mirror of
https://github.com/webmin/webmin.git
synced 2025-07-21 23:40:34 +00:00
Add option to always rename users, even if password isn't synced https://github.com/webmin/webmin/issues/1462
This commit is contained in:
Jamie Cameron
@ -26,6 +26,8 @@ print &ui_table_row($text{'sync_when'},
|
||||
"<br>\n".
|
||||
&ui_checkbox("delete", 1, $text{'sync_delete'}, $config{'sync_delete'}).
|
||||
"<br>\n".
|
||||
&ui_checkbox("modify", 1, $text{'sync_modify'}, $config{'sync_modify'}).
|
||||
"<br>\n".
|
||||
&ui_checkbox("unix", 1, $text{'sync_unix'}, $config{'sync_unix'}));
|
||||
|
||||
# Assign new users to group
|
||||
|
||||
@ -306,6 +306,7 @@ sync_when=When to synchronize
|
||||
sync_create=Create a Webmin user when a Unix user is created.
|
||||
sync_update=Update the matching Webmin user when a Unix user is updated.
|
||||
sync_delete=Delete the matching Webmin user when a Unix user is deleted.
|
||||
sync_modify=Rename the matching Webmin user when a Unix user is renamed.
|
||||
sync_group=Assign new users to Webmin group
|
||||
sync_unix=Set password for new users to Unix authentication.
|
||||
sync_ecannot=You are not allowed to configure user synchronization.
|
||||
|
||||
@ -12,6 +12,7 @@ $access{'sync'} && $access{'create'} && $access{'delete'} ||
|
||||
&lock_file("$module_config_directory/config");
|
||||
$config{'sync_create'} = $in{'create'};
|
||||
$config{'sync_delete'} = $in{'delete'};
|
||||
$config{'sync_modify'} = $in{'modify'};
|
||||
$config{'sync_unix'} = $in{'unix'};
|
||||
$config{'sync_group'} = $in{'group'};
|
||||
&write_file("$module_config_directory/config", \%config);
|
||||
|
||||
@ -10,14 +10,15 @@ our (%config, $config_directory);
|
||||
# Create a new webmin user in the group
|
||||
sub useradmin_create_user
|
||||
{
|
||||
my ($unix) = @_;
|
||||
return if (!$config{'sync_create'});
|
||||
my $group = &get_group($config{'sync_group'});
|
||||
return if (!$group);
|
||||
my $clash = &get_user($_[0]->{'user'}) || &get_group($_[0]->{'user'});
|
||||
my $clash = &get_user($unix->{'user'}) || &get_group($unix->{'user'});
|
||||
return if ($clash);
|
||||
return if ($_[0]->{'user'} !~ /^[A-z0-9\-\_\.]+$/);
|
||||
my $user = { 'name' => $_[0]->{'user'},
|
||||
'pass' => $config{'sync_unix'} ? 'x' : $_[0]->{'pass'},
|
||||
return if ($unix->{'user'} !~ /^[A-z0-9\-\_\.]+$/);
|
||||
my $user = { 'name' => $unix->{'user'},
|
||||
'pass' => $config{'sync_unix'} ? 'x' : $unix->{'pass'},
|
||||
'sync' => 1,
|
||||
'modules' => $group->{'modules'} };
|
||||
&create_user($user);
|
||||
@ -40,8 +41,9 @@ foreach my $m (@{$group->{'modules'}}, "") {
|
||||
# Delete this webmin user if in sync
|
||||
sub useradmin_delete_user
|
||||
{
|
||||
my ($unix) = @_;
|
||||
return if (!$config{'sync_delete'});
|
||||
my $u = &get_user($_[0]->{'user'});
|
||||
my $u = &get_user($unix->{'user'});
|
||||
if ($u) {
|
||||
&delete_user($u->{'name'});
|
||||
&reload_miniserv();
|
||||
@ -62,35 +64,36 @@ foreach my $g (&list_groups()) {
|
||||
# Update this users password if in sync
|
||||
sub useradmin_modify_user
|
||||
{
|
||||
return if ($_[0]->{'passmode'} == 4 && $_[0]->{'olduser'} eq $_[0]->{'user'});
|
||||
my $u = &get_user($_[0]->{'olduser'});
|
||||
if ($u && $u->{'sync'}) {
|
||||
if ($_[0]->{'user'} ne $_[0]->{'olduser'}) {
|
||||
# New name might clash (or be invalid)
|
||||
my $clash = &get_user($_[0]->{'user'}) ||
|
||||
&get_group($_[0]->{'user'});
|
||||
my ($unix) = @_;
|
||||
return if ($unix->{'passmode'} == 4 && $unix->{'olduser'} eq $unix->{'user'});
|
||||
my $u = &get_user($unix->{'olduser'});
|
||||
if ($u && ($u->{'sync'} || $config{'sync_modify'})) {
|
||||
if ($unix->{'user'} ne $unix->{'olduser'}) {
|
||||
# User has been renamed .. but name might clash or be invalid
|
||||
my $clash = &get_user($unix->{'user'}) ||
|
||||
&get_group($unix->{'user'});
|
||||
return if ($clash);
|
||||
return if ($_[0]->{'user'} !~ /^[A-z0-9\-\_\.]+$/);
|
||||
return if ($unix->{'user'} !~ /^[A-z0-9\-\_\.]+$/);
|
||||
}
|
||||
$u->{'name'} = $_[0]->{'user'};
|
||||
if ($u->{'pass'} ne 'x') {
|
||||
$u->{'pass'} = $_[0]->{'passmode'} == 3 ?
|
||||
&encrypt_password($_[0]->{'plainpass'}) :
|
||||
$_[0]->{'pass'};
|
||||
$u->{'name'} = $unix->{'user'};
|
||||
if ($u->{'pass'} ne 'x' && $u->{'sync'}) {
|
||||
# Password has been updated
|
||||
$u->{'pass'} = $unix->{'passmode'} == 3 ?
|
||||
&encrypt_password($unix->{'plainpass'}) :
|
||||
$unix->{'pass'};
|
||||
}
|
||||
&modify_user($_[0]->{'olduser'}, $u);
|
||||
&modify_user($unix->{'olduser'}, $u);
|
||||
&reload_miniserv();
|
||||
}
|
||||
|
||||
|
||||
if ($_[0]->{'olduser'} && $_[0]->{'user'} ne $_[0]->{'olduser'}) {
|
||||
if ($unix->{'olduser'} && $unix->{'user'} ne $unix->{'olduser'}) {
|
||||
# Check other users' acl module acls
|
||||
foreach my $u (&list_users()) {
|
||||
my %uaccess = &get_module_acl($u->{'name'});
|
||||
my @au = split(/\s+/, $uaccess{'users'});
|
||||
my $idx = &indexof($_[0]->{'olduser'}, @au);
|
||||
my $idx = &indexof($unix->{'olduser'}, @au);
|
||||
if ($idx != -1) {
|
||||
$au[$idx] = $_[0]->{'user'};
|
||||
$au[$idx] = $unix->{'user'};
|
||||
$uaccess{'users'} = join(" ", @au);
|
||||
&save_module_acl(\%uaccess, $u->{'name'});
|
||||
}
|
||||
@ -99,9 +102,9 @@ if ($_[0]->{'olduser'} && $_[0]->{'user'} ne $_[0]->{'olduser'}) {
|
||||
# Rename the user in his group
|
||||
foreach my $g (&list_groups()) {
|
||||
my @mems = @{$g->{'members'}};
|
||||
my $i = &indexof($_[0]->{'olduser'}, @mems);
|
||||
my $i = &indexof($unix->{'olduser'}, @mems);
|
||||
if ($i >= 0) {
|
||||
$mems[$i] = $_[0]->{'user'};
|
||||
$mems[$i] = $unix->{'user'};
|
||||
$g->{'members'} = \@mems;
|
||||
&modify_group($g->{'name'}, $g);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user