3 # Create, update or delete a Webmin user
5 require './itsecur-lib.pl';
6 &foreign_require("acl", "acl-lib.pl");
7 &can_edit_error("users");
10 @users = &acl::list_users();
12 ($user) = grep { $_->{'name'} eq $in{'old'} } @users;
18 &acl::delete_user($user->{'name'});
21 # Validate and store inputs
22 &error_setup($text{'user_err'});
23 $in{'name'} || &error($text{'user_ename'});
24 $in{'name'} =~ /^[A-z0-9\-\_\.]+$/ ||
25 &error(&acl::text('save_ename', $in{'name'}));
26 $in{'name'} eq 'webmin' && &error($acl::text{'save_enamewebmin'});
27 if (!$in{'old'} || $in{'old'} ne $in{'name'}) {
28 foreach $u (@users, &acl::list_groups()) {
29 if ($u->{'name'} eq $in{'name'}) {
30 &error(&acl::text('save_edup', $in{'name'}));
34 $user->{'name'} = $in{'name'};
36 if (defined(&acl::encrypt_password)) {
37 $user->{'pass'} = &acl::encrypt_password($in{'pass'});
40 $salt = substr(time(), -8);
41 $user->{'pass'} = crypt($in{'pass'}, $salt);
44 $locked = ($user->{'pass'} =~ /^\*LK\*/);
45 if ($in{'enabled'} && $locked) {
46 $user->{'pass'} = substr($user->{'pass'}, 4);
48 elsif (!$in{'enabled'} && !$locked) {
49 $user->{'pass'} = "*LK*".$user->{'pass'};
52 # Validate and save IPs
54 @hosts = split(/\s+/, $in{"ips"});
55 if (!@hosts) { &error($acl::text{'save_enone'}); }
57 if ($h =~ /^([0-9\.]+)\/([0-9\.]+)$/) {
58 &check_ipaddress($1) ||
59 &error(&acl::text('save_enet', $1));
60 &check_ipaddress($2) ||
61 &error(&acl::text('save_emask', $2));
64 elsif ($h =~ /^[0-9\.]+$/) {
65 &check_ipaddress($h) ||
66 &error(&acl::text('save_eip', $h));
69 elsif ($h =~ /^\*\.(\S+)$/) {
72 elsif ($h eq 'LOCAL') {
75 elsif (!($i = join('.',unpack("CCCC",inet_aton($h))))) {
76 &error(&acl::text('save_ehost', $h));
81 delete($user->{'allow'});
82 delete($user->{'deny'});
83 if ($in{'ipmode'} == 1) {
84 $user->{'allow'} = join(" ", @ips);
86 elsif ($in{'ipmode'} == 2) {
87 $user->{'deny'} = join(" ", @ips);
92 $user->{'modules'} = [ split(/\0/, $in{'mods'}) ];
95 &acl::create_user($user);
99 &acl::modify_user($in{'old'}, $user);
103 require "./acl_security.pl";
104 %uaccess = &get_module_acl($in{'name'});
105 &acl_security_save(\%uaccess);
107 $uaccess{'noconfig'} = 1;
109 &save_module_acl(\%uaccess, $in{'name'});
111 &acl::restart_miniserv();
112 &unlock_itsecur_files();
113 &remote_webmin_log($in{'delete'} ? "delete" : $in{'new'} ? "create" : "update",
114 "user", $user->{'name'}, $user);
115 &redirect("list_users.cgi");