* Copyright (C) 2005 Paul Taylor * Copyright (C) 2003-2005 Manuel Kasper * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are met: * * 1. Redistributions of source code must retain the above copyright notice, * this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE * AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. */ require_once("guiconfig.inc"); $a_group = &config_read_array('system', 'group'); if ($_SERVER['REQUEST_METHOD'] === 'GET') { if (isset($a_group[$_GET['groupid']])) { $id = $_GET['groupid']; } if (isset($_GET['act']) && ($_GET['act'] == 'edit' || $_GET['act'] == 'new')) { $act = $_GET['act']; } else { $act = null; } $pconfig = array(); if ($act == "edit" && isset($id)) { // read config $pconfig['name'] = $a_group[$id]['name']; $pconfig['gid'] = $a_group[$id]['gid']; $pconfig['scope'] = $a_group[$id]['scope']; $pconfig['description'] = $a_group[$id]['description']; $pconfig['members'] = isset($a_group[$id]['member']) ? $a_group[$id]['member'] : array(); $pconfig['priv'] = isset($a_group[$id]['priv']) ? $a_group[$id]['priv'] : array(); } elseif ($act != null) { // init defaults $pconfig['name'] = null; $pconfig['gid'] = null; $pconfig['scope'] = null; $pconfig['description'] = null; $pconfig['members'] = array(); $pconfig['priv'] = array(); } } elseif ($_SERVER['REQUEST_METHOD'] === 'POST') { if (isset($a_group[$_POST['groupid']])) { $id = $_POST['groupid']; } $pconfig = $_POST; $input_errors = array(); $act = (isset($pconfig['act']) ? $pconfig['act'] : ''); $user = getUserEntry($_SESSION['Username']); if (userHasPrivilege($user, 'user-config-readonly')) { $input_errors[] = gettext('You do not have the permission to perform this action.'); } elseif (isset($id) && $act == "delgroup" && isset($pconfig['groupname']) && $pconfig['groupname'] == $a_group[$id]['name']) { local_group_del($a_group[$id]); $groupdeleted = $a_group[$id]['name']; unset($a_group[$id]); write_config(); header(url_safe('Location: /system_groupmanager.php')); exit; } elseif (isset($pconfig['save'])) { $reqdfields = explode(" ", "name"); $reqdfieldsn = array(gettext("Group Name")); do_input_validation($pconfig, $reqdfields, $reqdfieldsn, $input_errors); if (preg_match("/[^a-zA-Z0-9\.\-_]/", $pconfig['name'])) { $input_errors[] = gettext("The group name contains invalid characters."); } if (strlen($pconfig['name']) > 32) { $input_errors[] = gettext("The group name is longer than 32 characters."); } if (count($input_errors) == 0 && !isset($id)) { /* make sure there are no dupes */ foreach ($a_group as $group) { if ($group['name'] == $pconfig['name']) { $input_errors[] = gettext("Another entry with the same group name already exists."); break; } } $sys_groups = file_get_contents('/etc/group'); foreach (explode("\n", $sys_groups) as $line) { if (explode(":", $line)[0] == $pconfig['name']) { $input_errors[] = gettext("That groupname is reserved by the system."); } } } if (count($input_errors) == 0) { $group = array(); if (isset($id) && $a_group[$id]) { $group = $a_group[$id]; } $group['name'] = $pconfig['name']; $group['description'] = $pconfig['description']; if (empty($pconfig['members'])) { unset($group['member']); } else { $group['member'] = $pconfig['members']; } if (isset($id) && $a_group[$id]) { $a_group[$id] = $group; } else { $group['gid'] = $config['system']['nextgid']++; $a_group[] = $group; } local_group_set($group); /* Refresh users in this group since their privileges may have changed. */ if (is_array($group['member'])) { $a_user = &config_read_array('system', 'user'); foreach ($a_user as & $user) { if (in_array($user['uid'], $group['member'])) { local_user_set($user); } } } write_config(); header(url_safe('Location: /system_groupmanager.php')); exit; } else { // input errors, load page in edit mode $act = 'edit'; } } else { // POST without a valid action, redirect to overview header(url_safe('Location: /system_groupmanager.php')); exit; } } legacy_html_escape_form_data($pconfig); legacy_html_escape_form_data($a_group); include("head.inc"); $main_buttons = array(); if (!isset($_GET['act'])) { $main_buttons[] = array('label' => gettext('Add'), 'href' => 'system_groupmanager.php?act=new'); } ?>
/>
 

">

">
" onclick="window.location.href='/system_groupmanager.php'" />
" /> $group): ?>