/[smecontribs]/rpms/smeserver-shared-folders/contribs7/smeserver-shared-folders-0.1-users_acl.patch
ViewVC logotype

Contents of /rpms/smeserver-shared-folders/contribs7/smeserver-shared-folders-0.1-users_acl.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (show annotations) (download)
Mon Feb 13 20:51:40 2012 UTC (12 years, 9 months ago) by vip-ire
Branch: MAIN
* Mon Feb 13 2012 Daniel Berteaud <daniel@firewall-services.com> 0.1-62.sme
- Code cleanup
- Move ACL configuration in a separated page
- User level ACL support

1 diff -Nur -x '*.orig' -x '*.rej' smeserver-shared-folders-0.1/createlinks mezzanine_patched_smeserver-shared-folders-0.1/createlinks
2 --- smeserver-shared-folders-0.1/createlinks 2012-02-13 20:08:07.000000000 +0100
3 +++ mezzanine_patched_smeserver-shared-folders-0.1/createlinks 2012-02-13 20:08:04.000000000 +0100
4 @@ -11,12 +11,12 @@
5 panel_link("userpanel-encfs", $panel);
6
7 #--------------------------------------------------
8 -# actions for group-delete event
9 +# actions for group-delete and user-delete events
10 #--------------------------------------------------
11
12 -$event = "group-delete";
13 -
14 -event_link("group-share-modify", $event, "10");
15 +foreach my $event (qw/group-delete user-delete/) {
16 + event_link("group-share-modify", $event, "10");
17 +}
18
19 #--------------------------------------------------
20 # actions for share-delete event
21 diff -Nur -x '*.orig' -x '*.rej' smeserver-shared-folders-0.1/root/etc/e-smith/events/actions/group-share-modify mezzanine_patched_smeserver-shared-folders-0.1/root/etc/e-smith/events/actions/group-share-modify
22 --- smeserver-shared-folders-0.1/root/etc/e-smith/events/actions/group-share-modify 2012-02-13 20:08:07.000000000 +0100
23 +++ mezzanine_patched_smeserver-shared-folders-0.1/root/etc/e-smith/events/actions/group-share-modify 2012-02-08 15:39:15.000000000 +0100
24 @@ -7,40 +7,47 @@
25 my $accounts = esmith::AccountsDB->open() or
26 die "Unable to open accounts db: $!";
27
28 -my ($self, $groupName) = @ARGV;
29 +my ($event, $name) = @ARGV;
30 +
31 +my $type = 'Groups';
32 +
33 +if ($event eq 'user-delete'){
34 + $type = 'Users';
35 +}
36
37 # Find all "shared folder" entries in the e-smith accounts database and
38 -# if the group matches one listed in ACL, remove it.
39 +# if the group or a user matches one listed in ACL, remove it.
40
41 my @modified_shares;
42 foreach my $share ( $accounts->get_all_by_prop(type => 'share' ) ) {
43 my $modified = 0;
44 - my @OldReadGroups = split (/[,;]/,$share->prop('ReadGroups'));
45 - my @NewReadGroups = ();
46 - foreach (@OldReadGroups){
47 - if ( $_ eq $groupName ) {
48 + my @OldRead = split (/[,;]/,$share->prop('Read'.$type));
49 + my @NewRead = ();
50 + foreach (@OldRead){
51 + if ( $_ eq $name ) {
52 $modified = 1;
53 }
54 else{
55 - push @NewReadGroups, $_;
56 + push @NewRead, $_;
57 }
58 }
59 - $share->set_prop( 'ReadGroups', join( "," , @NewReadGroups ) );
60 + $share->set_prop('Read'.$type, join("," , @NewRead));
61
62 - my @OldWriteGroups = split (/[,;]/,$share->prop('WriteGroups'));
63 - my @NewWriteGroups = ();
64 - foreach (@OldWriteGroups){
65 - if ( $_ eq $groupName ) {
66 + my @OldWrite = split (/[,;]/,$share->prop('Write'.$type));
67 + my @NewWrite = ();
68 + foreach (@OldWrite){
69 + if ( $_ eq $name ) {
70 $modified = 1;
71 }
72 else{
73 - push @NewWriteGroups, $_;
74 + push @NewWrite, $_;
75 }
76 }
77 - $share->set_prop( 'WriteGroups', join( "," , @NewWriteGroups ) );
78 + $share->set_prop('Write'.$type, join("," , @NewWrite));
79
80 - # If a group has been removed, either from Read or Write, re-apply the ACLs
81 + # If a group or a user has been removed, either from Read or Write, re-apply the ACLs
82 if ($modified){
83 + push @modified_shares, $share->key;
84 event_signal("share-modify-files", $share->key) or
85 die ("Error occurred while updating shared folder.\n");
86 }
87 diff -Nur -x '*.orig' -x '*.rej' smeserver-shared-folders-0.1/root/etc/e-smith/events/actions/share-modify mezzanine_patched_smeserver-shared-folders-0.1/root/etc/e-smith/events/actions/share-modify
88 --- smeserver-shared-folders-0.1/root/etc/e-smith/events/actions/share-modify 2012-02-13 20:08:07.000000000 +0100
89 +++ mezzanine_patched_smeserver-shared-folders-0.1/root/etc/e-smith/events/actions/share-modify 2012-02-08 15:18:24.000000000 +0100
90 @@ -90,8 +90,10 @@
91 #--------------------------------------------------
92
93 my %properties = $share->props;
94 -my @write = split(/[;,]/,($properties {'WriteGroups'} || 'admin'));
95 -my @read = split(/[;,]/,($properties {'ReadGroups'} || 'admin'));
96 +my @writegroups = split(/[;,]/,($properties {'WriteGroups'} || 'admin'));
97 +my @readgroups = split(/[;,]/,($properties {'ReadGroups'} || 'admin'));
