liam-linux-account-manager/templates/group.php

422 lines
17 KiB
PHP
Raw Permalink Normal View History

2021-11-16 15:11:32 +01:00
<?php
$membercounts = array('User' => 0, 'ServerAccount' => 0, 'Group' => 0);
foreach($this->get('group_members') as $member) {
$membercounts[get_class($member)]++;
}
?>
<h1><span class="glyphicon glyphicon-list-alt" title="Group"></span> <?php out($this->get('group')->name)?><?php if($this->get('group')->active == 0) out(' <span class="label label-default">Inactive</span>', ESC_NONE) ?></h1>
<?php if($this->get('admin') || $this->get('group_admin')) { ?>
<ul class="nav nav-tabs">
<li><a href="#members" data-toggle="tab">Members</a></li>
<li><a href="#access" data-toggle="tab">Access</a></li>
<li><a href="#outbound" data-toggle="tab">Outbound access</a></li>
<li><a href="#admins" data-toggle="tab">Administrators</a></li>
<?php if($this->get('admin')) { ?>
<li><a href="#settings" data-toggle="tab">Settings</a></li>
<?php } ?>
<li><a href="#log" data-toggle="tab">Log</a></li>
</ul>
<!-- Tab panes -->
<div class="tab-content">
<div class="tab-pane fade" id="members">
<h2 class="sr-only">Group members</h2>
<?php if(count($this->get('group_members')) == 0) { ?>
<p>No members have been added to this group yet.</p>
<?php } else { ?>
<form method="post" action="<?php outurl($this->data->relative_request_url)?>">
<?php out($this->get('active_user')->get_csrf_field(), ESC_NONE) ?>
<?php if($this->get('group')->system) { ?>
<div class="alert alert-info">
This is a system group. Its membership list cannot be edited.
</div>
<?php } ?>
<table class="table table-bordered table-striped">
<thead>
<tr>
<th colspan="2">Member</th>
<th>Status</th>
<?php if(!$this->get('group')->system) { ?>
<th>Actions</th>
<?php } ?>
</tr>
</thead>
<tbody>
<?php foreach($this->get('group_members') as $member) { ?>
<tr>
<?php
switch(get_class($member)) {
case 'User':
?>
<td><a href="<?php outurl('/users/'.urlencode($member->uid))?>" class="user"><?php out($member->uid)?></a></td>
<td><?php out($member->name); if(!$member->active) out(' <span class="label label-default">Inactive</span>', ESC_NONE)?></td>
<?php
break;
case 'ServerAccount':
?>
<td><a href="<?php outurl('/servers/'.urlencode($member->server->hostname).'/accounts/'.urlencode($member->name))?>" class="serveraccount"><?php out($member->name.'@'.$member->server->hostname)?></a></td>
<td><em>Server account</em><?php if($member->server->key_management == 'decommissioned') out(' <span class="label label-default">Inactive</span>', ESC_NONE) ?></td>
<?php
break;
case 'Group':
?>
<td><a href="<?php outurl('/groups/'.urlencode($member->name))?>" class="group"><?php out($member->name)?></a></td>
<td><em>Group</em></td>
<?php
break;
}
?>
<td>Added on <?php out($member->add_date) ?> by <a href="<?php outurl('/users/'.urlencode($member->added_by->uid))?>" class="user"><?php out($member->added_by->uid) ?></a></td>
<?php if(!$this->get('group')->system) { ?>
<td>
<button type="submit" name="delete_member" value="<?php out($member->entity_id)?>" class="btn btn-default btn-xs"><span class="glyphicon glyphicon-ban-circle"></span> Remove from group</button>
</td>
<?php } ?>
<?php } ?>
</tr>
</tbody>
</table>
</form>
<?php } ?>
<?php if(!$this->get('group')->system) { ?>
<form method="post" action="<?php outurl($this->data->relative_request_url)?>">
<?php out($this->get('active_user')->get_csrf_field(), ESC_NONE) ?>
<h3>Add user</h3>
<div class="row">
<div class="form-group col-md-9">
<div class="input-group">
<span class="input-group-addon"><label for="username"><span class="glyphicon glyphicon-user" title="User"></span><span class="sr-only">User name</span></label></span>
<input type="text" id="username" name="username" class="form-control" placeholder="User name" required list="userlist">
</div>
</div>
<div class="form-group col-md-3">
<button type="submit" name="add_member" value="1" class="btn btn-primary btn-block">Add user to group</button>
</div>
</div>
</form>
<form method="post" action="<?php outurl($this->data->relative_request_url)?>">
