- Running backup and restore tasks
- Monitoring Bacula services by getting status these services
- Bacula console available via web interface
+- Support for customized and restricted consoles (Console ACL functionality)
- Multiple Directors support
- Volumes managenment including labeling new volumes
- Basic storage daemon operations on volumes (mount, umount, release actions)
--- /dev/null
+Baculum - Bacula web interface
+
+Features description:
+
+=== Customized and restricted consoles ===
+
+Baculum supports customized and restricted consoles for each logged in user.
+
+Before using customized and restricted consoles please check location for
+bconsole configuration files for each user. For do it, there is need to run
+on Baculum webGUI configuration wizard and there is need to go to "Console"
+wizard step (fourth step).
+
+In "Console" wizard step there is field defined as:
+
+Bconsole custom config file path: __________________
+
+In this field there is required to define location for restricted consoles.
+In defined path exists one keyword {user}. It will be replaced into current
+logged in username.
+
+For example, if logged is user named "john", keyword {user} will be replaced
+into "john".
+
+
+Example:
+
+"Bconsole custom config file path" is defined as:
+
+/usr/local/bacula/etc/bconsole-{user}.conf
+
+After log in user "john" to Baculum webGUI, for each bconsole request will be
+used file:
+
+/usr/local/bacula/etc/bconsole-john.conf
+
+It makes available to define some specific console access (or restricted access)
+for each Baculum user.
+
+For user named "willy" in above configured path according bconsole configuration
+file will be:
+
+/usr/local/bacula/etc/bconsole-willy.conf
+
+etc...
+
+
+NOTE!
+
+In configuration wizard step "Console" there is also field:
+
+"Bconsole admin config file path:": ___________________
+
+Config file defined in this field will be used by administrator only. For this
+reason the best parctice is define here console configuration file that gives
+full access for administrator.
+
+Administrator user and password will be defined in next configuration wizard
+step named "Authorization" (fifth step).
+
+
+Baculum users are defined on web server level as described in instriction
+in attached to Baculum INSTALL file.
+
+Example:
+
+For creating users "john" and "willy" as Baculum HTTP Basic authorization users
+there is need to create this users for example by:
+
+# htpasswd /some/location/htpasswd/file john
+
+# htpasswd /some/location/htpasswd/file willy
+
+For case using other HTTP Basic authorization backends (for example LDAP) there
+is need to define these users in this specific service.
+
+
+Example of content custom consoles configuration file is below:
+
+Console {
+ Name = "BaculaRestrictedUser"
+ Password = "XXXXXXXXX"
+ CommandACL = show,.client,.jobs,.fileset,.pool,.storage,.jobs,.bvfs_update,
+.bvfs_lsdirs,.bvfs_lsfiles,.bvfs_versions,.bvfs_get_jobids,.bvfs_restore,restore
+ CatalogACL = *all*
+ ClientACL = user-fd
+ JobACL = somejob1,userjob
+ PoolACL = Full-Pool
+ StorageACL = VTL
+ FileSetACL = somejob1-fileset,userjobFileSet3
+ WhereACL = *all*
+}
+
+After defining these ACL there is also need to define the console access to
+Director service in Bacula Director configuration file as Console{} resource.
+
+
+NOTE!
+
+Please note that in above example in CommandACL are shown the most
+essential commands necessary for proper working of Baculum webGUI and
+possibility do to restore action (all .bvfs_* command and "restore"
+command)
+
+Below are the same necessary commands broke one per line:
+
+show
+.client
+.jobs
+.fileset
+.pool
+.storage
+.jobs
+.bvfs_update
+.bvfs_lsdirs
+.bvfs_lsfiles
+.bvfs_versions
+.bvfs_get_jobids
+.bvfs_restore
+restore
+
+
+Catalog Database restriction
+
+Because Baculum in few parts of interface uses data from Bacula Catalog Database,
+for each user who IS NOT administrator there has beed disabled EVERY write to
+Bacula Catalog database by Baculum webGUI. Modification Bacula Catalog Database
+tables is possible ONLY for Baculum administrator.
+
+Additionally because of Console ACL functionality does not support restriction
+on media/volumes level, access to media/volumes has been disabled for all users
+except administrator.
+
+
+Configuration wizard restriction
+
+For security reason there has been disabled access to Configuration Wizard
+function for all users except administrator.
const API_VERSION = '0.1';
+ protected $appCfg;
+
private $allowedErrors = array(
GenericError::ERROR_NO_ERRORS,
BconsoleError::ERROR_INVALID_COMMAND
}
private function getURL() {
- $cfg = $this->Application->getModule('configuration')->getApplicationConfig();
+ $this->appCfg = $this->Application->getModule('configuration')->getApplicationConfig();
$protocol = !empty($_SERVER['HTTPS']) ? 'https' : 'http';
$host = $_SERVER['SERVER_NAME'];
$port = $_SERVER['SERVER_PORT'];
- $url = sprintf('%s://%s:%s@%s:%d/', $protocol, $cfg['baculum']['login'], $cfg['baculum']['password'], $host, $port);
+ $url = sprintf('%s://%s:%s@%s:%d/', $protocol, $this->appCfg['baculum']['login'], $this->appCfg['baculum']['password'], $host, $port);
return $url;
}
- private function setDirectorToUrl(&$url) {
+ private function setParamsToUrl(&$url) {
$url .= (preg_match('/\?/', $url) === 1 ? '&' : '?' ) . 'director=' . ((array_key_exists('director', $_SESSION)) ? $_SESSION['director'] : '');
+ /**
+ * If user is not equal admin user then it is added to URL,
+ * then will be used custom console for this user.
+ */
+ if($this->User->getIsAdmin() === false) {
+ $url .= '&user=' . $this->User->getName();
+ }
$this->Application->getModule('logging')->log(__FUNCTION__, PHP_EOL . PHP_EOL . 'EXECUTE URL ==> ' . $url . ' <==' . PHP_EOL . PHP_EOL, Logging::CATEGORY_APPLICATION, __FILE__, __LINE__);
}
public function get(array $params) {
$url = $this->getURL() . implode('/', $params);
- $this->setDirectorToUrl($url);
+ $this->setParamsToUrl($url);
$ch = $this->getConnection();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPHEADER, array($this->getAPIHeader(), 'Accept: application/json'));
public function set(array $params, array $options) {
$url = $this->getURL() . implode('/', $params);
- $this->setDirectorToUrl($url);
+ $this->setParamsToUrl($url);
$data = http_build_query(array('update' => $options));
$ch = $this->getConnection();
curl_setopt($ch, CURLOPT_URL, $url);
public function create(array $params, array $options) {
$url = $this->getURL() . implode('/', $params);
- $this->setDirectorToUrl($url);
+ $this->setParamsToUrl($url);
$data = http_build_query(array('create' => $options));
$ch = $this->getConnection();
curl_setopt($ch, CURLOPT_URL, $url);
public function remove(array $params) {
$url = $this->getURL() . implode('/', $params);
- $this->setDirectorToUrl($url);
+ $this->setParamsToUrl($url);
$ch = $this->getConnection();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'DELETE');
protected $director;
+ protected $user;
+
/**
* Actions methods.
*/
public function onInit($params) {
parent::onInit($params);
$this->director = isset($this->Request['director']) ? $this->Request['director'] : null;
+ $this->user = isset($this->Request['user']) ? $this->Request['user'] : null;
+ if(is_null($this->user) && $this->Application->getModule('configuration')->isApplicationConfig() === true) {
+ $appConfig = ConfigurationManager::getApplicationConfig();
+ // @TOFIX: Baculum API layer should not use $_SERVER variables.
+ $this->user = isset($_SERVER['PHP_AUTH_USER']) && $_SERVER['PHP_AUTH_USER'] != $appConfig['baculum']['login'] ? $_SERVER['PHP_AUTH_USER'] : null;
+ }
+
switch($_SERVER['REQUEST_METHOD']) {
case self::PUT_METHOD: {
try {
class BaculumPage extends TPage
{
+
public function onPreInit($param) {
parent::onPreInit($param);
$configuration = $this->getModule('configuration');
--- /dev/null
+<?php
+/**
+ * Bacula® - The Network Backup Solution
+ * Baculum - Bacula web interface
+ *
+ * Copyright (C) 2013-2014 Marcin Haba
+ *
+ * The main author of Baculum is Marcin Haba.
+ * The main author of Bacula is Kern Sibbald, with contributions from many
+ * others, a complete list can be found in the file AUTHORS.
+ *
+ * You may use this file and others of this release according to the
+ * license defined in the LICENSE file, which includes the Affero General
+ * Public License, v3.0 ("AGPLv3") and some additional permissions and
+ * terms pursuant to its AGPLv3 Section 7.
+ *
+ * Bacula® is a registered trademark of Kern Sibbald.
+ */
+
+Prado::using('System.Security.TUser');
+
+class BaculumUser extends TUser {
+
+ private $_id;
+
+ public function getID() {
+ return $this->_id;
+ }
+
+ public function setID($id) {
+ $this->_id = $id;
+ }
+
+ public function getIsAdmin() {
+ return $this->isInRole('admin');
+ }
+}
+?>
\ No newline at end of file
--- /dev/null
+<?php
+/**
+ * Bacula® - The Network Backup Solution
+ * Baculum - Bacula web interface
+ *
+ * Copyright (C) 2013-2014 Marcin Haba
+ *
+ * The main author of Baculum is Marcin Haba.
+ * The main author of Bacula is Kern Sibbald, with contributions from many
+ * others, a complete list can be found in the file AUTHORS.
+ *
+ * You may use this file and others of this release according to the
+ * license defined in the LICENSE file, which includes the Affero General
+ * Public License, v3.0 ("AGPLv3") and some additional permissions and
+ * terms pursuant to its AGPLv3 Section 7.
+ *
+ * Bacula® is a registered trademark of Kern Sibbald.
+ */
+
+Prado::using('System.Security.IUserManager');
+Prado::using('Application.Class.BaculumUser');
+
+class BaculumUsersManager extends TModule implements IUserManager {
+
+ private $config;
+
+ public function init($config) {
+ $this->config = $this->Application->getModule('configuration')->isApplicationConfig() ? $this->Application->getModule('configuration')->getApplicationConfig() : null;
+ }
+
+ public function getGuestName() {
+ return 'guest';
+ }
+
+ public function validateUser($username, $password) {
+ return !empty($username);
+ }
+
+ public function getUser($username = null) {
+ $user = new BaculumUser($this);
+ $id = sha1(time());
+ $user->setID($id);
+ $user->setName($_SERVER['PHP_AUTH_USER']);
+ $user->setIsGuest(false);
+ if($this->config['baculum']['login'] == $_SERVER['PHP_AUTH_USER'] || is_null($this->config)) {
+ $user->setRoles('admin');
+ } else {
+ $user->setRoles('user');
+ }
+ return $user;
+ }
+
+ public function getUserFromCookie($cookie) {
+ return;
+ }
+
+ public function saveUserToCookie($cookie) {
+ return;
+ }
+}
+?>
\ No newline at end of file
const BCONSOLE_DIRECTORS_PATTERN = "%s%s -c %s -l";
- private $availableCommands = array('version', 'status', 'list', 'messages', 'show', 'mount', 'umount', 'release', 'prune', 'purge', 'update', 'estimate', 'run', '.bvfs_update', '.bvfs_lsdirs', '.bvfs_lsfiles', '.bvfs_versions', '.bvfs_get_jobids', '.bvfs_restore', '.bvfs_clear_cache', 'restore', 'cancel', 'delete', '.jobs', 'label', 'reload', '.fileset', '.storage');
+ const BCONSOLE_CFG_USER_KEYWORD = '{user}';
+
+ private $availableCommands = array('version', 'status', 'list', 'messages', 'show', 'mount', 'umount', 'release', 'prune', 'purge', 'update', 'estimate', 'run', '.bvfs_update', '.bvfs_lsdirs', '.bvfs_lsfiles', '.bvfs_versions', '.bvfs_get_jobids', '.bvfs_restore', '.bvfs_clear_cache', 'restore', 'cancel', 'delete', '.jobs', 'label', 'reload', '.fileset', '.storage', '.client', '.pool');
private $useSudo = false;
private $bconsoleCfgPath;
+ private $bconsoleCfgCustomPath;
+
public function init($config) {
if($this->Application->getModule('configuration')->isApplicationConfig() === true) {
$params = ConfigurationManager::getApplicationConfig();
$useSudo = ((integer)$params['bconsole']['use_sudo'] === 1);
$bconsoleCmdPath = $params['bconsole']['bin_path'];
$bconsoleCfgPath = $params['bconsole']['cfg_path'];
- $this->setEnvironmentParams($bconsoleCmdPath, $bconsoleCfgPath, $useSudo);
+ $bconsoleCfgCustomPath = array_key_exists('cfg_custom_path', $params['bconsole']) ? $params['bconsole']['cfg_custom_path'] : null;
+ $this->setEnvironmentParams($bconsoleCmdPath, $bconsoleCfgPath, $bconsoleCfgCustomPath, $useSudo);
}
}
- private function setEnvironmentParams($bconsoleCmdPath, $bconsoleCfgPath, $useSudo) {
+ private function setEnvironmentParams($bconsoleCmdPath, $bconsoleCfgPath, $bconsoleCfgCustomPath, $useSudo) {
$this->bconsoleCmdPath = $bconsoleCmdPath;
$this->bconsoleCfgPath = $bconsoleCfgPath;
+ $this->bconsoleCfgCustomPath = $bconsoleCfgCustomPath;
$this->useSudo = $useSudo;
}
return (object)array('output' => $output, 'exitcode' => $exitcode);
}
- public function bconsoleCommand($director, array $command) {
+ public function bconsoleCommand($director, array $command, $user = null) {
$baseCommand = count($command) > 0 ? $command[0] : null;
if($this->isCommandValid($baseCommand) === true) {
- $result = $this->execCommand($director, $command);
+ $result = $this->execCommand($director, $command, $user);
} else {
$result = $this->prepareResult(array(BconsoleError::MSG_ERROR_INVALID_COMMAND, ''), BconsoleError::ERROR_INVALID_COMMAND, ' ');
}
return $result;
}
- private function execCommand($director, array $command) {
+ private function execCommand($director, array $command, $user) {
if(!is_null($director) && $this->isValidDirector($director) === false) {
$output = array(BconsoleError::MSG_ERROR_INVALID_DIRECTOR, '');
$exitcode = BconsoleError::ERROR_INVALID_DIRECTOR;
$dir = is_null($director) ? '': '-D ' . $director;
$sudo = ($this->useSudo === true) ? self::SUDO . ' ' : '';
$bconsoleCommand = implode(' ', $command);
+ if(!is_null($this->bconsoleCfgCustomPath) && !is_null($user)) {
+ $this->bconsoleCfgPath = str_replace(self::BCONSOLE_CFG_USER_KEYWORD, $user, $this->bconsoleCfgCustomPath);
+ }
$cmd = sprintf(self::BCONSOLE_COMMAND_PATTERN, $sudo, $this->bconsoleCmdPath, $this->bconsoleCfgPath, $dir, $bconsoleCommand);
exec($cmd, $output, $exitcode);
if($exitcode != 0) {
}
public function testBconsoleCommand(array $command, $bconsoleCmdPath, $bconsoleCfgPath, $useSudo) {
- $this->setEnvironmentParams($bconsoleCmdPath, $bconsoleCfgPath, $useSudo);
+ $this->setEnvironmentParams($bconsoleCmdPath, $bconsoleCfgPath, $useSudo, null);
$director = array_shift($this->getDirectors()->output);
return $this->bconsoleCommand($director, $command);
}
msgid ""
msgstr ""
-"PO-Revision-Date: 2014-03-08 19:45+0100\n"
+"PO-Revision-Date: 2014-04-26 21:10:10\n"
"Project-Id-Version: \n"
"POT-Creation-Date: \n"
-"Last-Translator: Marcin Haba <marcin.haba@bacula.pl>\n"
+"Last-Translator: Marcin Haba <redakcja@bacula.pl>\n"
"Language-Team: \n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=iso-8859-1\n"
msgid "Please enter bconsole path."
msgstr "Please enter bconsole path."
-msgid "Bconsole config file path:"
-msgstr "Bconsole config file path:"
-
msgid "Please enter bconsole config file path."
msgstr "Please enter bconsole config file path."
msgid "Files"
msgstr "Files"
-msgid ""
-"For see a file versions please double click file on the left files browser."
-msgstr ""
-"For see a file versions please double click file on the left files browser."
+msgid "For see a file versions please double click file on the left files browser."
+msgstr "For see a file versions please double click file on the left files browser."
-msgid ""
-"For add a file to restore please drag a file from frame on left or from "
-"above frame and drop it here"
-msgstr ""
-"For add a file to restore please drag a file from frame on left or from "
-"above frame and drop it here"
+msgid "For add a file to restore please drag a file from frame on left or from above frame and drop it here"
+msgstr "For add a file to restore please drag a file from frame on left or from above frame and drop it here"
-msgid ""
-"It seems that there is no files for choosing or file records in database for "
-"this job has been purged (file retention period expired)"
-msgstr ""
-"It seems that there is no files for choosing or file records in database for "
-"this job has been purged (file retention period expired)"
+msgid "It seems that there is no files for choosing or file records in database for this job has been purged (file retention period expired)"
+msgstr "It seems that there is no files for choosing or file records in database for this job has been purged (file retention period expired)"
msgid "Group most recent backups"
msgstr "Group most recent backups"
msgid "Cancel"
msgstr "Cancel"
-msgid ""
-"There is no backup for restore. Please go to previous step and select "
-"another client for restore or proceed backups for the client selected in "
-"previous step."
-msgstr ""
-"There is no backup for restore. Please go to previous step and select "
-"another client for restore or proceed backups for the client selected in "
-"previous step."
+msgid "There is no backup for restore. Please go to previous step and select another client for restore or proceed backups for the client selected in previous step."
+msgstr "There is no backup for restore. Please go to previous step and select another client for restore or proceed backups for the client selected in previous step."
msgid "Database file path (SQLite only):"
msgstr "Database file path (SQLite only):"
msgid "Please check if Catalog database service is running."
msgstr "Please check if Catalog database service is running."
-msgid ""
-"Please check if Web Server user is allowed for connection to Catalog "
-"database."
-msgstr ""
-"Please check if Web Server user is allowed for connection to Catalog "
-"database."
+msgid "Please check if Web Server user is allowed for connection to Catalog database."
+msgstr "Please check if Web Server user is allowed for connection to Catalog database."
msgid "Please re-run"
msgstr "Please re-run"
msgid "Please check if Bacula Director service is running."
msgstr "Please check if Bacula Director service is running."
-msgid ""
-"Please check in shell console if bconsole program is able to connect to "
-"Bacula Director service."
-msgstr ""
-"Please check in shell console if bconsole program is able to connect to "
-"Bacula Director service."
+msgid "Please check in shell console if bconsole program is able to connect to Bacula Director service."
+msgstr "Please check in shell console if bconsole program is able to connect to Bacula Director service."
-msgid ""
-"Please be sure if Web Server user is allowed for executing bconsole program."
-msgstr ""
-"Please be sure if Web Server user is allowed for executing bconsole program."
+msgid "Please be sure if Web Server user is allowed for executing bconsole program."
+msgstr "Please be sure if Web Server user is allowed for executing bconsole program."
-msgid ""
-"You can login to shell console as Web Server user and try to run bconsole "
-"program."
-msgstr ""
-"You can login to shell console as Web Server user and try to run bconsole "
-"program."
+msgid "You can login to shell console as Web Server user and try to run bconsole program."
+msgstr "You can login to shell console as Web Server user and try to run bconsole program."
msgid "internal Baculum error."
msgstr "internal Baculum error."
msgid "TRY AGAIN"
msgstr "TRY AGAIN"
-msgid ""
-"Above administration login and administration password should be the same as "
-"login params defined in Web Server authorization file. They are HTTP Basic "
-"authorization params by using which you have logged in to this wizard."
-msgstr ""
-"Above administration login and administration password should be the same as "
-"login params defined in Web Server authorization file. They are HTTP Basic "
-"authorization params by using which you have logged in to this wizard."
+msgid "Above administration login and administration password should be the same as login params defined in Web Server authorization file. They are HTTP Basic authorization params by using which you have logged in to this wizard."
+msgstr "Above administration login and administration password should be the same as login params defined in Web Server authorization file. They are HTTP Basic authorization params by using which you have logged in to this wizard."
msgid "authorization to Baculum error."
msgstr "authorization to Baculum error."
msgid "Please check Web Server authorization file if it is correct."
msgstr "Please check Web Server authorization file if it is correct."
-msgid ""
-"and retype authorization login and authorization password for that is used "
-"to login to"
-msgstr ""
-"and retype authorization login and authorization password for that is used "
-"to login to"
+msgid "and retype authorization login and authorization password for that is used to login to"
+msgstr "and retype authorization login and authorization password for that is used to login to"
-msgid ""
-"Please check Web Server authorization file if it is defined and it is "
-"correct."
-msgstr ""
-"Please check Web Server authorization file if it is defined and it is "
-"correct."
+msgid "Please check Web Server authorization file if it is defined and it is correct."
+msgstr "Please check Web Server authorization file if it is defined and it is correct."
-msgid ""
-"Please be sure if Web Server authorization is enabled (for Apache it is "
-"option 'AllowOverride All') and if the authorization works properly."
-msgstr ""
-"Please be sure if Web Server authorization is enabled (for Apache it is "
-"option 'AllowOverride All') and if the authorization works properly."
+msgid "Please be sure if Web Server authorization is enabled (for Apache it is option 'AllowOverride All') and if the authorization works properly."
+msgstr "Please be sure if Web Server authorization is enabled (for Apache it is option 'AllowOverride All') and if the authorization works properly."
-msgid ""
-"please retype authorization login and authorization password to according "
-"Web Server authorization values."
-msgstr ""
-"please retype authorization login and authorization password to according "
-"Web Server authorization values."
+msgid "please retype authorization login and authorization password to according Web Server authorization values."
+msgstr "please retype authorization login and authorization password to according Web Server authorization values."
msgid "Enable logging"
msgstr "Enable logging"
msgid "clear bvfs cache"
msgstr "clear bvfs cache"
-msgid ""
-"Output for selected job is not available yet or you do not have enabled "
-"logging job logs to catalog database.\n"
+msgid "Output for selected job is not available yet or you do not have enabled logging job logs to catalog database.\n"
"\n"
-"For watching job log there is need to add to the job Messages resource next "
-"directive:\n"
+"For watching job log there is need to add to the job Messages resource next directive:\n"
"\n"
"console = all, !skipped, !saved\n"
-msgstr ""
-"Output for selected job is not available yet or you do not have enabled "
-"logging job logs to catalog database.\n"
+""
+msgstr "Output for selected job is not available yet or you do not have enabled logging job logs to catalog database.\n"
"\n"
-"For watching job log there is need to add to the job Messages resource next "
-"directive:\n"
+"For watching job log there is need to add to the job Messages resource next directive:\n"
"\n"
"console = all, !skipped, !saved\n"
+""
+
+msgid "Bconsole admin config file path:"
+msgstr "Bconsole admin config file path:"
+
+msgid "Bconsole custom config file path:"
+msgstr "Bconsole custom config file path:"
+
+msgid "Please enter bconsole custom config file path."
+msgstr "Please enter bconsole custom config file path."
+
+msgid "For need defining more Baculum users with custom access or restricted console access (Bconsole ACLs) here is possible to determine custom bconsole configuration file format for each user."
+msgstr "For need defining more Baculum users with custom access or restricted console access (Bconsole ACLs) here is possible to determine custom bconsole configuration file format for each user."
+
+msgid "If there is used only one Baculum user then below field value will be ignored"
+msgstr "If there is used only one Baculum user then below field value will be ignored"
+
+msgid "{user} keyword will be replaced for each logged user into according username."
+msgstr "{user} keyword will be replaced for each logged user into according username."
+
+msgid "If there is used only one Baculum user then below field value will be ignored."
+msgstr "If there is used only one Baculum user then below field value will be ignored."
+
msgid "Please enter bconsole path."
msgstr "Proszę wprowadzić lokalizację bconsole."
-msgid "Bconsole config file path:"
-msgstr "Lokalizacja konfiguracji:"
-
msgid "Please enter bconsole config file path."
msgstr "Proszę wprowadzić położenie pliku .conf."
$job = $this->getModule('job')->getJobById($jobid);
if(!is_null($job)) {
$cmd = array('.bvfs_get_jobids', 'jobid="' . $job->jobid . '"');
- $result = $this->getModule('bconsole')->bconsoleCommand($this->director, $cmd);
+ $result = $this->getModule('bconsole')->bconsoleCommand($this->director, $cmd, $this->user);
$this->output = $result->output;
$this->error = (integer)$result->exitcode;
} else {
public function get() {}
public function set($ids, $params) {
- $result = $this->getModule('bconsole')->bconsoleCommand($this->director, array('.bvfs_clear_cache', 'yes'));
+ $result = $this->getModule('bconsole')->bconsoleCommand($this->director, array('.bvfs_clear_cache', 'yes'), $this->user);
$this->output = $result->output;
$this->error = (integer)$result->exitcode;
}
$job = $this->getModule('job')->getJobById($jobid);
if(!is_null($job)) {
$cmd = array('.bvfs_get_jobids', 'jobid="' . $job->jobid . '"');
- $result = $this->getModule('bconsole')->bconsoleCommand($this->director, $cmd);
+ $result = $this->getModule('bconsole')->bconsoleCommand($this->director, $cmd, $this->user);
$this->output = $result->output;
$this->error = (integer)$result->exitcode;
} else {
if($limit > 0) {
array_push($cmd, 'limit="' . $limit . '"');
}
- $result = $this->getModule('bconsole')->bconsoleCommand($this->director, $cmd);
+ $result = $this->getModule('bconsole')->bconsoleCommand($this->director, $cmd, $this->user);
$this->output = $result->output;
$this->error = (integer)$result->exitcode;
} else {
if($limit > 0) {
array_push($cmd, 'limit="' . $limit . '"');
}
- $result = $this->getModule('bconsole')->bconsoleCommand($this->director, $cmd);
+ $result = $this->getModule('bconsole')->bconsoleCommand($this->director, $cmd, $this->user);
$this->output = $result->output;
$this->error = (integer)$result->exitcode;
} else {
array_push($cmd, 'dirid="' . $dirids . '"');
}
- $result = $this->getModule('bconsole')->bconsoleCommand($this->director, $cmd);
+ $result = $this->getModule('bconsole')->bconsoleCommand($this->director, $cmd, $this->user);
$this->output = $result->output;
$this->error = (integer)$result->exitcode;
} else {
}
if($isValid === true) {
- $result = $this->getModule('bconsole')->bconsoleCommand($this->director, array('.bvfs_update', 'jobid="' . $ids . '"'));
+ $result = $this->getModule('bconsole')->bconsoleCommand($this->director, array('.bvfs_update', 'jobid="' . $ids . '"'), $this->user);
$this->output = $result->output;
$this->error = (integer)$result->exitcode;
} else {
$job = $this->getModule('job')->getJobById($jobid);
if(!is_null($job)) {
$cmd = array('.bvfs_versions', 'client="' . $client . '"', 'jobid="' . $job->jobid . '"', 'pathid="' . $pathid . '"', 'fnid="' . $filenameid . '"');
- $result = $this->getModule('bconsole')->bconsoleCommand($this->director, $cmd);
+ $result = $this->getModule('bconsole')->bconsoleCommand($this->director, $cmd, $this->user);
$this->output = $result->output;
$this->error = (integer)$result->exitcode;
} else {
}
public function set($id, $params) {
- $result = $this->getModule('client')->setClient($id, $params);
+ $result = ($this->user === null) ? $this->getModule('client')->setClient($id, $params) : true;
if($result === true) {
$this->output = null;
$this->error = ClientError::ERROR_NO_ERRORS;
$clientid = intval($this->Request['id']);
$client = $this->getModule('client')->getClientById($clientid);
if(!is_null($client)) {
- $clientShow = $this->getModule('bconsole')->bconsoleCommand($this->director, array('show', 'client="' . $client->name . '"'));
+ $clientShow = $this->getModule('bconsole')->bconsoleCommand($this->director, array('show', 'client="' . $client->name . '"'), $this->user);
$this->output = $clientShow->output;
$this->error = (integer)$clientShow->exitcode;
} else {
$clientid = intval($this->Request['id']);
$client = $this->getModule('client')->getClientById($clientid);
if(!is_null($client)) {
- $clientStatus = $this->getModule('bconsole')->bconsoleCommand($this->director, array('status', 'client="' . $client->name . '"'));
+ $clientStatus = $this->getModule('bconsole')->bconsoleCommand($this->director, array('status', 'client="' . $client->name . '"'), $this->user);
$this->output = $clientStatus->output;
$this->error = (integer)$clientStatus->exitcode;
} else {
public function get() {
$limit = intval($this->Request['limit']);
$clients = $this->getModule('client')->getClients($limit);
- $this->output = $clients;
+ $allowedClients = $this->getModule('bconsole')->bconsoleCommand($this->director, array('.client'), $this->user)->output;
+ $clientsOutput = array();
+ foreach($clients as $client) {
+ if(in_array($client->name, $allowedClients)) {
+ $clientsOutput[] = $client;
+ }
+ }
+ $this->output = $clientsOutput;
$this->error = ClientError::ERROR_NO_ERRORS;
}
}
class ClientsShow extends BaculumAPI {
public function get() {
- $clients = $this->getModule('bconsole')->bconsoleCommand($this->director, array('show', 'clients'));
+ $clients = $this->getModule('bconsole')->bconsoleCommand($this->director, array('show', 'clients'), $this->user);
$this->output = $clients->output;
$this->error = (integer)$clients->exitcode;
}
public function set($id, $params) {
$params = (array)$params;
- $console = $this->getModule('bconsole')->bconsoleCommand($this->director, $params);
+ $console = $this->getModule('bconsole')->bconsoleCommand($this->director, $params, $this->user);
$this->output = $console->output;
$this->error = (integer)$console->exitcode;
}
if($directors->exitcode === 0) {
$filesets = array();
for($i = 0; $i < count($directors->output); $i++) {
- $filesetsshow = $this->getModule('bconsole')->bconsoleCommand($directors->output[$i], array('show', 'fileset'))->output;
+ $filesetsshow = $this->getModule('bconsole')->bconsoleCommand($directors->output[$i], array('show', 'fileset'), $this->user)->output;
$filesets[$directors->output[$i]] = array();
for($j = 0; $j < count($filesetsshow); $j++) {
$jobid = intval($id);
$job = $this->getModule('job')->getJobById($jobid);
if(!is_null($job)) {
- $delete = $this->getModule('bconsole')->bconsoleCommand($this->director, array('delete', 'jobid="' . $job->jobid . '"'));
+ $delete = $this->getModule('bconsole')->bconsoleCommand($this->director, array('delete', 'jobid="' . $job->jobid . '"'), $this->user);
$this->output = $delete->output;
$this->error = (integer)$delete->exitcode;
} else {
$job = $this->getModule('job')->getJobById($jobid);
if(!is_null($job)) {
- $cancel = $this->getModule('bconsole')->bconsoleCommand($this->director, array('cancel', 'jobid="' . $job->jobid . '"'));
+ $cancel = $this->getModule('bconsole')->bconsoleCommand($this->director, array('cancel', 'jobid="' . $job->jobid . '"'), $this->user);
$this->output = $cancel->output;
$this->error = (integer)$cancel->exitcode;
} else {
if(!is_null($fileset)) {
if(!is_null($client)) {
$joblevels = $this->getModule('misc')->getJobLevels();
- $estimation = $this->getModule('bconsole')->bconsoleCommand($this->director, array('estimate', 'job="' . $job . '"', 'level="' . $joblevels[$level] . '"', 'fileset="' . $fileset. '"', 'client="' . $client->name . '"', 'accurate="' . $accurate . '"'));
+ $estimation = $this->getModule('bconsole')->bconsoleCommand($this->director, array('estimate', 'job="' . $job . '"', 'level="' . $joblevels[$level] . '"', 'fileset="' . $fileset. '"', 'client="' . $client->name . '"', 'accurate="' . $accurate . '"'), $this->user);
$this->output = $estimation->output;
$this->error = (integer)$estimation->exitcode;
} else {
if(!is_null($storage)) {
if(!is_null($pool)) {
$joblevels = $this->getModule('misc')->getJobLevels();
- $run = $this->getModule('bconsole')->bconsoleCommand($this->director, array('run', 'job="' . $job . '"', 'level="' . $joblevels[$level] . '"', 'fileset="' . $fileset . '"', 'client="' . $client->name . '"', 'storage="' . $storage->name . '"', 'pool="' . $pool->name . '"' , 'priority="' . $priority . '"', 'yes'));
+ $run = $this->getModule('bconsole')->bconsoleCommand($this->director, array('run', 'job="' . $job . '"', 'level="' . $joblevels[$level] . '"', 'fileset="' . $fileset . '"', 'client="' . $client->name . '"', 'storage="' . $storage->name . '"', 'pool="' . $pool->name . '"' , 'priority="' . $priority . '"', 'yes'), $this->user);
$this->output = $run->output;
$this->error = (integer)$run->exitcode;
} else {
if($directors->exitcode === 0) {
$jobs = array();
for($i = 0; $i < count($directors->output); $i++) {
- $jobsList = $this->getModule('bconsole')->bconsoleCommand($directors->output[$i], array('.jobs'))->output;
- $jobsshow = $this->getModule('bconsole')->bconsoleCommand($directors->output[$i], array('show', 'jobs'))->output;
+ $jobsList = $this->getModule('bconsole')->bconsoleCommand($directors->output[$i], array('.jobs'), $this->user)->output;
+ $jobsshow = $this->getModule('bconsole')->bconsoleCommand($directors->output[$i], array('show', 'jobs'), $this->user)->output;
$jobs[$directors->output[$i]] = array();
for($j = 0; $j < count($jobsList); $j++) {
/**
public function get() {
$limit = intval($this->Request['limit']);
$jobs = $this->getModule('job')->getJobs($limit);
- $this->output = $jobs;
+ $allowedJobs = $this->getModule('bconsole')->bconsoleCommand($this->director, array('.jobs'), $this->user)->output;
+ $jobsOutput = array();
+ foreach($jobs as $job) {
+ if(in_array($job->name, $allowedJobs)) {
+ $jobsOutput[] = $job;
+ }
+ }
+ $this->output = $jobsOutput;
$this->error = JobError::ERROR_NO_ERRORS;
}
}
}
public function set($id, $params) {
- $result = $this->getModule('pool')->setPool($id, $params);
+ $result = ($this->user === null) ? $this->getModule('pool')->setPool($id, $params) : true;
if($result === true) {
$this->output = null;
$this->error = PoolError::ERROR_NO_ERRORS;
$poolid = intval($this->Request['id']);
$pool = $this->getModule('pool')->getPoolById($poolid);
if(!is_null($pool)) {
- $poolShow = $this->getModule('bconsole')->bconsoleCommand($this->director, array('show', 'pool="' . $pool->name . '"'));
+ $poolShow = $this->getModule('bconsole')->bconsoleCommand($this->director, array('show', 'pool="' . $pool->name . '"'), $this->user);
$this->output = $poolShow->output;
$this->error = (integer)$poolShow->exitcode;
} else {
public function set($id, $params) {
$pool = $this->getModule('pool')->getPoolById($id);
if(!is_null($pool)) {
- $poolUpdate = $this->getModule('bconsole')->bconsoleCommand($this->director, array('update', 'pool="' . $pool->name . '"'));
+ $poolUpdate = $this->getModule('bconsole')->bconsoleCommand($this->director, array('update', 'pool="' . $pool->name . '"'), $this->user);
$this->output = $poolUpdate->output;
$this->error = (integer)$poolUpdate->exitcode;
} else {
if(!is_null($pool)) {
$voldata = $this->getModule('volume')->getVolumesByPoolId($pool->poolid);
if(!is_null($voldata)) {
- $poolUpdateVolumes = $this->getModule('bconsole')->bconsoleCommand($this->director, array('update', 'volume="' . $voldata->volumename . '"', 'allfrompool="' . $pool->name . '"'));
+ $poolUpdateVolumes = $this->getModule('bconsole')->bconsoleCommand($this->director, array('update', 'volume="' . $voldata->volumename . '"', 'allfrompool="' . $pool->name . '"'), $this->user);
$this->output = $poolUpdateVolumes->output;
$this->error = (integer)$poolUpdateVolumes->exitcode;
} else {
public function get() {
$limit = intval($this->Request['limit']);
$pools = $this->getModule('pool')->getPools($limit);
- $this->output = $pools;
+ $allowedPools = $this->getModule('bconsole')->bconsoleCommand($this->director, array('.pool'), $this->user)->output;
+ $poolsOutput = array();
+ foreach($pools as $pool) {
+ if(in_array($pool->name, $allowedPools)) {
+ $poolsOutput[] = $pool;
+ }
+ }
+ $this->output = $poolsOutput;
$this->error = PoolError::ERROR_NO_ERRORS;
}
}
class PoolsShow extends BaculumAPI {
public function get() {
- $pools = $this->getModule('bconsole')->bconsoleCommand($this->director, array('show', 'pools'));
+ $pools = $this->getModule('bconsole')->bconsoleCommand($this->director, array('show', 'pools'), $this->user);
$this->output = $pools->output;
$this->error = (integer)$pools->exitcode;
}
if(preg_match('/^b2[\d]+$/', $rfile) === 1) {
if(!is_null($where)) {
if(!is_null($replace)) {
- $restore = $this->getModule('bconsole')->bconsoleCommand($this->director, array('restore', 'file="?' . $rfile . '"', 'client="' . $client->name . '"', 'where="' . $where . '"', 'replace="' . $replace . '"', 'fileset="' . $fileset . '"', 'priority="' . $priority . '"', 'yes'));
+ $restore = $this->getModule('bconsole')->bconsoleCommand($this->director, array('restore', 'file="?' . $rfile . '"', 'client="' . $client->name . '"', 'where="' . $where . '"', 'replace="' . $replace . '"', 'fileset="' . $fileset . '"', 'priority="' . $priority . '"', 'yes'), $this->user);
$this->output = $restore->output;
$this->error = (integer)$restore->exitcode;
} else {
$slot = intval($this->Request['slot']);
$storage = $this->getModule('storage')->getStorageById($storageid);
if(!is_null($storage)) {
- $storageMount = $this->getModule('bconsole')->bconsoleCommand($this->director, array('mount', 'storage="' . $storage->name . '"', 'drive=' . $drive, 'slot=' . $slot));
+ $storageMount = $this->getModule('bconsole')->bconsoleCommand($this->director, array('mount', 'storage="' . $storage->name . '"', 'drive=' . $drive, 'slot=' . $slot), $this->user);
$this->output = $storageMount->output;
$this->error = (integer)$storageMount->exitcode;
} else {
$storageid = intval($this->Request['id']);
$storage = $this->getModule('storage')->getStorageById($storageid);
if(!is_null($storage)) {
- $storageRelease = $this->getModule('bconsole')->bconsoleCommand($this->director, array('release', 'storage="' . $storage->name . '"'));
+ $storageRelease = $this->getModule('bconsole')->bconsoleCommand($this->director, array('release', 'storage="' . $storage->name . '"'), $this->user);
$this->output = $storageRelease->output;
$this->error = (integer)$storageRelease->exitcode;
} else {
$storageid = intval($this->Request['id']);
$storage = $this->getModule('storage')->getStorageById($storageid);
if(!is_null($storage)) {
- $storageShow = $this->getModule('bconsole')->bconsoleCommand($this->director, array('show', 'storage="' . $storage->name . '"'));
+ $storageShow = $this->getModule('bconsole')->bconsoleCommand($this->director, array('show', 'storage="' . $storage->name . '"'), $this->user);
$this->output = $storageShow->output;
$this->error = (integer)$storageShow->exitcode;
} else {
$storageid = intval($this->Request['id']);
$storage = $this->getModule('storage')->getStorageById($storageid);
if(!is_null($storage)) {
- $storageStatus = $this->getModule('bconsole')->bconsoleCommand($this->director, array('status', 'storage="' . $storage->name . '"'));
+ $storageStatus = $this->getModule('bconsole')->bconsoleCommand($this->director, array('status', 'storage="' . $storage->name . '"'), $this->user);
$this->output = $storageStatus->output;
$this->error = (integer)$storageStatus->exitcode;
} else {
$drive = intval($this->Request['drive']);
$storage = $this->getModule('storage')->getStorageById($storageid);
if(!is_null($storage)) {
- $storageUmount = $this->getModule('bconsole')->bconsoleCommand($this->director, array('umount', 'storage="' . $storage->name . '"', 'drive=' . $drive));
+ $storageUmount = $this->getModule('bconsole')->bconsoleCommand($this->director, array('umount', 'storage="' . $storage->name . '"', 'drive=' . $drive), $this->user);
$this->output = $storageUmount->output;
$this->error = (integer)$storageUmount->exitcode;
} else {
public function get() {
$limit = intval($this->Request['limit']);
$storages = $this->getModule('storage')->getStorages($limit);
- $this->output = $storages;
+ $allowedStorages = $this->getModule('bconsole')->bconsoleCommand($this->director, array('.storage'), $this->user)->output;
+ $storagesOutput = array();
+ foreach($storages as $storage) {
+ if(in_array($storage->name, $allowedStorages)) {
+ $storagesOutput[] = $storage;
+ }
+ }
+ $this->output = $storagesOutput;
$this->error = StorageError::ERROR_NO_ERRORS;
}
}
class StoragesShow extends BaculumAPI {
public function get() {
- $storages = $this->getModule('bconsole')->bconsoleCommand($this->director, array('show', 'storages'));
+ $storages = $this->getModule('bconsole')->bconsoleCommand($this->director, array('show', 'storages'), $this->user);
$this->output = $storages->output;
$this->error = (integer)$storages->exitcode;
}
}
public function set($id, $params) {
- $result = $this->getModule('volume')->setVolume($id, $params);
+ $result = ($this->user === null) ? $this->getModule('volume')->setVolume($id, $params) : true;
if($result === true) {
$this->output = null;
$this->error = VolumeError::ERROR_NO_ERRORS;
$mediaid = intval($this->Request['id']);
$volume = $this->getModule('volume')->getVolumeById($mediaid);
if(!is_null($volume)) {
- $prune = $this->getModule('bconsole')->bconsoleCommand($this->director, array('prune', 'volume="' . $volume->volumename . '"', 'yes'));
+ $prune = $this->getModule('bconsole')->bconsoleCommand($this->director, array('prune', 'volume="' . $volume->volumename . '"', 'yes'), $this->user);
$this->output = $prune->output;
$this->error = (integer)$prune->exitcode;
} else {
$mediaid = intval($this->Request['id']);
$volume = $this->getModule('volume')->getVolumeById($mediaid);
if(!is_null($volume)) {
- $purge = $this->getModule('bconsole')->bconsoleCommand($this->director, array('purge', 'volume="' . $volume->volumename . '"', 'yes'));
+ $purge = $this->getModule('bconsole')->bconsoleCommand($this->director, array('purge', 'volume="' . $volume->volumename . '"', 'yes'), $this->user);
$this->output = $purge->output;
$this->error = (integer)$purge->exitcode;
} else {
</div>
</div>
<div class="line">
- <div class="text"><com:TLabel ForControl="BconsoleConfigPath" Text="<%[ Bconsole config file path: ]%>" /></div>
+ <div class="text"><com:TLabel ForControl="BconsoleConfigPath" Text="<%[ Bconsole admin config file path: ]%>" /></div>
<div class="field">
<com:TTextBox ID="BconsoleConfigPath" CssClass="textbox" CausesValidation="false" />
<com:TRequiredFieldValidator CssClass="validator" Display="Dynamic" ControlCssClass="invalidate" ControlToValidate="BconsoleConfigPath" Text="<%[ Please enter bconsole config file path. ]%>" />
<div class="line">
<p><b><%[ NOTE! ]%></b><br /><em><%[ Baculum needs access to bconsole by the web server. ]%></em></p>
</div>
+ <hr />
+ <div class="line">
+ <p><%[ For need defining more Baculum users with custom access or restricted console access (Bconsole ACLs) here is possible to determine custom bconsole configuration file format for each user. ]%></p>
+ </div>
+ <div>
+ <p><%[ If there is used only one Baculum user then below field value will be ignored. ]%></p>
+ </div>
+ <div class="line">
+ <div class="text"><com:TLabel ForControl="BconsoleConfigCustomPath" Text="<%[ Bconsole custom config file path: ]%>" /></div>
+ <div class="field">
+ <com:TTextBox ID="BconsoleConfigCustomPath" CssClass="textbox" CausesValidation="false" />
+ <com:TRequiredFieldValidator CssClass="validator" Display="Dynamic" ControlCssClass="invalidate" ControlToValidate="BconsoleConfigCustomPath" Text="<%[ Please enter bconsole custom config file path. ]%>" />
+ </div>
+ </div>
+ <div class="line">
+ <p><b><%[ NOTE! ]%></b><br /><%[ {user} keyword will be replaced for each logged user into according username. ]%></p>
+ </div>
</com:TActivePanel>
</com:TWizardStep>
<com:TWizardStep ID="Step5" Title="<%[ Step 5 - authorization params to Baculum ]%>" StepType="Auto">
<div class="field bold"><%=$this->BconsolePath->Text%></div>
</div>
<div class="line">
- <div class="text"><%[ Bconsole config file path: ]%></div>
+ <div class="text"><%[ Bconsole admin config file path: ]%></div>
<div class="field bold"><%=$this->BconsoleConfigPath->Text%></div>
</div>
+ <div class="line">
+ <div class="text"><%[ Bconsole custom config file path: ]%></div>
+ <div class="field bold"><%=$this->BconsoleConfigCustomPath->Text%></div>
+ </div>
<div class="line">
<div class="text"><%[ Use sudo for bconsole requests: ]%></div>
<div class="field bold"><%=($this->UseSudo->Checked === true) ? 'yes' : 'no'%></div>
const DEFAULT_DB_LOGIN = 'bacula';
const DEFAULT_BCONSOLE_BIN = '/usr/sbin/bconsole';
const DEFAULT_BCONSOLE_CONF = '/etc/bacula/bconsole.conf';
+ const DEFAULT_BCONSOLE_CONF_CUSTOM = '/etc/bacula/bconsole-{user}.conf';
public function onInit($param) {
parent::onInit($param);
$this->Lang->SelectedValue = $this->Session['language'];
$this->firstRun = !$this->getModule('configuration')->isApplicationConfig();
$this->applicationConfig = $this->getModule('configuration')->getApplicationConfig();
+ if($this->firstRun === false && $this->User->getIsAdmin() === false) {
+ die('Access denied.');
+ }
}
public function onLoad($param) {
$this->Login->Text = self::DEFAULT_DB_LOGIN;
$this->BconsolePath->Text = self::DEFAULT_BCONSOLE_BIN;
$this->BconsoleConfigPath->Text = self::DEFAULT_BCONSOLE_CONF;
+ $this->BconsoleConfigCustomPath->Text = self::DEFAULT_BCONSOLE_CONF_CUSTOM;
} else {
$this->DBType->SelectedValue = $this->getPage()->applicationConfig['db']['type'];
$this->DBName->Text = $this->applicationConfig['db']['name'];
$this->DBPath->Text = $this->applicationConfig['db']['path'];
$this->BconsolePath->Text = $this->applicationConfig['bconsole']['bin_path'];
$this->BconsoleConfigPath->Text = $this->applicationConfig['bconsole']['cfg_path'];
+ $this->BconsoleConfigCustomPath->Text = array_key_exists('cfg_custom_path', $this->applicationConfig['bconsole']) ? $this->applicationConfig['bconsole']['cfg_custom_path'] : self::DEFAULT_BCONSOLE_CONF_CUSTOM;
$this->UseSudo->Checked = $this->getPage()->applicationConfig['bconsole']['use_sudo'] == 1;
$this->PanelLogin->Text = $this->applicationConfig['baculum']['login'];
$this->PanelPassword->Text = $this->applicationConfig['baculum']['password'];
$cfgData['db']['path'] = $this->Application->getModule('configuration')->isSQLiteType($cfgData['db']['type']) ? $this->DBPath->Text : '';
$cfgData['bconsole']['bin_path'] = $this->BconsolePath->Text;
$cfgData['bconsole']['cfg_path'] = $this->BconsoleConfigPath->Text;
+ $cfgData['bconsole']['cfg_custom_path'] = $this->BconsoleConfigCustomPath->Text;
$cfgData['bconsole']['use_sudo'] = (integer)($this->UseSudo->Checked === true);
$cfgData['baculum']['login'] = $this->PanelLogin->Text;
$cfgData['baculum']['password'] = $this->PanelPassword->Text;
<com:TActiveButton ID="JobBtn" CssClass="job-btn" Attributes.onmouseover="javascript:showTip(this, 'Jobs', 'Jobs settings.');" ClientSide.OnLoading="$('<%=$this->JobWindow->Controls[0]->UniqueID%>-slide-window-progress').setStyle({'display': 'block'});" ClientSide.OnComplete="$('<%=$this->JobWindow->Controls[0]->UniqueID%>-slide-window-progress').setStyle({'display': 'none'});" />
<com:TActiveButton ID="JobRunBtn" CssClass="jobrun-btn" Attributes.onmouseover="javascript:showTip(this, 'Run job', 'Starting jobs.');" ClientSide.OnLoading="$('<%=$this->JobRunWindow->Controls[0]->UniqueID%>-slide-window-progress').setStyle({'display': 'block'});" ClientSide.OnComplete="$('<%=$this->JobRunWindow->Controls[0]->UniqueID%>-slide-window-progress').setStyle({'display': 'none'});" />
<com:TActiveButton CssClass="restore-btn" OnClick="restore" Attributes.onmouseover="javascript:showTip(this, 'Restore', 'Restore wizard.');" />
- <com:TActiveButton CssClass="setting-btn" OnClick="configuration" Attributes.onmouseover="javascript:showTip(this, 'Settings', 'Management settings wizard.');" />
+ <com:TActiveButton ID="SettingsWizardBtn" CssClass="setting-btn" OnClick="configuration" Attributes.onmouseover="javascript:showTip(this, 'Settings', 'Management settings wizard.');" />
</div>
<com:TActivePanel ID="Content">
<div id="content">
$this->goToPage('ConfigurationWizard');
}
+ $appConfig = $this->getModule('configuration')->getApplicationConfig();
+
+ $this->SettingsWizardBtn->Visible = $this->User->getIsAdmin();
+ $this->MediaBtn->Visible = $this->User->getIsAdmin();
+
if(!$this->IsPostBack && !$this->IsCallBack) {
$this->Logging->Checked = $this->getModule('logging')->isDebugOn();
}
--- /dev/null
+<?xml version="1.0" encoding="utf-8"?>
+<configuration>
+ <authorization>
+ <allow pages="BaculumError,Requirements" users="*" />
+ <allow pages="Home,RestoreWizard,API.*" roles="admin,user" />
+ <allow pages="ConfigurationWizard" roles="admin" />
+ <deny users="*" />
+ </authorization>
+</configuration>
\ No newline at end of file
<services>
<service id="page" class="TPageService" BasePath="Application.Pages" DefaultPage="Home">
<modules>
+ <module id="users" class="Application.Class.BaculumUsersManager" />
+ <module id="auth" class="System.Security.TAuthManager" UserManager="users" />
<module id="configuration" class="Application.Class.ConfigurationManager" />
<module id="logging" class="Application.Class.Logging" />
<module id="api" class="Application.Class.API" />
projects / bacula / bacula / commitdiff