1 |
vip-ire |
1.1 |
diff -Nur -x '*.orig' -x '*.rej' smeserver-shared-folders-0.1/createlinks mezzanine_patched_smeserver-shared-folders-0.1/createlinks |
2 |
|
|
--- smeserver-shared-folders-0.1/createlinks 2012-02-13 20:08:07.000000000 +0100 |
3 |
|
|
+++ mezzanine_patched_smeserver-shared-folders-0.1/createlinks 2012-02-13 20:08:04.000000000 +0100 |
4 |
|
|
@@ -11,12 +11,12 @@ |
5 |
|
|
panel_link("userpanel-encfs", $panel); |
6 |
|
|
|
7 |
|
|
#-------------------------------------------------- |
8 |
|
|
-# actions for group-delete event |
9 |
|
|
+# actions for group-delete and user-delete events |
10 |
|
|
#-------------------------------------------------- |
11 |
|
|
|
12 |
|
|
-$event = "group-delete"; |
13 |
|
|
- |
14 |
|
|
-event_link("group-share-modify", $event, "10"); |
15 |
|
|
+foreach my $event (qw/group-delete user-delete/) { |
16 |
|
|
+ event_link("group-share-modify", $event, "10"); |
17 |
|
|
+} |
18 |
|
|
|
19 |
|
|
#-------------------------------------------------- |
20 |
|
|
# actions for share-delete event |
21 |
|
|
diff -Nur -x '*.orig' -x '*.rej' smeserver-shared-folders-0.1/root/etc/e-smith/events/actions/group-share-modify mezzanine_patched_smeserver-shared-folders-0.1/root/etc/e-smith/events/actions/group-share-modify |
22 |
|
|
--- smeserver-shared-folders-0.1/root/etc/e-smith/events/actions/group-share-modify 2012-02-13 20:08:07.000000000 +0100 |
23 |
|
|
+++ mezzanine_patched_smeserver-shared-folders-0.1/root/etc/e-smith/events/actions/group-share-modify 2012-02-08 15:39:15.000000000 +0100 |
24 |
|
|
@@ -7,40 +7,47 @@ |
25 |
|
|
my $accounts = esmith::AccountsDB->open() or |
26 |
|
|
die "Unable to open accounts db: $!"; |
27 |
|
|
|
28 |
|
|
-my ($self, $groupName) = @ARGV; |
29 |
|
|
+my ($event, $name) = @ARGV; |
30 |
|
|
+ |
31 |
|
|
+my $type = 'Groups'; |
32 |
|
|
+ |
33 |
|
|
+if ($event eq 'user-delete'){ |
34 |
|
|
+ $type = 'Users'; |
35 |
|
|
+} |
36 |
|
|
|
37 |
|
|
# Find all "shared folder" entries in the e-smith accounts database and |
38 |
|
|
-# if the group matches one listed in ACL, remove it. |
39 |
|
|
+# if the group or a user matches one listed in ACL, remove it. |
40 |
|
|
|
41 |
|
|
my @modified_shares; |
42 |
|
|
foreach my $share ( $accounts->get_all_by_prop(type => 'share' ) ) { |
43 |
|
|
my $modified = 0; |
44 |
|
|
- my @OldReadGroups = split (/[,;]/,$share->prop('ReadGroups')); |
45 |
|
|
- my @NewReadGroups = (); |
46 |
|
|
- foreach (@OldReadGroups){ |
47 |
|
|
- if ( $_ eq $groupName ) { |
48 |
|
|
+ my @OldRead = split (/[,;]/,$share->prop('Read'.$type)); |
49 |
|
|
+ my @NewRead = (); |
50 |
|
|
+ foreach (@OldRead){ |
51 |
|
|
+ if ( $_ eq $name ) { |
52 |
|
|
$modified = 1; |
53 |
|
|
} |
54 |
|
|
else{ |
55 |
|
|
- push @NewReadGroups, $_; |
56 |
|
|
+ push @NewRead, $_; |
57 |
|
|
} |
58 |
|
|
} |
59 |
|
|
- $share->set_prop( 'ReadGroups', join( "," , @NewReadGroups ) ); |
60 |
|
|
+ $share->set_prop('Read'.$type, join("," , @NewRead)); |
61 |
|
|
|
62 |
|
|
- my @OldWriteGroups = split (/[,;]/,$share->prop('WriteGroups')); |
63 |
|
|
- my @NewWriteGroups = (); |
64 |
|
|
- foreach (@OldWriteGroups){ |
65 |
|
|
- if ( $_ eq $groupName ) { |
66 |
|
|
+ my @OldWrite = split (/[,;]/,$share->prop('Write'.$type)); |
67 |
|
|
+ my @NewWrite = (); |
68 |
|
|
+ foreach (@OldWrite){ |
69 |
|
|
+ if ( $_ eq $name ) { |
70 |
|
|
$modified = 1; |
71 |
|
|
} |
72 |
|
|
else{ |
73 |
|
|
- push @NewWriteGroups, $_; |
74 |
|
|
+ push @NewWrite, $_; |
75 |
|
|
} |
76 |
|
|
} |
77 |
|
|
- $share->set_prop( 'WriteGroups', join( "," , @NewWriteGroups ) ); |
78 |
|
|
+ $share->set_prop('Write'.$type, join("," , @NewWrite)); |
79 |
|
|
|
80 |
|
|
- # If a group has been removed, either from Read or Write, re-apply the ACLs |
81 |
|
|
+ # If a group or a user has been removed, either from Read or Write, re-apply the ACLs |
82 |
|
|
if ($modified){ |
83 |
|
|
+ push @modified_shares, $share->key; |
84 |
|
|
event_signal("share-modify-files", $share->key) or |
85 |
|
|
die ("Error occurred while updating shared folder.\n"); |
86 |
|
|
} |
87 |
|
|
diff -Nur -x '*.orig' -x '*.rej' smeserver-shared-folders-0.1/root/etc/e-smith/events/actions/share-modify mezzanine_patched_smeserver-shared-folders-0.1/root/etc/e-smith/events/actions/share-modify |
88 |
|
|
--- smeserver-shared-folders-0.1/root/etc/e-smith/events/actions/share-modify 2012-02-13 20:08:07.000000000 +0100 |
89 |
|
|
+++ mezzanine_patched_smeserver-shared-folders-0.1/root/etc/e-smith/events/actions/share-modify 2012-02-08 15:18:24.000000000 +0100 |
90 |
|
|
@@ -90,8 +90,10 @@ |
91 |
|
|
#-------------------------------------------------- |
92 |
|
|
|
93 |
|
|
my %properties = $share->props; |
94 |
|
|
-my @write = split(/[;,]/,($properties {'WriteGroups'} || 'admin')); |
95 |
|
|
-my @read = split(/[;,]/,($properties {'ReadGroups'} || 'admin')); |
96 |
|
|
+my @writegroups = split(/[;,]/,($properties {'WriteGroups'} || 'admin')); |
97 |
|
|
+my @readgroups = split(/[;,]/,($properties {'ReadGroups'} || 'admin')); |
98 |
|
|
+my @writeusers = split(/[;,]/,($properties {'WriteUsers'} || '')); |
99 |
|
|
+my @readusers = split(/[;,]/,($properties {'ReadUsers'} || '')); |
100 |
|
|
|
101 |
|
|
# Don't reset permissions if ManualPermissions is set to 'yes' |
102 |
|
|
|
103 |
|
|
@@ -111,12 +113,18 @@ |
104 |
|
|
'.'); |
105 |
|
|
|
106 |
|
|
my $acl = 'u::rwX,g::rwX,o:---,'; |
107 |
|
|
- foreach my $group (@write){ |
108 |
|
|
+ foreach my $group (@writegroups){ |
109 |
|
|
$acl .= 'g:'.$group.':rwX,'; |
110 |
|
|
} |
111 |
|
|
- foreach my $group (@read){ |
112 |
|
|
+ foreach my $group (@readgroups){ |
113 |
|
|
$acl .= 'g:'.$group.':rX,'; |
114 |
|
|
} |
115 |
|
|
+ foreach my $user (@writeusers){ |
116 |
|
|
+ $acl .= 'u:'.$user.':rwX,'; |
117 |
|
|
+ } |
118 |
|
|
