commit
e7a6d9b2fc
36 changed files with 2027 additions and 0 deletions
@ -0,0 +1,21 @@ |
|||||||
|
#!/usr/bin/perl -w |
||||||
|
|
||||||
|
use esmith::Build::CreateLinks qw(:all); |
||||||
|
|
||||||
|
panel_link("userpanelaccess", "manager"); |
||||||
|
|
||||||
|
event_link("conf-userpanelsymlinks", "conf-userpanel", "20"); |
||||||
|
event_link("conf-userpanelsymlinks", "webapps-update", "20"); |
||||||
|
|
||||||
|
foreach my $event (qw/ipasserelle-update bootstrap-ldap-save webapps-update/){ |
||||||
|
event_link("ipasserelle-init-config-domain", "$event", "25"); |
||||||
|
templates2events("/etc/lemonldap-ng/lemonldap-ng-admin.ini", "$event"); |
||||||
|
templates2events("/etc/lemonldap-ng/lemonldap-ng-pki.ini", "$event"); |
||||||
|
} |
||||||
|
|
||||||
|
# Create language symlinks |
||||||
|
foreach my $lang qw(bg da de el en-us es et fr he hu id it ja nb |
||||||
|
nl pl pt pt-br ro ru sl sv th tr zh-cn zh-tw){ |
||||||
|
safe_symlink("/etc/e-smith/locale/$lang/etc/e-smith/web/functions", |
||||||
|
"root/etc/e-smith/locale/$lang/etc/e-smith/web/panels/user/cgi-bin"); |
||||||
|
} |
@ -0,0 +1,87 @@ |
|||||||
|
Summary: iPasserelle User Panel module |
||||||
|
%define name ipasserelle-userpanel |
||||||
|
Name: %{name} |
||||||
|
%define version 0.2.0 |
||||||
|
%define release 1 |
||||||
|
Version: %{version} |
||||||
|
Release: %{release}%{?dist} |
||||||
|
License: GPL |
||||||
|
URL: http://www.ipasserelle.com |
||||||
|
Group: SMEserver/addon |
||||||
|
Source: %{name}-%{version}.tar.gz |
||||||
|
|
||||||
|
BuildArch: noarch |
||||||
|
BuildRoot: /var/tmp/%{name}-%{version} |
||||||
|
|
||||||
|
Requires: e-smith-base >= 5.2.0-62 |
||||||
|
Requires: ipasserelle-base |
||||||
|
Requires: smeserver-lemonldap-ng => 0.1-15 |
||||||
|
Requires: smeserver-webapps-common >= 0.1-10 |
||||||
|
|
||||||
|
BuildRequires: e-smith-devtools |
||||||
|
|
||||||
|
Obsoletes: smeserver-userpanel |
||||||
|
Obsoletes: ipasserelle-user-portal |
||||||
|
Provides: smeserver-userpanel |
||||||
|
|
||||||
|
%description |
||||||
|
iPasserelle User Portal provides a user oriented |
||||||
|
portal where they can set their own settings |
||||||
|
Admins can also delegate panels to users |
||||||
|
This module is based on smeserver-userpanel |
||||||
|
|
||||||
|
%changelog |
||||||
|
* Tue Nov 12 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.0-1 |
||||||
|
- Import in GIT |
||||||
|
|
||||||
|
* Mon Nov 14 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-6 |
||||||
|
- create language symlinks |
||||||
|
|
||||||
|
* Tue Jul 19 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-5 |
||||||
|
- Move SetEnvIf directives |
||||||
|
- Add SSO protected access to PHPki |
||||||
|
- Don't send $cn as header as it prevent access if username contains accent |
||||||
|
|
||||||
|
* Mon Jul 18 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-4 |
||||||
|
- Rewrite userpanel-navigation (based on the current server-manager's one) |
||||||
|
|
||||||
|
* Mon Jul 11 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-3 |
||||||
|
- Add httpd-admin handler to the list of handler which need a reload |
||||||
|
|
||||||
|
* Wed Jul 06 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-2 |
||||||
|
- Expand LL::NG conf also in bootstrap-ldap-save and ipasserelle-update |
||||||
|
|
||||||
|
* Tue Jun 28 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-1 |
||||||
|
- initial release (based on smeserver-userpanel-0.9-11) |
||||||
|
|
||||||
|
|
||||||
|
%prep |
||||||
|
%setup |
||||||
|
|
||||||
|
%build |
||||||
|
perl createlinks |
||||||
|
|
||||||
|
%{__mkdir_p} root/etc/e-smith/web/panels/user/cgi-bin |
||||||
|
|
||||||
|
%install |
||||||
|
rm -rf $RPM_BUILD_ROOT |
||||||
|
(cd root ; find . -depth -print | cpio -dump $RPM_BUILD_ROOT) |
||||||
|
rm -f %{name}-%{version}-filelist |
||||||
|
/sbin/e-smith/genfilelist $RPM_BUILD_ROOT > %{name}-%{version}-filelist |
||||||
|
echo "%doc COPYING" >> %{name}-%{version}-filelist |
||||||
|
|
||||||
|
%clean |
||||||
|
cd .. |
||||||
|
rm -rf %{name}-%{version} |
||||||
|
|
||||||
|
%pre |
||||||
|
|
||||||
|
%preun |
||||||
|
|
||||||
|
%post |
||||||
|
|
||||||
|
%postun |
||||||
|
|
||||||
|
%files -f %{name}-%{version}-filelist |
||||||
|
%defattr(-,root,root) |
||||||
|
|
@ -0,0 +1,26 @@ |
|||||||
|
{ |
||||||
|
|
||||||
|
my $llng = $DB->get("lemonldap") || |
||||||
|
$DB->new_record("lemonldap", { type => "service" }); |
||||||
|
|
||||||
|
my @soapaccess = split(/[;,]/, ($llng->prop('SoapAllowFrom') || '')); |
||||||
|
my $internal = $DB->get('InternalInterface')->prop('IPAddress'); |
||||||
|
push @soapaccess, $internal if (!grep {$internal eq $_} @soapaccess); |
||||||
|
$llng->set_prop('SoapAllowFrom', join(',',@soapaccess)); |
||||||
|
|
||||||
|
# httpd-admin handler |
||||||
|
my @reload = split(/[;,]/, ($llng->prop('Reload') || '')); |
||||||
|
my $reloadurl = 'localhost:980=http://localhost:980/lm-reload'; |
||||||
|
push @reload, $reloadurl if (!grep {$reloadurl eq $_} @reload); |
||||||
|
|
||||||
|
# httpd-pki handler |
||||||
|
$reloadurl = 'localhost:940=http://localhost:940/lm-reload'; |
||||||
|
my $phpki = $DB->get('httpd-pki'); |
||||||
|
if($phpki){ |
||||||
|
my $status = $phpki->prop('status') || 'disabled'; |
||||||
|
push @reload, $reloadurl if ((!grep {$reloadurl eq $_} @reload) && ($status eq 'enabled')); |
||||||
|
} |
||||||
|
|
||||||
|
$llng->set_prop('Reload', join(',',@reload)); |
||||||
|
|
||||||
|
} |
@ -0,0 +1,92 @@ |
|||||||
|
#!/usr/bin/perl -w |
||||||
|
|
||||||
|
#---------------------------------------------------------------------- |
||||||
|
# |
||||||
|
# Copyright (c) 2001 Daniel van Raay |
||||||
|
# |
||||||
|
# This program is free software; you can redistribute it and/or modify |
||||||
|
# it under the terms of the GNU General Public License as published by |
||||||
|
# the Free Software Foundation; either version 2 of the License, or |
||||||
|
# (at your option) any later version. |
||||||
|
# |
||||||
|
# This program is distributed in the hope that it will be useful, |
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of |
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||||||
|
# GNU General Public License for more details. |
||||||
|
# |
||||||
|
# You should have received a copy of the GNU General Public License |
||||||
|
# along with this program; if not, write to the Free Software |
||||||
|
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
||||||
|
#---------------------------------------------------------------------- |
||||||
|
|
||||||
|
package esmith; |
||||||
|
|
||||||
|
use strict; |
||||||
|
use Errno; |
||||||
|
use esmith::config; |
||||||
|
use esmith::util; |
||||||
|
use esmith::db; |
||||||
|
|
||||||
|
my %conf; |
||||||
|
tie %conf, 'esmith::config'; |
||||||
|
|
||||||
|
my %accounts; |
||||||
|
tie %accounts, 'esmith::config', '/home/e-smith/db/accounts'; |
||||||
|
|
||||||
|
#--------------------------------------------------------------------------- |
||||||
|
# clear and re-create all the user panel symlinks |
||||||
|
#--------------------------------------------------------------------------- |
||||||
|
|
||||||
|
#clear |
||||||
|
opendir (DIR, "/etc/e-smith/web/panels/user/cgi-bin/") or |
||||||
|
die "Can't open directory /etc/e-smith/web/panels/user/cgi-bin/\n"; |
||||||
|
my @symlinks = grep (!/^\./, readdir (DIR)); |
||||||
|
closedir (DIR); |
||||||
|
|
||||||
|
foreach my $link (@symlinks) |
||||||
|
{ |
||||||
|
-e "/etc/e-smith/web/panels/user/cgi-bin/$link" && unlink("/etc/e-smith/web/panels/user/cgi-bin/$link"); |
||||||
|
} |
||||||
|
|
||||||
|
#always link userpanels |
||||||
|
my %newsymlinks; |
||||||
|
opendir (DIR, "/etc/e-smith/web/functions/") or |
||||||
|
die "Can't open directory /etc/e-smith/web/functions/\n"; |
||||||
|
foreach my $userpanels ( grep (/^(userpanel-initial|userpanel-navigation|userpanel-noframes|pleasewait)$/, readdir (DIR)) ) |
||||||
|
{ |
||||||
|
$newsymlinks{$userpanels} = 'Yes'; |
||||||
|
} |
||||||
|
closedir (DIR); |
||||||
|
|
||||||
|
#also add needed panels |
||||||
|
foreach my $user (sort keys %accounts) |
||||||
|
{ |
||||||
|
my $userAdminPanels = db_get_prop(\%accounts, $user, "AdminPanels"); |
||||||
|
$userAdminPanels = '' if ! defined ($userAdminPanels); |
||||||
|
|
||||||
|
foreach my $panels (split (/,/, $userAdminPanels)) |
||||||
|
{ |
||||||
|
$newsymlinks{$panels} = 'Yes'; |
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
foreach my $link ( sort keys %newsymlinks ) |
||||||
|
{ |
||||||
|
if ( -e "/etc/e-smith/web/functions/$link" && |
||||||
|
! -e "/etc/e-smith/web/panels/user/cgi-bin/$link" ) |
||||||
|
{ |
||||||
|
#symlink("../../../functions/$link", "/etc/e-smith/web/panels/user/cgi-bin/$link") || |
||||||
|
link("/etc/e-smith/web/functions/$link", "/etc/e-smith/web/panels/user/cgi-bin/$link") || |
||||||
|
warn "Couldn't link('functions/$link' to '/etc/e-smith/web/panels/user/cgi-bin/$link'): $!\n"; |
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
system("/sbin/e-smith/expand-template /etc/httpd/admin-conf/httpd.conf") == 0 |
||||||
|
or warn ("Error expanding httpd.conf \n"); |
||||||
|
|
||||||
|
#system("/etc/rc.d/init.d/httpd-admin restart") == 0 |
||||||
|
# or warn ("Error occurred restarting httpd-admin \n"); |
||||||
|
esmith::util::backgroundCommand (1, "/usr/local/bin/svc", "-h", "/service/httpd-admin");# == 0 |
||||||
|
|
||||||
|
exit (0); |
||||||
|
|
@ -0,0 +1,51 @@ |
|||||||
|
#!/usr/bin/perl -w |
||||||
|
#---------------------------------------------------------------------- |
||||||
|
# copyright (C) 2011 Firewall-Services |
||||||
|
# daniel@firewall-services.com |
||||||
|
# |
||||||
|
# This program is free software; you can redistribute it and/or modify |
||||||
|
# it under the terms of the GNU General Public License as published by |
||||||
|
# the Free Software Foundation; either version 2 of the License, or |
||||||
|
# (at your option) any later version. |
||||||
|
# |
||||||
|
# This program is distributed in the hope that it will be useful, |
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of |
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||||||
|
# GNU General Public License for more details. |
||||||
|
# |
||||||
|
# You should have received a copy of the GNU General Public License |
||||||
|
# along with this program; if not, write to the Free Software |
||||||
|
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
||||||
|
# |
||||||
|
# Technical support for this program is available from Mitel Networks |
||||||
|
# Please visit our web site www.mitel.com/sme/ for details. |
||||||
|
#---------------------------------------------------------------------- |
||||||
|
|
||||||
|
use strict; |
||||||
|
use warnings; |
||||||
|
use esmith::DomainsDB; |
||||||
|
use esmith::ConfigDB; |
||||||
|
|
||||||
|
my $d = esmith::DomainsDB->open or die "Couldn't open DomainsDB\n"; |
||||||
|
my $c = esmith::ConfigDB->open_ro() or die "Couldn't open ConfigDB\n"; |
||||||
|
|
||||||
|
my $domain = $c->get('DomainName')->value; |
||||||
|
my $vhost; |
||||||
|
|
||||||
|
$vhost = $d->get("config.$domain"); |
||||||
|
|
||||||
|
exit (0) if ($vhost); |
||||||
|
|
||||||
|
$d->new_record("config.$domain",{ |
||||||
|
type => 'domain', |
||||||
|
Content => 'Primary', |
||||||
|
Description => "Accès à la configuration de l'iPasserelle", |
||||||
|
Nameservers => 'internet', |
||||||
|
TemplatePath => 'UserManagerVirtualHost', |
||||||
|
Removable => 'no', |
||||||
|
}); |
||||||
|
|
||||||
|
unless ( system("/sbin/e-smith/signal-event", "domain-create", "config.$domain") == 0 ){ |
||||||
|
die "Failed to create domain ip.$domain\n"; |
||||||
|
} |
||||||
|
|
@ -0,0 +1,4 @@ |
|||||||
|
PERMS=0640 |
||||||
|
UID="root" |
||||||
|
GID="admin" |
||||||
|
|
@ -0,0 +1,4 @@ |
|||||||
|
PERMS=0640 |
||||||
|
UID="root" |
||||||
|
GID="phpki" |
||||||
|
|
@ -0,0 +1,8 @@ |
|||||||
|
{ |
||||||
|
my $status = $modPerl{status}; |
||||||
|
|
||||||
|
return "# modPerl disabled" unless ($status and $status eq "enabled"); |
||||||
|
|
||||||
|
return "LoadModule perl_module modules/mod_perl.so"; |
||||||
|
} |
||||||
|
|
@ -0,0 +1,20 @@ |
|||||||
|
# Load LemonLDAP::NG Handler |
||||||
|
PerlOptions +GlobalRequest |
||||||
|
PerlRequire /var/lib/lemonldap-ng/handler/MyAdminHandler.pm |
||||||
|
|
||||||
|
# Common error page and security parameters |
||||||
|
ErrorDocument 403 http://auth.{$DomainName}/?lmError=403 |
||||||
|
ErrorDocument 500 http://auth.{$DomainName}/?lmError=500 |
||||||
|
|
||||||
|
|
||||||
|
# Configuration reload mechanism (only 1 per physical server is |
||||||
|
# needed): choose your URL to avoid restarting Apache when |
||||||
|
# configuration change |
||||||
|
<Location /lm-reload> |
||||||
|
Order deny,allow |
||||||
|
Deny from all |
||||||
|
Allow from localhost |
||||||
|
PerlHeaderParserHandler My::Package->refresh |
||||||
|
Satisfy any |
||||||
|
</Location> |
||||||
|
|
@ -0,0 +1,9 @@ |
|||||||
|
|
||||||
|
# Aliases for the e-smith-user panel: |
||||||
|
|
||||||
|
ScriptAlias /user-manager/cgi-bin /etc/e-smith/web/panels/user/cgi-bin |
||||||
|
Alias /user-manager /etc/e-smith/web/panels/user/html |
||||||
|
|
||||||
|
ScriptAlias /user/cgi-bin /etc/e-smith/web/panels/user/cgi-bin |
||||||
|
Alias /user /etc/e-smith/web/panels/user/html |
||||||
|
|
@ -0,0 +1,76 @@ |
|||||||
|
#------------------------------------------------------------ |
||||||
|
# e-smith-user panel |
||||||
|
#------------------------------------------------------------ |
||||||
|
{ |
||||||
|
use esmith::AccountsDB; |
||||||
|
my $a = esmith::AccountsDB->open_ro; |
||||||
|
|
||||||
|
my %panelshash; |
||||||
|
opendir (DIR, "/etc/e-smith/web/panels/user/cgi-bin") |
||||||
|
|| die "Can't open /etc/e-smith/web/panels/user/cgi-bin directory.\n"; |
||||||
|
|
||||||
|
my @files = sort (grep (!/(^\.\.?$)|(^pleasewait$)|(^userpanel-[a-z][\-\_a-z0-9]*)/, readdir(DIR))); |
||||||
|
|
||||||
|
closedir (DIR); |
||||||
|
|
||||||
|
# TODO: globalPanels |
||||||
|
# my $globalpanels = db_get_prop(\%accounts, 'globalUP', 'AdminPanels'); |
||||||
|
# $globalpanels = '' if ( ! defined ($globalpanels) ); |
||||||
|
# my @globalpanels = split (/,/, $globalpanels, -1); |
||||||
|
|
||||||
|
foreach $file (@files){ |
||||||
|
next if ($globalpanels && grep (/^$file$/, @globalpanels)); |
||||||
|
foreach my $user ($a->users){ |
||||||
|
my $key = $user->key; |
||||||
|
push @{$panelshash{$file}}, $key |
||||||
|
if ((grep {$file eq $_} split(/[;,]/, ($user->prop('AdminPanels') || ''))) |
||||||
|
&& (!grep {$key eq $_} @{$panelshash{$file}})); |
||||||
|
} |
||||||
|
foreach my $group ($a->groups){ |
||||||
|
foreach my $member (split(/[;,]/,($group->prop('Members') || ''))){ |
||||||
|
push @{$panelshash{$file}}, $member |
||||||
|
if ((grep {$file eq $_} split(/[;,]/, ($group->prop('AdminPanels') || ''))) |
||||||
|
&& (!grep {$member eq $_} @{$panelshash{$file}})); |
||||||
|
} |
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
$OUT .= <<HERE; |
||||||
|
|
||||||
|
<Directory \"/etc/e-smith/web/panels/user/html\" > |
||||||
|
Options Includes Indexes FollowSymLinks |
||||||
|
AllowOverride None |
||||||
|
order deny,allow |
||||||
|
deny from all |
||||||
|
allow from $localAccess |
||||||
|
PerlHeaderParserHandler My::Package |
||||||
|
Satisfy all |
||||||
|
</Directory> |
||||||
|
|
||||||
|
<Directory \"/etc/e-smith/web/panels/user/cgi-bin\" > |
||||||
|
Options Includes Indexes FollowSymLinks |
||||||
|
AllowOverride None |
||||||
|
order deny,allow |
||||||
|
deny from all |
||||||
|
allow from $localAccess |
||||||
|
PerlHeaderParserHandler My::Package |
||||||
|
Satisfy all |
||||||
|
|
||||||
|
HERE |
||||||
|
|
||||||
|
foreach my $file (@files){ |
||||||
|
