SF.net SVN: postfixadmin:[1774] trunk
Brought to you by:
christian_boltz,
gingerdog
Menu
▾
▴
SF.net SVN: postfixadmin:[1774] trunk
|
From: <chr...@us...> - 2015-04-06 20:35:22
|
Revision: 1774
http://sourceforge.net/p/postfixadmin/code/1774
Author: christian_boltz
Date: 2015-04-06 20:35:19 +0000 (Mon, 06 Apr 2015)
Log Message:
-----------
AliasHandler:
- initStruct(): replace (wrong) 'editable' with '_can_edit' and '_can_delete'
- read_from_db_postprocess(): disable _can_edit and _can_delete for
default aliases if special_alias_control is off and not superadmin
list.tpl:
- use $item._can_edit instead of $check_alias_owner
list-virtual.php:
- drop $check_alias_owner variable and check_alias_owner() call
(replaced by the code added in AliasHandler)
- drop unused $sql_domain
functions.inc.php:
- delete no longer used check_alias_owner() function
Modified Paths:
--------------
trunk/functions.inc.php
trunk/list-virtual.php
trunk/model/AliasHandler.php
trunk/templates/list-virtual_alias.tpl
Modified: trunk/functions.inc.php
===================================================================
--- trunk/functions.inc.php 2015-04-06 14:17:25 UTC (rev 1773)
+++ trunk/functions.inc.php 2015-04-06 20:35:19 UTC (rev 1774)
@@ -568,23 +568,6 @@
-//
-// check_alias_owner
-// Action: Checks if the admin is the owner of the alias.
-// Call: check_alias_owner (string admin, string alias)
-//
-function check_alias_owner ($username, $alias) {
- global $CONF;
- if (authentication_has_role('global-admin')) return true;
- $tmp = preg_split('/\@/', $alias);
- if (($CONF['special_alias_control'] == 'NO') && array_key_exists($tmp[0], $CONF['default_aliases'])) {
- return false;
- } else {
- return true;
- }
-}
-
-
/**
* List domains for an admin user.
* @param String $username
Modified: trunk/list-virtual.php
===================================================================
--- trunk/list-virtual.php 2015-04-06 14:17:25 UTC (rev 1773)
+++ trunk/list-virtual.php 2015-04-06 20:35:19 UTC (rev 1774)
@@ -136,11 +136,9 @@
if (count($search) == 0 || !isset($search['_'])) {
$list_param = "domain='$fDomain'";
- $sql_domain = " $table_alias.domain='$fDomain' ";
} else {
$searchterm = escape_string($search['_']);
$list_param = "(address LIKE '%$searchterm%' OR goto LIKE '%$searchterm%')";
- $sql_domain = db_in_clause("$table_alias.domain", $list_domains);
}
$handler = new AliasHandler(0, $admin_username);
@@ -290,12 +288,10 @@
}
$gen_show_status = array ();
-$check_alias_owner = array ();
if ((is_array ($tAlias) and sizeof ($tAlias) > 0)) {
foreach (array_keys($tAlias) as $i) {
$gen_show_status [$i] = gen_show_status($tAlias[$i]['address']);
- $check_alias_owner [$i] = check_alias_owner($admin_username, $tAlias[$i]['address']);
}
}
@@ -455,7 +451,6 @@
$smarty->assign ('tAlias', $tAlias);
$smarty->assign ('gen_show_status', $gen_show_status, false);
-$smarty->assign ('check_alias_owner', $check_alias_owner);
$smarty->assign ('tCanAddAlias', $tCanAddAlias);
$smarty->assign ('tMailbox', $tMailbox);
$smarty->assign ('gen_show_status_mailbox', $gen_show_status_mailbox, false);
Modified: trunk/model/AliasHandler.php
===================================================================
--- trunk/model/AliasHandler.php 2015-04-06 14:17:25 UTC (rev 1773)
+++ trunk/model/AliasHandler.php 2015-04-06 20:35:19 UTC (rev 1774)
@@ -56,14 +56,11 @@
'active' => pacol( 1, 1, 1, 'bool', 'active' , '' , 1 ),
'created' => pacol( 0, 0, 1, 'ts', 'created' , '' ),
'modified' => pacol( 0, 0, 1, 'ts', 'last_modified' , '' ),
- 'editable' => pacol( 0, 0, 1, 'int', '' , '' , 0 ,
+ '_can_edit' => pacol( 0, 0, 1, 'vnum', '' , '' , 0 , '',
+ array('select' => '1 as _can_edit') ),
+ '_can_delete' => pacol( 0, 0, 1, 'vnum', '' , '' , 0 , '',
+ array('select' => '1 as _can_delete') ), # read_from_db_postprocess() updates the value
# aliases listed in $CONF[default_aliases] are read-only for domain admins if $CONF[special_alias_control] is NO.
- # technically 'editable' is bool, but the automatic bool conversion breaks the query. Flagging it as int avoids this problem.
- # Maybe having a vbool type (without the automatic conversion) would be cleaner - we'll see if we need it.
- /*options*/ '',
- /*not_in_db*/ 0,
- /*dont_write_to_db*/ 1,
- /*select*/ '1 as editable' ),
);
}
@@ -283,8 +280,12 @@
$db_result[$key]['goto_mailbox'] = 0;
}
- # TODO: set 'editable' to 0 if not superadmin, $CONF[special_alias_control] == NO and alias is in $CONF[default_aliases]
- # TODO: see check_alias_owner() in functions.inc.php
+ # editing a default alias (postmaster@ etc.) is only allowed if special_alias_control is allowed or if the user is a superadmin
+ $tmp = preg_split('/\@/', $db_result[$key]['address']);
+ if (!$this->is_superadmin && !Config::bool('special_alias_control') && array_key_exists($tmp[0], Config::Read('default_aliases'))) {
+ $db_result[$key]['_can_edit'] = 0;
+ $db_result[$key]['_can_delete'] = 0;
+ }
}
return $db_result;
Modified: trunk/templates/list-virtual_alias.tpl
===================================================================
--- trunk/templates/list-virtual_alias.tpl 2015-04-06 14:17:25 UTC (rev 1773)
+++ trunk/templates/list-virtual_alias.tpl 2015-04-06 20:35:19 UTC (rev 1774)
@@ -42,7 +42,7 @@
</td>
{/if}
<td>{$item.modified}</td>
- {if $check_alias_owner[$i]==true}
+ {if $item._can_edit}
<td><a href="{#url_editactive#}alias&id={$item.address|escape:"url"}&active={if ($item.active==0)}1{else}0{/if}&token={$smarty.session.PFA_token|escape:"url"}"
>{if $item.active==1}{$PALANG.YES}{else}{$PALANG.NO}{/if}</a></td>
<td><a href="{#url_create_alias#}&edit={$item.address|escape:"url"}">{$PALANG.edit}</a></td>
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
