'[Os-sim-commits] os-sim/include/panel Ajax_Panel.php,1.9,1.10'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       os-sim-commits
Subject:    [Os-sim-commits] os-sim/include/panel Ajax_Panel.php,1.9,1.10
From:       "Tomas V.V.Cox" <tvvcox () users ! sourceforge ! net>
Date:       2006-05-30 15:29:54
Message-ID: E1Fl6AU-0004Fn-GS () mail ! sourceforge ! net
[Download RAW message or body]

Update of /cvsroot/os-sim/os-sim/include/panel
In directory sc8-pr-cvs3.sourceforge.net:/tmp/cvs-serv18572/include/panel

Modified Files:
	Ajax_Panel.php 
Log Message:
Added two new configuration options for the Executive Panel:
- configs_dir (where to store the configurations of user panels)
- plugins_dir (where to add new custom plugins for the panel)

Greatly secured the access to personal config files

Index: Ajax_Panel.php
===================================================================
RCS file: /cvsroot/os-sim/os-sim/include/panel/Ajax_Panel.php,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -d -r1.9 -r1.10
--- Ajax_Panel.php	25 May 2006 19:11:54 -0000	1.9
+++ Ajax_Panel.php	30 May 2006 15:29:52 -0000	1.10
@@ -1,6 +1,8 @@
 <?php
 require_once 'classes/Session.inc';
+require_once 'ossim_conf.inc';
 require_once 'panel/Panel.php';
+
 /*
 
 $data = array(
@@ -19,7 +21,7 @@
     var $plugins = array();
     var $config_file = null;
     
-    function Window_Panel_Ajax($plugins_dir, $config_dir, $plugin = null)
+    function Window_Panel_Ajax($plugin = null)
     {
         /*
          * showCategoriesHTML() lists categories as checkboxes.
@@ -31,12 +33,7 @@
          * Note: when showing the categories the first time, there is 
          * no plugin selected yet (the user will choose one)
          */
-        $this->plugins = &$this->loadPlugins($plugins_dir);
-        $user = Session::get_session_user();
-        if (!$user) {
-            die("Not logged in, aborting");
-        }
-        $this->config_file = $config_dir.DIRECTORY_SEPARATOR.$user;
+        $this->plugins = &$this->loadPlugins();
         
         //first time, no plugin selected
         if (!$plugin) {
@@ -50,8 +47,12 @@
         $this->plugin = &$this->plugins[$plugin];
     }
 
-    function &loadPlugins($plugins_dir)
+    function &loadPlugins()
     {
+        $conf = &$GLOBALS['conf'];
+        $plugins_dir = array();
+        $plugins_dir = preg_split('/\s*,\s*/', \
$conf->get_conf('panel_plugins_dir')); +        $plugins_dir[] = \
dirname(__FILE__).'/plugins';  $plugins = array();
         foreach ($plugins_dir as $dir) {
             if (!is_dir($dir) || !$d = dir($dir)) {
@@ -90,19 +91,48 @@
         return $plugins;
     }
 
-    function loadConfig($window_id = null)
+    function getConfigFile()
     {
-        $configs_dir = dirname($this->config_file);
-        $ds = DIRECTORY_SEPARATOR;
-        $dirs = explode($ds, $configs_dir);
-        $dir = '';
-        foreach ($dirs as $d) {
-            $dir .= $ds . $d;
-            if (!is_dir($dir) && !mkdir($dir, 0700)) {
-                die(_("Could not create configs dir").": '$configs_dir'");
-            }
+        $conf = &$GLOBALS['conf'];
+        $configs_dir = $conf->get_conf('panel_configs_dir');
+
+        $uid = posix_getuid();
+        $gid = posix_getgid();
+        $user_info = posix_getpwuid($uid);
+        $user = $user_info['name'];
+        $group_info = posix_getgrgid($gid);
+        $group = $group_info['name'];
+        $fix_cmd = '. '._("To fix that, execute as root the following \
commands").':<br>'. +                   "# mkdir -p $configs_dir<br>".
+                   "# chown $user:$group $configs_dir<br>".
+                   "# chmod 0700 $configs_dir";
+        $fix_cmd .= "<br><b>"._("You can configure the panel configs directory at \
'Configuration -> Main -> Executive Panel -> panel_configs_dir''").'</b>'; +        \
if (!is_dir($configs_dir)) { +            die(_("Directory for panel config files \
does not exists").$fix_cmd);  }
-        $filename = $this->config_file;
+        if (!$stat = stat($configs_dir)) {
+            die(_("Could not stat configs dir").$fix_cmd);
+        }
+        // 2 -> file perms (must be 0700)
+        // 4 -> uid (must be the apache uid)
+        // 5 -> gid (must be the apache gid)
+        if ($stat[2] != 16832 ||
+            $stat[4] !== $uid ||
+            $stat[5] !== $gid)
+        {
+            die(_("Invalid perms for configs dir").$fix_cmd);
+        }
+        $user = Session::get_session_user();
+        if (!$user) {
+            die("Not logged in, aborting");
+        }
+        $config_file = $configs_dir.'/'.$user;
+        return $config_file;
+    }
+
+    function loadConfig($window_id = null)
+    {
+        $filename = $this->getConfigFile();
         if (!is_file($filename)) {
             $data = null;
         } else {
@@ -136,7 +166,7 @@
             $data[$window_id] = $plugin->get();
             $data[$window_id]['window_opts']['id'] = $window_id;
         }
-        $filename = $this->config_file;
+        $filename = $this->getConfigFile();
         $save = serialize($data);
         if (!$fd = fopen($filename, 'w')) {
             die(_("Could not save config in file").": '$filename'");



-------------------------------------------------------
All the advantages of Linux Managed Hosting--Without the Cost and Risk!
Fully trained technicians. The highest number of Red Hat certifications in
the hosting industry. Fanatical Support. Click to learn more
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=107521&bid=248729&dat=121642
_______________________________________________
Os-sim-commits mailing list
Os-sim-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/os-sim-commits


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic