Merge pull request hestiacp#316 from Lupul/Bugfix-0517

Bugfix 0517

Author: ScIT-Raphael

bin/v-add-user

@@ -61,6 +61,18 @@ check_result $? "user creation failed" $E_INVALID
 # Adding password
 echo "$user:$password" | /usr/sbin/chpasswd
 
+# Add a general group for normal users created by Hestia
+if [ -z "$(grep ^hestia-users: /etc/group)" ]; then
+    groupadd "hestia-users"
+fi
+
+# Add membership to hestia-users group to non-admin users
+if [ "$user" != "admin" ]; then
+    usermod -a -G "hestia-users" "$user"
+    setfacl -m "u:$user:r-x" "$HOMEDIR/$user"
+fi
+setfacl -m "g:hestia-users:---" "$HOMEDIR/$user"
+
 # Building directory tree
 mkdir $HOMEDIR/$user/conf
 

bin/v-add-web-domain-ftp

@@ -85,6 +85,7 @@ fi
     -s $shell \
     -o -u $(id -u $user) \
     -g $(id -u $user) \
+    -G hestia-users \
     -M -d "$ftp_path_a"  > /dev/null 2>&1
 
 # Set ftp user password

install/upgrade/0.10.0-190430.sh

@@ -173,6 +173,27 @@ if [ -d "/etc/roundcube" ]; then
     chown root:www-data /etc/roundcube/debian-db*
 fi
 
+# Add a general group for normal users created by Hestia
+if [ -z "$(grep ^hestia-users: /etc/group)" ]; then
+    groupadd "hestia-users"
+fi
+
+# Make sure non-admin users belong to correct Hestia group
+for user in `ls /usr/local/hestia/data/users/`; do
+    if [ "$user" != "admin" ]; then
+        usermod -a -G "hestia-users" "$user"
+        setfacl -m "u:$user:r-x" "$HOMEDIR/$user"
+
+        # Update FTP users groups membership
+        uid=$(id -u $user)
+        for ftp_user in $(cat /etc/passwd | grep -v "^$user:" | grep "^$user.*:$uid:$uid:" | cut -d ":" -f1); do
+            usermod -a -G "hestia-users" "$ftp_user"
+        done
+
+    fi
+    setfacl -m "g:hestia-users:---" "$HOMEDIR/$user"
+done
+
 # Add unassigned hosts configuration to Nginx and Apache
 for ipaddr in $(ls /usr/local/hestia/data/ips/ 2>/dev/null); do
 

web/js/pages/edit_web.js

@@ -191,6 +191,15 @@ $(function() {
             $('.stats-auth').show();
         }
     });
+
+    $('#vstobjects').bind('submit', function(evt) {
+        $('input[disabled]').each(function(i, elm) {
+            var copy_elm = $(elm).clone(true);
+            $(copy_elm).attr('type', 'hidden');
+            $(copy_elm).removeAttr('disabled');
+            $(elm).after(copy_elm);
+        });
+    });
 });
 
 function WEBrandom() {
@@ -221,12 +230,3 @@ function elementHideShow(elementToHideOrShow){
     var el = document.getElementById(elementToHideOrShow);
     el.style.display = el.style.display === 'none' ? 'block' : 'none';
 }
-
-$('#vstobjects').bind('submit', function(evt) {
-    $('input[disabled]').each(function(i, elm) {
-        var copy_elm = $(elm).clone(true);
-        $(copy_elm).attr('type', 'hidden');
-        $(copy_elm).removeAttr('disabled');
-        $(elm).after(copy_elm);
-    });
-});

web/templates/admin/edit_web.html

@@ -13,7 +13,7 @@
                 }
               }
             ?>
-            <a href="#" class="ui-button" title="<?=__('Save')?>" onclick="document.getElementById('vstobjects').submit();"><i class="fas fa-save status-icon purple"></i> <?=__('Save')?></a>
+            <a href="#" class="ui-button" title="<?=__('Save')?>" onclick="$('#vstobjects').submit();"><i class="fas fa-save status-icon purple"></i> <?=__('Save')?></a>
           </div>
         </div>
       </div>

web/templates/user/edit_web.html

@@ -13,7 +13,7 @@
                 }
               }
             ?>
-            <a href="#" class="ui-button" title="<?=__('Save')?>" onclick="document.getElementById('vstobjects').submit();"><i class="fas fa-save status-icon purple"></i> <?=__('Save')?></a>
+            <a href="#" class="ui-button" title="<?=__('Save')?>" onclick="$('#vstobjects').submit();"><i class="fas fa-save status-icon purple"></i> <?=__('Save')?></a>
           </div>
         </div>
       </div>