#
#========================================================================
#
-# Version 3.2.0beta0, released 5 April 2009.
+# Version 3.2.0, released 31 Jul 2010.
#
# See http://backuppc.sourceforge.net.
#
#
$User = $1 if ( $User =~ /uid=([^,]+)/i || $User =~ /(.*)/ );
+ # strip Active directory domain in front of user
+ $User = $1 if ( $User =~ /\w+\\(\w+)/ );
+#use Data::Dump qw(dump);
+#warn "XX User: $User",dump( \%ENV );
+
#
# Clean up %ENV for taint checking
#
$Privileged ||= $User eq $Hosts->{$host}{user};
$Privileged ||= defined($Hosts->{$host}{moreUsers}{$User});
+
+ # XXX check against REMOTE_NTGROUP from mod_ntlm
+ $Privileged ||= $Conf{CgiAdminUserGroup} eq $ENV{REMOTE_NTGROUP};
+
return $Privileged;
}
priv => 1},
{ link => "?action=queue", name => $Lang->{Current_queues},
priv => 1},
+ # XXX additional search extensions
+ { link => "?action=search", name => $Lang->{Search_archive},
+ priv => 1},
+ { link => "?action=burn", name => $Lang->{Burn_media},
+ priv => 1},
@{$Conf{CgiNavBarLinks} || []},
);
my $host = $In{host};
$Conf{CgiHeaders}
<script src="$Conf{CgiImageDirURL}/sorttable.js"></script>
</head><body onLoad="document.getElementById('NavMenu').style.height=document.body.scrollHeight">
+<!--
<a href="http://backuppc.sourceforge.net"><img src="$Conf{CgiImageDirURL}/logo.gif" hspace="5" vspace="7" border="0"></a><br>
+-->
+<img src="/asa-150x50.png" hspace="5" vspace="7">
EOF
if ( defined($Hosts) && defined($host) && defined($Hosts->{$host}) ) {