Skip to content

Commit 583f34e

Browse files
author
Kristan Kenney
committed
Add POLICY_SYSTEM_RESET_PASSWORD
1 parent 2a711da commit 583f34e

File tree

6 files changed

+59
-25
lines changed

6 files changed

+59
-25
lines changed

bin/v-list-sys-config

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -77,6 +77,7 @@ json_list() {
7777
"API_ALLOWED_IP": "'$API_ALLOWED_IP'",
7878
"POLICY_SYSTEM_PROTECTED_ADMIN": "'$POLICY_SYSTEM_PROTECTED_ADMIN'",
7979
"POLICY_SYSTEM_HIDE_ADMIN": "'$POLICY_SYSTEM_HIDE_ADMIN'",
80+
"POLICY_SYSTEM_PASSWORD_RESET": "'$POLICY_SYSTEM_PASSWORD_RESET'",
8081
"POLICY_USER_EDIT_DETAILS": "'$POLICY_USER_EDIT_DETAILS'",
8182
"POLICY_USER_DELETE_LOGS": "'$POLICY_USER_DELETE_LOGS'",
8283
"POLICY_USER_VIEW_LOGS": "'$POLICY_USER_VIEW_LOGS'",

web/css/src/themes/default.css

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3307,7 +3307,7 @@ a.button.cancel {
33073307
letter-spacing: -0.01em;
33083308
border-bottom: 1px solid #ccc;
33093309
cursor: pointer;
3310-
min-width: 379px;
3310+
min-width: 390px;
33113311
}
33123312

33133313
.section-hide-button {

web/css/themes/default.min.css

Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

web/edit/server/index.php

Lines changed: 17 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -701,7 +701,7 @@
701701
exec (HESTIA_CMD."v-change-sys-config-value POLICY_USER_EDIT_DETAILS ".escapeshellarg($_POST['v_policy_user_edit_details']), $output, $return_var);
702702
check_return_code($return_var,$output);
703703
unset($output);
704-
if (empty($_SESSION['error_msg'])) $v_enforce_subdomain_ownership = $_POST['v_policy_user_edit_details'];
704+
if (empty($_SESSION['error_msg'])) $v_policy_user_edit_details = $_POST['v_policy_user_edit_details'];
705705
$v_security_adv = 'yes';
706706
}
707707
}
@@ -712,7 +712,7 @@
712712
exec (HESTIA_CMD."v-change-sys-config-value POLICY_USER_VIEW_LOGS ".escapeshellarg($_POST['v_policy_user_view_logs']), $output, $return_var);
713713
check_return_code($return_var,$output);
714714
unset($output);
715-
if (empty($_SESSION['error_msg'])) $v_enforce_subdomain_ownership = $_POST['v_policy_user_view_logs'];
715+
if (empty($_SESSION['error_msg'])) $v_policy_user_view_logs = $_POST['v_policy_user_view_logs'];
716716
$v_security_adv = 'yes';
717717
}
718718
}
@@ -723,7 +723,18 @@
723723
exec (HESTIA_CMD."v-change-sys-config-value POLICY_USER_DELETE_LOGS ".escapeshellarg($_POST['v_policy_user_delete_logs']), $output, $return_var);
724724
check_return_code($return_var,$output);
725725
unset($output);
726-
if (empty($_SESSION['error_msg'])) $v_enforce_subdomain_ownership = $_POST['v_policy_user_delete_logs'];
726+
if (empty($_SESSION['error_msg'])) $v_policy_user_delete_logs = $_POST['v_policy_user_delete_logs'];
727+
$v_security_adv = 'yes';
728+
}
729+
}
730+
731+
// Change POLICY_SYSTEM_PASSWORD_RESET
732+
if (empty($_SESSION['error_msg'])) {
733+
if ($_POST['v_policy_system_password_reset'] != $_SESSION['POLICY_SYSTEM_PASSWORD_RESET']) {
734+
exec (HESTIA_CMD."v-change-sys-config-value POLICY_SYSTEM_PASSWORD_RESET ".escapeshellarg($_POST['v_policy_system_password_reset']), $output, $return_var);
735+
check_return_code($return_var,$output);
736+
unset($output);
737+
if (empty($_SESSION['error_msg'])) $v_policy_system_password_reset = $_POST['v_policy_system_password_reset'];
727738
$v_security_adv = 'yes';
728739
}
729740
}
@@ -734,7 +745,7 @@
734745
exec (HESTIA_CMD."v-change-sys-config-value POLICY_SYSTEM_PROTECTED_ADMIN ".escapeshellarg($_POST['v_policy_system_protected_admin']), $output, $return_var);
735746
check_return_code($return_var,$output);
736747
unset($output);
737-
if (empty($_SESSION['error_msg'])) $v_enforce_subdomain_ownership = $_POST['v_policy_system_protected_admin'];
748+
if (empty($_SESSION['error_msg'])) $v_policy_system_protected_admin = $_POST['v_policy_system_protected_admin'];
738749
$v_security_adv = 'yes';
739750
}
740751
}
@@ -745,7 +756,7 @@
745756
exec (HESTIA_CMD."v-change-sys-config-value POLICY_USER_CHANGE_THEME ".escapeshellarg($_POST['v_policy_user_change_theme']), $output, $return_var);
746757
check_return_code($return_var,$output);
747758
unset($output);
748-
if (empty($_SESSION['error_msg'])) $v_enforce_subdomain_ownership = $_POST['v_policy_user_change_theme'];
759+
if (empty($_SESSION['error_msg'])) $v_policy_user_change_theme = $_POST['v_policy_user_change_theme'];
749760
$v_security_adv = 'yes';
750761
}
751762
}
@@ -756,7 +767,7 @@
756767
exec (HESTIA_CMD."v-change-sys-config-value POLICY_SYSTEM_HIDE_ADMIN ".escapeshellarg($_POST['v_policy_system_hide_admin']), $output, $return_var);
757768
check_return_code($return_var,$output);
758769
unset($output);
759-
if (empty($_SESSION['error_msg'])) $v_enforce_subdomain_ownership = $_POST['v_policy_system_hide_admin'];
770+
if (empty($_SESSION['error_msg'])) $v_policy_system_hide_admin = $_POST['v_policy_system_hide_admin'];
760771
$v_security_adv = 'yes';
761772
}
762773
}

web/templates/admin/edit_server.html

Lines changed: 37 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -1037,13 +1037,38 @@
10371037
<br><br>
10381038
</td>
10391039
</tr>
1040+
<tr>
1041+
<td class="vst-text input-label">
1042+
<?php print _('Allow users to reset their passwords');?>
1043+
</td>
1044+
</tr>
1045+
<tr>
1046+
<td>
1047+
<select class="vst-list" name="v_policy_system_password_reset">
1048+
<option value='yes'><?php print _('yes'); ?></option>
1049+
<option value='no' <?php if($_SESSION['POLICY_SYSTEM_PASSWORD_RESET'] == 'no') echo 'selected' ?> ><?php print _('no'); ?></option>
1050+
</select>
1051+
<br><br>
1052+
</td>
1053+
</tr>
1054+
<tr>
1055+
<td class="vst-text input-label">
1056+
<?php print _('Inactive session timeout');?> (<?php print _('Minutes');?>)
1057+
</td>
1058+
</tr>
1059+
<tr>
1060+
<td>
1061+
<input type="text" size="20" class="vst-input" name="v_inactive_session_timeout" value="<?=trim($_SESSION['INACTIVE_SESSION_TIMEOUT'], "'")?>">
1062+
<br><br>
1063+
</td>
1064+
</tr>
10401065
</table>
10411066
</td>
10421067
</tr>
10431068
<? if (($_SESSION['userContext'] === "admin") && ($_SESSION['user'] === 'admin')) {?>
10441069
<tr>
10451070
<td class="section-title" onclick="javascript:elementHideShow('security-sysadminprotect-table');">
1046-
<?=('System Administrator Protection');?>
1071+
<?=('System Protection');?>
10471072
</td>
10481073
<td class="section-hide-button">
10491074
<a href="javascript:elementHideShow('security-sysadminprotect-table');"><i class="fas fa-minus-square status-icon dim maroon"></i></a>
@@ -1053,8 +1078,14 @@
10531078
<td>
10541079
<table id="security-sysadminprotect-table" class="step-top" style="display: none;">
10551080
<tr>
1056-
<td class="vst-text input-label">
1057-
<?php print _('Restrict access to System Administrator account items');?>
1081+
<td class="vst-text input-label step-top" style="font-size:0.95rem;">
1082+
<?=_('System Administrator account');?>
1083+
</td>
1084+
1085+
</tr>
1086+
<tr>
1087+
<td class="vst-text input-label step-top">
1088+
<?=_('Restrict access to read-only for other administrators');?>
10581089
</td>
10591090
</tr>
10601091
<tr>
@@ -1068,7 +1099,7 @@
10681099
</tr>
10691100
<tr>
10701101
<td class="vst-text input-label">
1071-
<?php print _('Hide Administrator account from other Administrators');?>
1102+
<?php print _('Disable access and hide account for other administrators');?>
10721103
</td>
10731104
</tr>
10741105
<tr>
@@ -1097,7 +1128,7 @@
10971128
<table id="security-policies-table" style="display: none;">
10981129

10991130
<tr>
1100-
<td class="vst-text input-label">
1131+
<td class="vst-text input-label step-top">
11011132
<?php print _('Allow users to edit their account details');?>
11021133
</td>
11031134
</tr>
@@ -1126,7 +1157,7 @@
11261157
</tr>
11271158
<tr>
11281159
<td class="vst-text input-label">
1129-
<?php print _('Allow users to delete action and login history logs');?>
1160+
<?php print _('Allow users to delete log history');?>
11301161
</td>
11311162
</tr>
11321163
<tr>
@@ -1152,17 +1183,6 @@
11521183
<br><br>
11531184
</td>
11541185
</tr>
1155-
<tr>
1156-
<td class="vst-text input-label">
1157-
<?php print _('Inactive session timeout');?> (<?php print _('Minutes');?>)
1158-
</td>
1159-
</tr>
1160-
<tr>
1161-
<td>
1162-
<input type="text" size="20" class="vst-input" name="v_inactive_session_timeout" value="<?=trim($_SESSION['INACTIVE_SESSION_TIMEOUT'], "'")?>">
1163-
<br><br>
1164-
</td>
1165-
</tr>
11661186
<tr>
11671187
<td class="vst-text input-label">
11681188
<?php print _('Enforce subdomain ownership');?>

web/templates/login_1.html

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -21,11 +21,13 @@
2121
<tr>
2222
<td style="padding: 12px 0 0 2px;">
2323
<?php print _('Password');?>
24+
<? if ($_SESSION['POLICY_SYSTEM_PASSWORD_RESET'] !== 'no' ) {?>
2425
<div style="padding:0 6px 0px 14px; float:right;">
2526
<a tabindex="5" class="vst-advanced" href="/reset/">
2627
<?php print _('forgot password');?>
2728
</a>
2829
</div>
30+
<?}?>
2931
</td>
3032
</tr>
3133
<tr>

0 commit comments

Comments
 (0)