/[smecontribs]/rpms/smeserver-kronolith/contribs7/smeserver-kronolith-1.1-usermanager.patch
ViewVC logotype

Annotation of /rpms/smeserver-kronolith/contribs7/smeserver-kronolith-1.1-usermanager.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.2 - (hide annotations) (download)
Thu Jun 26 18:09:38 2008 UTC (16 years, 5 months ago) by slords
Branch: MAIN
CVS Tags: HEAD
Changes since 1.1: +0 -0 lines
FILE REMOVED
* Sun Jun 22 2008 John H. Bennett III <bennettj@johnbennettservices.com> 2.2-1
- Initial production build
- Jump in package name to reflect new version of kronolith

1 slords 1.1 diff -Nur -x '*.orig' -x '*.rej' smeserver-kronolith-1.1.sme/createlinks smeserver-kronolith-1.1/createlinks
2     --- smeserver-kronolith-1.1.sme/createlinks 2006-11-09 21:37:18.000000000 -0700
3     +++ smeserver-kronolith-1.1/createlinks 2008-04-01 09:38:16.000000000 -0600
4     @@ -28,22 +28,5 @@
5     qw(post-upgrade));
6     }
7    
8     -sub panel_link
9     -{
10     - my ($function, $panel) = @_;
11     -
12     - my $cgibin = "root/etc/e-smith/web/panels/$panel/cgi-bin";
13     -
14     - safe_symlink("../../../functions/$function",
15     - "$cgibin/$function")
16     -}
17     -
18     -#--------------------------------------------------
19     -# functions for manager panel
20     -#--------------------------------------------------
21     -my $panel = "manager";
22     -
23     -panel_link("advuseraccounts", $panel);
24     -
25     event_link("adv-ldap-update", "user-create", "27");
26     event_link("adv-ldap-update", "user-modify", "27");
27     diff -Nur -x '*.orig' -x '*.rej' smeserver-kronolith-1.1.sme/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/advuseraccounts smeserver-kronolith-1.1/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/advuseraccounts
28     --- smeserver-kronolith-1.1.sme/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/advuseraccounts 2008-04-01 09:33:48.000000000 -0600
29     +++ smeserver-kronolith-1.1/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/advuseraccounts 1969-12-31 17:00:00.000000000 -0700
30     @@ -1,446 +0,0 @@
31     -<!-- vim: ft=xml ts=8 sw=4 et
32     --->
33     -<lexicon lang="en-us">
34     - <entry>
35     - <base>FORM_TITLE</base>
36     - <trans>Create, modify, or remove user accounts</trans>
37     - </entry>
38     - <entry>
39     - <base>FIRSTPAGE_DESC</base>
40     - <trans>
41     - <![CDATA[
42     - <p>
43     - <a class="button-like"
44     - href="advuseraccounts?page=1&page_stack=&Next=Next">Add
45     - user account</a>
46     - </p>
47     - <p>
48     - You can modify, lock or remove any account or reset the
49     - account's password by clicking on the
50     - corresponding command next to the account.
51     - </p>
52     - <p>
53     - If the account is marked as locked, that means that the
54     - user's password needs to be reset. Please note
55     - that newly created accounts are automatically locked until
56     - the password is changed.
57     - </p>
58     - ]]>
59     - </trans>
60     - </entry>
61     - <entry>
62     - <base>P2_TITLE</base>
63     - <trans>Create or modify</trans>
64     - </entry>
65     - <entry>
66     - <base>CREATE_MODIFY_DESC</base>
67     - <trans>
68     - <![CDATA[
69     - <p>
70     - The account name should contain only lower-case
71     - letters, numbers, hyphens, periods, underscores and should start with a
72     - lower-case letter. For example "betty",
73     - "hjohnson", and "mary-jane" are all valid account names,
74     - but "3friends", "John Smith", and "henry_miller" are not.
75     - </p>
76     - <p>
77     - Note that two special pseudonyms will be created for each
78     - new account. These pseudonyms provide the ability to have
79     - alternative mail accounts for that
80     - user which include their first name and last name
81     - separated with a period (.) and underscore (_). So, for
82     - the account "betty" with first name "Betty" and
83     - last name "Rubble" two pseudonyms are created as
84     - betty.rubble and betty_rubble.
85     - </p>
86     - <p>
87     - The directory information (department, company, etc.)
88     - can be changed from the defaults shown below. The
89     - changes will apply only to this user.
90     - </p>
91     - <p>
92     - The Calendar Free/Busy URL needs to be in the following format:<br>
93     - https://www.<b>domain.com</b>/horde/kronolith/fb.php?u=<b>user%40domain.com.&nbsp;&nbsp;Note:</b>
94     - %40 translates to the @ character.<br>
95     - </p>
96     - ]]>
97     - </trans>
98     - </entry>
99     - <entry>
100     - <base>MODIFY_ADMIN_TITLE</base>
101     - <trans>Modify the admin account</trans>
102     - </entry>
103     - <entry>
104     - <base>MAX_USERS_EXCEEDED</base>
105     - <trans>ERROR: Unable to add user account. You have reached the
106     - maximum number of users for which you have licenses. You
107     - need to either delete an existing user account or contact
108     - your authorized reseller to purchase
109     - additional user licenses.
110     - </trans>
111     - </entry>
112     - <entry>
113     - <base>USER_CREATED</base>
114     - <trans>Successfully created user account. </trans>
115     - </entry>
116     - <entry>
117     - <base>USER_MODIFIED</base>
118     - <trans>Successfully modified user account. </trans>
119     - </entry>
120     - <entry>
121     - <base>CANNOT_MODIFY_USER</base>
122     - <trans>Error: an internal error occurred while attempting to modify
123     - the user "{$acctName}".
124     - </trans>
125     - </entry>
126     - <entry>
127     - <base>CANNOT_MODIFY_USER_GROUPS</base>
128     - <trans>Error: an internal error occurred while attempting to modify
129     - the group "{$group}" for user "{$acctName}".
130     - </trans>
131     - </entry>
132     - <entry>
133     - <base>TAINTED_USER</base>
134     - <trans>The account name "{$acctName}" contains invalid characters.</trans>
135     - </entry>
136     - <entry>
137     - <base>ACCOUNT_NAME</base>
138     - <trans>Account name</trans>
139     - </entry>
140     - <entry>
141     - <base>ACTION</base>
142     - <trans>Action</trans>
143     - </entry>
144     - <entry>
145     - <base>FIRSTNAME</base>
146     - <trans>First name</trans>
147     - </entry>
148     - <entry>
149     - <base>LASTNAME</base>
150     - <trans>Last name</trans>
151     - </entry>
152     - <entry>
153     - <base>DEPARTMENT</base>
154     - <trans>Department</trans>
155     - </entry>
156     - <entry>
157     - <base>COMPANY</base>
158     - <trans>Company</trans>
159     - </entry>
160     - <entry>
161     - <base>STREET_ADDRESS</base>
162     - <trans>Street address</trans>
163     - </entry>
164     - <entry>
165     - <base>DEPARTMENT</base>
166     - <trans>Department</trans>
167     - </entry>
168     - <entry>
169     - <base>CITY</base>
170     - <trans>City</trans>
171     - </entry>
172     - <entry>
173     - <base>PHONE_NUMBER</base>
174     - <trans>Phone number</trans>
175     - </entry>
176     - <entry>
177     - <base>EMAIL_DELIVERY</base>
178     - <trans>Email delivery</trans>
179     - </entry>
180     - <entry>
181     - <base>DELIVER_EMAIL_LOCALLY</base>
182     - <trans>Deliver email locally</trans>
183     - </entry>
184     - <entry>
185     - <base>FORWARD_EMAIL</base>
186     - <trans>Forward email to address below</trans>
187     - </entry>
188     - <entry>
189     - <base>DELIVER_AND_FORWARD</base>
190     - <trans>Both deliver locally and forward</trans>
191     - </entry>
192     - <entry>
193     - <base>FORWARDING_ADDRESS</base>
194     - <trans>Forwarding address</trans>
195     - </entry>
196     - <entry>
197     - <base>FREEBUSY_URL</base>
198     - <trans>Calendar Free/Busy URL</trans>
199     - </entry>
200     - <entry>
201     - <base>GROUP_MEMBERSHIPS</base>
202     - <trans>Group memberships</trans>
203     - </entry>
204     - <entry>
205     - <base>ACCOUNT</base>
206     - <trans>Account</trans>
207     - </entry>
208     - <entry>
209     - <base>USER_NAME</base>
210     - <trans>User name</trans>
211     - </entry>
212     - <entry>
213     - <base>SAVE</base>
214     - <trans>Save</trans>
215     - </entry>
216     - <entry>
217     - <base>ADD</base>
218     - <trans>Add</trans>
219     - </entry>
220     -
221     - <entry>
222     - <base>PASSWORD1</base>
223     - <trans>New password</trans>
224     - </entry>
225     - <entry>
226     - <base>PASSWORD2</base>
227     - <trans>New password (verify)</trans>
228     - </entry>
229     - <entry>
230     - <base>PASSWORD_VERIFY_ERROR</base>
231     - <trans>The passwords you entered did not match.</trans>
232     - </entry>
233     - <entry>
234     - <base>RESET_DESC</base>
235     - <trans>You are about to change the password for the user account</trans>
236     - </entry>
237     - <entry>
238     - <base>RESET_DESC2</base>
239     - <trans>Enter the new password in the fields below</trans>
240     - </entry>
241     - <entry>
242     - <base>RESET_PASSWORD_TITLE</base>
243     - <trans>Reset user password</trans>
244     - </entry>
245     - <entry>
246     - <base>ERR_OCCURRED_MODIFYING_PASSWORD</base>
247     - <trans>An error occurred while updating the password</trans>
248     - </entry>
249     - <entry>
250     - <base>PASSWORD_CHANGE_SUCCEEDED</base>
251     - <trans>Successfully changed password for user "{$acctName}".</trans>
252     - </entry>
253     - <entry>
254     - <base>LOCK_DESC</base>
255     - <trans>You are about to lock the user account</trans>
256     - </entry>
257     - <entry>
258     - <base>LOCKED_ACCOUNT</base>
259     - <trans>Successfully locked account for user "{$acctName}".</trans>
260     - </entry>
261     - <entry>
262     - <base>NO_SUCH_USER</base>
263     - <trans>Error: the user account "{$acctName}" does not exist.</trans>
264     - </entry>
265     - <entry>
266     - <base>PSEUDONYM_CLASH</base>
267     - <trans>Error: the pseudonym "{$pseudonym}" is already taken by the
268     - existing user account "{$clashName}". To differentiate, add
269     - initials to this field."</trans>
270     - </entry>
271     - <entry>
272     - <base>MODIFY</base>
273     - <trans>Modify</trans>
274     - </entry>
275     - <entry>
276     - <base>RESET_PASSWORD</base>
277     - <trans>Reset password</trans>
278     - </entry>
279     - <entry>
280     - <base>LOCK_ACCOUNT</base>
281     - <trans>Lock account</trans>
282     - </entry>
283     - <entry>
284     - <base>REMOVE</base>
285     - <trans>Remove</trans>
286     - </entry>
287     - <entry>
288     - <base>LOCK_ACCOUNT_TITLE</base>
289     - <trans>Lock user account</trans>
290     - </entry>
291     - <entry>
292     - <base>LOCK_DESC2</base>
293     - <trans>
294     - <![CDATA[
295     - This user account will be locked. This means that this user
296     - will not be able to log in, and will not be able
297     - to collect e-mail. Any e-mail arriving will still be stored
298     - and/or forwarded to an external e-mail address,
299     - as configured. The account may be activated in the future by
300     - setting a new password. The current
301     - password will not be retained.
302     - </p>
303     - <p>
304     - <b>Are you sure you wish to lock this account?</b>
305     - ]]>
306     - </trans>
307     - </entry>
308     - <entry>
309     - <base>REMOVE_ACCOUNT_TITLE</base>
310     - <trans>Remove user account</trans>
311     - </entry>
312     - <entry>
313     - <base>REMOVE_DESC</base>
314     - <trans>You are about to remove the user account</trans>
315     - </entry>
316     - <entry>
317     - <base>REMOVE_DESC2</base>
318     - <trans>
319     - <![CDATA[
320     - All files belonging to this user account will be deleted.
321     - Also, any e-mail for this user account still
322     - remaining on the server (i.e. that has not yet been
323     - retrieved by the user) will be discarded.
324     - </p>
325     - <p>
326     - <b>Are you sure you wish to remove this account?</b>
327     - ]]>
328     - </trans>
329     - </entry>
330     - <entry>
331     - <base>LOCK</base>
332     - <trans>Lock</trans>
333     - </entry>
334     - <entry>
335     - <base>NO_USER_ACCOUNTS</base>
336     - <trans>There are no user accounts on this system.</trans>
337     - </entry>
338     - <entry>
339     - <base>ACCOUNT_IS_LOCKED</base>
340     - <trans>Account is locked</trans>
341     - </entry>
342     - <entry>
343     - <base>Collaboration</base>
344     - <trans>Collaboration</trans>
345     - </entry>
346     - <entry>
347     - <base>Users</base>
348     - <trans>Users</trans>
349     - </entry>
350     - <entry>
351     - <base>ACCT_NAME_HAS_INVALID_CHARS</base>
352     - <trans>The account name "{$acctName}" contains invalid characters.
353     - Account names must start with a lower case letter and contain
354     - only lower case letters, numbers, hyphens, periods and underscores.
355     - </trans>
356     - </entry>
357     - <entry>
358     - <base>ACCOUNT_TOO_LONG</base>
359     - <trans>Error: account name is too long. The maximum is {$maxLength}
360     - characters.
361     - </trans>
362     - </entry>
363     - <entry>
364     - <base>ACCOUNT_CONFLICT</base>
365     - <trans>Error: the account "{$account}" can't be created because
366     - there is already a {$type} account of that name.</trans>
367     - </entry>
368     - <entry>
369     - <base>ERR_OCCURRED_CREATING</base>
370     - <trans>An error occurred creating the user.</trans>
371     - </entry>
372     - <entry>
373     - <base>CANNOT_CONTAIN_WHITESPACE</base>
374     - <trans>This field cannot contain white-space</trans>
375     - </entry>
376     - <entry>
377     - <base>UNACCEPTABLE_CHARS</base>
378     - <trans>
379     - This field must contain only letters, numbers, dots, hypens and
380     - underscores and start with a letter
381     - </trans>
382     - </entry>
383     - <entry>
384     - <base>MEMBER</base>
385     - <trans>Member?</trans>
386     - </entry>
387     - <entry>
388     - <base>GROUP</base>
389     - <trans>Group</trans>
390     - </entry>
391     - <entry>
392     - <base>DESCRIPTION</base>
393     - <trans>Description</trans>
394     - </entry>
395     - <entry>
396     - <base>VPN_CLIENT_ACCESS</base>
397     - <trans>VPN Client Access</trans>
398     - </entry>
399     - <entry>
400     - <base>YES</base>
401     - <trans>Yes</trans>
402     - </entry>
403     - <entry>
404     - <base>NO</base>
405     - <trans>No</trans>
406     - </entry>
407     -
408     - <entry>
409     - <base>SYSTEM_PASSWORD_FORM_TITLE</base>
410     - <trans>Change system password</trans>
411     - </entry>
412     - <entry>
413     - <base>SYSTEM_PASSWORD_DESCRIPTION</base>
414     - <trans>
415     - <![CDATA[
416     - Certain services on this server installation require a
417     - username and password (for example this web page for the server manager
418     - application). The username is always admin. You can change the system
419     - password using the fields below.
420     - ]]>
421     - </trans>
422     - </entry>
423     - <entry>
424     - <base>SYSTEM_PASSWORD_UNPRINTABLES_IN_PASS</base>
425     - <trans>Password must contain only printable characters</trans>
426     - </entry>
427     - <entry>
428     - <base>SYSTEM_PASSWORD_VERIFY_ERROR</base>
429     - <trans>The two passwords are not identical.</trans>
430     - </entry>
431     - <entry>
432     - <base>SYSTEM_PASSWORD_AUTH_ERROR</base>
433     - <trans>The current password is incorrect.</trans>
434     - </entry>
435     - <entry>
436     - <base>SYSTEM_PASSWORD_CHANGED</base>
437     - <trans>
438     - <![CDATA[
439     - The system password has been changed.
440     - Since this manager application is password protected, you will
441     - <b>immediately</b>
442     - be prompted for the new system password if you try to continue.
443     - ]]>
444     - </trans>
445     - </entry>
446     - <entry>
447     - <base>SYSTEM_PASSWORD_CHANGE_SUCCEEDED</base>
448     - <trans>Thse system password has been changed</trans>
449     - </entry>
450     - <entry>
451     - <base>CURRENT_SYSTEM_PASSWORD</base>
452     - <trans>Current system password</trans>
453     - </entry>
454     - <entry>
455     - <base>NEW_SYSTEM_PASSWORD</base>
456     - <trans>New system password</trans>
457     - </entry>
458     - <entry>
459     - <base>NEW_SYSTEM_PASSWORD_VERIFY</base>
460     - <trans>New system password (verify)</trans>
461     - </entry>
462     - <entry>
463     - <base>LABEL_IPSECRW_DOWNLOAD</base>
464     - <trans>Download digital certificate to IPSec client</trans>
465     - </entry>
466     - <entry>
467     - <base>BUTTON_IPSECRW_DOWNLOAD</base>
468     - <trans>Download</trans>
469     - </entry>
470     - <entry>
471     - <base>ERR_OCCURRED_DELETING</base>
472     - <trans>
473     - An error occurred while trying to delete the user.
474     - </trans>
475     - </entry>
476     -</lexicon>
477     diff -Nur -x '*.orig' -x '*.rej' smeserver-kronolith-1.1.sme/root/etc/e-smith/web/functions/advuseraccounts smeserver-kronolith-1.1/root/etc/e-smith/web/functions/advuseraccounts
478     --- smeserver-kronolith-1.1.sme/root/etc/e-smith/web/functions/advuseraccounts 2006-09-14 21:13:05.000000000 -0600
479     +++ smeserver-kronolith-1.1/root/etc/e-smith/web/functions/advuseraccounts 1969-12-31 17:00:00.000000000 -0700
480     @@ -1,284 +0,0 @@
481     -#!/usr/bin/perl -wT
482     -
483     -# vim: ft=xml ts=4 sw=4 et:
484     -#----------------------------------------------------------------------
485     -# heading : Collaboration
486     -# description : Advanced User Management
487     -# navigation : 2000 2105
488     -#----------------------------------------------------------------------
489     -#----------------------------------------------------------------------
490     -# copyright (C) 2002 Mitel Networks Corporation
491     -#
492     -# This program is free software; you can redistribute it and/or modify
493     -# it under the terms of the GNU General Public License as published by
494     -# the Free Software Foundation; either version 2 of the License, or
495     -# (at your option) any later version.
496     -#
497     -# This program is distributed in the hope that it will be useful,
498     -# but WITHOUT ANY WARRANTY; without even the implied warranty of
499     -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
500     -# GNU General Public License for more details.
501     -#
502     -# You should have received a copy of the GNU General Public License
503     -# along with this program; if not, write to the Free Software
504     -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
505     -#
506     -# Technical support for this program is available from Mitel Networks
507     -# Please visit our web site www.mitel.com/sme/ for details.
508     -#----------------------------------------------------------------------
509     -
510     -use strict;
511     -use esmith::TestUtils;
512     -use esmith::FormMagick::Panel::advuseraccounts;
513     -
514     -my $fm = esmith::FormMagick::Panel::advuseraccounts->new();
515     -
516     -# XXX: need to print custom http headers, so bypass FormMagick
517     -use CGI;
518     -my $q = new CGI;
519     -if ($q->param('action') && $q->param('action') eq 'getCert')
520     -{
521     - $q->delete('action');
522     - $fm->get_ipsec_client_cert($q);
523     -}
524     -else
525     -{
526     - $fm->display();
527     -}
528     -
529     -=pod
530     -
531     -=head1 NAME
532     -
533     -advuseraccounts -- create/modify/delete user accounts
534     -
535     -=head2 DESCRIPTION
536     -
537     -This screen allows the administrator to create, modify or delete user
538     -accounts on the system.
539     -
540     -=begin testing
541     -
542     -use esmith::FormMagick::Tester;
543     -use esmith::TestUtils;
544     -use esmith::ConfigDB;
545     -use esmith::AccountsDB;
546     -
547     -my $panel = $Original_File;
548     -my $ua = esmith::FormMagick::Tester->new();
549     -
550     -my $c = esmith::ConfigDB->open();
551     -my $a = esmith::AccountsDB->open();
552     -
553     -is (mode($panel), '4755', "Check permissions on script");
554     -ok ($ua->get_panel($panel), "ABOUT TO RUN L10N TESTS");
555     -is ($ua->{status}, 200, "200 OK");
556     -like($ua->{content}, qr/FORM_TITLE/, "Saw untranslated form title");
557     -ok ($ua->set_language("en-us"), "Set language to U.S. English");
558     -ok ($ua->get_panel($panel), "Get panel");
559     -is ($ua->{status}, 200, "200 OK");
560     -like($ua->{content}, qr/User accounts/, "Saw translated form title");
561     -
562     -
563     -#
564     -# Testing creating users
565     -#
566     -
567     -ok ($ua->get_panel($panel), "ABOUT TO TEST CREATING USER");
568     -ok ($ua->follow("Click here"), "Follow 'create user' link");
569     -is ($ua->{status}, 200, "200 OK");
570     -like($ua->{content}, qr/Account name/, "Saw form fields");
571     -
572     -#
573     -# Check that address details are picked up from LDAP
574     -#
575     -
576     -my $ldap_record = $c->get('ldap');
577     -my $city = $ldap_record->prop('DefaultCity');
578     -
579     -like($ua->{content}, qr/$city/, "Pick up address from LDAP");
580     -
581     -#
582     -# Creating a new user
583     -#
584     -
585     -my $new_username = new_random_username();
586     -
587     -can_ok($ua, "field");
588     -ok ($ua->{form}->find_input('acctName'),
589     - "Find acctName field to fill in");
590     -$ua->field("acctName" => $new_username);
591     -ok ($ua->click("Save"), "Click Save");
592     -is ($ua->{status}, 200, "200 OK");
593     -like($ua->{content}, qr/must not be left blank/, "Saw validation messages");
594     -
595     -$ua->field("FirstName" => "Fred");
596     -$ua->field("LastName" => "Foonly");
597     -
598     -ok ($ua->click("Save"), "Click Save");
599     -is ($ua->{status}, 200, "200 OK");
600     -
601     -#
602     -# Testing modify user
603     -#
604     -
605     -ok ($ua->get_panel($panel), "ABOUT TO TEST MODIFYING A USER");
606     -is ($ua->{status}, 200, "200 OK");
607     -ok ($ua->follow('Modify'), "Follow modify link");
608     -is ($ua->{status}, 200, "200 OK");
609     -like($ua->{content}, qr/value="Save"/, "Saw 'Save' on the button");
610     -
611     -#
612     -# Testing removal of a user
613     -#
614     -
615     -ok ($ua->get_panel($panel), "ABOUT TO TEST USER REMOVAL");
616     -is ($ua->{status}, 200, "200 OK");
617     -ok ($ua->follow('Remove'), "Follow remove link");
618     -is ($ua->{status}, 200, "200 OK");
619     -like($ua->{content}, qr/Remove/, "Saw 'Remove'");
620     -like($ua->{content}, qr/value="Remove"/, "Saw 'Remove' on the button");
621     -
622     -#
623     -# Testing password reset
624     -#
625     -
626     -ok ($ua->get_panel($panel), "ABOUT TO TEST PASSWORD RESET");
627     -is ($ua->{status}, 200, "200 OK");
628     -ok ($ua->follow('Reset password'), "Follow reset password link");
629     -like($ua->{content}, qr/Reset password/,"Saw 'Reset password'");
630     -
631     -SKIP:
632     -{
633     - skip 3, "Unsafe!" unless destruction_ok();
634     - $ua->field(password1 => "test");
635     - $ua->field(password2 => "test");
636     - ok($ua->click('Save'), "Set password to 'test', click Save");
637     - is($ua->{status}, 200, "200 OK");
638     - like($ua->{content}, qr/Click here/, "Returned to first page");
639     -}
640     -
641     -=end testing
642     -
643     -=cut
644     -
645     -
646     -__DATA__
647     -<form title="FORM_TITLE" header="/etc/e-smith/web/common/head.tmpl" footer="/etc/e-smith/web/common/foot.tmpl">
648     - <page name="First" pre-event="print_status_message()">
649     - <description>FIRSTPAGE_DESC</description>
650     - <subroutine src="print_user_table()" />
651     - </page>
652     - <page name="CheckMaxUsersAdd" post-event="checkMaxUsers('CreateModify')">
653     - </page>
654     - <page name="CreateModify" pre-event="turn_off_buttons()" post-event="handle_user_accounts()">
655     - <title>P2_TITLE</title>
656     - <description>CREATE_MODIFY_DESC</description>
657     - <subroutine src="print_acctName_field()" />
658     - <field type="text" id="FirstName" validation="nonblank, pseudonym_clash">
659     - <label>FIRSTNAME</label>
660     - </field>
661     - <field type="text" id="LastName" validation="nonblank">
662     - <label>LASTNAME</label>
663     - </field>
664     - <field type="text" id="Dept"
665     - value="get_ldap_value('Dept')">
666     - <label>DEPARTMENT</label>
667     - </field>
668     - <field type="text" id="Company"
669     - value="get_ldap_value('Company')">
670     - <label>COMPANY</label>
671     - </field>
672     - <field type="text" id="Street"
673     - value="get_ldap_value('Street')">
674     - <label>STREET_ADDRESS</label>
675     - </field>
676     - <field type="text" id="City"
677     - value="get_ldap_value('City')">
678     - <label>CITY</label>
679     - </field>
680     - <field type="text" id="Phone"
681     - value="get_ldap_value('Phone')">
682     - <label>PHONE_NUMBER</label>
683     - </field>
684     - <field type="select" id="EmailForward" options="'local' =>
685     - 'DELIVER_EMAIL_LOCALLY', 'forward' => 'FORWARD_EMAIL',
686     - 'both' => 'DELIVER_AND_FORWARD'" validation="nonblank" value='local'
687     - display="display_email_forwarding()"
688     - >
689     - <label>EMAIL_DELIVERY</label>
690     - </field>
691     - <field type="text" id="ForwardAddress" validation="emailforward()"
692     - display="display_email_forwarding()"
693     - >
694     - <label>FORWARDING_ADDRESS</label>
695     - </field>
696     - <field type="text" id="FreeBusy" size="85">
697     - <label>FREEBUSY_URL</label>
698     - </field>
699     - <field type="select" id="VPNClientAccess" options="'yes' => 'YES',
700     - 'no' => 'NO'" validation="nonblank" value="get_pptp_value()">
701     - <label>VPN_CLIENT_ACCESS</label>
702     - </field>
703     - <subroutine src="print_ipsec_client_section()" />
704     - <subroutine src="print_groupMemberships_field()" />
705     - <subroutine src="print_save_or_add_button()" />
706     - </page>
707     - <page name="ModifyAdmin" pre-event="turn_off_buttons()" post-event="modify_admin()">
708     - <title>MODIFY_ADMIN_TITLE</title>
709     - <subroutine src="print_acctName_field()" />
710     - <field type="text" id="FirstName" validation="nonblank, pseudonym_clash">
711     - <label>FIRSTNAME</label>
712     - </field>
713     - <field type="text" id="LastName" validation="nonblank">
714     - <label>LASTNAME</label>
715     - </field>
716     - <field type="select" id="VPNClientAccess" options="'yes' => 'YES',
717     - 'no' => 'NO'" validation="nonblank" value="get_pptp_value()">
718     - <label>VPN_CLIENT_ACCESS</label>
719     - </field>
720     - <subroutine src="print_ipsec_client_section()" />
721     - <subroutine src="print_button('SAVE')" />
722     - </page>
723     - <page name="CheckMaxUsersUnlock" post-event="checkMaxUsers('ResetPassword')">
724     - </page>
725     - <page name="ResetPassword" pre-event="turn_off_buttons()" post-event="reset_password()">
726     - <title>RESET_PASSWORD_TITLE</title>
727     - <subroutine src="print_page_description('reset')" />
728     - <field type="password" id="password1" validation="nonblank, check_password">
729     - <label>PASSWORD1</label>
730     - </field>
731     - <field type="password" id="password2" validation="verifyPasswords">
732     - <label>PASSWORD2</label>
733     - </field>
734     - <subroutine src="print_button('SAVE')" />
735     - </page>
736     - <page name="LockAccount" pre-event="turn_off_buttons()" post-event="lock_account()">
737     - <title>LOCK_ACCOUNT_TITLE</title>
738     - <subroutine src="print_page_description('lock')" />
739     - <subroutine src="print_button('LOCK')" />
740     - </page>
741     - <page name="RemoveAccount" pre-event="turn_off_buttons()" post-event="remove_account()">
742     - <title>REMOVE_ACCOUNT_TITLE</title>
743     - <subroutine src="print_page_description('remove')" />
744     - <subroutine src="print_button('REMOVE')" />
745     - </page>
746     -
747     - <page name="SystemPasswordDummy">
748     - </page>
749     - <page name="SystemPassword" pre-event="turn_off_buttons()"
750     - post-event="system_change_password" >
751     - <description>SYSTEM_PASSWORD_DESCRIPTION</description>
752     -
753     - <field type="password" id="curpass" validation="nonblank, system_authenticate_password">
754     - <label>CURRENT_SYSTEM_PASSWORD</label>
755     - </field>
756     - <field type="password" id="pass" validation="nonblank, system_check_password">
757     - <label>NEW_SYSTEM_PASSWORD</label>
758     - </field>
759     - <field type="password" id="passVerify" validation="system_password_compare">
760     - <label>NEW_SYSTEM_PASSWORD_VERIFY</label>
761     - </field>
762     - <subroutine src="print_button('SAVE')" />
763     - </page>
764     -</form>
765     diff -Nur -x '*.orig' -x '*.rej' smeserver-kronolith-1.1.sme/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/advuseraccounts.pm smeserver-kronolith-1.1/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/advuseraccounts.pm
766     --- smeserver-kronolith-1.1.sme/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/advuseraccounts.pm 2006-09-14 21:13:05.000000000 -0600
767     +++ smeserver-kronolith-1.1/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/advuseraccounts.pm 1969-12-31 17:00:00.000000000 -0700
768     @@ -1,1291 +0,0 @@
769     -#!/usr/bin/perl -w
770     -
771     -#----------------------------------------------------------------------
772     -# $Id: advuseraccounts.pm,v 1.108 2004/11/11 20:05:56 charlieb Exp $
773     -#----------------------------------------------------------------------
774     -# copyright (C) 1999-2006 Mitel Networks Corporation
775     -#
776     -# This program is free software; you can redistribute it and/or modify
777     -# it under the terms of the GNU General Public License as published by
778     -# the Free Software Foundation; either version 2 of the License, or
779     -# (at your option) any later version.
780     -#
781     -# This program is distributed in the hope that it will be useful,
782     -# but WITHOUT ANY WARRANTY; without even the implied warranty of
783     -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
784     -# GNU General Public License for more details.
785     -#
786     -# You should have received a copy of the GNU General Public License
787     -# along with this program; if not, write to the Free Software
788     -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
789     -#----------------------------------------------------------------------
790     -package esmith::FormMagick::Panel::advuseraccounts;
791     -
792     -use strict;
793     -
794     -use esmith::FormMagick;
795     -use esmith::AccountsDB;
796     -use esmith::ConfigDB;
797     -use esmith::cgi;
798     -use esmith::util;
799     -use File::Basename;
800     -use Exporter;
801     -use Carp qw(verbose);
802     -
803     -our @ISA = qw(esmith::FormMagick Exporter);
804     -
805     -our @EXPORT = qw(
806     - print_user_table
807     - print_acctName_field
808     - print_groupMemberships_field
809     - print_page_description
810     - get_ldap_value
811     - username_clash
812     - pseudonym_clash
813     - checkMaxUsers
814     - handle_user_accounts
815     - modify_admin
816     - emailforward
817     - verifyPasswords
818     - lock_account
819     - remove_account
820     - reset_password
821     - check_password
822     - print_save_or_add_button
823     - get_pptp_value
824     - print_ipsec_client_section
825     -
826     - system_password_compare
827     - system_valid_password
828     - system_change_password
829     - system_check_password
830     - system_authenticate_password
831     -);
832     -
833     -our $VERSION = sprintf '%d.%03d', q$Revision: 1.108 $ =~ /: (\d+).(\d+)/;
834     -
835     -our $accountdb = esmith::AccountsDB->open();
836     -our $configdb = esmith::ConfigDB->open();
837     -
838     -=pod
839     -
840     -=head1 NAME
841     -
842     -esmith::FormMagick::Panels::advuseraccounts - useful panel functions
843     -
844     -=head1 SYNOPSIS
845     -
846     -use esmith::FormMagick::Panels::useraccount;
847     -
848     -my $panel = esmith::FormMagick::Panel::useraccount->new();
849     -$panel->display();
850     -
851     -=head1 DESCRIPTION
852     -
853     -
854     -=head2 new();
855     -
856     -Exactly as for esmith::FormMagick
857     -
858     -=begin testing
859     -
860     -$ENV{ESMITH_ACCOUNT_DB} = "10e-smith-base/accounts.conf";
861     -$ENV{ESMITH_CONFIG_DB} = "10e-smith-base/configuration.conf";
862     -
863     -open DATA, "echo '<form></form>'|";
864     -use_ok('esmith::FormMagick::Panel::advuseraccounts');
865     -use vars qw($panel);
866     -ok($panel = esmith::FormMagick::Panel::advuseraccounts->new(),
867     -"Create panel object");
868     -close DATA;
869     -isa_ok($panel, 'esmith::FormMagick::Panel::advuseraccounts');
870     -$panel->{cgi} = CGI->new();
871     -$panel->parse_xml();
872     -
873     -{ package esmith::FormMagick::Panel::advuseraccounts;
874     -our $accountdb;
875     -::isa_ok($accountdb, 'esmith::AccountsDB');
876     -}
877     -
878     -=end testing
879     -
880     -=cut
881     -
882     -sub new {
883     - shift;
884     - my $self = esmith::FormMagick->new();
885     - $self->{calling_package} = (caller)[0];
886     - bless $self;
887     - return $self;
888     -}
889     -
890     -=head1 HTML GENERATION ROUTINES
891     -
892     -Routines for generating chunks of HTML needed by the panel.
893     -
894     -=head2 print_user_table
895     -
896     -Prints out the user table on the front page.
897     -
898     -=for testing
899     -$panel->print_user_table;
900     -like($_STDOUT_, qr/bart/, "Found usernames in user table output");
901     -like($_STDOUT_, qr/ff0000/, "Found red 'reset password' output");
902     -
903     -=cut
904     -
905     -sub print_user_table {
906     - my $self = shift;
907     - my $q = $self->{cgi};
908     - my $account = $self->localise('ACCOUNT');
909     - my $acctName = $self->localise('USER_NAME');
910     -
911     - my $modify = $self->localise('MODIFY');
912     - my $resetpw = $self->localise('RESET_PASSWORD');
913     - my $lock = $self->localise('LOCK_ACCOUNT');
914     - my $account_locked = $self->localise('ACCOUNT_IS_LOCKED');
915     - my $remove = $self->localise('REMOVE');
916     -
917     - my @users = $accountdb->get('admin');
918     - push @users, $accountdb->users();
919     -
920     - unless ( scalar @users )
921     - {
922     - print $q->Tr($q->td($self->localise('NO_USER_ACCOUNTS')));
923     - return "";
924     - }
925     - print " <tr>\n <td colspan=\"2\">\n ";
926     - print $q->start_table ({-CLASS => "sme-border"}),"\n ";
927     - print $q->Tr(
928     - esmith::cgi::genSmallCell($q, $self->localise($account),"header"),
929     - esmith::cgi::genSmallCell($q, $self->localise($acctName),"header"),
930     - esmith::cgi::genSmallCell($q, $self->localise('VPN_CLIENT_ACCESS'), "header"),
931     - esmith::cgi::genSmallCell($q, $self->localise('ACTION'),"header",4));
932     -
933     - my $scriptname = basename($0);
934     - my $index=0;
935     -
936     - foreach my $u (@users) {
937     - my $username = $u->key();
938     - my $first = $u->prop('FirstName');
939     - my $last = $u->prop('LastName');
940     - my $lockable = $u->prop('Lockable') || 'yes';
941     - my $removable = $u->prop('Removable') || 'yes';
942     - my $vpnaccess = $u->prop('VPNClientAccess') || 'no';
943     - $vpnaccess = $vpnaccess eq 'yes' ? $self->localise('YES') :
944     - $self->localise('NO');
945     -
946     - my $params = $self->build_user_cgi_params($username, $u->props());
947     -
948     - my $password_set = $u->prop('PasswordSet');
949     -
950     - my $pagenum = ($username eq "admin") ? $self->get_page_by_name('SystemPasswordDummy')
951     - : $self->get_page_by_name('CheckMaxUsersUnlock');
952     -
953     - # make normal links
954     - my $lock_url = ($password_set eq 'yes') ?
955     - qq(<a href="$scriptname?$params&Next=Next&wherenext=LockAccount">$lock</a>) :
956     - qq($account_locked);
957     -
958     - $lock_url = "" unless ($lockable eq "yes");
959     -
960     - my $where_next = ($username eq "admin") ? "ModifyAdmin" : "CreateModify";
961     - my $action1 = "<a href=\"$scriptname?page=0&page_stack=&acctName=$username&Next=Next&action=modify&wherenext=$where_next\">$modify</a>";
962     -
963     - my $action2 = "<a href=\"$scriptname?page=$pagenum&page_stack=&Next=Next&acctName=$username\">$resetpw</a>";
964     -
965     - unless ($password_set eq 'yes')
966     - {
967     - $action2 = "<span class='error-noborders'>" . $action2 . "</span>";
968     - }
969     -
970     - my $action3 = ($removable eq "yes") ? "<a href=\"$scriptname?$params&Next=Next&wherenext=RemoveAccount\">$remove</a>" : '';
971     -
972     - print $q->Tr(esmith::cgi::genSmallCell($q, $username,"normal")," ",
973     - esmith::cgi::genSmallCell($q, "$first $last","normal")," ",
974     - esmith::cgi::genSmallCell($q, $vpnaccess),
975     - esmith::cgi::genSmallCell($q, "$action1","normal")," ",
976     - esmith::cgi::genSmallCell($q, "$action2","normal")," ",
977     - esmith::cgi::genSmallCell($q, "$lock_url","normal")," ",
978     - esmith::cgi::genSmallCell($q, "$action3","normal"));
979     -
980     - $index++;
981     - }
982     -
983     - print qq(</table></td></tr>\n);
984     -
985     - return "";
986     -}
987     -
988     -=head2 print_acctName_field
989     -
990     -This subroutine is used to generate the Account name field on the form in
991     -the case of "create user", or to make it a plain uneditable string in the case
992     -of "modify user".
993     -
994     -=begin testing
995     -
996     -my $self = esmith::FormMagick::Panel::advuseraccounts->new();
997     -$self->{cgi} = CGI->new("");
998     -print_acctName_field($self);
999     -like($_STDOUT_, qr/text.*acctName/, "print text field if acctName not set");
1000     -like($_STDOUT_, qr/create/, "action=create if acctName not set");
1001     -$self->{cgi}->param(-name => 'acctName', -value => 'foo');
1002     -$self->{cgi}->param(-name => 'action', -value => 'modify');
1003     -print_acctName_field($self);
1004     -like($_STDOUT_, qr/hidden.*acctName/, "print hidden field if acctName is set");
1005     -like($_STDOUT_, qr/modify/, "action=modify if acctName already set");
1006     -
1007     -=end testing
1008     -
1009     -=cut
1010     -
1011     -sub print_acctName_field {
1012     - my $self = shift;
1013     - my $cgi = $self->{cgi};
1014     - my $an = $cgi->param('acctName') || '';
1015     - print qq(<tr><td class=\"sme-noborders-label\">) . $self->localise('ACCOUNT_NAME') . qq(</td>\n);
1016     - my $action = $cgi->param('action') || '';
1017     - if ( $action eq 'modify') {
1018     - print qq(
1019     - <td>$an
1020     - <input type="hidden" name="acctName" value="$an">
1021     - <input type="hidden" name="action" value="modify">
1022     - </td>
1023     - );
1024     - # if there's no CGI data, fill in the fields with the account db
1025     - # data for this user
1026     - my $rec = $accountdb->get($an);
1027     - my $fn = $cgi->param('FirstName') ?
1028     - $cgi->param('FirstName') :
1029     - ($rec ? ($rec->prop('FirstName')) : '');
1030     - my $ln = $cgi->param('LastName') ?
1031     - $cgi->param('LastName') :
1032     - ($rec ? ($rec->prop('LastName')) : '');
1033     - my $dept = $cgi->param('Dept') ?
1034     - $cgi->param('Dept') :
1035     - ($rec ? ($rec->prop('Dept')) : '');
1036     - my $company = $cgi->param('Company') ?
1037     - $cgi->param('Company') :
1038     - ($rec ? ($rec->prop('Company')) : '');
1039     - my $street = $cgi->param('Street') ?
1040     - $cgi->param('Street') :
1041     - ($rec ? ($rec->prop('Street')) : '');
1042     - my $city = $cgi->param('City') ?
1043     - $cgi->param('City') :
1044     - ($rec ? ($rec->prop('City')) : '');
1045     - my $phone = $cgi->param('Phone') ?
1046     - $cgi->param('Phone') :
1047     - ($rec ? ($rec->prop('Phone')) : '');
1048     - my $emf = $cgi->param('EmailForward') ?
1049     - $cgi->param('EmailForward') :
1050     - ($rec ? ($rec->prop('EmailForward')) : 'local');
1051     - my $fwd = $cgi->param('ForwardAddress') ?
1052     - $cgi->param('ForwardAddress') :
1053     - ($rec ? ($rec->prop('ForwardAddress')) : '');
1054     - my $fb = $cgi->param('FreeBusy') ?
1055     - $cgi->param('FreeBusy') :
1056     - ($rec ? ($rec->prop('FreeBusy')) : '');
1057     - my $pptp = $cgi->param('VPNClientAccess') ?
1058     - $cgi->param('VPNClientAccess') :
1059     - ($rec ? ($rec->prop('VPNClientAccess')) : 'no');
1060     - # now that we're down with the 411, let's set the values
1061     - $cgi->param(-name=>'FirstName', -value=>$fn);
1062     - $cgi->param(-name=>'LastName', -value=>$ln);
1063     - $cgi->param(-name=>'Dept', -value=>$dept);
1064     - $cgi->param(-name=>'Company', -value=>$company);
1065     - $cgi->param(-name=>'Street', -value=>$street);
1066     - $cgi->param(-name=>'City', -value=>$city);
1067     - $cgi->param(-name=>'Phone', -value=>$phone);
1068     - $cgi->param(-name=>'EmailForward', -value=>$emf);
1069     - $cgi->param(-name=>'ForwardAddress', -value=>$fwd);
1070     - $cgi->param(-name=>'FreeBusy', -value=>$fb);
1071     - $cgi->param(-name=>'VPNClientAccess', -value=>$pptp);
1072     - } else {
1073     - print qq(
1074     - <td><input type="text" name="acctName" value="$an">
1075     - <input type="hidden" name="action" value="create">
1076     - </td>
1077     - );
1078     - }
1079     -
1080     - print qq(</tr>\n);
1081     - return undef;
1082     -
1083     -}
1084     -
1085     -=head2 print_groupMemberships_field()
1086     -
1087     -Builds a list of groups for the create/modify user screen.
1088     -
1089     -=begin testing
1090     -
1091     -my $self = esmith::FormMagick::Panel::advuseraccounts->new();
1092     -$self->{cgi} = CGI->new("");
1093     -$self->print_groupMemberships_field();
1094     -like($_STDOUT_, qr/simpsons/, "Found simpsons in group list");
1095     -like($_STDOUT_, qr/flanders/, "Found flanders in group list");
1096     -$self->{cgi}->param(-name => 'acctName', -value => 'rod');
1097     -$self->print_groupMemberships_field();
1098     -like($_STDOUT_, qr/checked value="flanders"/, "Checked flanders group for user rod");
1099     -
1100     -=end testing
1101     -
1102     -=cut
1103     -
1104     -sub print_groupMemberships_field {
1105     - my ($self) = @_;
1106     - my $q = $self->{cgi};
1107     - my $user = $q->param('acctName');
1108     -
1109     - if (my @groups = $accountdb->groups()) {
1110     -
1111     - print "<tr><td class=\"sme-noborders-label\">",
1112     - $self->localise('GROUP_MEMBERSHIPS'),
1113     - "</td><td>\n";
1114     -
1115     - print $q->start_table({-class => "sme-border"}),"\n";
1116     - print $q->Tr(
1117     - esmith::cgi::genSmallCell($q, $self->localise('MEMBER'),"header"),
1118     - esmith::cgi::genSmallCell($q, $self->localise('GROUP'),"header"),
1119     - esmith::cgi::genSmallCell($q, $self->localise('DESCRIPTION'),"header")
1120     - );
1121     -
1122     - foreach my $g (@groups) {
1123     - my $groupname = $g->key();
1124     - my $checked;
1125     - if ($user and $accountdb->is_user_in_group($user, $groupname)) {
1126     - $checked = 'checked';
1127     - } else {
1128     - $checked = '';
1129     - }
1130     -
1131     - print $q->Tr(
1132     - $q->td(
1133     - "<input type=\"checkbox\""
1134     - . " name=\"groupMemberships\""
1135     - . " $checked value=\"$groupname\">"
1136     - ),
1137     - esmith::cgi::genSmallCell($q, $groupname,"normal"),
1138     - esmith::cgi::genSmallCell( $q, $accountdb->get($groupname)->prop("Description"),"normal")
1139     - );
1140     - }
1141     -
1142     - print "</table></td></tr>\n";
1143     -
1144     - }
1145     -
1146     - return undef;
1147     -
1148     -}
1149     -
1150     -=head2 print_page_description($self, "reset|lock|remove")
1151     -
1152     -Generates the page description for the the somewhat similar Reset
1153     -Password, Lock Account and Remove Account pages.
1154     -
1155     -=begin testing
1156     -
1157     -my $self = esmith::FormMagick::Panel::advuseraccounts->new();
1158     -$self->{cgi} = CGI->new({ acctName => 'bart' });
1159     -print_page_description($self, "reset");
1160     -like($_STDOUT_, qr/bart/, "print_page_description prints username");
1161     -like($_STDOUT_, qr/Bart Simpson/, "print_page_description prints name");
1162     -like($_STDOUT_, qr/RESET_DESC/, "print_page_description prints description");
1163     -
1164     -=end testing
1165     -
1166     -=cut
1167     -
1168     -sub print_page_description {
1169     - my ($self, $pagename) = @_;
1170     - unless (grep /^$pagename$/, qw(reset lock remove)) {
1171     - warn "Can't generate page description for invalid pagename $pagename\n";
1172     - return;
1173     - }
1174     -
1175     - $pagename = uc($pagename);
1176     -
1177     - my $desc = $self->localise("${pagename}_DESC");
1178     - my $desc2 = $self->localise("${pagename}_DESC2");
1179     -
1180     - my $acctName = $self->{cgi}->param('acctName');
1181     - my $name = $accountdb->get($acctName)->prop('FirstName') . " "
1182     - . $accountdb->get($acctName)->prop('LastName');
1183     -
1184     - print qq{
1185     - <tr><td colspan="2">
1186     - <p>$desc "$acctName" ($name)</p>
1187     - $desc2
1188     - <input type="hidden" name="acctName" value="$acctName">
1189     - </td></tr>
1190     - };
1191     -
1192     - return;
1193     -}
1194     -
1195     -=head1 ROUTINES FOR FILLING IN FIELD DEFAULT VALUES
1196     -
1197     -=head2 get_ldap_value($field)
1198     -
1199     -This subroutine generates the default field value on the form using the
1200     -parameter specified.
1201     -
1202     -In this case, the default field values come from LDAP/directory
1203     -settings.
1204     -
1205     -If a CGI parameter has been passed that contains an account name, we
1206     -assume that a value has already been set, as we're modifying a user, and
1207     -use that value instead of a default.
1208     -
1209     -=for testing
1210     -my $self = esmith::FormMagick::Panel::advuseraccounts->new();
1211     -$self->{cgi} = CGI->new("");
1212     -is(get_ldap_value($self, "Dept"), "Main", "Pick up default value from LDAP");
1213     -$self->{cgi} = CGI->new({ acctName => 'bart' });
1214     -is(get_ldap_value($self, "Dept"), undef, "Don't pick up LDAP data if username provided");
1215     -
1216     -=cut
1217     -
1218     -sub get_ldap_value {
1219     - my ($self, $field) = @_;
1220     -
1221     - # don't do the lookup if this is a modification of an existing user
1222     - if ($self->{cgi}->param('acctName')) {
1223     - return $self->{cgi}->param($field);
1224     - }
1225     -
1226     - my %CGIParam2DBfield = (
1227     - Dept => 'defaultDepartment',
1228     - Company => 'defaultCompany',
1229     - Street => 'defaultStreet',
1230     - City => 'defaultCity',
1231     - Phone => 'defaultPhoneNumber'
1232     - );
1233     -
1234     - return $configdb->get('ldap')->prop($CGIParam2DBfield{$field});
1235     -}
1236     -
1237     -sub get_pptp_value
1238     -{
1239     - return $configdb->get('pptpd')->prop('AccessDefault') || 'no';
1240     -}
1241     -
1242     -
1243     -
1244     -=head1 VALIDATION ROUTINES
1245     -
1246     -=head2 pseudonym_clash
1247     -
1248     -Validation routine to check whether a the first/last names clash with
1249     -existing pseudonyms.
1250     -
1251     -Note that it won't be considered a "clash" if there is an existing
1252     -pseudonym which belongs to the same user -- it's only a clash if the
1253     -generated pseudonyms are the same but the usernames aren't.
1254     -
1255     -=begin testing
1256     -
1257     -my $self = esmith::FormMagick::Panel::advuseraccounts->new();
1258     -
1259     -$self->{cgi} = CGI->new({
1260     - acctName => 'skud',
1261     - FirstName => 'Kirrily',
1262     - LastName => 'Robert'
1263     -});
1264     -
1265     -is (pseudonym_clash($self, 'Kirrily'), "OK", "New name doesn't clash pseudonyms");
1266     -
1267     -$self->{cgi} = CGI->new({
1268     - acctName => 'bart2',
1269     - FirstName => 'Bart',
1270     - LastName => 'Simpson'
1271     -});
1272     -
1273     -isnt(pseudonym_clash($self, 'Bart'), "OK", "Existing pseudonym with non-matching username causes clash");
1274     -
1275     -$self->{cgi} = CGI->new({
1276     - acctName => 'bart',
1277     - FirstName => 'Bart',
1278     - LastName => 'Simpson'
1279     -});
1280     -
1281     -is(pseudonym_clash($self, 'Bart'), "OK", "Existing pseudonym with matching username shouldn't clash");
1282     -
1283     -=end testing
1284     -
1285     -=cut
1286     -
1287     -sub pseudonym_clash {
1288     - my ($self, $first) = @_;
1289     - $first ||= "";
1290     - my $last = $self->{cgi}->param('LastName') || "";
1291     - my $acctName = $self->{cgi}->param('acctName') || "";
1292     -
1293     - my $up = "$first $last";
1294     -
1295     - $up =~ s/^\s+//;
1296     - $up =~ s/\s+$//;
1297     - $up =~ s/\s+/ /g;
1298     - $up =~ s/\s/_/g;
1299     -
1300     - my $dp = $up;
1301     - $dp =~ s/_/./g;
1302     -
1303     - $dp = $accountdb->get($dp);
1304     - $up = $accountdb->get($up);
1305     -
1306     - my $da = $dp->prop('Account') if $dp;
1307     - my $ua = $up->prop('Account') if $up;
1308     - if ($dp and $da and $da ne $acctName)
1309     - {
1310     - return $self->localise('PSEUDONYM_CLASH',
1311     - {
1312     - acctName => $acctName,
1313     - clashName => $da,
1314     - pseudonym => $dp->key
1315     - });
1316     - }
1317     - elsif ($up and $ua and $ua ne $acctName)
1318     - {
1319     - return $self->localise('PSEUDONYM_CLASH',
1320     - {
1321     - acctName => $acctName,
1322     - clashName => $ua,
1323     - pseudonym => $up->key
1324     - });
1325     - }
1326     - else
1327     - {
1328     - return "OK";
1329     - }
1330     -}
1331     -
1332     -=head2 emailforward()
1333     -
1334     -Validation routine for email forwarding
1335     -
1336     -=cut
1337     -
1338     -sub emailforward {
1339     - my ($self, $data) = @_;
1340     - my $response = $self->email_simple($data);
1341     - if ($response eq "OK")
1342     - {
1343     - return "OK";
1344     - }
1345     - elsif ($data eq "")
1346     - {
1347     - # Blank is ok, only if we're not forwarding, which means that the
1348     - # EmailForward param must be set to 'local'.
1349     - my $email_forward = $self->{cgi}->param('EmailForward') || '';
1350     - $email_forward =~ s/^\s+|\s+$//g;
1351     - return 'OK' if $email_forward eq 'local';
1352     - return $self->localise('CANNOT_CONTAIN_WHITESPACE');
1353     - }
1354     - else
1355     - {
1356     - return $self->localise('CANNOT_CONTAIN_WHITESPACE')
1357     - if ( $data =~ /\s+/ );
1358     - # Permit a local address.
1359     - return "OK" if $data =~ /^[a-zA-Z][a-zA-Z0-9\._\-]*$/;
1360     - return $self->localise('UNACCEPTABLE_CHARS');
1361     - }
1362     -}
1363     -
1364     -=head2 verifyPasswords()
1365     -
1366     -Returns an error message if the two new passwords input don't match.
1367     -
1368     -=cut
1369     -
1370     -sub verifyPasswords {
1371     - my $self = shift;
1372     - my $pass2 = shift;
1373     -
1374     - my $pass1 = $self->{cgi}->param('password1');
1375     - unless ($pass1 eq $pass2) {
1376     - $self->{cgi}->param( -name => 'wherenext', -value => 'Password' );
1377     - return "PASSWORD_VERIFY_ERROR";
1378     - }
1379     - return "OK";
1380     -}
1381     -
1382     -=head1 CREATING AND MODIFYING USERS
1383     -
1384     -=head2 checkMaxUsers()
1385     -
1386     -Returns an error message if the current number of users is greater than or
1387     -equal to the sysconfig|MaxUsers property.
1388     -
1389     -Takes the name of the next page to go to if the test succeeds as an argument.
1390     -
1391     -=cut
1392     -
1393     -sub checkMaxUsers
1394     -{
1395     - my ($self, $next_page) = @_;
1396     -
1397     - # Get value of MaxUsers if it exists.
1398     - my $sysconfig = $configdb->get('sysconfig');
1399     - my $maxUsers = (($sysconfig) ? $sysconfig->prop('MaxUsers') : '') || '';
1400     - my $activeUsers = scalar $accountdb->activeUsers() || 0;
1401     - if ((defined $activeUsers and $maxUsers ne '')
1402     - and ($activeUsers >= $maxUsers))
1403     - {
1404     - $self->error('MAX_USERS_EXCEEDED');
1405     - }
1406     - else
1407     - {
1408     - $self->{cgi}->param(-name => 'wherenext', -value => $next_page);
1409     - }
1410     -}
1411     -
1412     -=head2 handle_user_accounts()
1413     -
1414     -This is the routine called by the "Save" button on the create/modify page.
1415     -It checks the "action" param and calls either create_user() or modify_user()
1416     -as appropriate.
1417     -
1418     -=cut
1419     -
1420     -sub handle_user_accounts {
1421     - my ($self) = @_;
1422     -
1423     - my $cgi = $self->{cgi};
1424     -
1425     - if ($cgi->param("action") eq "create") {
1426     - my $msg = create_user($self);
1427     - if ($msg eq 'USER_CREATED')
1428     - {
1429     - $self->success($msg);
1430     - }
1431     - else
1432     - {
1433     - $self->error($msg);
1434     - }
1435     - }
1436     - else {
1437     - modify_user($self);
1438     - $self->success('USER_MODIFIED');
1439     - }
1440     -}
1441     -
1442     -=head2 print_save_or_add_button()
1443     -
1444     -=cut
1445     -
1446     -sub print_save_or_add_button {
1447     -
1448     - my ($self) = @_;
1449     -
1450     - my $cgi = $self->{cgi};
1451     -
1452     - if (($cgi->param("action") || '') eq "modify") {
1453     - $self->print_button("SAVE");
1454     - } else {
1455     - $self->print_button("ADD");
1456     - }
1457     -
1458     -}
1459     -
1460     -=head2 modify_admin($self)
1461     -
1462     -=cut
1463     -
1464     -sub modify_admin
1465     -{
1466     - my ($self) = @_;
1467     -
1468     - my $acct = $accountdb->get('admin');
1469     -
1470     - my %newProperties = (
1471     - 'FirstName' => $self->{cgi}->param('FirstName'),
1472     - 'LastName' => $self->{cgi}->param('LastName'),
1473     - 'VPNClientAccess'=> $self->{cgi}->param('VPNClientAccess'),
1474     - );
1475     -
1476     - $acct->merge_props(%newProperties);
1477     -
1478     - undef $accountdb;
1479     -
1480     - my $status =
1481     - system ("/sbin/e-smith/signal-event", "user-modify-admin", 'admin');
1482     -
1483     - $accountdb = esmith::AccountsDB->open();
1484     -
1485     - if ($status == 0)
1486     - {
1487     - $self->success('USER_MODIFIED', 'First');
1488     - }
1489     - else
1490     - {
1491     - $self->error('CANNOT_MODIFY_USER', 'First');
1492     - }
1493     - return;
1494     -}
1495     -
1496     -=head2 modify_user($self)
1497     -
1498     -=cut
1499     -
1500     -sub modify_user {
1501     - my ($self) = @_;
1502     - my $acctName = $self->{cgi}->param('acctName');
1503     -
1504     - unless (($acctName) = ($acctName =~ /^(\w[\-\w_\.]+)$/)) {
1505     - return $self->error($self->localise('TAINTED_USER',
1506     - { acctName => $acctName }));
1507     - }
1508     - # Untaint the username before use in system()
1509     - $acctName = $1;
1510     -
1511     - my $acct = $accountdb->get($acctName);
1512     - my $acctType = $acct->prop('type');
1513     -
1514     - if ($acctType eq "user")
1515     - {
1516     - $accountdb->remove_user_auto_pseudonyms($acctName);
1517     - my %newProperties = (
1518     - 'FirstName' => $self->{cgi}->param('FirstName'),
1519     - 'LastName' => $self->{cgi}->param('LastName'),
1520     - 'Phone' => $self->{cgi}->param('Phone'),
1521     - 'Company' => $self->{cgi}->param('Company'),
1522     - 'Dept' => $self->{cgi}->param('Dept'),
1523     - 'City' => $self->{cgi}->param('City'),
1524     - 'Street' => $self->{cgi}->param('Street'),
1525     - 'EmailForward' => $self->{cgi}->param('EmailForward'),
1526     - 'ForwardAddress' => $self->{cgi}->param('ForwardAddress'),
1527     - 'FreeBusy' => $self->{cgi}->param('FreeBusy'),
1528     - 'VPNClientAccess'=> $self->{cgi}->param('VPNClientAccess'),
1529     - );
1530     - $acct->merge_props(%newProperties);
1531     -
1532     - $accountdb->create_user_auto_pseudonyms($acctName);
1533     -
1534     - my @old_groups = $accountdb->user_group_list($acctName);
1535     - my @new_groups = $self->{cgi}->param("groupMemberships");
1536     - $accountdb->remove_user_from_groups($acctName, @old_groups);
1537     - $accountdb->add_user_to_groups($acctName, @new_groups);
1538     -
1539     - undef $accountdb;
1540     -
1541     - unless (system ("/sbin/e-smith/signal-event", "user-modify",
1542     - $acctName) == 0) {
1543     - $accountdb = esmith::AccountsDB->open();
1544     - return $self->error('CANNOT_MODIFY_USER');
1545     - }
1546     - $accountdb = esmith::AccountsDB->open();
1547     - }
1548     - $self->success('USER_MODIFIED');
1549     -}
1550     -
1551     -=head2 create_user
1552     -
1553     -Adds a user to the accounts db.
1554     -
1555     -=cut
1556     -
1557     -sub create_user {
1558     - my $self = shift;
1559     - my $q = $self->{cgi};
1560     -
1561     - my $acctName = $q->param('acctName');
1562     -
1563     - my $msg = $self->validate_acctName($acctName);
1564     - unless ($msg eq "OK")
1565     - {
1566     - return $msg;
1567     - }
1568     -
1569     - $msg = $self->validate_acctName_length($acctName);
1570     - unless ($msg eq "OK")
1571     - {
1572     - return $msg;
1573     - }
1574     -
1575     - $msg = $self->validate_acctName_conflict($acctName);
1576     - unless ($msg eq "OK")
1577     - {
1578     - return $msg;
1579     - }
1580     -
1581     - my %userprops;
1582     - foreach my $field ( qw( FirstName LastName Phone Company Dept
1583     - City Street EmailForward ForwardAddress FreeBusy VPNClientAccess) )
1584     - {
1585     - $userprops{$field} = $q->param($field);
1586     - }
1587     - $userprops{'PasswordSet'} = "no";
1588     - $userprops{'type'} = 'user';
1589     -
1590     - my $acct = $accountdb->new_record($acctName)
1591     - or warn "Can't create new account for $acctName (does it already exist?)\n";
1592     - $acct->reset_props(%userprops);
1593     - $accountdb->create_user_auto_pseudonyms($acctName);
1594     - my @groups = $self->{cgi}->param("groupMemberships");
1595     - $accountdb->add_user_to_groups($acctName, @groups);
1596     -
1597     - undef $accountdb;
1598     -
1599     - # Untaint the username before use in system()
1600     - $acctName =~ /^(\w[\-\w_\.]+)$/;
1601     - $acctName = $1;
1602     -
1603     - if (system ("/sbin/e-smith/signal-event", "user-create", $acctName))
1604     - {
1605     - $accountdb = esmith::AccountsDB->open();
1606     - return $self->localise("ERR_OCCURRED_CREATING");
1607     - }
1608     -
1609     - $accountdb = esmith::AccountsDB->open();
1610     -
1611     - $self->set_groups();
1612     - return 'USER_CREATED';
1613     -}
1614     -
1615     -=head2 set_groups
1616     -
1617     -Sets a user's groups in the accounts db. This is called as part of the
1618     -create_user() routine.
1619     -
1620     -=cut
1621     -
1622     -sub set_groups
1623     -{
1624     - my $self = shift;
1625     - my $q = $self->{cgi};
1626     - my $acctName = $q->param('acctName');
1627     -
1628     - my @groups = $q->param('groupMemberships');
1629     - $accountdb->set_user_groups($acctName, @groups);
1630     -
1631     -}
1632     -
1633     -=head1 REMOVING ACCOUNTS
1634     -
1635     -=head2 remove_account()
1636     -
1637     -=cut
1638     -
1639     -sub remove_account {
1640     - my ($self) = @_;
1641     - my $acctName = $self->{cgi}->param('acctName');
1642     -
1643     - my $acct = $accountdb->get($acctName);
1644     - if ($acct->prop('type') eq "user") {
1645     - $acct->set_prop('type', "user-deleted");
1646     -
1647     - undef $accountdb;
1648     -
1649     - # Untaint the username before use in system()
1650     - $acctName =~ /^(\w[\-\w_\.]+)$/;
1651     - $acctName = $1;
1652     - if (system ("/sbin/e-smith/signal-event", "user-delete", $acctName))
1653     - {
1654     - $accountdb = esmith::AccountsDB->open();
1655     - return $self->error("ERR_OCCURRED_DELETING");
1656     - }
1657     -
1658     - $accountdb = esmith::AccountsDB->open();
1659     - $accountdb->get($acctName)->delete;
1660     -
1661     - } else {
1662     - # FIXME - this should be handled by input validation
1663     - # XXX error message here
1664     - }
1665     - $self->{cgi}->param(-name => 'wherenext', -value => 'First');
1666     -}
1667     -
1668     -=head1 RESETTING THE PASSWORD
1669     -
1670     -=head2 reset_password()
1671     -
1672     -=cut
1673     -
1674     -sub reset_password {
1675     - my ($self) = @_;
1676     - my $acctName = $self->{cgi}->param('acctName');
1677     -
1678     - unless (($acctName) = ($acctName =~ /^(\w[\-\w_\.]+)$/)) {
1679     - return $self->error('TAINTED_USER');
1680     - }
1681     - $acctName = $1;
1682     -
1683     - my $acct = $accountdb->get($acctName);
1684     -
1685     - if ( $acct->prop('type') eq "user")
1686     - {
1687     - esmith::util::setUserPassword ($acctName,
1688     - $self->{cgi}->param('password1'));
1689     -
1690     - $acct->set_prop("PasswordSet", "yes");
1691     - undef $accountdb;
1692     -
1693     - if (system("/sbin/e-smith/signal-event", "password-modify", $acctName))
1694     - {
1695     - $accountdb = esmith::AccountsDB->open();
1696     - $self->error("ERR_OCCURRED_MODIFYING_PASSWORD");
1697     - }
1698     - $accountdb = esmith::AccountsDB->open();
1699     -
1700     - $self->success($self->localise('PASSWORD_CHANGE_SUCCEEDED',
1701     - { acctName => $acctName}));
1702     - }
1703     - else
1704     - {
1705     - $self->error($self->localise('NO_SUCH_USER',
1706     - { acctName => $acctName}));
1707     - }
1708     -}
1709     -
1710     -=head1 LOCKING AN ACCOUNT
1711     -
1712     -=head2 lock_account()
1713     -
1714     -=cut
1715     -
1716     -sub lock_account {
1717     - my ($self) = @_;
1718     - my $acctName = $self->{cgi}->param('acctName');
1719     - my $acct = $accountdb->get($acctName);
1720     - if ($acct->prop('type') eq "user")
1721     - {
1722     - undef $accountdb;
1723     -
1724     - # Untaint the username before use in system()
1725     - $acctName =~ /^(\w[\-\w_\.]+)$/;
1726     - $acctName = $1;
1727     - if (system("/sbin/e-smith/signal-event", "user-lock", $acctName))
1728     - {
1729     - $accountdb = esmith::AccountsDB->open();
1730     - return $self->error("ERR_OCCURRED_LOCKING");
1731     - }
1732     -
1733     - $accountdb = esmith::AccountsDB->open();
1734     -
1735     - $self->success($self->localise('LOCKED_ACCOUNT',
1736     - { acctName => $acctName}));
1737     - }
1738     - else
1739     - {
1740     - $self->error($self->localise('NO_SUCH_USER',
1741     - { acctName => $acctName}));
1742     - }
1743     -}
1744     -
1745     -
1746     -=head1 MISCELLANEOUS ROUTINES
1747     -
1748     -=head2 build_user_cgi_params()
1749     -
1750     -Builds a CGI query string based on user data, using various sensible
1751     -defaults and esmith::FormMagick's props_to_query_string() method.
1752     -
1753     -=cut
1754     -
1755     -sub build_user_cgi_params {
1756     - my ($self, $acctName, %oldprops) = @_;
1757     -
1758     - my %props = (
1759     - page => 0,
1760     - page_stack => "",
1761     - ".id" => $self->{cgi}->param('.id') || "",
1762     - acctName => $acctName,
1763     - #%oldprops
1764     - );
1765     -
1766     - return $self->props_to_query_string(\%props);
1767     -}
1768     -
1769     -=pod
1770     -
1771     -=head2 validate_acctName
1772     -
1773     -Checks that the name supplied does not contain any unacceptable chars.
1774     -Returns OK on success or a localised error message otherwise.
1775     -
1776     -=for testing
1777     -is($panel->validate_acctName('foo'), 'OK', 'validate_acctName');
1778     -isnt($panel->validate_acctName('3amigos'), 'OK', ' .. cannot start with number');
1779     -isnt($panel->validate_acctName('betty ford'), 'OK', ' .. cannot contain space');
1780     -
1781     -=cut
1782     -
1783     -sub validate_acctName
1784     -{
1785     - my ($self, $acctName) = @_;
1786     -
1787     - unless ($accountdb->validate_account_name($acctName))
1788     - {
1789     - return $self->localise('ACCT_NAME_HAS_INVALID_CHARS',
1790     - {acctName => $acctName});
1791     - }
1792     - return "OK";
1793     -}
1794     -
1795     -=head2 validate_account_length FM ACCOUNTNAME
1796     -
1797     -returns 'OK' if the account name is shorter than the maximum account name length
1798     -returns 'ACCOUNT_TOO_LONG' otherwise
1799     -
1800     -=begin testing
1801     -
1802     -ok(($panel->validate_acctName_length('foo') eq 'OK'), "a short account name passes");
1803     -ok(($panel->validate_acctName_length('fooooooooooooooooo') eq 'ACCOUNT_TOO_LONG'), "a long account name fails");
1804     -
1805     -=end testing
1806     -
1807     -=cut
1808     -
1809     -sub validate_acctName_length {
1810     - my $self = shift;
1811     - my $acctName = shift;
1812     -
1813     -
1814     - my $maxAcctNameLength = ($configdb->get('maxAcctNameLength')
1815     - ? $configdb->get('maxAcctNameLength')->prop('type')
1816     - : "") || 12;
1817     -
1818     - if ( length $acctName > $maxAcctNameLength ) {
1819     -
1820     - return $self->localise('ACCOUNT_TOO_LONG',
1821     - {maxLength => $maxAcctNameLength});
1822     - }
1823     - else {
1824     - return ('OK');
1825     - }
1826     -}
1827     -
1828     -=head2 validate_acctName_conflict
1829     -
1830     -Returns 'OK' if the account name doesn't yet exist. Returns a localised error
1831     -otherwise.
1832     -
1833     -=cut
1834     -
1835     -sub validate_acctName_conflict
1836     -{
1837     - my $self = shift;
1838     - my $acctName = shift;
1839     -
1840     - my $account = $accountdb->get($acctName);
1841     - my $type;
1842     -
1843     - if (defined $account)
1844     - {
1845     - $type = $account->prop('type');
1846     - }
1847     - elsif (defined getpwnam($acctName) || defined getgrnam($acctName))
1848     - {
1849     - $type = "system";
1850     - }
1851     - else
1852     - {
1853     - return('OK');
1854     - }
1855     - return $self->localise('ACCOUNT_CONFLICT',
1856     - { account => $acctName,
1857     - type => $type,
1858     -});
1859     -}
1860     -
1861     -=head2 check_password
1862     -
1863     -Validates the password using the desired strength
1864     -
1865     -=cut
1866     -
1867     -sub check_password {
1868     - my $self = shift;
1869     - my $pass1 = shift;
1870     -
1871     - my $check_type;
1872     - my $rec = $configdb->get('passwordstrength');
1873     - $check_type = ($rec ? ($rec->prop('Users') || 'none') : 'none');
1874     -
1875     - return $self->validate_password($check_type,$pass1);
1876     -}
1877     -
1878     -
1879     -=head1 System Password manipulation routines
1880     -
1881     -XXX FIXME - These should be merged with the useraccouts versions
1882     -
1883     -=head2 system_password_compare
1884     -
1885     -=cut
1886     -
1887     -sub system_password_compare
1888     -{
1889     - my $self = shift;
1890     - my $pass2 = shift;
1891     -
1892     - my $pass1 = $self->{cgi}->param('pass');
1893     - unless ($pass1 eq $pass2) {
1894     - $self->{cgi}->param( -name => 'wherenext', -value => 'Password' );
1895     - return "SYSTEM_PASSWORD_VERIFY_ERROR";
1896     - }
1897     - return "OK";
1898     -}
1899     -
1900     -=head2 system_valid_password
1901     -
1902     -Throw an error if the password doesn't consist solely of one or more printable characters.
1903     -
1904     -=cut
1905     -
1906     -sub system_valid_password
1907     -{
1908     - my $self = shift;
1909     - my $pass1 = shift;
1910     - # If the password contains one or more printable character
1911     - if ($pass1 =~ /^([ -~]+)$/) {
1912     - return('OK');
1913     - } else {
1914     - $self->{cgi}->param( -name => 'wherenext', -value => 'Password' );
1915     - return 'SYSTEM_PASSWORD_UNPRINTABLES_IN_PASS';
1916     - }
1917     -}
1918     -
1919     -=head2 system_check_password
1920     -
1921     -Validates the password using the desired strength
1922     -
1923     -=cut
1924     -
1925     -sub system_check_password
1926     -{
1927     - my $self = shift;
1928     - my $pass1 = shift;
1929     -
1930     - use esmith::ConfigDB;
1931     - my $conf = esmith::ConfigDB->open();
1932     - my $check_type;
1933     - my $rec;
1934     - if ($conf)
1935     - {
1936     - $rec = $conf->get('passwordstrength');
1937     - }
1938     - $check_type = ($rec ? ($rec->prop('Admin') || 'strong') : 'strong');
1939     -
1940     - return $self->validate_password($check_type,$pass1);
1941     -}
1942     -
1943     -=head2 authenticate_password
1944     -
1945     -Compares the password with the current system password
1946     -
1947     -=cut
1948     -
1949     -sub system_authenticate_password
1950     -{
1951     - my $self = shift;
1952     - my $pass = shift;
1953     -
1954     - if (esmith::util::authenticateUnixPassword('root', $pass))
1955     - {
1956     - return "OK";
1957     - }
1958     - else
1959     - {
1960     - return "SYSTEM_PASSWORD_AUTH_ERROR";
1961     - }
1962     -}
1963     -
1964     -=head2 system_change_password
1965     -
1966     -If everything has been validated, properly, go ahead and set the new password.
1967     -
1968     -=cut
1969     -
1970     -sub system_change_password
1971     -{
1972     - my ($self) = @_;
1973     - my $pass = $self->{cgi}->param('pass');
1974     -
1975     - esmith::util::setUnixSystemPassword($pass);
1976     - esmith::util::setServerSystemPassword($pass);
1977     -
1978     - my $result = system("/sbin/e-smith/signal-event password-modify admin");
1979     -
1980     - if ($result == 0)
1981     - {
1982     - $self->success('SYSTEM_PASSWORD_CHANGED', 'First');
1983     - }
1984     - else
1985     - {
1986     - $self->error("Error occurred while modifying password for admin.", 'First');
1987     - }
1988     -
1989     - return;
1990     -}
1991     -
1992     -sub print_ipsec_client_section
1993     -{
1994     - my $self = shift;
1995     - my $q = $self->cgi;
1996     -
1997     - # Don't show ipsecrw setting unless the status property exists
1998     - return '' unless ($configdb->get('ipsec')
1999     - && $configdb->get('ipsec')->prop('RoadWarriorStatus'));
2000     - # Don't show ipsecrw setting unless /sbin/e-smith/roadwarrior exists
2001     - return '' unless -x '/sbin/e-smith/roadwarrior';
2002     - my $acct = $q->param('acctName');
2003     - my $rec = $accountdb->get($acct) if $acct;
2004     - if ($acct and $rec)
2005     - {
2006     - my $pwset = $rec->prop('PasswordSet') || 'no';
2007     - my $VPNaccess = $rec->prop('VPNClientAccess') || 'no';
2008     - if ($pwset eq 'yes' and $VPNaccess eq 'yes')
2009     - {
2010     - print $q->Tr(
2011     - $q->td({-class=>'sme-noborders-label'},
2012     - $self->localise('LABEL_IPSECRW_DOWNLOAD')),
2013     - $q->td({-class=>'sme-noborders-content'},
2014     - $q->a({-class=>'button-like',
2015     - -href=>"?action=getCert&user=$acct"},
2016     - $self->localise('BUTTON_IPSECRW_DOWNLOAD'))));
2017     - }
2018     - }
2019     - return '';
2020     -}
2021     -
2022     -sub get_ipsec_client_cert
2023     -{
2024     - my $self = shift;
2025     - my $q = shift;
2026     - my $user = $q->param('user');
2027     - ($user) = ($user =~ /^(.*)$/);
2028     -
2029     - die "Invalid user: $user\n" unless getpwnam($user);
2030     -
2031     - open (KID, "/sbin/e-smith/roadwarrior get_client_cert $user |")
2032     - or die "Can't fork: $!";
2033     - my $certfile = <KID>;
2034     - close KID;
2035     -
2036     - require File::Basename;
2037     - my $certname = File::Basename::basename($certfile);
2038     -
2039     - print "Expires: 0\n";
2040     - print "Content-type: application/x-pkcs12\n";
2041     - print "Content-disposition: inline; filename=$certname\n";
2042     - print "\n";
2043     -
2044     - open (CERT, "<$certfile");
2045     - while (<CERT>)
2046     - {
2047     - print;
2048     - }
2049     - close CERT;
2050     -
2051     - return '';
2052     -}
2053     -
2054     -sub display_email_forwarding
2055     -{
2056     - return defined $configdb->get('smtpd');
2057     -}
2058     -
2059     -1;

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed