michael/webmin
1
0
Fork 0
mirror of https://github.com/webmin/webmin.git synced 2026-02-03 06:03:28 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix to simplify reset-password UI for sudo-capable users

Browse Source
This commit is contained in:
Ilia Ross
2025-05-19 15:40:53 +03:00
parent 8d2b6bf328
commit 5210f37478
3 changed files with 13 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
acl/forgot_form.cgi
View File

@@ -13,27 +13,25 @@ our (%in, %text);
&can_edit_user($in{'user'}) || &error($text{'edit_euser'});
my $u = &get_user($in{'user'});
$u || &error($text{'edit_egone'});
my $is_admin = $u->{'name'} =~ /^(?:root|admin|sysadm)$/;
&ui_print_header(undef, $text{'forgot_title'}, "");
print $text{'forgot_desc'},"<p>\n";
print &ui_form_start("forgot_send.cgi", "post");
print &ui_hidden("user", $in{'user'});
print &ui_hidden("user_acc", $u->{'name'});
print &ui_table_start($text{'forgot_header'}, undef, 2);
print &ui_table_row($text{'forgot_user'}, "<tt>$u->{'name'}</tt>");
print &ui_table_row($text{'forgot_user'},
$is_admin
? &ui_textbox("user", $u->{'name'}, 12)
: "<tt>".$u->{'name'}."</tt>");
print &ui_table_row($text{'forgot_email'},
&ui_opt_textbox("email", $u->{'email'}, 60,
$text{'forgot_email_def'}."<br>\n",
$text{'forgot_email_sel'}));
if ($u->{'name'} eq 'root') {
print &ui_table_row($text{'forgot_unix'},
&ui_opt_textbox("unix", undef, 20, $text{'forgot_unix_def'}));
}
print &ui_table_end();
print &ui_form_end([ [ undef, $text{'forgot_send'} ] ]);

12
acl/forgot_send.cgi
View File

@@ -10,23 +10,23 @@ our (%in, %text, %gconfig);
&foreign_require("webmin");
&error_setup($text{'forgot_err'});
&ReadParse();
&can_edit_user($in{'user'}) || &error($text{'edit_euser'});
my $wuser = &get_user($in{'user'});
&can_edit_user($in{'user_acc'}) || &error($text{'edit_euser'});
my $wuser = &get_user($in{'user_acc'});
$wuser || &error($text{'edit_egone'});
# Validate inputs
$in{'email_def'} || $in{'email'} =~ /^\S+\@\S+$/ ||
&error($text{'forgot_eemail'});
my $unixuser;
if (defined($in{'unix_def'}) && !$in{'unix_def'}) {
if ($in{'user'} ne $in{'user_acc'}) {
&foreign_require("useradmin");
my ($uinfo) = grep { $_->{'user'} eq $in{'unix'} }
my ($uinfo) = grep { $_->{'user'} eq $in{'user'} }
&useradmin::list_users();
$uinfo || &error($text{'forgot_eunix'});
my $sudo = &useradmin::can_user_sudo_root($in{'unix'});
my $sudo = &useradmin::can_user_sudo_root($in{'user'});
&error($text{'forgot_enosudo'}) if ($sudo < 0);
&error($text{'forgot_ecansudo'}) if (!$sudo);
$unixuser = $in{'unix'};
$unixuser = $in{'user'};
}
# Generate a random ID and tracking file for this password reset

4
acl/lang/en
View File

@@ -519,12 +519,10 @@ twofactor_ebutton=No button clicked!
forgot_title=Send Password Reset Link
forgot_err=Failed to send password reset link
forgot_header=Password reset link details
forgot_user=Reset password for Webmin user
forgot_user=Reset password for Webmin or sudo-capable Unix user
forgot_email=Link delivery method
forgot_email_def=Display link in Webmin
forgot_email_sel=Send link via email to
forgot_unix=Sudo-capable Unix user to reset
forgot_unix_def=Just reset Webmin password
forgot_send=Send Link
forgot_desc=This page allows you to generate or send a link that can be used to select a new password for a Webmin user to any email address. Be careful which address you send this link to, as it will effectively grant full access to the Webmin login!
forgot_adminmsg=You are receiving this email from the administrator of the Webmin system at $3, for the login $1.\n\nIf you would like to proceed with resetting the password, follow this link :\n$2