From 4bb44c3d90f198b00073f62675fe9193ad0fae24 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Tue, 12 Apr 2016 03:47:46 -0400
Subject: [PATCH] Enigma: added option to force users to use signing/encryption
---
CHANGELOG | 1
plugins/enigma/lib/enigma_ui.php | 52 +++++++++++++++++++++-----
plugins/enigma/config.inc.php.dist | 11 +++++
config/defaults.inc.php | 2
4 files changed, 55 insertions(+), 11 deletions(-)
diff --git a/CHANGELOG b/CHANGELOG
index 0972248..2785582 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -2,6 +2,7 @@
===========================
- Managesieve: Refactored script parser to be 100x faster
+- Enigma: added option to force users to use signing/encryption
- Enigma: Added option to attach public keys to sent mail (#5152)
- Enigma: Handle messages with text before an encrypted block (#5149)
- Enigma: Handle encrypted/signed content inside message/rfc822 attachments
diff --git a/config/defaults.inc.php b/config/defaults.inc.php
index 109ddac..a6ecaea 100644
--- a/config/defaults.inc.php
+++ b/config/defaults.inc.php
@@ -688,7 +688,7 @@
// NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
$config['trash_mbox'] = 'Trash';
-// automatically create the above listed default folders on first login
+// automatically create the above listed default folders on user login
$config['create_default_folders'] = false;
// protect the default folders from renames, deletes, and subscription changes
diff --git a/plugins/enigma/config.inc.php.dist b/plugins/enigma/config.inc.php.dist
index 2cce5ee..f7f6f9a 100644
--- a/plugins/enigma/config.inc.php.dist
+++ b/plugins/enigma/config.inc.php.dist
@@ -45,3 +45,14 @@
// To solve that a hardware entropy generator or
// an entropy gathering daemon may be installed (e.g. randomsound).
$config['enigma_keygen_server'] = false;
+
+// With this option you can lock composing options
+// of the plugin forcing the user to use configured settings.
+// The array accepts: 'sign', 'encrypt', 'pubkey'.
+//
+// For example, to force your users to sign every email,
+// you should set:
+// - enigma_sign_all = true
+// - enigma_options_lock = array('sign')
+// - dont_override = array('enigma_sign_all')
+$config['enigma_options_lock'] = array();
diff --git a/plugins/enigma/lib/enigma_ui.php b/plugins/enigma/lib/enigma_ui.php
index 37c1d41..d938f27 100644
--- a/plugins/enigma/lib/enigma_ui.php
+++ b/plugins/enigma/lib/enigma_ui.php
@@ -717,23 +717,36 @@
'height' => 32
), 'toolbar');
+ $locks = (array) $this->rc->config->get('enigma_options_lock');
$menu = new html_table(array('cols' => 2));
$chbox = new html_checkbox(array('value' => 1));
$menu->add(null, html::label(array('for' => 'enigmasignopt'),
rcube::Q($this->enigma->gettext('signmsg'))));
$menu->add(null, $chbox->show($this->rc->config->get('enigma_sign_all') ? 1 : 0,
- array('name' => '_enigma_sign', 'id' => 'enigmasignopt')));
+ array(
+ 'name' => '_enigma_sign',
+ 'id' => 'enigmasignopt',
+ 'disabled' => in_array('sign', $locks),
+ )));
$menu->add(null, html::label(array('for' => 'enigmaencryptopt'),
rcube::Q($this->enigma->gettext('encryptmsg'))));
$menu->add(null, $chbox->show($this->rc->config->get('enigma_encrypt_all') ? 1 : 0,
- array('name' => '_enigma_encrypt', 'id' => 'enigmaencryptopt')));
+ array(
+ 'name' => '_enigma_encrypt',
+ 'id' => 'enigmaencryptopt',
+ 'disabled' => in_array('encrypt', $locks),
+ )));
$menu->add(null, html::label(array('for' => 'enigmaattachpubkeyopt'),
rcube::Q($this->enigma->gettext('attachpubkeymsg'))));
- $menu->add(null, $chbox->show($this->rc->config->get('enigma_attach_pubkey') ? 1 : 0,
- array('name' => '_enigma_attachpubkey', 'id' => 'enigmaattachpubkeyopt')));
+ $menu->add(null, $chbox->show($this->rc->config->get('enigma_attach_pubkey') ? 1 : 0,
+ array(
+ 'name' => '_enigma_attachpubkey',
+ 'id' => 'enigmaattachpubkeyopt',
+ 'disabled' => in_array('pubkey', $locks),
+ )));
$menu = html::div(array('id' => 'enigmamenu', 'class' => 'popupmenu'), $menu->show());
@@ -938,20 +951,34 @@
*/
function message_ready($p)
{
- $savedraft = !empty($_POST['_draft']) && empty($_GET['_saveonly']);
+ $savedraft = !empty($_POST['_draft']) && empty($_GET['_saveonly']);
+ $sign_enable = (bool) rcube_utils::get_input_value('_enigma_sign', rcube_utils::INPUT_POST);
+ $encrypt_enable = (bool) rcube_utils::get_input_value('_enigma_encrypt', rcube_utils::INPUT_POST);
+ $pubkey_enable = (bool) rcube_utils::get_input_value('_enigma_attachpubkey', rcube_utils::INPUT_POST);
+ $locks = (array) $this->rc->config->get('enigma_options_lock');
- if (!$savedraft && rcube_utils::get_input_value('_enigma_attachpubkey', rcube_utils::INPUT_POST)) {
+ if (in_array('sign', $locks)) {
+ $sign_enable = (bool) $this->rc->config->get('enigma_sign_all');
+ }
+ if (in_array('encrypt', $locks)) {
+ $encrypt_enable = (bool) $this->rc->config->get('enigma_encrypt_all');
+ }
+ if (in_array('pubkey', $locks)) {
+ $pubkey_enable = (bool) $this->rc->config->get('enigma_attach_pubkey');
+ }
+
+ if (!$savedraft && $pubkey_enable) {
$this->enigma->load_engine();
$this->enigma->engine->attach_public_key($p['message']);
}
- if (!$savedraft && rcube_utils::get_input_value('_enigma_sign', rcube_utils::INPUT_POST)) {
+ if (!$savedraft && $sign_enable) {
$this->enigma->load_engine();
$status = $this->enigma->engine->sign_message($p['message']);
$mode = 'sign';
}
- if ((!$status instanceof enigma_error) && rcube_utils::get_input_value('_enigma_encrypt', rcube_utils::INPUT_POST)) {
+ if ((!$status instanceof enigma_error) && $encrypt_enable) {
$this->enigma->load_engine();
$status = $this->enigma->engine->encrypt_message($p['message'], null, $savedraft);
$mode = 'encrypt';
@@ -996,6 +1023,7 @@
}
$engine = $this->enigma->engine;
+ $locks = (array) $this->rc->config->get('enigma_options_lock');
// Decryption status
foreach ($engine->decryptions as $status) {
@@ -1021,8 +1049,12 @@
}
// Check sign/ecrypt options for signed/encrypted drafts
- $this->rc->output->set_env('enigma_force_encrypt', !empty($engine->decryptions));
- $this->rc->output->set_env('enigma_force_sign', !empty($engine->signatures));
+ if (!in_array('encrypt', $locks)) {
+ $this->rc->output->set_env('enigma_force_encrypt', !empty($engine->decryptions));
+ }
+ if (!in_array('sign', $locks)) {
+ $this->rc->output->set_env('enigma_force_sign', !empty($engine->signatures));
+ }
return $p;
}
--
Gitblit v1.9.1