Add a simple audit page in userinfo panel to show which shares are accessible for each user (read only and read/write)

tags/ipasserelle-base-0.2.65-1 0.2.42_el6
Daniel Berteaud 11 years ago
parent 1a273e616c
commit 0e4f2b8b02
  1. 24
      root/etc/e-smith/locale/fr/etc/e-smith/web/functions/userinfo
  2. 22
      root/etc/e-smith/web/functions/userinfo
  3. 91
      root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/userinfo.pm

@ -12,6 +12,30 @@
<trans>Cette page vous permet de modifier certaines informations liées aux utiliseurs. Ces informations seront publiées dans l'annuaire LDAP.</trans>
</entry>
<entry>
<base>AUDIT</base>
<trans>Audit</trans>
</entry>
<entry>
<base>USER_AUDIT</base>
<trans>Audit Utilisateur</trans>
</entry>
<entry>
<base>AUDIT_DESC</base>
<trans>Cette page permet d'obtenir la liste des partages auxquels l'utilisateur a accès</trans>
</entry>
<entry>
<base>USER_LOGIN</base>
<trans>Identifiant</trans>
</entry>
<entry>
<base>SHARE_READ</base>
<trans>Accès en lecture</trans>
</entry>
<entry>
<base>SHARE_WRITE</base>
<trans>Accès en écriture</trans>
</entry>
<entry>
<base>USER_MODIFIED</base>
<trans>Utilisateur modifié avec succès</trans>
</entry>

@ -7,7 +7,7 @@
# navigation : 2000 2100
#----------------------------------------------------------------------
#----------------------------------------------------------------------
# copyright (C) 2011 Firewall-Services
# Copyright (C) 2011-2014 Firewall-Services
# daniel@firewall-services.com
#
# This program is free software; you can redistribute it and/or modify
@ -34,8 +34,6 @@ use esmith::FormMagick::Panel::userinfo;
my $fm = esmith::FormMagick::Panel::userinfo->new();
use CGI;
my $q = new CGI;
$fm->display();
__DATA__
@ -44,6 +42,24 @@ __DATA__
<description>FIRSTPAGE_DESC</description>
<subroutine src="print_user_table()" />
</page>
<page name="Audit" pre-event="turn_off_buttons()">
<title>USER_AUDIT</title>
<description>AUDIT_DESC</description>
<field type="literal" id="acctName" value="$q->param('acctName')">
<label>USER_LOGIN</label>
</field>
<field type="literal" id="userName" value="get_name()">
<label>USER_NAME</label>
</field>
<subroutine src="print_section_bar()" />
<field type="literal" id="readShares" value="get_shares('read')">
<label>SHARE_READ</label>
</field>
<subroutine src="print_section_bar()" />
<field type="literal" id="writeShares" value="get_shares('write')">
<label>SHARE_WRITE</label>
</field>
</page>
<page name="Modify" pre-event="turn_off_buttons()" post-event="modify_user()">
<description>MODIFY_DESC</description>
<field type="text" size="30" id="FirstName" validation="nonblank, pseudonym_clash"

