holm/egroupware
1
1
Fork 0
forked from extern/egroupware
Code Issues Pull Requests Packages Projects Releases Wiki Activity

mail config to deny access to certain features

Browse Source
This commit is contained in:
Ralf Becker 2014-02-05 20:20:02 +00:00
parent 9ef38e33dc
commit 4c45f65801
3 changed files with 136 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

66
mail/inc/class.mail_hooks.inc.php
View File

@ -512,7 +512,7 @@ class mail_hooks
'xmlrpc' => False,
'admin' => False
),
'prefpreventmanagefolders' => array(
/*'prefpreventmanagefolders' => array(
'type' => 'select',
'label' => 'Prevent managing folders',
'help' => 'Do you want to prevent the managing of folders (creation, accessrights AND subscribtion)?',
@ -571,7 +571,7 @@ class mail_hooks
'xmlrpc' => True,
'admin' => False,
'forced' => '0',
),
),*/
'notavailableautofolders' => array(
'type' => 'multiselect',
'label' => 'do not auto create folders',
@ -691,15 +691,18 @@ class mail_hooks
}
// create account wizard
$file += array(
'create new account' => "javascript:egw_openWindowCentered2('" .
egw::link('/index.php', array('menuaction' => 'mail.mail_wizard.add'), '').
"','_blank',640,480,'yes')",
);
if ($preferences['prefcontroltestconnection'] <> 'none') $file['Test Connection'] = egw::link('/index.php','menuaction=mail.mail_ui.TestConnection&appname=mail');
if (self::access('createaccount'))
{
$file += array(
'create new account' => "javascript:egw_openWindowCentered2('" .
egw::link('/index.php', array('menuaction' => 'mail.mail_wizard.add'), '').
"','_blank',640,480,'yes')",
);
}
if (self::access('testconnection'))
{
$file['Test Connection'] = egw::link('/index.php','menuaction=mail.mail_ui.TestConnection&appname=mail');
}
// display them all
display_sidebox($appname,$menu_title,$file);
@ -862,4 +865,45 @@ class mail_hooks
egw_cache::setCache(egw_cache::INSTANCE,'email','notified_mail_uids'.trim($GLOBALS['egw_info']['user']['account_id']),$notified_mail_uidsCache, $expiration=60*60*24*2);
return true;
}
/**
* Hook returning options for deny_* groups
*
* @param string $name function name
* @param array $arguments
* @return string html
*/
public static function __callStatic($name, $arguments)
{
if (substr($name, 0, 5) != 'deny_')
{
throw new egw_exception_wrong_parameter("No method $name!");
}
$accountsel = new uiaccountsel();
return '<input type="hidden" value="" name="newsettings['.$name.']" />'.
$accountsel->selection('newsettings['.$name.']', 'deny_prefs', $arguments[0][$name], 'groups', 4);
}
/**
* Check if current user has access to a specific feature
*
* Example: if (!mail_hooks::access("managerfolders")) return;
*
* @param string $feature "createaccounts", "managefolders", "forwards", "notifications", "filters",
* "notificationformailviaemail", "editfilterrules", "absentnotice", "testconnection", "aclmanagement"
* @return boolean true if user has access, false if not
*/
public static function access($feature)
{
static $config=null;
if (!isset($config)) $config = (array)config::read('mail');
if (!empty($config['deny_'.$feature]))
{
$denied_groups = explode(',', $config['deny_'.$feature]);
return array_intersect($denied_groups, $GLOBALS['egw']->accounts->memberships($GLOBALS['egw_info']['user']['account_id'], true));
}
return true;
}
}

19
mail/inc/class.mail_ui.inc.php
View File

@ -410,12 +410,27 @@ class mail_ui
);
}
if (!$this->mail_bo->icServer->queryCapability('ACL')) unset($tree_actions['edit_acl']);
if (!$this->mail_bo->icServer->acc_sieve_enabled)
// enforce global (group-specific) ACL
if (!$this->mail_bo->icServer->queryCapability('ACL') || !mail_hooks::access('aclmanagement'))
{
unset($tree_actions['edit_acl']);
}
if (!$this->mail_bo->icServer->acc_sieve_enabled || !mail_hooks::access('editfilterrules'))
{
unset($tree_actions['sieve']);
}
if (!$this->mail_bo->icServer->acc_sieve_enabled || !mail_hooks::access('absentnotice'))
{
unset($tree_actions['vacation']);
}
if (!mail_hooks::access('managefolders'))
{
unset($tree_actions['add']);
unset($tree_actions['move']);
unset($tree_actions['delete']);
unset($tree_actions['subscribe']);
unset($tree_actions['unsubscribe']);
}
$etpl->setElementAttribute(self::$nm_index.'[foldertree]','actions', $tree_actions);

