smeserver/smeserver-ibays
6
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

initial commit of file from CVS for e-smith-ibays on Wed 12 Jul 08:56:45 BST 2023

Browse Source
This commit is contained in:
Brian Read
2023-07-12 08:56:45 +01:00
parent 7ea7fdccf4
commit 1f503a7f0d
33 changed files with 2751 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
root/etc/e-smith/db/accounts/migrate/20ibay-accounts Normal file
View File

@@ -0,0 +1,18 @@
{
foreach my $ibay ($DB->get_all_by_prop(type => 'ibay'))
{
# SME9 introduced SSLRequireSSL with enabled/disabled.
# This replaces local customisation, so migrate 'on' to 'enabled'
$ibay->set_prop ('SSLRequireSSL', 'enabled') if (($ibay->prop ('SSLRequireSSL') || '') eq 'on');
# SME10 merge SSL property (setting to redirect to https) with SSLRequireSSL (setting to force SSL in a directory)
# while they have two different purpose, most admin will want to protect one directory with SSL and ease access to their
# client to gently redirect them to https, hence the merge.
my $SSL = $DB->get_prop_and_delete($ibay->key, 'SSL') || 'disabled';
# if SSL is enabled or SSLRequireSSL is enabled we want the new one enabled
# default remains empty for disabled for the moment
$ibay->set_prop('SSLRequireSSL','enabled') if ($SSL eq 'enabled');
}
}

1
root/etc/e-smith/db/configuration/defaults/maxIbayNameLength/type Normal file
View File

@@ -0,0 +1 @@
12

30
root/etc/e-smith/events/actions/group-ibay-modify Executable file
View File

@@ -0,0 +1,30 @@
#!/usr/bin/perl -w
use strict;
use esmith::AccountsDB;
use esmith::event;
my $accounts = esmith::AccountsDB->open() or
die "Unable to open accounts db: $!";
my ($self, $groupName) = @ARGV;
# Find all "i-bay" entries in the e-smith accounts database and
# if the group matches this one, change it to group "admin".
my @modified_ibays;
foreach my $ibay ( $accounts->ibays ) {
if ( $ibay->prop('Group') eq $groupName ) {
$ibay->set_prop( 'Group', 'admin' );
push @modified_ibays, $ibay->key;
event_signal("ibay-modify-files", $ibay->key) or
die ("Error occurred while updating i-bay.\n");
}
}
my $count = @modified_ibays;
if ( $count > 0 ) {
event_signal("ibay-modify-servers" ) or
die ("Error occurred after updating i-bays.\n");
}

49
root/etc/e-smith/events/actions/ibay-delete Executable file
View File

@@ -0,0 +1,49 @@
#!/bin/sh
#----------------------------------------------------------------------
# copyright (C) 1999-2005 Mitel Networks Corporation
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
#----------------------------------------------------------------------
#------------------------------------------------------------
# Delete the Unix account and files for the ibay.
#------------------------------------------------------------
event=$1
ibay=$2
if [ -z "$ibay" ]
then
echo ibayName argument missing
exit 1
fi
ldapauth=$(/sbin/e-smith/config getprop ldap Authentication || echo disabled)
x=0 # exit value
/bin/rm -rf /home/e-smith/files/ibays/$ibay
if [ "$ldapauth" != "enabled" ]
then
/usr/sbin/userdel "$ibay" || x=1
/usr/sbin/cpu -C/etc/cpu-system.conf userdel "$ibay"
/usr/sbin/cpu -C/etc/cpu-system.conf groupdel "$ibay"
else
/usr/sbin/cpu userdel "$ibay" || x=1
/usr/sbin/cpu -C/etc/cpu-system.conf groupdel "$ibay" || x=1
fi
exit $x

232
root/etc/e-smith/events/actions/ibay-modify Executable file
View File

@@ -0,0 +1,232 @@
#!/usr/bin/perl -w
#----------------------------------------------------------------------
# copyright (C) 1999-2005 Mitel Networks Corporation
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
#----------------------------------------------------------------------
package esmith;
use strict;
use Errno;
use File::Find;
use esmith::util;
use esmith::templates;
use esmith::AccountsDB;
use esmith::ConfigDB;
my $conf = esmith::ConfigDB->open_ro
or die "Could not open Config DB";
my $ldapauth = $conf->get('ldap')->prop('Authentication') || 'disabled';
my $x = 0; # exit value
$ENV{'PATH'} = "/bin";
my $event = $ARGV [0];
my $ibayName = $ARGV [1];
die "ibayName argument missing" unless defined ($ibayName);
my $accountdb = esmith::AccountsDB->open_ro();
my $ibay = $accountdb->get($ibayName) or
die "Couldn't find $ibayName record in accounts db\n";
die "Account $ibayName is not an ibay account; modify ibay event failed.\n"
unless ($ibay->prop('type') eq 'ibay');
if ($event eq 'ibay-create')
{
#------------------------------------------------------------
# Check the Unix account.
#------------------------------------------------------------
# Create the ibay's unique group first
if ($ldapauth ne 'enabled')
{
system(
"/usr/sbin/groupadd",
"-g",
$ibay->prop("Gid"),
$ibayName
) == 0 or ( $x = 255, warn "Failed to create (unix) group $ibayName.\n" );
system(
"/usr/sbin/useradd",
"-u",
$ibay->prop("Uid"),
"-g",
$ibay->prop("Gid"),
"-c",
$ibay->prop("Name"),
"-d",
"/home/e-smith/files/ibays/$ibayName/files",
"-G",
"shared,"
. $ibay->prop("Group"),
"-M",
"-s",
"/bin/false",
"$ibayName"
) == 0 or ( $x = 255, warn "Failed to create (unix) account $ibayName.\n" );
}
system(
"/usr/sbin/cpu", "-C/etc/cpu-system.conf", "groupadd",
"-g",
$ibay->prop("Gid"),
$ibayName
) == 0 or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to create (ldap) group $ibayName.\n" );
system(
"/usr/sbin/cpu", "-C/etc/cpu-system.conf", "useradd",
"-u",
$ibay->prop("Uid"),
"-g",
$ibay->prop("Gid"),
"-c",
$ibay->prop("Name"),
"-d",
"/home/e-smith/files/ibays/$ibayName/files",
"-G",
"shared,"
. $ibay->prop("Group"),
"-s",
"/bin/false",
"$ibayName"
) == 0 or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to create (ldap) account $ibayName.\n" );
#------------------------------------------------------------
# Create the ibay files and set the password.
#------------------------------------------------------------
system("/bin/cp", "-Rp", "/etc/e-smith/skel/ibay",
"/home/e-smith/files/ibays/$ibayName") == 0
or ( $x = 255, warn "Error copying ibay skeletal files" );
processTemplate( {
TEMPLATE_PATH=>"/home/e-smith/files/ibays/html/index.html",
OUTPUT_FILENAME=>"/home/e-smith/files/ibays/$ibayName/html/index.html",
MORE_DATA=>{IBAY_NAME=>$ibayName},
} );
if ($ldapauth ne 'enabled')
{
system("/usr/bin/passwd", "-l", $ibayName) == 0
or ( $x = 255, warn "Error locking (unix) account $ibayName" );
}
system("/usr/sbin/cpu", "-C/etc/cpu-system.conf", "usermod", "-L", $ibayName) == 0
or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Error locking (ldap) account $ibayName" );
}
elsif ($event eq 'ibay-modify' and $ibayName ne 'Primary')
{
#------------------------------------------------------------
# Modify ibay description in /etc/passwd using "usermod"
#------------------------------------------------------------
if ($ldapauth ne 'enabled')
{
system("/usr/sbin/usermod", "-c", $ibay->prop("Name"),
"-G", "shared," . $ibay->prop("Group"), "$ibayName") == 0
or ( $x = 255, warn "Failed to modify (unix) account $ibayName.\n" );
}
system("/usr/sbin/cpu", "-C/etc/cpu-system.conf", "usermod", "-c", $ibay->prop("Name"),
"-G", "shared," . $ibay->prop("Group"), "$ibayName") == 0
or ( $x = $ldapauth ne 'enabled' ? $x : 255, warn "Failed to modify (ldap) account $ibayName.\n" );
}
#------------------------------------------------------------
# Fix permissions on ibay files.
#------------------------------------------------------------
#--------------------------------------------------
# main directory is writeable only by root
#--------------------------------------------------
chdir "/home/e-smith/files/ibays/$ibayName"
or ( $x = 255, warn "Could not chdir to /home/e-smith/files/ibays/$ibayName" );
esmith::util::chownFile("root", "root", ".");
chmod 0755, ".";
#--------------------------------------------------
# fix ownership of subdirectories
#--------------------------------------------------
#--------------------------------------------------
# Set the group as www if it was admin, since
# while set as admin, the web server no longer has
# access to the ibay HTML directory, and web pages.
#--------------------------------------------------
my %properties = $ibay->props;
$::group = ($properties{'Group'} eq "admin") ? "www" : $properties {'Group'};
# Make sensible defaults
$::owner = undef;
$::fileperm = 0600;
$::dirperm = 0550;
if ($properties {'UserAccess'} eq 'wr-admin-rd-group')
{
$::owner = "admin";
$::fileperm = 0640;
$::dirperm = 02750;
}
elsif ($properties {'UserAccess'} eq 'wr-group-rd-group')
{
$::fileperm = 0660;
$::dirperm = 02770;
}
elsif ($properties {'UserAccess'} eq 'wr-group-rd-everyone')
{
$::fileperm = 0664;
$::dirperm = 02775;
}
else
{
warn("Value of UserAccess bad or unset");
}
sub process
{
if (-l)
{
$File::Find::prune = 1;
}
else
{
esmith::util::chownFile($::owner, $::group, $_);
if (-d)
{
chmod $::dirperm, $_;
}
elsif (-f)
{
# Preserve execute permissions on files
my $experm = (stat($_))[2] & 0111;
$experm |= $::fileperm;
chmod $experm, $_;
}
}
}
find(\&process, glob("*"));
exit ($x);

