diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 3ae230e6..af35252b 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -51,4 +51,4 @@ The following users are available for testing:
### Changes to Dev Environment
-Should the default schema of the web portal change, the `ldap/bootstrap.ldif` and `sql/bootstrap.sql` must be updated for the LDAP server and the MySQL server, respectively.
\ No newline at end of file
+Should the default schema of the web portal change, the `ldap/bootstrap.ldif` and `sql/bootstrap.sql` must be updated for the LDAP server and the MySQL server, respectively.
diff --git a/defaults/config.ini.default b/defaults/config.ini.default
index 8c56b24d..94e4075b 100644
--- a/defaults/config.ini.default
+++ b/defaults/config.ini.default
@@ -75,6 +75,7 @@ title[] = "Test Medium Footer"
[loginshell] ; Login shells that show up as options in the account settings page
shell[] = "/bin/bash"
shell[] = "/bin/zsh"
+shell[] = "/bin/tcsh"
[menuitems] ; menu items, add a label and link for each
labels[] = "Global Menuitem 1"
diff --git a/resources/lib/UnityUser.php b/resources/lib/UnityUser.php
index ccf7fb9e..a2e839da 100644
--- a/resources/lib/UnityUser.php
+++ b/resources/lib/UnityUser.php
@@ -446,8 +446,16 @@ public function getSSHKeys($ignorecache = false)
*/
public function setLoginShell($shell, $operator = null, $send_mail = true)
{
- // FIXME throw error if shell is not ascii
// ldap schema syntax is "IA5 String (1.3.6.1.4.1.1466.115.121.1.26)"
+ if (!mb_check_encoding($shell, 'ASCII')) {
+ throw new Exception("non ascii characters are not allowed in a login shell!");
+ }
+ if ($shell != trim($shell)) {
+ throw new Exception("leading/trailing whitespace is not allowed in a login shell!");
+ }
+ if (empty($shell)) {
+ throw new Exception("login shell must not be empty!");
+ }
$ldapUser = $this->getLDAPUser();
if ($ldapUser->exists()) {
$ldapUser->setAttribute("loginshell", $shell);
diff --git a/test/functional/LoginShellSetTest.php b/test/functional/LoginShellSetTest.php
index 86ffbaea..2d41f918 100644
--- a/test/functional/LoginShellSetTest.php
+++ b/test/functional/LoginShellSetTest.php
@@ -28,31 +28,22 @@ public static function getShells()
// phpcs:enable
}
- #[DataProvider("getShells")]
- public function testSetLoginShellCustom(string $shell): void
+ private function isShellValid(string $shell)
{
- global $USER;
- // FIXME add check to avoid warning from ldap_modify
- if (!mb_check_encoding($shell, 'ASCII')) {
- $this->expectException("Exception");
- }
- // FIXME shell is not validated
- post(
- __DIR__ . "/../../webroot/panel/account.php",
- ["form_type" => "loginshell", "shellSelect" => "Custom", "shell" => $shell]
+ return (
+ (mb_check_encoding($shell, 'ASCII')) &&
+ ($shell == trim($shell)) &&
+ (!empty($shell))
);
- $this->assertEquals($shell, $USER->getLoginShell());
}
#[DataProvider("getShells")]
- public function testSetLoginShellSelect(string $shell): void
+ public function testSetLoginShell(string $shell): void
{
global $USER;
- // FIXME add check to avoid warning from ldap_modify
- if (!mb_check_encoding($shell, 'ASCII')) {
+ if (!$this->isShellValid($shell)) {
$this->expectException("Exception");
}
- // FIXME shell is not validated
post(
__DIR__ . "/../../webroot/panel/account.php",
["form_type" => "loginshell", "shellSelect" => $shell]
diff --git a/webroot/panel/account.php b/webroot/panel/account.php
index 9e6272da..e4bcd7e0 100644
--- a/webroot/panel/account.php
+++ b/webroot/panel/account.php
@@ -69,11 +69,7 @@
$USER->setSSHKeys($keys, $OPERATOR); // Update user keys
break;
case "loginshell":
- if ($_POST["shellSelect"] == "Custom") {
- $USER->setLoginShell($_POST["shell"], $OPERATOR);
- } else {
- $USER->setLoginShell($_POST["shellSelect"], $OPERATOR);
- }
+ $USER->setLoginShell($_POST["shellSelect"], $OPERATOR);
break;
case "pi_request":
if (!$USER->isPI()) {
@@ -210,21 +206,11 @@
foreach ($CONFIG["loginshell"]["shell"] as $shell) {
echo "";
}
-echo "";
?>
-
-";
-?>
+
@@ -257,7 +243,6 @@
-