mirror of
https://github.com/webmin/webmin.git
synced 2025-07-20 16:48:46 +00:00
122 lines
3.3 KiB
Perl
Executable File
122 lines
3.3 KiB
Perl
Executable File
#!/usr/local/bin/perl
|
|
# save_acl.cgi
|
|
# Save the ACL for a module for a user or group
|
|
|
|
require './cluster-webmin-lib.pl';
|
|
&ReadParse();
|
|
$who = $in{'_acl_user'} ? $in{'_acl_user'} : $in{'_acl_group'};
|
|
|
|
# Validate and parse inputs
|
|
&error_setup($text{'acl_err'});
|
|
$maccess{'noconfig'} = $in{'noconfig'};
|
|
if (-r "../$in{'_acl_mod'}/acl_security.pl") {
|
|
&foreign_require($in{'_acl_mod'}, "acl_security.pl");
|
|
&foreign_call($in{'_acl_mod'}, "acl_security_save", \%maccess, \%in);
|
|
}
|
|
|
|
# Setup error handler for down hosts
|
|
sub user_error
|
|
{
|
|
$user_error_msg = join("", @_);
|
|
}
|
|
&remote_error_setup(\&user_error);
|
|
|
|
# Write out on all hosts, or just one host
|
|
&ui_print_header(undef, $text{'acl_title'}, "");
|
|
@allhosts = &list_webmin_hosts();
|
|
@servers = &list_servers();
|
|
if ($in{'all'}) {
|
|
# Doing on all hosts that the user has the module on
|
|
foreach $h (@allhosts) {
|
|
local $w;
|
|
if ($in{'_acl_user'}) {
|
|
($w) = grep { $_->{'name'} eq $in{'_acl_user'} }
|
|
@{$h->{'users'}};
|
|
}
|
|
else {
|
|
($w) = grep { $_->{'name'} eq $in{'_acl_group'} }
|
|
@{$h->{'groups'}};
|
|
}
|
|
next if (!$w);
|
|
local %ingroup;
|
|
foreach $g (@{$h->{'groups'}}) {
|
|
map { $ingroup{$_}++ } @{$g->{'members'}};
|
|
}
|
|
local @m = $ingroup{$w->{'name'}} ? @{$w->{'ownmods'}}
|
|
: @{$w->{'modules'}};
|
|
push(@hosts, $h) if (&indexof($in{'_acl_mod'}, @m) >= 0 ||
|
|
!$in{'_acl_mod'});
|
|
}
|
|
print "<b>",&text('acl_doing', $who),"</b><p>\n";
|
|
}
|
|
else {
|
|
# Doing on just one host
|
|
@hosts = grep { $_->{'id'} == $in{'_acl_host'} } @allhosts;
|
|
local ($s) = grep { $_->{'id'} == $hosts[0]->{'id'} } @servers;
|
|
print "<b>",&text('acl_doing2', $who, &server_name($s)),"</b><p>\n";
|
|
}
|
|
$p = 0;
|
|
foreach $h (@hosts) {
|
|
local ($s) = grep { $_->{'id'} == $h->{'id'} } @servers;
|
|
local ($rh = "READ$p", $wh = "WRITE$p");
|
|
pipe($rh, $wh);
|
|
if (!fork()) {
|
|
close($rh);
|
|
&remote_foreign_require($s->{'host'}, "acl", "acl-lib.pl");
|
|
if ($user_error_msg) {
|
|
# Host is down
|
|
print $wh &serialise_variable([ 0, $user_error_msg ]);
|
|
exit;
|
|
}
|
|
|
|
# Save the .acl file
|
|
local $cd = &remote_eval($s->{'host'}, "acl",
|
|
'$config_directory');
|
|
$sfx = $in{'_acl_user'} ? "acl" : "gacl";
|
|
&remote_foreign_call($s->{'host'}, "acl", "write_file",
|
|
"$cd/$in{'_acl_mod'}/$who.$sfx", \%maccess);
|
|
|
|
# Recursively update the ACL for all member users and groups
|
|
if ($in{'_acl_group'}) {
|
|
local ($group) = grep { $_->{'name'} eq $in{'_acl_group'} }
|
|
@{$h->{'groups'}};
|
|
&remote_foreign_call($s->{'host'}, "acl", "set_acl_files",
|
|
$h->{'users'}, $h->{'groups'}, $in{'_acl_mod'},
|
|
$group->{'members'}, \%maccess);
|
|
}
|
|
|
|
print $wh &serialise_variable([ 1 ]);
|
|
exit;
|
|
}
|
|
close($wh);
|
|
$p++;
|
|
}
|
|
|
|
# Read back the results
|
|
$p = 0;
|
|
foreach $h (@hosts) {
|
|
local ($s) = grep { $_->{'id'} == $h->{'id'} } @servers;
|
|
local $d = &server_name($s);
|
|
local $rh = "READ$p";
|
|
local $line = <$rh>;
|
|
local $rv = &unserialise_variable($line);
|
|
close($rh);
|
|
|
|
if ($rv && $rv->[0] == 1) {
|
|
# It worked
|
|
print &text('acl_success', $d),"<br>\n";
|
|
}
|
|
else {
|
|
# Something went wrong
|
|
print &text('acl_failed', $d, $rv->[1]),"<br>\n";
|
|
}
|
|
$p++;
|
|
}
|
|
|
|
print "<p><b>$text{'acl_done'}</b><p>\n";
|
|
|
|
&remote_finished();
|
|
&ui_print_footer("", $text{'index_return'},
|
|
$in{'_acl_user'} ? ( "edit_user.cgi?user=$in{'_acl_user'}&host=$in{'_acl_host'}", $text{'user_return'} ) : ( "edit_group.cgi?group=$in{'_acl_group'}&host=$in{'_acl_host'}", $text{'group_return'} ));
|
|
|