diff options
Diffstat (limited to 'modules-available/sysconfig')
25 files changed, 245 insertions, 69 deletions
diff --git a/modules-available/sysconfig/addmodule_adauth.inc.php b/modules-available/sysconfig/addmodule_adauth.inc.php index df7f385d..fa2f5258 100644 --- a/modules-available/sysconfig/addmodule_adauth.inc.php +++ b/modules-available/sysconfig/addmodule_adauth.inc.php @@ -13,7 +13,7 @@ class AdAuth_Start extends AddModule_Base protected function renderInternal() { - $ADAUTH_COMMON_FIELDS = array('title', 'server', 'searchbase', 'binddn', 'bindpw', 'home', 'homeattr', 'ssl', 'fixnumeric', 'certificate', 'mapping'); + $ADAUTH_COMMON_FIELDS = array('title', 'server', 'searchbase', 'binddn', 'bindpw', 'home', 'homeattr', 'ssl', 'fixnumeric', 'genuid', 'certificate', 'mapping'); $data = array(); if ($this->edit !== false) { moduleToArray($this->edit, $data, $ADAUTH_COMMON_FIELDS); @@ -107,6 +107,7 @@ class AdAuth_CheckConnection extends AddModule_Base 'home' => Request::post('home'), 'ssl' => Request::post('ssl'), 'fixnumeric' => Request::post('fixnumeric'), + 'genuid' => Request::post('genuid'), 'certificate' => Request::post('certificate', ''), 'taskid' => $this->scanTask['id'], 'mapping' => ConfigModuleBaseLdap::getMapping($mapping), @@ -208,6 +209,7 @@ class AdAuth_SelfSearch extends AddModule_Base 'home' => Request::post('home'), 'ssl' => Request::post('ssl') === 'on', 'fixnumeric' => Request::post('fixnumeric'), + 'genuid' => Request::post('genuid'), 'fingerprint' => Request::post('fingerprint'), 'certificate' => Request::post('certificate', ''), 'originalbinddn' => $this->originalBindDn, @@ -285,6 +287,7 @@ class AdAuth_HomeAttrCheck extends AddModule_Base 'home' => Request::post('home'), 'ssl' => Request::post('ssl') === 'on', 'fixnumeric' => Request::post('fixnumeric'), + 'genuid' => Request::post('genuid'), 'fingerprint' => Request::post('fingerprint'), 'certificate' => Request::post('certificate', ''), 'originalbinddn' => Request::post('originalbinddn'), @@ -357,6 +360,7 @@ class AdAuth_CheckCredentials extends AddModule_Base 'homeattr' => Request::post('homeattr'), 'ssl' => Request::post('ssl') === 'on', 'fixnumeric' => Request::post('fixnumeric'), + 'genuid' => Request::post('genuid'), 'fingerprint' => Request::post('fingerprint'), 'certificate' => Request::post('certificate', ''), 'originalbinddn' => Request::post('originalbinddn'), @@ -421,6 +425,7 @@ class AdAuth_HomeDir extends AddModule_Base 'homeattr' => Request::post('homeattr'), 'ssl' => Request::post('ssl') === 'on', 'fixnumeric' => Request::post('fixnumeric'), + 'genuid' => Request::post('genuid'), 'fingerprint' => Request::post('fingerprint'), 'certificate' => Request::post('certificate', ''), 'originalbinddn' => Request::post('originalbinddn'), @@ -434,9 +439,11 @@ class AdAuth_HomeDir extends AddModule_Base $data[$key . '_c'] = 'checked="checked"'; } } - $data['shareRemapMode_' . $this->edit->getData('shareRemapMode')] = 'selected="selected"'; - $data['shareDomain'] = $this->edit->getData('shareDomain'); $letter = $this->edit->getData('shareHomeDrive'); + $data['shareRemapMode_' . $this->edit->getData('shareRemapMode')] = 'selected="selected"'; + foreach (['shareDomain', 'shareHomeMountOpts', 'ldapAttrMountOpts'] as $key) { + $data[$key] = $this->edit->getData($key); + } } else { $data['shareDownloads_c'] = $data['shareMedia_c'] = $data['shareDocuments_c'] = $data['shareRemapCreate_c'] = 'checked="checked"'; $data['shareRemapMode_1'] = 'selected="selected"'; @@ -475,16 +482,12 @@ class AdAuth_Finish extends AddModule_Base else $module = $this->edit; $ssl = Request::post('ssl', 'off') === 'on'; - $module->setData('server', Request::post('server')); - $module->setData('searchbase', Request::post('searchbase')); - $module->setData('binddn', Request::post('binddn')); - $module->setData('bindpw', Request::post('bindpw')); - $module->setData('home', Request::post('home')); - $module->setData('homeattr', Request::post('homeattr')); - $module->setData('certificate', Request::post('certificate')); + foreach (['searchbase', 'binddn', 'server', 'bindpw', 'home', 'homeattr', 'certificate', 'fixnumeric', 'genuid', + 'ldapAttrMountOpts', 'shareHomeMountOpts'] as $key) { + $module->setData($key, Request::post($key, '', 'string')); + } $module->setData('ssl', $ssl); $module->setData('mapping', Request::post('mapping', false, 'array')); - $module->setData('fixnumeric', Request::post('fixnumeric', '', 'string')); foreach (AdAuth_HomeDir::getAttributes() as $key) { $value = Request::post($key); if (is_numeric($value)) { diff --git a/modules-available/sysconfig/addmodule_custommodule.inc.php b/modules-available/sysconfig/addmodule_custommodule.inc.php index 8c24a071..c234f765 100644 --- a/modules-available/sysconfig/addmodule_custommodule.inc.php +++ b/modules-available/sysconfig/addmodule_custommodule.inc.php @@ -62,7 +62,7 @@ class CustomModule_ProcessUpload extends AddModule_Base unlink($tempfile); $this->tmError(); } - if ($status['statusCode'] != TASK_FINISHED) { + if ($status['statusCode'] != Taskmanager::TASK_FINISHED) { unlink($tempfile); $this->taskError($status); } @@ -128,7 +128,7 @@ class CustomModule_CompressModule extends AddModule_Base if (!isset($status['statusCode'])) { $this->tmError(); } - if ($status['statusCode'] != TASK_FINISHED) { + if ($status['statusCode'] != Taskmanager::TASK_FINISHED) { $this->taskError($status); } // Seems ok, create entry diff --git a/modules-available/sysconfig/addmodule_ldapauth.inc.php b/modules-available/sysconfig/addmodule_ldapauth.inc.php index 1db6cb51..126a6549 100644 --- a/modules-available/sysconfig/addmodule_ldapauth.inc.php +++ b/modules-available/sysconfig/addmodule_ldapauth.inc.php @@ -9,7 +9,7 @@ class LdapAuth_Start extends AddModule_Base protected function renderInternal() { - $LDAPAUTH_COMMON_FIELDS = array('title', 'server', 'searchbase', 'binddn', 'bindpw', 'home', 'homeattr', 'ssl', 'fixnumeric', 'certificate', 'mapping'); + $LDAPAUTH_COMMON_FIELDS = array('title', 'server', 'searchbase', 'binddn', 'bindpw', 'home', 'homeattr', 'ssl', 'fixnumeric', 'genuid', 'certificate', 'mapping'); $data = array(); if ($this->edit !== false) { moduleToArray($this->edit, $data, $LDAPAUTH_COMMON_FIELDS); @@ -81,6 +81,7 @@ class LdapAuth_CheckConnection extends AddModule_Base 'home' => Request::post('home'), 'ssl' => Request::post('ssl'), 'fixnumeric' => Request::post('fixnumeric'), + 'genuid' => Request::post('genuid'), 'certificate' => Request::post('certificate', ''), 'taskid' => $this->scanTask['id'], 'mapping' => ConfigModuleBaseLdap::getMapping(Request::post('mapping', false, 'array')), @@ -152,6 +153,7 @@ class LdapAuth_CheckCredentials extends AddModule_Base 'home' => Request::post('home'), 'ssl' => Request::post('ssl') === 'on', 'fixnumeric' => Request::post('fixnumeric'), + 'genuid' => Request::post('genuid'), 'fingerprint' => Request::post('fingerprint'), 'certificate' => Request::post('certificate', ''), 'mapping' => ConfigModuleBaseLdap::getMapping(Request::post('mapping', false, 'array')), @@ -192,6 +194,7 @@ class LdapAuth_HomeDir extends AddModule_Base 'home' => Request::post('home'), 'ssl' => Request::post('ssl') === 'on', 'fixnumeric' => Request::post('fixnumeric'), + 'genuid' => Request::post('genuid'), 'fingerprint' => Request::post('fingerprint'), 'certificate' => Request::post('certificate', ''), 'originalbinddn' => Request::post('originalbinddn'), @@ -205,9 +208,11 @@ class LdapAuth_HomeDir extends AddModule_Base $data[$key . '_c'] = 'checked="checked"'; } } - $data['shareRemapMode_' . $this->edit->getData('shareRemapMode')] = 'selected="selected"'; - $data['shareDomain'] = $this->edit->getData('shareDomain'); $letter = $this->edit->getData('shareHomeDrive'); + $data['shareRemapMode_' . $this->edit->getData('shareRemapMode')] = 'selected="selected"'; + foreach (['shareDomain', 'shareHomeMountOpts', 'ldapAttrMountOpts'] as $key) { + $data[$key] = $this->edit->getData($key); + } } else { $data['shareDownloads_c'] = $data['shareMedia_c'] = $data['shareDocuments_c'] = $data['shareRemapCreate_c'] = 'checked="checked"'; $data['shareRemapMode_1'] = 'selected="selected"'; @@ -238,8 +243,6 @@ class LdapAuth_Finish extends AddModule_Base protected function preprocessInternal() { - $binddn = Request::post('binddn'); - $searchbase = Request::post('searchbase'); $title = Request::post('title'); if (empty($title)) $title = 'LDAP: ' . Request::post('server'); @@ -248,15 +251,12 @@ class LdapAuth_Finish extends AddModule_Base else $module = $this->edit; $ssl = Request::post('ssl', 'off') === 'on'; - $module->setData('server', Request::post('server')); - $module->setData('searchbase', $searchbase); - $module->setData('binddn', $binddn); - $module->setData('bindpw', Request::post('bindpw')); - $module->setData('home', Request::post('home')); - $module->setData('certificate', Request::post('certificate')); + foreach (['searchbase', 'binddn', 'server', 'bindpw', 'home', 'certificate', 'fixnumeric', 'genuid', + 'ldapAttrMountOpts', 'shareHomeMountOpts'] as $key) { + $module->setData($key, Request::post($key, '', 'string')); + } $module->setData('ssl', $ssl); $module->setData('mapping', Request::post('mapping', false, 'array')); - $module->setData('fixnumeric', Request::post('fixnumeric', '', 'string')); foreach (LdapAuth_HomeDir::getAttributes() as $key) { $value = Request::post($key); if (is_numeric($value)) { diff --git a/modules-available/sysconfig/api.inc.php b/modules-available/sysconfig/api.inc.php index 897b44a7..bb2d9f5e 100644 --- a/modules-available/sysconfig/api.inc.php +++ b/modules-available/sysconfig/api.inc.php @@ -1,5 +1,11 @@ <?php +// Called after updates to rebuild all configs +if (Request::any('action') === 'rebuild' && isLocalExecution()) { + ConfigTgz::rebuildAllConfigs(); + die('OK'); +} + $ip = $_SERVER['REMOTE_ADDR']; if (substr($ip, 0, 7) === '::ffff:') { $ip = substr($ip, 7); @@ -26,7 +32,7 @@ if (Module::isAvailable('runmode')) { } } if ($runmode !== false && $runmode->noSysconfig && file_exists(SysConfig::GLOBAL_MINIMAL_CONFIG)) { - $row = array('filepath' => SysConfig::GLOBAL_MINIMAL_CONFIG); + $row = array('filepath' => SysConfig::GLOBAL_MINIMAL_CONFIG, 'title' => 'config'); } else { $locationId = false; if (Module::isAvailable('locations')) { diff --git a/modules-available/sysconfig/config.json b/modules-available/sysconfig/config.json index 28d71577..6c7b7146 100644 --- a/modules-available/sysconfig/config.json +++ b/modules-available/sysconfig/config.json @@ -1,3 +1,3 @@ { - "category":"main.settings-client" -} + "category": "main.settings-client" +}
\ No newline at end of file diff --git a/modules-available/sysconfig/inc/configmodule.inc.php b/modules-available/sysconfig/inc/configmodule.inc.php index 2cee37a9..b6db9c4f 100644 --- a/modules-available/sysconfig/inc/configmodule.inc.php +++ b/modules-available/sysconfig/inc/configmodule.inc.php @@ -354,7 +354,7 @@ abstract class ConfigModule // Wait for generation if requested if ($timeoutMs > 0 && isset($ret['id']) && !Taskmanager::isFinished($ret)) $ret = Taskmanager::waitComplete($ret, $timeoutMs); - if ($ret === true || (isset($ret['statusCode']) && $ret['statusCode'] === TASK_FINISHED)) { + if ($ret === true || (isset($ret['statusCode']) && $ret['statusCode'] === Taskmanager::TASK_FINISHED)) { // Already Finished if (file_exists($this->moduleArchive) && !file_exists($tmpTgz)) $tmpTgz = false; // If generateInternal succeeded and there's no tmpTgz, it means the file didn't have to be updated diff --git a/modules-available/sysconfig/inc/configmodule/adauth.inc.php b/modules-available/sysconfig/inc/configmodule/adauth.inc.php index db06a4a4..ed7b318d 100644 --- a/modules-available/sysconfig/inc/configmodule/adauth.inc.php +++ b/modules-available/sysconfig/inc/configmodule/adauth.inc.php @@ -12,5 +12,5 @@ ConfigModule::registerModule( Dictionary::translateFileModule('sysconfig', 'config-module', 'adAuth_title'), // Title Dictionary::translateFileModule('sysconfig', 'config-module', 'adAuth_description'), // Description Dictionary::translateFileModule('sysconfig', 'config-module', 'group_authentication'), // Group - true // Only one per config? + false // Only one per config? ); diff --git a/modules-available/sysconfig/inc/configmodule/ldapauth.inc.php b/modules-available/sysconfig/inc/configmodule/ldapauth.inc.php index 1a706234..e8df2877 100644 --- a/modules-available/sysconfig/inc/configmodule/ldapauth.inc.php +++ b/modules-available/sysconfig/inc/configmodule/ldapauth.inc.php @@ -19,5 +19,5 @@ ConfigModule::registerModule( Dictionary::translateFileModule('sysconfig', 'config-module', 'ldapAuth_title'), // Title Dictionary::translateFileModule('sysconfig', 'config-module', 'ldapAuth_description'), // Description Dictionary::translateFileModule('sysconfig', 'config-module', 'group_authentication'), // Group - true // Only one per config? + false // Only one per config? ); diff --git a/modules-available/sysconfig/inc/configmodulebaseldap.inc.php b/modules-available/sysconfig/inc/configmodulebaseldap.inc.php index d6fc3ed9..9364c2e3 100644 --- a/modules-available/sysconfig/inc/configmodulebaseldap.inc.php +++ b/modules-available/sysconfig/inc/configmodulebaseldap.inc.php @@ -3,12 +3,13 @@ abstract class ConfigModuleBaseLdap extends ConfigModule { - const VERSION = 2; + const VERSION = 3; private static $REQUIRED_FIELDS = array('server', 'searchbase'); private static $OPTIONAL_FIELDS = array('binddn', 'bindpw', 'home', 'ssl', 'fixnumeric', 'fingerprint', 'certificate', 'homeattr', 'shareRemapMode', 'shareRemapCreate', 'shareDocuments', 'shareDownloads', 'shareDesktop', 'shareMedia', - 'shareOther', 'shareHomeDrive', 'shareDomain', 'credentialPassthrough', 'mapping'); + 'shareOther', 'shareHomeDrive', 'shareDomain', 'credentialPassthrough', 'mapping', 'genuid', + 'ldapAttrMountOpts', 'shareHomeMountOpts'); public static function getMapping($config = false, &$empty = true) { @@ -66,6 +67,7 @@ abstract class ConfigModuleBaseLdap extends ConfigModule if (!isset($config['fixnumeric'])) { $config['fixnumeric'] = 's'; } + $config['genuid'] = isset($config['genuid']) && !empty($config['genuid']); $this->preTaskmanagerHook($config); $task = Taskmanager::submit('CreateLdapConfig', $config); if (is_array($task) && isset($task['id'])) { diff --git a/modules-available/sysconfig/inc/configtgz.inc.php b/modules-available/sysconfig/inc/configtgz.inc.php index 17c9f35d..7b042cdb 100644 --- a/modules-available/sysconfig/inc/configtgz.inc.php +++ b/modules-available/sysconfig/inc/configtgz.inc.php @@ -63,7 +63,7 @@ class ConfigTgz foreach ($moduleIds as $module) { $idstr .= ',' . (int)$module; // Casting to int should make it safe } - $res = Database::simpleQuery("SELECT moduleid, filepath, status FROM configtgz_module WHERE moduleid IN ($idstr)"); + $res = Database::simpleQuery("SELECT moduleid, moduletype, filepath, status FROM configtgz_module WHERE moduleid IN ($idstr)"); // Delete old connections Database::exec("DELETE FROM configtgz_x_module WHERE configid = :configid", array('configid' => $this->configId)); // Make connection @@ -98,8 +98,13 @@ class ConfigTgz $files = array(); // Get all config modules for system config foreach ($this->modules as $module) { - if (!empty($module['filepath']) && file_exists($module['filepath'])) + if (!empty($module['filepath']) && file_exists($module['filepath'])) { $files[] = $module['filepath']; + } + if ($module['moduletype'] === 'SshConfig') { + // HACK XXX TODO Global + SSH ugly + self::rebuildEmptyGlobalConfig(); + } } $task = self::recompress($files, $this->file); @@ -107,7 +112,7 @@ class ConfigTgz // Wait for completion if ($timeoutMs > 0 && !Taskmanager::isFailed($task) && !Taskmanager::isFinished($task)) $task = Taskmanager::waitComplete($task, $timeoutMs); - if ($task === true || (isset($task['statusCode']) && $task['statusCode'] === TASK_FINISHED)) { + if ($task === true || (isset($task['statusCode']) && $task['statusCode'] === Taskmanager::TASK_FINISHED)) { // Success! $this->markUpdated(); return true; @@ -222,13 +227,39 @@ class ConfigTgz )); $res = Database::simpleQuery("SELECT configid FROM configtgz"); while ($row = $res->fetch(PDO::FETCH_ASSOC)) { - $module = self::get($row['configid']); - if ($module !== false) { - $module->generate(); + $configTgz = self::get($row['configid']); + if ($configTgz !== false) { + $configTgz->generate(); } } // Build the global "empty" config that just includes global hooks - self::recompress([], SysConfig::GLOBAL_MINIMAL_CONFIG); + self::rebuildEmptyGlobalConfig(); + } + + /** + * Rebuild the general "empty" config that only contains global hook modules + * and forced ones. + */ + private static function rebuildEmptyGlobalConfig() + { + static $onceOnly = false; + if ($onceOnly) + return; + $onceOnly = true; + // HACK TODO XXX -- just stuff (global) ssh config into this one for now, needs proper fix :-( + $res = Database::simpleQuery("SELECT DISTINCT cm.filepath FROM configtgz_module cm + INNER JOIN configtgz_x_module cxm USING (moduleid) + INNER JOIN configtgz_location cl USING (configid) + WHERE cm.moduletype = 'SshConfig' AND cm.status = 'OK' + ORDER BY locationid ASC"); + $extra = []; + while ($row = $res->fetch(PDO::FETCH_ASSOC)) { + if (file_exists($row['filepath'])) { + $extra[] = $row['filepath']; + break; + } + } + self::recompress($extra, SysConfig::GLOBAL_MINIMAL_CONFIG); } /** @@ -258,7 +289,7 @@ class ConfigTgz foreach ($moduleIds as $module) { $idstr .