next unless ( defined ($panelshash{$file}) ); |
||||||
|
foreach my $u (@{$panelshash{$file}}){ |
||||||
|
$OUT .= " SetEnvIf Auth-User \"$u\" allow_$file\n"; |
||||||
|
} |
||||||
|
$OUT .= "\n"; |
||||||
|
$OUT .= " <Files $file>\n"; |
||||||
|
$OUT .= " order deny,allow\n"; |
||||||
|
$OUT .= " deny from all\n"; |
||||||
|
$OUT .= " allow from env=allow_$file\n"; |
||||||
|
$OUT .= " </Files>\n"; |
||||||
|
} |
||||||
|
|
||||||
|
$OUT .= "</Directory>\n"; |
||||||
|
} |
||||||
|
|
@ -0,0 +1,10 @@ |
|||||||
|
{ |
||||||
|
use esmith::DomainsDB; |
||||||
|
# Convert the passed hash for the domain object back into an object. |
||||||
|
$domain = bless \%domain, 'esmith::DB::db::Record'; |
||||||
|
|
||||||
|
# Make scalars from some of the properties of the domain |
||||||
|
$virtualHost = $domain->key; |
||||||
|
$OUT = ""; |
||||||
|
} |
||||||
|
|
@ -0,0 +1 @@ |
|||||||
|
ServerName {$virtualHost} |
@ -0,0 +1,15 @@ |
|||||||
|
{ |
||||||
|
my $ssl = $domain->prop('RequireSSL') || 'disabled'; |
||||||
|
|
||||||
|
if (($modSSL{TCPPort} || "443") eq $port){ |
||||||
|
$OUT .= " SSLEngine on\n"; |
||||||
|
} |
||||||
|
else { |
||||||
|
$OUT .=<<'EOF'; |
||||||
|
RewriteEngine on |
||||||
|
RewriteRule ^/(.*|$) https://%{HTTP_HOST}/$1 [L,R] |
||||||
|
|
||||||
|
EOF |
||||||
|
} |
||||||
|
} |
||||||
|
|
@ -0,0 +1,8 @@ |
|||||||
|
{ |
||||||
|
$OUT =<<'HERE'; |
||||||
|
RewriteEngine on |
||||||
|
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK) |
||||||
|
RewriteRule .* - [F] |
||||||
|
HERE |
||||||
|
} |
||||||
|
|
@ -0,0 +1,3 @@ |
|||||||
|
# alias for Apache icons |
||||||
|
Alias /icons/ /var/www/icons/ |
||||||
|
|
@ -0,0 +1,18 @@ |
|||||||
|
{ |
||||||
|
|
||||||
|
$OUT .=<<"EOF"; |
||||||
|
|
||||||
|
ProxyPreserveHost on |
||||||
|
RewriteEngine on |
||||||
|
RewriteRule (^/(user/cgi-bin/.*)|(user-manager(.*)?)|(server-common/.*))\$ http://localhost:980/\$1 [P,L] |
||||||
|
RewriteRule ^/phpki(sso)?(/.*)\$ http://localhost:940/phpkisso\$2 [P,L] |
||||||
|
|
||||||
|
<Location /> |
||||||
|
Order deny,allow |
||||||
|
Deny from all |
||||||
|
Allow from $localAccess $externalSSLAccess |
||||||
|
</Location> |
||||||
|
|
||||||
|
EOF |
||||||
|
|
||||||
|
} |
@ -0,0 +1,3 @@ |
|||||||
|
|
||||||
|
<VirtualHost {$ipAddress}:{$port}> |
||||||
|
|
@ -0,0 +1,2 @@ |
|||||||
|
</VirtualHost> |
||||||
|
|
@ -0,0 +1,9 @@ |
|||||||
|
{ |
||||||
|
# vim: ft=perl: |
||||||
|
|
||||||
|
$OUT = ''; |
||||||
|
foreach $place ('user-manager','user') |
||||||
|
{ |
||||||
|
$OUT .= " RewriteRule ^/$place(/.*|\$) https://config.$DomainName/$place\$1 [L,R]\n"; |
||||||
|
} |
||||||
|
} |
@ -0,0 +1,8 @@ |
|||||||
|
{ |
||||||
|
my $status = $modPerl{status}; |
||||||
|
|
||||||
|
return "# modPerl disabled" unless ($status and $status eq "enabled"); |
||||||
|
|
||||||
|
return "LoadModule perl_module modules/mod_perl.so"; |
||||||
|
} |
||||||
|
|
@ -0,0 +1,19 @@ |
|||||||
|
# Load LemonLDAP::NG Handler |
||||||
|
PerlOptions +GlobalRequest |
||||||
|
PerlRequire /var/lib/lemonldap-ng/handler/MyPkiHandler.pm |
||||||
|
|
||||||
|
# Common error page and security parameters |
||||||
|
ErrorDocument 403 http://auth.{$DomainName}/?lmError=403 |
||||||
|
ErrorDocument 500 http://auth.{$DomainName}/?lmError=500 |
||||||
|
|
||||||
|
|
||||||
|
# Configuration reload mechanism (only 1 per physical server is |
||||||
|
# needed): choose your URL to avoid restarting Apache when |
||||||
|
# configuration change |
||||||
|
<Location /lm-reload> |
||||||
|
Order deny,allow |
||||||
|
Deny from all |
||||||
|
Allow from localhost |
||||||
|
PerlHeaderParserHandler My::Package->refresh |
||||||
|
</Location> |
||||||
|
|
@ -0,0 +1,16 @@ |
|||||||
|
|
||||||
|
Alias /phpkisso /opt/phpki/html/ |
||||||
|
|
||||||
|
<Location /phpkisso/ca> |
||||||
|
PerlHeaderParserHandler My::Package |
||||||
|
{ |
||||||
|
my @users = split(/\s/, getUsersList("phpki")); |
||||||
|
foreach my $u (@users){ |
||||||
|
$OUT .= " SetEnvIf Auth-User \"$u\" allow_phpki\n"; |
||||||
|
} |
||||||
|
} |
||||||
|
order deny,allow |
||||||
|
deny from all |
||||||
|
allow from env=allow_phpki |
||||||
|
</Location> |
||||||
|
|
@ -0,0 +1,9 @@ |
|||||||
|
[all] |
||||||
|
|
||||||
|
[configuration] |
||||||
|
type = SOAP |
||||||
|
proxy = https://lemonsoap:{$lemonldap{'SoapPassword'};}@soapsso.{$DomainName}/index.pl/config |
||||||
|
proxyOptions = \{ timeout => 5 \} |
||||||
|
localStorage=Cache::FileCache |
||||||
|
localStorageOptions=\{ 'namespace' => 'LemonLDAPngAdmin', 'default_expires_in' => 600, 'directory_umask' => '007', 'cache_root' => '/tmp', 'cache_depth' => 5, \} |
||||||
|
|
@ -0,0 +1,9 @@ |
|||||||
|
[all] |
||||||
|
|
||||||
|
[configuration] |
||||||
|
type = SOAP |
||||||
|
proxy = https://lemonsoap:{$lemonldap{'SoapPassword'};}@soapsso.{$DomainName}/index.pl/config |
||||||
|
proxyOptions = \{ timeout => 5 \} |
||||||
|
localStorage=Cache::FileCache |
||||||
|
localStorageOptions=\{ 'namespace' => 'LemonLDAPngPki', 'default_expires_in' => 600, 'directory_umask' => '007', 'cache_root' => '/tmp', 'cache_depth' => 5, \} |
||||||
|
|
@ -0,0 +1,25 @@ |
|||||||
|
{ |
||||||
|
|
||||||
|
$conf->{'locationRules'}->{"config.$domain"} = { |
||||||
|
'(?#001common)^/server-common' => 'unprotect', |
||||||
|
'(?#010phpki)^/phpkisso/ca' => '$groups =~ /\\b(equipe|admins)\\b/ and ($localAccess or $externalSSLAccess)', |
||||||
|
'default' => 'deny', |
||||||
|
'(?#005usermanager)^/user(/cgi\\-bin/|\\-manager)' => '$groups =~ /\\b(equipe|admins)\\b/ and ($localAccess or $externalSSLAccess)' |
||||||
|
} unless $conf->{'locationRules'}->{"config.$domain"}; |
||||||
|
|
||||||
|
$conf->{'exportedHeaders'}->{"config.$domain"} = { |
||||||
|
'Auth-User' => '$uid', |
||||||
|
} unless $conf->{'exportedHeaders'}->{"config.$domain"}; |
||||||
|
|
||||||
|
$conf->{'applicationList'}->{'020utils'}->{'usermanager'} = { |
||||||
|
'options' => { |
||||||
|
'logo' => 'configure.png', |
||||||
|
'name' => 'Configuration', |
||||||
|
'description' => 'Configuration iPasserelle', |
||||||
|
'uri' => "https://config.$domain/user-manager", |
||||||
|
'display' => 'auto' |
||||||
|
}, |
||||||
|
'type' => 'application' |
||||||
|
} unless $conf->{'applicationList'}->{'020utils'}->{'usermanager'}; |
||||||
|
|
||||||
|
} |
After Width: | Height: | Size: 14 KiB |
@ -0,0 +1,83 @@ |
|||||||
|
#!/usr/bin/perl -wT |
||||||
|
|
||||||
|
#---------------------------------------------------------------------- |
||||||
|
# |
||||||
|
# Copyright (c) 2011-2013 Firewall-Services |
||||||
|
# daniel@firewall-services.com |
||||||
|
# |
||||||
|
# This program is free software; you can redistribute it and/or modify |
||||||
|
# it under the terms of the GNU General Public License as published by |
||||||
|
# the Free Software Foundation; either version 2 of the License, or |
||||||
|
# (at your option) any later version. |
||||||
|
# |
||||||
|
# This program is distributed in the hope that it will be useful, |
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of |
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||||||
|
# GNU General Public License for more details. |
||||||
|
# |
||||||
|
# You should have received a copy of the GNU General Public License |
||||||
|
# along with this program; if not, write to the Free Software |
||||||
|
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
||||||
|
#---------------------------------------------------------------------- |
||||||
|
|
||||||
|
package esmith; |
||||||
|
|
||||||
|
use strict; |
||||||
|
use CGI ':all'; |
||||||
|
use CGI::Carp qw(fatalsToBrowser); |
||||||
|
|
||||||
|
BEGIN |
||||||
|
{ |
||||||
|
# Clear PATH and related environment variables so that calls to |
||||||
|
# external programs do not cause results to be tainted. See |
||||||
|
# "perlsec" manual page for details. |
||||||
|
|
||||||
|
$ENV {'PATH'} = ''; |
||||||
|
$ENV {'SHELL'} = '/bin/bash'; |
||||||
|
delete $ENV {'ENV'}; |
||||||
|
} |
||||||
|
|
||||||
|
$CGI::POST_MAX=1024 * 100; # max 100K posts |
||||||
|
$CGI::DISABLE_UPLOADS = 1; # no uploads |
||||||
|
|
||||||
|
my $q = new CGI; |
||||||
|
|
||||||
|
print $q->header (-EXPIRES => '+-20y', charset => 'UTF-8'); |
||||||
|
|
||||||
|
print $q->start_html (-TITLE => 'Portail de configuration iPasserelle', |
||||||
|
-AUTHOR => 'daniel@firewall-services.com', |
||||||
|
-META => {'copyright' => 'Copyright 2011-2013 Firewall-Services'}, |
||||||
|
-CLASS => "main", |
||||||
|
-STYLE => { |
||||||
|
-code => '@import url("/server-common/css/sme_main.css");', |
||||||
|
-src => '/server-common/css/sme_core.css' |
||||||
|
}); |
||||||
|
|
||||||
|
|
||||||
|
my $user = $ENV{'REMOTE_USER'}; |
||||||
|
my $name = $ENV{'HTTP_USER_NAME'} || $user; |
||||||
|
|
||||||
|
print $q->h1("Portail de configuration iPasserelle"); |
||||||
|
print $q->h2("Bienvenue $name"); |
||||||
|
|
||||||
|
print <<"EOF"; |
||||||
|
<p><p> |
||||||
|
Vous pouvez modifier les paramètres de votre compte |
||||||
|
en cliquant sur les différents menus sur la gauche. |
||||||
|
<ul> |
||||||
|
<center> |
||||||
|
<img src=/server-common/ipasserelle_logo.jpg><p> |
||||||
|
</center> |
||||||
|
|
||||||
|
EOF |
||||||
|
|
||||||
|
print $q->endform; |
||||||
|
|
||||||
|
print $q->p |
||||||
|
($q->hr ({-CLASS => "sme-copyrightbar"}), |
||||||
|
$q->div ({-CLASS => "sme-copyright"}, |
||||||
|
"Portail de configuration iPasserelle<BR>" . |
||||||
|
"Copyright 2011-2013 Firewall-Services.<BR>")); |
||||||
|
print '</DIV>'; |
||||||
|
print $q->end_html; |
||||||
|
|
@ -0,0 +1,313 @@ |
|||||||
|
#!/usr/bin/perl -wT |
||||||
|
|
||||||
|
#---------------------------------------------------------------------- |
||||||
|
# User manager functions: navigation |
||||||
|
# |
||||||
|
# copyright (C) 2011 Firewall Services |
||||||
|
# daniel@firewall-services.com |
||||||
|
# |
||||||
|
# This program is free software; you can redistribute it and/or modify |
||||||
|
# it under the terms of the GNU General Public License as published by |
||||||
|
# the Free Software Foundation; either version 2 of the License, or |
||||||
|
# (at your option) any later version. |
||||||
|
# |
||||||
|
# This program is distributed in the hope that it will be useful, |
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of |
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||||||
|
# GNU General Public License for more details. |
||||||
|
# |
||||||
|
# You should have received a copy of the GNU General Public License |
||||||
|
# along with this program; if not, write to the Free Software |
||||||
|
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
||||||
|
# |
||||||
|
#---------------------------------------------------------------------- |
||||||
|
package esmith; |
||||||
|
|
||||||
|
use strict; |
||||||
|
use CGI ':no_xhtml', ':all'; |
||||||
|
use CGI::Carp qw(fatalsToBrowser); |
||||||
|
|
||||||
|
use esmith::cgi; |
||||||
|
use esmith::config; |
||||||
|
use esmith::AccountsDB; |
||||||
|
use esmith::NavigationDB; |
||||||
|
use esmith::util; |
||||||
|
use esmith::I18N; |
||||||
|
|
||||||
|
sub showNavigation ($); |
||||||
|
|
||||||
|
BEGIN |
||||||
|
{ |
||||||
|
# Clear PATH and related environment variables so that calls to |
||||||
|
# external programs do not cause results to be tainted. See |
||||||
|
# "perlsec" manual page for details. |
||||||
|
|
||||||
|
$ENV {'PATH'} = ''; |
||||||
|
$ENV {'SHELL'} = '/bin/bash'; |
||||||
|
delete $ENV {'ENV'}; |
||||||
|
} |
||||||
|
|
||||||
|
esmith::util::setRealToEffective (); |
||||||
|
|
||||||
|
$CGI::POST_MAX=1024 * 100; # max 100K posts |
||||||
|
$CGI::DISABLE_UPLOADS = 1; # no uploads |
||||||
|
|
||||||
|
# Use the one script for navigation and noframes |
||||||
|
my $NO_FRAMES = ($0 =~ /noframes/); |
||||||
|
|
||||||
|
my %conf; |
||||||
|
tie %conf, 'esmith::config'; |
||||||
|
|
||||||
|
my $accdb = esmith::AccountsDB->open_ro || die "Couldn't open AccountsDB\n"; |
||||||
|
|
||||||
|
my $q = new CGI; |
||||||
|
|
||||||
|
showNavigation ($q); |
||||||
|
exit (0); |
||||||
|
|
||||||
|
#------------------------------------------------------------ |
||||||
|
# subroutine to display navigation bar |
||||||
|
#------------------------------------------------------------ |
||||||
|
|
||||||
|
sub showNavigation ($) |
||||||
|
{ |
||||||
|
my $q = shift; |
||||||
|
|
||||||
|
# enable utf8 binmode so new translations work |
||||||
|
binmode STDOUT, ":utf8"; |
||||||
|
|
||||||
|
my $acctName = $ENV{'REMOTE_USER'}; |
||||||
|
my $user = $accdb->get($acctName) || die "User $acctName not found in AccountsDB\n"; |
||||||
|
my $availablePanels = $user->prop('AdminPanels') || ''; |
||||||
|
foreach ($accdb->user_group_list($acctName)){ |
||||||
|
my $group = $accdb->get($_) || die "Group $_ not found in AccountsDB\n"; |
||||||
|
$availablePanels .= ',' . ($group->prop('AdminPanels') || ''); |
||||||
|
} |
||||||
|
my $glob = $accdb->get('globalUP'); |
||||||
|
my $globalPanels = $glob->prop('AdminPanels') || ''; |
||||||
|
|
||||||
|
my @adminpanels; |
||||||
|
if ( defined ($availablePanels) && defined ($globalPanels) ) |
||||||
|
{ |
||||||
|
@adminpanels = ((split (/,/, $availablePanels, -1)),(split (/,/, $globalPanels, -1))); |
||||||
|
} |
||||||
|
elsif ( defined ($globalPanels) ) |
||||||
|
{ |
||||||
|
@adminpanels = split (/,/, $globalPanels, -1); |
||||||
|
} |
||||||
|
elsif ( defined ($availablePanels) ) |
||||||
|
{ |
||||||
|
@adminpanels = split (/,/, $availablePanels, -1); |
||||||
|
} |
||||||
|
|
||||||
|
# Use this variable throughout to keep track of files |
||||||
|
# list of just the files |
||||||
|
my $c = "1"; |
||||||
|
my @files = (); |
||||||
|
my %files_hash = (); |
||||||
|
|
||||||
|
#----------------------------------------------------- |
||||||
|
# Determine the directory where the functions are kept |
||||||
|
#----------------------------------------------------- |
||||||
|
|
||||||
|
my $navigation_ignore = |
||||||
|
"(\.\.?|navigation|noframes|online-manual|(internal|pleasewait)(-.*)?)"; |
||||||
|
|
||||||
|
my $cgidir = '/etc/e-smith/web/panels/user/cgi-bin/'; |
||||||
|
|
||||||
|
if (opendir (DIR, $cgidir)) |
||||||
|
{ |
||||||
|
@files = grep (!/^(\..*|userpanel-navigation|userpanel-noframes|userpanel-initial|pleasewait)$/, |
||||||
|
readdir (DIR)); |
||||||
|
closedir (DIR); |
||||||
|
} |
||||||
|
else |
||||||
|
{ |
||||||
|
warn "Can't open directory $cgidir\n"; |
||||||
|
} |
||||||
|
|
||||||
|
foreach my $file (@files) |
||||||
|
{ |
||||||
|
foreach my $adminpanel (@adminpanels) |
||||||
|
{ |
||||||
|
if ( $file eq $adminpanel ) |
||||||
|
{ |
||||||
|
$files_hash{$file} = $cgidir; |
||||||
|
} |
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
#-------------------------------------------------- |
||||||
|
# For each script, extract the description and category |
||||||
|
# information. Build up an associative array mapping headings |
||||||
|
# to heading structures. Each heading structure contains the |
||||||
|
# total weight for the heading, the number of times the heading |
||||||
|
# has been encountered, and another associative array mapping |
||||||
|
# descriptions to description structures. Each description |
||||||
|
# structure contains the filename of the particular cgi script |
||||||
|
# and a weight. |
||||||
|
#-------------------------------------------------- |
||||||
|
my %nav = (); |
||||||
|
|
||||||
|
use constant NAVIGATIONDIR => '/home/e-smith/db/navigation'; |
||||||
|
use constant WEBFUNCTIONS => '/etc/e-smith/web/functions'; |
||||||
|
|
||||||
|
my $i18n = new esmith::I18N; |
||||||
|
|
||||||
|
my $language = $i18n->preferredLanguage( $ENV{HTTP_ACCEPT_LANGUAGE} ); |
||||||
|
|
||||||
|
my $navinfo = NAVIGATIONDIR . "/navigation.$language"; |
||||||
|
|
||||||
|
my $navdb = esmith::NavigationDB->open_ro( $navinfo ) or |
||||||
|
die "Couldn't open $navinfo\n"; |
||||||
|
|
||||||
|
# Check the navdb for anything with a UrlPath, which means that it doesn't |
||||||
|
# have a cgi file to be picked up by the above code. Ideally, only pages |
||||||
|
# that exist should be in the db, but that's not the case. Anything |
||||||
|
# without a cgi file will have to remove themselves on uninstall from the |
||||||
|
# navigation dbs. |
||||||
|
foreach my $rec ($navdb->get_all) |
||||||
|
{ |
||||||
|
if ($rec->prop('UrlPath')) |
||||||
|
{ |
||||||
|
$files_hash{$rec->{key}} = $cgidir; |
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
foreach my $file (keys %files_hash) |
||||||
|
{ |
||||||
|
my $heading = 'Unknown'; |
||||||
|
my $description = $file; |
||||||
|
my $headingWeight = 99999; |
||||||
|
my $descriptionWeight = 99999; |
||||||
|
my $urlpath = ''; |
||||||
|
|
||||||
|
my $rec = $navdb->get($file); |
||||||
|
|
||||||
|
if (defined $rec) |
||||||
|
{ |
||||||
|
$heading = $rec->prop('Heading'); |
||||||
|
$description = $rec->prop('Description'); |
||||||
|
$headingWeight = $rec->prop('HeadingWeight'); |
||||||
|
$descriptionWeight = $rec->prop('DescriptionWeight'); |
||||||
|
$urlpath = $rec->prop('UrlPath') || ''; |
||||||
|
} |
||||||
|
|
||||||
|
#-------------------------------------------------- |
||||||
|
# add heading, description and weight information to data structure |
||||||
|
#-------------------------------------------------- |
||||||
|
|
||||||
|
unless (exists $nav {$heading}) |
||||||
|
{ |
||||||
|
$nav {$heading} = { COUNT => 0, WEIGHT => 0, DESCRIPTIONS => [] }; |
||||||
|
} |
||||||
|
|
||||||
|
$nav {$heading} {'COUNT'} ++; |
||||||
|
$nav {$heading} {'WEIGHT'} += $headingWeight; |
||||||
|
|
||||||
|
# Check for manager panel, and assign the appropriate |
||||||
|
# cgi-bin prefix for the links. |
||||||
|
# Grab the last 2 directories by splitting for '/'s and |
||||||
|
# then concatenating the last 2 |
||||||
|
# probably a better way, but I don't know it. |
||||||
|
my @filename = split /\//, $files_hash{$file}; |
||||||
|
my $path = ($cgidir eq '/etc/e-smith/web/panels/user/cgi-bin/') ? |
||||||
|
"/$filename[scalar @filename - 1]" : |
||||||
|
"/$filename[scalar @filename - 2]/$filename[scalar @filename - 1]"; |
||||||
|
|
||||||
|
push @{ $nav {$heading} {'DESCRIPTIONS'} }, |
||||||
|
{ DESCRIPTION => $description, |
||||||
|
WEIGHT => $descriptionWeight, |
||||||
|
FILENAME => $urlpath ? $urlpath : "$path/$file", |
||||||
|
CGIPATH => $path |
||||||
|
}; |
||||||
|
} |
||||||
|
|
||||||
|
#-------------------------------------------------- |
||||||
|
# generate list of headings sorted by average weight |
||||||
|
#-------------------------------------------------- |
||||||
|
if ( $NO_FRAMES ) |
||||||
|
{ |
||||||
|
esmith::cgi::genNoframesHeader ($q); |
||||||
|
} |
||||||
|
else |
||||||
|
{ |
||||||
|
esmith::cgi::genNavigationHeader ($q, undef); |
||||||
|
print "\n<TABLE BORDER=\"0\" CELLSPACING=\"0\" CELLPADDING=\"0\">\n"; |
||||||
|
} |
||||||
|
|
||||||
|
print '<script language="JavaScript" type="text/javascript"> |
||||||
|
<!-- Hide script |
||||||
|
//This swap the class of the selected item. |
||||||
|
function swapClass() { |
||||||
|
var i,x,tB,j=0,tA=new Array(),arg=swapClass.arguments; |
||||||
|
if(document.getElementsByTagName){for(i=4;i<arg.length;i++){tB=document.getElementsByTagName(arg[i]); |
||||||
|
for(x=0;x<tB.length;x++){tA[j]=tB[x];j++;}}for(i=0;i<tA.length;i++){ |
||||||
|
if(tA[i].className){if(tA[i].id==arg[1]){if(arg[0]==1){ |
||||||
|
tA[i].className=(tA[i].className==arg[3])?arg[2]:arg[3];}else{tA[i].className=arg[2];} |
||||||
|
}else if(arg[0]==1 && arg[1]==\'none\'){if(tA[i].className==arg[2] || tA[i].className==arg[3]){ |
||||||
|
tA[i].className=(tA[i].className==arg[3])?arg[2]:arg[3];} |
||||||
|
}else if(tA[i].className==arg[2]){tA[i].className=arg[3];}}}}} |
||||||
|
'; |
||||||
|
print " |
||||||
|
//This swap the class of the selected item. |
||||||
|
function swapClasses() { |
||||||
|
var arg=swapClasses.arguments; |
||||||
|
swapClass(0,'none','item-current','item','a'); |
||||||
|
swapClass(0,'none','warn-current','warn','a'); |
||||||
|
swapClass(0,arg[0],'item-current','item','a'); |
||||||
|
} |
||||||
|
|
||||||
|
// End script hiding --> |
||||||
|
</script> |
||||||
|
"; |
||||||
|
|
||||||
|
foreach my $h (sort { |
||||||
|
($nav{$a}{'WEIGHT'}/$nav{$a}{'COUNT'}) <=> |
||||||
|
($nav{$b}{'WEIGHT'}/$nav{$b}{'COUNT'}) } keys %nav) |
||||||
|
{ |
||||||
|
if ( $NO_FRAMES ) |
||||||
|
{ |
||||||
|
print $q->h2 ($h); |
||||||
|
} |
||||||
|
else |
||||||
|
{ |
||||||
|
print "\n", $q->Tr ($q->td({class => "section"},$q->span({class => "section"}, $h))); |
||||||
|
} |
||||||
|
|
||||||
|
#-------------------------------------------------- |
||||||
|
# generate list of descriptions sorted by weight |
||||||
|
#-------------------------------------------------- |
||||||
|
print "<ul>\n" if ( $NO_FRAMES ); |
||||||
|
|
||||||
|
foreach (sort { $a->{'WEIGHT'} <=> $b->{'WEIGHT'} } @{$nav {$h}{'DESCRIPTIONS'}}) |
||||||
|
{ |
||||||
|
my $href = "/user-manager" . $_->{'FILENAME'}; |
||||||
|
if ( $NO_FRAMES ) |
||||||
|
{ |
||||||
|
print $q->li ($q->a ({href => "$href?noframes=1"}, $_->{'DESCRIPTION'})); |
||||||
|
} |
||||||
|
else |
||||||
|
{ |
||||||
|
print "\n",$q->Tr( |
||||||
|
$q->td ({-class => "menu-cell"}, |
||||||
|
$q->a ({-id => "sme$c", |
||||||
|
-class => "item", |
||||||
|
-onClick => "swapClasses('sme$c')", |
||||||
|
href => $href, |
||||||
|
target => 'main'}, |
||||||
|
$_->{'DESCRIPTION'}) |
||||||
|
)); |
||||||
|
} |
||||||
|
$c++; |
||||||
|
|
||||||
|
} |
||||||
|
print "</ul>\n" if ($NO_FRAMES); |
||||||
|
} |
||||||
|
|
||||||
|
unless ( $NO_FRAMES ) |
||||||
|
{ |
||||||
|
print "\n</TABLE>\n"; |
||||||
|
esmith::cgi::genNavigationFooter ($q); |
||||||
|
} |
||||||
|
} |
@ -0,0 +1,268 @@ |
|||||||
|
#!/usr/bin/perl -wT |
||||||
|
|
||||||
|
#---------------------------------------------------------------------- |
||||||
|
# user manager functions: noframes |
||||||
|
# |
||||||
|
# Copyright (c) 2001 Daniel van Raay <danielvr@caa.org.au> |
||||||
|
# |
||||||
|
# This program is free software; you can redistribute it and/or modify |
||||||
|
# it under the terms of the GNU General Public License as published by |
||||||
|
# the Free Software Foundation; either version 2 of the License, or |
||||||
|
# (at your option) any later version. |
||||||
|
# |
||||||
|
# This program is distributed in the hope that it will be useful, |
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of |
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||||||
|
# GNU General Public License for more details. |
||||||
|
# |
||||||
|
# You should have received a copy of the GNU General Public License |
||||||
|
# along with this program; if not, write to the Free Software |
||||||
|
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
||||||
|
#---------------------------------------------------------------------- |
||||||
|
|
||||||
|
package esmith; |
||||||
|
|
||||||
|
use strict; |
||||||
|
use CGI ':all'; |
||||||
|
use CGI::Carp qw(fatalsToBrowser); |
||||||
|
|
||||||
|
use esmith::cgi; |
||||||
|
use esmith::config; |
||||||
|
use esmith::util; |
||||||
|
use esmith::db; |
||||||
|
use esmith::AccountsDB; |
||||||
|
|
||||||
|
sub showNavigation ($); |
||||||
|
sub byweight; |
||||||
|
|
||||||
|
BEGIN |
||||||
|
{ |
||||||
|
# Clear PATH and related environment variables so that calls to |
||||||
|
# external programs do not cause results to be tainted. See |
||||||
|
# "perlsec" manual page for details. |
||||||
|
|
||||||
|
$ENV {'PATH'} = ''; |
||||||
|
$ENV {'SHELL'} = '/bin/bash'; |
||||||
|
delete $ENV {'ENV'}; |
||||||
|
} |
||||||
|
|
||||||
|
esmith::util::setRealToEffective (); |
||||||
|
|
||||||
|
$CGI::POST_MAX=1024 * 100; # max 100K posts |
||||||
|
$CGI::DISABLE_UPLOADS = 1; # no uploads |
||||||
|
|
||||||
|
my %conf; |
||||||
|
tie %conf, 'esmith::config'; |
||||||
|
|
||||||
|
my %accounts; |
||||||
|
tie %accounts, 'esmith::config', '/home/e-smith/db/accounts'; |
||||||
|
|
||||||
|
my $a = esmith::AccountsDB->open_ro || die "Error opening AccountsDB\n"; |
||||||
|
|
||||||
|
my $q = new CGI; |
||||||
|
|
||||||
|
showNavigation ($q); |
||||||
|
exit (0); |
||||||
|
|
||||||
|
|
||||||
|
#------------------------------------------------------------ |
||||||
|
# subroutine to display navigation bar |
||||||
|
#------------------------------------------------------------ |
||||||
|
|
||||||
|
sub showNavigation ($) |
||||||
|
{ |
||||||
|
my $q = shift; |
||||||
|
|
||||||
|
esmith::cgi::genNoframesHeader ($q); |
||||||
|
|
||||||
|
my $acctName = $ENV{'REMOTE_USER'}; |
||||||
|
my $user = $a->get($acctName) || die "User $acctName not found in AccountsDB\n"; |
||||||
|
my $availablePanels = $user->prop('AdminPanels') || ''; |
||||||
|
foreach ($a->user_group_list($acctName)){ |
||||||
|
my $group = $a->get($_) || die "Group $_ not found in AccountsDB\n"; |
||||||
|
$availablePanels .= ','.$group->prop('AdminPanels') || ''; |
||||||
|
} |
||||||
|
my $glob = $a->get('globalUP'); |
||||||
|
my $globalPanels = $glob->prop('AdminPanels') || ''; |
||||||
|
|
||||||
|
my @adminpanels; |
||||||
|
if ( defined ($availablePanels) && defined ($globalPanels) ) |
||||||
|
{ |
||||||
|
@adminpanels = ((split (/,/, $availablePanels, -1)),(split (/,/, $globalPanels, -1))); |
||||||
|
} |
||||||
|
elsif ( defined ($globalPanels) ) |
||||||
|
{ |
||||||
|
@adminpanels = split (/,/, $globalPanels, -1); |
||||||
|
} |
||||||
|
elsif ( defined ($availablePanels) ) |
||||||
|
{ |
||||||
|
@adminpanels = split (/,/, $availablePanels, -1); |
||||||
|
} |
||||||
|
|
||||||
|
# Use this variable throughout to keep track of files |
||||||
|
# list of just the files |
||||||
|
my @files = (); |
||||||
|
my %files_hash = (); |
||||||
|
|
||||||
|
#----------------------------------------------------- |
||||||
|
# Determine the directory where the functions are kept |
||||||
|
# match available panels with delegated panels to this user |
||||||
|
#----------------------------------------------------- |
||||||
|
|
||||||
|
my $cgidir = '/etc/e-smith/web/panels/user/cgi-bin/'; |
||||||
|
|
||||||
|
if (opendir (DIR, $cgidir)) |
||||||
|
{ |
||||||
|
@files = grep (!/^(\..*|userpanel-navigation|userpanel-noframes|userpanel-initial|pleasewait)$/, |
||||||
|
readdir (DIR)); |
||||||
|
closedir (DIR); |
||||||
|
} |
||||||
|
else |
||||||
|
{ |
||||||
|
warn "Can't open directory $cgidir\n"; |
||||||
|
} |
||||||
|
|
||||||
|
foreach my $file (@files) |
||||||
|
{ |
||||||
|
foreach my $adminpanel (@adminpanels) |
||||||
|
{ |
||||||
|
if ( $file eq $adminpanel ) |
||||||
|
{ |
||||||
|
$files_hash{$file} = $cgidir; |
||||||
|
} |
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
#-------------------------------------------------- |
||||||
|
# For each script, extract the description and category |
||||||
|
# information. Build up an associative array mapping headings |
||||||
|
# to heading structures. Each heading structure contains the |
||||||
|
# total weight for the heading, the number of times the heading |
||||||
|
# has been encountered, and another associative array mapping |
||||||
|
# descriptions to description structures. Each description |
||||||
|
# structure contains the filename of the particular cgi script |
||||||
|
# and a weight. |
||||||
|
#-------------------------------------------------- |
||||||
|
|
||||||
|
my %nav = (); |
||||||
|
|
||||||
|
foreach my $file (keys %files_hash) |
||||||
|
{ |
||||||
|
#-------------------------------------------------- |
||||||
|
# extract heading, description and weight information |
||||||
|
# from CGI script |
||||||
|
#-------------------------------------------------- |
||||||
|
my $heading = "Unknown"; |
||||||
|
my $headingWeight = 0; |
||||||
|
|
||||||
|
my $description = "Unknown"; |
||||||
|
my $descriptionWeight = 0; |
||||||
|
|
||||||
|
unless (open (RD, "$files_hash{$file}/$file")) |
||||||
|
{ |
||||||
|
warn "Can't open file $files_hash{$file}/$file: $!\n"; |
||||||
|
next; |
||||||
|
} |
||||||
|
|
||||||
|
while (<RD>) |
||||||
|
{ |
||||||
|
if (/^\s*#\s*heading\s*:\s*(.+?)\s*$/) |
||||||
|
{ |
||||||
|
$heading = $1; |
||||||
|
} |
||||||
|
|
||||||
|
if (/^\s*#\s*description\s*:\s*(.+?)\s*$/) |
||||||
|
{ |
||||||
|
$description = $1; |
||||||
|
} |
||||||
|
|
||||||
|
if (/^\s*#\s*navigation\s*:\s*(\d+?)\s+(\d+?)\s*$/) |
||||||
|
{ |
||||||
|
$headingWeight = $1; |
||||||
|
$descriptionWeight = $2; |
||||||
|
} |
||||||
|
last if ($heading ne "Unknown" && $headingWeight && $description ne "Unknown" && $descriptionWeight); |
||||||
|
} |
||||||
|
close RD; |
||||||
|
|
||||||
|
#-------------------------------------------------- |
||||||
|
# add heading, description and weight information to data structure |
||||||
|
#-------------------------------------------------- |
||||||
|
|
||||||
|
unless (exists $nav {$heading}) |
||||||
|
{ |
||||||
|
$nav {$heading} = { COUNT => 0, WEIGHT => 0, DESCRIPTIONS => [] }; |
||||||
|
} |
||||||
|
|
||||||
|
$nav {$heading} {'COUNT'} ++; |
||||||
|
$nav {$heading} {'WEIGHT'} += $headingWeight; |
||||||
|
|
||||||
|
# Check for manager panel, and assign the appropriate |
||||||
|
# cgi-bin prefix for the links. |
||||||
|
# Grab the last 2 directories by splitting for '/'s and |
||||||
|
# then concatenating the last 2 |
||||||
|
# probably a better way, but I don't know it. |
||||||
|
my @filename = split /\//, $files_hash{$file}; |
||||||
|
my $path = "/user-manager/$filename[scalar @filename - 1]"; |
||||||
|
|
||||||
|
push @{ $nav {$heading} {'DESCRIPTIONS'} }, |
||||||
|
{ DESCRIPTION => $description, |
||||||
|
WEIGHT => $descriptionWeight, |
||||||
|
FILENAME => "$path/$file", |
||||||
|
CGIPATH => $path |
||||||
|
}; |
||||||
|
} |
||||||
|
|
||||||
|
#-------------------------------------------------- |
||||||
|
# generate list of headings sorted by average weight |
||||||
|
#-------------------------------------------------- |
||||||
|
|
||||||
|
my @unsortedheadings = keys %nav; |
||||||
|
|
||||||
|
my $h; |
||||||
|
local @esmith::weights = (); |
||||||
|
foreach $h (@unsortedheadings) |
||||||
|
{ |
||||||
|
push (@esmith::weights, ($nav {$h} {'WEIGHT'} / $nav {$h} {'COUNT'})); |
||||||
|
} |
||||||
|
|
||||||
|
my @sortedheadings = @unsortedheadings [sort byweight $[..$#unsortedheadings]; |
||||||
|
|
||||||
|
foreach $h (@sortedheadings) |
||||||
|
{ |
||||||
|
print $q->h2 ($h); |
||||||
|
|
||||||
|
#-------------------------------------------------- |
||||||
|
# generate list of descriptions sorted by weight |
||||||
|
#-------------------------------------------------- |
||||||
|
|
||||||
|
my @unsorteddescriptions = @{ $nav {$h} {'DESCRIPTIONS'} }; |
||||||
|
|
||||||
|
my $d; |
||||||
|
@esmith::weights = (); |
||||||
|
foreach $d (@unsorteddescriptions) |
||||||
|
{ |
||||||
|
push (@esmith::weights, $d->{'WEIGHT'}); |
||||||
|
} |
||||||
|
|
||||||
|
my @indices = sort byweight $[..$#unsorteddescriptions; |
||||||
|
|
||||||
|
print "<ul>\n"; |
||||||
|
|
||||||
|
my $i; |
||||||
|
foreach $i (@indices) |
||||||
|
{ |
||||||
|
my $href = $unsorteddescriptions [$i]->{'FILENAME'}; |
||||||
|
print $q->li ($q->a ({href => $href}, $unsorteddescriptions [$i]->{'DESCRIPTION'})); |
||||||
|
|
||||||
|
} |
||||||
|
print "</ul>\n"; |
||||||
|
} |
||||||
|
|
||||||
|
esmith::cgi::genNavigationFooter ($q); |
||||||
|
} |
||||||
|
|
||||||
|
sub byweight |
||||||
|
{ |
||||||
|
$esmith::weights [$a] <=> $esmith::weights [$b]; |
||||||
|
} |
@ -0,0 +1,411 @@ |
|||||||
|
#!/usr/bin/perl -wT |
||||||
|
|
||||||
|
#---------------------------------------------------------------------- |
||||||
|
# heading : Security |
||||||
|
# description : User Panel Access |
||||||
|
# navigation : 1000 1300 |
||||||
|
# |
||||||
|
# Copyright (c) 2001 Daniel van Raay <danielvr@caa.org.au> |
||||||
|
# Modified (c) 2002 Stephen Noble <stephen@dungog.net> |
||||||
|
# Modified (c) 2002 Shad L. Lords <slords@mail.com> |
||||||
|
# |
||||||
|
# This program is free software; you can redistribute it and/or modify |
||||||
|
# it under the terms of the GNU General Public License as published by |
||||||
|
# the Free Software Foundation; either version 2 of the License, or |
||||||
|
# (at your option) any later version. |
||||||
|
# |
||||||
|
# This program is distributed in the hope that it will be useful, |
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of |
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||||||
|
# GNU General Public License for more details. |
||||||
|
# |
||||||
|
# You should have received a copy of the GNU General Public License |
||||||
|
# along with this program; if not, write to the Free Software |
||||||
|
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
||||||
|
#---------------------------------------------------------------------- |
||||||
|
|
||||||
|
package esmith; |
||||||
|
|
||||||
|
use strict; |
||||||
|
use CGI ':all'; |
||||||
|
use CGI::Carp qw(fatalsToBrowser); |
||||||
|
|
||||||
|
use esmith::cgi; |
||||||
|
use esmith::config; |
||||||
|
use esmith::util; |
||||||
|
use esmith::db; |
||||||
|
use esmith::event; |
||||||
|
|
||||||
|
sub showInitial ($$); |
||||||
|
sub genPanels ($$); |
||||||
|
sub modifyAccess ($); |
||||||
|
sub performModifyAccess ($); |
||||||
|
|
||||||
|
BEGIN |
||||||
|
{ |
||||||
|
# Clear PATH and related environment variables so that calls to |
||||||
|
# external programs do not cause results to be tainted. See |
||||||
|
# "perlsec" manual page for details. |
||||||
|
|
||||||
|
$ENV {'PATH'} = ''; |
||||||
|
$ENV {'SHELL'} = '/bin/bash'; |
||||||
|
delete $ENV {'ENV'}; |
||||||
|
} |
||||||
|
|
||||||
|
esmith::util::setRealToEffective (); |
||||||
|
|
||||||
|
$CGI::POST_MAX=1024 * 100; # max 100K posts |
||||||
|
$CGI::DISABLE_UPLOADS = 1; # no uploads |
||||||
|
|
||||||
|
my %conf; |
||||||
|
tie %conf, 'esmith::config'; |
||||||
|
|
||||||
|
my %accounts; |
||||||
|
tie %accounts, 'esmith::config', '/home/e-smith/db/accounts'; |
||||||
|
|
||||||
|
#------------------------------------------------------------ |
||||||
|
# examine state parameter and display the appropriate form |
||||||
|
#------------------------------------------------------------ |
||||||
|
|
||||||
|
my $q = new CGI; |
||||||
|
|
||||||
|
if (! grep (/^state$/, $q->param)) |
||||||
|
{ |
||||||
|
showInitial ($q, ''); |
||||||
|
} |
||||||
|
|
||||||
|
elsif ($q->param ('state') eq "modifyAccess") |
||||||
|
{ |
||||||
|
modifyAccess ($q); |
||||||
|
} |
||||||
|
|
||||||
|
elsif ($q->param ('state') eq "performModifyAccess") |
||||||
|
{ |
||||||
|
performModifyAccess ($q); |
||||||
|
} |
||||||
|
|
||||||
|
else |
||||||
|
{ |
||||||
|
esmith::cgi::genStateError ($q, \%conf); |
||||||
|
} |
||||||
|
|
||||||
|
exit (0); |
||||||
|
|
||||||
|
#------------------------------------------------------------ |
||||||
|
# subroutine to display initial form |
||||||
|
#------------------------------------------------------------ |
||||||
|
|
||||||
|
sub showInitial ($$) |
||||||
|
{ |
||||||
|
my ($q, $msg) = @_; |
||||||
|
|
||||||
|
if ($msg eq '') |
||||||
|
{ |
||||||
|
esmith::cgi::genHeaderNonCacheable |
||||||
|
($q, \%conf, 'Change access to server-manager panels for user accounts'); |
||||||
|
} |
||||||
|
else |
||||||
|
{ |
||||||
|
esmith::cgi::genHeaderNonCacheable |
||||||
|
($q, \%conf, 'Operation status report'); |
||||||
|
|
||||||
|
print $q->p ($msg); |
||||||
|
print $q->hr; |
||||||
|
} |
||||||
|
|
||||||
|
my @userAccounts = ('admin'); |
||||||
|
|
||||||
|
foreach (sort keys %accounts) |
||||||
|
{ |
||||||
|
push (@userAccounts, $_) if (db_get_type(\%accounts, $_) eq "user"); |
||||||
|
} |
||||||
|
|
||||||
|
foreach (sort keys %accounts) |
||||||
|
{ |
||||||
|
push (@userAccounts, $_) if (db_get_type(\%accounts, $_) eq "group"); |
||||||
|
} |
||||||
|
|
||||||
|
unless (scalar @userAccounts) |
||||||
|
{ |
||||||
|
print $q->p ($q->b ('There are no user accounts in the system.')); |
||||||
|
} |
||||||
|
else |
||||||
|
{ |
||||||
|
my $description = <<END_TEXT; |
||||||
|
You can modify individual users access to the server-manager |
||||||
|
panels below by clicking on the link next the account. You can assign |
||||||
|
panels to the members of a group with their link. Users or Groups |
||||||
|
in red have some form of extra access. You can globally assign |
||||||
|
a panel by editing the global account |
||||||
|
END_TEXT |
||||||
|
|
||||||
|
print $q->p ($description); |
||||||
|
|
||||||
|
print $q->p ($q->b ('Current List of User Accounts')); |
||||||
|
|
||||||
|
print "<table border=1 cellspacing=1 cellpadding=4>"; |
||||||
|
|
||||||
|
print $q->Tr (esmith::cgi::genSmallCell ($q, $q->b ('Account')), |
||||||
|
esmith::cgi::genSmallCell ($q, $q->b ('Name/Description')), |
||||||
|
$q->td (' ')); |
||||||
|
|
||||||
|
my $user; |
||||||
|
|
||||||
|
foreach $user (@userAccounts) |
||||||
|
{ |
||||||
|
my $name = ''; |
||||||
|
if (db_get_type(\%accounts, $user) eq "group") |
||||||
|
{ |
||||||
|
$name =db_get_prop(\%accounts, $user, "Description"); |
||||||
|
} |
||||||
|
else |
||||||
|
{ |
||||||
|
$name =db_get_prop(\%accounts, $user, "FirstName")." ". db_get_prop(\%accounts, $user, "LastName"); |
||||||
|
} |
||||||
|
|
||||||
|
my $AdminPanels = db_get_prop(\%accounts, $user, "AdminPanels"); |
||||||
|
$AdminPanels = '' if ! defined ($AdminPanels); |
||||||
|
|
||||||
|
if ( ! $AdminPanels ) |
||||||
|
{ |
||||||
|
print $q->Tr (esmith::cgi::genSmallCell ($q, $user), |
||||||
|
esmith::cgi::genSmallCell ($q, $name), |
||||||
|
esmith::cgi::genSmallCell ($q, |
||||||
|
$q->a ({href => $q->url (-absolute => 1) |
||||||
|
. "?state=modifyAccess&acct=" |
||||||
|
. $user}, 'Change Access...'))); |
||||||
|
|
||||||
|
} |
||||||
|
else |
||||||
|
{ |
||||||
|
print $q->Tr (esmith::cgi::genSmallRedCell ($q, $user), |
||||||
|
esmith::cgi::genSmallRedCell ($q, $name), |
||||||
|
esmith::cgi::genSmallCell ($q, |
||||||
|
$q->a ({href => $q->url (-absolute => 1) |
||||||
|
. "?state=modifyAccess&acct=" |
||||||
|
. $user}, 'Change Access...'))); |
||||||
|
|
||||||
|
} |
||||||
|
|
||||||
|
} |
||||||
|
|
||||||
|
#global setting |
||||||
|
if ( ! db_get( \%accounts, 'globalUP') ) |
||||||
|
{ |
||||||
|
db_set(\%accounts, 'globalUP', 'userpanelglobal', { FirstName => 'global user', LastName => 'panel access' }); |
||||||
|
} |
||||||
|
|
||||||
|
my $AdminPanels = db_get_prop(\%accounts, 'globalUP', "AdminPanels"); |
||||||
|
$AdminPanels = '' if ! defined ($AdminPanels); |
||||||
|
|
||||||
|
if ( ! $AdminPanels ) |
||||||
|
{ |
||||||
|
print $q->Tr (esmith::cgi::genSmallCell ($q, 'Global'), |
||||||
|
esmith::cgi::genSmallCell ($q, 'every user'), |
||||||
|
esmith::cgi::genSmallCell ($q, |
||||||
|
$q->a ({href => $q->url (-absolute => 1) |
||||||
|
. "?state=modifyAccess&acct=" |
||||||
|
. 'globalUP'}, 'Change Access...'))); |
||||||
|
|
||||||
|
} |
||||||
|
else |
||||||
|
{ |
||||||
|
print $q->Tr (esmith::cgi::genSmallRedCell ($q, 'Global'), |
||||||
|
esmith::cgi::genSmallRedCell ($q, 'every user'), |
||||||
|
esmith::cgi::genSmallCell ($q, |
||||||
|
$q->a ({href => $q->url (-absolute => 1) |
||||||
|
. "?state=modifyAccess&acct=" |
||||||
|
. 'globalUP'}, 'Change Access...'))); |
||||||
|
|
||||||
|
} |
||||||
|
|
||||||
|
print '</table>'; |
||||||
|
} |
||||||
|
|
||||||
|
esmith::cgi::genFooter ($q); |
||||||
|
} |
||||||
|
|
||||||
|
sub genPanels ($$) |
||||||
|
{ |
||||||
|
my ($q, $user) = @_; |
||||||
|
|
||||||
|
my %panelshash = (); |
||||||
|
my @selected = (); |
||||||
|
my @globalselected = (); |
||||||
|
|
||||||
|
my @panels; |
||||||
|
opendir (DIR, "/etc/e-smith/web/functions") |
||||||
|
|| die "Can't open /etc/e-smith/web/functions directory.\n"; |
||||||
|
push (@panels, sort (grep (!/^(\.|userpanel-initial|userpanel-navigation|userpanel-noframes|pleasewait|index\.cgi|initial\.cgi|navigation|noframes)/, readdir(DIR)))); |
||||||
|
closedir (DIR); |
||||||
|
|
||||||
|
my $panel; |
||||||
|
foreach $panel (@panels) |
||||||
|
{ |
||||||
|
$panelshash{$panel} = "Unknown"; |
||||||
|
|
||||||
|
unless (open (RD, "/etc/e-smith/web/functions/$panel")) |
||||||
|
{ |
||||||
|
warn "Can't open file /etc/e-smith/web/functions/$panel: $!\n"; |
||||||
|
next; |
||||||
|
} |
||||||
|
|
||||||
|
while (<RD>) |
||||||
|
{ |
||||||
|
if (/^\s*#\s*description\s*:\s*(.+?)\s*$/) |
||||||
|
{ |
||||||
|
$panelshash{$panel} = $1; |
||||||
|
} |
||||||
|
|
||||||
|
last if ( $panelshash{$panel} ne "Unknown" ); |
||||||
|
} |
||||||
|
close RD; |
||||||
|
} |
||||||
|
|
||||||
|
my $userAdminPanels = db_get_prop(\%accounts, $user, 'AdminPanels'); |
||||||
|
$userAdminPanels = '' if ! defined ($userAdminPanels); |
||||||
|
@selected = split (/,/, $userAdminPanels); |
||||||
|
|
||||||
|
my $globalAdminPanels = db_get_prop(\%accounts, 'globalUP', 'AdminPanels'); |
||||||
|
$globalAdminPanels = '' if ! defined ($globalAdminPanels); |
||||||
|
@globalselected = split (/,/, $globalAdminPanels); |
||||||
|
|
||||||
|
@panels = sort @panels; |
||||||
|
my $count = scalar @panels; |
||||||
|
|
||||||
|
my $out = ''; |
||||||
|
|
||||||
|
if ($count > 0) |
||||||
|
{ |
||||||
|
$out .= '<table border=1 cellspacing=1 cellpadding=4>'; |
||||||
|
|
||||||
|
$out .= $q->Tr ($q->td (' '), |
||||||
|
esmith::cgi::genSmallCell ($q, $q->b ('Panel')), |
||||||
|
esmith::cgi::genSmallCell ($q, $q->b ('Description'))); |
||||||
|
|
||||||
|
my $panel; |
||||||
|
foreach $panel (@panels) |
||||||
|
{ |
||||||
|
my $checked = ""; |
||||||
|
if (grep (/^$panel$/, @selected) || grep (/^$panel$/, @globalselected)) |
||||||
|
{ |
||||||
|
$checked = "checked"; |
||||||
|
} |
||||||
|
|
||||||
|
if (grep (/^$panel$/, @globalselected) && ($user ne 'globalUP')) |
||||||
|
{ |
||||||
|
$out .= |
||||||
|
$q->Tr ( |
||||||
|
$q->td ( |
||||||
|
"<input type=\"checkbox\"" |
||||||
|
. " name=\"panelAccess\"" |
||||||
|
. " $checked value=\"$panel\">" |
||||||
|
), |
||||||
|
esmith::cgi::genSmallRedCell ($q, $panel), |
||||||
|
esmith::cgi::genSmallRedCell ( |
||||||
|
$q, $panelshash{$panel} . ' (Global)')); |
||||||
|
} else { |
||||||
|
$out .= |
||||||
|
$q->Tr ( |
||||||
|
$q->td ( |
||||||
|
"<input type=\"checkbox\"" |
||||||
|
. " name=\"panelAccess\"" |
||||||
|
. " $checked value=\"$panel\">" |
||||||
|
), |
||||||
|
esmith::cgi::genSmallCell ($q, $panel), |
||||||
|
esmith::cgi::genSmallCell ( |
||||||
|
$q, $panelshash{$panel})); |
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
$out .= '</table>'; |
||||||
|
} |
||||||
|
|
||||||
|
return $out; |
||||||
|
} |
||||||
|
|
||||||
|
|
||||||
|
sub modifyAccess ($) |
||||||
|
{ |
||||||
|
my ($q) = @_; |
||||||
|
|
||||||
|
esmith::cgi::genHeaderNonCacheable ($q, \%conf, 'Modify user-manager access'); |
||||||
|
|
||||||
|
print |
||||||
|
$q->startform (-method => 'POST', -action => $q->url (-absolute => 1)); |
||||||
|
|
||||||
|
my $acct = $q->param ('acct'); |
||||||
|
|
||||||
|
my $username = ''; |
||||||
|
if (db_get_type(\%accounts, $acct) eq "group") |
||||||
|
{ |
||||||
|
$username =db_get_prop(\%accounts, $acct, "Description"); |
||||||
|
} |
||||||
|
else |
||||||
|
{ |
||||||
|
$username =db_get_prop(\%accounts, $acct, "FirstName")." ". db_get_prop(\%accounts, $acct, "LastName"); |
||||||
|
} |
||||||
|
|
||||||
|
if (db_get(\%accounts, $acct)) |
||||||
|
{ |
||||||
|
|
||||||
|
print $q->table ({border => 0, cellspacing => 0, cellpadding => 4}, |
||||||
|
|
||||||
|
$q->Tr (esmith::cgi::genCell ($q, "Account name:"), |
||||||
|
esmith::cgi::genCell ($q, $acct)), |
||||||
|
|
||||||
|
$q->Tr (esmith::cgi::genCell ($q, "Name/Description:"), |
||||||
|
esmith::cgi::genCell ($q, "$username")), |
||||||
|
|
||||||
|
$q->Tr (esmith::cgi::genCell ($q, "Accessible Panels:"), |
||||||
|
esmith::cgi::genCell ($q, genPanels ($q, $acct))), |
||||||
|
|
||||||
|
esmith::cgi::genButtonRow ($q, |
||||||
|
$q->submit (-name => 'action', |
||||||
|
-value => 'Modify'))); |
||||||
|
|
||||||
|
print $q->hidden (-name => 'acct', |
||||||
|
-override => 1, |
||||||
|
-default => $acct); |
||||||
|
|
||||||
|
print $q->hidden (-name => 'state', |
||||||
|
-override => 1, |
||||||
|
-default => 'performModifyAccess'); |
||||||
|
|
||||||
|
} |
||||||
|
|
||||||
|
print $q->endform; |
||||||
|
esmith::cgi::genFooter ($q); |
||||||
|
return; |
||||||
|
} |
||||||
|
|
||||||
|
|
||||||
|
sub performModifyAccess ($) |
||||||
|
{ |
||||||
|
my ($q) = @_; |
||||||
|
my $acct = $q->param ('acct'); |
||||||
|
|
||||||
|
my @adminPanels = $q->param ('panelAccess'); |
||||||
|
my @userPanels = (); |
||||||
|
|
||||||
|
my $globalAdminPanels = db_get_prop(\%accounts, 'globalUP', 'AdminPanels'); |
||||||
|
$globalAdminPanels = '' if ! defined ($globalAdminPanels); |
||||||
|
my @globalselected = split (/,/, $globalAdminPanels); |
||||||
|
|
||||||
|
foreach my $panel (@adminPanels) |
||||||
|
{ |
||||||
|
if ( ! grep (/^$panel$/, @globalselected) || ($acct eq 'globalUP')) |
||||||
|
{ |
||||||
|
push(@userPanels, $panel); |
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
my $adminPanels = join (',', @userPanels); |
||||||
|
|
||||||
|
db_set_prop(\%accounts, $acct, 'AdminPanels', $adminPanels); |
||||||
|
|
||||||
|
system ("/sbin/e-smith/signal-event", "conf-userpanel") == 0 |
||||||
|
or die ("Error occurred while updating userpanel configuration.\n"); |
||||||
|
|
||||||
|
showInitial ($q, "Successfully modified user account $acct."); |
||||||
|
} |
@ -0,0 +1,3 @@ |
|||||||
|
{ |
||||||
|
} |
||||||
|
|
@ -0,0 +1,36 @@ |
|||||||
|
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN"> |
||||||
|
|
||||||
|
<HTML> |
||||||
|
|
||||||
|
<HEAD> |
||||||
|
<TITLE>SME Server / user </TITLE> |
||||||
|
</HEAD> |
||||||
|
|
||||||
|
<FRAMESET FRAMESPACING="0" COLS="170,*" FRAMEBORDER="0" BORDER="0"> |
||||||
|
|
||||||
|
<FRAME NAME="navigation" RESIZE="auto" MARGINHEIGHT="0" SRC="/user-manager/cgi-bin/userpanel-navigation" |
||||||
|
FRAMEBORDER="no" SCROLLING="auto" MARGINWIDTH="0" BORDER="0"> |
||||||
|
|
||||||
|
<FRAME NAME="main" RESIZE="auto" MARGINHEIGHT="0" SRC="/user-manager/cgi-bin/userpanel-initial" |
||||||
|
FRAMEBORDER="no" SCROLLING="auto" MARGINWIDTH="0" BORDER="0"> |
||||||
|
|
||||||
|
</FRAMESET> |
||||||
|
|
||||||
|
<NOFRAMES> |
||||||
|
<BODY> |
||||||
|
|
||||||
|
<H1>Welcome to the user manager panel</H1> |
||||||
|
|
||||||
|
<P><A HREF="/user-manager/cgi-bin/userpanel-noframes">Click here</A> for a |
||||||
|
list of available functions. |
||||||
|
|
||||||
|
<P>As part of our commitment to open-source software, you are welcome |
||||||
|
to copy and redistribute this software. |
||||||
|
|
||||||
|
<P> |
||||||
|
<HR> |
||||||
|
|
||||||
|
</BODY> |
||||||
|
</NOFRAMES> |
||||||
|
|
||||||
|
</HTML> |
@ -0,0 +1,10 @@ |
|||||||
|
package My::Package; |
||||||
|
use Lemonldap::NG::Handler::SharedConf; |
||||||
|
@ISA = qw(Lemonldap::NG::Handler::SharedConf); |
||||||
|
|
||||||
|
__PACKAGE__->init( |
||||||
|
{ |
||||||
|
configStorage => { confFile => '/etc/lemonldap-ng/lemonldap-ng-admin.ini' }, |
||||||
|
} |
||||||
|
); |
||||||
|
1; |
@ -0,0 +1,10 @@ |
|||||||
|
package My::Package; |
||||||
|
use Lemonldap::NG::Handler::SharedConf; |
||||||
|
@ISA = qw(Lemonldap::NG::Handler::SharedConf); |
||||||
|
|
||||||
|
__PACKAGE__->init( |
||||||
|
{ |
||||||
|
configStorage => { confFile => '/etc/lemonldap-ng/lemonldap-ng-pki.ini' }, |
||||||
|
} |
||||||
|
); |
||||||
|
1; |
Loading…
Reference in new issue