diff --git a/include/class.config.php b/include/class.config.php
index 68704cd7b65523acb6f5610746b4e9741847c962..8342bd0854af5048646a4b1947f205055bfc052c 100644
--- a/include/class.config.php
+++ b/include/class.config.php
@@ -153,6 +153,8 @@ class OsticketConfig extends Config {
'allow_client_updates' => false,
'message_autoresponder_collabs' => true,
'add_email_collabs' => true,
+ 'clients_only' => false,
+ 'client_registration' => 'closed',
);
function OsticketConfig($section=null) {
@@ -767,7 +769,10 @@ class OsticketConfig extends Config {
case 'pages':
return $this->updatePagesSettings($vars, $errors);
break;
- case 'autoresp':
+ case 'access':
+ return $this->updateAccessSettings($vars, $errors);
+ break;
+ case 'autoresp':
return $this->updateAutoresponderSettings($vars, $errors);
break;
case 'alerts':
@@ -789,8 +794,6 @@ class OsticketConfig extends Config {
$f['helpdesk_url']=array('type'=>'string', 'required'=>1, 'error'=>'Helpdesk URl required');
$f['helpdesk_title']=array('type'=>'string', 'required'=>1, 'error'=>'Helpdesk title required');
$f['default_dept_id']=array('type'=>'int', 'required'=>1, 'error'=>'Default Dept. required');
- $f['staff_session_timeout']=array('type'=>'int', 'required'=>1, 'error'=>'Enter idle time in minutes');
- $f['client_session_timeout']=array('type'=>'int', 'required'=>1, 'error'=>'Enter idle time in minutes');
//Date & Time Options
$f['time_format']=array('type'=>'string', 'required'=>1, 'error'=>'Time format required');
$f['date_format']=array('type'=>'string', 'required'=>1, 'error'=>'Date format required');
@@ -813,6 +816,24 @@ class OsticketConfig extends Config {
'log_level'=>$vars['log_level'],
'log_graceperiod'=>$vars['log_graceperiod'],
'name_format'=>$vars['name_format'],
+ 'time_format'=>$vars['time_format'],
+ 'date_format'=>$vars['date_format'],
+ 'datetime_format'=>$vars['datetime_format'],
+ 'daydatetime_format'=>$vars['daydatetime_format'],
+ 'default_timezone_id'=>$vars['default_timezone_id'],
+ 'enable_daylight_saving'=>isset($vars['enable_daylight_saving'])?1:0,
+ ));
+ }
+
+ function updateAccessSettings($vars, &$errors) {
+ $f=array();
+ $f['staff_session_timeout']=array('type'=>'int', 'required'=>1, 'error'=>'Enter idle time in minutes');
+ $f['client_session_timeout']=array('type'=>'int', 'required'=>1, 'error'=>'Enter idle time in minutes');
+
+ if(!Validator::process($f, $vars, $errors) || $errors)
+ return false;
+
+ return $this->updateAll(array(
'passwd_reset_period'=>$vars['passwd_reset_period'],
'staff_max_logins'=>$vars['staff_max_logins'],
'staff_login_timeout'=>$vars['staff_login_timeout'],
@@ -823,18 +844,12 @@ class OsticketConfig extends Config {
'client_session_timeout'=>$vars['client_session_timeout'],
'allow_pw_reset'=>isset($vars['allow_pw_reset'])?1:0,
'pw_reset_window'=>$vars['pw_reset_window'],
- 'time_format'=>$vars['time_format'],
- 'date_format'=>$vars['date_format'],
- 'datetime_format'=>$vars['datetime_format'],
- 'daydatetime_format'=>$vars['daydatetime_format'],
- 'default_timezone_id'=>$vars['default_timezone_id'],
- 'enable_daylight_saving'=>isset($vars['enable_daylight_saving'])?1:0,
+ 'clients_only'=>isset($vars['clients_only'])?1:0,
+ 'client_registration'=>$vars['client_registration'],
));
}
function updateTicketsSettings($vars, &$errors) {
-
-
$f=array();
$f['default_sla_id']=array('type'=>'int', 'required'=>1, 'error'=>'Selection required');
$f['default_priority_id']=array('type'=>'int', 'required'=>1, 'error'=>'Selection required');
diff --git a/include/class.nav.php b/include/class.nav.php
index 1648332948ec1a32e5ac9a12aba75827d3087a15..d2798cece21ab141a3a4a36074785babf5c3585b 100644
--- a/include/class.nav.php
+++ b/include/class.nav.php
@@ -200,6 +200,7 @@ class AdminNav extends StaffNav{
$subnav[]=array('desc'=>'System','href'=>'settings.php?t=system','iconclass'=>'preferences');
$subnav[]=array('desc'=>'Tickets','href'=>'settings.php?t=tickets','iconclass'=>'ticket-settings');
$subnav[]=array('desc'=>'Emails','href'=>'settings.php?t=emails','iconclass'=>'email-settings');
+ $subnav[]=array('desc'=>'Access','href'=>'settings.php?t=access','iconclass'=>'users');
$subnav[]=array('desc'=>'Knowledgebase','href'=>'settings.php?t=kb','iconclass'=>'kb-settings');
$subnav[]=array('desc'=>'Autoresponder','href'=>'settings.php?t=autoresp','iconclass'=>'email-autoresponders');
$subnav[]=array('desc'=>'Alerts & Notices','href'=>'settings.php?t=alerts','iconclass'=>'alert-settings');
diff --git a/include/i18n/en_US/help/tips/settings.access.yaml b/include/i18n/en_US/help/tips/settings.access.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..911a4b34c3b665cdf1be6d3930344fc28ac5c520
--- /dev/null
+++ b/include/i18n/en_US/help/tips/settings.access.yaml
@@ -0,0 +1,22 @@
+#
+# This is popup help messages for the Admin Panel -> Settings -> System page
+#
+# Fields:
+# title - Shown in bold at the top of the popover window
+# content - The body of the help popover
+# links - List of links shows below the content
+# title - Link title
+# href - href of link (links starting with / are translated to the
+# helpdesk installation path)
+#
+# The key names such as 'helpdesk_name' should not be translated as they
+# must match the HTML #ids put into the page template.
+#
+---
+# Authentication settings
+password_reset:
+ title: Password Expiration Policy
+ content: >
+ Sets how often (in months) staff members will be required to change
+ their password. If disabled (set to "No expiration"), passwords will
+ not expire.
diff --git a/include/i18n/en_US/help/tips/settings.system.yaml b/include/i18n/en_US/help/tips/settings.system.yaml
index 1d08d55b0d9f77bd2ee8122a971e5fcd3e7ca1b8..60e336b73470394cc7f7821317dd883e80d2006d 100644
--- a/include/i18n/en_US/help/tips/settings.system.yaml
+++ b/include/i18n/en_US/help/tips/settings.system.yaml
@@ -68,14 +68,6 @@ name_format:
Email templates will use the format for names if no other format is
specified in the place holder.
-# Authentication settings
-password_reset:
- title: Password Expiration Policy
- content: >
- Sets how often (in months) staff members will be required to change
- their password. If disabled (set to "No expiration"), passwords will
- not expire.
-
# Date and time options
date_and_time:
title: Localized Date Formats
diff --git a/include/staff/settings-access.inc.php b/include/staff/settings-access.inc.php
new file mode 100644
index 0000000000000000000000000000000000000000..cb6306f250b1b1a00ca99156ef2afcca84bb6071
--- /dev/null
+++ b/include/staff/settings-access.inc.php
@@ -0,0 +1,140 @@
+<?php
+if(!defined('OSTADMININC') || !$thisstaff || !$thisstaff->isAdmin() || !$config) die('Access Denied');
+
+?>
+<h2>Access Control Settings</h2>
+<form action="settings.php?t=access" method="post" id="save">
+<?php csrf_token(); ?>
+<input type="hidden" name="t" value="access" >
+<table class="form_table settings_table" width="940" border="0" cellspacing="0" cellpadding="2">
+ <thead>
+ <tr>
+ <th colspan="2">
+ <h4>Configure Access to this Help Desk</h4>
+ </th>
+ </tr>
+ </thead>
+ <tbody>
+ <tr>
+ <th colspan="2">
+ <em><b>Staff Authentication Settings</b></em>
+ </th>
+ </tr>
+ <tr><td>Password Expiration Policy:</th>
+ <td>
+ <select name="passwd_reset_period">
+ <option value="0"> — No expiration —</option>
+ <?php
+ for ($i = 1; $i <= 12; $i++) {
+ echo sprintf('<option value="%d" %s>%s%s</option>',
+ $i,(($config['passwd_reset_period']==$i)?'selected="selected"':''), $i>1?"Every $i ":'', $i>1?' Months':'Monthly');
+ }
+ ?>
+ </select>
+ <font class="error"><?php echo $errors['passwd_reset_period']; ?></font>
+ <i class="help-tip icon-question-sign" href="#password_reset"></i>
+ </td>
+ </tr>
+ <tr><td>Allow Password Resets:</th>
+ <td>
+ <input type="checkbox" name="allow_pw_reset" <?php echo $config['allow_pw_reset']?'checked="checked"':''; ?>>
+ <em>Enables the <u>Forgot my password</u> link on the staff
+ control panel</em>
+ </td>
+ </tr>
+ <tr><td>Password Reset Window:</th>
+ <td>
+ <input type="text" name="pw_reset_window" size="6" value="<?php
+ echo $config['pw_reset_window']; ?>">
+ Maximum time <em>in minutes</em> a password reset token can
+ be valid.
+ <font class="error"> <?php echo $errors['pw_reset_window']; ?></font>
+ </td>
+ </tr>
+ <tr><td>Staff Excessive Logins:</td>
+ <td>
+ <select name="staff_max_logins">
+ <?php
+ for ($i = 1; $i <= 10; $i++) {
+ echo sprintf('<option value="%d" %s>%d</option>', $i,(($config['staff_max_logins']==$i)?'selected="selected"':''), $i);
+ }
+ ?>
+ </select> failed login attempt(s) allowed before a
+ <select name="staff_login_timeout">
+ <?php
+ for ($i = 1; $i <= 10; $i++) {
+ echo sprintf('<option value="%d" %s>%d</option>', $i,(($config['staff_login_timeout']==$i)?'selected="selected"':''), $i);
+ }
+ ?>
+ </select> minute lock-out is enforced.
+ </td>
+ </tr>
+ <tr><td>Staff Session Timeout:</td>
+ <td>
+ <input type="text" name="staff_session_timeout" size=6 value="<?php echo $config['staff_session_timeout']; ?>">
+ Maximum idle time in minutes before a staff member must log in again (enter 0 to disable).
+ </td>
+ </tr>
+ <tr><td>Bind Staff Session to IP:</td>
+ <td>
+ <input type="checkbox" name="staff_ip_binding" <?php echo $config['staff_ip_binding']?'checked="checked"':''; ?>>
+ <em>(binds staff session to originating IP address upon login)</em>
+ </td>
+ </tr>
+ <tr>
+ <th colspan="2">
+ <em><b>Client Authentication Settings</b></em>
+ </th>
+ </tr>
+ <tr><td>Registration Required:</td>
+ <td><input type="checkbox" name="clients_only" <?php
+ if ($config['clients_only'])
+ echo 'checked="checked"'; ?>/>
+ Require registration and login to create tickets
+ </td>
+ <tr><td>Registration Method:</td>
+ <td><select name="client_registration">
+<?php foreach (array(
+ 'public' => 'Public — Anyone can register',
+ 'auto' => 'Automatic — Create new accounts for all new tickets',
+ 'closed' => 'Private — Only staff can register clients',)
+ as $key=>$val) { ?>
+ <option value="<?php echo $key; ?>" <?php
+ if ($config['client_registration'] == $key)
+ echo 'selected="selected"'; ?>><?php echo $val;
+ ?></option><?php
+ } ?>
+ </select></td>
+ </tr>
+ <tr><td>Client Excessive Logins:</td>
+ <td>
+ <select name="client_max_logins">
+ <?php
+ for ($i = 1; $i <= 10; $i++) {
+ echo sprintf('<option value="%d" %s>%d</option>', $i,(($config['client_max_logins']==$i)?'selected="selected"':''), $i);
+ }
+
+ ?>
+ </select> failed login attempt(s) allowed before a
+ <select name="client_login_timeout">
+ <?php
+ for ($i = 1; $i <= 10; $i++) {
+ echo sprintf('<option value="%d" %s>%d</option>', $i,(($config['client_login_timeout']==$i)?'selected="selected"':''), $i);
+ }
+ ?>
+ </select> minute lock-out is enforced.
+ </td>
+ </tr>
+ <tr><td>Client Session Timeout:</td>
+ <td>
+ <input type="text" name="client_session_timeout" size=6 value="<?php echo $config['client_session_timeout']; ?>">
+ Maximum idle time in minutes before a client must log in again (enter 0 to disable).
+ </td>
+ </tr>
+</tbody>
+</table>
+<p style="text-align:center">
+ <input class="button" type="submit" name="submit" value="Save Changes">
+ <input class="button" type="reset" name="reset" value="Reset Changes">
+</p>
+</form>
diff --git a/include/staff/settings-system.inc.php b/include/staff/settings-system.inc.php
index 3ffd9b5af9cf7474c398b5b6bb6a22631afcdfcd..3156492fb8fe6de114d4e0290a83a7736026e8a1 100644
--- a/include/staff/settings-system.inc.php
+++ b/include/staff/settings-system.inc.php
@@ -118,98 +118,6 @@ $gmtime = Misc::gmtime();
<i class="help-tip icon-question-sign" href="#name_format"></i>
</td>
</tr>
- <tr>
- <th colspan="2">
- <em><b>Authentication Settings</b></em>
- </th>
- </tr>
- <tr><td>Password Expiration Policy:</th>
- <td>
- <select name="passwd_reset_period">
- <option value="0"> — No expiration —</option>
- <?php
- for ($i = 1; $i <= 12; $i++) {
- echo sprintf('<option value="%d" %s>%s%s</option>',
- $i,(($config['passwd_reset_period']==$i)?'selected="selected"':''), $i>1?"Every $i ":'', $i>1?' Months':'Monthly');
- }
- ?>
- </select>
- <font class="error"><?php echo $errors['passwd_reset_period']; ?></font>
- <i class="help-tip icon-question-sign" href="#password_reset"></i>
- </td>
- </tr>
- <tr><td>Allow Password Resets:</th>
- <td>
- <input type="checkbox" name="allow_pw_reset" <?php echo $config['allow_pw_reset']?'checked="checked"':''; ?>>
- <em>Enables the <u>Forgot my password</u> link on the staff
- control panel</em>
- </td>
- </tr>
- <tr><td>Password Reset Window:</th>
- <td>
- <input type="text" name="pw_reset_window" size="6" value="<?php
- echo $config['pw_reset_window']; ?>">
- Maximum time <em>in minutes</em> a password reset token can
- be valid.
- <font class="error"> <?php echo $errors['pw_reset_window']; ?></font>
- </td>
- </tr>
- <tr><td>Staff Excessive Logins:</td>
- <td>
- <select name="staff_max_logins">
- <?php
- for ($i = 1; $i <= 10; $i++) {
- echo sprintf('<option value="%d" %s>%d</option>', $i,(($config['staff_max_logins']==$i)?'selected="selected"':''), $i);
- }
- ?>
- </select> failed login attempt(s) allowed before a
- <select name="staff_login_timeout">
- <?php
- for ($i = 1; $i <= 10; $i++) {
- echo sprintf('<option value="%d" %s>%d</option>', $i,(($config['staff_login_timeout']==$i)?'selected="selected"':''), $i);
- }
- ?>
- </select> minute lock-out is enforced.
- </td>
- </tr>
- <tr><td>Staff Session Timeout:</td>
- <td>
- <input type="text" name="staff_session_timeout" size=6 value="<?php echo $config['staff_session_timeout']; ?>">
- Maximum idle time in minutes before a staff member must log in again (enter 0 to disable).
- </td>
- </tr>
- <tr><td>Client Excessive Logins:</td>
- <td>
- <select name="client_max_logins">
- <?php
- for ($i = 1; $i <= 10; $i++) {
- echo sprintf('<option value="%d" %s>%d</option>', $i,(($config['client_max_logins']==$i)?'selected="selected"':''), $i);
- }
-
- ?>
- </select> failed login attempt(s) allowed before a
- <select name="client_login_timeout">
- <?php
- for ($i = 1; $i <= 10; $i++) {
- echo sprintf('<option value="%d" %s>%d</option>', $i,(($config['client_login_timeout']==$i)?'selected="selected"':''), $i);
- }
- ?>
- </select> minute lock-out is enforced.
- </td>
- </tr>
-
- <tr><td>Client Session Timeout:</td>
- <td>
- <input type="text" name="client_session_timeout" size=6 value="<?php echo $config['client_session_timeout']; ?>">
- Maximum idle time in minutes before a client must log in again (enter 0 to disable).
- </td>
- </tr>
- <tr><td>Bind Staff Session to IP:</td>
- <td>
- <input type="checkbox" name="staff_ip_binding" <?php echo $config['staff_ip_binding']?'checked="checked"':''; ?>>
- <em>(binds staff session to originating IP address upon login)</em>
- </td>
- </tr>
<tr>
<th colspan="2">
<em><b>Date and Time Options</b>
diff --git a/scp/settings.php b/scp/settings.php
index b72cdf2c377a436f8d188e11c8ea38f41937d708..a4243fd957fb780eea3b151fd96c8b9770ef9ccb 100644
--- a/scp/settings.php
+++ b/scp/settings.php
@@ -24,6 +24,8 @@ $settingOptions=array(
array('Email Settings', 'settings.email'),
'pages' =>
array('Site Pages', 'settings.pages'),
+ 'access' =>
+ array('Access Control', 'settings.access'),
'kb' =>
array('Knowledgebase Settings', 'settings.kb'),
'autoresp' =>