@ -1,7 +1,7 @@
#!/usr/bin/perl -w
#---------------------------------------------------------------------
# copyright (C) 2011 Firewall-Services
# Copyright (C) 2011-2014 Firewall-Services
# daniel@firewall-services.com
#
# This program is free software; you can redistribute it and/or modify
@ -27,6 +27,7 @@ use esmith::AccountsDB;
use esmith::ConfigDB;
use esmith::cgi;
use esmith::util;
use List::MoreUtils qw(uniq);
use File::Basename;
use Exporter;
use Carp qw(verbose);
@ -35,6 +36,9 @@ our @ISA = qw(esmith::FormMagick Exporter);
our @EXPORT = qw(
print_user_table
print_section_bar
get_name
get_shares
get_ldap_value
print_save_button
get_prop
@ -54,10 +58,6 @@ sub new {
sub print_user_table {
my $self = shift;
my $q = $self->{cgi};
my $account = $self->localise('ACCOUNT');
my $acctName = $self->localise('USER_NAME');
my $modify = $self->localise('MODIFY');
my @users = $accountdb->get('admin');
push @users, $accountdb->users();
@ -69,23 +69,27 @@ sub print_user_table {
print " <tr>\n <td colspan=\"2\">\n ";
print $q->start_table ({-CLASS => "sme-border"}),"\n ";
print $q->Tr(
esmith::cgi::genSmallCell($q, $self->localise($account),"header"),
esmith::cgi::genSmallCell($q, $self->localise($acctName),"header"),
esmith::cgi::genSmallCell($q, $self->localise('ACTION'),"header",4));
esmith::cgi::genSmallCell($q, $self->localise('ACCOUNT'),"header"),
esmith::cgi::genSmallCell($q, $self->localise('USER_NAME'),"header"),
esmith::cgi::genSmallCell($q, $self->localise('ACTION'),"header",4)
);
my $scriptname = basename($0);
my $index=0;
foreach my $u (@users) {
my $username = $u->key();
my $first = $u->prop('FirstName');
my $last = $u->prop('LastName');
my $action1 = "<a href=\"$scriptname?page=0&page_stack=&acctName=$username&Next=Next&action=modify&wherenext=Modify\">$modify</a>";
my $action1 = "<a href=\"$scriptname?page=0&page_stack=&acctName=$username&wherenext=Modify\">" .
$self->localise('MODIFY') . "</a>";
my $action2 = "<a href=\"$scriptname?page=0&page_stack=&acctName=$username&wherenext=Audit\">" .
$self->localise('AUDIT') . "</a>";
print $q->Tr(esmith::cgi::genSmallCell($q, $username,"normal")," ",
esmith::cgi::genSmallCell($q, "$first $last","normal")," ",
esmith::cgi::genSmallCell($q, "$action1","normal"));
esmith::cgi::genSmallCell($q, "$action1","normal")," ",
esmith::cgi::genSmallCell($q, "$action2","normal"));
}
print qq(</table></td></tr>\n);
@ -93,6 +97,69 @@ sub print_user_table {
return "";
}
sub print_section_bar{
my $self = shift;
print " <tr>\n <td colspan='2'>\n";
print "<hr class=\"sectionbar\"/>\n";
return undef;
}
sub get_shares {
my ($self, $mode) = @_;
my $q = $self->{cgi};
my $user = $q->param('acctName');
my @read;
my @write;
# Loop through all the ibays to check which ones are accessible
foreach my $ibay ($accountdb->ibays){
my $name = $ibay->key;
my $desc = $ibay->prop('Name');
my $group = $ibay->prop('Group');
next unless $accountdb->is_user_in_group($user, $group);
my $perm = $ibay->prop('UserAccess');
if ($perm eq 'wr-admin-rd-group'){
push @read, $name . " ($desc)";
}
else{
push @write, $name . " ($desc)";
}
}
# Now check shared folders
foreach my $share ($accountdb->get_all_by_prop(type=>'share')){
my $name = $share->key;
my $desc = $share->prop('Name');
foreach my $group (split /[;,]/, ($share->prop('ReadGroups') || '')){
push @read, $name . " ($desc)" if $accountdb->is_user_in_group($user, $group);
}
foreach my $u (split /[;,]/, ($share->prop('ReadUsers') || '')){
push @read, $name . " ($desc)" if $user eq $u;
}
foreach my $group (split /[;,]/, ($share->prop('WriteGroups') || '')){
push @write, $name . " ($desc)" if $accountdb->is_user_in_group($user, $group);
}
foreach my $u (split /[;,]/, ($share->prop('WriteUsers') || '')){
push @write, $name . " ($desc)" if $user eq $u;
}
}
@write = uniq @write;
@read = uniq @read;
my @tmp = ();
foreach my $r (@read){
push @tmp, $r unless grep { $r eq $_ } @write;
}
@read = @tmp;
my @res = ($mode eq 'write') ? @write : @read;
return join "<br>", @res;
}
sub get_name {
my ($self) = @_;
return get_ldap_value($self, 'FirstName') . " " . get_ldap_value($self, 'LastName');
}
sub get_ldap_value {
my ($self, $field) = @_;
@ -105,8 +172,6 @@ sub print_save_button {
my ($self) = @_;
my $cgi = $self->{cgi};
$self->print_button("SAVE");
}

Loading…
Cancel
Save