Skip to content
Snippets Groups Projects
Commit 1994d86e authored by Jared Hancock's avatar Jared Hancock
Browse files

Add settings page for access control 

Add client registration methods and login required checkbox
parent fe1fc590
Branches
Tags
No related merge requests found
Hide whitespace changes
Inline Side-by-side
include/class.config.php
+ 26
11
View file @ 1994d86e
......@@ -153,6 +153,8 @@ class OsticketConfig extends Config {
'allow_client_updates' => false,
'message_autoresponder_collabs' => true,
'add_email_collabs' => true,
'clients_only' => false,
'client_registration' => 'closed',
);
function OsticketConfig($section=null) {
......@@ -767,7 +769,10 @@ class OsticketConfig extends Config {
case 'pages':
return $this->updatePagesSettings($vars, $errors);
break;
case 'autoresp':
case 'access':
return $this->updateAccessSettings($vars, $errors);
break;
case 'autoresp':
return $this->updateAutoresponderSettings($vars, $errors);
break;
case 'alerts':
......@@ -789,8 +794,6 @@ class OsticketConfig extends Config {
$f['helpdesk_url']=array('type'=>'string', 'required'=>1, 'error'=>'Helpdesk URl required');
$f['helpdesk_title']=array('type'=>'string', 'required'=>1, 'error'=>'Helpdesk title required');
$f['default_dept_id']=array('type'=>'int', 'required'=>1, 'error'=>'Default Dept. required');
$f['staff_session_timeout']=array('type'=>'int', 'required'=>1, 'error'=>'Enter idle time in minutes');
$f['client_session_timeout']=array('type'=>'int', 'required'=>1, 'error'=>'Enter idle time in minutes');
//Date & Time Options
$f['time_format']=array('type'=>'string', 'required'=>1, 'error'=>'Time format required');
$f['date_format']=array('type'=>'string', 'required'=>1, 'error'=>'Date format required');
......@@ -813,6 +816,24 @@ class OsticketConfig extends Config {
'log_level'=>$vars['log_level'],
'log_graceperiod'=>$vars['log_graceperiod'],
'name_format'=>$vars['name_format'],
'time_format'=>$vars['time_format'],
'date_format'=>$vars['date_format'],
'datetime_format'=>$vars['datetime_format'],
'daydatetime_format'=>$vars['daydatetime_format'],
'default_timezone_id'=>$vars['default_timezone_id'],
'enable_daylight_saving'=>isset($vars['enable_daylight_saving'])?1:0,
));
}
function updateAccessSettings($vars, &$errors) {
$f=array();
$f['staff_session_timeout']=array('type'=>'int', 'required'=>1, 'error'=>'Enter idle time in minutes');
$f['client_session_timeout']=array('type'=>'int', 'required'=>1, 'error'=>'Enter idle time in minutes');
if(!Validator::process($f, $vars, $errors) || $errors)
return false;
return $this->updateAll(array(
'passwd_reset_period'=>$vars['passwd_reset_period'],
'staff_max_logins'=>$vars['staff_max_logins'],
'staff_login_timeout'=>$vars['staff_login_timeout'],
......@@ -823,18 +844,12 @@ class OsticketConfig extends Config {
'client_session_timeout'=>$vars['client_session_timeout'],
'allow_pw_reset'=>isset($vars['allow_pw_reset'])?1:0,
'pw_reset_window'=>$vars['pw_reset_window'],
'time_format'=>$vars['time_format'],
'date_format'=>$vars['date_format'],
'datetime_format'=>$vars['datetime_format'],
'daydatetime_format'=>$vars['daydatetime_format'],
'default_timezone_id'=>$vars['default_timezone_id'],
'enable_daylight_saving'=>isset($vars['enable_daylight_saving'])?1:0,
'clients_only'=>isset($vars['clients_only'])?1:0,
'client_registration'=>$vars['client_registration'],
));
}
function updateTicketsSettings($vars, &$errors) {
$f=array();
$f['default_sla_id']=array('type'=>'int', 'required'=>1, 'error'=>'Selection required');
$f['default_priority_id']=array('type'=>'int', 'required'=>1, 'error'=>'Selection required');
......
include/class.nav.php
+ 1
0
View file @ 1994d86e
......@@ -200,6 +200,7 @@ class AdminNav extends StaffNav{
$subnav[]=array('desc'=>'System','href'=>'settings.php?t=system','iconclass'=>'preferences');
$subnav[]=array('desc'=>'Tickets','href'=>'settings.php?t=tickets','iconclass'=>'ticket-settings');
$subnav[]=array('desc'=>'Emails','href'=>'settings.php?t=emails','iconclass'=>'email-settings');
$subnav[]=array('desc'=>'Access','href'=>'settings.php?t=access','iconclass'=>'users');
$subnav[]=array('desc'=>'Knowledgebase','href'=>'settings.php?t=kb','iconclass'=>'kb-settings');
$subnav[]=array('desc'=>'Autoresponder','href'=>'settings.php?t=autoresp','iconclass'=>'email-autoresponders');
$subnav[]=array('desc'=>'Alerts & Notices','href'=>'settings.php?t=alerts','iconclass'=>'alert-settings');
......
include/i18n/en_US/help/tips/settings.access.yaml 0 → 100644
+ 22
0
View file @ 1994d86e
#
# This is popup help messages for the Admin Panel -> Settings -> System page
#
# Fields:
# title - Shown in bold at the top of the popover window
# content - The body of the help popover
# links - List of links shows below the content
# title - Link title
# href - href of link (links starting with / are translated to the
# helpdesk installation path)
#
# The key names such as 'helpdesk_name' should not be translated as they
# must match the HTML #ids put into the page template.
#
---
# Authentication settings
password_reset:
title: Password Expiration Policy
content: >
Sets how often (in months) staff members will be required to change
their password. If disabled (set to "No expiration"), passwords will
not expire.
include/i18n/en_US/help/tips/settings.system.yaml
+ 0
8
View file @ 1994d86e
......@@ -68,14 +68,6 @@ name_format:
Email templates will use the format for names if no other format is
specified in the place holder.
# Authentication settings
password_reset:
title: Password Expiration Policy
content: >
Sets how often (in months) staff members will be required to change
their password. If disabled (set to "No expiration"), passwords will
not expire.
# Date and time options
date_and_time:
title: Localized Date Formats
......
include/staff/settings-access.inc.php 0 → 100644
+ 140
0
View file @ 1994d86e
<?php
if(!defined('OSTADMININC') || !$thisstaff || !$thisstaff->isAdmin() || !$config) die('Access Denied');
?>
<h2>Access Control Settings</h2>
<form action="settings.php?t=access" method="post" id="save">
<?php csrf_token(); ?>
<input type="hidden" name="t" value="access" >
<table class="form_table settings_table" width="940" border="0" cellspacing="0" cellpadding="2">
<thead>
<tr>
<th colspan="2">
<h4>Configure Access to this Help Desk</h4>
</th>
</tr>
</thead>
<tbody>
<tr>
<th colspan="2">
<em><b>Staff Authentication Settings</b></em>
</th>
</tr>
<tr><td>Password Expiration Policy:</th>
<td>
<select name="passwd_reset_period">
<option value="0"> &mdash; No expiration &mdash;</option>
<?php
for ($i = 1; $i <= 12; $i++) {
echo sprintf('<option value="%d" %s>%s%s</option>',
$i,(($config['passwd_reset_period']==$i)?'selected="selected"':''), $i>1?"Every $i ":'', $i>1?' Months':'Monthly');
}
?>
</select>
<font class="error"><?php echo $errors['passwd_reset_period']; ?></font>
<i class="help-tip icon-question-sign" href="#password_reset"></i>
</td>
</tr>
<tr><td>Allow Password Resets:</th>
<td>
<input type="checkbox" name="allow_pw_reset" <?php echo $config['allow_pw_reset']?'checked="checked"':''; ?>>
<em>Enables the <u>Forgot my password</u> link on the staff
control panel</em>
</td>
</tr>
<tr><td>Password Reset Window:</th>
<td>
<input type="text" name="pw_reset_window" size="6" value="<?php
echo $config['pw_reset_window']; ?>">
Maximum time <em>in minutes</em> a password reset token can
be valid.
&nbsp;<font class="error">&nbsp;<?php echo $errors['pw_reset_window']; ?></font>
</td>
</tr>
<tr><td>Staff Excessive Logins:</td>
<td>
<select name="staff_max_logins">
<?php
for ($i = 1; $i <= 10; $i++) {
echo sprintf('<option value="%d" %s>%d</option>', $i,(($config['staff_max_logins']==$i)?'selected="selected"':''), $i);
}
?>
</select> failed login attempt(s) allowed before a
<select name="staff_login_timeout">
<?php
for ($i = 1; $i <= 10; $i++) {
echo sprintf('<option value="%d" %s>%d</option>', $i,(($config['staff_login_timeout']==$i)?'selected="selected"':''), $i);
}
?>
</select> minute lock-out is enforced.
</td>
</tr>
<tr><td>Staff Session Timeout:</td>
<td>
<input type="text" name="staff_session_timeout" size=6 value="<?php echo $config['staff_session_timeout']; ?>">
Maximum idle time in minutes before a staff member must log in again (enter 0 to disable).
</td>
</tr>
<tr><td>Bind Staff Session to IP:</td>
<td>
<input type="checkbox" name="staff_ip_binding" <?php echo $config['staff_ip_binding']?'checked="checked"':''; ?>>
<em>(binds staff session to originating IP address upon login)</em>
</td>
</tr>
<tr>
<th colspan="2">
<em><b>Client Authentication Settings</b></em>
</th>
</tr>
<tr><td>Registration Required:</td>
<td><input type="checkbox" name="clients_only" <?php
if ($config['clients_only'])
echo 'checked="checked"'; ?>/>
Require registration and login to create tickets
</td>
<tr><td>Registration Method:</td>
<td><select name="client_registration">
<?php foreach (array(
'public' => 'Public — Anyone can register',
'auto' => 'Automatic — Create new accounts for all new tickets',
'closed' => 'Private — Only staff can register clients',)
as $key=>$val) { ?>
<option value="<?php echo $key; ?>" <?php
if ($config['client_registration'] == $key)
echo 'selected="selected"'; ?>><?php echo $val;
?></option><?php
} ?>
</select></td>
</tr>
<tr><td>Client Excessive Logins:</td>
<td>
<select name="client_max_logins">
<?php
for ($i = 1; $i <= 10; $i++) {
echo sprintf('<option value="%d" %s>%d</option>', $i,(($config['client_max_logins']==$i)?'selected="selected"':''), $i);
}
?>
</select> failed login attempt(s) allowed before a
<select name="client_login_timeout">
<?php
for ($i = 1; $i <= 10; $i++) {
echo sprintf('<option value="%d" %s>%d</option>', $i,(($config['client_login_timeout']==$i)?'selected="selected"':''), $i);
}
?>
</select> minute lock-out is enforced.
</td>
</tr>
<tr><td>Client Session Timeout:</td>
<td>
<input type="text" name="client_session_timeout" size=6 value="<?php echo $config['client_session_timeout']; ?>">
&nbsp;Maximum idle time in minutes before a client must log in again (enter 0 to disable).
</td>
</tr>
</tbody>
</table>
<p style="text-align:center">
<input class="button" type="submit" name="submit" value="Save Changes">
<input class="button" type="reset" name="reset" value="Reset Changes">
</p>
</form>
include/staff/settings-system.inc.php
+ 0
92
View file @ 1994d86e
......@@ -118,98 +118,6 @@ $gmtime = Misc::gmtime();
<i class="help-tip icon-question-sign" href="#name_format"></i>
</td>
</tr>
<tr>
<th colspan="2">
<em><b>Authentication Settings</b></em>
</th>
</tr>
<tr><td>Password Expiration Policy:</th>
<td>
<select name="passwd_reset_period">
<option value="0"> &mdash; No expiration &mdash;</option>
<?php
for ($i = 1; $i <= 12; $i++) {
echo sprintf('<option value="%d" %s>%s%s</option>',
$i,(($config['passwd_reset_period']==$i)?'selected="selected"':''), $i>1?"Every $i ":'', $i>1?' Months':'Monthly');
}
?>
</select>
<font class="error"><?php echo $errors['passwd_reset_period']; ?></font>
<i class="help-tip icon-question-sign" href="#password_reset"></i>
</td>
</tr>
<tr><td>Allow Password Resets:</th>
<td>
<input type="checkbox" name="allow_pw_reset" <?php echo $config['allow_pw_reset']?'checked="checked"':''; ?>>
<em>Enables the <u>Forgot my password</u> link on the staff
control panel</em>
</td>
</tr>
<tr><td>Password Reset Window:</th>
<td>
<input type="text" name="pw_reset_window" size="6" value="<?php
echo $config['pw_reset_window']; ?>">
Maximum time <em>in minutes</em> a password reset token can
be valid.
&nbsp;<font class="error">&nbsp;<?php echo $errors['pw_reset_window']; ?></font>
</td>
</tr>
<tr><td>Staff Excessive Logins:</td>
<td>
<select name="staff_max_logins">
<?php
for ($i = 1; $i <= 10; $i++) {
echo sprintf('<option value="%d" %s>%d</option>', $i,(($config['staff_max_logins']==$i)?'selected="selected"':''), $i);
}
?>
</select> failed login attempt(s) allowed before a
<select name="staff_login_timeout">
<?php
for ($i = 1; $i <= 10; $i++) {
echo sprintf('<option value="%d" %s>%d</option>', $i,(($config['staff_login_timeout']==$i)?'selected="selected"':''), $i);
}
?>
</select> minute lock-out is enforced.
</td>
</tr>
<tr><td>Staff Session Timeout:</td>
<td>
<input type="text" name="staff_session_timeout" size=6 value="<?php echo $config['staff_session_timeout']; ?>">
Maximum idle time in minutes before a staff member must log in again (enter 0 to disable).
</td>
</tr>
<tr><td>Client Excessive Logins:</td>
<td>
<select name="client_max_logins">
<?php
for ($i = 1; $i <= 10; $i++) {
echo sprintf('<option value="%d" %s>%d</option>', $i,(($config['client_max_logins']==$i)?'selected="selected"':''), $i);
}
?>
</select> failed login attempt(s) allowed before a
<select name="client_login_timeout">
<?php
for ($i = 1; $i <= 10; $i++) {
echo sprintf('<option value="%d" %s>%d</option>', $i,(($config['client_login_timeout']==$i)?'selected="selected"':''), $i);
}
?>
</select> minute lock-out is enforced.
</td>
</tr>
<tr><td>Client Session Timeout:</td>
<td>
<input type="text" name="client_session_timeout" size=6 value="<?php echo $config['client_session_timeout']; ?>">
&nbsp;Maximum idle time in minutes before a client must log in again (enter 0 to disable).
</td>
</tr>
<tr><td>Bind Staff Session to IP:</td>
<td>
<input type="checkbox" name="staff_ip_binding" <?php echo $config['staff_ip_binding']?'checked="checked"':''; ?>>
<em>(binds staff session to originating IP address upon login)</em>
</td>
</tr>
<tr>
<th colspan="2">
<em><b>Date and Time Options</b>&nbsp;
......
scp/settings.php
+ 2
0
View file @ 1994d86e
......@@ -24,6 +24,8 @@ $settingOptions=array(
array('Email Settings', 'settings.email'),
'pages' =>
array('Site Pages', 'settings.pages'),
'access' =>
array('Access Control', 'settings.access'),
'kb' =>
array('Knowledgebase Settings', 'settings.kb'),
'autoresp' =>
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment