From 5190fe6131c81a97b333b6e8f828495e628ce1ba Mon Sep 17 00:00:00 2001
From: vogelor <vogelor@ispconfig3>
Date: Sun, 14 Dec 2008 11:08:10 -0500
Subject: [PATCH] The names of the database, the database-user, the shell-user and the ftp-user can now be restricted

---
 interface/web/sites/shell_user_edit.php |  127 ++++++++++++++++++++++++++++++++++++++++-
 1 files changed, 122 insertions(+), 5 deletions(-)

diff --git a/interface/web/sites/shell_user_edit.php b/interface/web/sites/shell_user_edit.php
index 17e55a9..d45413a 100644
--- a/interface/web/sites/shell_user_edit.php
+++ b/interface/web/sites/shell_user_edit.php
@@ -40,6 +40,7 @@
 
 require_once('../../lib/config.inc.php');
 require_once('../../lib/app.inc.php');
+require_once('tools.inc.php');
 
 //* Check permissions for module
 $app->auth->check_module_permissions('sites');
@@ -71,6 +72,49 @@
 		
 		parent::onShowNew();
 	}
+
+	function onShowEnd() {
+		global $app, $conf, $interfaceConf;
+		/*
+		 * If the names are restricted -> remove the restriction, so that the
+		 * data can be edited
+		 */
+		if ($interfaceConf['restrict_names'] == true){
+			/* get the restriction */
+			$restriction = '[CLIENTNAME]_';
+			if (isset($interfaceConf['restrict_shelluser'])) $restriction = $interfaceConf['restrict_shelluser'];
+			$tmplRestriction = $restriction;
+			/* Get the group-id */
+			if($_SESSION["s"]["user"]["typ"] != 'admin') {
+				// Get the group-id of the user
+				$client_group_id = $_SESSION["s"]["user"]["default_group"];
+			}
+			else {
+				// Get the group-id from the data itself
+				$web = $app->db->queryOneRecord("SELECT sys_groupid FROM web_domain WHERE domain_id = ".intval($this->dataRecord["parent_domain_id"]));
+				$client_group_id = $web['sys_groupid'];
+			}
+			/* get the name of the client */
+			$tmp = $app->db->queryOneRecord("SELECT name FROM sys_group WHERE groupid = " . $client_group_id);
+			$clientName = $tmp['name'];
+			if ($clientName == "") $clientName = 'default';
+			$clientName = convertClientName($clientName);
+			$restriction = str_replace('[CLIENTNAME]', $clientName, $restriction);
+			if ($this->dataRecord['username'] != ""){
+				/* REMOVE the restriction */
+				$app->tpl->setVar("username", str_replace($restriction , '', $this->dataRecord['username']));
+				$app->tpl->setVar("username", str_replace($restriction , '', $this->dataRecord['username']));
+			}
+			if($_SESSION["s"]["user"]["typ"] == 'admin' || $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
+				$app->tpl->setVar("username_prefix", $tmplRestriction);
+			}
+			else {
+				$app->tpl->setVar("username_prefix", $restriction);
+			}
+		}
+
+		parent::onShowEnd();
+	}
 	
 	function onSubmit() {
 		global $app, $conf;
@@ -85,14 +129,50 @@
 	}
 	
 	function onBeforeInsert() {
-		global $app, $conf;
-		
+		global $app, $conf, $interfaceConf;
+
+		$error = false;
 		// check if the username is not blacklisted
 		$blacklist = file(ISPC_LIB_PATH.'/shelluser_blacklist');
 		foreach($blacklist as $line) {
-			if(strtolower(trim($line)) == strtolower(trim($this->dataRecord['username']))) $app->tform->errorMessage .= 'The username is not allowed.';
+			if(strtolower(trim($line)) == strtolower(trim($this->dataRecord['username']))){
+				$app->tform->errorMessage .= 'The username is not allowed.';
+				$error = true;
+			}
 		}
 		unset($blacklist);
+
+		/*
+		 * If the names should be restricted -> do it!
+		 */
+		if ($error == false){
+			if ($interfaceConf['restrict_names'] == true){
+				/* get the restriction */
+				$restriction = '[CLIENTNAME]_';
+				if (isset($interfaceConf['restrict_shelluser'])) $restriction = $interfaceConf['restrict_shelluser'];
+
+				/* Get the group-id */
+				if($_SESSION["s"]["user"]["typ"] != 'admin') {
+					// Get the group-id of the user
+					$client_group_id = $_SESSION["s"]["user"]["default_group"];
+				}
+				else {
+					// Get the group-id from the data itself
+					$web = $app->db->queryOneRecord("SELECT sys_groupid FROM web_domain WHERE domain_id = ".intval($this->dataRecord["parent_domain_id"]));
+					$client_group_id = $web['sys_groupid'];
+				}
+				/* get the name of the client */
+				$tmp = $app->db->queryOneRecord("SELECT name FROM sys_group WHERE groupid = " . $client_group_id);
+				$clientName = $tmp['name'];
+				if ($clientName == "") $clientName = 'default';
+				$clientName = convertClientName($clientName);
+				$restriction = str_replace('[CLIENTNAME]', $clientName, $restriction);
+
+				/* restrict the names */
+				$this->dataRecord['username'] = $restriction . $this->dataRecord['username'];
+			}
+		}
+		parent::onBeforeInsert();
 	}
 	
 	function onAfterInsert() {
@@ -113,14 +193,51 @@
 	}
 	
 	function onBeforeUpdate() {
-		global $app, $conf;
+		global $app, $conf, $interfaceConf;
 		
+		$error = false;
 		// check if the username is not blacklisted
 		$blacklist = file(ISPC_LIB_PATH.'/shelluser_blacklist');
 		foreach($blacklist as $line) {
-			if(strtolower(trim($line)) == strtolower(trim($this->dataRecord['username']))) $app->tform->errorMessage .= 'The username is not allowed.';
+			if(strtolower(trim($line)) == strtolower(trim($this->dataRecord['username']))){
+				$app->tform->errorMessage .= 'The username is not allowed.';
+				$error = true;
+			}
 		}
 		unset($blacklist);
+
+		/*
+		 * If the names should be restricted -> do it!
+		 */
+		if ($error == false){
+			/*
+			* If the names should be restricted -> do it!
+			*/
+			if ($interfaceConf['restrict_names'] == true){
+				/* get the restriction */
+				$restriction = '[CLIENTNAME]_';
+				if (isset($interfaceConf['restrict_dbname'])) $restriction = $interfaceConf['restrict_dbname'];
+
+				/* Get the group-id */
+				if($_SESSION["s"]["user"]["typ"] != 'admin') {
+					// Get the group-id of the user
+					$client_group_id = $_SESSION["s"]["user"]["default_group"];
+				}
+				else {
+					// Get the group-id from the data itself
+					$web = $app->db->queryOneRecord("SELECT sys_groupid FROM web_domain WHERE domain_id = ".intval($this->dataRecord["parent_domain_id"]));
+					$client_group_id = $web['sys_groupid'];
+				}
+				/* get the name of the client */
+				$tmp = $app->db->queryOneRecord("SELECT name FROM sys_group WHERE groupid = " . $client_group_id);
+				$clientName = $tmp['name'];
+				if ($clientName == "") $clientName = 'default';
+				$clientName = convertClientName($clientName);
+				$restriction = str_replace('[CLIENTNAME]', $clientName, $restriction);
+				/* restrict the names */
+				$this->dataRecord['username'] = $restriction . $this->dataRecord['username'];
+			}
+		}
 	}
 	
 	function onAfterUpdate() {

--
Gitblit v1.9.1