84
mail/templates/default/config.tpl
View File

@ -11,10 +11,13 @@
<!-- END header -->
<!-- BEGIN body -->
<tr class="th">
<td colspan="2">&nbsp;<b>{lang_felamimail}</b> - {lang_acl}</td>
<td colspan="2"><b>{lang_General}</b></td>
</tr>
<tr class="row_on">
<td>&nbsp;{lang_display_of_identities}:</td>
<td>
<b>{lang_display_of_identities}</b><br/>
{lang_how_should_the_available_information_on_identities_be_displayed}
</td>
<td>
<select name="newsettings[how2displayIdentities]">
<option value=""{selected_how2displayIdentities_full}>{lang_all_available_info}</option>
@ -24,37 +27,78 @@
</select>
</td>
</tr>
<tr class="row_off">
<td colspan="2">&nbsp;{lang_how_should_the_available_information_on_identities_be_displayed}</td>
<tr class="th">
<td colspan="2"><b>{lang_Deny_certain_groups_access_to_following_features}</b></td>
</tr>
<tr class="row_on">
<td>&nbsp;{lang_restrict_acl_management}:</td>
<td>
<select name="newsettings[restrict_acl_management]">
<option value=""{selected_restrict_acl_management_False}>{lang_No}</option>
<option value="True"{selected_restrict_acl_management_True}>{lang_Yes}</option>
</select>
<td>
<b>{lang_Create_new_account}</b>
</td>
<td>{call_mail_hooks::deny_createaccount}</td>
</tr>
<tr class="row_off">
<td colspan="2">&nbsp;{lang_effective_only_if_server_supports_ACL_at_all}</td>
<td>
<b>{lang_Prevent_managing_folders}</b><br/>
{lang_Do_you_want_to_prevent_the_managing_of_folders_(creation,_accessrights_AND_subscribtion)?}
</td>
<td>{call_mail_hooks::deny_managefolders}</td>
</tr>
<tr class="row_on">
<td>
<b>{lang_Prevent_managing_forwards}</b><br/>
{lang_Do_you_want_to_prevent_the_editing/setup_for_forwarding_of_mails_via_settings_(,_even_if_SIEVE_is_enabled)?}
</td>
<td>{call_mail_hooks::deny_forwards}</td>
</tr>
<tr class="row_off">
<td>
<b>{lang_Prevent_managing_notifications}</b><br/>
{lang_Do_you_want_to_prevent_the_editing/setup_of_notification_by_mail_to_other_emailadresses_if_emails_arrive_(,_even_if_SIEVE_is_enabled)?}
</td>
<td>{call_mail_hooks::deny_notificationformailviaemail}</td>
</tr>
<tr class="row_on">
<td>
<b>{lang_Prevent_managing_filters}</b><br/>
{lang_Do_you_want_to_prevent_the_editing/setup_of_filter_rules_(,_even_if_SIEVE_is_enabled)?}
</td>
<td>{call_mail_hooks::deny_editfilterrules}</td>
</tr>
<tr class="row_off">
<td>
<b>{lang_Prevent_managing_vacation_notice}</b><br/>
{lang_Do_you_want_to_prevent_the_editing/setup_of_the_absent/vacation_notice_(,_even_if_SIEVE_is_enabled)?}
</td>
<td>{call_mail_hooks::deny_absentnotice}</td>
</tr>
<tr class="row_on">
<td>
<b>{lang_Test_connection}</b><br/>
{lang_Show_Test_Connection_section_and_control_the_level_of_info_displayed??}
</td>
<td>{call_mail_hooks::deny_testconnection}</td>
</tr>
<tr class="row_on">
<td>
<b>{lang_restrict_acl_management}</b><br/>
{lang_effective_only_if_server_supports_ACL_at_all}
</td>
<td>{call_mail_hooks::deny_aclmanagement}</td>
</tr>
<tr class="th">
<td colspan="2">&nbsp;<b>{lang_felamimail}</b> - {lang_sieve}</td>
<td colspan="2"><b>{lang_felamimail}</b> - {lang_sieve}</td>
</tr>
<tr class="row_on">
<td>&nbsp;{lang_vacation_notice}:</td>
<td>
<b>{lang_vacation_notice}</b><br/>
{lang_provide_a_default_vacation_text,_(used_on_new_vacation_messages_when_there_was_no_message_set_up_previously)}
</td>
<td><textarea name="newsettings[default_vacation_text]" cols="50" rows="8">{value_default_vacation_text}</textarea></td>
</tr>
<tr class="row_off">
<td colspan="2">&nbsp;{lang_provide_a_default_vacation_text,_(used_on_new_vacation_messages_when_there_was_no_message_set_up_previously)}</td>
</tr>
<!-- END body -->
<!-- BEGIN footer -->
<tr valign="bottom" style="height: 30px;">
<td colspan="2" align="center">
<input type="submit" name="submit" value="{lang_submit}">
<input type="submit" name="cancel" value="{lang_cancel}">
<td colspan="2">
{submit}{cancel}
</td>
</tr>
</table>