mirror of
https://github.com/webmin/webmin.git
synced 2026-05-04 22:30:33 +01:00
strict conversion
This commit is contained in:
Jamie Cameron
@@ -2,32 +2,37 @@
|
||||
# edit_acl.cgi
|
||||
# Display a form for editing the access control options for some module
|
||||
|
||||
use strict;
|
||||
use warnings;
|
||||
require './acl-lib.pl';
|
||||
our (%in, %text, %config, %access, $base_remote_user, %gconfig);
|
||||
&ReadParse();
|
||||
$access{'acl'} || &error($text{'acl_emod'});
|
||||
|
||||
my $who;
|
||||
if ($in{'group'}) {
|
||||
$access{'groups'} || &error($text{'acl_egroup'});
|
||||
$who = $in{'group'};
|
||||
}
|
||||
else {
|
||||
$me = &get_user($base_remote_user);
|
||||
@mcan = $access{'mode'} == 1 ? @{$me->{'modules'}} :
|
||||
$access{'mode'} == 2 ? split(/\s+/, $access{'mods'}) :
|
||||
( &list_modules() , "" );
|
||||
my $me = &get_user($base_remote_user);
|
||||
my @mcan = $access{'mode'} == 1 ? @{$me->{'modules'}} :
|
||||
$access{'mode'} == 2 ? split(/\s+/, $access{'mods'}) :
|
||||
( &list_modules() , "" );
|
||||
&indexof($in{'mod'}, @mcan) >= 0 || &error($text{'acl_emod'});
|
||||
&can_edit_user($in{'user'}) || &error($text{'acl_euser'});
|
||||
$who = $in{'user'};
|
||||
}
|
||||
|
||||
%minfo = $in{'mod'} ? &get_module_info($in{'mod'})
|
||||
: ( 'desc' => $text{'index_global'} );
|
||||
$below = &text($in{'group'} ? 'acl_title3' : 'acl_title2', "<tt>$who</tt>",
|
||||
"<tt>$minfo{'desc'}</tt>");
|
||||
my %minfo = $in{'mod'} ? &get_module_info($in{'mod'})
|
||||
: ( 'desc' => $text{'index_global'} );
|
||||
my $below = &text($in{'group'} ? 'acl_title3' : 'acl_title2', "<tt>$who</tt>",
|
||||
"<tt>$minfo{'desc'}</tt>");
|
||||
&ui_print_header($below, $text{'acl_title'}, "",
|
||||
-r &help_file($in{'mod'}, "acl_info") ?
|
||||
[ "acl_info", $in{'mod'} ] : undef);
|
||||
%maccess = $in{'group'} ? &get_group_module_acl($who, $in{'mod'})
|
||||
: &get_module_acl($who, $in{'mod'}, 1);
|
||||
my %maccess = $in{'group'} ? &get_group_module_acl($who, $in{'mod'})
|
||||
: &get_module_acl($who, $in{'mod'}, 1);
|
||||
|
||||
# display the form
|
||||
print &ui_form_start("save_acl.cgi", "post");
|
||||
@@ -56,7 +61,7 @@ if ($in{'mod'}) {
|
||||
[ [ 0, $text{'yes'} ], [ 1, $text{'no'} ] ]), 3);
|
||||
}
|
||||
|
||||
$mdir = &module_root_directory($in{'mod'});
|
||||
my $mdir = &module_root_directory($in{'mod'});
|
||||
if (-r "$mdir/acl_security.pl") {
|
||||
print &ui_table_hr() if ($in{'mod'});
|
||||
&foreign_require($in{'mod'}, "acl_security.pl");
|
||||
|
||||
@@ -2,24 +2,32 @@
|
||||
# save_acl.cgi
|
||||
# Save access control options for some module
|
||||
|
||||
use strict;
|
||||
use warnings;
|
||||
require './acl-lib.pl';
|
||||
our (%in, %text, %config, %access, $base_remote_user, %gconfig,
|
||||
$config_directory);
|
||||
&ReadParse();
|
||||
|
||||
my $who;
|
||||
if ($in{'_acl_group'}) {
|
||||
$access{'groups'} || &error($text{'acl_egroup'});
|
||||
$who = $in{'_acl_group'};
|
||||
}
|
||||
else {
|
||||
$me = &get_user($base_remote_user);
|
||||
@mcan = $access{'mode'} == 1 ? @{$me->{'modules'}} :
|
||||
$access{'mode'} == 2 ? split(/\s+/, $access{'mods'}) :
|
||||
( &list_modules(), "" );
|
||||
my $me = &get_user($base_remote_user);
|
||||
my @mcan = $access{'mode'} == 1 ? @{$me->{'modules'}} :
|
||||
$access{'mode'} == 2 ? split(/\s+/, $access{'mods'}) :
|
||||
( &list_modules(), "" );
|
||||
&indexof($in{'_acl_mod'}, @mcan) >= 0 || &error($text{'acl_emod'});
|
||||
&can_edit_user($in{'_acl_user'}) || &error($text{'acl_euser'});
|
||||
$who = $in{'_acl_user'};
|
||||
}
|
||||
|
||||
$aclfile = $in{'_acl_group'} ? "$config_directory/$in{'_acl_mod'}/$who.gacl"
|
||||
: "$config_directory/$in{'_acl_mod'}/$who.acl";
|
||||
my $aclfile = $in{'_acl_group'} ? "$config_directory/$in{'_acl_mod'}/$who.gacl"
|
||||
: "$config_directory/$in{'_acl_mod'}/$who.acl";
|
||||
my %minfo = $in{'_acl_mod'} ? &get_module_info($in{'_acl_mod'})
|
||||
: ( 'desc' => $text{'index_global'} );
|
||||
if ($in{'reset'}) {
|
||||
# Just remove the .acl file
|
||||
&lock_file($aclfile);
|
||||
@@ -40,6 +48,7 @@ if ($in{'reset'}) {
|
||||
else {
|
||||
# Validate and store ACL settings
|
||||
&error_setup($text{'acl_err'});
|
||||
my %maccess;
|
||||
$maccess{'noconfig'} = $in{'noconfig'};
|
||||
if ($in{'rbac'}) {
|
||||
# RBAC overrides everything
|
||||
@@ -65,18 +74,15 @@ else {
|
||||
&save_module_acl(\%maccess, $in{'_acl_user'},
|
||||
$in{'_acl_mod'},1);
|
||||
}
|
||||
chmod(0640, $aclfile) if (-r $aclfile);
|
||||
&set_ownership_permissions(undef, undef, 0640, $aclfile);
|
||||
&unlock_file($aclfile);
|
||||
|
||||
%minfo = $in{'_acl_mod'} ? &get_module_info($in{'_acl_mod'})
|
||||
: ( 'desc' => $text{'index_global'} );
|
||||
|
||||
if ($in{'_acl_group'}) {
|
||||
# Recursively update the ACL for all member users and groups
|
||||
# XXX ACL in DB?
|
||||
@ulist = &list_users();
|
||||
@glist = &list_groups();
|
||||
($group) = grep { $_->{'name'} eq $in{'_acl_group'} } @glist;
|
||||
my @ulist = &list_users();
|
||||
my @glist = &list_groups();
|
||||
my ($group) = grep { $_->{'name'} eq $in{'_acl_group'} } @glist;
|
||||
&set_acl_files(\@ulist, \@glist, $in{'_acl_mod'},
|
||||
$group->{'members'}, \%maccess);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user