From: Joerg D. <jd...@us...> - 2006-01-29 20:41:34
|
Update of /cvsroot/ispman/ispman/lib/ISPMan In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv9977/lib/ISPMan Modified Files: UserMan.pm Log Message: fixed bug [ 1416653 ] UserMan.pm allows MailAliases for foreign domains (patch provided by micha137) Index: UserMan.pm =================================================================== RCS file: /cvsroot/ispman/ispman/lib/ISPMan/UserMan.pm,v retrieving revision 1.55 retrieving revision 1.56 diff -u -d -r1.55 -r1.56 --- UserMan.pm 1 Jan 2005 20:39:20 -0000 1.55 +++ UserMan.pm 29 Jan 2006 20:41:26 -0000 1.56 @@ -49,6 +49,7 @@ searchUsers addUserFileServerProcess + containsInvalidMailAliases ); $VERSION = '0.01'; @@ -294,11 +295,36 @@ } } +# added by Michael Bunk, Jan 2006 +sub containsInvalidMailAliases +{ + my $self = shift; + my $aliases = shift; + my $masterDomain = shift; + my $replicas = $self->getReplicasOfDomain($masterDomain); + my @validDomains; + if(defined($replicas)) { @validDomains = keys %$replicas; } + push @validDomains, $masterDomain; +OUTER: foreach(@$aliases) + { + next if(/^[\w\.\-\+]*$/); + if(/^[\w\.\-\+]+@([\w\.\-]+)$/) + { + foreach my $d (@validDomains) + { + next OUTER if($d eq $1); + } + } + return (1, _("Mail aliases to users from foreign domains are forbidden: '$_'")); + } + return (0, undef); +} + sub update_user { my $self = shift; my $r = shift; my $dn = $self->getUserDN( $r->param("ispmanDomain"), $r->param("uid") ); - + my $userInfo = $self->getUserInfo( $r->param("uid") ); my $data = {}; for ( qw(sn givenName mailLocalAddress mailRoutingAddress FTPStatus FTPQuotaMBytes) @@ -314,6 +340,16 @@ $data->{'mailAlias'} = $self->as_arrayref( split( /\s+/, $r->param("mailAlias") ) ); + + # added by Michael Bunk, Jan 2006 + my ($invalid, $errmsg) = $self->containsInvalidMailAliases($data->{'mailAlias'}, + $userInfo->{'ispmanDomain'}); + if($invalid) + { + print $errmsg; + return 0; + } + $data->{'mailForwardingAddress'} = $self->as_arrayref( split( /\s+/, $r->param("mailForwardingAddress") ) ); @@ -322,7 +358,6 @@ # ldifupdate anyways. # $data->{'objectClass'} = $self->{'Config'}{'ispmanUserObjectclasses'}; - my $userInfo = $self->getUserInfo( $r->param("uid") ); if ( $userInfo->{'mailHost'} && $r->param("mailQuota") ) { my $quota = $r->param("mailQuota") * 1024; my $mailbox=$r->param("uid"); @@ -363,12 +398,34 @@ sub addMailAliasForUser { my $self = shift; my ( $uid, $domain, $values ) = @_; + + # added by Michael Bunk, Jan 2006 + my ($invalid, $errmsg) = $self->containsInvalidMailAliases($values, $domain); + if($invalid) + { + print $errmsg; + # actually, we should return a Net::LDAP::Message to return the same + # type as addUserAttributeValues() + return 0; + } + return $self->addUserAttributeValues( $uid, $domain, 'mailAlias', $values ); } sub replaceMailAliasForUser { my $self = shift; my ( $uid, $domain, $values ) = @_; + + # added by Michael Bunk, Jan 2006 + my ($invalid, $errmsg) = $self->containsInvalidMailAliases($values, $domain); + if($invalid) + { + print $errmsg; + # actually, we should return a Net::LDAP::Message to return the same + # type as addUserAttributeValues() + return 0; + } + return $self->replaceUserAttributeValues( $uid, $domain, 'mailAlias', $values ); } |