From 4c9aba92942c4b9341c46a50aeaa31bea24a8b60 Mon Sep 17 00:00:00 2001
From: Christian Hofmaier
Date: Tue, 9 Jan 2018 17:38:21 +0100
Subject: [exams] implemented permission system

---
 modules-available/rebootcontrol/lang/de/permissions.json | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 modules-available/rebootcontrol/lang/de/permissions.json

(limited to 'modules-available/rebootcontrol/lang/de/permissions.json')

diff --git a/modules-available/rebootcontrol/lang/de/permissions.json b/modules-available/rebootcontrol/lang/de/permissions.json
new file mode 100644
index 00000000..92eeb37e
--- /dev/null
+++ b/modules-available/rebootcontrol/lang/de/permissions.json
@@ -0,0 +1,5 @@
+{
+	"shutdown": "Client herunterfahren.",
+	"reboot": "Client neustarten.",
+	"newkeypair": "Neues Schlüsselpaar generieren."
+}
\ No newline at end of file
-- 
cgit v1.2.3-55-g7522


From 5309badac125114399ec2cf39b095e0d9efcd09f Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Thu, 15 Feb 2018 13:18:56 +0100
Subject: [rebootcontrol] Rewrite permission handling, simplify html/javascript

---
 .../rebootcontrol/lang/de/module.json              |   1 -
 .../rebootcontrol/lang/de/permissions.json         |   4 +-
 .../rebootcontrol/lang/de/template-tags.json       |   5 +-
 .../rebootcontrol/lang/en/module.json              |   1 -
 .../rebootcontrol/lang/en/permissions.json         |   4 +-
 .../rebootcontrol/lang/en/template-tags.json       |   5 +-
 modules-available/rebootcontrol/page.inc.php       | 107 ++++++--------
 .../rebootcontrol/permissions/permissions.json     |   4 +-
 modules-available/rebootcontrol/style.css          |  10 +-
 .../rebootcontrol/templates/_page.html             | 162 ++++++---------------
 .../rebootcontrol/templates/header.html            |  63 ++++++++
 11 files changed, 172 insertions(+), 194 deletions(-)
 create mode 100644 modules-available/rebootcontrol/templates/header.html

(limited to 'modules-available/rebootcontrol/lang/de/permissions.json')

