" .
- $fm->localise('PERMISSIONS') .
+ $self->localise('PERMISSIONS') .
" | \n".
$q->start_table({-class => "sme-border"})."\n".
$q->Tr(
- esmith::cgi::genSmallCell($q, $fm->localise('GROUPS'),"header"),
- esmith::cgi::genSmallCell($q, $fm->localise('WRITE_PERM'),"header"),
- esmith::cgi::genSmallCell($q, $fm->localise('READ_PERM'),"header")
+ esmith::cgi::genSmallCell($q, $self->localise('GROUPS'),"header"),
+ esmith::cgi::genSmallCell($q, $self->localise('DESCRIPTION'),"header"),
+ esmith::cgi::genSmallCell($q, $self->localise('WRITE_PERM'),"header"),
+ esmith::cgi::genSmallCell($q, $self->localise('READ_PERM'),"header")
);
foreach my $group (@groups) {
my $write = "";
my $read = "";
my $name = $group->key();
+ my $desc = $group->prop('Description');
if ( $WriteGroups{$name} ) {
$write = "checked";
}
@@ -395,23 +407,56 @@
$out .= $q->Tr(
esmith::cgi::genSmallCell($q, $name, "normal"),
+ esmith::cgi::genSmallCell($q, $desc, "normal"),
esmith::cgi::genSmallCell($q,"", "normal"),
esmith::cgi::genSmallCell($q,"", "normal")
);
}
+ $out .= $q->Tr(
+ esmith::cgi::genSmallCell($q, $self->localise('USERS'),"header"),
+ esmith::cgi::genSmallCell($q, $self->localise('DESCRIPTION'),"header"),
+ esmith::cgi::genSmallCell($q, $self->localise('WRITE_PERM'),"header"),
+ esmith::cgi::genSmallCell($q, $self->localise('READ_PERM'),"header")
+ );
+
+ foreach my $user (@users) {
+ my $write = "";
+ my $read = "";
+ my $name = $user->key();
+ my $desc = $user->prop('FirstName') . ' ' . $user->prop('LastName');
+ if ( $WriteUsers{$name} ) {
+ $write = "checked";
+ }
+ if ( $ReadUsers{$name} ) {
+ $read = "checked";
+ }
+
+ $out .= $q->Tr(
+ esmith::cgi::genSmallCell($q, $name, "normal"),
+ esmith::cgi::genSmallCell($q, $desc, "normal"),
+
+ esmith::cgi::genSmallCell($q,"", "normal"),
+ esmith::cgi::genSmallCell($q,"", "normal")
+ );
+ }
+
$out .= " |
\n";
return $out;
}
# Print a section bar
sub print_section_bar{
- my ($fm) = @_;
+ my $self = shift;
print " \n \n";
print " \n";
return undef;
@@ -423,8 +468,8 @@
sub smbAccess_list {
return {
- 'none' => 'NONE',
- 'browseable' => 'ENABLED_BROWSEABLE',
+ 'none' => 'NONE',
+ 'browseable' => 'ENABLED_BROWSEABLE',
'non-browseable' => 'ENABLED_NON_BROWSEABLE',
};
}
@@ -453,12 +498,13 @@
sub max_share_name_length {
my ($self, $data) = @_;
- $configdb->reload();
- my $max = $configdb->get('maxShareNameLength')->value || '12';
+ $c->reload();
+ my $max = $c->get('maxShareNameLength')->value || '12';
if (length($data) <= $max) {
return "OK";
- } else {
+ }
+ else {
return $self->localise("MAX_SHARE_NAME_LENGTH_ERROR",
{acctName => $data,
maxShareNameLength => $max,
@@ -466,46 +512,20 @@
}
}
-
-# Check the proposed name for clashes with existing pseudonyms or other
-# accounts of any type.
