├── www └── a │ ├── public │ ├── bg.jpg │ ├── img │ │ ├── bg.jpg │ │ ├── bg_blue.jpg │ │ ├── bg_mix.jpg │ │ ├── delete.png │ │ ├── graph.jpg │ │ ├── graph2.jpg │ │ ├── bg_brown.jpg │ │ ├── form_blue.gif │ │ ├── form_mix.gif │ │ ├── form_red.gif │ │ ├── icons │ │ │ ├── add.png │ │ │ ├── car.png │ │ │ ├── cog.png │ │ │ ├── rss.png │ │ │ ├── Thumbs.db │ │ │ ├── brick.png │ │ │ ├── bricks.png │ │ │ ├── cart.png │ │ │ ├── coins.png │ │ │ ├── expand.jpg │ │ │ ├── feed.png │ │ │ ├── folder.png │ │ │ ├── group.png │ │ │ ├── house.png │ │ │ ├── report.png │ │ │ ├── user.png │ │ │ ├── world.png │ │ │ ├── cart_add.png │ │ │ ├── page_add.png │ │ │ ├── user_add.png │ │ │ ├── arrow_down.png │ │ │ ├── arrow_left.gif │ │ │ ├── arrow_right.gif │ │ │ ├── brick_edit.png │ │ │ ├── bricks_gear.png │ │ │ ├── folder_page.png │ │ │ ├── magnifier.png │ │ │ ├── page_gear.png │ │ │ ├── report_link.png │ │ │ ├── user_delete.png │ │ │ ├── user_edit.png │ │ │ ├── color_swatch.png │ │ │ ├── folder_table.png │ │ │ ├── application_add.png │ │ │ ├── arrow_down_mini.gif │ │ │ ├── folder_page_add.png │ │ │ ├── page_white_edit.png │ │ │ ├── page_white_link.png │ │ │ ├── page_white_delete.png │ │ │ ├── page_white_text_width.png │ │ │ └── ui-anim_basic_16x16.gif │ │ ├── bg_menu_blue.jpg │ │ ├── bg_menu_mix.jpg │ │ ├── bg_menu_red.jpg │ │ ├── bootstrap │ │ │ ├── bg.jpg │ │ │ └── kindajean.png │ │ ├── form_brown.gif │ │ ├── form_green.gif │ │ ├── bg_light_green.jpg │ │ └── bg_menu_green.jpg │ ├── js │ │ ├── jquery.treeview │ │ │ ├── .gitignore │ │ │ ├── images │ │ │ │ ├── file.gif │ │ │ │ ├── minus.gif │ │ │ │ ├── plus.gif │ │ │ │ ├── folder.gif │ │ │ │ ├── ajax-loader.gif │ │ │ │ ├── treeview-red.gif │ │ │ │ ├── folder-closed.gif │ │ │ │ ├── treeview-black.gif │ │ │ │ ├── treeview-gray.gif │ │ │ │ ├── treeview-default.gif │ │ │ │ ├── treeview-red-line.gif │ │ │ │ ├── treeview-black-line.gif │ │ │ │ ├── treeview-famfamfam.gif │ │ │ │ ├── treeview-gray-line.gif │ │ │ │ ├── treeview-default-line.gif │ │ │ │ └── treeview-famfamfam-line.gif │ │ │ ├── todo │ │ │ ├── README.md │ │ │ ├── jquery.treeview.edit.js │ │ │ ├── changelog.txt │ │ │ ├── jquery.treeview.css │ │ │ └── jquery.treeview.async.js │ │ ├── bootstrap │ │ │ └── img │ │ │ │ ├── glyphicons-halflings.png │ │ │ │ └── glyphicons-halflings-white.png │ │ └── jquery.backstretch.min.js │ └── css │ │ ├── ui-lightness │ │ └── images │ │ │ ├── ui-icons_222222_256x240.png │ │ │ ├── ui-icons_228ef1_256x240.png │ │ │ ├── ui-icons_ef8c08_256x240.png │ │ │ ├── ui-icons_ffd27a_256x240.png │ │ │ ├── ui-icons_ffffff_256x240.png │ │ │ ├── ui-bg_flat_10_000000_40x100.png │ │ │ ├── ui-bg_glass_65_ffffff_1x400.png │ │ │ ├── ui-bg_glass_100_f6f6f6_1x400.png │ │ │ ├── ui-bg_glass_100_fdf5ce_1x400.png │ │ │ ├── ui-bg_gloss-wave_35_f6a828_500x100.png │ │ │ ├── ui-bg_diagonals-thick_18_b81900_40x40.png │ │ │ ├── ui-bg_diagonals-thick_20_666666_40x40.png │ │ │ ├── ui-bg_highlight-soft_100_eeeeee_1x100.png │ │ │ └── ui-bg_highlight-soft_75_ffe45c_1x100.png │ │ ├── admin.css │ │ ├── ie-sucks.css │ │ ├── switch.css │ │ ├── iepngfix.htc │ │ ├── theme.css │ │ ├── blue.css │ │ ├── theme3.css │ │ ├── theme2.css │ │ └── theme4.css │ └── assistant.php ├── maintenance ├── demo-install │ ├── roles │ │ ├── db │ │ │ ├── handlers │ │ │ │ └── main.yml │ │ │ ├── templates │ │ │ │ └── my.cnf.j2 │ │ │ └── tasks │ │ │ │ └── main.yml │ │ ├── web │ │ │ ├── templates │ │ │ │ ├── index.php │ │ │ │ ├── .htaccess │ │ │ │ ├── auth-web.conf │ │ │ │ └── config.php │ │ │ ├── handlers │ │ │ │ └── main.yml │ │ │ └── tasks │ │ │ │ └── main.yml │ │ ├── common │ │ │ ├── tasks │ │ │ │ └── main.yml │ │ │ └── handlers │ │ │ │ └── main.yml │ │ └── ldap │ │ │ └── tasks │ │ │ └── main.yml │ ├── site.yml │ ├── inventory.example │ ├── inventory.local │ └── README.md ├── bin │ ├── authqueue-start.sh │ └── doUtilMaintenance.php ├── test.php ├── generate-password.php ├── guest-password-reset.php └── schema │ └── data │ └── defaults.sql ├── .gitignore ├── site.example ├── bg.jpg ├── logo.png └── config.php ├── doc └── database │ ├── auth-database.mwb │ └── auth-database.pdf ├── lib ├── web │ ├── view │ │ ├── layout │ │ │ ├── Page │ │ │ │ ├── 403.inc │ │ │ │ ├── 500.inc │ │ │ │ ├── 404.inc │ │ │ │ └── home.inc │ │ │ ├── ActionQueue │ │ │ │ ├── log.inc │ │ │ │ └── view.inc │ │ │ ├── Utility │ │ │ │ └── home.inc │ │ │ ├── snippet │ │ │ │ ├── group_selector.php │ │ │ │ └── account_selector.php │ │ │ ├── Ou │ │ │ │ ├── rename.inc │ │ │ │ ├── create.inc │ │ │ │ └── move.inc │ │ │ ├── UserGroup │ │ │ │ ├── adduser.inc │ │ │ │ ├── addchild.inc │ │ │ │ ├── addparent.inc │ │ │ │ ├── rename.inc │ │ │ │ ├── create.inc │ │ │ │ └── move.inc │ │ │ ├── AccountOwner │ │ │ │ ├── addgroup.inc │ │ │ │ ├── rename.inc │ │ │ │ ├── move.inc │ │ │ │ └── pwreset.inc │ │ │ ├── Account │ │ │ │ └── rename.inc │ │ │ └── htmlLayout.inc │ │ ├── Page_view.php │ │ ├── ActionQueue_view.php │ │ ├── Utility_view.php │ │ ├── Ou_view.php │ │ ├── Account_view.php │ │ ├── AccountOwner_view.php │ │ └── UserGroup_view.php │ ├── login │ │ ├── form │ │ │ ├── reset-ok.inc │ │ │ ├── error.inc │ │ │ ├── assistant.inc │ │ │ ├── reset.inc │ │ │ ├── login.inc │ │ │ └── account.inc │ │ ├── snippet │ │ │ └── account_selector.php │ │ └── page.inc │ ├── controller │ │ ├── Utility_controller.php │ │ ├── ActionQueue_controller.php │ │ ├── Page_controller.php │ │ ├── Ou_controller.php │ │ └── Account_controller.php │ └── Web.php ├── util │ ├── AccountMerge_util │ │ ├── README.md │ │ └── layout │ │ │ └── main.inc │ ├── Cleanup_util │ │ └── README.md │ ├── Example_util │ │ ├── README.md │ │ ├── Example_util.php │ │ └── layout │ │ │ └── main.inc │ ├── util.php │ ├── Groupr_util │ │ ├── README.md │ │ ├── layout │ │ │ └── main.inc │ │ └── Groupr_util.php │ ├── SasStudent_util │ │ ├── README.md │ │ └── layout │ │ │ └── main.inc │ └── SimonTeacherYL_util │ │ └── README.md ├── misc │ ├── PasswordGen.php │ ├── Provisioning_Email.php │ ├── Database.php │ └── ReceiptPrinter.php ├── model │ ├── ListActionType_model.php │ ├── ListServiceType_model.php │ ├── AccountOwner_model.php │ ├── SubUserGroup_model.php │ ├── Ou_model.php │ ├── OwnerUserGroup_model.php │ ├── ListDomain_model.php │ └── ListServiceDomain_model.php └── Auth.php ├── .gitmodules ├── composer.json ├── .travis.yml └── README.md /www/a/public/bg.jpg: -------------------------------------------------------------------------------- 1 | ../../../site/bg.jpg -------------------------------------------------------------------------------- /maintenance/demo-install/roles/db/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | site/* 2 | .settings/* 3 | .buildpath 4 | *.bak 5 | vendor/ 6 | -------------------------------------------------------------------------------- /site.example/bg.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/site.example/bg.jpg -------------------------------------------------------------------------------- /site.example/logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/site.example/logo.png -------------------------------------------------------------------------------- /www/a/public/img/bg.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/img/bg.jpg -------------------------------------------------------------------------------- /www/a/public/img/bg_blue.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/img/bg_blue.jpg -------------------------------------------------------------------------------- /www/a/public/img/bg_mix.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/img/bg_mix.jpg -------------------------------------------------------------------------------- /www/a/public/img/delete.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/img/delete.png -------------------------------------------------------------------------------- /www/a/public/img/graph.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/img/graph.jpg -------------------------------------------------------------------------------- /www/a/public/img/graph2.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/img/graph2.jpg -------------------------------------------------------------------------------- /doc/database/auth-database.mwb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/doc/database/auth-database.mwb -------------------------------------------------------------------------------- /doc/database/auth-database.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/doc/database/auth-database.pdf -------------------------------------------------------------------------------- /maintenance/demo-install/roles/web/templates/index.php: -------------------------------------------------------------------------------- 1 | 403 Forbidden 2 |

You do not have permission to access this page.

3 | -------------------------------------------------------------------------------- /lib/web/view/layout/Page/500.inc: -------------------------------------------------------------------------------- 1 |

500 Internal Server Error

2 |

Your request cannot be processed.

3 | -------------------------------------------------------------------------------- /www/a/public/img/bg_light_green.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/img/bg_light_green.jpg -------------------------------------------------------------------------------- /www/a/public/img/bg_menu_green.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/img/bg_menu_green.jpg -------------------------------------------------------------------------------- /www/a/public/img/icons/cart_add.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/img/icons/cart_add.png -------------------------------------------------------------------------------- /www/a/public/img/icons/page_add.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/img/icons/page_add.png -------------------------------------------------------------------------------- /www/a/public/img/icons/user_add.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/img/icons/user_add.png -------------------------------------------------------------------------------- /maintenance/bin/authqueue-start.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # Launch and fork the queue program. 3 | ./authqueue.php > /dev/null & 4 | -------------------------------------------------------------------------------- /maintenance/demo-install/roles/db/templates/my.cnf.j2: -------------------------------------------------------------------------------- 1 | [client] 2 | user=root 3 | password={{ mysql_root_password }} 4 | -------------------------------------------------------------------------------- /www/a/public/img/icons/arrow_down.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/img/icons/arrow_down.png -------------------------------------------------------------------------------- /www/a/public/img/icons/arrow_left.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/img/icons/arrow_left.gif -------------------------------------------------------------------------------- /www/a/public/img/icons/arrow_right.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/img/icons/arrow_right.gif -------------------------------------------------------------------------------- /www/a/public/img/icons/brick_edit.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/img/icons/brick_edit.png -------------------------------------------------------------------------------- /www/a/public/img/icons/bricks_gear.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/img/icons/bricks_gear.png -------------------------------------------------------------------------------- /www/a/public/img/icons/folder_page.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/img/icons/folder_page.png -------------------------------------------------------------------------------- /www/a/public/img/icons/magnifier.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/img/icons/magnifier.png -------------------------------------------------------------------------------- /www/a/public/img/icons/page_gear.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/img/icons/page_gear.png -------------------------------------------------------------------------------- /www/a/public/img/icons/report_link.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/img/icons/report_link.png -------------------------------------------------------------------------------- /www/a/public/img/icons/user_delete.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/img/icons/user_delete.png -------------------------------------------------------------------------------- /www/a/public/img/icons/user_edit.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/img/icons/user_edit.png -------------------------------------------------------------------------------- /www/a/public/js/jquery.treeview/.gitignore: -------------------------------------------------------------------------------- 1 | build/dist 2 | docs 3 | .project 4 | *~ 5 | *.diff 6 | *.patch 7 | .DS_Store 8 | -------------------------------------------------------------------------------- /www/a/public/img/bootstrap/kindajean.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/img/bootstrap/kindajean.png -------------------------------------------------------------------------------- /www/a/public/img/icons/color_swatch.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/img/icons/color_swatch.png -------------------------------------------------------------------------------- /www/a/public/img/icons/folder_table.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/img/icons/folder_table.png -------------------------------------------------------------------------------- /www/a/public/img/icons/application_add.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/img/icons/application_add.png -------------------------------------------------------------------------------- /www/a/public/img/icons/arrow_down_mini.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/img/icons/arrow_down_mini.gif -------------------------------------------------------------------------------- /www/a/public/img/icons/folder_page_add.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/img/icons/folder_page_add.png -------------------------------------------------------------------------------- /www/a/public/img/icons/page_white_edit.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/img/icons/page_white_edit.png -------------------------------------------------------------------------------- /www/a/public/img/icons/page_white_link.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/img/icons/page_white_link.png -------------------------------------------------------------------------------- /www/a/public/img/icons/page_white_delete.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/img/icons/page_white_delete.png -------------------------------------------------------------------------------- /www/a/public/img/icons/page_white_text_width.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/img/icons/page_white_text_width.png -------------------------------------------------------------------------------- /www/a/public/img/icons/ui-anim_basic_16x16.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/img/icons/ui-anim_basic_16x16.gif -------------------------------------------------------------------------------- /www/a/public/js/jquery.treeview/images/file.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/js/jquery.treeview/images/file.gif -------------------------------------------------------------------------------- /www/a/public/js/jquery.treeview/images/minus.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/js/jquery.treeview/images/minus.gif -------------------------------------------------------------------------------- /www/a/public/js/jquery.treeview/images/plus.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/js/jquery.treeview/images/plus.gif -------------------------------------------------------------------------------- /www/a/public/js/jquery.treeview/images/folder.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/js/jquery.treeview/images/folder.gif -------------------------------------------------------------------------------- /lib/web/view/layout/Page/404.inc: -------------------------------------------------------------------------------- 1 |
2 |

404 Not Found

3 |

Weasles have eaten our network admin system.

4 |
-------------------------------------------------------------------------------- /www/a/public/js/bootstrap/img/glyphicons-halflings.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/js/bootstrap/img/glyphicons-halflings.png -------------------------------------------------------------------------------- /www/a/public/js/jquery.treeview/images/ajax-loader.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/js/jquery.treeview/images/ajax-loader.gif -------------------------------------------------------------------------------- /www/a/public/js/jquery.treeview/images/treeview-red.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/js/jquery.treeview/images/treeview-red.gif -------------------------------------------------------------------------------- /www/a/public/js/jquery.treeview/images/folder-closed.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/js/jquery.treeview/images/folder-closed.gif -------------------------------------------------------------------------------- /www/a/public/js/jquery.treeview/images/treeview-black.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/js/jquery.treeview/images/treeview-black.gif -------------------------------------------------------------------------------- /www/a/public/js/jquery.treeview/images/treeview-gray.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/js/jquery.treeview/images/treeview-gray.gif -------------------------------------------------------------------------------- /www/a/public/js/bootstrap/img/glyphicons-halflings-white.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/js/bootstrap/img/glyphicons-halflings-white.png -------------------------------------------------------------------------------- /www/a/public/js/jquery.treeview/images/treeview-default.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/js/jquery.treeview/images/treeview-default.gif -------------------------------------------------------------------------------- /www/a/public/js/jquery.treeview/images/treeview-red-line.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/js/jquery.treeview/images/treeview-red-line.gif -------------------------------------------------------------------------------- /www/a/public/js/jquery.treeview/images/treeview-black-line.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/js/jquery.treeview/images/treeview-black-line.gif -------------------------------------------------------------------------------- /www/a/public/js/jquery.treeview/images/treeview-famfamfam.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/js/jquery.treeview/images/treeview-famfamfam.gif -------------------------------------------------------------------------------- /www/a/public/js/jquery.treeview/images/treeview-gray-line.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/js/jquery.treeview/images/treeview-gray-line.gif -------------------------------------------------------------------------------- /www/a/public/css/ui-lightness/images/ui-icons_222222_256x240.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/css/ui-lightness/images/ui-icons_222222_256x240.png -------------------------------------------------------------------------------- /www/a/public/css/ui-lightness/images/ui-icons_228ef1_256x240.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/css/ui-lightness/images/ui-icons_228ef1_256x240.png -------------------------------------------------------------------------------- /www/a/public/css/ui-lightness/images/ui-icons_ef8c08_256x240.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/css/ui-lightness/images/ui-icons_ef8c08_256x240.png -------------------------------------------------------------------------------- /www/a/public/css/ui-lightness/images/ui-icons_ffd27a_256x240.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/css/ui-lightness/images/ui-icons_ffd27a_256x240.png -------------------------------------------------------------------------------- /www/a/public/css/ui-lightness/images/ui-icons_ffffff_256x240.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/css/ui-lightness/images/ui-icons_ffffff_256x240.png -------------------------------------------------------------------------------- /www/a/public/js/jquery.treeview/images/treeview-default-line.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/js/jquery.treeview/images/treeview-default-line.gif -------------------------------------------------------------------------------- /www/a/public/css/ui-lightness/images/ui-bg_flat_10_000000_40x100.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/css/ui-lightness/images/ui-bg_flat_10_000000_40x100.png -------------------------------------------------------------------------------- /www/a/public/css/ui-lightness/images/ui-bg_glass_65_ffffff_1x400.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/css/ui-lightness/images/ui-bg_glass_65_ffffff_1x400.png -------------------------------------------------------------------------------- /www/a/public/js/jquery.treeview/images/treeview-famfamfam-line.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/js/jquery.treeview/images/treeview-famfamfam-line.gif -------------------------------------------------------------------------------- /www/a/public/css/ui-lightness/images/ui-bg_glass_100_f6f6f6_1x400.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/css/ui-lightness/images/ui-bg_glass_100_f6f6f6_1x400.png -------------------------------------------------------------------------------- /www/a/public/css/ui-lightness/images/ui-bg_glass_100_fdf5ce_1x400.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/css/ui-lightness/images/ui-bg_glass_100_fdf5ce_1x400.png -------------------------------------------------------------------------------- /www/a/public/css/ui-lightness/images/ui-bg_gloss-wave_35_f6a828_500x100.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/css/ui-lightness/images/ui-bg_gloss-wave_35_f6a828_500x100.png -------------------------------------------------------------------------------- /www/a/public/css/ui-lightness/images/ui-bg_diagonals-thick_18_b81900_40x40.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/css/ui-lightness/images/ui-bg_diagonals-thick_18_b81900_40x40.png -------------------------------------------------------------------------------- /www/a/public/css/ui-lightness/images/ui-bg_diagonals-thick_20_666666_40x40.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/css/ui-lightness/images/ui-bg_diagonals-thick_20_666666_40x40.png -------------------------------------------------------------------------------- /www/a/public/css/ui-lightness/images/ui-bg_highlight-soft_100_eeeeee_1x100.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/css/ui-lightness/images/ui-bg_highlight-soft_100_eeeeee_1x100.png -------------------------------------------------------------------------------- /www/a/public/css/ui-lightness/images/ui-bg_highlight-soft_75_ffe45c_1x100.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mike42/Auth/HEAD/www/a/public/css/ui-lightness/images/ui-bg_highlight-soft_75_ffe45c_1x100.png -------------------------------------------------------------------------------- /www/a/public/css/admin.css: -------------------------------------------------------------------------------- 1 | .ui-autocomplete-loading { 2 | background: white url('/auth/img/icons/ui-anim_basic_16x16.gif') right center no-repeat; 3 | } 4 | 5 | body { 6 | overflow-y: scroll; 7 | } 8 | 9 | -------------------------------------------------------------------------------- /maintenance/demo-install/site.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install Auth, PHP, Apache, MySQL, OpenLDAP. 3 | hosts: auth-server 4 | 5 | roles: 6 | - common 7 | - db 8 | - ldap 9 | - web 10 | 11 | -------------------------------------------------------------------------------- /lib/web/login/form/reset-ok.inc: -------------------------------------------------------------------------------- 1 |
2 | Password Reset Successful. 3 |
4 | 5 |
6 | You will be able to use this to log in within a few moments. 7 |
-------------------------------------------------------------------------------- /maintenance/test.php: -------------------------------------------------------------------------------- 1 | #!/usr/bin/php 2 | -------------------------------------------------------------------------------- /maintenance/demo-install/roles/common/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: ntp is installed 3 | apt: package=ntp state=present update_cache=yes 4 | tags: ntp 5 | 6 | - name: ntp is running and enabled 7 | service: name=ntp state=running enabled=yes 8 | tags: ntp 9 | 10 | -------------------------------------------------------------------------------- /.gitmodules: -------------------------------------------------------------------------------- 1 | [submodule "lib/vendor/google-api-php-client"] 2 | path = lib/vendor/google-api-php-client 3 | url = https://github.com/mike42/google-api-php-client.git 4 | [submodule "lib/vendor/escpos-php"] 5 | path = lib/vendor/escpos-php 6 | url = https://github.com/mike42/escpos-php 7 | -------------------------------------------------------------------------------- /maintenance/demo-install/roles/common/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: restart ntp 3 | service: name=ntp state=restarted 4 | 5 | - name: restart iptables 6 | service: name=iptables state=restarted 7 | 8 | - name: restart iptables 9 | service: name=iptables state=restarted 10 | 11 | -------------------------------------------------------------------------------- /maintenance/demo-install/roles/web/handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: restart iptables 3 | service: name=iptables state=restarted 4 | 5 | - name: restart apache 6 | service: name=apache2 state=restarted 7 | 8 | - name: reload apache 9 | service: name=apache2 state=reloaded 10 | 11 | -------------------------------------------------------------------------------- /www/a/public/js/jquery.treeview/todo: -------------------------------------------------------------------------------- 1 | 1.5 2 | --- 3 | 4 | * add classes and rules for root items 5 | * lazy-loading: render the complete tree, but only apply hitzones and hiding of children to the first level on load 6 | * async treeview 7 | * support animations 8 | * support persist options -------------------------------------------------------------------------------- /lib/util/AccountMerge_util/README.md: -------------------------------------------------------------------------------- 1 | AccountMerge 2 | ========================= 3 | 4 | This utility assists with merging account-lists from two owners who are the same person. 5 | 6 | 7 | Installation 8 | ------------ 9 | 10 | Enable the utility by adding an entry to the Util list in config.php: 11 | 12 | 'AccountMerge' => 'Account Merge Tool' 13 | -------------------------------------------------------------------------------- /www/a/public/css/ie-sucks.css: -------------------------------------------------------------------------------- 1 | #content{ 2 | width:740px; 3 | } 4 | #topmenu{ 5 | margin-top:26px; 6 | } 7 | #sidebar{ 8 | width:160px; 9 | } 10 | #sidebar ul{ 11 | width:150px; 12 | } 13 | #sidebar ul li ul{ 14 | width:140px; 15 | } 16 | #sidebar h3{ 17 | margin-bottom:5px; 18 | } 19 | #rightnow .reallynow a { 20 | padding:0 0 0 10px; 21 | } -------------------------------------------------------------------------------- /lib/util/Cleanup_util/README.md: -------------------------------------------------------------------------------- 1 | Directory Cleanup Utility 2 | ========================= 3 | 4 | This utility facilitates a few simple cleanup operations which admins might want to run from time-to-time. 5 | 6 | Installation 7 | ------------ 8 | Enable the utility by adding an entry to the Util list in config.php: 9 | 10 | 'Cleanup' => 'Directory Cleanup Tools' 11 | -------------------------------------------------------------------------------- /composer.json: -------------------------------------------------------------------------------- 1 | { 2 | "require": { 3 | "mike42/escpos-php": "^1.3" 4 | }, 5 | "require-dev": { 6 | "squizlabs/php_codesniffer": "^2.6", 7 | "phpunit/phpunit": "^5.3", 8 | "phpunit/phpunit-selenium": ">=1.2" 9 | }, 10 | "autoload": { 11 | "psr-4": { 12 | "Auth\\": "lib" 13 | } 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /lib/web/controller/Utility_controller.php: -------------------------------------------------------------------------------- 1 | 'Utility', 'util' => Auth::getConfig('Util')); 12 | } 13 | } 14 | ?> -------------------------------------------------------------------------------- /lib/web/view/layout/ActionQueue/log.inc: -------------------------------------------------------------------------------- 1 |
2 |
3 |
4 |
5 |

ActionQueue Log

6 |
7 | 8 |
9 | " . implode("\n", $data['Log']) . "" ?> 10 | 11 |
12 |
13 |
14 |
-------------------------------------------------------------------------------- /lib/web/login/form/error.inc: -------------------------------------------------------------------------------- 1 |
2 |
3 |
4 | 11 |
12 |
13 |
14 | -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # Use Ubuntu 'trusty' distribution 3 | sudo: required 4 | dist: trusty 5 | 6 | language: php 7 | 8 | php: 9 | - 5.6 10 | - 7.0 11 | 12 | addons: 13 | apt: 14 | sources: 15 | - sourceline: 'ppa:ansible/ansible' 16 | packages: 17 | - ansible 18 | 19 | install: 20 | - composer install 21 | 22 | script: 23 | - (cd maintenance/demo-install && ansible-playbook -i inventory.local site.yml) 24 | ... 25 | 26 | -------------------------------------------------------------------------------- /maintenance/generate-password.php: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env php 2 | 19 | -------------------------------------------------------------------------------- /lib/misc/PasswordGen.php: -------------------------------------------------------------------------------- 1 | = 8) { 17 | return $pw; 18 | } 19 | } 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /lib/misc/Provisioning_Email.php: -------------------------------------------------------------------------------- 1 | address = $address; 16 | $i = strrpos($address, '@'); 17 | $this -> local = substr($address, 0, $i); 18 | $i++; 19 | $this -> domain = substr($address, $i, strlen($address) - $i); 20 | } 21 | } -------------------------------------------------------------------------------- /www/a/public/js/jquery.treeview/README.md: -------------------------------------------------------------------------------- 1 | [jQuery Treeview Plugin](http://bassistance.de/jquery-plugins/jquery-plugin-treeview/) - Its just a tree 2 | ================================ 3 | 4 | Converts nested lists into a mouse-navigatable tree - not keyboard support, yet. 5 | 6 | Provides some options for customizing, an async-tree extension and an experimental sortable extension. 7 | 8 | API documentation can be found at [http://docs.jquery.com/Plugins/Treeview](http://docs.jquery.com/Plugins/Treeview). There's also some background on the async extension. 9 | -------------------------------------------------------------------------------- /lib/web/view/Page_view.php: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /maintenance/bin/doUtilMaintenance.php: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env php 2 | $util_name) { 9 | echo "Doing tasks for $util_name ($util_classname)\n"; 10 | try { 11 | $util_classname = $util_classname . "_util"; 12 | Auth::loadClass($util_classname); 13 | $util_classname::doMaintenance(); 14 | ActionQueue_api::runUntilEmpty(false); 15 | } catch(Exception $e) { 16 | echo "\t" . $e -> getMessage() . "\n"; 17 | } 18 | } 19 | ?> -------------------------------------------------------------------------------- /lib/web/controller/ActionQueue_controller.php: -------------------------------------------------------------------------------- 1 | "ActionQueue", "AQ" => ActionQueue_api::getOverview()); 16 | } 17 | 18 | public static function log() { 19 | return array("current" => "ActionQueue", "Log" => ActionQueue_api::getLog(500)); 20 | } 21 | } -------------------------------------------------------------------------------- /maintenance/demo-install/inventory.example: -------------------------------------------------------------------------------- 1 | [auth-server] 2 | # The server to installl Auth on. 3 | auth.local ansible_connection=ssh ansible_user=root 4 | 5 | [all:vars] 6 | # Use something like `openssl rand -base64 15` to generate your own passwords 7 | # prior to deployment. 8 | 9 | # OpenLDAP server 10 | ldap_password = cNiZabG6BjRhaYTXnXbI 11 | ldap_domain = example.com 12 | ldap_domain_ldif = dc=example,dc=com 13 | ldap_admin = cn=admin,dc=example,dc=com 14 | 15 | # MySQL server 16 | mysql_host = localhost 17 | mysql_root_password = 0LxvzBIVcVTXaaQxorFN 18 | auth_db_name = auth 19 | auth_db_user = auth 20 | auth_db_pass = vuKWRbx5T9LJKb32s2Yb 21 | 22 | php_ver = 5 23 | -------------------------------------------------------------------------------- /lib/util/Example_util/README.md: -------------------------------------------------------------------------------- 1 | Example Utility 2 | ========================= 3 | 4 | This is a simple example for writing plugins (known as 'utilities') for the Auth 5 | system. Plugins are used to implement organisation-specific logic, features not 6 | directly supported, or interfaces to strange and wonderful external databases 7 | that might dictate user accounts or groups. 8 | 9 | Normally, this section would include some information about the utility, and why 10 | you might (or might not) want to use it. 11 | 12 | Installation 13 | ------------ 14 | 15 | Enable the utility by adding an entry to the Util list in config.php: 16 | 17 | 'Example' => 'Example Utility' 18 | -------------------------------------------------------------------------------- /maintenance/demo-install/roles/web/templates/.htaccess: -------------------------------------------------------------------------------- 1 | # Rewrite rules for auth 2 | RewriteEngine On 3 | RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f 4 | RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-d 5 | 6 | # Handle stylesheets and scripts 7 | RewriteRule ^/?admin/css/(.*)$ /a/public/admin/css/$1 [PT,L,QSA] 8 | RewriteRule ^/?admin/img/(.*)$ /a/public/admin/img/$1 [PT,L,QSA] 9 | RewriteRule ^/?admin/js/(.*)$ /a/public/admin/js/$1 [PT,L,QSA] 10 | 11 | # Handle everything else 12 | RewriteRule ^/?admin/(.*)$ /a/admin.php?p=$1 [PT,L,QSA] 13 | RewriteRule ^/?account/(.*)$ /a/account.php?p=$1 [PT,L,QSA] 14 | RewriteRule ^/?assistant/(.*)$ /a/assistant.php?p=$1 [PT,L,QSA] 15 | 16 | -------------------------------------------------------------------------------- /maintenance/demo-install/inventory.local: -------------------------------------------------------------------------------- 1 | [auth-server] 2 | # The server to installl Auth on. 3 | localhost ansible_connection=local ansible_become=true ansible_become_user=root 4 | 5 | [all:vars] 6 | # Use something like `openssl rand -base64 15` to generate your own passwords 7 | # prior to deployment. 8 | 9 | # OpenLDAP server 10 | ldap_password = cNiZabG6BjRhaYTXnXbI 11 | ldap_domain = example.com 12 | ldap_domain_ldif = dc=example,dc=com 13 | ldap_admin = cn=admin,dc=example,dc=com 14 | 15 | # MySQL server 16 | mysql_host = localhost 17 | mysql_root_password = 0LxvzBIVcVTXaaQxorFN 18 | auth_db_name = auth 19 | auth_db_user = auth 20 | auth_db_pass = vuKWRbx5T9LJKb32s2Yb 21 | 22 | php_ver = 5 23 | -------------------------------------------------------------------------------- /maintenance/guest-password-reset.php: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env php 2 | owner_id, $password, false); 21 | 22 | /* Apply */ 23 | ActionQueue_api::start(); 24 | 25 | ?> 26 | -------------------------------------------------------------------------------- /lib/util/util.php: -------------------------------------------------------------------------------- 1 | 4 | 5 | ServerAdmin webmaster@localhost 6 | 7 | DocumentRoot /var/www/html 8 | 9 | ErrorLog ${APACHE_LOG_DIR}/error.log 10 | CustomLog ${APACHE_LOG_DIR}/access.log combined 11 | 12 | SSLEngine on 13 | 14 | SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem 15 | SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key 16 | 17 | 18 | SSLOptions +StdEnvVars 19 | 20 | 21 | SSLOptions +StdEnvVars 22 | 23 | 24 | 25 | AllowOverride All 26 | 27 | 28 | 29 | 30 | -------------------------------------------------------------------------------- /lib/web/view/Utility_view.php: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /lib/web/login/form/assistant.inc: -------------------------------------------------------------------------------- 1 | 2 | 3 |
4 |
5 |

6 | Assisted logon 7 |

8 |
9 | 10 |
11 |
13 |

14 | ".web::escapeHTML($data['message']) . ""; 16 | } else { 17 | echo "Enter a username:"; 18 | } ?> 19 |

20 |
21 | 23 | 24 |
25 |
26 |
27 |
28 | 29 | 33 | -------------------------------------------------------------------------------- /lib/web/view/Ou_view.php: -------------------------------------------------------------------------------- 1 | 14 | array( 15 | // List of other utilities ... 16 | 'Groupr' => 'GroupReset' 17 | ) 18 | 19 | And finally, add all of the configuration options that the utility will be using: 20 | 21 | 'Groupr' => 22 | array( 'service_id' => 'ldap') 23 | 24 | This ensures that only users who have accounts on this service can have their passwords reset using this utility. 25 | -------------------------------------------------------------------------------- /lib/web/login/form/reset.inc: -------------------------------------------------------------------------------- 1 |
2 | " . htmlspecialchars($data['message']) . ""; 5 | } ?> 6 | 7 |
8 | 9 |
10 | 12 |
13 |
14 |
15 | 16 |
17 | 19 |
20 | 21 |
22 |
23 |
24 | 25 |
26 |
27 |
-------------------------------------------------------------------------------- /lib/web/view/Account_view.php: -------------------------------------------------------------------------------- 1 | 4 |
5 |
6 |
7 |
8 |

What are utilities?

