[Kolab-devel] lib/KolabAdmin package.xml www/admin

Bogomil "Bogo" Shopov shopov at kolabsys.com
Thu Jun 23 13:16:07 CEST 2011 

On 06/23/2011 01:37 PM, Gunnar Wrobel wrote:
> Quoting Bogomil Shopov <shopov at kolabsys.com>:
>
>> lib/KolabAdmin/include/menu.php |   35 ++++++++++++++++++++++++++++-------
>>  package.xml                     |   11 +++++++----
>>  www/admin/user/activesync.php   |   16 ++++++++++------
>>  3 files changed, 45 insertions(+), 17 deletions(-)
>>
>> New commits:
>> commit 253dd2c9f6054919036ccc56e07b6ccdb8608608
>> Author: Bogomil Shopov (Kolab Systems) <shopov at kolabsys.com>
>> Date:   Thu Jun 23 12:55:37 2011 +0300
>>
>>     Adding ACL checking for ActiveSync. Removing duplicated menu
>> Items. Hiding menu and functionalities depends on ACL.
>>
>>     Changinf package xml with adding file tasks.
>>
>> diff --git a/lib/KolabAdmin/include/menu.php
>> b/lib/KolabAdmin/include/menu.php
>> index b079453..e1bc874 100644
>> --- a/lib/KolabAdmin/include/menu.php
>> +++ b/lib/KolabAdmin/include/menu.php
>> @@ -3,7 +3,8 @@
>>   *  Copyright (c) 2004 Klarälvdalens Datakonsult AB
>>   *
>>   *    Written by Steffen Hansen <steffen at klaralvdalens-datakonsult.se>
>> - *
>> + *	  Updated by Bogomil Shopov <shopov at kolabsys.com>
>> + *
>>   *  This  program is free  software; you can redistribute  it and/or
>>   *  modify it  under the terms of the GNU  General Public License as
>>   *  published by the  Free Software Foundation; either version 2, or
>> @@ -20,8 +21,28 @@
>>
>>  require_once('locale.php');
>>
>> +/*
>> + * z-Push part for activesync
>> + *
>> + * */
>> +
>> +include_once '@www_dir@/z-push/config.php';
>> +$showasmenu=true;
>> +if(defined('KOLAB_LDAP_ACL') and KOLAB_LDAP_ACL !=""){
>> +	$showasmenu=false;
>> +	$filter = '(member='.$_SESSION['auth_user'].')';
>> +	$result = $ldap->search( KOLAB_LDAP_ACL, $filter);
>> +	if (ldap_count_entries($ldap->connection, $result) > 0)
>> +		$showasmenu=true;
>> +}
>> +
>> +/*
>> + * end z-push activesync part
>> + * */
>> +
>>  $menuitems = array();
>>
>> +
>>  if( $auth->group() == "admin" || $auth->group() == "maintainer" ||
>> $auth->group() == 'domain-maintainer' ) {
>>    $menuitems['user'] = array( 'name' => _('Users'),
>>  							  'url'  => $topdir.'/user/',
>> @@ -39,14 +60,14 @@ if( $auth->group() == "admin" || $auth->group()
>> == "maintainer" || $auth->group(
>>  												 array( 'name' => _('Forward Email'),
>>  														'url'  => 'forward.php' ),
>>  												 array( 'name' => _('Vacation'),
>> -														'url'  => 'vacation.php' ),
>> -												array( 'name' => _('ActiveSync'),
>> -														'url'  => 'activesync.php' ),
>> -																		));
>> -
>> +														'url'  => 'vacation.php' )
>> +																	));
>> +if($showasmenu){
>> +
>>  	$menuitems['activesync'] = array( 'name' => _('ActiveSync'),
>>  							  'url'  => $topdir.'/user/activesync.php',
>> -							  'title' => _('ActiveSync'));
>> +							  'title' => _('ActiveSync'));
>> + }
>>  }
>>  if( $auth->group() == "admin" || $auth->group() == "maintainer") {
>>    $menuitems['addressbook'] = array( 'name' => _('Addressbook'),
>> diff --git a/package.xml b/package.xml
>> index 572b22c..c60bc4b 100644
>> --- a/package.xml
>> +++ b/package.xml
>> @@ -121,7 +121,9 @@
>>        <file name="headers.php" role="php" />
>>        <file name="ldap.class.php" role="php" />
>>        <file name="locale.php" role="php" />
>> -      <file name="menu.php" role="php" />
>> +      <file name="menu.php" role="php" >
>> +      	<replace from="@www_dir@" to="www_dir" type="pear-config"/>
>> +      	</file>
>>        <file name="mysmarty.php" role="php" />
>>        <file name="passwd.php" role="php" />
>>        <file name="Sieve.php" role="php" />
>> @@ -244,14 +246,15 @@
>>        <file name="sf.php" role="www" />
>>       </dir> <!-- /www/admin/sharedfolder -->
>>       <dir name="user">
>> -      <file name="activesync.php" role="www" />
>> +      <file name="activesync.php" role="php">
>> +      	<replace from="@www_dir@" to="www_dir" type="pear-config"/>
>> +      </file>
>>        <file name="deliver.php" role="www" />
>>        <file name="forward.php" role="www" />
>>        <file name="index.php" role="www" />
>>        <file name="user.php" role="www" />
>>        <file name="vacation.php" role="www" />
>> -      <file name="activesync.php" role="www" />
>> -     </dir> <!-- /www/admin/user -->
>> +      </dir> <!-- /www/admin/user -->
>>       <file name="custom.css" role="www" />
>>       <file name="favicon.ico" role="www" />
>>       <file name="favicon.png" role="www" />
>> diff --git a/www/admin/user/activesync.php b/www/admin/user/activesync.php
>> index 0b211cb..0c51e96 100755
>> --- a/www/admin/user/activesync.php
>> +++ b/www/admin/user/activesync.php
>> @@ -27,12 +27,8 @@ require_once('KolabAdmin/include/authenticate.php');
>>  require_once('KolabAdmin/include/form.class.php');
>>  require_once('KolabAdmin/include/passwd.php');
>>
>> -//try to include ALL possible configuration files
>> - at include_once '/kolab/var/kolab/www/z-push/config.php';
>> - at include_once '/etc/z-push/config.php';
>> - at include_once '/usr/share/z-push/config.php';
>> - at include_once '/var/www/z-push/config.php';
>> -
>> +//include z-Push config file file
>> +include_once '@www_dir@/z-push/config.php';
> It was a lot of work to get hardcoded paths out of the web admin. You
> should avoid hardcoding the knowledge of the installation path to
> z-push in the code. While "@www_dir@" is variable it is being replaced
> with a hard coded path when building the distributable package. 

> In
> theory the system administrator should be able to place the z-push
> application anywhere he would like.
I don't think he can so easy to do that :)
>  I know: on OpenPKG this is usually
> not the case but we shouldn't code specifically for OpenPKG.
>
> So this should go into a configuration variable.
Any recommendations  then?
> Cheers,
>
> Gunnar
>
>>
>>  //define errors array
>> @@ -43,6 +39,14 @@ if((@include_once
>> 'Horde/Kolab/Kolab_Zpush/lib/kolabActivesyncData.php') === fal
>>  	$errors[] =_('zPush in not enabled in your system.');
>>  }
>>
>> +//check for permissions ACL from zpush config file
>> +if(defined('KOLAB_LDAP_ACL') and KOLAB_LDAP_ACL !=""){
>> +	$filter = '(member='.$_SESSION['auth_user'].')';
>> +	$result = $ldap->search( KOLAB_LDAP_ACL, $filter);
>> +	if (ldap_count_entries($ldap->connection, $result) == 0)
>> +		$errors[] ="You don't have permissions to manage your activeSync
>> devices.";
>> +}
>> +
>>  /*read from her value of the KOLAB_LAXPIC
>>   -1 = allow the user to select (or if the constant doesn't exist)
>>   0  = same as the annotations (no lax mode just jpeg)
> --
> Core Developer
> The Horde Project
>
> e: wrobel at horde.org
> t: +49 700 6245 0000
> w: http://www.horde.org
>
> pgp: 9703 43BE
> tweets: http://twitter.com/pardus_de
> blog: http://log.pardus.de
>
> _______________________________________________
> Kolab-devel mailing list
> Kolab-devel at kolab.org
> https://kolab.org/mailman/listinfo/kolab-devel


-- 
Bogomil "Bogo" Shopov
Senior Web Engineer

Kolab Systems AG
Zürich, Switzerland

e: shopov at kolabsys.com
t: +359 888 098 768
w: http://kolabsys.com

pgp: 0xE69A226A Bogomil Shopov

More information about the devel mailing list