From 4bb44c3d90f198b00073f62675fe9193ad0fae24 Mon Sep 17 00:00:00 2001 From: Aleksander Machniak <alec@alec.pl> Date: Tue, 12 Apr 2016 03:47:46 -0400 Subject: [PATCH] Enigma: added option to force users to use signing/encryption --- CHANGELOG | 1 plugins/enigma/lib/enigma_ui.php | 52 +++++++++++++++++++++----- plugins/enigma/config.inc.php.dist | 11 +++++ config/defaults.inc.php | 2 4 files changed, 55 insertions(+), 11 deletions(-) diff --git a/CHANGELOG b/CHANGELOG index 0972248..2785582 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -2,6 +2,7 @@ =========================== - Managesieve: Refactored script parser to be 100x faster +- Enigma: added option to force users to use signing/encryption - Enigma: Added option to attach public keys to sent mail (#5152) - Enigma: Handle messages with text before an encrypted block (#5149) - Enigma: Handle encrypted/signed content inside message/rfc822 attachments diff --git a/config/defaults.inc.php b/config/defaults.inc.php index 109ddac..a6ecaea 100644 --- a/config/defaults.inc.php +++ b/config/defaults.inc.php @@ -688,7 +688,7 @@ // NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP) $config['trash_mbox'] = 'Trash'; -// automatically create the above listed default folders on first login +// automatically create the above listed default folders on user login $config['create_default_folders'] = false; // protect the default folders from renames, deletes, and subscription changes diff --git a/plugins/enigma/config.inc.php.dist b/plugins/enigma/config.inc.php.dist index 2cce5ee..f7f6f9a 100644 --- a/plugins/enigma/config.inc.php.dist +++ b/plugins/enigma/config.inc.php.dist @@ -45,3 +45,14 @@ // To solve that a hardware entropy generator or // an entropy gathering daemon may be installed (e.g. randomsound). $config['enigma_keygen_server'] = false; + +// With this option you can lock composing options +// of the plugin forcing the user to use configured settings. +// The array accepts: 'sign', 'encrypt', 'pubkey'. +// +// For example, to force your users to sign every email, +// you should set: +// - enigma_sign_all = true +// - enigma_options_lock = array('sign') +// - dont_override = array('enigma_sign_all') +$config['enigma_options_lock'] = array(); diff --git a/plugins/enigma/lib/enigma_ui.php b/plugins/enigma/lib/enigma_ui.php index 37c1d41..d938f27 100644 --- a/plugins/enigma/lib/enigma_ui.php +++ b/plugins/enigma/lib/enigma_ui.php @@ -717,23 +717,36 @@ 'height' => 32 ), 'toolbar'); + $locks = (array) $this->rc->config->get('enigma_options_lock'); $menu = new html_table(array('cols' => 2)); $chbox = new html_checkbox(array('value' => 1)); $menu->add(null, html::label(array('for' => 'enigmasignopt'), rcube::Q($this->enigma->gettext('signmsg')))); $menu->add(null, $chbox->show($this->rc->config->get('enigma_sign_all') ? 1 : 0, - array('name' => '_enigma_sign', 'id' => 'enigmasignopt'))); + array( + 'name' => '_enigma_sign', + 'id' => 'enigmasignopt', + 'disabled' => in_array('sign', $locks), + ))); $menu->add(null, html::label(array('for' => 'enigmaencryptopt'), rcube::Q($this->enigma->gettext('encryptmsg')))); $menu->add(null, $chbox->show($this->rc->config->get('enigma_encrypt_all') ? 1 : 0, - array('name' => '_enigma_encrypt', 'id' => 'enigmaencryptopt'))); + array( + 'name' => '_enigma_encrypt', + 'id' => 'enigmaencryptopt', + 'disabled' => in_array('encrypt', $locks), + ))); $menu->add(null, html::label(array('for' => 'enigmaattachpubkeyopt'), rcube::Q($this->enigma->gettext('attachpubkeymsg')))); - $menu->add(null, $chbox->show($this->rc->config->get('enigma_attach_pubkey') ? 1 : 0, - array('name' => '_enigma_attachpubkey', 'id' => 'enigmaattachpubkeyopt'))); + $menu->add(null, $chbox->show($this->rc->config->get('enigma_attach_pubkey') ? 1 : 0, + array( + 'name' => '_enigma_attachpubkey', + 'id' => 'enigmaattachpubkeyopt', + 'disabled' => in_array('pubkey', $locks), + ))); $menu = html::div(array('id' => 'enigmamenu', 'class' => 'popupmenu'), $menu->show()); @@ -938,20 +951,34 @@ */ function message_ready($p) { - $savedraft = !empty($_POST['_draft']) && empty($_GET['_saveonly']); + $savedraft = !empty($_POST['_draft']) && empty($_GET['_saveonly']); + $sign_enable = (bool) rcube_utils::get_input_value('_enigma_sign', rcube_utils::INPUT_POST); + $encrypt_enable = (bool) rcube_utils::get_input_value('_enigma_encrypt', rcube_utils::INPUT_POST); + $pubkey_enable = (bool) rcube_utils::get_input_value('_enigma_attachpubkey', rcube_utils::INPUT_POST); + $locks = (array) $this->rc->config->get('enigma_options_lock'); - if (!$savedraft && rcube_utils::get_input_value('_enigma_attachpubkey', rcube_utils::INPUT_POST)) { + if (in_array('sign', $locks)) { + $sign_enable = (bool) $this->rc->config->get('enigma_sign_all'); + } + if (in_array('encrypt', $locks)) { + $encrypt_enable = (bool) $this->rc->config->get('enigma_encrypt_all'); + } + if (in_array('pubkey', $locks)) { + $pubkey_enable = (bool) $this->rc->config->get('enigma_attach_pubkey'); + } + + if (!$savedraft && $pubkey_enable) { $this->enigma->load_engine(); $this->enigma->engine->attach_public_key($p['message']); } - if (!$savedraft && rcube_utils::get_input_value('_enigma_sign', rcube_utils::INPUT_POST)) { + if (!$savedraft && $sign_enable) { $this->enigma->load_engine(); $status = $this->enigma->engine->sign_message($p['message']); $mode = 'sign'; } - if ((!$status instanceof enigma_error) && rcube_utils::get_input_value('_enigma_encrypt', rcube_utils::INPUT_POST)) { + if ((!$status instanceof enigma_error) && $encrypt_enable) { $this->enigma->load_engine(); $status = $this->enigma->engine->encrypt_message($p['message'], null, $savedraft); $mode = 'encrypt'; @@ -996,6 +1023,7 @@ } $engine = $this->enigma->engine; + $locks = (array) $this->rc->config->get('enigma_options_lock'); // Decryption status foreach ($engine->decryptions as $status) { @@ -1021,8 +1049,12 @@ } // Check sign/ecrypt options for signed/encrypted drafts - $this->rc->output->set_env('enigma_force_encrypt', !empty($engine->decryptions)); - $this->rc->output->set_env('enigma_force_sign', !empty($engine->signatures)); + if (!in_array('encrypt', $locks)) { + $this->rc->output->set_env('enigma_force_encrypt', !empty($engine->decryptions)); + } + if (!in_array('sign', $locks)) { + $this->rc->output->set_env('enigma_force_sign', !empty($engine->signatures)); + } return $p; } -- Gitblit v1.9.1