commit e7a6d9b2fcf276225e1ad2f081e5f6e9e99fe221 Author: Daniel Berteaud Date: Tue Nov 12 16:51:40 2013 +0100 Initial import diff --git a/COPYING b/COPYING new file mode 100644 index 0000000..196760e --- /dev/null +++ b/COPYING @@ -0,0 +1,340 @@ + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 + + Copyright (C) 1989, 1991 Free Software Foundation, Inc. + 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +License is intended to guarantee your freedom to share and change free +software--to make sure the software is free for all its users. This +General Public License applies to most of the Free Software +Foundation's software and to any other program whose authors commit to +using it. (Some other Free Software Foundation software is covered by +the GNU Library General Public License instead.) You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +this service if you wish), that you receive source code or can get it +if you want it, that you can change the software or use pieces of it +in new free programs; and that you know you can do these things. + + To protect your rights, we need to make restrictions that forbid +anyone to deny you these rights or to ask you to surrender the rights. +These restrictions translate to certain responsibilities for you if you +distribute copies of the software, or if you modify it. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must give the recipients all the rights that +you have. You must make sure that they, too, receive or can get the +source code. And you must show them these terms so they know their +rights. + + We protect your rights with two steps: (1) copyright the software, and +(2) offer you this license which gives you legal permission to copy, +distribute and/or modify the software. + + Also, for each author's protection and ours, we want to make certain +that everyone understands that there is no warranty for this free +software. If the software is modified by someone else and passed on, we +want its recipients to know that what they have is not the original, so +that any problems introduced by others will not reflect on the original +authors' reputations. + + Finally, any free program is threatened constantly by software +patents. We wish to avoid the danger that redistributors of a free +program will individually obtain patent licenses, in effect making the +program proprietary. To prevent this, we have made it clear that any +patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and +modification follow. + + GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +a notice placed by the copyright holder saying it may be distributed +under the terms of this General Public License. The "Program", below, +refers to any such program or work, and a "work based on the Program" +means either the Program or any derivative work under copyright law: +that is to say, a work containing the Program or a portion of it, +either verbatim or with modifications and/or translated into another +language. (Hereinafter, translation is included without limitation in +the term "modification".) Each licensee is addressed as "you". + +Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running the Program is not restricted, and the output from the Program +is covered only if its contents constitute a work based on the +Program (independent of having been made by running the Program). +Whether that is true depends on what the Program does. + + 1. You may copy and distribute verbatim copies of the Program's +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the +notices that refer to this License and to the absence of any warranty; +and give any other recipients of the Program a copy of this License +along with the Program. + +You may charge a fee for the physical act of transferring a copy, and +you may at your option offer warranty protection in exchange for a fee. + + 2. You may modify your copy or copies of the Program or any portion +of it, thus forming a work based on the Program, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) You must cause the modified files to carry prominent notices + stating that you changed the files and the date of any change. + + b) You must cause any work that you distribute or publish, that in + whole or in part contains or is derived from the Program or any + part thereof, to be licensed as a whole at no charge to all third + parties under the terms of this License. + + c) If the modified program normally reads commands interactively + when run, you must cause it, when started running for such + interactive use in the most ordinary way, to print or display an + announcement including an appropriate copyright notice and a + notice that there is no warranty (or else, saying that you provide + a warranty) and that users may redistribute the program under + these conditions, and telling the user how to view a copy of this + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Program, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Program, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Program. + +In addition, mere aggregation of another work not based on the Program +with the Program (or with a work based on the Program) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may copy and distribute the Program (or a work based on it, +under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you also do one of the following: + + a) Accompany it with the complete corresponding machine-readable + source code, which must be distributed under the terms of Sections + 1 and 2 above on a medium customarily used for software interchange; or, + + b) Accompany it with a written offer, valid for at least three + years, to give any third party, for a charge no more than your + cost of physically performing source distribution, a complete + machine-readable copy of the corresponding source code, to be + distributed under the terms of Sections 1 and 2 above on a medium + customarily used for software interchange; or, + + c) Accompany it with the information you received as to the offer + to distribute corresponding source code. (This alternative is + allowed only for noncommercial distribution and only if you + received the program in object code or executable form with such + an offer, in accord with Subsection b above.) + +The source code for a work means the preferred form of the work for +making modifications to it. For an executable work, complete source +code means all the source code for all modules it contains, plus any +associated interface definition files, plus the scripts used to +control compilation and installation of the executable. However, as a +special exception, the source code distributed need not include +anything that is normally distributed (in either source or binary +form) with the major components (compiler, kernel, and so on) of the +operating system on which the executable runs, unless that component +itself accompanies the executable. + +If distribution of executable or object code is made by offering +access to copy from a designated place, then offering equivalent +access to copy the source code from the same place counts as +distribution of the source code, even though third parties are not +compelled to copy the source along with the object code. + + 4. You may not copy, modify, sublicense, or distribute the Program +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense or distribute the Program is +void, and will automatically terminate your rights under this License. +However, parties who have received copies, or rights, from you under +this License will not have their licenses terminated so long as such +parties remain in full compliance. + + 5. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Program or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Program (or any work based on the +Program), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Program or works based on it. + + 6. Each time you redistribute the Program (or any work based on the +Program), the recipient automatically receives a license from the +original licensor to copy, distribute or modify the Program subject to +these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties to +this License. + + 7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Program at all. For example, if a patent +license would not permit royalty-free redistribution of the Program by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Program. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system, which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 8. If the distribution and/or use of the Program is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Program under this License +may add an explicit geographical distribution limitation excluding +those countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 9. The Free Software Foundation may publish revised and/or new versions +of the General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + + 10. If you wish to incorporate parts of the Program into other free +programs whose distribution conditions are different, write to the author +to ask for permission. For software which is copyrighted by the Free +Software Foundation, write to the Free Software Foundation; we sometimes +make exceptions for this. Our decision will be guided by the two goals +of preserving the free status of all derivatives of our free software and +of promoting the sharing and reuse of software generally. + + NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY +FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS +TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE +PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, +REPAIR OR CORRECTION. + + 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED +TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER +PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) 19yy + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + + +Also add information on how to contact you by electronic and paper mail. + +If the program is interactive, make it output a short notice like this +when it starts in an interactive mode: + + Gnomovision version 69, Copyright (C) 19yy name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, the commands you use may +be called something other than `show w' and `show c'; they could even be +mouse-clicks or menu items--whatever suits your program. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the program + `Gnomovision' (which makes passes at compilers) written by James Hacker. + + , 1 April 1989 + Ty Coon, President of Vice + +This General Public License does not permit incorporating your program into +proprietary programs. If your program is a subroutine library, you may +consider it more useful to permit linking proprietary applications with the +library. If this is what you want to do, use the GNU Library General +Public License instead of this License. diff --git a/createlinks b/createlinks new file mode 100644 index 0000000..050940c --- /dev/null +++ b/createlinks @@ -0,0 +1,21 @@ +#!/usr/bin/perl -w + +use esmith::Build::CreateLinks qw(:all); + +panel_link("userpanelaccess", "manager"); + +event_link("conf-userpanelsymlinks", "conf-userpanel", "20"); +event_link("conf-userpanelsymlinks", "webapps-update", "20"); + +foreach my $event (qw/ipasserelle-update bootstrap-ldap-save webapps-update/){ + event_link("ipasserelle-init-config-domain", "$event", "25"); + templates2events("/etc/lemonldap-ng/lemonldap-ng-admin.ini", "$event"); + templates2events("/etc/lemonldap-ng/lemonldap-ng-pki.ini", "$event"); +} + +# Create language symlinks +foreach my $lang qw(bg da de el en-us es et fr he hu id it ja nb + nl pl pt pt-br ro ru sl sv th tr zh-cn zh-tw){ + safe_symlink("/etc/e-smith/locale/$lang/etc/e-smith/web/functions", + "root/etc/e-smith/locale/$lang/etc/e-smith/web/panels/user/cgi-bin"); +} diff --git a/ipasserelle-userpanel.spec b/ipasserelle-userpanel.spec new file mode 100644 index 0000000..5d05489 --- /dev/null +++ b/ipasserelle-userpanel.spec @@ -0,0 +1,87 @@ +Summary: iPasserelle User Panel module +%define name ipasserelle-userpanel +Name: %{name} +%define version 0.2.0 +%define release 1 +Version: %{version} +Release: %{release}%{?dist} +License: GPL +URL: http://www.ipasserelle.com +Group: SMEserver/addon +Source: %{name}-%{version}.tar.gz + +BuildArch: noarch +BuildRoot: /var/tmp/%{name}-%{version} + +Requires: e-smith-base >= 5.2.0-62 +Requires: ipasserelle-base +Requires: smeserver-lemonldap-ng => 0.1-15 +Requires: smeserver-webapps-common >= 0.1-10 + +BuildRequires: e-smith-devtools + +Obsoletes: smeserver-userpanel +Obsoletes: ipasserelle-user-portal +Provides: smeserver-userpanel + +%description +iPasserelle User Portal provides a user oriented +portal where they can set their own settings +Admins can also delegate panels to users +This module is based on smeserver-userpanel + +%changelog +* Tue Nov 12 2013 Daniel Berteaud 0.2.0-1 +- Import in GIT + +* Mon Nov 14 2011 Daniel Berteaud 0.1-6 +- create language symlinks + +* Tue Jul 19 2011 Daniel Berteaud 0.1-5 +- Move SetEnvIf directives +- Add SSO protected access to PHPki +- Don't send $cn as header as it prevent access if username contains accent + +* Mon Jul 18 2011 Daniel Berteaud 0.1-4 +- Rewrite userpanel-navigation (based on the current server-manager's one) + +* Mon Jul 11 2011 Daniel Berteaud 0.1-3 +- Add httpd-admin handler to the list of handler which need a reload + +* Wed Jul 06 2011 Daniel Berteaud 0.1-2 +- Expand LL::NG conf also in bootstrap-ldap-save and ipasserelle-update + +* Tue Jun 28 2011 Daniel Berteaud 0.1-1 +- initial release (based on smeserver-userpanel-0.9-11) + + +%prep +%setup + +%build +perl createlinks + +%{__mkdir_p} root/etc/e-smith/web/panels/user/cgi-bin + +%install +rm -rf $RPM_BUILD_ROOT +(cd root ; find . -depth -print | cpio -dump $RPM_BUILD_ROOT) +rm -f %{name}-%{version}-filelist +/sbin/e-smith/genfilelist $RPM_BUILD_ROOT > %{name}-%{version}-filelist +echo "%doc COPYING" >> %{name}-%{version}-filelist + +%clean +cd .. +rm -rf %{name}-%{version} + +%pre + +%preun + +%post + +%postun + +%files -f %{name}-%{version}-filelist +%defattr(-,root,root) + diff --git a/root/etc/e-smith/db/configuration/migrate/LemonLDAPSOAPAccess b/root/etc/e-smith/db/configuration/migrate/LemonLDAPSOAPAccess new file mode 100644 index 0000000..b36caf4 --- /dev/null +++ b/root/etc/e-smith/db/configuration/migrate/LemonLDAPSOAPAccess @@ -0,0 +1,26 @@ +{ + +my $llng = $DB->get("lemonldap") || + $DB->new_record("lemonldap", { type => "service" }); + +my @soapaccess = split(/[;,]/, ($llng->prop('SoapAllowFrom') || '')); +my $internal = $DB->get('InternalInterface')->prop('IPAddress'); +push @soapaccess, $internal if (!grep {$internal eq $_} @soapaccess); +$llng->set_prop('SoapAllowFrom', join(',',@soapaccess)); + +# httpd-admin handler +my @reload = split(/[;,]/, ($llng->prop('Reload') || '')); +my $reloadurl = 'localhost:980=http://localhost:980/lm-reload'; +push @reload, $reloadurl if (!grep {$reloadurl eq $_} @reload); + +# httpd-pki handler +$reloadurl = 'localhost:940=http://localhost:940/lm-reload'; +my $phpki = $DB->get('httpd-pki'); +if($phpki){ + my $status = $phpki->prop('status') || 'disabled'; + push @reload, $reloadurl if ((!grep {$reloadurl eq $_} @reload) && ($status eq 'enabled')); +} + +$llng->set_prop('Reload', join(',',@reload)); + +} diff --git a/root/etc/e-smith/events/actions/conf-userpanelsymlinks b/root/etc/e-smith/events/actions/conf-userpanelsymlinks new file mode 100644 index 0000000..5f8e0bd --- /dev/null +++ b/root/etc/e-smith/events/actions/conf-userpanelsymlinks @@ -0,0 +1,92 @@ +#!/usr/bin/perl -w + +#---------------------------------------------------------------------- +# +# Copyright (c) 2001 Daniel van Raay +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +#---------------------------------------------------------------------- + +package esmith; + +use strict; +use Errno; +use esmith::config; +use esmith::util; +use esmith::db; + +my %conf; +tie %conf, 'esmith::config'; + +my %accounts; +tie %accounts, 'esmith::config', '/home/e-smith/db/accounts'; + +#--------------------------------------------------------------------------- +# clear and re-create all the user panel symlinks +#--------------------------------------------------------------------------- + +#clear +opendir (DIR, "/etc/e-smith/web/panels/user/cgi-bin/") or + die "Can't open directory /etc/e-smith/web/panels/user/cgi-bin/\n"; +my @symlinks = grep (!/^\./, readdir (DIR)); +closedir (DIR); + +foreach my $link (@symlinks) +{ + -e "/etc/e-smith/web/panels/user/cgi-bin/$link" && unlink("/etc/e-smith/web/panels/user/cgi-bin/$link"); +} + +#always link userpanels +my %newsymlinks; +opendir (DIR, "/etc/e-smith/web/functions/") or + die "Can't open directory /etc/e-smith/web/functions/\n"; +foreach my $userpanels ( grep (/^(userpanel-initial|userpanel-navigation|userpanel-noframes|pleasewait)$/, readdir (DIR)) ) +{ + $newsymlinks{$userpanels} = 'Yes'; +} +closedir (DIR); + +#also add needed panels +foreach my $user (sort keys %accounts) +{ + my $userAdminPanels = db_get_prop(\%accounts, $user, "AdminPanels"); + $userAdminPanels = '' if ! defined ($userAdminPanels); + + foreach my $panels (split (/,/, $userAdminPanels)) + { + $newsymlinks{$panels} = 'Yes'; + } +} + +foreach my $link ( sort keys %newsymlinks ) +{ + if ( -e "/etc/e-smith/web/functions/$link" && + ! -e "/etc/e-smith/web/panels/user/cgi-bin/$link" ) + { + #symlink("../../../functions/$link", "/etc/e-smith/web/panels/user/cgi-bin/$link") || + link("/etc/e-smith/web/functions/$link", "/etc/e-smith/web/panels/user/cgi-bin/$link") || + warn "Couldn't link('functions/$link' to '/etc/e-smith/web/panels/user/cgi-bin/$link'): $!\n"; + } +} + + system("/sbin/e-smith/expand-template /etc/httpd/admin-conf/httpd.conf") == 0 + or warn ("Error expanding httpd.conf \n"); + + #system("/etc/rc.d/init.d/httpd-admin restart") == 0 + # or warn ("Error occurred restarting httpd-admin \n"); + esmith::util::backgroundCommand (1, "/usr/local/bin/svc", "-h", "/service/httpd-admin");# == 0 + +exit (0); + diff --git a/root/etc/e-smith/events/actions/ipasserelle-init-config-domain b/root/etc/e-smith/events/actions/ipasserelle-init-config-domain new file mode 100644 index 0000000..45c9002 --- /dev/null +++ b/root/etc/e-smith/events/actions/ipasserelle-init-config-domain @@ -0,0 +1,51 @@ +#!/usr/bin/perl -w +#---------------------------------------------------------------------- +# copyright (C) 2011 Firewall-Services +# daniel@firewall-services.com +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +# Technical support for this program is available from Mitel Networks +# Please visit our web site www.mitel.com/sme/ for details. +#---------------------------------------------------------------------- + +use strict; +use warnings; +use esmith::DomainsDB; +use esmith::ConfigDB; + +my $d = esmith::DomainsDB->open or die "Couldn't open DomainsDB\n"; +my $c = esmith::ConfigDB->open_ro() or die "Couldn't open ConfigDB\n"; + +my $domain = $c->get('DomainName')->value; +my $vhost; + +$vhost = $d->get("config.$domain"); + +exit (0) if ($vhost); + +$d->new_record("config.$domain",{ + type => 'domain', + Content => 'Primary', + Description => "Accès à la configuration de l'iPasserelle", + Nameservers => 'internet', + TemplatePath => 'UserManagerVirtualHost', + Removable => 'no', +}); + +unless ( system("/sbin/e-smith/signal-event", "domain-create", "config.$domain") == 0 ){ + die "Failed to create domain ip.$domain\n"; +} + diff --git a/root/etc/e-smith/templates.metadata/etc/lemonldap-ng/lemonldap-ng-admin.ini b/root/etc/e-smith/templates.metadata/etc/lemonldap-ng/lemonldap-ng-admin.ini new file mode 100644 index 0000000..78fb537 --- /dev/null +++ b/root/etc/e-smith/templates.metadata/etc/lemonldap-ng/lemonldap-ng-admin.ini @@ -0,0 +1,4 @@ +PERMS=0640 +UID="root" +GID="admin" + diff --git a/root/etc/e-smith/templates.metadata/etc/lemonldap-ng/lemonldap-ng-pki.ini b/root/etc/e-smith/templates.metadata/etc/lemonldap-ng/lemonldap-ng-pki.ini new file mode 100644 index 0000000..a44e774 --- /dev/null +++ b/root/etc/e-smith/templates.metadata/etc/lemonldap-ng/lemonldap-ng-pki.ini @@ -0,0 +1,4 @@ +PERMS=0640 +UID="root" +GID="phpki" + diff --git a/root/etc/e-smith/templates/etc/httpd/admin-conf/httpd.conf/20LoadModule80mod_perl b/root/etc/e-smith/templates/etc/httpd/admin-conf/httpd.conf/20LoadModule80mod_perl new file mode 100644 index 0000000..1484ba6 --- /dev/null +++ b/root/etc/e-smith/templates/etc/httpd/admin-conf/httpd.conf/20LoadModule80mod_perl @@ -0,0 +1,8 @@ +{ + my $status = $modPerl{status}; + + return "# modPerl disabled" unless ($status and $status eq "enabled"); + + return "LoadModule perl_module modules/mod_perl.so"; +} + diff --git a/root/etc/e-smith/templates/etc/httpd/admin-conf/httpd.conf/25LemonLDAPHandler b/root/etc/e-smith/templates/etc/httpd/admin-conf/httpd.conf/25LemonLDAPHandler new file mode 100644 index 0000000..1d7909d --- /dev/null +++ b/root/etc/e-smith/templates/etc/httpd/admin-conf/httpd.conf/25LemonLDAPHandler @@ -0,0 +1,20 @@ +# Load LemonLDAP::NG Handler +PerlOptions +GlobalRequest +PerlRequire /var/lib/lemonldap-ng/handler/MyAdminHandler.pm + +# Common error page and security parameters +ErrorDocument 403 http://auth.{$DomainName}/?lmError=403 +ErrorDocument 500 http://auth.{$DomainName}/?lmError=500 + + +# Configuration reload mechanism (only 1 per physical server is +# needed): choose your URL to avoid restarting Apache when +# configuration change + + Order deny,allow + Deny from all + Allow from localhost + PerlHeaderParserHandler My::Package->refresh + Satisfy any + + diff --git a/root/etc/e-smith/templates/etc/httpd/admin-conf/httpd.conf/80Aliases05userpanel b/root/etc/e-smith/templates/etc/httpd/admin-conf/httpd.conf/80Aliases05userpanel new file mode 100644 index 0000000..93648f8 --- /dev/null +++ b/root/etc/e-smith/templates/etc/httpd/admin-conf/httpd.conf/80Aliases05userpanel @@ -0,0 +1,9 @@ + +# Aliases for the e-smith-user panel: + + ScriptAlias /user-manager/cgi-bin /etc/e-smith/web/panels/user/cgi-bin + Alias /user-manager /etc/e-smith/web/panels/user/html + + ScriptAlias /user/cgi-bin /etc/e-smith/web/panels/user/cgi-bin + Alias /user /etc/e-smith/web/panels/user/html + diff --git a/root/etc/e-smith/templates/etc/httpd/admin-conf/httpd.conf/90e-smithAccess30user b/root/etc/e-smith/templates/etc/httpd/admin-conf/httpd.conf/90e-smithAccess30user new file mode 100644 index 0000000..83e9b6f --- /dev/null +++ b/root/etc/e-smith/templates/etc/httpd/admin-conf/httpd.conf/90e-smithAccess30user @@ -0,0 +1,76 @@ +#------------------------------------------------------------ +# e-smith-user panel +#------------------------------------------------------------ +{ + use esmith::AccountsDB; + my $a = esmith::AccountsDB->open_ro; + + my %panelshash; + opendir (DIR, "/etc/e-smith/web/panels/user/cgi-bin") + || die "Can't open /etc/e-smith/web/panels/user/cgi-bin directory.\n"; + + my @files = sort (grep (!/(^\.\.?