/[smecontribs]/rpms/smeserver-kronolith/contribs7/smeserver-kronolith-1.1-usermanager.patch
ViewVC logotype

Contents of /rpms/smeserver-kronolith/contribs7/smeserver-kronolith-1.1-usermanager.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.2 - (show annotations) (download)
Thu Jun 26 18:09:38 2008 UTC (16 years, 5 months ago) by slords
Branch: MAIN
CVS Tags: HEAD
Changes since 1.1: +0 -0 lines
FILE REMOVED
* Sun Jun 22 2008 John H. Bennett III <bennettj@johnbennettservices.com> 2.2-1
- Initial production build
- Jump in package name to reflect new version of kronolith

1 diff -Nur -x '*.orig' -x '*.rej' smeserver-kronolith-1.1.sme/createlinks smeserver-kronolith-1.1/createlinks
2 --- smeserver-kronolith-1.1.sme/createlinks 2006-11-09 21:37:18.000000000 -0700
3 +++ smeserver-kronolith-1.1/createlinks 2008-04-01 09:38:16.000000000 -0600
4 @@ -28,22 +28,5 @@
5 qw(post-upgrade));
6 }
7
8 -sub panel_link
9 -{
10 - my ($function, $panel) = @_;
11 -
12 - my $cgibin = "root/etc/e-smith/web/panels/$panel/cgi-bin";
13 -
14 - safe_symlink("../../../functions/$function",
15 - "$cgibin/$function")
16 -}
17 -
18 -#--------------------------------------------------
19 -# functions for manager panel
20 -#--------------------------------------------------
21 -my $panel = "manager";
22 -
23 -panel_link("advuseraccounts", $panel);
24 -
25 event_link("adv-ldap-update", "user-create", "27");
26 event_link("adv-ldap-update", "user-modify", "27");
27 diff -Nur -x '*.orig' -x '*.rej' smeserver-kronolith-1.1.sme/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/advuseraccounts smeserver-kronolith-1.1/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/advuseraccounts
28 --- smeserver-kronolith-1.1.sme/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/advuseraccounts 2008-04-01 09:33:48.000000000 -0600
29 +++ smeserver-kronolith-1.1/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/advuseraccounts 1969-12-31 17:00:00.000000000 -0700
30 @@ -1,446 +0,0 @@
31 -<!-- vim: ft=xml ts=8 sw=4 et
32 --->
33 -<lexicon lang="en-us">
34 - <entry>
35 - <base>FORM_TITLE</base>
36 - <trans>Create, modify, or remove user accounts</trans>
37 - </entry>
38 - <entry>
39 - <base>FIRSTPAGE_DESC</base>
40 - <trans>
41 - <![CDATA[
42 - <p>
43 - <a class="button-like"
44 - href="advuseraccounts?page=1&page_stack=&Next=Next">Add
45 - user account</a>
46 - </p>
47 - <p>
48 - You can modify, lock or remove any account or reset the
49 - account's password by clicking on the
50 - corresponding command next to the account.
51 - </p>
52 - <p>
53 - If the account is marked as locked, that means that the
54 - user's password needs to be reset. Please note
55 - that newly created accounts are automatically locked until
56 - the password is changed.
57 - </p>
58 - ]]>
59 - </trans>
60 - </entry>
61 - <entry>
62 - <base>P2_TITLE</base>
63 - <trans>Create or modify</trans>
64 - </entry>
65 - <entry>
66 - <base>CREATE_MODIFY_DESC</base>
67 - <trans>
68 - <![CDATA[
69 - <p>
70 - The account name should contain only lower-case
71 - letters, numbers, hyphens, periods, underscores and should start with a
72 - lower-case letter. For example "betty",
73 - "hjohnson", and "mary-jane" are all valid account names,
74 - but "3friends", "John Smith", and "henry_miller" are not.
75 - </p>
76 - <p>
77 - Note that two special pseudonyms will be created for each
78 - new account. These pseudonyms provide the ability to have
79 - alternative mail accounts for that
80 - user which include their first name and last name
81 - separated with a period (.) and underscore (_). So, for
82 - the account "betty" with first name "Betty" and
83 - last name "Rubble" two pseudonyms are created as
84 - betty.rubble and betty_rubble.
85 - </p>
86 - <p>
87 - The directory information (department, company, etc.)
88 - can be changed from the defaults shown below. The
89 - changes will apply only to this user.
90 - </p>
91 - <p>
92 - The Calendar Free/Busy URL needs to be in the following format:<br>
93 - https://www.<b>domain.com</b>/horde/kronolith/fb.php?u=<b>user%40domain.com.&nbsp;&nbsp;Note:</b>
94 - %40 translates to the @ character.<br>
95 - </p>
96 - ]]>
97 - </trans>
98 - </entry>
99 - <entry>
100 - <base>MODIFY_ADMIN_TITLE</base>
101 - <trans>Modify the admin account</trans>
102 - </entry>
103 - <entry>
104 - <base>MAX_USERS_EXCEEDED</base>
105 - <trans>ERROR: Unable to add user account. You have reached the
106 - maximum number of users for which you have licenses. You
107 - need to either delete an existing user account or contact
108 - your authorized reseller to purchase
109 - additional user licenses.
110 - </trans>
111 - </entry>
112 - <entry>
113 - <base>USER_CREATED</base>
114 - <trans>Successfully created user account. </trans>
115 - </entry>
116 - <entry>
117 - <base>USER_MODIFIED</base>
118 - <trans>Successfully modified user account. </trans>
119 - </entry>
120 - <entry>
121 - <base>CANNOT_MODIFY_USER</base>
122 - <trans>Error: an internal error occurred while attempting to modify
123 - the user "{$acctName}".
124 - </trans>
125 - </entry>
126 - <entry>
127 - <base>CANNOT_MODIFY_USER_GROUPS</base>
128 - <trans>Error: an internal error occurred while attempting to modify
129 - the group "{$group}" for user "{$acctName}".
130 - </trans>
131 - </entry>
132 - <entry>
133 - <base>TAINTED_USER</base>
134 - <trans>The account name "{$acctName}" contains invalid characters.</trans>
135 - </entry>
136 - <entry>
137 - <base>ACCOUNT_NAME</base>
138 - <trans>Account name</trans>
139 - </entry>
140 - <entry>
141 - <base>ACTION</base>
142 - <trans>Action</trans>
143 - </entry>
144 - <entry>
145 - <base>FIRSTNAME</base>
146 - <trans>First name</trans>
147 - </entry>
148 - <entry>
149 - <base>LASTNAME</base>
150 - <trans>Last name</trans>
151 - </entry>
152 - <entry>
153 - <base>DEPARTMENT</base>
154 - <trans>Department</trans>
155 - </entry>
156 - <entry>
157 - <base>COMPANY</base>
158 - <trans>Company</trans>
159 - </entry>
160 - <entry>
161 - <base>STREET_ADDRESS</base>
162 - <trans>Street address</trans>
163 - </entry>
164 - <entry>
165 - <base>DEPARTMENT</base>
166 - <trans>Department</trans>
167 - </entry>
168 - <entry>
169 - <base>CITY</base>
170 - <trans>City</trans>
171 - </entry>
172 - <entry>
173 - <base>PHONE_NUMBER</base>
174 - <trans>Phone number</trans>
175 - </entry>
176 - <entry>
177 - <base>EMAIL_DELIVERY</base>
178 - <trans>Email delivery</trans>
179 - </entry>
180 - <entry>
181 - <base>DELIVER_EMAIL_LOCALLY</base>
182 - <trans>Deliver email locally</trans>
183 - </entry>
184 - <entry>
185 - <base>FORWARD_EMAIL</base>
186 - <trans>Forward email to address below</trans>
187 - </entry>
188 - <entry>
189 - <base>DELIVER_AND_FORWARD</base>
190 - <trans>Both deliver locally and forward</trans>
191 - </entry>
192 - <entry>
193 - <base>FORWARDING_ADDRESS</base>
194 - <trans>Forwarding address</trans>
195 - </entry>
196 - <entry>
197 - <base>FREEBUSY_URL</base>
198 - <trans>Calendar Free/Busy URL</trans>
199 - </entry>
200 - <entry>
201 - <base>GROUP_MEMBERSHIPS</base>
202 - <trans>Group memberships</trans>
203 - </entry>
204 - <entry>
205 - <base>ACCOUNT</base>
206 - <trans>Account</trans>
207 - </entry>
208 - <entry>
209 - <base>USER_NAME</base>
210 - <trans>User name</trans>
211 - </entry>
212 - <entry>
213 - <base>SAVE</base>
214 - <trans>Save</trans>
215 - </entry>
216 - <entry>
217 - <base>ADD</base>
218 - <trans>Add</trans>
219 - </entry>
220 -
221 - <entry>
222 - <base>PASSWORD1</base>
223 - <trans>New password</trans>
224 - </entry>
225 - <entry>
226 - <base>PASSWORD2</base>
227 - <trans>New password (verify)</trans>
228 - </entry>
229 - <entry>
230 - <base>PASSWORD_VERIFY_ERROR</base>
231 - <trans>The passwords you entered did not match.</trans>
232 - </entry>
233 - <entry>
234 - <base>RESET_DESC</base>
235 - <trans>You are about to change the password for the user account</trans>
236 - </entry>
237 - <entry>
238 - <base>RESET_DESC2</base>
239 - <trans>Enter the new password in the fields below</trans>
240 - </entry>
241 - <entry>
242 - <base>RESET_PASSWORD_TITLE</base>
243 - <trans>Reset user password</trans>
244 - </entry>
245 - <entry>
246 - <base>ERR_OCCURRED_MODIFYING_PASSWORD</base>
247 - <trans>An error occurred while updating the password</trans>
248 - </entry>
249 - <entry>
250 - <base>PASSWORD_CHANGE_SUCCEEDED</base>
251 - <trans>Successfully changed password for user "{$acctName}".</trans>
252 - </entry>
253 - <entry>
254 - <base>LOCK_DESC</base>
255 - <trans>You are about to lock the user account</trans>
256 - </entry>
257 - <entry>
258 - <base>LOCKED_ACCOUNT</base>
259 - <trans>Successfully locked account for user "{$acctName}".</trans>
260 - </entry>
261 - <entry>
262 - <base>NO_SUCH_USER</base>
263 - <trans>Error: the user account "{$acctName}" does not exist.</trans>
264 - </entry>
265 - <entry>
266 - <base>PSEUDONYM_CLASH</base>
267 - <trans>Error: the pseudonym "{$pseudonym}" is already taken by the
268 - existing user account "{$clashName}". To differentiate, add
269 - initials to this field."</trans>
270 - </entry>
271 - <entry>
272 - <base>MODIFY</base>
273 - <trans>Modify</trans>
274 - </entry>
275 - <entry>
276 - <base>RESET_PASSWORD</base>
277 - <trans>Reset password</trans>
278 - </entry>
279 - <entry>
280 - <base>LOCK_ACCOUNT</base>
281 - <trans>Lock account</trans>
282 - </entry>
283 - <entry>
284 - <base>REMOVE</base>
285 - <trans>Remove</trans>
286 - </entry>
287 - <entry>
288 - <base>LOCK_ACCOUNT_TITLE</base>
289 - <trans>Lock user account</trans>
290 - </entry>
291 - <entry>
292 - <base>LOCK_DESC2</base>
293 - <trans>
294 - <![CDATA[
295 - This user account will be locked. This means that this user
296 - will not be able to log in, and will not be able
297 - to collect e-mail. Any e-mail arriving will still be stored
298 - and/or forwarded to an external e-mail address,
299 - as configured. The account may be activated in the future by
300 - setting a new password. The current
301 - password will not be retained.
302 - </p>
303 - <p>
304 - <b>Are you sure you wish to lock this account?</b>
305 - ]]>
306 - </trans>
307 - </entry>
308 - <entry>
309 - <base>REMOVE_ACCOUNT_TITLE</base>
310 - <trans>Remove user account</trans>
311 - </entry>
312 - <entry>
313 - <base>REMOVE_DESC</base>
314 - <trans>You are about to remove the user account</trans>
315 - </entry>
316 - <entry>
317 - <base>REMOVE_DESC2</base>
318 - <trans>
319 - <![CDATA[
320 - All files belonging to this user account will be deleted.
321 - Also, any e-mail for this user account still
322 - remaining on the server (i.e. that has not yet been
323 - retrieved by the user) will be discarded.
324 - </p>
325 - <p>
326 - <b>Are you sure you wish to remove this account?</b>
327 - ]]>
328 - </trans>
329 - </entry>
330 - <entry>
331 - <base>LOCK</base>
332 - <trans>Lock</trans>
333 - </entry>
334 - <entry>
335 - <base>NO_USER_ACCOUNTS</base>
336 - <trans>There are no user accounts on this system.</trans>
337 - </entry>
338 - <entry>
339 - <base>ACCOUNT_IS_LOCKED</base>
340 - <trans>Account is locked</trans>
341 - </entry>
342 - <entry>
343 - <base>Collaboration</base>
344 - <trans>Collaboration</trans>
345 - </entry>
346 - <entry>
347 - <base>Users</base>
348 - <trans>Users</trans>
349 - </entry>
350 - <entry>
351 - <base>ACCT_NAME_HAS_INVALID_CHARS</base>
352 - <trans>The account name "{$acctName}" contains invalid characters.
353 - Account names must start with a lower case letter and contain
354 - only lower case letters, numbers, hyphens, periods and underscores.
355 - </trans>
356 - </entry>
357 - <entry>
358 - <base>ACCOUNT_TOO_LONG</base>
359 - <trans>Error: account name is too long. The maximum is {$maxLength}
360 - characters.
361 - </trans>
362 - </entry>
363 - <entry>
364 - <base>ACCOUNT_CONFLICT</base>
365 - <trans>Error: the account "{$account}" can't be created because
366 - there is already a {$type} account of that name.</trans>
367 - </entry>
368 - <entry>
369 - <base>ERR_OCCURRED_CREATING</base>
370 - <trans>An error occurred creating the user.</trans>
371 - </entry>
372 - <entry>
373 - <base>CANNOT_CONTAIN_WHITESPACE</base>
374 - <trans>This field cannot contain white-space</trans>
375 - </entry>
376 - <entry>
377 - <base>UNACCEPTABLE_CHARS</base>
378 - <trans>
379 - This field must contain only letters, numbers, dots, hypens and
380 - underscores and start with a letter
381 - </trans>
382 - </entry>
383 - <entry>
384 - <base>MEMBER</base>
385 - <trans>Member?</trans>
386 - </entry>
387 - <entry>
388 - <base>GROUP</base>
389 - <trans>Group</trans>
390 - </entry>
391 - <entry>
392 - <base>DESCRIPTION</base>
393 - <trans>Description</trans>
394 - </entry>
395 - <entry>
396 - <base>VPN_CLIENT_ACCESS</base>
397 - <trans>VPN Client Access</trans>
398 - </entry>
399 - <entry>
400 - <base>YES</base>
401 - <trans>Yes</trans>
402 - </entry>
403 - <entry>
404 - <base>NO</base>
405 - <trans>No</trans>
406 - </entry>
407 -
408 - <entry>
409 - <base>SYSTEM_PASSWORD_FORM_TITLE</base>
410 - <trans>Change system password</trans>
411 - </entry>
412 - <entry>
413 - <base>SYSTEM_PASSWORD_DESCRIPTION</base>
414 - <trans>
415 - <![CDATA[
416 - Certain services on this server installation require a
417 - username and password (for example this web page for the server manager
418 - application). The username is always admin. You can change the system
419 - password using the fields below.
420 - ]]>
421 - </trans>
422 - </entry>
423 - <entry>
424 - <base>SYSTEM_PASSWORD_UNPRINTABLES_IN_PASS</base>
425 - <trans>Password must contain only printable characters</trans>
426 - </entry>
427 - <entry>
428 - <base>SYSTEM_PASSWORD_VERIFY_ERROR</base>
429 - <trans>The two passwords are not identical.</trans>
430 - </entry>
431 - <entry>
432 - <base>SYSTEM_PASSWORD_AUTH_ERROR</base>
433 - <trans>The current password is incorrect.</trans>
434 - </entry>
435 - <entry>
436 - <base>SYSTEM_PASSWORD_CHANGED</base>
437 - <trans>
438 - <![CDATA[
439 - The system password has been changed.
440 - Since this manager application is password protected, you will
441 - <b>immediately</b>
442 - be prompted for the new system password if you try to continue.
443 - ]]>
444 - </trans>
445 - </entry>
446 - <entry>
447 - <base>SYSTEM_PASSWORD_CHANGE_SUCCEEDED</base>
448 - <trans>Thse system password has been changed</trans>
449 - </entry>
450 - <entry>
451 - <base>CURRENT_SYSTEM_PASSWORD</base>
452 - <trans>Current system password</trans>
453 - </entry>
454 - <entry>
455 - <base>NEW_SYSTEM_PASSWORD</base>
456 - <trans>New system password</trans>
457 - </entry>
458 - <entry>
459 - <base>NEW_SYSTEM_PASSWORD_VERIFY</base>
460 - <trans>New system password (verify)</trans>
461 - </entry>
462 - <entry>
463 - <base>LABEL_IPSECRW_DOWNLOAD</base>
464 - <trans>Download digital certificate to IPSec client</trans>
465 - </entry>
466 - <entry>
467 - <base>BUTTON_IPSECRW_DOWNLOAD</base>
468 - <trans>Download</trans>
469 - </entry>
470 - <entry>
471 - <base>ERR_OCCURRED_DELETING</base>
472 - <trans>
473 - An error occurred while trying to delete the user.
474 - </trans>
475 - </entry>
476 -</lexicon>
477 diff -Nur -x '*.orig' -x '*.rej' smeserver-kronolith-1.1.sme/root/etc/e-smith/web/functions/advuseraccounts smeserver-kronolith-1.1/root/etc/e-smith/web/functions/advuseraccounts
478 --- smeserver-kronolith-1.1.sme/root/etc/e-smith/web/functions/advuseraccounts 2006-09-14 21:13:05.000000000 -0600
479 +++ smeserver-kronolith-1.1/root/etc/e-smith/web/functions/advuseraccounts 1969-12-31 17:00:00.000000000 -0700
480 @@ -1,284 +0,0 @@
481 -#!/usr/bin/perl -wT
482 -
483 -# vim: ft=xml ts=4 sw=4 et:
484 -#----------------------------------------------------------------------
485 -# heading : Collaboration
486 -# description : Advanced User Management
487 -# navigation : 2000 2105
488 -#----------------------------------------------------------------------
489 -#----------------------------------------------------------------------
490 -# copyright (C) 2002 Mitel Networks Corporation
491 -#
492 -# This program is free software; you can redistribute it and/or modify
493 -# it under the terms of the GNU General Public License as published by
494 -# the Free Software Foundation; either version 2 of the License, or
495 -# (at your option) any later version.
496 -#
497 -# This program is distributed in the hope that it will be useful,
498 -# but WITHOUT ANY WARRANTY; without even the implied warranty of
499 -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
500 -# GNU General Public License for more details.
501 -#
502 -# You should have received a copy of the GNU General Public License
503 -# along with this program; if not, write to the Free Software
504 -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
505 -#
506 -# Technical support for this program is available from Mitel Networks
507 -# Please visit our web site www.mitel.com/sme/ for details.
508 -#----------------------------------------------------------------------
509 -
510 -use strict;
511 -use esmith::TestUtils;
512 -use esmith::FormMagick::Panel::advuseraccounts;
513 -
514 -my $fm = esmith::FormMagick::Panel::advuseraccounts->new();
515 -
516 -# XXX: need to print custom http headers, so bypass FormMagick
517 -use CGI;
518 -my $q = new CGI;
519 -if ($q->param('action') && $q->param('action') eq 'getCert')
520 -{
521 - $q->delete('action');
522 - $fm->get_ipsec_client_cert($q);
523 -}
524 -else
525 -{
526 - $fm->display();
527 -}
528 -
529 -=pod
530 -
531 -=head1 NAME
532 -
533 -advuseraccounts -- create/modify/delete user accounts
534 -
535 -=head2 DESCRIPTION
536 -
537 -This screen allows the administrator to create, modify or delete user
538 -accounts on the system.
539 -
540 -=begin testing
541 -
542 -use esmith::FormMagick::Tester;
543 -use esmith::TestUtils;
544 -use esmith::ConfigDB;
545 -use esmith::AccountsDB;
546 -
547 -my $panel = $Original_File;
548 -my $ua = esmith::FormMagick::Tester->new();
549 -
550 -my $c = esmith::ConfigDB->open();
551 -my $a = esmith::AccountsDB->open();
552 -
553 -is (mode($panel), '4755', "Check permissions on script");
554 -ok ($ua->get_panel($panel), "ABOUT TO RUN L10N TESTS");
555 -is ($ua->{status}, 200, "200 OK");
556 -like($ua->{content}, qr/FORM_TITLE/, "Saw untranslated form title");
557 -ok ($ua->set_language("en-us"), "Set language to U.S. English");
558 -ok ($ua->get_panel($panel), "Get panel");
559 -is ($ua->{status}, 200, "200 OK");
560 -like($ua->{content}, qr/User accounts/, "Saw translated form title");
561 -
562 -
563 -#
564 -# Testing creating users
565 -#
566 -
567 -ok ($ua->get_panel($panel), "ABOUT TO TEST CREATING USER");
568 -ok ($ua->follow("Click here"), "Follow 'create user' link");
569 -is ($ua->{status}, 200, "200 OK");
570 -like($ua->{content}, qr/Account name/, "Saw form fields");
571 -
572 -#
573 -# Check that address details are picked up from LDAP
574 -#
575 -
576 -my $ldap_record = $c->get('ldap');
577 -my $city = $ldap_record->prop('DefaultCity');
578 -
579 -like($ua->{content}, qr/$city/, "Pick up address from LDAP");
580 -
581 -#
582 -# Creating a new user
583 -#
584 -
585 -my $new_username = new_random_username();
586 -
587 -can_ok($ua, "field");
588 -ok ($ua->{form}->find_input('acctName'),
589 - "Find acctName field to fill in");
590 -$ua->field("acctName" => $new_username);
591 -ok ($ua->click("Save"), "Click Save");
592 -is ($ua->{status}, 200, "200 OK");
593 -like($ua->{content}, qr/must not be left blank/, "Saw validation messages");
594 -
595 -$ua->field("FirstName" => "Fred");
596 -$ua->field("LastName" => "Foonly");
597 -
598 -ok ($ua->click("Save"), "Click Save");
599 -is ($ua->{status}, 200, "200 OK");
600 -
601 -#
602 -# Testing modify user
603 -#
604 -
605 -ok ($ua->get_panel($panel), "ABOUT TO TEST MODIFYING A USER");
606 -is ($ua->{status}, 200, "200 OK");
607 -ok ($ua->follow('Modify'), "Follow modify link");
608 -is ($ua->{status}, 200, "200 OK");
609 -like($ua->{content}, qr/value="Save"/, "Saw 'Save' on the button");
610 -
611 -#
612 -# Testing removal of a user
613 -#
614 -
615 -ok ($ua->get_panel($panel), "ABOUT TO TEST USER REMOVAL");
616 -is ($ua->{status}, 200, "200 OK");
617 -ok ($ua->follow('Remove'), "Follow remove link");
618 -is ($ua->{status}, 200, "200 OK");
619 -like($ua->{content}, qr/Remove/, "Saw 'Remove'");
620 -like($ua->{content}, qr/value="Remove"/, "Saw 'Remove' on the button");
621 -
622 -#
623 -# Testing password reset
624 -#
625 -
626 -ok ($ua->get_panel($panel), "ABOUT TO TEST PASSWORD RESET");
627 -is ($ua->{status}, 200, "200 OK");
628 -ok ($ua->follow('Reset password'), "Follow reset password link");
629 -like($ua->{content}, qr/Reset password/,"Saw 'Reset password'");
630 -
631 -SKIP:
632 -{
633 - skip 3, "Unsafe!" unless destruction_ok();
634 - $ua->field(password1 => "test");
635 - $ua->field(password2 => "test");
636 - ok($ua->click('Save'), "Set password to 'test', click Save");
637 - is($ua->{status}, 200, "200 OK");
638 - like($ua->{content}, qr/Click here/, "Returned to first page");
639 -}
640 -
641 -=end testing
642 -
643 -=cut
644 -
645 -
646 -__DATA__
647 -<form title="FORM_TITLE" header="/etc/e-smith/web/common/head.tmpl" footer="/etc/e-smith/web/common/foot.tmpl">
648 - <page name="First" pre-event="print_status_message()">
649 - <description>FIRSTPAGE_DESC</description>
650 - <subroutine src="print_user_table()" />
651 - </page>
652 - <page name="CheckMaxUsersAdd" post-event="checkMaxUsers('CreateModify')">
653 - </page>
654 - <page name="CreateModify" pre-event="turn_off_buttons()" post-event="handle_user_accounts()">
655 - <title>P2_TITLE</title>
656 - <description>CREATE_MODIFY_DESC</description>
657 - <subroutine src="print_acctName_field()" />
658 - <field type="text" id="FirstName" validation="nonblank, pseudonym_clash">
659 - <label>FIRSTNAME</label>
660 - </field>
661 - <field type="text" id="LastName" validation="nonblank">
662 - <label>LASTNAME</label>
663 - </field>
664 - <field type="text" id="Dept"
665 - value="get_ldap_value('Dept')">
666 - <label>DEPARTMENT</label>
667 - </field>
668 - <field type="text" id="Company"
669 - value="get_ldap_value('Company')">
670 - <label>COMPANY</label>
671 - </field>
672 - <field type="text" id="Street"
673 - value="get_ldap_value('Street')">
674 - <label>STREET_ADDRESS</label>
675 - </field>
676 - <field type="text" id="City"
677 - value="get_ldap_value('City')">
678 - <label>CITY</label>
679 - </field>
680 - <field type="text" id="Phone"
681 - value="get_ldap_value('Phone')">
682 - <label>PHONE_NUMBER</label>
683 - </field>
684 - <field type="select" id="EmailForward" options="'local' =>
685 - 'DELIVER_EMAIL_LOCALLY', 'forward' => 'FORWARD_EMAIL',
686 - 'both' => 'DELIVER_AND_FORWARD'" validation="nonblank" value='local'
687 - display="display_email_forwarding()"
688 - >
689 - <label>EMAIL_DELIVERY</label>
690 - </field>
691 - <field type="text" id="ForwardAddress" validation="emailforward()"
692 - display="display_email_forwarding()"
693 - >
694 - <label>FORWARDING_ADDRESS</label>
695 - </field>
696 - <field type="text" id="FreeBusy" size="85">
697 - <label>FREEBUSY_URL</label>
698 - </field>
699 - <field type="select" id="VPNClientAccess" options="'yes' => 'YES',
700 - 'no' => 'NO'" validation="nonblank" value="get_pptp_value()">
701 - <label>VPN_CLIENT_ACCESS</label>
702 - </field>
703 - <subroutine src="print_ipsec_client_section()" />
704 - <subroutine src="print_groupMemberships_field()" />
705 - <subroutine src="print_save_or_add_button()" />
706 - </page>
707 - <page name="ModifyAdmin" pre-event="turn_off_buttons()" post-event="modify_admin()">
708 - <title>MODIFY_ADMIN_TITLE</title>
709 - <subroutine src="print_acctName_field()" />
710 - <field type="text" id="FirstName" validation="nonblank, pseudonym_clash">
711 - <label>FIRSTNAME</label>
712 - </field>
713 - <field type="text" id="LastName" validation="nonblank">
714 - <label>LASTNAME</label>
715 - </field>
716 - <field type="select" id="VPNClientAccess" options="'yes' => 'YES',
717 - 'no' => 'NO'" validation="nonblank" value="get_pptp_value()">
718 - <label>VPN_CLIENT_ACCESS</label>
719 - </field>
720 - <subroutine src="print_ipsec_client_section()" />
721 - <subroutine src="print_button('SAVE')" />
722 - </page>
723 - <page name="CheckMaxUsersUnlock" post-event="checkMaxUsers('ResetPassword')">
724 - </page>
725 - <page name="ResetPassword" pre-event="turn_off_buttons()" post-event="reset_password()">
726 - <title>RESET_PASSWORD_TITLE</title>
727 - <subroutine src="print_page_description('reset')" />
728 - <field type="password" id="password1" validation="nonblank, check_password">
729 - <label>PASSWORD1</label>
730 - </field>
731 - <field type="password" id="password2" validation="verifyPasswords">
732 - <label>PASSWORD2</label>
733 - </field>
734 - <subroutine src="print_button('SAVE')" />
735 - </page>
736 - <page name="LockAccount" pre-event="turn_off_buttons()" post-event="lock_account()">
737 - <title>LOCK_ACCOUNT_TITLE</title>
738 - <subroutine src="print_page_description('lock')" />
739 - <subroutine src="print_button('LOCK')" />
740 - </page>
741 - <page name="RemoveAccount" pre-event="turn_off_buttons()" post-event="remove_account()">
742 - <title>REMOVE_ACCOUNT_TITLE</title>
743 - <subroutine src="print_page_description('remove')" />
744 - <subroutine src="print_button('REMOVE')" />
745 - </page>
746 -
747 - <page name="SystemPasswordDummy">
748 - </page>
749 - <page name="SystemPassword" pre-event="turn_off_buttons()"
750 - post-event="system_change_password" >
751 - <description>SYSTEM_PASSWORD_DESCRIPTION</description>
752 -
753 - <field type="password" id="curpass" validation="nonblank, system_authenticate_password">
754 - <label>CURRENT_SYSTEM_PASSWORD</label>
755 - </field>
756 - <field type="password" id="pass" validation="nonblank, system_check_password">
757 - <label>NEW_SYSTEM_PASSWORD</label>
758 - </field>
759 - <field type="password" id="passVerify" validation="system_password_compare">
760 - <label>NEW_SYSTEM_PASSWORD_VERIFY</label>
761 - </field>
762 - <subroutine src="print_button('SAVE')" />
763 - </page>
764 -</form>
765 diff -Nur -x '*.orig' -x '*.rej' smeserver-kronolith-1.1.sme/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/advuseraccounts.pm smeserver-kronolith-1.1/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/advuseraccounts.pm
766 --- smeserver-kronolith-1.1.sme/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/advuseraccounts.pm 2006-09-14 21:13:05.000000000 -0600
767 +++ smeserver-kronolith-1.1/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/advuseraccounts.pm 1969-12-31 17:00:00.000000000 -0700
768 @@ -1,1291 +0,0 @@
769 -#!/usr/bin/perl -w
770 -
771 -#----------------------------------------------------------------------
772 -# $Id: advuseraccounts.pm,v 1.108 2004/11/11 20:05:56 charlieb Exp $
773 -#----------------------------------------------------------------------
774 -# copyright (C) 1999-2006 Mitel Networks Corporation
775 -#
776 -# This program is free software; you can redistribute it and/or modify
777 -# it under the terms of the GNU General Public License as published by
778 -# the Free Software Foundation; either version 2 of the License, or
779 -# (at your option) any later version.
