added ldap type + journal view

2024-11-07 22:41:59 +01:00 · 2013-07-12 11:14:09 +02:00 · 2013-07-12 11:14:09 +02:00 · c44820f0df
commit c44820f0df
parent f43a2425bf
19 changed files with 247 additions and 24 deletions
--- a/webui/config.php
+++ b/webui/config.php
@ -110,6 +110,9 @@ $config['ENABLE_SYSLOG'] = 1;
 $config['REWRITE_MESSAGE_ID'] = 0;
 $config['RESTRICTED_AUDITOR'] = 0;

+$config['SHOW_ENVELOPE_JOURNAL'] = 0;
+$config['BULK_DOWNLOAD_FOR_USERS'] = 1;
+
 $config['MAX_CGI_FROM_SUBJ_LEN'] = 34;
 $config['PAGE_LEN'] = 20;
 $config['MAX_NUMBER_OF_FROM_ITEMS'] = 5;
@ -149,7 +152,7 @@ $config['DB_DATABASE'] = 'piler';
 $config['SPHINX_DRIVER'] = 'sphinx';
 $config['SPHINX_DATABASE'] = 'sphinx';
 $config['SPHINX_HOSTNAME'] = '127.0.0.1:9306';
-$config['SPHINX_MAIN_INDEX'] = 'dailydelta1,main1,main2,main3,main4';
+$config['SPHINX_MAIN_INDEX'] = 'dailydelta1,main1';
 $config['SPHINX_TAG_INDEX'] = 'tag1';
 $config['SPHINX_NOTE_INDEX'] = 'note1';

@ -225,6 +228,9 @@ require_once 'config-site.php';

 if(isset($_SESSION['theme']) && preg_match("/^([a-zA-Z0-9\-\_]+)$/", $_SESSION['theme'])) { $config['THEME'] = $_SESSION['theme']; }

+// make sure auditors are restricted in a saas environment
+if($config['ENABLE_SAAS'] == 1 && $_SESSION['username'] != 'auditor@local') { $config['RESTRICTED_AUDITOR'] = 1; }
+
 foreach ($config as $k => $v) {
   define($k, $v);
 }
--- a/webui/controller/message/headers.php
+++ b/webui/controller/message/headers.php
@ -37,7 +37,7 @@ class ControllerMessageHeaders extends Controller {

      $this->data['piler_id'] = $this->model_search_message->get_piler_id_by_id($this->data['id']);

-      $this->data['data'] = $this->model_search_message->get_message_headers($this->data['piler_id']);
+      $this->data['message'] = $this->model_search_message->get_message_headers($this->data['piler_id']);

      $this->render();
   }
--- a/webui/controller/message/journal.php
+++ b/webui/controller/message/journal.php
@ -0,0 +1,48 @@
+<?php
+
+
+class ControllerMessageJournal extends Controller {
+
+   public function index(){
+
+      $this->id = "content";
+      $this->template = "message/journal.tpl";
+      $this->layout = "common/layout-empty";
+
+      $request = Registry::get('request');
+      $db = Registry::get('db');
+
+      $this->load->model('search/search');
+      $this->load->model('search/message');
+
+      $this->load->model('user/user');
+
+      $this->document->title = $this->data['text_message'];
+
+      $this->data['id'] = @$this->request->get['id'];
+
+      if(!verify_piler_id($this->data['id'])) {
+         AUDIT(ACTION_UNKNOWN, '', '', $this->data['id'], 'unknown id: ' . $this->data['id']);
+         die("invalid id: " . $this->data['id']);
+      }
+
+      if(!$this->model_search_search->check_your_permission_by_id($this->data['id'])) {
+         AUDIT(ACTION_UNAUTHORIZED_VIEW_MESSAGE, '', '', $this->data['id'], '');
+         die("no permission for " . $this->data['id']);
+      }
+
+      AUDIT(ACTION_VIEW_HEADER, '', '', $this->data['id'], '');
+
+      if(Registry::get('auditor_user') == 1) { $this->data['rcpt'] = $this->model_search_search->get_message_addresses_in_my_domain($this->data['id']); }
+
+      $this->data['piler_id'] = $this->model_search_message->get_piler_id_by_id($this->data['id']);
+
+      $this->data['data'] = $this->model_search_message->get_message_journal($this->data['piler_id']);
+
+      $this->render();
+   }
+
+
+}
+
+?>
--- a/webui/language/de/messages.php
+++ b/webui/language/de/messages.php
@ -345,6 +345,7 @@ $_['text_users_quarantine'] = "Quarantäne des Benutzers";
 $_['text_view_formatted_email'] = "Nachricht formatiert ansehen";
 $_['text_view_header'] = "Kopfzeilen anzeigen";
 $_['text_view_headers'] = "Kopfzeilen anzeigen";
+$_['text_view_journal_envelope'] = "Envelope anzeigen";
 $_['text_view_message'] = "Nachrichtentext anzeigen";
 $_['text_view_message2'] = "Nachricht anzeigen";
 $_['text_view_raw_email'] = "Quelltext anzeigen";
--- a/webui/language/en/messages.php
+++ b/webui/language/en/messages.php
@ -345,6 +345,7 @@ $_['text_users_quarantine'] = "User's quarantine";
 $_['text_view_formatted_email'] = "View formatted email";
 $_['text_view_header'] = "view header";
 $_['text_view_headers'] = "View headers";
+$_['text_view_journal_envelope'] = "View envelope";
 $_['text_view_message'] = "View message";
 $_['text_view_message2'] = "view message";
 $_['text_view_raw_email'] = "View raw email";
--- a/webui/language/hu/messages.iso-8859-2.php
+++ b/webui/language/hu/messages.iso-8859-2.php
@ -346,6 +346,7 @@ $_['text_users_quarantine'] = "Felhaszn
 $_['text_view_formatted_email'] = "Formázott levél megtekintése";
 $_['text_view_header'] = "fejléc megtekintése";
 $_['text_view_headers'] = "Levél fejléce";
+$_['text_view_journal_envelope'] = "Journal envelope";
 $_['text_view_message'] = "Levél megtekintése";
 $_['text_view_message2'] = "levél megtekintése";
 $_['text_view_raw_email'] = "Formázatlan levél megtekintése";
--- a/webui/language/hu/messages.php
+++ b/webui/language/hu/messages.php
@ -346,6 +346,7 @@ $_['text_users_quarantine'] = "Felhasználók karanténja";
 $_['text_view_formatted_email'] = "Formázott levél megtekintése";
 $_['text_view_header'] = "fejléc megtekintése";
 $_['text_view_headers'] = "Levél fejléce";
+$_['text_view_journal_envelope'] = "Journal envelope";
 $_['text_view_message'] = "Levél megtekintése";
 $_['text_view_message2'] = "levél megtekintése";
 $_['text_view_raw_email'] = "Formázatlan levél megtekintése";
--- a/webui/language/pt/messages.php
+++ b/webui/language/pt/messages.php
@ -339,6 +339,7 @@ $_['text_users_quarantine'] = "Quarentena de usuário";
 $_['text_view_formatted_email'] = "Visualizar email formatado";
 $_['text_view_header'] = "Visualizar cabeçalho";
 $_['text_view_headers'] = "Visualizar cabeçalho";
+$_['text_view_journal_envelope'] = "Visualizar envelope";
 $_['text_view_message'] = "Visualizar mensagem";
 $_['text_view_message2'] = "visualizar mensagem";
 $_['text_view_raw_email'] = "Visualizar email em formar RAW";
--- a/webui/model/saas/ldap.php
+++ b/webui/model/saas/ldap.php
@ -5,7 +5,7 @@ class ModelSaasLdap extends Model

   public function get() {

-      $query = $this->db->query("SELECT id, description, ldap_host, ldap_base_dn, ldap_bind_dn FROM " . TABLE_LDAP . " ORDER BY description ASC");
+      $query = $this->db->query("SELECT id, description, ldap_type, ldap_host, ldap_base_dn, ldap_bind_dn FROM " . TABLE_LDAP . " ORDER BY description ASC");

      if($query->num_rows > 0) { return $query->rows; }

@ -29,11 +29,11 @@ class ModelSaasLdap extends Model
   public function add($arr = array()) {
      if(!isset($arr['description']) || !isset($arr['ldap_host'])) { return 0; }

-      $query = $this->db->query("INSERT INTO " . TABLE_LDAP . " (description, ldap_host, ldap_base_dn, ldap_bind_dn, ldap_bind_pw) VALUES (?,?,?,?,?)", array($arr['description'], $arr['ldap_host'], $arr['ldap_base_dn'], $arr['ldap_bind_dn'], $arr['ldap_bind_pw']));
+      $query = $this->db->query("INSERT INTO " . TABLE_LDAP . " (description, ldap_host, ldap_base_dn, ldap_bind_dn, ldap_bind_pw, ldap_type) VALUES (?,?,?,?,?,?)", array($arr['description'], $arr['ldap_host'], $arr['ldap_base_dn'], $arr['ldap_bind_dn'], $arr['ldap_bind_pw'], $arr['ldap_type']));

      $rc = $this->db->countAffected();

-      LOGGER("add ldap entry: " . $arr['description'] . " / " . $arr['ldap_host'] . " / " . $arr['ldap_base_dn'] . " (rc=$rc)");
+      LOGGER("add ldap entry: " . $arr['description'] . " / " . $arr['ldap_type'] . " / " . $arr['ldap_host'] . " / " . $arr['ldap_base_dn'] . " (rc=$rc)");

      if($rc == 1){ return 1; }

@ -48,9 +48,9 @@ class ModelSaasLdap extends Model

      list($l,$d) = explode("@", $email);

-      $query = $this->db->query("SELECT ldap_host, ldap_base_dn, ldap_bind_dn, ldap_bind_pw from " . TABLE_DOMAIN . " as d, " . TABLE_LDAP . " as l where d.ldap_id=l.id and d.domain=?", array($d));
+      $query = $this->db->query("SELECT ldap_type, ldap_host, ldap_base_dn, ldap_bind_dn, ldap_bind_pw from " . TABLE_DOMAIN . " as d, " . TABLE_LDAP . " as l where d.ldap_id=l.id and d.domain=?", array($d));

-      if($query->num_rows > 0) { return array($query->row['ldap_host'], $query->row['ldap_base_dn'], $query->row['ldap_bind_dn'], $query->row['ldap_bind_pw']); }
+      if($query->num_rows > 0) { return array($query->row['ldap_type'], $query->row['ldap_host'], $query->row['ldap_base_dn'], $query->row['ldap_bind_dn'], $query->row['ldap_bind_pw']); }

      return array();
   }
--- a/webui/model/search/message.php
+++ b/webui/model/search/message.php
@ -178,7 +178,7 @@ class ModelSearchMessage extends Model {
      $msg = $this->get_raw_message($id);
      $this->disconnect_from_pilergetd();

-      $this->remove_journal($msg);
+      $has_journal = $this->remove_journal($msg);

      $pos = strpos($msg, "\n\r\n");
      if($pos == false) {
@ -193,6 +193,55 @@ class ModelSearchMessage extends Model {
      $data = preg_replace("/\</", "&lt;", $data);
      $data = preg_replace("/\>/", "&gt;", $data);

+      return array('headers' => $data, 'has_journal' => $has_journal);
+   }
+
+
+   public function get_message_journal($id = '') {
+      $data = '&lt; &gt;';
+      $boundary = '';
+
+      $this->connect_to_pilergetd();
+      $msg = $this->get_raw_message($id);
+      $this->disconnect_from_pilergetd();
+
+      $hdr = substr($msg, 0, 8192);
+
+      $s = preg_split("/\n/", $hdr);
+      while(list($k, $v) = each($s)) {
+         if(preg_match("/boundary\s{0,}=\s{0,}\"{0,}([\w\_\-\@\.]+)\"{0,}/i", $v, $m)) {
+            if(isset($m[1])) { $boundary = $m[1]; break; }
+         }
+      }
+
+
+      $p = strstr($msg, "\nX-MS-Journal-Report:");
+      $msg = '';
+
+      if($p) {
+
+         $s = preg_split("/\n/", $p);
+
+         $i=0; $j=0; $data = '';
+
+         while(list($k, $v) = each($s)) {
+            if(strstr($v, $boundary)) { $i++; }
+            if($i > 0 && preg_match("/^\s{1,}$/", $v)) { $j++; }
+
+            if($j == 1) {
+               $data .= "$v\n";
+            }
+
+            if($i >= 2) { break; } 
+         }
+
+         $p = '';
+
+         $data = preg_replace("/\</", "&lt;", $data);
+         $data = preg_replace("/\>/", "&gt;", $data);
+
+      }
+
      return $data;
   }

@ -200,6 +249,7 @@ class ModelSearchMessage extends Model {
   public function remove_journal(&$msg = '') {
      $p = $q = '';
      $boundary = '';
+      $has_journal = 0;

      $hdr = substr($msg, 0, 4096);

@ -212,6 +262,8 @@ class ModelSearchMessage extends Model {

      $p = strstr($msg, "\nX-MS-Journal-Report:");
      if($p) {
+         $has_journal = 1;
+
         $msg = '';
         $q = strstr($p, "Received: from");
         if($q) {
@ -225,7 +277,11 @@ class ModelSearchMessage extends Model {
         }
      }

-      if($boundary) { $msg = substr($msg, 0, strlen($msg) - strlen($boundary) - 6); }
+      if($boundary) {
+         $msg = substr($msg, 0, strlen($msg) - strlen($boundary) - 6);
+      }
+
+      return $has_journal;
   }


@ -250,7 +306,7 @@ class ModelSearchMessage extends Model {
      $msg = $this->get_raw_message($id);
      $this->disconnect_from_pilergetd();

-      $this->remove_journal($msg);
+      $has_journal = $this->remove_journal($msg);

      $a = explode("\n", $msg); $msg = "";

@ -365,7 +421,8 @@ class ModelSearchMessage extends Model {
                   'to' => $this->decode_my_str($to),
                   'subject' => $this->highlight_search_terms($this->decode_my_str($subject), $terms),
                   'date' => $this->decode_my_str($date),
-                   'message' => $this->highlight_search_terms($message, $terms)
+                   'message' => $this->highlight_search_terms($message, $terms),
+                   'has_journal' => $has_journal
            );
   }

--- a/webui/model/user/auth.php
+++ b/webui/model/user/auth.php
@ -68,20 +68,59 @@ class ModelUserAuth extends Model {
      $ldap_helper_dn = LDAP_HELPER_DN;
      $ldap_helper_password = LDAP_HELPER_PASSWORD;

+      $ldap_mail_attr = LDAP_MAIL_ATTR;
+      $ldap_account_objectclass = LDAP_ACCOUNT_OBJECTCLASS;
+      $ldap_distributionlist_attr = LDAP_DISTRIBUTIONLIST_ATTR;
+      $ldap_distributionlist_objectclass = LDAP_DISTRIBUTIONLIST_OBJECTCLASS;
+
      if(ENABLE_SAAS == 1) {
         $a = $this->model_saas_ldap->get_ldap_params_by_email($username);

-         $ldap_host = $a[0];
-         $ldap_base_dn = $a[1];
-         $ldap_helper_dn = $a[2];
-         $ldap_helper_password = $a[3];
+         $ldap_type = $a[0];
+         $ldap_host = $a[1];
+         $ldap_base_dn = $a[2];
+         $ldap_helper_dn = $a[3];
+         $ldap_helper_password = $a[4];
+
+         switch ($ldap_type) {
+
+            case 'AD':
+                       $ldap_mail_attr = 'mail';
+                       $ldap_account_objectclass = 'user';
+                       $ldap_distributionlist_attr = 'member';
+                       $ldap_distributionlist_objectclass = 'group';
+                       break;
+
+            case 'zimbra':
+                       $ldap_mail_attr = 'mail';
+                       $ldap_account_objectclass = 'zimbraAccount';
+                       $ldap_distributionlist_attr = 'zimbraMailForwardingAddress';
+                       $ldap_distributionlist_objectclass = 'zimbraDistributionList';
+                       break;
+
+            case 'iredmail':
+                       $ldap_mail_attr = 'mail';
+                       $ldap_account_objectclass = 'mailUser';
+                       $ldap_distributionlist_attr = 'memberOfGroup';
+                       $ldap_distributionlist_objectclass = 'mailList';
+                       break;
+
+            case 'lotus':
+                       $ldap_mail_attr = 'mail';
+                       $ldap_account_objectclass = 'dominoPerson';
+                       $ldap_distributionlist_attr = 'mail';
+                       $ldap_distributionlist_objectclass = 'dominoGroup';
+                       break;
+
+            
+         }
      }

      $ldap = new LDAP($ldap_host, $ldap_helper_dn, $ldap_helper_password);

      if($ldap->is_bind_ok()) {

-         $query = $ldap->query($ldap_base_dn, "(&(objectClass=" . LDAP_ACCOUNT_OBJECTCLASS . ")(" . LDAP_MAIL_ATTR . "=$username))", array());
+         $query = $ldap->query($ldap_base_dn, "(&(objectClass=$ldap_account_objectclass)($ldap_mail_attr=$username))", array());

         if(isset($query->row['dn']) && $query->row['dn']) {
            $a = $query->row;
@ -92,7 +131,7 @@ class ModelUserAuth extends Model {

            if($ldap_auth->is_bind_ok()) {

-               $query = $ldap->query($ldap_base_dn, "(|(&(objectClass=" . LDAP_ACCOUNT_OBJECTCLASS . ")(" . LDAP_MAIL_ATTR . "=$username))(&(objectClass=" . LDAP_DISTRIBUTIONLIST_OBJECTCLASS . ")(" . LDAP_DISTRIBUTIONLIST_ATTR . "=$username)" . ")(&(objectClass=" . LDAP_DISTRIBUTIONLIST_OBJECTCLASS . ")(" . LDAP_DISTRIBUTIONLIST_ATTR . "=" . stripslashes($a['dn']) . ")))", array());
+               $query = $ldap->query($ldap_base_dn, "(|(&(objectClass=$ldap_account_objectclass)($ldap_mail_attr=$username))(&(objectClass=$ldap_distributionlist_objectclass)($ldap_distributionlist_attr=$username)" . ")(&(objectClass=$ldap_distributionlist_objectclass)($ldap_distributionlist_attr=" . stripslashes($a['dn']) . ")))", array("mail", "mailalternateaddress", "proxyaddresses", $ldap_distributionlist_attr));

               $is_auditor = $this->check_ldap_membership($query->rows);

@ -148,7 +187,7 @@ class ModelUserAuth extends Model {
      $data = array();

      foreach($e as $a) {
-         foreach (array("mail", "mailalternateaddress", "proxyaddresses", LDAP_MAIL_ATTR, LDAP_DISTRIBUTIONLIST_ATTR) as $mailattr) {
+         //foreach (array("mail", "mailalternateaddress", "proxyaddresses", LDAP_MAIL_ATTR, LDAP_DISTRIBUTIONLIST_ATTR) as $mailattr) {
            if(isset($a[$mailattr])) {

               if(isset($a[$mailattr]['count'])) {
@ -164,7 +203,7 @@ class ModelUserAuth extends Model {
                  if(!in_array($email, $data) && strchr($email, '@') && substr($email, 0, 4) != 'sip:') { array_push($data, $email); }
               }
            }
-         }
+         //}
      }

      return $data;
@ -243,6 +282,11 @@ class ModelUserAuth extends Model {


   public function check_ntlm_auth() {
+      $ldap_mail_attr = 'mail';
+      $ldap_account_objectclass = 'user';
+      $ldap_distributionlist_attr = 'member';
+      $ldap_distributionlist_objectclass = 'group';
+
      if(!isset($_SERVER['REMOTE_USER'])) { return 0; }

      $u = explode("\\", $_SERVER['REMOTE_USER']);
@ -253,7 +297,7 @@ class ModelUserAuth extends Model {

      if($ldap->is_bind_ok()) {

-         $query = $ldap->query(LDAP_BASE_DN, "(&(objectClass=" . LDAP_ACCOUNT_OBJECTCLASS . ")(samaccountname=" . $u[1] . "))", array());
+         $query = $ldap->query(LDAP_BASE_DN, "(&(objectClass=$ldap_account_objectclass)(samaccountname=" . $u[1] . "))", array());

         if(isset($query->row['dn'])) {
            $a = $query->row;
@ -261,7 +305,7 @@ class ModelUserAuth extends Model {
            if(isset($a['mail']['count'])) { $username = $a['mail'][0]; } else { $username = $a['mail']; }
            $username = strtolower(preg_replace("/^smtp\:/i", "", $username));

-            $query = $ldap->query(LDAP_BASE_DN, "(|(&(objectClass=" . LDAP_ACCOUNT_OBJECTCLASS . ")(" . LDAP_MAIL_ATTR . "=$username))(&(objectClass=" . LDAP_DISTRIBUTIONLIST_OBJECTCLASS . ")(" . LDAP_DISTRIBUTIONLIST_ATTR . "=$username)" . ")(&(objectClass=" . LDAP_DISTRIBUTIONLIST_OBJECTCLASS . ")(" . LDAP_DISTRIBUTIONLIST_ATTR . "=" . $a['dn'] . ")))", array());
+            $query = $ldap->query(LDAP_BASE_DN, "(|(&(objectClass=$ldap_account_objectclass)($ldap_mail_attr=$username))(&(objectClass=$ldap_distributionlist_objectclass)($ldap_distributionlist_attr=$username)" . ")(&(objectClass=$ldap_distributionlist_objectclass)($ldap_distributionlist_attr=" . $a['dn'] . ")))", array());

            $emails = $this->get_email_array_from_ldap_attr($query->rows);

--- a/webui/view/javascript/piler-in.js
+++ b/webui/view/javascript/piler-in.js
@ -274,6 +274,13 @@ var Piler =
    },


+    view_journal:function(id)
+    {
+         Piler.log("[view_journal]");
+         Piler.load_url_to_preview_pane('/index.php?route=message/journal&id=' + id);
+    },
+
+
    restore_message:function(id)
    {
        Piler.log("[restore_message]");
--- a/webui/view/theme/default/templates/ldap/list.tpl
+++ b/webui/view/theme/default/templates/ldap/list.tpl
@ -6,6 +6,17 @@

 <form method="post" name="add1" action="index.php?route=ldap/list" class="form-horizontal">

+    <div class="control-group">
+       <label class="control-label" for="ldap_type"><?php print $text_ldap_type; ?>:</label>
+       <div class="controls">
+          <select name="ldap_type" id="ldap_type">
+          <option value="AD">AD</option>
+          <option value="iredmail">iredmail</option>
+          <option value="lotus">lotus</option>
+          <option value="zimbra">zimbra</option>
+          </select>
+       </div>
+    </div>
    <div class="control-group">
 		<label class="control-label" for="description"><?php print $text_description; ?>:</label>
        <div class="controls">
@ -53,6 +64,7 @@
   <table id="ss1" class="table table-striped table-condensed">
      <tr>
         <th class="domaincell"><?php print $text_description; ?></th>
+         <th class="domaincell"><?php print $text_ldap_type; ?></th>
         <th class="domaincell"><?php print $text_ldap_host; ?></th>
         <td class="domaincell"><?php print $text_ldap_base_dn; ?></td>
         <td class="domaincell"><?php print $text_ldap_bind_dn; ?></td>
@ -62,6 +74,7 @@
 <?php foreach($entries as $e) { ?>
      <tr>
         <td class="domaincell"><?php print $e['description']; ?></td>
+         <td class="domaincell"><?php print $e['ldap_type']; ?></td>
         <td class="domaincell"><?php print $e['ldap_host']; ?></td>
         <td class="domaincell"><?php print $e['ldap_base_dn']; ?></td>
         <td class="domaincell"><?php print $e['ldap_bind_dn']; ?></td>
--- a/webui/view/theme/default/templates/message/headers.tpl
+++ b/webui/view/theme/default/templates/message/headers.tpl
@ -20,9 +20,13 @@
   <a class="messagelink" href="#" onclick="Piler.restore_message(<?php print $id; ?>);"><i class="icon-reply"></i>&nbsp;<?php print $text_restore_to_mailbox; ?></a> |
 <?php } ?>
   <a class="messagelink" href="#" onclick="Piler.view_message(<?php print $id; ?>);"><i class="icon-envelope"></i>&nbsp;<?php print $text_view_message; ?></a>
+<?php if($message['has_journal'] == 1 && Registry::get('auditor_user') == 1 && SHOW_ENVELOPE_JOURNAL == 1) { ?>
+   | <a class="messagelink" href="#" onclick="Piler.view_journal(<?php print $id; ?>);"><i class="icon-envelope-alt"></i>&nbsp;<?php print $text_view_journal_envelope; ?></a>
+<?php } ?>
+
 </p>

 </div>

-<pre class="messagesmtpheaders"><?php print $data; ?></pre>
+<pre class="messagesmtpheaders"><?php print $message['headers']; ?></pre>

--- a/webui/view/theme/default/templates/message/journal.tpl
+++ b/webui/view/theme/default/templates/message/journal.tpl
@ -0,0 +1,30 @@
+<div id="restorebox" class="alert alert-general">
+<?php if(Registry::get('auditor_user') == 1 && count($rcpt) > 0) { ?>
+<?php foreach($rcpt as $r) { ?>
+      <input type="checkbox" class="restorebox" id="rcpt_<?php print $r; ?>" name="rcpt_<?php print $r; ?>" value="1" /> <?php print $r; ?><br />
+<?php } ?>
+<br />
+<input type="button" id="restore_button" name="restore_button" value="<?php print $text_restore; ?>" class="btn btn-primary" onclick="Piler.restore_message_for_recipients(<?php print $id; ?>, '<?php print $text_restored; ?>', '<?php print $text_select_recipients; ?>');" />
+<input type="button" value="<?php print $text_cancel; ?>" class="btn btn-inverse" onclick="$('#restorebox').hide();" />
+<?php } ?>
+
+</div>
+
+<div class="messageheader">
+
+<p>
+   <a class="messagelink" href="index.php?route=message/download&amp;id=<?php print $id; ?>"><i class="icon-cloud-download"></i>&nbsp;<?php print $text_download_message; ?></a> |
+<?php if(Registry::get('auditor_user') == 1) { ?>
+   <a class="messagelink" href="#" onclick="$('#restorebox').show();"><i class="icon-reply"></i>&nbsp;<?php print $text_restore_to_mailbox; ?></a> |
+<?php } else { ?>
+   <a class="messagelink" href="#" onclick="Piler.restore_message(<?php print $id; ?>);"><i class="icon-reply"></i>&nbsp;<?php print $text_restore_to_mailbox; ?></a> |
+<?php } ?>
+   <a class="messagelink" href="#" onclick="Piler.view_headers(<?php print $id; ?>);"><i class="icon-envelope"></i>&nbsp;<?php print $text_view_headers; ?></a>
+   <a class="messagelink" href="#" onclick="Piler.view_message(<?php print $id; ?>);"><i class="icon-envelope-alt"></i>&nbsp;<?php print $text_view_message; ?></a>
+
+</p>
+
+</div>
+
+<pre class="messagesmtpheaders"><?php print $data; ?></pre>
+
--- a/webui/view/theme/default/templates/message/restore.tpl
+++ b/webui/view/theme/default/templates/message/restore.tpl
@ -8,4 +8,5 @@

 <div class="messagecontents">
 <?php print $data; ?>
-</div>
+</div>
+
--- a/webui/view/theme/default/templates/message/view.tpl
+++ b/webui/view/theme/default/templates/message/view.tpl
@ -20,6 +20,9 @@
       <a class="messagelink" href="#" onclick="Piler.restore_message(<?php print $id; ?>);"><i class="icon-reply"></i>&nbsp;<?php print $text_restore_to_mailbox; ?></a> |
    <?php } ?>
       <a class="messagelink" href="#" onclick="Piler.view_headers(<?php print $id; ?>);"><i class="icon-envelope-alt"></i>&nbsp;<?php print $text_view_headers; ?></a>
+    <?php if($message['has_journal'] == 1 && Registry::get('auditor_user') == 1 && SHOW_ENVELOPE_JOURNAL == 1) { ?>
+       | <a class="messagelink" href="#" onclick="Piler.view_journal(<?php print $id; ?>);"><i class="icon-envelope"></i>&nbsp;<?php print $text_view_journal_envelope; ?></a>
+    <?php } ?>
    </p>

    <strong><?php if($message['subject'] == "" || $message['subject'] == "Subject:") { print "&lt;" . $text_no_subject . "&gt;"; } else { print $message['subject']; } ?></strong><br />
--- a/webui/view/theme/default/templates/search/helper.tpl
+++ b/webui/view/theme/default/templates/search/helper.tpl
@ -137,6 +137,8 @@
                <input type="button" class="btn btn-info" onclick="Piler.tag_search_results('<?php print $text_tagged; ?>');" value="Tag" />
            </span>
            <input type="button" class="btn btn-custom btn-inverse" value="<?php print $text_bulk_restore_selected_emails; ?>" onclick="Piler.bulk_restore_messages('<?php print $text_restored; ?>'); " />&nbsp;
+         <?php if(Registry::get('auditor_user') == 1 || BULK_DOWNLOAD_FOR_USERS == 1) { ?>
            <input type="button" class="btn btn-custom btn-inverse" value="<?php print $text_bulk_download; ?>" onclick="Piler.download_messages();" />
+         <?php } ?>
       </div>
 </div>
--- a/webui/view/theme/orig/templates/search/helper.tpl
+++ b/webui/view/theme/orig/templates/search/helper.tpl
@ -9,7 +9,10 @@

    <tr>
      <td><input type="checkbox" id="bulkcheck" name="bulkcheck" value="1" <?php if(SEARCH_RESULT_CHECKBOX_CHECKED == 1) { ?>checked="checked"<?php } ?> onclick="Piler.toggle_bulk_check();" /></td>
-      <td><a href="#"><img class="download_icon" src="<?php print ICON_DOWNLOAD; ?>" width="18" height="18" alt="aaa" border="0" onclick="Piler.download_messages();" /></a></td>
+      <td>
+      <?php if(Registry::get('auditor_user') == 1 || BULK_DOWNLOAD_FOR_USERS == 1) { ?>
+          <a href="#"><img class="download_icon" src="<?php print ICON_DOWNLOAD; ?>" width="18" height="18" alt="aaa" border="0" onclick="Piler.download_messages();" /></a></td>
+      <?php } ?>
      <td>
         <strong><?php print $text_date; ?></strong>
         <a xid="date" xorder="1" onclick="Piler.changeOrder(this);"><i class="icon-chevron-up"></i></a>