func Deleteuser(ctx *macaron.Context) string {
hcuser, auth := util.Auth(ctx, "sysusers")
if !auth {
return "not_authorized"
}
username := util.Query(ctx, "username")
if username == "" || username == "root" {
return "username_required"
}
db, _ := util.MySQL()
defer db.Close()
// check if user actually owns child
if !util.ChkPaternity(hcuser.System_username, username) {
return "failed_ownership_check"
}
users := make(map[string]map[string]string)
users = util.Getusers(username, users, db)
for _, subuser := range users {
cleanupuserdata(subuser["system_username"], ctx)
// delete the user and homedir
util.Cmd("userdel", []string{subuser["system_username"], "-f", "-r"})
// remove the user
stmt, _ := db.Prepare("delete from hostcontrol_users where system_username=?")
stmt.Exec(subuser["system_username"])
stmt.Close()
}
cleanupuserdata(username, ctx)
// delete the user and homedir
util.Cmd("userdel", []string{username, "-f", "-r"})
// make sure user was delete
_, lookup_err2 := user.Lookup(username)
if lookup_err2 == nil {
return "failed_to_delete_user"
}
// remove the user
stmt, _ := db.Prepare("delete from hostcontrol_users where system_username=?")
stmt.Exec(username)
stmt.Close()
return "success"
}
func FtpDeleteuser(ctx *macaron.Context) string {
hcuser, auth := util.Auth(ctx, "ftpusers")
if !auth {
return "not_authorized"
}
username := util.Query(ctx, "ftpuser")
if username == "" || username == "root" {
return "ftpuser_required"
}
db, _ := util.MySQL()
defer db.Close()
// check if user owns domain
dstmt, _ := db.Prepare("SELECT * FROM `hostcontrol_ftpusers` WHERE `ftpusername`=? and `system_username`=?")
row1, _ := dstmt.Query(username, hcuser.System_username)
defer dstmt.Close()
if !row1.Next() {
return "user_not_found"
}
// remove the user
stmt, _ := db.Prepare("delete from hostcontrol_ftpusers where ftpusername=? and system_username=?")
stmt.Exec(username, hcuser.System_username)
stmt.Close()
// delete the user and homedir
util.Cmd("userdel", []string{username, "-f"})
// make sure user was delete
_, lookup_err2 := user.Lookup(username)
if lookup_err2 == nil {
return "failed_to_delete_user"
}
return "success"
}
func Adduser(ctx *macaron.Context) string {
hcuser, auth := util.Auth(ctx, "sysusers")
if !auth {
return "not_authorized"
}
username := util.Query(ctx, "username")
password := util.Query(ctx, "password")
if username == "" || username == "root" {
return "username_required"
}
if password == "" {
return "password_required"
}
db, _ := util.MySQL()
defer db.Close()
// check if username is available
_, lookup_err1 := user.Lookup(username)
if lookup_err1 == nil {
return "username_taken"
}
// add the user
util.Cmd("useradd", []string{username, "-d", "/home/" + username})
// make sure user was added
_, lookup_err2 := user.Lookup(username)
if lookup_err2 != nil {
return "unable_to_create"
}
// set the password
util.Bash("echo " + util.SHSanitize(password) + " | passwd " + util.SHSanitize(username) + " --stdin")
new_token := util.MkToken()
// add the user
istmt, _ := db.Prepare("insert hostcontrol_users set hostcontrol_id=null, system_username=?, privileges=?, owned_by=?, login_token=?, email_address=?")
privileges := ""
perm_all := util.Query(ctx, "allperms")
if strings.Contains(hcuser.Privileges, "all") && perm_all != "" {
privileges += "all "
}
perm_websites := util.Query(ctx, "websites")
if (strings.Contains(hcuser.Privileges, "websites") || strings.Contains(hcuser.Privileges, "all")) && perm_websites != "" {
privileges += "websites "
}
perm_mail := util.Query(ctx, "mail")
if (strings.Contains(hcuser.Privileges, "mail") || strings.Contains(hcuser.Privileges, "all")) && perm_mail != "" {
privileges += "mail "
}
perm_databases := util.Query(ctx, "databases")
if (strings.Contains(hcuser.Privileges, "databases") || strings.Contains(hcuser.Privileges, "all")) && perm_databases != "" {
privileges += "databases "
}
perm_ftpusers := util.Query(ctx, "ftpusers")
if (strings.Contains(hcuser.Privileges, "ftpusers") || strings.Contains(hcuser.Privileges, "all")) && perm_ftpusers != "" {
privileges += "ftpusers "
}
perm_dns := util.Query(ctx, "dns")
if (strings.Contains(hcuser.Privileges, "dns") || strings.Contains(hcuser.Privileges, "all")) && perm_dns != "" {
privileges += "dns "
}
perm_sysusers := util.Query(ctx, "sysusers")
if (strings.Contains(hcuser.Privileges, "sysusers") || strings.Contains(hcuser.Privileges, "all")) && perm_sysusers != "" {
privileges += "sysusers "
}
istmt.Exec(username, privileges, hcuser.System_username, new_token, "")
istmt.Close()
return "success"
}
func AddFtpUser(ctx *macaron.Context) string {
hcuser, auth := util.Auth(ctx, "ftpusers")
if !auth {
return "not_authorized"
}
suser, err := user.Lookup(hcuser.System_username)
if err != nil {
return string(err.Error())
}
username := util.Query(ctx, "ftpuser")
if username == "" {
return "ftpuser_required"
}
password := util.Query(ctx, "password")
if password == "" {
return "password_required"
}
homedir := util.Query(ctx, "homedir")
if homedir == "" {
return "homedir_required"
}
username = hcuser.System_username + "_" + username
// attempt to make homedir as the user
util.Cmd("su", []string{"-", hcuser.System_username, "-c", "mkdir -p " + homedir})
// check ownership...
uid, _ := strconv.Atoi(suser.Uid)
gid, _ := strconv.Atoi(suser.Gid)
if !util.ChkPerms(homedir, uid, gid) {
return "invalid_homedir"
}
db, _ := util.MySQL()
defer db.Close()
// add the user
// useradd {username} -g {gid} -u {uid} -s /sbin/nologin -o
util.Cmd("useradd", []string{username, "-d", homedir, "-g", suser.Gid, "-u", suser.Uid, "-s", "/sbin/nologin", "-o"})
// make sure user was added
_, lookup_err2 := user.Lookup(username)
if lookup_err2 != nil {
return "unable_to_create"
}
// set the password
util.Bash("echo " + util.SHSanitize(password) + " | passwd " + util.SHSanitize(username) + " --stdin")
// add the user
istmt, _ := db.Prepare("insert hostcontrol_ftpusers set ftpuser_id=null, ftpusername=?, homedir=?, system_username=?")
istmt.Exec(username, homedir, hcuser.System_username)
istmt.Close()
return "success"
}