64
root/etc/e-smith/events/actions/init-ibays Normal file
View File

@@ -0,0 +1,64 @@
#!/usr/bin/perl -w
#----------------------------------------------------------------------
# copyright (C) 1999-2003 Mitel Networks Corporation
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
# Technical support for this program is available from Mitel Networks
# Please visit our web site www.mitel.com/sme/ for details.
#----------------------------------------------------------------------
package esmith;
use strict;
use Errno;
use esmith::util;
use esmith::AccountsDB;
# Populate pre-defined Primary i-bay
# Start with top level owner/permissions
my $files = "/home/e-smith/files";
my $perms = 0755;
my $owner = 'root';
my $group = 'root';
foreach (qw(Primary Primary/cgi-bin Primary/html Primary/files))
{
my $dir = "$files/ibays/$_";
unless (-d "$dir")
{
mkdir ($dir, $perms) or warn "Could not create dir $dir: $!";
chmod ($perms, $dir) or warn "Could not chmod dir $dir: $!";
esmith::util::chownFile($owner, $group, $dir);
}
# Switch to subdir owner/permissions
$perms = 02750;
$owner = 'admin';
$group = 'shared';
}
# Create a starter website index page if necessary
if( !grep /\.\w+$/, </home/e-smith/files/ibays/Primary/html/index.*> )
{
system("/bin/cp", "-p",
"/etc/e-smith/skel/e-smith/files/primary/html/index.htm",
"/home/e-smith/files/ibays/Primary/html/index.htm");
chmod 0640, "/home/e-smith/files/ibays/Primary/html/index.htm";
esmith::util::chownFile('admin', 'shared',
"/home/e-smith/files/ibays/Primary/html/index.htm");
}
exit (0);

286
root/etc/e-smith/locale/en-us/etc/e-smith/web/functions/ibays Executable file
View File

