
262 |
|
|
exit;
|
263 |
|
|
}
|
264 |
1df17ba9
|
Scott Ullrich
|
|
265 |
e33be77c
|
Ermal
|
if (!$input_errors) {
|
266 |
|
|
conf_mount_rw();
|
267 |
|
|
$userent = array();
|
268 |
|
|
if (isset($id) && $a_user[$id])
|
269 |
|
|
$userent = $a_user[$id];
|
270 |
e879fc81
|
Ermal
|
|
271 |
e33be77c
|
Ermal
|
isset($_POST['utype']) ? $userent['scope'] = $_POST['utype'] : $userent['scope'] = "system";
|
272 |
|
|
|
273 |
|
|
/* the user name was modified */
|
274 |
fdcf104c
|
jim-p
|
if ($_POST['usernamefld'] <> $_POST['oldusername']) {
|
275 |
e33be77c
|
Ermal
|
$_SERVER['REMOTE_USER'] = $_POST['usernamefld'];
|
276 |
fdcf104c
|
jim-p
|
local_user_del($userent);
|
277 |
|
|
}
|
278 |
1df17ba9
|
Scott Ullrich
|
|
279 |
e33be77c
|
Ermal
|
/* the user password was mofified */
|
280 |
|
|
if ($_POST['passwordfld1'])
|
281 |
|
|
local_user_set_password($userent, $_POST['passwordfld1']);
|
282 |
1df17ba9
|
Scott Ullrich
|
|
283 |
e33be77c
|
Ermal
|
$userent['name'] = $_POST['usernamefld'];
|
284 |
|
|
$userent['descr'] = $_POST['descr'];
|
285 |
|
|
$userent['expires'] = $_POST['expires'];
|
286 |
|
|
$userent['authorizedkeys'] = base64_encode($_POST['authorizedkeys']);
|
287 |
|
|
$userent['ipsecpsk'] = $_POST['ipsecpsk'];
|
288 |
3ccb9689
|
Charlie Marshall
|
|
289 |
e33be77c
|
Ermal
|
if($_POST['disabled'])
|
290 |
|
|
$userent['disabled'] = true;
|
291 |
3ccb9689
|
Charlie Marshall
|
else
|
292 |
e33be77c
|
Ermal
|
unset($userent['disabled']);
|
293 |
|
|
|
294 |
|
|
if (isset($id) && $a_user[$id])
|
295 |
|
|
$a_user[$id] = $userent;
|
296 |
|
|
else {
|
297 |
|
|
if (!empty($_POST['name'])) {
|
298 |
|
|
$cert = array();
|
299 |
|
|
$cert['refid'] = uniqid();
|
300 |
|
|
$userent['cert'] = array();
|
301 |
|
|
|
302 |
|
|
$cert['descr'] = $_POST['name'];
|
303 |
|
|
|
304 |
|
|
$subject = cert_get_subject_array($ca['crt']);
|
305 |
|
|
|
306 |
|
|
$dn = array(
|
307 |
|
|
'countryName' => $subject[0]['v'],
|
308 |
|
|
'stateOrProvinceName' => $subject[1]['v'],
|
309 |
|
|
'localityName' => $subject[2]['v'],
|
310 |
|
|
'organizationName' => $subject[3]['v'],
|
311 |
|
|
'emailAddress' => $subject[4]['v'],
|
312 |
|
|
'commonName' => $userent['name']);
|
313 |
|
|
|
314 |
|
|
cert_create($cert, $_POST['caref'], $_POST['keylen'],
|
315 |
|
|
(int)$_POST['lifetime'], $dn);
|
316 |
|
|
|
317 |
|
|
if (!is_array($config['cert']))
|
318 |
|
|
$config['cert'] = array();
|
319 |
|
|
$config['cert'][] = $cert;
|
320 |
|
|
$userent['cert'][] = $cert['refid'];
|
321 |
|
|
}
|
322 |
|
|
$userent['uid'] = $config['system']['nextuid']++;
|
323 |
|
|
/* Add the user to All Users group. */
|
324 |
|
|
foreach ($config['system']['group'] as $gidx => $group) {
|
325 |
|
|
if ($group['name'] == "all") {
|
326 |
|
|
if (!is_array($config['system']['group'][$gidx]['member']))
|
327 |
|
|
$config['system']['group'][$gidx]['member'] = array();
|
328 |
|
|
$config['system']['group'][$gidx]['member'][] = $userent['uid'];
|
329 |
|
|
break;
|
330 |
|
|
}
|
331 |
|
|
}
|
332 |
970db70b
|
Scott Ullrich
|
|
333 |
e33be77c
|
Ermal
|
$a_user[] = $userent;
|
334 |
45ee90ed
|
Matthew Grooms
|
}
|
335 |
e33be77c
|
Ermal
|
|
336 |
|
|
local_user_set_groups($userent,$_POST['groups']);
|
337 |
|
|
local_user_set($userent);
|
338 |
|
|
write_config();
|
339 |
|
|
|
340 |
|
|
if(is_dir("/etc/inc/privhooks"))
|
341 |
|
|
run_plugins("/etc/inc/privhooks");
|
342 |
|
|
|
343 |
|
|
conf_mount_ro();
|
344 |
3ccb9689
|
Charlie Marshall
|
|
345 |
e33be77c
|
Ermal
|
pfSenseHeader("system_usermanager.php");
|
346 |
45ee90ed
|
Matthew Grooms
|
}
|
347 |
e33be77c
|
Ermal
|
}
|
348 |
fab7ff44
|
Bill Marquette
|
|
349 |
9ef4289c
|
Colin Fleming
|
$closehead = false;
|
350 |
e33be77c
|
Ermal
|
include("head.inc");
|
351 |
1df17ba9
|
Scott Ullrich
|
?>
|
352 |
fab7ff44
|
Bill Marquette
|
|
353 |
12c2ec2e
|
Charlie Marshall
|
<link rel="stylesheet" type="text/css" href="/javascript/jquery-ui-timepicker-addon/css/jquery-ui-timepicker-addon.css" />
|
354 |
|
|
<link rel="stylesheet" type="text/css" href="/javascript/jquery/jquery-ui.custom.css" />
|
355 |
|
|
|
356 |
07130afe
|
ayvis
|
<script type="text/javascript">
|
357 |
9ef4289c
|
Colin Fleming
|
//<![CDATA[
|
358 |
12c2ec2e
|
Charlie Marshall
|
jQuery(function() {
|
359 |
23991e58
|
Charlie Marshall
|
jQuery( "#expires" ).datepicker( { dateFormat: 'mm/dd/yy', changeYear: true, yearRange: "+0:+100" } );
|
360 |
12c2ec2e
|
Charlie Marshall
|
});
|
361 |
9ef4289c
|
Colin Fleming
|
//]]>
|
362 |
12c2ec2e
|
Charlie Marshall
|
</script>
|
363 |
9ef4289c
|
Colin Fleming
|
</head>
|
364 |
12c2ec2e
|
Charlie Marshall
|
|
365 |
1df17ba9
|
Scott Ullrich
|
<body link="#000000" vlink="#000000" alink="#000000" onload="<?= $jsevents["body"]["onload"] ?>">
|
366 |
6b07c15a
|
Matthew Grooms
|
<?php include("fbegin.inc"); ?>
|
367 |
12c2ec2e
|
Charlie Marshall
|
|
368 |
6b8588c6
|
Colin Fleming
|
<script type="text/javascript">
|
369 |
|
|
//<![CDATA[
|
370 |
6b07c15a
|
Matthew Grooms
|
|
371 |
|
|
function setall_selected(id) {
|
372 |
|
|
selbox = document.getElementById(id);
|
373 |
|
|
count = selbox.options.length;
|
374 |
|
|
for (index = 0; index<count; index++)
|
375 |
|
|
selbox.options[index].selected = true;
|
376 |
|
|
}
|
377 |
|
|
|
378 |
|
|
function clear_selected(id) {
|
379 |
|
|
selbox = document.getElementById(id);
|
380 |
|
|
count = selbox.options.length;
|
381 |
|
|
for (index = 0; index<count; index++)
|
382 |
|
|
selbox.options[index].selected = false;
|
383 |
|
|
}
|
384 |
|
|
|
385 |
|
|
function remove_selected(id) {
|
386 |
|
|
selbox = document.getElementById(id);
|
387 |
|
|
index = selbox.options.length - 1;
|
388 |
|
|
for (; index >= 0; index--)
|
389 |
|
|
if (selbox.options[index].selected)
|
390 |
|
|
selbox.remove(index);
|
391 |
|
|
}
|
392 |
|
|
|
393 |
|
|
function copy_selected(srcid, dstid) {
|
394 |
|
|
src_selbox = document.getElementById(srcid);
|
395 |
|
|
dst_selbox = document.getElementById(dstid);
|
396 |
|
|
count = src_selbox.options.length;
|
397 |
|
|
for (index = 0; index < count; index++) {
|
398 |
|
|
if (src_selbox.options[index].selected) {
|
399 |
|
|
option = document.createElement('option');
|
400 |
|
|
option.text = src_selbox.options[index].text;
|
401 |
|
|
option.value = src_selbox.options[index].value;
|
402 |
|
|
dst_selbox.add(option, null);
|
403 |
|
|
}
|
404 |
|
|
}
|
405 |
|
|
}
|
406 |
|
|
|
407 |
|
|
function move_selected(srcid, dstid) {
|
408 |
|
|
copy_selected(srcid, dstid);
|
409 |
|
|
remove_selected(srcid);
|
410 |
|
|
}
|
411 |
|
|
|
412 |
|
|
function presubmit() {
|
413 |
|
|
clear_selected('notgroups');
|
414 |
|
|
setall_selected('groups');
|
415 |
|
|
}
|
416 |
|
|
|
417 |
c9794c06
|
Ermal
|
function usercertClicked(obj) {
|
418 |
|
|
if (obj.checked) {
|
419 |
|
|
document.getElementById("usercertchck").style.display="none";
|
420 |
|
|
document.getElementById("usercert").style.display="";
|
421 |
|
|
} else {
|
422 |
|
|
document.getElementById("usercert").style.display="none";
|
423 |
|
|
document.getElementById("usercertchck").style.display="";
|
424 |
|
|
}
|
425 |
|
|
}
|
426 |
|
|
|
427 |
|
|
function sshkeyClicked(obj) {
|
428 |
|
|
if (obj.checked) {
|
429 |
|
|
document.getElementById("sshkeychck").style.display="none";
|
430 |
|
|
document.getElementById("sshkey").style.display="";
|
431 |
|
|
} else {
|
432 |
|
|
document.getElementById("sshkey").style.display="none";
|
433 |
|
|
document.getElementById("sshkeychck").style.display="";
|
434 |
|
|
}
|
435 |
|
|
}
|
436 |
6b8588c6
|
Colin Fleming
|
//]]>
|
437 |
6b07c15a
|
Matthew Grooms
|
</script>
|
438 |
1df17ba9
|
Scott Ullrich
|
<?php
|
439 |
45ee90ed
|
Matthew Grooms
|
if ($input_errors)
|
440 |
|
|
print_input_errors($input_errors);
|
441 |
|
|
if ($savemsg)
|
442 |
|
|
print_info_box($savemsg);
|
443 |
1df17ba9
|
Scott Ullrich
|
?>
|
444 |
6b8588c6
|
Colin Fleming
|
<table width="100%" border="0" cellpadding="0" cellspacing="0" summary="user manager">
|
445 |
45ee90ed
|
Matthew Grooms
|
<tr>
|
446 |
e30001cf
|
Matthew Grooms
|
<td>
|
447 |
45ee90ed
|
Matthew Grooms
|
<?php
|
448 |
|
|
$tab_array = array();
|
449 |
|
|
$tab_array[] = array(gettext("Users"), true, "system_usermanager.php");
|
450 |
6b07c15a
|
Matthew Grooms
|
$tab_array[] = array(gettext("Groups"), false, "system_groupmanager.php");
