amorfo77/sogo
1
0
Fork 0
mirror of https://github.com/inverse-inc/sogo.git synced 2026-02-17 07:33:57 +00:00
Code Issues Projects Releases Wiki Activity

feat(core): Add URL encryption for GDPR compliancy. Disable url encryption for caldav.

Browse Source
This commit is contained in:
smizrahi
2024-02-12 14:52:01 +01:00
parent 42511d666f
commit fc778295ff
6 changed files with 17 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
Main/SOGo.m
View File

@@ -370,9 +370,11 @@ static BOOL debugLeaks;
id userFolder;
NSData *decodedLogin;
NSString *login;
login = [SOGoUser getDecryptedUsernameIfNeeded: _key];
WORequest *request;
request = [_ctx request];
login = [SOGoUser getDecryptedUsernameIfNeeded: _key request: request];
user = [SOGoUser userWithLogin: login roles: nil];
if (user)
userFolder = [$(@"SOGoUserFolder") objectWithName: login

2
SoObjects/SOGo/SOGoObject.m
View File

@@ -980,7 +980,7 @@
if ([[[path objectAtIndex: i] lowercaseString] isEqualToString:@"dav"]) {
if ([path count] > (i + 1)) {
[path replaceObjectAtIndex: (i +1)
withObject: [SOGoUser getDecryptedUsernameIfNeeded: [path objectAtIndex: (i + 1)]]];
withObject: [SOGoUser getDecryptedUsernameIfNeeded: [path objectAtIndex: (i + 1)] request: [context request]]];
}
}
}

5
SoObjects/SOGo/SOGoUser.h
View File

@@ -41,6 +41,7 @@
@class NSString;
@class WOContext;
@class WORequest;
@class SOGoAppointmentFolder;
@class SOGoAppointmentFolders;
@@ -136,8 +137,8 @@
- (SOGoContactFolder *) personalContactsFolderInContext: (WOContext *) context;
/* Encryption */
+ (NSString *)getEncryptedUsernameIfNeeded:(NSString *)username;
+ (NSString *)getDecryptedUsernameIfNeeded:(NSString *)username;
+ (NSString *)getEncryptedUsernameIfNeeded:(NSString *)username request:(WORequest *)request;
+ (NSString *)getDecryptedUsernameIfNeeded:(NSString *)username request:(WORequest *)request;
@end

8
SoObjects/SOGo/SOGoUser.m
View File

@@ -1296,13 +1296,13 @@ static const NSString *kEncryptedUserNamePrefix = @"uenc";
}
/* Encryption */
+ (NSString *) getEncryptedUsernameIfNeeded:(NSString *)username
+ (NSString *) getEncryptedUsernameIfNeeded:(NSString *)username request: (WORequest *)request
{
NSException *exception;
NSString *tmp, *cacheKey;
SOGoCache *cache;
if (![[SOGoSystemDefaults sharedSystemDefaults] isURLEncryptionEnabled] || [username isEqualToString: @"anonymous"])
if (![[SOGoSystemDefaults sharedSystemDefaults] isURLEncryptionEnabled] || [username isEqualToString: @"anonymous"] || [[request requestHandlerKey] isEqualToString:@"dav"])
return username;
cache = [SOGoCache sharedCache];
@@ -1331,13 +1331,13 @@ static const NSString *kEncryptedUserNamePrefix = @"uenc";
}
}
+ (NSString *) getDecryptedUsernameIfNeeded:(NSString *)username
+ (NSString *) getDecryptedUsernameIfNeeded:(NSString *)username request: (WORequest *)request
{
NSException *exception;
NSString *tmp, *cacheKey;
SOGoCache *cache;
if (![[SOGoSystemDefaults sharedSystemDefaults] isURLEncryptionEnabled] || [username isEqualToString: @"anonymous"])
if (![[SOGoSystemDefaults sharedSystemDefaults] isURLEncryptionEnabled] || [username isEqualToString: @"anonymous"] || [[request requestHandlerKey] isEqualToString:@"dav"])
return username;
cache = [SOGoCache sharedCache];

2
SoObjects/SOGo/SOGoUserFolder.m
View File

@@ -87,7 +87,7 @@
}
- (NSString *) nameInContainer {
return [SOGoUser getEncryptedUsernameIfNeeded: [super nameInContainer]];
return [SOGoUser getEncryptedUsernameIfNeeded: [super nameInContainer] request: [context request]];
}
/* ownership */

6
UI/MainUI/SOGoRootPage.m
View File

@@ -344,7 +344,7 @@ static const NSString *kJwtKey = @"jwt";
forKey: @"expire"];
[json setObject: [NSNumber numberWithInt: grace]
forKey: @"grace"];
[json setObject: [SOGoUser getEncryptedUsernameIfNeeded: username]
[json setObject: [SOGoUser getEncryptedUsernameIfNeeded: username request: request]
forKey: @"username"];
response = [self responseWithStatus: 200
@@ -575,7 +575,7 @@ static const NSString *kJwtKey = @"jwt";
response
= [self redirectToLocation: [NSString stringWithFormat: @"%@%@",
oldLocation,
[[SOGoUser getEncryptedUsernameIfNeeded:login] stringByEscapingURL]]];
[[SOGoUser getEncryptedUsernameIfNeeded:login request: [context request]] stringByEscapingURL]]];
}
else
{
@@ -791,7 +791,7 @@ static const NSString *kJwtKey = @"jwt";
}
response = [self responseWithStatus: 200 andJSONRepresentation:
[NSDictionary dictionaryWithObjectsAndKeys: [SOGoUser getEncryptedUsernameIfNeeded:username], @"username", nil]];
[NSDictionary dictionaryWithObjectsAndKeys: [SOGoUser getEncryptedUsernameIfNeeded:username request: request], @"username", nil]];
if (!passwordRecovery) {
authCookie = [auth cookieWithUsername: username