@@ -0,0 +1,286 @@
<!-- vim: ft=xml ts=4 sw=8 noet:
-->
<lexicon lang="en-us" params="getExtraParams()">
<entry>
<base>FORM_TITLE</base>
<trans>
Create, modify, or remove i-bays
</trans>
</entry>
<entry>
<base>FIRSTPAGE_DESC</base>
<trans>
<![CDATA[
<p>
<a class="button-like" href="ibays?page=0&page_stack=&Next=Next&wherenext=CreateModify">Add i-bay</a>
</p>
<p>
You can remove any information bay or reset its password by
clicking on the corresponding command
next to the information bay. If the information bay shows up
in red, that means that the password has not
yet been changed from the default, and should be changed
soon.
</p>
]]>
</trans>
</entry>
<entry>
<base>ADD_TITLE</base>
<trans>
Create or modify an i-bay
</trans>
</entry>
<entry>
<base>NAME_FIELD_DESC</base>
<trans>
The information bay name should contain only lower-case
letters, numbers, periods, hyphens and underscores, and
should start with a lower-case letter. For example
"johnson", "intra", and "cust3.prj12" are all valid
names, but "3associates", "John Smith" and
"Bus!Partner" are not. The name is limited to
{$maxLength} characters.
</trans>
</entry>
<entry>
<base>NAME_LABEL</base>
<trans>
Information bay name
</trans>
</entry>
<entry>
<base>USER_ACCESS</base>
<trans>
User access via file sharing or user ftp
</trans>
</entry>
<entry>
<base>PUBLIC_ACCESS</base>
<trans>
Public access via web or anonymous ftp
</trans>
</entry>
<entry>
<base>PUBLIC_ACCESS_DESCRIPTION</base>
<trans>
The public access mode "password required outside local
network" is not supported by the FTP server component. If
you select this mode, the FTP server will require a
password both inside and outside the local network for this
i-bay.
</trans>
</entry>
<entry>
<base>ALLOW_DYNAMIC_CONTENT</base>
<trans>
Execution of dynamic content (CGI, PHP, SSI)
</trans>
</entry>
<entry>
<base>HTTPS_Only</base>
<trans>
Force secure connections
</trans>
</entry>
<entry>
<base>REMOVE_TITLE</base>
<trans>
Remove information bay
</trans>
</entry>
<entry>
<base>REMOVE_DESC</base>
<trans>
<![CDATA[
<p>
You are about to remove the information bay "{$name}"
({$description}).
</p>
<p>
All files belonging to this information bay will be deleted.
</p>
<p>
Are you sure you wish to remove this information bay?
</p>
]]>
</trans>
</entry>
<entry>
<base>ERROR_WHILE_CREATING_IBAY</base>
<trans>
An error occurred while creating the i-bay.
</trans>
</entry>
<entry>
<base>SUCCESSFULLY_CREATED_IBAY</base>
<trans>
Successfully created i-bay.
</trans>
</entry>
<entry>
<base>NO_IBAYS</base>
<trans>
There are no i-bays currently configured.
</trans>
</entry>
<entry>
<base>CANT_FIND_IBAY</base>
<trans>
Can't find account for {$name} (does it exist?)
</trans>
</entry>
<entry>
<base>CANT_CREATE_IBAY</base>
<trans>
Can't create new account for {$name} (does it already exist?)
</trans>
</entry>
<entry>
<base>ERROR_WHILE_MODIFYING_IBAY</base>
<trans>
An error occurred while modifying the i-bay.
</trans>
</entry>
<entry>
<base>SUCCESSFULLY_MODIFIED_IBAY</base>
<trans>
Successfully modified i-bay.
</trans>
</entry>
<entry>
<base>VIRTUAL_HOST_MESSAGE</base>
<trans>
The following virtual domains were using this information
bay as their content and will be changed to the primary web
site (you can change them to something else afterward).
</trans>
</entry>
<entry>
<base>SUCCESSFULLY_DELETED_IBAY</base>
<trans>
Successfully deleted i-bay.
</trans>
</entry>
<entry>
<base>ERROR_WHILE_DELETING_IBAY</base>
<trans>
An error occurred while deleting the i-bay.
</trans>
</entry>
<entry>
<base>PASSWORD_DESC</base>
<trans>
You are about to change the password for the i-bay {$name}.
</trans>
</entry>
<entry>
<base>IBAY_PASSWD_VALIDATION_ERROR</base>
<trans>
The password may contain only letters and numbers.
</trans>
</entry>
<entry>
<base>IBAY_PASSWD_VERIFY_ERROR</base>
<trans>
The passwords do not match.
</trans>
</entry>
<entry>
<base>SUCCESSFULLY_RESET_PASSWORD</base>
<trans>
Successfully reset password.
</trans>
</entry>
<entry>
<base>ERROR_WHILE_RESETTING_PASSWORD</base>
<trans>
Error while resetting password.
</trans>
</entry>
<entry>
<base>VHOST_MESSAGE</base>
<trans>
<![CDATA[
<P>The following virtual domains were using this information bay
as their content and will be changed to the primary web site
(you can change them to something else afterward):</P>
<ul>{$vhostList}</ul>
]]>
</trans>
</entry>
<entry>
<base>Information bays</base>
<trans>Information bays</trans>
</entry>
<entry>
<base>WGRG</base>
<trans>Write = group, Read = group</trans>
</entry>
<entry>
<base>WGRE</base>
<trans>Write = group, Read = everyone</trans>
</entry>
<entry>
<base>WARG</base>
<trans>Write = admin, Read = group</trans>
</entry>
<entry>
<base>NONE</base>
<trans>No access</trans>
</entry>
<entry>
<base>LOCAL_NETWORK_NO_PASSWORD</base>
<trans>Local network (no password required)</trans>
</entry>
<entry>
<base>LOCAL_NETWORK_PASSWORD</base>
<trans>Local network (password required)</trans>
</entry>
<entry>
<base>ENTIRE_INTERNET_NO_PASSWORD</base>
<trans>Entire Internet (no password required)</trans>
</entry>
<entry>
<base>ENTIRE_INTERNET_PASSWORD</base>
<trans>Entire Internet (password required)</trans>
</entry>
<entry>
<base>ENTIRE_INTERNET_PASSWORD_REMOTE</base>
<trans>Entire Internet (password required outside local network)</trans>
</entry>
<entry>
<base>INVALID_IBAY_DESCRIPTION</base>
<trans>Error: unexpected or missing characters in i-bay description</trans>
</entry>
<entry>
<base>ACCT_NAME_HAS_INVALID_CHARS</base>
<trans>The i-bay name "{$acctName}" contains invalid characters.
I-bay names must start with a lower case letter and contain
only lower case letters, numbers, and hyphens.
</trans>
</entry>
<entry>
<base>MAX_IBAY_NAME_LENGTH_ERROR</base>
<trans>
The i-bay name "{$name}" is too long. The maximum is
{$maxIbayNameLength} characters.
</trans>
</entry>
<entry>
<base>ACCT_CLASHES_WITH_PSEUDONYM</base>
<trans>
<![CDATA[
The account "{$acctName}" clashes with pseudonym
details for {$acctType} account "{$acct}".
<p>{$acctName} is a pseudonym for {$acct}.</p>
]]>
</trans>
</entry>
<entry>
<base>ACCOUNT_EXISTS</base>
<trans>
The account "{$acctName}" is an existing {$acctType} account.
</trans>
</entry>
</lexicon>

0
root/etc/e-smith/skel/e-smith/files/ibays/.gitignore vendored Normal file
View File

0
root/etc/e-smith/skel/ibay/.AppleDesktop/.gitignore vendored Normal file
View File

0
root/etc/e-smith/skel/ibay/cgi-bin/.gitignore vendored Normal file
View File

0
root/etc/e-smith/skel/ibay/files/.gitignore vendored Normal file
View File

0
root/etc/e-smith/skel/ibay/html/.gitignore vendored Normal file
View File

9
root/etc/e-smith/templates/etc/e-smith/pam/accounts.allow/20ibayAccounts Normal file
View File

@@ -0,0 +1,9 @@
{
use esmith::AccountsDB;
$OUT = join("\n",
map { $_->key }
grep { $_->prop('PasswordSet') eq 'yes' }
esmith::AccountsDB->open_ro->ibays
);
}

198
root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/90e-smithAccess40ibays Normal file
View File

