Rewrite portions of the user manager to ensure data is properly synced to

the system password and group databases. This is to provide better support
for centralized user management when local account administration is
preferred.

I also took this opportunity to do some housekeeping. A lot of funtions
that were only being used in one place or not at all were removed. The
user page privelege checks were also simplified in preperation for future
work in this area.

1 files changed, 3 insertions, 19 deletions

diff --git a/usr/local/www/fbegin.inc b/usr/local/www/fbegin.inc
index 23efdb1..80da3e5 100755
--- a/usr/local/www/fbegin.inc
+++ b/usr/local/www/fbegin.inc
@@ -293,8 +293,8 @@ if ($_REQUEST['noticeaction'] == 'acknowledge') {
 
 		<div id="right">
 
-
 <?php
+
 	/* display a top alert bar if need be */
 	$need_alert_display = false;
 	$found_notices = are_notices_pending();
@@ -317,25 +317,9 @@ if ($_REQUEST['noticeaction'] == 'acknowledge') {
 		echo "</div>";
 	}
 
-	$auth_user = $HTTP_SERVER_VARS['AUTH_USER'];
-
-	$groupindex = index_groups();
-	$userindex = index_users();
-
-	$allowed = array();
-	$allowed[] = '';
-	if (!isSystemAdmin($HTTP_SERVER_VARS['AUTH_USER']))
-	    if (isset($config['system']['group'][$groupindex[$config['system']['user'][$userindex[$auth_user]]['groupname']]]['pages'])) 
-			$allowed = &$config['system']['group'][$groupindex[$config['system']['user'][$userindex[$auth_user]]['groupname']]]['pages'];
-
 function output_menu_item($url, $name) {
-	global $auth_user, $groupindex, $userindex, $allowed, $HTTP_SERVER_VARS, $allowed;
-	if(!$allowed)
-		$allowed = $_SESSION['privs'];	
-	if (!isSystemAdmin($HTTP_SERVER_VARS['AUTH_USER'])) 
-		if (!in_array(basename($url), $allowed))	
-			return;
-	echo "<li><a href=\"{$url}\" class=\"navlnk\">{$name}</a></li>\n";
+	if (isAllowedPage($url))
+		echo "<li><a href=\"{$url}\" class=\"navlnk\">{$name}</a></li>\n";
 }
 	
 ?>