diff --git a/modules-available/rebootcontrol/lang/de/module.json b/modules-available/rebootcontrol/lang/de/module.json
index 03196610..1f325354 100644
--- a/modules-available/rebootcontrol/lang/de/module.json
+++ b/modules-available/rebootcontrol/lang/de/module.json
@@ -1,5 +1,4 @@
 {
     "module_name": "Reboot Control",
-    "notAssigned": "Nicht zugewiesen",
     "page_title": "Reboot Control"
 }
\ No newline at end of file
diff --git a/modules-available/rebootcontrol/lang/de/permissions.json b/modules-available/rebootcontrol/lang/de/permissions.json
index 92eeb37e..12ec4c83 100644
--- a/modules-available/rebootcontrol/lang/de/permissions.json
+++ b/modules-available/rebootcontrol/lang/de/permissions.json
@@ -1,5 +1,5 @@
 {
-	"shutdown": "Client herunterfahren.",
-	"reboot": "Client neustarten.",
+	"action.shutdown": "Client herunterfahren.",
+	"action.reboot": "Client neustarten.",
 	"newkeypair": "Neues Schlüsselpaar generieren."
 }
\ No newline at end of file
diff --git a/modules-available/rebootcontrol/lang/de/template-tags.json b/modules-available/rebootcontrol/lang/de/template-tags.json
index c5bd1670..eccc8738 100644
--- a/modules-available/rebootcontrol/lang/de/template-tags.json
+++ b/modules-available/rebootcontrol/lang/de/template-tags.json
@@ -1,12 +1,14 @@
 {
     "lang_authFail": "Authentifizierung fehlgeschlagen",
     "lang_client": "Client",
+    "lang_confirmNewKeypair": "Wirklich neues Schl\u00fcsselpaar erzeugen?",
     "lang_connecting": "Verbinde...",
     "lang_error": "Nicht erreichbar",
     "lang_genNew": "Neues Schl\u00fcsselpaar generieren",
     "lang_ip": "IP",
     "lang_location": "Standort",
     "lang_minutes": " Minuten",
+    "lang_newKeypairExplanation": "Sie k\u00f6nnen ein neues Schl\u00fcsselpaar erzeugen lassen. In diesem Fall wird das alte Schl\u00fcsselpaar verworfen, sodass alle zum jetzigen Zeitpunkt bereits gestarteten Rechner nicht mehr aus der Ferne bedient werden k\u00f6nnen, bis diese manuell neugestartet wurden.",
     "lang_off": "Aus",
     "lang_on": "An",
     "lang_online": "Online",
@@ -27,6 +29,5 @@
     "lang_shutdownCheck": "Wollen Sie die ausgew\u00e4hlten Rechner wirklich herunterfahren?",
     "lang_shutdownIn": "Herunterfahren in: ",
     "lang_status": "Status",
-    "lang_unselectall": "Alle abw\u00e4hlen",
-    "lang_user": "Nutzer"
+    "lang_unselectall": "Alle abw\u00e4hlen"
 }
\ No newline at end of file
diff --git a/modules-available/rebootcontrol/lang/en/module.json b/modules-available/rebootcontrol/lang/en/module.json
index 129140dd..1f325354 100644
--- a/modules-available/rebootcontrol/lang/en/module.json
+++ b/modules-available/rebootcontrol/lang/en/module.json
@@ -1,5 +1,4 @@
 {
     "module_name": "Reboot Control",
-    "notAssigned": "Not assigned",
     "page_title": "Reboot Control"
 }
\ No newline at end of file
diff --git a/modules-available/rebootcontrol/lang/en/permissions.json b/modules-available/rebootcontrol/lang/en/permissions.json
index 077890fb..34badbaf 100644
--- a/modules-available/rebootcontrol/lang/en/permissions.json
+++ b/modules-available/rebootcontrol/lang/en/permissions.json
@@ -1,5 +1,5 @@
 {
-	"shutdown": "Shutdown Client.",
-	"reboot": "Reboot Client.",
+	"action.shutdown": "Shutdown Client.",
+	"action.reboot": "Reboot Client.",
 	"newkeypair": "Generate new Keypair."
 }
\ No newline at end of file
diff --git a/modules-available/rebootcontrol/lang/en/template-tags.json b/modules-available/rebootcontrol/lang/en/template-tags.json
index 63a5b4a8..c2346044 100644
--- a/modules-available/rebootcontrol/lang/en/template-tags.json
+++ b/modules-available/rebootcontrol/lang/en/template-tags.json
@@ -1,12 +1,14 @@
 {
     "lang_authFail": "Authentication failed",
     "lang_client": "Client",
+    "lang_confirmNewKeypair": "Really create new key pair?",
     "lang_connecting": "Connecting...",
     "lang_error": "Not available",
     "lang_genNew": "Generate new keypair",
     "lang_ip": "IP",
     "lang_location": "Location",
     "lang_minutes": " Minutes",
+    "lang_newKeypairExplanation": "You can create a new keypair, which will replace the old one. Please note that after doing so, you cannot poweroff or reboot clients that are already running, since they still use the old key. They have to be rebooted manually first.",
     "lang_off": "Off",
     "lang_on": "On",
     "lang_online": "Online",
@@ -27,6 +29,5 @@
     "lang_shutdownCheck": "Do you really want to shut down the selected clients?",
     "lang_shutdownIn": "Shutdown in: ",
     "lang_status": "Status",
-    "lang_unselectall": "Unselect all",
-    "lang_user": "User"
+    "lang_unselectall": "Unselect all"
 }
\ No newline at end of file
diff --git a/modules-available/rebootcontrol/page.inc.php b/modules-available/rebootcontrol/page.inc.php
index fa34a05a..fa7688d8 100644
--- a/modules-available/rebootcontrol/page.inc.php
+++ b/modules-available/rebootcontrol/page.inc.php
@@ -4,9 +4,6 @@ class Page_RebootControl extends Page
 {
 
 	private $action = false;
-	private $allowedShutdownLocs = [];
-	private $allowedRebootLocs = [];
-	private $allowedLocs = [];
 
