From 2965a981b7ec22866fbdf2d567d87e2d068d3617 Mon Sep 17 00:00:00 2001
From: Thomas Bruederli <thomas@roundcube.net>
Date: Fri, 31 Jul 2015 16:04:08 -0400
Subject: [PATCH] Allow to search and import missing PGP pubkeys from keyservers using Publickey.js
---
plugins/acl/acl.php | 183 ++++++++++++++++++++++++++++++++-------------
1 files changed, 128 insertions(+), 55 deletions(-)
diff --git a/plugins/acl/acl.php b/plugins/acl/acl.php
index 1952dad..0393a3d 100644
--- a/plugins/acl/acl.php
+++ b/plugins/acl/acl.php
@@ -9,18 +9,18 @@
*
* Copyright (C) 2011-2012, Kolab Systems AG
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2
- * as published by the Free Software Foundation.
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
- * You should have received a copy of the GNU General Public License along
- * with this program; if not, write to the Free Software Foundation, Inc.,
- * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see http://www.gnu.org/licenses/.
*/
class acl extends rcube_plugin
@@ -55,7 +55,7 @@
*/
function acl_actions()
{
- $action = trim(get_input_value('_act', RCUBE_INPUT_GPC));
+ $action = trim(rcube_utils::get_input_value('_act', rcube_utils::INPUT_GPC));
// Connect to IMAP
$this->rc->storage_init();
@@ -85,9 +85,10 @@
{
$this->load_config();
- $search = get_input_value('_search', RCUBE_INPUT_GPC, true);
- $sid = get_input_value('_id', RCUBE_INPUT_GPC);
+ $search = rcube_utils::get_input_value('_search', rcube_utils::INPUT_GPC, true);
+ $reqid = rcube_utils::get_input_value('_reqid', rcube_utils::INPUT_GPC);
$users = array();
+ $keys = array();
if ($this->init_ldap()) {
$max = (int) $this->rc->config->get('autocomplete_max', 15);
@@ -105,17 +106,41 @@
}
if ($user) {
- if ($record['name'])
- $user = $record['name'] . ' (' . $user . ')';
-
+ $display = rcube_addressbook::compose_search_name($record);
+ $user = array('name' => $user, 'display' => $display);
$users[] = $user;
+ $keys[] = $display ?: $user['name'];
+ }
+ }
+
+ if ($this->rc->config->get('acl_groups')) {
+ $prefix = $this->rc->config->get('acl_group_prefix');
+ $group_field = $this->rc->config->get('acl_group_field', 'name');
+ $result = $this->ldap->list_groups($search, $mode);
+
+ foreach ($result as $record) {
+ $group = $record['name'];
+ $group_id = is_array($record[$group_field]) ? $record[$group_field][0] : $record[$group_field];
+
+ if ($group) {
+ $users[] = array('name' => ($prefix ? $prefix : '') . $group_id, 'display' => $group, 'type' => 'group');
+ $keys[] = $group;
+ }
}
}
}
- sort($users, SORT_LOCALE_STRING);
+ if (count($users)) {
+ // sort users index
+ asort($keys, SORT_LOCALE_STRING);
+ // re-sort users according to index
+ foreach ($keys as $idx => $val) {
+ $keys[$idx] = $users[$idx];
+ }
+ $users = array_values($keys);
+ }
- $this->rc->output->command('ksearch_query_results', $users, $search, $sid);
+ $this->rc->output->command('ksearch_query_results', $users, $search, $reqid);
$this->rc->output->send();
}
@@ -148,8 +173,10 @@
// Load localization and include scripts
$this->load_config();
+ $this->specials = $this->rc->config->get('acl_specials', $this->specials);
$this->add_texts('localization/', array('deleteconfirm', 'norights',
- 'nouser', 'deleting', 'saving'));
+ 'nouser', 'deleting', 'saving', 'newuser', 'editperms'));
+ $this->rc->output->add_label('save', 'cancel');
$this->include_script('acl.js');
$this->rc->output->include_script('list.js');
$this->include_stylesheet($this->local_skin_path().'/acl.css');
@@ -157,12 +184,12 @@
// add Info fieldset if it doesn't exist
if (!isset($args['form']['props']['fieldsets']['info']))
$args['form']['props']['fieldsets']['info'] = array(
- 'name' => rcube_label('info'),
+ 'name' => $this->rc->gettext('info'),
'content' => array());
// Display folder rights to 'Info' fieldset
$args['form']['props']['fieldsets']['info']['content']['myrights'] = array(
- 'label' => Q($this->gettext('myrights')),
+ 'label' => rcube::Q($this->gettext('myrights')),
'value' => $this->acl2text($myrights)
);
@@ -186,7 +213,7 @@
$this->rc->output->add_label('autocompletechars', 'autocompletemore');
$args['form']['sharing'] = array(
- 'name' => Q($this->gettext('sharing')),
+ 'name' => rcube::Q($this->gettext('sharing')),
'content' => $this->rc->output->parse('acl.table', false, false),
);
@@ -224,6 +251,11 @@
// Get supported rights
$supported = $this->rights_supported();
+ // give plugins the opportunity to adjust this list
+ $data = $this->rc->plugins->exec_hook('acl_rights_supported',
+ array('rights' => $supported, 'folder' => $this->mbox, 'labels' => array()));
+ $supported = $data['rights'];
+
// depending on server capability either use 'te' or 'd' for deleting msgs
$deleteright = implode(array_intersect(str_split('ted'), $supported));
@@ -233,7 +265,8 @@
// Advanced rights
$attrib['id'] = 'advancedrights';
- foreach ($supported as $idx => $val) {
+ foreach ($supported as $key => $val) {
+ $id = "acl$val";
$ul .= html::tag('li', null,
$input->show('', array(
'name' => "acl[$val]", 'value' => $val, 'id' => $id))
@@ -253,18 +286,22 @@
'other' => preg_replace('/[lrswi'.$deleteright.']/', '', implode($supported)),
);
- foreach ($items as $key => $val) {
+ // give plugins the opportunity to adjust this list
+ $data = $this->rc->plugins->exec_hook('acl_rights_simple',
+ array('rights' => $items, 'folder' => $this->mbox, 'labels' => array(), 'titles' => array()));
+
+ foreach ($data['rights'] as $key => $val) {
$id = "acl$key";
$ul .= html::tag('li', null,
$input->show('', array(
'name' => "acl[$val]", 'value' => $val, 'id' => $id))
- . html::label(array('for' => $id, 'title' => $this->gettext('longacl'.$key)),
- $this->gettext('acl'.$key)));
+ . html::label(array('for' => $id, 'title' => $data['titles'][$key] ?: $this->gettext('longacl'.$key)),
+ $data['labels'][$key] ?: $this->gettext('acl'.$key)));
}
$out .= "\n" . html::tag('ul', $attrib, $ul, html::$common_attrib);
- $this->rc->output->set_env('acl_items', $items);
+ $this->rc->output->set_env('acl_items', $data['rights']);
return $out;
}
@@ -283,7 +320,7 @@
$textfield = new html_inputfield($attrib);
- $fields['user'] = html::label(array('for' => 'iduser'), $this->gettext('username'))
+ $fields['user'] = html::label(array('for' => $attrib['id']), $this->gettext('username'))
. ' ' . $textfield->show();
// Add special entries
@@ -305,7 +342,7 @@
. $val);
}
- $out = html::tag('ul', array('id' => 'usertype'), $ul, html::$common_attrib);
+ $out = html::tag('ul', array('id' => 'usertype', 'class' => $attrib['class']), $ul, html::$common_attrib);
}
// Display text input alone
else {
@@ -351,6 +388,11 @@
// Get supported rights and build column names
$supported = $this->rights_supported();
+ // give plugins the opportunity to adjust this list
+ $data = $this->rc->plugins->exec_hook('acl_rights_supported',
+ array('rights' => $supported, 'folder' => $this->mbox, 'labels' => array()));
+ $supported = $data['rights'];
+
// depending on server capability either use 'te' or 'd' for deleting msgs
$deleteright = implode(array_intersect(str_split('ted'), $supported));
@@ -370,6 +412,11 @@
'delete' => $deleteright,
'other' => preg_replace('/[lrswi'.$deleteright.']/', '', implode($supported)),
);
+
+ // give plugins the opportunity to adjust this list
+ $data = $this->rc->plugins->exec_hook('acl_rights_simple',
+ array('rights' => $items, 'folder' => $this->mbox, 'labels' => array()));
+ $items = $data['rights'];
}
// Create the table
@@ -379,11 +426,10 @@
// Create table header
$table->add_header('user', $this->gettext('identifier'));
foreach (array_keys($items) as $key) {
- $label = $this->gettext('shortacl'.$key);
+ $label = $data['labels'][$key] ?: $this->gettext('shortacl'.$key);
$table->add_header(array('class' => 'acl'.$key, 'title' => $label), $label);
}
- $i = 1;
$js_table = array();
foreach ($acl as $user => $rights) {
if ($this->rc->storage->conn->user == $user) {
@@ -392,14 +438,14 @@
// filter out virtual rights (c or d) the server may return
$userrights = array_intersect($rights, $supported);
- $userid = html_identifier($user);
+ $userid = rcube_utils::html_identifier($user);
if (!empty($this->specials) && in_array($user, $this->specials)) {
$user = $this->gettext($user);
}
$table->add_row(array('id' => 'rcmrow'.$userid));
- $table->add('user', Q($user));
+ $table->add('user', html::a(array('id' => 'rcmlinkrow'.$userid), rcube::Q($user)));
foreach ($items as $key => $right) {
$in = $this->acl_compare($userrights, $right);
@@ -427,23 +473,28 @@
*/
private function action_save()
{
- $mbox = trim(get_input_value('_mbox', RCUBE_INPUT_GPC, true)); // UTF7-IMAP
- $user = trim(get_input_value('_user', RCUBE_INPUT_GPC));
- $acl = trim(get_input_value('_acl', RCUBE_INPUT_GPC));
- $oldid = trim(get_input_value('_old', RCUBE_INPUT_GPC));
+ $mbox = trim(rcube_utils::get_input_value('_mbox', rcube_utils::INPUT_POST, true)); // UTF7-IMAP
+ $user = trim(rcube_utils::get_input_value('_user', rcube_utils::INPUT_POST));
+ $acl = trim(rcube_utils::get_input_value('_acl', rcube_utils::INPUT_POST));
+ $oldid = trim(rcube_utils::get_input_value('_old', rcube_utils::INPUT_POST));
- $acl = array_intersect(str_split($acl), $this->rights_supported());
- $users = $oldid ? array($user) : explode(',', $user);
+ $acl = array_intersect(str_split($acl), $this->rights_supported());
+ $users = $oldid ? array($user) : explode(',', $user);
+ $result = 0;
foreach ($users as $user) {
- $user = trim($user);
+ $user = trim($user);
+ $prefix = $this->rc->config->get('acl_groups') ? $this->rc->config->get('acl_group_prefix') : '';
- if (!empty($this->specials) && in_array($user, $this->specials)) {
+ if ($prefix && strpos($user, $prefix) === 0) {
+ $username = $user;
+ }
+ else if (!empty($this->specials) && in_array($user, $this->specials)) {
$username = $this->gettext($user);
}
- else {
+ else if (!empty($user)) {
if (!strpos($user, '@') && ($realm = $this->get_realm())) {
- $user .= '@' . rcube_idn_to_ascii(preg_replace('/^@/', '', $realm));
+ $user .= '@' . rcube_utils::idn_to_ascii(preg_replace('/^@/', '', $realm));
}
$username = $user;
}
@@ -452,9 +503,12 @@
continue;
}
+ $user = $this->mod_login($user);
+ $username = $this->mod_login($username);
+
if ($user != $_SESSION['username'] && $username != $_SESSION['username']) {
if ($this->rc->storage->set_acl($mbox, $user, $acl)) {
- $ret = array('id' => html_identifier($user),
+ $ret = array('id' => rcube_utils::html_identifier($user),
'username' => $username, 'acl' => implode($acl), 'old' => $oldid);
$this->rc->output->command('acl_update', $ret);
$result++;
@@ -475,15 +529,15 @@
*/
private function action_delete()
{
- $mbox = trim(get_input_value('_mbox', RCUBE_INPUT_GPC, true)); //UTF7-IMAP
- $user = trim(get_input_value('_user', RCUBE_INPUT_GPC));
+ $mbox = trim(rcube_utils::get_input_value('_mbox', rcube_utils::INPUT_POST, true)); //UTF7-IMAP
+ $user = trim(rcube_utils::get_input_value('_user', rcube_utils::INPUT_POST));
$user = explode(',', $user);
foreach ($user as $u) {
$u = trim($u);
if ($this->rc->storage->delete_acl($mbox, $u)) {
- $this->rc->output->command('acl_remove_row', html_identifier($u));
+ $this->rc->output->command('acl_remove_row', rcube_utils::html_identifier($u));
}
else {
$error = true;
@@ -507,8 +561,8 @@
return;
}
- $this->mbox = trim(get_input_value('_mbox', RCUBE_INPUT_GPC, true)); // UTF7-IMAP
- $advanced = trim(get_input_value('_mode', RCUBE_INPUT_GPC));
+ $this->mbox = trim(rcube_utils::get_input_value('_mbox', rcube_utils::INPUT_GPC, true)); // UTF7-IMAP
+ $advanced = trim(rcube_utils::get_input_value('_mode', rcube_utils::INPUT_GPC));
$advanced = $advanced == 'advanced' ? true : false;
// Save state in user preferences
@@ -543,12 +597,12 @@
foreach ($supported as $right) {
if (in_array($right, $rights)) {
- $list[] = html::tag('li', null, Q($this->gettext('acl' . $right)));
+ $list[] = html::tag('li', null, rcube::Q($this->gettext('acl' . $right)));
}
}
if (count($list) == count($supported))
- return Q($this->gettext('aclfull'));
+ return rcube::Q($this->gettext('aclfull'));
return html::tag('ul', $attrib, implode("\n", $list));
}
@@ -647,8 +701,9 @@
*/
private function init_ldap()
{
- if ($this->ldap)
+ if ($this->ldap) {
return $this->ldap->ready;
+ }
// get LDAP config
$config = $this->rc->config->get('acl_users_source');
@@ -660,7 +715,7 @@
// not an array, use configured ldap_public source
if (!is_array($config)) {
$ldap_config = (array) $this->rc->config->get('ldap_public');
- $config = $ldap_config[$config];
+ $config = $ldap_config[$config];
}
$uid_field = $this->rc->config->get('acl_users_field', 'mail');
@@ -680,18 +735,17 @@
}
// add UID field to fieldmap, so it will be returned in a record with name
- $config['fieldmap'] = array(
- 'name' => $name_field,
- 'uid' => $uid_field,
- );
+ $config['fieldmap']['name'] = $name_field;
+ $config['fieldmap']['uid'] = $uid_field;
// search in UID and name fields
- $config['search_fields'] = array_values($config['fieldmap']);
+ $config['search_fields'] = array_values($config['fieldmap']);
$config['required_fields'] = array($uid_field);
// set search filter
- if ($filter)
+ if ($filter) {
$config['filter'] = $filter;
+ }
// disable vlv
$config['vlv'] = false;
@@ -703,4 +757,23 @@
return $this->ldap->ready;
}
+
+ /**
+ * Modify user login according to 'login_lc' setting
+ */
+ protected function mod_login($user)
+ {
+ $login_lc = $this->rc->config->get('login_lc');
+
+ if ($login_lc === true || $login_lc == 2) {
+ $user = mb_strtolower($user);
+ }
+ // lowercase domain name
+ else if ($login_lc && strpos($user, '@')) {
+ list($local, $domain) = explode('@', $user);
+ $user = $local . '@' . mb_strtolower($domain);
+ }
+
+ return $user;
+ }
}
--
Gitblit v1.9.1