From: Andrew Bartlett <abartlet@samba.org>
Date: Tue, 10 Jan 2006 10:35:47 +0000 (+0000)
Subject: r12823: Fix up the provison and newuser code in SWAT.  This also cleans up the
X-Git-Url: http://git.samba.org/samba.git/?p=kai%2Fsamba.git;a=commitdiff_plain;h=75ef0ba513489a85557cb486135d80286d620809

r12823: Fix up the provison and newuser code in SWAT.  This also cleans up the
main provision script a bit, as the argument list was getting out of
control.  (It has been replaced in part with an object).

This also returns the session_info from the auth code into ejs.

We still need access control allowing only root to re-provision.

Andrew Bartlett
(This used to be commit 002cdcf3cab6563909d31edc5d825e857dc0a732)
---

diff --git a/source4/scripting/ejs/smbcalls_auth.c b/source4/scripting/ejs/smbcalls_auth.c
index a1310ded9c8..5c70b6908bc 100644
--- a/source4/scripting/ejs/smbcalls_auth.c
+++ b/source4/scripting/ejs/smbcalls_auth.c
@@ -35,6 +35,7 @@ static int ejs_doauth(MprVarHandle eid,
 	struct auth_serversupplied_info *server_info = NULL;
 	struct auth_session_info *session_info = NULL;
 	struct auth_context *auth_context;
+	struct MprVar *session_info_obj;
 	const char *auth_types[] = { authtype, NULL };
 	NTSTATUS nt_status;
 
@@ -89,9 +90,12 @@ static int ejs_doauth(MprVarHandle eid,
 		goto done;
 	}
 
+	session_info_obj = mprInitObject(eid, "session_info", 0, NULL);
+
+	mprSetPtrChild(session_info_obj, "session_info", session_info);
 	talloc_steal(mprMemCtx(), session_info);
-	mprSetThisPtr(eid, "session_info", session_info);
 
+	mprSetProperty(auth, "session_info", session_info_obj);
 	mprSetPropertyValue(auth, "result", mprCreateBoolVar(server_info->authenticated));
 	mprSetPropertyValue(auth, "username", mprString(server_info->account_name));
 	mprSetPropertyValue(auth, "domain", mprString(server_info->domain_name));
diff --git a/source4/scripting/libjs/provision.js b/source4/scripting/libjs/provision.js
index e71ea835236..8b1d93c0567 100644
--- a/source4/scripting/libjs/provision.js
+++ b/source4/scripting/libjs/provision.js
@@ -12,11 +12,12 @@ sys = sys_init();
 /*
   return true if the current install seems to be OK
 */
-function install_ok()
+function install_ok(session_info, credentials)
 {
 	var lp = loadparm_init();
 	var ldb = ldb_init();
-	ldb.credentials = credentials_cmdline();
+	ldb.session_info = session_info;
+	ldb.credentials = credentials;
 	if (lp.get("realm") == "") {
 		return false;
 	}
@@ -24,7 +25,7 @@ function install_ok()
 	if (!ok) {
 		return false;
 	}
-	var res = ldb.search("(name=Administrator)");
+	var res = ldb.search("(cn=Administrator)");
 	if (res.length != 1) {
 		return false;
 	}
@@ -175,28 +176,28 @@ function ldb_erase(ldb)
 /*
   setup a ldb in the private dir
  */
-function setup_ldb(ldif, session_info, credentials, dbname, subobj)
+function setup_ldb(ldif, info, dbname)
 {
 	var erase = true;
 	var extra = "";
 	var ldb = ldb_init();
 	var lp = loadparm_init();
-	ldb.session_info = session_info;
-	ldb.credentials = credentials;
+	ldb.session_info = info.session_info;
+	ldb.credentials = info.credentials;
 
-	if (arguments.length >= 6) {
-		extra = arguments[5];
+	if (arguments.length >= 4) {
+		extra = arguments[3];
 	}
 
-	if (arguments.length == 7) {
-	        erase = arguments[6];
+	if (arguments.length == 5) {
+	        erase = arguments[4];
         }
 
 	var src = lp.get("setup directory") + "/" + ldif;
 
 	var data = sys.file_load(src);
 	data = data + extra;
-	data = substitute_var(data, subobj);
+	data = substitute_var(data, info.subobj);
 
 	ldb.filename = dbname;
 
@@ -211,12 +212,12 @@ function setup_ldb(ldif, session_info, credentials, dbname, subobj)
 
 	var add_ok = ldb.add(data);
 	if (!add_ok) {
-		message("ldb load failed: " + ldb.errstring() + "\n");
+		info.message("ldb load failed: " + ldb.errstring() + "\n");
 		assert(add_ok);
 	}
 	var commit_ok = ldb.transaction_commit();
 	if (!commit_ok) {
-		message("ldb commit failed: " + ldb.errstring() + "\n");
+		info.message("ldb commit failed: " + ldb.errstring() + "\n");
 		assert(add_ok);
 	}
 }
@@ -265,6 +266,7 @@ function provision(subobj, message, blank, paths, session_info, credentials)
 	var data = "";
 	var lp = loadparm_init();
 	var sys = sys_init();
+	var info = new Object();
 
 	/*
 	  some options need to be upper/lower case
@@ -286,6 +288,11 @@ function provision(subobj, message, blank, paths, session_info, credentials)
 
 	provision_next_usn = 1;
 
+	info.subobj = subobj;
+	info.message = message;
+	info.credentials = credentials;
+	info.session_info = session_info;
+
 	/* only install a new smb.conf if there isn't one there already */
 	var st = sys.stat(paths.smbconf);
 	if (st == undefined) {
@@ -294,7 +301,7 @@ function provision(subobj, message, blank, paths, session_info, credentials)
 		lp.reload();
 	}
 	message("Setting up secrets.ldb\n");
-	setup_ldb("secrets.ldif", session_info, credentials, paths.secrets, subobj);
+	setup_ldb("secrets.ldif", info, paths.secrets);
 	message("Setting up DNS zone file\n");
 	setup_file("provision.zone", 
 		   paths.dns, 
@@ -303,20 +310,22 @@ function provision(subobj, message, blank, paths, session_info, credentials)
 	var keytab_ok = credentials_update_all_keytabs();
 	assert(keytab_ok);
 	message("Setting up hklm.ldb\n");
-	setup_ldb("hklm.ldif", session_info, credentials, paths.hklm, subobj);
+	setup_ldb("hklm.ldif", info, paths.hklm);
+
+
 	message("Setting up sam.ldb attributes\n");
-	setup_ldb("provision_init.ldif", session_info, credentials, paths.samdb, subobj);
+	setup_ldb("provision_init.ldif", info, paths.samdb);
 	message("Setting up sam.ldb schema\n");
-	setup_ldb("schema.ldif", session_info, credentials, paths.samdb, subobj, NULL, false);
+	setup_ldb("schema.ldif", info, paths.samdb, NULL, false);
 	message("Setting up display specifiers\n");
-	setup_ldb("display_specifiers.ldif", session_info, credentials, paths.samdb, subobj, NULL, false);
+	setup_ldb("display_specifiers.ldif", info, paths.samdb, NULL, false);
 	message("Setting up sam.ldb templates\n");
-	setup_ldb("provision_templates.ldif", session_info, credentials, paths.samdb, subobj, NULL, false);
+	setup_ldb("provision_templates.ldif", info, paths.samdb, NULL, false);
 	message("Setting up sam.ldb data\n");
-	setup_ldb("provision.ldif", session_info, credentials, paths.samdb, subobj, NULL, false);
+	setup_ldb("provision.ldif", info, paths.samdb, NULL, false);
 	if (blank == false) {
 		message("Setting up sam.ldb users and groups\n");
-		setup_ldb("provision_users.ldif", session_info, credentials, paths.samdb, subobj, data, false);
+		setup_ldb("provision_users.ldif", info, paths.samdb, data, false);
 	}
 }
 
diff --git a/swat/index.esp b/swat/index.esp
index c0bfbdec053..1924e402105 100644
--- a/swat/index.esp
+++ b/swat/index.esp
@@ -3,7 +3,7 @@
   libinclude("management.js");
   libinclude("provision.js");
 
-  if (install_ok() == false) {
+  if (install_ok(session.authinfo.session_info, session.authinfo.credentials) == false) {
 	  redirect("/install/");
   }
 
diff --git a/swat/install/newuser.esp b/swat/install/newuser.esp
index f6f60b85a9e..1b341ff6653 100644
--- a/swat/install/newuser.esp
+++ b/swat/install/newuser.esp
@@ -8,17 +8,14 @@
 <h1>Add a user</h1>
 
 <%
-var f = FormObj("newuser", 3, 2);
+var f = FormObj("newuser", 0, 2);
 var i;
 var rand = random_init();
 
-f.element[0].label = "User Name";
-f.element[0].name  = "USERNAME";
-f.element[1].label = "Unix Name";
-f.element[1].name  = "UNIXNAME";
-f.element[2].label = "Password";
-f.element[2].type  = "password";
-f.element[2].name  = "PASSWORD";
+f.add("USERNAME", "User Name");
+f.add("UNIXNAME", "Unix Name");
+f.add("PASSWORD", "Password", "password");
+f.add("CONFIRM", "Confirm Password", "password");
 f.submit[0] = "Add";
 f.submit[1] = "Cancel";
 
@@ -26,15 +23,24 @@ if (form['submit'] == "Cancel") {
 	redirect("/");
 }
 
+
 if (form['submit'] == "Add" && 
     form.USERNAME != undefined) {
-	if (form.UNIXNAME == undefined) {
-		form.UNIXNAME = form.USERNAME;
-	}
-	if (form.PASSWORD == undefined) {
-		form.PASSWORD = rand.randpass();
+	var goodpass = (form.CONFIRM == form.PASSWORD);
+
+	if (!goodpass) {
+		write("<h3>Passwords don't match.  Please try again.</h3>");
+		f.display();
+	} else {
+		if (form.UNIXNAME == undefined) {
+			form.UNIXNAME = form.USERNAME;
+		}
+		if (form.PASSWORD == undefined) {
+			form.PASSWORD = rand.randpass();
+		}
+		newuser(form.USERNAME, form.UNIXNAME, form.PASSWORD, writefln, 
+			session.authinfo.session_info, session.authinfo.credentials);
 	}
-	newuser(form.USERNAME, form.UNIXNAME, form.PASSWORD, writefln);
 } else {
 	f.display();
 }
diff --git a/swat/install/provision.esp b/swat/install/provision.esp
index 38983c96dc6..29fa6530de4 100644
--- a/swat/install/provision.esp
+++ b/swat/install/provision.esp
@@ -61,7 +61,8 @@ if (form['submit'] == "Provision") {
 	} else if (!provision_validate(subobj, writefln)) {
 		f.display();
 	} else {
-		provision(subobj, writefln, false, provision_default_paths(subobj), NULL, NULL);
+		provision(subobj, writefln, false, provision_default_paths(subobj),
+			  session.authinfo.session_info, session.authinfo.credentials);
 	}
 } else {
 	f.display();