 	/**
 	 * Called before any page rendering happens - early hook to check parameters etc.
@@ -20,54 +17,40 @@ class Page_RebootControl extends Page
 			Util::redirect('?do=Main'); // does not return
 		}
 
-		$this->allowedShutdownLocs = User::getAllowedLocations("shutdown");
-		$this->allowedRebootLocs = User::getAllowedLocations("reboot");
-		$this->allowedLocs = array_unique(array_merge($this->allowedShutdownLocs, $this->allowedRebootLocs));
-
 		$this->action = Request::any('action', 'show', 'string');
 
 
-		if ($this->action === 'startReboot' || $this->action === 'startShutdown') {
-
-			$locationId = Request::post('locationId', false, 'int');
-			if ($locationId === false) {
-				Message::addError('locations.invalid-location-id', $locationId);
-				Util::redirect();
-			}
-
-			$shutdown = $this->action === "startShutdown";
-			// Check user permission (if user has no permission, the getAllowed-list will be empty and the check will fail)
-			if ($shutdown) {
-				if (!in_array($locationId, $this->allowedShutdownLocs)) {
-					Message::addError('main.no-permission');
-					Util::redirect();
-				}
-			} else {
-				if (!in_array($locationId, $this->allowedRebootLocs)) {
-					Message::addError('main.no-permission');
-					Util::redirect();
-				}
-			}
+		if ($this->action === 'reboot' || $this->action === 'shutdown') {
 
-			$clients = Request::post('clients');
-			if (!is_array($clients) || empty($clients)) {
+			$requestedClients = Request::post('clients', false, 'array');
+			if (!is_array($requestedClients) || empty($requestedClients)) {
 				Message::addError('no-clients-selected');
 				Util::redirect();
 			}
 			$minutes = Request::post('minutes', 0, 'int');
 
-			$list = RebootQueries::getMachinesByUuid($clients);
-			if (count($list) !== count($clients)) {
+			$actualClients = RebootQueries::getMachinesByUuid($requestedClients);
+			if (count($actualClients) !== count($requestedClients)) {
 				// We could go ahead an see which ones were not found in DB but this should not happen anyways unless the
 				// user manipulated the request
 				Message::addWarning('some-machine-not-found');
 			}
-			// TODO: Iterate over list and check if a locationid is not in permissions
-			// TODO: we could also check if the locationid is equal or a sublocation of the $locationId from above
-			// (this would be more of a sanity check though, or does the UI allow selecting machines from different locations)
-
-			$task = RebootControl::execute($list, $shutdown, $minutes, $locationId);
+			// Filter ones with no permission
+			foreach (array_keys($actualClients) as $idx) {
+				if (!User::hasPermission('action.' . $this->action, $actualClients[$idx]['locationid'])) {
+					Message::addWarning('main.location-no-permission', $actualClients[$idx]['locationid']);
+					unset($actualClients[$idx]);
+				} else {
+					$locationId = $actualClients[$idx]['locationid'];
+				}
+			}
+			// See if anything is left
+			if (!is_array($actualClients) || empty($actualClients)) {
+				Message::addError('no-clients-selected');
+				Util::redirect();
+			}
 
+			$task = RebootControl::execute($actualClients, $this->action === 'shutdown', $minutes, $locationId);
 			Util::redirect("?do=rebootcontrol&taskid=".$task["id"]);
 		}
 
@@ -81,6 +64,7 @@ class Page_RebootControl extends Page
 	{
 		if ($this->action === 'show') {
 
