Commit | Line | Data |
---|---|---|
dfb0d0d7 AC |
1 | <% val you = Init.getUserId (); |
2 | val yourname = Init.getUserName (); | |
3 | ||
4 | val uname = case $"uname" of | |
5 | "" => yourname | |
6 | | uname => uname; | |
7 | ||
8 | val socks = Sec.socketPerms uname; | |
9 | val tpe = Sec.isTpe uname; | |
10 | ||
11 | ref showNormal = true; | |
12 | ||
13 | @header [("title", ["Security settings"])]; | |
14 | ||
15 | if $"cmd" = "socks" then | |
16 | showNormal := false; | |
17 | val socks = $"socks"; | |
18 | %>Are you sure you want to request that socket permissions for <b><% Web.html uname %></b> be changed to <b><% Web.html socks %></b>?<br> | |
19 | <a href="sec?cmd=socks2&uname=<% Web.urlEncode uname %>&socks=<% Web.urlEncode socks %>&msg=<% Web.urlEncode ($"msg") %>">Yes, place the request!</a><% | |
20 | elseif $"cmd" = "socks2" then | |
21 | val id = Sec.Req.add (you, String.concat [uname, ": change socket permissions to ", $"socks"], $"msg"); | |
22 | if not (Sec.Req.notifyNew id) then | |
23 | %><h3><b>Error sending e-mail notification</b></h3><% | |
24 | end | |
25 | %><h3><b>Request added</b></h3><% | |
26 | ||
27 | elseif $"cmd" = "tpe" then | |
28 | showNormal := false; | |
29 | val tpe = iff $"tpe" = "yes" then "on" else "off"; | |
30 | %>Are you sure you want to request that trusted-path-executables-only for <b><% Web.html uname %></b> be turned <b><% tpe %></b>?<br> | |
31 | <a href="sec?cmd=tpe2&uname=<% Web.urlEncode uname %>&tpe=<% tpe %>&msg=<% Web.urlEncode ($"msg") %>">Yes, place the request!</a><% | |
32 | elseif $"cmd" = "tpe2" then | |
33 | val id = Sec.Req.add (you, String.concat [uname, ": turn tpe ", $"tpe"], $"msg"); | |
34 | if not (Sec.Req.notifyNew id) then | |
35 | %><h3><b>Error sending e-mail notification</b></h3><% | |
36 | end | |
37 | %><h3><b>Request added</b></h3><% | |
38 | ||
39 | elseif $"cmd" = "open" then | |
40 | showNormal := false; | |
41 | Group.requireGroupName "server"; | |
42 | %><h3><b>Open requests</b></h3> | |
43 | <a href="sec?cmd=list">List all requests</a><% | |
44 | ||
45 | foreach (name, req) in Sec.Req.listOpen () do %> | |
46 | <br><hr><br> | |
47 | <table> | |
48 | <tr> <td align="right"><b>By</b>:</td> <td><a href="user?id=<% #usr req %>"><% name %></a></td> </tr> | |
49 | <tr> <td align="right"><b>Time</b>:</td> <td><% #stamp req %></td> </tr> | |
50 | <tr> <td align="right"><b>Request</b>:</td> <td><% #data req %></td> </tr> | |
51 | <tr> <td align="right" valign="top"><b>Msg</b>:</td> <td colspan="2"><% Web.html (#msg req) %></td> </tr> | |
52 | </table> | |
53 | ||
54 | <br> | |
55 | <a href="sec?mod=<% #id req %>">[Modify]</a> | |
56 | <a href="sec?del=<% #id req %>">[Delete]</a><br> | |
57 | ||
58 | <% end | |
59 | ||
60 | elseif $"cmd" = "list" then | |
61 | showNormal := false; | |
62 | Group.requireGroupName "server" | |
63 | %><h3><b>All requests</b></h3><% | |
64 | ||
65 | foreach (name, req) in Sec.Req.list () do %> | |
66 | <br><hr><br> | |
67 | <table> | |
68 | <tr> <td align="right"><b>By</b>:</td> <td colspan="2"><a href="user?id=<% #usr req %>"><% name %></a></td> </tr> | |
69 | <tr> <td align="right"><b>Time</b>:</td> <td colspan="2"><% #stamp req %></td> </tr> | |
70 | <tr> <td align="right"><b>Request</b>:</td> <td><% #data req %></td> </tr> | |
71 | <tr> <td align="right" valign="top"><b>Reason</b>:</td> <td colspan="2"><% Web.html (#msg req) %></td> </tr> | |
72 | </table> | |
73 | ||
74 | <br> | |
75 | <a href="sec?mod=<% #id req %>">[Modify]</a> | |
76 | <a href="sec?del=<% #id req %>">[Delete]</a> | |
77 | ||
78 | <% end | |
79 | ||
80 | elseif $"mod" <> "" then | |
81 | showNormal := false; | |
82 | Group.requireGroupName "server"; | |
83 | val id = Web.stoi ($"mod"); | |
84 | val req = Sec.Req.lookup id; | |
85 | val user = Init.lookupUser (#usr req) %> | |
86 | <h3><b>Handle request</b></h3> | |
87 | ||
88 | <form action="sec" method="post"> | |
89 | <input type="hidden" name="save" value="<% id %>"> | |
90 | <table> | |
91 | <tr> <td align="right"><b>Requestor</b>:</td> <td><a href="user?id=<% #usr req %>"><% #name user %></a></td> </tr> | |
92 | <tr> <td align="right"><b>Time</b>:</td> <td><% #stamp req %></td> </tr> | |
93 | <tr> <td align="right"><b>Status</b>:</td> <td><select name="status"> | |
94 | <option value="0"<% if #status req = Sec.Req.NEW then %> selected<% end %>>New</option> | |
