Network Module Interface no add patch...

[<jam...@te...>]

Hi Jamie,

It was desirable in our deployment of webmin to have the option the
interfaces submodule of the
network module, to make it so that a user could could view and edit an
interface but they
could not create a new one.  At the end of this email I have attached a
patch that adds this
ability.  The patch includes the following changes (high level):

     - Adds the option to add an interface (yes/no) to the acl_security.pl
file.
     - Adds text for not being able to add an interface to lang/en.
     - Adds text for not being able to view an interface.
     -  list_ifcs.cgi now uses the cannot view interface error message if
they
         cannot even view the interface.
     - list_ifcs.cgi does not show a link to add an interface if they user
does not have
       that right.
     - edit_aifcs.cgi checks to see how it was called.  If it was called to
create a
        an interface it determines if the user can and if not gives an
error.  If it
        was called to edit an interface it checks if the user can edit it.
If he/she can't
        then it gives an error.

I set it up so that even if a user could not edit an interface, if allowed
to he/she can add
one.  I actually not totally sure of that decision; it seemed like the
flexible thing to do, but
it would have been a tiny bit less code changes if I would have added
append to edit, view, no.

I did not update all the language files (only english).  I could have done
the Espanol one, but
I was a little unsure of the exact grammer.

Anyway, I hope the patch will be useful.

Cheers...james

diff -ur .delta/net/acl_security.pl current/net/acl_security.pl
--- .delta/net/acl_security.pl     Mon Sep  9 10:52:38 2002
+++ current/net/acl_security.pl    Mon Sep  9 12:13:57 2002
@@ -13,36 +13,45 @@
 printf "<input type=radio name=ifcs value=0 %s> $text{'no'}</td>\n",
     $_[0]->{'ifcs'} ? "" : "checked";

-print "<td><b>$text{'acl_routes'}</b></td> <td nowrap>\n";
+print "<td><b>$text{'acl_ifcs_add'}</b></td> <td nowrap>\n";
+printf "<input type=radio name=ifcs_add value=1 %s> $text{'yes'}\n",
+    $_[0]->{'ifcs_add'} == 1 ? "checked" : "";
+printf "<input type=radio name=ifcs_add value=0 %s> $text{'no'}</td> </tr>\n",
+    $_[0]->{'ifcs_add'} ? "" : "checked";
+
+print "<tr> <td><b>$text{'acl_routes'}</b></td> <td nowrap>\n";
 printf "<input type=radio name=routes value=2 %s> $text{'yes'}\n",
     $_[0]->{'routes'} == 2 ? "checked" : "";
 printf "<input type=radio name=routes value=1 %s> $text{'acl_view'}\n",
     $_[0]->{'routes'} == 1 ? "checked" : "";
-printf "<input type=radio name=routes value=0 %s> $text{'no'}</td> </tr>\n",
+printf "<input type=radio name=routes value=0 %s> $text{'no'}</td>\n",
     $_[0]->{'routes'} ? "" : "checked";

-print "<tr> <td><b>$text{'acl_dns'}</b></td> <td nowrap>\n";
+print "<td><b>$text{'acl_dns'}</b></td> <td nowrap>\n";
 printf "<input type=radio name=dns value=2 %s> $text{'yes'}\n",
     $_[0]->{'dns'} == 2 ? "checked" : "";
 printf "<input type=radio name=dns value=1 %s> $text{'acl_view'}\n",
     $_[0]->{'dns'} == 1 ? "checked" : "";
-printf "<input type=radio name=dns value=0 %s> $text{'no'}</td>\n",
+printf "<input type=radio name=dns value=0 %s> $text{'no'}</td> </tr>\n",
     $_[0]->{'dns'} ? "" : "checked";

-print "<td><b>$text{'acl_hosts'}</b></td> <td nowrap>\n";
+print "<tr> <td><b>$text{'acl_hosts'}</b></td> <td nowrap>\n";
 printf "<input type=radio name=hosts value=2 %s> $text{'yes'}\n",
     $_[0]->{'hosts'} == 2 ? "checked" : "";
 printf "<input type=radio name=hosts value=1 %s> $text{'acl_view'}\n",
     $_[0]->{'hosts'} == 1 ? "checked" : "";
-printf "<input type=radio name=hosts value=0 %s> $text{'no'}</td> </tr>\n",
+printf "<input type=radio name=hosts value=0 %s> $text{'no'}</td>\n",
     $_[0]->{'hosts'} ? "" : "checked";
-}
+
+print "<td>&nbsp;</td><td>&nbsp;</td></tr>\n";
+}

 # acl_security_save(&options)
 # Parse the form for security options for the file module
 sub acl_security_save
 {
 $_[0]->{'ifcs'} = $in{'ifcs'};
+$_[0]->{'ifcs_add'} = $in{'ifcs_add'};
 $_[0]->{'routes'} = $in{'routes'};
 $_[0]->{'dns'} = $in{'dns'};
 $_[0]->{'hosts'} = $in{'hosts'};
diff -ur .delta/net/defaultacl current/net/defaultacl
--- .delta/net/defaultacl     Mon Sep  9 10:52:38 2002
+++ current/net/defaultacl    Mon Sep  9 11:41:01 2002
@@ -1,4 +1,5 @@
 ifcs=2
+ifcs_add=1
 routes=2
 dns=2
 hosts=2
diff -ur .delta/net/edit_aifc.cgi current/net/edit_aifc.cgi
--- .delta/net/edit_aifc.cgi  Mon Sep  9 10:52:38 2002
+++ current/net/edit_aifc.cgi Mon Sep  9 13:23:48 2002
@@ -3,12 +3,13 @@
 # Edit or create an active interface

 require './net-lib.pl';
-$access{'ifcs'} == 2 || &error($text{'ifcs_ecannot'});
 &ReadParse();
 if ($in{'new'}) {
+    $access{'ifcs_add'} == 1 || &error($text{'ifcs_acannot'});
     &header($text{'aifc_create'}, "");
     }
 else {
+    $access{'ifcs'} == 2 || &error($text{'ifcs_ecannot'});
     &header($text{'aifc_edit'}, "");
     @act = &active_interfaces();
     $a = $act[$in{'idx'}];
diff -ur .delta/net/lang/en current/net/lang/en
--- .delta/net/lang/en   Mon Sep  9 10:52:38 2002
+++ current/net/lang/en  Mon Sep  9 13:45:27 2002
@@ -24,6 +24,8 @@
 ifcs_return=network interfaces
 ifcs_unknown=Unknown
 ifcs_ecannot=You are not allowed to edit network interfaces
+ifcs_vcannot=You are not allowed to view network interfaces
+ifcs_acannot=You are not allowed to add network interfaces

 aifc_create=Create Active Interface
 aifc_edit=Edit Active Interface
@@ -128,6 +130,7 @@
 log_delete_bifc=Deleted interface $1 address $2
 log_dyn=dynamic

+acl_ifcs_add=Can add a network interface?
 acl_ifcs=Can edit network interfaces?
 acl_routes=Can edit routing and gateways?
 acl_dns=Can edit DNS client settings?
diff -ur .delta/net/list_ifcs.cgi current/net/list_ifcs.cgi
--- .delta/net/list_ifcs.cgi  Mon Sep  9 10:52:38 2002
+++ current/net/list_ifcs.cgi Mon Sep  9 13:49:09 2002
@@ -4,13 +4,14 @@

 require './net-lib.pl';
 &ReadParse();
-$access{'ifcs'} || &error($text{'ifcs_ecannot'});
+$access{'ifcs'} || &error($text{'ifcs_vcannot'});
 &header($text{'ifcs_title'}, "");
 print "<hr>\n";

 print "<h3>$text{'ifcs_now'}</h3>\n";
-print "<a href='edit_aifc.cgi?new=1'>$text{'ifcs_add'}</a><br>\n"
-    if ($access{'ifcs'} == 2);
+if($access{'ifcs_add'}) {
+    print "<a href='edit_aifc.cgi?new=1'>$text{'ifcs_add'}</a><br>\n";
+}
 print "<table border width=100%>\n";
 print "<tr $tb> <td><b>$text{'ifcs_name'}</b></td> ",
       "<td><b>$text{'ifcs_type'}</b></td> ",
@@ -39,13 +40,15 @@
           "</td> </tr>\n";
     }
 print "</table>\n";
-print "<a href='edit_aifc.cgi?new=1'>$text{'ifcs_add'}</a>\n"
-    if ($access{'ifcs'} == 2);
+if($access{'ifcs_add'}) {
+    print "<a href='edit_aifc.cgi?new=1'>$text{'ifcs_add'}</a>\n";
+}
 print "<p><hr>\n";

 print "<h3>$text{'ifcs_boot'}</h3>\n";
-print "<a href='edit_bifc.cgi?new=1'>$text{'ifcs_add'}</a><br>\n"
-    if ($access{'ifcs'} == 2);
+if($access{'ifcs_add'}) {
+    print "<a href='edit_bifc.cgi?new=1'>$text{'ifcs_add'}</a><br>\n";
+}
 print "<table border width=100%>\n";
 print "<tr $tb> <td><b>$text{'ifcs_name'}</b></td> ",
       "<td><b>$text{'ifcs_type'}</b></td> ",
@@ -76,9 +79,9 @@
     print "<td>",($a->{'up'} ? $text{'yes'} : $text{'no'}),"</td> </tr>\n";
     }
 print "</table>\n";
-print "<a href='edit_bifc.cgi?new=1'>$text{'ifcs_add'}</a>\n"
-    if ($access{'ifcs'} == 2);
-
+if($access{'ifcs_add'}) {
+    print "<a href='edit_bifc.cgi?new=1'>$text{'ifcs_add'}</a>\n";
+}
 print "<p><hr>\n";
 &footer("", $text{'index_return'});