/[smecontribs]/rpms/smeserver-shared-folders/contribs8/smeserver-shared-folders-0.1-encfs.patch
ViewVC logotype

Annotation of /rpms/smeserver-shared-folders/contribs8/smeserver-shared-folders-0.1-encfs.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (hide annotations) (download)
Sun Mar 3 22:04:39 2013 UTC (11 years, 9 months ago) by unnilennium
Branch: MAIN
CVS Tags: smeserver-shared-folders-0_1-80_el5_sme, smeserver-shared-folders-0_1-83_el5_sme, smeserver-shared-folders-0_1-84_el5_sme, smeserver-shared-folders-0_1-82_el5_sme, smeserver-shared-folders-0_1-87_el5_sme, smeserver-shared-folders-0_1-86_el5_sme, smeserver-shared-folders-0_1-81_el5_sme, smeserver-shared-folders-0_1-85_el5_sme, smeserver-shared-folders-0_1-79_el5_sme, HEAD
Initial import

1 unnilennium 1.1 diff -Nur smeserver-shared-folders-0.1/createlinks smeserver-shared-folders-0.1_encfs/createlinks
2     --- smeserver-shared-folders-0.1/createlinks 2011-05-06 10:47:47.000000000 +0200
3     +++ smeserver-shared-folders-0.1_encfs/createlinks 2011-05-06 15:11:02.000000000 +0200
4     @@ -8,6 +8,7 @@
5     my $panel = "manager";
6    
7     panel_link("shares", $panel);
8     +panel_link("userpanel-encfs", $panel);
9    
10     #--------------------------------------------------
11     # actions for group-delete event
12     diff -Nur smeserver-shared-folders-0.1/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/shares smeserver-shared-folders-0.1_encfs/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/shares
13     --- smeserver-shared-folders-0.1/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/shares 2011-05-06 10:47:47.000000000 +0200
14     +++ smeserver-shared-folders-0.1_encfs/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/shares 2011-05-06 16:23:05.000000000 +0200
15     @@ -411,4 +411,75 @@
16     <![CDATA[<span style="color:red">Permissions on this shared folder are managed manually, modifications will only affect web access if a password is required.</span><br><br>]]>
17     </trans>
18     </entry>
19     +
20     + <entry>
21     + <base>DESC_ENCRYPTION</base>
22     + <trans>
23     + The followings options let you protect your data. If encryption is enabled, the data will never be stored in clear text on the server. Your share will either be "available" (data will appear as clear text, encryption/decryption is done on the fly), or protected (only the ciphered data is available on the server). Encryption can only be set at shared folder creation time. Also, read only groups are not supported with encrypted shared folders. If you enable encryption, only members of groups with read/write privileges will be able to access this share.
24     + </trans>
25     + </entry>
26     +
27     + <entry>
28     + <base>LABEL_ENCRYPTION</base>
29     + <trans>
30     + Encryption
31     + </trans>
32     + </entry>
33     +
34     + <entry>
35     + <base>DESC_PASSWORD</base>
36     + <trans>
37     + You need to choose a password to protect your data. This password must be at least 8 characters long. Do not loose this password. If you forget it, your data will be lost because there's no way to recover it.
38     + </trans>
39     + </entry>
40     +
41     + <entry>
42     + <base>LABEL_PASSWORD</base>
43     + <trans>
44     + Password
45     + </trans>
46     + </entry>
47     +
48     + <entry>
49     + <base>LABEL_PASSWORD2</base>
50     + <trans>
51     + Password (confirmation)
52     + </trans>
53     + </entry>
54     +
55     + <entry>
56     + <base>DESC_INACTIVITY</base>
57     + <trans>
58     + To provide additionnal security, you can set an inactivity time out (in minutes). When the data is available, if nobody access it for this period of time, the data will go back to protected mode automatically.
