Changeset 65 for trunk/dns.cgi
- Timestamp:
- 11/25/10 16:26:08 (14 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/dns.cgi
r64 r65 104 104 if ($webvar{action}) { 105 105 if ($webvar{action} eq 'login') { 106 # Snag ACL/permissions here too 106 107 my $sth = $dbh->prepare("SELECT user_id,group_id,password,firstname,lastname FROM users WHERE username=?"); 107 108 $sth->execute($webvar{username}); … … 118 119 $session->param('logingroup',$gid); 119 120 $session->param('curgroup',$gid); 121 $session->param('uid',$uid); 120 122 $session->param('username',$webvar{username}); 121 123 … … 139 141 } # handle global webvar{action}s 140 142 143 initPermissions($dbh,$session->param('uid')); 141 144 142 145 ## Default page is a login page … … 521 524 $page->param(delgroupname => groupName($dbh, $webvar{id})); 522 525 526 } elsif ($webvar{page} eq 'edgroup') { 527 528 if ($webvar{action} eq 'updperms') { 529 # extra safety check; make sure user can't construct a URL to bypass ACLs 530 my %curperms; 531 getPermissions($dbh, 'group', $webvar{gid}, \%curperms); 532 foreach (('group_edit','group_create','group_delete', 533 'user_edit','user_create','user_delete', 534 'domain_edit','domain_create','domain_delete', 535 'record_edit','record_create','record_delete', 536 'self_edit') 537 ) { 538 $webvar{$_} = 0 if !defined($webvar{$_}); 539 $webvar{$_} = 1 if $webvar{$_} eq 'on'; 540 push @debugbits, "$_ has changed: '$curperms{$_}' => '$webvar{$_}'<br>\n" if $curperms{$_} ne $webvar{$_}; 541 if ($permissions{admin} || $permissions{$_}) { 542 if (($webvar{$_} eq 'on' && !$curperms{$_}) or 543 (!$webvar{$_} && $curperms{$_})) { 544 push @debugbits, ' '."may update $_<br>\n"; 545 } 546 } 547 } 548 } 549 $page->param(gid => $webvar{gid}); 550 $page->param(grpmeddle => groupName($dbh, $webvar{gid})); 551 my %grpperms; 552 getPermissions($dbh, 'group', $webvar{gid}, \%grpperms); 553 # unless (0) { 554 foreach (('group_edit','group_create','group_delete', 555 'user_edit','user_create','user_delete', 556 'domain_edit','domain_create','domain_delete', 557 'record_edit','record_create','record_delete', 558 'self_edit') 559 ) { 560 #push @debugbits, "$_ => admin? '$permissions{admin}' may_$_? '$permissions{$_}' group? '$grpperms{$_}'<br>\n"; 561 $page->param("may_$_" => ($permissions{admin} || $permissions{$_})); 562 $page->param($_ => $grpperms{$_}); 563 } 564 # } 565 # my %grpperms = getPermissions('group',$webvar{group}); 566 523 567 } elsif ($webvar{page} eq 'useradmin') { 524 568 … … 535 579 # foo? 536 580 fill_actypelist(); 581 fill_clonemelist(); 537 582 538 583 } elsif ($webvar{page} eq 'adduser') { … … 544 589 $msg = "Passwords don't match"; 545 590 } else { 591 # assemble a permission string - far simpler than trying to pass an 592 # indeterminate set of permission flags individually 593 my $permstring; 594 if ($webvar{perms_type} eq 'custom') { 595 $permstring = 'C:,g:,u:,d:,r:'; 596 $page->param(perm_custom => 1); 597 } elsif ($webvar{perms_type} eq 'clone') { 598 $permstring = 'c:'; 599 $page->param(perm_clone => 1); 600 } else { 601 $permstring = 'i'; 602 # $page->param(perm_inherit => 1); 603 } 546 604 ($code,$msg) = addUser($dbh,$webvar{uname}, $webvar{group}, $webvar{pass1}, 547 605 ($webvar{makeactive} eq 'on' ? 1 : 0), $webvar{accttype}, … … 565 623 $page->param(errmsg => $msg); 566 624 fill_actypelist(); 625 fill_clonemelist(); 567 626 } 568 627 … … 585 644 list_users($curgroup); 586 645 } else { 587 # success. go back to the domainlist, do not pass "GO"646 # success. go back to the user list, do not pass "GO" 588 647 ##log 589 648 logaction(0, $session->param("username"), $webvar{group}, "Added domain $webvar{domain}"); … … 594 653 changepage(page => "useradmin"); 595 654 } 655 656 } elsif ($webvar{page} eq 'edituser') { 596 657 597 658 } elsif ($webvar{page} eq 'dnsq') { … … 781 842 my $tmpgrplist = fill_grptree($logingroup,$curgroup); 782 843 $page->param(grptree => $tmpgrplist); 783 844 $page->param(subs => ($tmpgrplist ? 1 : 0)); # probably not useful to pass gobs of data in for a boolean 784 845 $page->param(inlogingrp => $curgroup == $logingroup); 785 846 … … 848 909 return if $#childlist == -1; 849 910 my @grouplist; 911 my $foome = 0; 850 912 foreach (@childlist) { 851 913 my %row; … … 853 915 $row{grpname} = "<b>$row{grpname}</b>" if $_ == $cur; 854 916 $row{subs} = fill_grptree($_,$cur); 917 $row{last} = 1 if ++$foome > $#childlist; 855 918 push @grouplist, \%row; 856 919 } … … 990 1053 991 1054 $page->param(actypelist => \@actypes); 1055 } 1056 1057 sub fill_clonemelist { 1058 my $sth = $dbh->prepare("SELECT username,user_id FROM users WHERE group_id=$curgroup"); 1059 $sth->execute; 1060 1061 my @clonesrc; 1062 while (my ($username,$uid) = $sth->fetchrow_array) { 1063 my %row = ( 1064 username => $username, 1065 uid => $uid, 1066 selected => ($webvar{clonesrc} == $uid ? 1 : 0) 1067 ); 1068 push @clonesrc, \%row; 1069 } 1070 $page->param(clonesrc => \@clonesrc); 992 1071 } 993 1072
Note:
See TracChangeset
for help on using the changeset viewer.