3 # Save the ACL for a module for a user or group
5 require './cluster-webmin-lib.pl';
7 $who = $in{'_acl_user'} ? $in{'_acl_user'} : $in{'_acl_group'};
9 # Validate and parse inputs
10 &error_setup($text{'acl_err'});
11 $maccess{'noconfig'} = $in{'noconfig'};
12 if (-r "../$in{'_acl_mod'}/acl_security.pl") {
13 &foreign_require($in{'_acl_mod'}, "acl_security.pl");
14 &foreign_call($in{'_acl_mod'}, "acl_security_save", \%maccess, \%in);
17 # Setup error handler for down hosts
20 $user_error_msg = join("", @_);
22 &remote_error_setup(\&user_error);
24 # Write out on all hosts, or just one host
25 &ui_print_header(undef, $text{'acl_title'}, "");
26 @allhosts = &list_webmin_hosts();
27 @servers = &list_servers();
29 # Doing on all hosts that the user has the module on
30 foreach $h (@allhosts) {
32 if ($in{'_acl_user'}) {
33 ($w) = grep { $_->{'name'} eq $in{'_acl_user'} }
37 ($w) = grep { $_->{'name'} eq $in{'_acl_group'} }
42 foreach $g (@{$h->{'groups'}}) {
43 map { $ingroup{$_}++ } @{$g->{'members'}};
45 local @m = $ingroup{$w->{'name'}} ? @{$w->{'ownmods'}}
47 push(@hosts, $h) if (&indexof($in{'_acl_mod'}, @m) >= 0 ||
50 print "<b>",&text('acl_doing', $who),"</b><p>\n";
53 # Doing on just one host
54 @hosts = grep { $_->{'id'} == $in{'_acl_host'} } @allhosts;
55 local ($s) = grep { $_->{'id'} == $hosts[0]->{'id'} } @servers;
56 print "<b>",&text('acl_doing2', $who, &server_name($s)),"</b><p>\n";
60 local ($s) = grep { $_->{'id'} == $h->{'id'} } @servers;
61 local ($rh = "READ$p", $wh = "WRITE$p");
65 &remote_foreign_require($s->{'host'}, "acl", "acl-lib.pl");
66 if ($user_error_msg) {
68 print $wh &serialise_variable([ 0, $user_error_msg ]);
73 local $cd = &remote_eval($s->{'host'}, "acl",
75 $sfx = $in{'_acl_user'} ? "acl" : "gacl";
76 &remote_foreign_call($s->{'host'}, "acl", "write_file",
77 "$cd/$in{'_acl_mod'}/$who.$sfx", \%maccess);
79 # Recursively update the ACL for all member users and groups
80 if ($in{'_acl_group'}) {
81 local ($group) = grep { $_->{'name'} eq $in{'_acl_group'} }
83 &remote_foreign_call($s->{'host'}, "acl", "set_acl_files",
84 $h->{'users'}, $h->{'groups'}, $in{'_acl_mod'},
85 $group->{'members'}, \%maccess);
88 print $wh &serialise_variable([ 1 ]);
95 # Read back the results
98 local ($s) = grep { $_->{'id'} == $h->{'id'} } @servers;
99 local $d = &server_name($s);
100 local $rh = "READ$p";
102 local $rv = &unserialise_variable($line);
105 if ($rv && $rv->[0] == 1) {
107 print &text('acl_success', $d),"<br>\n";
110 # Something went wrong
111 print &text('acl_failed', $d, $rv->[1]),"<br>\n";
116 print "<p><b>$text{'acl_done'}</b><p>\n";
119 &ui_print_footer("", $text{'index_return'},
120 $in{'_acl_user'} ? ( "edit_user.cgi?user=$in{'_acl_user'}&host=$in{'_acl_host'}", $text{'user_return'} ) : ( "edit_group.cgi?group=$in{'_acl_group'}&host=$in{'_acl_host'}", $text{'group_return'} ));