Initial import
This commit is contained in:
commit
e7a6d9b2fc
|
@ -0,0 +1,340 @@
|
|||
GNU GENERAL PUBLIC LICENSE
|
||||
Version 2, June 1991
|
||||
|
||||
Copyright (C) 1989, 1991 Free Software Foundation, Inc.
|
||||
59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||
Everyone is permitted to copy and distribute verbatim copies
|
||||
of this license document, but changing it is not allowed.
|
||||
|
||||
Preamble
|
||||
|
||||
The licenses for most software are designed to take away your
|
||||
freedom to share and change it. By contrast, the GNU General Public
|
||||
License is intended to guarantee your freedom to share and change free
|
||||
software--to make sure the software is free for all its users. This
|
||||
General Public License applies to most of the Free Software
|
||||
Foundation's software and to any other program whose authors commit to
|
||||
using it. (Some other Free Software Foundation software is covered by
|
||||
the GNU Library General Public License instead.) You can apply it to
|
||||
your programs, too.
|
||||
|
||||
When we speak of free software, we are referring to freedom, not
|
||||
price. Our General Public Licenses are designed to make sure that you
|
||||
have the freedom to distribute copies of free software (and charge for
|
||||
this service if you wish), that you receive source code or can get it
|
||||
if you want it, that you can change the software or use pieces of it
|
||||
in new free programs; and that you know you can do these things.
|
||||
|
||||
To protect your rights, we need to make restrictions that forbid
|
||||
anyone to deny you these rights or to ask you to surrender the rights.
|
||||
These restrictions translate to certain responsibilities for you if you
|
||||
distribute copies of the software, or if you modify it.
|
||||
|
||||
For example, if you distribute copies of such a program, whether
|
||||
gratis or for a fee, you must give the recipients all the rights that
|
||||
you have. You must make sure that they, too, receive or can get the
|
||||
source code. And you must show them these terms so they know their
|
||||
rights.
|
||||
|
||||
We protect your rights with two steps: (1) copyright the software, and
|
||||
(2) offer you this license which gives you legal permission to copy,
|
||||
distribute and/or modify the software.
|
||||
|
||||
Also, for each author's protection and ours, we want to make certain
|
||||
that everyone understands that there is no warranty for this free
|
||||
software. If the software is modified by someone else and passed on, we
|
||||
want its recipients to know that what they have is not the original, so
|
||||
that any problems introduced by others will not reflect on the original
|
||||
authors' reputations.
|
||||
|
||||
Finally, any free program is threatened constantly by software
|
||||
patents. We wish to avoid the danger that redistributors of a free
|
||||
program will individually obtain patent licenses, in effect making the
|
||||
program proprietary. To prevent this, we have made it clear that any
|
||||
patent must be licensed for everyone's free use or not licensed at all.
|
||||
|
||||
The precise terms and conditions for copying, distribution and
|
||||
modification follow.
|
||||
|
||||
GNU GENERAL PUBLIC LICENSE
|
||||
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
|
||||
|
||||
0. This License applies to any program or other work which contains
|
||||
a notice placed by the copyright holder saying it may be distributed
|
||||
under the terms of this General Public License. The "Program", below,
|
||||
refers to any such program or work, and a "work based on the Program"
|
||||
means either the Program or any derivative work under copyright law:
|
||||
that is to say, a work containing the Program or a portion of it,
|
||||
either verbatim or with modifications and/or translated into another
|
||||
language. (Hereinafter, translation is included without limitation in
|
||||
the term "modification".) Each licensee is addressed as "you".
|
||||
|
||||
Activities other than copying, distribution and modification are not
|
||||
covered by this License; they are outside its scope. The act of
|
||||
running the Program is not restricted, and the output from the Program
|
||||
is covered only if its contents constitute a work based on the
|
||||
Program (independent of having been made by running the Program).
|
||||
Whether that is true depends on what the Program does.
|
||||
|
||||
1. You may copy and distribute verbatim copies of the Program's
|
||||
source code as you receive it, in any medium, provided that you
|
||||
conspicuously and appropriately publish on each copy an appropriate
|
||||
copyright notice and disclaimer of warranty; keep intact all the
|
||||
notices that refer to this License and to the absence of any warranty;
|
||||
and give any other recipients of the Program a copy of this License
|
||||
along with the Program.
|
||||
|
||||
You may charge a fee for the physical act of transferring a copy, and
|
||||
you may at your option offer warranty protection in exchange for a fee.
|
||||
|
||||
2. You may modify your copy or copies of the Program or any portion
|
||||
of it, thus forming a work based on the Program, and copy and
|
||||
distribute such modifications or work under the terms of Section 1
|
||||
above, provided that you also meet all of these conditions:
|
||||
|
||||
a) You must cause the modified files to carry prominent notices
|
||||
stating that you changed the files and the date of any change.
|
||||
|
||||
b) You must cause any work that you distribute or publish, that in
|
||||
whole or in part contains or is derived from the Program or any
|
||||
part thereof, to be licensed as a whole at no charge to all third
|
||||
parties under the terms of this License.
|
||||
|
||||
c) If the modified program normally reads commands interactively
|
||||
when run, you must cause it, when started running for such
|
||||
interactive use in the most ordinary way, to print or display an
|
||||
announcement including an appropriate copyright notice and a
|
||||
notice that there is no warranty (or else, saying that you provide
|
||||
a warranty) and that users may redistribute the program under
|
||||
these conditions, and telling the user how to view a copy of this
|
||||
License. (Exception: if the Program itself is interactive but
|
||||
does not normally print such an announcement, your work based on
|
||||
the Program is not required to print an announcement.)
|
||||
|
||||
These requirements apply to the modified work as a whole. If
|
||||
identifiable sections of that work are not derived from the Program,
|
||||
and can be reasonably considered independent and separate works in
|
||||
themselves, then this License, and its terms, do not apply to those
|
||||
sections when you distribute them as separate works. But when you
|
||||
distribute the same sections as part of a whole which is a work based
|
||||
on the Program, the distribution of the whole must be on the terms of
|
||||
this License, whose permissions for other licensees extend to the
|
||||
entire whole, and thus to each and every part regardless of who wrote it.
|
||||
|
||||
Thus, it is not the intent of this section to claim rights or contest
|
||||
your rights to work written entirely by you; rather, the intent is to
|
||||
exercise the right to control the distribution of derivative or
|
||||
collective works based on the Program.
|
||||
|
||||
In addition, mere aggregation of another work not based on the Program
|
||||
with the Program (or with a work based on the Program) on a volume of
|
||||
a storage or distribution medium does not bring the other work under
|
||||
the scope of this License.
|
||||
|
||||
3. You may copy and distribute the Program (or a work based on it,
|
||||
under Section 2) in object code or executable form under the terms of
|
||||
Sections 1 and 2 above provided that you also do one of the following:
|
||||
|
||||
a) Accompany it with the complete corresponding machine-readable
|
||||
source code, which must be distributed under the terms of Sections
|
||||
1 and 2 above on a medium customarily used for software interchange; or,
|
||||
|
||||
b) Accompany it with a written offer, valid for at least three
|
||||
years, to give any third party, for a charge no more than your
|
||||
cost of physically performing source distribution, a complete
|
||||
machine-readable copy of the corresponding source code, to be
|
||||
distributed under the terms of Sections 1 and 2 above on a medium
|
||||
customarily used for software interchange; or,
|
||||
|
||||
c) Accompany it with the information you received as to the offer
|
||||
to distribute corresponding source code. (This alternative is
|
||||
allowed only for noncommercial distribution and only if you
|
||||
received the program in object code or executable form with such
|
||||
an offer, in accord with Subsection b above.)
|
||||
|
||||
The source code for a work means the preferred form of the work for
|
||||
making modifications to it. For an executable work, complete source
|
||||
code means all the source code for all modules it contains, plus any
|
||||
associated interface definition files, plus the scripts used to
|
||||
control compilation and installation of the executable. However, as a
|
||||
special exception, the source code distributed need not include
|
||||
anything that is normally distributed (in either source or binary
|
||||
form) with the major components (compiler, kernel, and so on) of the
|
||||
operating system on which the executable runs, unless that component
|
||||
itself accompanies the executable.
|
||||
|
||||
If distribution of executable or object code is made by offering
|
||||
access to copy from a designated place, then offering equivalent
|
||||
access to copy the source code from the same place counts as
|
||||
distribution of the source code, even though third parties are not
|
||||
compelled to copy the source along with the object code.
|
||||
|
||||
4. You may not copy, modify, sublicense, or distribute the Program
|
||||
except as expressly provided under this License. Any attempt
|
||||
otherwise to copy, modify, sublicense or distribute the Program is
|
||||
void, and will automatically terminate your rights under this License.
|
||||
However, parties who have received copies, or rights, from you under
|
||||
this License will not have their licenses terminated so long as such
|
||||
parties remain in full compliance.
|
||||
|
||||
5. You are not required to accept this License, since you have not
|
||||
signed it. However, nothing else grants you permission to modify or
|
||||
distribute the Program or its derivative works. These actions are
|
||||
prohibited by law if you do not accept this License. Therefore, by
|
||||
modifying or distributing the Program (or any work based on the
|
||||
Program), you indicate your acceptance of this License to do so, and
|
||||
all its terms and conditions for copying, distributing or modifying
|
||||
the Program or works based on it.
|
||||
|
||||
6. Each time you redistribute the Program (or any work based on the
|
||||
Program), the recipient automatically receives a license from the
|
||||
original licensor to copy, distribute or modify the Program subject to
|
||||
these terms and conditions. You may not impose any further
|
||||
restrictions on the recipients' exercise of the rights granted herein.
|
||||
You are not responsible for enforcing compliance by third parties to
|
||||
this License.
|
||||
|
||||
7. If, as a consequence of a court judgment or allegation of patent
|
||||
infringement or for any other reason (not limited to patent issues),
|
||||
conditions are imposed on you (whether by court order, agreement or
|
||||
otherwise) that contradict the conditions of this License, they do not
|
||||
excuse you from the conditions of this License. If you cannot
|
||||
distribute so as to satisfy simultaneously your obligations under this
|
||||
License and any other pertinent obligations, then as a consequence you
|
||||
may not distribute the Program at all. For example, if a patent
|
||||
license would not permit royalty-free redistribution of the Program by
|
||||
all those who receive copies directly or indirectly through you, then
|
||||
the only way you could satisfy both it and this License would be to
|
||||
refrain entirely from distribution of the Program.
