This repository has been archived by the owner on Jan 3, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 34
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
5 changed files
with
231 additions
and
61 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,63 +1,103 @@ | ||
<Policy default> | ||
JobPrivateAccess default | ||
JobPrivateValues default | ||
SubscriptionPrivateAccess default | ||
SubscriptionPrivateValues default | ||
<Limit Create-Job Print-Job Print-URI Validate-Job> | ||
Order deny,allow | ||
</Limit> | ||
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document> | ||
Require user @OWNER @SYSTEM | ||
Order deny,allow | ||
</Limit> | ||
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default CUPS-Get-Devices> | ||
AuthType Default | ||
Require user @SYSTEM | ||
Order deny,allow | ||
</Limit> | ||
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs> | ||
AuthType Default | ||
Require user @SYSTEM | ||
Order deny,allow | ||
</Limit> | ||
<Limit Cancel-Job CUPS-Authenticate-Job> | ||
Require user @OWNER @SYSTEM | ||
Order deny,allow | ||
</Limit> | ||
<Limit All> | ||
Order deny,allow | ||
</Limit> | ||
</Policy> | ||
<Policy authenticated> | ||
JobPrivateAccess default | ||
JobPrivateValues default | ||
SubscriptionPrivateAccess default | ||
SubscriptionPrivateValues default | ||
<Limit Create-Job Print-Job Print-URI Validate-Job> | ||
AuthType Default | ||
Order deny,allow | ||
</Limit> | ||
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document> | ||
AuthType Default | ||
Require user @OWNER @SYSTEM | ||
Order deny,allow | ||
</Limit> | ||
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default> | ||
AuthType Default | ||
Require user @SYSTEM | ||
Order deny,allow | ||
</Limit> | ||
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs> | ||
AuthType Default | ||
Require user @SYSTEM | ||
Order deny,allow | ||
</Limit> | ||
<Limit Cancel-Job CUPS-Authenticate-Job> | ||
AuthType Default | ||
Require user @OWNER @SYSTEM | ||
Order deny,allow | ||
</Limit> | ||
<Limit All> | ||
Order deny,allow | ||
<% | ||
cups_policies_defaults = { | ||
'default' => { | ||
'options' => [ | ||
'JobPrivateAccess default', 'JobPrivateValues default', 'SubscriptionPrivateAccess default', 'SubscriptionPrivateValues default', | ||
], | ||
'limits' => { | ||
'Create-Job Print-Job Print-URI Validate-Job' => ['Order deny,allow'], | ||
'Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document' => [ | ||
'Require user @OWNER @SYSTEM', | ||
'Order deny,allow', | ||
], | ||
'CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default CUPS-Get-Devices' => [ | ||
'AuthType Default', | ||
'Require user @SYSTEM', | ||
'Order deny,allow', | ||
], | ||
'Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs' => [ | ||
'AuthType Default', | ||
'Require user @SYSTEM', | ||
'Order deny,allow', | ||
], | ||
'Cancel-Job CUPS-Authenticate-Job' => [ | ||
'Require user @OWNER @SYSTEM', | ||
'Order deny,allow', | ||
], | ||
'All' => [ | ||
'Order deny,allow', | ||
], | ||
}, | ||
}, | ||
'authenticated' => { | ||
'options' => [ | ||
'JobPrivateAccess default', 'JobPrivateValues default', 'SubscriptionPrivateAccess default', 'SubscriptionPrivateValues default', | ||
], | ||
'limits' => { | ||
'Create-Job Print-Job Print-URI Validate-Job' => ['AuthType Default', 'Order deny,allow'], | ||
'Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document' => [ | ||
'AuthType Default', | ||
'Require user @OWNER @SYSTEM', | ||
'Order deny,allow', | ||
], | ||
'CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default' => [ | ||
'AuthType Default', | ||
'Require user @SYSTEM', | ||
'Order deny,allow', | ||
], | ||
'Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs' => [ | ||
'AuthType Default', | ||
'Require user @SYSTEM', | ||
'Order deny,allow', | ||
], | ||
'Cancel-Job CUPS-Authenticate-Job' => [ | ||
'AuthType Default', | ||
'Require user @OWNER @SYSTEM', | ||
'Order deny,allow', | ||
], | ||
'All' => [ | ||
'Order deny,allow', | ||
], | ||
}, | ||
}, | ||
} | ||
|
||
@final_policies = cups_policies_defaults | ||
|
||
if ! @policies.nil? && @policies.is_a?(Hash) | ||
@policies.each_pair do |policy, directives| | ||
if ! @final_policies.has_key?(policy) | ||
@final_policies[policy] ||= directives | ||
else | ||
if directives.has_key?('options') | ||
@final_policies[policy]['options'] = directives['options'] | ||
end | ||
if directives.has_key?('limits') | ||
directives['limits'].each_pair do |lim, opts| | ||
@final_policies[policy]['limits'][lim] = opts | ||
end | ||
end | ||
end | ||
end | ||
end | ||
|
||
-%> | ||
<% @final_policies.each_pair do |policy, directives| -%> | ||
<% next if directives.nil? || directives.empty? -%> | ||
<Policy <%= policy -%>> | ||
<% if directives.has_key?('options') -%> | ||
<% directives['options'].each do |opt| -%> | ||
<%= opt %> | ||
<% end -%> | ||
<% end -%> | ||
<% if directives.has_key?('limits') -%> | ||
<% directives['limits'].each_pair do |lim, opts| -%> | ||
<Limit <%= lim %>> | ||
<% opts.each do |opt| -%> | ||
<%= opt %> | ||
<% end -%> | ||
</Limit> | ||
<% end -%> | ||
<% end -%> | ||
</Policy> | ||
<% end -%> |