diff --git a/CREDITS b/CREDITS index 875bdf08..04c2d03b 100644 --- a/CREDITS +++ b/CREDITS @@ -3,3 +3,5 @@ The FSF.hu Foundation (http://fsf.hu/) supported and donated piler within the Nemeth Adam reviewed the web interface, and gave lots of useful hints and insights to improve the web ui of piler. + +Remi Smith improved the restricted auditor feature for a better multitenancy. diff --git a/util/db-mysql.sql b/util/db-mysql.sql index 651a0354..05d835b7 100644 --- a/util/db-mysql.sql +++ b/util/db-mysql.sql @@ -242,6 +242,14 @@ create table if not exists `group_email` ( ) ENGINE=InnoDB; +create table if not exists `domain_user` ( + `domain` char(64) not null, + `uid` int unsigned not null, + key `domain_user_idx` (`domain`), + key `domain_user_idx2` (`uid`) +) ENGINE=InnoDB; + + create table if not exists `folder` ( `id` int not null auto_increment, `parent_id` int default 0, diff --git a/util/db-upgrade-0.1.22-vs-0.1.23.sql b/util/db-upgrade-0.1.22-vs-0.1.23.sql new file mode 100644 index 00000000..21700759 --- /dev/null +++ b/util/db-upgrade-0.1.22-vs-0.1.23.sql @@ -0,0 +1,8 @@ + +create table if not exists `domain_user` ( + `domain` char(64) not null, + `uid` int unsigned not null, + key `domain_user_idx` (`domain`), + key `domain_user_idx2` (`uid`) +) ENGINE=InnoDB; + diff --git a/webui/config.php b/webui/config.php index d93e8778..64333edb 100644 --- a/webui/config.php +++ b/webui/config.php @@ -171,6 +171,7 @@ define('TABLE_NOTE', '`note`'); define('TABLE_USER_SETTINGS', 'user_settings'); define('TABLE_REMOTE', 'remote'); define('TABLE_DOMAIN', 'domain'); +define('TABLE_DOMAIN_USER', 'domain_user'); define('TABLE_COUNTER', 'counter'); define('TABLE_AUDIT', 'audit'); define('TABLE_ARCHIVING_RULE', 'archiving_rule'); diff --git a/webui/controller/domain/domains.php b/webui/controller/domain/domains.php new file mode 100644 index 00000000..7ba1ed07 --- /dev/null +++ b/webui/controller/domain/domains.php @@ -0,0 +1,82 @@ +id = "content"; + $this->template = "domain/domains.tpl"; + $this->layout = "common/layout-email"; + + + $request = Registry::get('request'); + $db = Registry::get('db'); + $language = Registry::get('language'); + + $this->load->model('domain/domain'); + + //$this->document->title = $language->get('text_group_management'); + + $this->data['page'] = 0; + $this->data['page_len'] = get_page_length(); + + $this->data['total'] = 0; + + $this->data['sort'] = 'domain'; + + $this->data['term'] = ''; + + if(!isset($this->request->get['term']) || strlen($this->request->get['term']) < 1) { die("no data"); } + + if(isset($this->request->get['page']) && is_numeric($this->request->get['page']) && $this->request->get['page'] > 0) { + $this->data['page'] = $this->request->get['page']; + } + + $this->data['search'] = $this->request->get['term']; + + /* check if we are admin */ + + if(Registry::get('admin_user') == 1) { + + // for autocomplete + + if(strlen($this->request->get['term']) >= 2) { + $domains = $this->model_domain_domain->get_domains_by_string($this->request->get['term']); + + $i = 0; + $s = '[ '; + + foreach($domains as $domain) { + $i++; + $s .= '{ "id": "' . $i . '", "value": "' . $domain['domain'] . '" },'; + } + + $s = preg_replace("/,$/", "", $s) . " ]"; + + print $s; + } + + // for domain list + + if(strlen($this->request->get['term']) == 1) { + $this->data['domains'] = $this->model_domain_domain->get_domains_by_string($this->request->get['term'], $this->data['page'], $this->data['page_len']); + + $this->data['total'] = $this->model_domain_domain->count_domains($this->request->get['term']); + + $this->data['prev_page'] = $this->data['page'] - 1; + $this->data['next_page'] = $this->data['page'] + 1; + + $this->data['total_pages'] = floor($this->data['total'] / $this->data['page_len']); + + $this->render(); + } + + } + } + + +} + +?> diff --git a/webui/controller/health/worker.php b/webui/controller/health/worker.php index ce663750..82df0b9c 100644 --- a/webui/controller/health/worker.php +++ b/webui/controller/health/worker.php @@ -59,17 +59,6 @@ class ControllerHealthWorker extends Controller { $db = Registry::get('db'); $db->select_db($db->database); - if($this->request->server['REQUEST_METHOD'] == 'POST' && isset($this->request->post['resetcounters']) && $this->request->post['resetcounters'] == 1) { - if(isset($this->request->post['confirmed']) && $this->request->post['confirmed'] == 1 && Registry::get('admin_user') == 1) { - $this->model_stat_counter->reset_counters(); - header("Location: index.php?route=health/health"); - exit; - } - else { - $this->template = "health/counter-reset-confirm.tpl"; - } - } - list($this->data['archive_size'], $this->data['counters']) = $this->model_stat_counter->get_counters(); diff --git a/webui/controller/user/edit.php b/webui/controller/user/edit.php index fb3a7f56..f6b5d120 100644 --- a/webui/controller/user/edit.php +++ b/webui/controller/user/edit.php @@ -73,6 +73,7 @@ class ControllerUserEdit extends Controller { else { $this->data['user'] = $this->model_user_user->get_user_by_uid($this->data['uid']); + $this->data['user']['domains'] = $this->model_user_user->get_domains_by_uid($this->data['uid']); $this->data['user']['group_membership'] = $this->model_user_user->get_additional_uids($this->data['uid']); $this->data['user']['group'] = $this->model_group_group->get_groups_by_uid($this->data['uid']); $this->data['user']['folder'] = $this->model_folder_folder->get_folders_by_uid($this->data['uid']); diff --git a/webui/controller/user/settings.php b/webui/controller/user/settings.php index 2a6ede3e..5a7d243d 100644 --- a/webui/controller/user/settings.php +++ b/webui/controller/user/settings.php @@ -16,8 +16,32 @@ class ControllerUserSettings extends Controller { $this->load->model('user/auth'); $this->load->model('user/prefs'); + $this->load->model('user/user'); + $this->load->model('group/group'); $this->document->title = $this->data['text_settings']; + + $d = $r = ''; + $auditemails = $auditdomains = $auditgroups = $auditfolders = ''; + + $auditemails = $this->model_user_user->get_emails_by_uid($_SESSION['uid']); + + foreach($_SESSION['auditdomains'] as $d) { + $auditdomains .= ', '.$d; + } + $auditdomains = preg_replace("/^,\s/", "", $auditdomains); + + $auditgroups = preg_replace("/\s/", ", ", $this->model_group_group->get_groups_by_uid($_SESSION['uid'])); + + foreach ($_SESSION['folders'] as $r) { + $auditfolders .= ', '.$r; + } + $auditfolders = preg_replace("/^,\s/", "", $auditfolders); + + if($auditemails) { $this->data['emails'] = $auditemails; } else { $this->data['emails'] = $this->data['text_none_found']; } + if($auditdomains) { $this->data['domains'] = $auditdomains; } else { $this->data['domains'] = $this->data['text_none_found']; } + if($auditgroups) { $this->data['groups'] = $auditgroups; } else { $this->data['groups'] = $this->data['text_none_found']; } + if($auditfolders) { $this->data['folders'] = $auditfolders; } else { $this->data['folders'] = $this->data['text_none_found']; } if(isset($this->request->post['pagelen']) && isset($this->request->post['theme'])) { $this->model_user_prefs->set_user_preferences(Registry::get('username'), $this->request->post); diff --git a/webui/language/en/messages.php b/webui/language/en/messages.php index 4cdb1d39..4f83a31f 100644 --- a/webui/language/en/messages.php +++ b/webui/language/en/messages.php @@ -355,4 +355,14 @@ $_['text_24_hours'] = "24 hours"; $_['text_1_week'] = "1 week"; $_['text_30_days'] = "30 days"; +$_['text_access_settings'] = 'Access Settings'; +$_['text_access_setting_explanation'] = "You always have access to your own email addresses. For auditor access to specific groups or domains, please contact your archive administrator."; +$_['text_display_settings'] = 'Display Settings'; +$_['text_change_password'] = "Change Password"; +$_['text_none_found'] = "None found"; +$_['text_primary_domain'] = "Primary Domain"; +$_['text_search_domains'] = "Search domains"; +$_['text_search_domain_to_add'] = "Search domain to add"; + + ?> diff --git a/webui/language/hu/messages.iso-8859-2.php b/webui/language/hu/messages.iso-8859-2.php index 3bf83c2b..b0fb0a01 100644 --- a/webui/language/hu/messages.iso-8859-2.php +++ b/webui/language/hu/messages.iso-8859-2.php @@ -356,4 +356,13 @@ $_['text_24_hours'] = "24 $_['text_1_week'] = "1 hét"; $_['text_30_days'] = "30 nap"; +$_['text_access_settings'] = 'Hozzáférések'; +$_['text_access_setting_explanation'] = "A saját email címeihez mindig hozzáférhet. Az egyes domainekhez ill. csoportokhoz való auditor hozzáférésért, kérjük lépjen kapcsolatba az archívum adminisztrátorokkal."; +$_['text_display_settings'] = 'Megjelenítés'; +$_['text_change_password'] = "Jelszó módosítás"; +$_['text_none_found'] = "Nincs"; +$_['text_primary_domain'] = "Elsődleges Domain"; +$_['text_search_domains'] = "Domainek keresése"; +$_['text_search_domain_to_add'] = "Írja be a domain nevének elejét"; + ?> diff --git a/webui/language/hu/messages.php b/webui/language/hu/messages.php index e4e0b033..4bb8703c 100644 --- a/webui/language/hu/messages.php +++ b/webui/language/hu/messages.php @@ -356,4 +356,13 @@ $_['text_24_hours'] = "24 Ăłra"; $_['text_1_week'] = "1 hĂ©t"; $_['text_30_days'] = "30 nap"; +$_['text_access_settings'] = 'HozzáfĂ©rĂ©sek'; +$_['text_access_setting_explanation'] = "A saját email cĂ­meihez mindig hozzáfĂ©rhet. Az egyes domainekhez ill. csoportokhoz valĂł auditor hozzáfĂ©rĂ©sĂ©rt, kĂ©rjĂĽk lĂ©pjen kapcsolatba az archĂ­vum adminisztrátorokkal."; +$_['text_display_settings'] = 'MegjelenĂ­tĂ©s'; +$_['text_change_password'] = "JelszĂł mĂłdosĂ­tás"; +$_['text_none_found'] = "Nincs"; +$_['text_primary_domain'] = "ElsĹ‘dleges Domain"; +$_['text_search_domains'] = "Domainek keresĂ©se"; +$_['text_search_domain_to_add'] = "ĂŤrja be a domain nevĂ©nek elejĂ©t"; + ?> diff --git a/webui/language/pt/messages.php b/webui/language/pt/messages.php index 951cac6b..6af15d4e 100644 --- a/webui/language/pt/messages.php +++ b/webui/language/pt/messages.php @@ -355,4 +355,13 @@ $_['text_24_hours'] = "24 horas"; $_['text_1_week'] = "1 semana"; $_['text_30_days'] = "30 dias"; +$_['text_access_settings'] = 'Access Settings'; +$_['text_access_setting_explanation'] = "You always have access to your own email addresses. For auditor access to specific groups or domains, please contact your archive administrator."; +$_['text_display_settings'] = 'Display Settings'; +$_['text_change_password'] = "Change Password"; +$_['text_none_found'] = "None found"; +$_['text_primary_domain'] = "Primary Domain"; +$_['text_search_domains'] = "Search domains"; +$_['text_search_domain_to_add'] = "Search domain to add"; + ?> diff --git a/webui/model/domain/domain.php b/webui/model/domain/domain.php index f9f2f33d..a96de489 100644 --- a/webui/model/domain/domain.php +++ b/webui/model/domain/domain.php @@ -9,6 +9,19 @@ class ModelDomainDomain extends Model { } + public function get_domains_by_string($s = '', $page = 0, $page_len = PAGE_LEN) { + $from = (int)$page * (int)$page_len; + + if(strlen($s) < 1) { return array(); } + + $query = $this->db->query("SELECT domain FROM `" . TABLE_DOMAIN . "` WHERE domain LIKE ? ORDER BY domain ASC LIMIT " . (int)$from . ", " . (int)$page_len, array($s . "%") ); + + if(isset($query->rows)) { return $query->rows; } + + return array(); + } + + public function deleteDomain($domain = '') { if($domain == "") { return 0; } diff --git a/webui/model/search/search.php b/webui/model/search/search.php index f9f2fd96..54c06c37 100644 --- a/webui/model/search/search.php +++ b/webui/model/search/search.php @@ -90,6 +90,7 @@ class ModelSearchSearch extends Model { $f = $t = $fdomain = $tdomain = ''; $session_emails = $this->fix_email_address_for_sphinx($_SESSION['emails']); + $session_domains = $this->fix_email_address_for_sphinx($_SESSION['auditdomains']); $all_your_addresses = $this->get_all_your_address(); @@ -176,9 +177,17 @@ class ModelSearchSearch extends Model { if(Registry::get('auditor_user') == 1 || ENABLE_FOLDER_RESTRICTIONS == 1) { $domain_restrictions = ''; + $sd = ''; + + foreach ($session_domains as $d) { + $sd .= '|'.$d; + } + $sd = preg_replace("/^\|/", "", $sd); + if(RESTRICTED_AUDITOR == 1) { - $domain_restrictions = ' (@todomain ' . $this->fix_email_address_for_sphinx($_SESSION['domain']) . ' | @fromdomain ' . $this->fix_email_address_for_sphinx($_SESSION['domain']) . ')'; + /* !!!FIXME!!! test this evaluation */ + $domain_restrictions = ' (@todomain ' . $sd . ' | @fromdomain ' . $sd . ')'; } if($from == '' && $to == '') { return $domain_restrictions; } @@ -588,8 +597,12 @@ class ModelSearchSearch extends Model { array_push($arr, $id); if(Registry::get('auditor_user') == 1 && RESTRICTED_AUDITOR == 1) { - $q = "?"; - array_push($a, $_SESSION['domain']); + while(list($k, $v) = each($_SESSION['auditdomains'])) { + if(validdomain($v) == 1) { + $q .= ",?"; + array_push($a, $v); + } + } } else { while(list($k, $v) = each($_SESSION['emails'])) { @@ -598,10 +611,9 @@ class ModelSearchSearch extends Model { array_push($a, $v); } } - - $q = preg_replace("/^\,/", "", $q); } + $q = preg_replace("/^\,/", "", $q); $arr = array_merge($arr, $a, $a); @@ -639,8 +651,12 @@ class ModelSearchSearch extends Model { $q2 = preg_replace("/^\,/", "", $q2); if(Registry::get('auditor_user') == 1 && RESTRICTED_AUDITOR == 1) { - $q = "?"; - array_push($a, $_SESSION['domain']); + while(list($k, $v) = each($_SESSION['auditdomains'])) { + if(validdomain($v) == 1) { + $q .= ",?"; + array_push($a, $v); + } + } } else { if(Registry::get('auditor_user') == 0) { @@ -651,10 +667,10 @@ class ModelSearchSearch extends Model { } } } - - $q = preg_replace("/^\,/", "", $q); } + $q = preg_replace("/^\,/", "", $q); + if(Registry::get('auditor_user') == 1 && RESTRICTED_AUDITOR == 0) { $query = $this->db->query("SELECT id FROM `" . TABLE_META . "` WHERE `id` IN ($q2)", $arr); diff --git a/webui/model/stat/counter.php b/webui/model/stat/counter.php index 6d00adb7..b7e23708 100644 --- a/webui/model/stat/counter.php +++ b/webui/model/stat/counter.php @@ -45,7 +45,7 @@ class ModelStatCounter extends Model { } } - $query = $this->db->query("UPDATE " . TABLE_COUNTER . " set `rcvd`=0, `virus`=0, `duplicate`=0, `ignore`=0"); + $query = $this->db->query("UPDATE " . TABLE_COUNTER . " SET `rcvd`=0, `virus`=0, `duplicate`=0, `ignore`=0"); return 0; } diff --git a/webui/model/user/auth.php b/webui/model/user/auth.php index 2ca34eb4..0f99909b 100644 --- a/webui/model/user/auth.php +++ b/webui/model/user/auth.php @@ -38,6 +38,7 @@ class ModelUserAuth extends Model { $_SESSION['domain'] = $query->row['domain']; $_SESSION['realname'] = $query->row['realname']; + $_SESSION['auditdomains'] = $this->model_user_user->get_users_all_domains($query->row['uid']); $_SESSION['emails'] = $this->model_user_user->get_users_all_email_addresses($query->row['uid']); $_SESSION['folders'] = $this->model_folder_folder->get_all_folder_ids($query->row['uid']); $_SESSION['extra_folders'] = $this->model_folder_folder->get_all_extra_folder_ids($query->row['uid']); diff --git a/webui/model/user/import.php b/webui/model/user/import.php index 86ac20a8..b45f0598 100644 --- a/webui/model/user/import.php +++ b/webui/model/user/import.php @@ -14,6 +14,7 @@ class ModelUserImport extends Model { $mailAttrs = array("mail", "mailalternateaddress"); $memberAttrs = array("memberdn"); + $filter="$mailAttr=*"; $ldap = new LDAP($host['ldap_host'], $host['ldap_binddn'], $host['ldap_bindpw']); if($ldap->is_bind_ok() == 0) { @@ -25,16 +26,17 @@ class ModelUserImport extends Model { LOGGER("LDAP type: " . $host['type']); if($host['type'] == "AD") { - $attrs = array("cn", "samaccountname", "proxyaddresses", "member", "mail"); + $attrs = array("cn", "samaccountname", "proxyaddresses", "member", "mail", "displayname"); $mailAttr = "proxyaddresses"; $mailAttrs = array("mail", "proxyaddresses"); $memberAttrs = array("member"); + $filter="(&(objectClass=user)($mailAttr=*))"; } - $query = $ldap->query($host['ldap_basedn'], "$mailAttr=*", $attrs ); + $query = $ldap->query($host['ldap_basedn'], $filter, $attrs ); LOGGER("LDAP query: $mailAttr=* for basedn:" . $host['ldap_basedn']); foreach ($query->rows as $result) { @@ -87,9 +89,17 @@ class ModelUserImport extends Model { } + $realname = ''; + if($host['type'] == "AD") { + $realname = $result['displayname']; + } else { + $realname = $result['cn']; + } + + $data[] = array( 'username' => preg_replace("/\n{1,}$/", "", $__emails[0]), - 'realname' => $result['cn'], + 'realname' => $realname, 'dn' => $result['dn'], 'samaccountname' => isset($result['samaccountname']) ? $result['samaccountname'] : '', 'emails' => preg_replace("/\n{1,}$/", "", $emails), diff --git a/webui/model/user/user.php b/webui/model/user/user.php index befd96c3..d2a9b410 100644 --- a/webui/model/user/user.php +++ b/webui/model/user/user.php @@ -82,6 +82,23 @@ class ModelUserUser extends Model { } + public function get_users_all_domains($uid = 0) { + $data = array(); + + if($uid > 0) { + $query = $this->db->query("SELECT domain FROM " . TABLE_DOMAIN_USER . " WHERE uid=?", array((int)$uid)); + + if(isset($query->rows)) { + foreach ($query->rows as $q) { + array_push($data, $q['domain']); + } + } + } + + return $data; + } + + public function get_additional_uids($uid = 0) { $data = array(); @@ -124,6 +141,19 @@ class ModelUserUser extends Model { } + public function get_domains_by_uid($uid = 0) { + $domains = ""; + + $query = $this->db->query("SELECT domain FROM " . TABLE_DOMAIN_USER . " WHERE uid=?", array((int)$uid)); + + foreach ($query->rows as $q) { + $domains .= $q['domain'] . "\n"; + } + + return preg_replace("/\n$/", "", $domains); + } + + public function get_primary_email_by_domain($uid = 0, $domain = '') { $email = ""; @@ -320,6 +350,7 @@ class ModelUserUser extends Model { if($ret == 0) { return -2; } } + $this->update_domains_settings((int)$user['uid'], $user['domains']); $this->update_group_settings((int)$user['uid'], $user['group']); $this->update_folder_settings((int)$user['uid'], $user['folder']); @@ -397,6 +428,7 @@ class ModelUserUser extends Model { } + $this->update_domains_settings((int)$user['uid'], $user['domains']); $this->update_group_settings((int)$user['uid'], $user['group']); $this->update_folder_settings((int)$user['uid'], $user['folder']); @@ -404,6 +436,28 @@ class ModelUserUser extends Model { } + private function update_domains_settings($uid = -1, $domains = '') { + $__d = array(); + + if($uid <= 0) { return 0; } + + $query = $this->db->query("DELETE FROM `" . TABLE_DOMAIN_USER . "` WHERE uid=?", array($uid)); + + $all_domains = $this->get_email_domains(); + $submitted_domains = explode("\n", $domains); + + foreach($submitted_domains as $d) { + $d = trim($d); + + if($d && checkdomain($d, $all_domains) > 0) { + $query = $this->db->query("INSERT INTO `" . TABLE_DOMAIN_USER . "` (domain, uid) VALUES(?,?)", array($d, (int)$uid)); + } + } + + return 1; + } + + private function update_group_settings($uid = -1, $group = '') { $__g = array(); diff --git a/webui/system/misc.php b/webui/system/misc.php index b27721c0..6b745e4e 100644 --- a/webui/system/misc.php +++ b/webui/system/misc.php @@ -103,7 +103,6 @@ function checkemail($email, $domains) { if($email == 'admin@local') { return 1; } - list($u, $d) = explode('@', $email); foreach ($domains as $domain) { @@ -127,6 +126,34 @@ function validemail($email = '') { } +function checkdomain($domain, $domains) { + if(validdomain($domain) == 0){ + return 0; + } + + if($domain == 'local') { return 1; } + + if(in_array($domain, $domains) ) { + return 1; + } else { + return -1; + } +} + + +function validdomain($domain = '') { + if($domain == '') { return 0; } + + if(preg_match("/@local$/", $domain)) { return 1; } + + if(preg_match('/@?[a-zA-Z0-9-]+(\.[a-zA-Z0-9-]+)*(\.[a-zA-Z]{2,5})$/', $domain)) { + return 1; + } + + return 0; +} + + function first_n_characters($what, $n){ $x = ""; $len = 0; diff --git a/webui/view/javascript/piler.js b/webui/view/javascript/piler.js index 928e6ac7..d2df989f 100644 --- a/webui/view/javascript/piler.js +++ b/webui/view/javascript/piler.js @@ -650,6 +650,16 @@ function append_email_from_slider(id, value) { } +function append_domain_from_slider(id, value) { + var prefix = '\n'; + + a = opener.document.getElementById('domains'); + if(a && a.value == '') prefix = ''; + + a.value += prefix + value; +} + + function fill_current_messages_array() { var a = document.getElementById('results'); j = 1; @@ -697,6 +707,26 @@ $(document).ready(function() { } }); + $("#s_piler_domain").autocomplete({ + source: domains_search_url, + minLength: 2, + select: function( event, ui ) { + if(ui.item){ + var prefix = '\n'; + var a = document.getElementById("domains"); + + if(a && a.value == '') prefix = ''; + + $('#domains').val($('#domains').val() + prefix + ui.item.value); + + } + + ui.item.value = ''; + } + + }); + + $("#s_piler_group").autocomplete({ source: group_search_url, minLength: 2, diff --git a/webui/view/theme/default/templates/common/layout.tpl b/webui/view/theme/default/templates/common/layout.tpl index 550692f6..8e3f2f58 100644 --- a/webui/view/theme/default/templates/common/layout.tpl +++ b/webui/view/theme/default/templates/common/layout.tpl @@ -19,6 +19,7 @@