780 -#
781 -# This program is distributed in the hope that it will be useful,
782 -# but WITHOUT ANY WARRANTY; without even the implied warranty of
783 -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
784 -# GNU General Public License for more details.
785 -#
786 -# You should have received a copy of the GNU General Public License
787 -# along with this program; if not, write to the Free Software
788 -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
789 -#----------------------------------------------------------------------
790 -package esmith::FormMagick::Panel::advuseraccounts;
791 -
792 -use strict;
793 -
794 -use esmith::FormMagick;
795 -use esmith::AccountsDB;
796 -use esmith::ConfigDB;
797 -use esmith::cgi;
798 -use esmith::util;
799 -use File::Basename;
800 -use Exporter;
801 -use Carp qw(verbose);
802 -
803 -our @ISA = qw(esmith::FormMagick Exporter);
804 -
805 -our @EXPORT = qw(
806 - print_user_table
807 - print_acctName_field
808 - print_groupMemberships_field
809 - print_page_description
810 - get_ldap_value
811 - username_clash
812 - pseudonym_clash
813 - checkMaxUsers
814 - handle_user_accounts
815 - modify_admin
816 - emailforward
817 - verifyPasswords
818 - lock_account
819 - remove_account
820 - reset_password
821 - check_password
822 - print_save_or_add_button
823 - get_pptp_value
824 - print_ipsec_client_section
825 -
826 - system_password_compare
827 - system_valid_password
828 - system_change_password
829 - system_check_password
830 - system_authenticate_password
831 -);
832 -
833 -our $VERSION = sprintf '%d.%03d', q$Revision: 1.108 $ =~ /: (\d+).(\d+)/;
834 -
835 -our $accountdb = esmith::AccountsDB->open();
836 -our $configdb = esmith::ConfigDB->open();
837 -
838 -=pod
839 -
840 -=head1 NAME
841 -
842 -esmith::FormMagick::Panels::advuseraccounts - useful panel functions
843 -
844 -=head1 SYNOPSIS
845 -
846 -use esmith::FormMagick::Panels::useraccount;
847 -
848 -my $panel = esmith::FormMagick::Panel::useraccount->new();
849 -$panel->display();
850 -
851 -=head1 DESCRIPTION
852 -
853 -
854 -=head2 new();
855 -
856 -Exactly as for esmith::FormMagick
857 -
858 -=begin testing
859 -
860 -$ENV{ESMITH_ACCOUNT_DB} = "10e-smith-base/accounts.conf";
861 -$ENV{ESMITH_CONFIG_DB} = "10e-smith-base/configuration.conf";
862 -
863 -open DATA, "echo '<form></form>'|";
864 -use_ok('esmith::FormMagick::Panel::advuseraccounts');
865 -use vars qw($panel);
866 -ok($panel = esmith::FormMagick::Panel::advuseraccounts->new(),
867 -"Create panel object");
868 -close DATA;
869 -isa_ok($panel, 'esmith::FormMagick::Panel::advuseraccounts');
870 -$panel->{cgi} = CGI->new();
871 -$panel->parse_xml();
872 -
873 -{ package esmith::FormMagick::Panel::advuseraccounts;
874 -our $accountdb;
875 -::isa_ok($accountdb, 'esmith::AccountsDB');
876 -}
877 -
878 -=end testing
879 -
880 -=cut
881 -
882 -sub new {
883 - shift;
884 - my $self = esmith::FormMagick->new();
885 - $self->{calling_package} = (caller)[0];
886 - bless $self;
887 - return $self;
888 -}
889 -
890 -=head1 HTML GENERATION ROUTINES
891 -
892 -Routines for generating chunks of HTML needed by the panel.
893 -
894 -=head2 print_user_table
895 -
896 -Prints out the user table on the front page.
897 -
898 -=for testing
899 -$panel->print_user_table;
900 -like($_STDOUT_, qr/bart/, "Found usernames in user table output");
901 -like($_STDOUT_, qr/ff0000/, "Found red 'reset password' output");
902 -
903 -=cut
904 -
905 -sub print_user_table {
906 - my $self = shift;
907 - my $q = $self->{cgi};
908 - my $account = $self->localise('ACCOUNT');
909 - my $acctName = $self->localise('USER_NAME');
910 -
911 - my $modify = $self->localise('MODIFY');
912 - my $resetpw = $self->localise('RESET_PASSWORD');
913 - my $lock = $self->localise('LOCK_ACCOUNT');
914 - my $account_locked = $self->localise('ACCOUNT_IS_LOCKED');
915 - my $remove = $self->localise('REMOVE');
916 -
917 - my @users = $accountdb->get('admin');
918 - push @users, $accountdb->users();
919 -
920 - unless ( scalar @users )
921 - {
922 - print $q->Tr($q->td($self->localise('NO_USER_ACCOUNTS')));
923 - return "";
924 - }
925 - print " <tr>\n <td colspan=\"2\">\n ";
926 - print $q->start_table ({-CLASS => "sme-border"}),"\n ";
927 - print $q->Tr(
928 - esmith::cgi::genSmallCell($q, $self->localise($account),"header"),
929 - esmith::cgi::genSmallCell($q, $self->localise($acctName),"header"),
930 - esmith::cgi::genSmallCell($q, $self->localise('VPN_CLIENT_ACCESS'), "header"),
931 - esmith::cgi::genSmallCell($q, $self->localise('ACTION'),"header",4));
932 -
933 - my $scriptname = basename($0);
934 - my $index=0;
935 -
936 - foreach my $u (@users) {
937 - my $username = $u->key();
938 - my $first = $u->prop('FirstName');
939 - my $last = $u->prop('LastName');
940 - my $lockable = $u->prop('Lockable') || 'yes';
941 - my $removable = $u->prop('Removable') || 'yes';
942 - my $vpnaccess = $u->prop('VPNClientAccess') || 'no';
943 - $vpnaccess = $vpnaccess eq 'yes' ? $self->localise('YES') :
944 - $self->localise('NO');
945 -
946 - my $params = $self->build_user_cgi_params($username, $u->props());
947 -
948 - my $password_set = $u->prop('PasswordSet');
949 -
950 - my $pagenum = ($username eq "admin") ? $self->get_page_by_name('SystemPasswordDummy')
951 - : $self->get_page_by_name('CheckMaxUsersUnlock');
952 -
953 - # make normal links
954 - my $lock_url = ($password_set eq 'yes') ?
955 - qq(<a href="$scriptname?$params&Next=Next&wherenext=LockAccount">$lock</a>) :
956 - qq($account_locked);
957 -
958 - $lock_url = "" unless ($lockable eq "yes");
959 -
960 - my $where_next = ($username eq "admin") ? "ModifyAdmin" : "CreateModify";
961 - my $action1 = "<a href=\"$scriptname?page=0&page_stack=&acctName=$username&Next=Next&action=modify&wherenext=$where_next\">$modify</a>";
962 -
963 - my $action2 = "<a href=\"$scriptname?page=$pagenum&page_stack=&Next=Next&acctName=$username\">$resetpw</a>";
964 -
965 - unless ($password_set eq 'yes')
966 - {
967 - $action2 = "<span class='error-noborders'>" . $action2 . "</span>";
968 - }
969 -
970 - my $action3 = ($removable eq "yes") ? "<a href=\"$scriptname?$params&Next=Next&wherenext=RemoveAccount\">$remove</a>" : '';
971 -
972 - print $q->Tr(esmith::cgi::genSmallCell($q, $username,"normal")," ",
973 - esmith::cgi::genSmallCell($q, "$first $last","normal")," ",
974 - esmith::cgi::genSmallCell($q, $vpnaccess),
975 - esmith::cgi::genSmallCell($q, "$action1","normal")," ",
976 - esmith::cgi::genSmallCell($q, "$action2","normal")," ",
977 - esmith::cgi::genSmallCell($q, "$lock_url","normal")," ",
978 - esmith::cgi::genSmallCell($q, "$action3","normal"));
979 -
980 - $index++;
981 - }
982 -
983 - print qq(</table></td></tr>\n);
984 -
985 - return "";
986 -}
987 -
988 -=head2 print_acctName_field
989 -
990 -This subroutine is used to generate the Account name field on the form in
991 -the case of "create user", or to make it a plain uneditable string in the case
992 -of "modify user".
