. * All rights reserved. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ ##|+PRIV ##|*IDENT=page-system-groupmanager-addprivs ##|*NAME=System: Group Manager: Add Privileges ##|*DESCR=Allow access to the 'System: Group Manager: Add Privileges' page. ##|*WARN=standard-warning-root ##|*MATCH=system_groupmanager_addprivs.php* ##|-PRIV require_once("guiconfig.inc"); require_once("pfsense-utils.inc"); $groupid = $_REQUEST['groupid']; $pgtitle = array(gettext("System"), gettext("User Manager"), gettext("Groups"), gettext("Edit"), gettext("Add Privileges")); $pglinks = array("", "system_usermanager.php", "system_groupmanager.php", "system_groupmanager.php?act=edit&groupid=" . $groupid, "@self"); $a_group = & $config['system']['group'][$groupid]; if (!is_array($a_group)) { pfSenseHeader("system_groupmanager.php?id={$groupid}"); exit; } if (!is_array($a_group['priv'])) { $a_group['priv'] = array(); } // Make a local copy and sort it $spriv_list = $priv_list; uasort($spriv_list, "compare_by_name"); if ($_POST['save']) { unset($input_errors); $pconfig = $_POST; /* input validation */ $reqdfields = explode(" ", "sysprivs"); $reqdfieldsn = array(gettext("Selected privileges")); do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors); if (!$input_errors) { if (!is_array($pconfig['sysprivs'])) { $pconfig['sysprivs'] = array(); } if (!count($a_group['priv'])) { $a_group['priv'] = $pconfig['sysprivs']; } else { $a_group['priv'] = array_merge($a_group['priv'], $pconfig['sysprivs']); } if (is_array($a_group['member'])) { foreach ($a_group['member'] as $uid) { $user = getUserEntryByUID($uid); if ($user) { local_user_set($user); } } } write_config(); pfSenseHeader("system_groupmanager.php?act=edit&groupid={$groupid}"); exit; } } function build_priv_list() { global $spriv_list, $a_group; $list = array(); foreach ($spriv_list as $pname => $pdata) { if (in_array($pname, $a_group['priv'])) { continue; } $list[$pname] = $pdata['name']; } return($list); } function get_root_priv_item_text() { global $priv_list; $priv_text = ""; foreach ($priv_list as $pname => $pdata) { if (isset($pdata['warn']) && ($pdata['warn'] == 'standard-warning-root')) { $priv_text .= '
' . $pdata['name']; } } return($priv_text); } include("head.inc"); if ($input_errors) { print_input_errors($input_errors); } $tab_array = array(); $tab_array[] = array(gettext("Users"), false, "system_usermanager.php"); $tab_array[] = array(gettext("Groups"), true, "system_groupmanager.php"); $tab_array[] = array(gettext("Settings"), false, "system_usermanager_settings.php"); $tab_array[] = array(gettext("Authentication Servers"), false, "system_authservers.php"); display_top_tabs($tab_array); $form = new Form; if (isset($groupid)) { $form->addGlobal(new Form_Input( 'groupid', null, 'hidden', $groupid )); } $section = new Form_Section('Group Privileges'); $name_string = $a_group['name']; if (!empty($a_group['descr'])) { $name_string .= " ({$a_group['descr']})"; } $section->addInput(new Form_StaticText( 'Group', $name_string )); $section->addInput(new Form_Select( 'sysprivs', '*Assigned privileges', $a_group['priv'], build_priv_list(), true ))->addClass('multiselect') ->setHelp('Hold down CTRL (PC)/COMMAND (Mac) key to select multiple items.'); $section->addInput(new Form_Select( 'shadow', 'Shadow', null, build_priv_list(), true ))->addClass('shadowselect') ->setHelp('Hold down CTRL (PC)/COMMAND (Mac) key to select multiple items.'); $section->addInput(new Form_Input( 'filtertxt', 'Filter', 'text', null ))->setHelp('Show only the choices containing this term'); $section->addInput(new Form_StaticText( gettext('Privilege information'), ''. gettext('The following privileges effectively give administrator-level access to users in the group' . ' because the user gains access to execute general commands, edit system files, ' . ' modify users, change passwords or similar:') . '
' . get_root_priv_item_text() . '

' . gettext('Please take care when granting these privileges.') . '' )); $btnfilter = new Form_Button( 'btnfilter', 'Filter', null, 'fa-filter' ); $btnfilter->setAttribute('type','button')->addClass('btn btn-info'); $form->addGlobal($btnfilter); $btnclear = new Form_Button( 'btnclear', 'Clear', null, 'fa-times' ); $btnclear->setAttribute('type','button')->addClass('btn btn-warning'); $form->addGlobal($btnclear); $form->add($section); print $form; ?>