@@ -0,0 +1,198 @@
#------------------------------------------------------------
# Information bay directories
#------------------------------------------------------------
{
use esmith::AccountsDB;
my $adb = esmith::AccountsDB->open_ro();
$OUT = "";
foreach my $ibay ($adb->ibays)
{
my %properties = $ibay->props;
my $key = $ibay->key;
#------------------------------------------------------------
# Figure out which combination of parameters to use. If
# PublicAccess parameter is present, this is e-smith 4.0.
# Otherwise, it's e-smith 3.0.
#------------------------------------------------------------
my $allow;
my $pass;
my $satisfy;
if ($properties{'PublicAccess'})
{
if ($properties{'PublicAccess'} eq 'none')
{
next;
}
elsif ($properties{'PublicAccess'} eq 'local')
{
$allow = "ip $localAccess";
$pass = 0;
$satisfy = 'All';
}
elsif ($properties{'PublicAccess'} eq 'local-pw')
{
$allow = "ip $localAccess";
$pass = 1;
$satisfy = 'All';
}
elsif ($properties{'PublicAccess'} eq 'global')
{
$allow = 'all granted';
$pass = 0;
$satisfy = 'All';
}
elsif ($properties{'PublicAccess'} eq 'global-pw')
{
$allow = 'all granted';
$pass = 1;
$satisfy = 'All';
}
elsif ($properties{'PublicAccess'} eq 'global-pw-remote')
{
$allow = "ip $localAccess";
$pass = 1;
$satisfy = 'Any';
}
}
elsif ($properties {'ReadAccess'} eq 'global')
{
if ($properties {'UsePassword'} eq 'yes')
{
$allow = 'all granted';
$pass = 1;
$satisfy = 'All';
}
else
{
$allow = 'all granted';
$pass = 0;
$satisfy = 'All';
}
}
else
{
if ($properties {'UsePassword'} eq 'yes')
{
$allow = "ip $localAccess";
$pass = 1;
$satisfy = 'All';
}
else
{
$allow = "ip $localAccess";
$pass = 0;
$satisfy = 'All';
}
}
my $allowOverride = $properties{'AllowOverride'} || "None";
my $dynamicContent = $properties{'CgiBin'} || "disabled";
my $followSymLinks = $properties{'FollowSymLinks'} || "disabled";
my $indexes = $properties{'Indexes'} || "enabled";
my $sslRequireSSL = $properties{'SSLRequireSSL'} || "disabled";
# here we force SSL if either a password is asked or DAV is enabled
$sslRequireSSL = "enabled" if ($pass == 1);
$sslRequireSSL = "enabled" if ( ($properties{'ModDav'}||'disabled') eq 'enabled');
$OUT .= "\n";
$OUT .= "#------------------------------------------------------------\n";
$OUT .= "# $key ibay directories ($properties{'Name'})\n";
$OUT .= "#------------------------------------------------------------\n";
$OUT .= "\n";
$OUT .= "<Directory /home/e-smith/files/ibays/$key/html>\n";
if ($sslRequireSSL eq 'enabled')
{
$OUT .= " SSLRequireSSL\n";
}
$OUT .= " Options None\n";
$OUT .= " Options +Indexes\n" if ($indexes eq 'enabled');
$OUT .= " Options +FollowSymLinks\n" if ($followSymLinks eq 'enabled');
if ($dynamicContent eq 'enabled')
{
$OUT .= " Options +Includes\n";
}
else
{
$OUT .= " DirectoryIndex index.shtml index.htm index.html\n";
$OUT .= " Options +IncludesNOEXEC\n";
$OUT .= " <FilesMatch \"\\.(phar|php|phtml)\$\">\n";
$OUT .= " Require all denied\n";
$OUT .= " </FilesMatch>\n";
}
$OUT .= " AllowOverride $allowOverride\n";
if ($pass)
{
$OUT .= " AuthName \"$properties{'Name'}\"\n";
$OUT .= " AuthType Basic\n";
$OUT .= " AuthBasicProvider external\n";
$OUT .= " AuthExternal pwauth\n";
$OUT .= " <Require$satisfy>\n";
$OUT .= " Require user $key\n";
$OUT .= " Require $allow\n";
$OUT .= " </Require$satisfy>\n";
}
else
{
$OUT .= " Require $allow\n";
}
$OUT .= "</Directory>\n";
$OUT .= "\n";
$OUT .= "<Directory /home/e-smith/files/ibays/$key/cgi-bin>\n";
if ($sslRequireSSL eq 'enabled')
{
$OUT .= " SSLRequireSSL\n";
}
if ($dynamicContent eq 'enabled')
{
$OUT .= " Options ExecCGI\n";
}
$OUT .= " AllowOverride None\n";
if ($pass)
{
$OUT .= " AuthName \"$properties{'Name'}\"\n";
$OUT .= " AuthType Basic\n";
$OUT .= " AuthBasicProvider external\n";
$OUT .= " AuthExternal pwauth\n";
$OUT .= " <Require$satisfy>\n";
$OUT .= " Require user $key\n";
$OUT .= " Require $allow\n";
$OUT .= " </Require$satisfy>\n";
}
else
{
$OUT .= " Require $allow\n";
}
$OUT .= "</Directory>\n";
$OUT .= "\n";
$OUT .= "<Directory /home/e-smith/files/ibays/$key/files>\n";
if ($sslRequireSSL eq 'enabled')
{
$OUT .= " SSLRequireSSL\n";
}
$OUT .= " AllowOverride None\n";
if ($pass)
{
$OUT .= " AuthName \"$properties{'Name'}\"\n";
$OUT .= " AuthType Basic\n";
$OUT .= " AuthBasicProvider external\n";
$OUT .= " AuthExternal pwauth\n";
$OUT .= " <Require$satisfy>\n";
$OUT .= " Require user $key\n";
$OUT .= " Require $allow\n";
$OUT .= " </Require$satisfy>\n";
}
else
{
$OUT .= " Require $allow\n";
}
$OUT .= "</Directory>\n";
}
}

92
root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/20IbayContent Normal file
View File

@@ -0,0 +1,92 @@
{
use esmith::AccountsDB;
my $accounts = esmith::AccountsDB->open_ro;
use esmith::DomainsDB;
my $domains = esmith::DomainsDB->open_ro;
$OUT = "";
my $ibay = $virtualHostContent;
my $basedir = "/home/e-smith/files/ibays/$ibay";
my $cgiBin = $accounts->get_prop($ibay, "CgiBin") || "";
my $ssl_domain = $accounts->get_prop($ibay, "SSLRequireSSL") || "disabled";
my $access = $accounts->get_prop($ibay,'PublicAccess') || 'none';
my $pass = $access =~ /-pw/;
$ssl_domain = "enabled" if $pass;
$ssl_domain = "enabled" if (($accounts->get_prop($ibay, 'ModDav')||'disabled') eq 'enabled');
$OUT .= " DocumentRoot $basedir/html\n";
if (( $port ne $httpsPort ) && ( $ssl_domain eq 'enabled'))
{
my $portspec = ($httpsPort eq 443) ? "" : ":$httpsPort";
$OUT .= " RewriteEngine on\n";
$OUT .= " RewriteRule ^/(.*|\$) https://%{HTTP_HOST}${portspec}/\$1 [R,L]\n";
}
if ($cgiBin)
{
$OUT .= " ScriptAlias /cgi-bin $basedir/cgi-bin\n";
}
else
{
$OUT .=
" # To add cgi-bin ScriptAlias for this i-bay, run:\n"
. " # /sbin/e-smith/db accounts setprop $ibay CgiBin "
. "enabled\n"
. " # /sbin/e-smith/signal-event console-save\n";
}
$OUT .= " Alias /files $basedir/files\n";
if (($domains->get_prop($virtualHost, 'SystemPrimaryDomain') || 'no')
eq 'yes')
{
my @ibays = $accounts->ibays;
foreach my $ibay (@ibays)
{
my $key = $ibay->key;
next if $key eq $virtualHostContent;
my $basedir = "/home/e-smith/files/ibays/$key";
my $cgiBin = $ibay->prop("CgiBin") || "";
my $name = $ibay->prop("Name") || "";
$OUT .= "\n";
$OUT .= " # $key ibay ($name)\n";
$OUT .= "\n";
my $ssl_bay = $ibay->prop('SSLRequireSSL') || 'disabled';
my $access_bay = $ibay->prop('PublicAccess') || 'none';
my $pass_bay = $access_bay =~ /-pw/;
$ssl_bay = "enabled" if $pass_bay ;
$ssl_bay = "enabled" if (($ibay->prop('ModDav')||'disabled') eq 'enabled');
if (( $port ne $httpsPort ) && ($ssl_bay eq 'enabled')){
my $portspec = ($httpsPort eq 443) ? "" : ":$httpsPort";
$OUT .= " RewriteEngine on\n";
$OUT .= " RewriteRule ^/$key(/.*|\$) https://%{HTTP_HOST}${portspec}/$key\$1 \[L,R\]\n";
}
if ($cgiBin)
{
$OUT .= " ScriptAlias /$key/cgi-bin $basedir/cgi-bin\n";
}
else
{
$OUT .=
" # To add cgi-bin ScriptAlias for this i-bay, run:\n"
. " # /sbin/e-smith/db accounts setprop $key CgiBin "
. "enabled\n"
. " # /sbin/e-smith/signal-event console-save\n";
}
$OUT .= " Alias /$key/files $basedir/files\n";
# Make sure this one is last since it's a prefix of the above
# aliases. If we put it first, it would get expanded before the
# other aliases, creating problems.
$OUT .= " Alias /$key $basedir/html\n";
}
$OUT .= " # No ibays in system\n" unless @ibays;
}
}

7
root/etc/e-smith/templates/home/e-smith/files/ibays/html/index.html/00setup Normal file
View File

@@ -0,0 +1,7 @@
{
use esmith::AccountsDB;
$adb = esmith::AccountsDB->open_ro();
"";
}

25
root/etc/e-smith/templates/home/e-smith/files/ibays/html/index.html/10body Normal file
View File

@@ -0,0 +1,25 @@
{
my $desc = $adb->get_prop($IBAY_NAME, "Name") || "No description";
$OUT =<<HERE;
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML>
<HEAD>
<TITLE>Information Bay: $desc</TITLE>
</HEAD>
<BODY BGCOLOR="#FFFFFF">
<H1>Information Bay</H1>
<P>This information bay has not yet been customized.</P>
</BODY>
</HTML>
HERE
}

0
root/etc/e-smith/templates/home/e-smith/files/ibays/html/index.html/template-begin Normal file
View File

0
root/etc/e-smith/web/common/.gitignore vendored Normal file
View File

145
root/etc/e-smith/web/functions/ibays Executable file
View File

@@ -0,0 +1,145 @@
#!/usr/bin/perl -wT
# vim: ft=xml ts=4 sw=4 et:
#----------------------------------------------------------------------
# heading : Collaboration
# description : Information bays
# navigation : 2000 2500
#
# Copyright (c) 2001 Mitel Networks Corporation
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
# Technical support for this program is available from e-smith, inc.
# Please visit our web site www.e-smith.com for details.
#----------------------------------------------------------------------
use strict;
use esmith::FormMagick::Panel::ibays;
my $fm = esmith::FormMagick::Panel::ibays->new();
$fm->display();
=pod
=head1 NAME
ibays -- add/remove/manage ibays
=head2 DESCRIPTION
This screen allows the administrator to manage information bays.
=begin testing
use esmith::FormMagick::Tester;
use esmith::TestUtils;
use esmith::TestUtils;
use esmith::ConfigDB;
use esmith::AccountsDB;
my $panel = $Original_File;
my $ua = esmith::FormMagick::Tester->new();
my $c = esmith::ConfigDB->open();
my $a = esmith::AccountsDB->open();
is (mode($panel), '4750', "Check permissions on script");
ok ($ua->get_panel($panel), "ABOUT TO RUN L10N TESTS");
is ($ua->{status}, 200, "200 OK");
#like($ua->{content}, qr/FORM_TITLE/, "Saw untranslated form title");
ok ($ua->set_language("en"), "Set language to English");
ok ($ua->get_panel($panel), "Get panel");
is ($ua->{status}, 200, "200 OK");
like($ua->{content}, qr/Information bays/, "Saw translated form title");
ok ($ua->get_panel($panel), "ABOUT TO TEST CREATING IBAY");
ok ($ua->follow("Click here"), "Follow 'create ibay' link");
is ($ua->{status}, 200, "200 OK");
like($ua->{content}, qr/Create a new information bay/, "Saw page title");
like($ua->{content}, qr/Brief description/, "Saw description field");
like($ua->{content}, qr/Group/, "Saw group field");
like($ua->{content}, qr/User access via file/, "Saw user access field");
like($ua->{content}, qr/Public access via/, "Saw Public access field");
like($ua->{content}, qr/Add/, "Saw add button");
SKIP: {
skip 10, "Unsafe!" unless destruction_ok();
ok ($ua->follow("Click here"), "ACTUALLY ADDING A NETWORK");
$ua->field();
$ua->click("Add");
like($ua->{content}, qr/Successfully added ibay/, "Saw success message");
ok ($ua->follow("Remove"), "REMOVING NETWORK");
like($ua->{content}, qr/Are you sure/, "Saw confirmation message");
$ua->click("Remove");
like($ua->{content}, qr/Successfully deleted/, "Saw success message");
}
=cut
__DATA__
<form title="FORM_TITLE" header="/etc/e-smith/web/common/head.tmpl" footer="/etc/e-smith/web/common/foot.tmpl">
<page name="First" pre-event="print_status_message()">
<description>FIRSTPAGE_DESC</description>
<subroutine src="print_ibay_table()" />
</page>
<page name="CreateModify" pre-event="turn_off_buttons()" post-event="handle_ibays()">
<title>ADD_TITLE</title>
<subroutine src="print_ibay_name_field()" />
<field type="text" id="description" validation="validate_description">
<label>DESCRIPTION</label>
</field>
<field type="select" id="group" options="group_list()">
<label>GROUP</label>
</field>
<field type="select" id="userAccess" options="userAccess_list()">
<label>USER_ACCESS</label>
</field>
<field type="select" id="publicAccess" options="publicAccess_list()" value="none">
<label>PUBLIC_ACCESS</label>
</field>
<field type="select" id="CgiBin" options="'disabled' => 'DISABLED', 'enabled' => 'ENABLED'">
<label>ALLOW_DYNAMIC_CONTENT</label>
</field>
<field type="select" id="SSLRequireSSL" options="'disabled' => 'DISABLED', 'enabled' => 'ENABLED'">
<label>HTTPS_Only</label>
</field>
<subroutine src="print_save_or_add_button()" />
</page>
<page name="Remove" pre-event="turn_off_buttons()" post-event="remove_ibay()">
<title>REMOVE_TITLE</title>
<description>REMOVE_DESC</description>
<subroutine src="print_vhost_message()" />
<subroutine src="print_button('REMOVE')" />
</page>
<page name="Password" pre-event="turn_off_buttons()" post-event="reset_password()">
<title>PASSWORD_RESET</title>
<description>PASSWORD_DESC</description>
<field type="password" id="newPass" validation="nonblank, check_password">
<label>PASSWORD_NEW</label>
</field>
<field type="password" id="newPassVerify" validation="verifyPasswords">
<label>PASSWORD_VERIFY_NEW</label>
</field>
<subroutine src="print_button('SAVE')"/>
</page>
</form>

0
root/etc/e-smith/web/panels/manager/cgi-bin/.gitignore vendored Normal file
View File

0
root/etc/e-smith/web/panels/manager/common/.gitignore vendored Normal file
View File

0
root/etc/e-smith/web/panels/manager/html/.gitignore vendored Normal file
View File

0
root/home/e-smith/files/ibays/.gitignore vendored Normal file
View File

730
root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/ibays.pm Normal file
View File

@@ -0,0 +1,730 @@
#!/usr/bin/perl -w
#
# $Id: ibays.pm,v 1.8 2005/09/06 05:49:52 apc Exp $
#
package esmith::FormMagick::Panel::ibays;
use strict;
use esmith::FormMagick;
use esmith::AccountsDB;
use esmith::ConfigDB;
use esmith::DomainsDB;
use esmith::cgi;
use esmith::util;
use File::Basename;
use Exporter;
use Carp;
our @ISA = qw(esmith::FormMagick Exporter);
our @EXPORT = qw(
print_ibay_table
print_ibay_name_field
print_vhost_message
group_list
userAccess_list
publicAccess_list
max_ibay_name_length
handle_ibays
remove_ibay
reset_password
getExtraParams
verifyPasswords
check_password
print_save_or_add_button
wherenext
);
our $VERSION = sprintf '%d.%03d', q$Revision: 1.8 $ =~ /: (\d+).(\d+)/;
our $accountdb = esmith::AccountsDB->open();
our $configdb = esmith::ConfigDB->open();
=pod
=head1 NAME
esmith::FormMagick::Panels::ibays - useful panel functions
=head1 SYNOPSIS
use esmith::FormMagick::Panels::ibays;
my $panel = esmith::FormMagick::Panel::ibays->new();
$panel->display();
=head1 DESCRIPTION
=head2 new();
Exactly as for esmith::FormMagick
=begin testing
$ENV{ESMITH_ACCOUNT_DB} = "10e-smith-base/accounts.conf";
$ENV{ESMITH_CONFIG_DB} = "10e-smith-base/configuration.conf";
$ENV{ESMITH_DOMAINS_DB} = "10e-smith-base/domains.conf";
use_ok('esmith::FormMagick::Panel::ibays');
use vars qw($panel);
ok($panel = esmith::FormMagick::Panel::ibays->new(),
"Create panel object");
isa_ok($panel, 'esmith::FormMagick::Panel::ibays');
{ package esmith::FormMagick::Panel::ibays;
our $accountdb;
::isa_ok($accountdb, 'esmith::AccountsDB');
}
=end testing
=cut
sub new
{
my $proto = shift;
my $class = ref($proto) || $proto;
my $self = esmith::FormMagick::new($class);
$self->{calling_package} = (caller)[0];
return $self;
}
=head1 HTML GENERATION ROUTINES
Routines for generating chunks of HTML needed by the panel.
=head1 ROUTINES FOR FILLING IN FIELDS
=head2 print_ibay_table
Prints out the ibay table on the front page.
=for testing
my $self = esmith::FormMagick::Panel::ibays->new();
$self->{cgi} = CGI->new("");
can_ok('main', 'print_ibay_table');
$self->print_ibay_table();
like($_STDOUT_, qr/NAME/, "Found NAME header in table output");
#like($_STDOUT_, qr/testibay/, "Found test ibay in user table output");
#like($_STDOUT_, qr/ff0000/, "Found red 'reset password' output");
=cut
sub print_ibay_table {
my $self = shift;
my $q = $self->{cgi};
my $name = $self->localise('NAME');
my $description = $self->localise('DESCRIPTION');
my $modify = $self->localise('MODIFY');
my $remove = $self->localise('REMOVE');
my $resetpw = $self->localise('PASSWORD_RESET');
my $action_h = $self->localise('ACTION');
my @ibays = $accountdb->ibays();
unless ( scalar @ibays )
{
print $q->Tr($q->td($self->localise('NO_IBAYS')));
return "";
}
print $q->start_table({-CLASS => "sme-border"}),"\n";
print $q->Tr (
esmith::cgi::genSmallCell($q, $name,"header"),
esmith::cgi::genSmallCell($q, $description,"header"),
esmith::cgi::genSmallCell($q, $action_h,"header", 3)),"\n";
my $scriptname = basename($0);
foreach my $i (@ibays)
{
my $ibayname = $i->key();
my $ibaydesc = $i->prop('Name');
my $modifiable = $i->prop('Modifiable') || 'yes';
my $passwordable = $i->prop('Passwordable') || 'yes';
my $removable = $i->prop('Removable') || 'yes';
my $needPassword = grep { $_ eq $i->prop('PublicAccess') }
qw(local-pw global-pw global-pw-remote);
my $params = $self->build_ibay_cgi_params($ibayname, $i->props());
my $href = "$scriptname?$params&action=modify&wherenext=";
my $actionModify = '&nbsp;';
if ($modifiable eq 'yes')
{
$actionModify .= $q->a({href => "${href}CreateModify"},$modify)
. '&nbsp;';
}
my $actionResetPw = '&nbsp;';
if ($passwordable eq 'yes')
{
if ($i->prop('PasswordSet') ne 'yes' && $needPassword)
{
$actionResetPw .= $q->a({href => "${href}Password",
class => "error"}, $resetpw)
}
else
{
$actionResetPw .= $q->a({href => "${href}Password"}, $resetpw)
}
$actionResetPw .= '&nbsp';
}
my $actionRemove = '&nbsp;';
if ($removable eq 'yes')
{
$actionRemove .= $q->a({href => "${href}Remove"}, $remove)
. '&nbsp';
}
print $q->Tr (
esmith::cgi::genSmallCell($q, $ibayname,"normal"),
esmith::cgi::genSmallCell($q, $ibaydesc,"normal"),
esmith::cgi::genSmallCell($q, $actionModify,"normal"),
esmith::cgi::genSmallCell($q, $actionResetPw,"normal"),
esmith::cgi::genSmallCell($q, $actionRemove,"normal"));
}
print $q->end_table,"\n";
return "";
}
sub build_ibay_cgi_params {
my ($self, $ibayname, %oldprops) = @_;
#$oldprops{'description'} = $oldprops{Name};
#delete $oldprops{Name};
my %props = (
page => 0,
page_stack => "",
#".id" => $self->{cgi}->param('.id') || "",
name => $ibayname,
#%oldprops
);
return $self->props_to_query_string(\%props);
}
*wherenext = \&CGI::FormMagick::wherenext;
sub print_ibay_name_field {
my $self = shift;
my $in = $self->{cgi}->param('name') || '';
my $action = $self->{cgi}->param('action') || '';
my $maxLength = $configdb->get('maxIbayNameLength')->value;
print qq(<tr><td colspan="2">) . $self->localise('NAME_FIELD_DESC',
{maxLength => $maxLength}) . qq(</td></tr>);
print qq(<tr><td class="sme-noborders-label">) .
$self->localise('NAME_LABEL') . qq(</td>\n);
if ($action eq 'modify' and $in) {
print qq(
<td class="sme-noborders-content">$in
<input type="hidden" name="name" value="$in">
<input type="hidden" name="action" value="modify">
</td>
);
# Read the values for each field from the accounts db and store
# them in the cgi object so our form will have the correct
# info displayed.
my $q = $self->{cgi};
my $rec = $accountdb->get($in);
if ($rec)
{
$q->param(-name=>'description',-value=>
$rec->prop('Name'));
$q->param(-name=>'group',-value=>
$rec->prop('Group'));
$q->param(-name=>'userAccess',-value=>
$rec->prop('UserAccess'));
$q->param(-name=>'publicAccess',-value=>
$rec->prop('PublicAccess'));
$q->param(-name=>'CgiBin',-value=>
$rec->prop('CgiBin'));
$q->param(-name=>'SSLRequireSSL',-value=>
$rec->prop('SSLRequireSSL'));
}
} else {
print qq(
<td><input type="text" name="name" value="$in">
<input type="hidden" name="action" value="create">
</td>
);
}
print qq(</tr>\n);
return undef;
}
=pod
=head2 print_vhost_message()
Prints a warning message that vhosts whose content is this ibay will be
modified to point to primary site.
=for testing
$panel->{cgi} = CGI->new();
$panel->{cgi}->param(-name=>'name', -value=>'bar');
is($panel->print_vhost_message(), undef, 'print_vhost_message');
=cut
sub print_vhost_message {
my $self = shift;
my $q = $self->{cgi};
my $name = $q->param('name');
my $domaindb = esmith::DomainsDB->open();
my @domains = $domaindb->get_all_by_prop(Content => $name);
my $vhostListItems = join "\n",
(map ($q->li($_->key." ".$_->prop('Description')),
@domains));
if ($vhostListItems)
{
print $self->localise('VHOST_MESSAGE', {vhostList => $vhostListItems});
}
return undef;
}
=head2 group_list()
Returns a hash of groups for the Create/Modify screen's group field's
drop down list.
=for testing
can_ok('main', 'group_list');
my $g = group_list();
is(ref($g), 'HASH', "group_list returns a hashref");
is($g->{simpsons}, "Simpsons Family (simpsons)",
"Found names and descriptions");
=cut
sub group_list
{
my @groups = $accountdb->groups();
my %groups = ( admin => 'Admin', shared => 'Everyone' );
foreach my $g (@groups) {
$groups{$g->key()} = $g->prop('Description')." (".
$g->key.")";
}
return \%groups;
}
=head2 userAccess_list
Returns the hash of user access settings for showing in the user access
drop down list.
=for testing
can_ok('main', 'userAccess_list');
my $u = userAccess_list();
is(ref($u), 'HASH', "userAccess_list returns a hashref");
like($u->{'wr-group-rd-group'}, qr/WGRG/, "hashref contains the right stuff");
=cut
sub userAccess_list
{
return {
'wr-group-rd-group' => 'WGRG',
'wr-group-rd-everyone' => 'WGRE',
'wr-admin-rd-group' => 'WARG'
};
}
=head2 publicAccess_list
Returns the hash of public access settings for showing in the public
access drop down list.
=for testing
can_ok('main', 'publicAccess_list');
my $u = publicAccess_list();
is(ref($u), 'HASH', "publicAccess_list returns a hashref");
is($u->{none}, 'NONE', "hashref contains the right stuff");
=cut
sub publicAccess_list {
return {
'none' => 'NONE',
'local' => 'LOCAL_NETWORK_NO_PASSWORD',
'local-pw' => 'LOCAL_NETWORK_PASSWORD',
'global' => 'ENTIRE_INTERNET_NO_PASSWORD',
'global-pw' => 'ENTIRE_INTERNET_PASSWORD',
'global-pw-remote' => 'ENTIRE_INTERNET_PASSWORD_REMOTE'
};
}
=head1 VALIDATION ROUTINES
=head2 max_ibay_name_length()
Checks the length of a given i-bay name against the maximum set in the
maxIbayNameLength record of the configuration database. Defaults to a
maximum length of the maxIbayNameLength set in the config db.
=begin testing
my $conf = esmith::ConfigDB->open();
isa_ok($conf, 'esmith::ConfigDB');
my $max_record = $conf->get('maxIbayNameLength')
|| $conf->new_record('maxIbayNameLength');
$max_record->set_value(12);
$conf->reload;
is($conf->get('maxIbayNameLength')->value(), 12, "Max ibay length is 12");
can_ok('main', 'max_ibay_name_length');
is($panel->max_ibay_name_length('abc'), 'OK', "Short ibay name is OK");
isnt($panel->max_ibay_name_length('abcdefghiabcdefghi'), 'OK', "Long ibay name is not OK");
$max_record->set_value(2);
$conf->reload();
is($max_record->value(), 2, "Set max length to a very low number");
isnt($panel->max_ibay_name_length('abc'), 'OK', "Short ibay name is no longer OK");
=end testing
=cut
sub max_ibay_name_length {
my ($self, $data) = @_;
$configdb->reload();
my $max = $configdb->get('maxIbayNameLength')->value;
if (length($data) <= $max) {
return "OK";
} else {
return $self->localise("MAX_IBAY_NAME_LENGTH_ERROR",
{acctName => $data,
maxIbayNameLength => $max,
maxLength => $max});
}
}
=pod
=head2 conflict_check
Check the proposed name for clashes with existing pseudonyms or other
accounts of any type.
=cut
sub conflict_check
{
my ($self, $name) = @_;
my $rec = $accountdb->get($name);
my $type;
if (defined $rec)
{
my $type = $rec->prop('type');
if ($type eq "pseudonym")
{
my $acct = $rec->prop("Account");
my $acct_type = $accountdb->get($acct)->prop('type');
return $self->localise('ACCT_CLASHES_WITH_PSEUDONYM',
{acctName => $name, acctType => $acct_type, acct => $acct});
}
}
elsif (defined getpwnam($name) || defined getgrnam($name))
{
$type = 'system';
}
else
{
# No account record and no account
return 'OK';
}
return $self->localise('ACCOUNT_EXISTS',
{acctName => $name, acctType => $type});
}
=head1 THE ROUTINES THAT ACTUALLY DO THE WORK
=for testing
can_ok('main', 'handle_ibays');
=cut
sub handle_ibays {
my ($self) = @_;
if ($self->cgi->param("action") eq "create") {
$self->create_ibay();
} else {
$self->modify_ibay();
}
}
=head2 print_save_or_add_button()