+			$data = [];
 			$taskId = Request::get("taskid");
 
 			if ($taskId && Taskmanager::isTask($taskId)) {
@@ -91,36 +75,42 @@ class Page_RebootControl extends Page
 				$data['clients'] = $task['data']['clients'];
 				Render::addTemplate('status', $data);
 			} else {
-				//location you want to see, default are "not  assigned" clients
-				$requestedLocation = Request::get('location', 0, 'int');
 
-				// only fill table if user has at least one permission for the location
-				if (in_array($requestedLocation, $this->allowedLocs)) {
-					$data['data'] = RebootQueries::getMachineTable($requestedLocation);
-					$data['allowedToSelect'] = True;
+				//location you want to see, default are "not  assigned" clients
+				$requestedLocation = Request::get('location', false, 'int');
+				$allowedLocs = User::getAllowedLocations("action.*");
+
+				if ($requestedLocation === false) {
+					if (in_array(0, $allowedLocs)) {
+						$requestedLocation = 0;
+					} elseif (!empty($allowedLocs)) {
+						$requestedLocation = reset($allowedLocs);
+					}
 				}
 
 				$data['locations'] = Location::getLocations($requestedLocation, 0, true);
-				// Always show public key (it's public, isn't it?)
-				$data['pubKey'] = SSHKey::getPublicKey();
 
 				// disable each location user has no permission for
 				foreach ($data['locations'] as &$loc) {
-					if (!in_array($loc["locationid"], $this->allowedLocs)) {
+					if (!in_array($loc["locationid"], $allowedLocs)) {
 						$loc["disabled"] = "disabled";
 					}
 				}
+				// Always show public key (it's public, isn't it?)
+				$data['pubKey'] = SSHKey::getPublicKey();
 
 				// Only enable shutdown/reboot-button if user has permission for the location
-				if (in_array($requestedLocation, $this->allowedShutdownLocs)) {
-					$data['allowedToShutdown'] = True;
-				}
-				if (in_array($requestedLocation, $this->allowedRebootLocs)) {
-					$data['allowedToReboot'] = True;
-				}
-				$data['allowedToGenerateKey'] = User::hasPermission("newkeypair");
+				Permission::addGlobalTags($data['perms'], $requestedLocation, ['newkeypair', 'action.shutdown', 'action.reboot']);
+
+				Render::addTemplate('header', $data);
 
-				Render::addTemplate('_page', $data);
+				// only fill table if user has at least one permission for the location
+				if ($requestedLocation === false) {
+					Message::addError('main.no-permission');
+				} else {
+					$data['data'] = RebootQueries::getMachineTable($requestedLocation);
+					Render::addTemplate('_page', $data);
+				}
 
 			}
 		}
@@ -130,12 +120,9 @@ class Page_RebootControl extends Page
 	{
 		$this->action = Request::post('action', false, 'string');
 		if ($this->action === 'generateNewKeypair') {
-			if (User::hasPermission("newkeypair")) {
-				Property::set("rebootcontrol-private-key", false);
-				echo SSHKey::getPublicKey();
-			} else {
-				echo 'No permission.';
-			}
+			User::assertPermission("newkeypair");
+			Property::set("rebootcontrol-private-key", false);
+			echo SSHKey::getPublicKey();
 		} else {
 			echo 'Invalid action.';
 		}
diff --git a/modules-available/rebootcontrol/permissions/permissions.json b/modules-available/rebootcontrol/permissions/permissions.json
index 5de9b633..a058ffbf 100644
--- a/modules-available/rebootcontrol/permissions/permissions.json
+++ b/modules-available/rebootcontrol/permissions/permissions.json
@@ -2,10 +2,10 @@
     "newkeypair": {
         "location-aware": false
     },
-    "reboot": {
+    "action.reboot": {
         "location-aware": true
     },
-    "shutdown": {
+    "action.shutdown": {
         "location-aware": true
     }
 }
\ No newline at end of file
diff --git a/modules-available/rebootcontrol/style.css b/modules-available/rebootcontrol/style.css
index f10a6157..e35bce29 100644
--- a/modules-available/rebootcontrol/style.css
+++ b/modules-available/rebootcontrol/style.css
@@ -16,9 +16,8 @@
     margin-bottom: 0;
 }
 
-.controlButtons {
-    margin-left: 10px;
-    width: 140px;
+.select-button {
+    min-width: 150px;
 }
 
 #dataTable {
@@ -29,11 +28,6 @@
 #shutdownTimer {
     text-align: center;
 }
-#pubKeyTitle {
-    display: inline-block;
-    margin-top: 7px;
-    margin-bottom: 20px;
-}
 
 pre {
     white-space: pre-wrap;
diff --git a/modules-available/rebootcontrol/templates/_page.html b/modules-available/rebootcontrol/templates/_page.html
index e540cafb..82f82b02 100644
--- a/modules-available/rebootcontrol/templates/_page.html
+++ b/modules-available/rebootcontrol/templates/_page.html
@@ -1,26 +1,5 @@
-<div class="page-header">
-	<button type="button" id="settingsButton" class="btn btn-default pull-right" data-toggle="modal" data-target="#settingsModal"><span class="glyphicon glyphicon-cog"></span> {{lang_settings}}</button>
-	<h1>{{lang_rebootControl}}</h1>
-</div>
-
-
 <form id="tableDataForm" method="post" action="?do=rebootcontrol" class="form-inline">
 	<input type="hidden" name="token" value="{{token}}">
-	<div class="row">
-		<div class="col-md-12">
-			<label>{{lang_location}}:
-				<select id="locationDropdown" name="locationId" class="form-control" onchange="selectLocation()">
-					{{#locations}}
-					<option value="{{locationid}}" {{disabled}} {{#selected}}selected{{/selected}}>{{locationpad}} {{locationname}}</option>
-					{{/locations}}
-				</select>
-			</label>
-			<button type="button" id="selectAllButton" {{^allowedToSelect}}disabled{{/allowedToSelect}} class="btn btn-primary pull-right controlButtons" onclick="selectAllRows()"><span class="glyphicon glyphicon-check"></span> {{lang_selectall}}</button>
-			<button type="button" id="unselectAllButton" {{^allowedToSelect}}disabled{{/allowedToSelect}} class="btn btn-default pull-right controlButtons" onclick="unselectAllRows()" style="display: none;"><span class="glyphicon glyphicon-unchecked"></span> {{lang_unselectall}}</button>
-			<button type="button" {{#allowedToReboot}}id="rebootButton"{{/allowedToReboot}} class="btn btn-warning pull-right controlButtons" data-toggle="modal" data-target="#rebootModal" disabled><span class="glyphicon glyphicon-repeat"></span> {{lang_rebootButton}}</button>
-			<button type="button" {{#allowedToShutdown}}id="shutdownButton"{{/allowedToShutdown}} class="btn btn-danger pull-right controlButtons" data-toggle="modal" data-target="#shutdownModal" disabled><span class="glyphicon glyphicon-off"></span> {{lang_shutdownButton}}</button>
-		</div>
-	</div>
 	<div class="row">
 		<div class="col-md-12">
 			<table class="table table-condensed table-hover stupidtable" id="dataTable">
@@ -53,7 +32,7 @@
 					</td>
 					<td>{{#status}}{{currentsession}}{{/status}}</td>
 					<td>{{#status}}{{currentuser}}{{/status}}</td>
-					<td data-sort-value="0" class="checkboxColumn">
+					<td data-sort-value="0" class="checkboxColumn slx-smallcol">
 						<div class="checkbox">
 							<input id="m-{{machineuuid}}" type="checkbox" name="clients[]" value='{{machineuuid}}'>
 							<label for="m-{{machineuuid}}"></label>
@@ -69,25 +48,6 @@
 
