From fb1266d3a1314ade3ac9bd30dee3acdf762cbef9 Mon Sep 17 00:00:00 2001 From: Matthew Grooms Date: Tue, 9 Sep 2008 04:08:22 +0000 Subject: Moves the protocol and certificate options out of the general config page to the Advanced admin access tab. The thought is that they should be next to each other. The certificate management has also been modified to use the centralized certificate manager. I took the liberty of removing the default certificate/key definitions from the web server configuration function as it is now trivial to create these locally. The global SSH authorized keys have also been removed. Any existing key data will be migrated to the admin account. I also added some new checks to ensure the sshd process is only restarted when its configuration has actually changed. --- usr/local/www/system_usermanager.php | 37 ++++++++++++------------------------ 1 file changed, 12 insertions(+), 25 deletions(-) (limited to 'usr/local/www/system_usermanager.php') diff --git a/usr/local/www/system_usermanager.php b/usr/local/www/system_usermanager.php index 5426524..cdb2c35 100644 --- a/usr/local/www/system_usermanager.php +++ b/usr/local/www/system_usermanager.php @@ -197,12 +197,7 @@ if (isAllowedPage("system_usermanager")) { } } - if(is_array($_POST['groups'])) - foreach($_POST['groups'] as $groupname) - if ($pconfig['utype'] <> "system" && !isset($groupindex[$groupname])) - $input_errors[] = gettext("group {$groupname} does not exist, please define the group before assigning users."); - - if (isset($config['system']['ssh']['sshdkeyonly']) && empty($_POST['authorizedkeys'])) + if (isset($config['system']['ssh']['sshdkeyonly']) && empty($_POST['authorizedkeys'])) $input_errors[] = gettext("You must provide an authorized key otherwise you won't be able to login into this system."); /* if this is an AJAX caller then handle via JSON */ @@ -216,6 +211,8 @@ if (isAllowedPage("system_usermanager")) { if (isset($id) && $a_user[$id]) $userent = $a_user[$id]; + isset($_POST['utype']) ? $userent['scope'] = $_POST['utype'] : $userent['scope'] = "system"; + /* the user name was modified */ if ($_POST['usernamefld'] <> $_POST['oldusername']) $_SERVER['REMOTE_USER'] = $_POST['usernamefld']; @@ -226,11 +223,7 @@ if (isAllowedPage("system_usermanager")) { $userent['name'] = $_POST['usernamefld']; $userent['fullname'] = $_POST['fullname']; - - isset($_POST['utype']) ? $userent['scope'] = $_POST['utype'] : $userent['scope'] = "system"; - - if(isset($config['system']['ssh']['sshdkeyonly'])) - $userent['authorizedkeys'] = base64_encode($_POST['authorizedkeys']); + $userent['authorizedkeys'] = base64_encode($_POST['authorizedkeys']); if (isset($id) && $a_user[$id]) $a_user[$id] = $userent; @@ -367,20 +360,6 @@ function presubmit() { - - - - - - - -
- - - - - - @@ -552,6 +531,14 @@ function presubmit() { + + + +
+ + + +   -- cgit v1.1