From 26767a16698b459590283325c38b5feedbe4c9ca Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <machniak@kolabsys.com>
Date: Mon, 2 Jun 2014 14:02:31 +0200
Subject: [PATCH] Enable audit debugging only when logged as another user (Bug
 #3109), fix default of kolab_auth_auditlog in sample config file

---
 plugins/kolab_auth/config.inc.php.dist | 2 +-
 plugins/kolab_auth/kolab_auth.php      | 5 ++---
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/plugins/kolab_auth/config.inc.php.dist b/plugins/kolab_auth/config.inc.php.dist
index e7b9d159..7a23301f 100644
--- a/plugins/kolab_auth/config.inc.php.dist
+++ b/plugins/kolab_auth/config.inc.php.dist
@@ -34,7 +34,7 @@ $rcmail_config['kolab_auth_admin_login']    = '';
 $rcmail_config['kolab_auth_admin_password'] = '';
 
 // Enable audit logging for abuse of administrative privileges.
-$rcmail_config['kolab_auth_auditlog'] = true;
+$rcmail_config['kolab_auth_auditlog'] = false;
 
 // Role field (from fieldmap configuration)
 $rcmail_config['kolab_auth_role'] = 'role';
diff --git a/plugins/kolab_auth/kolab_auth.php b/plugins/kolab_auth/kolab_auth.php
index c325e617..d9222ac1 100644
--- a/plugins/kolab_auth/kolab_auth.php
+++ b/plugins/kolab_auth/kolab_auth.php
@@ -61,9 +61,8 @@ class kolab_auth extends rcube_plugin
         $this->add_hook('write_log', array($this, 'write_log'));
         $this->username = $_SESSION['username'];
 
-        // Enable debug logs per-user, this enables logging only after
-        // user has logged in
-        if (!empty($_SESSION['username']) && $rcmail->config->get('kolab_auth_auditlog')) {
+        // Enable debug logs (per-user), when logged as another user
+        if (!empty($_SESSION['kolab_auth_admin']) && $rcmail->config->get('kolab_auth_auditlog')) {
             $rcmail->config->set('debug_level', 1);
             $rcmail->config->set('devel_mode', true);
             $rcmail->config->set('smtp_log', true);