-
-sub conflict_check
-{
- my ($self, $name) = @_;
- my $rec = $accountdb->get($name);
-
- my $type;
- if (defined $rec){
- my $type = $rec->prop('type');
- if ($type eq "pseudonym"){
- my $acct = $rec->prop("Account");
- my $acct_type = $accountdb->get($acct)->prop('type');
-
- return $self->localise('ACCT_CLASHES_WITH_PSEUDONYM',
- {acctName => $name, acctType => $acct_type, acct => $acct});
- }
- }
- elsif (defined getpwnam($name) || defined getgrnam($name)){
- $type = 'system';
- }
- else{
- # No account record and no account
- return 'OK';
- }
- return $self->localise('ACCOUNT_EXISTS',
- {acctName => $name, acctType => $type});
-}
-
# Call the create or modify routine
sub handle_shares {
- my ($self) = @_;
-
+ my $self = shift;
+ my $q = $self->{cgi};
+ my $action = $q->param("action") || '';
- if ($self->cgi->param("action") eq "create") {
+ if ($action eq "create") {
$self->create_share();
- } else {
+ }
+ elsif ($action eq 'permissions'){
+ $self->modify_perm();
+ }
+ else {
$self->modify_share();
}
}
@@ -513,12 +533,13 @@
# Print save or add button
sub print_save_or_add_button {
- my ($self) = @_;
+ my $self = shift;
my $action = $self->cgi->param("action") || '';
if ($action eq "modify") {
$self->print_button("SAVE");
- } else {
+ }
+ else {
$self->print_button("ADD");
}
@@ -527,79 +548,54 @@
# Create a new shared folder
sub create_share {
- my ($self) = @_;
- my $name = $self->cgi->param('name');
- my $encryption = $self->cgi->param('encryption') || 'disabled';
- my $password = $self->cgi->param('password');
- my $password2 = $self->cgi->param('password2');
+ my $self = shift;
+ my $q = $self->{cgi};
+ my $name = $q->param('name');
+ my $encryption = $q->param('encryption') || 'disabled';
+ my $password = $q->param('password');
+ my $password2 = $q->param('password2');
my $msg = $self->validate_name($name);
- unless ($msg eq "OK")
- {
+
+ unless ($msg eq "OK") {
return $self->error($msg);
}
$msg = $self->max_share_name_length($name);
- unless ($msg eq "OK")
- {
+
+ unless ($msg eq "OK") {
return $self->error($msg);
}
$msg = $self->conflict_check($name);
- unless ($msg eq "OK")
- {
+ unless ($msg eq "OK") {
return $self->error($msg);
}
$msg = ($encryption eq 'enabled') ? $self->confirm_password($password,$password2) : 'OK';
- unless ($msg eq "OK")
- {
+ unless ($msg eq "OK") {
return $self->error($msg);
}
- my @WriteGroups = $self->cgi->param('write');
- my $WriteGroups = join(",",@WriteGroups);
- my @ReadGroups = $self->cgi->param('read');
- my @CleanReadGroups = ();
-
- # EncFS doesn't expose underlying ACLs
- # So, just remove any read only groups
- # Read Only is not supported with encryption
- if ($encryption ne 'enabled'){
- # Remove from ReadGroups the groups in WriteGroups
- # So ACL are consistent
- foreach my $read (@ReadGroups){
- my $isInWrite = 0;
- foreach (@WriteGroups){
- $isInWrite = 1 if ($_ eq $read);
- }
- push (@CleanReadGroups, $read) unless ($isInWrite);
- }
- }
- my $ReadGroups = join(",",@CleanReadGroups);
-
- if (my $acct = $accountdb->new_record($name, {
- Name => $self->cgi->param('description'),
+ if (my $acct = $a->new_record($name, {
+ Name => $q->param('description'),
Encryption => $encryption,
- InactivityTimeOut => ($self->cgi->param('inactivity') || ''),
- WriteGroups => $WriteGroups,
- ReadGroups => $ReadGroups,
- RecycleBin => $self->cgi->param('recyclebin'),
- RecycleBinRetention => $self->cgi->param('retention'),
- smbAccess => $self->cgi->param('smbaccess'),
- httpAccess => $self->cgi->param('httpaccess'),
- WebDav => $self->cgi->param('webdav'),
- Ajaxplorer => ($self->cgi->param('ajaxplorer') || 'disabled'),
- RequireSSL => $self->cgi->param('requireSSL'),
- Indexes => $self->cgi->param('indexes'),
- DynamicContent => $self->cgi->param('dynamic'),
+ InactivityTimeOut => ($q->param('inactivity') || ''),
+ RecycleBin => $q->param('recyclebin'),
+ RecycleBinRetention => $q->param('retention'),
+ smbAccess => $q->param('smbaccess'),
+ httpAccess => $q->param('httpaccess'),
+ WebDav => $q->param('webdav'),
+ Ajaxplorer => ($q->param('ajaxplorer') || 'disabled'),
+ RequireSSL => $q->param('requireSSL'),
+ Indexes => $q->param('indexes'),
+ DynamicContent => $q->param('dynamic'),
type => 'share',
- }) )
- {
+ }) ) {
# Untaint $name before use in system()
$name =~ /(.+)/; $name = $1;
- if ($encryption eq 'enabled'){
+ if ($encryption eq 'enabled') {
my $source = '/home/e-smith/files/shares/' . $name . '/.store';
my $dest = '/home/e-smith/files/shares/' . $name . '/files';
File::Path::mkpath ($source);
@@ -614,10 +610,12 @@
if (system ("/sbin/e-smith/signal-event", "share-create", $name) == 0) {
$self->success("SUCCESSFULLY_CREATED_SHARE");
- } else {
+ }
+ else {
$self->error("ERROR_WHILE_CREATING_SHARE");
}
- } else {
+ }
+ else {
$self->error('CANT_CREATE_SHARE');
}
}
@@ -625,118 +623,155 @@
# Modify a share.
# This sub shares a lot of code with create share
# It should be merged
-
sub modify_share {
- my ($self) = @_;
- my $name = $self->cgi->param('name');
- if (my $acct = $accountdb->get($name)) {
- if ($acct->prop('type') eq 'share') {
- my $encryption = $self->cgi->param('encryption');
- my @WriteGroups = $self->cgi->param('write');
- my $WriteGroups = join(",",@WriteGroups);
- my @ReadGroups = $self->cgi->param('read');
- my @CleanReadGroups = ();
-
- # EncFS doesn't expose underlying ACLs
- # So, just remove any read only groups
- # Read Only is not supported with encryption
- if ($encryption ne 'enabled'){
- foreach my $read (@ReadGroups){
- my $isInWrite = 0;
- foreach (@WriteGroups){
- $isInWrite = 1 if ($_ eq $read);
- }
- push (@CleanReadGroups, $read) unless ($isInWrite);
- }
- }
- my $ReadGroups = join(",",@CleanReadGroups);
+ my $self = shift;
+ my $q = $self->{cgi};
+ my $name = $q->param('name');
+ my $acct = $a->get($name);
- $acct->merge_props(
- Name => $self->cgi->param('description'),
- InactivityTimeOut => ($self->cgi->param('inactivity') || ''),
- WriteGroups => $WriteGroups,
- ReadGroups => $ReadGroups,
- RecycleBin => $self->cgi->param('recyclebin'),
- RecycleBinRetention => $self->cgi->param('retention'),
- smbAccess => $self->cgi->param('smbaccess'),
- httpAccess => $self->cgi->param('httpaccess'),
- WebDav => $self->cgi->param('webdav'),
- Ajaxplorer => ($self->cgi->param('ajaxplorer') || 'disabled'),
- RequireSSL => $self->cgi->param('requireSSL'),
- Indexes => $self->cgi->param('indexes'),
- DynamicContent => $self->cgi->param('dynamic'),
- );
+ return $self->error('CANT_FIND_SHARE') unless($acct && $acct->prop('type') eq 'share');
- # Untaint $name before use in system()
- $name =~ /(.+)/; $name = $1;
- if (system ("/sbin/e-smith/signal-event", "share-modify",
- $name) == 0)
- {
- $self->success("SUCCESSFULLY_MODIFIED_SHARE");
- } else {
- $self->error("ERROR_WHILE_MODIFYING_SHARE");
- }
- } else {
- $self->error('CANT_FIND_SHARE');
- }
- } else {
- $self->error('CANT_FIND_SHARE');
+ $acct->merge_props(
+ Name => $q->param('description'),
+ InactivityTimeOut => ($q->param('inactivity') || ''),
+ RecycleBin => $q->param('recyclebin'),
+ RecycleBinRetention => $q->param('retention'),
+ smbAccess => $q->param('smbaccess'),
+ httpAccess => $q->param('httpaccess'),
+ WebDav => $q->param('webdav'),
+ Ajaxplorer => ($q->param('ajaxplorer') || 'disabled'),
+ RequireSSL => $q->param('requireSSL'),
+ Indexes => $q->param('indexes'),
+ DynamicContent => $q->param('dynamic'),
+ );
+
+ # Untaint $name before use in system()
+ $name =~ /(.+)/; $name = $1;
+ if (system ("/sbin/e-smith/signal-event", "share-modify", $name) == 0) {
+ $self->success("SUCCESSFULLY_MODIFIED_SHARE");
}
+ else {
+ $self->error("ERROR_WHILE_MODIFYING_SHARE");
+ }
+ return undef;
}
-# Remove a share
+sub modify_perm {
+ my $self = shift;
+ my $q = $self->{cgi};
+ my $name = $q->param('name');
+ my $acct = $a->get($name);
-sub remove_share {
- my ($self) = @_;
- my $name = $self->cgi->param('name');
- unless ($self->cgi->param('cancel')){
- if (my $acct = $accountdb->get($name)) {
- if ($acct->prop('type') eq 'share') {
- # Untaint $name before use in system()
- $name =~ /(.+)/; $name = $1;
- my $encryption = $acct->prop('Encryption') || 'disabled';
- my $mountstatus = `/bin/mount | grep /home/e-smith/files/shares/$name/ | grep -c fuse`;
- chomp($mountstatus);
- if (($encryption eq 'enabled') && ($mountstatus eq '1')){
- $self->error("ERROR_ENCRYPTED_ENABLED");
- return undef;
- }
-
- $acct->set_prop('type', 'share-deleted');
-
- if (system ("/sbin/e-smith/signal-event", "share-delete", $name) == 0) {
- $self->success("SUCCESSFULLY_DELETED_SHARE");
- $acct->delete();
- }
- else {
- $self->error("ERROR_WHILE_DELETING_SHARE");
- }
- }
- else {
- $self->error('CANT_FIND_SHARE');
- }
+ return $self->error('CANT_FIND_SHARE') unless($acct && $acct->prop('type') eq 'share');
+
+ my $encryption = $acct->prop('Encryption') || 'disabled';
+
+ my $WriteGroups = join(",", $q->param('writegroup'));
+ my $WriteUsers = join(",", $q->param('writeuser'));
+ my @CleanReadGroups = ();
+ my @CleanReadUsers = ();
+
+ # EncFS doesn't expose underlying ACLs
+ # So, just remove any read only groups
+ # Read Only is not supported with encryption
+ if ($encryption ne 'enabled'){
+ # No need to have read access if write is already granted
+ foreach my $group ($q->param('readgroup')){
+ push (@CleanReadGroups, $group) unless (grep { $_ eq $group } $q->param('writegroup'));
}
- else {
- $self->error('CANT_FIND_SHARE');
+ foreach my $user ($q->param('readuser')){
+ push (@CleanReadUsers, $user) unless (grep { $_ eq $user } $q->param('writeuser'));
}
}
- else{
- $self->error('CANCELED','First');
+ my $ReadGroups = join(",",@CleanReadGroups);
+ my $ReadUsers = join(",",@CleanReadUsers);
+
+ $acct->merge_props(
+ WriteGroups => $WriteGroups,
+ ReadGroups => $ReadGroups,
+ WriteUsers => $WriteUsers,
+ ReadUsers => $ReadUsers,
+ );
+
+ # Untaint $name before use in system()
+ $name =~ /(.+)/; $name = $1;
+ if (system ("/sbin/e-smith/signal-event", "share-modify", $name) == 0) {
+ $self->success("SUCCESSFULLY_MODIFIED_SHARE");
+ }
+ else {
+ $self->error("ERROR_WHILE_MODIFYING_SHARE");
}
return undef;
}
+# Remove a share
+sub remove_share {
+ my $self = shift;
+ my $q = $self->{cgi};
+ my $name = $q->param('name');
+ my $acct = $a->get($name);
+ return $self->error('CANCELED','First') if ($q->param('cancel'));
+ return $self->error('CANT_FIND_SHARE') unless ($acct && $acct->prop('type') eq 'share');
+
+ # Untaint $name before use in system()
+ $name =~ /(.+)/; $name = $1;
+ my $encryption = $acct->prop('Encryption') || 'disabled';
+ my $mountstatus = `/bin/mount | grep /home/e-smith/files/shares/$name/ | grep -c fuse`;
+ chomp($mountstatus);
+
+ if (($encryption eq 'enabled') && ($mountstatus eq '1')){
+ $self->error("ERROR_ENCRYPTED_ENABLED");
+ return undef;
+ }
+
+ $acct->set_prop('type', 'share-deleted');
+
+ if (system ("/sbin/e-smith/signal-event", "share-delete", $name) == 0) {
+ $self->success("SUCCESSFULLY_DELETED_SHARE");
+ $acct->delete();
+ }
+ else {
+ $self->error("ERROR_WHILE_DELETING_SHARE");
+ }
+ return undef;
+}
+
+# Check the proposed name for clashes with existing pseudonyms or other
+# accounts of any type.
+
+sub conflict_check {
+ my ($self, $name) = @_;
+ my $rec = $a->get($name);
+
+ my $type;
+ if (defined $rec){
+ my $type = $rec->prop('type');
+ if ($type eq "pseudonym"){
+ my $acct = $rec->prop("Account");
+ my $acct_type = $a->get($acct)->prop('type');
+
+ return $self->localise('ACCT_CLASHES_WITH_PSEUDONYM',
+ {acctName => $name, acctType => $acct_type, acct => $acct});
+ }
+ }
+ elsif (defined getpwnam($name) || defined getgrnam($name)){
+ $type = 'system';
+ }
+ else{
+ # No account record and no account
+ return 'OK';
+ }
+ return $self->localise('ACCOUNT_EXISTS',
+ {acctName => $name, acctType => $type});
+}
# Checks that the name supplied does not contain any unacceptable chars.
# Returns OK on success or a localised error message otherwise.
-
-sub validate_name
-{
+sub validate_name {
my ($self, $acctName) = @_;
- unless ($acctName =~ /^([a-z][\_\.\-a-z0-9]*)$/)
- {
+ unless ($acctName =~ /^([a-z][\_\.\-a-z0-9]*)$/){
return $self->localise('ACCT_NAME_HAS_INVALID_CHARS',
{acctName => $acctName});
}
@@ -744,13 +779,10 @@
}
# Check if inactivity is a number
-
-sub validate_inactivity
-{
+sub validate_inactivity {
my ($self, $inac) = @_;
- unless ($inac =~ /^\d+$/)
- {
+ unless ($inac =~ /^\d+$/){
return $self->localise('INVALID_INACTIVITY',
{inactivity => $inac});
}
@@ -759,9 +791,7 @@
# Check if both passwords match
# and are more than 8 chars
-
-sub confirm_password
-{
+sub confirm_password {
my ($self, $pass1, $pass2) = @_;
|