+ foreach my $user (@readusers){ |
119 |
|
|
+ $acl .= 'u:'.$user.':rX,'; |
120 |
|
|
+ } |
121 |
|
|
|
122 |
|
|
# Set the effective ACLs |
123 |
|
|
system($setfacl, |
124 |
|
|
@@ -144,9 +152,12 @@ |
125 |
|
|
'--remove-default', |
126 |
|
|
'.'); |
127 |
|
|
|
128 |
|
|
- foreach my $group (@write,@read){ |
129 |
|
|
+ foreach my $group (@writegroups,@readgroups){ |
130 |
|
|
$acl .= 'g:'.$group.':rX,'; |
131 |
|
|
} |
132 |
|
|
+ foreach my $user (@writeusers,@readusers){ |
133 |
|
|
+ $acl .= 'g:'.$user.':rX,'; |
134 |
|
|
+ } |
135 |
|
|
|
136 |
|
|
system($setfacl, |
137 |
|
|
'-m', |
138 |
|
|
diff -Nur -x '*.orig' -x '*.rej' smeserver-shared-folders-0.1/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/shares mezzanine_patched_smeserver-shared-folders-0.1/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/shares |
139 |
|
|
--- smeserver-shared-folders-0.1/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/shares 2012-02-13 20:08:07.000000000 +0100 |
140 |
|
|
+++ mezzanine_patched_smeserver-shared-folders-0.1/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/shares 2012-02-11 02:06:41.000000000 +0100 |
141 |
|
|
@@ -155,7 +155,7 @@ |
142 |
|
|
<entry> |
143 |
|
|
<base>DESC_PERMISSIONS</base> |
144 |
|
|
<trans> |
145 |
|
|
- You can use this matrix to define groups access permissions. |
146 |
|
|
+ You can use this matrix to define groups and users access permissions. |
147 |
|
|
</trans> |
148 |
|
|
</entry> |
149 |
|
|
|
150 |
|
|
@@ -510,4 +510,16 @@ |
151 |
|
|
</trans> |
152 |
|
|
</entry> |
153 |
|
|
|
154 |
|
|
+ <entry> |
155 |
|
|
+ <base>TITLE_PERMISSIONS</base> |
156 |
|
|
+ <trans> |
157 |
|
|
+ Access right management |
158 |
|
|
+ </trans> |
159 |
|
|
+ </entry> |
160 |
|
|
+ |
161 |
|
|
+ <entry> |
162 |
|
|
+ <base>USERS</base> |
163 |
|
|
+ <trans>Utilisateurs</trans> |
164 |
|
|
+ </entry> |
165 |
|
|
+ |
166 |
|
|
</lexicon> |
167 |
|
|
diff -Nur -x '*.orig' -x '*.rej' smeserver-shared-folders-0.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares mezzanine_patched_smeserver-shared-folders-0.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares |
168 |
|
|
--- smeserver-shared-folders-0.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares 2012-02-13 20:08:07.000000000 +0100 |
169 |
|
|
+++ mezzanine_patched_smeserver-shared-folders-0.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares 2012-02-08 15:17:54.000000000 +0100 |
170 |
|
|
@@ -16,7 +16,7 @@ |
171 |
|
|
my $satisfy; |
172 |
|
|
my $webdav = (($properties{'WebDav'} || 'disabled') =~ m/^(enabled|on|yes)$/i) ? 1 : 0; |
173 |
|
|
|
174 |
|
|
- # Find which users has at least read access |
175 |
|
|
+ # Find which users have read or write access |
176 |
|
|
my @writers = ('admin'); |
177 |
|
|
my @readers = (); |
178 |
|
|
if ($properties{'WriteGroups'}) { |
179 |
|
|
@@ -26,10 +26,14 @@ |
180 |
|
|
my $members = $adb->get_prop($group, 'Members') || ""; |
181 |
|
|
if (length($members) > 0) { |
182 |
|
|
push @writers, split (/[;,]/, $members); |
183 |
|
|
- } |
184 |
|
|
+ } |
185 |
|
|
} |
186 |
|
|
|
187 |
|
|
} |
188 |
|
|
+ if ($properties{'WriteUsers'}) { |
189 |
|
|
+ my @users = split (/[;,]/, $properties{'WriteUsers'}); |
190 |
|
|
+ push @writers, @users; |
191 |
|
|
+ } |
192 |
|
|
if ($properties{'ReadGroups'}) { |
193 |
|
|
my @groups = split (/[;,]/, $properties{'ReadGroups'}); |
194 |
|
|
|
195 |
|
|
@@ -37,10 +41,14 @@ |
196 |
|
|
my $members = $adb->get_prop($group, 'Members') || ""; |
197 |
|
|
if (length($members) > 0) { |
198 |
|
|
push @readers, split (/[;,]/, $members); |
199 |
|
|
- } |
200 |
|
|
+ } |
201 |
|
|
} |
202 |
|
|
|
203 |
|
|
} |
204 |
|
|
+ if ($properties{'ReadUsers'}) { |
205 |
|
|
+ my @users = split (/[;,]/, $properties{'ReadUsers'}); |
206 |
|
|
+ push @readers, @users; |
207 |
|
|
+ } |
208 |
|
|
|
209 |
|
|
my %seen = (); |
210 |
|
|
@readers = sort (grep { ! $seen{ $_ }++ } (@readers,@writers)); |
211 |
|
|
diff -Nur -x '*.orig' -x '*.rej' smeserver-shared-folders-0.1/root/etc/e-smith/web/functions/shares mezzanine_patched_smeserver-shared-folders-0.1/root/etc/e-smith/web/functions/shares |
212 |
|
|
--- smeserver-shared-folders-0.1/root/etc/e-smith/web/functions/shares 2012-02-13 20:08:07.000000000 +0100 |
213 |
|
|
+++ mezzanine_patched_smeserver-shared-folders-0.1/root/etc/e-smith/web/functions/shares 2012-02-11 01:57:28.000000000 +0100 |
214 |
|
|
@@ -51,16 +51,6 @@ |
215 |
|
|
|
216 |
|
|
<field |
217 |
|
|
type="literal" |
218 |
|
|
- id="perms_desc" |
219 |
|
|
- value=""> |
220 |
|
|
- <description>DESC_PERMISSIONS</description> |
221 |
|
|
- </field> |
222 |
|
|
- <subroutine src="genGroupAccess()"/> |
223 |
|
|
- |
224 |
|
|
- <subroutine src="print_section_bar()" /> |
225 |
|
|
- |
226 |
|
|
- <field |
227 |
|
|
- type="literal" |
228 |
|
|
id="smbdesc" |
229 |
|
|
value=""> |
230 |
|
|
<description>DESC_SMB_SETTINGS</description> |
231 |
|
|
@@ -128,5 +118,13 @@ |
232 |
|
|
<description>REMOVE_DESC</description> |
233 |
|
|
<subroutine src="print_share_to_remove()" /> |
234 |
|
|
</page> |
235 |
|
|
+ <page name="Permissions" pre-event="turn_off_buttons()" post-event="handle_shares()"> |
236 |
|
|
+ <title>TITLE_PERMISSIONS</title> |
237 |
|
|
+ <field type="literal" id="descriptiongroup"> |
238 |
|
|
+ <description>DESC_PERMISSIONS</description> |
239 |
|
|
+ </field> |
240 |
|
|
+ <subroutine src="acl_list()" /> |
241 |
|
|
+ <subroutine src="print_button('SAVE')" /> |
242 |
|
|
+ </page> |
243 |
|
|
</form> |
244 |
|
|
|
245 |
|
|
diff -Nur -x '*.orig' -x '*.rej' smeserver-shared-folders-0.1/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/shares.pm mezzanine_patched_smeserver-shared-folders-0.1/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/shares.pm |
246 |
|
|
