added the RESTRICTED_AUDITOR option to restrict auditors to their own domain

This commit is contained in:
SJ 2012-11-26 21:12:28 +01:00
parent c0420fed0a
commit e1f8ea3ed0
2 changed files with 56 additions and 21 deletions

View File

@ -20,6 +20,7 @@ define('SEARCH_RESULT_CHECKBOX_CHECKED', 1);
define('HELPER_URL', '');
define('ENABLE_SYSLOG', 0);
define('REWRITE_MESSAGE_ID', 0);
define('RESTRICTED_AUDITOR', 0);
define('GOOGLE_CLIENT_ID', 'xxxxxxxxxxx');
define('GOOGLE_CLIENT_SECRET', 'xxxxxxxxxxxxx');
define('GOOGLE_DEVELOPER_KEY', 'xxxxxxxxxxxx');

View File

@ -175,11 +175,21 @@ class ModelSearchSearch extends Model {
if(Registry::get('auditor_user') == 1 || ENABLE_FOLDER_RESTRICTIONS == 1) {
if($from == '' && $to == '') { return ""; }
$domain_restrictions = '';
if($f && $t) { return "($f & $t)"; }
else if($f) { return "($f)"; }
else if($t) { return "($t)"; }
if(RESTRICTED_AUDITOR == 1) {
$domain_restrictions = ' (@todomain ' . $this->fix_email_address_for_sphinx($_SESSION['domain']) . ' | @fromdomain ' . $this->fix_email_address_for_sphinx($_SESSION['domain']) . ')';
}
if($from == '' && $to == '') { return $domain_restrictions; }
if(RESTRICTED_AUDITOR == 1) {
$domain_restrictions = " & $domain_restrictions";
}
if($f && $t) { return "($f & $t) $domain_restrictions"; }
else if($f) { return "($f) $domain_restrictions"; }
else if($t) { return "($t) $domain_restrictions"; }
}
@ -527,10 +537,15 @@ class ModelSearchSearch extends Model {
if($id == '') { return 0; }
if(Registry::get('auditor_user') == 1) { return 1; }
if(Registry::get('auditor_user') == 1 && RESTRICTED_AUDITOR == 0) { return 1; }
array_push($arr, $id);
if(Registry::get('auditor_user') == 1 && RESTRICTED_AUDITOR == 1) {
$q = "?";
array_push($a, $_SESSION['domain']);
}
else {
while(list($k, $v) = each($_SESSION['emails'])) {
if(validemail($v) == 1) {
$q .= ",?";
@ -539,6 +554,8 @@ class ModelSearchSearch extends Model {
}
$q = preg_replace("/^\,/", "", $q);
}
$arr = array_merge($arr, $a, $a);
@ -547,7 +564,12 @@ class ModelSearchSearch extends Model {
if(isset($query->row['folder']) && in_array($query->row['folder'], $_SESSION['folders'])) { return 1; }
}
else {
if(Registry::get('auditor_user') == 1 && RESTRICTED_AUDITOR == 1) {
$query = $this->db->query("SELECT id FROM " . VIEW_MESSAGES . " WHERE id=? AND ( `fromdomain` IN ($q) OR `todomain` IN ($q) )", $arr);
} else {
$query = $this->db->query("SELECT id FROM " . VIEW_MESSAGES . " WHERE id=? AND ( `from` IN ($q) OR `to` IN ($q) )", $arr);
}
if(isset($query->row['id'])) { return 1; }
}
@ -570,6 +592,11 @@ class ModelSearchSearch extends Model {
$q2 = preg_replace("/^\,/", "", $q2);
if(Registry::get('auditor_user') == 1 && RESTRICTED_AUDITOR == 1) {
$q = "?";
array_push($a, $_SESSION['domain']);
}
else {
if(Registry::get('auditor_user') == 0) {
while(list($k, $v) = each($_SESSION['emails'])) {
if(validemail($v) == 1) {
@ -579,20 +606,27 @@ class ModelSearchSearch extends Model {
}
}
$q = preg_replace("/^\,/", "", $q);
}
if(Registry::get('auditor_user') == 1) {
if(Registry::get('auditor_user') == 1 && RESTRICTED_AUDITOR == 0) {
$query = $this->db->query("SELECT id FROM `" . TABLE_META . "` WHERE `id` IN ($q2)", $arr);
} else {
}
else {
if(ENABLE_FOLDER_RESTRICTIONS == 1) {
$query = $this->sphx->query("SELECT id, folder FROM " . SPHINX_MAIN_INDEX . " WHERE id IN (" . implode(",", $id) . ")");
}
else {
$arr = array_merge($arr, $a, $a);
if(Registry::get('auditor_user') == 1 && RESTRICTED_AUDITOR == 1) {
$query = $this->db->query("SELECT id FROM `" . VIEW_MESSAGES . "` WHERE `id` IN ($q2) AND ( `fromdomain` IN ($q) OR `todomain` IN ($q) )", $arr);
} else {
$query = $this->db->query("SELECT id FROM `" . VIEW_MESSAGES . "` WHERE `id` IN ($q2) AND ( `from` IN ($q) OR `to` IN ($q) )", $arr);
}
}
}
if($query->num_rows > 0) {