3 # Edit a new or existing webmin user
5 require './acl-lib.pl';
6 &foreign_require("webmin", "webmin-lib.pl");
10 # Editing an existing user
11 &can_edit_user($in{'user'}) || &error($text{'edit_euser'});
12 &ui_print_header(undef, $text{'edit_title'}, "");
13 $u = &get_user($in{'user'});
14 $u || &error($text{'edit_egone'});
19 $access{'create'} || &error($text{'edit_ecreate'});
20 &ui_print_header(undef, $text{'edit_title2'}, "");
22 # Initial settings come from clone
23 $u = &get_user($in{'clone'});
25 delete($user{'name'});
30 $user{'skill'} = $user{'risk'} = 'high' if ($in{'risk'});
32 $me = &get_user($base_remote_user);
35 if ($user{'readonly'} && !$in{'readwrite'}) {
36 %minfo = &get_module_info($user{'readonly'});
37 print &text('edit_readonly', $minfo{'desc'},
38 "edit_user.cgi?user=$in{'user'}&readwrite=1"),"<p>\n";
39 &ui_print_footer("", $text{'index_return'});
43 print &ui_form_start("save_user.cgi", "post");
45 print &ui_hidden("old", $user{'name'});
46 print &ui_hidden("oldpass", $user{'pass'});
49 print &ui_hidden("clone", $in{'clone'});
51 print &ui_hidden_table_start($text{'edit_rights'}, "width=100%", 2, "rights",
55 print &ui_table_row($text{'edit_user'},
56 $access{'rename'} || !$in{'user'} ?
57 &ui_textbox("name", $user{'name'}, 30,
58 0, undef, "autocomplete=off") : $user{'name'});
60 # Source user for clone
62 print &ui_table_row($text{'edit_cloneof'}, "<tt>$in{'clone'}</tt>");
65 # Find and show parent group
66 @glist = &list_groups();
67 @mcan = $access{'gassign'} eq '*' ?
68 ( ( map { $_->{'name'} } @glist ), '_none' ) :
69 split(/\s+/, $access{'gassign'});
70 map { $gcan{$_}++ } @mcan;
71 if (@glist && %gcan && !$in{'risk'} && !$user{'risk'}) {
74 push(@opts, [ undef, "<$text{'edit_none'}>" ]);
78 if (&indexof($user{'name'}, @{$g->{'members'}}) >= 0 ||
80 &indexof($in{'clone'}, @{$g->{'members'}}) >= 0) {
83 next if (!$gcan{$g->{'name'}} && $memg ne $g);
84 push(@opts, [ $g->{'name'} ]);
86 print &ui_table_row($text{'edit_group'},
87 &ui_select("group", $memg->{'name'}, \@opts));
90 # Show password type menu and current password
91 $passmode = !$in{'user'} ? 0 :
92 $user{'pass'} eq 'x' ? 3 :
94 $user{'pass'} eq 'e' ? 5 :
95 $user{'pass'} eq '*LK*' ? 4 : 1;
96 &get_miniserv_config(\%miniserv);
97 @opts = ( [ 0, "$text{'edit_set'} .." ] );
99 push(@opts, [ 1, $text{'edit_dont'} ]);
101 push(@opts, [ 3, $text{'edit_unix'} ]);
103 push(@opts, [ 2, $text{'edit_same'} ]);
105 if ($miniserv{'extauth'}) {
106 push(@opts, [ 5, $text{'edit_extauth'} ]);
108 push(@opts, [ 4, $text{'edit_lock'} ]);
109 if ($passmode == 1) {
110 $lockbox = &ui_checkbox("lock", 1, $text{'edit_templock'},
111 $user{'pass'} =~ /^\!/ ? 1 : 0);
113 if ($passmode != 3 && $passmode != 4) {
114 $tempbox = &ui_checkbox("temp", 1, $text{'edit_temppass'},
117 if ($user{'lastchange'} && $miniserv{'pass_maxdays'}) {
118 $daysold = int((time() - $user{'lastchange'})/(24*60*60));
119 if ($miniserv{'pass_lockdays'} &&
120 $daysold > $miniserv{'pass_lockdays'}) {
121 $expmsg = "<br>"."<font color=#ff0000>".
122 &text('edit_passlocked', $daysold)."</font>";
124 elsif ($daysold > $miniserv{'pass_maxdays'}) {
125 $expmsg = "<br>"."<font color=#ffaa00>".
126 &text('edit_passmax', $daysold)."</font>";
129 $expmsg = "<br>".&text('edit_passold', $daysold);
132 $expmsg = "<br>".$text{'edit_passtoday'};
135 $js = "onChange='form.pass.disabled = value != 0;'";
136 print &ui_table_row($text{'edit_pass'},
137 &ui_select("pass_def", $passmode, \@opts, 1, 0, 0, 0, $js)." ".
138 &ui_password("pass", undef, 25, $passmode != 0, undef,
140 ($lockbox || $tempbox ? "<br>" : "").$lockbox.$tempbox.$expmsg);
143 print &ui_table_row($text{'edit_real'},
144 &ui_textbox("real", $user{'real'}, 60));
148 print &ui_table_row($text{'edit_proto'},
149 $text{'edit_proto_'.$user{'proto'}});
152 print &ui_hidden_table_end("rights");
154 # Start of UI options section
155 $showui = $access{'chcert'} || $access{'lang'} ||
156 $access{'cats'} || $access{'theme'};
158 print &ui_hidden_table_start($text{'edit_ui'}, "width=100%", 2, "ui",
162 if ($access{'chcert'}) {
163 # SSL certificate name
164 print &ui_table_row($text{'edit_cert'},
165 &ui_opt_textbox("cert", $user{'cert'}, 50, $text{'edit_none'}));
168 if ($access{'lang'}) {
170 print &ui_table_row($text{'edit_lang'},
171 &ui_radio("lang_def", $user{'lang'} ? 0 : 1,
172 [ [ 1, $text{'default'} ],
173 [ 0, &ui_select("lang", $user{'lang'},
174 [ map { [ $_->{'lang'}, $_->{'desc'}." (".
175 uc($_->{'lang'}).")" ] }
176 &list_languages() ]) ]
180 if ($access{'cats'}) {
181 # Show categorized modules?
182 print &ui_table_row($text{'edit_notabs'},
183 &ui_radio("notabs", int($user{'notabs'}),
184 [ [ 1, $text{'yes'} ],
186 [ 0, $text{'default'} ] ]));
189 if ($access{'theme'}) {
190 @all = &webmin::list_themes();
191 @themes = grep { !$_->{'overlay'} } @all;
192 @overlays = grep { $_->{'overlay'} } @all;
196 push(@topts, [ "", $text{'edit_themedef'} ]);
197 foreach $t (@themes) {
198 push(@topts, [ $t->{'dir'}, $t->{'desc'} ]);
200 print &ui_table_row($text{'edit_theme'},
201 &ui_radio("theme_def", defined($user{'theme'}) ? 0 : 1,
202 [ [ 1, $text{'edit_themeglobal'} ],
203 [ 0, &ui_select("theme", $user{'theme'}, \@topts) ] ]));
206 if ($access{'theme'} && @overlays) {
207 # Overlay theme, if any
208 print &ui_table_row($text{'edit_overlay'},
209 &ui_radio("overlay_def", defined($user{'overlay'}) ? 0 : 1,
210 [ [ 1, $text{'edit_overlayglobal'} ],
211 [ 0, &ui_select("overlay", $user{'overlay'},
212 [ map { [ $_->{'dir'}, $_->{'desc'} ] } @overlays ]
217 print &ui_hidden_table_end("ui");
220 # Start of security options section
221 $showsecurity = $access{'logouttime'} || $access{'ips'} || $access{'minsize'} ||
222 &supports_rbac() && $access{'mode'} == 0 || $access{'times'};
224 print &ui_hidden_table_start($text{'edit_security'}, "width=100%", 2,
225 "security", 0, [ "width=30%" ]);
228 if ($access{'logouttime'}) {
230 print &ui_table_row($text{'edit_logout'},
231 &ui_opt_textbox("logouttime", $user{'logouttime'}, 5,
232 $text{'default'})." ".$text{'edit_mins'});
235 if ($access{'minsize'}) {
236 # Show minimum password length, for just this user
237 print &ui_table_row($text{'edit_minsize'},
238 &ui_opt_textbox("minsize", $user{'minsize'}, 5,
239 $text{'default'})." ".$text{'edit_chars'});
242 if ($access{'nochange'} && $miniserv{'pass_maxdays'}) {
243 # Opt out of forced password change, for this user
244 print &ui_table_row($text{'edit_nochange'},
245 &ui_radio("nochange", $user{'nochange'}, [ [ 0, $text{'yes'} ],
246 [ 1, $text{'no'} ] ]));
249 if ($access{'ips'}) {
250 # Allowed IP addresses
251 print &ui_table_row(&hlink("<b>$text{'edit_ips'}</b>", "ips"),
252 &ui_radio("ipmode", $user{'allow'} ? 1 :
253 $user{'deny'} ? 2 : 0,
254 [ [ 0, $text{'edit_all'}."<br>" ],
255 [ 1, $text{'edit_allow'}."<br>" ],
256 [ 2, $text{'edit_deny'}."<br>" ] ]).
258 join("\n", split(/\s+/, $user{'allow'} ? $user{'allow'}
263 if (&supports_rbac() && $access{'mode'} == 0) {
264 # Deny access to modules not managed by RBAC?
265 print &ui_table_row($text{'edit_rbacdeny'},
266 &ui_radio("rbacdeny", $user{'rbacdeny'} ? 1 : 0,
267 [ [ 0, $text{'edit_rbacdeny0'} ],
268 [ 1, $text{'edit_rbacdeny1'} ] ]));
271 if ($access{'times'}) {
272 # Show allowed days of the week
273 %days = map { $_, 1 } split(/,/, $user{'days'});
275 for(my $i=0; $i<7; $i++) {
276 $daysels .= &ui_checkbox("days", $i, $text{'day_'.$i},
279 print &ui_table_row($text{'edit_days'},
280 &ui_radio("days_def", $user{'days'} eq '' ? 1 : 0,
281 [ [ 1, $text{'edit_alldays'} ],
282 [ 0, $text{'edit_seldays'} ] ])."<br>".
285 # Show allow hour/minute range
286 ($hf, $mf) = split(/\./, $user{'hoursfrom'});
287 ($ht, $mt) = split(/\./, $user{'hoursto'});
288 print &ui_table_row($text{'edit_hours'},
289 &ui_radio("hours_def", $user{'hoursfrom'} eq '' ? 1 : 0,
290 [ [ 1, $text{'edit_allhours'} ],
291 [ 0, &text('edit_selhours',
292 &ui_textbox("hours_hfrom", $hf, 2),
293 &ui_textbox("hours_mfrom", $mf, 2),
294 &ui_textbox("hours_hto", $ht, 2),
295 &ui_textbox("hours_mto", $mt, 2)) ] ]));
298 print &ui_hidden_table_end("security");
300 # Work out which modules can be selected
301 @mcan = $access{'mode'} == 1 ? @{$me->{'modules'}} :
302 $access{'mode'} == 2 ? split(/\s+/, $access{'mods'}) :
304 map { $mcan{$_}++ } @mcan;
305 map { $has{$_}++ } @{$user{'modules'}};
306 map { $has{$_} = 0 } $group ? @{$group->{'modules'}} : ();
308 # Start of modules section
309 print &ui_hidden_table_start(@groups ? $text{'edit_modsg'} : $text{'edit_mods'},
310 "width=100%", 2, "mods");
312 # Show available modules, under categories
313 @mlist = grep { $access{'others'} || $has{$_->{'dir'}} || $mcan{$_->{'dir'}} }
314 &list_module_infos();
315 @links = ( &select_all_link("mod", 0, $text{'edit_selall'}),
316 &select_invert_link("mod", 0, $text{'edit_invert'}) );
317 @cats = &unique(map { $_->{'category'} } @mlist);
318 &read_file("$config_directory/webmin.catnames", \%catnames);
320 foreach $c (sort { $b cmp $a } @cats) {
321 @cmlist = grep { $_->{'category'} eq $c } @mlist;
322 $grids .= "<b>".($catnames{$c} || $text{'category_'.$c})."</b><br>\n";
325 foreach $m (@cmlist) {
326 local $md = $m->{'dir'};
327 $fromgroup = $memg && &indexof($md, @{$memg->{'modules'}}) >= 0;
328 if ($mcan{$md} && $fromgroup) {
329 # Module comes from group
330 push(@grid, (sprintf "<img src=images/%s.gif> %s\n",
331 $has{$md} ? 'tick' : 'empty', $m->{'desc'}).
332 ($has{$md} ? &ui_hidden("mod", $md) : ""));
336 if ($access{'acl'} && $in{'user'}) {
337 # Show link for editing ACL
338 $label = sprintf "<a href='edit_acl.cgi?".
339 "mod=%s&%s=%s'>%s</a>\n",
340 &urlize($m->{'dir'}),
341 "user", &urlize($in{'user'}),
345 # No privileges to edit ACL
346 $label = $m->{'desc'};
348 push(@grid, &ui_checkbox("mod", $md, $label,$has{$md}));
351 push(@grid, (sprintf "<img src=images/%s.gif> %s\n",
352 $has{$md} ? 'tick' : 'empty', $m->{'desc'}));
355 $grids .= &ui_grid_table(\@grid, 2, 100, [ "width=50%", "width=50%" ]);
358 print &ui_table_row(undef, &ui_links_row(\@links).
360 &ui_links_row(\@links), 2);
361 print &ui_hidden_table_end("mods");
363 # Add global ACL section, but only if not set from the group
364 $groupglobal = $memg && -r "$config_directory/$memg->{'name'}.acl";
365 if ($access{'acl'} && !$groupglobal && $in{'user'}) {
366 print &ui_hidden_table_start($text{'edit_global'}, "width=100%", 2,
367 "global", 0, [ "width=30%" ]);
368 %uaccess = &get_module_acl($in{'user'}, "", 1);
369 print &ui_hidden("acl_security_form", 1);
370 &foreign_require("", "acl_security.pl");
371 &foreign_call("", "acl_security_form", \%uaccess);
372 print &ui_hidden_table_end("global");
375 # Generate form end buttons
377 push(@buts, [ undef, $in{'user'} ? $text{'save'} : $text{'create'} ]);
379 if ($access{'create'} && !$group) {
380 push(@buts, [ "but_clone", $text{'edit_clone'} ]);
382 if (&foreign_available("webminlog")) {
383 push(@buts, [ "but_log", $text{'edit_log'} ]);
385 if ($access{'switch'} && $main::session_id) {
386 push(@buts, [ "but_switch", $text{'edit_switch'} ]);
388 if ($access{'delete'}) {
389 push(@buts, [ "but_delete", $text{'delete'} ]);
392 print &ui_form_end(\@buts);
394 &ui_print_footer("", $text{'index_return'});