/* User authenticated */
/* check if password is expired */
if (api_user_expire_info($_SESSION["sess_user_id"]) == "0") {
$_SESSION["sess_change_password"] = true;
if (read_config_option("auth_method") == 1 || $current_user["realm"] == "0" && read_config_option("auth_method") == "3") {
log_save(_("AUTH: User password expired, password change forced"), SEV_NOTICE, FACIL_AUTH);
header("Location: auth_changepassword.php?ref=" . (isset($_SERVER["HTTP_REFERER"]) ? $_SERVER["HTTP_REFERER"] : "index.php"));
exit;
}
}
/* Check permissions to use this realm against database */
$realm_id = 0;
if (isset($user_auth_realm_filenames[basename($_SERVER["PHP_SELF"])])) {
$realm_id = $user_auth_realm_filenames[basename($_SERVER["PHP_SELF"])];
}
$user_realms = api_user_realms_list($_SESSION["sess_user_id"]);
if ($user_realms[$realm_id]["value"] != "1") {
log_save(_("AUTH: User access denied to realm ") . $user_auth_realms[$realm_id], SEV_WARNING, FACIL_AUTH);
?>
<html>
<head>
<link rel='shortcut icon' href='<?php
print html_get_theme_images_path("favicon.ico");
?>
' type='image/x-icon'>
<link href='<?php
print html_get_theme_images_path("favicon.ico");
?>
' rel='image/x-icon'>
<title><?php
echo _("Cacti");
| http://www.cacti.net/ |
+-------------------------------------------------------------------------+
*/
$using_guest_account = false;
$show_console_tab = true;
if (read_config_option("auth_method") != "0") {
/* at this point this user is good to go... get user info */
$current_user = api_user_info(array("id" => $_SESSION["sess_user_id"]));
/* find out if we are logged in as a 'guest user' or not */
if (read_config_option("guest_user") != "0") {
if ($current_user["username"] == read_config_option("guest_user")) {
$using_guest_account = true;
}
}
/* find out if we should show the "console" tab or not, based on this user's permissions */
$current_user_realms = api_user_realms_list($current_user["id"]);
if ($current_user_realms["8"]["value"] != "1") {
$show_console_tab = false;
}
} else {
/* set permission for no auth */
$current_user["graph_settings"] = 'on';
$current_user["show_tree"] = 'on';
$current_user["show_list"] = 'on';
$current_user["show_preview"] = 'on';
}
/* use cached url if available and applicable */
if (isset($_SESSION["sess_graph_view_url_cache"]) && empty($_REQUEST["action"]) && basename($_SERVER["PHP_SELF"]) == "graph_view.php" && ereg("action=(tree|preview|list)", $_SESSION["sess_graph_view_url_cache"])) {
header("Location: " . $_SESSION["sess_graph_view_url_cache"]);
}
/* set default action */
function user_realms_edit() {
global $colors, $user_auth_realms;
?>
<table width='98%' align='center' cellpadding="5">
<tr>
<td>
<span style='font-size: 12px; font-weight: bold;'><?php echo _("Realm permissions control which sections of Cacti this user will have access to."); ?></span>
</td>
</tr>
</table>
<?php
html_start_box("", "98%", $colors["header_background"], "3", "center", "");
print " <tr bgcolor='#" . $colors["header_background"] . "'>
<td class='textHeaderDark'><strong>" . _("Realm Permissions") . "</strong></td>
<td width='1%' align='center' bgcolor='#819bc0' style='" . get_checkbox_style() . "'><input type='checkbox' style='margin: 0px;' name='all' title='" . _("Select All") . "' onClick='SelectAll(\"section\",this.checked)'></td>\n
</tr>\n";
?>
<tr bgcolor='#<?php print $colors["form_alternate2"]; ?>'>
<td colspan="2" width="100%">
<table width="100%">
<tr>
<td align="top" width="50%">
<?php
$i = 0;
$user_realms_list = api_user_realms_list((empty($_GET["id"]) ? "-1" : $_GET["id"]));
while (list($realm_id, $realm_data) = each($user_realms_list)) {
if ($realm_data["value"] == "1") {
$old_value = "on";
}else{
$old_value = "";
}
$column1 = floor((sizeof($user_realms_list) / 2) + (sizeof($user_realms_list) % 2));
if ($i == $column1) {
print "</td><td valign='top' width='50%'>";
}
form_checkbox("section" . $realm_id, $old_value, $realm_data["realm_name"], "", (!empty($_GET["id"]) ? 1 : 0)); print "<br>";
$i++;
}
?>
</td>
</tr>
</table>
</td>
</tr>
<?php
html_end_box();
form_hidden_box("save_component_realm_perms","1","");
}
function change_password_form() {
global $colors;
$user = api_user_info( array( "id" => $_SESSION["sess_user_id"]) );
$user_realms = api_user_realms_list($_SESSION["sess_user_id"]);
$form_fields = array (
"password_old" => array(
"method" => "textbox_password_single",
"friendly_name" => _("Current Password"),
"description" => _("Enter your current password validation."),
"value" => "",
"max_length" => "255"
),
"password_new" => array(
"method" => "textbox_password",
"friendly_name" => _("New Password"),
"description" => _("Enter your new password twice. Remember that passwords are case sensitive!"),
"value" => "",
"max_length" => "255"
),
);
require_once(CACTI_BASE_PATH . "/include/top_header.php");
/* check if authorized */
if ($user_realms["18"]["value"] == "1") {
if ((read_config_option("auth_method") == "1") || (($current_user["realm"] == "0") && (read_config_option("auth_method") == "3"))) {
/* Builtin auth method, password can be changed */
html_start_box("<strong>" . _("Change Password") . "</strong>", "98%", $colors["header_background"], "3", "center", "");
draw_edit_form(array(
"config" => array("form_name" => "chk"),
"fields" => inject_form_variables($form_fields, (isset($user) ? $user : array()))
));
html_end_box();
form_save_button((isset($_SERVER["HTTP_REFERER"]) ? $_SERVER["HTTP_REFERER"] : "index.php"),"save");
}else{
/* Password changing not supported */
display_custom_error_message(_("Current selected Authentication Method does not support changing of passwords."));
}
}else{
/* access denied */
display_custom_error_message(_("Access Denied."));
}
require_once(CACTI_BASE_PATH . "/include/bottom_footer.php");
}