<?php out($this->get('active_user')->get_csrf_field(), ESC_NONE) ?>
<h3>Add server account</h3>
<div class="row">
<div class="form-group col-md-2">
<div class="input-group">
<span class="input-group-addon"><label for="account"><span class="glyphicon glyphicon-log-in" title="Server account"></span><span class="sr-only">Account</span></label></span>
<input type="text" id="account" name="account" class="form-control" placeholder="Account name" required>
</div>
</div>
<div class="form-group col-md-7">
<div class="input-group">
<span class="input-group-addon"><label for="hostname">@</label></span>
<input type="text" id="hostname" name="hostname" class="form-control" placeholder="Hostname" required list="<?php out($this->get('admin') ? 'serverlist' : 'adminedserverlist')?>">
</div>
</div>
<div class="form-group col-md-3">
<button type="submit" name="add_member" value="1" class="btn btn-primary btn-block">Add server account to group</button>
</div>
</div>
</form>
<?php } ?>
</div>
<div class="tab-pane fade" id="access">
<h2 class="sr-only">Access</h2>
<?php if(count($this->get('group_access')) == 0) { ?>
<?php if($membercounts['ServerAccount'] > 0 || $membercounts['Group'] > 0) { ?>
<p>No access has been granted to this group's resources.</p>
<?php } ?>
<?php } else { ?>
<form method="post" action="<?php outurl($this->data->relative_request_url)?>">
<?php out($this->get('active_user')->get_csrf_field(), ESC_NONE) ?>
<table class="table table-bordered table-striped">
<thead>
<tr>
<th colspan="2">Access for</th>
<th>Status</th>
<th>Options</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
<?php foreach($this->get('group_access') as $access) { ?>
<?php $entity = $access->source_entity; ?>
<tr>
<?php
$options = $access->list_options();
switch(get_class($entity)) {
case 'User':
?>
<td><a href="<?php outurl('/users/'.urlencode($entity->uid))?>" class="user"><?php out($entity->uid)?></a></td>
<td><?php out($entity->name); if(!$entity->active) out(' <span class="label label-default">Inactive</span>', ESC_NONE)?></td>
<?php
break;
case 'ServerAccount':
?>
<td><a href="<?php outurl('/servers/'.urlencode($entity->server->hostname).'/accounts/'.urlencode($entity->name))?>" class="serveraccount"><?php out($entity->name.'@'.$entity->server->hostname)?></a></td>
<td><em>Server account</em><?php if($entity->server->key_management == 'decommissioned') out(' <span class="label label-default">Inactive</span>', ESC_NONE) ?></td>
<?php
break;
case 'Group':
?>
<td><a href="<?php outurl('/groups/'.urlencode($entity->name))?>" class="group"><?php out($entity->name)?></a></td>
<td><em>Group</em></td>
<?php
break;
}
?>
<td>Added on <?php out($access->grant_date) ?> by <a href="<?php outurl('/users/'.urlencode($access->granted_by->uid))?>" class="user"><?php out($access->granted_by->uid) ?></a></td>
<td>
<?php if(count($options) > 0) { ?>
<ul class="compact">
<?php foreach($options as $option) { ?>
<li>
<code>
<?php
out($option->option);
if(!is_null($option->value)) {
?>=&quot;<abbr title="<?php out($option->value)?>">…</abbr>&quot;<?php
}
?>
</code>
</li>
<?php } ?>
</ul>
<?php } ?>
</td>
<td>
<a href="<?php outurl('/groups/'.urlencode($this->get('group')->name).'/access_rules/'.urlencode($access->id))?>" class="btn btn-default btn-xs"><span class="glyphicon glyphicon-cog"></span> Configure access</a>
<button type="submit" name="delete_access" value="<?php out($access->id)?>" class="btn btn-default btn-xs"><span class="glyphicon glyphicon-ban-circle"></span> Remove access</button>
</td>
<?php } ?>
</tr>
</tbody>
</table>
</form>
<?php } ?>
<?php if($membercounts['ServerAccount'] == 0 && $membercounts['Group'] == 0) { ?>
<p>This group does not contain any resources (server accounts or groups containing server accounts) to grant access to.</p>
<?php } else { ?>
<form method="post" action="<?php outurl($this->data->relative_request_url)?>">
<?php out($this->get('active_user')->get_csrf_field(), ESC_NONE) ?>
<h3>Grant user access</h3>
<div class="row">
<div class="form-group col-md-8">
<div class="input-group">
<span class="input-group-addon"><label for="access-username"><span class="glyphicon glyphicon-user" title="User"></span><span class="sr-only">User name</span></label></span>
<input type="text" id="access-username" name="username" class="form-control" placeholder="User name" required list="userlist">
</div>
</div>
<div class="form-group col-md-4">
<button type="submit" name="add_access" value="1" class="btn btn-primary btn-block">Grant user access to group resources</button>
</div>
</div>
</form>
<form method="post" action="<?php outurl($this->data->relative_request_url)?>">
<?php out($this->get('active_user')->get_csrf_field(), ESC_NONE) ?>
<h3>Grant server account access</h3>
<div class="row">
<div class="form-group col-md-2">
<div class="input-group">
<span class="input-group-addon"><label for="access-account"><span class="glyphicon glyphicon-log-in" title="Server account"></span><span class="sr-only">Account</span></label></span>
<input type="text" id="access-account" name="account" class="form-control" placeholder="Account name" required>
</div>
</div>
<div class="form-group col-md-6">
<div class="input-group">
<span class="input-group-addon"><label for="access-hostname">@</label></span>
<input type="text" id="access-hostname" name="hostname" class="form-control" placeholder="Hostname" required list="serverlist">
</div>
</div>
<div class="form-group col-md-4">
<button type="submit" name="add_access" value="1" class="btn btn-primary btn-block">Grant server account access to group resources</button>
</div>
</div>
</form>
<form method="post" action="<?php outurl($this->data->relative_request_url)?>">
<?php out($this->get('active_user')->get_csrf_field(), ESC_NONE) ?>
<h3>Grant group access</h3>
<div class="row">
<div class="form-group col-md-8">
<div class="input-group">
<span class="input-group-addon"><label for="access-group"><span class="glyphicon glyphicon-list-alt" title="Group"></span><span class="sr-only">Group name</span></label></span>
<input type="text" id="access-group" name="group" class="form-control" placeholder="Group name" required list="grouplist">
</div>
</div>
<div class="form-group col-md-4">
<button type="submit" name="add_access" value="1" class="btn btn-primary btn-block">Grant a group access to this group's resources</button>
</div>
</div>
</form>
<?php } ?>
</div>
<div class="tab-pane fade" id="outbound">
<h2 class="sr-only">Outbound access</h2>
<?php if(count($this->get('group_remote_access')) == 0) { ?>
<p>This group has not been granted access to other resources.</p>
<?php } else { ?>
<p>This group has access to the following resources:</p>
<table class="table table-bordered table-striped">
<thead>
<tr>
<th colspan="2">Access to</th>
<th>Status</th>
</tr>
</thead>
<tbody>
<?php foreach($this->get('group_remote_access') as $access) { ?>
<?php $entity = $access->dest_entity; ?>
<tr>
<?php
switch(get_class($entity)) {
case 'User':
?>
<td><a href="<?php outurl('/users/'.urlencode($entity->uid))?>" class="user"><?php out($entity->uid)?></a></td>
<td><?php out($entity->name); if(!$entity->active) out(' <span class="label label-default">Inactive</span>', ESC_NONE)?></td>
<?php
break;
case 'ServerAccount':
?>
<td><a href="<?php outurl('/servers/'.urlencode($entity->server->hostname).'/accounts/'.urlencode($entity->name))?>" class="serveraccount"><?php out($entity->name.'@'.$entity->server->hostname)?></a></td>
<td><em>Server account</em><?php if($entity->server->key_management == 'decommissioned') out(' <span class="label label-default">Inactive</span>', ESC_NONE) ?></td>
<?php
break;
case 'Group':
?>
<td><a href="<?php outurl('/groups/'.urlencode($entity->name))?>" class="group"><?php out($entity->name)?></a></td>
<td><em>Group</em></td>
<?php
break;
}
?>
<td>Added on <?php out($access->grant_date) ?> by <a href="<?php outurl('/users/'.urlencode($access->granted_by->uid))?>" class="user"><?php out($access->granted_by->uid) ?></a></td>
<?php } ?>
</tr>
</tbody>
</table>
<?php } ?>
</div>
<div class="tab-pane fade" id="admins">
<h2 class="sr-only">Group administrators</h2>
<?php if(count($this->get('group_admins')) == 0) { ?>
<p class="alert alert-danger">This group does not have any administrators assigned.</p>
<?php } else { ?>
<form method="post" action="<?php outurl($this->data->relative_request_url)?>">
<?php out($this->get('active_user')->get_csrf_field(), ESC_NONE) ?>
<table class="table table-bordered table-striped">
<thead>
<tr>
<th>User ID</th>
<th>Name</th>
<?php if($this->get('admin')) { ?>
<th>Actions</th>
<?php } ?>
</tr>
</thead>
<tbody>
<?php foreach($this->get('group_admins') as $admin) { ?>
<tr>
<td><a href="<?php outurl('/users/'.urlencode($admin->uid))?>" class="user"><?php out($admin->uid) ?></a></td>
<td><?php out($admin->name); if(!$admin->active) out(' <span class="label label-default">Inactive</span>', ESC_NONE) ?></td>
<?php if($this->get('admin')) { ?>
<td>
<button type="submit" name="delete_admin" value="<?php out($admin->id) ?>" class="btn btn-default btn-xs"><span class="glyphicon glyphicon-trash"></span> Remove admin</button>
</td>
<?php } ?>
</tr>
<?php } ?>
</tbody>
</table>
</form>
<?php } ?>
<?php if($this->get('admin')) { ?>
<form method="post" action="<?php outurl($this->data->relative_request_url)?>" class="form-inline">
<?php out($this->get('active_user')->get_csrf_field(), ESC_NONE) ?>
<h3>Add administrator</h3>
<div class="form-group">
<label for="user_name" class="sr-only">User name</label>
<input type="text" id="user_name" name="user_name" class="form-control" placeholder="User name" required list="userlist">
</div>
<button type="submit" name="add_admin" value="1" class="btn btn-primary">Add administrator to group</button>
</form>
<?php } ?>
</div>
<?php if($this->get('admin')) { ?>
<div class="tab-pane fade" id="settings">
<h2 class="sr-only">Settings</h2>
<form method="post" action="<?php outurl($this->data->relative_request_url)?>" class="form-horizontal">
<?php out($this->get('active_user')->get_csrf_field(), ESC_NONE) ?>
<div class="form-group">
<label for="name" class="col-sm-2 control-label">Name</label>
<div class="col-sm-10">
<input type="text" id="name" name="name" value="<?php out($this->get('group')->name)?>" required class="form-control">
</div>
</div>
<div class="form-group">
<label class="col-sm-2 control-label">Group status</label>
<div class="col-sm-10">
<div class="radio">
<label class="text-success">
<input type="radio" name="active" value="1"<?php if($this->get('group')->active == 1) out(' checked') ?>>
Enabled
</label>
</div>
<div class="radio">
<label class="text-danger">
<input type="radio" name="active" value="0"<?php if($this->get('group')->active == 0) out(' checked') ?>>
Disabled
</label>
</div>
</div>
</div>
<div class="form-group">
<div class="col-sm-offset-2 col-sm-10">
<button type="submit" name="edit_group" value="1" class="btn btn-primary">Change settings</button>
</div>
</div>
</form>
</div>
<?php } ?>
<div class="tab-pane fade" id="log">
<h2 class="sr-only">Log</h2>
<table class="table">
<thead>
<tr>
<th>Entity</th>
<th>User</th>
<th>Activity</th>
<th>Date (<abbr title="Coordinated Universal Time">UTC</abbr>)</th>
</tr>
</thead>
<tbody>
<?php
foreach($this->get('group_log') as $event) {
show_event($event);
}
?>
</tbody>
</table>
</div>
</div>
<datalist id="userlist">
<?php foreach($this->get('all_users') as $user) { ?>
<option value="<?php out($user->uid)?>" label="<?php out($user->name)?>">
<?php } ?>
</datalist>
<datalist id="grouplist">
<?php foreach($this->get('all_groups') as $group) { ?>
<option value="<?php out($group->name)?>">
<?php } ?>
</datalist>
<datalist id="adminedserverlist">
<?php foreach($this->get('admined_servers') as $server) { ?>
<option value="<?php out($server->hostname)?>">
<?php } ?>
</datalist>
<datalist id="serverlist">
<?php foreach($this->get('all_servers') as $server) { ?>
<option value="<?php out($server->hostname)?>">
<?php } ?>
</datalist>
<?php } else { ?>
<p>You do not have access to manage this group.</p>
<?php } ?>