--- smeserver-shared-folders-0.1/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/shares.pm 2012-02-13 20:08:07.000000000 +0100 |
247 |
|
|
+++ mezzanine_patched_smeserver-shared-folders-0.1/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/shares.pm 2012-02-11 01:56:52.000000000 +0100 |
248 |
|
|
@@ -26,7 +26,7 @@ |
249 |
|
|
print_share_name_field |
250 |
|
|
print_encryption_fields |
251 |
|
|
print_ajaxplorer_fields |
252 |
|
|
- genGroupAccess |
253 |
|
|
+ acl_list |
254 |
|
|
smbAccess_list |
255 |
|
|
httpAccess_list |
256 |
|
|
max_share_name_length |
257 |
|
|
@@ -38,10 +38,9 @@ |
258 |
|
|
print_section_bar |
259 |
|
|
); |
260 |
|
|
|
261 |
|
|
-our $VERSION = sprintf '%d.%03d', q$Revision: 1.8 $ =~ /: (\d+).(\d+)/; |
262 |
|
|
|
263 |
|
|
-our $accountdb = esmith::AccountsDB->open(); |
264 |
|
|
-our $configdb = esmith::ConfigDB->open(); |
265 |
|
|
+our $a = esmith::AccountsDB->open(); |
266 |
|
|
+our $c = esmith::ConfigDB->open(); |
267 |
|
|
|
268 |
|
|
*wherenext = \&CGI::FormMagick::wherenext; |
269 |
|
|
|
270 |
|
|
@@ -62,12 +61,12 @@ |
271 |
|
|
my $name = $self->localise('NAME'); |
272 |
|
|
my $description = $self->localise('DESCRIPTION'); |
273 |
|
|
my $modify = $self->localise('MODIFY'); |
274 |
|
|
+ my $perm = $self->localise('PERMISSIONS'); |
275 |
|
|
my $remove = $self->localise('REMOVE'); |
276 |
|
|
my $action_h = $self->localise('ACTION'); |
277 |
|
|
- my @shares = $accountdb->get_all_by_prop(type => 'share'); |
278 |
|
|
+ my @shares = $a->get_all_by_prop(type => 'share'); |
279 |
|
|
|
280 |
|
|
- unless ( scalar @shares ) |
281 |
|
|
- { |
282 |
|
|
+ unless ( scalar @shares ) { |
283 |
|
|
print $q->Tr($q->td($self->localise('NO_SHARES'))); |
284 |
|
|
return ""; |
285 |
|
|
} |
286 |
|
|
@@ -81,22 +80,25 @@ |
287 |
|
|
|
288 |
|
|
my $scriptname = basename($0); |
289 |
|
|
|
290 |
|
|
- foreach my $i (@shares) |
291 |
|
|
- { |
292 |
|
|
- my $sharename = $i->key(); |
293 |
|
|
- my $sharedesc = $i->prop('Name'); |
294 |
|
|
+ foreach my $share (@shares) { |
295 |
|
|
+ my $sharename = $share->key(); |
296 |
|
|
+ my $sharedesc = $share->prop('Name'); |
297 |
|
|
|
298 |
|
|
my $href = "shares?page=;page_stack=;wherenext="; |
299 |
|
|
|
300 |
|
|
my $actionModify = $q->a({href => "${href}CreateModify&action=modify&name=$sharename"},$modify) |
301 |
|
|
. ' '; |
302 |
|
|
|
303 |
|
|
+ my $actionPerm = $q->a({href => "${href}Permissions&action=permissions&name=$sharename"},$perm) |
304 |
|
|
+ . ' '; |
305 |
|
|
+ |
306 |
|
|
my $actionRemove .= $q->a({href => "${href}Remove&name=$sharename&description=$sharedesc"}, $remove) |
307 |
|
|
. ' '; |
308 |
|
|
|
309 |
|
|
print $q->Tr ( |
310 |
|
|
esmith::cgi::genSmallCell($q, $sharename,"normal"), |
311 |
|
|
esmith::cgi::genSmallCell($q, $sharedesc,"normal"), |
312 |
|
|
+ esmith::cgi::genSmallCell($q, $actionPerm,"normal"), |
313 |
|
|
esmith::cgi::genSmallCell($q, $actionModify,"normal"), |
314 |
|
|
esmith::cgi::genSmallCell($q, $actionRemove,"normal") |
315 |
|
|
); |
316 |
|
|
@@ -109,58 +111,55 @@ |
317 |
|
|
|
318 |
|
|
|
319 |
|
|
sub print_custom_button{ |
320 |
|
|
- my ($fm,$desc,$url) = @_; |
321 |
|
|
- my $q = $fm->{cgi}; |
322 |
|
|
- $url="shares?page=0&page_stack=&Next=Next&wherenext=".$url; |
323 |
|
|
+ my ($self,$desc,$url) = @_; |
324 |
|
|
+ my $q = $self->{cgi}; |
325 |
|
|
+ $url = "shares?page=0&page_stack=&Next=Next&wherenext=" . $url; |
326 |
|
|
|
327 |
|
|
print " <tr>\n <td colspan='2'>\n"; |
328 |
|
|
print $q->p($q->a({href => $url, -class => "button-like"}, |
329 |
|
|
- $fm->localise($desc))); |
330 |
|
|
+ $self->localise($desc))); |
331 |
|
|
print qq(</tr>\n); |
332 |
|
|
return undef; |
333 |
|
|
} |
334 |
|
|
|
335 |
|
|
sub print_share_to_remove{ |
336 |
|
|
- my ($fm) = @_; |
337 |
|
|
- my $q = $fm->{cgi}; |
338 |
|
|
+ my $self = shift; |
339 |
|
|
+ my $q = $self->{cgi}; |
340 |
|
|
my $sharename = $q->param('name'); |
341 |
|
|
my $desc = $q->param('description'); |
342 |
|
|
|
343 |
|
|
print $q->Tr( |
344 |
|
|
$q->td( |
345 |
|
|
{ -class => 'sme-noborders-label' }, |
346 |
|
|
- $fm->localise('NAME') |
347 |
|
|
+ $self->localise('NAME') |
348 |
|
|
), |
349 |
|
|
$q->td( { -class => 'sme-noborders-content' }, $sharename ) |
350 |
|
|
- ), |
351 |
|
|
- "\n"; |
352 |
|
|
+ ), "\n"; |
353 |
|
|
print $q->Tr( |
354 |
|
|
$q->td( |
355 |
|
|
{ -class => 'sme-noborders-label' }, |
356 |
|
|
- $fm->localise('DESCRIPTION') |
357 |
|
|
+ $self->localise('DESCRIPTION') |
358 |
|
|
), |
359 |
|
|
$q->td( { -class => 'sme-noborders-content' }, $desc ) |
360 |
|
|
- ), |
361 |
|
|
- "\n"; |
362 |
|
|
+ ), "\n"; |
363 |
|
|
|
364 |
|
|
- print $q->table( |
365 |
|
|
+ print $q->table( |
366 |
|
|
{ -width => '100%' }, |
367 |
|
|
$q->Tr( |
368 |
|
|
$q->th( |
369 |
|
|
{ -class => 'sme-layout' }, |
370 |
|
|
$q->submit( |
371 |
|
|
-name => 'cancel', |
372 |
|
|
- -value => $fm->localise('CANCEL') |
373 |
|
|
+ -value => $self->localise('CANCEL') |
374 |
|
|
), |
375 |
|
|
' ', |
376 |
|
|
$q->submit( |
377 |
|
|
-name => 'remove', |
378 |
|
|
- -value => $fm->localise('REMOVE') |
379 |
|
|
+ -value => $self->localise('REMOVE') |
380 |
|
|
) |
381 |
|
|
) |
382 |
|
|
) |
383 |
|
|
- ), |
384 |
|
|
- "\n"; |
385 |
|
|
+ ), "\n"; |
386 |
|
|
|
387 |
|
|
# Clear these values to prevent collisions when the page reloads. |
388 |
|
|
$q->delete("cancel"); |
389 |
|
|
@@ -172,12 +171,13 @@ |
390 |
|
|
|
391 |
|
|
sub print_share_name_field { |
392 |
|
|
my $self = shift; |
393 |
|
|
- my $in = $self->{cgi}->param('name') || ''; |
394 |
|
|
- my $action = $self->{cgi}->param('action') || ''; |
395 |
|
|
- my $maxLength = $configdb->get('maxShareNameLength')->value || '12'; |
396 |
|
|
+ my $q = $self->{cgi}; |
397 |
|
|
+ my $in = $q->param('name') || ''; |
398 |
|
|
+ my $action = $q->param('action') || ''; |
399 |
|
|
+ my $maxLength = $c->get('maxShareNameLength')->value || '12'; |
400 |
|
|
|
401 |
|
|
# Set default value |
402 |
|
|
- my $q = $self->{cgi}; |
403 |
|
|
+ |
404 |
|
|
$q->param(-name=>'encryption',-value=>'disabled'); |
405 |
|
|
$q->param(-name=>'inactivity',-value=>'30'); |
406 |
|
|
$q->param(-name=>'smbaccess',-value=>'browseable'); |
407 |
|
|
@@ -204,7 +204,7 @@ |
408 |
|
|
# Read the values for each field from the accounts db and store |
409 |
|
|
# them in the cgi object so our form will have the correct |
410 |
|
|
# info displayed. |
411 |
|
|
- my $rec = $accountdb->get($in); |
412 |
|
|
+ my $rec = $a->get($in); |
413 |
|
|
if ($rec) |
414 |
|
|
{ |
415 |
|
|
$q->param(-name=>'description',-value=> |
416 |
|
|
@@ -213,10 +213,6 @@ |
417 |
|
|
($rec->prop('Encryption') || 'disabled')); |
418 |
|
|
$q->param(-name=>'inactivity',-value=> |
419 |
|
|
($rec->prop('InactivityTimeOut') || '30')); |
420 |
|
|
- $q->param(-name=>'ReadGroups',-value=> |
421 |
|
|
- $rec->prop('ReadGroups')); |
422 |
|
|
- $q->param(-name=>'WriteGroups',-value=> |
423 |
|
|
- $rec->prop('WriteGroups')); |
424 |
|
|
$q->param(-name=>'smbaccess',-value=> |
425 |
|
|
($rec->prop('smbAccess') || 'enabled')); |
426 |
|
|
$q->param(-name=>'recyclebin',-value=> |
427 |
|
|
@@ -233,8 +229,6 @@ |
428 |
|
|
($rec->prop('Indexes') || 'enabled')); |
429 |
|
|
$q->param(-name=>'dynamic',-value=> |
430 |
|
|
($rec->prop('DynamicContent') || 'disabled')); |
431 |
|
|
- $q->param(-name=>'manualPerm',-value=> |
432 |
|
|
- ($rec->prop('ManualPermissions') || 'no')); |
433 |
|
|
} |
434 |
|
|
} |
435 |
|
|
else { |
436 |
|
|
@@ -253,18 +247,19 @@ |
437 |
|
|
# If EncFS is available, print encryptions options |
438 |
|
|
sub print_encryption_fields { |
439 |
|
|
my $self = shift; |
440 |
|
|
+ my $q = $self->{cgi}; |
441 |
|
|
|
442 |
|
|
return undef unless(system('rpm -q fuse-encfs 2>&1 > /dev/null') == 0); |
443 |
|
|
|
444 |
|
|
- my $encryption = $self->{cgi}->param('encryption') || 'disabled'; |
445 |
|
|
- my $action = $self->{cgi}->param('action') || ''; |
446 |
|
|
+ my $encryption = $q->param('encryption') || 'disabled'; |
447 |
|
|
+ my $action = $q->param('action') || ''; |
448 |
|
|
|
449 |
|
|
- my $sharename = $self->{cgi}->param('name') || ''; |
450 |
|
|
+ my $sharename = $q->param('name') || ''; |
451 |
|
|
|
452 |
|
|
return undef if ($action eq 'modify' && $encryption ne 'enabled'); |
453 |
|
|
|
454 |
|
|
- my $inactivity = (($sharename ne '') && ($accountdb->get($sharename))) ? |
455 |
|
|
- ($accountdb->get($sharename)->prop('InactivityTimeOut') || '30'):'30'; |
456 |
|
|
+ my $inactivity = (($sharename ne '') && ($a->get($sharename))) ? |
457 |
|
|
+ ($a->get($sharename)->prop('InactivityTimeOut') || '30'):'30'; |
458 |
|
|
|
459 |
|
|
print_section_bar(); |
460 |
|
|
|
461 |
|
|
@@ -316,13 +311,13 @@ |
462 |
|
|
|
463 |
|
|
# If ajaxplorer is enabled: |
464 |
|
|
sub print_ajaxplorer_fields { |
465 |
|
|
- my ($self) = @_; |
466 |
|
|
- my $ajaxplorer = $configdb->get('ajaxplorer') || return undef; |
467 |
|
|
+ my $self = shift; |
468 |
|
|
+ my $ajaxplorer = $c->get('ajaxplorer') || return undef; |
469 |
|
|
if (($ajaxplorer->prop('status') || 'disabled') eq 'enabled'){ |
470 |
|
|
print_section_bar(); |
471 |
|
|
my ($enabled,$disabled) = ('',''); |
472 |
|
|
my $sharename = $self->{cgi}->param('name') || ''; |
473 |
|
|
- my $share = $accountdb->get($sharename); |
474 |
|
|
+ my $share = $a->get($sharename); |
475 |
|
|
# If share exists and Ajxplorer is enabled |
476 |
|
|
if ($share){ |
477 |
|
|
if (($share->prop('Ajaxplorer') || 'disabled') eq 'enabled'){ |
478 |
|
|
@@ -345,24 +340,31 @@ |
479 |
|
|
return undef; |
480 |
|
|
} |
481 |
|
|
|
482 |
|
|
-# Takes a comma delimited list of groups and returns a string of |
483 |
|
|
-# html checkboxes for all system groups with the groups having write and read access. |
484 |
|
|
- |
485 |
|
|
-sub genGroupAccess () { |
486 |
|
|
- my $fm = shift; |
487 |
|
|
- my $q = $fm->{cgi}; |
488 |
|
|
- my $WriteGroups = $q->param('WriteGroups') || ''; |
489 |
|
|
- my $ReadGroups = $q->param('ReadGroups') || ''; |
490 |
|
|
- my $share = $q->param('share'); |
491 |
|
|
- my $manualPerm = $q->param('manualPerm') || ''; |
492 |
|
|
+# Print a table of users and groups |
493 |
|
|
+# having read only or read/write access |
494 |
|
|
+sub acl_list () { |
495 |
|
|
+ my $self = shift; |
496 |
|
|
+ my $q = $self->{cgi}; |
497 |
|
|
+ my $sharename = $q->param('name'); |
498 |
|
|
my $out = ''; |
499 |
|
|
|
500 |
|
|
+ my $share = $a->get($sharename); |
501 |
|
|
+ return $self->error('SHARE_NOT_FOUND') unless ($share); |
502 |
|
|
+ |
503 |
|
|
+ my $WriteGroups = $share->prop('WriteGroups') || ''; |
504 |
|
|
+ my $ReadGroups = $share->prop('ReadGroups') || ''; |
505 |
|
|
+ my $WriteUsers = $share->prop('WriteUsers') || ''; |
506 |
|
|
+ my $ReadUsers = $share->prop('ReadUsers') || ''; |
507 |
|
|
+ my $manualPerm = $share->prop('ManualPermissions') || 'no'; |
508 |
|
|
+ |
509 |
|
|
if (($manualPerm eq 'yes') || ($manualPerm eq 'enabled')){ |
510 |
|
|
- $out .= $fm->localise('MANUAL_PERMS'); |
511 |
|
|
+ $out .= $self->localise('MANUAL_PERMS'); |
512 |
|
|
} |
513 |
|
|
|
514 |
|
|
my %WriteGroups; |
515 |
|
|
my %ReadGroups; |
516 |
|
|
+ my %WriteUsers; |
517 |
|
|
+ my %ReadUsers; |
518 |
|
|
|
519 |
|
|
foreach my $group ( split ( /[,;]/, $WriteGroups ) ) { |
520 |
|
|
$WriteGroups{$group} = 1; |
521 |
|
|
@@ -370,22 +372,31 @@ |
522 |
|
|
foreach my $group ( split ( /[,;]/, $ReadGroups ) ) { |
523 |
|
|
$ReadGroups{$group} = 1; |
524 |
|
|
} |
525 |
|
|
- my @groups = sort { $a->key() cmp $b->key() } $accountdb->groups(); |
526 |
|
|
+ foreach my $user ( split ( /[,;]/, $WriteUsers ) ) { |
527 |
|
|
+ $WriteUsers{$user} = 1; |
528 |
|
|
+ } |
529 |
|
|
+ foreach my $user ( split ( /[,;]/, $ReadUsers ) ) { |
530 |
|
|
+ $ReadUsers{$user} = 1; |
531 |
|
|
+ } |
532 |
|
|
+ my @groups = sort { $a->key() cmp $b->key() } $a->groups(); |
533 |
|
|
+ my @users = sort { $a->key() cmp $b->key() } $a->users(); |
534 |
|
|
|
535 |
|
|
$out .= "<tr><td class=\"sme-noborders-label\">" . |
536 |
|
|
- $fm->localise('PERMISSIONS') . |
537 |
|
|
+ $self->localise('PERMISSIONS') . |
538 |
|
|
"</td><td>\n". |
539 |
|
|
$q->start_table({-class => "sme-border"})."\n". |
540 |
|
|
$q->Tr( |
541 |
|
|
- esmith::cgi::genSmallCell($q, $fm->localise('GROUPS'),"header"), |
542 |
|
|
- esmith::cgi::genSmallCell($q, $fm->localise('WRITE_PERM'),"header"), |
543 |
|
|
- esmith::cgi::genSmallCell($q, $fm->localise('READ_PERM'),"header") |
544 |
|
|
+ esmith::cgi::genSmallCell($q, $self->localise('GROUPS'),"header"), |
545 |
|
|
+ esmith::cgi::genSmallCell($q, $self->localise('DESCRIPTION'),"header"), |
546 |
|
|
+ esmith::cgi::genSmallCell($q, $self->localise('WRITE_PERM'),"header"), |
547 |
|
|
+ esmith::cgi::genSmallCell($q, $self->localise('READ_PERM'),"header") |
548 |
|
|
); |
549 |
|
|
|
550 |
|
|
foreach my $group (@groups) { |
551 |
|
|
my $write = ""; |
552 |
|
|
my $read = ""; |
553 |
|
|
my $name = $group->key(); |
554 |
|
|
+ my $desc = $group->prop('Description'); |
555 |
|
|
if ( $WriteGroups{$name} ) { |
556 |
|
|
$write = "checked"; |
557 |
|
|
} |
558 |
|
|
@@ -395,23 +406,56 @@ |
559 |
|
|
|
560 |
|
|
$out .= $q->Tr( |
561 |
|
|
esmith::cgi::genSmallCell($q, $name, "normal"), |
562 |
|
|
+ esmith::cgi::genSmallCell($q, $desc, "normal"), |
563 |
|
|
|
564 |
|
|
esmith::cgi::genSmallCell($q,"<input type=\"checkbox\"" |
565 |
|
|
- . " name=\"write\"" |
566 |
|
|
+ . " name=\"writegroup\"" |
567 |
|
|
. " $write value=\"$name\">", "normal"), |
568 |
|
|
esmith::cgi::genSmallCell($q,"<input type=\"checkbox\"" |
569 |
|
|
- . " name=\"read\"" |
570 |
|
|
+ . " name=\"readgroup\"" |
571 |
|
|
. " $read value=\"$name\">", "normal") |
572 |
|
|
); |
573 |
|
|
} |
574 |
|
|
|
575 |
|
|
+ $out .= $q->Tr( |
576 |
|
|
+ esmith::cgi::genSmallCell($q, $self->localise('USERS'),"header"), |
577 |
|
|
+ esmith::cgi::genSmallCell($q, $self->localise('DESCRIPTION'),"header"), |
578 |
|
|
+ esmith::cgi::genSmallCell($q, $self->localise('WRITE_PERM'),"header"), |
579 |
|
|
+ esmith::cgi::genSmallCell($q, $self->localise('READ_PERM'),"header") |
580 |
|
|
+ ); |
581 |
|
|
+ |
582 |
|
|
+ foreach my $user (@users) { |
583 |
|
|
+ my $write = ""; |
584 |
|
|
+ my $read = ""; |
585 |
|
|
+ my $name = $user->key(); |
586 |
|
|
+ my $desc = $user->prop('FirstName') . ' ' . $user->prop('LastName'); |
587 |
|
|
+ if ( $WriteUsers{$name} ) { |
588 |
|
|
+ $write = "checked"; |
589 |
|
|
+ } |
590 |
|
|
+ if ( $ReadUsers{$name} ) { |
591 |
|
|
+ $read = "checked"; |
592 |
|
|
+ } |
593 |
|
|
+ |
594 |
|
|
+ $out .= $q->Tr( |
595 |
|
|
+ esmith::cgi::genSmallCell($q, $name, "normal"), |
596 |
|
|
+ esmith::cgi::genSmallCell($q, $desc, "normal"), |
597 |
|
|
+ |
598 |
|
|
+ esmith::cgi::genSmallCell($q,"<input type=\"checkbox\"" |
599 |
|
|
+ . " name=\"writeuser\"" |
600 |
|
|
+ . " $write value=\"$name\">", "normal"), |
601 |
|
|
+ esmith::cgi::genSmallCell($q,"<input type=\"checkbox\"" |
602 |
|
|
+ . " name=\"readuser\"" |
603 |
|
|
+ . " $read value=\"$name\">", "normal") |
604 |
|
|
+ ); |
605 |
|
|
+ } |
606 |
|
|
+ |
607 |
|
|
$out .= "</table></td></tr>\n"; |
608 |
|
|
return $out; |
609 |
|
|
} |
610 |
|
|
|
611 |
|
|
# Print a section bar |
612 |
|
|
sub print_section_bar{ |
613 |
|
|
- my ($fm) = @_; |
614 |
|
|
+ my $self = shift; |
615 |
|
|
print " <tr>\n <td colspan='2'>\n"; |
616 |
|
|
print "<hr class=\"sectionbar\"/>\n"; |
617 |
|
|
return undef; |
618 |
|
|
@@ -423,8 +467,8 @@ |
619 |
|
|
|
620 |
|
|
sub smbAccess_list { |
621 |
|
|
return { |
622 |
|
|
- 'none' => 'NONE', |
623 |
|
|
- 'browseable' => 'ENABLED_BROWSEABLE', |
624 |
|
|
+ 'none' => 'NONE', |
625 |
|
|
+ 'browseable' => 'ENABLED_BROWSEABLE', |
626 |
|
|
'non-browseable' => 'ENABLED_NON_BROWSEABLE', |
627 |
|
|
}; |
628 |
|
|
} |
629 |
|
|
@@ -453,12 +497,13 @@ |
630 |
|
|
|
631 |
|
|
sub max_share_name_length { |
632 |
|
|
my ($self, $data) = @_; |
633 |
|
|
- $configdb->reload(); |
634 |
|
|
- my $max = $configdb->get('maxShareNameLength')->value || '12'; |
635 |
|
|
+ $c->reload(); |
636 |
|
|
+ my $max = $c->get('maxShareNameLength')->value || '12'; |
637 |
|
|
|
638 |
|
|
if (length($data) <= $max) { |
639 |
|
|
return "OK"; |
640 |
|
|
- } else { |
641 |
|
|
+ } |
642 |
|
|
+ else { |
643 |
|
|
return $self->localise("MAX_SHARE_NAME_LENGTH_ERROR", |
644 |
|
|
{acctName => $data, |
645 |
|
|
maxShareNameLength => $max, |
646 |
|
|
@@ -466,46 +511,20 @@ |
647 |
|
|
} |
648 |
|
|
} |
649 |
|
|
|
650 |
|
|
- |
651 |
|
|
-# Check the proposed name for clashes with existing pseudonyms or other |
652 |
|
|
-# accounts of any type. |
653 |
|
|
- |
654 |
|
|
-sub conflict_check |
655 |
|
|
-{ |
656 |
|
|
- my ($self, $name) = @_; |
657 |
|
|
- my $rec = $accountdb->get($name); |
658 |
|
|
- |
659 |
|
|
- my $type; |
660 |
|
|
- if (defined $rec){ |
661 |
|
|
- my $type = $rec->prop('type'); |
662 |
|
|
- if ($type eq "pseudonym"){ |
663 |
|
|
- my $acct = $rec->prop("Account"); |
664 |
|
|
- my $acct_type = $accountdb->get($acct)->prop('type'); |
665 |
|
|
- |
666 |
|
|
- return $self->localise('ACCT_CLASHES_WITH_PSEUDONYM', |
667 |
|
|
- {acctName => $name, acctType => $acct_type, acct => $acct}); |
668 |
|
|
- } |
669 |
|
|
- } |
670 |
|
|
- elsif (defined getpwnam($name) || defined getgrnam($name)){ |
671 |
|
|
- $type = 'system'; |
672 |
|
|
- } |
673 |
|
|
- else{ |
674 |
|
|
- # No account record and no account |
675 |
|
|
- return 'OK'; |
676 |
|
|
- } |
677 |
|
|
- return $self->localise('ACCOUNT_EXISTS', |
678 |
|
|
- {acctName => $name, acctType => $type}); |
679 |
|
|
-} |
680 |
|
|
- |
681 |
|
|
# Call the create or modify routine |
682 |
|
|
|
683 |
|
|
sub handle_shares { |
684 |
|
|
- my ($self) = @_; |
685 |
|
|
- |
686 |
|
|
+ my $self = shift; |
687 |
|
|
+ my $q = $self->{cgi}; |
688 |
|
|
+ my $action = $q->param("action") || ''; |
689 |
|
|
|
690 |
|
|
- if ($self->cgi->param("action") eq "create") { |
691 |
|
|
+ if ($action eq "create") { |
692 |
|
|
$self->create_share(); |
693 |
|
|
- } else { |
694 |
|
|
+ } |
695 |
|
|
+ elsif ($action eq 'permissions'){ |
696 |
|
|
+ $self->modify_perm(); |
697 |
|
|
+ } |
698 |
|
|
+ else { |
699 |
|
|
$self->modify_share(); |
700 |
|
|
} |
701 |
|
|
} |
702 |
|
|
@@ -513,12 +532,13 @@ |
703 |
|
|
# Print save or add button |
704 |
|
|
|
705 |
|
|
sub print_save_or_add_button { |
706 |
|
|
- my ($self) = @_; |
707 |
|
|
+ my $self = shift; |
708 |
|
|
|
709 |
|
|
my $action = $self->cgi->param("action") || ''; |
710 |
|
|
if ($action eq "modify") { |
711 |
|
|
$self->print_button("SAVE"); |
712 |
|
|
- } else { |
713 |
|
|
+ } |
714 |
|
|
+ else { |
715 |
|
|
$self->print_button("ADD"); |
716 |
|
|
} |
717 |
|
|
|
718 |
|
|
@@ -527,79 +547,54 @@ |
719 |
|
|
# Create a new shared folder |
720 |
|
|
|
721 |
|
|
sub create_share { |
722 |
|
|
- my ($self) = @_; |
723 |
|
|
- my $name = $self->cgi->param('name'); |
724 |
|
|
- my $encryption = $self->cgi->param('encryption') || 'disabled'; |
725 |
|
|
- my $password = $self->cgi->param('password'); |
726 |
|
|
- my $password2 = $self->cgi->param('password2'); |
727 |
|
|
+ my $self = shift; |
728 |
|
|
+ my $q = $self->{cgi}; |
729 |
|
|
+ my $name = $q->param('name'); |
730 |
|
|
+ my $encryption = $q->param('encryption') || 'disabled'; |
731 |
|
|
+ my $password = $q->param('password'); |
732 |
|
|
+ my $password2 = $q->param('password2'); |
733 |
|
|
|
734 |
|
|
my $msg = $self->validate_name($name); |
735 |
|
|
- unless ($msg eq "OK") |
736 |
|
|
- { |
737 |
|
|
+ |
738 |
|
|
+ unless ($msg eq "OK") { |
739 |
|
|
return $self->error($msg); |
740 |
|
|
} |
741 |
|
|
|
742 |
|
|
$msg = $self->max_share_name_length($name); |
743 |
|
|
- unless ($msg eq "OK") |
744 |
|
|
- { |
745 |
|
|
+ |
746 |
|
|
+ unless ($msg eq "OK") { |
747 |
|
|
return $self->error($msg); |
748 |
|
|
} |
749 |
|
|
|
750 |
|
|
$msg = $self->conflict_check($name); |
751 |
|
|
- unless ($msg eq "OK") |
752 |
|
|
- { |
753 |
|
|
+ unless ($msg eq "OK") { |
754 |
|
|
return $self->error($msg); |
755 |
|
|
} |
756 |
|
|
|
757 |
|
|
$msg = ($encryption eq 'enabled') ? $self->confirm_password($password,$password2) : 'OK'; |
758 |
|
|
- unless ($msg eq "OK") |
759 |
|
|
- { |
760 |
|
|
+ unless ($msg eq "OK") { |
761 |
|
|
return $self->error($msg); |
762 |
|
|
} |
763 |
|
|
|
764 |
|
|
- my @WriteGroups = $self->cgi->param('write'); |
765 |
|
|
- my $WriteGroups = join(",",@WriteGroups); |
766 |
|
|
- my @ReadGroups = $self->cgi->param('read'); |
767 |
|
|
- my @CleanReadGroups = (); |
768 |
|
|
- |
769 |
|
|
- # EncFS doesn't expose underlying ACLs |
770 |
|
|
- # So, just remove any read only groups |
771 |
|
|
- # Read Only is not supported with encryption |
772 |
|
|
- if ($encryption ne 'enabled'){ |
773 |
|
|
- # Remove from ReadGroups the groups in WriteGroups |
774 |
|
|
- # So ACL are consistent |
775 |
|
|
- foreach my $read (@ReadGroups){ |
776 |
|
|
- my $isInWrite = 0; |
777 |
|
|
- foreach (@WriteGroups){ |
778 |
|
|
- $isInWrite = 1 if ($_ eq $read); |
779 |
|
|
- } |
780 |
|
|
- push (@CleanReadGroups, $read) unless ($isInWrite); |
781 |
|
|
- } |
782 |
|
|
- } |
783 |
|
|
- my $ReadGroups = join(",",@CleanReadGroups); |
784 |
|
|
- |
785 |
|
|
- if (my $acct = $accountdb->new_record($name, { |
786 |
|
|
- Name => $self->cgi->param('description'), |
787 |
|
|
+ if (my $acct = $a->new_record($name, { |
788 |
|
|
+ Name => $q->param('description'), |
789 |
|
|
Encryption => $encryption, |
790 |
|
|
- InactivityTimeOut => ($self->cgi->param('inactivity') || ''), |
791 |
|
|
- WriteGroups => $WriteGroups, |
792 |
|
|
- ReadGroups => $ReadGroups, |
793 |
|
|
- RecycleBin => $self->cgi->param('recyclebin'), |
794 |
|
|
- RecycleBinRetention => $self->cgi->param('retention'), |
795 |
|
|
- smbAccess => $self->cgi->param('smbaccess'), |
796 |
|
|
- httpAccess => $self->cgi->param('httpaccess'), |
797 |
|
|
- WebDav => $self->cgi->param('webdav'), |
798 |
|
|
- Ajaxplorer => ($self->cgi->param('ajaxplorer') || 'disabled'), |
799 |
|
|
- RequireSSL => $self->cgi->param('requireSSL'), |
800 |
|
|
- Indexes => $self->cgi->param('indexes'), |
801 |
|
|
- DynamicContent => $self->cgi->param('dynamic'), |
802 |
|
|
+ InactivityTimeOut => ($q->param('inactivity') || ''), |
803 |
|
|
+ RecycleBin => $q->param('recyclebin'), |
804 |
|
|
+ RecycleBinRetention => $q->param('retention'), |
805 |
|
|
+ smbAccess => $q->param('smbaccess'), |
806 |
|
|
+ httpAccess => $q->param('httpaccess'), |
807 |
|
|
+ WebDav => $q->param('webdav'), |
808 |
|
|
+ Ajaxplorer => ($q->param('ajaxplorer') || 'disabled'), |
809 |
|
|
+ RequireSSL => $q->param('requireSSL'), |
810 |
|
|
+ Indexes => $q->param('indexes'), |
811 |
|
|
+ DynamicContent => $q->param('dynamic'), |
812 |
|
|
type => 'share', |
813 |
|
|
- }) ) |
814 |
|
|
- { |
815 |
|
|
+ }) ) { |
816 |
|
|
# Untaint $name before use in system() |
817 |
|
|
$name =~ /(.+)/; $name = $1; |
818 |
|
|
|
819 |
|
|
- if ($encryption eq 'enabled'){ |
820 |
|
|
+ if ($encryption eq 'enabled') { |
821 |
|
|
my $source = '/home/e-smith/files/shares/' . $name . '/.store'; |
822 |
|
|
my $dest = '/home/e-smith/files/shares/' . $name . '/files'; |
823 |
|
|
File::Path::mkpath ($source); |
824 |
|
|
@@ -614,10 +609,12 @@ |
825 |
|
|
|
826 |
|
|
