New config option: disable_commands. This option defines a list of commands

the user is not allowed to execute.

diff --git a/devedit.pl b/devedit.pl
index d74a1bce0716a3e8f91ef9bd08c79af9164befde..a868428e730dc72ca3836938bb175450e4474142 100644 (file)
--- a/devedit.pl
+++ b/devedit.pl
@@ -6,7 +6,7 @@
 # Dev-Editor's main program
 #
 # Author:        Patrick Canterino <patrick@patshaping.de>
 # Dev-Editor's main program
 #
 # Author:        Patrick Canterino <patrick@patshaping.de>

-# Last modified: 2006-08-24
+# Last modified: 2010-12-23

 #
 # Copyright (C) 1999-2000 Roland Bluethgen, Frank Schoenmann
 # Copyright (C) 2003-2009 Patrick Canterino
 #
 # Copyright (C) 1999-2000 Roland Bluethgen, Frank Schoenmann
 # Copyright (C) 2003-2009 Patrick Canterino


@@ -59,6 +59,13 @@ my $file    = $cgi->param('file')    || '/';
 my $curdir  = $cgi->param('curdir')  || '';
 my $newfile = $cgi->param('newfile') || '';
 
 my $curdir  = $cgi->param('curdir')  || '';
 my $newfile = $cgi->param('newfile') || '';
 

+# Check if the command is disabled
+
+if(is_disabled_command($config->{'disable_commands'},$command))
+{
+ abort($config->{'errors'}->{'command_disabled'},'/',{COMMAND => encode_html($command)});
+}
+

 # Create physical and virtual path for the new file
 
 my $new_physical = '';
 # Create physical and virtual path for the new file
 
 my $new_physical = '';

diff --git a/errors.conf b/errors.conf
index 244501ff0b2b4405f566b5d4bea241bce80b5f97..87c89145a50b6af81d67c9089ddf9b9c081bb61d 100644 (file)
--- a/errors.conf
+++ b/errors.conf
@@ -4,6 +4,7 @@ above_root        = Accessing files and directories above the virtual root direc
 binary_file       = This editor is not able to view/edit binary files.
 chprop_link       = You are not allowed to change the properties of a symbolic link.
 chprop_root       = You are not allowed to change the properties of the root directory.
 binary_file       = This editor is not able to view/edit binary files.
 chprop_link       = You are not allowed to change the properties of a symbolic link.
 chprop_root       = You are not allowed to change the properties of the root directory.

+command_disabled  = The command '{COMMAND}' has been disabled by the administrator.

 command_unknown   = Unknown command: '{COMMAND}'
 copy_failed       = Could not copy '{FILE}' to '{NEW_FILE}'.
 create_above_root = You are not allowed to create files and directories above the virtual root directory.
 command_unknown   = Unknown command: '{COMMAND}'
 copy_failed       = Could not copy '{FILE}' to '{NEW_FILE}'.
 create_above_root = You are not allowed to create files and directories above the virtual root directory.

diff --git a/modules/Config/DevEdit.pm b/modules/Config/DevEdit.pm
index b4cb963f17bbf090ea4c1049ff2ea9b57cca223e..24bc3a2e39186850deafbd1b506eea8a60bcacfb 100644 (file)
--- a/modules/Config/DevEdit.pm
+++ b/modules/Config/DevEdit.pm
@@ -6,7 +6,7 @@ package Config::DevEdit;
 # Read and parse the configuration files
 #
 # Author:        Patrick Canterino <patrick@patshaping.de>
 # Read and parse the configuration files
 #
 # Author:        Patrick Canterino <patrick@patshaping.de>

-# Last modified: 2005-09-30
+# Last modified: 2010-12-23

 #
 # Copyright (C) 1999-2000 Roland Bluethgen, Frank Schoenmann
 # Copyright (C) 2003-2009 Patrick Canterino
 #
 # Copyright (C) 1999-2000 Roland Bluethgen, Frank Schoenmann
 # Copyright (C) 2003-2009 Patrick Canterino


@@ -30,6 +30,13 @@ use base qw(Exporter);
 
 @EXPORT = qw(read_config);
 
 
 @EXPORT = qw(read_config);
 

+# This variable contains some dependencies for the "disable_commands"
+# configuration option.
+# The Hash key defines a command, the value is an Array Reference or String
+# defining the commands that will also be disabled.
+
+my %disable_dependency = ('beginedit' => 'endedit');
+

 # read_config()
 #
 # Read the configuration files of Dev-Editor
 # read_config()
 #
 # Read the configuration files of Dev-Editor


@@ -74,14 +81,15 @@ sub read_config($)
 
    my $new_conf = $userconf->{$ENV{'REMOTE_USER'}};
 
 
    my $new_conf = $userconf->{$ENV{'REMOTE_USER'}};
 

-   $config->{'fileroot'}       = $new_conf->{'fileroot'}  if($new_conf->{'fileroot'});
-   $config->{'httproot'}       = $new_conf->{'httproot'}  if($new_conf->{'httproot'});
+   $config->{'fileroot'}         = $new_conf->{'fileroot'}  if($new_conf->{'fileroot'});
+   $config->{'httproot'}         = $new_conf->{'httproot'}  if($new_conf->{'httproot'});

 
 

-   $config->{'forbidden'}      = $new_conf->{'forbidden'} if(defined $new_conf->{'forbidden'});
+   $config->{'forbidden'}        = $new_conf->{'forbidden'} if(defined $new_conf->{'forbidden'});
+   $config->{'disable_commands'} = $new_conf->{'disable_commands'} if(defined $new_conf->{'disable_commands'});

 
 

-   $config->{'hide_dot_files'} = $new_conf->{'hide_dot_files'} if(defined $new_conf->{'hide_dot_files'});
+   $config->{'hide_dot_files'}   = $new_conf->{'hide_dot_files'} if(defined $new_conf->{'hide_dot_files'});

 
 

-   $config->{'user_config'}    = 1;
+   $config->{'user_config'}      = 1;

   }
  }
 
   }
  }
 


@@ -108,6 +116,36 @@ sub read_config($)
   $config->{'forbidden'} = [];
  }
 
   $config->{'forbidden'} = [];
  }
 

+ # Parse list of disabled commands (we need some universal code!)
+
+ if($config->{'disable_commands'})
+ {
+  my @commands;
+
+  foreach my $command(parse_line('\s+',0,$config->{'disable_commands'}))
+  {
+   push(@commands,$command);
+
+   if(exists($disable_dependency{$command}) && $disable_dependency{$command})
+   {
+    if(ref($disable_dependency{$command}) eq 'ARRAY')
+    {
+     push(@commands,@{$disable_dependency{$command}});
+    }
+    else
+    {
+     push(@commands,$disable_dependency{$command});
+    }
+   }
+  }
+
+  $config->{'disable_commands'} = \@commands;
+ }
+ else
+ {
+  $config->{'disable_commands'} = [];
+ }
+

  return $config;
 }
 
  return $config;
 }
 

diff --git a/modules/Tool.pm b/modules/Tool.pm
index b143dcba0eca4c3e380672c98274ec81b17d570b..95b64dd8e9fa7293ff9ebca5ec7bd22729cda050 100644 (file)
--- a/modules/Tool.pm
+++ b/modules/Tool.pm
@@ -6,7 +6,7 @@ package Tool;
 # Some shared sub routines
 #
 # Author:        Patrick Canterino <patrick@patshaping.de>
 # Some shared sub routines
 #
 # Author:        Patrick Canterino <patrick@patshaping.de>

-# Last modified: 2008-04-25
+# Last modified: 2010-12-23

 #
 # Copyright (C) 1999-2000 Roland Bluethgen, Frank Schoenmann
 # Copyright (C) 2003-2009 Patrick Canterino
 #
 # Copyright (C) 1999-2000 Roland Bluethgen, Frank Schoenmann
 # Copyright (C) 2003-2009 Patrick Canterino


@@ -40,6 +40,8 @@ use base qw(Exporter);
              encode_html
              equal_url
              file_name
              encode_html
              equal_url
              file_name

+             in_array
+             is_disabled_command

              is_forbidden_file
              mode_string
              multi_string
              is_forbidden_file
              mode_string
              multi_string


@@ -267,6 +269,51 @@ sub file_name($)
  return $path;
 }
 
  return $path;
 }
 

+# in_array()
+#
+# Check if a value is in an array
+#
+# Params: 1. Value to find
+#         2. Array
+#
+# Return: Status code (Boolean)
+
+sub in_array($$)
+{
+ my ($string,$array) = @_;
+
+ foreach my $element(@{$array})
+ {
+  return 1 if($string eq $element);
+ }
+
+ #foreach
+
+ return;
+}
+
+# is_disabled_command()
+#
+# Check if a command is disabled
+#
+# Params: 1. Array Reference containing the list
+#         2. Command to check
+#
+# Return: Status code (Boolean)
+
+sub is_disabled_command($$)
+{
+ my ($list,$command) = @_;
+ $command =~ s!/+$!!g;
+
+ foreach my $entry(@$list)
+ {
+  return 1 if(uc($command) eq uc($entry));
+ }
+
+ return;
+}
+

 # is_forbidden_file()
 #
 # Check if a file is in the list of forbidden files
 # is_forbidden_file()
 #
 # Check if a file is in the list of forbidden files