98 +my @writeusers = split(/[;,]/,($properties {'WriteUsers'} || ''));
99 +my @readusers = split(/[;,]/,($properties {'ReadUsers'} || ''));
100
101 # Don't reset permissions if ManualPermissions is set to 'yes'
102
103 @@ -111,12 +113,18 @@
104 '.');
105
106 my $acl = 'u::rwX,g::rwX,o:---,';
107 - foreach my $group (@write){
108 + foreach my $group (@writegroups){
109 $acl .= 'g:'.$group.':rwX,';
110 }
111 - foreach my $group (@read){
112 + foreach my $group (@readgroups){
113 $acl .= 'g:'.$group.':rX,';
114 }
115 + foreach my $user (@writeusers){
116 + $acl .= 'u:'.$user.':rwX,';
117 + }
118 + foreach my $user (@readusers){
119 + $acl .= 'u:'.$user.':rX,';
120 + }
121
122 # Set the effective ACLs
123 system($setfacl,
124 @@ -144,9 +152,12 @@
125 '--remove-default',
126 '.');
127
128 - foreach my $group (@write,@read){
129 + foreach my $group (@writegroups,@readgroups){
130 $acl .= 'g:'.$group.':rX,';
131 }
132 + foreach my $user (@writeusers,@readusers){
133 + $acl .= 'g:'.$user.':rX,';
134 + }
135
136 system($setfacl,
137 '-m',
138 diff -Nur -x '*.orig' -x '*.rej' smeserver-shared-folders-0.1/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/shares mezzanine_patched_smeserver-shared-folders-0.1/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/shares
139 --- smeserver-shared-folders-0.1/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/shares 2012-02-13 20:08:07.000000000 +0100
140 +++ mezzanine_patched_smeserver-shared-folders-0.1/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/shares 2012-02-11 02:06:41.000000000 +0100
141 @@ -155,7 +155,7 @@
142 <entry>
143 <base>DESC_PERMISSIONS</base>
144 <trans>
145 - You can use this matrix to define groups access permissions.
146 + You can use this matrix to define groups and users access permissions.
147 </trans>
148 </entry>
149
150 @@ -510,4 +510,16 @@
151 </trans>
152 </entry>
153
154 + <entry>
155 + <base>TITLE_PERMISSIONS</base>
156 + <trans>
157 + Access right management
158 + </trans>
159 + </entry>
160 +
161 + <entry>
162 + <base>USERS</base>
163 + <trans>Utilisateurs</trans>
164 + </entry>
165 +
166 </lexicon>
167 diff -Nur -x '*.orig' -x '*.rej' smeserver-shared-folders-0.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares mezzanine_patched_smeserver-shared-folders-0.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares
168 --- smeserver-shared-folders-0.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares 2012-02-13 20:08:07.000000000 +0100
169 +++ mezzanine_patched_smeserver-shared-folders-0.1/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess50shares 2012-02-08 15:17:54.000000000 +0100
170 @@ -16,7 +16,7 @@
171 my $satisfy;
172 my $webdav = (($properties{'WebDav'} || 'disabled') =~ m/^(enabled|on|yes)$/i) ? 1 : 0;
173
174 - # Find which users has at least read access
175 + # Find which users have read or write access
176 my @writers = ('admin');
177 my @readers = ();
178 if ($properties{'WriteGroups'}) {
179 @@ -26,10 +26,14 @@
180 my $members = $adb->get_prop($group, 'Members') || "";
181 if (length($members) > 0) {
182 push @writers, split (/[;,]/, $members);
183 - }
184 + }
185 }
186
187 }
188 + if ($properties{'WriteUsers'}) {
189 + my @users = split (/[;,]/, $properties{'WriteUsers'});
190 + push @writers, @users;
191 + }
192 if ($properties{'ReadGroups'}) {
193 my @groups = split (/[;,]/, $properties{'ReadGroups'});
194
195 @@ -37,10 +41,14 @@
196 my $members = $adb->get_prop($group, 'Members') || "";
197 if (length($members) > 0) {
198 push @readers, split (/[;,]/, $members);
199 - }
200 + }
201 }
202
203 }
204 + if ($properties{'ReadUsers'}) {
205 + my @users = split (/[;,]/, $properties{'ReadUsers'});
206 + push @readers, @users;
207 + }
208
209 my %seen = ();
210 @readers = sort (grep { ! $seen{ $_ }++ } (@readers,@writers));
211 diff -Nur -x '*.orig' -x '*.rej' smeserver-shared-folders-0.1/root/etc/e-smith/web/functions/shares mezzanine_patched_smeserver-shared-folders-0.1/root/etc/e-smith/web/functions/shares
212 --- smeserver-shared-folders-0.1/root/etc/e-smith/web/functions/shares 2012-02-13 20:08:07.000000000 +0100
213 +++ mezzanine_patched_smeserver-shared-folders-0.1/root/etc/e-smith/web/functions/shares 2012-02-11 01:57:28.000000000 +0100
214 @@ -51,16 +51,6 @@
215
216 <field
217 type="literal"
218 - id="perms_desc"
219 - value="">
220 - <description>DESC_PERMISSIONS</description>
221 - </field>
222 - <subroutine src="genGroupAccess()"/>
223 -
224 - <subroutine src="print_section_bar()" />
225 -
226 - <field
227 - type="literal"
228 id="smbdesc"
229 value="">
230 <description>DESC_SMB_SETTINGS</description>
231 @@ -128,5 +118,13 @@
232 <description>REMOVE_DESC</description>
233 <subroutine src="print_share_to_remove()" />
234 </page>
235 + <page name="Permissions" pre-event="turn_off_buttons()" post-event="handle_shares()">
236 + <title>TITLE_PERMISSIONS</title>
237 + <field type="literal" id="descriptiongroup">
238 + <description>DESC_PERMISSIONS</description>
239 + </field>
240 + <subroutine src="acl_list()" />
241 + <subroutine src="print_button('SAVE')" />
242 + </page>
243 </form>
244
245 diff -Nur -x '*.orig' -x '*.rej' smeserver-shared-folders-0.1/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/shares.pm mezzanine_patched_smeserver-shared-folders-0.1/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/shares.pm
246 --- smeserver-shared-folders-0.1/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/shares.pm 2012-02-13 20:08:07.000000000 +0100
247 +++ mezzanine_patched_smeserver-shared-folders-0.1/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/shares.pm 2012-02-11 01:56:52.000000000 +0100
248 @@ -26,7 +26,7 @@
249 print_share_name_field
250 print_encryption_fields
251 print_ajaxplorer_fields
252 - genGroupAccess
253 + acl_list
254 smbAccess_list
255 httpAccess_list
256 max_share_name_length
257 @@ -38,10 +38,9 @@
258 print_section_bar
259 );
260
261 -our $VERSION = sprintf '%d.%03d', q$Revision: 1.8 $ =~ /: (\d+).(\d+)/;
262
263 -our $accountdb = esmith::AccountsDB->open();
264 -our $configdb = esmith::ConfigDB->open();
265 +our $a = esmith::AccountsDB->open();
266 +our $c = esmith::ConfigDB->open();
267
268 *wherenext = \&CGI::FormMagick::wherenext;
269
270 @@ -62,12 +61,12 @@
271 my $name = $self->localise('NAME');
272 my $description = $self->localise('DESCRIPTION');
273 my $modify = $self->localise('MODIFY');
274 + my $perm = $self->localise('PERMISSIONS');
275 my $remove = $self->localise('REMOVE');
276 my $action_h = $self->localise('ACTION');
277 - my @shares = $accountdb->get_all_by_prop(type => 'share');
278 + my @shares = $a->get_all_by_prop(type => 'share');
279
280 - unless ( scalar @shares )
281 - {
282 + unless ( scalar @shares ) {
283 print $q->Tr($q->td($self->localise('NO_SHARES')));
284 return "";
285 }
286 @@ -81,22 +80,25 @@
287
288 my $scriptname = basename($0);
289
290 - foreach my $i (@shares)
291 - {
292 - my $sharename = $i->key();
293 - my $sharedesc = $i->prop('Name');
294 + foreach my $share (@shares) {
295 + my $sharename = $share->key();
296 + my $sharedesc = $share->prop('Name');
297
298 my $href = "shares?page=;page_stack=;wherenext=";
299
300 my $actionModify = $q->a({href => "${href}CreateModify&action=modify&name=$sharename"},$modify)
301 . '&nbsp;';
302
303 + my $actionPerm = $q->a({href => "${href}Permissions&action=permissions&name=$sharename"},$perm)
304 + . '&nbsp;';
305 +
306 my $actionRemove .= $q->a({href => "${href}Remove&name=$sharename&description=$sharedesc"}, $remove)
307 . '&nbsp';
308
309 print $q->Tr (
310 esmith::cgi::genSmallCell($q, $sharename,"normal"),
311 esmith::cgi::genSmallCell($q, $sharedesc,"normal"),
312 + esmith::cgi::genSmallCell($q, $actionPerm,"normal"),
313 esmith::cgi::genSmallCell($q, $actionModify,"normal"),
314 esmith::cgi::genSmallCell($q, $actionRemove,"normal")
315 );
316 @@ -109,58 +111,55 @@
317
318
319 sub print_custom_button{
320 - my ($fm,$desc,$url) = @_;
321 - my $q = $fm->{cgi};
322 - $url="shares?page=0&page_stack=&Next=Next&wherenext=".$url;
323 + my ($self,$desc,$url) = @_;
324 + my $q = $self->{cgi};
325 + $url = "shares?page=0&page_stack=&Next=Next&wherenext=" . $url;
326
327 print " <tr>\n <td colspan='2'>\n";
328 print $q->p($q->a({href => $url, -class => "button-like"},
329 - $fm->localise($desc)));
330 + $self->localise($desc)));
331 print qq(</tr>\n);
332 return undef;
333 }
334
335 sub print_share_to_remove{
336 - my ($fm) = @_;
337 - my $q = $fm->{cgi};
338 + my $self = shift;
339 + my $q = $self->{cgi};
340 my $sharename = $q->param('name');
341 my $desc = $q->param('description');
342
343 print $q->Tr(
344 $q->td(
345 { -class => 'sme-noborders-label' },
346 - $fm->localise('NAME')
347 + $self->localise('NAME')
348 ),
349 $q->td( { -class => 'sme-noborders-content' }, $sharename )
350 - ),
351 - "\n";
352 + ), "\n";
353 print $q->Tr(
354 $q->td(
355 { -class => 'sme-noborders-label' },
356 - $fm->localise('DESCRIPTION')
357 + $self->localise('DESCRIPTION')
358 ),
359 $q->td( { -class => 'sme-noborders-content' }, $desc )
360 - ),
361 - "\n";
362 + ), "\n";
363
364 - print $q->table(
365 + print $q->table(
366 { -width => '100%' },
367 $q->Tr(
368 $q->th(
369 { -class => 'sme-layout' },
370 $q->submit(
371 -name => 'cancel',
372 - -value => $fm->localise('CANCEL')
373 + -value => $self->localise('CANCEL')
374 ),
375 ' ',
376 $q->submit(
377 -name => 'remove',
378 - -value => $fm->localise('REMOVE')
379 + -value => $self->localise('REMOVE')
380 )
381 )
382 )
383 - ),
384 - "\n";
385 + ), "\n";
386
387 # Clear these values to prevent collisions when the page reloads.
388 $q->delete("cancel");
389 @@ -172,12 +171,13 @@
390
391 sub print_share_name_field {
392 my $self = shift;
393 - my $in = $self->{cgi}->param('name') || '';
394 - my $action = $self->{cgi}->param('action') || '';
395 - my $maxLength = $configdb->get('maxShareNameLength')->value || '12';
396 + my $q = $self->{cgi};
397 + my $in = $q->param('name') || '';
398 + my $action = $q->param('action') || '';
399 + my $maxLength = $c->get('maxShareNameLength')->value || '12';
400
401 # Set default value
402 - my $q = $self->{cgi};
403 +
404 $q->param(-name=>'encryption',-value=>'disabled');
405 $q->param(-name=>'inactivity',-value=>'30');
406 $q->param(-name=>'smbaccess',-value=>'browseable');
407 @@ -204,7 +204,7 @@
408 # Read the values for each field from the accounts db and store
409 # them in the cgi object so our form will have the correct
410 # info displayed.
411 - my $rec = $accountdb->get($in);
412 + my $rec = $a->get($in);
413 if ($rec)
414 {
415 $q->param(-name=>'description',-value=>
416 @@ -213,10 +213,6 @@
417 ($rec->prop('Encryption') || 'disabled'));
418 $q->param(-name=>'inactivity',-value=>
419 ($rec->prop('InactivityTimeOut') || '30'));
420 - $q->param(-name=>'ReadGroups',-value=>
421 - $rec->prop('ReadGroups'));
422 - $q->param(-name=>'WriteGroups',-value=>
423 - $rec->prop('WriteGroups'));
424 $q->param(-name=>'smbaccess',-value=>
425 ($rec->prop('smbAccess') || 'enabled'));
426 $q->param(-name=>'recyclebin',-value=>
427 @@ -233,8 +229,6 @@
428 ($rec->prop('Indexes') || 'enabled'));
429 $q->param(-name=>'dynamic',-value=>
430 ($rec->prop('DynamicContent') || 'disabled'));
431 - $q->param(-name=>'manualPerm',-value=>
432 - ($rec->prop('ManualPermissions') || 'no'));
433 }
434 }
435 else {
436 @@ -253,18 +247,19 @@
437 # If EncFS is available, print encryptions options
438 sub print_encryption_fields {
439 my $self = shift;
440 + my $q = $self->{cgi};
441
442 return undef unless(system('rpm -q fuse-encfs 2>&1 > /dev/null') == 0);
443
444 - my $encryption = $self->{cgi}->param('encryption') || 'disabled';
445 - my $action = $self->{cgi}->param('action') || '';
446 + my $encryption = $q->param('encryption') || 'disabled';
447 + my $action = $q->param('action') || '';
448
449 - my $sharename = $self->{cgi}->param('name') || '';
450 + my $sharename = $q->param('name') || '';
451
452 return undef if ($action eq 'modify' && $encryption ne 'enabled');
453
454 - my $inactivity = (($sharename ne '') && ($accountdb->get($sharename))) ?
455 - ($accountdb->get($sharename)->prop('InactivityTimeOut') || '30'):'30';
456 + my $inactivity = (($sharename ne '') && ($a->get($sharename))) ?
457 + ($a->get($sharename)->prop('InactivityTimeOut') || '30'):'30';
458
459 print_section_bar();
460
461 @@ -316,13 +311,13 @@
462
463 # If ajaxplorer is enabled:
464 sub print_ajaxplorer_fields {
465 - my ($self) = @_;
466 - my $ajaxplorer = $configdb->get('ajaxplorer') || return undef;
467 + my $self = shift;
468 + my $ajaxplorer = $c->get('ajaxplorer') || return undef;
469 if (($ajaxplorer->prop('status') || 'disabled') eq 'enabled'){
470 print_section_bar();
471 my ($enabled,$disabled) = ('','');
472 my $sharename = $self->{cgi}->param('name') || '';
473 - my $share = $accountdb->get($sharename);
474 + my $share = $a->get($sharename);
475 # If share exists and Ajxplorer is enabled
476 if ($share){
477 if (($share->prop('Ajaxplorer') || 'disabled') eq 'enabled'){
478 @@ -345,24 +340,31 @@
479 return undef;
480 }
481
482 -# Takes a comma delimited list of groups and returns a string of
483 -# html checkboxes for all system groups with the groups having write and read access.
484 -
485 -sub genGroupAccess () {
486 - my $fm = shift;
487 - my $q = $fm->{cgi};
488 - my $WriteGroups = $q->param('WriteGroups') || '';
489 - my $ReadGroups = $q->param('ReadGroups') || '';
490 - my $share = $q->param('share');
491 - my $manualPerm = $q->param('manualPerm') || '';
492 +# Print a table of users and groups
493 +# having read only or read/write access
494 +sub acl_list () {
495 + my $self = shift;
496 + my $q = $self->{cgi};
497 + my $sharename = $q->param('name');
498 my $out = '';
499
500 + my $share = $a->get($sharename);
501 + return $self->error('SHARE_NOT_FOUND') unless ($share);
502 +
503 + my $WriteGroups = $share->prop('WriteGroups') || '';
504 + my $ReadGroups = $share->prop('ReadGroups') || '';
505 + my $WriteUsers = $share->prop('WriteUsers') || '';
506 + my $ReadUsers = $share->prop('ReadUsers') || '';
507 + my $manualPerm = $share->prop('ManualPermissions') || 'no';
508 +
509 if (($manualPerm eq 'yes') || ($manualPerm eq 'enabled')){
510 - $out .= $fm->localise('MANUAL_PERMS');
511 + $out .= $self->localise('MANUAL_PERMS');
512 }
513
514 my %WriteGroups;
515 my %ReadGroups;
516 + my %WriteUsers;
517 + my %ReadUsers;
518
519 foreach my $group ( split ( /[,;]/, $WriteGroups ) ) {
520 $WriteGroups{$group} = 1;
521 @@ -370,22 +372,31 @@
522 foreach my $group ( split ( /[,;]/, $ReadGroups ) ) {
523 $ReadGroups{$group} = 1;
524 }
525 - my @groups = sort { $a->key() cmp $b->key() } $accountdb->groups();
526 + foreach my $user ( split ( /[,;]/, $WriteUsers ) ) {
527 + $WriteUsers{$user} = 1;
528 + }
529 + foreach my $user ( split ( /[,;]/, $ReadUsers ) ) {
530 + $ReadUsers{$user} = 1;
531 + }
532 + my @groups = sort { $a->key() cmp $b->key() } $a->groups();
533 + my @users = sort { $a->key() cmp $b->key() } $a->users();
534
535 $out .= "<tr><td class=\"sme-noborders-label\">" .
536 - $fm->localise('PERMISSIONS') .
537 + $self->localise('PERMISSIONS') .
538 "</td><td>\n".
539 $q->start_table({-class => "sme-border"})."\n".
540 $q->Tr(
541 - esmith::cgi::genSmallCell($q, $fm->localise('GROUPS'),"header"),
542 - esmith::cgi::genSmallCell($q, $fm->localise('WRITE_PERM'),"header"),
543 - esmith::cgi::genSmallCell($q, $fm->localise('READ_PERM'),"header")
544 + esmith::cgi::genSmallCell($q, $self->localise('GROUPS'),"header"),
545 + esmith::cgi::genSmallCell($q, $self->localise('DESCRIPTION'),"header"),
546 + esmith::cgi::genSmallCell($q, $self->localise('WRITE_PERM'),"header"),
547 + esmith::cgi::genSmallCell($q, $self->localise('READ_PERM'),"header")
548 );
549
550 foreach my $group (@groups) {
551 my $write = "";
552 my $read = "";
553 my $name = $group->key();
554 + my $desc = $group->prop('Description');
555 if ( $WriteGroups{$name} ) {
556 $write = "checked";
557 }
558 @@ -395,23 +406,56 @@
559
560 $out .= $q->Tr(
561 esmith::cgi::genSmallCell($q, $name, "normal"),
562 + esmith::cgi::genSmallCell($q, $desc, "normal"),
563
564 esmith::cgi::genSmallCell($q,"<input type=\"checkbox\""
565 - . " name=\"write\""
566 + . " name=\"writegroup\""
567 . " $write value=\"$name\">", "normal"),
568 esmith::cgi::genSmallCell($q,"<input type=\"checkbox\""
569 - . " name=\"read\""
570 + . " name=\"readgroup\""
571 . " $read value=\"$name\">", "normal")
572 );
573 }
574
575 + $out .= $q->Tr(
576 + esmith::cgi::genSmallCell($q, $self->localise('USERS'),"header"),
577 + esmith::cgi::genSmallCell($q, $self->localise('DESCRIPTION'),"header"),
578 + esmith::cgi::genSmallCell($q, $self->localise('WRITE_PERM'),"header"),
579 + esmith::cgi::genSmallCell($q, $self->localise('READ_PERM'),"header")
580 + );
581 +
582 + foreach my $user (@users) {
583 + my $write = "";
584 + my $read = "";
585 + my $name = $user->key();
586 + my $desc = $user->prop('FirstName') . ' ' . $user->prop('LastName');
587 + if ( $WriteUsers{$name} ) {
588 + $write = "checked";
589 + }
590 + if ( $ReadUsers{$name} ) {
591 + $read = "checked";
592 + }
593 +
594 + $out .= $q->Tr(
595 + esmith::cgi::genSmallCell($q, $name, "normal"),
596 + esmith::cgi::genSmallCell($q, $desc, "normal"),
597 +
598 + esmith::cgi::genSmallCell($q,"<input type=\"checkbox\""
599 + . " name=\"writeuser\""
600 + . " $write value=\"$name\">", "normal"),
601 + esmith::cgi::genSmallCell($q,"<input type=\"checkbox\""
602 + . " name=\"readuser\""
603 + . " $read value=\"$name\">", "normal")
604 + );
605 + }
606 +
607 $out .= "</table></td></tr>\n";
608 return $out;
609 }
610
611 # Print a section bar
612 sub print_section_bar{
613 - my ($fm) = @_;
614 + my $self = shift;
615 print " <tr>\n <td colspan='2'>\n";
616 print "<hr class=\"sectionbar\"/>\n";
617 return undef;
618 @@ -423,8 +467,8 @@
619
620 sub smbAccess_list {
621 return {
622 - 'none' => 'NONE',
623 - 'browseable' => 'ENABLED_BROWSEABLE',
624 + 'none' => 'NONE',
625 + 'browseable' => 'ENABLED_BROWSEABLE',
626 'non-browseable' => 'ENABLED_NON_BROWSEABLE',
627 };
628 }
629 @@ -453,12 +497,13 @@
630
631 sub max_share_name_length {
632 my ($self, $data) = @_;
633 - $configdb->reload();
634 - my $max = $configdb->get('maxShareNameLength')->value || '12';
635 + $c->reload();
636 + my $max = $c->get('maxShareNameLength')->value || '12';
637
638 if (length($data) <= $max) {
639 return "OK";
640 - } else {
641 + }
642 + else {
643 return $self->localise("MAX_SHARE_NAME_LENGTH_ERROR",
644 {acctName => $data,
645 maxShareNameLength => $max,
646 @@ -466,46 +511,20 @@
647 }
648 }
649
650 -
651 -# Check the proposed name for clashes with existing pseudonyms or other
652 -# accounts of any type.