|
451 |
45ee90ed
|
Matthew Grooms
|
$tab_array[] = array(gettext("Settings"), false, "system_usermanager_settings.php");
|
452 |
d799787e
|
Matthew Grooms
|
$tab_array[] = array(gettext("Servers"), false, "system_authservers.php");
|
453 |
45ee90ed
|
Matthew Grooms
|
display_top_tabs($tab_array);
|
454 |
|
|
?>
|
455 |
|
|
</td>
|
456 |
|
|
</tr>
|
457 |
|
|
<tr>
|
458 |
e30001cf
|
Matthew Grooms
|
<td id="mainarea">
|
459 |
|
|
<div class="tabcont">
|
460 |
|
|
|
461 |
|
|
<?php if ($_GET['act'] == "new" || $_GET['act'] == "edit" || $input_errors): ?>
|
462 |
|
|
|
463 |
|
|
<form action="system_usermanager.php" method="post" name="iform" id="iform" onsubmit="presubmit()">
|
464 |
6b8588c6
|
Colin Fleming
|
<table width="100%" border="0" cellpadding="6" cellspacing="0" summary="main area">
|
465 |
e30001cf
|
Matthew Grooms
|
<?php
|
466 |
|
|
$ro = "";
|
467 |
|
|
if ($pconfig['utype'] == "system")
|
468 |
6b8588c6
|
Colin Fleming
|
$ro = "readonly=\"readonly\"";
|
469 |
e30001cf
|
Matthew Grooms
|
?>
|
470 |
|
|
<tr>
|
471 |
|
|
<td width="22%" valign="top" class="vncell"><?=gettext("Defined by");?></td>
|
472 |
|
|
<td width="78%" class="vtable">
|
473 |
8db87547
|
jim-p
|
<strong><?=strtoupper(htmlspecialchars($pconfig['utype']));?></strong>
|
474 |
6b8588c6
|
Colin Fleming
|
<input name="utype" type="hidden" value="<?=htmlspecialchars($pconfig['utype'])?>" />
|
475 |
e30001cf
|
Matthew Grooms
|
</td>
|
476 |
|
|
</tr>
|
477 |
b4bfd25d
|
sullrich
|
<tr>
|
478 |
2afddcb1
|
sullrich
|
<td width="22%" valign="top" class="vncell"><?=gettext("Disabled");?></td>
|
479 |
b4bfd25d
|
sullrich
|
<td width="78%" class="vtable">
|
480 |
6b8588c6
|
Colin Fleming
|
<input name="disabled" type="checkbox" id="disabled" <?php if($pconfig['disabled']) echo "checked=\"checked\""; ?> />
|
481 |
b4bfd25d
|
sullrich
|
</td>
|
482 |
|
|
</tr>
|
483 |
e30001cf
|
Matthew Grooms
|
<tr>
|
484 |
|
|
<td width="22%" valign="top" class="vncellreq"><?=gettext("Username");?></td>
|
485 |
|
|
<td width="78%" class="vtable">
|
486 |
6b8588c6
|
Colin Fleming
|
<input name="usernamefld" type="text" class="formfld user" id="usernamefld" size="20" maxlength="16" value="<?=htmlspecialchars($pconfig['usernamefld']);?>" <?=$ro;?> />
|
487 |
e30001cf
|
Matthew Grooms
|
<input name="oldusername" type="hidden" id="oldusername" value="<?=htmlspecialchars($pconfig['usernamefld']);?>" />
|
488 |
|
|
</td>
|
489 |
|
|
</tr>
|
490 |
|
|
<tr>
|
491 |
|
|
<td width="22%" valign="top" class="vncellreq" rowspan="2"><?=gettext("Password");?></td>
|
492 |
|
|
<td width="78%" class="vtable">
|
493 |
|
|
<input name="passwordfld1" type="password" class="formfld pwd" id="passwordfld1" size="20" value="" />
|
494 |
|
|
</td>
|
495 |
|
|
</tr>
|
496 |
|
|
<tr>
|
497 |
|
|
<td width="78%" class="vtable">
|
498 |
|
|
<input name="passwordfld2" type="password" class="formfld pwd" id="passwordfld2" size="20" value="" /> <?= gettext("(confirmation)"); ?>
|
499 |
|
|
</td>
|
500 |
|
|
</tr>
|
501 |
|
|
<tr>
|
502 |
|
|
<td width="22%" valign="top" class="vncell"><?=gettext("Full name");?></td>
|
503 |
|
|
<td width="78%" class="vtable">
|
504 |
6b8588c6
|
Colin Fleming
|
<input name="descr" type="text" class="formfld unknown" id="descr" size="20" value="<?=htmlspecialchars($pconfig['descr']);?>" <?=$ro;?> />
|
505 |
8cd558b6
|
ayvis
|
<br />
|
506 |
e30001cf
|
Matthew Grooms
|
<?=gettext("User's full name, for your own information only");?>
|
507 |
|
|
</td>
|
508 |
|
|
</tr>
|
509 |
0092b3bd
|
mgrooms
|
<tr>
|
510 |
b79454a7
|
Carlos Eduardo Ramos
|
<td width="22%" valign="top" class="vncell"><?=gettext("Expiration date"); ?></td>
|
511 |
0092b3bd
|
mgrooms
|
<td width="78%" class="vtable">
|
512 |
6b8588c6
|
Colin Fleming
|
<input name="expires" type="text" class="formfld unknown" id="expires" size="10" value="<?=htmlspecialchars($pconfig['expires']);?>" />
|
513 |
8cd558b6
|
ayvis
|
<br />
|
514 |
b79454a7
|
Carlos Eduardo Ramos
|
<span class="vexpl"><?=gettext("Leave blank if the account shouldn't expire, otherwise enter the expiration date in the following format: mm/dd/yyyy"); ?></span></td>
|
515 |
0092b3bd
|
mgrooms
|
</tr>
|
516 |
e30001cf
|
Matthew Grooms
|
<tr>
|
517 |
|
|
<td width="22%" valign="top" class="vncell"><?=gettext("Group Memberships");?></td>
|
518 |
|
|
<td width="78%" class="vtable" align="center">
|
519 |
6b8588c6
|
Colin Fleming
|
<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0" summary="group membership">
|
520 |
e30001cf
|
Matthew Grooms
|
<tr>
|
521 |
|
|
<td align="center" width="50%">
|
522 |
8cd558b6
|
ayvis
|
<strong><?=gettext("Not Member Of"); ?></strong><br />
|
523 |
|
|
<br />
|
524 |
6b8588c6
|
Colin Fleming
|
<select size="10" style="width: 75%" name="notgroups[]" class="formselect" id="notgroups" onchange="clear_selected('groups')" multiple="multiple">
|
525 |
e30001cf
|
Matthew Grooms
|
<?php
|
526 |
b4e9a4da
|
N0YB
|
$rowIndex = 0;
|
527 |
e30001cf
|
Matthew Grooms
|
foreach ($config['system']['group'] as $group):
|
528 |
|
|
if ($group['gid'] == 1998) /* all users group */
|
529 |
|
|
continue;
|
530 |
08724afa
|
jim-p
|
if (is_array($pconfig['groups']) && in_array($group['name'],$pconfig['groups']))
|
531 |
e30001cf
|
Matthew Grooms
|
continue;
|
532 |
b4e9a4da
|
N0YB
|
$rowIndex++;
|
533 |
e30001cf
|
Matthew Grooms
|
?>
|
534 |
|
|
<option value="<?=$group['name'];?>" <?=$selected;?>>
|
535 |
|
|
<?=htmlspecialchars($group['name']);?>
|
536 |
|
|
</option>
|
537 |
b4e9a4da
|
N0YB
|
<?php endforeach;
|
538 |
|
|
if ($rowIndex == 0)
|
539 |
|
|
echo "<option></option>";
|
540 |
|
|
?>
|
541 |
e30001cf
|
Matthew Grooms
|
</select>
|
542 |
8cd558b6
|
ayvis
|
<br />
|
543 |
e30001cf
|
Matthew Grooms
|
</td>
|
544 |
|
|
<td>
|
545 |
8cd558b6
|
ayvis
|
<br />
|
546 |
e30001cf
|
Matthew Grooms
|
<a href="javascript:move_selected('notgroups','groups')">
|
547 |
b79454a7
|
Carlos Eduardo Ramos
|
<img src="/themes/<?= $g['theme'];?>/images/icons/icon_right.gif" title="<?=gettext("Add Groups"); ?>" alt="<?=gettext("Add Groups"); ?>" width="17" height="17" border="0" />
|
548 |
e30001cf
|
Matthew Grooms
|
</a>
|
549 |
8cd558b6
|
ayvis
|
<br /><br />
|
550 |
e30001cf
|
Matthew Grooms
|
<a href="javascript:move_selected('groups','notgroups')">
|
551 |
b79454a7
|
Carlos Eduardo Ramos
|
<img src="/themes/<?= $g['theme'];?>/images/icons/icon_left.gif" title="<?=gettext("Remove Groups"); ?>" alt="<?=gettext("Remove Groups"); ?>" width="17" height="17" border="0" />
|
552 |
e30001cf
|
Matthew Grooms
|
</a>
|
553 |
|
|
</td>
|
554 |
|
|
<td align="center" width="50%">
|
555 |
8cd558b6
|
ayvis
|
<strong><?=gettext("Member Of"); ?></strong><br />
|
556 |
|
|
<br />
|
557 |
46f6eb78
|
Renato Botelho
|
<select size="10" style="width: 75%" name="groups[]" class="formselect" id="groups" onchange="clear_selected('notgroups')" multiple="multiple">
|
558 |
e30001cf
|
Matthew Grooms
|
<?php
|
559 |
b4e9a4da
|
N0YB
|
$rowIndex = 0;
|
560 |
08724afa
|
jim-p
|
if (is_array($pconfig['groups'])) {
|
561 |
e30001cf
|
Matthew Grooms
|
foreach ($config['system']['group'] as $group):
|
562 |
|
|
if ($group['gid'] == 1998) /* all users group */
|
563 |
|
|
continue;
|
564 |
|
|
if (!in_array($group['name'],$pconfig['groups']))
|
565 |
|
|
continue;
|
566 |
b4e9a4da
|
N0YB
|
$rowIndex++;
|
567 |
e30001cf
|
Matthew Grooms
|
?>
|
568 |
|
|
<option value="<?=$group['name'];?>">
|
569 |
|
|
<?=htmlspecialchars($group['name']);?>
|
570 |
|
|
</option>
|
571 |
08724afa
|
jim-p
|
<?php endforeach;
|
572 |
b4e9a4da
|
N0YB
|
}
|
573 |
|
|
if ($rowIndex == 0)
|
574 |
|
|
echo "<option></option>";
|
575 |
|
|
?>
|
576 |
e30001cf
|
Matthew Grooms
|
</select>
|
577 |
8cd558b6
|
ayvis
|
<br />
|
578 |
e30001cf
|
Matthew Grooms
|
</td>
|
579 |
|
|
</tr>
|
580 |
|
|
</table>
|
581 |
|
|
<?=gettext("Hold down CTRL (pc)/COMMAND (mac) key to select multiple items");?>
|
582 |
|
|
</td>
|
583 |
|
|
</tr>
|
584 |
|
|
|
585 |
ff9eda9d
|
jim-p
|
<?php if (isset($pconfig['uid'])): ?>
|
586 |
e30001cf
|
Matthew Grooms
|
|
587 |
|
|
<tr>
|
588 |
|
|
<td width="22%" valign="top" class="vncell"><?=gettext("Effective Privileges");?></td>
|
589 |
|
|
<td width="78%" class="vtable">
|
590 |
6b8588c6
|
Colin Fleming
|
<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0" summary="privileges">
|
591 |
e30001cf
|
Matthew Grooms
|
<tr>
|
592 |
|
|
<td width="20%" class="listhdrr"><?=gettext("Inherited From");?></td>
|
593 |
|
|
<td width="30%" class="listhdrr"><?=gettext("Name");?></td>
|
594 |
|
|
<td width="40%" class="listhdrr"><?=gettext("Description");?></td>
|
595 |
|
|
<td class="list"></td>
|
596 |
|
|
</tr>
|
597 |
|
|
<?php
|
598 |
3ccb9689
|
Charlie Marshall
|
|
599 |
e30001cf
|
Matthew Grooms
|
$privdesc = get_user_privdesc($a_user[$id]);
|
600 |
|
|
if(is_array($privdesc)):
|
601 |
|
|
$i = 0;
|
602 |
|
|
foreach ($privdesc as $priv):
|
603 |
|
|
$group = false;
|
604 |
|
|
if ($priv['group'])
|
605 |
|
|
$group = $priv['group'];
|
606 |
|
|
?>
|
607 |
|
|
<tr>
|
608 |
|
|
<td class="listlr"><?=$group;?></td>
|
609 |
|
|
<td class="listr">
|
610 |
|
|
<?=htmlspecialchars($priv['name']);?>
|
611 |
|
|
</td>
|
612 |
|
|
<td class="listbg">
|
613 |
|
|
<?=htmlspecialchars($priv['descr']);?>
|
614 |
|
|
</td>
|
615 |
6b8588c6
|
Colin Fleming
|
<td valign="middle" class="list nowrap">
|
616 |
e30001cf
|
Matthew Grooms
|
<?php if (!$group): ?>
|
617 |
9ef4289c
|
Colin Fleming
|
<a href="system_usermanager.php?act=delpriv&id=<?=$id?>&privid=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this privilege?");?>')">
|
618 |
6b8588c6
|
Colin Fleming
|
<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" alt="delete" />
|
619 |
e30001cf
|
Matthew Grooms
|
</a>
|
620 |
|
|
<?php endif; ?>
|
621 |
|
|
</td>
|
622 |
|
|
</tr>
|
623 |
|
|
<?php
|
624 |
|
|
/* can only delete user priv indexes */
|
625 |
|
|
if (!$group)
|
626 |
|
|
$i++;
|
627 |
|
|
endforeach;
|
628 |
|
|
endif;
|
629 |
|
|
?>
|
630 |
|
|
<tr>
|
631 |
|
|
<td class="list" colspan="3"></td>
|
632 |
|
|
<td class="list">
|
633 |
|
|
<a href="system_usermanager_addprivs.php?userid=<?=$id?>">
|
634 |
6b8588c6
|
Colin Fleming
|
<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" alt="add" />
|
635 |
e30001cf
|
Matthew Grooms
|
</a>
|
636 |
|
|
</td>
|
637 |
|
|
</tr>
|
638 |
|
|
</table>
|
639 |
|
|
</td>
|
640 |
|
|
</tr>
|
641 |
|
|
<tr>
|
642 |
|
|
<td width="22%" valign="top" class="vncell"><?=gettext("User Certificates");?></td>
|
643 |
|
|
<td width="78%" class="vtable">
|
644 |
6b8588c6
|
Colin Fleming
|
<table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0" summary="certificates">
|
645 |
e30001cf
|
Matthew Grooms
|
<tr>
|
646 |
|
|
<td width="45%" class="listhdrr"><?=gettext("Name");?></td>
|
647 |
|
|
<td width="45%" class="listhdrr"><?=gettext("CA");?></td>
|
648 |
|
|
<td class="list"></td>
|
649 |
|
|
</tr>
|
650 |
|
|
<?php
|
651 |
3ccb9689
|
Charlie Marshall
|
|
652 |
e30001cf
|
Matthew Grooms
|
$a_cert = $a_user[$id]['cert'];
|
653 |
|
|
if(is_array($a_cert)):
|
654 |
|
|
$i = 0;
|
655 |
c25f73ae
|
jim-p
|
foreach ($a_cert as $certref):
|
656 |
|
|
$cert = lookup_cert($certref);
|
657 |
|
|
$ca = lookup_ca($cert['caref']);
|
658 |
e30001cf
|
Matthew Grooms
|
?>
|
659 |
|
|
<tr>
|
660 |
|
|
<td class="listlr">
|
661 |
f2a86ca9
|
jim-p
|
<?=htmlspecialchars($cert['descr']);?>
|
662 |
150bbe09
|
jim-p
|
<?php if (is_cert_revoked($cert)): ?>
|
663 |
|
|
(<b>Revoked</b>)
|
664 |
|
|
<?php endif; ?>
|
665 |
e30001cf
|
Matthew Grooms
|
</td>
|
666 |
|
|
<td class="listr">
|
667 |
f2a86ca9
|
jim-p
|
<?=htmlspecialchars($ca['descr']);?>
|
668 |
e30001cf
|
Matthew Grooms
|
</td>
|
669 |
6b8588c6
|
Colin Fleming
|
<td valign="middle" class="list nowrap">
|
670 |
9ef4289c
|
Colin Fleming
|
<a href="system_usermanager.php?act=expckey&id=<?=$id;?>&certid=<?=$i;?>">
|
671 |
b79454a7
|
Carlos Eduardo Ramos
|
<img src="/themes/<?= $g['theme'];?>/images/icons/icon_down.gif" title="<?=gettext("export private key"); ?>" alt="<?=gettext("export private key"); ?>" width="17" height="17" border="0" />
|
672 |
e30001cf
|
Matthew Grooms
|
</a>
|
673 |
9ef4289c
|
Colin Fleming
|
<a href="system_usermanager.php?act=expcert&id=<?=$id;?>&certid=<?=$i;?>">
|
674 |
b79454a7
|
Carlos Eduardo Ramos
|
<img src="/themes/<?= $g['theme'];?>/images/icons/icon_down.gif" title="<?=gettext("export cert"); ?>" alt="<?=gettext("export cert"); ?>" width="17" height="17" border="0" />
|
675 |
e30001cf
|
Matthew Grooms
|
</a>
|
676 |
9ef4289c
|
Colin Fleming
|
<a href="system_usermanager.php?act=delcert&id=<?=$id?>&certid=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to remove this certificate association?") .'\n'. gettext("(Certificate will not be deleted)");?>')">
|
677 |
2b33f342
|
Renato Botelho
|
<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" alt="<?=gettext("delete cert");?>" />
|
678 |
e30001cf
|
Matthew Grooms
|
</a>
|
679 |
|
|
</td>
|
680 |
|
|
</tr>
|
681 |
|
|
<?php
|
682 |
|
|
$i++;
|
683 |
|
|
endforeach;
|
684 |
|
|
endif;
|
685 |
|
|
?>
|
686 |
|
|
<tr>
|
687 |
|
|
<td class="list" colspan="2"></td>
|
688 |
|
|
<td class="list">
|
689 |
6b8588c6
|
Colin Fleming
|
<a href="system_certmanager.php?act=new&userid=<?=$id?>">
|
690 |
|
|
<img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" alt="add" />
|
691 |
e30001cf
|
Matthew Grooms
|
</a>
|
692 |
|
|
</td>
|
693 |
|
|
</tr>
|
694 |
|
|
</table>
|
695 |
|
|
</td>
|
696 |
|
|
</tr>
|
697 |
45ee90ed
|
Matthew Grooms
|
|
698 |
c9794c06
|
Ermal
|
<?php else : ?>
|
699 |
b4e6524c
|
jim-p
|
<?php if (is_array($config['ca']) && count($config['ca']) > 0): ?>
|
700 |
|
|
<?php $i = 0; foreach( $config['ca'] as $ca) {
|
701 |
c9794c06
|
Ermal
|
if (!$ca['prv'])
|
702 |
|
|
continue;
|
703 |
|
|
$i++;
|
704 |
|
|
}
|
705 |
|
|
?>
|
706 |
|
|
|
707 |
6b8588c6
|
Colin Fleming
|
<tr id="usercertchck">
|
708 |
c9794c06
|
Ermal
|
<td width="22%" valign="top" class="vncell"><?=gettext("Certificate");?></td>
|
709 |
|
|
<td width="78%" class="vtable">
|
710 |
6b8588c6
|
Colin Fleming
|
<input type="checkbox" onclick="javascript:usercertClicked(this)" /> <?=gettext("Click to create a user certificate."); ?>
|
711 |
c9794c06
|
Ermal
|
</td>
|
712 |
|
|
</tr>
|
713 |
|
|
|
714 |
|
|
<?php if ($i > 0): ?>
|
715 |
|
|
|
716 |
9ef4289c
|
Colin Fleming
|
<tr id="usercert" style="display:none">
|
717 |
c9794c06
|
Ermal
|
<td width="22%" valign="top" class="vncell"><?=gettext("Certificate");?></td>
|
718 |
|
|
<td width="78%" class="vtable">
|
719 |
6b8588c6
|
Colin Fleming
|
<table width="100%" border="0" cellpadding="6" cellspacing="0" summary="certificate">
|
720 |
c9794c06
|
Ermal
|
<tr>
|
721 |
|
|
<td width="22%" valign="top" class="vncellreq"><?=gettext("Descriptive name");?></td>
|
722 |
|
|
<td width="78%" class="vtable">
|
723 |
6b8588c6
|
Colin Fleming
|
<input name="name" type="text" class="formfld unknown" id="name" size="20" value="<?=htmlspecialchars($pconfig['name']);?>" />
|
724 |
c9794c06
|
Ermal
|
</td>
|
725 |
|
|
</tr>
|
726 |
|
|
<tr>
|
727 |
|
|
<td width="22%" valign="top" class="vncellreq"><?=gettext("Certificate authority");?></td>
|
728 |
|
|
<td width="78%" class="vtable">
|
729 |
6b8588c6
|
Colin Fleming
|
<select name='caref' id='caref' class="formselect" onchange='internalca_change()'>
|
730 |
c9794c06
|
Ermal
|
<?php
|
731 |
2464e353
|
N0YB
|
$rowIndex = 0;
|
732 |
b4e6524c
|
jim-p
|
foreach( $config['ca'] as $ca):
|
733 |
c9794c06
|
Ermal
|
if (!$ca['prv'])
|
734 |
|
|
continue;
|
735 |
2464e353
|
N0YB
|
$rowIndex++;
|
736 |
c9794c06
|
Ermal
|
?>
|
737 |
f2a86ca9
|
jim-p
|
<option value="<?=$ca['refid'];?>"><?=$ca['descr'];?></option>
|
738 |
2464e353
|
N0YB
|
<?php endforeach;
|
739 |
|
|
if ($rowIndex == 0)
|
740 |
|
|
echo "<option></option>";
|
741 |
|
|
?>
|
742 |
c9794c06
|
Ermal
|
</select>
|
743 |
|
|
</td>
|
744 |
|
|
</tr>
|
745 |
|
|
<tr>
|
746 |
|
|
<td width="22%" valign="top" class="vncellreq"><?=gettext("Key length");?></td>
|
747 |
|
|
<td width="78%" class="vtable">
|
748 |
|
|
<select name='keylen' class="formselect">
|
749 |
|
|
<?php
|
750 |
3b4b9ff3
|
Ermal
|
$cert_keylens = array( "2048", "512", "1024", "4096");
|
751 |
c9794c06
|
Ermal
|
foreach( $cert_keylens as $len):
|
752 |
|
|
?>
|
753 |
|
|
<option value="<?=$len;?>"><?=$len;?></option>
|
754 |
60a5f9de
|
N0YB
|
<?php
|
755 |
|
|
endforeach;
|
756 |
|
|
if (!count($cert_keylens))
|
757 |
|
|
echo "<option></option>";
|
758 |
|
|
?>
|
759 |
c9794c06
|
Ermal
|
</select>
|
760 |
|
|
bits
|
761 |
|
|
</td>
|
762 |
|
|
</tr>
|
763 |
|
|
<tr>
|
764 |
|
|
<td width="22%" valign="top" class="vncellreq"><?=gettext("Lifetime");?></td>
|
765 |
|
|
<td width="78%" class="vtable">
|
766 |
6b8588c6
|
Colin Fleming
|
<input name="lifetime" type="text" class="formfld unknown" id="lifetime" size="5" value="<?=htmlspecialchars($pconfig['lifetime']);?>" />days
|
767 |
c9794c06
|
Ermal
|
</td>
|
768 |
|
|
</tr>
|
769 |
|
|
</table>
|
770 |
|
|
</td>
|
771 |
|
|
</tr>
|
772 |
|
|
|
773 |
|
|
<?php endif; endif; ?>
|
774 |
e30001cf
|
Matthew Grooms
|
<?php endif; ?>
|
775 |
45ee90ed
|
Matthew Grooms
|
|
776 |
1c8faa89
|
jim-p
|
<tr id="sshkeychck" <?php if(!empty($pconfig['authorizedkeys'])) echo 'style="display:none"'; ?>>
|
777 |
c9794c06
|
Ermal
|
<td width="22%" valign="top" class="vncell"><?=gettext("Authorized keys");?></td>
|
778 |
|
|
<td width="78%" class="vtable">
|
779 |
6b8588c6
|
Colin Fleming
|
<input type="checkbox" onclick="javascript:sshkeyClicked(this)" /> <?=gettext("Click to paste an authorized key."); ?>
|
780 |
c9794c06
|
Ermal
|
</td>
|
781 |
|
|
</tr>
|
782 |
1c8faa89
|
jim-p
|
<tr id="sshkey" <?php if(empty($pconfig['authorizedkeys'])) echo 'style="display:none"'; ?>>
|
783 |
e30001cf
|
Matthew Grooms
|
<td width="22%" valign="top" class="vncell"><?=gettext("Authorized keys");?></td>
|
784 |
|
|
<td width="78%" class="vtable">
|
785 |
9ef4289c
|
Colin Fleming
|
<script type="text/javascript">
|
786 |
|
|
//<![CDATA[
|
787 |
|
|
window.onload=function(){
|
788 |
|
|
document.getElementById("authorizedkeys").wrap='off';
|
789 |
|
|
}
|
790 |
|
|
//]]>
|
791 |
|
|
</script>
|
792 |
|
|
<textarea name="authorizedkeys" cols="65" rows="7" id="authorizedkeys" class="formfld_cert"><?=htmlspecialchars($pconfig['authorizedkeys']);?></textarea>
|
793 |
8cd558b6
|
ayvis
|
<br />
|
794 |
e30001cf
|
Matthew Grooms
|
<?=gettext("Paste an authorized keys file here.");?>
|
795 |
|
|
</td>
|
796 |
|
|
</tr>
|
797 |
6b8588c6
|
Colin Fleming
|
<tr id="ipsecpskrow">
|
798 |
ddd1fb7f
|
jim-p
|
<td width="22%" valign="top" class="vncell"><?=gettext("IPsec Pre-Shared Key");?></td>
|
799 |
|
|
<td width="78%" class="vtable">
|
800 |
6b8588c6
|
Colin Fleming
|
<input name="ipsecpsk" type="text" class="formfld unknown" id="ipsecpsk" size="65" value="<?=htmlspecialchars($pconfig['ipsecpsk']);?>" />
|
801 |
ddd1fb7f
|
jim-p
|
</td>
|
802 |
|
|
</tr>
|
803 |
e30001cf
|
Matthew Grooms
|
<tr>
|
804 |
|
|
<td width="22%" valign="top"> </td>
|
805 |
|
|
<td width="78%">
|
806 |
6e707e77
|
Vinicius Coque
|
<input id="submit" name="save" type="submit" class="formbtn" value="<?=gettext("Save");?>" />
|
807 |
e30001cf
|
Matthew Grooms
|
<?php if (isset($id) && $a_user[$id]): ?>
|
808 |
e41ec584
|
Renato Botelho
|
<input name="id" type="hidden" value="<?=htmlspecialchars($id);?>" />
|
809 |
e30001cf
|
Matthew Grooms
|
<?php endif;?>
|
810 |
|
|
</td>
|
811 |
|
|
</tr>
|
812 |
|
|
</table>
|
813 |
|
|
</form>
|
814 |
|
|
|
815 |
|
|
<?php else: ?>
|
816 |
|
|
|
817 |
6b8588c6
|
Colin Fleming
|
<table class="sortable" width="100%" border="0" cellpadding="0" cellspacing="0" summary="">
|
818 |
5b42a459
|
bcyrill
|
<thead>
|
819 |
|
|
<tr>
|
820 |
|
|
<th width="25%" class="listhdrr"><?=gettext("Username"); ?></th>
|
821 |
|
|
<th width="25%" class="listhdrr"><?=gettext("Full name"); ?></th>
|
822 |
|
|
<th width="5%" class="listhdrr"><?=gettext("Disabled"); ?></th>
|
823 |
|
|
<th width="25%" class="listhdrr"><?=gettext("Groups"); ?></th>
|
824 |
6b8588c6
|
Colin Fleming
|
<th width="10%" class="list"></th>
|
825 |
5b42a459
|
bcyrill
|
</tr>
|
826 |
|
|
</thead>
|
827 |
6b8588c6
|
Colin Fleming
|
<tfoot>
|
828 |
|
|
<tr>
|
829 |
|
|
<td class="list" colspan="4"></td>
|
830 |
|
|
<td class="list">
|
831 |
|
|
<a href="system_usermanager.php?act=new">
|
832 |
|
|
<img src="/themes/<?= $g['theme'];?>/images/icons/icon_plus.gif" title="<?=gettext("add user"); ?>" alt="<?=gettext("add user"); ?>" width="17" height="17" border="0" />
|
833 |
|
|
</a>
|
834 |
|
|
</td>
|
835 |
|
|
</tr>
|
836 |
|
|
<tr>
|
837 |
|
|
<td colspan="4">
|
838 |
|
|
<p>
|
839 |
|
|
<?=gettext("Additional users can be added here. User permissions for accessing " .
|
840 |
|
|
"the webConfigurator can be assigned directly or inherited from group memberships. " .
|
841 |
|
|
"An icon that appears grey indicates that it is a system defined object. " .
|
842 |
|
|
"Some system object properties can be modified but they cannot be deleted."); ?>
|
843 |
8cd558b6
|
ayvis
|
<br /><br />
|
844 |
6b8588c6
|
Colin Fleming
|
<?=gettext("Accounts created here are also used for other parts of the system " .
|
845 |
|
|
"such as OpenVPN, IPsec, and Captive Portal.");?>
|
846 |
|
|
</p>
|
847 |
|
|
</td>
|
848 |
|
|
</tr>
|
849 |
|
|
</tfoot>
|
850 |
5b42a459
|
bcyrill
|
<tbody>
|
851 |
|
|
<?php
|
852 |
|
|
$i = 0;
|
853 |
|
|
foreach($a_user as $userent):
|
854 |
|
|
?>
|
855 |
6b8588c6
|
Colin Fleming
|
<tr ondblclick="document.location='system_usermanager.php?act=edit&id=<?=$i;?>'">
|
856 |
5b42a459
|
bcyrill
|
<td class="listlr">
|
857 |
6b8588c6
|
Colin Fleming
|
<table border="0" cellpadding="0" cellspacing="0" summary="icons">
|
858 |
5b42a459
|
bcyrill
|
<tr>
|
859 |
6b8588c6
|
Colin Fleming
|
<td align="left" valign="middle">
|
860 |
5b42a459
|
bcyrill
|
<?php
|
861 |
|
|
if($userent['scope'] != "user")
|
862 |
|
|
$usrimg = "/themes/{$g['theme']}/images/icons/icon_system-user-grey.png";
|
863 |
|
|
else
|
864 |
|
|
$usrimg = "/themes/{$g['theme']}/images/icons/icon_system-user.png";
|
865 |
|
|
?>
|
866 |
|
|
<img src="<?=$usrimg;?>" alt="<?=gettext("User"); ?>" title="<?=gettext("User"); ?>" border="0" height="16" width="16" />
|
867 |
|
|
</td>
|
868 |
|
|
<td align="left" valign="middle">
|
869 |
|
|
<?=htmlspecialchars($userent['name']);?>
|
870 |
|
|
</td>
|
871 |
|
|
</tr>
|
872 |
|
|
</table>
|
873 |
|
|
</td>
|
874 |
|
|
<td class="listr"><?=htmlspecialchars($userent['descr']);?> </td>
|
875 |
|
|
<td class="listr"><?php if(isset($userent['disabled'])) echo "*"; ?></td>
|
876 |
|
|
<td class="listbg">
|
877 |
|
|
<?=implode(",",local_user_get_groups($userent));?>
|
878 |
|
|
|
879 |
|
|
</td>
|
880 |
6b8588c6
|
Colin Fleming
|
<td valign="middle" class="list nowrap">
|
881 |
|
|
<a href="system_usermanager.php?act=edit&id=<?=$i;?>">
|
882 |
5b42a459
|
bcyrill
|
<img src="/themes/<?= $g['theme'];?>/images/icons/icon_e.gif" title="<?=gettext("edit user"); ?>" alt="<?=gettext("edit user"); ?>" width="17" height="17" border="0" />
|
883 |
|
|
</a>
|
884 |
|
|
<?php if($userent['scope'] != "system"): ?>
|
885 |
|
|
|
886 |
6b8588c6
|
Colin Fleming
|
<a href="system_usermanager.php?act=deluser&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this User?");?>')">
|
887 |
5b42a459
|
bcyrill
|
<img src="/themes/<?= $g['theme'];?>/images/icons/icon_x.gif" title="<?=gettext("delete user"); ?>" alt="<?=gettext("delete user"); ?>" width="17" height="17" border="0" />
|
888 |
|
|
</a>
|
889 |
|
|
<?php endif; ?>
|
890 |
|
|
</td>
|
891 |
|
|
</tr>
|
892 |
|
|
<?php
|
893 |
|
|
$i++;
|
894 |
|
|
endforeach;
|
895 |
|
|
?>
|
896 |
|
|
</tbody>
|
897 |
45ee90ed
|
Matthew Grooms
|
</table>
|
898 |
|
|
|
899 |
e30001cf
|
Matthew Grooms
|
<?php endif; ?>
|
900 |
45ee90ed
|
Matthew Grooms
|
|
901 |
e30001cf
|
Matthew Grooms
|
</div>
|
902 |
45ee90ed
|
Matthew Grooms
|
</td>
|
903 |
|
|
</tr>
|
904 |
1df17ba9
|
Scott Ullrich
|
</table>
|
905 |
45ee90ed
|
Matthew Grooms
|
<?php include("fend.inc");?>
|
906 |
|
|
</body>
|
907 |
12c2ec2e
|
Charlie Marshall
|
</html>
|