993 -
994 -=begin testing
995 -
996 -my $self = esmith::FormMagick::Panel::advuseraccounts->new();
997 -$self->{cgi} = CGI->new("");
998 -print_acctName_field($self);
999 -like($_STDOUT_, qr/text.*acctName/, "print text field if acctName not set");
1000 -like($_STDOUT_, qr/create/, "action=create if acctName not set");
1001 -$self->{cgi}->param(-name => 'acctName', -value => 'foo');
1002 -$self->{cgi}->param(-name => 'action', -value => 'modify');
1003 -print_acctName_field($self);
1004 -like($_STDOUT_, qr/hidden.*acctName/, "print hidden field if acctName is set");
1005 -like($_STDOUT_, qr/modify/, "action=modify if acctName already set");
1006 -
1007 -=end testing
1008 -
1009 -=cut
1010 -
1011 -sub print_acctName_field {
1012 - my $self = shift;
1013 - my $cgi = $self->{cgi};
1014 - my $an = $cgi->param('acctName') || '';
1015 - print qq(<tr><td class=\"sme-noborders-label\">) . $self->localise('ACCOUNT_NAME') . qq(</td>\n);
1016 - my $action = $cgi->param('action') || '';
1017 - if ( $action eq 'modify') {
1018 - print qq(
1019 - <td>$an
1020 - <input type="hidden" name="acctName" value="$an">
1021 - <input type="hidden" name="action" value="modify">
1022 - </td>
1023 - );
1024 - # if there's no CGI data, fill in the fields with the account db
1025 - # data for this user
1026 - my $rec = $accountdb->get($an);
1027 - my $fn = $cgi->param('FirstName') ?
1028 - $cgi->param('FirstName') :
1029 - ($rec ? ($rec->prop('FirstName')) : '');
1030 - my $ln = $cgi->param('LastName') ?
1031 - $cgi->param('LastName') :
1032 - ($rec ? ($rec->prop('LastName')) : '');
1033 - my $dept = $cgi->param('Dept') ?
1034 - $cgi->param('Dept') :
1035 - ($rec ? ($rec->prop('Dept')) : '');
1036 - my $company = $cgi->param('Company') ?
1037 - $cgi->param('Company') :
1038 - ($rec ? ($rec->prop('Company')) : '');
1039 - my $street = $cgi->param('Street') ?
1040 - $cgi->param('Street') :
1041 - ($rec ? ($rec->prop('Street')) : '');
1042 - my $city = $cgi->param('City') ?
1043 - $cgi->param('City') :
1044 - ($rec ? ($rec->prop('City')) : '');
1045 - my $phone = $cgi->param('Phone') ?
1046 - $cgi->param('Phone') :
1047 - ($rec ? ($rec->prop('Phone')) : '');
1048 - my $emf = $cgi->param('EmailForward') ?
1049 - $cgi->param('EmailForward') :
1050 - ($rec ? ($rec->prop('EmailForward')) : 'local');
1051 - my $fwd = $cgi->param('ForwardAddress') ?
1052 - $cgi->param('ForwardAddress') :
1053 - ($rec ? ($rec->prop('ForwardAddress')) : '');
1054 - my $fb = $cgi->param('FreeBusy') ?
1055 - $cgi->param('FreeBusy') :
1056 - ($rec ? ($rec->prop('FreeBusy')) : '');
1057 - my $pptp = $cgi->param('VPNClientAccess') ?
1058 - $cgi->param('VPNClientAccess') :
1059 - ($rec ? ($rec->prop('VPNClientAccess')) : 'no');
1060 - # now that we're down with the 411, let's set the values
1061 - $cgi->param(-name=>'FirstName', -value=>$fn);
1062 - $cgi->param(-name=>'LastName', -value=>$ln);
1063 - $cgi->param(-name=>'Dept', -value=>$dept);
1064 - $cgi->param(-name=>'Company', -value=>$company);
1065 - $cgi->param(-name=>'Street', -value=>$street);
1066 - $cgi->param(-name=>'City', -value=>$city);
1067 - $cgi->param(-name=>'Phone', -value=>$phone);
1068 - $cgi->param(-name=>'EmailForward', -value=>$emf);
1069 - $cgi->param(-name=>'ForwardAddress', -value=>$fwd);
1070 - $cgi->param(-name=>'FreeBusy', -value=>$fb);
1071 - $cgi->param(-name=>'VPNClientAccess', -value=>$pptp);
1072 - } else {
1073 - print qq(
1074 - <td><input type="text" name="acctName" value="$an">
1075 - <input type="hidden" name="action" value="create">
1076 - </td>
1077 - );
1078 - }
1079 -
1080 - print qq(</tr>\n);
1081 - return undef;
1082 -
1083 -}
1084 -
1085 -=head2 print_groupMemberships_field()
1086 -
1087 -Builds a list of groups for the create/modify user screen.
1088 -
1089 -=begin testing
1090 -
1091 -my $self = esmith::FormMagick::Panel::advuseraccounts->new();
1092 -$self->{cgi} = CGI->new("");
1093 -$self->print_groupMemberships_field();
1094 -like($_STDOUT_, qr/simpsons/, "Found simpsons in group list");
1095 -like($_STDOUT_, qr/flanders/, "Found flanders in group list");
1096 -$self->{cgi}->param(-name => 'acctName', -value => 'rod');
1097 -$self->print_groupMemberships_field();
1098 -like($_STDOUT_, qr/checked value="flanders"/, "Checked flanders group for user rod");
1099 -
1100 -=end testing
1101 -
1102 -=cut
1103 -
1104 -sub print_groupMemberships_field {
1105 - my ($self) = @_;
1106 - my $q = $self->{cgi};
1107 - my $user = $q->param('acctName');
1108 -
1109 - if (my @groups = $accountdb->groups()) {
1110 -
1111 - print "<tr><td class=\"sme-noborders-label\">",
1112 - $self->localise('GROUP_MEMBERSHIPS'),
1113 - "</td><td>\n";
1114 -
1115 - print $q->start_table({-class => "sme-border"}),"\n";
1116 - print $q->Tr(
1117 - esmith::cgi::genSmallCell($q, $self->localise('MEMBER'),"header"),
1118 - esmith::cgi::genSmallCell($q, $self->localise('GROUP'),"header"),
1119 - esmith::cgi::genSmallCell($q, $self->localise('DESCRIPTION'),"header")
1120 - );
1121 -
1122 - foreach my $g (@groups) {
1123 - my $groupname = $g->key();
1124 - my $checked;
1125 - if ($user and $accountdb->is_user_in_group($user, $groupname)) {
1126 - $checked = 'checked';
1127 - } else {
1128 - $checked = '';
1129 - }
1130 -
1131 - print $q->Tr(
1132 - $q->td(
1133 - "<input type=\"checkbox\""
1134 - . " name=\"groupMemberships\""
1135 - . " $checked value=\"$groupname\">"
1136 - ),
1137 - esmith::cgi::genSmallCell($q, $groupname,"normal"),
1138 - esmith::cgi::genSmallCell( $q, $accountdb->get($groupname)->prop("Description"),"normal")
1139 - );
1140 - }
1141 -
1142 - print "</table></td></tr>\n";
1143 -
1144 - }
1145 -
1146 - return undef;
1147 -
1148 -}
1149 -
1150 -=head2 print_page_description($self, "reset|lock|remove")
1151 -
1152 -Generates the page description for the the somewhat similar Reset
1153 -Password, Lock Account and Remove Account pages.
1154 -
1155 -=begin testing
1156 -
1157 -my $self = esmith::FormMagick::Panel::advuseraccounts->new();
1158 -$self->{cgi} = CGI->new({ acctName => 'bart' });
1159 -print_page_description($self, "reset");
1160 -like($_STDOUT_, qr/bart/, "print_page_description prints username");
1161 -like($_STDOUT_, qr/Bart Simpson/, "print_page_description prints name");
1162 -like($_STDOUT_, qr/RESET_DESC/, "print_page_description prints description");
1163 -
1164 -=end testing
1165 -
1166 -=cut
1167 -
1168 -sub print_page_description {
1169 - my ($self, $pagename) = @_;
1170 - unless (grep /^$pagename$/, qw(reset lock remove)) {
1171 - warn "Can't generate page description for invalid pagename $pagename\n";
1172 - return;
1173 - }
1174 -
1175 - $pagename = uc($pagename);
1176 -
1177 - my $desc = $self->localise("${pagename}_DESC");
1178 - my $desc2 = $self->localise("${pagename}_DESC2");
1179 -
1180 - my $acctName = $self->{cgi}->param('acctName');
1181 - my $name = $accountdb->get($acctName)->prop('FirstName') . " "
1182 - . $accountdb->get($acctName)->prop('LastName');
1183 -
1184 - print qq{
1185 - <tr><td colspan="2">
1186 - <p>$desc "$acctName" ($name)</p>
1187 - $desc2
1188 - <input type="hidden" name="acctName" value="$acctName">
1189 - </td></tr>
1190 - };
1191 -
1192 - return;
1193 -}
1194 -
1195 -=head1 ROUTINES FOR FILLING IN FIELD DEFAULT VALUES
1196 -
1197 -=head2 get_ldap_value($field)
1198 -
1199 -This subroutine generates the default field value on the form using the
1200 -parameter specified.
1201 -
1202 -In this case, the default field values come from LDAP/directory
1203 -settings.
1204 -
1205 -If a CGI parameter has been passed that contains an account name, we
1206 -assume that a value has already been set, as we're modifying a user, and
1207 -use that value instead of a default.
1208 -
1209 -=for testing
1210 -my $self = esmith::FormMagick::Panel::advuseraccounts->new();
1211 -$self->{cgi} = CGI->new("");
1212 -is(get_ldap_value($self, "Dept"), "Main", "Pick up default value from LDAP");
1213 -$self->{cgi} = CGI->new({ acctName => 'bart' });
1214 -is(get_ldap_value($self, "Dept"), undef, "Don't pick up LDAP data if username provided");
1215 -
1216 -=cut
1217 -
1218 -sub get_ldap_value {
1219 - my ($self, $field) = @_;
1220 -
1221 - # don't do the lookup if this is a modification of an existing user
1222 - if ($self->{cgi}->param('acctName')) {
1223 - return $self->{cgi}->param($field);
1224 - }
1225 -
1226 - my %CGIParam2DBfield = (
1227 - Dept => 'defaultDepartment',
1228 - Company => 'defaultCompany',
1229 - Street => 'defaultStreet',
1230 - City => 'defaultCity',
1231 - Phone => 'defaultPhoneNumber'
1232 - );
1233 -
1234 - return $configdb->get('ldap')->prop($CGIParam2DBfield{$field});
1235 -}
1236 -
1237 -sub get_pptp_value
1238 -{
1239 - return $configdb->get('pptpd')->prop('AccessDefault') || 'no';
1240 -}
1241 -
1242 -
1243 -
1244 -=head1 VALIDATION ROUTINES
1245 -
1246 -=head2 pseudonym_clash
1247 -
1248 -Validation routine to check whether a the first/last names clash with
1249 -existing pseudonyms.
1250 -
1251 -Note that it won't be considered a "clash" if there is an existing
1252 -pseudonym which belongs to the same user -- it's only a clash if the
1253 -generated pseudonyms are the same but the usernames aren't.
1254 -
1255 -=begin testing
1256 -
1257 -my $self = esmith::FormMagick::Panel::advuseraccounts->new();
1258 -
1259 -$self->{cgi} = CGI->new({
1260 - acctName => 'skud',
1261 - FirstName => 'Kirrily',
1262 - LastName => 'Robert'
1263 -});
1264 -
1265 -is (pseudonym_clash($self, 'Kirrily'), "OK", "New name doesn't clash pseudonyms");
1266 -
1267 -$self->{cgi} = CGI->new({
1268 - acctName => 'bart2',
1269 - FirstName => 'Bart',
1270 - LastName => 'Simpson'
1271 -});
1272 -
1273 -isnt(pseudonym_clash($self, 'Bart'), "OK", "Existing pseudonym with non-matching username causes clash");
1274 -
1275 -$self->{cgi} = CGI->new({
1276 - acctName => 'bart',
1277 - FirstName => 'Bart',
1278 - LastName => 'Simpson'
1279 -});
1280 -
1281 -is(pseudonym_clash($self, 'Bart'), "OK", "Existing pseudonym with matching username shouldn't clash");
1282 -
1283 -=end testing
1284 -
1285 -=cut
1286 -
1287 -sub pseudonym_clash {
1288 - my ($self, $first) = @_;
1289 - $first ||= "";
1290 - my $last = $self->{cgi}->param('LastName') || "";
1291 - my $acctName = $self->{cgi}->param('acctName') || "";
1292 -
1293 - my $up = "$first $last";
1294 -
1295 - $up =~ s/^\s+//;
1296 - $up =~ s/\s+$//;
1297 - $up =~ s/\s+/ /g;
1298 - $up =~ s/\s/_/g;
1299 -
1300 - my $dp = $up;
1301 - $dp =~ s/_/./g;
1302 -
1303 - $dp = $accountdb->get($dp);
1304 - $up = $accountdb->get($up);
1305 -
1306 - my $da = $dp->prop('Account') if $dp;
1307 - my $ua = $up->prop('Account') if $up;
1308 - if ($dp and $da and $da ne $acctName)
1309 - {
1310 - return $self->localise('PSEUDONYM_CLASH',
1311 - {
1312 - acctName => $acctName,
1313 - clashName => $da,
1314 - pseudonym => $dp->key
1315 - });
1316 - }
1317 - elsif ($up and $ua and $ua ne $acctName)
1318 - {
1319 - return $self->localise('PSEUDONYM_CLASH',
1320 - {
1321 - acctName => $acctName,
1322 - clashName => $ua,
1323 - pseudonym => $up->key
1324 - });
1325 - }
1326 - else
1327 - {
1328 - return "OK";
1329 - }
1330 -}
1331 -
1332 -=head2 emailforward()
1333 -
1334 -Validation routine for email forwarding
1335 -
1336 -=cut
1337 -
1338 -sub emailforward {
1339 - my ($self, $data) = @_;
1340 - my $response = $self->email_simple($data);
1341 - if ($response eq "OK")
1342 - {
1343 - return "OK";
1344 - }
1345 - elsif ($data eq "")
1346 - {
1347 - # Blank is ok, only if we're not forwarding, which means that the
1348 - # EmailForward param must be set to 'local'.
1349 - my $email_forward = $self->{cgi}->param('EmailForward') || '';
1350 - $email_forward =~ s/^\s+|\s+$//g;
1351 - return 'OK' if $email_forward eq 'local';
1352 - return $self->localise('CANNOT_CONTAIN_WHITESPACE');
1353 - }
1354 - else
1355 - {
1356 - return $self->localise('CANNOT_CONTAIN_WHITESPACE')
1357 - if ( $data =~ /\s+/ );
1358 - # Permit a local address.
1359 - return "OK" if $data =~ /^[a-zA-Z][a-zA-Z0-9\._\-]*$/;
1360 - return $self->localise('UNACCEPTABLE_CHARS');
1361 - }
1362 -}
1363 -
1364 -=head2 verifyPasswords()
1365 -
1366 -Returns an error message if the two new passwords input don't match.
1367 -
1368 -=cut
1369 -
1370 -sub verifyPasswords {
1371 - my $self = shift;
1372 - my $pass2 = shift;
1373 -
1374 - my $pass1 = $self->{cgi}->param('password1');
1375 - unless ($pass1 eq $pass2) {
1376 - $self->{cgi}->param( -name => 'wherenext', -value => 'Password' );
1377 - return "PASSWORD_VERIFY_ERROR";
1378 - }
1379 - return "OK";
1380 -}
1381 -
1382 -=head1 CREATING AND MODIFYING USERS
1383 -
1384 -=head2 checkMaxUsers()
1385 -
1386 -Returns an error message if the current number of users is greater than or
1387 -equal to the sysconfig|MaxUsers property.
1388 -
1389 -Takes the name of the next page to go to if the test succeeds as an argument.
1390 -
1391 -=cut
1392 -
1393 -sub checkMaxUsers
1394 -{
1395 - my ($self, $next_page) = @_;
1396 -
1397 - # Get value of MaxUsers if it exists.
1398 - my $sysconfig = $configdb->get('sysconfig');
1399 - my $maxUsers = (($sysconfig) ? $sysconfig->prop('MaxUsers') : '') || '';
1400 - my $activeUsers = scalar $accountdb->activeUsers() || 0;
1401 - if ((defined $activeUsers and $maxUsers ne '')
1402 - and ($activeUsers >= $maxUsers))
1403 - {
1404 - $self->error('MAX_USERS_EXCEEDED');
1405 - }
1406 - else
1407 - {
1408 - $self->{cgi}->param(-name => 'wherenext', -value => $next_page);
1409 - }
1410 -}
1411 -
1412 -=head2 handle_user_accounts()
1413 -
1414 -This is the routine called by the "Save" button on the create/modify page.
1415 -It checks the "action" param and calls either create_user() or modify_user()
1416 -as appropriate.