$)|(^pleasewait$)|(^userpanel-[a-z][\-\_a-z0-9]*)/, readdir(DIR))); + + closedir (DIR); + +# TODO: globalPanels +# my $globalpanels = db_get_prop(\%accounts, 'globalUP', 'AdminPanels'); +# $globalpanels = '' if ( ! defined ($globalpanels) ); +# my @globalpanels = split (/,/, $globalpanels, -1); + + foreach $file (@files){ + next if ($globalpanels && grep (/^$file$/, @globalpanels)); + foreach my $user ($a->users){ + my $key = $user->key; + push @{$panelshash{$file}}, $key + if ((grep {$file eq $_} split(/[;,]/, ($user->prop('AdminPanels') || ''))) + && (!grep {$key eq $_} @{$panelshash{$file}})); + } + foreach my $group ($a->groups){ + foreach my $member (split(/[;,]/,($group->prop('Members') || ''))){ + push @{$panelshash{$file}}, $member + if ((grep {$file eq $_} split(/[;,]/, ($group->prop('AdminPanels') || ''))) + && (!grep {$member eq $_} @{$panelshash{$file}})); + } + } + } + + $OUT .= < + Options Includes Indexes FollowSymLinks + AllowOverride None + order deny,allow + deny from all + allow from $localAccess + PerlHeaderParserHandler My::Package + Satisfy all + + + + Options Includes Indexes FollowSymLinks + AllowOverride None + order deny,allow + deny from all + allow from $localAccess + PerlHeaderParserHandler My::Package + Satisfy all + +HERE + + foreach my $file (@files){ + next unless ( defined ($panelshash{$file}) ); + foreach my $u (@{$panelshash{$file}}){ + $OUT .= " SetEnvIf Auth-User \"$u\" allow_$file\n"; + } + $OUT .= "\n"; + $OUT .= " \n"; + $OUT .= " order deny,allow\n"; + $OUT .= " deny from all\n"; + $OUT .= " allow from env=allow_$file\n"; + $OUT .= " \n"; + } + + $OUT .= "\n"; +} + diff --git a/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/UserManagerVirtualHost/00Setup b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/UserManagerVirtualHost/00Setup new file mode 100644 index 0000000..e00a95b --- /dev/null +++ b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/UserManagerVirtualHost/00Setup @@ -0,0 +1,10 @@ +{ + use esmith::DomainsDB; + # Convert the passed hash for the domain object back into an object. + $domain = bless \%domain, 'esmith::DB::db::Record'; + + # Make scalars from some of the properties of the domain + $virtualHost = $domain->key; + $OUT = ""; +} + diff --git a/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/UserManagerVirtualHost/02ServerName b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/UserManagerVirtualHost/02ServerName new file mode 100644 index 0000000..38f4ddf --- /dev/null +++ b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/UserManagerVirtualHost/02ServerName @@ -0,0 +1 @@ + ServerName {$virtualHost} diff --git a/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/UserManagerVirtualHost/25SSLDirectives b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/UserManagerVirtualHost/25SSLDirectives new file mode 100644 index 0000000..01d0a5f --- /dev/null +++ b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/UserManagerVirtualHost/25SSLDirectives @@ -0,0 +1,15 @@ +{ + my $ssl = $domain->prop('RequireSSL') || 'disabled'; + + if (($modSSL{TCPPort} || "443") eq $port){ + $OUT .= " SSLEngine on\n"; + } + else { + $OUT .=<<'EOF'; + RewriteEngine on + RewriteRule ^/(.*|$) https://%{HTTP_HOST}/$1 [L,R] + +EOF + } +} + diff --git a/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/UserManagerVirtualHost/26RewriteTraceAndTrack b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/UserManagerVirtualHost/26RewriteTraceAndTrack new file mode 100644 index 0000000..2d3653d --- /dev/null +++ b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/UserManagerVirtualHost/26RewriteTraceAndTrack @@ -0,0 +1,8 @@ +{ + $OUT =<<'HERE'; + RewriteEngine on + RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK) + RewriteRule .* - [F] +HERE +} + diff --git a/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/UserManagerVirtualHost/40ApacheIconAlias b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/UserManagerVirtualHost/40ApacheIconAlias new file mode 100644 index 0000000..d3c2f4b --- /dev/null +++ b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/UserManagerVirtualHost/40ApacheIconAlias @@ -0,0 +1,3 @@ + # alias for Apache icons + Alias /icons/ /var/www/icons/ + diff --git a/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/UserManagerVirtualHost/50Content b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/UserManagerVirtualHost/50Content new file mode 100644 index 0000000..84bf4c7 --- /dev/null +++ b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/UserManagerVirtualHost/50Content @@ -0,0 +1,18 @@ +{ + +$OUT .=<<"EOF"; + + ProxyPreserveHost on + RewriteEngine on + RewriteRule (^/(user/cgi-bin/.*)|(user-manager(.*)?)|(server-common/.*))\$ http://localhost:980/\$1 [P,L] + RewriteRule ^/phpki(sso)?(/.*)\$ http://localhost:940/phpkisso\$2 [P,L] + + + Order deny,allow + Deny from all + Allow from $localAccess $externalSSLAccess + + +EOF + +} diff --git a/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/UserManagerVirtualHost/template-begin b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/UserManagerVirtualHost/template-begin new file mode 100644 index 0000000..992a19e --- /dev/null +++ b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/UserManagerVirtualHost/template-begin @@ -0,0 +1,3 @@ + + + diff --git a/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/UserManagerVirtualHost/template-end b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/UserManagerVirtualHost/template-end new file mode 100644 index 0000000..50d3d92 --- /dev/null +++ b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/UserManagerVirtualHost/template-end @@ -0,0 +1,2 @@ + + diff --git a/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/28UserManagerProxyPass b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/28UserManagerProxyPass new file mode 100644 index 0000000..381324e --- /dev/null +++ b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/28UserManagerProxyPass @@ -0,0 +1,9 @@ +{ + # vim: ft=perl: + + $OUT = ''; + foreach $place ('user-manager','user') + { + $OUT .= " RewriteRule ^/$place(/.*|\$) https://config.$DomainName/$place\$1 [L,R]\n"; + } +} diff --git a/root/etc/e-smith/templates/etc/httpd/pki-conf/httpd.conf/20LoadModule80mod_perl b/root/etc/e-smith/templates/etc/httpd/pki-conf/httpd.conf/20LoadModule80mod_perl new file mode 100644 index 0000000..1484ba6 --- /dev/null +++ b/root/etc/e-smith/templates/etc/httpd/pki-conf/httpd.conf/20LoadModule80mod_perl @@ -0,0 +1,8 @@ +{ + my $status = $modPerl{status}; + + return "# modPerl disabled" unless ($status and $status eq "enabled"); + + return "LoadModule perl_module modules/mod_perl.so"; +} + diff --git a/root/etc/e-smith/templates/etc/httpd/pki-conf/httpd.conf/25LemonLDAPHandler b/root/etc/e-smith/templates/etc/httpd/pki-conf/httpd.conf/25LemonLDAPHandler new file mode 100644 index 0000000..11b7187 --- /dev/null +++ b/root/etc/e-smith/templates/etc/httpd/pki-conf/httpd.conf/25LemonLDAPHandler @@ -0,0 +1,19 @@ +# Load LemonLDAP::NG Handler +PerlOptions +GlobalRequest +PerlRequire /var/lib/lemonldap-ng/handler/MyPkiHandler.pm + +# Common error page and security parameters +ErrorDocument 403 http://auth.{$DomainName}/?lmError=403 +ErrorDocument 500 http://auth.{$DomainName}/?lmError=500 + + +# Configuration reload mechanism (only 1 per physical server is +# needed): choose your URL to avoid restarting Apache when +# configuration change + + Order deny,allow + Deny from all + Allow from localhost + PerlHeaderParserHandler My::Package->refresh + + diff --git a/root/etc/e-smith/templates/etc/httpd/pki-conf/httpd.conf/95phpkisso b/root/etc/e-smith/templates/etc/httpd/pki-conf/httpd.conf/95phpkisso new file mode 100644 index 0000000..60f248c --- /dev/null +++ b/root/etc/e-smith/templates/etc/httpd/pki-conf/httpd.conf/95phpkisso @@ -0,0 +1,16 @@ + +Alias /phpkisso /opt/phpki/html/ + + + PerlHeaderParserHandler My::Package +{ +my @users = split(/\s/, getUsersList("phpki")); +foreach my $u (@users){ + $OUT .= " SetEnvIf Auth-User \"$u\" allow_phpki\n"; +} +} + order deny,allow + deny from all + allow from env=allow_phpki + + diff --git a/root/etc/e-smith/templates/etc/lemonldap-ng/lemonldap-ng-admin.ini/05All b/root/etc/e-smith/templates/etc/lemonldap-ng/lemonldap-ng-admin.ini/05All new file mode 100644 index 0000000..277ef1c --- /dev/null +++ b/root/etc/e-smith/templates/etc/lemonldap-ng/lemonldap-ng-admin.ini/05All @@ -0,0 +1,9 @@ +[all] + +[configuration] +type = SOAP +proxy = https://lemonsoap:{$lemonldap{'SoapPassword'};}@soapsso.{$DomainName}/index.pl/config +proxyOptions = \{ timeout => 5 \} +localStorage=Cache::FileCache +localStorageOptions=\{ 'namespace' => 'LemonLDAPngAdmin', 'default_expires_in' => 600, 'directory_umask' => '007', 'cache_root' => '/tmp', 'cache_depth' => 5, \} + diff --git a/root/etc/e-smith/templates/etc/lemonldap-ng/lemonldap-ng-pki.ini/05All b/root/etc/e-smith/templates/etc/lemonldap-ng/lemonldap-ng-pki.ini/05All new file mode 100644 index 0000000..d7ea5a1 --- /dev/null +++ b/root/etc/e-smith/templates/etc/lemonldap-ng/lemonldap-ng-pki.ini/05All @@ -0,0 +1,9 @@ +[all] + +[configuration] +type = SOAP +proxy = https://lemonsoap:{$lemonldap{'SoapPassword'};}@soapsso.{$DomainName}/index.pl/config +proxyOptions = \{ timeout => 5 \} +localStorage=Cache::FileCache +localStorageOptions=\{ 'namespace' => 'LemonLDAPngPki', 'default_expires_in' => 600, 'directory_umask' => '007', 'cache_root' => '/tmp', 'cache_depth' => 5, \} + diff --git a/root/etc/e-smith/templates/var/lib/lemonldap-ng/conf/lmConf/030userportal b/root/etc/e-smith/templates/var/lib/lemonldap-ng/conf/lmConf/030userportal new file mode 100644 index 0000000..d0e028c --- /dev/null +++ b/root/etc/e-smith/templates/var/lib/lemonldap-ng/conf/lmConf/030userportal @@ -0,0 +1,25 @@ +{ + +$conf->{'locationRules'}->{"config.$domain"} = { + '(?#001common)^/server-common' => 'unprotect', + '(?#010phpki)^/phpkisso/ca' => '$groups =~ /\\b(equipe|admins)\\b/ and ($localAccess or $externalSSLAccess)', + 'default' => 'deny', + '(?#005usermanager)^/user(/cgi\\-bin/|\\-manager)' => '$groups =~ /\\b(equipe|admins)\\b/ and ($localAccess or $externalSSLAccess)' +} unless $conf->{'locationRules'}->{"config.$domain"}; + +$conf->{'exportedHeaders'}->{"config.$domain"} = { + 'Auth-User' => '$uid', +} unless $conf->{'exportedHeaders'}->{"config.$domain"}; + +$conf->{'applicationList'}->{'020utils'}->{'usermanager'} = { + 'options' => { + 'logo' => 'configure.png', + 'name' => 'Configuration', + 'description' => 'Configuration iPasserelle', + 'uri' => "https://config.$domain/user-manager", + 'display' => 'auto' + }, + 'type' => 'application' +} unless $conf->{'applicationList'}->{'020utils'}->{'usermanager'}; + +} diff --git a/root/etc/e-smith/web/common/ipasserelle_logo.jpg b/root/etc/e-smith/web/common/ipasserelle_logo.jpg new file mode 100755 index 0000000..56258ef Binary files /dev/null and b/root/etc/e-smith/web/common/ipasserelle_logo.jpg differ diff --git a/root/etc/e-smith/web/functions/userpanel-initial b/root/etc/e-smith/web/functions/userpanel-initial new file mode 100644 index 0000000..eed19be --- /dev/null +++ b/root/etc/e-smith/web/functions/userpanel-initial @@ -0,0 +1,83 @@ +#!/usr/bin/perl -wT + +#---------------------------------------------------------------------- +# +# Copyright (c) 2011-2013 Firewall-Services +# daniel@firewall-services.com +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +#---------------------------------------------------------------------- + +package esmith; + +use strict; +use CGI ':all'; +use CGI::Carp qw(fatalsToBrowser); + +BEGIN +{ + # Clear PATH and related environment variables so that calls to + # external programs do not cause results to be tainted. See + # "perlsec" manual page for details. + + $ENV {'PATH'} = ''; + $ENV {'SHELL'} = '/bin/bash'; + delete $ENV {'ENV'}; +} + +$CGI::POST_MAX=1024 * 100; # max 100K posts +$CGI::DISABLE_UPLOADS = 1; # no uploads + +my $q = new CGI; + +print $q->header (-EXPIRES => '+-20y', charset => 'UTF-8'); + +print $q->start_html (-TITLE => 'Portail de configuration iPasserelle', + -AUTHOR => 'daniel@firewall-services.com', + -META => {'copyright' => 'Copyright 2011-2013 Firewall-Services'}, + -CLASS => "main", + -STYLE => { + -code => '@import url("/server-common/css/sme_main.css");', + -src => '/server-common/css/sme_core.css' + }); + + +my $user = $ENV{'REMOTE_USER'}; +my $name = $ENV{'HTTP_USER_NAME'} || $user; + +print $q->h1("Portail de configuration iPasserelle"); +print $q->h2("Bienvenue $name"); + +print <<"EOF"; +

+Vous pouvez modifier les paramètres de votre compte +en cliquant sur les différents menus sur la gauche. +

    +
    +

    +

    + +EOF + +print $q->endform; + +print $q->p + ($q->hr ({-CLASS => "sme-copyrightbar"}), + $q->div ({-CLASS => "sme-copyright"}, + "Portail de configuration iPasserelle
    " . + "Copyright 2011-2013 Firewall-Services.
    ")); +print ''; +print $q->end_html; + diff --git a/root/etc/e-smith/web/functions/userpanel-navigation b/root/etc/e-smith/web/functions/userpanel-navigation new file mode 100644 index 0000000..d80e220 --- /dev/null +++ b/root/etc/e-smith/web/functions/userpanel-navigation @@ -0,0 +1,313 @@ +#!/usr/bin/perl -wT + +#---------------------------------------------------------------------- +# User manager functions: navigation +# +# copyright (C) 2011 Firewall Services +# daniel@firewall-services.com +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# +#---------------------------------------------------------------------- +package esmith; + +use strict; +use CGI ':no_xhtml', ':all'; +use CGI::Carp qw(fatalsToBrowser); + +use esmith::cgi; +use esmith::config; +use esmith::AccountsDB; +use esmith::NavigationDB; +use esmith::util; +use esmith::I18N; + +sub showNavigation ($); + +BEGIN +{ + # Clear PATH and related environment variables so that calls to + # external programs do not cause results to be tainted. See + # "perlsec" manual page for details. + + $ENV {'PATH'} = ''; + $ENV {'SHELL'} = '/bin/bash'; + delete $ENV {'ENV'}; +} + +esmith::util::setRealToEffective (); + +$CGI::POST_MAX=1024 * 100; # max 100K posts +$CGI::DISABLE_UPLOADS = 1; # no uploads + +# Use the one script for navigation and noframes +my $NO_FRAMES = ($0 =~ /noframes/); + +my %conf; +tie %conf, 'esmith::config'; + +my $accdb = esmith::AccountsDB->open_ro || die "Couldn't open AccountsDB\n"; + +my $q = new CGI; + +showNavigation ($q); +exit (0); + +#------------------------------------------------------------ +# subroutine to display navigation bar +#------------------------------------------------------------ + +sub showNavigation ($) +{ + my $q = shift; + + # enable utf8 binmode so new translations work + binmode STDOUT, ":utf8"; + + my $acctName = $ENV{'REMOTE_USER'}; + my $user = $accdb->get($acctName) || die "User $acctName not found in AccountsDB\n"; + my $availablePanels = $user->prop('AdminPanels') || ''; + foreach ($accdb->user_group_list($acctName)){ + my $group = $accdb->get($_) || die "Group $_ not found in AccountsDB\n"; + $availablePanels .= ',' . ($group->prop('AdminPanels') || ''); + } + my $glob = $accdb->get('globalUP'); + my $globalPanels = $glob->prop('AdminPanels') || ''; + + my @adminpanels; + if ( defined ($availablePanels) && defined ($globalPanels) ) + { + @adminpanels = ((split (/,/, $availablePanels, -1)),(split (/,/, $globalPanels, -1))); + } + elsif ( defined ($globalPanels) ) + { + @adminpanels = split (/,/, $globalPanels, -1); + } + elsif ( defined ($availablePanels) ) + { + @adminpanels = split (/,/, $availablePanels, -1); + } + + # Use this variable throughout to keep track of files + # list of just the files + my $c = "1"; + my @files = (); + my %files_hash = (); + + #----------------------------------------------------- + # Determine the directory where the functions are kept + #----------------------------------------------------- + + my $navigation_ignore = + "(\.\.?|navigation|noframes|online-manual|(internal|pleasewait)(-.*)?)"; + + my $cgidir = '/etc/e-smith/web/panels/user/cgi-bin/'; + + if (opendir (DIR, $cgidir)) + { + @files = grep (!/^(\..*|userpanel-navigation|userpanel-noframes|userpanel-initial|pleasewait)$/, + readdir (DIR)); + closedir (DIR); + } + else + { + warn "Can't open directory $cgidir\n"; + } + + foreach my $file (@files) + { + foreach my $adminpanel (@adminpanels) + { + if ( $file eq $adminpanel ) + { + $files_hash{$file} = $cgidir; + } + } + } + + #-------------------------------------------------- + # For each script, extract the description and category + # information. Build up an associative array mapping headings + # to heading structures. Each heading structure contains the + # total weight for the heading, the number of times the heading + # has been encountered, and another associative array mapping + # descriptions to description structures. Each description + # structure contains the filename of the particular cgi script + # and a weight. + #-------------------------------------------------- + my %nav = (); + + use constant NAVIGATIONDIR => '/home/e-smith/db/navigation'; + use constant WEBFUNCTIONS => '/etc/e-smith/web/functions'; + + my $i18n = new esmith::I18N; + + my $language = $i18n->preferredLanguage( $ENV{HTTP_ACCEPT_LANGUAGE} ); + + my $navinfo = NAVIGATIONDIR . "/navigation.$language"; + + my $navdb = esmith::NavigationDB->open_ro( $navinfo ) or + die "Couldn't open $navinfo\n"; + + # Check the navdb for anything with a UrlPath, which means that it doesn't + # have a cgi file to be picked up by the above code. Ideally, only pages + # that exist should be in the db, but that's not the case. Anything + # without a cgi file will have to remove themselves on uninstall from the + # navigation dbs. + foreach my $rec ($navdb->get_all) + { + if ($rec->prop('UrlPath')) + { + $files_hash{$rec->{key}} = $cgidir; + } + } + + foreach my $file (keys %files_hash) + { + my $heading = 'Unknown'; + my $description = $file; + my $headingWeight = 99999; + my $descriptionWeight = 99999; + my $urlpath = ''; + + my $rec = $navdb->get($file); + + if (defined $rec) + { + $heading = $rec->prop('Heading'); + $description = $rec->prop('Description'); + $headingWeight = $rec->prop('HeadingWeight'); + $descriptionWeight = $rec->prop('DescriptionWeight'); + $urlpath = $rec->prop('UrlPath') || ''; + } + + #-------------------------------------------------- + # add heading, description and weight information to data structure + #-------------------------------------------------- + + unless (exists $nav {$heading}) + { + $nav {$heading} = { COUNT => 0, WEIGHT => 0, DESCRIPTIONS => [] }; + } + + $nav {$heading} {'COUNT'} ++; + $nav {$heading} {'WEIGHT'} += $headingWeight; + + # Check for manager panel, and assign the appropriate + # cgi-bin prefix for the links. + # Grab the last 2 directories by splitting for '/'s and + # then concatenating the last 2 + # probably a better way, but I don't know it. + my @filename = split /\//, $files_hash{$file}; + my $path = ($cgidir eq '/etc/e-smith/web/panels/user/cgi-bin/') ? + "/$filename[scalar @filename - 1]" : + "/$filename[scalar @filename - 2]/$filename[scalar @filename - 1]"; + + push @{ $nav {$heading} {'DESCRIPTIONS'} }, + { DESCRIPTION => $description, + WEIGHT => $descriptionWeight, + FILENAME => $urlpath ? $urlpath : "$path/$file", + CGIPATH => $path + }; + } + + #-------------------------------------------------- + # generate list of headings sorted by average weight + #-------------------------------------------------- + if ( $NO_FRAMES ) + { + esmith::cgi::genNoframesHeader ($q); + } + else + { + esmith::cgi::genNavigationHeader ($q, undef); + print "\n\n"; + } + + print ' + "; + + foreach my $h (sort { + ($nav{$a}{'WEIGHT'}/$nav{$a}{'COUNT'}) <=> + ($nav{$b}{'WEIGHT'}/$nav{$b}{'COUNT'}) } keys %nav) + { + if ( $NO_FRAMES ) + { + print $q->h2 ($h); + } + else + { + print "\n", $q->Tr ($q->td({class => "section"},$q->span({class => "section"}, $h))); + } + + #-------------------------------------------------- + # generate list of descriptions sorted by weight + #-------------------------------------------------- + print "
      \n" if ( $NO_FRAMES ); + + foreach (sort { $a->{'WEIGHT'} <=> $b->{'WEIGHT'} } @{$nav {$h}{'DESCRIPTIONS'}}) + { + my $href = "/user-manager" . $_->{'FILENAME'}; + if ( $NO_FRAMES ) + { + print $q->li ($q->a ({href => "$href?noframes=1"}, $_->{'DESCRIPTION'})); + } + else + { + print "\n",$q->Tr( + $q->td ({-class => "menu-cell"}, + $q->a ({-id => "sme$c", + -class => "item", + -onClick => "swapClasses('sme$c')", + href => $href, + target => 'main'}, + $_->{'DESCRIPTION'}) + )); + } + $c++; + + } + print "
    \n" if ($NO_FRAMES); + } + + unless ( $NO_FRAMES ) + { + print "\n
    \n"; + esmith::cgi::genNavigationFooter ($q); + } +} diff --git a/root/etc/e-smith/web/functions/userpanel-noframes b/root/etc/e-smith/web/functions/userpanel-noframes new file mode 100644 index 0000000..5702901 --- /dev/null +++ b/root/etc/e-smith/web/functions/userpanel-noframes @@ -0,0 +1,268 @@ +#!/usr/bin/perl -wT + +#---------------------------------------------------------------------- +# user manager functions: noframes +# +# Copyright (c) 2001 Daniel van Raay +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +#---------------------------------------------------------------------- + +package esmith; + +use strict; +use CGI ':all'; +use CGI::Carp qw(fatalsToBrowser); + +use esmith::cgi; +use esmith::config; +use esmith::util; +use esmith::db; +use esmith::AccountsDB; + +sub showNavigation ($); +sub byweight; + +BEGIN +{ + # Clear PATH and related environment variables so that calls to + # external programs do not cause results to be tainted. See + # "perlsec" manual page for details. + + $ENV {'PATH'} = ''; + $ENV {'SHELL'} = '/bin/bash'; + delete $ENV {'ENV'}; +} + +esmith::util::setRealToEffective (); + +$CGI::POST_MAX=1024 * 100; # max 100K posts +$CGI::DISABLE_UPLOADS = 1; # no uploads + +my %conf; +tie %conf, 'esmith::config'; + +my %accounts; +tie %accounts, 'esmith::config', '/home/e-smith/db/accounts'; + +my $a = esmith::AccountsDB->open_ro || die "Error opening AccountsDB\n"; + +my $q = new CGI; + +showNavigation ($q); +exit (0); + + +#------------------------------------------------------------ +# subroutine to display navigation bar +#------------------------------------------------------------ + +sub showNavigation ($) +{ + my $q = shift; + + esmith::cgi::genNoframesHeader ($q); + + my $acctName = $ENV{'REMOTE_USER'}; + my $user = $a->get($acctName) || die "User $acctName not found in AccountsDB\n"; + my $availablePanels = $user->prop('AdminPanels') || ''; + foreach ($a->user_group_list($acctName)){ + my $group = $a->get($_) || die "Group $_ not found in AccountsDB\n"; + $availablePanels .= ','.$group->prop('AdminPanels') || ''; + } + my $glob = $a->get('globalUP'); + my $globalPanels = $glob->prop('AdminPanels') || ''; + + my @adminpanels; + if ( defined ($availablePanels) && defined ($globalPanels) ) + { + @adminpanels = ((split (/,/, $availablePanels, -1)),(split (/,/, $globalPanels, -1))); + } + elsif ( defined ($globalPanels) ) + { + @adminpanels = split (/,/, $globalPanels, -1); + } + elsif ( defined ($availablePanels) ) + { + @adminpanels = split (/,/, $availablePanels, -1); + } + + # Use this variable throughout to keep track of files + # list of just the files + my @files = (); + my %files_hash = (); + + #----------------------------------------------------- + # Determine the directory where the functions are kept + # match available panels with delegated panels to this user + #----------------------------------------------------- + + my $cgidir = '/etc/e-smith/web/panels/user/cgi-bin/'; + + if (opendir (DIR, $cgidir)) + { + @files = grep (!/^(\..*|userpanel-navigation|userpanel-noframes|userpanel-initial|pleasewait)$/, + readdir (DIR)); + closedir (DIR); + } + else + { + warn "Can't open directory $cgidir\n"; + } + + foreach my $file (@files) + { + foreach my $adminpanel (@adminpanels) + { + if ( $file eq $adminpanel ) + { + $files_hash{$file} = $cgidir; + } + } + } + + #-------------------------------------------------- + # For each script, extract the description and category + # information. Build up an associative array mapping headings + # to heading structures. Each heading structure contains the + # total weight for the heading, the number of times the heading + # has been encountered, and another associative array mapping + # descriptions to description structures. Each description + # structure contains the filename of the particular cgi script + # and a weight. + #-------------------------------------------------- + + my %nav = (); + + foreach my $file (keys %files_hash) + { + #-------------------------------------------------- + # extract heading, description and weight information + # from CGI script + #-------------------------------------------------- + my $heading = "Unknown"; + my $headingWeight = 0; + + my $description = "Unknown"; + my $descriptionWeight = 0; + + unless (open (RD, "$files_hash{$file}/$file")) + { + warn "Can't open file $files_hash{$file}/$file: $!\n"; + next; + } + + while () + { + if (/^\s*#\s*heading\s*:\s*(.+?)\s*$/) + { + $heading = $1; + } + + if (/^\s*#\s*description\s*:\s*(.+?)\s*$/) + { + $description = $1; + } + + if (/^\s*#\s*navigation\s*:\s*(\d+?)\s+(\d+?)\s*$/) + { + $headingWeight = $1; + $descriptionWeight = $2; + } + last if ($heading ne "Unknown" && $headingWeight && $description ne "Unknown" && $descriptionWeight); + } + close RD; + + #-------------------------------------------------- + # add heading, description and weight information to data structure + #-------------------------------------------------- + + unless (exists $nav {$heading}) + { + $nav {$heading} = { COUNT => 0, WEIGHT => 0, DESCRIPTIONS => [] }; + } + + $nav {$heading} {'COUNT'} ++; + $nav {$heading} {'WEIGHT'} += $headingWeight; + + # Check for manager panel, and assign the appropriate + # cgi-bin prefix for the links. + # Grab the last 2 directories by splitting for '/'s and + # then concatenating the last 2 + # probably a better way, but I don't know it. + my @filename = split /\//, $files_hash{$file}; + my $path = "/user-manager/$filename[scalar @filename - 1]"; + + push @{ $nav {$heading} {'DESCRIPTIONS'} }, + { DESCRIPTION => $description, + WEIGHT => $descriptionWeight, + FILENAME => "$path/$file", + CGIPATH => $path + }; + } + + #-------------------------------------------------- + # generate list of headings sorted by average weight + #-------------------------------------------------- + + my @unsortedheadings = keys %nav; + + my $h; + local @esmith::weights = (); + foreach $h (@unsortedheadings) + { + push (@esmith::weights, ($nav {$h} {'WEIGHT'} / $nav {$h} {'COUNT'})); + } + + my @sortedheadings = @unsortedheadings [sort byweight $[..$#unsortedheadings]; + + foreach $h (@sortedheadings) + { + print $q->h2 ($h); + + #-------------------------------------------------- + # generate list of descriptions sorted by weight + #-------------------------------------------------- + + my @unsorteddescriptions = @{ $nav {$h} {'DESCRIPTIONS'} }; + + my $d; + @esmith::weights = (); + foreach $d (@unsorteddescriptions) + { + push (@esmith::weights, $d->{'WEIGHT'}); + } + + my @indices = sort byweight $[..$#unsorteddescriptions; + + print "
      \n"; + + my $i; + foreach $i (@indices) + { + my $href = $unsorteddescriptions [$i]->{'FILENAME'}; + print $q->li ($q->a ({href => $href}, $unsorteddescriptions [$i]->{'DESCRIPTION'})); + + } + print "
    \n"; + } + + esmith::cgi::genNavigationFooter ($q); +} + +sub byweight +{ + $esmith::weights [$a] <=> $esmith::weights [$b]; +} diff --git a/root/etc/e-smith/web/functions/userpanelaccess b/root/etc/e-smith/web/functions/userpanelaccess new file mode 100644 index 0000000..98e1acf --- /dev/null +++ b/root/etc/e-smith/web/functions/userpanelaccess @@ -0,0 +1,411 @@ +#!/usr/bin/perl -wT + +#---------------------------------------------------------------------- +# heading : Security +# description : User Panel Access +# navigation : 1000 1300 +# +# Copyright (c) 2001 Daniel van Raay +# Modified (c) 2002 Stephen Noble +# Modified (c) 2002 Shad L. Lords +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +#---------------------------------------------------------------------- + +package esmith; + +use strict; +use CGI ':all'; +use CGI::Carp qw(fatalsToBrowser); + +use esmith::cgi; +use esmith::config; +use esmith::util; +use esmith::db; +use esmith::event; + +sub showInitial ($$); +sub genPanels ($$); +sub modifyAccess ($); +sub performModifyAccess ($); + +BEGIN +{ + # Clear PATH and related environment variables so that calls to + # external programs do not cause results to be tainted. See + # "perlsec" manual page for details. + + $ENV {'PATH'} = ''; + $ENV {'SHELL'} = '/bin/bash'; + delete $ENV {'ENV'}; +} + +esmith::util::setRealToEffective (); + +$CGI::POST_MAX=1024 * 100; # max 100K posts +$CGI::DISABLE_UPLOADS = 1; # no uploads + +my %conf; +tie %conf, 'esmith::config'; + +my %accounts; +tie %accounts, 'esmith::config', '/home/e-smith/db/accounts'; + +#------------------------------------------------------------ +# examine state parameter and display the appropriate form +#------------------------------------------------------------ + +my $q = new CGI; + +if (! grep (/^state$/, $q->param)) +{ + showInitial ($q, ''); +} + +elsif ($q->param ('state') eq "modifyAccess") +{ + modifyAccess ($q); +} + +elsif ($q->param ('state') eq "performModifyAccess") +{ + performModifyAccess ($q); +} + +else +{ + esmith::cgi::genStateError ($q, \%conf); +} + +exit (0); + +#------------------------------------------------------------ +# subroutine to display initial form +#------------------------------------------------------------ + +sub showInitial ($$) +{ + my ($q, $msg) = @_; + + if ($msg eq '') + { + esmith::cgi::genHeaderNonCacheable + ($q, \%conf, 'Change access to server-manager panels for user accounts'); + } + else + { + esmith::cgi::genHeaderNonCacheable + ($q, \%conf, 'Operation status report'); + + print $q->p ($msg); + print $q->hr; + } + + my @userAccounts = ('admin'); + + foreach (sort keys %accounts) + { + push (@userAccounts, $_) if (db_get_type(\%accounts, $_) eq "user"); + } + + foreach (sort keys %accounts) + { + push (@userAccounts, $_) if (db_get_type(\%accounts, $_) eq "group"); + } + + unless (scalar @userAccounts) + { + print $q->p ($q->b ('There are no user accounts in the system.')); + } + else + { + my $description = <p ($description); + + print $q->p ($q->b ('Current List of User Accounts')); + + print ""; + + print $q->Tr (esmith::cgi::genSmallCell ($q, $q->b ('Account')), + esmith::cgi::genSmallCell ($q, $q->b ('Name/Description')), + $q->td (' ')); + + my $user; + + foreach $user (@userAccounts) + { + my $name = ''; + if (db_get_type(\%accounts, $user) eq "group") + { + $name =db_get_prop(\%accounts, $user, "Description"); + } + else + { + $name =db_get_prop(\%accounts, $user, "FirstName")." ". db_get_prop(\%accounts, $user, "LastName"); + } + + my $AdminPanels = db_get_prop(\%accounts, $user, "AdminPanels"); + $AdminPanels = '' if ! defined ($AdminPanels); + + if ( ! $AdminPanels ) + { + print $q->Tr (esmith::cgi::genSmallCell ($q, $user), + esmith::cgi::genSmallCell ($q, $name), + esmith::cgi::genSmallCell ($q, + $q->a ({href => $q->url (-absolute => 1) + . "?state=modifyAccess&acct=" + . $user}, 'Change Access...'))); + + } + else + { + print $q->Tr (esmith::cgi::genSmallRedCell ($q, $user), + esmith::cgi::genSmallRedCell ($q, $name), + esmith::cgi::genSmallCell ($q, + $q->a ({href => $q->url (-absolute => 1) + . "?state=modifyAccess&acct=" + . $user}, 'Change Access...'))); + + } + + } + + #global setting + if ( ! db_get( \%accounts, 'globalUP') ) + { + db_set(\%accounts, 'globalUP', 'userpanelglobal', { FirstName => 'global user', LastName => 'panel access' }); + } + + my $AdminPanels = db_get_prop(\%accounts, 'globalUP', "AdminPanels"); + $AdminPanels = '' if ! defined ($AdminPanels); + + if ( ! $AdminPanels ) + { + print $q->Tr (esmith::cgi::genSmallCell ($q, 'Global'), + esmith::cgi::genSmallCell ($q, 'every user'), + esmith::cgi::genSmallCell ($q, + $q->a ({href => $q->url (-absolute => 1) + . "?state=modifyAccess&acct=" + . 'globalUP'}, 'Change Access...'))); + + } + else + { + print $q->Tr (esmith::cgi::genSmallRedCell ($q, 'Global'), + esmith::cgi::genSmallRedCell ($q, 'every user'), + esmith::cgi::genSmallCell ($q, + $q->a ({href => $q->url (-absolute => 1) + . "?state=modifyAccess&acct=" + . 'globalUP'}, 'Change Access...'))); + + } + + print '
    '; + } + + esmith::cgi::genFooter ($q); +} + +sub genPanels ($$) +{ + my ($q, $user) = @_; + + my %panelshash = (); + my @selected = (); + my @globalselected = (); + + my @panels; + opendir (DIR, "/etc/e-smith/web/functions") + || die "Can't open /etc/e-smith/web/functions directory.\n"; + push (@panels, sort (grep (!/^(\.|userpanel-initial|userpanel-navigation|userpanel-noframes|pleasewait|index\.cgi|initial\.cgi|navigation|noframes)/, readdir(DIR)))); + closedir (DIR); + + my $panel; + foreach $panel (@panels) + { + $panelshash{$panel} = "Unknown"; + + unless (open (RD, "/etc/e-smith/web/functions/$panel")) + { + warn "Can't open file /etc/e-smith/web/functions/$panel: $!\n"; + next; + } + + while () + { + if (/^\s*#\s*description\s*:\s*(.+?)\s*$/) + { + $panelshash{$panel} = $1; + } + + last if ( $panelshash{$panel} ne "Unknown" ); + } + close RD; + } + + my $userAdminPanels = db_get_prop(\%accounts, $user, 'AdminPanels'); + $userAdminPanels = '' if ! defined ($userAdminPanels); + @selected = split (/,/, $userAdminPanels); + + my $globalAdminPanels = db_get_prop(\%accounts, 'globalUP', 'AdminPanels'); + $globalAdminPanels = '' if ! defined ($globalAdminPanels); + @globalselected = split (/,/, $globalAdminPanels); + + @panels = sort @panels; + my $count = scalar @panels; + + my $out = ''; + + if ($count > 0) + { + $out .= ''; + + $out .= $q->Tr ($q->td (' '), + esmith::cgi::genSmallCell ($q, $q->b ('Panel')), + esmith::cgi::genSmallCell ($q, $q->b ('Description'))); + + my $panel; + foreach $panel (@panels) + { + my $checked = ""; + if (grep (/^$panel$/, @selected) || grep (/^$panel$/, @globalselected)) + { + $checked = "checked"; + } + + if (grep (/^$panel$/, @globalselected) && ($user ne 'globalUP')) + { + $out .= + $q->Tr ( + $q->td ( + "" + ), + esmith::cgi::genSmallRedCell ($q, $panel), + esmith::cgi::genSmallRedCell ( + $q, $panelshash{$panel} . ' (Global)')); + } else { + $out .= + $q->Tr ( + $q->td ( + "" + ), + esmith::cgi::genSmallCell ($q, $panel), + esmith::cgi::genSmallCell ( + $q, $panelshash{$panel})); + } + } + + $out .= '
    '; + } + + return $out; +} + + +sub modifyAccess ($) +{ + my ($q) = @_; + + esmith::cgi::genHeaderNonCacheable ($q, \%conf, 'Modify user-manager access'); + + print + $q->startform (-method => 'POST', -action => $q->url (-absolute => 1)); + + my $acct = $q->param ('acct'); + + my $username = ''; + if (db_get_type(\%accounts, $acct) eq "group") + { + $username =db_get_prop(\%accounts, $acct, "Description"); + } + else + { + $username =db_get_prop(\%accounts, $acct, "FirstName")." ". db_get_prop(\%accounts, $acct, "LastName"); + } + + if (db_get(\%accounts, $acct)) + { + + print $q->table ({border => 0, cellspacing => 0, cellpadding => 4}, + + $q->Tr (esmith::cgi::genCell ($q, "Account name:"), + esmith::cgi::genCell ($q, $acct)), + + $q->Tr (esmith::cgi::genCell ($q, "Name/Description:"), + esmith::cgi::genCell ($q, "$username")), + + $q->Tr (esmith::cgi::genCell ($q, "Accessible Panels:"), + esmith::cgi::genCell ($q, genPanels ($q, $acct))), + + esmith::cgi::genButtonRow ($q, + $q->submit (-name => 'action', + -value => 'Modify'))); + + print $q->hidden (-name => 'acct', + -override => 1, + -default => $acct); + + print $q->hidden (-name => 'state', + -override => 1, + -default => 'performModifyAccess'); + + } + + print $q->endform; + esmith::cgi::genFooter ($q); + return; +} + + +sub performModifyAccess ($) +{ + my ($q) = @_; + my $acct = $q->param ('acct'); + + my @adminPanels = $q->param ('panelAccess'); + my @userPanels = (); + + my $globalAdminPanels = db_get_prop(\%accounts, 'globalUP', 'AdminPanels'); + $globalAdminPanels = '' if ! defined ($globalAdminPanels); + my @globalselected = split (/,/, $globalAdminPanels); + + foreach my $panel (@adminPanels) + { + if ( ! grep (/^$panel$/, @globalselected) || ($acct eq 'globalUP')) + { + push(@userPanels, $panel); + } + } + + my $adminPanels = join (',', @userPanels); + + db_set_prop(\%accounts, $acct, 'AdminPanels', $adminPanels); + + system ("/sbin/e-smith/signal-event", "conf-userpanel") == 0 + or die ("Error occurred while updating userpanel configuration.\n"); + + showInitial ($q, "Successfully modified user account $acct."); +} diff --git a/root/etc/e-smith/web/panels/user/access.incl b/root/etc/e-smith/web/panels/user/access.incl new file mode 100644 index 0000000..82213a6 --- /dev/null +++ b/root/etc/e-smith/web/panels/user/access.incl @@ -0,0 +1,3 @@ +{ +} + diff --git a/root/etc/e-smith/web/panels/user/html/index.html b/root/etc/e-smith/web/panels/user/html/index.html new file mode 100644 index 0000000..389abf1 --- /dev/null +++ b/root/etc/e-smith/web/panels/user/html/index.html @@ -0,0 +1,36 @@ + + + + + +SME Server / user + + + + + + + + + + + +<BODY> + +<H1>Welcome to the user manager panel</H1> + +<P><A HREF="/user-manager/cgi-bin/userpanel-noframes">Click here</A> for a +list of available functions. + +<P>As part of our commitment to open-source software, you are welcome +to copy and redistribute this software. + +<P> +<HR> + +</BODY> + + + diff --git a/root/var/lib/lemonldap-ng/handler/MyAdminHandler.pm b/root/var/lib/lemonldap-ng/handler/MyAdminHandler.pm new file mode 100644 index 0000000..dba9dc0 --- /dev/null +++ b/root/var/lib/lemonldap-ng/handler/MyAdminHandler.pm @@ -0,0 +1,10 @@ +package My::Package; +use Lemonldap::NG::Handler::SharedConf; +@ISA = qw(Lemonldap::NG::Handler::SharedConf); + +__PACKAGE__->init( + { + configStorage => { confFile => '/etc/lemonldap-ng/lemonldap-ng-admin.ini' }, + } +); +1; diff --git a/root/var/lib/lemonldap-ng/handler/MyPkiHandler.pm b/root/var/lib/lemonldap-ng/handler/MyPkiHandler.pm new file mode 100644 index 0000000..33a0dea --- /dev/null +++ b/root/var/lib/lemonldap-ng/handler/MyPkiHandler.pm @@ -0,0 +1,10 @@ +package My::Package; +use Lemonldap::NG::Handler::SharedConf; +@ISA = qw(Lemonldap::NG::Handler::SharedConf); + +__PACKAGE__->init( + { + configStorage => { confFile => '/etc/lemonldap-ng/lemonldap-ng-pki.ini' }, + } +); +1;