Added checkboxes and a button for deleting multiple directories accounts at once.
---- Changes since 1.340 ----
Removes the need for the htdigest command to be installed if the Digest::MD5 perl module is available.
+---- Changes since 1.380 ----
+Users can be limited to only editing users and groups (and not adding or changing protected directories) via a new Webmin access control option.
# Output HTML for editing security options for the htaccess module
sub acl_security_form
{
-print "<tr> <td nowrap><b>$text{'acl_user'}</b></td>\n";
-printf "<td><input type=radio name=user_def value=1 %s> %s\n",
- $_[0]->{'user'} eq "*" ? "checked" : "", $text{'acl_same'};
-printf "<input type=radio name=user_def value=0 %s>\n",
- $_[0]->{'user'} eq "*" ? "" : "checked";
-print &unix_user_input("user", $_[0]->{'user'} eq "*" ? "" : $_[0]->{'user'});
-print "</td> </tr>\n";
+# Write files as user
+print &ui_table_row($text{'acl_user'},
+ &ui_radio("user_def", $_[0]->{'user'} eq "*" ? 1 : 0,
+ [ [ 1, $text{'acl_same'} ],
+ [ 0, &unix_user_input("user",
+ $_[0]->{'user'} eq "*" ? "" : $_[0]->{'user'}) ] ]), 3);
-print "<tr> <td valign=top><b>$text{'acl_dirs'}</b></td>\n";
-print "<td><textarea name=dirs rows=5 cols=50>",
- join("\n", split(/\t+/, $_[0]->{'dirs'})),
- "</textarea><br>\n";
-printf "<input type=checkbox name=home value=1 %s> %s</td> </tr>\n",
- $_[0]->{'home'} ? "checked" : "", $text{'acl_home'};
+# Allowed directories
+print &ui_table_row($text{'acl_dirs'},
+ &ui_textarea("dirs", join("\n", split(/\t+/, $_[0]->{'dirs'})),
+ 5, 60)."<br>".
+ &ui_checkbox("home", 1, $text{'acl_home'}, $_[0]->{'home'}), 3);
-print "<tr> <td><b>$text{'acl_sync'}</b></td> <td>\n";
-printf "<input type=radio name=sync value=1 %s> $text{'yes'}\n",
- $_[0]->{'sync'} ? 'checked' : '';
-printf "<input type=radio name=sync value=0 %s> $text{'no'}</td> </tr>\n",
- $_[0]->{'sync'} ? '' : 'checked';
+# Allow sync setup
+print &ui_table_row($text{'acl_sync'},
+ &ui_yesno_radio("sync", $_[0]->{'sync'}));
+
+# Limit to user/group editing
+print &ui_table_row($text{'acl_uonly'},
+ &ui_radio("uonly", $_[0]->{'uonly'},
+ [ [ 0, $text{'yes'} ], [ 1, $text{'no'} ] ]));
}
# acl_security_save(&options)
$_[0]->{'dirs'} = join("\t", split(/\n/, $in{'dirs'}));
$_[0]->{'home'} = $in{'home'};
$_[0]->{'sync'} = $in{'sync'};
+$_[0]->{'uonly'} = $in{'uonly'};
}
user=root
dirs=/
sync=1
+uonly=0
&foreign_require($apachemod, "apache-lib.pl");
&ReadParse();
&error_setup($text{'delete_err'});
+$can_create || &error($text{'dir_ecannotcreate'});
@d = split(/\0/, $in{'d'});
@d || &error($text{'delete_enone'});
require './htaccess-lib.pl';
&foreign_require($apachemod, "apache-lib.pl");
&ReadParse();
+$can_create || &error($text{'dir_ecannotcreate'});
if ($in{'new'}) {
&ui_print_header(undef, $text{'dir_title1'}, "");
}
$apachemod = "htaccess";
$can_htpasswd = $config{'can_htpasswd'};
$can_htgroups = $config{'can_htgroups'};
+ $can_create = 1;
}
else {
# Allowed directories come from ACL
$can_htgroups = 1;
$default_dir = $accessdirs[0];
$can_sync = $access{'sync'};
+ $can_create = !$access{'uonly'};
}
# list_directories([even-if-missing])
@dirs = &list_directories();
@dirs = grep { &can_access_dir($_->[0]) } @dirs;
if (@dirs) {
- print &ui_form_start("delete.cgi", "post");
- @tds = ( "width=5", "width=30% valign=top", "width=70% valign=top" );
- print &ui_links_row(\@links);
- print &ui_columns_start([ "", $text{'index_dir'},
+ @tds = ( "width=30% valign=top", "width=70% valign=top" );
+ if ($can_create) {
+ print &ui_form_start("delete.cgi", "post");
+ @tds = ( "width=5", @tds );
+ print &ui_links_row(\@links);
+ }
+ print &ui_columns_start([ $can_create ? ( "" ) : ( ),
+ $text{'index_dir'},
$text{'index_usersgroups'} ], 100, 0, \@tds);
foreach $d (@dirs) {
local @cols;
- push(@cols, "<a href='edit_dir.cgi?dir=".
- &urlize($d->[0])."'>$d->[0]</a>");
+ if ($can_create) {
+ push(@cols, "<a href='edit_dir.cgi?dir=".
+ &urlize($d->[0])."'>$d->[0]</a>");
+ }
+ else {
+ push(@cols, $d->[0]);
+ }
# Show the users
$utable = "<table width=100%>\n";
&urlize($d->[0])."'>$text{'index_gadd'}</a>\n";
}
push(@cols, $utable);
- print &ui_checked_columns_row(\@cols, \@tds, "d", $d->[0]);
+ if ($can_create) {
+ print &ui_checked_columns_row(\@cols, \@tds,
+ "d", $d->[0]);
+ }
+ else {
+ print &ui_columns_row(\@cols, \@tds);
+ }
}
print &ui_columns_end();
- print &ui_links_row(\@links);
- print &ui_form_end([ [ "delete", $text{'index_delete'} ] ]);
+ if ($can_create) {
+ print &ui_links_row(\@links);
+ print &ui_form_end([ [ "delete", $text{'index_delete'} ] ]);
+ }
}
else {
print "<b>$text{'index_none'}</b><p>\n";
}
# Form to find existing .htaccess files
-print "<hr>\n";
-print "<form action=search.cgi>\n";
-print "<input type=submit value='$text{'index_search'}'>\n";
-printf "<input name=search size=30 value='%s'> %s<br>\n",
- $accessdirs[0] eq "/" ? "" : $accessdirs[0],
- &file_chooser_button("search", 1);
-print "</form>\n";
+if ($can_create) {
+ print "<hr>\n";
+ print &ui_form_start("search.cgi");
+ print &ui_submit($text{'index_search'}),"\n";
+ print &ui_textbox("search", $accessdirs[0] eq "/" ? "" : $accessdirs[0],
+ 40)." ".&file_chooser_button("search", 1)."<br>\n";
+ print &ui_form_end();
+ }
&ui_print_footer("/", $text{'index'});
dir_eclash=This directory is already protected
dir_edir=Missing or invalid directory
dir_ecannot=You are not allowed to protect this directory
+dir_ecannotcreate=You are not allow to configure which directories are protected
dir_efile=Missing or invalid users filename
dir_ehtaccess=Failed to create Apache options file $1 : $2
dir_ehtpasswd=Failed to create users file $1 : $2
acl_same=Same as Webmin login
acl_home=Include Unix user's home directory?
acl_sync=Can setup Unix user synchronization?
+acl_uonly=Can add and change protected directories?
log_create_dir=Added directory $1
log_modify_dir=Modified directory $1
require './htaccess-lib.pl';
&ReadParse();
+$can_create || &error($text{'dir_ecannotcreate'});
@dirs = &list_directories();
&error_setup($text{'dir_err'});
&foreign_require($apachemod, "apache-lib.pl");