=cut
sub print_save_or_add_button {
my ($self) = @_;
my $action = $self->cgi->param("action") || '';
if ($action eq "modify") {
$self->print_button("SAVE");
} else {
$self->print_button("ADD");
}
}
sub create_ibay {
my ($self) = @_;
my $name = $self->cgi->param('name');
my $msg = $self->validate_name($name);
unless ($msg eq "OK")
{
return $self->error($msg);
}
$msg = $self->max_ibay_name_length($name);
unless ($msg eq "OK")
{
return $self->error($msg);
}
$msg = $self->conflict_check($name);
unless ($msg eq "OK")
{
return $self->error($msg);
}
my $uid = $accountdb->get_next_uid();
if (my $acct = $accountdb->new_record($name, {
Name => $self->cgi->param('description'),
CgiBin => $self->cgi->param('CgiBin'),
Group => $self->cgi->param('group'),
PublicAccess => $self->cgi->param('publicAccess'),
SSLRequireSSL => $self->cgi->param('SSLRequireSSL'),
UserAccess => $self->cgi->param('userAccess'),
Uid => $uid,
Gid => $uid,
PasswordSet => 'no',
type => 'ibay',
}) )
{
# Untaint $name before use in system()
$name =~ /(.+)/; $name = $1;
if (system ("/sbin/e-smith/signal-event", "ibay-create", $name) == 0) {
$self->success("SUCCESSFULLY_CREATED_IBAY");
} else {
$self->error("ERROR_WHILE_CREATING_IBAY");
}
} else {
$self->error('CANT_CREATE_IBAY');
}
}
sub modify_ibay {
my ($self) = @_;
my $name = $self->cgi->param('name');
if (my $acct = $accountdb->get($name)) {
if ($acct->prop('type') eq 'ibay') {
$acct->merge_props(
Name => $self->cgi->param('description'),
CgiBin => $self->cgi->param('CgiBin'),
Group => $self->cgi->param('group'),
PublicAccess => $self->cgi->param('publicAccess'),
SSLRequireSSL => $self->cgi->param('SSLRequireSSL'),
UserAccess => $self->cgi->param('userAccess'),
);
# Untaint $name before use in system()
$name =~ /(.+)/; $name = $1;
if (system ("/sbin/e-smith/signal-event", "ibay-modify",
$name) == 0)
{
$self->success("SUCCESSFULLY_MODIFIED_IBAY");
} else {
$self->error("ERROR_WHILE_MODIFYING_IBAY");
}
} else {
$self->error('CANT_FIND_IBAY');
}
} else {
$self->error('CANT_FIND_IBAY');
}
}
=for testing
can_ok('main', 'remove_ibay');
=cut
sub remove_ibay {
my ($self) = @_;
my $name = $self->cgi->param('name');
if (my $acct = $accountdb->get($name)) {
if ($acct->prop('type') eq 'ibay') {
$acct->set_prop('type', 'ibay-deleted');
my $domains_db = esmith::DomainsDB->open();
my @domains = $domains_db->get_all_by_prop(Content=>$name);
foreach my $d (@domains) {
$d->set_prop(Content => 'Primary');
}
# Untaint $name before use in system()
$name =~ /(.+)/; $name = $1;
if (system ("/sbin/e-smith/signal-event", "ibay-delete",
$name) == 0)
{
$self->success("SUCCESSFULLY_DELETED_IBAY");
$acct->delete();
} else {
$self->error("ERROR_WHILE_DELETING_IBAY");
}
} else {
$self->error('CANT_FIND_IBAY');
}
} else {
$self->error('CANT_FIND_IBAY');
}
$self->wherenext('First');
}
=for testing
can_ok('main', 'reset_password');
=cut
sub reset_password {
my ($self) = @_;
my $name = $self->cgi->param('name');
my $newPass = $self->cgi->param('newPass');
my $acct;
if (($acct = $accountdb->get($name)) && ($acct->prop('type') eq 'ibay')) {
esmith::util::setIbayPassword ($acct->key, $newPass);
$acct->set_prop('PasswordSet', 'yes');
# Untaint $name before use in system()
$name =~ /(.+)/; $name = $1;
if (system ("/sbin/e-smith/signal-event", "password-modify",
$name) == 0)
{
$self->success("SUCCESSFULLY_RESET_PASSWORD");
} else {
$self->error("ERROR_WHILE_RESETTING_PASSWORD");
}
} else {
$self->error('CANT_FIND_IBAY');
}
$self->wherenext('First');
}
=pod
=head2 getExtraParams()
Sets variables used in the lexicon to their required values.
=for testing
$panel->{cgi}->param(-name=>'name', -value=>'foo');
my %ret = $panel->getExtraParams();
is($ret{name}, 'foo', ' .. name field is foo');
isnt($ret{description}, undef, ' .. description field isnt undef');
=cut
sub getExtraParams
{
my $self = shift;
my $q = $self->{cgi};
my $name = $q->param('name');
my $desc = '';
if ($name)
{
my $acct = $accountdb->get($name);
if ($acct)
{
$desc = $acct->prop('Name');
}
}
return (name => $name, description => $desc);
}
=head2 verifyPasswords()
Returns an error message if the two new passwords input don't match.
=cut
sub verifyPasswords {
my $self = shift;
my $pass2 = shift;
my $pass1 = $self->{cgi}->param('newPass');
unless ($pass1 eq $pass2) {
$self->{cgi}->param( -name => 'wherenext', -value => 'Password' );
return "PASSWORD_NO_MATCH";
}
return "OK";
}
=head2 validate_name
Checks that the name supplied does not contain any unacceptable chars.
Returns OK on success or a localised error message otherwise.
ting
is($panel->validate_name('foo'), 'OK', 'validate_name');
is($panel->validate_name('cust3.prj12'),'OK',' .. name with dots and nums');
is($panel->validate_name('cust_bay'),'OK',' .. name with underscore');
isnt($panel->validate_name('3amigos'), 'OK', ' .. cannot start with number');
isnt($panel->validate_name('betty ford'), 'OK', ' .. cannot contain space');
=cut
sub validate_name
{
my ($self, $acctName) = @_;
unless ($acctName =~ /^([a-z][\_\.\-a-z0-9]*)$/)
{
return $self->localise('ACCT_NAME_HAS_INVALID_CHARS',
{acctName => $acctName});
}
return "OK";
}
=head2 check_password
Validates the password using the desired strength
=cut
sub check_password {
my $self = shift;
my $pass1 = shift;
my $check_type;
my $rec = $configdb->get('passwordstrength');
$check_type = ($rec ? ($rec->prop('Ibays') || 'none') : 'none');
return $self->validate_password($check_type,$pass1);
}
1;

0
root/var/cache/e-smith/files/ibays/.gitignore vendored Normal file
View File