Micke/roundcubemail-plugins-kolab
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
3507 commits 23 branches 84 tags 13 MiB
Commit graph

73 commits

Author SHA1 Message Date
Aleksander Machniak
5cca91ab6c CS improvements 2023-01-25 15:13:27 +01:00
Christian Mollekopf
bac56c4cd1 PHP 8 fixes 
Reviewers: #hkccp_developers

Differential Revision: https://git.kolab.org/D4016
 2023-01-25 14:58:01 +01:00
Christian Mollekopf
d988dac141 PHP 8 fixes 
Differential Revision: https://git.kolab.org/D3995
 2023-01-18 14:50:31 +01:00
Aleksander Machniak
945ac3605d Fix 2FA logon with kolab_auth's "login as" feature 2021-07-02 13:55:17 +02:00
Aleksander Machniak
83d7667aca Add missing icon for "Login As" input in Elastic skin(s) 2021-06-30 13:54:12 +02:00
Jeroen van Meeuwen (Kolab Systems)
1f836679c4 Ensure we use existing attribute and entry level rights as returned from Net_LDAP3 2019-10-29 13:13:55 +01:00
Aleksander Machniak
80a5241a9d Support user_specific source in kolab_users_directory (Bifrost#T236416) 
Move kolab_auth/kolab_auth_ldap to libkolab/lib/kolab_ldap.
It ends up much simpler to add user_specific support and unify some
code than replace use of kolab_auth_ldap with rcube_ldap.

This means that libkolab plugin does not depend on kolab_auth plugin
anymore, but kolab_auth depends on libkolab, which is better situation.
 2019-08-19 14:06:11 +00:00
Aleksander Machniak
3db1e4212c Don't log full session identifiers 2019-04-19 11:46:39 +02:00
Aleksander Machniak
87abd0d2d4 Fix per_user_logging with syncroton 
In syncroton the log_dir is already set and verified by syncroton
itself, so kolab_auth would skip some log entries thinking user-dir
does not exist.
 2018-08-03 09:29:50 +00:00
Aleksander Machniak
7422273f89 Fix PHP Warning: Missing argument 2 for kolab_auth_ldap::get_user_record() (Bifrost#T44190) 2017-10-09 08:26:18 +02:00
Aleksander Machniak
1abc73cf34 Fix regression when startup() method of some "by role plugins" could be called when not expected, causing PHP errors 2017-10-03 10:13:10 +02:00
Aleksander Machniak
68477e014d Fix enabling kolab_2fa plugin via kolab_auth_role_plugins 2017-09-27 13:02:18 +02:00
Aleksander Machniak
bd7fe38996 Safe Unauthenticated Free/Busy for Roaming Users (Bifrost#T36327) 2017-08-01 12:48:50 +02:00
Aleksander Machniak
38e6afc903 Don't ignore (global) userlogins/sendmail logging in per_user_logging mode 2017-07-10 16:35:42 +02:00
Aleksander Machniak
a7d37da5e1 Improvements in kolab_auth::log_login_error() 
- Use "no-session" identifier when there's no session (e.g. syncroton, iRony)
- truncate username input if exceedingly long
 2017-06-07 10:19:51 +02:00
Aleksander Machniak
41e32e5b5a T2130: Write to userlogins log only when log_logins=true 
Also prevent from duplicate failure entries in that log.
 2016-12-30 06:30:51 -05:00
Aleksander Machniak
cbf4fa90d6 T1521: kolab_auth: Add possibility to close LDAP connection on request 2016-09-21 11:13:31 -04:00
Aleksander Machniak
c43008b94f Don't enable devel_mode in auditlog mode (#5466) 
Fixes unintentional less files use in Kolab skin.
 2016-06-29 16:51:49 +02:00
Aleksander Machniak
63ce7e9988 Don't use depracated Roundcube functions 2015-08-29 20:23:34 +02:00
Aleksander Machniak
d49a4457b1 D16: Don't abort authentication if $_SERVER['REMOTE_USER'] is set 2015-08-06 13:42:23 +02:00
Aleksander Machniak
ac4f6e7562 Avoid unused variables (also fixed some bugs) found in static code analysis 2014-11-21 10:03:18 +01:00
Aleksander Machniak
e00daea425 Remove debug code 2014-11-17 09:01:13 -05:00
Thomas Bruederli
a976842f03 Allow to limit user search (from new folder navigation) in multi-domain setups: 
Provide the 'kolab_users_directory' config option with placeholders %dc, %d, %u,
%fu or %dn in base_dn or filter properties.
 2014-11-17 14:33:04 +01:00
Thomas Bruederli
e618f0093c Support wildcard option to allow full access 2014-10-11 03:28:17 +02:00
Thomas Bruederli
1e0b0cdf9d Check effective rights for the login-as feature to improve the delegation model 
and allow controlling the administration privileges in LDAP (#1834).

This deprecates the config options 'kolab_auth_group', 'kolab_auth_role_value'
and 'kolab_auth_allowed_tasks'.

Admin privileges (per Roundcube task) and the required effective rights
are now defined in 'kolab_auth_admin_rights'.
 2014-10-11 03:14:45 +02:00
Aleksander Machniak
fbaa3f865e Add option to define list of tasks to which an admin has access (#3444) 
E.g. allow admins (using "Login as" feature) to see only user settings.
 2014-08-25 14:27:23 -04:00
Aleksander Machniak
a355288360 Fix so role-based plugins are loaded not required 2014-07-11 10:37:17 +02:00
Aleksander Machniak
26767a1669 Enable audit debugging only when logged as another user (Bug #3109), 
fix default of kolab_auth_auditlog in sample config file
 2014-06-02 14:02:31 +02:00
Aleksander Machniak
9a2a7e48a1 Fix SMTP authentication when using "Login As" feature 2014-03-13 10:29:47 +01:00
Aleksander Machniak
71c66461d5 Load per-user settings/plugins also just after log in 2014-02-20 15:41:12 +01:00
Aleksander Machniak
d7a607e1b1 Fix missing resolving of %dn in kolab_auth_role_settings 2014-01-24 13:44:04 +01:00
Thomas Bruederli
8996e8fa60 Adapt write_log hook to new per-user logging capabilities of Roundcube core (#2750): 
- Return the 'dir' property in write_log hook instead of writing the log directly
- Provide a user log directory during authentication with the username submitted or retrieved from LDAP respectively
- Requires Roundcube core rev 3786a4
 2014-01-16 10:04:03 +01:00
Thomas Bruederli
5bbbcca49c Report LDAP server error in plugin hook return data (#2727) 2014-01-07 15:31:48 +01:00
root
ab9c3db43a Improved role-based settings handling, especially 'skin' setting 2013-12-06 14:11:05 +01:00
Aleksander Machniak
004cd5ac56 Fixed kolab_auth_mailhost feature 2013-10-08 13:45:23 +02:00
Aleksander Machniak
d5af672f6b Fix sql debugging in audit mode 2013-10-07 12:38:36 +02:00
Aleksander Machniak
0cbce32636 Fixed kolab_auth_auditlog feature 2013-10-07 10:59:25 +02:00
Jeroen van Meeuwen (Kolab Systems)
c97615aeef Log failed logins (always) 2013-10-04 13:00:27 +02:00
Aleksander Machniak
a3ef9150a4 Update copyright year 2013-10-04 12:03:04 +02:00
Aleksander Machniak
1f3f8e69db Support multi-domain configuration of LDAP addressbooks (Bug #2292) 2013-10-04 11:54:49 +02:00
Aleksander Machniak
657093d838 Use password_ldap_bind hook to provide LDAP user DN for password change. (Request #2217) 
Requires ldap_simple driver to be enabled in password plugin config.
 2013-09-27 13:14:29 +02:00
Aleksander Machniak
6556c1a1d4 Improved performance of load_user_role_plugins_and_settings(), we cache 
some data in session so we can skip LDAP connection + bind + search
on every request (Bug #2241)
 2013-09-19 11:46:19 +02:00
Jeroen van Meeuwen (Kolab Systems)
610036138a Add the possibility to set the a mailhost attribute value to be used as the IMAP server address to connect to. 2013-09-11 16:33:07 +01:00
Aleksander Machniak
8002f2b0ca Take identities_level setting into consideration when identity form is going to be modified 2013-09-11 14:07:50 +02:00
Aleksander Machniak
cdd23787e2 Fix so kolab_delegation plugin can modify list of addresses in 
identity form (Bug #2191)
 2013-09-11 14:01:38 +02:00
Thomas Bruederli
74f1d3ba85 Hook into identities form and present a list of allowed sender email addresses (#2191) 2013-09-05 10:13:21 +02:00
Jeroen van Meeuwen (Kolab Systems)
44021155b0 Make sure we loop over non-empty arrays only 2013-08-19 13:54:08 +02:00
Jeroen van Meeuwen (Kolab Systems)
af0383d2d2 Correct typo (thanks to Daniel Morlock) 2013-08-05 15:37:23 +01:00
Jeroen van Meeuwen (Kolab Systems)
a6ee501a68 There's no need to get the user record 2013-08-05 11:18:29 +01:00
Jeroen van Meeuwen (Kolab Systems)
3d96d74298 Use $ldap->parse_vars to allow role specific settings and plugins to be applied to multi-domain environments through the expansion of '%dc' 2013-08-05 11:15:01 +01:00