1 files changed, 174 insertions, 0 deletions

diff --git a/src/usr/local/www/system_groupmanager_addprivs.php b/src/usr/local/www/system_groupmanager_addprivs.php
new file mode 100644
index 0000000..d9134bf
--- /dev/null
+++ b/src/usr/local/www/system_groupmanager_addprivs.php
@@ -0,0 +1,174 @@
+<?php
+/* $Id$ */
+/*
+	system_groupmanager_addprivs.php
+
+	Copyright (C) 2013-2015 Electric Sheep Fencing, LP
+	Copyright (C) 2006 Daniel S. Haischt.
+	All rights reserved.
+
+	Redistribution and use in source and binary forms, with or without
+	modification, are permitted provided that the following conditions are met:
+
+	1. Redistributions of source code must retain the above copyright notice,
+	   this list of conditions and the following disclaimer.
+
+	2. Redistributions in binary form must reproduce the above copyright
+	   notice, this list of conditions and the following disclaimer in the
+	   documentation and/or other materials provided with the distribution.
+
+	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+	POSSIBILITY OF SUCH DAMAGE.
+*/
+/*
+	pfSense_MODULE:	auth
+*/
+
+##|+PRIV
+##|*IDENT=page-system-groupmanager-addprivs
+##|*NAME=System: Group Manager: Add Privileges page
+##|*DESCR=Allow access to the 'System: Group Manager: Add Privileges' page.
+##|*MATCH=system_groupmanager_addprivs.php*
+##|-PRIV
+
+function cpusercmp($a, $b) {
+	return strcasecmp($a['name'], $b['name']);
+}
+
+function admin_groups_sort() {
+	global $config;
+
+	if (!is_array($config['system']['group'])) {
+		return;
+	}
+
+	usort($config['system']['group'], "cpusercmp");
+}
+
+require("guiconfig.inc");
+
+$pgtitle = array(gettext("System"), gettext("Group manager"), gettext("Add privileges"));
+
+if (is_numericint($_GET['groupid'])) {
+	$groupid = $_GET['groupid'];
+}
+if (isset($_POST['groupid']) && is_numericint($_POST['groupid'])) {
+	$groupid = $_POST['groupid'];
+}
+
+$a_group = & $config['system']['group'][$groupid];
+
+if (!is_array($a_group)) {
+	pfSenseHeader("system_groupmanager.php?id={$groupid}");
+	exit;
+}
+
+if (!is_array($a_group['priv'])) {
+	$a_group['priv'] = array();
+}
+
+if ($_POST) {
+
+	unset($input_errors);
+	$pconfig = $_POST;
+
+	/* input validation */
+	$reqdfields = explode(" ", "sysprivs");
+	$reqdfieldsn = array(gettext("Selected privileges"));
+
+	do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
+
+	/* if this is an AJAX caller then handle via JSON */
+	if (isAjax() && is_array($input_errors)) {
+		input_errors2Ajax($input_errors);
+		exit;
+	}
+
+	if (!$input_errors) {
+
+		if (!is_array($pconfig['sysprivs'])) {
+			$pconfig['sysprivs'] = array();
+		}
+
+		if (!count($a_group['priv'])) {
+			$a_group['priv'] = $pconfig['sysprivs'];
+		} else {
+			$a_group['priv'] = array_merge($a_group['priv'], $pconfig['sysprivs']);
+		}
+
+		if (is_array($a_group['member'])) {
+			foreach ($a_group['member'] as $uid) {
+				$user = getUserEntryByUID($uid);
+				if ($user) {
+					local_user_set($user);
+				}
+			}
+		}
+
+		admin_groups_sort();
+
+		$retval = write_config();
+		$savemsg = get_std_save_message($retval);
+
+		pfSenseHeader("system_groupmanager.php?act=edit&groupid={$groupid}");
+		exit;
+	}
+}
+
+/* if ajax is calling, give them an update message */
+if (isAjax()) {
+	print_info_box_np($savemsg);
+}
+
+include("head.inc");
+
+if ($input_errors)
+	print_input_errors($input_errors);
+if ($savemsg)
+	print_info_box($savemsg);
+
+$tab_array = array();
+$tab_array[] = array(gettext("Users"), false, "system_usermanager.php");
+$tab_array[] = array(gettext("Groups"), true, "system_groupmanager.php");
+$tab_array[] = array(gettext("Settings"), false, "system_usermanager_settings.php");
+$tab_array[] = array(gettext("Servers"), false, "system_authservers.php");
+display_top_tabs($tab_array);
+
+require('classes/Form.class.php');
+$form = new Form;
+if (isset($groupid))
+{
+	$form->addGlobal(new Form_Input(
+		'groupid',
+		null,
+		'hidden',
+		$groupid
+	));
+}
+
+$section = new Form_Section('Add privileges for '. $a_group['name']);
+
+$priv_list = array_map(function($p){ return $p['name']; }, $priv_list);
+asort($priv_list);
+
+$section->addInput(new Form_Select(
+	'sysprivs',
+	'Assigned privileges',
+	$a_group['priv'],
+	$priv_list,
+	true
+))->setHelp('Hold down CTRL (pc)/COMMAND (mac) key to select');
+
+$form->add($section);
+
+print $form;
+
+include('foot.inc');
\ No newline at end of file