95 | <option value="1"<% if #status req = Sec.Req.INSTALLED then %> selected<% end %>>Installed</option> | |
96 | <option value="2"<% if #status req = Sec.Req.REJECTED then %> selected<% end %>>Rejected</option> | |
97 | </select></td> </tr> | |
98 | <tr> <td align="right"><b>Request</b>:</td> <td><input name="req" value="<% #data req %>"></td> </tr> | |
99 | <tr> <td align="right" valign="top"><b>Message</b>:</td> <td><textarea name="msg" rows="10" cols="80" wrap="soft"><% Web.html (#msg req) %></textarea></td> </tr> | |
100 | <tr> <td><input type="submit" value="Save"></td> </tr> | |
101 | </table> | |
102 | </form> | |
103 | ||
104 | <% elseif $"save" <> "" then | |
105 | showNormal := false; | |
106 | Group.requireGroupName "server"; | |
107 | val id = Web.stoi ($"save"); | |
108 | val req = Sec.Req.lookup id; | |
109 | val oldStatus = #status req; | |
110 | val newStatus = Sec.Req.statusFromInt (Web.stoi ($"status")); | |
111 | Sec.Req.modify {req with data = $"req", msg = $"msg", status = newStatus}; | |
112 | if oldStatus <> newStatus then | |
113 | if not (Sec.Req.notifyMod (oldStatus, newStatus, Init.getUserName(), id)) then | |
114 | %><h3><b>Error sending e-mail notification</b></h3><% | |
115 | end | |
116 | end | |
117 | %><h3><b>Request modified</b></h3> | |
118 | Back to: <a href="sec?cmd=open">open requests</a>, <a href="sec?cmd=list">all requests</a> | |
119 | ||
120 | <% elseif $"del" <> "" then | |
121 | showNormal := false; | |
122 | Group.requireGroupName "server"; | |
123 | val id = Web.stoi ($"del"); | |
124 | val req = Sec.Req.lookup id; | |
125 | val user = Init.lookupUser (#usr req) | |
126 | %><h3><b>Are you sure you want to delete request by <% #name user %> for "<% #data req %>"?</b></h3> | |
127 | <a href="sec?del2=<% id %>">Yes, I'm sure!</a> | |
128 | ||
129 | <% elseif $"del2" <> "" then | |
130 | showNormal := false; | |
131 | Group.requireGroupName "server"; | |
132 | val id = Web.stoi ($"del2"); | |
133 | Sec.Req.delete id | |
134 | %><h3><b>Request deleted</b><h3> | |
135 | Back to: <a href="sec?cmd=open">open requests</a>, <a href="sec?cmd=list">all requests</a> | |
136 | ||
137 | <% end; | |
138 | ||
139 | if showNormal then %> | |
140 | ||
141 | <form action="sec" method="post"> | |
142 | <b>Your users:</b> <select name="uname"> | |
143 | <% foreach name in (yourname :: Sec.findSubusers yourname) do %> | |
144 | <option value="<% name %>"<% if uname = name then %> selected<% end %>><% name %></option> | |
145 | <% end %></select> <input type="submit" value="Switch"> </form> | |
146 | ||
147 | <h3><b>Request socket permissions change</b></h3> | |
148 | ||
149 | <form action="sec" method="post"> | |
150 | <input type="hidden" name="uname" value="<% uname %>"> | |
151 | <input type="hidden" name="cmd" value="socks"> | |
152 | <table> | |
153 | <tr> <td align="right"><b>New permissions:</b></td> <td><select name="socks"> | |
154 | <option value="none"<% if socks = Sec.NADA then %> selected<% end %>>None</option> | |
155 | <option value="any"<% if socks = Sec.ANY then %> selected<% end %>>Any</option> | |
156 | <option value="client"<% if socks = Sec.CLIENT_ONLY then %> selected<% end %>>Client only</option> | |
157 | <option value="server"<% if socks = Sec.SERVER_ONLY then %> selected<% end %>>Server only</option> | |
158 | </select></td> </tr> | |
159 | <tr> <td align="right" valign="top"><b>Reason:</b></td> <td><textarea name="msg" wrap="soft" rows="3" cols="80"></textarea></td> </tr> | |
160 | <tr> <td><input type="submit" value="Request"></td> </tr> | |
161 | </table> | |
162 | </form> | |
163 | ||
164 | <h3><b>Request change to your execute permissions</b></h3> | |
165 | ||
166 | <form action="sec" method="post"> | |
167 | <input type="hidden" name="uname" value="<% uname %>"> | |
168 | <input type="hidden" name="cmd" value="tpe"> | |
169 | <table> | |
170 | <tr> <td align="right"><b>Trusted path executables only?</b></td> <td><select name="tpe"> | |
171 | <option value="no"<% if not tpe then %> selected<% end %>>No</option> | |
172 | <option value="yes"<% if tpe then %> selected<% end %>>Yes</option> | |
173 | </select></td> </tr> | |
174 | <tr> <td align="right" valign="top"><b>Reason:</b></td> <td><textarea name="msg" wrap="soft" rows="3" cols="80"></textarea></td> </tr> | |
175 | <tr> <td><input type="submit" value="Request"></td> </tr> | |
176 | </table> | |
177 | </form> | |
178 | ||
179 | <% end %> | |
180 | ||
181 | <% @footer[] %> |