Skip to content

Commit 5e76310

Browse files
author
Till Brehm
committed
Merge branch '5635-confidential-issue' into 'stable-3.1'
Fixes #5635 Reseller limits are not correctly enforced when using templates Closes #5635 See merge request ispconfig/ispconfig3!1122
2 parents 362000c + aa027c6 commit 5e76310

5 files changed

Lines changed: 95 additions & 22 deletions

File tree

install/sql/incremental/upd_dev_collection.sql

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -45,6 +45,7 @@ ALTER TABLE `web_domain` DROP COLUMN `enable_spdy`;
4545
-- was missing in incremental, inserted for fixing older installations
4646
ALTER TABLE `web_domain` ADD `folder_directive_snippets` TEXT NULL AFTER `https_port`;
4747

48+
4849
ALTER TABLE `web_domain` ADD `server_php_id` INT(11) UNSIGNED NOT NULL DEFAULT 0;
4950

5051
UPDATE `web_domain` as w LEFT JOIN sys_group as g ON (g.groupid = w.sys_groupid) INNER JOIN `server_php` as p ON (w.fastcgi_php_version = CONCAT(p.name, ':', p.php_fastcgi_binary, ':', p.php_fastcgi_ini_dir) AND p.server_id IN (0, w.server_id) AND p.client_id IN (0, g.client_id)) SET w.server_php_id = p.server_php_id, w.fastcgi_php_version = '' WHERE 1;
@@ -70,3 +71,8 @@ ALTER TABLE `dns_soa` ADD `dnssec_algo` SET('NSEC3RSASHA1','ECDSAP256SHA256') NU
7071
UPDATE `dns_soa` SET `dnssec_algo` = 'NSEC3RSASHA1' WHERE `dnssec_algo` IS NULL AND dnssec_initialized = 'Y';
7172
UPDATE `dns_soa` SET `dnssec_algo` = 'ECDSAP256SHA256' WHERE `dnssec_algo` IS NULL AND dnssec_initialized = 'N';
7273
ALTER TABLE `dns_soa` CHANGE `dnssec_algo` `dnssec_algo` SET('NSEC3RSASHA1','ECDSAP256SHA256') CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT 'ECDSAP256SHA256';
74+
75+
-- Fix issue #5635
76+
ALTER TABLE `client_template` CHANGE `ssh_chroot` `ssh_chroot` VARCHAR(255) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT '';
77+
ALTER TABLE `client_template` CHANGE `web_php_options` `web_php_options` VARCHAR(255) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT '';
78+

install/sql/ispconfig3.sql

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -330,7 +330,7 @@ CREATE TABLE `client_template` (
330330
`limit_web_ip` text,
331331
`limit_web_domain` int(11) NOT NULL default '-1',
332332
`limit_web_quota` int(11) NOT NULL default '-1',
333-
`web_php_options` varchar(255) NOT NULL DEFAULT 'no',
333+
`web_php_options` varchar(255) NOT NULL DEFAULT '',
334334
`limit_cgi` enum('n','y') NOT NULL DEFAULT 'n',
335335
`limit_ssi` enum('n','y') NOT NULL DEFAULT 'n',
336336
`limit_perl` enum('n','y') NOT NULL DEFAULT 'n',
@@ -345,7 +345,7 @@ CREATE TABLE `client_template` (
345345
`limit_web_aliasdomain` int(11) NOT NULL default '-1',
346346
`limit_ftp_user` int(11) NOT NULL default '-1',
347347
`limit_shell_user` int(11) NOT NULL default '0',
348-
`ssh_chroot` varchar(255) NOT NULL DEFAULT 'no',
348+
`ssh_chroot` varchar(255) NOT NULL DEFAULT '',
349349
`limit_webdav_user` int(11) NOT NULL default '0',
350350
`limit_backup` ENUM( 'n', 'y' ) NOT NULL DEFAULT 'y',
351351
`limit_directive_snippets` ENUM( 'n', 'y' ) NOT NULL DEFAULT 'n',

interface/lib/classes/tform_base.inc.php

Lines changed: 43 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -336,11 +336,11 @@ function getDatasourceData($field, $record) {
336336
}
337337

338338
//* If the parameter 'valuelimit' is set
339-
function applyValueLimit($limit, $values, $current_value = '') {
339+
function applyValueLimit($formtype, $limit, $values, $current_value = '') {
340340

341341
global $app;
342342

343-
// we mas have multiple limits, therefore we explode by ; first
343+
// we may have multiple limits, therefore we explode by ; first
344344
// Example: "system:sites:web_php_options;client:web_php_options"
345345
$limits = explode(';',$limit);
346346

@@ -399,18 +399,31 @@ function applyValueLimit($limit, $values, $current_value = '') {
399399
$tmp_key = $limit_parts[2];
400400
$allowed = $allowed = explode(',',$tmp_conf[$tmp_key]);
401401
}
402+
403+
if($formtype == 'CHECKBOX') {
404+
if(strstr($limit,'force_')) {
405+
// Force the checkbox field to be ticked and enabled
406+
if($allowed[0] == $values[1]) {
407+
$values = 'on';
408+
}
409+
} else {
410+
// Force the checkbox field to be unchecked and disabled
411+
if($allowed[0] == $values[0]) {
412+
$values = 'off';
413+
}
414+
}
415+
} else {
416+
// add the current value to the allowed array
417+
$allowed[] = $current_value;
402418

403-
// add the current value to the allowed array
404-
$allowed[] = $current_value;
405-
406-
// remove all values that are not allowed
407-
$values_new = array();
408-
foreach($values as $key => $val) {
409-
if(in_array($key, $allowed)) $values_new[$key] = $val;
419+
// remove all values that are not allowed
420+
$values_new = array();
421+
foreach($values as $key => $val) {
422+
if(in_array($key, $allowed)) $values_new[$key] = $val;
423+
}
424+
$values = $values_new;
410425
}
411426

412-
$values = $values_new;
413-
414427
}
415428

416429
return $values;
@@ -479,7 +492,7 @@ function getHTML($record, $tab, $action = 'NEW') {
479492

480493
// If a limitation for the values is set
481494
if(isset($field['valuelimit']) && is_array($field["value"])) {
482-
$field["value"] = $this->applyValueLimit($field['valuelimit'], $field["value"], $val);
495+
$field["value"] = $this->applyValueLimit($field['formtype'], $field['valuelimit'], $field["value"], $val);
483496
}
484497

485498
switch ($field['formtype']) {
@@ -521,8 +534,14 @@ function getHTML($record, $tab, $action = 'NEW') {
521534
break;
522535

523536
case 'CHECKBOX':
524-
$checked = ($val == $field['value'][1])?' CHECKED':'';
525-
$new_record[$key] = "<input name=\"".$key."\" id=\"".$key."\" value=\"".$field['value'][1]."\" type=\"checkbox\" $checked />\r\n";
537+
if($field["value"] == 'off') {
538+
$new_record[$key] = "<input name=\"".$key."\" id=\"".$key."\" value=\"".$field['value'][1]."\" type=\"checkbox\" disabled=\"disabled\" />\r\n";
539+
} elseif ($field["value"] == 'on') {
540+
$new_record[$key] = "<input name=\"".$key."\" id=\"".$key."\" value=\"".$field['value'][1]."\" type=\"checkbox\" disabled=\"disabled\" CHECKED />\r\n";
541+
} else {
542+
$checked = ($val == $field['value'][1])?' CHECKED':'';
543+
$new_record[$key] = "<input name=\"".$key."\" id=\"".$key."\" value=\"".$field['value'][1]."\" type=\"checkbox\" $checked />\r\n";
544+
}
526545
break;
527546

528547
case 'CHECKBOXARRAY':
@@ -614,7 +633,7 @@ function getHTML($record, $tab, $action = 'NEW') {
614633

615634
// If a limitation for the values is set
616635
if(isset($field['valuelimit']) && is_array($field["value"])) {
617-
$field["value"] = $this->applyValueLimit($field['valuelimit'], $field["value"], $field['default']);
636+
$field["value"] = $this->applyValueLimit($field['formtype'], $field['valuelimit'], $field["value"], $field['default']);
618637
}
619638

620639
switch ($field['formtype']) {
@@ -651,9 +670,15 @@ function getHTML($record, $tab, $action = 'NEW') {
651670
break;
652671

653672
case 'CHECKBOX':
654-
// $checked = (empty($field["default"]))?'':' CHECKED';
655-
$checked = ($field["default"] == $field['value'][1])?' CHECKED':'';
656-
$new_record[$key] = "<input name=\"".$key."\" id=\"".$key."\" value=\"".$field['value'][1]."\" type=\"checkbox\" $checked />\r\n";
673+
if($field["value"] == 'off') {
674+
$new_record[$key] = "<input name=\"".$key."\" id=\"".$key."\" value=\"".$field['value'][1]."\" type=\"checkbox\" disabled=\"disabled\" />\r\n";
675+
} elseif ($field["value"] == 'on') {
676+
$new_record[$key] = "<input name=\"".$key."\" id=\"".$key."\" value=\"".$field['value'][1]."\" type=\"checkbox\" disabled=\"disabled\" CHECKED />\r\n";
677+
} else {
678+
// $checked = (empty($field["default"]))?'':' CHECKED';
679+
$checked = ($field["default"] == $field['value'][1])?' CHECKED':'';
680+
$new_record[$key] = "<input name=\"".$key."\" id=\"".$key."\" value=\"".$field['value'][1]."\" type=\"checkbox\" $checked />\r\n";
681+
}
657682
break;
658683

659684
case 'CHECKBOXARRAY':

interface/web/client/form/client.tform.php

Lines changed: 22 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -985,42 +985,49 @@
985985
'datatype' => 'VARCHAR',
986986
'formtype' => 'CHECKBOX',
987987
'default' => 'n',
988+
'valuelimit' => 'client:limit_xmpp_muc',
988989
'value' => array(0 => 'n', 1 => 'y')
989990
),
990991
'limit_xmpp_anon' => array(
991992
'datatype' => 'VARCHAR',
992993
'formtype' => 'CHECKBOX',
993994
'default' => 'n',
995+
'valuelimit' => 'client:limit_xmpp_anon',
994996
'value' => array(0 => 'n', 1 => 'y')
995997
),
996998
'limit_xmpp_vjud' => array(
997999
'datatype' => 'VARCHAR',
9981000
'formtype' => 'CHECKBOX',
9991001
'default' => 'n',
1002+
'valuelimit' => 'client:limit_xmpp_vjud',
10001003
'value' => array(0 => 'n', 1 => 'y')
10011004
),
10021005
'limit_xmpp_proxy' => array(
10031006
'datatype' => 'VARCHAR',
10041007
'formtype' => 'CHECKBOX',
10051008
'default' => 'n',
1009+
'valuelimit' => 'client:limit_xmpp_proxy',
10061010
'value' => array(0 => 'n', 1 => 'y')
10071011
),
10081012
'limit_xmpp_status' => array(
10091013
'datatype' => 'VARCHAR',
10101014
'formtype' => 'CHECKBOX',
10111015
'default' => 'n',
1016+
'valuelimit' => 'client:limit_xmpp_status',
10121017
'value' => array(0 => 'n', 1 => 'y')
10131018
),
10141019
'limit_xmpp_pastebin' => array(
10151020
'datatype' => 'VARCHAR',
10161021
'formtype' => 'CHECKBOX',
10171022
'default' => 'n',
1023+
'valuelimit' => 'client:limit_xmpp_pastebin',
10181024
'value' => array(0 => 'n', 1 => 'y')
10191025
),
10201026
'limit_xmpp_httparchive' => array(
10211027
'datatype' => 'VARCHAR',
10221028
'formtype' => 'CHECKBOX',
10231029
'default' => 'n',
1030+
'valuelimit' => 'client:limit_xmpp_httparchive',
10241031
'value' => array(0 => 'n', 1 => 'y')
10251032
),
10261033
'default_webserver' => array (
@@ -1087,67 +1094,77 @@
10871094
),
10881095
'default' => '',
10891096
'separator' => ',',
1090-
'valuelimit' => 'system:sites:web_php_options',
1097+
'valuelimit' => 'system:sites:web_php_options;client:web_php_options',
10911098
'value' => array('no' => 'Disabled', 'fast-cgi' => 'Fast-CGI', 'cgi' => 'CGI', 'mod' => 'Mod-PHP', 'suphp' => 'SuPHP', 'php-fpm' => 'PHP-FPM', 'hhvm' => 'HHVM')
10921099
),
10931100
'limit_cgi' => array (
10941101
'datatype' => 'VARCHAR',
10951102
'formtype' => 'CHECKBOX',
10961103
'default' => 'n',
1104+
'valuelimit' => 'client:limit_cgi',
10971105
'value' => array(0 => 'n', 1 => 'y')
10981106
),
10991107
'limit_ssi' => array (
11001108
'datatype' => 'VARCHAR',
11011109
'formtype' => 'CHECKBOX',
11021110
'default' => 'n',
1111+
'valuelimit' => 'client:limit_ssi',
11031112
'value' => array(0 => 'n', 1 => 'y')
11041113
),
11051114
'limit_perl' => array (
11061115
'datatype' => 'VARCHAR',
11071116
'formtype' => 'CHECKBOX',
11081117
'default' => 'n',
1118+
'valuelimit' => 'client:limit_perl',
11091119
'value' => array(0 => 'n', 1 => 'y')
11101120
),
11111121
'limit_ruby' => array (
11121122
'datatype' => 'VARCHAR',
11131123
'formtype' => 'CHECKBOX',
11141124
'default' => 'n',
1125+
'valuelimit' => 'client:limit_ruby',
11151126
'value' => array(0 => 'n', 1 => 'y')
11161127
),
11171128
'limit_python' => array (
11181129
'datatype' => 'VARCHAR',
11191130
'formtype' => 'CHECKBOX',
11201131
'default' => 'n',
1132+
'valuelimit' => 'client:limit_python',
11211133
'value' => array(0 => 'n', 1 => 'y')
11221134
),
11231135
'force_suexec' => array (
11241136
'datatype' => 'VARCHAR',
11251137
'formtype' => 'CHECKBOX',
11261138
'default' => 'y',
1139+
'valuelimit' => 'client:force_suexec',
11271140
'value' => array(0 => 'n', 1 => 'y')
11281141
),
11291142
'limit_hterror' => array (
11301143
'datatype' => 'VARCHAR',
11311144
'formtype' => 'CHECKBOX',
11321145
'default' => 'n',
1146+
'valuelimit' => 'client:limit_hterror',
11331147
'value' => array(0 => 'n', 1 => 'y')
11341148
),
11351149
'limit_wildcard' => array (
11361150
'datatype' => 'VARCHAR',
11371151
'formtype' => 'CHECKBOX',
11381152
'default' => 'n',
1153+
'valuelimit' => 'client:limit_wildcard',
11391154
'value' => array(0 => 'n', 1 => 'y')
11401155
),
11411156
'limit_ssl' => array (
11421157
'datatype' => 'VARCHAR',
11431158
'formtype' => 'CHECKBOX',
11441159
'default' => 'n',
1160+
'valuelimit' => 'client:limit_ssl',
11451161
'value' => array(0 => 'n', 1 => 'y')
11461162
),
11471163
'limit_ssl_letsencrypt' => array (
11481164
'datatype' => 'VARCHAR',
11491165
'formtype' => 'CHECKBOX',
11501166
'default' => 'n',
1167+
'valuelimit' => 'client:limit_ssl_letsencrypt',
11511168
'value' => array(0 => 'n', 1 => 'y')
11521169
),
11531170
'limit_web_aliasdomain' => array (
@@ -1235,12 +1252,14 @@
12351252
'datatype' => 'VARCHAR',
12361253
'formtype' => 'CHECKBOX',
12371254
'default' => 'y',
1255+
'valuelimit' => 'client:limit_backup',
12381256
'value' => array(0 => 'n', 1 => 'y')
12391257
),
12401258
'limit_directive_snippets' => array (
12411259
'datatype' => 'VARCHAR',
12421260
'formtype' => 'CHECKBOX',
12431261
'default' => 'n',
1262+
'valuelimit' => 'client:limit_directive_snippets',
12441263
'value' => array(0 => 'n', 1 => 'y')
12451264
),
12461265
'default_dnsserver' => array (
@@ -1426,6 +1445,7 @@
14261445
'datatype' => 'VARCHAR',
14271446
'formtype' => 'SELECT',
14281447
'default' => '',
1448+
'valuelimit' => 'client:limit_cron_type',
14291449
'value' => array('full' => 'Full Cron', 'chrooted' => 'Chrooted Cron', 'url' => 'URL Cron')
14301450
),
14311451
'limit_cron_frequency' => array (
@@ -1479,6 +1499,7 @@
14791499
'keyfield'=> 'template_id',
14801500
'valuefield'=> 'template_name'
14811501
),
1502+
'valuelimit' => 'client:limit_openvz_vm_template_id',
14821503
'value' => array(0 => ' ')
14831504
),
14841505
'limit_aps' => array (

0 commit comments

Comments
 (0)