* Copyright (c) 2008 Shrew Soft Inc * * Some or all of this file is based on the m0n0wall project which is * Copyright (c) 2004 Manuel Kasper (BSD 2 clause) * * Redistribution and use in source and binary forms, with or without modification, * are permitted provided that the following conditions are met: * * 1. Redistributions of source code must retain the above copyright notice, * this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in * the documentation and/or other materials provided with the * distribution. * * 3. All advertising materials mentioning features or use of this software * must display the following acknowledgment: * "This product includes software developed by the pfSense Project * for use in the pfSense software distribution. (http://www.pfsense.org/). * * 4. The names "pfSense" and "pfSense Project" must not be used to * endorse or promote products derived from this software without * prior written permission. For written permission, please contact * coreteam@pfsense.org. * * 5. Products derived from this software may not be called "pfSense" * nor may "pfSense" appear in their names without prior written * permission of the Electric Sheep Fencing, LLC. * * 6. Redistributions of any form whatsoever must retain the following * acknowledgment: * * "This product includes software developed by the pfSense Project * for use in the pfSense software distribution (http://www.pfsense.org/). * * THIS SOFTWARE IS PROVIDED BY THE pfSense PROJECT ``AS IS'' AND ANY * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE pfSense PROJECT OR * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. * * ==================================================================== * */ ##|+PRIV ##|*IDENT=page-system-groupmanager ##|*NAME=System: Group manager ##|*DESCR=Allow access to the 'System: Group manager' page. ##|*MATCH=system_groupmanager.php* ##|-PRIV require("guiconfig.inc"); if (!is_array($config['system']['group'])) { $config['system']['group'] = array(); } $a_group = &$config['system']['group']; unset($id); if (isset($_POST['groupid']) && is_numericint($_POST['groupid'])) { $id = $_POST['groupid']; } if (isset($_GET['groupid']) && is_numericint($_GET['groupid'])) { $id = $_GET['groupid']; } $act = (isset($_GET['act']) ? $_GET['act'] : ''); function cpusercmp($a, $b) { return strcasecmp($a['name'], $b['name']); } function admin_groups_sort() { global $a_group; if (!is_array($a_group)) { return; } usort($a_group, "cpusercmp"); } if ($act == "delgroup") { if (!isset($id) || !isset($_GET['groupname']) || !isset($a_group[$id]) || ($_GET['groupname'] != $a_group[$id]['name'])) { pfSenseHeader("system_groupmanager.php"); exit; } conf_mount_rw(); local_group_del($a_group[$id]); conf_mount_ro(); $groupdeleted = $a_group[$id]['name']; unset($a_group[$id]); write_config(); $savemsg = sprintf(gettext("Group %s successfully deleted."), $groupdeleted); } if ($act == "delpriv") { if (!isset($id) || !isset($a_group[$id])) { pfSenseHeader("system_groupmanager.php"); exit; } $privdeleted = $priv_list[$a_group[$id]['priv'][$_POST['privid']]]['name']; unset($a_group[$id]['priv'][$_GET['privid']]); if (is_array($a_group[$id]['member'])) { foreach ($a_group[$id]['member'] as $uid) { $user = getUserEntryByUID($uid); if ($user) { local_user_set($user); } } } write_config(); $act = "edit"; $savemsg = sprintf(gettext("Privilege %s successfully deleted."), $privdeleted); } if ($act == "edit") { if (isset($id) && isset($a_group[$id])) { $pconfig['name'] = $a_group[$id]['name']; $pconfig['gid'] = $a_group[$id]['gid']; $pconfig['gtype'] = empty($a_group[$id]['scope']) ? "local" : $a_group[$id]['scope']; $pconfig['description'] = $a_group[$id]['description']; $pconfig['members'] = $a_group[$id]['member']; $pconfig['priv'] = $a_group[$id]['priv']; } } if (isset($_GET['dellall_x'])) { $del_groups = $_GET['delete_check']; if (!empty($del_groups)) { foreach ($del_groups as $groupid) { if (isset($a_group[$groupid]) && $a_group[$groupid]['scope'] != "system") { conf_mount_rw(); local_group_del($a_group[$groupid]); conf_mount_ro(); unset($a_group[$groupid]); } } $savemsg = gettext("Selected groups removed successfully."); write_config($savemsg); } } if (isset($_POST['save'])) { unset($input_errors); $pconfig = $_POST; /* input validation */ $reqdfields = explode(" ", "groupname"); $reqdfieldsn = array(gettext("Group Name")); do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if ($_POST['gtype'] != "remote") { if (preg_match("/[^a-zA-Z0-9\.\-_]/", $_POST['groupname'])) { $input_errors[] = sprintf(gettext("The (%s) group name contains invalid characters."), $_POST['gtype']); } } else { if (preg_match("/[^a-zA-Z0-9\.\- _]/", $_POST['groupname'])) { $input_errors[] = sprintf(gettext("The (%s) group name contains invalid characters."), $_POST['gtype']); } } if (strlen($_POST['groupname']) > 16) { $input_errors[] = gettext("The group name is longer than 16 characters."); } if (!$input_errors && !(isset($id) && $a_group[$id])) { /* make sure there are no dupes */ foreach ($a_group as $group) { if ($group['name'] == $_POST['groupname']) { $input_errors[] = gettext("Another entry with the same group name already exists."); break; } } } if (!$input_errors) { $group = array(); if (isset($id) && $a_group[$id]) { $group = $a_group[$id]; } $group['name'] = $_POST['groupname']; $group['description'] = $_POST['description']; $group['scope'] = $_POST['gtype']; if (empty($_POST['members'])) { unset($group['member']); } else if ($group['gid'] != 1998) { // all group $group['member'] = $_POST['members']; } if (isset($id) && $a_group[$id]) { $a_group[$id] = $group; } else { $group['gid'] = $config['system']['nextgid']++; $a_group[] = $group; } admin_groups_sort(); conf_mount_rw(); local_group_set($group); conf_mount_ro(); /* Refresh users in this group since their privileges may have changed. */ if (is_array($group['member'])) { $a_user = &$config['system']['user']; foreach ($a_user as & $user) { if (in_array($user['uid'], $group['member'])) { local_user_set($user); } } } write_config(); header("Location: system_groupmanager.php"); exit; } $pconfig['name'] = $_POST['groupname']; } function build_priv_table() { global $a_group, $id; $privhtml = '
=gettext("Group name")?> | =gettext("Description")?> | =gettext("Member Count")?> | =gettext("Actions")?> |
---|---|---|---|
=htmlspecialchars($group['name'])?> | =htmlspecialchars($group['description'])?> | =$groupcount?> | " href="?act=edit&groupid==$i?>"> " href="?act=delgroup&groupid==$i?>&groupname==$group['name']?>"> |