 	<!-- Modals -->
 
-	<div id="settingsModal" class="modal fade" role="dialog">
-		<div class="modal-dialog">
-
-			<div class="modal-content">
-				<div class="modal-header">
-					<button type="button" class="close" data-dismiss="modal">&times;</button>
-					<h4 class="modal-title"><b>{{lang_settings}}</b></h4>
-				</div>
-				<div class="modal-body">
-					<span id="pubKeyTitle">{{lang_pubKey}}</span>
-					<button {{^allowedToGenerateKey}}disabled{{/allowedToGenerateKey}} class="btn btn-s btn-warning pull-right" onclick="generateNewKeypair()" type="button"><span class="glyphicon glyphicon-refresh"></span> {{lang_genNew}}</button>
-					<pre id="pubKey">{{pubKey}}</pre>
-				</div>
-				<div class="modal-footer">
-				</div>
-			</div>
-		</div>
-	</div>
-
 	<div class ="modal fade" id="rebootModal" tabindex="-1" role="dialog" aria-labelledby="myModalLabel">
 		<div class="modal-dialog" role="document">
 			<div class="modal-content">
@@ -100,7 +60,7 @@
 				</div>
 				<div class="modal-footer">
 					<button type="button" class="btn btn-default" data-dismiss="modal">{{lang_cancel}}</button>
-					<button type="submit" {{^allowedToReboot}}disabled{{/allowedToReboot}} name="action" value="startReboot" class="btn btn-warning"><span class="glyphicon glyphicon-repeat"></span> {{lang_reboot}}</button>
+					<button type="submit" {{perms.action.reboot.disabled}} name="action" value="reboot" class="btn btn-warning"><span class="glyphicon glyphicon-repeat"></span> {{lang_reboot}}</button>
 				</div>
 			</div>
 		</div>
@@ -115,11 +75,11 @@
 				</div>
 				<div class="modal-body">
 					{{lang_shutdownCheck}}
-					{{lang_shutdownIn}} <input id="shutdownTimer" name="minutes" title="{{lang_shutdownIn}}" type="number" value="0" min="0" onkeypress="return isNumberKey(event)"> {{lang_minutes}}
+					{{lang_shutdownIn}} <input id="shutdownTimer" name="minutes" title="{{lang_shutdownIn}}" type="number" value="0" min="0" pattern="\d+"> {{lang_minutes}}
 				</div>
 				<div class="modal-footer">
 					<button type="button" class="btn btn-default" data-dismiss="modal">{{lang_cancel}}</button>
-					<button type="submit" {{^allowedToShutdown}}disabled{{/allowedToShutdown}} name="action" value="startShutdown" class="btn btn-danger"><span class="glyphicon glyphicon-off"></span> {{lang_shutdownButton}}</button>
+					<button type="submit" {{perms.action.shutdown.disabled}} name="action" value="shutdown" class="btn btn-danger"><span class="glyphicon glyphicon-off"></span> {{lang_shutdownButton}}</button>
 				</div>
 			</div>
 		</div>
@@ -128,104 +88,76 @@
 
 
 <script type="application/javascript">
+	var $dataTable;
+
 	document.addEventListener("DOMContentLoaded", function() {
-		markCheckedRows();
 
-		$('input:checkbox').change(
-			function(){
+		$dataTable = $("#dataTable");
+		markCheckedRows();
+		// Handle change of checkboxes in table
+		$('input:checkbox').change(function() {
+				var $this = $(this);
 				//give each checkbox the function to mark the row (in green)
-				if ($(this).is(':checked')) {
-					markRows($(this).closest("tr"), true);
-					$(this).closest("td").data("sort-value", 1);
+				if ($this.is(':checked')) {
+					markRows($this.closest("tr"), true);
+					$this.closest("td").data("sort-value", 1);
 				} else {
-					markRows($(this).closest("tr"), false);
-					$(this).closest("td").data("sort-value", 0);
+					markRows($this.closest("tr"), false);
+					$this.closest("td").data("sort-value", 0);
 				}
 
 				//if all are checked, change the selectAll-Button to unselectAll. if one is not checked, change unselectAll to selectAll
-				var dataTable = $("#dataTable");
-				var unchecked = dataTable.find("input[type=checkbox]:not(:checked)").length;
-				if (unchecked == 0) {
+				var unchecked = $dataTable.find("input:checkbox:not(:checked)").length;
+				var checked = $dataTable.find("input:checkbox:checked").length;
+				if (unchecked === 0) {
 					$('#selectAllButton').hide();
 					$('#unselectAllButton').show();
-				} else if (unchecked == 1) {
+				} else if (checked === 0) {
 					$('#selectAllButton').show();
 					$('#unselectAllButton').hide();
 				}
 
 				//if no client is selected, disable the shutdown/reboot button, and enable them if a client is selected
-				var checked = dataTable.find("input[type=checkbox]:checked").length;
-				if (checked == 0) {
-					$('#rebootButton').prop('disabled', true);
-					$('#shutdownButton').prop('disabled', true);
-				} else {
-					$('#rebootButton').prop('disabled', false);
-					$('#shutdownButton').prop('disabled', false);
-				}
+				$('#rebootButton').prop('disabled', checked === 0 || '{{perms.action.reboot.disabled}}' === 'disabled');
+				$('#shutdownButton').prop('disabled', checked === 0 || '{{perms.action.shutdown.disabled}}' === 'disabled');
 			});
+		// Propagate click on column with checkbox to checkbox
 		$('.checkboxColumn').click(function(e) {
 			if (e.target === this) {
-				$(this).find('input[type="checkbox"]').click();
+				$(this).find('input:checkbox').click();
 			}
 		});
+		// Arm the (de)select all buttons
+		$('#selectAllButton').click(function() { selectAllRows(true); });
+		$('#unselectAllButton').click(function() { selectAllRows(false); });
 	});
 
-	// Change Location when selected in Dropdown Menu
-	function selectLocation() {
-		var dropdown = $("#locationDropdown");
-		var location = dropdown.val();
-		window.location.replace("?do=rebootcontrol&location="+location);
-	}
-
 	// Check all checkboxes, change selectAll button, make shutdown/reboot button enabled as clients will certainly be selected
-	function selectAllRows() {
-		var checked = $("tr input:checkbox:checked");
-
-		//change button
-		$('#selectAllButton').hide();
-		$('#unselectAllButton').show();
-
-		//check rows and mark them
-		$('input[type="checkbox"]', '#dataTable').prop('checked', true);
-		markRows($("tr:not(:first)"), true);
-		$(".checkboxColumn").data("sort-value", 1);
-
-		//enable shutdown/reboot button
-		$('#rebootButton').prop('disabled', false);
-		$('#shutdownButton').prop('disabled', false);
-	}
-
-	// Uncheck all checkboxes, change unselectAll Button, make shutdown/reboot button disabled as clients will certainly be not selected
-	function unselectAllRows() {
-		//change button
-		$('#selectAllButton').show();
-		$('#unselectAllButton').hide();
-
-		//uncheck rows and unmark them
-		$('input[type="checkbox"]', '#dataTable').prop('checked', false);
-		markRows($("tr"), false);
-		$(".checkboxColumn").data("sort-value", 0);
-
-		//disable shutdown/reboot button
-		$('#rebootButton').prop('disabled', true);
-		$('#shutdownButton').prop('disabled', true);
+	function selectAllRows(selected) {
+		var $box = $dataTable.find('input:checkbox');
+		if ($box.length === 0) return;
+		if (selected) {
+			$box = $box.filter(':not(:checked)');
+		} else {
+			$box = $box.filter(':checked');
+		}
+		if ($box.length === 0) return;
+		$box.prop('checked', !!selected).trigger('change');
 	}
 
-	// mark all previous checked rows (used when loading site)
+	// mark all previous checked rows (used when loading site), enable (de)select all if list is not empty
 	function markCheckedRows() {
-		var checked = $("tr input:checkbox:checked");
-		markRows(checked.closest("tr"), true);
-		var unchecked = $("#dataTable").find("input[type=checkbox]:not(:checked)").length;
-		if(unchecked == 0) {
+		var $checked = $dataTable.find("input:checkbox:checked");
+		markRows($checked.closest("tr"), true);
+		var $unchecked = $dataTable.find("input:checkbox:not(:checked)");
+		markRows($unchecked.closest("tr"), false);
+		if($unchecked.length === 0) {
 			$('#selectAllButton').hide();
 			$('#unselectAllButton').show();
 		}
-	}
-
-	// only allow numbers to get typed into the "shutdown in X Minutes" box.
-	function isNumberKey(evt){
-		var charCode = (evt.which) ? evt.which : event.keyCode;
-		return !(charCode > 31 && (charCode < 48 || charCode > 57));
+		if ($unchecked.length > 0 || $checked.length > 0) {
+			$('.select-button').prop('disabled', false);
+		}
 	}
 
 	function markRows($rows, marked) {
@@ -237,6 +169,8 @@
 	}
 
 	function generateNewKeypair() {
+		if (!confirm('{{lang_confirmNewKeypair}}'))
+			return;
 		$.ajax({
 			url: '?do=rebootcontrol',
 			type: 'POST',
diff --git a/modules-available/rebootcontrol/templates/header.html b/modules-available/rebootcontrol/templates/header.html
new file mode 100644
index 00000000..b84cb426
--- /dev/null
+++ b/modules-available/rebootcontrol/templates/header.html
@@ -0,0 +1,63 @@
+<div class="page-header">
+	<button type="button" id="settingsButton" class="btn btn-default pull-right" data-toggle="modal" data-target="#settingsModal"><span class="glyphicon glyphicon-cog"></span> {{lang_settings}}</button>
+	<h1>{{lang_rebootControl}}</h1>
+</div>
+
+<div>
+	<label>{{lang_location}}:
+		<select id="locationDropdown" class="form-control" onchange="selectLocation()">
+			{{#locations}}
+				<option value="{{locationid}}" {{disabled}} {{#selected}}selected{{/selected}}>{{locationpad}} {{locationname}}</option>
+			{{/locations}}
+		</select>
+	</label>
+	<div class="pull-right">
+		<button type="button" id="shutdownButton" class="btn btn-danger action-button" data-toggle="modal" data-target="#shutdownModal" disabled>
+			<span class="glyphicon glyphicon-off"></span>
+			{{lang_shutdownButton}}
+		</button>
+		<button type="button" id="rebootButton" class="btn btn-warning action-button" data-toggle="modal" data-target="#rebootModal" disabled>
+			<span class="glyphicon glyphicon-repeat"></span>
+			{{lang_rebootButton}}
+		</button>
+		<button type="button" id="selectAllButton" class="btn btn-primary select-button" disabled>
+			<span class="glyphicon glyphicon-check"></span>
+			{{lang_selectall}}
+		</button>
+		<button type="button" id="unselectAllButton" class="btn btn-default select-button collapse" disabled>
+			<span class="glyphicon glyphicon-unchecked"></span>
+			{{lang_unselectall}}
+		</button>
+	</div>
+</div>
+
+<div id="settingsModal" class="modal fade" role="dialog">
+	<div class="modal-dialog">
+
+		<div class="modal-content">
+			<div class="modal-header">
+				<button type="button" class="close" data-dismiss="modal">&times;</button>
+				<h4 class="modal-title"><b>{{lang_settings}}</b></h4>
+			</div>
+			<div class="modal-body">
+				<p>{{lang_pubKey}}</p>
+				<pre>{{pubKey}}</pre>
+				<p>{{lang_newKeypairExplanation}}</p>
+			</div>
+			<div class="modal-footer">
+				<button {{perms.newkeypair.disabled}} class="btn btn-danger pull-right" onclick="generateNewKeypair()" type="button"><span class="glyphicon glyphicon-refresh"></span> {{lang_genNew}}</button>
+			</div>
+		</div>
+	</div>
+</div>
+
+<script type="application/javascript">
+
+	// Change Location when selected in Dropdown Menu
+	function selectLocation() {
+		var dropdown = $("#locationDropdown");
+		var location = dropdown.val();
+		window.location.replace("?do=rebootcontrol&location="+location);
+	}
+
+</script>
\ No newline at end of file
-- 
cgit v1.2.3-55-g7522