if (system ("/sbin/e-smith/signal-event", "share-create", $name) == 0) { |
827 |
|
|
$self->success("SUCCESSFULLY_CREATED_SHARE"); |
828 |
|
|
- } else { |
829 |
|
|
+ } |
830 |
|
|
+ else { |
831 |
|
|
$self->error("ERROR_WHILE_CREATING_SHARE"); |
832 |
|
|
} |
833 |
|
|
- } else { |
834 |
|
|
+ } |
835 |
|
|
+ else { |
836 |
|
|
$self->error('CANT_CREATE_SHARE'); |
837 |
|
|
} |
838 |
|
|
} |
839 |
|
|
@@ -625,118 +622,155 @@ |
840 |
|
|
# Modify a share. |
841 |
|
|
# This sub shares a lot of code with create share |
842 |
|
|
# It should be merged |
843 |
|
|
- |
844 |
|
|
sub modify_share { |
845 |
|
|
- my ($self) = @_; |
846 |
|
|
- my $name = $self->cgi->param('name'); |
847 |
|
|
- if (my $acct = $accountdb->get($name)) { |
848 |
|
|
- if ($acct->prop('type') eq 'share') { |
849 |
|
|
- my $encryption = $self->cgi->param('encryption'); |
850 |
|
|
- my @WriteGroups = $self->cgi->param('write'); |
851 |
|
|
- my $WriteGroups = join(",",@WriteGroups); |
852 |
|
|
- my @ReadGroups = $self->cgi->param('read'); |
853 |
|
|
- my @CleanReadGroups = (); |
854 |
|
|
- |
855 |
|
|
- # EncFS doesn't expose underlying ACLs |
856 |
|
|
- # So, just remove any read only groups |
857 |
|
|
- # Read Only is not supported with encryption |
858 |
|
|
- if ($encryption ne 'enabled'){ |
859 |
|
|
- foreach my $read (@ReadGroups){ |
860 |
|
|
- my $isInWrite = 0; |
861 |
|
|
- foreach (@WriteGroups){ |
862 |
|
|
- $isInWrite = 1 if ($_ eq $read); |
863 |
|
|
- } |
864 |
|
|
- push (@CleanReadGroups, $read) unless ($isInWrite); |
865 |
|
|
- } |
866 |
|
|
- } |
867 |
|
|
- my $ReadGroups = join(",",@CleanReadGroups); |
868 |
|
|
+ my $self = shift; |
869 |
|
|
+ my $q = $self->{cgi}; |
870 |
|
|
+ my $name = $q->param('name'); |
871 |
|
|
+ my $acct = $a->get($name); |
872 |
|
|
|
873 |
|
|
- $acct->merge_props( |
874 |
|
|
- Name => $self->cgi->param('description'), |
875 |
|
|
- InactivityTimeOut => ($self->cgi->param('inactivity') || ''), |
876 |
|
|
- WriteGroups => $WriteGroups, |
877 |
|
|
- ReadGroups => $ReadGroups, |
878 |
|
|
- RecycleBin => $self->cgi->param('recyclebin'), |
879 |
|
|
- RecycleBinRetention => $self->cgi->param('retention'), |
880 |
|
|
- smbAccess => $self->cgi->param('smbaccess'), |
881 |
|
|
- httpAccess => $self->cgi->param('httpaccess'), |
882 |
|
|
- WebDav => $self->cgi->param('webdav'), |
883 |
|
|
- Ajaxplorer => ($self->cgi->param('ajaxplorer') || 'disabled'), |
884 |
|
|
- RequireSSL => $self->cgi->param('requireSSL'), |
885 |
|
|
- Indexes => $self->cgi->param('indexes'), |
886 |
|
|
- DynamicContent => $self->cgi->param('dynamic'), |
887 |
|
|
- ); |
888 |
|
|
+ return $self->error('CANT_FIND_SHARE') unless($acct && $acct->prop('type') eq 'share'); |
889 |
|
|
|
890 |
|
|
- # Untaint $name before use in system() |
891 |
|
|
- $name =~ /(.+)/; $name = $1; |
892 |
|
|
- if (system ("/sbin/e-smith/signal-event", "share-modify", |
893 |
|
|
- $name) == 0) |
894 |
|
|
- { |
895 |
|
|
- $self->success("SUCCESSFULLY_MODIFIED_SHARE"); |
896 |
|
|
- } else { |
897 |
|
|
- $self->error("ERROR_WHILE_MODIFYING_SHARE"); |
898 |
|
|
- } |
899 |
|
|
- } else { |
900 |
|
|
- $self->error('CANT_FIND_SHARE'); |
901 |
|
|
- } |
902 |
|
|
- } else { |
903 |
|
|
- $self->error('CANT_FIND_SHARE'); |
904 |
|
|
+ $acct->merge_props( |
905 |
|
|
+ Name => $q->param('description'), |
906 |
|
|
+ InactivityTimeOut => ($q->param('inactivity') || ''), |
907 |
|
|
+ RecycleBin => $q->param('recyclebin'), |
908 |
|
|
+ RecycleBinRetention => $q->param('retention'), |
909 |
|
|
+ smbAccess => $q->param('smbaccess'), |
910 |
|
|
+ httpAccess => $q->param('httpaccess'), |
911 |
|
|
+ WebDav => $q->param('webdav'), |
912 |
|
|
+ Ajaxplorer => ($q->param('ajaxplorer') || 'disabled'), |
913 |
|
|
+ RequireSSL => $q->param('requireSSL'), |
914 |
|
|
+ Indexes => $q->param('indexes'), |
915 |
|
|
+ DynamicContent => $q->param('dynamic'), |
916 |
|
|
+ ); |
917 |
|
|
+ |
918 |
|
|
+ # Untaint $name before use in system() |
919 |
|
|
+ $name =~ /(.+)/; $name = $1; |
920 |
|
|
+ if (system ("/sbin/e-smith/signal-event", "share-modify", $name) == 0) { |
921 |
|
|
+ $self->success("SUCCESSFULLY_MODIFIED_SHARE"); |
922 |
|
|
} |
923 |
|
|
+ else { |
924 |
|
|
+ $self->error("ERROR_WHILE_MODIFYING_SHARE"); |
925 |
|
|
+ } |
926 |
|
|
+ return undef; |
927 |
|
|
} |
928 |
|
|
|
929 |
|
|
-# Remove a share |
930 |
|
|
+sub modify_perm { |
931 |
|
|
+ my $self = shift; |
932 |
|
|
+ my $q = $self->{cgi}; |
933 |
|
|
+ my $name = $q->param('name'); |
934 |
|
|
+ my $acct = $a->get($name); |
935 |
|
|
|
936 |
|
|
-sub remove_share { |
937 |
|
|
- my ($self) = @_; |
938 |
|
|
- my $name = $self->cgi->param('name'); |
939 |
|
|
- unless ($self->cgi->param('cancel')){ |
940 |
|
|
- if (my $acct = $accountdb->get($name)) { |
941 |
|
|
- if ($acct->prop('type') eq 'share') { |
942 |
|
|
- # Untaint $name before use in system() |
943 |
|
|
- $name =~ /(.+)/; $name = $1; |
944 |
|
|
- my $encryption = $acct->prop('Encryption') || 'disabled'; |
945 |
|
|
- my $mountstatus = `/bin/mount | grep /home/e-smith/files/shares/$name/ | grep -c fuse`; |
946 |
|
|
- chomp($mountstatus); |
947 |
|
|
- if (($encryption eq 'enabled') && ($mountstatus eq '1')){ |
948 |
|
|
- $self->error("ERROR_ENCRYPTED_ENABLED"); |
949 |
|
|
- return undef; |
950 |
|
|
- } |
951 |
|
|
- |
952 |
|
|
- $acct->set_prop('type', 'share-deleted'); |
953 |
|
|
- |
954 |
|
|
- if (system ("/sbin/e-smith/signal-event", "share-delete", $name) == 0) { |
955 |
|
|
- $self->success("SUCCESSFULLY_DELETED_SHARE"); |
956 |
|
|
- $acct->delete(); |
957 |
|
|
- } |
958 |
|
|
- else { |
959 |
|
|
- $self->error("ERROR_WHILE_DELETING_SHARE"); |
960 |
|
|
- } |
961 |
|
|
- } |
962 |
|
|
- else { |
963 |
|
|
- $self->error('CANT_FIND_SHARE'); |
964 |
|
|
- } |
965 |
|
|
+ return $self->error('CANT_FIND_SHARE') unless($acct && $acct->prop('type') eq 'share'); |
966 |
|
|
+ |
967 |
|
|
+ my $encryption = $acct->prop('Encryption') || 'disabled'; |
968 |
|
|
+ |
969 |
|
|
+ my $WriteGroups = join(",", $q->param('writegroup')); |
970 |
|
|
+ my $WriteUsers = join(",", $q->param('writeuser')); |
971 |
|
|
|
972 |
|
|
+ my @CleanReadGroups = (); |
973 |
|
|
+ my @CleanReadUsers = (); |
974 |
|
|
+ |
975 |
|
|
+ # EncFS doesn't expose underlying ACLs |
976 |
|
|
+ # So, just remove any read only groups |
977 |
|
|
+ # Read Only is not supported with encryption |
978 |
|
|
+ if ($encryption ne 'enabled'){ |
979 |
|
|
+ # No need to have read access if write is already granted |
980 |
|
|
+ foreach my $group ($q->param('readgroup')){ |
981 |
|
|
+ push (@CleanReadGroups, $group) unless (grep { $_ eq $group } $q->param('writegroup')); |
982 |
|
|
} |
983 |
|
|
- else { |
984 |
|
|
- $self->error('CANT_FIND_SHARE'); |
985 |
|
|
+ foreach my $user ($q->param('readuser')){ |
986 |
|
|
+ push (@CleanReadUsers, $user) unless (grep { $_ eq $user } $q->param('writeuser')); |
987 |
|
|
} |
988 |
|
|
} |
989 |
|
|
- else{ |
990 |
|
|
- $self->error('CANCELED','First'); |
991 |
|
|
+ my $ReadGroups = join(",",@CleanReadGroups); |
992 |
|
|
+ my $ReadUsers = join(",",@CleanReadUsers); |
993 |
|
|
+ |
994 |
|
|
+ $acct->merge_props( |
995 |
|
|
+ WriteGroups => $WriteGroups, |
996 |
|
|
+ ReadGroups => $ReadGroups, |
997 |
|
|
+ WriteUsers => $WriteUsers, |
998 |
|
|
+ ReadUsers => $ReadUsers, |
999 |
|
|
+ ); |
1000 |
|
|
+ |
1001 |
|
|
+ # Untaint $name before use in system() |
1002 |
|
|
+ $name =~ /(.+)/; $name = $1; |
1003 |
|
|
+ if (system ("/sbin/e-smith/signal-event", "share-modify", $name) == 0) { |
1004 |
|
|
+ $self->success("SUCCESSFULLY_MODIFIED_SHARE"); |
1005 |
|
|
+ } |
1006 |
|
|
+ else { |
1007 |
|
|
+ $self->error("ERROR_WHILE_MODIFYING_SHARE"); |
1008 |
|
|
} |
1009 |
|
|
return undef; |
1010 |
|
|
} |
1011 |
|
|
|
1012 |
|
|
+# Remove a share |
1013 |
|
|
+sub remove_share { |
1014 |
|
|
+ my $self = shift; |
1015 |
|
|
+ my $q = $self->{cgi}; |
1016 |
|
|
+ my $name = $q->param('name'); |
1017 |
|
|
+ my $acct = $a->get($name); |
1018 |
|
|
+ return $self->error('CANCELED','First') if ($q->param('cancel')); |
1019 |
|
|
+ return $self->error('CANT_FIND_SHARE') unless ($acct && $acct->prop('type') eq 'share'); |
1020 |
|
|
+ |
1021 |
|
|
+ # Untaint $name before use in system() |
1022 |
|
|
+ $name =~ /(.+)/; $name = $1; |
1023 |
|
|
+ my $encryption = $acct->prop('Encryption') || 'disabled'; |
1024 |
|
|
+ my $mountstatus = `/bin/mount | grep /home/e-smith/files/shares/$name/ | grep -c fuse`; |
1025 |
|
|
+ chomp($mountstatus); |
1026 |
|
|
+ |
1027 |
|
|
+ if (($encryption eq 'enabled') && ($mountstatus eq '1')){ |
1028 |
|
|
+ $self->error("ERROR_ENCRYPTED_ENABLED"); |
1029 |
|
|
+ return undef; |
1030 |
|
|
+ } |
1031 |
|
|
+ |
1032 |
|
|
+ $acct->set_prop('type', 'share-deleted'); |
1033 |
|
|
+ |
1034 |
|
|
+ if (system ("/sbin/e-smith/signal-event", "share-delete", $name) == 0) { |
1035 |
|
|
+ $self->success("SUCCESSFULLY_DELETED_SHARE"); |
1036 |
|
|
+ $acct->delete(); |
1037 |
|
|
+ } |
1038 |
|
|
+ else { |
1039 |
|
|
+ $self->error("ERROR_WHILE_DELETING_SHARE"); |
1040 |
|
|
+ } |
1041 |
|
|
+ return undef; |
1042 |
|
|
+} |
1043 |
|
|
+ |
1044 |
|
|
+# Check the proposed name for clashes with existing pseudonyms or other |
1045 |
|
|
+# accounts of any type. |
1046 |
|
|
+ |
1047 |
|
|
+sub conflict_check { |
1048 |
|
|
+ my ($self, $name) = @_; |
1049 |
|
|
+ my $rec = $a->get($name); |
1050 |
|
|
+ |
1051 |
|
|
+ my $type; |
1052 |
|
|
+ if (defined $rec){ |
1053 |
|
|
+ my $type = $rec->prop('type'); |
1054 |
|
|
+ if ($type eq "pseudonym"){ |
1055 |
|
|
+ my $acct = $rec->prop("Account"); |
1056 |
|
|
+ my $acct_type = $a->get($acct)->prop('type'); |
1057 |
|
|
+ |
1058 |
|
|
+ return $self->localise('ACCT_CLASHES_WITH_PSEUDONYM', |
1059 |
|
|
+ {acctName => $name, acctType => $acct_type, acct => $acct}); |
1060 |
|
|
+ } |
1061 |
|
|
+ } |
1062 |
|
|
+ elsif (defined getpwnam($name) || defined getgrnam($name)){ |
1063 |
|
|
+ $type = 'system'; |
1064 |
|
|
+ } |
1065 |
|
|
+ else{ |
1066 |
|
|
+ # No account record and no account |
1067 |
|
|
+ return 'OK'; |
1068 |
|
|
+ } |
1069 |
|
|
+ return $self->localise('ACCOUNT_EXISTS', |
1070 |
|
|
+ {acctName => $name, acctType => $type}); |
1071 |
|
|
+} |
1072 |
|
|
|
1073 |
|
|
# Checks that the name supplied does not contain any unacceptable chars. |
1074 |
|
|
# Returns OK on success or a localised error message otherwise. |
1075 |
|
|
- |
1076 |
|
|
-sub validate_name |
1077 |
|
|
-{ |
1078 |
|
|
+sub validate_name { |
1079 |
|
|
my ($self, $acctName) = @_; |
1080 |
|
|
|
1081 |
|
|
- unless ($acctName =~ /^([a-z][\_\.\-a-z0-9]*)$/) |
1082 |
|
|
- { |
1083 |
|
|
+ unless ($acctName =~ /^([a-z][\_\.\-a-z0-9]*)$/){ |
1084 |
|
|
return $self->localise('ACCT_NAME_HAS_INVALID_CHARS', |
1085 |
|
|
{acctName => $acctName}); |
1086 |
|
|
} |
1087 |
|
|
@@ -744,13 +778,10 @@ |
1088 |
|
|
} |
1089 |
|
|
|
1090 |
|
|
# Check if inactivity is a number |
1091 |
|
|
- |
1092 |
|
|
-sub validate_inactivity |
1093 |
|
|
-{ |
1094 |
|
|
+sub validate_inactivity { |
1095 |
|
|
my ($self, $inac) = @_; |
1096 |
|
|
|
1097 |
|
|
- unless ($inac =~ /^\d+$/) |
1098 |
|
|
- { |
1099 |
|
|
+ unless ($inac =~ /^\d+$/){ |
1100 |
|
|
return $self->localise('INVALID_INACTIVITY', |
1101 |
|
|
{inactivity => $inac}); |
1102 |
|
|
} |
1103 |
|
|
@@ -759,9 +790,7 @@ |
1104 |
|
|
|
1105 |
|
|
# Check if both passwords match |
1106 |
|
|
# and are more than 8 chars |
1107 |
|
|
- |
1108 |
|
|
-sub confirm_password |
1109 |
|
|
-{ |
1110 |
|
|
+sub confirm_password { |
1111 |
|
|
|
1112 |
|
|
my ($self, $pass1, $pass2) = @_; |
1113 |
|
|
|