|
||||
|
||||
If any portion of this section is held invalid or unenforceable under
|
||||
any particular circumstance, the balance of the section is intended to
|
||||
apply and the section as a whole is intended to apply in other
|
||||
circumstances.
|
||||
|
||||
It is not the purpose of this section to induce you to infringe any
|
||||
patents or other property right claims or to contest validity of any
|
||||
such claims; this section has the sole purpose of protecting the
|
||||
integrity of the free software distribution system, which is
|
||||
implemented by public license practices. Many people have made
|
||||
generous contributions to the wide range of software distributed
|
||||
through that system in reliance on consistent application of that
|
||||
system; it is up to the author/donor to decide if he or she is willing
|
||||
to distribute software through any other system and a licensee cannot
|
||||
impose that choice.
|
||||
|
||||
This section is intended to make thoroughly clear what is believed to
|
||||
be a consequence of the rest of this License.
|
||||
|
||||
8. If the distribution and/or use of the Program is restricted in
|
||||
certain countries either by patents or by copyrighted interfaces, the
|
||||
original copyright holder who places the Program under this License
|
||||
may add an explicit geographical distribution limitation excluding
|
||||
those countries, so that distribution is permitted only in or among
|
||||
countries not thus excluded. In such case, this License incorporates
|
||||
the limitation as if written in the body of this License.
|
||||
|
||||
9. The Free Software Foundation may publish revised and/or new versions
|
||||
of the General Public License from time to time. Such new versions will
|
||||
be similar in spirit to the present version, but may differ in detail to
|
||||
address new problems or concerns.
|
||||
|
||||
Each version is given a distinguishing version number. If the Program
|
||||
specifies a version number of this License which applies to it and "any
|
||||
later version", you have the option of following the terms and conditions
|
||||
either of that version or of any later version published by the Free
|
||||
Software Foundation. If the Program does not specify a version number of
|
||||
this License, you may choose any version ever published by the Free Software
|
||||
Foundation.
|
||||
|
||||
10. If you wish to incorporate parts of the Program into other free
|
||||
programs whose distribution conditions are different, write to the author
|
||||
to ask for permission. For software which is copyrighted by the Free
|
||||
Software Foundation, write to the Free Software Foundation; we sometimes
|
||||
make exceptions for this. Our decision will be guided by the two goals
|
||||
of preserving the free status of all derivatives of our free software and
|
||||
of promoting the sharing and reuse of software generally.
|
||||
|
||||
NO WARRANTY
|
||||
|
||||
11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
|
||||
FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
|
||||
OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
|
||||
PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
|
||||
OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
|
||||
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
|
||||
TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
|
||||
PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
|
||||
REPAIR OR CORRECTION.
|
||||
|
||||
12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
|
||||
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
|
||||
REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
|
||||
INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
|
||||
OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
|
||||
TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
|
||||
YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
|
||||
PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
|
||||
POSSIBILITY OF SUCH DAMAGES.
|
||||
|
||||
END OF TERMS AND CONDITIONS
|
||||
|
||||
How to Apply These Terms to Your New Programs
|
||||
|
||||
If you develop a new program, and you want it to be of the greatest
|
||||
possible use to the public, the best way to achieve this is to make it
|
||||
free software which everyone can redistribute and change under these terms.
|
||||
|
||||
To do so, attach the following notices to the program. It is safest
|
||||
to attach them to the start of each source file to most effectively
|
||||
convey the exclusion of warranty; and each file should have at least
|
||||
the "copyright" line and a pointer to where the full notice is found.
|
||||
|
||||
<one line to give the program's name and a brief idea of what it does.>
|
||||
Copyright (C) 19yy <name of author>
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 2 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program; if not, write to the Free Software
|
||||
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||
|
||||
|
||||
Also add information on how to contact you by electronic and paper mail.
|
||||
|
||||
If the program is interactive, make it output a short notice like this
|
||||
when it starts in an interactive mode:
|
||||
|
||||
Gnomovision version 69, Copyright (C) 19yy name of author
|
||||
Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
|
||||
This is free software, and you are welcome to redistribute it
|
||||
under certain conditions; type `show c' for details.
|
||||
|
||||
The hypothetical commands `show w' and `show c' should show the appropriate
|
||||
parts of the General Public License. Of course, the commands you use may
|
||||
be called something other than `show w' and `show c'; they could even be
|
||||
mouse-clicks or menu items--whatever suits your program.
|
||||
|
||||
You should also get your employer (if you work as a programmer) or your
|
||||
school, if any, to sign a "copyright disclaimer" for the program, if
|
||||
necessary. Here is a sample; alter the names:
|
||||
|
||||
Yoyodyne, Inc., hereby disclaims all copyright interest in the program
|
||||
`Gnomovision' (which makes passes at compilers) written by James Hacker.
|
||||
|
||||
<signature of Ty Coon>, 1 April 1989
|
||||
Ty Coon, President of Vice
|
||||
|
||||
This General Public License does not permit incorporating your program into
|
||||
proprietary programs. If your program is a subroutine library, you may
|
||||
consider it more useful to permit linking proprietary applications with the
|
||||
library. If this is what you want to do, use the GNU Library General
|
||||
Public License instead of this License.
|
|
@ -0,0 +1,21 @@
|
|||
#!/usr/bin/perl -w
|
||||
|
||||
use esmith::Build::CreateLinks qw(:all);
|
||||
|
||||
panel_link("userpanelaccess", "manager");
|
||||
|
||||
event_link("conf-userpanelsymlinks", "conf-userpanel", "20");
|
||||
event_link("conf-userpanelsymlinks", "webapps-update", "20");
|
||||
|
||||
foreach my $event (qw/ipasserelle-update bootstrap-ldap-save webapps-update/){
|
||||
event_link("ipasserelle-init-config-domain", "$event", "25");
|
||||
templates2events("/etc/lemonldap-ng/lemonldap-ng-admin.ini", "$event");
|
||||
templates2events("/etc/lemonldap-ng/lemonldap-ng-pki.ini", "$event");
|
||||
}
|
||||
|
||||
# Create language symlinks
|
||||
foreach my $lang qw(bg da de el en-us es et fr he hu id it ja nb
|
||||
nl pl pt pt-br ro ru sl sv th tr zh-cn zh-tw){
|
||||
safe_symlink("/etc/e-smith/locale/$lang/etc/e-smith/web/functions",
|
||||
"root/etc/e-smith/locale/$lang/etc/e-smith/web/panels/user/cgi-bin");
|
||||
}
|
|
@ -0,0 +1,87 @@
|
|||
Summary: iPasserelle User Panel module
|
||||
%define name ipasserelle-userpanel
|
||||
Name: %{name}
|
||||
%define version 0.2.0
|
||||
%define release 1
|
||||
Version: %{version}
|
||||
Release: %{release}%{?dist}
|
||||
License: GPL
|
||||
URL: http://www.ipasserelle.com
|
||||
Group: SMEserver/addon
|
||||
Source: %{name}-%{version}.tar.gz
|
||||
|
||||
BuildArch: noarch
|
||||
BuildRoot: /var/tmp/%{name}-%{version}
|
||||
|
||||
Requires: e-smith-base >= 5.2.0-62
|
||||
Requires: ipasserelle-base
|
||||
Requires: smeserver-lemonldap-ng => 0.1-15
|
||||
Requires: smeserver-webapps-common >= 0.1-10
|
||||
|
||||
BuildRequires: e-smith-devtools
|
||||
|
||||
Obsoletes: smeserver-userpanel
|
||||
Obsoletes: ipasserelle-user-portal
|
||||
Provides: smeserver-userpanel
|
||||
|
||||
%description
|
||||
iPasserelle User Portal provides a user oriented
|
||||
portal where they can set their own settings
|
||||
Admins can also delegate panels to users
|
||||
This module is based on smeserver-userpanel
|
||||
|
||||
%changelog
|
||||
* Tue Nov 12 2013 Daniel Berteaud <daniel@firewall-services.com> 0.2.0-1
|
||||
- Import in GIT
|
||||
|
||||
* Mon Nov 14 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-6
|
||||
- create language symlinks
|
||||
|
||||
* Tue Jul 19 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-5
|
||||
- Move SetEnvIf directives
|
||||
- Add SSO protected access to PHPki
|
||||
- Don't send $cn as header as it prevent access if username contains accent
|
||||
|
||||
* Mon Jul 18 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-4
|
||||
- Rewrite userpanel-navigation (based on the current server-manager's one)
|
||||
|
||||
* Mon Jul 11 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-3
|
||||
- Add httpd-admin handler to the list of handler which need a reload
|
||||
|
||||
* Wed Jul 06 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-2
|
||||
- Expand LL::NG conf also in bootstrap-ldap-save and ipasserelle-update
|
||||
|
||||
* Tue Jun 28 2011 Daniel Berteaud <daniel@firewall-services.com> 0.1-1
|
||||
- initial release (based on smeserver-userpanel-0.9-11)
|
||||
|
||||
|
||||
%prep
|
||||
%setup
|
||||
|
||||
%build
|
||||
perl createlinks
|
||||
|
||||
%{__mkdir_p} root/etc/e-smith/web/panels/user/cgi-bin
|
||||
|
||||
%install
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
(cd root ; find . -depth -print | cpio -dump $RPM_BUILD_ROOT)
|
||||
rm -f %{name}-%{version}-filelist
|
||||
/sbin/e-smith/genfilelist $RPM_BUILD_ROOT > %{name}-%{version}-filelist
|
||||
echo "%doc COPYING" >> %{name}-%{version}-filelist
|
||||
|
||||
%clean
|
||||
cd ..
|
||||
rm -rf %{name}-%{version}
|
||||
|
||||
%pre
|
||||
|
||||
%preun
|
||||
|
||||
%post
|
||||
|
||||
%postun
|
||||
|
||||
%files -f %{name}-%{version}-filelist
|
||||
%defattr(-,root,root)
|
||||
|
|
@ -0,0 +1,26 @@
|
|||
{
|
||||
|
||||
my $llng = $DB->get("lemonldap") ||
|
||||
$DB->new_record("lemonldap", { type => "service" });
|
||||
|
||||
my @soapaccess = split(/[;,]/, ($llng->prop('SoapAllowFrom') || ''));
|
||||
my $internal = $DB->get('InternalInterface')->prop('IPAddress');
|
||||
push @soapaccess, $internal if (!grep {$internal eq $_} @soapaccess);
|
||||
$llng->set_prop('SoapAllowFrom', join(',',@soapaccess));
|
||||
|
||||
# httpd-admin handler
|
||||
my @reload = split(/[;,]/, ($llng->prop('Reload') || ''));
|
||||
my $reloadurl = 'localhost:980=http://localhost:980/lm-reload';
|
||||
push @reload, $reloadurl if (!grep {$reloadurl eq $_} @reload);
|
||||
|
||||
# httpd-pki handler
|
||||
$reloadurl = 'localhost:940=http://localhost:940/lm-reload';
|
||||
my $phpki = $DB->get('httpd-pki');
|
||||
if($phpki){
|
||||
my $status = $phpki->prop('status') || 'disabled';
|
||||
push @reload, $reloadurl if ((!grep {$reloadurl eq $_} @reload) && ($status eq 'enabled'));
|
||||
}
|
||||
|
||||
$llng->set_prop('Reload', join(',',@reload));
|
||||
|
||||
}
|
|
@ -0,0 +1,92 @@
|
|||
#!/usr/bin/perl -w
|
||||
|
||||
#----------------------------------------------------------------------
|
||||
#
|
||||
# Copyright (c) 2001 Daniel van Raay
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation; either version 2 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program; if not, write to the Free Software
|
||||
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||
#----------------------------------------------------------------------
|
||||
|
||||
package esmith;
|
||||
|
||||
use strict;
|
||||
use Errno;
|
||||
use esmith::config;
|
||||
use esmith::util;
|
||||
use esmith::db;
|
||||
|
||||
my %conf;
|
||||
tie %conf, 'esmith::config';
|
||||
|
||||
my %accounts;
|
||||
tie %accounts, 'esmith::config', '/home/e-smith/db/accounts';
|
||||
|
||||
#---------------------------------------------------------------------------
|
||||
# clear and re-create all the user panel symlinks
|
||||
#---------------------------------------------------------------------------
|
||||
|
||||
#clear
|
||||
opendir (DIR, "/etc/e-smith/web/panels/user/cgi-bin/") or
|
||||
die "Can't open directory /etc/e-smith/web/panels/user/cgi-bin/\n";
|
||||
my @symlinks = grep (!/^\./, readdir (DIR));
|
||||
closedir (DIR);
|
||||
|
||||
foreach my $link (@symlinks)
|
||||
{
|
||||
-e "/etc/e-smith/web/panels/user/cgi-bin/$link" && unlink("/etc/e-smith/web/panels/user/cgi-bin/$link");
|
||||
}
|
||||
|
||||
#always link userpanels
|
||||
my %newsymlinks;
|
||||
opendir (DIR, "/etc/e-smith/web/functions/") or
|
||||
die "Can't open directory /etc/e-smith/web/functions/\n";
|
||||
foreach my $userpanels ( grep (/^(userpanel-initial|userpanel-navigation|userpanel-noframes|pleasewait)$/, readdir (DIR)) )
|
||||
{
|
||||
$newsymlinks{$userpanels} = 'Yes';
|
||||
}
|
||||
closedir (DIR);
|
||||
|
||||
#also add needed panels
|
||||
foreach my $user (sort keys %accounts)
|
||||
{
|
||||
my $userAdminPanels = db_get_prop(\%accounts, $user, "AdminPanels");
|
||||
$userAdminPanels = '' if ! defined ($userAdminPanels);
|
||||
|
||||
foreach my $panels (split (/,/, $userAdminPanels))
|
||||
{
|
||||
$newsymlinks{$panels} = 'Yes';
|
||||
}
|
||||
}
|
||||
|
||||
foreach my $link ( sort keys %newsymlinks )
|
||||
{
|
||||
if ( -e "/etc/e-smith/web/functions/$link" &&
|
||||
! -e "/etc/e-smith/web/panels/user/cgi-bin/$link" )
|
||||
{
|
||||
#symlink("../../../functions/$link", "/etc/e-smith/web/panels/user/cgi-bin/$link") ||
|
||||
link("/etc/e-smith/web/functions/$link", "/etc/e-smith/web/panels/user/cgi-bin/$link") ||
|
||||
warn "Couldn't link('functions/$link' to '/etc/e-smith/web/panels/user/cgi-bin/$link'): $!\n";
|
||||
}
|
||||
}
|
||||
|
||||
system("/sbin/e-smith/expand-template /etc/httpd/admin-conf/httpd.conf") == 0
|
||||
or warn ("Error expanding httpd.conf \n");
|
||||
|
||||
#system("/etc/rc.d/init.d/httpd-admin restart") == 0
|
||||
# or warn ("Error occurred restarting httpd-admin \n");
|
||||
esmith::util::backgroundCommand (1, "/usr/local/bin/svc", "-h", "/service/httpd-admin");# == 0
|
||||
|
||||
exit (0);
|
||||
|
|
@ -0,0 +1,51 @@
|
|||
#!/usr/bin/perl -w
|
||||
#----------------------------------------------------------------------
|
||||
# copyright (C) 2011 Firewall-Services
|
||||
# daniel@firewall-services.com
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation; either version 2 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program; if not, write to the Free Software
|
||||
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||
#
|
||||
# Technical support for this program is available from Mitel Networks
|
||||
# Please visit our web site www.mitel.com/sme/ for details.
|
||||
#----------------------------------------------------------------------
|
||||
|
||||
use strict;
|
||||
use warnings;
|
||||
use esmith::DomainsDB;
|
||||
use esmith::ConfigDB;
|
||||
|
||||
my $d = esmith::DomainsDB->open or die "Couldn't open DomainsDB\n";
|
||||
my $c = esmith::ConfigDB->open_ro() or die "Couldn't open ConfigDB\n";
|
||||
|
||||
my $domain = $c->get('DomainName')->value;
|
||||
my $vhost;
|
||||
|
||||
$vhost = $d->get("config.$domain");
|
||||
|
||||
exit (0) if ($vhost);
|
||||
|
||||
$d->new_record("config.$domain",{
|
||||
type => 'domain',
|
||||
Content => 'Primary',
|
||||
Description => "Accès à la configuration de l'iPasserelle",
|
||||
Nameservers => 'internet',
|
||||
TemplatePath => 'UserManagerVirtualHost',
|
||||
Removable => 'no',
|
||||
});
|
||||
|
||||
unless ( system("/sbin/e-smith/signal-event", "domain-create", "config.$domain") == 0 ){
|
||||
die "Failed to create domain ip.$domain\n";
|
||||
}
|
||||
|
|
@ -0,0 +1,4 @@
|
|||
PERMS=0640
|
||||
UID="root"
|
||||
GID="admin"
|
||||
|
|
@ -0,0 +1,4 @@
|
|||
PERMS=0640
|
||||
UID="root"
|
||||
GID="phpki"
|
||||
|
|
@ -0,0 +1,8 @@
|
|||
{
|
||||
my $status = $modPerl{status};
|
||||
|
||||
return "# modPerl disabled" unless ($status and $status eq "enabled");
|
||||
|
||||
return "LoadModule perl_module modules/mod_perl.so";
|
||||
}
|
||||
|
|
@ -0,0 +1,20 @@
|
|||
# Load LemonLDAP::NG Handler
|
||||
PerlOptions +GlobalRequest
|
||||
PerlRequire /var/lib/lemonldap-ng/handler/MyAdminHandler.pm
|
||||
|
||||
# Common error page and security parameters
|
||||
ErrorDocument 403 http://auth.{$DomainName}/?lmError=403
|
||||
ErrorDocument 500 http://auth.{$DomainName}/?lmError=500
|
||||
|
||||
|
||||
# Configuration reload mechanism (only 1 per physical server is
|
||||
# needed): choose your URL to avoid restarting Apache when
|
||||
# configuration change
|
||||
<Location /lm-reload>
|
||||
Order deny,allow
|
||||
Deny from all
|
||||
Allow from localhost
|
||||
PerlHeaderParserHandler My::Package->refresh
|
||||
Satisfy any
|
||||
</Location>
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
|
||||
# Aliases for the e-smith-user panel:
|
||||
|
||||
ScriptAlias /user-manager/cgi-bin /etc/e-smith/web/panels/user/cgi-bin
|
||||
Alias /user-manager /etc/e-smith/web/panels/user/html
|
||||
|
||||
ScriptAlias /user/cgi-bin /etc/e-smith/web/panels/user/cgi-bin
|
||||
Alias /user /etc/e-smith/web/panels/user/html
|
||||
|
|
@ -0,0 +1,76 @@
|
|||
#------------------------------------------------------------
|
||||
# e-smith-user panel
|
||||
#------------------------------------------------------------
|
||||
{
|
||||
use esmith::AccountsDB;
|
||||
my $a = esmith::AccountsDB->open_ro;
|
||||
|
||||
my %panelshash;
|
||||
opendir (DIR, "/etc/e-smith/web/panels/user/cgi-bin")
|
||||
|| die "Can't open /etc/e-smith/web/panels/user/cgi-bin directory.\n";
|
||||
|
||||
my @files = sort (grep (!/(^\.\.?$)|(^pleasewait$)|(^userpanel-[a-z][\-\_a-z0-9]*)/, readdir(DIR)));
|
||||
|
||||
closedir (DIR);
|
||||
|
||||
# TODO: globalPanels
|
||||
# my $globalpanels = db_get_prop(\%accounts, 'globalUP', 'AdminPanels');
|
||||
# $globalpanels = '' if ( ! defined ($globalpanels) );
|
||||
# my @globalpanels = split (/,/, $globalpanels, -1);
|
||||
|
||||
foreach $file (@files){
|
||||
next if ($globalpanels && grep (/^$file$/, @globalpanels));
|
||||
foreach my $user ($a->users){
|
||||
my $key = $user->key;
|
||||
push @{$panelshash{$file}}, $key
|
||||
if ((grep {$file eq $_} split(/[;,]/, ($user->prop('AdminPanels') || '')))
|
||||
&& (!grep {$key eq $_} @{$panelshash{$file}}));
|
||||
}
|
||||
foreach my $group ($a->groups){
|
||||
foreach my $member (split(/[;,]/,($group->prop('Members') || ''))){
|
||||
push @{$panelshash{$file}}, $member
|
||||
if ((grep {$file eq $_} split(/[;,]/, ($group->prop('AdminPanels') || '')))
|
||||
&& (!grep {$member eq $_} @{$panelshash{$file}}));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
$OUT .= <<HERE;
|
||||
|
||||
<Directory \"/etc/e-smith/web/panels/user/html\" >
|
||||
Options Includes Indexes FollowSymLinks
|
||||
AllowOverride None
|
||||
order deny,allow
|
||||
deny from all
|
||||
allow from $localAccess
|
||||
PerlHeaderParserHandler My::Package
|
||||
Satisfy all
|
||||
</Directory>
|
||||
|
||||
<Directory \"/etc/e-smith/web/panels/user/cgi-bin\" >
|
||||
Options Includes Indexes FollowSymLinks
|
||||
AllowOverride None
|
||||
order deny,allow
|
||||
deny from all
|
||||
allow from $localAccess
|
||||
PerlHeaderParserHandler My::Package
|
||||
Satisfy all
|
||||
|
||||
HERE
|
||||
|
||||
foreach my $file (@files){
|
||||
next unless ( defined ($panelshash{$file}) );
|
||||
foreach my $u (@{$panelshash{$file}}){
|
||||
$OUT .= " SetEnvIf Auth-User \"$u\" allow_$file\n";
|
||||
}
|
||||
$OUT .= "\n";
|
||||
$OUT .= " <Files $file>\n";
|
||||
$OUT .= " order deny,allow\n";
|
||||
$OUT .= " deny from all\n";
|
||||
$OUT .= " allow from env=allow_$file\n";
|
||||
$OUT .= " </Files>\n";
|
||||
}
|
||||
|
||||
$OUT .= "</Directory>\n";
|
||||
}
|
||||
|
|
@ -0,0 +1,10 @@
|
|||
{
|
||||
use esmith::DomainsDB;
|
||||
# Convert the passed hash for the domain object back into an object.
|
||||
$domain = bless \%domain, 'esmith::DB::db::Record';
|
||||
|
||||
# Make scalars from some of the properties of the domain
|
||||
$virtualHost = $domain->key;
|
||||
$OUT = "";
|
||||
}
|
||||
|
|
@ -0,0 +1 @@
|
|||
ServerName {$virtualHost}
|
|
@ -0,0 +1,15 @@
|
|||
{
|
||||
my $ssl = $domain->prop('RequireSSL') || 'disabled';
|
||||
|
||||
if (($modSSL{TCPPort} || "443") eq $port){
|
||||
$OUT .= " SSLEngine on\n";
|
||||
}
|
||||
else {
|
||||
$OUT .=<<'EOF';
|
||||
RewriteEngine on
|
||||
RewriteRule ^/(.*|$) https://%{HTTP_HOST}/$1 [L,R]
|
||||
|
||||
EOF
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,8 @@
|
|||
{
|
||||
$OUT =<<'HERE';
|
||||
RewriteEngine on
|
||||
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
|
||||
RewriteRule .* - [F]
|
||||
HERE
|
||||
}
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
# alias for Apache icons
|
||||
Alias /icons/ /var/www/icons/
|
||||
|
|
@ -0,0 +1,18 @@
|
|||
{
|
||||
|
||||
$OUT .=<<"EOF";
|
||||
|
||||
ProxyPreserveHost on
|
||||
RewriteEngine on
|
||||
RewriteRule (^/(user/cgi-bin/.*)|(user-manager(.*)?)|(server-common/.*))\$ http://localhost:980/\$1 [P,L]
|
||||
RewriteRule ^/phpki(sso)?(/.*)\$ http://localhost:940/phpkisso\$2 [P,L]
|
||||
|
||||
<Location />
|
||||
Order deny,allow
|
||||
Deny from all
|
||||
Allow from $localAccess $externalSSLAccess
|
||||
</Location>
|
||||
|
||||
EOF
|
||||
|
||||
}
|
|
@ -0,0 +1,3 @@
|
|||
|
||||
<VirtualHost {$ipAddress}:{$port}>
|
||||
|
|
@ -0,0 +1,2 @@
|
|||
</VirtualHost>
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
{
|
||||
# vim: ft=perl:
|
||||
|
||||
$OUT = '';
|
||||
foreach $place ('user-manager','user')
|
||||
{
|
||||
$OUT .= " RewriteRule ^/$place(/.*|\$) https://config.$DomainName/$place\$1 [L,R]\n";
|
||||
}
|
||||
}
|
|
@ -0,0 +1,8 @@
|
|||
{
|
||||
my $status = $modPerl{status};
|
||||
|
||||
return "# modPerl disabled" unless ($status and $status eq "enabled");
|
||||
|
||||
return "LoadModule perl_module modules/mod_perl.so";
|
||||
}
|
||||
|
|
@ -0,0 +1,19 @@
|
|||
# Load LemonLDAP::NG Handler
|
||||
PerlOptions +GlobalRequest
|
||||
PerlRequire /var/lib/lemonldap-ng/handler/MyPkiHandler.pm
|
||||
|
||||
# Common error page and security parameters
|
||||
ErrorDocument 403 http://auth.{$DomainName}/?lmError=403
|
||||
ErrorDocument 500 http://auth.{$DomainName}/?lmError=500
|
||||
|
||||
|
||||
# Configuration reload mechanism (only 1 per physical server is
|
||||
# needed): choose your URL to avoid restarting Apache when
|
||||
# configuration change
|
||||
<Location /lm-reload>
|
||||
Order deny,allow
|
||||
Deny from all
|
||||
Allow from localhost
|
||||
PerlHeaderParserHandler My::Package->refresh
|
||||
</Location>
|
||||
|
|
@ -0,0 +1,16 @@
|
|||
|
||||
Alias /phpkisso /opt/phpki/html/
|
||||
|
||||
<Location /phpkisso/ca>
|
||||
PerlHeaderParserHandler My::Package
|
||||
{
|
||||
my @users = split(/\s/, getUsersList("phpki"));
|
||||
foreach my $u (@users){
|
||||
$OUT .= " SetEnvIf Auth-User \"$u\" allow_phpki\n";
|
||||
}
|
||||
}
|
||||
order deny,allow
|
||||
deny from all
|
||||
allow from env=allow_phpki
|
||||
</Location>
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
[all]
|
||||
|
||||
[configuration]
|
||||
type = SOAP
|
||||
proxy = https://lemonsoap:{$lemonldap{'SoapPassword'};}@soapsso.{$DomainName}/index.pl/config
|
||||
proxyOptions = \{ timeout => 5 \}
|
||||
localStorage=Cache::FileCache
|
||||
localStorageOptions=\{ 'namespace' => 'LemonLDAPngAdmin', 'default_expires_in' => 600, 'directory_umask' => '007', 'cache_root' => '/tmp', 'cache_depth' => 5, \}
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
[all]
|
||||
|
||||
[configuration]
|
||||
type = SOAP
|
||||
proxy = https://lemonsoap:{$lemonldap{'SoapPassword'};}@soapsso.{$DomainName}/index.pl/config
|
||||
proxyOptions = \{ timeout => 5 \}
|
||||
localStorage=Cache::FileCache
|
||||
localStorageOptions=\{ 'namespace' => 'LemonLDAPngPki', 'default_expires_in' => 600, 'directory_umask' => '007', 'cache_root' => '/tmp', 'cache_depth' => 5, \}
|
||||
|
|
@ -0,0 +1,25 @@
|
|||
{
|
||||
|
||||
$conf->{'locationRules'}->{"config.$domain"} = {
|
||||
'(?#001common)^/server-common' => 'unprotect',
|
||||
'(?#010phpki)^/phpkisso/ca' => '$groups =~ /\\b(equipe|admins)\\b/ and ($localAccess or $externalSSLAccess)',
|
||||
'default' => 'deny',
|
||||
'(?#005usermanager)^/user(/cgi\\-bin/|\\-manager)' => '$groups =~ /\\b(equipe|admins)\\b/ and ($localAccess or $externalSSLAccess)'
|
||||
} unless $conf->{'locationRules'}->{"config.$domain"};
|
||||
|
||||
$conf->{'exportedHeaders'}->{"config.$domain"} = {
|
||||
'Auth-User' => '$uid',
|
||||
} unless $conf->{'exportedHeaders'}->{"config.$domain"};
|
||||
|
||||
$conf->{'applicationList'}->{'020utils'}->{'usermanager'} = {
|
||||
'options' => {
|
||||
'logo' => 'configure.png',
|
||||
'name' => 'Configuration',
|
||||
'description' => 'Configuration iPasserelle',
|
||||
'uri' => "https://config.$domain/user-manager",
|
||||
'display' => 'auto'
|
||||
},
|
||||
'type' => 'application'
|
||||
} unless $conf->{'applicationList'}->{'020utils'}->{'usermanager'};
|
||||
|
||||
}
|
Binary file not shown.
After Width: | Height: | Size: 14 KiB |
|
@ -0,0 +1,83 @@
|
|||
#!/usr/bin/perl -wT
|
||||
|
||||
#----------------------------------------------------------------------
|
||||
#
|
||||
# Copyright (c) 2011-2013 Firewall-Services
|
||||
# daniel@firewall-services.com
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation; either version 2 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program; if not, write to the Free Software
|
||||
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||
#----------------------------------------------------------------------
|
||||
|
||||
package esmith;
|
||||
|
||||
use strict;
|
||||
use CGI ':all';
|
||||
use CGI::Carp qw(fatalsToBrowser);
|
||||
|
||||
BEGIN
|
||||
{
|
||||
# Clear PATH and related environment variables so that calls to
|
||||
# external programs do not cause results to be tainted. See
|
||||
# "perlsec" manual page for details.
|
||||
|
||||
$ENV {'PATH'} = '';
|
||||
$ENV {'SHELL'} = '/bin/bash';
|
||||
delete $ENV {'ENV'};
|
||||
}
|
||||
|
||||
$CGI::POST_MAX=1024 * 100; # max 100K posts
|
||||
$CGI::DISABLE_UPLOADS = 1; # no uploads
|
||||
|
||||
my $q = new CGI;
|
||||
|
||||
print $q->header (-EXPIRES => '+-20y', charset => 'UTF-8');
|
||||
|
||||
print $q->start_html (-TITLE => 'Portail de configuration iPasserelle',
|
||||
-AUTHOR => 'daniel@firewall-services.com',
|
||||
-META => {'copyright' => 'Copyright 2011-2013 Firewall-Services'},
|
||||
-CLASS => "main",
|
||||
-STYLE => {
|
||||
-code => '@import url("/server-common/css/sme_main.css");',
|
||||
-src => '/server-common/css/sme_core.css'
|
||||
});
|
||||
|
||||
|
||||
my $user = $ENV{'REMOTE_USER'};
|
||||
my $name = $ENV{'HTTP_USER_NAME'} || $user;
|
||||
|
||||
print $q->h1("Portail de configuration iPasserelle");
|
||||
print $q->h2("Bienvenue $name");
|
||||
|
||||
print <<"EOF";
|
||||
<p><p>
|
||||
Vous pouvez modifier les paramètres de votre compte
|
||||
en cliquant sur les différents menus sur la gauche.