9 |

Utilities are simply special pages which add to the functionality of Auth.

10 |

They can be written to contain extra logic for managing users in different ways, or for automating some tasks.

11 |
12 |
13 |
14 |
15 |

16 | Utilities 17 |

18 |
19 | 20 |
21 | There are no utilities installed.

"; 24 | } else { 25 | echo "

"; 30 | } 31 | ?> 32 |
33 |
34 |
35 |
36 | -------------------------------------------------------------------------------- /www/a/public/css/switch.css: -------------------------------------------------------------------------------- 1 | #footer ul { 2 | list-style:none; 3 | } 4 | #footer li { 5 | display:inline; 6 | } 7 | a#defswitch { 8 | width:15px; 9 | height:10px; 10 | margin: 3px 0 3px 0; 11 | background-color:#bd3f09; 12 | font-size: 8px; 13 | color:#bd3f09; 14 | display:inline-block; 15 | } 16 | a#blueswitch { 17 | width:15px; 18 | height:10px; 19 | margin: 3px 0 3px 0; 20 | background-color:#375b91; 21 | font-size: 8px; 22 | color:#375b91; 23 | display:inline-block; 24 | } 25 | a#greenswitch { 26 | width:15px; 27 | height:10px; 28 | margin: 3px 0 3px 0; 29 | background-color:#d0e0b8; 30 | font-size: 8px; 31 | color:#d0e0b8; 32 | display:inline-block; 33 | } 34 | a#brownswitch { 35 | width:15px; 36 | height:10px; 37 | margin: 3px 0 3px 0; 38 | background-color:#654322; 39 | font-size: 8px; 40 | color:#654322; 41 | display:inline-block; 42 | } 43 | a#mixswitch { 44 | width:15px; 45 | height:10px; 46 | margin: 3px 0 3px 0; 47 | background-color:#294145; 48 | font-size: 8px; 49 | color:#294145; 50 | display:inline-block; 51 | } 52 | -------------------------------------------------------------------------------- /lib/web/view/layout/snippet/group_selector.php: -------------------------------------------------------------------------------- 1 | 2 | 40 | -------------------------------------------------------------------------------- /lib/web/view/layout/snippet/account_selector.php: -------------------------------------------------------------------------------- 1 | 2 | 40 | -------------------------------------------------------------------------------- /lib/util/Example_util/Example_util.php: -------------------------------------------------------------------------------- 1 | "Utility", "util" => self::$util_name, "template" => "main"); 35 | 36 | // Find data to display 37 | if(isset($_POST['helloworld'])) { 38 | $data['message'] = "Hello World"; 39 | } 40 | 41 | return $data; 42 | } 43 | 44 | /** 45 | * Do any maintenance tasks 46 | */ 47 | public static function doMaintenance() { 48 | 49 | // Do tasks here 50 | throw new Exception("Unimplemented"); 51 | } 52 | } -------------------------------------------------------------------------------- /lib/web/login/snippet/account_selector.php: -------------------------------------------------------------------------------- 1 | 2 | 41 | -------------------------------------------------------------------------------- /lib/web/view/AccountOwner_view.php: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /maintenance/demo-install/README.md: -------------------------------------------------------------------------------- 1 | Auth demo install 2 | ------------------- 3 | 4 | This directory contains an Ansible playbook for installing MariaDB, OpenLDAP and 5 | the Auth web stack on a single machine for demonstrating & testing Auth. 6 | 7 | The demo setup uses TLS with a self-signed certificate. 8 | 9 | ## Customise 10 | 11 | Before you begin, you will need: 12 | 13 | - Root access to a target machine over SSH (Debian Jessie or Ubuntu Trusty) 14 | - A copy of Ansible installed on your local workstation 15 | 16 | ## Customise 17 | 18 | Copy `inventory.example` to a new file called `inventory`, and update some 19 | values: 20 | 21 | - The hostname of the target box 22 | - The three install-time passwords 23 | 24 | If you have not used ansible before, then simply run `ssh-copy-id root@target.example` 25 | to avoid configuring password prompts. 26 | 27 | ## Install 28 | 29 | ``` 30 | ansible-playbook -i inventory site.yml 31 | ``` 32 | 33 | ## Use 34 | 35 | Access the application over HTTPS in a web browser. 36 | 37 | Log in as user `admin`, using the `ldap_password` that you set in the inventory. 38 | 39 | To get started quickly, locate "Utilities" -> "Directory Cleanup Tools" -> 40 | "Create dummy data". 41 | 42 | -------------------------------------------------------------------------------- /lib/web/login/form/login.inc: -------------------------------------------------------------------------------- 1 |
2 |
3 |
4 |
5 | " . htmlspecialchars($data['message']) . "
"; 7 | } ?> 8 |
9 | 10 |
11 | 13 |
14 |
15 |
16 | 17 |
18 | 20 |
21 |
22 |
23 |
24 | 25 |
26 |
27 | 28 |
29 |
30 | 31 | 35 | -------------------------------------------------------------------------------- /lib/util/Example_util/layout/main.inc: -------------------------------------------------------------------------------- 1 | 4 |
5 |
6 |
7 |
8 |

9 | What does this do? 10 |

11 |

A brief description of the utility and its purpose. You may wish 12 | to use a definition list if there is special jargon involved:

13 |
14 |
Feature
15 |
Description
16 |
Feature
17 |
Description
18 |
19 |
20 |
21 |
22 |
23 |

Example Utility

24 |
25 | ".web::escapeHTML($data['message']) . "
"; 28 | } 29 | ?> 30 |
31 |

Feature

32 | 33 | "?> 34 | 35 |

The "Hello World" feature says hello to the world

36 | 37 | "; ?> 38 |
39 | 40 |
41 |
42 | 43 | -------------------------------------------------------------------------------- /site.example/config.php: -------------------------------------------------------------------------------- 1 | 5 | array( 6 | 'name' => 'auth_main', 7 | 'host' => 'localhost', 8 | 'user' => 'auth', 9 | 'password' => '...password here...' 10 | ), 11 | 'Util' => 12 | array( 13 | 'Cleanup' => 'Directory Cleanup Tools' 14 | ), 15 | 'pidfile' => '/var/run/lock/meta-auth.pid', 16 | 'logfile' => '/var/log/meta-auth.log', 17 | 'login' => 18 | array( 19 | 'url' => 'ldap://localhost', 20 | 'domain' => "dc=example,dc=com", 21 | 'service_id' => 'ldap1', 22 | 'admin' => array('admin'), 23 | 'assistant' => array(''), 24 | 'assist' => 25 | array( 26 | 'domain_id' => 'default', 27 | 'service_id' => 'ldap1' 28 | ), 29 | // Leaves data in the database, enables the directory cleanup 30 | // "Delete all local data" button. These are useful for initial 31 | // setup, but should be disabled afterward. 32 | 'debug' => 'true' 33 | ), 34 | 'ReceiptPrinter' => array( // Receipt printer, or 0.0.0.0 for no printer 35 | 'ip' => '0.0.0.0', 36 | 'port' => '9100', 37 | 'header' => 'Example', 38 | 'footer' => 'Terms and conditions', 39 | // Optional - printed at top of receipts if set 40 | 'logo' => dirname(__FILE__) . "/logo.png" 41 | ) 42 | ); 43 | -------------------------------------------------------------------------------- /maintenance/demo-install/roles/ldap/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: OpenLDAP domain is set in debconf 3 | debconf: 4 | name: 'slapd' 5 | question: '{{ item }}' 6 | vtype: 'string' 7 | value: '{{ ldap_domain }}' 8 | with_items: [ 'slapd/domain', 'shared/organization' ] 9 | 10 | - name: openldap is installed 11 | apt: package={{ item }} state=present 12 | with_items: 13 | - ldap-utils 14 | - slapd 15 | 16 | - name: find current and expected account details 17 | command: "{{ item }}" 18 | changed_when: false 19 | no_log: true 20 | register: result 21 | ignore_errors: True 22 | with_items: 23 | - slappasswd -s "{{ ldap_password }}" 24 | - ldapsearch -H ldapi:// -LLL -Q -Y EXTERNAL -b "cn=config" "(olcRootDN={{ ldap_admin }})" dn olcRootPW 25 | - ldapwhoami -vvv -H ldapi:// -D {{ ldap_admin }} -x -w "{{ ldap_password }}" 26 | 27 | - command: slapcat 28 | 29 | - name: expected account details setup applied to temp file 30 | copy: 31 | content: | 32 | {{ result.results[1].stdout_lines[0] }} 33 | changetype: modify 34 | replace: olcRootPW 35 | olcRootPW: {{ result.results[0].stdout_lines[0] }} 36 | dest: ~/.ldap_set 37 | when: result|failed 38 | 39 | - name: admin account details are up to date 40 | shell: ldapmodify -H ldapi:// -Q -Y EXTERNAL < ~/.ldap_set 41 | when: result|failed 42 | 43 | - name: temp file is cleaned up 44 | file: dest="~/.ldap_set" state=absent 45 | 46 | -------------------------------------------------------------------------------- /maintenance/demo-install/roles/web/templates/config.php: -------------------------------------------------------------------------------- 1 | 8 | array( 9 | 'name' => '{{ auth_db_name }}', 10 | 'host' => 'localhost', 11 | 'user' => '{{ auth_db_user }}', 12 | 'password' => '{{ auth_db_pass }}' 13 | ), 14 | 'Util' => 15 | array( 16 | 'Cleanup' => 'Directory Cleanup Tools' 17 | ), 18 | 'pidfile' => '/var/run/lock/auth-web.pid', 19 | 'logfile' => '/var/log/auth-web.log', 20 | 'login' => 21 | array( 22 | 'url' => 'ldap://localhost', 23 | 'domain' => "{{ ldap_domain_ldif }}", 24 | 'service_id' => 'ldap1', 25 | 'admin' => array('admin'), 26 | 'assistant' => array(''), 27 | 'assist' => 28 | array( 29 | 'domain_id' => 'default', 30 | 'service_id' => 'ldap1' 31 | ), 32 | // Leaves data in the database, enables the directory cleanup 33 | // "Delete all local data" button. These are useful for initial 34 | // setup, but should be disabled afterward. 35 | 'debug' => 'true' 36 | ), 37 | 'ReceiptPrinter' => array( // Receipt printer, or 0.0.0.0 for no printer 38 | 'ip' => '0.0.0.0', 39 | 'port' => '9100', 40 | 'header' => 'Example', 41 | 'footer' => 'Terms and conditions', 42 | // Optional - printed at top of receipts if set 43 | 'logo' => dirname(__FILE__) . "/logo.png" 44 | ) 45 | ); 46 | -------------------------------------------------------------------------------- /lib/web/view/UserGroup_view.php: -------------------------------------------------------------------------------- 1 | 4 | 9 | 10 |
11 |
12 |
13 |
14 | What is renaming? 15 |

Changing the unit name affects every object in the organizational unit! If you rename a large unit, then you can expect issues to arise with authentication.

16 |

You should only rename a unit if its current name is incorrect.

17 |
18 |
19 |
20 |
21 |

Rename Organizational Unit

22 |
23 | 24 | ".Web::escapeHTML($data['message']) . "
"; 27 | } 28 | ?> 29 |
30 |
ou_id), 'html'); ?>" method="post"> 31 | 32 | 33 | 36 | 39 | 40 | 41 | 44 | 45 |
34 | New unit name: 35 | 37 | 38 |
42 | 43 |
46 |
47 |
48 |
49 |
50 | -------------------------------------------------------------------------------- /maintenance/demo-install/roles/db/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # MySQL install, based partly on http://stackoverflow.com/questions/16444306/ansible-idempotent-mysql-installation-playbook 3 | - name: mysql server is installed 4 | apt: package=mariadb-server state=present update_cache=yes 5 | tags: mysql 6 | 7 | - name: python-mysqldb is installed 8 | apt: package=python-mysqldb state=present update_cache=yes 9 | tags: mysql 10 | 11 | - name: mysql server is enabled 12 | service: name=mysql enabled=yes state=started 13 | tags: mysql 14 | 15 | - name: mysql root password is set for all root accounts 16 | mysql_user: name=root host={{ item }} password={{ mysql_root_password }} priv=*.*:ALL,GRANT 17 | with_items: 18 | - "{{ ansible_hostname }}" 19 | - 127.0.0.1 20 | - ::1 21 | - localhost 22 | tags: mysql 23 | 24 | - name: copy .my.cnf file with root password credentials 25 | template: src=my.cnf.j2 dest=/root/.my.cnf owner=root mode=0600 26 | tags: mysql 27 | 28 | - name: delete anonymous mysql server user for localhost 29 | action: mysql_user user="" state=absent 30 | tags: mysql 31 | 32 | - name: remove the mysql test database 33 | action: mysql_db db=test state=absent 34 | tags: mysql 35 | 36 | - name: Create Application Database 37 | mysql_db: name={{ auth_db_name }} state=present 38 | tags: mysql 39 | 40 | - name: Create Application DB User 41 | mysql_user: name={{ auth_db_user }} password={{ auth_db_pass }} priv=*.*:ALL host="localhost" state=present 42 | tags: mysql 43 | 44 | # TODO ?? Probably not necessary 45 | # mysql_tzinfo_to_sql /usr/share/zoneinfo | mysql -u root mysql -p 46 | -------------------------------------------------------------------------------- /maintenance/schema/data/defaults.sql: -------------------------------------------------------------------------------- 1 | -- 2 | -- Data for table `ListActionType` 3 | -- 4 | 5 | INSERT INTO `ListActionType` (`action_type`) VALUES 6 | ('acctCreate'), 7 | ('acctDelete'), 8 | ('acctDisable'), 9 | ('acctEnable'), 10 | ('acctPasswd'), 11 | ('acctRelocate'), 12 | ('acctUpdate'), 13 | ('grpAddChild'), 14 | ('grpCreate'), 15 | ('grpDelChild'), 16 | ('grpDelete'), 17 | ('grpJoin'), 18 | ('grpLeave'), 19 | ('grpMove'), 20 | ('grpRename'), 21 | ('ouCreate'), 22 | ('ouDelete'), 23 | ('ouMove'), 24 | ('ouRename'), 25 | ('recSearch'), 26 | ('syncOu'); 27 | 28 | -- 29 | -- Data for table `ListDomain` 30 | -- 31 | INSERT INTO `ListDomain` (`domain_id`, `domain_name`, `domain_enabled`) VALUES 32 | ('default', 'Default Domain', 1); 33 | 34 | -- 35 | -- Data for table `ListServiceType` 36 | -- 37 | 38 | INSERT INTO `ListServiceType` (`service_type`) VALUES 39 | ('ldap'), ('gapps'), ('ad'); 40 | 41 | -- 42 | -- Data for table `Ou` 43 | -- 44 | 45 | INSERT INTO `Ou` (`ou_id`, `ou_parent_id`, `ou_name`) VALUES 46 | (1, NULL, 'root'); 47 | 48 | -- 49 | -- Data for table `Service` 50 | -- 51 | 52 | INSERT INTO `Service` (`service_id`, `service_name`, `service_enabled`, `service_type`, `service_address`, `service_username`, `service_password`, `service_domain`, `service_pwd_regex`, `service_root`) VALUES 53 | ('ldap1', 'LDAP (localhost)', 1, 'ldap', 'ldap://localhost', 'cn=admin,dc=example,dc=com', '', 'default', '/^.{1,}$/s', 'dc=example,dc=com'); 54 | 55 | -- 56 | -- Data for table `ListServiceDomain` 57 | -- 58 | 59 | INSERT INTO `ListServiceDomain` (`service_id`, `domain_id`, `sd_root`, `sd_secondary`) VALUES 60 | ('ldap1', 'default', '', 0); 61 | 62 | -------------------------------------------------------------------------------- /lib/web/view/layout/Ou/create.inc: -------------------------------------------------------------------------------- 1 | 4 | 9 | 10 |
11 |
12 |
13 |
14 | What is an organizational unit? 15 |

An OU is a container where 16 | accounts and groups are kept. Unlike groups, a user can only be in 17 | one OU at a time.

18 |
19 |
20 |
21 |
22 |

Create Organizational Unit

23 |
24 | 25 | ".Web::escapeHTML($data['message']) . "
"; 28 | } 29 | ?> 30 |
31 |
ou_id), 'html'); ?>" method="post"> 32 | 33 | 34 | 37 | 40 | 41 | 42 | 45 | 48 | 49 | 50 | 53 | 54 |
35 | New unit name: 36 | 38 | 39 |
43 | Create in: 44 | 46 | ou_name); ?> 47 |
51 | 52 |
55 |
56 |
57 |
58 |
59 | 60 | -------------------------------------------------------------------------------- /lib/web/view/layout/UserGroup/adduser.inc: -------------------------------------------------------------------------------- 1 | 4 | 5 |
6 |
7 |
8 |
9 | What happens when I add a user? 10 |

Adding a user here will give them the permissions of the group, and will cause them to receive group emails

11 |
12 |
13 |
14 |
15 |

16 | Add user to 17 | group_name) . "\""; ?> 18 |

19 |
20 | ".Web::escapeHTML($data['message']) . "
"; 23 | } 24 | ?> 25 | 26 |
27 |
group_id), "html"); ?>" 29 | method="post" id="accountselect"> 30 |

Enter the name of person to add:

31 |
32 | group_id), "html"); ?>">Cancel 36 | 39 |
40 |
41 |
42 | 43 |
44 |
45 | 46 | 47 | -------------------------------------------------------------------------------- /www/a/public/js/jquery.treeview/jquery.treeview.edit.js: -------------------------------------------------------------------------------- 1 | (function($) { 2 | var CLASSES = $.treeview.classes; 3 | var proxied = $.fn.treeview; 4 | $.fn.treeview = function(settings) { 5 | settings = $.extend({}, settings); 6 | if (settings.add) { 7 | return this.trigger("add", [settings.add]); 8 | } 9 | if (settings.remove) { 10 | return this.trigger("remove", [settings.remove]); 11 | } 12 | return proxied.apply(this, arguments).bind("add", function(event, branches) { 13 | $(branches).prev() 14 | .removeClass(CLASSES.last) 15 | .removeClass(CLASSES.lastCollapsable) 16 | .removeClass(CLASSES.lastExpandable) 17 | .find(">.hitarea") 18 | .removeClass(CLASSES.lastCollapsableHitarea) 19 | .removeClass(CLASSES.lastExpandableHitarea); 20 | $(branches).find("li").andSelf().prepareBranches(settings).applyClasses(settings, $(this).data("toggler")); 21 | }).bind("remove", function(event, branches) { 22 | var prev = $(branches).prev(); 23 | var parent = $(branches).parent(); 24 | $(branches).remove(); 25 | prev.filter(":last-child").addClass(CLASSES.last) 26 | .filter("." + CLASSES.expandable).replaceClass(CLASSES.last, CLASSES.lastExpandable).end() 27 | .find(">.hitarea").replaceClass(CLASSES.expandableHitarea, CLASSES.lastExpandableHitarea).end() 28 | .filter("." + CLASSES.collapsable).replaceClass(CLASSES.last, CLASSES.lastCollapsable).end() 29 | .find(">.hitarea").replaceClass(CLASSES.collapsableHitarea, CLASSES.lastCollapsableHitarea); 30 | if (parent.is(":not(:has(>))") && parent[0] != this) { 31 | parent.parent().removeClass(CLASSES.collapsable).removeClass(CLASSES.expandable) 32 | parent.siblings(".hitarea").andSelf().remove(); 33 | } 34 | }); 35 | }; 36 | 37 | })(jQuery); -------------------------------------------------------------------------------- /lib/web/view/layout/UserGroup/addchild.inc: -------------------------------------------------------------------------------- 1 | 4 | 5 |
6 |
7 |
8 |
9 | What happens when I add a sub-group? 10 |

When you add a group here, everybody in that group will receive 11 | emails and inherit the permissions associated with the parent 12 | group.

13 |
14 |
15 |
16 |
17 |

18 | Add group to 19 | group_name) . "\""; ?> 20 |

21 |
22 | ".Web::escapeHTML($data['message']) . "
"; 25 | } 26 | ?> 27 | 28 |
29 |
group_id), "html"); ?>" 31 | method="post" id="groupselect"> 32 |

Enter the name of the group to add:

33 |
34 | group_id), "html"); ?>">Cancel 38 | 41 |
42 |
43 |
44 | 45 |
46 |
47 | 48 | 49 | 53 | 54 | -------------------------------------------------------------------------------- /lib/web/view/layout/UserGroup/addparent.inc: -------------------------------------------------------------------------------- 1 | 4 | 5 |
6 |
7 |
8 |
9 | What happens when I join a group? 10 |

When you add this group to a parent group, everybody here will 11 | receive emails and inherit the permissions associated with the 12 | parent group, in addition to whatever they already have.

13 |
14 |
15 |
16 |
17 |

18 | Add 19 | group_name) . "\""; ?> 20 | to group 21 |

22 |
23 | ".Web::escapeHTML($data['message']) . "
"; 26 | } 27 | ?> 28 | 29 |
30 |
group_id), "html"); ?>" 32 | method="post" id="groupselect"> 33 |

Enter the name of the group to add:

34 |
35 | 37 | group_id), "html") . "\" />Cancel"; ?> 38 | 39 |
40 |
41 |
42 | 43 |
44 |
45 | 46 | 47 | 51 | 52 | -------------------------------------------------------------------------------- /lib/web/view/layout/AccountOwner/addgroup.inc: -------------------------------------------------------------------------------- 1 | 4 | 5 |
6 |
7 |
8 |
9 | What happens when I add a group here? 10 |

If you add a user here, then they will be given the permissions 11 | of the group, and receive emails which are sent to the group.

12 |
13 |
14 |
15 |
16 |

17 | Add 18 | owner_firstname . " " . $data['AccountOwner'] -> owner_surname) . "\""; ?> 19 | to group 20 |

21 |
22 | ".Web::escapeHTML($data['message']) . "
"; 25 | } 26 | ?> 27 | 28 |
29 |
owner_id), "html"); ?>" 31 | method="post" id="groupselect"> 32 |

Enter the name of the group:

33 |
34 | 36 | 37 | owner_id), "html") . "\" />Cancel"; ?> 38 | 39 |
40 |
41 |
42 | 43 |
44 |
45 | 46 | 47 | 51 | 52 | -------------------------------------------------------------------------------- /lib/web/view/layout/ActionQueue/view.inc: -------------------------------------------------------------------------------- 1 | 4 |
5 |
6 |
7 |
8 |

9 | What is the ActionQueue? 10 |

11 |

Because this system manages multiple back-end account-keeping 12 | systems, it would be really slow to use if you had to wait for it 13 | all the time!

14 |

While you are working, Auth puts together a "Todo" list with all 15 | the things you've changed, and applies the changes in its own time.

16 |

You can find all sorts of extra detail in the ActionQueue log file."?> 17 |

18 |
19 |
20 |
21 |

ActionQueue

22 |
23 |

The ActionQueue is empty.

"; 26 | } else { 27 | echo "

Items are shown in approximate execution order:

"; 28 | echo "" . 29 | ""; 30 | foreach($data['AQ'] as $aq) { 31 | echo "". 32 | "" . 33 | "" . 34 | "" . 35 | "" . 36 | "" . 37 | "" . 38 | ""; 39 | } 40 | echo "
ActionServiceDomainTargetDateAttempts
" . Web::escapeHTML($aq -> action_type) . "" . Web::escapeHTML($aq -> Service -> service_name) . "" . Web::escapeHTML($aq -> ListDomain -> domain_name) . "" . Web::escapeHTML($aq -> aq_target) . "" . Web::escapeHTML($aq -> aq_date) . "" . Web::escapeHTML($aq -> aq_attempts) . "
"; 41 | } 42 | ?> 43 |
44 |
45 | -------------------------------------------------------------------------------- /lib/model/ListActionType_model.php: -------------------------------------------------------------------------------- 1 | action_type = isset($row['action_type']) ? $row['action_type']: ''; 30 | } 31 | 32 | public static function get($action_type) { 33 | $sql = "SELECT * FROM ListActionType WHERE ListActionType.action_type='%s'"; 34 | $res = Database::retrieve($sql, array($action_type)); 35 | if($row = Database::get_row($res)) { 36 | return new ListActionType_model($row); 37 | } 38 | return false; 39 | } 40 | 41 | public function populate_list_ActionQueue() { 42 | $this -> list_ActionQueue = ActionQueue_model::list_by_action_type($this -> action_type); 43 | } 44 | 45 | public function insert() { 46 | $sql = "INSERT INTO ListActionType(action_type) VALUES ('%s');"; 47 | return Database::insert($sql, array($this -> action_type)); 48 | } 49 | 50 | public function update() { 51 | $sql = "UPDATE ListActionType SET WHERE action_type ='%s';"; 52 | return Database::update($sql, array($this -> action_type)); 53 | } 54 | 55 | public function delete() { 56 | $sql = "DELETE FROM ListActionType WHERE action_type ='%s';"; 57 | return Database::delete($sql, array($this -> action_type)); 58 | } 59 | } 60 | ?> -------------------------------------------------------------------------------- /lib/model/ListServiceType_model.php: -------------------------------------------------------------------------------- 1 | service_type = isset($row['service_type']) ? $row['service_type']: ''; 30 | } 31 | 32 | public static function get($service_type) { 33 | $sql = "SELECT * FROM ListServiceType WHERE ListServiceType.service_type='%s'"; 34 | $res = Database::retrieve($sql, array($service_type)); 35 | if($row = Database::get_row($res)) { 36 | return new ListServiceType_model($row); 37 | } 38 | return false; 39 | } 40 | 41 | public function populate_list_Service() { 42 | $this -> list_Service = Service_model::list_by_service_type($this -> service_type); 43 | } 44 | 45 | public function insert() { 46 | $sql = "INSERT INTO ListServiceType(service_type) VALUES ('%s');"; 47 | return Database::insert($sql, array($this -> service_type)); 48 | } 49 | 50 | public function update() { 51 | $sql = "UPDATE ListServiceType SET WHERE service_type ='%s';"; 52 | return Database::update($sql, array($this -> service_type)); 53 | } 54 | 55 | public function delete() { 56 | $sql = "DELETE FROM ListServiceType WHERE service_type ='%s';"; 57 | return Database::delete($sql, array($this -> service_type)); 58 | } 59 | } 60 | ?> -------------------------------------------------------------------------------- /lib/util/SasStudent_util/README.md: -------------------------------------------------------------------------------- 1 | SasStudent Utility 2 | ================== 3 | This is a small utility for automating user account management via SAS2000. If you 4 | don't run that software, then you should not enable the utility. 5 | 6 | If you don't number user accounts according to the 'code' attribute, then you should 7 | also not enable this utility. 8 | 9 | Installation 10 | ------------ 11 | 12 | On the Auth server, you need access to the sqsh command, and you need to install and configure FreeTDS to work with your version of Microsoft SQL Server. The instructions on [this blog post](http://le-gall.net/pierrick/blog/index.php/2006/09/06/79-how-to-use-linux-as-a-microsoft-sql-server-client) works for MSSQL 2008. 13 | 14 | On the Microsoft SQL server, create a _read-only_ user account for Auth to get 15 | its data from. Give it access to a simple view of student data. The view I use is: 16 | 17 | SELECT Code, FirstName, LastName, PreferredName, Year, Class, ID 18 | FROM dbo.Student 19 | WHERE (PreEnrolment = 'N') 20 | 21 | Next, enable the utility by adding an entry to the Util list in config.php: 22 | 23 | 'SasStudent' => 'SAS Student' 24 | 25 | And finally, add all of the configuration options that the utility will be using: 26 | 27 | 'SasStudent' => 28 | array( 'host' => 'hostname', 29 | 'name' => 'databasename', 30 | 'user' => 'authusername', 31 | 'pass' => 'verysecretpassword', 32 | 'view' => 'dbo.authStudentView', 33 | // Service to check for accounts in 34 | 'check' =>'ldap', 35 | // Domain to check for accounts in 36 | 'domain' =>'(the domain where student accounts go)', 37 | // Services to create accounts on 38 | 'create' => array('ldap', 'something', 'something-else') 39 | ) 40 | -------------------------------------------------------------------------------- /www/a/public/js/jquery.treeview/changelog.txt: -------------------------------------------------------------------------------- 1 | 1.4.1 2 | ----- 3 | * Fix for #2360 4 | * Added option cookieOptions: Passed through to $.cookie to set path, domain etc. 5 | * Tested with jQuery 1.2.x and 1.4.3 6 | * Fixed combination of persist: "location" and prerendered: true 7 | 8 | 1.4 9 | --- 10 | 11 | * Added changelog (this file) 12 | * Fixed tree control to search only for anchors, allowing images or other elements inside the controls, while keeping the control usable with the keyboard 13 | * Restructured folder layout: root contains plugin resources, lib contains script dependencies, demo contains demos and related files 14 | * Added prerendered option: If set to true, assumes all hitarea divs and classes already rendered, speeding up initialization for big trees, but more obtrusive 15 | * Added jquery.treeview.async.js for ajax-lazy-loading trees, see async.html demo 16 | * Exposed $.fn.treeview.classes for custom classes if necessary 17 | * Show treecontrol only when JavaScript is enabled 18 | * Completely reworked themeing via CSS sprites, resulting in only two files per theme 19 | * updated dotted, black, gray and red theme 20 | * added famfamfam theme (no lines) 21 | * Improved cookie persistence to allow multiple persisted trees per page via cookieId option 22 | * Improved location persistence by making it case-insensitive 23 | * Improved swapClass and replaceClass plugin implementations 24 | * Added folder-closed.gif to filetree example 25 | 26 | 1.3 27 | --- 28 | 29 | * Fixes for all outstanding bugs 30 | * Added persistence features 31 | * location based: click on a link in the treeview and reopen that link after the page loaded 32 | * cookie based: save the state of the tree in a cookie on each click and load that on reload 33 | * smoothed animations, fixing flickering in both IE and Opera 34 | * Tested in Firefox 2, IE 6 & 7, Opera 9, Safari 3 35 | * Moved documentation to jQuery wiki 36 | * Requires jQuery 1.2+ 37 | -------------------------------------------------------------------------------- /lib/web/controller/Page_controller.php: -------------------------------------------------------------------------------- 1 | 'Dashboard'); 18 | if(isset($_POST['owner_id']) && isset($_POST['uname'])) { 19 | /* Selected a user */ 20 | $owner_id = $_POST['owner_id']; 21 | $uname = $_POST['uname']; 22 | try { 23 | if($owner_id == "") { 24 | /* Lookup */ 25 | $owner = AccountOwner_api::searchLogin($uname); 26 | } else { 27 | $owner = AccountOwner_api::get($owner_id); 28 | } 29 | Web::redirect(Web::constructURL("AccountOwner", "view", array($owner -> owner_id), "html")); 30 | } catch(Exception $e) { 31 | $data['message'] = $e -> getMessage(); 32 | } 33 | } else if(isset($_POST['group_cn']) && isset($_POST['gname'])) { 34 | /* Selected a group */ 35 | $group_cn = $_POST['group_cn']; 36 | $gname = $_POST['gname']; 37 | try { 38 | if($group_cn == "") { 39 | $group = UserGroup_api::get_by_group_cn($gname); 40 | } else { 41 | $group = UserGroup_api::get_by_group_cn($group_cn); 42 | } 43 | Web::redirect(Web::constructURL("UserGroup", "view", array($group -> group_id), "html")); 44 | } catch(Exception $e) { 45 | $data['message'] = $e -> getMessage(); 46 | } 47 | } 48 | 49 | if(isset($_POST['selected'])) { 50 | $data['selected'] = $_POST['selected']; 51 | } 52 | 53 | return $data; 54 | } 55 | 56 | public static function logout() { 57 | if(isset($_SESSION)) { 58 | session_destroy(); 59 | } 60 | Web::redirect(Web::constructURL('Page', 'view', array(''), 'html')); 61 | exit(0); 62 | } 63 | } 64 | 65 | ?> 66 | -------------------------------------------------------------------------------- /lib/util/SimonTeacherYL_util/README.md: -------------------------------------------------------------------------------- 1 | SimonTeacherYL Utility 2 | ====================== 3 | This is a small utility for automating email distribution lists by using data from SIMON. If you 4 | don't run that software, then you should not enable this utility. 5 | 6 | Installation 7 | ------------ 8 | 9 | On the Auth server, you need to install and configure TDS: 10 | 11 | apt-get install php5-odbc tdsodbc 12 | 13 | On the Microsoft SQL server, create a _read-only_ user account for Auth to get 14 | its data from. It only needs enough access to read from the following tables: 15 | - StudentClasses 16 | - FileSemesters 17 | - Community 18 | - SubjectClasses 19 | - SubjectClassStaff 20 | - Subjects 21 | 22 | Set up a ODBC datasource called 'simon'. These settings work for an SQL Server 2008 server: 23 | 24 | From odbc.ini: 25 | 26 | [simon] 27 | Database = YourDatabaseNameHere 28 | Server = x.x.x.x 29 | Driver = FreeTDS 30 | Description = SIMON 31 | Trace = Yes 32 | TraceFile = /tmp/sql.log 33 | ForceTrace = yes 34 | Port = 1433 35 | TDS_Version = 8.0 36 | 37 | And the FreeTDS driver in odbcinst.ini: 38 | 39 | [FreeTDS] 40 | Description=MSSQL DB 41 | Driver=/usr/lib/x86_64-linux-gnu/odbc/libtdsodbc.so 42 | UsageCount=1 43 | 44 | Next, enable the utility by adding an entry to the Util list in config.php: 45 | 46 | 'SimonTeacherYL' => 'Automatic mail groups' 47 | 48 | And finally, add the login username and password, plus some domain info to a new section in config.php: 49 | 50 | 'SimonTeacherYL' => 51 | array( 52 | 'user' => 'authusername', 53 | 'pass' => 'verysecretpassword', 54 | 'domain_staff' => 'default', 55 | 'domain_student' => 'student', 56 | 'group_ou_name' => 'root', 57 | 'service_id' => 'ldap1', 58 | 'domain' => array('default' => 'example.com', 'student' => 'student.example.com') 59 | ) 60 | -------------------------------------------------------------------------------- /lib/web/view/layout/UserGroup/rename.inc: -------------------------------------------------------------------------------- 1 | 4 | 9 | 10 |
11 |
12 |
13 |
14 | Renaming a group 15 |

Changing a group alias will affect email routing, but all users will stay in the group. Note that aliases are limited to alphanumeric characters for technical reasons.

16 |
17 |
18 |
19 |
20 |

Rename group_name . " (" . $data['UserGroup'] -> group_cn . ")"); ?>

21 |
22 | ".Web::escapeHTML($data['message']) . "
"; 25 | } 26 | ?> 27 |
28 |
group_id), 'html'); ?>" method="post"> 29 | 30 | 31 | 34 | 37 | 38 | 39 | 42 | 45 | 46 | 47 | 51 | 52 |
32 | Group name: 33 | 35 | 36 |
40 | Short name: 41 | 43 | 44 |
48 | group_id), 'html'); ?>">Cancel 49 | 50 |
53 |
54 |
55 |
56 |
57 | -------------------------------------------------------------------------------- /lib/web/view/layout/AccountOwner/rename.inc: -------------------------------------------------------------------------------- 1 | 4 | 9 | 10 |
11 |
12 |
13 |
14 | Renaming a user 15 | 16 |

Changing a user's name will update their full-name, as it is displayed in different places.

17 | 18 |

Changing the user's login for a specific account (much more disruptive) is done by clicking on the account.

19 |
20 |
21 |
22 |
23 |

Rename User

24 |
25 | ".Web::escapeHTML($data['message']) . "
"; 28 | } 29 | ?> 30 |
31 |
owner_id), 'html'); ?>" method="post"> 32 | 33 | 34 | 37 | 40 | 41 | 42 | 45 | 48 | 49 | 50 | 51 | 55 | 56 |
35 | First name: 36 | 38 | 39 |
43 | Surname: 44 | 46 | 47 |
52 | owner_id), 'html'); ?>">Cancel 53 | 54 |
57 |
58 |
59 |
60 |
61 | -------------------------------------------------------------------------------- /www/a/public/css/iepngfix.htc: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 68 | -------------------------------------------------------------------------------- /lib/web/view/layout/Account/rename.inc: -------------------------------------------------------------------------------- 1 | 4 | 9 | 10 |
11 |
12 |
13 |
14 | Changing a login name 15 |

Changing a login name will affect the user's ability to log in! Not only will they have to use a different username, but it will seriously break their windows profiles, and will confuse some email clients. This should only be done if absolutely necessary

16 |

To correct Windows user profiles, you will need to edit the logon name stored in the registry.

17 |
18 |
19 |
20 |
21 |

Change login name

22 |
23 | 24 | ".Web::escapeHTML($data['message']) . "
"; 27 | } 28 | ?> 29 |
30 |
account_id), 'html'); ?>" 32 | method="post"> 33 | 35 | 36 | 37 | 40 | 41 | 42 | 43 | 46 | 47 | 48 | 52 | 53 |
User: AccountOwner -> owner_surname) ?>" /> 39 |
Login name: 45 |
49 | account_id), 'html') . "\">Cancel"; ?> 50 | 51 |
54 |
55 |
56 |
57 |
58 | -------------------------------------------------------------------------------- /lib/misc/Database.php: -------------------------------------------------------------------------------- 1 | fetch(PDO::FETCH_ASSOC); 29 | } 30 | 31 | public static function insert_id() { 32 | return Database::$conn -> lastInsertId(); 33 | } 34 | 35 | public static function close() { 36 | /* Close connection */ 37 | $this -> conn = null; 38 | return true; 39 | } 40 | 41 | public static function retrieve($query, array $arg) { 42 | return self::doQuery($query, $arg); 43 | } 44 | 45 | public static function insert($query, array $arg) { 46 | $res = self::doQuery($query, $arg); 47 | return self::insert_id(); 48 | } 49 | 50 | public static function delete($query, array $arg) { 51 | $res = self::doQuery($query, $arg); 52 | return true; 53 | } 54 | 55 | public static function update($query, array $arg) { 56 | $res = self::doQuery($query, $arg); 57 | return true; 58 | } 59 | 60 | private static function doQuery($query, array $arg) { 61 | if(!self::$conn) { 62 | self::init(); 63 | } 64 | /* Query wrapper to be sure everything is escaped. All SQL must go through here! */ 65 | $query = str_replace("'%s'", "?", $query); 66 | $stmt = self::$conn -> prepare($query); 67 | $stmt -> execute($arg); 68 | return $stmt; 69 | } 70 | 71 | public static function row_from_template($row, $template) { 72 | /* This copies an associative array from the database, copying only fields which exist in this template */ 73 | $res = $template; 74 | foreach($row as $key => $val) { 75 | if(isset($res[$key])) { 76 | $res[$key] = $val; 77 | } 78 | } 79 | return $res; 80 | } 81 | } 82 | 83 | ?> 84 | -------------------------------------------------------------------------------- /lib/util/Groupr_util/layout/main.inc: -------------------------------------------------------------------------------- 1 | 4 | 6 | 7 | 18 | 19 |
20 |
21 |
22 |
23 |

24 | What does this do? 25 |

26 |

This utility is for batch resetting passwords for an entire group. Each member has their password reset and output in an excel/csv compatible format. 27 | 28 | This utility only resets the passwords of the direct members of the defined group and not that of members of any subgroups. 29 | 30 |

31 |
32 |
33 |
34 |
35 |
36 |
37 |
38 |
39 |
40 |
41 |

Group Reset

42 |
43 | ".web::escapeHTML($data['message'])."
"; 46 | } 47 | ?> 48 |
49 | 50 |

Feature

51 |

Group:

52 | "?> 53 | 54 |
55 | 56 | 57 | 58 |
59 |
60 | 63 |
64 | "; ?> 65 |
66 | 67 | "; 69 | echo ""; 76 | echo "
"; 77 | } 78 | ?> 79 | 80 |
81 | 82 | 83 | -------------------------------------------------------------------------------- /lib/web/login/form/account.inc: -------------------------------------------------------------------------------- 1 |
2 |
3 |
4 |
5 |
6 | 16 |
17 |
20 | 21 | 23 | 24 | 25 | Member of 26 | 27 | "; 28 | foreach($data['AccountOwner'] -> list_OwnerUserGroup as $ownerGroup) { 29 | echo ""; 30 | echo "".web::escapeHTML($ownerGroup -> UserGroup -> group_name). " (".web::escapeHTML($ownerGroup -> UserGroup -> group_cn).")"; 31 | echo ""; 32 | } 33 | echo ""; 34 | echo "
"; 35 | 36 | echo "
"; 37 | echo "
"; 38 | 39 | if(count($data['AccountOwner'] -> list_Account) > 0) { 40 | echo " 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | "; 51 | foreach($data['AccountOwner'] -> list_Account as $account) { 52 | echo ""; 53 | echo ""; 54 | echo ""; 55 | echo ""; 56 | echo ""; 57 | } 58 | echo "
Services
ServiceLoginDomain
".web::escapeHTML($account -> Service -> service_name)."".web::escapeHTML($account -> account_login)."".web::escapeHTML($account -> account_domain)."
"; 59 | 60 | echo "
"; 61 | } 62 | 63 | ?> 64 |
65 |
68 | 75 |
76 |
77 |
78 |
79 |
80 |
81 |
-------------------------------------------------------------------------------- /lib/web/view/layout/UserGroup/create.inc: -------------------------------------------------------------------------------- 1 | 4 | 14 | 15 |
16 |
17 |
18 |
19 | What is a group? 20 |

A group is a collection of users, used for security purposes. A user account can be in many different groups, and will receive email messages sent to the group address.

21 |
22 |
23 |
24 |
25 |

Create Group

26 |
27 | ".Web::escapeHTML($data['message']) . "
"; 30 | } 31 | ?> 32 |
33 |
ou_id), 'html'); ?>" method="post"> 34 | 35 | 36 | 39 | 42 | 43 | 44 | 47 | 50 | 51 | 52 | 55 | 58 | 59 | 60 | 63 | 73 | 74 | 75 | 78 | 79 |
37 | Group name: 38 | 40 | 41 |
45 | Short name: 46 | 48 | 49 |
53 | Create in: 54 | 56 | ou_name); ?> 57 |
61 | Domain: 62 | 64 | \n" . 66 | ""; 67 | foreach($data['ListDomain'] as $domain) { 68 | $selected = (isset($_POST['domain_id']) && $_POST['domain_id'] == $domain -> domain_id) ? " selected": ""; 69 | echo "\n"; 70 | } 71 | ?> 72 |
76 | 77 |
80 |
81 |
82 |
83 |
84 | 85 | -------------------------------------------------------------------------------- /lib/util/Groupr_util/Groupr_util.php: -------------------------------------------------------------------------------- 1 | "Utility", "util" => self::$util_name, "template" => "main"); 37 | $service_id = self::$config['service_id']; 38 | $service = Service_model::get($service_id); 39 | if(!$service) { 40 | throw new Exception("Service '$service_id' does not exist."); 41 | } 42 | 43 | if(isset($_POST['group_cn']) && isset($_POST['gname'])) { 44 | Auth::loadClass("PasswordGen"); 45 | $group_cn = trim($_POST['group_cn']); 46 | if($group_cn == "") { 47 | $group_cn = trim($_POST['gname']); 48 | } 49 | if(!$group = UserGroup_model::get_by_group_cn($group_cn)) { 50 | $data['message'] = "Group $group_cn does not exist!"; 51 | return $data; 52 | } 53 | $group -> populate_list_OwnerUserGroup(); 54 | if(count($group -> list_OwnerUserGroup) == 0) { 55 | $data['message'] = "Group '$group_cn' has no direct members."; 56 | } 57 | 58 | $print = isset($_POST['print']); 59 | $good = $fail = 0; 60 | foreach($group -> list_OwnerUserGroup as $oug) { 61 | $preset = passwordGen::Generate(); 62 | $account = Account_model::get_by_service_owner_unique($service_id, $oug -> owner_id); 63 | if ($account){ 64 | AccountOwner_api::pwreset($oug -> AccountOwner -> owner_id, $preset, $print); 65 | $passwrd [$account -> account_login] = $preset; 66 | $good++; 67 | } else { 68 | $fail++; 69 | } 70 | 71 | } 72 | $data['message'] = "Of " . count($group -> list_OwnerUserGroup) . " users in $group_cn, $good have been reset, $fail had no account in $service_id."; 73 | $data['passwrd'] = $passwrd; 74 | } 75 | 76 | return $data; 77 | } 78 | 79 | /** 80 | * Do any maintenance tasks 81 | */ 82 | public static function doMaintenance() { 83 | 84 | // Do tasks here 85 | throw new Exception("Unimplemented"); 86 | } 87 | } 88 | -------------------------------------------------------------------------------- /lib/web/login/page.inc: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | <?php 6 | if($form == 'login') { 7 | echo "Login"; 8 | } else { 9 | echo "Manage Account"; 10 | }?> - Auth 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 37 | 38 | 39 | 78 | 79 | 80 |
81 |
82 |
83 |
84 |
85 | Auth 86 | Log Out"; 88 | } ?> 89 |
90 |
91 |
92 |
93 | 94 |
95 | 96 | 97 | -------------------------------------------------------------------------------- /www/a/public/css/theme.css: -------------------------------------------------------------------------------- 1 | body{ 2 | background:#f7f6f0 url(../img/bg.jpg) repeat-x top; 3 | color: #202020; 4 | } 5 | a, a:visited{ 6 | color:#a43708; 7 | } 8 | input{ 9 | border:1px solid #e8e7e1; 10 | } 11 | select{ 12 | border:1px solid #e8e7e1; 13 | } 14 | #header h2{ 15 | color:#FFF; 16 | } 17 | #content{ 18 | background:#FFF; 19 | } 20 | #sidebar{ 21 | background:#FFF; 22 | } 23 | #sidebar h3{ 24 | background:#f7f6f0; 25 | border-bottom:1px solid #e8e7e1; 26 | } 27 | #topmenu a,#topmenu a:visited{ 28 | color:#f7f6f0; 29 | background:#bd3f09; 30 | } 31 | #topmenu a:hover{ 32 | color: #FFF; 33 | } 34 | #topmenu .current a, #topmenu .current a:hover, #topmenu .current a:visited{ 35 | color:#993400; 36 | background: #FFF url(../img/bg_menu_red.jpg) repeat-x top; 37 | border-left: #FFF 1px solid; 38 | border-right: #FFF 1px solid; 39 | } 40 | #top-panel{ 41 | background:#FFF; 42 | } 43 | table{ 44 | background:none; 45 | } 46 | td, th{ 47 | border:1px solid #e8e7e1; 48 | } 49 | thead{ 50 | background:#f7f6f0; 51 | } 52 | #styleswitcher{ 53 | background:#FFFFFF; 54 | } 55 | #footer{ 56 | background:#FFF; 57 | } 58 | #box{ 59 | border:1px solid #e8e7e1; 60 | } 61 | #box h3{ 62 | background:#f7f6f0; 63 | border-bottom:1px solid #e8e7e1; 64 | color:#a43708; 65 | } 66 | /*************** 67 | Forms 68 | ***************/ 69 | form#form fieldset { 70 | border:1px solid #e8e7e1; 71 | } 72 | form#form legend { 73 | border:1px solid #e8e7e1; 74 | background:#fff url(../img/form_red.gif) repeat-x center left; 75 | color:#a43708; 76 | } 77 | form#form input { 78 | border:1px solid #e8e7e1; 79 | background:#fff url(../img/form_red.gif) repeat-x top left; 80 | } 81 | form#form textarea { 82 | border:1px solid #e8e7e1; 83 | background:#fff url(../img/form_red.gif) repeat-x bottom left; 84 | } 85 | form#form option { 86 | background:#FFF; 87 | } 88 | form#form optgroup { 89 | background:#e8e7e1; 90 | } 91 | form#form optgroup option { 92 | 93 | } 94 | form#form #button1, form#form #button2 { 95 | color:#c00; 96 | } 97 | form#form #button1:hover, form#form #button2:hover { 98 | color:#000; 99 | } 100 | /*************** 101 | Home 102 | ***************/ 103 | #infobox{ 104 | border:1px solid #e8e7e1; 105 | } 106 | #infobox h3{ 107 | background:#f7f6f0; 108 | border-bottom:1px solid #e8e7e1; 109 | color:#a43708; 110 | } 111 | #rightnow { 112 | border:1px solid #e8e7e1; 113 | } 114 | #rightnow .reallynow { 115 | background:#f7f6f0; 116 | color:#a43708; 117 | } 118 | #rightnow h3{ 119 | background:#f7f6f0; 120 | border-bottom:1px solid #e8e7e1; 121 | } -------------------------------------------------------------------------------- /www/a/public/css/blue.css: -------------------------------------------------------------------------------- 1 | body{ 2 | background:#f3f9ff url(../img/bg_blue.jpg) repeat-x top; 3 | color: #202020; 4 | } 5 | a, a:visited{ 6 | color:#375b91; 7 | } 8 | input{ 9 | border:1px solid #d9e6f0; 10 | } 11 | select{ 12 | border:1px solid #d9e6f0; 13 | } 14 | #header h2{ 15 | color:#FFF; 16 | } 17 | #content{ 18 | background:#FFF; 19 | } 20 | #sidebar{ 21 | background:#FFF; 22 | } 23 | #sidebar h3{ 24 | background:#f3f9ff; 25 | border-bottom:1px solid #d9e6f0; 26 | } 27 | #topmenu a,#topmenu a:visited{ 28 | color:#FFF; 29 | background:#7e9dcc; 30 | } 31 | #topmenu a:hover{ 32 | color: #FFF; 33 | } 34 | #topmenu .current a, #topmenu .current a:hover, #topmenu .current a:visited{ 35 | color:#375b91; 36 | background: #FFF url(../img/bg_menu_blue.jpg) repeat-x top; 37 | border-left: #FFF 1px solid; 38 | border-right: #FFF 1px solid; 39 | } 40 | #top-panel{ 41 | background:#FFF; 42 | } 43 | table{ 44 | background:none; 45 | } 46 | td, th{ 47 | border:1px solid #d9e6f0; 48 | } 49 | thead{ 50 | background:#f3f9ff; 51 | } 52 | #styleswitcher{ 53 | background:#FFFFFF; 54 | } 55 | #footer{ 56 | background:#FFF; 57 | } 58 | #box{ 59 | border:1px solid #d9e6f0; 60 | } 61 | #box h3{ 62 | background:#f3f9ff; 63 | border-bottom:1px solid #d9e6f0; 64 | color:#375b91; 65 | } 66 | /*************** 67 | Forms 68 | ***************/ 69 | form#form fieldset { 70 | border:1px solid #d9e6f0; 71 | } 72 | form#form legend { 73 | border:1px solid #d9e6f0; 74 | background:#fff url(../img/form_blue.gif) repeat-x center left; 75 | color:#375b91; 76 | } 77 | form#form input { 78 | border:1px solid #d9e6f0; 79 | background:#fff url(../img/form_blue.gif) repeat-x top left; 80 | } 81 | form#form textarea { 82 | border:1px solid #d9e6f0; 83 | background:#fff url(../img/form_blue.gif) repeat-x bottom left; 84 | } 85 | form#form option { 86 | background:#FFF; 87 | } 88 | form#form optgroup { 89 | background:#d9e6f0; 90 | } 91 | form#form optgroup option { 92 | 93 | } 94 | form#form #button1, form#form #button2 { 95 | color:#375b91; 96 | } 97 | form#form #button1:hover, form#form #button2:hover { 98 | color:#000; 99 | } 100 | /*************** 101 | Home 102 | ***************/ 103 | #infobox{ 104 | border:1px solid #d9e6f0; 105 | } 106 | #infobox h3{ 107 | background:#f3f9ff; 108 | border-bottom:1px solid #d9e6f0; 109 | color:#375b91; 110 | } 111 | #rightnow { 112 | border:1px solid #d9e6f0; 113 | } 114 | #rightnow .reallynow { 115 | background:#f3f9ff; 116 | color:#375b91; 117 | } 118 | #rightnow h3{ 119 | background:#f3f9ff; 120 | border-bottom:1px solid #d9e6f0; 121 | } -------------------------------------------------------------------------------- /www/a/public/css/theme3.css: -------------------------------------------------------------------------------- 1 | body{ 2 | background:#f7f6f1 url(../img/bg_brown.jpg) repeat-x top; 3 | color: #202020; 4 | } 5 | a, a:visited{ 6 | color:#654322; 7 | } 8 | input{ 9 | border:1px solid #e9e8e3; 10 | } 11 | select{ 12 | border:1px solid #e9e8e3; 13 | } 14 | #header h2{ 15 | color:#FFF; 16 | } 17 | #content{ 18 | background:#FFF; 19 | } 20 | #sidebar{ 21 | background:#FFF; 22 | } 23 | #sidebar h3{ 24 | background:#f7f6f1; 25 | border-bottom:1px solid #e9e8e3; 26 | } 27 | #topmenu a,#topmenu a:visited{ 28 | color:#FFF; 29 | background:#8f6831; 30 | } 31 | #topmenu a:hover{ 32 | color: #654322; 33 | } 34 | #topmenu .current a, #topmenu .current a:hover, #topmenu .current a:visited{ 35 | color:#654322; 36 | background: #FFF url(../img/bg_menu_brown.jpg) repeat-x top; 37 | border-left: #FFF 1px solid; 38 | border-right: #FFF 1px solid; 39 | } 40 | #top-panel{ 41 | background:#FFF; 42 | } 43 | table{ 44 | background:none; 45 | } 46 | td, th{ 47 | border:1px solid #e9e8e3; 48 | } 49 | thead{ 50 | background:#f7f6f1; 51 | } 52 | #styleswitcher{ 53 | background:#FFFFFF; 54 | } 55 | #footer{ 56 | background:#FFF; 57 | } 58 | #box{ 59 | border:1px solid #e9e8e3; 60 | } 61 | #box h3{ 62 | background:#f7f6f1; 63 | border-bottom:1px solid #e9e8e3; 64 | color:#654322; 65 | } 66 | /*************** 67 | Forms 68 | ***************/ 69 | form#form fieldset { 70 | border:1px solid #e9e8e3; 71 | } 72 | form#form legend { 73 | border:1px solid #e9e8e3; 74 | background:#fff url(../img/form_brown.gif) repeat-x center left; 75 | color:#654322; 76 | } 77 | form#form input { 78 | border:1px solid #e9e8e3; 79 | background:#fff url(../img/form_brown.gif) repeat-x top left; 80 | } 81 | form#form textarea { 82 | border:1px solid #e9e8e3; 83 | background:#fff url(../img/form_brown.gif) repeat-x bottom left; 84 | } 85 | form#form option { 86 | background:#FFF; 87 | } 88 | form#form optgroup { 89 | background:#e9e8e3; 90 | } 91 | form#form optgroup option { 92 | 93 | } 94 | form#form #button1, form#form #button2 { 95 | color:#654322; 96 | } 97 | form#form #button1:hover, form#form #button2:hover { 98 | color:#000; 99 | } 100 | /*************** 101 | Home 102 | ***************/ 103 | #infobox{ 104 | border:1px solid #e9e8e3; 105 | } 106 | #infobox h3{ 107 | background:#f7f6f1; 108 | border-bottom:1px solid #e9e8e3; 109 | color:#654322; 110 | } 111 | #rightnow { 112 | border:1px solid #e9e8e3; 113 | } 114 | #rightnow .reallynow { 115 | background:#f7f6f1; 116 | color:#654322; 117 | } 118 | #rightnow h3{ 119 | background:#f7f6f1; 120 | border-bottom:1px solid #e9e8e3; 121 | } -------------------------------------------------------------------------------- /www/a/public/css/theme2.css: -------------------------------------------------------------------------------- 1 | body{ 2 | background:#f0f7e8 url(../img/bg_light_green.jpg) repeat-x top; 3 | color: #202020; 4 | } 5 | a, a:visited{ 6 | color:#93ad7e; 7 | } 8 | input{ 9 | border:1px solid #e7eedf; 10 | } 11 | select{ 12 | border:1px solid #e7eedf; 13 | } 14 | #header h2{ 15 | color:#FFF; 16 | } 17 | #content{ 18 | background:#FFF; 19 | } 20 | #sidebar{ 21 | background:#FFF; 22 | } 23 | #sidebar h3{ 24 | background:#f0f7e8; 25 | border-bottom:1px solid #e7eedf; 26 | } 27 | #topmenu a,#topmenu a:visited{ 28 | color:#93ad7e; 29 | background:#e7eedc; 30 | } 31 | #topmenu a:hover{ 32 | color: #93ad7e; 33 | } 34 | #topmenu .current a, #topmenu .current a:hover, #topmenu .current a:visited{ 35 | color:#93ad7e; 36 | background: #FFF url(../img/bg_menu_green.jpg) repeat-x top; 37 | border-left: #FFF 1px solid; 38 | border-right: #FFF 1px solid; 39 | } 40 | #top-panel{ 41 | background:#FFF; 42 | } 43 | table{ 44 | background:none; 45 | } 46 | td, th{ 47 | border:1px solid #e7eedf; 48 | } 49 | thead{ 50 | background:#f0f7e8; 51 | } 52 | #styleswitcher{ 53 | background:#FFFFFF; 54 | } 55 | #footer{ 56 | background:#FFF; 57 | } 58 | #box{ 59 | border:1px solid #e7eedf; 60 | } 61 | #box h3{ 62 | background:#f0f7e8; 63 | border-bottom:1px solid #e7eedf; 64 | color:#93ad7e; 65 | } 66 | /*************** 67 | Forms 68 | ***************/ 69 | form#form fieldset { 70 | border:1px solid #e7eedf; 71 | } 72 | form#form legend { 73 | border:1px solid #e7eedf; 74 | background:#fff url(../img/form_green.gif) repeat-x center left; 75 | color:#93ad7e; 76 | } 77 | form#form input { 78 | border:1px solid #e7eedf; 79 | background:#fff url(../img/form_green.gif) repeat-x top left; 80 | } 81 | form#form textarea { 82 | border:1px solid #e7eedf; 83 | background:#fff url(../img/form_green.gif) repeat-x bottom left; 84 | } 85 | form#form option { 86 | background:#FFF; 87 | } 88 | form#form optgroup { 89 | background:#e7eedf; 90 | } 91 | form#form optgroup option { 92 | 93 | } 94 | form#form #button1, form#form #button2 { 95 | color:#93ad7e; 96 | } 97 | form#form #button1:hover, form#form #button2:hover { 98 | color:#000; 99 | } 100 | /*************** 101 | Home 102 | ***************/ 103 | #infobox{ 104 | border:1px solid #e7eedf; 105 | } 106 | #infobox h3{ 107 | background:#f0f7e8; 108 | border-bottom:1px solid #e7eedf; 109 | color:#93ad7e; 110 | } 111 | #rightnow { 112 | border:1px solid #e7eedf; 113 | } 114 | #rightnow .reallynow { 115 | background:#f0f7e8; 116 | color:#93ad7e; 117 | } 118 | #rightnow h3{ 119 | background:#f0f7e8; 120 | border-bottom:1px solid #e7eedf; 121 | } -------------------------------------------------------------------------------- /www/a/public/css/theme4.css: -------------------------------------------------------------------------------- 1 | body{ 2 | background:#d9eaed url(../img/bg_mix.jpg) repeat-x top; 3 | color: #202020; 4 | } 5 | a, a:visited{ 6 | color:#294145; 7 | text-decoration:underline; 8 | } 9 | input{ 10 | border:1px solid #c3d7db; 11 | } 12 | select{ 13 | border:1px solid #c3d7db; 14 | } 15 | #header h2{ 16 | color:#FFF; 17 | } 18 | #content{ 19 | background:#FFF; 20 | } 21 | #sidebar{ 22 | background:#FFF; 23 | } 24 | #sidebar h3{ 25 | background:#d9eaed; 26 | border-bottom:1px solid #c3d7db; 27 | } 28 | #topmenu a,#topmenu a:visited{ 29 | color:#FFF; 30 | background:#5d99a3; 31 | } 32 | #topmenu a:hover{ 33 | color: #294145; 34 | } 35 | #topmenu .current a, #topmenu .current a:hover, #topmenu .current a:visited{ 36 | color:#294145; 37 | background: #FFF url(../img/bg_menu_mix.jpg) repeat-x top; 38 | border-left: #FFF 1px solid; 39 | border-right: #FFF 1px solid; 40 | } 41 | #top-panel{ 42 | background:#FFF; 43 | } 44 | table{ 45 | background:none; 46 | } 47 | td, th{ 48 | border:1px solid #c3d7db; 49 | } 50 | thead{ 51 | background:#d9eaed; 52 | } 53 | #styleswitcher{ 54 | background:#FFFFFF; 55 | } 56 | #footer{ 57 | background:#FFF; 58 | } 59 | #box{ 60 | border:1px solid #c3d7db; 61 | } 62 | #box h3{ 63 | background:#d9eaed; 64 | border-bottom:1px solid #c3d7db; 65 | color:#294145; 66 | } 67 | /*************** 68 | Forms 69 | ***************/ 70 | form#form fieldset { 71 | border:1px solid #c3d7db; 72 | } 73 | form#form legend { 74 | border:1px solid #c3d7db; 75 | background:#fff url(../img/form_mix.gif) repeat-x center left; 76 | color:#294145; 77 | } 78 | form#form input { 79 | border:1px solid #c3d7db; 80 | background:#fff url(../img/form_mix.gif) repeat-x top left; 81 | } 82 | form#form textarea { 83 | border:1px solid #c3d7db; 84 | background:#fff url(../img/form_mix.gif) repeat-x bottom left; 85 | } 86 | form#form option { 87 | background:#FFF; 88 | } 89 | form#form optgroup { 90 | background:#c3d7db; 91 | } 92 | form#form optgroup option { 93 | 94 | } 95 | form#form #button1, form#form #button2 { 96 | color:#294145; 97 | } 98 | form#form #button1:hover, form#form #button2:hover { 99 | color:#000; 100 | } 101 | /*************** 102 | Home 103 | ***************/ 104 | #infobox{ 105 | border:1px solid #c3d7db; 106 | } 107 | #infobox h3{ 108 | background:#d9eaed; 109 | border-bottom:1px solid #c3d7db; 110 | color:#294145; 111 | } 112 | #rightnow { 113 | border:1px solid #c3d7db; 114 | } 115 | #rightnow .reallynow { 116 | background:#d9eaed; 117 | color:#294145; 118 | } 119 | #rightnow h3{ 120 | background:#d9eaed; 121 | border-bottom:1px solid #c3d7db; 122 | } -------------------------------------------------------------------------------- /lib/web/view/layout/Ou/move.inc: -------------------------------------------------------------------------------- 1 | 4 | 23 | 24 |
25 |
26 |
27 |
28 | What is moving? 29 |

Moving an organizational unit puts it under a different container. This could mean that it gets very different permissions to what it had before!

30 |
31 |
32 |
33 |
34 |

Move Organizational Unit

35 |
36 | 37 | ".Web::escapeHTML($data['message']) . "
"; 40 | } 41 | ?> 42 |
43 | Select the organizational unit which ou_name); ?> should go in: 44 | 51 | 52 | ou_id), "html"). "\">Cancel"; ?> 53 |
54 |
55 |
56 | 57 | 58 |
ou_id), "html"); ?>" method="post"> 59 | 60 | 61 |
62 | 63 | list_Ou as $subOu) { 66 | if($subOu -> ou_id == $ou_id) { 67 | /* Don't bother showing subtree of this one */ 68 | echo "
  • ". Web::escapeHTML($subOu -> ou_name) . "
    • "; 69 | } else { 70 | if(count($subOu -> list_Ou) > 0) { 71 | echo "
  • "; 72 | } else { 73 | echo "
  • "; 74 | } 75 | echo "" . Web::escapeHTML($subOu -> ou_name) . ""; 76 | if(count($subOu -> list_Ou) > 0) { 77 | echo ""; 80 | 81 | } 82 | echo "
    • "; 83 | } 84 | } 85 | } 86 | ?> 87 | -------------------------------------------------------------------------------- /lib/web/view/layout/Page/home.inc: -------------------------------------------------------------------------------- 1 | 4 | 5 | 6 |
    7 |
    8 |

    9 | Search 10 |

    11 |
    12 | 13 |
    14 |
    " method="post" id="accountselect"> 15 |

    16 | ".Web::escapeHTML($data['message']) . ""; 19 | } 20 | ?> 21 |

    22 | 23 |
    24 | 25 |
    26 | 27 | User 28 | 29 | 33 |
    35 | 36 |
    37 |
    38 | 39 |
    " method="post" id="groupselect"> 40 |

    41 | ".Web::escapeHTML($data['message']) . ""; 44 | } 45 | ?> 46 |

    47 | 48 |
    49 | 50 | 51 |
    52 | 53 | Group 54 | 55 | 59 |
    60 | 61 | 62 |
    63 |
    64 |
    65 |
    66 | 67 | 85 | -------------------------------------------------------------------------------- /lib/util/AccountMerge_util/layout/main.inc: -------------------------------------------------------------------------------- 1 | 4 | 5 | 16 | 17 |
    18 |
    19 |
    20 |
    21 |

    22 | What is account merging? 23 |

    24 |

    If a user has multiple existing accounts (on different services), 25 | then you probably want them to appear on the same page on Auth. 26 | This means that you can reset the login details, account 27 | information, and group membership details in one place.

    28 |

    This utility exists to help you merge together multiple 29 | AccountOwner pages. To do this, they must not contain accounts on 30 | the same service!

    31 |
    32 |
    33 |
    34 |
    35 |

    Account Merge Utility

    36 |
    37 | ".web::escapeHTML($data['message']) . "
    "; 40 | } 41 | ?> 42 |
    43 |

    Select Accounts to Merge

    44 | 45 | "?> 46 | 47 |

    Accounts can only be merged if they are in the same Organization 48 | Unit, in no groups at all, and have the same name. The form below 49 | will help you find the accounts, and the 'Prepare' button will make 50 | these changes.

    51 |

    After the Queue has emptied, you can then merge the accounts 52 | together, and add the new AccountOwner back to the correct User 53 | Groups!

    54 | 55 | 56 | 57 | 58 | 61 | 62 | 63 | 64 | 65 | 67 | 68 | 69 | 70 | 72 | 73 | 74 |
    Select new: 60 |
    Selected:".web::escapeHTML($data['owners']).""; ?> 66 |
    75 | 76 | 77 | "; ?> 78 |
    79 |
    80 |
    81 | 82 | -------------------------------------------------------------------------------- /lib/web/Web.php: -------------------------------------------------------------------------------- 1 | 500 Internal Server Error"; 46 | echo "

    ".htmlentities($error)."

    "; 47 | 48 | die(); 49 | } 50 | 51 | static public function redirect($to) { 52 | /* Run queue first if necessary */ 53 | ActionQueue_api::start(); 54 | 55 | /* Now redirect */ 56 | global $config; 57 | header('location: ' . $to); 58 | exit(0); 59 | } 60 | 61 | static public function constructURL($controller, $action, $arg, $fmt) { 62 | $config = self::$config; 63 | $part = array(); 64 | 65 | if(count($arg) == 1 && $action == $config['default']['action']) { 66 | /* We can abbreviate if there is only one argument and we are using the default view */ 67 | if($controller != $config['default']['controller'] ) { 68 | /* The controller isn't default, need to add that */ 69 | array_push($part, urlencode($arg[0])); 70 | array_unshift($part, urlencode($controller)); 71 | } else { 72 | /* default controller and action. Check for default args */ 73 | if($arg[0] != $config['default']['arg'][0]) { 74 | array_push($part, urlencode($arg[0])); 75 | } 76 | } 77 | } else { 78 | /* urlencode all arguments */ 79 | foreach($arg as $a) { 80 | array_push($part, urlencode($a)); 81 | } 82 | 83 | /* Nothing is default: add controller and view */ 84 | array_unshift($part, urlencode($controller), urlencode($action)); 85 | } 86 | 87 | /* Only add format suffix if the format is non-default (ie, strip .html) */ 88 | $fmt_suff = (($fmt != $config['default']['format'])? "." . urlencode($fmt) : ""); 89 | return $config['webroot'] . implode("/", $part) . $fmt_suff; 90 | } 91 | 92 | public static function escapeHTML($inp) { 93 | return htmlentities($inp, null, 'UTF-8'); 94 | } 95 | } 96 | 97 | ?> 98 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Auth Web [![Build Status](https://travis-ci.org/mike42/Auth.svg?branch=master)](https://travis-ci.org/mike42/Auth) 2 | 3 | Auth Web is a system to handle complex user account management setups through a simple web interface. 4 | 5 | The aim of this project is to give every user the impression that they have exactly one user account in the organisation, no matter how complex the underlying infrastructure is. It does this by allowing administrators to link user accounts on different systems that are controlled by the same person, so that the person's access can be managed from one place. Each time an action is performed, Auth Web will interact with the relevant systems asynchronously to bring them up to speed. 6 | 7 | The use cases for this sort of web application include: 8 | 9 | - manage access to systems that don't/can't authenticate centrally 10 | - set a user's password, display name, or group membership on all accounts at once 11 | - set up accounts according to updates to the staff database 12 | - add a web interface so that admins can reset passwords and unlock accounts on the go 13 | 14 | The system ships with plugins for: 15 | 16 | - LDAP (intended for UNIX or RADIUS accounts) 17 | - Microsoft Active Directory 18 | - Google Apps, via the Google Data REST API 19 | 20 | ## Requirements 21 | 22 | This code is intended to run on the following platforms: 23 | 24 | - The most recent stable release of Debian GNU/Linux 25 | - The most recent LTS release of Ubuntu GNU/Linux 26 | 27 | Required software: 28 | 29 | - MySQL or MariaDB server 30 | - Apache webserver 31 | - PHP 5.6, with plugins: php5-ldap php5-cli 32 | 33 | Optional software: 34 | 35 | - phpmyadmin, may be used to perform the database setup through the web 36 | - php5-curl, for the Google Apps service 37 | - php5-odbc and FreeTDS, for plugins which interact with Microsoft SQL Server 38 | 39 | ## Installation 40 | 41 | A standalone example setup is used for testing. Ansible will configure the app and database to manage an empty OpenLDAP domain. For notes on how to install this on a spare Debian-based machine, see the notes under `maintenance/demo-install/README.md`. 42 | 43 | ## Gotchas 44 | 45 | Web Auth does not know your LDAP schema, so by default it uses very basic data structures for groups and users. If you want to take advantage of extra LDAP features, then you should modify `ldap_service.php` to use the features in your schema. 46 | 47 | Auth will attempt to align users' group membership and account locations. If it is asked to synchronise two services that are very different, the results are currently quite messy. Ensure that you have done a trial run against a fake system 48 | 49 | ## Credits 50 | 51 | - The default login background is modified from [this image](http://commons.wikimedia.org/wiki/File:Great_Barrier_Reef_105_%285383117759%29.jpg) on Wikimedia Commons, CC2. 52 | - The Google API [PHP client](https://code.google.com/p/google-api-php-client/) is included, and is under the Apache License. 53 | -------------------------------------------------------------------------------- /www/a/assistant.php: -------------------------------------------------------------------------------- 1 | owner_id)) { 57 | throw new Exception("You do not have permission to log on to that account."); 58 | } 59 | if($account -> account_domain != $loginConf['assist']['domain_id']) { 60 | throw new Exception("You do not have permission to log on to that account."); 61 | } 62 | 63 | /* Figure out which account to log in as */ 64 | if(!$login_account = Account_model::get_by_service_owner_unique($loginConf['service_id'], $owner -> owner_id)) { 65 | throw new Exception("That account has no valid login for Auth, so can't log you in."); 66 | } 67 | $_SESSION['meta-auth']['account']['ldap_username'] = $login_account -> account_login; 68 | header('location: /account/'); 69 | exit(0); 70 | } catch(Exception $e) { 71 | $data['message'] = $e -> getMessage(); 72 | } 73 | } 74 | } 75 | 76 | showForm($form, $data); 77 | 78 | /** 79 | * Show a given form with this data 80 | */ 81 | function showForm($form, $data) { 82 | include(dirname(__FILE__).'/../../lib/web/login/page.inc'); 83 | } 84 | 85 | function search($term) { 86 | $results = Account_model::search($term); 87 | return $results; 88 | } 89 | ?> -------------------------------------------------------------------------------- /www/a/public/js/jquery.treeview/jquery.treeview.css: -------------------------------------------------------------------------------- 1 | .treeview, .treeview ul { 2 | padding: 0; 3 | margin: 0; 4 | list-style: none; 5 | } 6 | 7 | .treeview ul { 8 | background-color: white; 9 | margin-top: 4px; 10 | } 11 | 12 | .treeview .hitarea { 13 | background: url(images/treeview-default.gif) -64px -25px no-repeat; 14 | height: 16px; 15 | width: 16px; 16 | margin-left: -16px; 17 | float: left; 18 | cursor: pointer; 19 | } 20 | /* fix for IE6 */ 21 | * html .hitarea { 22 | display: inline; 23 | float:none; 24 | } 25 | 26 | .treeview li { 27 | margin: 0; 28 | padding: 3px 0pt 3px 16px; 29 | } 30 | 31 | .treeview a.selected { 32 | background-color: #eee; 33 | } 34 | 35 | #treecontrol { margin: 1em 0; display: none; } 36 | 37 | .treeview .hover { color: red; cursor: pointer; } 38 | 39 | .treeview li { background: url(images/treeview-default-line.gif) 0 0 no-repeat; } 40 | .treeview li.collapsable, .treeview li.expandable { background-position: 0 -176px; } 41 | 42 | .treeview .expandable-hitarea { background-position: -80px -3px; } 43 | 44 | .treeview li.last { background-position: 0 -1766px } 45 | .treeview li.lastCollapsable, .treeview li.lastExpandable { background-image: url(images/treeview-default.gif); } 46 | .treeview li.lastCollapsable { background-position: 0 -111px } 47 | .treeview li.lastExpandable { background-position: -32px -67px } 48 | 49 | .treeview div.lastCollapsable-hitarea, .treeview div.lastExpandable-hitarea { background-position: 0; } 50 | 51 | .treeview-red li { background-image: url(images/treeview-red-line.gif); } 52 | .treeview-red .hitarea, .treeview-red li.lastCollapsable, .treeview-red li.lastExpandable { background-image: url(images/treeview-red.gif); } 53 | 54 | .treeview-black li { background-image: url(images/treeview-black-line.gif); } 55 | .treeview-black .hitarea, .treeview-black li.lastCollapsable, .treeview-black li.lastExpandable { background-image: url(images/treeview-black.gif); } 56 | 57 | .treeview-gray li { background-image: url(images/treeview-gray-line.gif); } 58 | .treeview-gray .hitarea, .treeview-gray li.lastCollapsable, .treeview-gray li.lastExpandable { background-image: url(images/treeview-gray.gif); } 59 | 60 | .treeview-famfamfam li { background-image: url(images/treeview-famfamfam-line.gif); } 61 | .treeview-famfamfam .hitarea, .treeview-famfamfam li.lastCollapsable, .treeview-famfamfam li.lastExpandable { background-image: url(images/treeview-famfamfam.gif); } 62 | 63 | .treeview .placeholder { 64 | background: url(images/ajax-loader.gif) 0 0 no-repeat; 65 | height: 16px; 66 | width: 16px; 67 | display: block; 68 | } 69 | 70 | .filetree li { padding: 3px 0 2px 16px; } 71 | .filetree span.folder, .filetree span.file { padding: 1px 0 1px 16px; display: block; } 72 | .filetree span.folder { background: url(images/folder.gif) 0 0 no-repeat; } 73 | .filetree li.expandable span.folder { background: url(images/folder-closed.gif) 0 0 no-repeat; } 74 | .filetree span.file { background: url(images/file.gif) 0 0 no-repeat; } 75 | -------------------------------------------------------------------------------- /lib/misc/ReceiptPrinter.php: -------------------------------------------------------------------------------- 1 | setJustification(Escpos::JUSTIFY_CENTER); 25 | if(isset(self::$conf['logo']) && file_exists(self::$conf['logo'])) { 26 | try { 27 | /* Include top image if set & available */ 28 | $logofile = self::$conf['logo']; 29 | $ser = $logofile . ".ser"; 30 | if(file_exists($ser)) { 31 | $img = unserialize(file_get_contents($ser)); 32 | } else { 33 | $img = new EscposImage($logofile); 34 | @file_put_contents($ser, serialize($img)); // Attempt to cache 35 | } 36 | $printer -> bitImage($img); 37 | } catch (Exception $e) { 38 | trigger_error($e -> getMessage()); 39 | } 40 | } 41 | $printer -> setEmphasis(true); 42 | $printer -> text(self::$conf['header'] . "\n"); 43 | $printer -> setEmphasis(false); 44 | $printer -> feed(); 45 | $printer -> text("User Account Information\n"); 46 | $printer -> feed(2); 47 | $printer -> setJustification(Escpos::JUSTIFY_LEFT); 48 | 49 | /* User info */ 50 | $barcode = ""; 51 | $seen = array(); 52 | $printer -> text("User Account:\n " . $owner -> owner_firstname . " " . $owner -> owner_surname . "\n\n"); 53 | $printer -> text("Login name(s):\n"); 54 | foreach($owner -> list_Account as $acct) { 55 | if(!isset($seen[$acct -> account_login])) { 56 | $printer -> text(" " . $acct -> account_login . "\n"); 57 | $seen[$acct -> account_login] = true; 58 | if(is_numeric($acct -> account_login) && ($barcode == "" || strlen($acct -> account_login) < strlen($barcode))) { 59 | $barcode = $acct -> account_login; 60 | } 61 | } 62 | } 63 | $printer -> feed(); 64 | $printer -> text("Password:\n $password\n"); 65 | $printer -> feed(2); 66 | 67 | /* Footer */ 68 | $printer -> text(self::$conf['footer'] . "\n"); 69 | $printer -> feed(); 70 | 71 | /* Barcode */ 72 | if($barcode != "") { 73 | $printer -> setJustification(Escpos::JUSTIFY_CENTER); 74 | $printer -> barcode($barcode, Escpos::BARCODE_CODE39); 75 | $printer -> feed(); 76 | $printer -> text($barcode); 77 | $printer -> feed(1); 78 | $printer -> setJustification(Escpos::JUSTIFY_LEFT); 79 | } 80 | $printer -> cut(); 81 | $printer -> close(); 82 | } catch(Exception $e) { 83 | trigger_error($e -> getMessage()); // Should be logged some-place for troubleshooting. 84 | return false; 85 | } 86 | } 87 | } 88 | -------------------------------------------------------------------------------- /lib/web/view/layout/AccountOwner/move.inc: -------------------------------------------------------------------------------- 1 | 4 | 22 | 23 |
    24 |
    25 |
    26 |
    27 | What is moving? 28 |

    You can relocate a user to a different Organzational Unit for 29 | housekeeping. This will not affect email distribution, but some 30 | basic permissions (such as the ability to log in or connect to the 31 | wifi) will be changed if you move a user between the top-level 32 | units.

    33 |
    34 |
    35 |
    36 |
    37 |

    Move User

    38 |
    39 | 40 | ".Web::escapeHTML($data['message']) . "
    "; 43 | } 44 | ?> 45 |
    46 | Select the organizational unit which owner_firstname . " " . $data['AccountOwner'] -> owner_surname); ?> 47 | should go in: 48 |
      49 |
    • ou_id == $data['Ou_root'] -> ou_id) { 51 | echo "root"; 52 | } else { 53 | echo " ou_id . ")'>root"; 54 | } 55 | ?> 56 |
        57 | ou_id); ?> 58 |
      59 |
      • 60 |
    61 | 62 | owner_id), "html"). "\">Cancel"; 64 | ?> 65 |
    66 |
    67 |
    68 | 69 | 70 |
    owner_id), "html"); ?>" 72 | method="post"> 73 | 74 |
    75 | 76 | list_Ou as $subOu) { 79 | if(count($subOu -> list_Ou) > 0) { 80 | echo "
  • "; 81 | } else { 82 | echo "
  • "; 83 | } 84 | 85 | if($subOu -> ou_id == $ou_id) { 86 | /* Don't bother showing link of this one */ 87 | echo Web::escapeHTML($subOu -> ou_name); 88 | } else { 89 | echo "" . Web::escapeHTML($subOu -> ou_name) . ""; 90 | } 91 | if(count($subOu -> list_Ou) > 0) { 92 | echo ""; 95 | } 96 | echo "
    • "; 97 | } 98 | } 99 | ?> -------------------------------------------------------------------------------- /lib/web/view/layout/UserGroup/move.inc: -------------------------------------------------------------------------------- 1 | 4 | 23 | 24 |
    25 |
    26 |
    27 |
    28 | What is moving? 29 |

    You can re-locate a group to a different organizational group for 30 | housekeeping. This will not affect distribution of email.

    31 |
    32 |
    33 |
    34 |
    35 |

    Move Group

    36 |
    37 | 38 | ".Web::escapeHTML($data['message']) . "
    "; 41 | } 42 | ?> 43 |
    44 | Select the organizational unit which group_name . " (" . $data['UserGroup'] -> group_cn . ")"); ?> 45 | should go in: 46 | 58 | 59 | group_id), "html"). "\">Cancel"; 61 | ?> 62 |
    63 |
    64 |
    65 | 66 | 67 |
    group_id), "html"); ?>" 69 | method="post"> 70 | 72 |
    73 | 74 | list_Ou as $subOu) { 77 | if(count($subOu -> list_Ou) > 0) { 78 | echo "
  • "; 79 | } else { 80 | echo "
  • "; 81 | } 82 | 83 | if($subOu -> ou_id == $ou_id) { 84 | /* Don't bother showing link of this one */ 85 | echo Web::escapeHTML($subOu -> ou_name); 86 | } else { 87 | echo "" . Web::escapeHTML($subOu -> ou_name) . ""; 88 | } 89 | 90 | if(count($subOu -> list_Ou) > 0) { 91 | echo ""; 94 | } 95 | echo "
    • "; 96 | } 97 | } 98 | ?> -------------------------------------------------------------------------------- /lib/model/AccountOwner_model.php: -------------------------------------------------------------------------------- 1 | owner_id = isset($row['owner_id']) ? $row['owner_id'] : ''; 41 | $this -> owner_firstname = isset($row['owner_firstname']) ? $row['owner_firstname']: ''; 42 | $this -> owner_surname = isset($row['owner_surname']) ? $row['owner_surname'] : ''; 43 | $this -> ou_id = isset($row['ou_id']) ? $row['ou_id'] : ''; 44 | 45 | /* Fields from related tables */ 46 | $this -> Ou = new Ou_model($row); 47 | } 48 | 49 | public static function get($owner_id) { 50 | $sql = "SELECT * FROM AccountOwner LEFT JOIN Ou ON AccountOwner.ou_id = Ou.ou_id WHERE AccountOwner.owner_id='%s'"; 51 | $res = Database::retrieve($sql, array($owner_id)); 52 | if($row = Database::get_row($res)) { 53 | return new AccountOwner_model($row); 54 | } 55 | return false; 56 | } 57 | 58 | public static function list_by_ou_id($ou_id) { 59 | $sql = "SELECT * FROM AccountOwner LEFT JOIN Ou ON AccountOwner.ou_id = Ou.ou_id WHERE AccountOwner.ou_id='%s' ORDER BY owner_surname, owner_firstname, owner_id;"; 60 | $res = Database::retrieve($sql, array($ou_id)); 61 | $ret = array(); 62 | while($row = Database::get_row($res)) { 63 | $ret[] = new AccountOwner_model($row); 64 | } 65 | return $ret; 66 | } 67 | 68 | public function populate_list_Account() { 69 | $this -> list_Account = Account_model::list_by_owner_id($this -> owner_id); 70 | } 71 | 72 | public function populate_list_OwnerUserGroup() { 73 | $this -> list_OwnerUserGroup = OwnerUserGroup_model::list_by_owner_id($this -> owner_id); 74 | } 75 | 76 | public function insert() { 77 | $sql = "INSERT INTO AccountOwner(owner_firstname, owner_surname, ou_id) VALUES ('%s', '%s', '%s');"; 78 | return Database::insert($sql, array($this -> owner_firstname, $this -> owner_surname, $this -> ou_id)); 79 | } 80 | 81 | public function update() { 82 | $sql = "UPDATE AccountOwner SET owner_firstname ='%s', owner_surname ='%s', ou_id ='%s' WHERE owner_id ='%s';"; 83 | return Database::update($sql, array($this -> owner_firstname, $this -> owner_surname, $this -> ou_id, $this -> owner_id)); 84 | } 85 | 86 | public function delete() { 87 | $sql = "DELETE FROM AccountOwner WHERE owner_id ='%s';"; 88 | return Database::delete($sql, array($this -> owner_id)); 89 | } 90 | } 91 | ?> -------------------------------------------------------------------------------- /maintenance/demo-install/roles/web/tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Install http and php etc 3 | apt: name={{ item }} state=present update_cache=yes 4 | with_items: 5 | - apache2 6 | - libapache2-mod-php{{ php_ver }} 7 | - php{{ php_ver }}-mysql 8 | - php{{ php_ver }}-ldap 9 | - php{{ php_ver }}-cli 10 | - php{{ php_ver }} 11 | - git 12 | - openssl 13 | - ldap-utils 14 | 15 | - name: apache modules are enabled 16 | apache2_module: state=present name={{ item }} 17 | with_items: 18 | - ssl 19 | - rewrite 20 | notify: restart apache 21 | 22 | - name: Synchronize app code 23 | synchronize: src=../../../../../ dest=/usr/share/auth-web 24 | 25 | # Alternative: Use a git checkout to remove the need to use the repo at all 26 | #- name: Copy the code from repository 27 | # git: repo={{ auth_repository }} dest=https://auth.local/admin/ 28 | 29 | - name: Create symlink to auth 30 | file: src=/usr/share/auth-web/www/a dest=/var/www/html/a state=link 31 | 32 | - name: Disable default site 33 | command: a2dissite 000-default 34 | args: 35 | removes: /etc/apache2/sites-enabled/000-default.conf 36 | notify: reload apache 37 | 38 | - name: Add auth-web apache conf 39 | template: src=auth-web.conf dest=/etc/apache2/sites-available/auth-web.conf owner=www-data group=www-data mode=0644 40 | notify: reload apache 41 | 42 | - name: Enable auth-web site 43 | command: a2ensite auth-web 44 | args: 45 | creates: /etc/apache2/sites-enabled/auth-web.conf 46 | 47 | - name: default webpage is removed 48 | file: path=/var/www/html/index.html state=absent 49 | 50 | - name: redirect files are present in webroot 51 | template: src={{ item }} dest=/var/www/html/{{ item }} owner=www-data group=www-data mode=0644 52 | with_items: 53 | - .htaccess 54 | - index.php 55 | 56 | - name: site config folder exists 57 | file: dest=/usr/share/auth-web/site state=directory 58 | 59 | - name: site config default images are applied 60 | file: src=/usr/share/auth-web/site.example/{{ item }} dest=/usr/share/auth-web/site/{{ item }} state=link 61 | with_items: 62 | - bg.jpg 63 | - logo.png 64 | 65 | - name: site is configured 66 | template: src=config.php dest=/usr/share/auth-web/site/config.php owner=www-data group=www-data mode=0644 67 | 68 | - name: test for schema existing 69 | command: mysql "{{ auth_db_name }}" -e "desc Account;" 70 | changed_when: false 71 | ignore_errors: true 72 | register: result 73 | 74 | - name: database schema is loaded 75 | mysql_db: state=import name="{{ auth_db_name }}" target="/usr/share/auth-web/maintenance/schema/auth.sql" 76 | when: result|failed 77 | 78 | - name: database default data is loaded 79 | mysql_db: state=import name="{{ auth_db_name }}" target="/usr/share/auth-web/maintenance/schema/data/defaults.sql" 80 | when: result|failed 81 | 82 | - name: test if log file exists 83 | stat: path=/var/log/auth-web.log 84 | register: result 85 | 86 | - name: ensure log file exists 87 | file: path=/var/log/auth-web.log owner=www-data group=www-data mode=0644 state=touch 88 | when: result.stat.exists is defined and not result.stat.exists 89 | 90 | - name: set example LDAP example service password 91 | command: mysql "{{ auth_db_name }}" -e "UPDATE Service SET service_password='{{ ldap_password }}',service_username='{{ ldap_admin }}' WHERE service_id='ldap1';" 92 | 93 | # TODO logrotate? 94 | -------------------------------------------------------------------------------- /lib/model/SubUserGroup_model.php: -------------------------------------------------------------------------------- 1 | parent_group_id = isset($row['parent_group_id']) ? $row['parent_group_id']: ''; 31 | $this -> group_id = isset($row['group_id']) ? $row['group_id'] : ''; 32 | 33 | /* Fields from related tables */ 34 | $this -> UserGroup = new UserGroup_model($row); 35 | } 36 | 37 | public static function get($parent_group_id, $group_id) { 38 | $sql = "SELECT * FROM SubUserGroup LEFT JOIN UserGroup ON SubUserGroup.group_id = UserGroup.group_id LEFT JOIN Ou ON UserGroup.ou_id = Ou.ou_id LEFT JOIN ListDomain ON UserGroup.group_domain = ListDomain.domain_id WHERE SubUserGroup.parent_group_id='%s' AND SubUserGroup.group_id='%s'"; 39 | $res = Database::retrieve($sql, array($parent_group_id, $group_id)); 40 | if($row = Database::get_row($res)) { 41 | return new SubUserGroup_model($row); 42 | } 43 | return false; 44 | } 45 | 46 | public static function list_by_parent_group_id($parent_group_id) { 47 | $sql = "SELECT * FROM SubUserGroup LEFT JOIN UserGroup ON SubUserGroup.group_id = UserGroup.group_id LEFT JOIN Ou ON UserGroup.ou_id = Ou.ou_id LEFT JOIN ListDomain ON UserGroup.group_domain = ListDomain.domain_id WHERE SubUserGroup.parent_group_id='%s' ORDER BY UserGroup.group_name, UserGroup.group_id;"; 48 | $res = Database::retrieve($sql, array($parent_group_id)); 49 | $ret = array(); 50 | while($row = Database::get_row($res)) { 51 | $ret[] = new SubUserGroup_model($row); 52 | } 53 | return $ret; 54 | } 55 | 56 | public static function list_by_group_id($group_id) { 57 | $sql = "SELECT * FROM SubUserGroup LEFT JOIN UserGroup ON SubUserGroup.group_id = UserGroup.group_id LEFT JOIN Ou ON UserGroup.ou_id = Ou.ou_id LEFT JOIN ListDomain ON UserGroup.group_domain = ListDomain.domain_id WHERE SubUserGroup.group_id='%s' ORDER BY UserGroup.group_name, UserGroup.group_id;"; 58 | $res = Database::retrieve($sql, array($group_id)); 59 | $ret = array(); 60 | while($row = Database::get_row($res)) { 61 | $ret[] = new SubUserGroup_model($row); 62 | } 63 | return $ret; 64 | } 65 | 66 | public function insert() { 67 | $sql = "INSERT INTO SubUserGroup(parent_group_id, group_id) VALUES ('%s', '%s');"; 68 | return Database::insert($sql, array($this -> parent_group_id, $this -> group_id)); 69 | } 70 | 71 | public function update() { 72 | $sql = "UPDATE SubUserGroup SET WHERE parent_group_id ='%s' AND group_id ='%s';"; 73 | return Database::update($sql, array($this -> parent_group_id, $this -> group_id)); 74 | } 75 | 76 | public function delete() { 77 | $sql = "DELETE FROM SubUserGroup WHERE parent_group_id ='%s' AND group_id ='%s';"; 78 | return Database::delete($sql, array($this -> parent_group_id, $this -> group_id)); 79 | } 80 | } 81 | ?> -------------------------------------------------------------------------------- /lib/model/Ou_model.php: -------------------------------------------------------------------------------- 1 | ou_id = isset($row['ou_id']) ? $row['ou_id'] : ''; 40 | $this -> ou_parent_id = isset($row['ou_parent_id']) ? $row['ou_parent_id']: ''; 41 | $this -> ou_name = isset($row['ou_name']) ? $row['ou_name'] : ''; 42 | /* Fields from related tables */ 43 | /* Self-reference excluded to prevent an infinite loop */ 44 | // $this -> Ou = new Ou_model($row); 45 | } 46 | 47 | public static function get($ou_id) { 48 | $sql = "SELECT * FROM Ou WHERE Ou.ou_id='%s'"; 49 | $res = Database::retrieve($sql, array($ou_id)); 50 | if($row = Database::get_row($res)) { 51 | return new Ou_model($row); 52 | } 53 | return false; 54 | } 55 | 56 | public static function get_by_ou_name($ou_name) { 57 | $sql = "SELECT * FROM Ou WHERE Ou.ou_name='%s'"; 58 | $res = Database::retrieve($sql, array($ou_name)); 59 | if($row = Database::get_row($res)) { 60 | return new Ou_model($row); 61 | } 62 | return false; 63 | } 64 | 65 | public static function list_by_ou_parent_id($ou_parent_id) { 66 | $sql = "SELECT * FROM Ou WHERE Ou.ou_parent_id='%s';"; 67 | $res = Database::retrieve($sql, array($ou_parent_id)); 68 | $ret = array(); 69 | while($row = Database::get_row($res)) { 70 | $ret[] = new Ou_model($row); 71 | } 72 | return $ret; 73 | } 74 | 75 | public function populate_list_AccountOwner() { 76 | $this -> list_AccountOwner = AccountOwner_model::list_by_ou_id($this -> ou_id); 77 | } 78 | 79 | public function populate_list_Ou() { 80 | $this -> list_Ou = Ou_model::list_by_ou_parent_id($this -> ou_id); 81 | } 82 | 83 | public function populate_list_UserGroup() { 84 | $this -> list_UserGroup = UserGroup_model::list_by_ou_id($this -> ou_id); 85 | } 86 | 87 | public function insert() { 88 | $sql = "INSERT INTO Ou(ou_parent_id, ou_name) VALUES ('%s', '%s');"; 89 | return Database::insert($sql, array($this -> ou_parent_id, $this -> ou_name)); 90 | } 91 | 92 | public function update() { 93 | $sql = "UPDATE Ou SET ou_parent_id ='%s', ou_name ='%s' WHERE ou_id ='%s';"; 94 | return Database::update($sql, array($this -> ou_parent_id, $this -> ou_name, $this -> ou_id)); 95 | } 96 | 97 | public function delete() { 98 | $sql = "DELETE FROM Ou WHERE ou_id ='%s';"; 99 | return Database::delete($sql, array($this -> ou_id)); 100 | } 101 | } 102 | ?> -------------------------------------------------------------------------------- /lib/web/view/layout/htmlLayout.inc: -------------------------------------------------------------------------------- 1 | 4 | 5 | 6 | 7 | 8 | Admin panel - Auth 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 38 | 39 | 40 | 58 | 59 | 60 |
    61 |
    62 |
    63 |
    64 |
    65 | Auth 66 | Log Out 67 |
    68 |
    69 |
    70 |
    71 |
    72 |
    73 | 79 |
    80 |
    81 | 82 |
    83 | 84 | 85 | -------------------------------------------------------------------------------- /www/a/public/js/jquery.treeview/jquery.treeview.async.js: -------------------------------------------------------------------------------- 1 | /* 2 | * Async Treeview 0.1 - Lazy-loading extension for Treeview 3 | * 4 | * http://bassistance.de/jquery-plugins/jquery-plugin-treeview/ 5 | * 6 | * Copyright (c) 2007 Jörn Zaefferer 7 | * 8 | * Dual licensed under the MIT and GPL licenses: 9 | * http://www.opensource.org/licenses/mit-license.php 10 | * http://www.gnu.org/licenses/gpl.html 11 | * 12 | * Revision: $Id$ 13 | * 14 | */ 15 | 16 | ;(function($) { 17 | 18 | function load(settings, root, child, container) { 19 | function createNode(parent) { 20 | var current = $("
  • ").attr("id", this.id || "").html("" + this.text + "").appendTo(parent); 21 | if (this.classes) { 22 | current.children("span").addClass(this.classes); 23 | } 24 | if (this.expanded) { 25 | current.addClass("open"); 26 | } 27 | if (this.hasChildren || this.children && this.children.length) { 28 | var branch = $("