653 -
654 -sub conflict_check
655 -{
656 - my ($self, $name) = @_;
657 - my $rec = $accountdb->get($name);
658 -
659 - my $type;
660 - if (defined $rec){
661 - my $type = $rec->prop('type');
662 - if ($type eq "pseudonym"){
663 - my $acct = $rec->prop("Account");
664 - my $acct_type = $accountdb->get($acct)->prop('type');
665 -
666 - return $self->localise('ACCT_CLASHES_WITH_PSEUDONYM',
667 - {acctName => $name, acctType => $acct_type, acct => $acct});
668 - }
669 - }
670 - elsif (defined getpwnam($name) || defined getgrnam($name)){
671 - $type = 'system';
672 - }
673 - else{
674 - # No account record and no account
675 - return 'OK';
676 - }
677 - return $self->localise('ACCOUNT_EXISTS',
678 - {acctName => $name, acctType => $type});
679 -}
680 -
681 # Call the create or modify routine
682
683 sub handle_shares {
684 - my ($self) = @_;
685 -
686 + my $self = shift;
687 + my $q = $self->{cgi};
688 + my $action = $q->param("action") || '';
689
690 - if ($self->cgi->param("action") eq "create") {
691 + if ($action eq "create") {
692 $self->create_share();
693 - } else {
694 + }
695 + elsif ($action eq 'permissions'){
696 + $self->modify_perm();
697 + }
698 + else {
699 $self->modify_share();
700 }
701 }
702 @@ -513,12 +532,13 @@
703 # Print save or add button
704
705 sub print_save_or_add_button {
706 - my ($self) = @_;
707 + my $self = shift;
708
709 my $action = $self->cgi->param("action") || '';
710 if ($action eq "modify") {
711 $self->print_button("SAVE");
712 - } else {
713 + }
714 + else {
715 $self->print_button("ADD");
716 }
717
718 @@ -527,79 +547,54 @@
719 # Create a new shared folder
720
721 sub create_share {
722 - my ($self) = @_;
723 - my $name = $self->cgi->param('name');
724 - my $encryption = $self->cgi->param('encryption') || 'disabled';
725 - my $password = $self->cgi->param('password');
726 - my $password2 = $self->cgi->param('password2');
727 + my $self = shift;
728 + my $q = $self->{cgi};
729 + my $name = $q->param('name');
730 + my $encryption = $q->param('encryption') || 'disabled';
731 + my $password = $q->param('password');
732 + my $password2 = $q->param('password2');
733
734 my $msg = $self->validate_name($name);
735 - unless ($msg eq "OK")
736 - {
737 +
738 + unless ($msg eq "OK") {
739 return $self->error($msg);
740 }
741
742 $msg = $self->max_share_name_length($name);
743 - unless ($msg eq "OK")
744 - {
745 +
746 + unless ($msg eq "OK") {
747 return $self->error($msg);
748 }
749
750 $msg = $self->conflict_check($name);
751 - unless ($msg eq "OK")
752 - {
753 + unless ($msg eq "OK") {
754 return $self->error($msg);
755 }
756
757 $msg = ($encryption eq 'enabled') ? $self->confirm_password($password,$password2) : 'OK';
758 - unless ($msg eq "OK")
759 - {
760 + unless ($msg eq "OK") {
761 return $self->error($msg);
762 }
763
764 - my @WriteGroups = $self->cgi->param('write');
765 - my $WriteGroups = join(",",@WriteGroups);
766 - my @ReadGroups = $self->cgi->param('read');
767 - my @CleanReadGroups = ();
768 -
769 - # EncFS doesn't expose underlying ACLs
770 - # So, just remove any read only groups
771 - # Read Only is not supported with encryption
772 - if ($encryption ne 'enabled'){
773 - # Remove from ReadGroups the groups in WriteGroups
774 - # So ACL are consistent
775 - foreach my $read (@ReadGroups){
776 - my $isInWrite = 0;
777 - foreach (@WriteGroups){
778 - $isInWrite = 1 if ($_ eq $read);
779 - }
780 - push (@CleanReadGroups, $read) unless ($isInWrite);
781 - }
782 - }
783 - my $ReadGroups = join(",",@CleanReadGroups);
784 -
785 - if (my $acct = $accountdb->new_record($name, {
786 - Name => $self->cgi->param('description'),
787 + if (my $acct = $a->new_record($name, {
788 + Name => $q->param('description'),
789 Encryption => $encryption,
790 - InactivityTimeOut => ($self->cgi->param('inactivity') || ''),
791 - WriteGroups => $WriteGroups,
792 - ReadGroups => $ReadGroups,
793 - RecycleBin => $self->cgi->param('recyclebin'),
794 - RecycleBinRetention => $self->cgi->param('retention'),
795 - smbAccess => $self->cgi->param('smbaccess'),
796 - httpAccess => $self->cgi->param('httpaccess'),
797 - WebDav => $self->cgi->param('webdav'),
798 - Ajaxplorer => ($self->cgi->param('ajaxplorer') || 'disabled'),
799 - RequireSSL => $self->cgi->param('requireSSL'),
800 - Indexes => $self->cgi->param('indexes'),
801 - DynamicContent => $self->cgi->param('dynamic'),
802 + InactivityTimeOut => ($q->param('inactivity') || ''),
803 + RecycleBin => $q->param('recyclebin'),
804 + RecycleBinRetention => $q->param('retention'),
805 + smbAccess => $q->param('smbaccess'),
806 + httpAccess => $q->param('httpaccess'),
807 + WebDav => $q->param('webdav'),
808 + Ajaxplorer => ($q->param('ajaxplorer') || 'disabled'),
809 + RequireSSL => $q->param('requireSSL'),
810 + Indexes => $q->param('indexes'),
811 + DynamicContent => $q->param('dynamic'),
812 type => 'share',
813 - }) )
814 - {
815 + }) ) {
816 # Untaint $name before use in system()
817 $name =~ /(.+)/; $name = $1;
818
819 - if ($encryption eq 'enabled'){
820 + if ($encryption eq 'enabled') {
821 my $source = '/home/e-smith/files/shares/' . $name . '/.store';
822 my $dest = '/home/e-smith/files/shares/' . $name . '/files';
823 File::Path::mkpath ($source);
824 @@ -614,10 +609,12 @@
825
826 if (system ("/sbin/e-smith/signal-event", "share-create", $name) == 0) {
827 $self->success("SUCCESSFULLY_CREATED_SHARE");
828 - } else {
829 + }
830 + else {
831 $self->error("ERROR_WHILE_CREATING_SHARE");
832 }
833 - } else {
834 + }
835 + else {
836 $self->error('CANT_CREATE_SHARE');
837 }
838 }
839 @@ -625,118 +622,155 @@
840 # Modify a share.
