Viewing file:  save_acl.cgi (3.33 KB) -rwxr-xr-x
Select action/file-type:
 (+) |  (+) |  (+) | Code (+) | Session (+) |  (+) | SDB (+) |  (+) |  (+) |  (+) |  (+) |  (+) |
#!/usr/bin/perl
# save_acl.cgi
# Save the ACL for a module for a user or group
require './cluster-webmin-lib.pl';
&ReadParse();
$who = $in{'_acl_user'} ? $in{'_acl_user'} : $in{'_acl_group'};
# Validate and parse inputs
&error_setup($text{'acl_err'});
$maccess{'noconfig'} = $in{'noconfig'};
if (-r "../$in{'_acl_mod'}/acl_security.pl") {
&foreign_require($in{'_acl_mod'}, "acl_security.pl");
&foreign_call($in{'_acl_mod'}, "acl_security_save", \%maccess, \%in);
}
# Setup error handler for down hosts
sub user_error
{
$user_error_msg = join("", @_);
}
&remote_error_setup(\&user_error);
# Write out on all hosts, or just one host
&ui_print_header(undef, $text{'acl_title'}, "");
@allhosts = &list_webmin_hosts();
@servers = &list_servers();
if ($in{'all'}) {
# Doing on all hosts that the user has the module on
foreach $h (@allhosts) {
local $w;
if ($in{'_acl_user'}) {
($w) = grep { $_->{'name'} eq $in{'_acl_user'} }
@{$h->{'users'}};
}
else {
($w) = grep { $_->{'name'} eq $in{'_acl_group'} }
@{$h->{'groups'}};
}
next if (!$w);
local %ingroup;
foreach $g (@{$h->{'groups'}}) {
map { $ingroup{$_}++ } @{$g->{'members'}};
}
local @m = $ingroup{$w->{'name'}} ? @{$w->{'ownmods'}}
: @{$w->{'modules'}};
push(@hosts, $h) if (&indexof($in{'_acl_mod'}, @m) >= 0 ||
!$in{'_acl_mod'});
}
print "<b>",&text('acl_doing', $who),"</b><p>\n";
}
else {
# Doing on just one host
@hosts = grep { $_->{'id'} == $in{'_acl_host'} } @allhosts;
local ($s) = grep { $_->{'id'} == $hosts[0]->{'id'} } @servers;
print "<b>",&text('acl_doing2', $who, &server_name($s)),"</b><p>\n";
}
$p = 0;
foreach $h (@hosts) {
local ($s) = grep { $_->{'id'} == $h->{'id'} } @servers;
local ($rh = "READ$p", $wh = "WRITE$p");
pipe($rh, $wh);
if (!fork()) {
close($rh);
&remote_foreign_require($s->{'host'}, "acl", "acl-lib.pl");
if ($user_error_msg) {
# Host is down
print $wh &serialise_variable([ 0, $user_error_msg ]);
exit;
}
# Save the .acl file
local $cd = &remote_eval($s->{'host'}, "acl",
'$config_directory');
$sfx = $in{'_acl_user'} ? "acl" : "gacl";
&remote_foreign_call($s->{'host'}, "acl", "write_file",
"$cd/$in{'_acl_mod'}/$who.$sfx", \%maccess);
# Recursively update the ACL for all member users and groups
if ($in{'_acl_group'}) {
local ($group) = grep { $_->{'name'} eq $in{'_acl_group'} }
@{$h->{'groups'}};
&remote_foreign_call($s->{'host'}, "acl", "set_acl_files",
$h->{'users'}, $h->{'groups'}, $in{'_acl_mod'},
$group->{'members'}, \%maccess);
}
print $wh &serialise_variable([ 1 ]);
exit;
}
close($wh);
$p++;
}
# Read back the results
$p = 0;
foreach $h (@hosts) {
local ($s) = grep { $_->{'id'} == $h->{'id'} } @servers;
local $d = &server_name($s);
local $rh = "READ$p";
local $line = <$rh>;
local $rv = &unserialise_variable($line);
close($rh);
if ($rv && $rv->[0] == 1) {
# It worked
print &text('acl_success', $d),"<br>\n";
}
else {
# Something went wrong
print &text('acl_failed', $d, $rv->[1]),"<br>\n";
}
$p++;
}
print "<p><b>$text{'acl_done'}</b><p>\n";
&remote_finished();
&ui_print_footer("", $text{'index_return'},
$in{'_acl_user'} ? ( "edit_user.cgi?user=$in{'_acl_user'}&host=$in{'_acl_host'}", $text{'user_return'} ) : ( "edit_group.cgi?group=$in{'_acl_group'}&host=$in{'_acl_host'}", $text{'group_return'} ));
|