59     + </trans>
60     + </entry>
61     +
62     + <entry>
63     + <base>ERROR_WITH_ENCRYPTION</base>
64     + <trans>
65     + An error occured while performing initial folder encryption
66     + </trans>
67     + </entry>
68     +
69     + <entry>
70     + <base>INVALID_INACTIVITY</base>
71     + <trans>
72     + Inactivity value must be numbers only
73     + </trans>
74     + </entry>
75     +
76     + <entry>
77     + <base>PASSWORD_MISMATCH</base>
78     + <trans>
79     + Passwords don't match
80     + </trans>
81     + </entry>
82     +
83     + <entry>
84     + <base>PASSWORD_TOO_SHORT</base>
85     + <trans>
86     + Password is too short, please use at least 8 characters
87     + </trans>
88     + </entry>
89     +
90     </lexicon>
91     diff -Nur smeserver-shared-folders-0.1/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/userpanel-encfs smeserver-shared-folders-0.1_encfs/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/userpanel-encfs
92     --- smeserver-shared-folders-0.1/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/userpanel-encfs 1970-01-01 01:00:00.000000000 +0100
93     +++ smeserver-shared-folders-0.1_encfs/root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/userpanel-encfs 2011-05-06 15:34:51.000000000 +0200
94     @@ -0,0 +1,58 @@
95     +<lexicon lang="en-us" params="getExtraParams()">
96     + <entry>
97     + <base>FORM_TITLE</base>
98     + <trans>Shared Folders Encryption</trans>
99     + </entry>
100     + <entry>
101     + <base>Shared Folders Encryption</base>
102     + <trans>Shared Folders Encryption</trans>
103     + </entry>
104     + <entry>
105     + <base>FIRSTPAGE_DESC</base>
106     + <trans>This panel lets you enable enrypted shared folder access.</trans>
107     + </entry>
108     + <entry>
109     + <base>STATUS</base>
110     + <trans>Status</trans>
111     + </entry>
112     + <entry>
113     + <base>MOUNTED</base>
114     + <trans>Enabled</trans>
115     + </entry>
116     + <entry>
117     + <base>NOT_MOUNTED</base>
118     + <trans>Protected</trans>
119     + </entry>
120     + <entry>
121     + <base>MOUNT</base>
122     + <trans>Enable</trans>
123     + </entry>
124     + <entry>
125     + <base>UMOUNT</base>
126     + <trans>Protect</trans>
127     + </entry>
128     + <entry>
129     + <base>ERROR_MOUNTING</base>
130     + <trans>An error occured. Check that you have the correct password.</trans>
131     + </entry>
132     + <entry>
133     + <base>UMOUNT_DESC</base>
134     + <trans>Are you sure you want to protect this shared folder ? Once protected, the content won't be accessible until re-enabled with the associated password.</trans>
135     + </entry>
136     + <entry>
137     + <base>MOUNT_DESC</base>
138     + <trans>You have to enter the password to make this folder's content available.</trans>
139     + </entry>
140     + <entry>
141     + <base>LABEL_MOUNT_PASSWORD</base>
142     + <trans>Password</trans>
143     + </entry>
144     + <entry>
145     + <base>VALIDATE</base>
146     + <trans>Validate</trans>
147     + </entry>
148     + <entry>
149     + <base>NO_ENCRYPTED_SHARE</base>
150     + <trans>No encrypted share configured</trans>
151     + </entry>
152     +</lexicon>
153     diff -Nur smeserver-shared-folders-0.1/root/etc/e-smith/web/functions/shares smeserver-shared-folders-0.1_encfs/root/etc/e-smith/web/functions/shares
154     --- smeserver-shared-folders-0.1/root/etc/e-smith/web/functions/shares 2011-05-06 10:47:47.000000000 +0200
155     +++ smeserver-shared-folders-0.1_encfs/root/etc/e-smith/web/functions/shares 2011-05-06 15:26:27.000000000 +0200
156     @@ -4,9 +4,10 @@
157     #----------------------------------------------------------------------
158     # heading : Collaboration
159     # description : Shared Folders
160     -# navigation : 2000 2500
161     +# navigation : 2000 2600
162     #
163     -# Copyright (c) 2001 Mitel Networks Corporation
164     +# Copyright (c) 2009 - 2011 Firewall-Services
165     +# daniel@firewall-services.com
166     #
167     # This program is free software; you can redistribute it and/or modify
168     # it under the terms of the GNU General Public License as published by
169     @@ -22,8 +23,6 @@
170     # along with this program; if not, write to the Free Software
171     # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
172     #
173     -# Technical support for this program is available from e-smith, inc.
174     -# Please visit our web site www.e-smith.com for details.
175     #----------------------------------------------------------------------
176    
177     use strict;
178     @@ -118,6 +117,15 @@
179     <label>LABEL_DYNAMIC_CONTENT</label>
180     </field>
181    
182     + <subroutine src="print_section_bar()" />
183     +
184     + <subroutine src="print_encryption_fields()" />
185     + <field type="text" id="inactivity" validation="validate_inactivity">
186     + <description>DESC_INACTIVITY</description>
187     + <label>INACTIVITY</label>
188     + </field>
189     +
190     +
191     <subroutine src="print_save_or_add_button()" />
192     </page>
193     <page name="Remove" pre-event="turn_off_buttons()" post-event="remove_share()">
194     diff -Nur smeserver-shared-folders-0.1/root/etc/e-smith/web/functions/userpanel-encfs smeserver-shared-folders-0.1_encfs/root/etc/e-smith/web/functions/userpanel-encfs
195     --- smeserver-shared-folders-0.1/root/etc/e-smith/web/functions/userpanel-encfs 1970-01-01 01:00:00.000000000 +0100
196     +++ smeserver-shared-folders-0.1_encfs/root/etc/e-smith/web/functions/userpanel-encfs 2011-05-06 15:26:45.000000000 +0200
197     @@ -0,0 +1,56 @@
198     +#!/usr/bin/perl -wT
199     +
200     +# vim: ft=xml ts=4 sw=4 et:
201     +#----------------------------------------------------------------------
202     +# heading : Collaboration
203     +# description : Shared Folders Encryption
204     +# navigation : 2000 2700
205     +#
206     +# Copyright (c) 2011 Firewall-Services
207     +# daniel@firewall-services.com
208     +#
209     +# This program is free software; you can redistribute it and/or modify
210     +# it under the terms of the GNU General Public License as published by
211     +# the Free Software Foundation; either version 2 of the License, or
212     +# (at your option) any later version.
213     +#
214     +# This program is distributed in the hope that it will be useful,
215     +# but WITHOUT ANY WARRANTY; without even the implied warranty of
216     +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
217     +# GNU General Public License for more details.
218     +#
219     +# You should have received a copy of the GNU General Public License
220     +# along with this program; if not, write to the Free Software
221     +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
222     +#
223     +#----------------------------------------------------------------------
224     +
225     +use strict;
226     +use esmith::FormMagick::Panel::userpanelEncfs;
227     +
228     +my $fm = esmith::FormMagick::Panel::userpanelEncfs->new();
229     +$fm->display();
230     +
231     +__DATA__
232     +<form title="FORM_TITLE" header="/etc/e-smith/web/common/head.tmpl" footer="/etc/e-smith/web/common/foot.tmpl">
233     + <page name="First" pre-event="print_status_message()">
234     + <description>FIRSTPAGE_DESC</description>
235     + <subroutine src="print_share_table()" />
236     + </page>
237     + <page name="Mount" pre-event="turn_off_buttons()" post-event="mount_encfs()">
238     + <description>MOUNT_DESC</description>
239     + <field
240     + type="password"
241     + id="password"
242     + value="">
243     + <label>LABEL_MOUNT_PASSWORD</label>
244     + </field>
245     + <subroutine src="print_button('VALIDATE')"/>
246     + </page>
247     + <page name="Umount" pre-event="turn_off_buttons()" post-event="umount_encfs()">
248     + <description>UMOUNT_DESC</description>
249     + <subroutine src="print_button('VALIDATE')"/>
250     + </page>
251     +</form>
252     +
253     +
254     diff -Nur smeserver-shared-folders-0.1/root/etc/sysconfig/modules/fuse.modules smeserver-shared-folders-0.1_encfs/root/etc/sysconfig/modules/fuse.modules
255     --- smeserver-shared-folders-0.1/root/etc/sysconfig/modules/fuse.modules 1970-01-01 01:00:00.000000000 +0100
256     +++ smeserver-shared-folders-0.1_encfs/root/etc/sysconfig/modules/fuse.modules 2011-05-06 15:28:48.000000000 +0200
257     @@ -0,0 +1,2 @@
258     +#!/bin/sh
259     +modprobe fuse > /dev/null 2>&1
260     diff -Nur smeserver-shared-folders-0.1/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/shares.pm smeserver-shared-folders-0.1_encfs/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/shares.pm
261     --- smeserver-shared-folders-0.1/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/shares.pm 2011-05-06 10:47:47.000000000 +0200
262     +++ smeserver-shared-folders-0.1_encfs/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/shares.pm 2011-05-06 16:33:09.000000000 +0200
263     @@ -14,6 +14,7 @@
264     use esmith::DomainsDB;
265     use esmith::cgi;
266     use esmith::util;
267     +use File::Path;
268     use File::Basename;
269     use Exporter;
270     use Carp;
271     @@ -23,6 +24,7 @@
272     our @EXPORT = qw(
273     print_share_table
274     print_share_name_field
275     + print_encryption_fields
276     genGroupAccess
277     smbAccess_list
278     httpAccess_list
279     @@ -175,6 +177,8 @@
280    
281     # Set default value
282     my $q = $self->{cgi};
283     + $q->param(-name=>'encryption',-value=>'disabled');
284     + $q->param(-name=>'inactivity',-value=>'30');
285     $q->param(-name=>'smbaccess',-value=>'browseable');
286     $q->param(-name=>'recyclebin',-value=>'disabled');
287     $q->param(-name=>'retention',-value=>'unlimited');
288     @@ -204,6 +208,10 @@
289     {
290     $q->param(-name=>'description',-value=>
291     $rec->prop('Name'));
292     + $q->param(-name=>'encryption',-value=>
293     + ($rec->prop('Encryption') || 'disabled'));
294     + $q->param(-name=>'inactivity',-value=>
295     + ($rec->prop('InactivityTimeOut') || '30'));
296     $q->param(-name=>'ReadGroups',-value=>
297     $rec->prop('ReadGroups'));
298     $q->param(-name=>'WriteGroups',-value=>
299     @@ -242,12 +250,55 @@
300     }
301    
302    
303     +sub print_encryption_fields {
304     + my $self = shift;
305     + my $encryption = $self->{cgi}->param('encryption') || 'disabled';
306     + my $action = $self->{cgi}->param('action') || '';
307     +
308     + print qq(<tr><td colspan="2">) . $self->localise('DESC_ENCRYPTION') . qq(</td></tr>);
309     + print qq(<tr><td class="sme-noborders-label">) .
310     + $self->localise('LABEL_ENCRYPTION') . qq(</td>\n);
311     +
312     + if ($action eq 'modify') {
313     + print qq(
314     + <td class="sme-noborders-content">$encryption
315     + <input type="hidden" name="encryption" value="$encryption">
316     + </td>
317     + );
318     + }
319     + else {
320     + print qq(
321     + <td class="sme-noborders-content"><SELECT NAME="encryption" TYPE="select">
322     + <OPTION VALUE="disabled">) . $self->localise('DISABLED') .
323     + qq(<OPTION VALUE="enabled">) . $self->localise('ENABLED') .
324     + qq(</SELECT></td>
325     + );
326     + print qq(<tr><td colspan="2">) . $self->localise('DESC_PASSWORD') . qq(</td></tr>);
327     + print qq(<tr><td class="sme-noborders-label">) .
328     + $self->localise('LABEL_PASSWORD') . qq(</td>\n);
329     + print qq(
330     + <td><input type="password" name="password" value="">
331     + </td>
332     + );
333     + print qq(<tr><td class="sme-noborders-label">) .
334     + $self->localise('LABEL_PASSWORD2') . qq(</td>\n);
335     + print qq(
336     + <td><input type="password" name="password2" value="">
337     + </td>
338     + );
339     + }
340     +
341     + print qq(</tr>\n);
342     +
343     + return undef;
344     +}
345     +
346     # Takes a comma delimited list of groups and returns a string of
347     # html checkboxes for all system groups with the groups having write and read access.
348    
349     sub genGroupAccess () {
350     my $fm = shift;
351     - my $q = $fm->{'cgi'};
352     + my $q = $fm->{cgi};
353     my $WriteGroups = $q->param('WriteGroups') || '';
354     my $ReadGroups = $q->param('ReadGroups') || '';
355     my $share = $q->param('share');
356     @@ -426,6 +477,9 @@
357     sub create_share {
358     my ($self) = @_;
359     my $name = $self->cgi->param('name');
360     + my $encryption = $self->cgi->param('encryption') || 'disabled';
361     + my $password = $self->cgi->param('password');
362     + my $password2 = $self->cgi->param('password2');
363    
364     my $msg = $self->validate_name($name);
365     unless ($msg eq "OK")
366     @@ -445,39 +499,66 @@
367     return $self->error($msg);
368     }
369    
370     + $msg = $self->confirm_password($password,$password2);
371     + unless ($msg eq "OK")
372     + {
373     + return $self->error($msg);
374     + }
375     +
376     my @WriteGroups = $self->cgi->param('write');
377     my $WriteGroups = join(",",@WriteGroups);
378     my @ReadGroups = $self->cgi->param('read');
379     my @CleanReadGroups = ();
380    
381     - # Remove from ReadGroups the groups in WriteGroups
382     - # So ACL are consistent
383     - foreach my $read (@ReadGroups){
384     - my $isInWrite = 0;
385     - foreach (@WriteGroups){
386     - $isInWrite = 1 if ($_ eq $read);
387     + # EncFS doesn't expose underlying ACLs
388     + # So, just remove any read only groups
389     + # Read Only is not supported with encryption
390     + if ($encryption ne 'enabled'){
391     + # Remove from ReadGroups the groups in WriteGroups
392     + # So ACL are consistent
393     + foreach my $read (@ReadGroups){
394     + my $isInWrite = 0;
395     + foreach (@WriteGroups){
396     + $isInWrite = 1 if ($_ eq $read);
397     + }
398     + push (@CleanReadGroups, $read) unless ($isInWrite);
399     }
400     - push (@CleanReadGroups, $read) unless ($isInWrite);
401     }
402     my $ReadGroups = join(",",@CleanReadGroups);
403    
404     if (my $acct = $accountdb->new_record($name, {
405     - Name => $self->cgi->param('description'),
406     - WriteGroups => $WriteGroups,
407     - ReadGroups => $ReadGroups,
408     - RecycleBin => $self->cgi->param('recyclebin'),
409     - RecycleBinRetention => $self->cgi->param('retention'),
410     - smbAccess => $self->cgi->param('smbaccess'),
411     - httpAccess => $self->cgi->param('httpaccess'),
412     - WebDav => $self->cgi->param('webdav'),
413     - RequireSSL => $self->cgi->param('requireSSL'),
414     - Indexes => $self->cgi->param('indexes'),
415     - DynamicContent => $self->cgi->param('dynamic'),
416     - type => 'share',
417     + Name => $self->cgi->param('description'),
418     + Encryption => $self->cgi->param('encryption'),
419     + InactivityTimeOut => $self->cgi->param('inactivity'),
420     + WriteGroups => $WriteGroups,
421     + ReadGroups => $ReadGroups,
422     + RecycleBin => $self->cgi->param('recyclebin'),
423     + RecycleBinRetention => $self->cgi->param('retention'),
424     + smbAccess => $self->cgi->param('smbaccess'),
425     + httpAccess => $self->cgi->param('httpaccess'),
426     + WebDav => $self->cgi->param('webdav'),
427     + RequireSSL => $self->cgi->param('requireSSL'),
428     + Indexes => $self->cgi->param('indexes'),
429     + DynamicContent => $self->cgi->param('dynamic'),
430     + type => 'share',
431     }) )
432     {
433     # Untaint $name before use in system()
434     $name =~ /(.+)/; $name = $1;
435     +
436     + if ($encryption eq 'enabled'){
437     + my $source = '/home/e-smith/files/shares/' . $name . '/.store';
438     + my $dest = '/home/e-smith/files/shares/' . $name . '/files';
439     + File::Path::mkpath ($source);
440     + mkdir $dest;
441     + open(DIR, "| /usr/bin/encfs -S --public -o nonempty,umask=000 $source $dest > /dev/null 2>&1");
442     + print DIR "\n$password";
443     + close DIR;
444     + $self->error("ERROR_WITH_ENCRYPTION") unless(
445     + system("/bin/fusermount -uz $dest") == 0
446     + );
447     + }
448     +
449     if (system ("/sbin/e-smith/signal-event", "share-create", $name) == 0) {
450     $self->success("SUCCESSFULLY_CREATED_SHARE");
451     } else {
452     @@ -497,21 +578,29 @@
453     my $name = $self->cgi->param('name');
454     if (my $acct = $accountdb->get($name)) {
455     if ($acct->prop('type') eq 'share') {
456     + my $encryption = $self->cgi->param('encryption');
457     my @WriteGroups = $self->cgi->param('write');
458     my $WriteGroups = join(",",@WriteGroups);
459     my @ReadGroups = $self->cgi->param('read');
460     my @CleanReadGroups = ();
461     - foreach my $read (@ReadGroups){
462     - my $isInWrite = 0;
463     - foreach (@WriteGroups){
464     - $isInWrite = 1 if ($_ eq $read);
465     +
466     + # EncFS doesn't expose underlying ACLs
467     + # So, just remove any read only groups
468     + # Read Only is not supported with encryption
469     + if ($encryption ne 'enabled'){
470     + foreach my $read (@ReadGroups){
471     + my $isInWrite = 0;
472     + foreach (@WriteGroups){
473     + $isInWrite = 1 if ($_ eq $read);
474     + }
475     + push (@CleanReadGroups, $read) unless ($isInWrite);
476     }
477     - push (@CleanReadGroups, $read) unless ($isInWrite);
478     }
479     my $ReadGroups = join(",",@CleanReadGroups);
480    
481     $acct->merge_props(
482     Name => $self->cgi->param('description'),
483     + InactivityTimeOut => $self->cgi->param('inactivity'),
484     WriteGroups => $WriteGroups,
485     ReadGroups => $ReadGroups,
486     RecycleBin => $self->cgi->param('recyclebin'),
487     @@ -592,5 +681,37 @@
488     return "OK";
489     }
490    
491     +# Check if inactivity is a number
492     +
493     +sub validate_inactivity
494     +{
495     + my ($self, $inac) = @_;
496     +
497     + unless ($inac =~ /^\d+$/)
498     + {
499     + return $self->localise('INVALID_INACTIVITY',
500     + {inactivity => $inac});
501     + }
502     + return "OK";
503     +}
504     +
505     +# Check if both passwords match
506     +# and are more than 8 chars
507     +
508     +sub confirm_password
509     +{
510     +
511     + my ($self, $pass1, $pass2) = @_;
512     +
513     + unless (scalar (split("",$pass1)) >= 8){
514     + return $self->localise('PASSWORD_TOO_SHORT');
515     + }
516     +
517     + unless ($pass1 eq $pass2){
518     + return $self->localise('PASSWORD_MISMATCH');
519     + }
520     + return 'OK';
521     +}
522     +
523     1;
524    
525     diff -Nur smeserver-shared-folders-0.1/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/userpanelEncfs.pm smeserver-shared-folders-0.1_encfs/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/userpanelEncfs.pm
526     --- smeserver-shared-folders-0.1/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/userpanelEncfs.pm 1970-01-01 01:00:00.000000000 +0100
527     +++ smeserver-shared-folders-0.1_encfs/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/userpanelEncfs.pm 2011-05-06 15:27:49.000000000 +0200
528     @@ -0,0 +1,145 @@
529     +#!/usr/bin/perl -w
530     +
531     +package esmith::FormMagick::Panel::userpanelEncfs;
532     +
533     +use strict;
534     +
535     +use esmith::FormMagick;
536     +use esmith::AccountsDB;
537     +use esmith::ConfigDB;
538     +use esmith::cgi;
539     +use esmith::util;
540     +use File::Basename;
541     +use Exporter;
542     +use Carp;
543     +
544     +our @ISA = qw(esmith::FormMagick Exporter);
545     +
546     +our @EXPORT = qw(
547     + print_share_table
548     + mount_encfs
549     + umount_encfs
550     +);
551     +
552     +our $accountdb = esmith::AccountsDB->open();
553     +our $user = $ENV{'REMOTE_USER'};
554     +$user = $1 if ($user =~ /^([a-z][\-a-z0-9]*)$/);
555     +
556     +*wherenext = \&CGI::FormMagick::wherenext;
557     +
558     +sub new
559     +{
560     + my $proto = shift;
561     + my $class = ref($proto) || $proto;
562     + my $self = esmith::FormMagick::new($class);
563     + $self->{calling_package} = (caller)[0];
564     +
565     + return $self;
566     +}
567     +
568     +sub print_share_table {
569     + my $self = shift;
570     + my $q = $self->{cgi};
571     + my @shares = $accountdb->get_all_by_prop(type => 'share');
572     + my @encfs = ();
573     +
574     + foreach (@shares){
575     + my @sharegroups = $_->prop('WriteGroups'), $_->prop('ReadGroups');
576     + @sharegroups = keys %{{ map { $_ => 1 } @sharegroups }};
577     + my @usergroups = $accountdb->user_group_list($user);
578     +
579     + my %count = ();
580     + my @intersection = ();
581     + foreach my $element (@sharegroups, @usergroups) { $count{$element}++ }
582     + foreach my $element (keys %count) {
583     + push @intersection, $element if ($count{$element} > 1);
584     + }
585     +
586     + # Only display the share in the list if encryption is enabled
587     + # and the user has at least read access
588     + if ((($_->prop('Encryption') || 'disabled') eq 'enabled') &&
589     + ((scalar @intersection > 0 ) || $user eq 'admin')){
590     + push @encfs, $_ if (($_->prop('Encryption') || 'disabled') eq 'enabled');
591     + }
592     + }
593     + unless ( scalar @encfs )
594     + {
595     + print $q->Tr($q->td($self->localise('NO_ENCRYPTED_SHARE')));
596     + return "";
597     + }
598     +
599     + print $q->start_table({-CLASS => "sme-border"}),"\n";
600     + print $q->Tr (
601     + esmith::cgi::genSmallCell($q, $self->localise('NAME'),"header"),
602     + esmith::cgi::genSmallCell($q, $self->localise('DESCRIPTION'),"header"),
603     + esmith::cgi::genSmallCell($q, $self->localise('STATUS'),"header"),
604     + esmith::cgi::genSmallCell($q, $self->localise('ACTION'),"header", 3)
605     + ),"\n";
606     +
607     + my $scriptname = basename($0);
608     +
609     + foreach my $i (@encfs)
610     + {
611     + my $sharename = $i->key();
612     + my $sharedesc = $i->prop('Name');
613     +
614     + my $mountstatus = `/bin/mount | /bin/grep /home/e-smith/files/shares/$sharename | grep -c fuse`;
615     + chomp($mountstatus);
616     + my $sharestatus = ($mountstatus eq '1') ? $self->localise('MOUNTED') : $self->localise('NOT_MOUNTED');
617     +
618     + my $href = "$scriptname?page=;page_stack=;wherenext=";
619     +
620     + my $actionMount = $q->a({href => "${href}Mount&name=$sharename"},$self->localise('MOUNT'))
621     + . '&nbsp;';
622     +
623     + my $actionUmount .= $q->a({href => "${href}Umount&name=$sharename"}, $self->localise('UMOUNT'))
624     + . '&nbsp';
625     +
626     + my $action = ($mountstatus eq '1') ? $actionUmount : $actionMount;
627     +
628     + print $q->Tr (
629     + esmith::cgi::genSmallCell($q, $sharename,"normal"),
630     + esmith::cgi::genSmallCell($q, $sharedesc,"normal"),
631     + esmith::cgi::genSmallCell($q, $sharestatus,"normal"),
632     + esmith::cgi::genSmallCell($q, $action,"normal")
633     + );
634     + }
635     +
636     + print $q->end_table,"\n";
637     +
638     + return "";
639     +}
640     +
641     +sub mount_encfs {
642     + my $fm = shift;
643     + my $pass = $fm->{cgi}->param('password');
644     + my $share = $fm->{cgi}->param('name');
645     + my $rec = $accountdb->get($share);
646     + my $timeout = $rec->prop('InactivityTimeOut') || '30';
647     + $timeout = '30' unless ($timeout =~ m/\d+/);
648     + my $source = "/home/e-smith/files/shares/$share/.store";
649     + my $dest = "/home/e-smith/files/shares/$share/files";
650     + $pass = $1 if ( $pass =~ /(.*)/ );
651     +
652     + unless ( system("echo $pass | /usr/bin/encfs -i $timeout -S --public -o nonempty,umask=000 $source $dest > /dev/null 2>&1") == 0){
653     + $fm->error('ERROR_MOUNTING');
654     + return undef;
655     + }
656     +
657     + $fm->success('SUCCESS');
658     +}
659     +
660     +sub umount_encfs {
661     + my $fm = shift;
662     + my $share = $fm->{cgi}->param('name');
663     +
664     + unless ( system("/bin/fusermount -uz /home/e-smith/files/shares/$share/files > /dev/null 2>&1") == 0){
665     + $fm->error('ERROR_UMOUNTING');
666     + return undef;
667     + }
668     +
669     + $fm->success('SUCCESS');
670     +}
671     +
672     +1;
673     +

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed