mirror of
https://github.com/mailcow/mailcow-dockerized.git
synced 2026-03-13 10:11:23 +00:00
Compare commits
8 Commits
feat/acl-s
...
2026-03
| Author | SHA1 | Date | |
|---|---|---|---|
|
b84ba8ded1 | ||
|
|
4845928e7a | ||
|
|
4ccfedd6b3 | ||
|
e8d9315d4a | ||
|
d977ddb501 | ||
|
|
e76f5237ed | ||
|
c11ed5dd1e | ||
|
|
4ef65fc382 |
@@ -26,7 +26,6 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
|
||||
git \
|
||||
build-essential \
|
||||
gobjc \
|
||||
pkg-config \
|
||||
gnustep-make \
|
||||
gnustep-base-runtime \
|
||||
libgnustep-base-dev \
|
||||
@@ -41,7 +40,6 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
|
||||
libcurl4-openssl-dev \
|
||||
libzip-dev \
|
||||
libytnef0-dev \
|
||||
libwbxml2-dev \
|
||||
curl \
|
||||
ca-certificates \
|
||||
# Runtime dependencies
|
||||
@@ -70,7 +68,6 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
|
||||
libcurl4 \
|
||||
libzip4 \
|
||||
libytnef0 \
|
||||
libwbxml2-1 \
|
||||
# Download gosu
|
||||
&& dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')" \
|
||||
&& wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch" \
|
||||
@@ -100,9 +97,6 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
|
||||
&& ./configure --disable-debug --disable-strip \
|
||||
&& make -j$(nproc) \
|
||||
&& make install \
|
||||
&& cd /tmp/sogo/ActiveSync \
|
||||
&& . /usr/share/GNUstep/Makefiles/GNUstep.sh \
|
||||
&& make -j$(nproc) install \
|
||||
&& cd / \
|
||||
&& rm -rf /tmp/sogo \
|
||||
# Strip binaries
|
||||
@@ -152,8 +146,8 @@ RUN echo "/usr/lib64" > /etc/ld.so.conf.d/sogo.conf \
|
||||
# Create sogo user and group
|
||||
RUN groupadd -r -g 999 sogo \
|
||||
&& useradd -r -u 999 -g sogo -d /var/lib/sogo -s /bin/bash -c "SOGo Daemon" sogo \
|
||||
&& mkdir -p /var/lib/sogo /var/run/sogo /var/log/sogo /var/spool/sogo \
|
||||
&& chown -R sogo:sogo /var/lib/sogo /var/run/sogo /var/log/sogo /var/spool/sogo
|
||||
&& mkdir -p /var/lib/sogo /var/run/sogo /var/log/sogo \
|
||||
&& chown -R sogo:sogo /var/lib/sogo /var/run/sogo /var/log/sogo
|
||||
|
||||
# Create symlinks for SOGo binaries
|
||||
RUN ln -s /usr/local/sbin/sogod /usr/sbin/sogod \
|
||||
|
||||
@@ -37,6 +37,5 @@ RUN apk add --update \
|
||||
COPY watchdog.sh /watchdog.sh
|
||||
COPY check_mysql_slavestatus.sh /usr/lib/nagios/plugins/check_mysql_slavestatus.sh
|
||||
COPY check_dns.sh /usr/lib/mailcow/check_dns.sh
|
||||
COPY client.cnf /etc/my.cnf.d/client.cnf
|
||||
|
||||
CMD ["/watchdog.sh"]
|
||||
|
||||
@@ -1,3 +0,0 @@
|
||||
[client]
|
||||
ssl = false
|
||||
ssl-verify-server-cert = false
|
||||
@@ -38,7 +38,7 @@ if [[ ! -p /tmp/com_pipe ]]; then
|
||||
fi
|
||||
|
||||
# Wait for containers
|
||||
while ! mariadb-admin status --skip-ssl --socket=/var/run/mysqld/mysqld.sock -u${DBUSER} -p${DBPASS} --silent; do
|
||||
while ! mariadb-admin status --ssl=false --socket=/var/run/mysqld/mysqld.sock -u${DBUSER} -p${DBPASS} --silent; do
|
||||
echo "Waiting for SQL..."
|
||||
sleep 2
|
||||
done
|
||||
@@ -359,8 +359,8 @@ mysql_checks() {
|
||||
while [ ${err_count} -lt ${THRESHOLD} ]; do
|
||||
touch /tmp/mysql-mailcow; echo "$(tail -50 /tmp/mysql-mailcow)" > /tmp/mysql-mailcow
|
||||
err_c_cur=${err_count}
|
||||
/usr/lib/nagios/plugins/check_mysql -f /etc/my.cnf.d/client.cnf -s /var/run/mysqld/mysqld.sock -u ${DBUSER} -p ${DBPASS} -d ${DBNAME} 2>> /tmp/mysql-mailcow 1>&2; err_count=$(( ${err_count} + $? ))
|
||||
/usr/lib/nagios/plugins/check_mysql_query -f /etc/my.cnf.d/client.cnf -s /var/run/mysqld/mysqld.sock -u ${DBUSER} -p ${DBPASS} -d ${DBNAME} -q "SELECT COUNT(*) FROM information_schema.tables" 2>> /tmp/mysql-mailcow 1>&2; err_count=$(( ${err_count} + $? ))
|
||||
/usr/lib/nagios/plugins/check_mysql -s /var/run/mysqld/mysqld.sock -u ${DBUSER} -p ${DBPASS} -d ${DBNAME} 2>> /tmp/mysql-mailcow 1>&2; err_count=$(( ${err_count} + $? ))
|
||||
/usr/lib/nagios/plugins/check_mysql_query -s /var/run/mysqld/mysqld.sock -u ${DBUSER} -p ${DBPASS} -d ${DBNAME} -q "SELECT COUNT(*) FROM information_schema.tables" 2>> /tmp/mysql-mailcow 1>&2; err_count=$(( ${err_count} + $? ))
|
||||
[ ${err_c_cur} -eq ${err_count} ] && [ ! $((${err_count} - 1)) -lt 0 ] && err_count=$((${err_count} - 1)) diff_c=1
|
||||
[ ${err_c_cur} -ne ${err_count} ] && diff_c=$(( ${err_c_cur} - ${err_count} ))
|
||||
progress "MySQL/MariaDB" ${THRESHOLD} $(( ${THRESHOLD} - ${err_count} )) ${diff_c}
|
||||
@@ -384,7 +384,7 @@ mysql_repl_checks() {
|
||||
while [ ${err_count} -lt ${THRESHOLD} ]; do
|
||||
touch /tmp/mysql_repl_checks; echo "$(tail -50 /tmp/mysql_repl_checks)" > /tmp/mysql_repl_checks
|
||||
err_c_cur=${err_count}
|
||||
/usr/lib/nagios/plugins/check_mysql_slavestatus.sh -o /etc/my.cnf.d/client.cnf -S /var/run/mysqld/mysqld.sock -u root -p ${DBROOT} 2>> /tmp/mysql_repl_checks 1>&2; err_count=$(( ${err_count} + $? ))
|
||||
/usr/lib/nagios/plugins/check_mysql_slavestatus.sh -S /var/run/mysqld/mysqld.sock -u root -p ${DBROOT} 2>> /tmp/mysql_repl_checks 1>&2; err_count=$(( ${err_count} + $? ))
|
||||
[ ${err_c_cur} -eq ${err_count} ] && [ ! $((${err_count} - 1)) -lt 0 ] && err_count=$((${err_count} - 1)) diff_c=1
|
||||
[ ${err_c_cur} -ne ${err_count} ] && diff_c=$(( ${err_c_cur} - ${err_count} ))
|
||||
progress "MySQL/MariaDB replication" ${THRESHOLD} $(( ${THRESHOLD} - ${err_count} )) ${diff_c}
|
||||
|
||||
@@ -66,7 +66,7 @@ $_SESSION['acl']['tls_policy'] = "1";
|
||||
$_SESSION['acl']['quarantine_notification'] = "1";
|
||||
$_SESSION['acl']['quarantine_category'] = "1";
|
||||
$_SESSION['acl']['ratelimit'] = "1";
|
||||
$_SESSION['acl']['sogo_redirection'] = "1";
|
||||
$_SESSION['acl']['sogo_access'] = "1";
|
||||
$_SESSION['acl']['protocol_access'] = "1";
|
||||
$_SESSION['acl']['mailbox_relayhost'] = "1";
|
||||
$_SESSION['acl']['unlimited_quota'] = "1";
|
||||
|
||||
@@ -66,7 +66,7 @@ $_SESSION['acl']['tls_policy'] = "1";
|
||||
$_SESSION['acl']['quarantine_notification'] = "1";
|
||||
$_SESSION['acl']['quarantine_category'] = "1";
|
||||
$_SESSION['acl']['ratelimit'] = "1";
|
||||
$_SESSION['acl']['sogo_redirection'] = "1";
|
||||
$_SESSION['acl']['sogo_access'] = "1";
|
||||
$_SESSION['acl']['protocol_access'] = "1";
|
||||
$_SESSION['acl']['mailbox_relayhost'] = "1";
|
||||
$_SESSION['acl']['unlimited_quota'] = "1";
|
||||
|
||||
@@ -754,7 +754,7 @@ paths:
|
||||
- syncjobs
|
||||
- quarantine
|
||||
- login_as
|
||||
- sogo_redirection
|
||||
- sogo_access
|
||||
- app_passwds
|
||||
- bcc_maps
|
||||
- pushover
|
||||
@@ -807,7 +807,7 @@ paths:
|
||||
- syncjobs
|
||||
- quarantine
|
||||
- login_as
|
||||
- sogo_redirection
|
||||
- sogo_access
|
||||
- app_passwds
|
||||
- bcc_maps
|
||||
- pushover
|
||||
@@ -3423,7 +3423,7 @@ paths:
|
||||
- info@domain2.tld
|
||||
- domain3.tld
|
||||
- "*"
|
||||
sogo_redirection: "1"
|
||||
sogo_access: "1"
|
||||
username:
|
||||
- info@domain.tld
|
||||
tags: ["tag3", "tag4"]
|
||||
@@ -3474,7 +3474,7 @@ paths:
|
||||
- info@domain2.tld
|
||||
- domain3.tld
|
||||
- "*"
|
||||
sogo_redirection: "1"
|
||||
sogo_access: "1"
|
||||
tags: ["tag3", "tag4"]
|
||||
items:
|
||||
- info@domain.tld
|
||||
@@ -3506,7 +3506,7 @@ paths:
|
||||
sender_acl:
|
||||
description: list of allowed send from addresses
|
||||
type: object
|
||||
sogo_redirection:
|
||||
sogo_access:
|
||||
description: is access to SOGo webmail active or not
|
||||
type: boolean
|
||||
type: object
|
||||
@@ -4883,7 +4883,7 @@ paths:
|
||||
force_pw_update: "0"
|
||||
mailbox_format: "maildir:"
|
||||
quarantine_notification: never
|
||||
sogo_redirection: "1"
|
||||
sogo_access: "1"
|
||||
tls_enforce_in: "0"
|
||||
tls_enforce_out: "0"
|
||||
domain: doman3.tld
|
||||
@@ -5807,7 +5807,7 @@ paths:
|
||||
force_pw_update: "0"
|
||||
mailbox_format: "maildir:"
|
||||
quarantine_notification: never
|
||||
sogo_redirection: "1"
|
||||
sogo_access: "1"
|
||||
tls_enforce_in: "0"
|
||||
tls_enforce_out: "0"
|
||||
custom_attributes: {}
|
||||
|
||||
@@ -48,12 +48,7 @@ function acl($_action, $_scope = null, $_data = null, $_extra = null) {
|
||||
);
|
||||
continue;
|
||||
}
|
||||
$sogo_acl_changed = false;
|
||||
foreach ($set_acls as $set_acl_key => $set_acl_val) {
|
||||
// Track if sogo_access ACL changed
|
||||
if ($set_acl_key == 'sogo_access' && $is_now[$set_acl_key] != $set_acl_val) {
|
||||
$sogo_acl_changed = true;
|
||||
}
|
||||
$stmt = $pdo->prepare("UPDATE `user_acl` SET " . $set_acl_key . " = " . intval($set_acl_val) . "
|
||||
WHERE `username` = :username");
|
||||
$stmt->execute(array(
|
||||
@@ -65,10 +60,6 @@ function acl($_action, $_scope = null, $_data = null, $_extra = null) {
|
||||
'log' => array(__FUNCTION__, $_action, $_scope, $_data_log),
|
||||
'msg' => array('acl_saved', $username)
|
||||
);
|
||||
// Update SOGo static view if sogo_access ACL changed
|
||||
if ($sogo_acl_changed) {
|
||||
update_sogo_static_view($username);
|
||||
}
|
||||
}
|
||||
break;
|
||||
case 'domainadmin':
|
||||
|
||||
@@ -940,12 +940,8 @@ function update_sogo_static_view($mailbox = null) {
|
||||
|
||||
$mailbox_exists = false;
|
||||
if ($mailbox !== null) {
|
||||
// Check if the mailbox exists and should have SOGo access
|
||||
$stmt = $pdo->prepare("SELECT m.username FROM mailbox m
|
||||
LEFT JOIN user_acl u ON m.username = u.username
|
||||
WHERE m.username = :mailbox
|
||||
AND m.active = '1'
|
||||
AND (u.sogo_access IS NULL OR u.sogo_access = 1)");
|
||||
// Check if the mailbox exists
|
||||
$stmt = $pdo->prepare("SELECT username FROM mailbox WHERE username = :mailbox AND active = '1'");
|
||||
$stmt->execute(array(':mailbox' => $mailbox));
|
||||
$row = $stmt->fetch(PDO::FETCH_ASSOC);
|
||||
if ($row){
|
||||
@@ -980,10 +976,8 @@ function update_sogo_static_view($mailbox = null) {
|
||||
LEFT OUTER JOIN grouped_mail_aliases ga ON ga.username REGEXP CONCAT('(^|,)', mailbox.username, '($|,)')
|
||||
LEFT OUTER JOIN grouped_domain_alias_address gda ON gda.username = mailbox.username
|
||||
LEFT OUTER JOIN grouped_sender_acl_external external_acl ON external_acl.username = mailbox.username
|
||||
LEFT OUTER JOIN user_acl ON user_acl.username = mailbox.username
|
||||
WHERE
|
||||
mailbox.active = '1'
|
||||
AND (user_acl.sogo_access IS NULL OR user_acl.sogo_access = 1)
|
||||
$subquery
|
||||
ON DUPLICATE KEY UPDATE
|
||||
`domain` = VALUES(`domain`),
|
||||
@@ -1011,27 +1005,7 @@ function update_sogo_static_view($mailbox = null) {
|
||||
));
|
||||
}
|
||||
|
||||
if ($mailbox_exists) {
|
||||
// For single mailbox update, only delete this specific user
|
||||
$stmt = $pdo->prepare("DELETE FROM _sogo_static_view
|
||||
WHERE `c_uid` = :mailbox
|
||||
AND `c_uid` NOT IN (
|
||||
SELECT m.`username` FROM `mailbox` m
|
||||
LEFT JOIN `user_acl` u ON m.`username` = u.`username`
|
||||
WHERE m.`active` = '1'
|
||||
AND m.`username` = :mailbox2
|
||||
AND (u.`sogo_access` IS NULL OR u.`sogo_access` = 1)
|
||||
)");
|
||||
$stmt->execute(array(':mailbox' => $mailbox, ':mailbox2' => $mailbox));
|
||||
} else {
|
||||
// Full cleanup for all users
|
||||
$stmt = $pdo->query("DELETE FROM _sogo_static_view WHERE `c_uid` NOT IN (
|
||||
SELECT m.`username` FROM `mailbox` m
|
||||
LEFT JOIN `user_acl` u ON m.`username` = u.`username`
|
||||
WHERE m.`active` = '1'
|
||||
AND (u.`sogo_access` IS NULL OR u.`sogo_access` = 1)
|
||||
);");
|
||||
}
|
||||
$stmt = $pdo->query("DELETE FROM _sogo_static_view WHERE `c_uid` NOT IN (SELECT `username` FROM `mailbox` WHERE `active` = '1');");
|
||||
|
||||
flush_memcached();
|
||||
}
|
||||
@@ -3516,14 +3490,9 @@ function set_user_loggedin_session($user) {
|
||||
session_regenerate_id(true);
|
||||
$_SESSION['mailcow_cc_username'] = $user;
|
||||
$_SESSION['mailcow_cc_role'] = 'user';
|
||||
|
||||
acl('to_session');
|
||||
if (hasACLAccess("sogo_access")) {
|
||||
$sogo_sso_pass = file_get_contents("/etc/sogo-sso/sogo-sso.pass");
|
||||
$_SESSION['sogo-sso-user-allowed'][] = $user;
|
||||
$_SESSION['sogo-sso-pass'] = $sogo_sso_pass;
|
||||
}
|
||||
|
||||
$sogo_sso_pass = file_get_contents("/etc/sogo-sso/sogo-sso.pass");
|
||||
$_SESSION['sogo-sso-user-allowed'][] = $user;
|
||||
$_SESSION['sogo-sso-pass'] = $sogo_sso_pass;
|
||||
unset($_SESSION['pending_mailcow_cc_username']);
|
||||
unset($_SESSION['pending_mailcow_cc_role']);
|
||||
unset($_SESSION['pending_tfa_methods']);
|
||||
|
||||
@@ -1101,7 +1101,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
|
||||
$force_tfa = (isset($_data['force_tfa'])) ? intval($_data['force_tfa']) : intval($MAILBOX_DEFAULT_ATTRIBUTES['force_tfa']);
|
||||
$tls_enforce_in = (isset($_data['tls_enforce_in'])) ? intval($_data['tls_enforce_in']) : intval($MAILBOX_DEFAULT_ATTRIBUTES['tls_enforce_in']);
|
||||
$tls_enforce_out = (isset($_data['tls_enforce_out'])) ? intval($_data['tls_enforce_out']) : intval($MAILBOX_DEFAULT_ATTRIBUTES['tls_enforce_out']);
|
||||
$sogo_redirection = (isset($_data['sogo_redirection'])) ? intval($_data['sogo_redirection']) : intval($MAILBOX_DEFAULT_ATTRIBUTES['sogo_redirection']);
|
||||
$sogo_access = (isset($_data['sogo_access'])) ? intval($_data['sogo_access']) : intval($MAILBOX_DEFAULT_ATTRIBUTES['sogo_access']);
|
||||
$imap_access = (isset($_data['imap_access'])) ? intval($_data['imap_access']) : intval($MAILBOX_DEFAULT_ATTRIBUTES['imap_access']);
|
||||
$pop3_access = (isset($_data['pop3_access'])) ? intval($_data['pop3_access']) : intval($MAILBOX_DEFAULT_ATTRIBUTES['pop3_access']);
|
||||
$smtp_access = (isset($_data['smtp_access'])) ? intval($_data['smtp_access']) : intval($MAILBOX_DEFAULT_ATTRIBUTES['smtp_access']);
|
||||
@@ -1123,7 +1123,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
|
||||
'force_tfa' => strval($force_tfa),
|
||||
'tls_enforce_in' => strval($tls_enforce_in),
|
||||
'tls_enforce_out' => strval($tls_enforce_out),
|
||||
'sogo_redirection' => strval($sogo_redirection),
|
||||
'sogo_access' => strval($sogo_access),
|
||||
'imap_access' => strval($imap_access),
|
||||
'pop3_access' => strval($pop3_access),
|
||||
'smtp_access' => strval($smtp_access),
|
||||
@@ -1314,7 +1314,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
|
||||
$_data['syncjobs'] = (in_array('syncjobs', $_data['acl'])) ? 1 : 0;
|
||||
$_data['eas_reset'] = (in_array('eas_reset', $_data['acl'])) ? 1 : 0;
|
||||
$_data['sogo_profile_reset'] = (in_array('sogo_profile_reset', $_data['acl'])) ? 1 : 0;
|
||||
$_data['sogo_access'] = (in_array('sogo_access', $_data['acl'])) ? 1 : 0;
|
||||
$_data['pushover'] = (in_array('pushover', $_data['acl'])) ? 1 : 0;
|
||||
$_data['quarantine'] = (in_array('quarantine', $_data['acl'])) ? 1 : 0;
|
||||
$_data['quarantine_attachments'] = (in_array('quarantine_attachments', $_data['acl'])) ? 1 : 0;
|
||||
@@ -1331,7 +1330,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
|
||||
$_data['syncjobs'] = intval($MAILBOX_DEFAULT_ATTRIBUTES['acl_syncjobs']);
|
||||
$_data['eas_reset'] = intval($MAILBOX_DEFAULT_ATTRIBUTES['acl_eas_reset']);
|
||||
$_data['sogo_profile_reset'] = intval($MAILBOX_DEFAULT_ATTRIBUTES['acl_sogo_profile_reset']);
|
||||
$_data['sogo_access'] = intval($MAILBOX_DEFAULT_ATTRIBUTES['acl_sogo_access']);
|
||||
$_data['pushover'] = intval($MAILBOX_DEFAULT_ATTRIBUTES['acl_pushover']);
|
||||
$_data['quarantine'] = intval($MAILBOX_DEFAULT_ATTRIBUTES['acl_quarantine']);
|
||||
$_data['quarantine_attachments'] = intval($MAILBOX_DEFAULT_ATTRIBUTES['acl_quarantine_attachments']);
|
||||
@@ -1343,9 +1341,9 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
|
||||
|
||||
try {
|
||||
$stmt = $pdo->prepare("INSERT INTO `user_acl`
|
||||
(`username`, `spam_alias`, `tls_policy`, `spam_score`, `spam_policy`, `delimiter_action`, `syncjobs`, `eas_reset`, `sogo_profile_reset`, `sogo_access`,
|
||||
(`username`, `spam_alias`, `tls_policy`, `spam_score`, `spam_policy`, `delimiter_action`, `syncjobs`, `eas_reset`, `sogo_profile_reset`,
|
||||
`pushover`, `quarantine`, `quarantine_attachments`, `quarantine_notification`, `quarantine_category`, `app_passwds`, `pw_reset`)
|
||||
VALUES (:username, :spam_alias, :tls_policy, :spam_score, :spam_policy, :delimiter_action, :syncjobs, :eas_reset, :sogo_profile_reset, :sogo_access,
|
||||
VALUES (:username, :spam_alias, :tls_policy, :spam_score, :spam_policy, :delimiter_action, :syncjobs, :eas_reset, :sogo_profile_reset,
|
||||
:pushover, :quarantine, :quarantine_attachments, :quarantine_notification, :quarantine_category, :app_passwds, :pw_reset) ");
|
||||
$stmt->execute(array(
|
||||
':username' => $username,
|
||||
@@ -1357,7 +1355,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
|
||||
':syncjobs' => $_data['syncjobs'],
|
||||
':eas_reset' => $_data['eas_reset'],
|
||||
':sogo_profile_reset' => $_data['sogo_profile_reset'],
|
||||
':sogo_access' => $_data['sogo_access'],
|
||||
':pushover' => $_data['pushover'],
|
||||
':quarantine' => $_data['quarantine'],
|
||||
':quarantine_attachments' => $_data['quarantine_attachments'],
|
||||
@@ -1738,7 +1735,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
|
||||
$attr["rl_value"] = (!empty($_data['rl_value'])) ? $_data['rl_value'] : "";
|
||||
$attr["force_pw_update"] = isset($_data['force_pw_update']) ? intval($_data['force_pw_update']) : intval($MAILBOX_DEFAULT_ATTRIBUTES['force_pw_update']);
|
||||
$attr["force_tfa"] = isset($_data['force_tfa']) ? intval($_data['force_tfa']) : intval($MAILBOX_DEFAULT_ATTRIBUTES['force_tfa']);
|
||||
$attr["sogo_redirection"] = isset($_data['sogo_redirection']) ? intval($_data['sogo_redirection']) : intval($MAILBOX_DEFAULT_ATTRIBUTES['sogo_redirection']);
|
||||
$attr["sogo_access"] = isset($_data['sogo_access']) ? intval($_data['sogo_access']) : intval($MAILBOX_DEFAULT_ATTRIBUTES['sogo_access']);
|
||||
$attr["active"] = isset($_data['active']) ? intval($_data['active']) : 1;
|
||||
$attr["tls_enforce_in"] = isset($_data['tls_enforce_in']) ? intval($_data['tls_enforce_in']) : intval($MAILBOX_DEFAULT_ATTRIBUTES['tls_enforce_in']);
|
||||
$attr["tls_enforce_out"] = isset($_data['tls_enforce_out']) ? intval($_data['tls_enforce_out']) : intval($MAILBOX_DEFAULT_ATTRIBUTES['tls_enforce_out']);
|
||||
@@ -1769,7 +1766,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
|
||||
$attr['acl_syncjobs'] = (in_array('syncjobs', $_data['acl'])) ? 1 : 0;
|
||||
$attr['acl_eas_reset'] = (in_array('eas_reset', $_data['acl'])) ? 1 : 0;
|
||||
$attr['acl_sogo_profile_reset'] = (in_array('sogo_profile_reset', $_data['acl'])) ? 1 : 0;
|
||||
$attr['acl_sogo_access'] = (in_array('sogo_access', $_data['acl'])) ? 1 : 0;
|
||||
$attr['acl_pushover'] = (in_array('pushover', $_data['acl'])) ? 1 : 0;
|
||||
$attr['acl_quarantine'] = (in_array('quarantine', $_data['acl'])) ? 1 : 0;
|
||||
$attr['acl_quarantine_attachments'] = (in_array('quarantine_attachments', $_data['acl'])) ? 1 : 0;
|
||||
@@ -1787,7 +1783,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
|
||||
$attr['acl_syncjobs'] = 0;
|
||||
$attr['acl_eas_reset'] = 0;
|
||||
$attr['acl_sogo_profile_reset'] = 0;
|
||||
$attr['acl_sogo_access'] = 0;
|
||||
$attr['acl_pushover'] = 0;
|
||||
$attr['acl_quarantine'] = 0;
|
||||
$attr['acl_quarantine_attachments'] = 0;
|
||||
@@ -3108,7 +3103,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
|
||||
$active = (isset($_data['active'])) ? intval($_data['active']) : $is_now['active'];
|
||||
(int)$force_pw_update = (isset($_data['force_pw_update'])) ? intval($_data['force_pw_update']) : intval($is_now['attributes']['force_pw_update']);
|
||||
(int)$force_tfa = (isset($_data['force_tfa'])) ? intval($_data['force_tfa']) : intval($is_now['attributes']['force_tfa']);
|
||||
(int)$sogo_redirection = (isset($_data['sogo_redirection'])) ? intval($_data['sogo_redirection']) : intval($is_now['attributes']['sogo_redirection']);
|
||||
(int)$sogo_access = (isset($_data['sogo_access']) && hasACLAccess("sogo_access")) ? intval($_data['sogo_access']) : intval($is_now['attributes']['sogo_access']);
|
||||
(int)$imap_access = (isset($_data['imap_access']) && hasACLAccess("protocol_access")) ? intval($_data['imap_access']) : intval($is_now['attributes']['imap_access']);
|
||||
(int)$pop3_access = (isset($_data['pop3_access']) && hasACLAccess("protocol_access")) ? intval($_data['pop3_access']) : intval($is_now['attributes']['pop3_access']);
|
||||
(int)$smtp_access = (isset($_data['smtp_access']) && hasACLAccess("protocol_access")) ? intval($_data['smtp_access']) : intval($is_now['attributes']['smtp_access']);
|
||||
@@ -3404,7 +3399,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
|
||||
`authsource` = :authsource,
|
||||
`attributes` = JSON_SET(`attributes`, '$.force_pw_update', :force_pw_update),
|
||||
`attributes` = JSON_SET(`attributes`, '$.force_tfa', :force_tfa),
|
||||
`attributes` = JSON_SET(`attributes`, '$.sogo_redirection', :sogo_redirection),
|
||||
`attributes` = JSON_SET(`attributes`, '$.sogo_access', :sogo_access),
|
||||
`attributes` = JSON_SET(`attributes`, '$.imap_access', :imap_access),
|
||||
`attributes` = JSON_SET(`attributes`, '$.sieve_access', :sieve_access),
|
||||
`attributes` = JSON_SET(`attributes`, '$.pop3_access', :pop3_access),
|
||||
@@ -3422,7 +3417,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
|
||||
':attribute_hash' => $attribute_hash,
|
||||
':force_pw_update' => $force_pw_update,
|
||||
':force_tfa' => $force_tfa,
|
||||
':sogo_redirection' => $sogo_redirection,
|
||||
':sogo_access' => $sogo_access,
|
||||
':imap_access' => $imap_access,
|
||||
':pop3_access' => $pop3_access,
|
||||
':sieve_access' => $sieve_access,
|
||||
@@ -3794,7 +3789,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
|
||||
$attr["rl_frame"] = (!empty($_data['rl_frame'])) ? $_data['rl_frame'] : $is_now['rl_frame'];
|
||||
$attr["rl_value"] = (!empty($_data['rl_value'])) ? $_data['rl_value'] : $is_now['rl_value'];
|
||||
$attr["force_pw_update"] = isset($_data['force_pw_update']) ? intval($_data['force_pw_update']) : $is_now['force_pw_update'];
|
||||
$attr["sogo_redirection"] = isset($_data['sogo_redirection']) ? intval($_data['sogo_redirection']) : $is_now['sogo_redirection'];
|
||||
$attr["sogo_access"] = isset($_data['sogo_access']) ? intval($_data['sogo_access']) : $is_now['sogo_access'];
|
||||
$attr["active"] = isset($_data['active']) ? intval($_data['active']) : $is_now['active'];
|
||||
$attr["tls_enforce_in"] = isset($_data['tls_enforce_in']) ? intval($_data['tls_enforce_in']) : $is_now['tls_enforce_in'];
|
||||
$attr["tls_enforce_out"] = isset($_data['tls_enforce_out']) ? intval($_data['tls_enforce_out']) : $is_now['tls_enforce_out'];
|
||||
@@ -3822,7 +3817,6 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
|
||||
$attr['acl_syncjobs'] = (in_array('syncjobs', $_data['acl'])) ? 1 : 0;
|
||||
$attr['acl_eas_reset'] = (in_array('eas_reset', $_data['acl'])) ? 1 : 0;
|
||||
$attr['acl_sogo_profile_reset'] = (in_array('sogo_profile_reset', $_data['acl'])) ? 1 : 0;
|
||||
$attr['acl_sogo_access'] = (in_array('sogo_access', $_data['acl'])) ? 1 : 0;
|
||||
$attr['acl_pushover'] = (in_array('pushover', $_data['acl'])) ? 1 : 0;
|
||||
$attr['acl_quarantine'] = (in_array('quarantine', $_data['acl'])) ? 1 : 0;
|
||||
$attr['acl_quarantine_attachments'] = (in_array('quarantine_attachments', $_data['acl'])) ? 1 : 0;
|
||||
|
||||
@@ -4,7 +4,7 @@ function init_db_schema()
|
||||
try {
|
||||
global $pdo;
|
||||
|
||||
$db_version = "12032026_1300";
|
||||
$db_version = "19022026_1220";
|
||||
|
||||
$stmt = $pdo->query("SHOW TABLES LIKE 'versions'");
|
||||
$num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
|
||||
@@ -506,7 +506,6 @@ function init_db_schema()
|
||||
"syncjobs" => "TINYINT(1) NOT NULL DEFAULT '0'",
|
||||
"eas_reset" => "TINYINT(1) NOT NULL DEFAULT '1'",
|
||||
"sogo_profile_reset" => "TINYINT(1) NOT NULL DEFAULT '0'",
|
||||
"sogo_access" => "TINYINT(1) NOT NULL DEFAULT '1'",
|
||||
"pushover" => "TINYINT(1) NOT NULL DEFAULT '1'",
|
||||
// quarantine is for quarantine actions, todo: rename
|
||||
"quarantine" => "TINYINT(1) NOT NULL DEFAULT '1'",
|
||||
@@ -706,7 +705,7 @@ function init_db_schema()
|
||||
"syncjobs" => "TINYINT(1) NOT NULL DEFAULT '1'",
|
||||
"quarantine" => "TINYINT(1) NOT NULL DEFAULT '1'",
|
||||
"login_as" => "TINYINT(1) NOT NULL DEFAULT '1'",
|
||||
"sogo_redirection" => "TINYINT(1) NOT NULL DEFAULT '1'",
|
||||
"sogo_access" => "TINYINT(1) NOT NULL DEFAULT '1'",
|
||||
"app_passwds" => "TINYINT(1) NOT NULL DEFAULT '1'",
|
||||
"bcc_maps" => "TINYINT(1) NOT NULL DEFAULT '1'",
|
||||
"pushover" => "TINYINT(1) NOT NULL DEFAULT '0'",
|
||||
@@ -1398,10 +1397,7 @@ function init_db_schema()
|
||||
$pdo->query("UPDATE `admin` SET `attributes` = JSON_SET(`attributes`, '$.force_tfa', \"0\") WHERE JSON_VALUE(`attributes`, '$.force_tfa') IS NULL;");
|
||||
$pdo->query("UPDATE `admin` SET `attributes` = JSON_SET(`attributes`, '$.force_pw_update', \"0\") WHERE JSON_VALUE(`attributes`, '$.force_pw_update') IS NULL;");
|
||||
$pdo->query("UPDATE `mailbox` SET `attributes` = JSON_SET(`attributes`, '$.sieve_access', \"1\") WHERE JSON_VALUE(`attributes`, '$.sieve_access') IS NULL;");
|
||||
// Migrate sogo_access attribute to sogo_redirection
|
||||
$pdo->query("UPDATE `mailbox` SET `attributes` = JSON_SET(`attributes`, '$.sogo_redirection', JSON_VALUE(`attributes`, '$.sogo_access')) WHERE JSON_VALUE(`attributes`, '$.sogo_access') IS NOT NULL;");
|
||||
$pdo->query("UPDATE `mailbox` SET `attributes` = JSON_REMOVE(`attributes`, '$.sogo_access') WHERE JSON_VALUE(`attributes`, '$.sogo_access') IS NOT NULL;");
|
||||
$pdo->query("UPDATE `mailbox` SET `attributes` = JSON_SET(`attributes`, '$.sogo_redirection', \"1\") WHERE JSON_VALUE(`attributes`, '$.sogo_redirection') IS NULL;");
|
||||
$pdo->query("UPDATE `mailbox` SET `attributes` = JSON_SET(`attributes`, '$.sogo_access', \"1\") WHERE JSON_VALUE(`attributes`, '$.sogo_access') IS NULL;");
|
||||
$pdo->query("UPDATE `mailbox` SET `attributes` = JSON_SET(`attributes`, '$.imap_access', \"1\") WHERE JSON_VALUE(`attributes`, '$.imap_access') IS NULL;");
|
||||
$pdo->query("UPDATE `mailbox` SET `attributes` = JSON_SET(`attributes`, '$.pop3_access', \"1\") WHERE JSON_VALUE(`attributes`, '$.pop3_access') IS NULL;");
|
||||
$pdo->query("UPDATE `mailbox` SET `attributes` = JSON_SET(`attributes`, '$.smtp_access', \"1\") WHERE JSON_VALUE(`attributes`, '$.smtp_access') IS NULL;");
|
||||
@@ -1425,10 +1421,6 @@ function init_db_schema()
|
||||
// Fix domain_admins
|
||||
$pdo->query("DELETE FROM `domain_admins` WHERE `domain` = 'ALL';");
|
||||
|
||||
// Migrate template sogo_access to sogo_redirection
|
||||
$pdo->query("UPDATE `templates` SET `attributes` = JSON_SET(`attributes`, '$.sogo_redirection', JSON_VALUE(`attributes`, '$.sogo_access')) WHERE `type` = 'mailbox' AND JSON_VALUE(`attributes`, '$.sogo_access') IS NOT NULL;");
|
||||
$pdo->query("UPDATE `templates` SET `attributes` = JSON_REMOVE(`attributes`, '$.sogo_access') WHERE `type` = 'mailbox' AND JSON_VALUE(`attributes`, '$.sogo_access') IS NOT NULL;");
|
||||
|
||||
// add default templates
|
||||
$default_domain_template = array(
|
||||
"template" => "Default",
|
||||
@@ -1464,7 +1456,7 @@ function init_db_schema()
|
||||
"rl_value" => "",
|
||||
"force_pw_update" => intval($GLOBALS['MAILBOX_DEFAULT_ATTRIBUTES']['force_pw_update']),
|
||||
"force_tfa" => intval($GLOBALS['MAILBOX_DEFAULT_ATTRIBUTES']['force_tfa']),
|
||||
"sogo_redirection" => intval($GLOBALS['MAILBOX_DEFAULT_ATTRIBUTES']['sogo_redirection']),
|
||||
"sogo_access" => intval($GLOBALS['MAILBOX_DEFAULT_ATTRIBUTES']['sogo_access']),
|
||||
"active" => 1,
|
||||
"tls_enforce_in" => intval($GLOBALS['MAILBOX_DEFAULT_ATTRIBUTES']['tls_enforce_in']),
|
||||
"tls_enforce_out" => intval($GLOBALS['MAILBOX_DEFAULT_ATTRIBUTES']['tls_enforce_out']),
|
||||
@@ -1480,7 +1472,6 @@ function init_db_schema()
|
||||
"acl_syncjobs" => 0,
|
||||
"acl_eas_reset" => 1,
|
||||
"acl_sogo_profile_reset" => 0,
|
||||
"acl_sogo_access" => 1,
|
||||
"acl_pushover" => 1,
|
||||
"acl_quarantine" => 1,
|
||||
"acl_quarantine_attachments" => 1,
|
||||
|
||||
@@ -81,9 +81,8 @@ if (isset($_POST["verify_tfa_login"])) {
|
||||
header("Location: /");
|
||||
die();
|
||||
}
|
||||
if (intval($user_details['attributes']['sogo_redirection']) == 1 &&
|
||||
if (intval($user_details['attributes']['sogo_access']) == 1 &&
|
||||
intval($user_details['attributes']['force_pw_update']) != 1 &&
|
||||
hasACLAccess('sogo_access') &&
|
||||
getenv('SKIP_SOGO') != "y" &&
|
||||
!$is_dual) {
|
||||
header("Location: /SOGo/so/");
|
||||
@@ -162,9 +161,8 @@ if (isset($_POST["login_user"]) && isset($_POST["pass_user"])) {
|
||||
header("Location: /");
|
||||
die();
|
||||
}
|
||||
if (intval($user_details['attributes']['sogo_redirection']) == 1 &&
|
||||
if (intval($user_details['attributes']['sogo_access']) == 1 &&
|
||||
intval($user_details['attributes']['force_pw_update']) != 1 &&
|
||||
hasACLAccess('sogo_access') &&
|
||||
getenv('SKIP_SOGO') != "y" &&
|
||||
!$is_dual) {
|
||||
header("Location: /SOGo/so/");
|
||||
|
||||
@@ -196,8 +196,8 @@ $MAILBOX_DEFAULT_ATTRIBUTES['force_pw_update'] = false;
|
||||
// Force 2FA enrollment at next login
|
||||
$MAILBOX_DEFAULT_ATTRIBUTES['force_tfa'] = false;
|
||||
|
||||
// Enable SOGo redirection - Users will be redirected to SOGo after login (set to false to disable redirect by default)
|
||||
$MAILBOX_DEFAULT_ATTRIBUTES['sogo_redirection'] = true;
|
||||
// Enable SOGo access - Users will be redirected to SOGo after login (set to false to disable redirect by default)
|
||||
$MAILBOX_DEFAULT_ATTRIBUTES['sogo_access'] = true;
|
||||
|
||||
// How to handle tagged emails
|
||||
// none - No special handling
|
||||
|
||||
@@ -12,9 +12,7 @@ elseif (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == '
|
||||
if (empty($_SESSION['pending_tfa_setup']) && empty($_SESSION['pending_pw_update'])) {
|
||||
$user_details = mailbox("get", "mailbox_details", $_SESSION['mailcow_cc_username']);
|
||||
$is_dual = (!empty($_SESSION["dual-login"]["username"])) ? true : false;
|
||||
if (intval($user_details['attributes']['sogo_redirection']) == 1 &&
|
||||
hasACLAccess('sogo_access') &&
|
||||
!$is_dual && getenv('SKIP_SOGO') != "y") {
|
||||
if (intval($user_details['attributes']['sogo_access']) == 1 && !$is_dual && getenv('SKIP_SOGO') != "y") {
|
||||
header("Location: /SOGo/so/");
|
||||
} else {
|
||||
header("Location: /user");
|
||||
|
||||
@@ -385,9 +385,6 @@ $(document).ready(function() {
|
||||
if (template.acl_sogo_profile_reset == 1){
|
||||
acl.push("sogo_profile_reset");
|
||||
}
|
||||
if (template.acl_sogo_access == 1){
|
||||
acl.push("sogo_access");
|
||||
}
|
||||
if (template.acl_pushover == 1){
|
||||
acl.push("pushover");
|
||||
}
|
||||
@@ -427,10 +424,10 @@ $(document).ready(function() {
|
||||
} else {
|
||||
$('#force_pw_update').prop('checked', false);
|
||||
}
|
||||
if (template.sogo_redirection == 1){
|
||||
$('#sogo_redirection').prop('checked', true);
|
||||
if (template.sogo_access == 1){
|
||||
$('#sogo_access').prop('checked', true);
|
||||
} else {
|
||||
$('#sogo_redirection').prop('checked', false);
|
||||
$('#sogo_access').prop('checked', false);
|
||||
}
|
||||
|
||||
// load tags
|
||||
@@ -1244,7 +1241,7 @@ jQuery(function($){
|
||||
item.attributes.sieve_access = '<i class="text-' + (item.attributes.sieve_access == 1 ? 'success' : 'danger') + ' bi bi-' + (item.attributes.sieve_access == 1 ? 'check-lg' : 'x-lg') + '"><span class="sorting-value">' + (item.attributes.sieve_access == 1 ? '1' : '0') + '</span></i>';
|
||||
item.attributes.eas_access = '<i class="text-' + (item.attributes.eas_access == 1 ? 'success' : 'danger') + ' bi bi-' + (item.attributes.eas_access == 1 ? 'check-lg' : 'x-lg') + '"><span class="sorting-value">' + (item.attributes.eas_access == 1 ? '1' : '0') + '</span></i>';
|
||||
item.attributes.dav_access = '<i class="text-' + (item.attributes.dav_access == 1 ? 'success' : 'danger') + ' bi bi-' + (item.attributes.dav_access == 1 ? 'check-lg' : 'x-lg') + '"><span class="sorting-value">' + (item.attributes.dav_access == 1 ? '1' : '0') + '</span></i>';
|
||||
item.attributes.sogo_redirection = '<i class="text-' + (item.attributes.sogo_redirection == 1 ? 'success' : 'danger') + ' bi bi-' + (item.attributes.sogo_redirection == 1 ? 'check-lg' : 'x-lg') + '"><span class="sorting-value">' + (item.attributes.sogo_redirection == 1 ? '1' : '0') + '</span></i>';
|
||||
item.attributes.sogo_access = '<i class="text-' + (item.attributes.sogo_access == 1 ? 'success' : 'danger') + ' bi bi-' + (item.attributes.sogo_access == 1 ? 'check-lg' : 'x-lg') + '"><span class="sorting-value">' + (item.attributes.sogo_access == 1 ? '1' : '0') + '</span></i>';
|
||||
if (item.attributes.quarantine_notification === 'never') {
|
||||
item.attributes.quarantine_notification = lang.never;
|
||||
} else if (item.attributes.quarantine_notification === 'hourly') {
|
||||
@@ -1363,8 +1360,8 @@ jQuery(function($){
|
||||
defaultContent: '',
|
||||
},
|
||||
{
|
||||
title: 'SOGO redirection',
|
||||
data: 'attributes.sogo_redirection',
|
||||
title: 'SOGO',
|
||||
data: 'attributes.sogo_access',
|
||||
defaultContent: '',
|
||||
},
|
||||
{
|
||||
|
||||
@@ -22,15 +22,14 @@
|
||||
"ratelimit": "Rate limit",
|
||||
"recipient_maps": "Empfängerumschreibungen",
|
||||
"smtp_ip_access": "Verwalten der erlaubten Hosts für SMTP",
|
||||
"sogo_access": "SOGo-Nutzung erlauben",
|
||||
"sogo_access": "Verwalten des SOGo-Zugriffsrechts erlauben",
|
||||
"sogo_profile_reset": "SOGo-Profil zurücksetzen",
|
||||
"spam_alias": "Temporäre E-Mail-Aliasse",
|
||||
"spam_policy": "Deny/Allowlist",
|
||||
"spam_score": "Spam-Bewertung",
|
||||
"syncjobs": "Sync Jobs",
|
||||
"tls_policy": "Verschlüsselungsrichtlinie",
|
||||
"unlimited_quota": "Unendliche Quota für Mailboxen",
|
||||
"sogo_redirection": "Verwalten der SOGo-Weiterleitung erlauben"
|
||||
"unlimited_quota": "Unendliche Quota für Mailboxen"
|
||||
},
|
||||
"add": {
|
||||
"activate_filter_warn": "Alle anderen Filter dieses Typs werden deaktiviert, falls dieses Script aktiviert wird.",
|
||||
@@ -768,6 +767,8 @@
|
||||
"sieve_desc": "Kurze Beschreibung",
|
||||
"sieve_type": "Filtertyp",
|
||||
"skipcrossduplicates": "Duplikate auch über Ordner hinweg überspringen (\"first come, first serve\")",
|
||||
"sogo_access": "Direktes weiterleiten an SOGo",
|
||||
"sogo_access_info": "Nach dem Einloggen wird der Benutzer automatisch an SOGo weitergeleitet.",
|
||||
"sogo_visible": "Alias in SOGo sichtbar",
|
||||
"sogo_visible_info": "Diese Option hat lediglich Einfluss auf Objekte, die in SOGo darstellbar sind (geteilte oder nicht-geteilte Alias-Adressen mit dem Ziel mindestens einer lokalen Mailbox).",
|
||||
"spam_alias": "Anpassen temporärer Alias-Adressen",
|
||||
@@ -784,9 +785,7 @@
|
||||
"unchanged_if_empty": "Unverändert, wenn leer",
|
||||
"username": "Benutzername",
|
||||
"validate_save": "Validieren und speichern",
|
||||
"pushover_sound": "Ton",
|
||||
"sogo_redirection": "Direktes weiterleiten an SOGo",
|
||||
"sogo_redirection_info": "Nach dem Einloggen wird der Benutzer automatisch an SOGo weitergeleitet."
|
||||
"pushover_sound": "Ton"
|
||||
},
|
||||
"fido2": {
|
||||
"confirm": "Bestätigen",
|
||||
|
||||
@@ -22,15 +22,14 @@
|
||||
"ratelimit": "Rate limit",
|
||||
"recipient_maps": "Recipient maps",
|
||||
"smtp_ip_access": "Change allowed hosts for SMTP",
|
||||
"sogo_access": "Allow SOGo usage",
|
||||
"sogo_access": "Allow management of SOGo access",
|
||||
"sogo_profile_reset": "Reset SOGo profile",
|
||||
"spam_alias": "Temporary aliases",
|
||||
"spam_policy": "Denylist/Allowlist",
|
||||
"spam_score": "Spam score",
|
||||
"syncjobs": "Sync jobs",
|
||||
"tls_policy": "TLS policy",
|
||||
"unlimited_quota": "Unlimited quota for mailboxes",
|
||||
"sogo_redirection": "Allow management of SOGo forwarding"
|
||||
"unlimited_quota": "Unlimited quota for mailboxes"
|
||||
},
|
||||
"add": {
|
||||
"activate_filter_warn": "All other filters will be deactivated, when active is checked.",
|
||||
@@ -769,6 +768,8 @@
|
||||
"sieve_desc": "Short description",
|
||||
"sieve_type": "Filter type",
|
||||
"skipcrossduplicates": "Skip duplicate messages across folders (first come, first serve)",
|
||||
"sogo_access": "Direct forwarding to SOGo",
|
||||
"sogo_access_info": "After logging in, the user is automatically redirected to SOGo.",
|
||||
"sogo_visible": "Alias is visible in SOGo",
|
||||
"sogo_visible_info": "This option only affects objects, that can be displayed in SOGo (shared or non-shared alias addresses pointing to at least one local mailbox). If hidden, an alias will not appear as selectable sender in SOGo.",
|
||||
"spam_alias": "Create or change time limited alias addresses",
|
||||
@@ -784,9 +785,7 @@
|
||||
"title": "Edit object",
|
||||
"unchanged_if_empty": "If unchanged leave blank",
|
||||
"username": "Username",
|
||||
"validate_save": "Validate and save",
|
||||
"sogo_redirection": "Direct forwarding to SOGo",
|
||||
"sogo_redirection_info": "After logging in, the user is automatically redirected to SOGo."
|
||||
"validate_save": "Validate and save"
|
||||
},
|
||||
"fido2": {
|
||||
"confirm": "Confirm",
|
||||
|
||||
@@ -27,7 +27,7 @@ if (isset($_SERVER['PHP_AUTH_USER'])) {
|
||||
}
|
||||
|
||||
$login_check = check_login($username, $password, array('service' => $service));
|
||||
if ($login_check === 'user' && hasACLAccess('sogo_access')) {
|
||||
if ($login_check === 'user') {
|
||||
header("X-User: $username");
|
||||
header("X-Auth: Basic ".base64_encode("$username:$password"));
|
||||
header("X-Auth-Type: Basic");
|
||||
@@ -47,7 +47,6 @@ elseif (isset($_GET['login'])) {
|
||||
// check permissions (if dual_login is active, deny sso when acl is not given)
|
||||
$login = html_entity_decode(rawurldecode($_GET["login"]));
|
||||
if (isset($_SESSION['mailcow_cc_role']) &&
|
||||
hasACLAccess('sogo_access') &&
|
||||
(($_SESSION['acl']['login_as'] == "1" && $ALLOW_ADMIN_EMAIL_LOGIN !== 0) || ($is_dual === false && $login == $_SESSION['mailcow_cc_username']))) {
|
||||
if (filter_var($login, FILTER_VALIDATE_EMAIL)) {
|
||||
if (user_get_alias_details($login) !== false) {
|
||||
|
||||
@@ -8,7 +8,7 @@
|
||||
|
||||
<input type="hidden" value="default" name="sender_acl">
|
||||
<input type="hidden" value="0" name="force_pw_update">
|
||||
<input type="hidden" value="0" name="sogo_redirection">
|
||||
<input type="hidden" value="0" name="sogo_access">
|
||||
<input type="hidden" value="0" name="protocol_access">
|
||||
|
||||
<div class="row mb-4">
|
||||
@@ -125,7 +125,6 @@
|
||||
<option value="syncjobs" {% if template.attributes.acl_syncjobs == '1' %} selected{% endif %}>{{ lang.acl["syncjobs"] }}</option>
|
||||
<option value="eas_reset" {% if template.attributes.acl_eas_reset == '1' %} selected{% endif %}>{{ lang.acl["eas_reset"] }}</option>
|
||||
<option value="sogo_profile_reset" {% if template.attributes.acl_sogo_profile_reset == '1' %} selected{% endif %}>{{ lang.acl["sogo_profile_reset"] }}</option>
|
||||
<option value="sogo_access" {% if template.attributes.acl_sogo_access == '1' %} selected{% endif %}>{{ lang.acl["sogo_access"] }}</option>
|
||||
<option value="pushover" {% if template.attributes.acl_pushover == '1' %} selected{% endif %}>{{ lang.acl["pushover"] }}</option>
|
||||
<option value="quarantine" {% if template.attributes.acl_quarantine == '1' %} selected{% endif %}>{{ lang.acl["quarantine"] }}</option>
|
||||
<option value="quarantine_attachments" {% if template.attributes.acl_quarantine_attachments == '1' %} selected{% endif %}>{{ lang.acl["quarantine_attachments"] }}</option>
|
||||
@@ -170,8 +169,8 @@
|
||||
<div class="row">
|
||||
<div class="offset-sm-2 col-sm-10">
|
||||
<div class="form-check">
|
||||
<label><input type="checkbox" class="form-check-input" value="1" name="sogo_redirection"{% if template.attributes.sogo_redirection == '1' %} checked{% endif %}> {{ lang.edit.sogo_redirection }}</label>
|
||||
<small class="text-muted">{{ lang.edit.sogo_redirection_info }}</small>
|
||||
<label><input type="checkbox" class="form-check-input" value="1" name="sogo_access"{% if template.attributes.sogo_access == '1' %} checked{% endif %}> {{ lang.edit.sogo_access }}</label>
|
||||
<small class="text-muted">{{ lang.edit.sogo_access_info }}</small>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
@@ -25,7 +25,7 @@
|
||||
<input type="hidden" value="default" name="sender_acl">
|
||||
<input type="hidden" value="0" name="force_pw_update">
|
||||
<input type="hidden" value="0" name="force_tfa">
|
||||
<input type="hidden" value="0" name="sogo_redirection">
|
||||
<input type="hidden" value="0" name="sogo_access">
|
||||
<input type="hidden" value="0" name="protocol_access">
|
||||
<div class="row mb-2">
|
||||
<label class="control-label col-sm-2">{{ lang.admin.iam }}</label>
|
||||
@@ -327,11 +327,11 @@
|
||||
</div>
|
||||
</div>
|
||||
{% if not skip_sogo %}
|
||||
<div data-acl="{{ acl.sogo_redirection }}" class="row">
|
||||
<div data-acl="{{ acl.sogo_access }}" class="row">
|
||||
<div class="offset-sm-2 col-sm-10">
|
||||
<div class="form-check">
|
||||
<label><input type="checkbox" class="form-check-input" value="1" name="sogo_redirection"{% if result.attributes.sogo_redirection == '1' %} checked{% endif %}> {{ lang.edit.sogo_redirection }}</label>
|
||||
<small class="text-muted">{{ lang.edit.sogo_redirection_info }}</small>
|
||||
<label><input type="checkbox" class="form-check-input" value="1" name="sogo_access"{% if result.attributes.sogo_access == '1' %} checked{% endif %}> {{ lang.edit.sogo_access }}</label>
|
||||
<small class="text-muted">{{ lang.edit.sogo_access_info }}</small>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
@@ -10,7 +10,7 @@
|
||||
<form class="form-horizontal" data-cached-form="true" data-id="add_mailbox" role="form" autocomplete="off">
|
||||
<input type="hidden" value="0" name="force_pw_update">
|
||||
<input type="hidden" value="0" name="force_tfa">
|
||||
<input type="hidden" value="0" name="sogo_redirection">
|
||||
<input type="hidden" value="0" name="sogo_access">
|
||||
<input type="hidden" value="0" name="protocol_access">
|
||||
<input type="hidden" value="mailcow" name="authsource">
|
||||
|
||||
@@ -166,7 +166,6 @@
|
||||
<option value="syncjobs">{{ lang.acl["syncjobs"] }}</option>
|
||||
<option value="eas_reset" selected>{{ lang.acl["eas_reset"] }}</option>
|
||||
<option value="sogo_profile_reset">{{ lang.acl["sogo_profile_reset"] }}</option>
|
||||
<option value="sogo_access" selected>{{ lang.acl["sogo_access"] }}</option>
|
||||
<option value="pushover" selected>{{ lang.acl["pushover"] }}</option>
|
||||
<option value="quarantine" selected>{{ lang.acl["quarantine"] }}</option>
|
||||
<option value="quarantine_attachments" selected>{{ lang.acl["quarantine_attachments"] }}</option>
|
||||
@@ -218,8 +217,8 @@
|
||||
<div class="row">
|
||||
<div class="offset-sm-2 col-sm-10">
|
||||
<div class="form-check">
|
||||
<label><input type="checkbox" class="form-check-input" value="1" name="sogo_redirection" id="sogo_access"> {{ lang.edit.sogo_redirection }}</label>
|
||||
<small class="text-muted">{{ lang.edit.sogo_redirection_info }}</small>
|
||||
<label><input type="checkbox" class="form-check-input" value="1" name="sogo_access" id="sogo_access"> {{ lang.edit.sogo_access }}</label>
|
||||
<small class="text-muted">{{ lang.edit.sogo_access_info }}</small>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
@@ -248,7 +247,7 @@
|
||||
<input type="hidden" value="default" name="sender_acl">
|
||||
<input type="hidden" value="0" name="force_pw_update">
|
||||
<input type="hidden" value="0" name="force_tfa">
|
||||
<input type="hidden" value="0" name="sogo_redirection">
|
||||
<input type="hidden" value="0" name="sogo_access">
|
||||
<input type="hidden" value="0" name="protocol_access">
|
||||
|
||||
<div class="row mb-4">
|
||||
@@ -417,8 +416,8 @@
|
||||
<div class="row">
|
||||
<div class="offset-sm-2 col-sm-10">
|
||||
<div class="form-check">
|
||||
<label><input type="checkbox" class="form-check-input" value="1" name="sogo_redirection"> {{ lang.edit.sogo_redirection }}</label>
|
||||
<small class="text-muted">{{ lang.edit.sogo_redirection_info }}</small>
|
||||
<label><input type="checkbox" class="form-check-input" value="1" name="sogo_access"> {{ lang.edit.sogo_access }}</label>
|
||||
<small class="text-muted">{{ lang.edit.sogo_access_info }}</small>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
@@ -23,14 +23,10 @@
|
||||
<a href="/sogo-auth.php?login={{ mailcow_cc_username }}" role="button" class="btn btn-primary btn-lg btn-block btn-xs-lg w-100">
|
||||
{{ lang.user.open_webmail_sso }} <i class="bi bi-arrow-right"></i>
|
||||
</a>
|
||||
{% elseif acl.sogo_access == 1 %}
|
||||
{% else %}
|
||||
<a href="/SOGo/so" role="button" class="btn btn-primary btn-lg btn-block btn-xs-lg w-100">
|
||||
{{ lang.user.open_webmail_sso }} <i class="bi bi-arrow-right"></i>
|
||||
</a>
|
||||
{% else %}
|
||||
<button disabled class="btn btn-secondary btn-block btn-xs-lg w-100">
|
||||
{{ lang.user.open_webmail_sso }} <i class="bi bi-arrow-right"></i>
|
||||
</button>
|
||||
{% endif %}
|
||||
</div>
|
||||
</div>
|
||||
|
||||
@@ -200,7 +200,7 @@ services:
|
||||
- phpfpm
|
||||
|
||||
sogo-mailcow:
|
||||
image: ghcr.io/mailcow/sogo:5.12.5-3
|
||||
image: ghcr.io/mailcow/sogo:5.12.5-1
|
||||
environment:
|
||||
- DBNAME=${DBNAME}
|
||||
- DBUSER=${DBUSER}
|
||||
@@ -526,7 +526,7 @@ services:
|
||||
- /lib/modules:/lib/modules:ro
|
||||
|
||||
watchdog-mailcow:
|
||||
image: ghcr.io/mailcow/watchdog:2.11
|
||||
image: ghcr.io/mailcow/watchdog:2.10
|
||||
dns:
|
||||
- ${IPV4_NETWORK:-172.22.1}.254
|
||||
tmpfs:
|
||||
|
||||
Reference in New Issue
Block a user