Project

General

Profile

Download (6.2 KB) Statistics
| Branch: | Tag: | Revision:

univnautes / usr / local / www / system_usermanager_addprivs.php @ a1b66bec

1
<?php
2
/* $Id$ */
3
/*
4
	system_usermanager_addprivs.php
5

    
6
	Copyright (C) 2006 Daniel S. Haischt.
7
	All rights reserved.
8

    
9
	Redistribution and use in source and binary forms, with or without
10
	modification, are permitted provided that the following conditions are met:
11

    
12
	1. Redistributions of source code must retain the above copyright notice,
13
	   this list of conditions and the following disclaimer.
14

    
15
	2. Redistributions in binary form must reproduce the above copyright
16
	   notice, this list of conditions and the following disclaimer in the
17
	   documentation and/or other materials provided with the distribution.
18

    
19
	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
20
	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
21
	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
22
	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
23
	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
24
	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25
	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
26
	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
27
	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
28
	POSSIBILITY OF SUCH DAMAGE.
29
*/
30
/*
31
	pfSense_MODULE:	auth
32
*/
33

    
34
##|+PRIV
35
##|*IDENT=page-system-usermanager-addprivs
36
##|*NAME=System: User Manager: Add Privileges page
37
##|*DESCR=Allow access to the 'System: User Manager: Add Privileges' page.
38
##|*MATCH=system_usermanager_addprivs.php*
39
##|-PRIV
40

    
41
function admusercmp($a, $b) {
42
	return strcasecmp($a['name'], $b['name']);
43
}
44

    
45
require("guiconfig.inc");
46

    
47
$pgtitle = array("System","User manager","Add privileges");
48

    
49
if (is_numericint($_GET['userid']))
50
	$userid = $_GET['userid'];
51
if (isset($_POST['userid']) && is_numericint($_POST['userid']))
52
	$userid = $_POST['userid'];
53

    
54
if (!isset($config['system']['user'][$userid]) && !is_array($config['system']['user'][$userid])) {
55
	pfSenseHeader("system_usermanager.php");
56
	exit;
57
}
58

    
59
$a_user = & $config['system']['user'][$userid];
60

    
61
if (!is_array($a_user['priv']))
62
	$a_user['priv'] = array();
63

    
64
if ($_POST) {
65
	conf_mount_rw();
66

    
67
	unset($input_errors);
68
	$pconfig = $_POST;
69

    
70
	/* input validation */
71
	$reqdfields = explode(" ", "sysprivs");
72
	$reqdfieldsn = array(gettext("Selected priveleges"));
73

    
74
	do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
75

    
76
	/* if this is an AJAX caller then handle via JSON */
77
	if(isAjax() && is_array($input_errors)) {
78
		input_errors2Ajax($input_errors);
79
		exit;
80
	}
81

    
82
	if (!$input_errors) {
83

    
84
		if (!is_array($pconfig['sysprivs']))
85
			$pconfig['sysprivs'] = array();
86

    
87
		if (!count($a_user['priv']))
88
			$a_user['priv'] = $pconfig['sysprivs'];
89
		else
90
			$a_user['priv'] = array_merge($a_user['priv'], $pconfig['sysprivs']);
91

    
92
		$a_user['priv'] = sort_user_privs($a_user['priv']);
93
		local_user_set($a_user);
94
		$retval = write_config();
95
		$savemsg = get_std_save_message($retval);
96
		conf_mount_ro();
97
		
98
		post_redirect("system_usermanager.php", array('act' => 'edit', 'userid' => $userid));
99
		
100
		exit;
101
	}
102
	conf_mount_ro();
103
}
104

    
105
/* if ajax is calling, give them an update message */
106
if(isAjax())
107
	print_info_box_np($savemsg);
108

    
109
include("head.inc");
110
?>
111

    
112
<body link="#0000CC" vlink="#0000CC" alink="#0000CC" onload="<?= $jsevents["body"]["onload"] ?>">
113
<?php include("fbegin.inc"); ?>
114
<script type="text/javascript">
115
//<![CDATA[
116

    
117
<?php
118

    
119
if (is_array($priv_list)) {
120
	$id = 0;
121

    
122
	$jdescs = "var descs = new Array();\n";
123
	foreach($priv_list as $pname => $pdata) {
124
		if (in_array($pname, $a_user['priv']))
125
			continue;
126
		$desc = addslashes(preg_replace("/pfSense/i", $g['product_name'], $pdata['descr']));
127
		$jdescs .= "descs[{$id}] = '{$desc}';\n";
128
		$id++;
129
	}
130

    
131
	echo $jdescs;
132
}
133

    
134
?>
135

    
136
function update_description() {
137
	var index = document.iform.sysprivs.selectedIndex;
138
	document.getElementById("pdesc").innerHTML = descs[index];
139
}
140

    
141
//]]>
142
</script>
143
<?php
144
	if ($input_errors)
145
		print_input_errors($input_errors);
146
	if ($savemsg)
147
		print_info_box($savemsg);
148
?>
149
<table width="100%" border="0" cellpadding="0" cellspacing="0" summary="user manager add priveleges">
150
	<tr>
151
		<td>
152
		<?php
153
			$tab_array = array();
154
			$tab_array[] = array(gettext("Users"), true, "system_usermanager.php");
155
			$tab_array[] = array(gettext("Groups"), false, "system_groupmanager.php");
156
			$tab_array[] = array(gettext("Settings"), false, "system_usermanager_settings.php");
157
			$tab_array[] = array(gettext("Servers"), false, "system_authservers.php");
158
			display_top_tabs($tab_array);
159
		?>
160
		</td>
161
	</tr>
162
	<tr>
163
		<td id="mainarea">
164
			<div class="tabcont">
165
				<form action="system_usermanager_addprivs.php" method="post" name="iform" id="iform">
166
					<table width="100%" border="0" cellpadding="6" cellspacing="0" summary="main area">
167
						<tr>
168
							<td width="22%" valign="top" class="vncellreq"><?=gettext("System Privileges");?></td>
169
							<td width="78%" class="vtable">
170
								<select name="sysprivs[]" id="sysprivs" class="formselect" onchange="update_description();" multiple="multiple" size="35">
171
									<?php
172
										foreach($priv_list as $pname => $pdata):
173
											if (in_array($pname, $a_user['priv']))
174
												continue;
175
									?>
176
									<option value="<?=$pname;?>"><?=$pdata['name'];?></option>
177
									<?php endforeach; ?>
178
								</select>
179
								<br />
180
								<?=gettext("Hold down CTRL (pc)/COMMAND (mac) key to select multiple items");?>
181
							</td>
182
						</tr>
183
						<tr height="60">
184
							<td width="22%" valign="top" class="vncell"><?=gettext("Description");?></td>
185
							<td width="78%" valign="top" class="vtable" id="pdesc">
186
								<em><?=gettext("Select a privilege from the list above for a description"); ?></em>
187
							</td>
188
						</tr>
189
						<tr>
190
							<td width="22%" valign="top">&nbsp;</td>
191
							<td width="78%">
192
								<input id="submitt"  name="Submit" type="submit" class="formbtn" value="<?=gettext("Save");?>" />
193
								<input id="cancelbutton" class="formbtn" type="button" value="<?=gettext("Cancel");?>" onclick="history.back()" />
194
								<?php if (isset($userid)): ?>
195
								<input name="userid" type="hidden" value="<?=htmlspecialchars($userid);?>" />
196
								<?php endif; ?>
197
							</td>
198
						</tr>
199
					</table>
200
				</form>
201
			</div>
202
		</td>
203
	</tr>
204
</table>
205
<?php include("fend.inc"); ?>
206
</body>
207
</html>
(230-230/256)