[Web] Started work on ACL, fix notifications

master
andryyy 2017-08-18 22:18:14 +02:00
parent d6bfccecba
commit 66ae588445
8 changed files with 254 additions and 21 deletions

View File

@ -18,7 +18,8 @@ function setLang(sel) {
$(document).ready(function() { $(document).ready(function() {
function mailcow_alert_box(message, type) { function mailcow_alert_box(message, type) {
$.notify({message: message},{type: type,placement: {from: "bottom",align: "right"},animate: {enter: 'animated fadeInUp',exit: 'animated fadeOutDown'}}); msg = $('<span/>').html(message).text();
$.notify({message: msg},{type: type,placement: {from: "bottom",align: "right"},animate: {enter: 'animated fadeInUp',exit: 'animated fadeOutDown'}});
} }
<?php if (isset($_SESSION['return'])): ?> <?php if (isset($_SESSION['return'])): ?>
mailcow_alert_box("<?= $_SESSION['return']['msg']; ?>", "<?= $_SESSION['return']['type']; ?>"); mailcow_alert_box("<?= $_SESSION['return']['msg']; ?>", "<?= $_SESSION['return']['type']; ?>");

View File

@ -218,6 +218,23 @@ function check_login($user, $pass) {
} }
sleep($_SESSION['ldelay']); sleep($_SESSION['ldelay']);
} }
function set_acl() {
global $pdo;
if (!isset($_SESSION['mailcow_cc_username'])) {
return false;
}
$username = strtolower(trim($_SESSION['mailcow_cc_username']));
$stmt = $pdo->prepare("SELECT * FROM `user_acl` WHERE `username` = :username");
$stmt->execute(array(':username' => $username));
$acl['acl'] = $stmt->fetch(PDO::FETCH_ASSOC);
unset($acl['acl']['username']);
if (!empty($acl)) {
$_SESSION = array_merge($_SESSION, $acl);
}
else {
return false;
}
}
function formatBytes($size, $precision = 2) { function formatBytes($size, $precision = 2) {
if(!is_numeric($size)) { if(!is_numeric($size)) {
return "0"; return "0";

View File

@ -7,6 +7,13 @@ function mailbox($_action, $_type, $_data = null) {
case 'add': case 'add':
switch ($_type) { switch ($_type) {
case 'time_limited_alias': case 'time_limited_alias':
if (!isset($_SESSION['acl']['spam_alias']) || $_SESSION['acl']['spam_alias'] != "1" ) {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['access_denied'])
);
return false;
}
if (isset($_data['username']) && filter_var($_data['username'], FILTER_VALIDATE_EMAIL)) { if (isset($_data['username']) && filter_var($_data['username'], FILTER_VALIDATE_EMAIL)) {
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $_data['username'])) { if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $_data['username'])) {
$_SESSION['return'] = array( $_SESSION['return'] = array(
@ -66,6 +73,13 @@ function mailbox($_action, $_type, $_data = null) {
); );
break; break;
case 'syncjob': case 'syncjob':
if (!isset($_SESSION['acl']['syncjobs']) || $_SESSION['acl']['syncjobs'] != "1" ) {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['access_denied'])
);
return false;
}
if (isset($_data['username']) && filter_var($_data['username'], FILTER_VALIDATE_EMAIL)) { if (isset($_data['username']) && filter_var($_data['username'], FILTER_VALIDATE_EMAIL)) {
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $_data['username'])) { if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $_data['username'])) {
$_SESSION['return'] = array( $_SESSION['return'] = array(
@ -743,6 +757,10 @@ function mailbox($_action, $_type, $_data = null) {
':domain' => $domain, ':domain' => $domain,
':active' => $active ':active' => $active
)); ));
$stmt = $pdo->prepare("INSERT INTO `user_acl` (`username`) VALUES (:username)");
$stmt->execute(array(
':username' => $username
));
$_SESSION['return'] = array( $_SESSION['return'] = array(
'type' => 'success', 'type' => 'success',
'msg' => sprintf($lang['success']['mailbox_added'], htmlspecialchars($username)) 'msg' => sprintf($lang['success']['mailbox_added'], htmlspecialchars($username))
@ -949,6 +967,13 @@ function mailbox($_action, $_type, $_data = null) {
else { else {
$usernames = $_data['username']; $usernames = $_data['username'];
} }
if (!isset($_SESSION['acl']['tls_policy']) || $_SESSION['acl']['tls_policy'] != "1" ) {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['access_denied'])
);
return false;
}
foreach ($usernames as $username) { foreach ($usernames as $username) {
if (!filter_var($username, FILTER_VALIDATE_EMAIL) || !hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $username)) { if (!filter_var($username, FILTER_VALIDATE_EMAIL) || !hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $username)) {
$_SESSION['return'] = array( $_SESSION['return'] = array(
@ -998,6 +1023,13 @@ function mailbox($_action, $_type, $_data = null) {
else { else {
$usernames = $_data['username']; $usernames = $_data['username'];
} }
if (!isset($_SESSION['acl']['spam_score']) || $_SESSION['acl']['spam_score'] != "1" ) {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['access_denied'])
);
return false;
}
foreach ($usernames as $username) { foreach ($usernames as $username) {
$lowspamlevel = explode(',', $_data['spam_score'])[0]; $lowspamlevel = explode(',', $_data['spam_score'])[0];
$highspamlevel = explode(',', $_data['spam_score'])[1]; $highspamlevel = explode(',', $_data['spam_score'])[1];
@ -1046,6 +1078,13 @@ function mailbox($_action, $_type, $_data = null) {
); );
break; break;
case 'time_limited_alias': case 'time_limited_alias':
if (!isset($_SESSION['acl']['spam_alias']) || $_SESSION['acl']['spam_alias'] != "1" ) {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['access_denied'])
);
return false;
}
if (!is_array($_data['address'])) { if (!is_array($_data['address'])) {
$addresses = array(); $addresses = array();
$addresses[] = $_data['address']; $addresses[] = $_data['address'];
@ -1103,6 +1142,13 @@ function mailbox($_action, $_type, $_data = null) {
else { else {
$usernames = $_data['username']; $usernames = $_data['username'];
} }
if (!isset($_SESSION['acl']['delimiter_action']) || $_SESSION['acl']['delimiter_action'] != "1" ) {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['access_denied'])
);
return false;
}
foreach ($usernames as $username) { foreach ($usernames as $username) {
if (!filter_var($username, FILTER_VALIDATE_EMAIL) || !hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $username)) { if (!filter_var($username, FILTER_VALIDATE_EMAIL) || !hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $username)) {
$_SESSION['return'] = array( $_SESSION['return'] = array(
@ -1206,6 +1252,13 @@ function mailbox($_action, $_type, $_data = null) {
else { else {
$ids = $_data['id']; $ids = $_data['id'];
} }
if (!isset($_SESSION['acl']['syncjobs']) || $_SESSION['acl']['syncjobs'] != "1" ) {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['access_denied'])
);
return false;
}
foreach ($ids as $id) { foreach ($ids as $id) {
$is_now = mailbox('get', 'syncjob_details', $id); $is_now = mailbox('get', 'syncjob_details', $id);
if (!empty($is_now)) { if (!empty($is_now)) {
@ -2677,6 +2730,13 @@ function mailbox($_action, $_type, $_data = null) {
else { else {
$ids = $_data['id']; $ids = $_data['id'];
} }
if (!isset($_SESSION['acl']['syncjobs']) || $_SESSION['acl']['syncjobs'] != "1" ) {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['access_denied'])
);
return false;
}
foreach ($ids as $id) { foreach ($ids as $id) {
if (!is_numeric($id)) { if (!is_numeric($id)) {
$_SESSION['return'] = array( $_SESSION['return'] = array(
@ -2721,6 +2781,13 @@ function mailbox($_action, $_type, $_data = null) {
else { else {
$addresses = $_data['address']; $addresses = $_data['address'];
} }
if (!isset($_SESSION['acl']['spam_alias']) || $_SESSION['acl']['spam_alias'] != "1" ) {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['access_denied'])
);
return false;
}
foreach ($addresses as $address) { foreach ($addresses as $address) {
try { try {
$stmt = $pdo->prepare("SELECT `goto` FROM `spamalias` WHERE `address` = :address"); $stmt = $pdo->prepare("SELECT `goto` FROM `spamalias` WHERE `address` = :address");
@ -2769,6 +2836,13 @@ function mailbox($_action, $_type, $_data = null) {
else { else {
$usernames = $_data['username']; $usernames = $_data['username'];
} }
if (!isset($_SESSION['acl']['eas_reset']) || $_SESSION['acl']['eas_reset'] != "1" ) {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['access_denied'])
);
return false;
}
foreach ($usernames as $username) { foreach ($usernames as $username) {
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $username)) { if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $username)) {
$_SESSION['return'] = array( $_SESSION['return'] = array(

View File

@ -1,5 +1,4 @@
<?php <?php
function policy($_action, $_scope, $_data = null) { function policy($_action, $_scope, $_data = null) {
global $pdo; global $pdo;
global $redis; global $redis;
@ -99,6 +98,13 @@ function policy($_action, $_scope, $_data = null) {
); );
return false; return false;
} }
if (!isset($_SESSION['acl']['spam_policy']) || $_SESSION['acl']['spam_policy'] != "1" ) {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['access_denied'])
);
return false;
}
if ($_data['object_list'] == "bl") { if ($_data['object_list'] == "bl") {
$object_list = "blacklist_from"; $object_list = "blacklist_from";
} }
@ -233,6 +239,13 @@ function policy($_action, $_scope, $_data = null) {
else { else {
$prefids = $_data['prefid']; $prefids = $_data['prefid'];
} }
if (!isset($_SESSION['acl']['spam_policy']) || $_SESSION['acl']['spam_policy'] != "1" ) {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['access_denied'])
);
return false;
}
foreach ($prefids as $prefid) { foreach ($prefids as $prefid) {
if (!is_numeric($prefid)) { if (!is_numeric($prefid)) {
$_SESSION['return'] = array( $_SESSION['return'] = array(

View File

@ -3,7 +3,7 @@ function init_db_schema() {
try { try {
global $pdo; global $pdo;
$db_version = "20072107_1029"; $db_version = "02082017_0938";
$stmt = $pdo->query("SHOW TABLES LIKE 'versions'"); $stmt = $pdo->query("SHOW TABLES LIKE 'versions'");
$num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC)); $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
@ -127,6 +127,30 @@ function init_db_schema() {
), ),
"attr" => "ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC" "attr" => "ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC"
), ),
"user_acl" => array(
"cols" => array(
"username" => "VARCHAR(255) NOT NULL",
"spam_alias" => "TINYINT(1) NOT NULL DEFAULT '1'",
"tls_policy" => "TINYINT(1) NOT NULL DEFAULT '1'",
"spam_score" => "TINYINT(1) NOT NULL DEFAULT '1'",
"spam_policy" => "TINYINT(1) NOT NULL DEFAULT '1'",
"delimiter_action" => "TINYINT(1) NOT NULL DEFAULT '1'",
"syncjobs" => "TINYINT(1) NOT NULL DEFAULT '1'",
"eas_reset" => "TINYINT(1) NOT NULL DEFAULT '1'",
"eas_autoconfig" => "TINYINT(1) NOT NULL DEFAULT '1'"
),
"keys" => array(
"fkey" => array(
"fk_username" => array(
"col" => "username",
"ref" => "mailbox.username",
"delete" => "CASCADE",
"update" => "NO ACTION"
)
)
),
"attr" => "ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC"
),
"alias_domain" => array( "alias_domain" => array(
"cols" => array( "cols" => array(
"alias_domain" => "VARCHAR(255) NOT NULL", "alias_domain" => "VARCHAR(255) NOT NULL",
@ -511,6 +535,19 @@ function init_db_schema() {
$pdo->query("ALTER TABLE `" . $table . "` " . $is_drop . "ADD UNIQUE KEY `" . $key_name . "` (" . $fields . ")"); $pdo->query("ALTER TABLE `" . $table . "` " . $is_drop . "ADD UNIQUE KEY `" . $key_name . "` (" . $fields . ")");
} }
} }
if (strtolower($key_type) == 'fkey') {
foreach ($key_content as $key_name => $key_values) {
$fields = "`" . implode("`, `", $key_values) . "`";
$stmt = $pdo->query("SHOW KEYS FROM `" . $table . "` WHERE Key_name = '" . $key_name . "'");
$num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
if ($num_results != 0) {
$pdo->query("ALTER TABLE `" . $table . "` DROP FOREIGN KEY `" . $key_name . "`");
}
@list($table_ref, $field_ref) = explode('.', $key_values['ref']);
$pdo->query("ALTER TABLE `" . $table . "` ADD FOREIGN KEY `" . $key_name . "` (" . $key_values['col'] . ") REFERENCES `" . $table_ref . "` (`" . $field_ref . "`)
ON DELETE " . $key_values['delete'] . " ON UPDATE " . $key_values['update']);
}
}
} }
// Drop all vanished columns // Drop all vanished columns
$stmt = $pdo->query("SHOW COLUMNS FROM `" . $table . "`"); $stmt = $pdo->query("SHOW COLUMNS FROM `" . $table . "`");
@ -535,10 +572,21 @@ function init_db_schema() {
$keys_to_exist[] = $key_name; $keys_to_exist[] = $key_name;
} }
} }
// Index for foreign key must exist
if (isset($properties['keys']['fkey']) && is_array($properties['keys']['fkey'])) {
foreach ($properties['keys']['fkey'] as $key_name => $key_values) {
$keys_to_exist[] = $key_name;
}
}
// Step 2: Drop all vanished indexes // Step 2: Drop all vanished indexes
while ($row = array_shift($keys_in_table)) { while ($row = array_shift($keys_in_table)) {
if (!in_array($row['Key_name'], $keys_to_exist)) { if (!in_array($row['Key_name'], $keys_to_exist)) {
$pdo->query("ALTER TABLE `" . $table . "` DROP INDEX `" . $row['Key_name'] . "`"); try {
$pdo->query("ALTER TABLE `" . $table . "` DROP FOREIGN KEY `" . $row['Key_name'] . "`");
}
finally {
$pdo->query("ALTER TABLE `" . $table . "` DROP INDEX `" . $row['Key_name'] . "`");
}
} }
} }
// Step 3: Drop all vanished primary keys // Step 3: Drop all vanished primary keys
@ -575,6 +623,14 @@ function init_db_schema() {
$sql .= "UNIQUE KEY `" . $key_name . "` (" . $fields . ")" . ","; $sql .= "UNIQUE KEY `" . $key_name . "` (" . $fields . ")" . ",";
} }
} }
elseif (strtolower($key_type) == 'fkey') {
foreach ($key_content as $key_name => $key_values) {
@list($table_ref, $field_ref) = explode('.', $key_values['ref']);
$fields = "`" . implode("`, `", $key_values) . "`";
$sql .= "FOREIGN KEY `" . $key_name . "` (" . $key_values['col'] . ") REFERENCES `" . $table_ref . "` (`" . $field_ref . "`)
ON DELETE " . $key_values['delete'] . " ON UPDATE " . $key_values['update'] . ",";
}
}
} }
$sql = rtrim($sql, ","); $sql = rtrim($sql, ",");
$sql .= ") " . $properties['attr']; $sql .= ") " . $properties['attr'];
@ -606,6 +662,9 @@ function init_db_schema() {
'type' => 'success', 'type' => 'success',
'msg' => 'Database initialisation completed' 'msg' => 'Database initialisation completed'
); );
// Fix user_acl
$stmt = $pdo->query("INSERT INTO `user_acl` (`username`) SELECT `username` FROM `mailbox` WHERE `kind` = '' AND NOT EXISTS (SELECT `username` FROM `user_acl`);");
} }
catch (PDOException $e) { catch (PDOException $e) {
$_SESSION['return'] = array( $_SESSION['return'] = array(

View File

@ -70,3 +70,6 @@ require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/functions.fail2ban.inc.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/init_db.inc.php'; require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/init_db.inc.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/triggers.inc.php'; require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/triggers.inc.php';
init_db_schema(); init_db_schema();
if (isset($_SESSION['mailcow_cc_role'])) {
set_acl();
}

View File

@ -34,6 +34,8 @@ jQuery(function($){
var date = new Date(tm ? tm * 1000 : 0); var date = new Date(tm ? tm * 1000 : 0);
return date.toLocaleString(); return date.toLocaleString();
} }
acl_data = JSON.parse(acl);
function draw_tla_table() { function draw_tla_table() {
ft_tla_table = FooTable.init('#tla_table', { ft_tla_table = FooTable.init('#tla_table', {
"columns": [ "columns": [
@ -52,10 +54,16 @@ jQuery(function($){
}, },
success: function (data) { success: function (data) {
$.each(data, function (i, item) { $.each(data, function (i, item) {
item.action = '<div class="btn-group">' + if (acl_data.spam_alias === 1) {
'<a href="#" id="delete_selected" data-id="single-tla" data-api-url="delete/time_limited_alias" data-item="' + encodeURI(item.address) + '" class="btn btn-xs btn-danger"><span class="glyphicon glyphicon-trash"></span> ' + lang.remove + '</a>' + item.action = '<div class="btn-group">' +
'</div>'; '<a href="#" id="delete_selected" data-id="single-tla" data-api-url="delete/time_limited_alias" data-item="' + encodeURI(item.address) + '" class="btn btn-xs btn-danger"><span class="glyphicon glyphicon-trash"></span> ' + lang.remove + '</a>' +
item.chkbox = '<input type="checkbox" data-id="tla" name="multi_select" value="' + item.address + '" />'; '</div>';
item.chkbox = '<input type="checkbox" data-id="tla" name="multi_select" value="' + item.address + '" />';
}
else {
item.chkbox = '<input type="checkbox" disabled />';
item.action = '<span>-</span>';
}
}); });
} }
}), }),
@ -97,11 +105,17 @@ jQuery(function($){
item.log = '<a href="#logModal" data-toggle="modal" data-log-text="' + escapeHtml(item.returned_text) + '">Open logs</a>' item.log = '<a href="#logModal" data-toggle="modal" data-log-text="' + escapeHtml(item.returned_text) + '">Open logs</a>'
item.exclude = '<code>' + item.exclude + '</code>' item.exclude = '<code>' + item.exclude + '</code>'
item.server_w_port = item.user1 + '@' + item.host1 + ':' + item.port1; item.server_w_port = item.user1 + '@' + item.host1 + ':' + item.port1;
item.action = '<div class="btn-group">' + if (acl_data.syncjobs === 1) {
'<a href="/edit.php?syncjob=' + item.id + '" class="btn btn-xs btn-default"><span class="glyphicon glyphicon-pencil"></span> ' + lang.edit + '</a>' + item.action = '<div class="btn-group">' +
'<a href="#" id="delete_selected" data-id="single-syncjob" data-api-url="delete/syncjob" data-item="' + encodeURI(item.id) + '" class="btn btn-xs btn-danger"><span class="glyphicon glyphicon-trash"></span> ' + lang.remove + '</a>' + '<a href="/edit.php?syncjob=' + item.id + '" class="btn btn-xs btn-default"><span class="glyphicon glyphicon-pencil"></span> ' + lang.edit + '</a>' +
'</div>'; '<a href="#" id="delete_selected" data-id="single-syncjob" data-api-url="delete/syncjob" data-item="' + encodeURI(item.id) + '" class="btn btn-xs btn-danger"><span class="glyphicon glyphicon-trash"></span> ' + lang.remove + '</a>' +
item.chkbox = '<input type="checkbox" data-id="syncjob" name="multi_select" value="' + item.id + '" />'; '</div>';
item.chkbox = '<input type="checkbox" data-id="syncjob" name="multi_select" value="' + item.id + '" />';
}
else {
item.action = '<span>-</span>';
item.chkbox = '<input type="checkbox" disabled />';
}
}); });
} }
}), }),
@ -139,6 +153,9 @@ jQuery(function($){
else { else {
item.chkbox = '<input type="checkbox" disabled title="' + lang.spamfilter_table_domain_policy + '" />'; item.chkbox = '<input type="checkbox" disabled title="' + lang.spamfilter_table_domain_policy + '" />';
} }
if (acl_data.spam_policy === 0) {
item.chkbox = '<input type="checkbox" disabled />';
}
}); });
} }
}), }),
@ -176,6 +193,9 @@ jQuery(function($){
else { else {
item.chkbox = '<input type="checkbox" disabled tooltip="' + lang.spamfilter_table_domain_policy + '" />'; item.chkbox = '<input type="checkbox" disabled tooltip="' + lang.spamfilter_table_domain_policy + '" />';
} }
if (acl_data.spam_policy === 0) {
item.chkbox = '<input type="checkbox" disabled />';
}
}); });
} }
}), }),

View File

@ -78,7 +78,8 @@ elseif (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == '
</div> </div>
<hr> <hr>
<?php // Get user information about aliases <?php // Get user information about aliases
$user_get_alias_details = user_get_alias_details($username);?> $user_get_alias_details = user_get_alias_details($username);
?>
<div class="row"> <div class="row">
<div class="col-md-3 col-xs-5 text-right"><?=$lang['user']['aliases'];?>:</div> <div class="col-md-3 col-xs-5 text-right"><?=$lang['user']['aliases'];?>:</div>
<div class="col-md-9 col-xs-7"> <div class="col-md-9 col-xs-7">
@ -121,9 +122,12 @@ elseif (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == '
<p><?=formatBytes($mailboxdata['quota_used'], 2);?> / <?=formatBytes($mailboxdata['quota'], 2);?>, <?=$mailboxdata['messages'];?> <?=$lang['user']['messages'];?></p> <p><?=formatBytes($mailboxdata['quota_used'], 2);?> / <?=formatBytes($mailboxdata['quota'], 2);?>, <?=$mailboxdata['messages'];?> <?=$lang['user']['messages'];?></p>
</div> </div>
</div> </div>
<hr> <?php
<?php // Show tagging options ?> ($_SESSION['acl']['delimiter_action'] == 0 && $_SESSION['acl']['delimiter_action'] == 0 && $_SESSION['acl']['delimiter_action'] == 0) ? null : '<hr>';
<?php $get_tagging_options = mailbox('get', 'delimiter_action', $username);?> // Show tagging options
if ($_SESSION['acl']['delimiter_action'] == 1):
$get_tagging_options = mailbox('get', 'delimiter_action', $username);
?>
<div class="row"> <div class="row">
<div class="col-md-3 col-xs-5 text-right"><?=$lang['user']['tag_handling'];?>:</div> <div class="col-md-3 col-xs-5 text-right"><?=$lang['user']['tag_handling'];?>:</div>
<div class="col-md-9 col-xs-7"> <div class="col-md-9 col-xs-7">
@ -148,8 +152,12 @@ elseif (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == '
<p class="help-block"><?=$lang['user']['tag_help_example'];?></p> <p class="help-block"><?=$lang['user']['tag_help_example'];?></p>
</div> </div>
</div> </div>
<?php // Show TLS policy options ?> <?php
<?php $get_tls_policy = mailbox('get', 'tls_policy', $username); ?> endif;
// Show TLS policy options
if ($_SESSION['acl']['tls_policy'] == 1):
$get_tls_policy = mailbox('get', 'tls_policy', $username);
?>
<div class="row"> <div class="row">
<div class="col-md-3 col-xs-5 text-right"><?=$lang['user']['tls_policy'];?>:</div> <div class="col-md-3 col-xs-5 text-right"><?=$lang['user']['tls_policy'];?>:</div>
<div class="col-md-9 col-xs-7"> <div class="col-md-9 col-xs-7">
@ -173,7 +181,11 @@ elseif (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == '
<p class="help-block"><?=$lang['user']['tls_policy_warning'];?></p> <p class="help-block"><?=$lang['user']['tls_policy_warning'];?></p>
</div> </div>
</div> </div>
<?php // Rest EAS devices ?> <?php
endif;
// Rest EAS devices
if ($_SESSION['acl']['eas_reset'] == 1):
?>
<div class="row"> <div class="row">
<div class="col-md-3 col-xs-5 text-right"><?=$lang['user']['eas_reset'];?>:</div> <div class="col-md-3 col-xs-5 text-right"><?=$lang['user']['eas_reset'];?>:</div>
<div class="col-md-9 col-xs-7"> <div class="col-md-9 col-xs-7">
@ -181,6 +193,9 @@ elseif (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == '
<p class="help-block"><?=$lang['user']['eas_reset_help'];?></p> <p class="help-block"><?=$lang['user']['eas_reset_help'];?></p>
</div> </div>
</div> </div>
<?php
endif;
?>
</div> </div>
</div> </div>
@ -201,6 +216,9 @@ elseif (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == '
</div> </div>
</div> </div>
</div> </div>
<?php
if ($_SESSION['acl']['spam_alias'] == 1):
?>
<div class="mass-actions-user"> <div class="mass-actions-user">
<div class="btn-group"> <div class="btn-group">
<div class="btn-group"> <div class="btn-group">
@ -224,6 +242,9 @@ elseif (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == '
</div> </div>
</div> </div>
</div> </div>
<?php
endif;
?>
</div> </div>
<div role="tabpanel" class="tab-pane" id="Spamfilter"> <div role="tabpanel" class="tab-pane" id="Spamfilter">
@ -251,7 +272,10 @@ elseif (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == '
<p><?=$lang['user']['spamfilter_hint'];?></p> <p><?=$lang['user']['spamfilter_hint'];?></p>
</div> </div>
</div> </div>
<div class="form-group"> <?php
if ($_SESSION['acl']['spam_score'] == 1):
?>
<div class="form-group">
<div class="col-sm-offset-2 col-sm-10"> <div class="col-sm-offset-2 col-sm-10">
<button type="button" class="btn btn-sm btn-success" id="edit_selected" <button type="button" class="btn btn-sm btn-success" id="edit_selected"
data-item="<?= $username; ?>" data-item="<?= $username; ?>"
@ -260,6 +284,9 @@ elseif (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == '
data-api-attr='{}'><?=$lang['user']['save_changes'];?></button> data-api-attr='{}'><?=$lang['user']['save_changes'];?></button>
</div> </div>
</div> </div>
<?php
endif;
?>
</form> </form>
<hr> <hr>
<div class="row"> <div class="row">
@ -269,6 +296,9 @@ elseif (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == '
<div class="table-responsive"> <div class="table-responsive">
<table class="table table-striped table-condensed" id="wl_policy_mailbox_table"></table> <table class="table table-striped table-condensed" id="wl_policy_mailbox_table"></table>
</div> </div>
<?php
if ($_SESSION['acl']['spam_policy'] == 1):
?>
<div class="mass-actions-user"> <div class="mass-actions-user">
<div class="btn-group"> <div class="btn-group">
<a class="btn btn-sm btn-default" id="toggle_multi_select_all" data-id="policy_wl_mailbox" href="#"><span class="glyphicon glyphicon-check" aria-hidden="true"></span> <?=$lang['mailbox']['toggle_all'];?></a> <a class="btn btn-sm btn-default" id="toggle_multi_select_all" data-id="policy_wl_mailbox" href="#"><span class="glyphicon glyphicon-check" aria-hidden="true"></span> <?=$lang['mailbox']['toggle_all'];?></a>
@ -284,6 +314,9 @@ elseif (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == '
</span> </span>
</div> </div>
</form> </form>
<?php
endif;
?>
</div> </div>
<div class="col-sm-6"> <div class="col-sm-6">
<h4><?=$lang['user']['spamfilter_bl'];?></h4> <h4><?=$lang['user']['spamfilter_bl'];?></h4>
@ -291,6 +324,9 @@ elseif (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == '
<div class="table-responsive"> <div class="table-responsive">
<table class="table table-striped table-condensed" id="bl_policy_mailbox_table"></table> <table class="table table-striped table-condensed" id="bl_policy_mailbox_table"></table>
</div> </div>
<?php
if ($_SESSION['acl']['spam_policy'] == 1):
?>
<div class="mass-actions-user"> <div class="mass-actions-user">
<div class="btn-group"> <div class="btn-group">
<a class="btn btn-sm btn-default" id="toggle_multi_select_all" data-id="policy_bl_mailbox" href="#"><span class="glyphicon glyphicon-check" aria-hidden="true"></span> <?=$lang['mailbox']['toggle_all'];?></a> <a class="btn btn-sm btn-default" id="toggle_multi_select_all" data-id="policy_bl_mailbox" href="#"><span class="glyphicon glyphicon-check" aria-hidden="true"></span> <?=$lang['mailbox']['toggle_all'];?></a>
@ -308,6 +344,9 @@ elseif (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == '
</span> </span>
</div> </div>
</form> </form>
<?php
endif;
?>
</div> </div>
</div> </div>
</div> </div>
@ -316,6 +355,9 @@ elseif (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == '
<div class="table-responsive"> <div class="table-responsive">
<table class="table table-striped" id="sync_job_table"></table> <table class="table table-striped" id="sync_job_table"></table>
</div> </div>
<?php
if ($_SESSION['acl']['syncjobs'] == 1):
?>
<div class="mass-actions-user"> <div class="mass-actions-user">
<div class="btn-group"> <div class="btn-group">
<a class="btn btn-sm btn-default" id="toggle_multi_select_all" data-id="syncjob" href="#"><span class="glyphicon glyphicon-check" aria-hidden="true"></span> <?=$lang['mailbox']['toggle_all'];?></a> <a class="btn btn-sm btn-default" id="toggle_multi_select_all" data-id="syncjob" href="#"><span class="glyphicon glyphicon-check" aria-hidden="true"></span> <?=$lang['mailbox']['toggle_all'];?></a>
@ -329,6 +371,9 @@ elseif (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == '
<a class="btn btn-sm btn-success" href="#" data-toggle="modal" data-target="#addSyncJobModal"><span class="glyphicon glyphicon-plus"></span> <?=$lang['user']['create_syncjob'];?></a> <a class="btn btn-sm btn-success" href="#" data-toggle="modal" data-target="#addSyncJobModal"><span class="glyphicon glyphicon-plus"></span> <?=$lang['user']['create_syncjob'];?></a>
</div> </div>
</div> </div>
<?php
endif;
?>
</div> </div>
</div> </div>
@ -343,6 +388,7 @@ require_once $_SERVER['DOCUMENT_ROOT'] . '/modals/user.php';
<?php <?php
$lang_user = json_encode($lang['user']); $lang_user = json_encode($lang['user']);
echo "var lang = ". $lang_user . ";\n"; echo "var lang = ". $lang_user . ";\n";
echo "var acl = '". json_encode($_SESSION['acl']) . "';\n";
echo "var csrf_token = '". $_SESSION['CSRF']['TOKEN'] . "';\n"; echo "var csrf_token = '". $_SESSION['CSRF']['TOKEN'] . "';\n";
echo "var mailcow_cc_username = '". $_SESSION['mailcow_cc_username'] . "';\n"; echo "var mailcow_cc_username = '". $_SESSION['mailcow_cc_username'] . "';\n";
echo "var pagination_size = '". $PAGINATION_SIZE . "';\n"; echo "var pagination_size = '". $PAGINATION_SIZE . "';\n";