841 # This sub shares a lot of code with create share
842 # It should be merged
843 -
844 sub modify_share {
845 - my ($self) = @_;
846 - my $name = $self->cgi->param('name');
847 - if (my $acct = $accountdb->get($name)) {
848 - if ($acct->prop('type') eq 'share') {
849 - my $encryption = $self->cgi->param('encryption');
850 - my @WriteGroups = $self->cgi->param('write');
851 - my $WriteGroups = join(",",@WriteGroups);
852 - my @ReadGroups = $self->cgi->param('read');
853 - my @CleanReadGroups = ();
854 -
855 - # EncFS doesn't expose underlying ACLs
856 - # So, just remove any read only groups
857 - # Read Only is not supported with encryption
858 - if ($encryption ne 'enabled'){
859 - foreach my $read (@ReadGroups){
860 - my $isInWrite = 0;
861 - foreach (@WriteGroups){
862 - $isInWrite = 1 if ($_ eq $read);
863 - }
864 - push (@CleanReadGroups, $read) unless ($isInWrite);
865 - }
866 - }
867 - my $ReadGroups = join(",",@CleanReadGroups);
868 + my $self = shift;
869 + my $q = $self->{cgi};
870 + my $name = $q->param('name');
871 + my $acct = $a->get($name);
872
873 - $acct->merge_props(
874 - Name => $self->cgi->param('description'),
875 - InactivityTimeOut => ($self->cgi->param('inactivity') || ''),
876 - WriteGroups => $WriteGroups,
877 - ReadGroups => $ReadGroups,
878 - RecycleBin => $self->cgi->param('recyclebin'),
879 - RecycleBinRetention => $self->cgi->param('retention'),
880 - smbAccess => $self->cgi->param('smbaccess'),
881 - httpAccess => $self->cgi->param('httpaccess'),
882 - WebDav => $self->cgi->param('webdav'),
883 - Ajaxplorer => ($self->cgi->param('ajaxplorer') || 'disabled'),
884 - RequireSSL => $self->cgi->param('requireSSL'),
885 - Indexes => $self->cgi->param('indexes'),
886 - DynamicContent => $self->cgi->param('dynamic'),
887 - );
888 + return $self->error('CANT_FIND_SHARE') unless($acct && $acct->prop('type') eq 'share');
889
890 - # Untaint $name before use in system()
891 - $name =~ /(.+)/; $name = $1;
892 - if (system ("/sbin/e-smith/signal-event", "share-modify",
893 - $name) == 0)
894 - {
895 - $self->success("SUCCESSFULLY_MODIFIED_SHARE");
896 - } else {
897 - $self->error("ERROR_WHILE_MODIFYING_SHARE");
898 - }
899 - } else {
900 - $self->error('CANT_FIND_SHARE');
901 - }
902 - } else {
903 - $self->error('CANT_FIND_SHARE');
904 + $acct->merge_props(
905 + Name => $q->param('description'),
906 + InactivityTimeOut => ($q->param('inactivity') || ''),
907 + RecycleBin => $q->param('recyclebin'),
908 + RecycleBinRetention => $q->param('retention'),
909 + smbAccess => $q->param('smbaccess'),
910 + httpAccess => $q->param('httpaccess'),
911 + WebDav => $q->param('webdav'),
912 + Ajaxplorer => ($q->param('ajaxplorer') || 'disabled'),
913 + RequireSSL => $q->param('requireSSL'),
914 + Indexes => $q->param('indexes'),
915 + DynamicContent => $q->param('dynamic'),
916 + );
917 +
918 + # Untaint $name before use in system()
919 + $name =~ /(.+)/; $name = $1;
920 + if (system ("/sbin/e-smith/signal-event", "share-modify", $name) == 0) {
921 + $self->success("SUCCESSFULLY_MODIFIED_SHARE");
922 }
923 + else {
924 + $self->error("ERROR_WHILE_MODIFYING_SHARE");
925 + }
926 + return undef;
927 }
928
929 -# Remove a share
930 +sub modify_perm {
931 + my $self = shift;
932 + my $q = $self->{cgi};
933 + my $name = $q->param('name');
934 + my $acct = $a->get($name);
935
936 -sub remove_share {
937 - my ($self) = @_;
938 - my $name = $self->cgi->param('name');
939 - unless ($self->cgi->param('cancel')){
940 - if (my $acct = $accountdb->get($name)) {
941 - if ($acct->prop('type') eq 'share') {
942 - # Untaint $name before use in system()
943 - $name =~ /(.+)/; $name = $1;
944 - my $encryption = $acct->prop('Encryption') || 'disabled';
945 - my $mountstatus = `/bin/mount | grep /home/e-smith/files/shares/$name/ | grep -c fuse`;
946 - chomp($mountstatus);
947 - if (($encryption eq 'enabled') && ($mountstatus eq '1')){
948 - $self->error("ERROR_ENCRYPTED_ENABLED");
949 - return undef;
950 - }
951 -
952 - $acct->set_prop('type', 'share-deleted');
953 -
954 - if (system ("/sbin/e-smith/signal-event", "share-delete", $name) == 0) {
955 - $self->success("SUCCESSFULLY_DELETED_SHARE");
956 - $acct->delete();
957 - }
958 - else {
959 - $self->error("ERROR_WHILE_DELETING_SHARE");
960 - }
961 - }
962 - else {
963 - $self->error('CANT_FIND_SHARE');
964 - }
965 + return $self->error('CANT_FIND_SHARE') unless($acct && $acct->prop('type') eq 'share');
966 +
967 + my $encryption = $acct->prop('Encryption') || 'disabled';
968 +
969 + my $WriteGroups = join(",", $q->param('writegroup'));
970 + my $WriteUsers = join(",", $q->param('writeuser'));
971
972 + my @CleanReadGroups = ();
973 + my @CleanReadUsers = ();
974 +
975 + # EncFS doesn't expose underlying ACLs
976 + # So, just remove any read only groups
977 + # Read Only is not supported with encryption
978 + if ($encryption ne 'enabled'){
979 + # No need to have read access if write is already granted
980 + foreach my $group ($q->param('readgroup')){
981 + push (@CleanReadGroups, $group) unless (grep { $_ eq $group } $q->param('writegroup'));
982 }
983 - else {
984 - $self->error('CANT_FIND_SHARE');
985 + foreach my $user ($q->param('readuser')){
986 + push (@CleanReadUsers, $user) unless (grep { $_ eq $user } $q->param('writeuser'));
987 }
988 }
989 - else{
990 - $self->error('CANCELED','First');
991 + my $ReadGroups = join(",",@CleanReadGroups);
992 + my $ReadUsers = join(",",@CleanReadUsers);
993 +
994 + $acct->merge_props(
995 + WriteGroups => $WriteGroups,
996 + ReadGroups => $ReadGroups,
997 + WriteUsers => $WriteUsers,
998 + ReadUsers => $ReadUsers,
999 + );
1000 +
1001 + # Untaint $name before use in system()
1002 + $name =~ /(.+)/; $name = $1;
1003 + if (system ("/sbin/e-smith/signal-event", "share-modify", $name) == 0) {
1004 + $self->success("SUCCESSFULLY_MODIFIED_SHARE");
1005 + }
1006 + else {
1007 + $self->error("ERROR_WHILE_MODIFYING_SHARE");
1008 }
1009 return undef;
1010 }
1011
1012 +# Remove a share
1013 +sub remove_share {
1014 + my $self = shift;
1015 + my $q = $self->{cgi};
1016 + my $name = $q->param('name');
1017 + my $acct = $a->get($name);
1018 + return $self->error('CANCELED','First') if ($q->param('cancel'));
1019 + return $self->error('CANT_FIND_SHARE') unless ($acct && $acct->prop('type') eq 'share');
1020 +
1021 + # Untaint $name before use in system()
1022 + $name =~ /(.+)/; $name = $1;
1023 + my $encryption = $acct->prop('Encryption') || 'disabled';
1024 + my $mountstatus = `/bin/mount | grep /home/e-smith/files/shares/$name/ | grep -c fuse`;
1025 + chomp($mountstatus);
1026 +
1027 + if (($encryption eq 'enabled') && ($mountstatus eq '1')){
1028 + $self->error("ERROR_ENCRYPTED_ENABLED");
1029 + return undef;
1030 + }
1031 +
1032 + $acct->set_prop('type', 'share-deleted');
1033 +
1034 + if (system ("/sbin/e-smith/signal-event", "share-delete", $name) == 0) {
1035 + $self->success("SUCCESSFULLY_DELETED_SHARE");
1036 + $acct->delete();
1037 + }
1038 + else {
1039 + $self->error("ERROR_WHILE_DELETING_SHARE");
1040 + }
1041 + return undef;
1042 +}
1043 +
1044 +# Check the proposed name for clashes with existing pseudonyms or other
1045 +# accounts of any type.
1046 +
1047 +sub conflict_check {
1048 + my ($self, $name) = @_;
1049 + my $rec = $a->get($name);
1050 +
1051 + my $type;
1052 + if (defined $rec){
1053 + my $type = $rec->prop('type');
1054 + if ($type eq "pseudonym"){
1055 + my $acct = $rec->prop("Account");
1056 + my $acct_type = $a->get($acct)->prop('type');
1057 +
1058 + return $self->localise('ACCT_CLASHES_WITH_PSEUDONYM',
1059 + {acctName => $name, acctType => $acct_type, acct => $acct});
1060 + }
1061 + }
1062 + elsif (defined getpwnam($name) || defined getgrnam($name)){
1063 + $type = 'system';
1064 + }
1065 + else{
1066 + # No account record and no account
1067 + return 'OK';
1068 + }
1069 + return $self->localise('ACCOUNT_EXISTS',
1070 + {acctName => $name, acctType => $type});
1071 +}
1072
1073 # Checks that the name supplied does not contain any unacceptable chars.
1074 # Returns OK on success or a localised error message otherwise.
1075 -
1076 -sub validate_name
1077 -{
1078 +sub validate_name {
1079 my ($self, $acctName) = @_;
1080
1081 - unless ($acctName =~ /^([a-z][\_\.\-a-z0-9]*)$/)
1082 - {
1083 + unless ($acctName =~ /^([a-z][\_\.\-a-z0-9]*)$/){
1084 return $self->localise('ACCT_NAME_HAS_INVALID_CHARS',
1085 {acctName => $acctName});
1086 }
1087 @@ -744,13 +778,10 @@
1088 }
1089
1090 # Check if inactivity is a number
1091 -
1092 -sub validate_inactivity
1093 -{
1094 +sub validate_inactivity {
1095 my ($self, $inac) = @_;
1096
1097 - unless ($inac =~ /^\d+$/)
1098 - {
1099 + unless ($inac =~ /^\d+$/){
1100 return $self->localise('INVALID_INACTIVITY',
1101 {inactivity => $inac});
1102 }
1103 @@ -759,9 +790,7 @@
1104
1105 # Check if both passwords match
1106 # and are more than 8 chars
1107 -
1108 -sub confirm_password
1109 -{
1110 +sub confirm_password {
1111
1112 my ($self, $pass1, $pass2) = @_;
1113

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed