|
|
@ -41,43 +41,54 @@ unlink(</var/cache/ajaxplorer/i18n/*.ser>); |
|
|
|
|
|
|
|
|
|
|
|
foreach my $user (($a->users),$a->get('admin')){ |
|
|
|
foreach my $user (($a->users),$a->get('admin')){ |
|
|
|
my $name = $user->key; |
|
|
|
my $name = $user->key; |
|
|
|
|
|
|
|
my $data; |
|
|
|
mkpath('/var/lib/ajaxplorer/plugins/auth.serial/' . $name); |
|
|
|
mkpath('/var/lib/ajaxplorer/plugins/auth.serial/' . $name); |
|
|
|
chmod 0770, "/var/lib/ajaxplorer/plugins/auth.serial/$name"; |
|
|
|
chmod 0770, "/var/lib/ajaxplorer/plugins/auth.serial/$name"; |
|
|
|
chown '0', '102', "/var/lib/ajaxplorer/plugins/auth.serial/$name"; |
|
|
|
chown '0', '102', "/var/lib/ajaxplorer/plugins/auth.serial/$name"; |
|
|
|
|
|
|
|
|
|
|
|
if (-s "/var/lib/ajaxplorer/plugins/auth.serial/$name/role.ser"){ |
|
|
|
if (-s "/var/lib/ajaxplorer/plugins/auth.serial/$name/role.ser"){ |
|
|
|
open RROLE, "/var/lib/ajaxplorer/plugins/auth.serial/$name/role.ser"; |
|
|
|
open RROLE, "/var/lib/ajaxplorer/plugins/auth.serial/$name/role.ser"; |
|
|
|
my $data = <RROLE>; |
|
|
|
$data = <RROLE>; |
|
|
|
close RROLE; |
|
|
|
close RROLE; |
|
|
|
$data = unserialize($data); |
|
|
|
$data = unserialize($data); |
|
|
|
delete $data->{"\0*\0acls"} if (defined $data->{"\0*\0acls"}); |
|
|
|
delete $data->{"\0*\0acls"} if (defined $data->{"\0*\0acls"}); |
|
|
|
foreach my $share ($a->get_all_by_prop(type => 'share')){ |
|
|
|
} |
|
|
|
my $sharename = $share->key; |
|
|
|
# No role yet ? lets create it |
|
|
|
my $access = $share->prop('Ajaxplorer') || 'disabled'; |
|
|
|
else{ |
|
|
|
next unless ($access eq 'enabled'); |
|
|
|
$data->{"\0*\0groupPath"} = undef; |
|
|
|
my @readgroups = split(/[;,]/, $share->prop('ReadGroups') || ''); |
|
|
|
$data->{"\0*\0autoApplies"} = []; |
|
|
|
my @writegroups = split(/[;,]/, $share->prop('WriteGroups') || ''); |
|
|
|
$data->{"\0*\0parameters"} = []; |
|
|
|
my @readusers = split(/[;,]/, $share->prop('ReadUsers') || ''); |
|
|
|
$data->{"\0*\0roleLabel"} = undef; |
|
|
|
my @writeusers = split(/[;,]/, $share->prop('WriteUsers') || ''); |
|
|
|
$data->{"\0*\0actions"} = []; |
|
|
|
|
|
|
|
$data->{"\0*\0roleId"} = "AJXP_USR_/$name"; |
|
|
|
|
|
|
|
$data = bless $data, 'PHP::Serialization::Object::AJXP_Role'; |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
# In any case, re-compute the effective permissions |
|
|
|
|
|
|
|
foreach my $share ($a->get_all_by_prop(type => 'share')){ |
|
|
|
|
|
|
|
my $sharename = $share->key; |
|
|
|
|
|
|
|
my $access = $share->prop('Ajaxplorer') || 'disabled'; |
|
|
|
|
|
|
|
next unless ($access eq 'enabled'); |
|
|
|
|
|
|
|
my @readgroups = split(/[;,]/, $share->prop('ReadGroups') || ''); |
|
|
|
|
|
|
|
my @writegroups = split(/[;,]/, $share->prop('WriteGroups') || ''); |
|
|
|
|
|
|
|
my @readusers = split(/[;,]/, $share->prop('ReadUsers') || ''); |
|
|
|
|
|
|
|
my @writeusers = split(/[;,]/, $share->prop('WriteUsers') || ''); |
|
|
|
|
|
|
|
|
|
|
|
foreach (@readgroups){ |
|
|
|
foreach (@readgroups){ |
|
|
|
$data->{"\0*\0acls"}->{$sharename} = 'r' if ( $a->is_user_in_group($name,$_) ); |
|
|
|
$data->{"\0*\0acls"}->{$sharename} = 'r' if ( $a->is_user_in_group($name,$_) ); |
|
|
|
} |
|
|
|
} |
|
|
|
foreach (@writegroups){ |
|
|
|
foreach (@writegroups){ |
|
|
|
$data->{"\0*\0acls"}->{$sharename} = 'rw' if ( $a->is_user_in_group($name,$_) ); |
|
|
|
$data->{"\0*\0acls"}->{$sharename} = 'rw' if ( $a->is_user_in_group($name,$_) ); |
|
|
|
} |
|
|
|
} |
|
|
|
foreach (@readusers){ |
|
|
|
foreach (@readusers){ |
|
|
|
$data->{"\0*\0acls"}->{$sharename} = 'r' if ( $_ eq $name ); |
|
|
|
$data->{"\0*\0acls"}->{$sharename} = 'r' if ( $_ eq $name ); |
|
|
|
} |
|
|
|
} |
|
|
|
foreach (@writeusers){ |
|
|
|
foreach (@writeusers){ |
|
|
|
$data->{"\0*\0acls"}->{$sharename} = 'rw' if ( $_ eq $name ); |
|
|
|
$data->{"\0*\0acls"}->{$sharename} = 'rw' if ( $_ eq $name ); |
|
|
|
} |
|
|
|
|
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
open WROLE, '+>', "/var/lib/ajaxplorer/plugins/auth.serial/$name/role.ser"; |
|
|
|
|
|
|
|
print WROLE serialize($data); |
|
|
|
|
|
|
|
close WROLE; |
|
|
|
|
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
open WROLE, '+>', "/var/lib/ajaxplorer/plugins/auth.serial/$name/role.ser"; |
|
|
|
|
|
|
|
print WROLE serialize($data); |
|
|
|
|
|
|
|
close WROLE; |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
my $ajxp = $c->get('ajaxplorer') || die "Couldn't find ajaxplorer entry in ConfigDB\n"; |
|
|
|
my $ajxp = $c->get('ajaxplorer') || die "Couldn't find ajaxplorer entry in ConfigDB\n"; |
|
|
|