2 # Create, update or delete one RBAC profile
4 require './rbac-lib.pl';
6 $access{'profs'} == 1 || &error($text{'profs_ecannot'});
7 &error_setup($text{'prof_err'});
10 $profs = &list_prof_attrs();
12 $prof = $profs->[$in{'idx'}];
13 $logname = $prof->{'name'};
16 $prof = { 'attr' => { } };
17 $logname = $in{'name'};
21 # Find users of this profile
22 $users = &list_user_attrs();
23 foreach $u (@$users) {
25 split(/,/, $u->{'attr'}->{'profiles'});
26 $idx = &indexof($logname, @profiles);
28 push(@profusers, [ $u, $idx, \@profiles ]);
31 foreach $p (@$profs) {
33 split(/,/, $p->{'attr'}->{'profs'});
34 $idx = &indexof($logname, @profiles);
36 push(@profprofs, [ $p, $idx, \@profiles ]);
39 $execs = &list_exec_attrs();
40 foreach $e (@$execs) {
41 if ($e->{'name'} eq $logname) {
42 push(@profexecs, [ $e ]);
48 # Just delete this prof
49 @profusers && &error(&text('prof_einuseu',
50 $profusers[0]->[0]->{'user'}));
51 @profprofs && &error(&text('prof_einusep',
52 $profprofs[0]->[0]->{'name'}));
53 @profexecs && &error(&text('prof_einusee', scalar(@profexecs)));
54 &delete_prof_attr($prof);
58 if ($in{'new'} || $logname ne $in{'name'}) {
59 ($clash) = grep { $_->{'name'} eq $in{'name'} } @$profs;
60 $clash && &error($text{'prof_eclash'});
63 # Validate and store inputs
64 $in{'name'} =~ /^[^:,]+$/ || &error($text{'prof_ename'});
65 $prof->{'name'} = $in{'name'};
66 $in{'desc'} =~ /^[^:]*$/ || &error($text{'prof_edesc'});
67 $prof->{'desc'} = $in{'desc'};
68 $profiles = &profiles_parse("profiles");
70 @profiles = split(/,/, $profiles);
71 &indexof($in{'name'}, @profiles) < 0 ||
72 &error($text{'prof_esub'});
73 $prof->{'attr'}->{'profs'} = $profiles;
76 delete($prof->{'attr'}->{'profs'});
78 $auths = &auths_parse("auths");
80 $prof->{'attr'}->{'auths'} = $auths;
83 delete($prof->{'attr'}->{'auths'});
86 # Save or update profile
88 &create_prof_attr($prof);
91 &modify_prof_attr($prof);
93 # Update other users of this profile, if renamed
94 if ($logname ne $in{'name'}) {
95 foreach $pu (@profusers) {
96 $pu->[2]->[$pu->[1]] = $in{'name'};
97 $pu->[0]->{'attr'}->{'profiles'} =
98 join(",", @{$pu->[2]});
99 &modify_user_attr($pu->[0]);
101 foreach $pp (@profprofs) {
102 $pp->[2]->[$pp->[1]] = $in{'name'};
103 $pp->[0]->{'attr'}->{'profiles'} =
104 join(",", @{$pp->[2]});
105 &modify_prof_attr($pp->[0]);
107 foreach $pe (@profexecs) {
108 $pe->[0]->{'name'} = $in{'name'};
109 &modify_exec_attr($pe->[0]);
115 &unlock_rbac_files();
116 &webmin_log($in{'delete'} ? "delete" : $in{'new'} ? "create" : "modify",
117 "prof", $logname, $prof);
118 &redirect("list_profs.cgi");