From 155dfc66ee46879063d0090b80ac70c1b2cf947a Mon Sep 17 00:00:00 2001
From: andryyy <andre.peters@debinux.de>
Date: Wed, 19 Aug 2020 15:31:54 +0200
Subject: [PATCH] [Web] Create ACL to toggle permission of a domain
 administrator to change a domain desc

---
 data/web/edit.php                      | 2 +-
 data/web/inc/functions.mailbox.inc.php | 2 +-
 data/web/inc/init_db.inc.php           | 4 +++-
 data/web/lang/lang.de.json             | 3 ++-
 data/web/lang/lang.en.json             | 3 ++-
 5 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/data/web/edit.php b/data/web/edit.php
index 0eecb797..520b18db 100644
--- a/data/web/edit.php
+++ b/data/web/edit.php
@@ -263,7 +263,7 @@ if (isset($_SESSION['mailcow_cc_role'])) {
             <input type="hidden" value="0" name="gal">
             <input type="hidden" value="0" name="relay_all_recipients">
             <input type="hidden" value="0" name="relay_unknown_only">
-            <div class="form-group">
+            <div class="form-group" data-acl="<?=$_SESSION['acl']['domain_desc'];?>">
               <label class="control-label col-sm-2" for="description"><?=$lang['edit']['description'];?></label>
               <div class="col-sm-10">
                 <input type="text" class="form-control" name="description" value="<?=htmlspecialchars($result['description']);?>">
diff --git a/data/web/inc/functions.mailbox.inc.php b/data/web/inc/functions.mailbox.inc.php
index 1d6062fa..d69c6f08 100644
--- a/data/web/inc/functions.mailbox.inc.php
+++ b/data/web/inc/functions.mailbox.inc.php
@@ -2010,7 +2010,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
               $is_now = mailbox('get', 'domain_details', $domain);
               if (!empty($is_now)) {
                 $gal                  = (isset($_data['gal'])) ? intval($_data['gal']) : $is_now['gal_int'];
-                $description          = (!empty($_data['description'])) ? $_data['description'] : $is_now['description'];
+                $description          = (!empty($_data['description']) && isset($_SESSION['acl']['domain_desc']) && $_SESSION['acl']['domain_desc'] == "1") ? $_data['description'] : $is_now['description'];
               }
               else {
                 $_SESSION['return'][] = array(
diff --git a/data/web/inc/init_db.inc.php b/data/web/inc/init_db.inc.php
index b80dc3a6..e311669c 100644
--- a/data/web/inc/init_db.inc.php
+++ b/data/web/inc/init_db.inc.php
@@ -3,7 +3,7 @@ function init_db_schema() {
   try {
     global $pdo;
 
-    $db_version = "14072020_1600";
+    $db_version = "19082020_1400";
 
     $stmt = $pdo->query("SHOW TABLES LIKE 'versions'");
     $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
@@ -280,6 +280,7 @@ function init_db_schema() {
           "username" => "VARCHAR(255) NOT NULL",
           "password" => "VARCHAR(255) NOT NULL",
           "name" => "VARCHAR(255)",
+          "description" => "VARCHAR(255)",
           // mailbox_path_prefix is followed by domain/local_part/
           "mailbox_path_prefix" => "VARCHAR(150) DEFAULT '/var/vmail/'",
           "quota" => "BIGINT(20) NOT NULL DEFAULT '102400'",
@@ -542,6 +543,7 @@ function init_db_schema() {
           "extend_sender_acl" => "TINYINT(1) NOT NULL DEFAULT '0'",
           "unlimited_quota" => "TINYINT(1) NOT NULL DEFAULT '0'",
           "alias_domains" => "TINYINT(1) NOT NULL DEFAULT '0'",
+          "domain_desc" => "TINYINT(1) NOT NULL DEFAULT '0'"
           ),
         "keys" => array(
           "primary" => array(
diff --git a/data/web/lang/lang.de.json b/data/web/lang/lang.de.json
index 2840db1e..a63b3350 100644
--- a/data/web/lang/lang.de.json
+++ b/data/web/lang/lang.de.json
@@ -22,7 +22,8 @@
         "spam_score": "Spam-Bewertung",
         "syncjobs": "Sync Jobs",
         "tls_policy": "Verschlüsselungsrichtlinie",
-        "unlimited_quota": "Unendliche Quota für Mailboxen"
+        "unlimited_quota": "Unendliche Quota für Mailboxen",
+        "domain_desc": "Domainbeschreibung ändern"
     },
     "add": {
         "activate_filter_warn": "Alle anderen Filter diesen Typs werden deaktiviert, falls dieses Script aktiv markiert wird.",
diff --git a/data/web/lang/lang.en.json b/data/web/lang/lang.en.json
index fd31584e..f416d025 100644
--- a/data/web/lang/lang.en.json
+++ b/data/web/lang/lang.en.json
@@ -22,7 +22,8 @@
         "spam_score": "Spam score",
         "syncjobs": "Sync jobs",
         "tls_policy": "TLS policy",
-        "unlimited_quota": "Unlimited quota for mailboxes"
+        "unlimited_quota": "Unlimited quota for mailboxes",
+        "domain_desc": "Change domain description"
     },
     "add": {
         "activate_filter_warn": "All other filters will be deactivated, when active is checked.",