--- bb-ack.sh  2007-07-24 11:17:38.000000000 -0400
+++ bb-ack.sh.user_auth   2007-07-31 09:28:50.000000000 -0400
@@ -2,6 +2,42 @@

 # This is the Hobbit wrapper for the bb-ack CGI

+# Set up env variables.
 . /data/apps/hobbit201/server/etc/hobbitcgi.cfg
- exec /data/apps/hobbit201/server/bin/bb-ack.cgi $CGI_ACK_OPTS
+. /data/apps/hobbit201/server/etc/hobbitserver.cfg
+
+# Shell Script functions.
+fHTMLError() {
+       echo "Content-Type: text/html
+
+<HTML><HEAD><TITLE>Error</TITLE><HEAD>
+<BODY>
+<H2>Error</H2><HR>
+An error was encountered:<BR>
+ $1<HR>
+</BODY>"
+}
+
+# Start of script. Check for cgiauth config file.
+if [ ! -e $BBHOME/etc/cgiauthext.cfg ] ; then
+       fHTMLError "cgiauthext.cfg file missing, cannot proceed. Please contact your Hobbit Administrator."
+       exit
+fi

+# Process Page permissions for Remote_User.
+PAGE_PERMS=`$GREP "$REMOTE_USER:" $BBHOME/etc/cgiauthext.cfg | $CUT -d: -f2 | $SED 's/^ //g'`
+eval $HTTP_COOKIE
+if [ "$PAGE_PERMS" == "" ] ; then
+       fHTMLError "User $REMOTE_USER Not defined."
+       exit
+fi
+
+# Check if Remote_User has access to web page being viewed.
+echo "$pagepath" | $EGREP "$PAGE_PERMS" > /dev/null
+if [ $? -ne 0 ] ; then
+       fHTMLError "User $REMOTE_USER does not have the permissions to page $pagepath."
+       exit
+fi
+
+# Perform Ack command.
+ exec /data/apps/hobbit201/server/bin/bb-ack.cgi $CGI_ACK_OPTS

--- hobbit-enadis.sh   2007-07-24 11:17:38.000000000 -0400
+++ hobbit-enadis.sh.user_auth    2007-07-31 09:28:57.000000000 -0400
@@ -1,7 +1,56 @@
 #!/bin/sh

-# This is a wrapper for the Hobbit hobbit-enadis script
+# This is the Hobbit wrapper for the bb-ack CGI

+# Set up env variables.
 . /data/apps/hobbit201/server/etc/hobbitcgi.cfg
- exec /data/apps/hobbit201/server/bin/hobbit-enadis.cgi $CGI_ENADIS_OPTS
+. /data/apps/hobbit201/server/etc/hobbitserver.cfg
+
+# Shell Script functions.
+fHTMLError() {
+        echo "Content-Type: text/html
+
+<HTML><HEAD><TITLE>Error</TITLE><HEAD>
+<BODY>
+<H2>Error</H2><HR>
+An error was encountered:<BR>
+ $1<HR>
+</BODY>"
+}
+
+# Start of script. Check for cgiauth config file.
+if [ ! -e $BBHOME/etc/cgiauthext.cfg ] ; then
+        fHTMLError "cgiauthext.cfg file missing, cannot proceed. Please contact your Hobbit Administrator."
+        exit
+fi
+
+# Process Page permissions for Remote_User.
+PAGE_PERMS=`$GREP "$REMOTE_USER:" $BBHOME/etc/cgiauthext.cfg | $CUT -d: -f2 | $SED 's/^ //g'`
+eval $HTTP_COOKIE

+# Check if referer page was from a INFO report. If it is not
+# then assume cgi is being called from Admin Enable/Disable
+# Web GUI & only users with page permissions set to ".*" can
+# user the Admin GUI.
+echo "$HTTP_REFERER" | $EGREP "SERVICE=info$" > /dev/null
+if [ $? -ne 0 ] && [ "$PAGE_PERMS" != ".*" ] ; then
+       fHTMLError "User $REMOTE_USER does not have the permissions to access the Administrator Enable/Disable GUI. Please put devices into maintenace via the device's info page."
+       exit
+fi
+
+# Check that Remote_User's pageperms are defined.
+if [ "$PAGE_PERMS" == "" ] ; then
+       fHTMLError "User $REMOTE_USER Not defined."
+       exit
+fi
+
+# Get a Listing of devices on Pages the Remote_User has access to.
+PAGE_DEVICES=`$BB $BBDISP:$BBPORT "hobbitdboard page=$PAGE_PERMS test=info fields=hostname"`
+echo "$PAGE_DEVICES" | $EGREP "$host" > /dev/null
+if [ $? -ne 0 ] ; then
+       fHTMLError "User $REMOTE_USER does not have the permissions to set $host in maintenance."
+       exit
+fi
+
+# Perform Enable/Disable command.
+ exec /data/apps/hobbit201/server/bin/hobbit-enadis.cgi $CGI_ENADIS_OPTS