From eb9de717b4be197c1bea736593a80bac13b2ef60 Mon Sep 17 00:00:00 2001 From: Roland Gruber Date: Thu, 22 Feb 2007 17:16:14 +0000 Subject: [PATCH] new lamdaemon options --- lam/lib/config.inc | 149 ++++++++++++++++++++++++++---- lam/templates/config/confmain.php | 68 +++++++++++++- lam/tests/conf-test.php | 12 ++- 3 files changed, 203 insertions(+), 26 deletions(-) diff --git a/lam/lib/config.inc b/lam/lib/config.inc index cae429cf..d91d39c9 100644 --- a/lam/lib/config.inc +++ b/lam/lib/config.inc @@ -3,7 +3,7 @@ $Id$ This code is part of LDAP Account Manager (http://www.sourceforge.net/projects/lam) - Copyright (C) 2003 - 2006 Roland Gruber + Copyright (C) 2003 - 2007 Roland Gruber This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -27,6 +27,7 @@ $Id$ * * @package configuration * @author Roland Gruber +* @author Thomas Manninger */ /** Used to print messages. */ @@ -53,6 +54,46 @@ function setlanguage() { header("Content-type: text/html; charset=" . $language[1], true); } +/** + * Return $return, if the the chmod rights where set + * + * @param: $right: read,write or execute + * @param: $target: owner,group or other + * @param: $chmod: the chmod rights + * + * @return true, if the chmod $right for $target were set + */ +function checkChmod($right, $target, $chmod) { + $right_arr=array("read","write","execute"); + $target_arr=array("owner","group","other"); + + // Check, if $right and $target has right parameters + if (!in_array($right, $right_arr) ||!in_array($target, $target_arr)) { + return false; + } + + $chmod_num = -1; + // owner: + if ($target == "owner") $chmod_num = 0; + if ($target == "group") $chmod_num = 1; + if ($target == "other") $chmod_num = 2; + + // Cut the number from the chmod: + $chmod_num = $chmod{$chmod_num}; + + // Now check, if the chmod_num can be right with the $right + // What numbers allow "read" + $read = array(4,5,6,7); + // What numbers allow "write" + $write = array(2,3,6,7); + // What numbers allow "execute" + $execute = array(1,3,5,7); + if (($right == "read") && in_array($chmod_num, $read)) return true; + elseif (($right == "write") && in_array($chmod_num, $write)) return true; + elseif (($right == "execute") && in_array($chmod_num, $execute)) return true; + else return false; +} + /** * Returns an array of string with all available configuration profiles (without .conf) * @@ -155,12 +196,17 @@ class LAMConfig { var $scriptPath; /** - * Server where lamdaemon script is executed + * The rights for the home directory + */ + var $scriptRights; + + /** + * Servers where lamdaemon script is executed * * This is used for managing quota and home directories. * optional setting, may not be defined */ - var $scriptServer; + var $scriptServers; /** LDAP cache timeout */ var $cachetimeout; @@ -173,7 +219,7 @@ class LAMConfig { /** List of all settings in config file */ var $settings = array("ServerURL", "Passwd", "Admins", "treesuffix", "maxlistentries", - "defaultLanguage", "scriptPath", "scriptServer", "cachetimeout", + "defaultLanguage", "scriptPath", "scriptServers", "scriptRights", "cachetimeout", "modules", "activeTypes", "types"); @@ -314,7 +360,8 @@ class LAMConfig { if (!in_array("maxlistentries", $saved)) array_push($file_array, "\n\n# maximum number of rows to show in user/group/host lists\n" . "maxlistentries: " . $this->maxlistentries . "\n"); if (!in_array("defaultLanguage", $saved)) array_push($file_array, "\n\n# default language (a line from config/language)\n" . "defaultLanguage: " . $this->defaultLanguage . "\n"); if (!in_array("scriptPath", $saved)) array_push($file_array, "\n\n# Path to external Script\n" . "scriptPath: " . $this->scriptPath . "\n"); - if (!in_array("scriptServer", $saved)) array_push($file_array, "\n\n# Server of external Script\n" . "scriptServer: " . $this->scriptServer . "\n"); + if (!in_array("scriptServers", $saved)) array_push($file_array, "\n\n# Servers of external script\n" . "scriptServers: " . $this->scriptServers . "\n"); + if (!in_array("scriptRights", $saved)) array_push($file_array, "\n\n# Access rights for home directories\n" . "scriptRights: " . $this->scriptRights . "\n"); if (!in_array("cachetimeout", $saved)) array_push($file_array, "\n\n# Number of minutes LAM caches LDAP searches.\n" . "cacheTimeout: " . $this->cachetimeout . "\n"); if (!in_array("activeTypes", $saved)) array_push($file_array, "\n\n# List of active account types.\n" . "activeTypes: " . $this->activeTypes . "\n"); // check if all module settings were added @@ -548,29 +595,93 @@ class LAMConfig { else return false; return true; } - + /** - * Returns the server of the external script + * Returns the servers of the external script as a Array * - * @return string script server + * @return string script servers */ - function get_scriptServer() { - return $this->scriptServer; + function get_scriptServers() { + return $this->scriptServers; + } + + /** + * Sets the servers of the external script + * + * @param string $value new script servers + * @return boolean true if $value has correct format + */ + function set_scriptServers($value) { + if (!$value) { + $this->scriptServers = ""; // optional parameter + return true; + } + // Explode the value to an array + $array_string = explode(";", $value); + if (count($array_string) > 0) { + // Check all IPs in the exploded Array + $valid_ips = array(); + foreach($array_string as $arr_value) { + // Explode name and IP, if a name exists + if (eregi(":", $arr_value)) { + $arr_value_explode = explode(":", $arr_value); + $ip = $arr_value_explode[1]; + $servername = $arr_value_explode[0]; + } + else { + $ip = $arr_value; + $servername = ""; + } + if (isset($ip) && is_string($ip) && eregi("^[a-z0-9\\-]+(\\.[a-z0-9\\-]+)*$", $ip)) { + // Check if the IP has a server name + if (!empty($servername)) { + $valid_ips[] = $servername.":".$ip; + } + else { + $valid_ips[] = $ip; + } + } + } + // Check that the array is not empty + if ($array_string > 0) { + $this->scriptServers = implode(";", $valid_ips); + return true; + } + else { + // The array is empty, there was no valid IP + return false; + } + } + else { + return false; + } + } + + /** + * Returns the chmod value for new home directories. + * + * @return string rights + */ + function get_scriptRights() { + if (!isset($this->scriptRights)) return '755'; + return $this->scriptRights; } /** - * Sets the server of the external script + * Sets the rights for the home directory. * - * @param string $value new script server - * @return boolean true if $value has correct format + * @param string $chmod the rights + * @return boolean true if values has correct format */ - function set_scriptServer($value) { - if (!$value) $this->scriptServer = ""; // optional parameter - elseif (is_string($value) && eregi("^[a-z0-9\\-]+(\\.[a-z0-9\\-]+)*$", $value)) { - $this->scriptServer = $value; + function set_scriptRights($chmod) { + // check if the chmod is correct: + if ($chmod > 0 && $chmod <=777) { + $this->scriptRights=$chmod; + return true; + } + else { + return false; } - else return false; - return true; } /** diff --git a/lam/templates/config/confmain.php b/lam/templates/config/confmain.php index 0c690c27..4f802819 100644 --- a/lam/templates/config/confmain.php +++ b/lam/templates/config/confmain.php @@ -27,6 +27,7 @@ $Id$ * * @package configuration * @author Roland Gruber +* @author Thomas Manninger */ @@ -317,8 +318,8 @@ echo ("
" . _("Script settings") . "\n"); echo ("\n"); echo ("". - "\n"); + _("Server list") . ": ". + "\n"); $tabindex++; echo "\n"; +echo "\n"; +$owr = ""; +$oww = ""; +$owe = ""; +$grr = ""; +$grw = ""; +$gre = ""; +$otr = ""; +$otw = ""; +$ote = ""; +$chmod = $conf->get_scriptRights(); +if (checkChmod("read","owner", $chmod)) $owr = 'checked'; +if (checkChmod("write","owner", $chmod)) $oww = 'checked'; +if (checkChmod("execute","owner", $chmod)) $owe = 'checked'; +if (checkChmod("read","group", $chmod)) $grr = 'checked'; +if (checkChmod("write","group", $chmod)) $grw = 'checked'; +if (checkChmod("execute","group", $chmod)) $gre = 'checked'; +if (checkChmod("read","other", $chmod)) $otr = 'checked'; +if (checkChmod("write","other", $chmod)) $otw = 'checked'; +if (checkChmod("execute","other", $chmod)) $ote = 'checked'; + +echo "\n"; echo ("
". - _("Server of external script") . ": get_scriptServer() . "\">get_scriptServers(false) . "\">"; echo ""; @@ -334,6 +335,51 @@ echo ""; echo "\"""; echo "\n"; echo "
". _("Rights for the home directory") . ": \n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "
" . _("Read") . "" . _("Write") . ""._("Execute")."
"._("Owner")."
"._("Group")."
"._("Other")."
"; + $tabindex++; +echo "		"; +echo ""; +echo "\"""; +echo "\n"; +echo "
\n"); echo ("
\n"); @@ -450,9 +496,25 @@ function saveSettings() { if (!$conf->set_scriptpath($_POST['scriptpath'])) { $errors[] = array("ERROR", _("Script path is invalid!")); } - if (!$conf->set_scriptserver($_POST['scriptserver'])) { + if (!$conf->set_scriptservers($_POST['scriptservers'])) { $errors[] = array("ERROR", _("Script server is invalid!")); } + $chmodOwner = 0; + $chmodGroup = 0; + $chmodOther = 0; + if ($_POST['chmod_owr'] == 'on') $chmodOwner += 4; + if ($_POST['chmod_oww'] == 'on') $chmodOwner += 2; + if ($_POST['chmod_owe'] == 'on') $chmodOwner += 1; + if ($_POST['chmod_grr'] == 'on') $chmodGroup += 4; + if ($_POST['chmod_grw'] == 'on') $chmodGroup += 2; + if ($_POST['chmod_gre'] == 'on') $chmodGroup += 1; + if ($_POST['chmod_otr'] == 'on') $chmodOther += 4; + if ($_POST['chmod_otw'] == 'on') $chmodOther += 2; + if ($_POST['chmod_ote'] == 'on') $chmodOther += 1; + $chmod = $chmodOwner . $chmodGroup . $chmodOther; + if (!$conf->set_scriptrights($chmod)) { + $errors[] = array("ERROR", _("Script chmod is invalid!")); + } // check if password was changed if (isset($_POST['passwd1']) && ($_POST['passwd1'] != '')) { if ($_POST['passwd1'] != $_POST['passwd2']) { diff --git a/lam/tests/conf-test.php b/lam/tests/conf-test.php index c03e04f3..94190a34 100644 --- a/lam/tests/conf-test.php +++ b/lam/tests/conf-test.php @@ -51,7 +51,8 @@ $hostlistAttributes = $conf->get_listAttributes('host'); $maxlistentries = $conf->get_maxlistentries(); $defaultlanguage = $conf->get_defaultlanguage(); $scriptpath = $conf->get_scriptPath(); -$scriptServer = $conf->get_scriptServer(); +$scriptServer = $conf->get_scriptServers(); +$scriptRights = $conf->get_scriptRights(); $moduleSettings = $conf->get_moduleSettings(); echo ("done
"); // next we modify them and save lam.conf @@ -70,7 +71,8 @@ $conf->set_listAttributes("#cn;#uid;#description", 'host'); $conf->set_maxlistentries("54"); $conf->set_defaultlanguage("de_AT:iso639_de:Deutsch (Oesterreich)"); $conf->set_scriptPath("/var/www/lam/lib/script"); -$conf->set_scriptServer("127.0.0.1"); +$conf->set_scriptServers("127.0.0.1"); +$conf->set_scriptRights('775'); $conf->set_moduleSettings(array("test1" => array(11), "test2" => array("abc"), 'test3' => array(3))); $conf->save(); echo ("done
"); @@ -91,7 +93,8 @@ if ($conf2->get_listAttributes('host') != "#cn;#uid;#description") echo ("
get_maxlistentries() != "54") echo ("
Saving maxlistentries failed!
"); if ($conf2->get_defaultlanguage() != "de_AT:iso639_de:Deutsch (Oesterreich)") echo ("
Saving default language failed!
"); if ($conf2->get_scriptPath() != "/var/www/lam/lib/script") echo ("
Saving script path failed!
"); -if ($conf2->get_scriptServer() != "127.0.0.1") echo ("
Saving script server failed!
"); +if ($conf2->get_scriptServers() != "127.0.0.1") echo ("
Saving script server failed!
"); +if ($conf2->get_scriptRights() != '775') echo ("
Saving script rights failed!
"); $msettings = $conf2->get_moduleSettings(); if (($msettings['test1'][0] != 11) || ($msettings['test2'][0] != 'abc') || ($msettings['test3'][0] != '3')) echo ("
Saving module settings failed!
"); echo ("done
"); @@ -111,8 +114,9 @@ $conf2->set_listAttributes($hostlistAttributes, 'host'); $conf2->set_maxlistentries($maxlistentries); $conf2->set_defaultLanguage($defaultlanguage); $conf2->set_scriptPath($scriptpath); -$conf2->set_scriptServer($scriptServer); +$conf2->set_scriptServers($scriptServer); $conf2->set_moduleSettings($moduleSettings); +$conf2->set_scriptRights($scriptRights); $conf2->save(); echo ("done
"); // finished