func FtpEditUser(ctx *macaron.Context) string { hcuser, auth := util.Auth(ctx, "ftpusers") if !auth { return "not_authorized" } username := util.Query(ctx, "username") password := util.Query(ctx, "password") db, _ := util.MySQL() defer db.Close() // check if user owns domain dstmt, _ := db.Prepare("SELECT * FROM `hostcontrol_ftpusers` WHERE `ftpusername`=? and `system_username`=?") row1, _ := dstmt.Query(username, hcuser.System_username) defer dstmt.Close() if !row1.Next() { return "user_not_found" } // set the password util.Bash("echo " + util.SHSanitize(password) + " | passwd " + util.SHSanitize(username) + " --stdin") return "success" }
func ChPassword(username string, password string) bool { if username == "" { return false } if password == "" { return false } // set the password util.Bash("echo " + util.SHSanitize(password) + " | passwd " + util.SHSanitize(username) + " --stdin") return true }
func Adduser(ctx *macaron.Context) string { hcuser, auth := util.Auth(ctx, "sysusers") if !auth { return "not_authorized" } username := util.Query(ctx, "username") password := util.Query(ctx, "password") if username == "" || username == "root" { return "username_required" } if password == "" { return "password_required" } db, _ := util.MySQL() defer db.Close() // check if username is available _, lookup_err1 := user.Lookup(username) if lookup_err1 == nil { return "username_taken" } // add the user util.Cmd("useradd", []string{username, "-d", "/home/" + username}) // make sure user was added _, lookup_err2 := user.Lookup(username) if lookup_err2 != nil { return "unable_to_create" } // set the password util.Bash("echo " + util.SHSanitize(password) + " | passwd " + util.SHSanitize(username) + " --stdin") new_token := util.MkToken() // add the user istmt, _ := db.Prepare("insert hostcontrol_users set hostcontrol_id=null, system_username=?, privileges=?, owned_by=?, login_token=?, email_address=?") privileges := "" perm_all := util.Query(ctx, "allperms") if strings.Contains(hcuser.Privileges, "all") && perm_all != "" { privileges += "all " } perm_websites := util.Query(ctx, "websites") if (strings.Contains(hcuser.Privileges, "websites") || strings.Contains(hcuser.Privileges, "all")) && perm_websites != "" { privileges += "websites " } perm_mail := util.Query(ctx, "mail") if (strings.Contains(hcuser.Privileges, "mail") || strings.Contains(hcuser.Privileges, "all")) && perm_mail != "" { privileges += "mail " } perm_databases := util.Query(ctx, "databases") if (strings.Contains(hcuser.Privileges, "databases") || strings.Contains(hcuser.Privileges, "all")) && perm_databases != "" { privileges += "databases " } perm_ftpusers := util.Query(ctx, "ftpusers") if (strings.Contains(hcuser.Privileges, "ftpusers") || strings.Contains(hcuser.Privileges, "all")) && perm_ftpusers != "" { privileges += "ftpusers " } perm_dns := util.Query(ctx, "dns") if (strings.Contains(hcuser.Privileges, "dns") || strings.Contains(hcuser.Privileges, "all")) && perm_dns != "" { privileges += "dns " } perm_sysusers := util.Query(ctx, "sysusers") if (strings.Contains(hcuser.Privileges, "sysusers") || strings.Contains(hcuser.Privileges, "all")) && perm_sysusers != "" { privileges += "sysusers " } istmt.Exec(username, privileges, hcuser.System_username, new_token, "") istmt.Close() return "success" }
func AddFtpUser(ctx *macaron.Context) string { hcuser, auth := util.Auth(ctx, "ftpusers") if !auth { return "not_authorized" } suser, err := user.Lookup(hcuser.System_username) if err != nil { return string(err.Error()) } username := util.Query(ctx, "ftpuser") if username == "" { return "ftpuser_required" } password := util.Query(ctx, "password") if password == "" { return "password_required" } homedir := util.Query(ctx, "homedir") if homedir == "" { return "homedir_required" } username = hcuser.System_username + "_" + username // attempt to make homedir as the user util.Cmd("su", []string{"-", hcuser.System_username, "-c", "mkdir -p " + homedir}) // check ownership... uid, _ := strconv.Atoi(suser.Uid) gid, _ := strconv.Atoi(suser.Gid) if !util.ChkPerms(homedir, uid, gid) { return "invalid_homedir" } db, _ := util.MySQL() defer db.Close() // add the user // useradd {username} -g {gid} -u {uid} -s /sbin/nologin -o util.Cmd("useradd", []string{username, "-d", homedir, "-g", suser.Gid, "-u", suser.Uid, "-s", "/sbin/nologin", "-o"}) // make sure user was added _, lookup_err2 := user.Lookup(username) if lookup_err2 != nil { return "unable_to_create" } // set the password util.Bash("echo " + util.SHSanitize(password) + " | passwd " + util.SHSanitize(username) + " --stdin") // add the user istmt, _ := db.Prepare("insert hostcontrol_ftpusers set ftpuser_id=null, ftpusername=?, homedir=?, system_username=?") istmt.Exec(username, homedir, hcuser.System_username) istmt.Close() return "success" }