1417 -
1418 -=cut
1419 -
1420 -sub handle_user_accounts {
1421 - my ($self) = @_;
1422 -
1423 - my $cgi = $self->{cgi};
1424 -
1425 - if ($cgi->param("action") eq "create") {
1426 - my $msg = create_user($self);
1427 - if ($msg eq 'USER_CREATED')
1428 - {
1429 - $self->success($msg);
1430 - }
1431 - else
1432 - {
1433 - $self->error($msg);
1434 - }
1435 - }
1436 - else {
1437 - modify_user($self);
1438 - $self->success('USER_MODIFIED');
1439 - }
1440 -}
1441 -
1442 -=head2 print_save_or_add_button()
1443 -
1444 -=cut
1445 -
1446 -sub print_save_or_add_button {
1447 -
1448 - my ($self) = @_;
1449 -
1450 - my $cgi = $self->{cgi};
1451 -
1452 - if (($cgi->param("action") || '') eq "modify") {
1453 - $self->print_button("SAVE");
1454 - } else {
1455 - $self->print_button("ADD");
1456 - }
1457 -
1458 -}
1459 -
1460 -=head2 modify_admin($self)
1461 -
1462 -=cut
1463 -
1464 -sub modify_admin
1465 -{
1466 - my ($self) = @_;
1467 -
1468 - my $acct = $accountdb->get('admin');
1469 -
1470 - my %newProperties = (
1471 - 'FirstName' => $self->{cgi}->param('FirstName'),
1472 - 'LastName' => $self->{cgi}->param('LastName'),
1473 - 'VPNClientAccess'=> $self->{cgi}->param('VPNClientAccess'),
1474 - );
1475 -
1476 - $acct->merge_props(%newProperties);
1477 -
1478 - undef $accountdb;
1479 -
1480 - my $status =
1481 - system ("/sbin/e-smith/signal-event", "user-modify-admin", 'admin');
1482 -
1483 - $accountdb = esmith::AccountsDB->open();
1484 -
1485 - if ($status == 0)
1486 - {
1487 - $self->success('USER_MODIFIED', 'First');
1488 - }
1489 - else
1490 - {
1491 - $self->error('CANNOT_MODIFY_USER', 'First');
1492 - }
1493 - return;
1494 -}
1495 -
1496 -=head2 modify_user($self)
1497 -
1498 -=cut
1499 -
1500 -sub modify_user {
1501 - my ($self) = @_;
1502 - my $acctName = $self->{cgi}->param('acctName');
1503 -
1504 - unless (($acctName) = ($acctName =~ /^(\w[\-\w_\.]+)$/)) {
1505 - return $self->error($self->localise('TAINTED_USER',
1506 - { acctName => $acctName }));
1507 - }
1508 - # Untaint the username before use in system()
1509 - $acctName = $1;
1510 -
1511 - my $acct = $accountdb->get($acctName);
1512 - my $acctType = $acct->prop('type');
1513 -
1514 - if ($acctType eq "user")
1515 - {
1516 - $accountdb->remove_user_auto_pseudonyms($acctName);
1517 - my %newProperties = (
1518 - 'FirstName' => $self->{cgi}->param('FirstName'),
1519 - 'LastName' => $self->{cgi}->param('LastName'),
1520 - 'Phone' => $self->{cgi}->param('Phone'),
1521 - 'Company' => $self->{cgi}->param('Company'),
1522 - 'Dept' => $self->{cgi}->param('Dept'),
1523 - 'City' => $self->{cgi}->param('City'),
1524 - 'Street' => $self->{cgi}->param('Street'),
1525 - 'EmailForward' => $self->{cgi}->param('EmailForward'),
1526 - 'ForwardAddress' => $self->{cgi}->param('ForwardAddress'),
1527 - 'FreeBusy' => $self->{cgi}->param('FreeBusy'),
1528 - 'VPNClientAccess'=> $self->{cgi}->param('VPNClientAccess'),
1529 - );
1530 - $acct->merge_props(%newProperties);
1531 -
1532 - $accountdb->create_user_auto_pseudonyms($acctName);
1533 -
1534 - my @old_groups = $accountdb->user_group_list($acctName);
1535 - my @new_groups = $self->{cgi}->param("groupMemberships");
1536 - $accountdb->remove_user_from_groups($acctName, @old_groups);
1537 - $accountdb->add_user_to_groups($acctName, @new_groups);
1538 -
1539 - undef $accountdb;
1540 -
1541 - unless (system ("/sbin/e-smith/signal-event", "user-modify",
1542 - $acctName) == 0) {
1543 - $accountdb = esmith::AccountsDB->open();
1544 - return $self->error('CANNOT_MODIFY_USER');
1545 - }
1546 - $accountdb = esmith::AccountsDB->open();
1547 - }
1548 - $self->success('USER_MODIFIED');
1549 -}
1550 -
1551 -=head2 create_user
1552 -
1553 -Adds a user to the accounts db.
1554 -
1555 -=cut
1556 -
1557 -sub create_user {
1558 - my $self = shift;
1559 - my $q = $self->{cgi};
1560 -
1561 - my $acctName = $q->param('acctName');
1562 -
1563 - my $msg = $self->validate_acctName($acctName);
1564 - unless ($msg eq "OK")
1565 - {
1566 - return $msg;
1567 - }
1568 -
1569 - $msg = $self->validate_acctName_length($acctName);
1570 - unless ($msg eq "OK")
1571 - {
1572 - return $msg;
1573 - }
1574 -
1575 - $msg = $self->validate_acctName_conflict($acctName);
1576 - unless ($msg eq "OK")
1577 - {
1578 - return $msg;
1579 - }
1580 -
1581 - my %userprops;
1582 - foreach my $field ( qw( FirstName LastName Phone Company Dept
1583 - City Street EmailForward ForwardAddress FreeBusy VPNClientAccess) )
1584 - {
1585 - $userprops{$field} = $q->param($field);
1586 - }
1587 - $userprops{'PasswordSet'} = "no";
1588 - $userprops{'type'} = 'user';
1589 -
1590 - my $acct = $accountdb->new_record($acctName)
1591 - or warn "Can't create new account for $acctName (does it already exist?)\n";
1592 - $acct->reset_props(%userprops);
1593 - $accountdb->create_user_auto_pseudonyms($acctName);
1594 - my @groups = $self->{cgi}->param("groupMemberships");
1595 - $accountdb->add_user_to_groups($acctName, @groups);
1596 -
1597 - undef $accountdb;
1598 -
1599 - # Untaint the username before use in system()
1600 - $acctName =~ /^(\w[\-\w_\.]+)$/;
1601 - $acctName = $1;
1602 -
1603 - if (system ("/sbin/e-smith/signal-event", "user-create", $acctName))
1604 - {
1605 - $accountdb = esmith::AccountsDB->open();
1606 - return $self->localise("ERR_OCCURRED_CREATING");
1607 - }
1608 -
1609 - $accountdb = esmith::AccountsDB->open();
1610 -
1611 - $self->set_groups();
1612 - return 'USER_CREATED';
1613 -}
1614 -
1615 -=head2 set_groups
1616 -
1617 -Sets a user's groups in the accounts db. This is called as part of the
1618 -create_user() routine.
1619 -
1620 -=cut
1621 -
1622 -sub set_groups
1623 -{
1624 - my $self = shift;
1625 - my $q = $self->{cgi};
1626 - my $acctName = $q->param('acctName');
1627 -
1628 - my @groups = $q->param('groupMemberships');
1629 - $accountdb->set_user_groups($acctName, @groups);
1630 -
1631 -}
1632 -
1633 -=head1 REMOVING ACCOUNTS
1634 -
1635 -=head2 remove_account()
1636 -
1637 -=cut
1638 -
1639 -sub remove_account {
1640 - my ($self) = @_;
1641 - my $acctName = $self->{cgi}->param('acctName');
1642 -
1643 - my $acct = $accountdb->get($acctName);
1644 - if ($acct->prop('type') eq "user") {
1645 - $acct->set_prop('type', "user-deleted");
1646 -
1647 - undef $accountdb;
1648 -
1649 - # Untaint the username before use in system()
1650 - $acctName =~ /^(\w[\-\w_\.]+)$/;
1651 - $acctName = $1;
1652 - if (system ("/sbin/e-smith/signal-event", "user-delete", $acctName))
1653 - {
1654 - $accountdb = esmith::AccountsDB->open();
1655 - return $self->error("ERR_OCCURRED_DELETING");
1656 - }
1657 -
1658 - $accountdb = esmith::AccountsDB->open();
1659 - $accountdb->get($acctName)->delete;
1660 -
1661 - } else {
1662 - # FIXME - this should be handled by input validation
1663 - # XXX error message here
1664 - }
1665 - $self->{cgi}->param(-name => 'wherenext', -value => 'First');
1666 -}
1667 -
1668 -=head1 RESETTING THE PASSWORD
1669 -
1670 -=head2 reset_password()
1671 -
1672 -=cut
1673 -
1674 -sub reset_password {
1675 - my ($self) = @_;
1676 - my $acctName = $self->{cgi}->param('acctName');
1677 -
1678 - unless (($acctName) = ($acctName =~ /^(\w[\-\w_\.]+)$/)) {
1679 - return $self->error('TAINTED_USER');
1680 - }
1681 - $acctName = $1;
1682 -
1683 - my $acct = $accountdb->get($acctName);
1684 -
1685 - if ( $acct->prop('type') eq "user")
1686 - {
1687 - esmith::util::setUserPassword ($acctName,
1688 - $self->{cgi}->param('password1'));
1689 -
1690 - $acct->set_prop("PasswordSet", "yes");
1691 - undef $accountdb;
1692 -
1693 - if (system("/sbin/e-smith/signal-event", "password-modify", $acctName))
1694 - {
1695 - $accountdb = esmith::AccountsDB->open();
1696 - $self->error("ERR_OCCURRED_MODIFYING_PASSWORD");
1697 - }
1698 - $accountdb = esmith::AccountsDB->open();
1699 -
1700 - $self->success($self->localise('PASSWORD_CHANGE_SUCCEEDED',
1701 - { acctName => $acctName}));
1702 - }
1703 - else
1704 - {
1705 - $self->error($self->localise('NO_SUCH_USER',
1706 - { acctName => $acctName}));
1707 - }
1708 -}
1709 -
1710 -=head1 LOCKING AN ACCOUNT
1711 -
1712 -=head2 lock_account()
1713 -
1714 -=cut
1715 -
1716 -sub lock_account {
1717 - my ($self) = @_;
1718 - my $acctName = $self->{cgi}->param('acctName');
1719 - my $acct = $accountdb->get($acctName);
1720 - if ($acct->prop('type') eq "user")
1721 - {
1722 - undef $accountdb;
1723 -
1724 - # Untaint the username before use in system()
1725 - $acctName =~ /^(\w[\-\w_\.]+)$/;
1726 - $acctName = $1;
1727 - if (system("/sbin/e-smith/signal-event", "user-lock", $acctName))
1728 - {
1729 - $accountdb = esmith::AccountsDB->open();
1730 - return $self->error("ERR_OCCURRED_LOCKING");
1731 - }
1732 -
1733 - $accountdb = esmith::AccountsDB->open();
1734 -
1735 - $self->success($self->localise('LOCKED_ACCOUNT',
1736 - { acctName => $acctName}));
1737 - }
1738 - else
1739 - {
1740 - $self->error($self->localise('NO_SUCH_USER',
1741 - { acctName => $acctName}));
1742 - }
1743 -}
1744 -
1745 -
1746 -=head1 MISCELLANEOUS ROUTINES
1747 -
1748 -=head2 build_user_cgi_params()
1749 -
1750 -Builds a CGI query string based on user data, using various sensible
1751 -defaults and esmith::FormMagick's props_to_query_string() method.
1752 -
1753 -=cut
1754 -
1755 -sub build_user_cgi_params {
1756 - my ($self, $acctName, %oldprops) = @_;
1757 -
1758 - my %props = (
1759 - page => 0,
1760 - page_stack => "",
1761 - ".id" => $self->{cgi}->param('.id') || "",
1762 - acctName => $acctName,
1763 - #%oldprops
1764 - );
1765 -
1766 - return $self->props_to_query_string(\%props);
1767 -}
1768 -
1769 -=pod
1770 -
1771 -=head2 validate_acctName
1772 -
1773 -Checks that the name supplied does not contain any unacceptable chars.
1774 -Returns OK on success or a localised error message otherwise.
1775 -
1776 -=for testing
1777 -is($panel->validate_acctName('foo'), 'OK', 'validate_acctName');
1778 -isnt($panel->validate_acctName('3amigos'), 'OK', ' .. cannot start with number');
1779 -isnt($panel->validate_acctName('betty ford'), 'OK', ' .. cannot contain space');
1780 -
1781 -=cut
1782 -
1783 -sub validate_acctName
1784 -{
1785 - my ($self, $acctName) = @_;
1786 -
1787 - unless ($accountdb->validate_account_name($acctName))
1788 - {
1789 - return $self->localise('ACCT_NAME_HAS_INVALID_CHARS',
1790 - {acctName => $acctName});
1791 - }
1792 - return "OK";
1793 -}
1794 -
1795 -=head2 validate_account_length FM ACCOUNTNAME
1796 -
1797 -returns 'OK' if the account name is shorter than the maximum account name length
1798 -returns 'ACCOUNT_TOO_LONG' otherwise
1799 -
1800 -=begin testing
1801 -
1802 -ok(($panel->validate_acctName_length('foo') eq 'OK'), "a short account name passes");
1803 -ok(($panel->validate_acctName_length('fooooooooooooooooo') eq 'ACCOUNT_TOO_LONG'), "a long account name fails");
1804 -
1805 -=end testing
1806 -
1807 -=cut
1808 -
1809 -sub validate_acctName_length {
1810 - my $self = shift;
1811 - my $acctName = shift;
1812 -
1813 -
1814 - my $maxAcctNameLength = ($configdb->get('maxAcctNameLength')
1815 - ? $configdb->get('maxAcctNameLength')->prop('type')
1816 - : "") || 12;
1817 -
1818 - if ( length $acctName > $maxAcctNameLength ) {
1819 -
1820 - return $self->localise('ACCOUNT_TOO_LONG',
1821 - {maxLength => $maxAcctNameLength});
1822 - }
1823 - else {
1824 - return ('OK');
1825 - }
1826 -}
1827 -
1828 -=head2 validate_acctName_conflict
1829 -
1830 -Returns 'OK' if the account name doesn't yet exist. Returns a localised error
1831 -otherwise.
1832 -
1833 -=cut
1834 -
1835 -sub validate_acctName_conflict
1836 -{
1837 - my $self = shift;
1838 - my $acctName = shift;
1839 -
1840 - my $account = $accountdb->get($acctName);
1841 - my $type;
1842 -
1843 - if (defined $account)
1844 - {
1845 - $type = $account->prop('type');
1846 - }
1847 - elsif (defined getpwnam($acctName) || defined getgrnam($acctName))
1848 - {
1849 - $type = "system";
1850 - }
1851 - else
1852 - {
1853 - return('OK');
1854 - }
1855 - return $self->localise('ACCOUNT_CONFLICT',
1856 - { account => $acctName,
1857 - type => $type,
1858 -});
1859 -}
1860 -
1861 -=head2 check_password
1862 -
1863 -Validates the password using the desired strength
1864 -
1865 -=cut
1866 -
1867 -sub check_password {
1868 - my $self = shift;
1869 - my $pass1 = shift;
1870 -
1871 - my $check_type;
1872 - my $rec = $configdb->get('passwordstrength');
1873 - $check_type = ($rec ? ($rec->prop('Users') || 'none') : 'none');
1874 -
1875 - return $self->validate_password($check_type,$pass1);
1876 -}
1877 -
1878 -
1879 -=head1 System Password manipulation routines
1880 -
1881 -XXX FIXME - These should be merged with the useraccouts versions
1882 -
1883 -=head2 system_password_compare
1884 -
1885 -=cut
1886 -
1887 -sub system_password_compare
1888 -{
1889 - my $self = shift;
1890 - my $pass2 = shift;
1891 -
1892 - my $pass1 = $self->{cgi}->param('pass');
1893 - unless ($pass1 eq $pass2) {
1894 - $self->{cgi}->param( -name => 'wherenext', -value => 'Password' );
1895 - return "SYSTEM_PASSWORD_VERIFY_ERROR";
1896 - }
1897 - return "OK";
1898 -}
1899 -
1900 -=head2 system_valid_password
1901 -
1902 -Throw an error if the password doesn't consist solely of one or more printable characters.
1903 -
1904 -=cut
1905 -
1906 -sub system_valid_password
1907 -{
1908 - my $self = shift;
1909 - my $pass1 = shift;
1910 - # If the password contains one or more printable character
1911 - if ($pass1 =~ /^([ -~]+)$/) {
1912 - return('OK');
1913 - } else {
1914 - $self->{cgi}->param( -name => 'wherenext', -value => 'Password' );
1915 - return 'SYSTEM_PASSWORD_UNPRINTABLES_IN_PASS';
1916 - }
1917 -}
1918 -
1919 -=head2 system_check_password
1920 -
1921 -Validates the password using the desired strength
1922 -
1923 -=cut
1924 -
1925 -sub system_check_password
1926 -{
1927 - my $self = shift;
1928 - my $pass1 = shift;
1929 -
1930 - use esmith::ConfigDB;
1931 - my $conf = esmith::ConfigDB->open();
1932 - my $check_type;
1933 - my $rec;
1934 - if ($conf)
1935 - {
1936 - $rec = $conf->get('passwordstrength');
1937 - }
1938 - $check_type = ($rec ? ($rec->prop('Admin') || 'strong') : 'strong');
1939 -
1940 - return $self->validate_password($check_type,$pass1);
1941 -}
1942 -
1943 -=head2 authenticate_password
1944 -
1945 -Compares the password with the current system password
1946 -
1947 -=cut
1948 -
1949 -sub system_authenticate_password
1950 -{
1951 - my $self = shift;
1952 - my $pass = shift;
1953 -
1954 - if (esmith::util::authenticateUnixPassword('root', $pass))
1955 - {
1956 - return "OK";
1957 - }
1958 - else
1959 - {
1960 - return "SYSTEM_PASSWORD_AUTH_ERROR";
1961 - }
1962 -}
1963 -
1964 -=head2 system_change_password
1965 -
1966 -If everything has been validated, properly, go ahead and set the new password.
1967 -
1968 -=cut
1969 -
1970 -sub system_change_password
1971 -{
1972 - my ($self) = @_;
1973 - my $pass = $self->{cgi}->param('pass');
1974 -
1975 - esmith::util::setUnixSystemPassword($pass);
1976 - esmith::util::setServerSystemPassword($pass);
1977 -
1978 - my $result = system("/sbin/e-smith/signal-event password-modify admin");
1979 -
1980 - if ($result == 0)
1981 - {
1982 - $self->success('SYSTEM_PASSWORD_CHANGED', 'First');
1983 - }
1984 - else
1985 - {
1986 - $self->error("Error occurred while modifying password for admin.", 'First');
1987 - }
1988 -
1989 - return;
1990 -}
1991 -
1992 -sub print_ipsec_client_section
1993 -{
1994 - my $self = shift;
1995 - my $q = $self->cgi;
1996 -
1997 - # Don't show ipsecrw setting unless the status property exists
1998 - return '' unless ($configdb->get('ipsec')
1999 - && $configdb->get('ipsec')->prop('RoadWarriorStatus'));
2000 - # Don't show ipsecrw setting unless /sbin/e-smith/roadwarrior exists
2001 - return '' unless -x '/sbin/e-smith/roadwarrior';
2002 - my $acct = $q->param('acctName');
2003 - my $rec = $accountdb->get($acct) if $acct;
2004 - if ($acct and $rec)
2005 - {
2006 - my $pwset = $rec->prop('PasswordSet') || 'no';
2007 - my $VPNaccess = $rec->prop('VPNClientAccess') || 'no';
2008 - if ($pwset eq 'yes' and $VPNaccess eq 'yes')
2009 - {
2010 - print $q->Tr(
2011 - $q->td({-class=>'sme-noborders-label'},
2012 - $self->localise('LABEL_IPSECRW_DOWNLOAD')),
2013 - $q->td({-class=>'sme-noborders-content'},
2014 - $q->a({-class=>'button-like',
2015 - -href=>"?action=getCert&user=$acct"},
2016 - $self->localise('BUTTON_IPSECRW_DOWNLOAD'))));
2017 - }
2018 - }
2019 - return '';
2020 -}
2021 -
2022 -sub get_ipsec_client_cert
2023 -{
2024 - my $self = shift;
2025 - my $q = shift;
2026 - my $user = $q->param('user');
2027 - ($user) = ($user =~ /^(.*)$/);
2028 -
2029 - die "Invalid user: $user\n" unless getpwnam($user);
2030 -
2031 - open (KID, "/sbin/e-smith/roadwarrior get_client_cert $user |")
2032 - or die "Can't fork: $!";
2033 - my $certfile = <KID>;
2034 - close KID;
2035 -
2036 - require File::Basename;
2037 - my $certname = File::Basename::basename($certfile);
2038 -
2039 - print "Expires: 0\n";
2040 - print "Content-type: application/x-pkcs12\n";
2041 - print "Content-disposition: inline; filename=$certname\n";
2042 - print "\n";
2043 -
2044 - open (CERT, "<$certfile");
2045 - while (<CERT>)
2046 - {
2047 - print;
2048 - }
2049 - close CERT;
2050 -
2051 - return '';
2052 -}
2053 -
2054 -sub display_email_forwarding
2055 -{
2056 - return defined $configdb->get('smtpd');
2057 -}
2058 -
2059 -1;

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed