From 79b16d2a04b61587759b36b0ab773c2ebaf352a9 Mon Sep 17 00:00:00 2001 From: Markus Warg Date: Wed, 18 Aug 2010 14:57:13 +0200 Subject: [PATCH] display all emails to an user (check more addresses) add method to get all email addresses that are associated to an account, use list of addresses to allow access to emails (mail ping issue #834 #845) modified: manager/application/configs/application.ini modified: manager/application/controllers/MailController.php new file: manager/library/CAcert/User/Emails.php --- manager/application/configs/application.ini | 1 + .../controllers/MailController.php | 15 ++++- manager/library/CAcert/User/Emails.php | 57 +++++++++++++++++++ 3 files changed, 71 insertions(+), 2 deletions(-) create mode 100644 manager/library/CAcert/User/Emails.php diff --git a/manager/application/configs/application.ini b/manager/application/configs/application.ini index 61edc99..61f7d98 100644 --- a/manager/application/configs/application.ini +++ b/manager/application/configs/application.ini @@ -10,6 +10,7 @@ resources.frontController.noErrorHandler = 0 resources.frontController.useDefaultControllerAlways = 0 resources.layout.layoutPath = APPLICATION_PATH "/layouts/scripts" resources.view[] = +autoloadernamespaces.0 = "CAcert_" ; Database settings for Session DB ca_mgr.db.session.pdo = "Pdo_Mysql" diff --git a/manager/application/controllers/MailController.php b/manager/application/controllers/MailController.php index 1ba73e2..e1449fd 100644 --- a/manager/application/controllers/MailController.php +++ b/manager/application/controllers/MailController.php @@ -8,6 +8,11 @@ require_once(LIBRARY_PATH . '/imap/imapConnection.php'); class MailController extends Zend_Controller_Action { + /** + * list of email addresses associated with that account + * @var array + */ + private $addresses = array(); public function init() { @@ -25,6 +30,11 @@ class MailController extends Zend_Controller_Action $this->view->url(array('controller' => 'mail', 'action' => 'full'), 'default', true) . '"' . (($action == 'full')?' class="active"':'') . '>' . I18n::_('View all Mails') . '', Zend_View_Helper_Placeholder_Container_Abstract::SET, 2); } + + $emails = new CAcert_User_Emails(); + + $this->addresses = $emails->getEmailAddressesByLogin($session->authdata['authed_username']); + } public function indexAction() @@ -43,7 +53,7 @@ class MailController extends Zend_Controller_Action $header = $imap->imapHeader($i+1); // skip all emails that do not belong to the user - if ($header->toaddress != $session->authdata['authed_username']) + if (!in_array($header->toaddress, $this->addresses)) continue; $header->uid = $imap->imapUID($i+1); @@ -114,7 +124,8 @@ class MailController extends Zend_Controller_Action $header = $imap->imapFetchOverview($uid); $session = Zend_Registry::get('session'); - if ($session->authdata['authed_role'] != 'Admin' && $header->to != $session->authdata['authed_username']) { + + if ($session->authdata['authed_role'] != 'Admin' && !in_array($header->to, $this->addresses)) { $this->view->message = I18n::_('This message does not belong to you'); } else { diff --git a/manager/library/CAcert/User/Emails.php b/manager/library/CAcert/User/Emails.php new file mode 100644 index 0000000..d345ce8 --- /dev/null +++ b/manager/library/CAcert/User/Emails.php @@ -0,0 +1,57 @@ +debug(__METHOD__); + } + + /** + * get list of email addresses by login, needed to be able to filter emails + * @param string $addr + * @return array + */ + public function getEmailAddressesByLogin($addr) { + $db = Zend_Registry::get('auth2_dbc'); + + /** + * find out user id by email address + */ + $sql = 'select users.id from users where email=?'; + + $id = $db->fetchOne($sql, array($addr)); + + /** + * get secondary email addresses + */ + $sql = 'select email.email from email where memid=?'; + + $res = $db->query($sql, array($id)); + + $emails = array(); + + $num = $res->rowCount(); + for ($i = 0; $i < $num; $i++) { + $row = $res->fetch(PDO::FETCH_ASSOC); + $emails[] = $row['email']; + } + + /** + * get additional addresses by domains + */ + $sql = 'select domains.domain from domains where memid=?'; + + $res = $db->query($sql, array($id)); + $num = $res->rowCount(); + $variants = array('root','hostmaster','postmaster','admin','webmaster'); + for ($i = 0; $i < $num; $i++) { + $row = $res->fetch(PDO::FETCH_ASSOC); + + foreach ($variants as $variant) { + $emails[] = $variants . '@' . $row['domain']; + } + } + + Log::Log()->debug(__METHOD__ . ' mail addresses ' . var_export($emails, true)); + return $emails; + } +} \ No newline at end of file