|
||||
<ul>
|
||||
<center>
|
||||
<img src=/server-common/ipasserelle_logo.jpg><p>
|
||||
</center>
|
||||
|
||||
EOF
|
||||
|
||||
print $q->endform;
|
||||
|
||||
print $q->p
|
||||
($q->hr ({-CLASS => "sme-copyrightbar"}),
|
||||
$q->div ({-CLASS => "sme-copyright"},
|
||||
"Portail de configuration iPasserelle<BR>" .
|
||||
"Copyright 2011-2013 Firewall-Services.<BR>"));
|
||||
print '</DIV>';
|
||||
print $q->end_html;
|
||||
|
|
@ -0,0 +1,313 @@
|
|||
#!/usr/bin/perl -wT
|
||||
|
||||
#----------------------------------------------------------------------
|
||||
# User manager functions: navigation
|
||||
#
|
||||
# copyright (C) 2011 Firewall Services
|
||||
# daniel@firewall-services.com
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation; either version 2 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program; if not, write to the Free Software
|
||||
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||
#
|
||||
#----------------------------------------------------------------------
|
||||
package esmith;
|
||||
|
||||
use strict;
|
||||
use CGI ':no_xhtml', ':all';
|
||||
use CGI::Carp qw(fatalsToBrowser);
|
||||
|
||||
use esmith::cgi;
|
||||
use esmith::config;
|
||||
use esmith::AccountsDB;
|
||||
use esmith::NavigationDB;
|
||||
use esmith::util;
|
||||
use esmith::I18N;
|
||||
|
||||
sub showNavigation ($);
|
||||
|
||||
BEGIN
|
||||
{
|
||||
# Clear PATH and related environment variables so that calls to
|
||||
# external programs do not cause results to be tainted. See
|
||||
# "perlsec" manual page for details.
|
||||
|
||||
$ENV {'PATH'} = '';
|
||||
$ENV {'SHELL'} = '/bin/bash';
|
||||
delete $ENV {'ENV'};
|
||||
}
|
||||
|
||||
esmith::util::setRealToEffective ();
|
||||
|
||||
$CGI::POST_MAX=1024 * 100; # max 100K posts
|
||||
$CGI::DISABLE_UPLOADS = 1; # no uploads
|
||||
|
||||
# Use the one script for navigation and noframes
|
||||
my $NO_FRAMES = ($0 =~ /noframes/);
|
||||
|
||||
my %conf;
|
||||
tie %conf, 'esmith::config';
|
||||
|
||||
my $accdb = esmith::AccountsDB->open_ro || die "Couldn't open AccountsDB\n";
|
||||
|
||||
my $q = new CGI;
|
||||
|
||||
showNavigation ($q);
|
||||
exit (0);
|
||||
|
||||
#------------------------------------------------------------
|
||||
# subroutine to display navigation bar
|
||||
#------------------------------------------------------------
|
||||
|
||||
sub showNavigation ($)
|
||||
{
|
||||
my $q = shift;
|
||||
|
||||
# enable utf8 binmode so new translations work
|
||||
binmode STDOUT, ":utf8";
|
||||
|
||||
my $acctName = $ENV{'REMOTE_USER'};
|
||||
my $user = $accdb->get($acctName) || die "User $acctName not found in AccountsDB\n";
|
||||
my $availablePanels = $user->prop('AdminPanels') || '';
|
||||
foreach ($accdb->user_group_list($acctName)){
|
||||
my $group = $accdb->get($_) || die "Group $_ not found in AccountsDB\n";
|
||||
$availablePanels .= ',' . ($group->prop('AdminPanels') || '');
|
||||
}
|
||||
my $glob = $accdb->get('globalUP');
|
||||
my $globalPanels = $glob->prop('AdminPanels') || '';
|
||||
|
||||
my @adminpanels;
|
||||
if ( defined ($availablePanels) && defined ($globalPanels) )
|
||||
{
|
||||
@adminpanels = ((split (/,/, $availablePanels, -1)),(split (/,/, $globalPanels, -1)));
|
||||
}
|
||||
elsif ( defined ($globalPanels) )
|
||||
{
|
||||
@adminpanels = split (/,/, $globalPanels, -1);
|
||||
}
|
||||
elsif ( defined ($availablePanels) )
|
||||
{
|
||||
@adminpanels = split (/,/, $availablePanels, -1);
|
||||
}
|
||||
|
||||
# Use this variable throughout to keep track of files
|
||||
# list of just the files
|
||||
my $c = "1";
|
||||
my @files = ();
|
||||
my %files_hash = ();
|
||||
|
||||
#-----------------------------------------------------
|
||||
# Determine the directory where the functions are kept
|
||||
#-----------------------------------------------------
|
||||
|
||||
my $navigation_ignore =
|
||||
"(\.\.?|navigation|noframes|online-manual|(internal|pleasewait)(-.*)?)";
|
||||
|
||||
my $cgidir = '/etc/e-smith/web/panels/user/cgi-bin/';
|
||||
|
||||
if (opendir (DIR, $cgidir))
|
||||
{
|
||||
@files = grep (!/^(\..*|userpanel-navigation|userpanel-noframes|userpanel-initial|pleasewait)$/,
|
||||
readdir (DIR));
|
||||
closedir (DIR);
|
||||
}
|
||||
else
|
||||
{
|
||||
warn "Can't open directory $cgidir\n";
|
||||
}
|
||||
|
||||
foreach my $file (@files)
|
||||
{
|
||||
foreach my $adminpanel (@adminpanels)
|
||||
{
|
||||
if ( $file eq $adminpanel )
|
||||
{
|
||||
$files_hash{$file} = $cgidir;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#--------------------------------------------------
|
||||
# For each script, extract the description and category
|
||||
# information. Build up an associative array mapping headings
|
||||
# to heading structures. Each heading structure contains the
|
||||
# total weight for the heading, the number of times the heading
|
||||
# has been encountered, and another associative array mapping
|
||||
# descriptions to description structures. Each description
|
||||
# structure contains the filename of the particular cgi script
|
||||
# and a weight.
|
||||
#--------------------------------------------------
|
||||
my %nav = ();
|
||||
|
||||
use constant NAVIGATIONDIR => '/home/e-smith/db/navigation';
|
||||
use constant WEBFUNCTIONS => '/etc/e-smith/web/functions';
|
||||
|
||||
my $i18n = new esmith::I18N;
|
||||
|
||||
my $language = $i18n->preferredLanguage( $ENV{HTTP_ACCEPT_LANGUAGE} );
|
||||
|
||||
my $navinfo = NAVIGATIONDIR . "/navigation.$language";
|
||||
|
||||
my $navdb = esmith::NavigationDB->open_ro( $navinfo ) or
|
||||
die "Couldn't open $navinfo\n";
|
||||
|
||||
# Check the navdb for anything with a UrlPath, which means that it doesn't
|
||||
# have a cgi file to be picked up by the above code. Ideally, only pages
|
||||
# that exist should be in the db, but that's not the case. Anything
|
||||
# without a cgi file will have to remove themselves on uninstall from the
|
||||
# navigation dbs.
|
||||
foreach my $rec ($navdb->get_all)
|
||||
{
|
||||
if ($rec->prop('UrlPath'))
|
||||
{
|
||||
$files_hash{$rec->{key}} = $cgidir;
|
||||
}
|
||||
}
|
||||
|
||||
foreach my $file (keys %files_hash)
|
||||
{
|
||||
my $heading = 'Unknown';
|
||||
my $description = $file;
|
||||
my $headingWeight = 99999;
|
||||
my $descriptionWeight = 99999;
|
||||
my $urlpath = '';
|
||||
|
||||
my $rec = $navdb->get($file);
|
||||
|
||||
if (defined $rec)
|
||||
{
|
||||
$heading = $rec->prop('Heading');
|
||||
$description = $rec->prop('Description');
|
||||
$headingWeight = $rec->prop('HeadingWeight');
|
||||
$descriptionWeight = $rec->prop('DescriptionWeight');
|
||||
$urlpath = $rec->prop('UrlPath') || '';
|
||||
}
|
||||
|
||||
#--------------------------------------------------
|
||||
# add heading, description and weight information to data structure
|
||||
#--------------------------------------------------
|
||||
|
||||
unless (exists $nav {$heading})
|
||||
{
|
||||
$nav {$heading} = { COUNT => 0, WEIGHT => 0, DESCRIPTIONS => [] };
|
||||
}
|
||||
|
||||
$nav {$heading} {'COUNT'} ++;
|
||||
$nav {$heading} {'WEIGHT'} += $headingWeight;
|
||||
|
||||
# Check for manager panel, and assign the appropriate
|
||||
# cgi-bin prefix for the links.
|
||||
# Grab the last 2 directories by splitting for '/'s and
|
||||
# then concatenating the last 2
|
||||
# probably a better way, but I don't know it.
|
||||
my @filename = split /\//, $files_hash{$file};
|
||||
my $path = ($cgidir eq '/etc/e-smith/web/panels/user/cgi-bin/') ?
|
||||
"/$filename[scalar @filename - 1]" :
|
||||
"/$filename[scalar @filename - 2]/$filename[scalar @filename - 1]";
|
||||
|
||||
push @{ $nav {$heading} {'DESCRIPTIONS'} },
|
||||
{ DESCRIPTION => $description,
|
||||
WEIGHT => $descriptionWeight,
|
||||
FILENAME => $urlpath ? $urlpath : "$path/$file",
|
||||
CGIPATH => $path
|
||||
};
|
||||
}
|
||||
|
||||
#--------------------------------------------------
|
||||
# generate list of headings sorted by average weight
|
||||
#--------------------------------------------------
|
||||
if ( $NO_FRAMES )
|
||||
{
|
||||
esmith::cgi::genNoframesHeader ($q);
|
||||
}
|
||||
else
|
||||
{
|
||||
esmith::cgi::genNavigationHeader ($q, undef);
|
||||
print "\n<TABLE BORDER=\"0\" CELLSPACING=\"0\" CELLPADDING=\"0\">\n";
|
||||
}
|
||||
|
||||
print '<script language="JavaScript" type="text/javascript">
|
||||
<!-- Hide script
|
||||
//This swap the class of the selected item.
|
||||
function swapClass() {
|
||||
var i,x,tB,j=0,tA=new Array(),arg=swapClass.arguments;
|
||||
if(document.getElementsByTagName){for(i=4;i<arg.length;i++){tB=document.getElementsByTagName(arg[i]);
|
||||
for(x=0;x<tB.length;x++){tA[j]=tB[x];j++;}}for(i=0;i<tA.length;i++){
|
||||
if(tA[i].className){if(tA[i].id==arg[1]){if(arg[0]==1){
|
||||
tA[i].className=(tA[i].className==arg[3])?arg[2]:arg[3];}else{tA[i].className=arg[2];}
|
||||
}else if(arg[0]==1 && arg[1]==\'none\'){if(tA[i].className==arg[2] || tA[i].className==arg[3]){
|
||||
tA[i].className=(tA[i].className==arg[3])?arg[2]:arg[3];}
|
||||
}else if(tA[i].className==arg[2]){tA[i].className=arg[3];}}}}}
|
||||
';
|
||||
print "
|
||||
//This swap the class of the selected item.
|
||||
function swapClasses() {
|
||||
var arg=swapClasses.arguments;
|
||||
swapClass(0,'none','item-current','item','a');
|
||||
swapClass(0,'none','warn-current','warn','a');
|
||||
swapClass(0,arg[0],'item-current','item','a');
|
||||
}
|
||||
|
||||
// End script hiding -->
|
||||
</script>
|
||||
";
|
||||
|
||||
foreach my $h (sort {
|
||||
($nav{$a}{'WEIGHT'}/$nav{$a}{'COUNT'}) <=>
|
||||
($nav{$b}{'WEIGHT'}/$nav{$b}{'COUNT'}) } keys %nav)
|
||||
{
|
||||
if ( $NO_FRAMES )
|
||||
{
|
||||
print $q->h2 ($h);
|
||||
}
|
||||
else
|
||||
{
|
||||
print "\n", $q->Tr ($q->td({class => "section"},$q->span({class => "section"}, $h)));
|
||||
}
|
||||
|
||||
#--------------------------------------------------
|
||||
# generate list of descriptions sorted by weight
|
||||
#--------------------------------------------------
|
||||
print "<ul>\n" if ( $NO_FRAMES );
|
||||
|
||||
foreach (sort { $a->{'WEIGHT'} <=> $b->{'WEIGHT'} } @{$nav {$h}{'DESCRIPTIONS'}})
|
||||
{
|
||||
my $href = "/user-manager" . $_->{'FILENAME'};
|
||||
if ( $NO_FRAMES )
|
||||
{
|
||||
print $q->li ($q->a ({href => "$href?noframes=1"}, $_->{'DESCRIPTION'}));
|
||||
}
|
||||
else
|
||||
{
|
||||
print "\n",$q->Tr(
|
||||
$q->td ({-class => "menu-cell"},
|
||||
$q->a ({-id => "sme$c",
|
||||
-class => "item",
|
||||
-onClick => "swapClasses('sme$c')",
|
||||
href => $href,
|
||||
target => 'main'},
|
||||
$_->{'DESCRIPTION'})
|
||||
));
|
||||
}
|
||||
$c++;
|
||||
|
||||
}
|
||||
print "</ul>\n" if ($NO_FRAMES);
|
||||
}
|
||||
|
||||
unless ( $NO_FRAMES )
|
||||
{
|
||||
print "\n</TABLE>\n";
|
||||
esmith::cgi::genNavigationFooter ($q);
|
||||
}
|
||||
}
|
|
@ -0,0 +1,268 @@
|
|||
#!/usr/bin/perl -wT
|
||||
|
||||
#----------------------------------------------------------------------
|
||||
# user manager functions: noframes
|
||||
#
|
||||
# Copyright (c) 2001 Daniel van Raay <danielvr@caa.org.au>
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation; either version 2 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program; if not, write to the Free Software
|
||||
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||
#----------------------------------------------------------------------
|
||||
|
||||
package esmith;
|
||||
|
||||
use strict;
|
||||
use CGI ':all';
|
||||
use CGI::Carp qw(fatalsToBrowser);
|
||||
|
||||
use esmith::cgi;
|
||||
use esmith::config;
|
||||
use esmith::util;
|
||||
use esmith::db;
|
||||
use esmith::AccountsDB;
|
||||
|
||||
sub showNavigation ($);
|
||||
sub byweight;
|
||||
|
||||
BEGIN
|
||||
{
|
||||
# Clear PATH and related environment variables so that calls to
|
||||
# external programs do not cause results to be tainted. See
|
||||
# "perlsec" manual page for details.
|
||||
|
||||
$ENV {'PATH'} = '';
|
||||
$ENV {'SHELL'} = '/bin/bash';
|
||||
delete $ENV {'ENV'};
|
||||
}
|
||||
|
||||
esmith::util::setRealToEffective ();
|
||||
|
||||
$CGI::POST_MAX=1024 * 100; # max 100K posts
|
||||
$CGI::DISABLE_UPLOADS = 1; # no uploads
|
||||
|
||||
my %conf;
|
||||
tie %conf, 'esmith::config';
|
||||
|
||||
my %accounts;
|
||||
tie %accounts, 'esmith::config', '/home/e-smith/db/accounts';
|
||||
|
||||
my $a = esmith::AccountsDB->open_ro || die "Error opening AccountsDB\n";
|
||||
|
||||
my $q = new CGI;
|
||||
|
||||
showNavigation ($q);
|
||||
exit (0);
|
||||
|
||||
|
||||
#------------------------------------------------------------
|
||||
# subroutine to display navigation bar
|
||||
#------------------------------------------------------------
|
||||
|
||||
sub showNavigation ($)
|
||||
{
|
||||
my $q = shift;
|
||||
|
||||
esmith::cgi::genNoframesHeader ($q);
|
||||
|
||||
my $acctName = $ENV{'REMOTE_USER'};
|
||||
my $user = $a->get($acctName) || die "User $acctName not found in AccountsDB\n";
|
||||
my $availablePanels = $user->prop('AdminPanels') || '';
|
||||
foreach ($a->user_group_list($acctName)){
|
||||
my $group = $a->get($_) || die "Group $_ not found in AccountsDB\n";
|
||||
$availablePanels .= ','.$group->prop('AdminPanels') || '';
|
||||
}
|
||||
my $glob = $a->get('globalUP');
|
||||
my $globalPanels = $glob->prop('AdminPanels') || '';
|
||||
|
||||
my @adminpanels;
|
||||
if ( defined ($availablePanels) && defined ($globalPanels) )
|
||||
{
|
||||
@adminpanels = ((split (/,/, $availablePanels, -1)),(split (/,/, $globalPanels, -1)));
|
||||
}
|
||||
elsif ( defined ($globalPanels) )
|
||||
{
|
||||
@adminpanels = split (/,/, $globalPanels, -1);
|
||||
}
|
||||
elsif ( defined ($availablePanels) )
|
||||
{
|
||||
@adminpanels = split (/,/, $availablePanels, -1);
|
||||
}
|
||||
|
||||
# Use this variable throughout to keep track of files
|
||||
# list of just the files
|
||||
my @files = ();
|
||||
my %files_hash = ();
|
||||
|
||||
#-----------------------------------------------------
|
||||
# Determine the directory where the functions are kept
|
||||
# match available panels with delegated panels to this user
|
||||
#-----------------------------------------------------
|
||||
|
||||
my $cgidir = '/etc/e-smith/web/panels/user/cgi-bin/';
|
||||
|
||||
if (opendir (DIR, $cgidir))
|
||||
{
|
||||
@files = grep (!/^(\..*|userpanel-navigation|userpanel-noframes|userpanel-initial|pleasewait)$/,
|
||||
readdir (DIR));
|
||||
closedir (DIR);
|
||||
}
|
||||
else
|
||||
{
|
||||
warn "Can't open directory $cgidir\n";
|
||||
}
|
||||
|
||||
foreach my $file (@files)
|
||||
{
|
||||
foreach my $adminpanel (@adminpanels)
|
||||
{
|
||||
if ( $file eq $adminpanel )
|
||||
{
|
||||
$files_hash{$file} = $cgidir;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#--------------------------------------------------
|
||||
# For each script, extract the description and category
|
||||
# information. Build up an associative array mapping headings
|
||||
# to heading structures. Each heading structure contains the
|
||||
# total weight for the heading, the number of times the heading
|
||||
# has been encountered, and another associative array mapping
|
||||
# descriptions to description structures. Each description
|
||||
# structure contains the filename of the particular cgi script
|
||||
# and a weight.
|
||||
#--------------------------------------------------
|
||||
|
||||
my %nav = ();
|
||||
|
||||
foreach my $file (keys %files_hash)
|
||||
{
|
||||
#--------------------------------------------------
|
||||
# extract heading, description and weight information
|
||||
# from CGI script
|
||||
#--------------------------------------------------
|
||||
my $heading = "Unknown";
|
||||
my $headingWeight = 0;
|
||||
|
||||
my $description = "Unknown";
|
||||
my $descriptionWeight = 0;
|
||||
|
||||
unless (open (RD, "$files_hash{$file}/$file"))
|
||||
{
|
||||
warn "Can't open file $files_hash{$file}/$file: $!\n";
|
||||
next;
|
||||
}
|
||||
|
||||
while (<RD>)
|
||||
{
|
||||
if (/^\s*#\s*heading\s*:\s*(.+?)\s*$/)
|
||||
{
|
||||
$heading = $1;
|
||||
}
|
||||
|
||||
if (/^\s*#\s*description\s*:\s*(.+?)\s*$/)
|
||||
{
|
||||
$description = $1;
|
||||
}
|
||||
|
||||
if (/^\s*#\s*navigation\s*:\s*(\d+?)\s+(\d+?)\s*$/)
|
||||
{
|
||||
$headingWeight = $1;
|
||||
$descriptionWeight = $2;
|
||||
}
|
||||
last if ($heading ne "Unknown" && $headingWeight && $description ne "Unknown" && $descriptionWeight);
|
||||
}
|
||||
close RD;
|
||||
|
||||
#--------------------------------------------------
|
||||
# add heading, description and weight information to data structure
|
||||
#--------------------------------------------------
|
||||
|
||||
unless (exists $nav {$heading})
|
||||
{
|
||||
$nav {$heading} = { COUNT => 0, WEIGHT => 0, DESCRIPTIONS => [] };
|
||||
}
|
||||
|
||||
$nav {$heading} {'COUNT'} ++;
|
||||
$nav {$heading} {'WEIGHT'} += $headingWeight;
|
||||
|
||||
# Check for manager panel, and assign the appropriate
|
||||
# cgi-bin prefix for the links.
|
||||
# Grab the last 2 directories by splitting for '/'s and
|
||||
# then concatenating the last 2
|
||||
# probably a better way, but I don't know it.
|
||||
my @filename = split /\//, $files_hash{$file};
|
||||
my $path = "/user-manager/$filename[scalar @filename - 1]";
|
||||
|
||||
push @{ $nav {$heading} {'DESCRIPTIONS'} },
|
||||
{ DESCRIPTION => $description,
|
||||
WEIGHT => $descriptionWeight,
|
||||
FILENAME => "$path/$file",
|
||||
CGIPATH => $path
|
||||
};
|
||||
}
|
||||
|
||||
#--------------------------------------------------
|
||||
# generate list of headings sorted by average weight
|
||||
#--------------------------------------------------
|
||||
|
||||
my @unsortedheadings = keys %nav;
|
||||
|
||||
my $h;
|
||||
local @esmith::weights = ();
|
||||
foreach $h (@unsortedheadings)
|
||||
{
|
||||
push (@esmith::weights, ($nav {$h} {'WEIGHT'} / $nav {$h} {'COUNT'}));
|
||||
}
|
||||
|
||||
my @sortedheadings = @unsortedheadings [sort byweight $[..$#unsortedheadings];
|
||||
|
||||
foreach $h (@sortedheadings)
|
||||
{
|
||||
print $q->h2 ($h);
|
||||
|
||||
#--------------------------------------------------
|
||||
# generate list of descriptions sorted by weight
|
||||
#--------------------------------------------------
|
||||
|
||||
my @unsorteddescriptions = @{ $nav {$h} {'DESCRIPTIONS'} };
|
||||
|
||||
my $d;
|
||||
@esmith::weights = ();
|
||||
foreach $d (@unsorteddescriptions)
|
||||
{
|
||||
push (@esmith::weights, $d->{'WEIGHT'});
|
||||
}
|
||||
|
||||
my @indices = sort byweight $[..$#unsorteddescriptions;
|
||||
|
||||
print "<ul>\n";
|
||||
|
||||
my $i;
|
||||
foreach $i (@indices)
|
||||
{
|
||||
my $href = $unsorteddescriptions [$i]->{'FILENAME'};
|
||||
print $q->li ($q->a ({href => $href}, $unsorteddescriptions [$i]->{'DESCRIPTION'}));
|
||||
|
||||
}
|
||||
print "</ul>\n";
|
||||
}
|
||||
|
||||
esmith::cgi::genNavigationFooter ($q);
|
||||
}
|
||||
|
||||
sub byweight
|
||||
{
|
||||
$esmith::weights [$a] <=> $esmith::weights [$b];
|
||||
}
|
|
@ -0,0 +1,411 @@
|
|||
#!/usr/bin/perl -wT
|
||||
|
||||
#----------------------------------------------------------------------
|
||||
# heading : Security
|
||||
# description : User Panel Access
|
||||
# navigation : 1000 1300
|
||||
#
|
||||
# Copyright (c) 2001 Daniel van Raay <danielvr@caa.org.au>
|
||||
# Modified (c) 2002 Stephen Noble <stephen@dungog.net>
|
||||
# Modified (c) 2002 Shad L. Lords <slords@mail.com>
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation; either version 2 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with this program; if not, write to the Free Software
|
||||
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||
#----------------------------------------------------------------------
|
||||
|
||||
package esmith;
|
||||
|
||||
use strict;
|
||||
use CGI ':all';
|
||||
use CGI::Carp qw(fatalsToBrowser);
|
||||
|
||||
use esmith::cgi;
|
||||
use esmith::config;
|
||||
use esmith::util;
|
||||
use esmith::db;
|
||||
use esmith::event;
|
||||
|
||||
sub showInitial ($$);
|
||||
sub genPanels ($$);
|
||||
sub modifyAccess ($);
|
||||
sub performModifyAccess ($);
|
||||
|
||||
BEGIN
|
||||
{
|
||||
# Clear PATH and related environment variables so that calls to
|
||||
# external programs do not cause results to be tainted. See
|
||||
# "perlsec" manual page for details.
|
||||
|
||||
$ENV {'PATH'} = '';
|
||||
$ENV {'SHELL'} = '/bin/bash';
|
||||
delete $ENV {'ENV'};
|
||||
}
|
||||
|
||||
esmith::util::setRealToEffective ();
|
||||
|
||||
$CGI::POST_MAX=1024 * 100; # max 100K posts
|
||||
$CGI::DISABLE_UPLOADS = 1; # no uploads
|
||||
|
||||
my %conf;
|
||||
tie %conf, 'esmith::config';
|
||||
|
||||
my %accounts;
|
||||
tie %accounts, 'esmith::config', '/home/e-smith/db/accounts';
|
||||
|
||||
#------------------------------------------------------------
|
||||
# examine state parameter and display the appropriate form
|
||||
#------------------------------------------------------------
|
||||
|
||||
my $q = new CGI;
|
||||
|
||||
if (! grep (/^state$/, $q->param))
|
||||
{
|
||||
showInitial ($q, '');
|
||||
}
|
||||
|
||||
elsif ($q->param ('state') eq "modifyAccess")
|
||||
{
|
||||
modifyAccess ($q);
|
||||
}
|
||||
|
||||
elsif ($q->param ('state') eq "performModifyAccess")
|
||||
{
|
||||
performModifyAccess ($q);
|
||||
}
|
||||
|
||||
else
|
||||
{
|
||||
esmith::cgi::genStateError ($q, \%conf);
|
||||
}
|
||||
|
||||
exit (0);
|
||||
|
||||
#------------------------------------------------------------
|
||||
# subroutine to display initial form
|
||||
#------------------------------------------------------------
|
||||
|
||||
sub showInitial ($$)
|
||||
{
|
||||
my ($q, $msg) = @_;
|
||||
|
||||
if ($msg eq '')
|
||||
{
|
||||
esmith::cgi::genHeaderNonCacheable
|
||||
($q, \%conf, 'Change access to server-manager panels for user accounts');
|
||||
}
|
||||
else
|
||||
{
|
||||
esmith::cgi::genHeaderNonCacheable
|
||||
($q, \%conf, 'Operation status report');
|
||||
|
||||
print $q->p ($msg);
|
||||
print $q->hr;
|
||||
}
|
||||
|
||||
my @userAccounts = ('admin');
|
||||
|
||||
foreach (sort keys %accounts)
|
||||
{
|
||||
push (@userAccounts, $_) if (db_get_type(\%accounts, $_) eq "user");
|
||||
}
|
||||
|
||||
foreach (sort keys %accounts)
|
||||
{
|
||||
push (@userAccounts, $_) if (db_get_type(\%accounts, $_) eq "group");
|
||||
}
|
||||
|
||||
unless (scalar @userAccounts)
|
||||
{
|
||||
print $q->p ($q->b ('There are no user accounts in the system.'));
|
||||
}
|
||||
else
|
||||
{
|
||||
my $description = <<END_TEXT;
|
||||
You can modify individual users access to the server-manager
|
||||
panels below by clicking on the link next the account. You can assign
|
||||
panels to the members of a group with their link. Users or Groups
|
||||
in red have some form of extra access. You can globally assign
|
||||
a panel by editing the global account
|
||||
END_TEXT
|
||||
|
||||
print $q->p ($description);
|
||||
|
||||
print $q->p ($q->b ('Current List of User Accounts'));
|
||||
|
||||
print "<table border=1 cellspacing=1 cellpadding=4>";
|
||||
|
||||
print $q->Tr (esmith::cgi::genSmallCell ($q, $q->b ('Account')),
|
||||
esmith::cgi::genSmallCell ($q, $q->b ('Name/Description')),
|
||||
$q->td (' '));
|
||||
|
||||
my $user;
|
||||
|
||||
foreach $user (@userAccounts)
|
||||
{
|
||||
my $name = '';
|
||||
if (db_get_type(\%accounts, $user) eq "group")
|
||||
{
|
||||
$name =db_get_prop(\%accounts, $user, "Description");
|
||||
}
|
||||
else
|
||||
{
|
||||
$name =db_get_prop(\%accounts, $user, "FirstName")." ". db_get_prop(\%accounts, $user, "LastName");
|
||||
}
|
||||
|
||||
my $AdminPanels = db_get_prop(\%accounts, $user, "AdminPanels");
|
||||
$AdminPanels = '' if ! defined ($AdminPanels);
|
||||
|
||||
if ( ! $AdminPanels )
|
||||
{
|
||||
print $q->Tr (esmith::cgi::genSmallCell ($q, $user),
|
||||
esmith::cgi::genSmallCell ($q, $name),
|
||||
esmith::cgi::genSmallCell ($q,
|
||||
$q->a ({href => $q->url (-absolute => 1)
|
||||
. "?state=modifyAccess&acct="
|
||||
. $user}, 'Change Access...')));
|
||||
|
||||
}
|
||||
else
|
||||
{
|
||||
print $q->Tr (esmith::cgi::genSmallRedCell ($q, $user),
|
||||
esmith::cgi::genSmallRedCell ($q, $name),
|
||||
esmith::cgi::genSmallCell ($q,
|
||||
$q->a ({href => $q->url (-absolute => 1)
|
||||
. "?state=modifyAccess&acct="
|
||||
. $user}, 'Change Access...')));
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
#global setting
|
||||
if ( ! db_get( \%accounts, 'globalUP') )
|
||||
{
|
||||
db_set(\%accounts, 'globalUP', 'userpanelglobal', { FirstName => 'global user', LastName => 'panel access' });
|
||||
}
|
||||
|
||||
my $AdminPanels = db_get_prop(\%accounts, 'globalUP', "AdminPanels");
|
||||
$AdminPanels = '' if ! defined ($AdminPanels);
|
||||
|
||||
if ( ! $AdminPanels )
|
||||
{
|
||||
print $q->Tr (esmith::cgi::genSmallCell ($q, 'Global'),
|
||||
esmith::cgi::genSmallCell ($q, 'every user'),
|
||||
esmith::cgi::genSmallCell ($q,
|
||||
$q->a ({href => $q->url (-absolute => 1)
|
||||
. "?state=modifyAccess&acct="
|
||||
. 'globalUP'}, 'Change Access...')));
|
||||
|
||||
}
|
||||
else
|
||||
{
|
||||
print $q->Tr (esmith::cgi::genSmallRedCell ($q, 'Global'),
|
||||
esmith::cgi::genSmallRedCell ($q, 'every user'),
|
||||
esmith::cgi::genSmallCell ($q,
|
||||
$q->a ({href => $q->url (-absolute => 1)
|
||||
. "?state=modifyAccess&acct="
|
||||
. 'globalUP'}, 'Change Access...')));
|
||||
|
||||
}
|
||||
|
||||
print '</table>';
|
||||
}
|
||||
|
||||
esmith::cgi::genFooter ($q);
|
||||
}
|
||||
|
||||
sub genPanels ($$)
|
||||
{
|
||||
my ($q, $user) = @_;
|
||||
|
||||
my %panelshash = ();
|
||||
my @selected = ();
|
||||
my @globalselected = ();
|
||||
|
||||
my @panels;
|
||||
opendir (DIR, "/etc/e-smith/web/functions")
|
||||
|| die "Can't open /etc/e-smith/web/functions directory.\n";
|
||||
push (@panels, sort (grep (!/^(\.|userpanel-initial|userpanel-navigation|userpanel-noframes|pleasewait|index\.cgi|initial\.cgi|navigation|noframes)/, readdir(DIR))));
|
||||
closedir (DIR);
|
||||
|
||||
my $panel;
|
||||
foreach $panel (@panels)
|
||||
{
|
||||
$panelshash{$panel} = "Unknown";
|
||||
|
||||
unless (open (RD, "/etc/e-smith/web/functions/$panel"))
|
||||
{
|
||||
warn "Can't open file /etc/e-smith/web/functions/$panel: $!\n";
|
||||
next;
|
||||
}
|
||||
|
||||
while (<RD>)
|
||||
{
|
||||
if (/^\s*#\s*description\s*:\s*(.+?)\s*$/)
|
||||
{
|
||||
$panelshash{$panel} = $1;
|
||||
}
|
||||
|
||||
last if ( $panelshash{$panel} ne "Unknown" );
|
||||
}
|
||||
close RD;
|
||||
}
|
||||
|
||||
my $userAdminPanels = db_get_prop(\%accounts, $user, 'AdminPanels');
|
||||
$userAdminPanels = '' if ! defined ($userAdminPanels);
|
||||
@selected = split (/,/, $userAdminPanels);
|
||||
|
||||
my $globalAdminPanels = db_get_prop(\%accounts, 'globalUP', 'AdminPanels');
|
||||
$globalAdminPanels = '' if ! defined ($globalAdminPanels);
|
||||
@globalselected = split (/,/, $globalAdminPanels);
|
||||
|
||||
@panels = sort @panels;
|
||||
my $count = scalar @panels;
|
||||
|
||||
my $out = '';
|
||||
|
||||
if ($count > 0)
|
||||
{
|
||||
$out .= '<table border=1 cellspacing=1 cellpadding=4>';
|
||||
|
||||
$out .= $q->Tr ($q->td (' '),
|
||||
esmith::cgi::genSmallCell ($q, $q->b ('Panel')),
|
||||
esmith::cgi::genSmallCell ($q, $q->b ('Description')));
|
||||
|
||||
my $panel;
|
||||
foreach $panel (@panels)
|
||||
{
|
||||
my $checked = "";
|
||||
if (grep (/^$panel$/, @selected) || grep (/^$panel$/, @globalselected))
|
||||
{
|
||||
$checked = "checked";
|
||||
}
|
||||
|
||||
if (grep (/^$panel$/, @globalselected) && ($user ne 'globalUP'))
|
||||
{
|
||||
$out .=
|
||||
$q->Tr (
|
||||
$q->td (
|
||||
"<input type=\"checkbox\""
|
||||
. " name=\"panelAccess\""
|
||||
. " $checked value=\"$panel\">"
|
||||
),
|
||||
esmith::cgi::genSmallRedCell ($q, $panel),
|
||||
esmith::cgi::genSmallRedCell (
|
||||
$q, $panelshash{$panel} . ' (Global)'));
|
||||
} else {
|
||||
$out .=
|
||||
$q->Tr (
|
||||
$q->td (
|
||||
"<input type=\"checkbox\""
|
||||
. " name=\"panelAccess\""
|
||||
. " $checked value=\"$panel\">"
|
||||
),
|
||||
esmith::cgi::genSmallCell ($q, $panel),
|
||||
esmith::cgi::genSmallCell (
|
||||
$q, $panelshash{$panel}));
|
||||
}
|
||||
}
|
||||
|
||||
$out .= '</table>';
|
||||
}
|
||||
|
||||
return $out;
|
||||
}
|
||||
|
||||
|
||||
sub modifyAccess ($)
|
||||
{
|
||||
my ($q) = @_;
|
||||
|
||||
esmith::cgi::genHeaderNonCacheable ($q, \%conf, 'Modify user-manager access');
|
||||
|
||||
print
|
||||
$q->startform (-method => 'POST', -action => $q->url (-absolute => 1));
|
||||
|
||||
my $acct = $q->param ('acct');
|
||||
|
||||
my $username = '';
|
||||
if (db_get_type(\%accounts, $acct) eq "group")
|
||||
{
|
||||
$username =db_get_prop(\%accounts, $acct, "Description");
|
||||
}
|
||||
else
|
||||
{
|
||||
$username =db_get_prop(\%accounts, $acct, "FirstName")." ". db_get_prop(\%accounts, $acct, "LastName");
|
||||
}
|
||||
|
||||
if (db_get(\%accounts, $acct))
|
||||
{
|
||||
|
||||
print $q->table ({border => 0, cellspacing => 0, cellpadding => 4},
|
||||
|
||||
$q->Tr (esmith::cgi::genCell ($q, "Account name:"),
|
||||
esmith::cgi::genCell ($q, $acct)),
|
||||
|
||||
$q->Tr (esmith::cgi::genCell ($q, "Name/Description:"),
|
||||
esmith::cgi::genCell ($q, "$username")),
|
||||
|
||||
$q->Tr (esmith::cgi::genCell ($q, "Accessible Panels:"),
|
||||
esmith::cgi::genCell ($q, genPanels ($q, $acct))),
|
||||
|
||||
esmith::cgi::genButtonRow ($q,
|
||||
$q->submit (-name => 'action',
|
||||
-value => 'Modify')));
|
||||
|
||||
print $q->hidden (-name => 'acct',
|
||||
-override => 1,
|
||||
-default => $acct);
|
||||
|
||||
print $q->hidden (-name => 'state',
|
||||
-override => 1,
|
||||
-default => 'performModifyAccess');
|
||||
|
||||
}
|
||||
|
||||
print $q->endform;
|
||||
esmith::cgi::genFooter ($q);
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
sub performModifyAccess ($)
|
||||
{
|
||||
my ($q) = @_;
|
||||
my $acct = $q->param ('acct');
|
||||
|
||||
my @adminPanels = $q->param ('panelAccess');
|
||||
my @userPanels = ();
|
||||
|
||||
my $globalAdminPanels = db_get_prop(\%accounts, 'globalUP', 'AdminPanels');
|
||||
$globalAdminPanels = '' if ! defined ($globalAdminPanels);
|
||||
my @globalselected = split (/,/, $globalAdminPanels);
|
||||
|
||||
foreach my $panel (@adminPanels)
|
||||
{
|
||||
if ( ! grep (/^$panel$/, @globalselected) || ($acct eq 'globalUP'))
|
||||
{
|
||||
push(@userPanels, $panel);
|
||||
}
|
||||
}
|
||||
|
||||
my $adminPanels = join (',', @userPanels);
|
||||
|
||||
db_set_prop(\%accounts, $acct, 'AdminPanels', $adminPanels);
|
||||
|
||||
system ("/sbin/e-smith/signal-event", "conf-userpanel") == 0
|
||||
or die ("Error occurred while updating userpanel configuration.\n");
|
||||
|
||||
showInitial ($q, "Successfully modified user account $acct.");
|
||||
}
|
|
@ -0,0 +1,3 @@
|
|||
{
|
||||
}
|
||||
|
|
@ -0,0 +1,36 @@
|
|||
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
|
||||
|
||||
<HTML>
|
||||
|
||||
<HEAD>
|
||||
<TITLE>SME Server / user </TITLE>
|
||||
</HEAD>
|
||||
|
||||
<FRAMESET FRAMESPACING="0" COLS="170,*" FRAMEBORDER="0" BORDER="0">
|
||||
|
||||
<FRAME NAME="navigation" RESIZE="auto" MARGINHEIGHT="0" SRC="/user-manager/cgi-bin/userpanel-navigation"
|
||||
FRAMEBORDER="no" SCROLLING="auto" MARGINWIDTH="0" BORDER="0">
|
||||
|
||||
<FRAME NAME="main" RESIZE="auto" MARGINHEIGHT="0" SRC="/user-manager/cgi-bin/userpanel-initial"
|
||||
FRAMEBORDER="no" SCROLLING="auto" MARGINWIDTH="0" BORDER="0">
|
||||
|
||||
</FRAMESET>
|
||||
|
||||
<NOFRAMES>
|
||||
<BODY>
|
||||
|
||||
<H1>Welcome to the user manager panel</H1>
|
||||
|
||||
<P><A HREF="/user-manager/cgi-bin/userpanel-noframes">Click here</A> for a
|
||||
list of available functions.
|
||||
|
||||
<P>As part of our commitment to open-source software, you are welcome
|
||||
to copy and redistribute this software.
|
||||
|
||||
<P>
|
||||
<HR>
|
||||
|
||||
</BODY>
|
||||
</NOFRAMES>
|
||||
|
||||
</HTML>
|
|
@ -0,0 +1,10 @@
|
|||
package My::Package;
|
||||
use Lemonldap::NG::Handler::SharedConf;
|
||||
@ISA = qw(Lemonldap::NG::Handler::SharedConf);
|
||||
|
||||
__PACKAGE__->init(
|
||||
{
|
||||
configStorage => { confFile => '/etc/lemonldap-ng/lemonldap-ng-admin.ini' },
|
||||
}
|
||||
);
|
||||
1;
|
|
@ -0,0 +1,10 @@
|
|||
package My::Package;
|
||||
use Lemonldap::NG::Handler::SharedConf;
|
||||
@ISA = qw(Lemonldap::NG::Handler::SharedConf);
|
||||
|
||||
__PACKAGE__->init(
|
||||
{
|
||||
configStorage => { confFile => '/etc/lemonldap-ng/lemonldap-ng-pki.ini' },
|
||||
}
|
||||
);
|
||||
1;
|
Loading…
Reference in New Issue