= ',' . (int)$module; // Casting to int should make it safe } - $res = Database::simpleQuery("SELECT moduleid, filepath, status FROM configtgz_module WHERE moduleid IN ($idstr)"); + $res = Database::simpleQuery("SELECT moduleid, moduletype, filepath, status FROM configtgz_module WHERE moduleid IN ($idstr)"); // Make connection while ($row = $res->fetch(PDO::FETCH_ASSOC)) { Database::exec("INSERT INTO configtgz_x_module (configid, moduleid) VALUES (:configid, :moduleid)", array( @@ -281,7 +312,7 @@ class ConfigTgz $instance->configId = $ret['configid']; $instance->configTitle = $ret['title']; $instance->file = $ret['filepath']; - $ret = Database::simpleQuery("SELECT moduleid, filepath, status FROM configtgz_x_module " + $ret = Database::simpleQuery("SELECT moduleid, moduletype, filepath, status FROM configtgz_x_module " . " INNER JOIN configtgz_module USING (moduleid) " . " WHERE configid = :configid", array('configid' => $instance->configId)); $instance->modules = array(); @@ -310,7 +341,7 @@ class ConfigTgz $instance->configId = $row['configid']; $instance->configTitle = $row['title']; $instance->file = $row['filepath']; - $innerRes = Database::simpleQuery("SELECT moduleid, filepath, status FROM configtgz_x_module " + $innerRes = Database::simpleQuery("SELECT moduleid, moduletype, filepath, status FROM configtgz_x_module " . " INNER JOIN configtgz_module USING (moduleid) " . " WHERE configid = :configid", array('configid' => $instance->configId)); $instance->modules = array(); diff --git a/modules-available/sysconfig/lang/de/permissions.json b/modules-available/sysconfig/lang/de/permissions.json new file mode 100644 index 00000000..c32c488b --- /dev/null +++ b/modules-available/sysconfig/lang/de/permissions.json @@ -0,0 +1,8 @@ +{ + "config.assign": "Systemkonfiguration zuweisen", + "config.edit": "Systemkonfiguration bearbeiten", + "config.view-list": "Systemkonfigurationen anzeigen", + "module.download": "Konfigurationsmodul herunterladen", + "module.edit": "Konfigurationsmodul bearbeiten", + "module.view-list": "Konfigurationsmodule anzeigen" +}
\ No newline at end of file diff --git a/modules-available/sysconfig/lang/de/template-tags.json b/modules-available/sysconfig/lang/de/template-tags.json index 7f8511e6..2a7a02d6 100644 --- a/modules-available/sysconfig/lang/de/template-tags.json +++ b/modules-available/sysconfig/lang/de/template-tags.json @@ -47,20 +47,22 @@ "lang_fixNumeric": "Numerischen Account-Namen muss ein 's' vorangestellt werden", "lang_fixNumericDescription": "Wenn Sie diese Option aktivieren, m\u00fcssen Benutzer, deren Account-Name nur aus Ziffern besteht, diesem ein 's' voranstellen beim Login. Diese Option ist beim alten Login-Manager (KDM) zwingend erforderlich, da sonst der Loginvorgang fehlschl\u00e4gt. Mit dem neuen lightdm-basierten Login-Screen lassen sich numerische Account-Namen jedoch direkt verwenden. Wenn Sie an Ihrer Einrichtung keine numerischen Account-Namen verwenden, hat diese Option keine Auswirkung.", "lang_folderRedirection": "Folder Redirection", + "lang_genUid": "uid-Nummern generieren", + "lang_genUidDescription": "Wenn aktiviert, generiert der Satellitenserver nummerische IDs f\u00fcr die Benutzer, anstatt diese aus dem LDAP\/AD zu extrahieren.", "lang_generateModule": "Modul erzeugen", "lang_handlingNotes": "Hier k\u00f6nnen Sie festlegen, wie Netzwerk-Shares (inkl. des Home-Verzeichnisses) an Virtuelle Maschinen durchgereicht werden. In \u00e4lteren Versionen von bwLehrpool wurden die VMware Shared Folders genutzt, was mit bestimmten file servern Probleme verursachen konnte. Der neue native Modus funktioniert deutlich besser, ist aber bei Windows-G\u00e4sten darauf angewiesen, dass (1) der file server smb\/cifs spricht (z.B. Windows Server, Samba unter Linux) und (2) die openslx.exe im Autostart eingebunden ist (bei den bwLehrpool Vorlagen bereits der Fall).", "lang_helpHomeAttrHead": "Name des Home-Verzeichnis-Attributs", "lang_helpHomeAttrText": "Hier k\u00f6nnen Sie alternativ zum fest vorgegebenem Template des Home-Verzeichnis Servers den Attributsnamen im Active Directory angeben, der diesen Pfad bereitstellt. Normalerweise ist dies \"homeDirectory\". Wird das Feld leer gelassen, versucht der Assistent, das Attribut selbstst\u00e4ndig zu ermitteln. Falls das Einbinden der Home-Verzeichnisse anschlie\u00dfend nicht funktioniert, \u00fcberpr\u00fcfen Sie bitte den Client-Log (Status->Client Log) und den LDAP-Proxy-Log (Status->Server Status).", "lang_helpModuleConfiguration": "Konfigurationsmodule sind die Bausteine, aus denen eine Systemkonfiguration erstellt wird. Hier lassen sich sowohl generische Module durch einen Wizard anlegen, als auch komplett eigene Module erstellen (fortgeschritten, Linuxkenntnisse erforderlich).", "lang_helpSystemConfiguration": "\u00dcber eine Systemkonfiguration wird die grundlegende Lokalisierung des bwLehrpool-Systems durchgef\u00fchrt. Dazu geh\u00f6ren Aspekte wie das Authentifizierungsverfahren f\u00fcr Benutzer (z.B. Active Directory, LDAP), Druckerkonfiguration, Home-Verzeichnisse, etc. Eine Systemkonfiguration setzt sich aus einem oder mehreren Konfigurationsmodulen zusammen, welche im angrenzenden Panel verwaltet werden k\u00f6nnen.", - "lang_homeAttr": "Home-Attribut", "lang_homeAttributeExplanation": "Bitte w\u00e4hlen Sie das Attribut, welches das Home-Verzeichnis der User enth\u00e4lt.", "lang_homeFallback": "Home-Fallback", "lang_homedirHandling": "(Home-)Verzeichnis Einbindung", "lang_inheritFromParentLoc": "Von \u00fcbergeordnetem Ort erben", + "lang_ldapAttrMountOpts": "LDAP-Attribut f\u00fcr Mount-Optionen", "lang_ldapStarted": "Der LDAP-Proxy wurde gestartet", "lang_ldapText1": "Mit diesem Wizard k\u00f6nnen Sie Authentifizierung gegen einen LDAP-Server einrichten.", - "lang_ldapText2": "Zu diesem Zweck wird ein LDAP-Proxy auf dem Satelliten-Server gestartet. Dies bedeutet, dass der LDAP-Server von diesem Server aus erreichbar sein muss. Die Pool-PCs hingegen m\u00fcssen nicht direkt mit dem LDAP-Server kommunizieren k\u00f6nnen.", + "lang_ldapText2": "Zu diesem Zweck wird ein LDAP-Proxy auf dem Satellitenserver gestartet. Dies bedeutet, dass der LDAP-Server von diesem Server aus erreichbar sein muss. Die Pool-PCs hingegen m\u00fcssen nicht direkt mit dem LDAP-Server kommunizieren k\u00f6nnen.", "lang_legend": "Legende", "lang_listenPort": "Listen port", "lang_listenPortInfo": "Der Port, auf dem der sshd lauscht. Der offizielle Standard ist 22.", @@ -72,6 +74,7 @@ "lang_moduleConfiguration": "Konfigurationsmodule", "lang_moduleName": "Modulname", "lang_moduleTitle": "Titel", + "lang_mountOptionsNote": "Diese Einstellungen beziehen sich nur auf Linux und \u00e4hnliche Systeme (sowohl das MiniLinux als auch laufende VMs) und beeinflussen die Optionen, die beim Mounten des Verzeichnisses verwendet werden sollen. Sofern es im LDAP\/AD ein Nutzerattribut gibt, welches die passenden Optionen enth\u00e4lt, k\u00f6nnen Sie dieses hier angeben. Das Attribut wird dann vorrangig behandelt. Ist das Attribut leer oder nicht vorhanden, werden die Optionen verwendet, die Sie im Feld \"feste Mount-Optionen\" eingetragen haben. Sind beide Felder leer, werden verschiedene Optionen automatisch durchprobiert.", "lang_name": "Name", "lang_newConfiguration": "Neue Konfiguration", "lang_newModule": "Neues Modul", @@ -99,6 +102,7 @@ "lang_shareDomainNote": "Der Dom\u00e4nenname wird beim Einbinden des Home-Verzeichnisses dem Benutzernamen vorangestellt (DOMAIN\\user). Normalerweise wird der Dom\u00e4nenname automatisch ermittelt, er l\u00e4sst sich hiermit aber explizit \u00fcberschreiben.", "lang_shareDownloads": "Downloads", "lang_shareHomeDrive": "Home-Verzeichnis Buchstabe (Windows)", + "lang_shareHomeMountOpts": "Fest vorgegebene Mount-Optionen", "lang_shareMapCreate": "Ordner auf dem Netzlaufwerk bei Bedarf anlegen", "lang_shareMedia": "Eigene Musik, Videos, Bilder", "lang_shareModeNote": "\"Nativer Modus mit Fallback auf VMware\" ist experimentell und kann dazu f\u00fchren, dass die VM in regelm\u00e4\u00dfigen Abst\u00e4nden H\u00e4nger hat.", @@ -124,4 +128,4 @@ "lang_userDirectoryInfo1": "Optionale Angabe: Wenn die Clients f\u00fcr die Benutzer ein eigenes Verzeichnis (Homeverzeichnis, Benutzerverzeichnis) von einem Server einbinden sollen, geben Sie bitte hier das Format in UNC-Notation an, also z.B.", "lang_userDirectoryInfo2": "%s ist dabei ein Platzhalter f\u00fcr den Login-Namen des Benutzers.", "lang_userDirectoryInfo3": "Das Verzeichnis wird mit den gleichen Zugangsdaten eingebunden, die der Benutzer beim Login angibt. (D.h. kein Kerberos Support o.\u00e4.)" -} +}
\ No newline at end of file diff --git a/modules-available/sysconfig/lang/en/permissions.json b/modules-available/sysconfig/lang/en/permissions.json new file mode 100644 index 00000000..14757383 --- /dev/null +++ b/modules-available/sysconfig/lang/en/permissions.json @@ -0,0 +1,8 @@ +{ + "config.assign": "Assign system configuration", + "config.edit": "Edit system configuration", + "config.view-list": "Show system configurations", + "module.download": "Download configuration module", + "module.edit": "Edit configuration module", + "module.view-list": "Show configuration modules" +}
\ No newline at end of file diff --git a/modules-available/sysconfig/lang/en/template-tags.json b/modules-available/sysconfig/lang/en/template-tags.json index 5a73c254..fb02cf42 100644 --- a/modules-available/sysconfig/lang/en/template-tags.json +++ b/modules-available/sysconfig/lang/en/template-tags.json @@ -47,17 +47,19 @@ "lang_fixNumeric": "Numeric account names have to be prefixed by 's'", "lang_fixNumericDescription": "If enabled, users with account names that consist entirely of digits have to prefix their user id by 's' when logging in. This is required with the old login manager (KDM) to prevent crashes. The new lightdm-based login manager will accept numeric account names, so you can leave this option disabled. If your organization doesn't have any numeric account names, this option will have no effect.", "lang_folderRedirection": "Folder Redirection", + "lang_genUid": "Generate uid numbers", + "lang_genUidDescription": "When selected, the satellite server will generate numeric IDs for the users, instead of extracting them from AD\/LDAP.", "lang_generateModule": "Generating module", "lang_handlingNotes": "Here you can configure how network shares (like the user's home directory) are mapped inside the VM. Old Versions of bwLehrpool used the VMware Shared Folder technique, which could cause problems with certain file servers. The new \"native mode\" works much better, but on Windows guests, it requires that you (1) use an smb\/cifs file server (Windows Server, Linux with Samba) and (2) have openslx.exe setup to autorun in the VM (this is already configured for bwLehrpool templates).", "lang_helpHomeAttrHead": "Name of the home directory attribute", "lang_helpHomeAttrText": "Here you can specify the name of the attribute on the Active Directory that contains the path of the home directory server. Usually this is \"homeDirectory\". If you leave this blank, the wiszard will try to determine the attribute name automatically. If home directories don't work, check the client log (Status->Client log) and the LDAP proxy log (Status->Server status).", "lang_helpModuleConfiguration": "Configuration modules are the building blocks from which a system configuration is created. Here you can create both generic modules by a wizard, as well as create completely custom modules (advanced Linux knowledge required).", "lang_helpSystemConfiguration": "The fundamental localization of the bwLehrpool system is done through a system configuration. These include aspects such as the authentication method for users (eg Active Directory, LDAP), printer configuration, home directories, etc. A system configuration is composed of one or more configuration modules, which can be managed in the panel next to this one.", - "lang_homeAttr": "Home attribute", "lang_homeAttributeExplanation": "Please select the attribute which holds the user's home directory.", "lang_homeFallback": "Home fallback", "lang_homedirHandling": "(Home) directory handling", "lang_inheritFromParentLoc": "Inherit from parent location", + "lang_ldapAttrMountOpts": "LDAP attribute containing mount options", "lang_ldapStarted": "The LDAP proxy has been launched", "lang_ldapText1": "Here you can create a configuration module to authenticate agains an LDAP server", "lang_ldapText2": "An LDAP-Proxy will be launched on this server. This means the LDAP-Server must be reachable from it. The client PCs in the labs however don't have to be able to talk to the LDAP server \u2013 they will use the proxy running on this server.", @@ -72,6 +74,7 @@ "lang_moduleConfiguration": "Module Configuration", "lang_moduleName": "Module Name", "lang_moduleTitle": "Title", + "lang_mountOptionsNote": "These settings are relevant for the MiniLinux and VMs containing non-Windows OSes. If you specify an LDAP user attribute, its contents will be used as mount options when mounting the user's home directory. If the attribute is not specified or its contents