gunnar: server/kolab-webadmin/kolab-webadmin/www/admin/user user.php.in, 1.28.2.2, 1.28.2.3

cvs at kolab.org cvs at kolab.org
Mon Dec 7 14:17:04 CET 2009 

Author: gunnar

Update of /kolabrepository/server/kolab-webadmin/kolab-webadmin/www/admin/user
In directory doto:/tmp/cvs-serv17684/kolab-webadmin/kolab-webadmin/www/admin/user

Modified Files:
      Tag: kolab_2_2_branch
	user.php.in 
Log Message:
 kolab/issue1340 (RFC: restrict users to sending mail only to internal recipients)

Index: user.php.in
===================================================================
RCS file: /kolabrepository/server/kolab-webadmin/kolab-webadmin/www/admin/user/user.php.in,v
retrieving revision 1.28.2.2
retrieving revision 1.28.2.3
diff -u -d -r1.28.2.2 -r1.28.2.3
--- user.php.in	3 Dec 2009 20:34:31 -0000	1.28.2.2
+++ user.php.in	7 Dec 2009 13:17:02 -0000	1.28.2.3
@@ -148,6 +148,59 @@
   return '';
 }
 
+function checksmtprecipient ( $form, $key, $value ) {
+  $lst = array_unique( array_filter( array_map( 'trim', preg_split( '/\n/', $value ) ), 'strlen') );
+  $str = '';
+  require_once 'Mail/RFC822.php';
+  foreach( $lst as $SMTPRecipient ) {
+    $trimmed = ltrim($SMTPRecipient, "-."); // potentially every entry is negated with a '-'
+    // $SMTPRecipient is either an 
+    // - email address
+    // - local part of an email address with an @ suffix
+    // - a domain part
+	if (valid_domain($SMTPRecipient)) {
+	  return '';
+	}
+	if (valid_local_part($SMTPRecipient)) {
+      return sprintf(_("Syntax for Recipient %s is invalid"), $SMTPRecipient);
+    }
+    $result = valid_email_address($SMTPRecipient);
+	if (is_a($result, 'PEAR_Error')) {
+	  return $result->getMessage();
+	} else {
+	  return '';
+	}
+  }
+  return '';
+}
+
+
+function valid_email_address($address) {
+// the following addresses are invalid
+// email1.. at kolab.org
+// email1.- at kolab.org
+// email1._ at kolab.org
+// email1 at 2sub.kolab.org
+// email1 at sub.sub.2sub.kolab.org
+  $check = new Mail_RFC822($address);
+  return $check->parseAddressList(null, null, null, true);
+}
+
+function valid_domain($domain) {
+// the following subdomains are invalid
+// 2sub.kolab.org
+// sub.sub.2sub.kolab.org
+  $check = new Mail_RFC822();
+  return $check->_validateDomain($domain);
+}
+
+function valid_local_part($local_part) {
+  // the local part always has an @ appended
+  $local_part = rtrim($local_part, '@'); 
+  $check = new Mail_RFC822();
+  return $check->_validateLocalPart($local_part);
+}
+
 // Check uid/gid used in invitation policy
 // We're pretty relaxed about what is entered 
 // here and only check some basic syntax
@@ -302,6 +355,15 @@
   else $v = "";
   if(array_key_exists('kolabdelegate',$form->entries)) $form->entries['kolabdelegate']['value'] = $v;
 
+  // kolabAllowSMTPRecipient
+  if (is_array($ldap_object['kolabAllowSMTPRecipient'])) {
+	$arr = $ldap_object['kolabAllowSMTPRecipient'];
+	unset( $arr['count'] );
+	$v = join("\n", $arr );
+  }
+  else $v = "";
+  if(array_key_exists('kolabAllowSMTPRecipient',$form->entries)) $form->entries['kolabAllowSMTPRecipient']['value'] = $v;
+
   // kolabhomeserver
   if(array_key_exists('kolabhomeserver',$form->entries)) {
 	  if( is_array($ldap_object['kolabHomeServer']) ) {
@@ -430,6 +492,12 @@
 		'comment' => _('Others allowed to send emails with a "from" address of this account.') . '<br/>' .
 			_('One email address per line.') );
 
+$entries['kolabAllowSMTPRecipient'] =array( 'name' => _('Allowed Recipients'),
+                'type' => 'textarea',
+                'validation' => 'checksmtprecipient',
+                'comment' => _('Restrict allowed recipients of SMTP messages') . '<br/>' .
+                        _('One entry per line.') );
+ 
 $entries['title_0'] = array( 'name' => _('Title') );
 $entries['o_0'] = array( 'name' => _('Organisation') );
 $entries['ou_0'] = array( 'name' => _('Organisational Unit') );
@@ -552,6 +620,11 @@
 	   $ldap_object['kolabDelegate'] = array_unique( array_filter( array_map( 'trim', 
 												preg_split( '/\n/', $_POST['kolabdelegate'] ) ), 'strlen') );
 	   if( !$ldap_object['kolabDelegate'] && $action == 'firstsave' ) unset($ldap_object['kolabDelegate']);
+
+	   // kolabAllowSMTPRecipient
+	   $ldap_object['kolabAllowSMTPRecipient'] = array_unique( array_filter( array_map( 'trim', 
+												preg_split( '/\n/', $_POST['kolabAllowSMTPRecipient'] ) ), 'strlen') );
+	   if( !$ldap_object['kolabAllowSMTPRecipient'] && $action == 'firstsave' ) unset($ldap_object['kolabAllowSMTPRecipient']);
 
 
        if ($auth->group() == "maintainer" || $auth->group() == "admin") {

More information about the commits mailing list