require 'samba-lib.pl';
# acl_security_form(&options)
# Output HTML for editing security options for the samba module
sub acl_security_form
{
print "\n| $text{'acl_apply'} | \n";
printf " $text{'yes'}\n",
$_[0]->{'apply'} ? "checked" : "";
printf " $text{'no'} | \n",
$_[0]->{'apply'} ? "" : "checked";
print "
\n";
print "\n| $text{'acl_view_all_con'} | \n";
printf " $text{'yes'}\n",
$_[0]->{'view_all_con'} ? "checked" : "";
printf " $text{'no'} | \n",
$_[0]->{'view_all_con'} ? "" : "checked";
print "
\n";
print "\n| $text{'acl_kill_con'} | \n";
printf " $text{'yes'}\n",
$_[0]->{'kill_con'} ? "checked" : "";
printf " $text{'no'} | \n",
$_[0]->{'kill_con'} ? "" : "checked";
print "
\n";
print "
|
\n";
print "\n| $text{'acl_conf_net'} | \n";
printf " $text{'yes'}\n",
$_[0]->{'conf_net'} ? "checked" : "";
printf " $text{'no'} | \n",
$_[0]->{'conf_net'} ? "" : "checked";
print "
\n";
print "\n| $text{'acl_conf_smb'} | \n";
printf " $text{'yes'}\n",
$_[0]->{'conf_smb'} ? "checked" : "";
printf " $text{'no'} | \n",
$_[0]->{'conf_smb'} ? "" : "checked";
print "
\n";
print "\n| $text{'acl_conf_pass'} | \n";
printf " $text{'yes'}\n",
$_[0]->{'conf_pass'} ? "checked" : "";
printf " $text{'no'} | \n",
$_[0]->{'conf_pass'} ? "" : "checked";
print "
\n";
print "\n| $text{'acl_conf_print'} | \n";
printf " $text{'yes'}\n",
$_[0]->{'conf_print'} ? "checked" : "";
printf " $text{'no'} | \n",
$_[0]->{'conf_print'} ? "" : "checked";
print "
\n";
print "\n| $text{'acl_conf_misc'} | \n";
printf " $text{'yes'}\n",
$_[0]->{'conf_misc'} ? "checked" : "";
printf " $text{'no'} | \n",
$_[0]->{'conf_misc'} ? "" : "checked";
print "
\n";
print "\n| $text{'acl_swat'} | \n";
printf " $text{'yes'}\n",
$_[0]->{'swat'} ? "checked" : "";
printf " $text{'no'} | \n",
$_[0]->{'swat'} ? "" : "checked";
print "
\n";
print "\n| $text{'acl_manual'} | \n";
printf " $text{'yes'}\n",
$_[0]->{'manual'} ? "checked" : "";
printf " $text{'no'} | \n",
$_[0]->{'manual'} ? "" : "checked";
print "
\n";
print "\n| $text{'acl_winbind'} | \n";
printf " $text{'yes'}\n",
$_[0]->{'winbind'} ? "checked" : "";
printf " $text{'no'} | \n",
$_[0]->{'winbind'} ? "" : "checked";
print "
\n";
print "\n| $text{'acl_bind'} | \n";
printf " $text{'yes'}\n",
$_[0]->{'conf_bind'} ? "checked" : "";
printf " $text{'no'} | \n",
$_[0]->{'conf_bind'} ? "" : "checked";
print "
\n";
print "
|
\n";
# encripted passwords
print "\n| $text{'acl_enc_passwd_opts'} |
\n";
print "\n| $text{'acl_view_users'} | \n";
printf " $text{'yes'}\n",
$_[0]->{'view_users'} ? "checked" : "";
printf " $text{'no'} | \n",
$_[0]->{'view_users'} ? "" : "checked";
print "
\n";
print "\n| $text{'acl_maint_users'} | \n";
printf " $text{'yes'}\n",
$_[0]->{'maint_users'} ? "checked" : "";
printf " $text{'no'} | \n",
$_[0]->{'maint_users'} ? "" : "checked";
print "
\n";
print "\n| $text{'acl_maint_makepass'} | \n";
printf " $text{'yes'}\n",
$_[0]->{'maint_makepass'} ? "checked" : "";
printf " $text{'no'} | \n",
$_[0]->{'maint_makepass'} ? "" : "checked";
print "
\n";
print "\n| $text{'acl_maint_sync'} | \n";
printf " $text{'yes'}\n",
$_[0]->{'maint_sync'} ? "checked" : "";
printf " $text{'no'} | \n",
$_[0]->{'maint_sync'} ? "" : "checked";
print "
\n";
print "
|
\n";
# encripted passwords
print "\n| $text{'acl_group_opts'} |
\n";
print "\n| $text{'acl_maint_groups'} | \n";
printf " $text{'yes'}\n",
$_[0]->{'maint_groups'} ? "checked" : "";
printf " $text{'no'} | \n",
$_[0]->{'maint_groups'} ? "" : "checked";
print "
\n";
print "\n| $text{'acl_maint_gsync'} | \n";
printf " $text{'yes'}\n",
$_[0]->{'maint_gsync'} ? "checked" : "";
printf " $text{'no'} | \n",
$_[0]->{'maint_gsync'} ? "" : "checked";
print "
\n";
print "
|
\n";
# hide
print "\n| $text{'acl_hide'} | \n";
printf " $text{'yes'}\n",
$_[0]->{'hide'} == 1 ? "checked" : "";
printf " $text{'no'} | \n",
$_[0]->{'hide'} == 0 ? "checked" : "";
print "
\n";
print "
|
\n";
# global acls
print "\n| $text{'acl_afs'} | \n";
print "\n";
printf " %s\n",
$_[0]->{'c_fs'} ? "checked" : "", $text{"acl_c"};
printf " %s\n",
$_[0]->{'r_fs'} ? "checked" : "", $text{"acl_r"};
printf " %s\n",
$_[0]->{'w_fs'} ? "checked" : "", $text{"acl_w"};
print " |
\n";
print "\n| $text{'acl_aps'} | \n";
print "\n";
printf " %s\n",
$_[0]->{'c_ps'} ? "checked" : "", $text{"acl_c"};
printf " %s\n",
$_[0]->{'r_ps'} ? "checked" : "", $text{"acl_r"};
printf " %s\n",
$_[0]->{'w_ps'} ? "checked" : "", $text{"acl_w"};
print " |
\n";
print "\n| $text{'acl_copy'} | \n";
printf " $text{'yes'}\n",
$_[0]->{'copy'} ? "checked" : "";
printf " $text{'no'} | \n",
$_[0]->{'copy'} ? "" : "checked";
print "
\n";
print "
|
\n";
# per-share acls
print "| $text{'acl_per_fs_acls'} | \n";
printf " $text{'yes'}\n",
$_[0]->{'per_fs_acls'} ? "checked" : "";
printf " $text{'no'}\n",
$_[0]->{'per_fs_acls'} ? "" : "checked";
print " |
\n";
print "| $text{'acl_per_ps_acls'} | \n";
printf " $text{'yes'}\n",
$_[0]->{'per_ps_acls'} ? "checked" : "";
printf " $text{'no'}\n",
$_[0]->{'per_ps_acls'} ? "" : "checked";
print " |
\n";
print "
|
\n";
# table
print " \n\n";
printf "| %s | \n", $text{'acl_per_share_acls'};
print "\n";
printf "| %s | \n", $text{'acl_sname'};
printf "%s | \n", $text{'acl_saccess'};
printf "%s | \n", $text{'acl_sconn'};
printf "%s | \n", $text{'acl_sopthdr'};
print " \n\n";
printf "| %s | \n", $text{'acl_ssec'};
printf "%s | \n", $text{'acl_sperm'};
printf "%s | \n", $text{'acl_snaming'};
printf "%s
%s | \n", $text{'acl_smisc'}, $text{'acl_sprn'};
print " \n";
foreach (&list_shares()) {
&display_acl_row($_[0], $_);
}
print " |
\n";
}
# acl_security_save(&options)
# Parse the form for security options for the samba module
sub acl_security_save
{
if ($in{'r_fs'} < $in{'w_fs'} || $in{'r_ps'} < $in{'w_ps'}) {
&error($text{'acl_ernow'});
}
# If create, read, AND write are all turned off... don't SHOW file shares...
$_[0]->{'conf_fs'}=1;
if ($in{'c_fs'} == "" && $in{'r_fs'} == "" && $in{'w_fs'} == "") {
$_[0]->{'conf_fs'}=0;
}
# If create, read, AND write are all turned off... don't SHOW print shares...
$_[0]->{'conf_ps'}=1;
if ($in{'c_ps'} == "" && $in{'r_ps'} == "" && $in{'w_ps'} == "") {
$_[0]->{'conf_ps'}=0;
}
$_[0]->{'apply'}=$in{'apply'};
$_[0]->{'view_all_con'}=$in{'view_all_con'};
$_[0]->{'kill_con'}=$in{'kill_con'};
$_[0]->{'conf_net'}=$in{'conf_net'};
$_[0]->{'conf_smb'}=$in{'conf_smb'};
$_[0]->{'conf_pass'}=$in{'conf_pass'};
$_[0]->{'conf_print'}=$in{'conf_print'};
$_[0]->{'conf_misc'}=$in{'conf_misc'};
$_[0]->{'swat'}=$in{'swat'};
$_[0]->{'manual'}=$in{'manual'};
$_[0]->{'hide'}=$in{'hide'};
$_[0]->{'per_fs_acls'}=$in{'per_fs_acls'};
$_[0]->{'per_ps_acls'}=$in{'per_ps_acls'};
$_[0]->{'c_fs'}=$in{'c_fs'};
$_[0]->{'r_fs'}=$in{'r_fs'};
$_[0]->{'w_fs'}=$in{'w_fs'};
$_[0]->{'c_ps'}=$in{'c_ps'};
$_[0]->{'r_ps'}=$in{'r_ps'};
$_[0]->{'w_ps'}=$in{'w_ps'};
$_[0]->{'copy'}=$in{'copy'};
$_[0]->{'view_users'}=$in{'view_users'};
$_[0]->{'maint_users'}=$in{'maint_users'};
$_[0]->{'maint_makepass'}=$in{'maint_makepass'};
$_[0]->{'maint_sync'}=$in{'maint_sync'};
$_[0]->{'maint_groups'}=$in{'maint_groups'};
$_[0]->{'maint_gsync'}=$in{'maint_gsync'};
$_[0]->{'winbind'}=$in{'winbind'};
$_[0]->{'conf_bind'}=$in{'conf_bind'};
foreach (keys %in) {
$_[0]->{$1} .= $in{$_} if /^\w\w_(ACL\w\w_\w+)$/;
}
}
# display_acl_row(\%access, $share_name)
sub display_acl_row
{
local($acc,$name)=@_;
local %share;
&get_share($name);
local $stype=&istrue('printable') ? 'ps' : 'fs';
local $aclname='ACL' . $stype . '_' . $name;
#display row
print "\n";
printf $stype eq 'fs' ? "| %s | \n" :
"%s | \n", $name;
&display_acl_cell($acc, $name, 'r', 'w', $aclname,
$text{'acl_na'}, $text{'acl_r1'}, $text{'acl_rw'});
&display_acl_cell($acc, $name, 'v', 'V', $aclname,
$text{'acl_na'}, $text{'acl_view'}, $text{'acl_kill'});
&display_acl_cell($acc, $name, 's', 'S', $aclname,
$text{'acl_na'}, $text{'acl_view'}, $text{'acl_edit'});
$stype eq 'fs' ? &display_acl_cell($acc, $name, 'p', 'P', $aclname,
$text{'acl_na'}, $text{'acl_view'}, $text{'acl_edit'}) :
print " | \n";
$stype eq 'fs' ? &display_acl_cell($acc, $name, 'n', 'N', $aclname,
$text{'acl_na'}, $text{'acl_view'}, $text{'acl_edit'}) :
print " | \n";
&display_acl_cell($acc, $name, 'o', 'O', $aclname,
$text{'acl_na'}, $text{'acl_view'}, $text{'acl_edit'});
print "
\n";
}
#display_acl_cell(\%access, $name,
# $rperm, $wperm, $aclname,
# $text1, $text2, $text3)
sub display_acl_cell
{
local ($acc, $name, $rp, $wp, $aclname, $text1, $text2, $text3) = @_;
local $rn = $rp . $wp . '_' . $aclname;
print "\n";
if($acc->{$aclname}) {
printf " %s
\n",
!&perm_to($rp, $acc, $aclname) ?
"checked" : "", $text1;
printf " %s
\n",
&perm_to($rp, $acc, $aclname) &&
!&perm_to($rp.$wp, $acc, $aclname) ?
"checked" : "",$text2;
printf " %s\n",
&perm_to($rp.$wp, $acc, $aclname) ?
"checked" : "", $text3;
}
else {
printf " %s
\n",
$text1;
printf " %s
\n",
$text2;
printf " %s\n",
$text3;
}
print " | \n";
}
# perm_to($permissions_string,\%access,$ACLname)
# check only per-share permissions
sub perm_to
{
local $acl=$_[1]->{$_[2]};
foreach (split //,$_[0]) {
return 0 if index($acl,$_) == -1;
}
return 1;
}
1;