Browse code

Überarbeitetes Systemuser-Modul, mit dem man Quotas, Realname und Shell selbst setzen kann.

git-svn-id: https://svn.schokokeks.org/repos/tools/webinterface/trunk@1718 87cf0b9e-d624-0410-a070-f6ee81989793

bernd authored on12/04/2010 15:46:40
Showing8 changed files
1 1
new file mode 100644
2 2
Binary files /dev/null and b/images/user_delete.png differ
3 3
new file mode 100644
4 4
Binary files /dev/null and b/images/user_edit.png differ
... ...
@@ -45,6 +45,12 @@ function icon_error($title = '')
45 45
   return "<img src=\"{$prefix}images/error.png\" style=\"height: 16px; width: 16px;\" alt=\"{$title}\" title=\"{$title}\" />";
46 46
 }
47 47
 
48
+function icon_edit($title = '')
49
+{
50
+  global $prefix;
51
+  return "<img src=\"{$prefix}images/edit.png\" style=\"height: 16px; width: 16px;\" alt=\"{$title}\" title=\"{$title}\" />";
52
+}
53
+
48 54
 function icon_pwchange($title = '')
49 55
 {
50 56
   global $prefix;
... ...
@@ -1,6 +1,6 @@
1 1
 <?php
2
-
3
-require_once('session/start.php');
2
+require_once('inc/base.php');
3
+require_once('inc/icons.php');
4 4
 
5 5
 require_once('useraccounts.php');
6 6
 
... ...
@@ -18,19 +18,37 @@ if (! customer_may_have_useraccounts())
18 18
 else
19 19
 {
20 20
   $accounts = list_useraccounts();
21
+  $shells = available_shells();
21 22
   output("<p>Folgende Benutzeraccounts haben Sie bisher:</p>");
22
-  output("<table><tr><th>Benutzername</th><th>Name</th><th>Erstellt am</th><th>Speicherplatz</th></tr>");
23
+  output("<table><tr><th>Benutzeraccount</th><th>Speicherplatz<sup>*</sup></th><th>Aktionen</th></tr>");
23 24
   foreach ($accounts as $acc)
24 25
   {
25
-
26
-    output("<tr><td>");
27
-    if (customer_useraccount($acc->uid))
28
-      output($acc->username);
29
-    else
30
-      output(internal_link('edit', $acc->username, "uid={$acc->uid}"));
31
-    output("</td><td>{$acc->name}</td><td>{$acc->erstellungsdatum}</td><td>{$acc->quota} MB</td></tr>");
26
+    $shell = $shells[$acc['shell']];
27
+    $usedquota = get_used_quota($acc['uid']);
28
+    $quota = array();
29
+    foreach ($usedquota as $q)
30
+    {
31
+      $percent = round(( $q["used"] / $q["quota"] ) * 100 );
32
+      $color = ( $percent > 99 ? 'red' : ($percent > 80 ? "yellow" : "green" ));
33
+      $width = 2 * min($percent, 100);
34
+      $quota[] = "<p>Server <strong>{$q['server']}</strong><br />{$percent}%: {$q['used']} MB von {$q['quota']} MB belegt.</p> 
35
+        <div style=\"margin: 0; padding: 0; width: 200px; border: 1px solid black;\"><div style=\"font-size: 1px; background-color: {$color}; height: 10px; width: {$width}px; margin: 0; padding: 0;\">&#160;</div></div>";
36
+
37
+    }
38
+    $realname = $acc['name'] ? $acc['name'] : $_SESSION['customerinfo']['name'];
39
+    $quotastring = implode('', $quota);
40
+    output("<tr><td><p><strong>{$acc['username']}</strong> - {$realname}</p><p style=\"color: #555;\">Existiert seit {$acc['erstellungsdatum']}<br />Verwendete Shell: {$shell}</p></td>");
41
+    output("<td>{$quotastring}</td>");
42
+    output("<td>".internal_link('edit', other_icon('user_edit.png', 'Bearbeiten'), "uid={$acc['uid']}"));
43
+    
44
+    if (! customer_useraccount($acc['uid']))
45
+    {
46
+      output(" &#160; ".internal_link('pwchange', icon_pwchange('Passwort neu setzen'), "uid={$acc['uid']}"));
47
+      #output(" &#160; ".internal_link('deluser', other_icon('user_delete.png', 'Benutzer löschen'), "uid={$acc['uid']}"));
48
+    }
49
+    output("</td></tr>\n");
32 50
   }
33
-  output("</table><br />");
51
+  output("</table><p><sup>*</sup>) Die Werte für den verbrauchten Speicherplatz werden periodisch eingelesen und hier erst verspätet angezeigt!</p>");
34 52
 }
35 53
 
36 54
 
... ...
@@ -1,6 +1,6 @@
1 1
 <?php
2 2
 
3
-require_once('session/start.php');
3
+require_once('inc/base.php');
4 4
 
5 5
 require_once('useraccounts.php');
6 6
 
... ...
@@ -12,21 +12,42 @@ $section = "systemuser_accounts";
12 12
 
13 13
 $account = get_account_details($_GET['uid']);
14 14
 
15
+
15 16
 output("<h3>Bearbeiten von Benutzer »{$account['username']}«</h3>");
16 17
 
17
-if (customer_useraccount($account['uid']))
18
-  system_failure('Aus Sicherheitsgründen können Sie diesen Account nicht ändern!');
18
+#if (customer_useraccount($account['uid']))
19
+#  system_failure('Aus Sicherheitsgründen können Sie diesen Account nicht ändern!');
20
+
21
+$shells = available_shells();
22
+$defaultname = ($account['name'] ? '' : 'checked="checked" ');
23
+$nondefaultname = ($account['name'] ? 'checked="checked" ' : '');
24
+
25
+$customerquota = get_customer_quota();
26
+
27
+$maxquota = $customerquota['max'] - $customerquota['assigned'] + $account['quota'];
28
+
29
+
30
+output(html_form('systemuser_edit', 'save', 'action=edit&uid='.$account['uid'], '
31
+
32
+<h5>Name (E-Mail-Absender, ...)</h5>
33
+<div style="margin-left: 2em;"> 
34
+  <p><input type="radio" name="defaultname" id="defaultname" value="1" '.$defaultname.'/> <label for="defaultname">Kundenname: <strong>'.$_SESSION['customerinfo']['name'].'</strong></label></p>
35
+  <p><input type="radio" name="defaultname" id="nondefaultname" value="0" '.$nondefaultname.'/> <label for="nondefaultname">Abweichend:</label> <input type="text" name="fullname" id="fullname" value="'.$account['name'].'" /></p>
36
+</div>
37
+
38
+<h5>Speicherplatz</h5>
39
+<div style="margin-left: 2em;">
40
+  <p>Wenn Sie mehrere Benutzeraccounts haben, können Sie den verfügbaren Speicherplatz selbst auf diese Accounts verteilen, bis diese zusammen das Limit erreichen, das für Ihr Kundenkonto vereinbart wurde (aktuell insgesamt '.$customerquota['max'].' MB).</p>
41
+  <p><label for="quota">Speicherplatz für »<strong>'.$account['username'].'</strong>«:</label> <input style="text-align: right; width: 5em;" type="text" name="quota" id="quota" value="'.$account['quota'].'" /> MB (Maximal '.$maxquota.' MB möglich.)</p>
42
+</div>
19 43
 
44
+<h5>Shell</h5>
45
+<div style="margin-left: 2em;">
46
+  <p>Hier können Sie eine andere Kommandozeile einstellen. Tun Sie das bitte nur, wenn Sie wissen was Sie tun. Möchten Sie gerne eine Shell benutzen, die hier nicht aufgeführt ist, wenden Sie sich bitte an den Support.</p>
47
+  <p>'.html_select('shell', $shells, $account['shell']).'</p>
48
+</div>
20 49
 
21
-output(html_form('systemuser_edit', 'save', 'action=edit', '
22
-<table>
23
-<tr><td>Benutzername:</td><td><strong>'.$account['username'].'</strong></td></tr>
24
-<tr><td>richtiger Name:<br /><span style="font-size:85%;">(wenn nicht »'.$_SESSION['customerinfo']['name'].'«)</span></td><td><input type="text" name="fullname" value="'.$account['name'].'" /></td></tr>
25
-<tr><td>Passwort:</td><td><input type="password" name="newpass" value="" /><br /><span style="font-size:85%;">(Bitte leer lassen um das Passwort nicht zu ändern!)</span></td></tr>
26
-<tr><td>Wiederholung:</td><td><input type="password" name="newpass2" value="" /></td></tr>
27
-</table>
28 50
 <p>
29
-<input type="hidden" name="uid" value="'.$account['uid'].'" />
30 51
 <input type="submit" name="submit" value="Speichern" />
31 52
 </p>
32 53
 '));
... ...
@@ -32,17 +32,29 @@ function primary_useraccount()
32 32
 }
33 33
 
34 34
 
35
+function available_shells()
36
+{
37
+  $result = db_query("SELECT path, name FROM system.shells WHERE usable=1");
38
+  $ret = array();
39
+  while ($s = mysql_fetch_assoc($result))
40
+  {
41
+    $ret[$s['path']] = $s['name'];
42
+  }
43
+  DEBUG($ret);
44
+  return $ret;
45
+}
46
+
35 47
 
36 48
 function list_useraccounts()
37 49
 {
38 50
   $customerno = (int) $_SESSION['customerinfo']['customerno'];
39
-  $result = db_query("SELECT uid,username,name,erstellungsdatum,quota FROM system.useraccounts WHERE kunde={$customerno}");
51
+  $result = db_query("SELECT uid,username,name,erstellungsdatum,quota,shell FROM system.useraccounts WHERE kunde={$customerno}");
40 52
   $ret = array();
41
-  while ($item = mysql_fetch_object($result))
53
+  while ($item = mysql_fetch_assoc($result))
42 54
   {
43
-    DEBUG('Useraccount: '.print_r($item, true));
44 55
     array_push($ret, $item);
45 56
   }
57
+  DEBUG($ret);
46 58
   return $ret;
47 59
 }
48 60
 
... ...
@@ -51,25 +63,45 @@ function get_account_details($uid)
51 63
 {
52 64
   $uid = (int) $uid;
53 65
   $customerno = (int) $_SESSION['customerinfo']['customerno'];
54
-  $result = db_query("SELECT uid,username,name FROM system.useraccounts WHERE kunde={$customerno} AND uid={$uid}");
66
+  $result = db_query("SELECT uid,username,name,shell,quota FROM system.useraccounts WHERE kunde={$customerno} AND uid={$uid}");
55 67
   if (mysql_num_rows($result) == 0)
56 68
     system_failure("Cannot find the requestes useraccount (for this customer).");
57
-  return mysql_fetch_array($result);
69
+  return mysql_fetch_assoc($result);
58 70
 }
59 71
 
72
+function get_used_quota($uid)
73
+{
74
+  $uid = (int) $uid;
75
+  $result = db_query("SELECT s.hostname AS server, used, COALESCE(us.quota, u.quota) AS quota FROM system.usedquota AS uq LEFT JOIN system.useraccounts AS u USING (uid) LEFT JOIN system.servers AS s ON (s.id=uq.server) LEFT JOIN system.user_server AS us ON (us.uid=uq.uid AND us.server=uq.server) WHERE uq.uid='{$uid}'");
76
+  $ret = array();
77
+  while ($line = mysql_fetch_assoc($result))
78
+    $ret[] = $line;
79
+  DEBUG($ret);
80
+  return $ret;
81
+}
60 82
 
61 83
 
62
-function set_systemuser_details($uid, $fullname, $quota)
84
+function set_account_details($account)
63 85
 {
64
-  $uid = (int) $uid;
86
+  $uid = (int) $account['uid'];
65 87
   $customerno = (int) $_SESSION['customerinfo']['customerno'];
66
-  $fullname = maybe_null(mysql_real_escape_string(filter_input_general($fullname)));
67
-  $quota = (int) $quota;
88
+  $fullname = maybe_null(mysql_real_escape_string(filter_input_general($account['name'])));
89
+  $shell = mysql_real_escape_string(filter_input_general($account['shell']));
90
+  $quota = (int) $account['quota'];
68 91
 
69
-  db_query("UPDATE system.useraccounts SET name={$fullname} WHERE kunde={$customerno} AND uid={$uid} LIMIT 1");
70
-  logger(LOG_INFO, "modules/systemuser/include/useraccounts", "systemuser", "updated real name for uid {$uid}");
92
+  db_query("UPDATE system.useraccounts SET name={$fullname}, quota={$quota}, shell='{$shell}' WHERE kunde={$customerno} AND uid={$uid}");
93
+  logger(LOG_INFO, "modules/systemuser/include/useraccounts", "systemuser", "updated details for uid {$uid}");
71 94
 
72 95
 }
73 96
 
97
+function get_customer_quota()
98
+{
99
+  $cid = (int) $_SESSION['customerinfo']['customerno'];
100
+  $result = db_query("SELECT SUM(u.quota) AS assigned, cq.quota AS max FROM system.customerquota AS cq INNER JOIN system.useraccounts AS u ON (u.kunde=cq.cid) WHERE cq.cid={$cid}");
101
+  $ret = mysql_fetch_assoc($result);
102
+  DEBUG($ret);
103
+  return $ret;
104
+}
105
+
74 106
 
75 107
 ?>
76 108
new file mode 100644
... ...
@@ -0,0 +1,37 @@
1
+<?php
2
+
3
+require_once('inc/base.php');
4
+
5
+require_once('useraccounts.php');
6
+
7
+require_role(ROLE_CUSTOMER);
8
+
9
+
10
+$title = "Passwort neu setzen";
11
+$section = "systemuser_accounts";
12
+
13
+$account = get_account_details($_GET['uid']);
14
+
15
+
16
+output("<h3>Rücksetzen des Passworts für Benutzer »{$account['username']}«</h3>");
17
+
18
+if (customer_useraccount($account['uid']))
19
+  system_failure('Zum Ändern des Passwortes für den Hauptbenutzer verwenden Sie bitte die entsprechende Funktion im Hauptmenü!');
20
+
21
+output(html_form('systemuser_pwchange', 'save', 'action=pwchange&uid='.$account['uid'], '
22
+
23
+<h5>Neues Passwort</h5>
24
+<div style="margin-left: 2em;"> 
25
+  <p>Geben Sie bitte Ihr neues Passwort zweimal ein. Bitte verzichten Sie auf Anführungszeichen!</p>
26
+  <p><label for="newpass1">Neues Passwort für »<strong>'.$account['username'].'</strong>«:</label> <input type="password" name="newpass1" id="newpass1" /></p>
27
+  <p><label for="newpass2">Wiederholung des Passworts:</label> <input type="password" name="newpass2" id="newpass2" /></p>
28
+</div>
29
+
30
+<p>
31
+<input type="submit" name="submit" value="Speichern" />
32
+</p>
33
+'));
34
+
35
+
36
+
37
+?>
... ...
@@ -30,33 +30,54 @@ if ($_GET['action'] == 'new')
30 30
   }
31 31
   */
32 32
 }
33
-elseif ($_GET['action'] == 'edit')
33
+elseif ($_GET['action'] == 'pwchange')
34 34
 {
35 35
   $error = false;
36
-  check_form_token('systemuser_edit');
37
-  if (customer_useraccount($_POST['uid']))
38
-    system_failure('Aus Sicherheitsgründen können Sie diesen Account nicht ändern!');
36
+  check_form_token('systemuser_pwchange');
37
+  if (customer_useraccount($_REQUEST['uid']))
38
+    system_failure('Zum Ändern dieses Passworts verwenden Sie bitte die Funktion im Hauptmenü!');
39 39
 
40
-  if ($_POST['newpass'] != '')
40
+  //if (! strong_password($_POST['newpass']))
41
+  //  input_error('Das Passwort ist zu einfach');
42
+  //else
43
+  if ($_POST['newpass1'] == '' ||
44
+      $_POST['newpass1'] != $_POST['newpass2'])
45
+  {
46
+    input_error('Bitte zweimal ein neues Passwort eingeben!');
47
+    $error = true;
48
+  }
49
+  else
41 50
   {
42
-    //if (! strong_password($_POST['newpass']))
43
-    //  input_error('Das Passwort ist zu einfach');
44
-    //else
45
-    if ($_POST['newpass2'] == '' ||
46
-        $_POST['newpass'] != $_POST['newpass2'])
47
-    {
48
-      input_error('Bitte zweimal ein neues Passwort eingeben!');
49
-      $error = true;
50
-    }
51
-    else
52
-    {
53
-      $user = get_account_details($_POST['uid']);
54
-      # set_systemuser_password kommt aus den Session-Funktionen!
55
-      set_systemuser_password($user['uid'], $_POST['newpass']);
56
-    }
51
+    $user = get_account_details($_REQUEST['uid']);
52
+    # set_systemuser_password kommt aus den Session-Funktionen!
53
+    set_systemuser_password($user['uid'], $_POST['newpass1']);
57 54
   }
55
+  if (! ($debugmode || $error))
56
+    header('Location: accounts');
57
+}
58
+elseif ($_GET['action'] == 'edit')
59
+{
60
+  check_form_token('systemuser_edit');
61
+  $account = get_account_details($_REQUEST['uid']);
62
+
63
+  $customerquota = get_customer_quota();
64
+  $maxquota = $customerquota['max'] - $customerquota['assigned'] + $account['quota'];
65
+ 
66
+  $quota = (int) $_POST['quota'];
67
+  if ($quota > $maxquota) 
68
+    system_failure("Sie können diesem Account maximal {$maxquota} MB Speicherplatz zuweisen.");
69
+  $account['quota'] = $quota;
70
+
71
+  if ($_POST['defaultname'] == 1)
72
+    $account['name'] = NULL;
73
+  else
74
+    $account['name'] = filter_input_general($_POST['fullname']);
75
+  
76
+  $shells = available_shells();
77
+  if (isset($shells[$_POST['shell']]))
78
+    $account['shell'] = $_POST['shell'];
58 79
 
59
-  set_systemuser_details($_POST['uid'], $_POST['fullname'], $_POST['quota']);
80
+  set_account_details($account);
60 81
   if (! ($debugmode || $error))
61 82
     header('Location: accounts');
62 83