are empty, the mount attributes specified in the other field will be used. If you leave both fields empty, the clients will try to determine the options automatically.", "lang_name": "Name", "lang_newConfiguration": "New Configuration", "lang_newModule": "New Module", @@ -99,6 +102,7 @@ "lang_shareDomainNote": "The user name will be prefixed by the domain when trying to mount home directories (DOMAIN\\user). Usually this will be determined automatically, but you can always override it here.", "lang_shareDownloads": "Downloads", "lang_shareHomeDrive": "Home drive letter (Windows)", + "lang_shareHomeMountOpts": "Fixed mount options", "lang_shareMapCreate": "Create folders on network share if they don't exist", "lang_shareMedia": "My Music, Videos, Pictures", "lang_shareModeNote": "\"Native mode with fallback\" is experimental and known to cause temporary freezes with some VMs. Use with care.", @@ -124,4 +128,4 @@ "lang_userDirectoryInfo1": "Optional: If the clients should embed a separate directory (home directory, user directory) from a server for the user, please enter here the format in UNC notation, eg", "lang_userDirectoryInfo2": "%s is a placeholder for the user's login name.", "lang_userDirectoryInfo3": "The directory is loaded with the same credentials that the user specifies when login. (That is no Kerberos support, etc.)" -} +}
\ No newline at end of file diff --git a/modules-available/sysconfig/page.inc.php b/modules-available/sysconfig/page.inc.php index 30271514..515d432c 100644 --- a/modules-available/sysconfig/page.inc.php +++ b/modules-available/sysconfig/page.inc.php @@ -59,7 +59,7 @@ class Page_SysConfig extends Page { User::load(); - if (!User::hasPermission('superadmin')) { + if (!User::isLoggedIn()) { Message::addError('main.no-permission'); Util::redirect('?do=Main'); } @@ -90,6 +90,7 @@ class Page_SysConfig extends Page // Action: "addmodule" (upload new module) if ($action === 'addmodule') { + User::assertPermission('module.edit'); $this->initAddModule(); AddModule_Base::preprocess(); } @@ -97,18 +98,22 @@ class Page_SysConfig extends Page if ($action === 'module') { // Action: "delmodule" (delete module) if (Request::post('del', 'no') !== 'no') { + User::assertPermission('module.edit'); $this->delModule(); } if (Request::post('download', 'no') !== 'no') { + User::assertPermission('module.download'); $this->downloadModule(); } if (Request::post('rebuild', 'no') !== 'no') { + User::assertPermission('module.edit'); $this->rebuildModule(); } } // Action: "addconfig" (compose config from one or more modules) if ($action === 'addconfig') { + User::assertPermission('config.edit'); $this->initAddConfig(); AddConfig_Base::preprocess(); } @@ -116,14 +121,17 @@ class Page_SysConfig extends Page if ($action === 'config') { // Action: "delconfig" (delete config) if (Request::post('del', 'no') !== 'no') { + User::assertPermission('config.edit'); $this->delConfig(); } // Action "activate" (set sysconfig as active) if (Request::post('activate', 'no') !== 'no') { + User::assertPermission('config.assign', $this->currentLoc); $this->activateConfig(); } // Action "rebuild" (rebuild config.tgz from its modules) if (Request::post('rebuild', 'no') !== 'no') { + User::assertPermission('config.edit'); $this->rebuildConfig(); } } @@ -141,15 +149,24 @@ class Page_SysConfig extends Page $action = Request::any('action', 'list'); switch ($action) { case 'addmodule': + User::assertPermission('module.edit'); AddModule_Base::render(); return; case 'addconfig': + User::assertPermission('config.edit'); AddConfig_Base::render(); return; case 'list': + $pMods = User::hasPermission('module.view-list'); + $pConfs = User::hasPermission('config.view-list'); + if (!($pMods || $pConfs)) { + User::assertPermission('config.view-list'); + } Render::openTag('div', array('class' => 'row')); - $this->listConfigs(); - if ($this->currentLoc === 0) { + if ($pConfs) { + $this->listConfigs(); + } + if ($this->currentLoc === 0 && $pMods) { $this->listModules(); } Render::closeTag('div'); @@ -159,6 +176,7 @@ class Page_SysConfig extends Page Render::addTemplate('js'); // Make this js snippet a template so i18n works return; case 'module': + User::assertPermission('module.view-list'); $listid = Request::post('list'); if ($listid !== false) { $this->listModuleContents($listid); @@ -166,6 +184,7 @@ class Page_SysConfig extends Page } break; case 'config': + User::assertPermission('config.view-list'); $listid = Request::post('list'); if ($listid !== false) { $this->listConfigContents($listid); @@ -238,13 +257,16 @@ class Page_SysConfig extends Page 'needrebuild' => ($row['status'] !== 'OK') ); } - Render::addTemplate('list-configs', array( + $data = array( 'locationid' => $this->currentLoc, 'locationname' => $locationName, 'havelocations' => Module::isAvailable('locations'), 'configs' => $configs, 'inheritConfig' => !$hasDefault, - )); + ); + Permission::addGlobalTags($data['perms'], null, ['config.edit']); + Permission::addGlobalTags($data['perms'], $this->currentLoc, ['config.assign']); + Render::addTemplate('list-configs', $data); } private function listModules() @@ -254,10 +276,12 @@ class Page_SysConfig extends Page $types = array_map(function ($mod) { return $mod->moduleType(); }, $modules); $titles = array_map(function ($mod) { return $mod->title(); }, $modules); array_multisort($types, SORT_ASC, $titles, SORT_ASC, $modules); - Render::addTemplate('list-modules', array( + $data = array( 'modules' => $modules, 'havemodules' => (count($modules) > 0) - )); + ); + Permission::addGlobalTags($data['perms'], null, ['module.edit', 'module.download']); + Render::addTemplate('list-modules', $data); } private function listModuleContents($moduleid) @@ -401,12 +425,12 @@ class Page_SysConfig extends Page $task = Taskmanager::submit('DeleteFile', array( 'file' => $row['filepath'] )); - if (isset($task['statusCode']) && $task['statusCode'] === TASK_WAITING) { + if (isset($task['statusCode']) && $task['statusCode'] === Taskmanager::TASK_WAITING) { $task = Taskmanager::waitComplete($task['id']); } - if (!isset($task['statusCode']) || $task['statusCode'] === TASK_ERROR) { + if (!isset($task['statusCode']) || $task['statusCode'] === Taskmanager::TASK_ERROR) { Message::addWarning('main.task-error', $task['data']['error']); - } elseif ($task['statusCode'] === TASK_FINISHED) { + } elseif ($task['statusCode'] === Taskmanager::TASK_FINISHED) { Message::addSuccess('module-deleted', $row['title']); } Database::exec("DELETE FROM configtgz_module WHERE moduleid = :moduleid LIMIT 1", array('moduleid' => $moduleid)); diff --git a/modules-available/sysconfig/permissions/permissions.json b/modules-available/sysconfig/permissions/permissions.json new file mode 100644 index 00000000..08321c50 --- /dev/null +++ b/modules-available/sysconfig/permissions/permissions.json @@ -0,0 +1,20 @@ +{ + "config.view-list": { + "location-aware": false + }, + "config.assign": { + "location-aware": true + }, + "config.edit": { + "location-aware": false + }, + "module.view-list": { + "location-aware": false + }, + "module.edit": { + "location-aware": false + }, + "module.download": { + "location-aware": false + } +}
\ No newline at end of file diff --git a/modules-available/sysconfig/templates/ad-selfsearch.html b/modules-available/sysconfig/templates/ad-selfsearch.html index 64e181b2..e6a19468 100644 --- a/modules-available/sysconfig/templates/ad-selfsearch.html +++ b/modules-available/sysconfig/templates/ad-selfsearch.html @@ -43,6 +43,7 @@ <input type="hidden" name="mapping[{{field}}]" value="{{value}}"> {{/mapping}} <input name="fixnumeric" value="{{fixnumeric}}" type="hidden"> + <input name="genuid" value="{{genuid}}" type="hidden"> <button type="submit" class="btn btn-primary">« {{lang_back}}</button> </form> </div> @@ -67,6 +68,7 @@ <input type="hidden" name="mapping[{{field}}]" value="{{value}}"> {{/mapping}} <input name="fixnumeric" value="{{fixnumeric}}" type="hidden"> + <input name="genuid" value="{{genuid}}" type="hidden"> <input name="fingerprint" value="{{fingerprint}}" type="hidden"> <button id="nextbutton" type="submit" class="btn btn-primary" style="display:none">{{lang_skip}} »</button> </form> diff --git a/modules-available/sysconfig/templates/ad-start.html b/modules-available/sysconfig/templates/ad-start.html index 7f211343..274473ff 100644 --- a/modules-available/sysconfig/templates/ad-start.html +++ b/modules-available/sysconfig/templates/ad-start.html @@ -67,6 +67,16 @@ <br> <div> <div class="checkbox"> + <input id="num-cb" type="checkbox" name="genuid" {{#genuid}}checked{{/genuid}}> + <label for="num-cb"><b>{{lang_genUid}}</b></label> + </div> + <div> + <i>{{lang_genUidDescription}}</i> + </div> + </div> + <br> + <div> + <div class="checkbox"> <input id="num-cb" type="checkbox" name="fixnumeric" {{#fixnumeric}}checked{{/fixnumeric}}> <label for="num-cb"><b>{{lang_fixNumeric}}</b></label> </div> diff --git a/modules-available/sysconfig/templates/ad_ldap-checkconnection.html b/modules-available/sysconfig/templates/ad_ldap-checkconnection.html index 630da398..e686c29f 100644 --- a/modules-available/sysconfig/templates/ad_ldap-checkconnection.html +++ b/modules-available/sysconfig/templates/ad_ldap-checkconnection.html @@ -31,6 +31,7 @@ {{/mapping}} <input name="fixnumeric" value="{{fixnumeric}}" type="hidden"> + <input name="genuid" value="{{genuid}}" type="hidden"> <button type="submit" class="btn btn-primary">« {{lang_back}}</button> </form> </div> @@ -55,6 +56,7 @@ <input type="hidden" name="mapping[{{field}}]" value="{{value}}"> {{/mapping}} <input name="fixnumeric" value="{{fixnumeric}}" type="hidden"> + <input name="genuid" value="{{genuid}}" type="hidden"> <input name="originalbinddn" value="{{binddn}}" type="hidden"> <button id="nextbutton" type="submit" class="btn btn-primary" style="display:none">{{lang_next}} »</button> </form> diff --git a/modules-available/sysconfig/templates/ad_ldap-checkcredentials.html b/modules-available/sysconfig/templates/ad_ldap-checkcredentials.html index 4f822a9b..d698d994 100644 --- a/modules-available/sysconfig/templates/ad_ldap-checkcredentials.html +++ b/modules-available/sysconfig/templates/ad_ldap-checkcredentials.html @@ -26,6 +26,7 @@ <input type="hidden" name="mapping[{{field}}]" value="{{value}}"> {{/mapping}} <input name="fixnumeric" value="{{fixnumeric}}" type="hidden"> + <input name="genuid" value="{{genuid}}" type="hidden"> <button type="submit" class="btn btn-primary">« {{lang_back}}</button> </form> </div> @@ -49,6 +50,7 @@ <input type="hidden" name="mapping[{{field}}]" value="{{value}}"> {{/mapping}} <input name="fixnumeric" value="{{fixnumeric}}" type="hidden"> + <input name="genuid" value="{{genuid}}" type="hidden"> <input name="fingerprint" value="{{fingerprint}}" type="hidden"> <input name="originalbinddn" value="{{binddn}}" type="hidden"> <button id="nextbutton" type="submit" class="btn btn-primary" style="display:none">{{lang_skip}} »</button> diff --git a/modules-available/sysconfig/templates/ad_ldap-homedir.html b/modules-available/sysconfig/templates/ad_ldap-homedir.html index ad543594..e4fbf380 100644 --- a/modules-available/sysconfig/templates/ad_ldap-homedir.html +++ b/modules-available/sysconfig/templates/ad_ldap-homedir.html @@ -18,6 +18,7 @@ <input type="hidden" name="mapping[{{field}}]" value="{{value}}"> {{/mapping}} <input name="fixnumeric" value="{{fixnumeric}}" type="hidden"> + <input name="genuid" value="{{genuid}}" type="hidden"> <input name="fingerprint" value="{{fingerprint}}" type="hidden"> <div class="slx-bold">{{lang_credentialPassing}}</div> @@ -61,6 +62,20 @@ <p><i>{{lang_driveLetterNote}}</i></p> </div> </div> + <div class="form-group row"> + <label for="inputldapAttrMountOpts" class="control-label col-xs-4">{{lang_ldapAttrMountOpts}}</label> + <div class="col-xs-8"> + <input type="text" class="form-control" id="inputldapAttrMountOpts" name="ldapAttrMountOpts" value="{{ldapAttrMountOpts}}"> + </div> + </div> + <div class="form-group row"> + <label for="inputshareHomeMountOpts" class="control-label col-xs-4">{{lang_shareHomeMountOpts}}</label> + <div class="col-xs-8"> + <input type="text" class="form-control" id="inputshareHomeMountOpts" name="shareHomeMountOpts" value="{{shareHomeMountOpts}}" + placeholder="vers=3.0,forceuid,forcegid,nounix,file_mode=0700,dir_mode=0700,noacl,nobrl"> + <p><i>{{lang_mountOptionsNote}}</i></p> + </div> + </div> <hr> <div class="slx-bold">{{lang_folderRedirection}}</div> diff --git a/modules-available/sysconfig/templates/ldap-start.html b/modules-available/sysconfig/templates/ldap-start.html index 940316b9..b3495741 100644 --- a/modules-available/sysconfig/templates/ldap-start.html +++ b/modules-available/sysconfig/templates/ldap-start.html @@ -68,6 +68,16 @@ <br> <div> <div class="checkbox"> + <input id="num-cb" type="checkbox" name="genuid" {{#genuid}}checked{{/genuid}}> + <label for="num-cb"><b>{{lang_genUid}}</b></label> + </div> + <div> + <i>{{lang_genUidDescription}}</i> + </div> + </div> + <br> + <div> + <div class="checkbox"> <input id="num-cb" type="checkbox" name="fixnumeric" {{#fixnumeric}}checked{{/fixnumeric}}> <label for="num-cb"><b>{{lang_fixNumeric}}</b></label> </div> diff --git a/modules-available/sysconfig/templates/list-configs.html b/modules-available/sysconfig/templates/list-configs.html index 205317b8..4db7b9b2 100644 --- a/modules-available/sysconfig/templates/list-configs.html +++ b/modules-available/sysconfig/templates/list-configs.html @@ -26,7 +26,7 @@ </td> <td> {{^current}} - <button class="btn btn-primary btn-xs" name="activate" value="{{configid}}"> + <button class="btn btn-primary btn-xs" name="activate" value="{{configid}}" {{perms.config.assign.disabled}}> <span class="glyphicon glyphicon-flag"></span> {{lang_activate}} </button> @@ -54,13 +54,22 @@ {{^needrebuild}} class="refconf btn btn-default btn-xs" {{/needrebuild}} - name="rebuild" value="{{configid}}" title="{{lang_rebuild}}"><span class="glyphicon glyphicon-refresh"></span></button> + name="rebuild" value="{{configid}}" title="{{lang_rebuild}}" + {{perms.config.edit.disabled}}> + <span class="glyphicon glyphicon-refresh"></span> + </button> {{/locationid}} </td> <td class="text-nowrap"> {{^locationid}} - <a class="btn btn-success btn-xs" href="?do=SysConfig&action=addconfig&edit={{configid}}" title="{{lang_edit}}"><span class="glyphicon glyphicon-edit"></span></a> - <button class="btn btn-danger btn-xs confirm-delete" name="del" value="{{configid}}" title="{{lang_delete}}"><span class="glyphicon glyphicon-trash"></span></button> + <a class="btn btn-success btn-xs {{perms.config.edit.disabled}}" + href="?do=SysConfig&action=addconfig&edit={{configid}}" title="{{lang_edit}}"> + <span class="glyphicon glyphicon-edit"></span> + </a> + <button class="btn btn-danger btn-xs confirm-delete" name="del" value="{{configid}}" + title="{{lang_delete}}" {{perms.config.edit.disabled}}> + <span class="glyphicon glyphicon-trash"></span> + </button> {{/locationid}} </td> </tr> @@ -101,7 +110,9 @@ </div> {{^locationid}} <div class="panel-footer text-right"> - <a class="btn btn-primary" href="?do=SysConfig&action=addconfig">{{lang_newConfiguration}}</a> + <a class="btn btn-primary {{perms.config.edit.disabled}}" href="?do=SysConfig&action=addconfig"> + {{lang_newConfiguration}} + </a> </div> {{/locationid}} </div> diff --git a/modules-available/sysconfig/templates/list-modules.html b/modules-available/sysconfig/templates/list-modules.html index a55253ec..c657eae8 100644 --- a/modules-available/sysconfig/templates/list-modules.html +++ b/modules-available/sysconfig/templates/list-modules.html @@ -16,7 +16,10 @@ <td class="text-nowrap"> {{#allowDownload}} <button class="btn btn-default btn-xs" name="list" value="{{id}}" title="{{lang_show}}"><span class="glyphicon glyphicon-eye-open"></span></button> - <button class="btn btn-default btn-xs" name="download" value="{{id}}" title="{{lang_download}}"><span class="glyphicon glyphicon-download-alt"></span></button> + <button class="btn btn-default btn-xs" name="download" value="{{id}}" + title="{{lang_download}}" {{perms.module.download.disabled}}> + <span class="glyphicon glyphicon-download-alt"></span> + </button> {{/allowDownload}} </td> <td class="text-nowrap"> @@ -27,9 +30,18 @@ {{^needRebuild}} class="refmod btn btn-default btn-xs" {{/needRebuild}} - name="rebuild" value="{{id}}" title="{{lang_rebuild}}"><span class="glyphicon glyphicon-refresh"></span></button> - <a class="btn btn-success btn-xs" href="?do=SysConfig&action=addmodule&step={{moduleType}}_Start&edit={{id}}" title="{{lang_edit}}"><span class="glyphicon glyphicon-edit"></span></a> - <button class="btn btn-danger btn-xs confirm-delete" name="del" value="{{id}}" title="{{lang_delete}}"><span class="glyphicon glyphicon-trash"></span></button> + name="rebuild" value="{{id}}" title="{{lang_rebuild}}" {{perms.module.edit.disabled}}> + <span class="glyphicon glyphicon-refresh"></span> + </button> + <a class="btn btn-success btn-xs {{perms.module.edit.disabled}}" + href="?do=SysConfig&action=addmodule&step={{moduleType}}_Start&edit={{id}}" + title="{{lang_edit}}"> + <span class="glyphicon glyphicon-edit"></span> + </a> + <button class="btn btn-danger btn-xs confirm-delete" name="del" value="{{id}}" + title="{{lang_delete}}" {{perms.module.edit.disabled}}> + <span class="glyphicon glyphicon-trash"></span> + </button> </td> </tr> {{/modules}} @@ -40,7 +52,9 @@ </form> </div> <div class="panel-footer text-right"> - <a class="btn btn-primary" href="?do=SysConfig&action=addmodule">{{lang_newModule}}</a> + <a class="btn btn-primary {{perms.module.edit.disabled}}" href="?do=SysConfig&action=addmodule"> + {{lang_newModule}} + </a> </div> </div> diff --git a/modules-available/sysconfig/templates/sshconfig-start.html b/modules-available/sysconfig/templates/sshconfig-start.html index c0b4b379..a2339b0f 100644 --- a/modules-available/sysconfig/templates/sshconfig-start.html +++ b/modules-available/sysconfig/templates/sshconfig-start.html @@ -21,7 +21,7 @@ </div> <div class="form-group"> <label for="port">{{lang_listenPort}}</label> - <input class="form-control" type="text" name="listenPort" value="{{listenPort}}" id="port" pattern="\d+"> + <input class="form-control" type="text" name="listenPort" value="{{listenPort}}" id="port" pattern="\d+" placeholder="22"> <i>{{lang_listenPortInfo}}</i> </div> <hr/> |