Rename isAllowedPageUser() to isAllowed(). Add and move user priv items to /etc/inc/user.priv.inc. New privs can be added to this /etc/inc/priv/ directory and they will be automatically processed (packages, etc).

2 files changed, 34 insertions, 29 deletions

diff --git a/etc/inc/priv.inc b/etc/inc/priv.inc
index 88cc883..a96f14a 100644
--- a/etc/inc/priv.inc
+++ b/etc/inc/priv.inc
@@ -44,34 +44,8 @@
 	pfSense_MODULE:	auth
 */
 
-
-/*
- * USER PRIVILEGE DEFINITIONS
- */
-
-$priv_list['user-shell-access'] = array();
-$priv_list['user-shell-access']['name']  = "User - Shell account access";
-$priv_list['user-shell-access']['descr'] = "Indicates whether the user is able to login for ".
-										   "example via SSH.";
-
-$priv_list['user-copy-files'] = array();
-$priv_list['user-copy-files']['name']  = "User - Copy files";
-$priv_list['user-copy-files']['descr'] = "Indicates whether the user is allowed to copy files ".
-										 "onto the {$g['product_name']} appliance via SCP/SFTP. ".
-										 "If you are going to use this privilege, you must install ".
-										 "scponly on the appliance (Hint: pkg_add -r scponly).";
-
-$priv_list['user-l2tp-dialin'] = array();
-$priv_list['user-l2tp-dialin']['name'] = "User - L2TP Dialin";
-$priv_list['user-l2tp-dialin']['descr'] = "Indicates whether the user is allowed to dial in via L2TP";
-
-$priv_list['user-pptp-dialin'] = array();
-$priv_list['user-pptp-dialin']['name'] = "User - PPTP Dialin";
-$priv_list['user-pptp-dialin']['descr'] = "Indicates whether the user is allowed to dial in via PPTP";
-
-$priv_list['user-pppoe-dialin'] = array();
-$priv_list['user-pppoe-dialin']['name'] = "User - PPPOE Dialin";
-$priv_list['user-pppoe-dialin']['descr'] = "Indicates whether the user is allowed to dial in via PPPOE";
+/* Load and process custom privs. */
+run_plugins("/etc/inc/priv/");
 
 sort_privs($priv_list);
 
@@ -175,7 +149,7 @@ function get_user_privdesc(& $user) {
 	return $privs;
 }
 
-function isAllowedPageUser($username, $page) {
+function isAllowed($username, $page) {
 	global $_SESSION;
 
 	if (!isset($username))
diff --git a/etc/inc/priv/user.priv.inc b/etc/inc/priv/user.priv.inc
new file mode 100644
index 0000000..de8066c
--- /dev/null
+++ b/etc/inc/priv/user.priv.inc
@@ -0,0 +1,31 @@
+<?php
+
+?>/*
+ * USER PRIVILEGE DEFINITIONS
+ */
+
+$priv_list['user-shell-access'] = array();
+$priv_list['user-shell-access']['name']  = "User - Shell account access";
+$priv_list['user-shell-access']['descr'] = "Indicates whether the user is able to login for ".
+										   "example via SSH.";
+
+$priv_list['user-copy-files'] = array();
+$priv_list['user-copy-files']['name']  = "User - Copy files";
+$priv_list['user-copy-files']['descr'] = "Indicates whether the user is allowed to copy files ".
+										 "onto the {$g['product_name']} appliance via SCP/SFTP. ".
+										 "If you are going to use this privilege, you must install ".
+										 "scponly on the appliance (Hint: pkg_add -r scponly).";
+
+$priv_list['user-l2tp-dialin'] = array();
+$priv_list['user-l2tp-dialin']['name'] = "User - L2TP Dialin";
+$priv_list['user-l2tp-dialin']['descr'] = "Indicates whether the user is allowed to dial in via L2TP";
+
+$priv_list['user-pptp-dialin'] = array();
+$priv_list['user-pptp-dialin']['name'] = "User - PPTP Dialin";
+$priv_list['user-pptp-dialin']['descr'] = "Indicates whether the user is allowed to dial in via PPTP";
+
+$priv_list['user-pppoe-dialin'] = array();
+$priv_list['user-pppoe-dialin']['name'] = "User - PPPOE Dialin";
+$priv_list['user-pppoe-dialin']['descr'] = "Indicates whether the user is allowed to dial in via PPPOE";
+
+?>
\ No newline at end of file