Fix conflict

2018-02-16 22:44:02 +01:00
parent 0bfd0838c2 2a3040de12
commit 1f09544f32
13 changed files with 60 additions and 21 deletions
--- a/data/web/edit.php
+++ b/data/web/edit.php
@@ -390,6 +390,7 @@ if (isset($_SESSION['mailcow_cc_role'])) {
        <form class="form-horizontal" data-id="editmailbox" role="form" method="post">
          <input type="hidden" value="0" name="sender_acl">
          <input type="hidden" value="0" name="active">
+          <input type="hidden" value="0" name="force_pw_update">
          <div class="form-group">
            <label class="control-label col-sm-2" for="name"><?=$lang['edit']['full_name'];?>:</label>
            <div class="col-sm-10">
@@ -476,6 +477,14 @@ if (isset($_SESSION['mailcow_cc_role'])) {
              </div>
            </div>
          </div>
+          <div class="form-group">
+            <div class="col-sm-offset-2 col-sm-10">
+              <div class="checkbox">
+              <label><input type="checkbox" value="1" name="force_pw_update" <?=($result['attributes']['force_pw_update']=="1") ? "checked" : null;?>> <?=$lang['edit']['force_pw_update'];?></label>
+              <small class="help-block"><?=$lang['edit']['force_pw_update_info'];?></small>
+              </div>
+            </div>
+          </div>
          <div class="form-group">
            <div class="col-sm-offset-2 col-sm-10">
              <button class="btn btn-success" id="edit_selected" data-id="editmailbox" data-item="<?=htmlspecialchars($result['username']);?>" data-api-url='edit/mailbox' data-api-attr='{}' href="#"><?=$lang['edit']['save'];?></button>
--- a/data/web/inc/ajax/destroy_tfa_auth.php
+++ b/data/web/inc/ajax/destroy_tfa_auth.php
@@ -0,0 +1,6 @@
+<?php
+session_start();
+unset($_SESSION['pending_mailcow_cc_username']);
+unset($_SESSION['pending_mailcow_cc_role']);
+unset($_SESSION['pending_tfa_method']);
+?>
--- a/data/web/inc/footer.inc.php
+++ b/data/web/inc/footer.inc.php
@@ -79,6 +79,17 @@ $(document).ready(function() {
        });
      }
  });
+  $('#ConfirmTFAModal').on('hidden.bs.modal', function(){
+      $.ajax({
+        type: "GET",
+        cache: false,
+        dataType: 'script',
+        url: '/inc/ajax/destroy_tfa_auth.php',
+        complete: function(data){
+          window.location = window.location.href.split("#")[0];
+        }
+      });
+  });
  <?php endif; ?>

  // Set TFA modals
@@ -205,7 +216,7 @@ $(document).ready(function() {
          $('#triggerRestartContainer').html('<span class="glyphicon glyphicon-ok"></span> ');
          $('#statusTriggerRestartContainer2').append(data);
          $('#triggerRestartContainer').html('<span class="glyphicon glyphicon-ok"></span> ');
-          location.reload();
+          window.location = window.location.href.split("#")[0];
        }
      });
    });
--- a/data/web/inc/functions.inc.php
+++ b/data/web/inc/functions.inc.php
@@ -415,7 +415,7 @@ function edit_user_account($postarray) {
 			}
 			$password_hashed = hash_password($password_new);
 			try {
-				$stmt = $pdo->prepare("UPDATE `mailbox` SET `password` = :password_hashed WHERE `username` = :username");
+				$stmt = $pdo->prepare("UPDATE `mailbox` SET `password` = :password_hashed, `attributes` = JSON_SET(`attributes`, '$.force_pw_update', '0') WHERE `username` = :username");
 				$stmt->execute(array(
 					':password_hashed' => $password_hashed,
 					':username' => $username
--- a/data/web/inc/functions.mailbox.inc.php
+++ b/data/web/inc/functions.mailbox.inc.php
@@ -1954,6 +1954,7 @@ function mailbox($_action, $_type, $_data = null, $attr = null) {
            $is_now = mailbox('get', 'mailbox_details', $username);
            if (!empty($is_now)) {
              $active     = (isset($_data['active'])) ? intval($_data['active']) : $is_now['active_int'];
+              (int)$force_pw_update = (isset($_data['force_pw_update'])) ? intval($_data['force_pw_update']) : intval($is_now['attributes']['force_pw_update']);
              $name       = (!empty($_data['name'])) ? $_data['name'] : $is_now['name'];
              $domain     = $is_now['domain'];
              $quota_m    = (!empty($_data['quota'])) ? $_data['quota'] : ($is_now['quota'] / 1048576);
@@ -2113,24 +2114,11 @@ function mailbox($_action, $_type, $_data = null, $attr = null) {
              }
              $password_hashed = hash_password($password);
              try {
-                $stmt = $pdo->prepare("UPDATE `alias` SET
-                    `active` = :active
-                      WHERE `address` = :address");
-                $stmt->execute(array(
-                  ':address' => $username,
-                  ':active' => $active
-                ));
                $stmt = $pdo->prepare("UPDATE `mailbox` SET
-                    `active` = :active,
                    `password` = :password_hashed,
-                    `name`= :name,
-                    `quota` = :quota_b
                      WHERE `username` = :username");
                $stmt->execute(array(
                  ':password_hashed' => $password_hashed,
-                  ':active' => $active,
-                  ':name' => $name,
-                  ':quota_b' => $quota_b,
                  ':username' => $username
                ));
              }
@@ -2153,12 +2141,14 @@ function mailbox($_action, $_type, $_data = null, $attr = null) {
              $stmt = $pdo->prepare("UPDATE `mailbox` SET
                  `active` = :active,
                  `name`= :name,
-                  `quota` = :quota_b
+                  `quota` = :quota_b,
+                  `attributes` = JSON_SET(`attributes`, '$.force_pw_update', :force_pw_update)
                    WHERE `username` = :username");
              $stmt->execute(array(
                ':active' => $active,
                ':name' => $name,
                ':quota_b' => $quota_b,
+                ':force_pw_update' => $force_pw_update,
                ':username' => $username
              ));
            }
@@ -3070,6 +3060,7 @@ function mailbox($_action, $_type, $_data = null, $attr = null) {
                `mailbox`.`domain`,
                `mailbox`.`quota`,
                `quota2`.`bytes`,
+                `attributes`,
                `quota2`.`messages`
                  FROM `mailbox`, `quota2`, `domain`
                    WHERE `mailbox`.`kind` NOT REGEXP 'location|thing|group' AND `mailbox`.`username` = `quota2`.`username` AND `domain`.`domain` = `mailbox`.`domain` AND `mailbox`.`username` = :mailbox");
@@ -3097,6 +3088,7 @@ function mailbox($_action, $_type, $_data = null, $attr = null) {
            $mailboxdata['active_int'] = $row['active_int'];
            $mailboxdata['domain'] = $row['domain'];
            $mailboxdata['quota'] = $row['quota'];
+            $mailboxdata['attributes'] = json_decode($row['attributes'], true);
            $mailboxdata['quota_used'] = intval($row['bytes']);
            $mailboxdata['percent_in_use'] = round((intval($row['bytes']) / intval($row['quota'])) * 100);
            $mailboxdata['messages'] = $row['messages'];
--- a/data/web/inc/init_db.inc.php
+++ b/data/web/inc/init_db.inc.php
@@ -3,7 +3,7 @@ function init_db_schema() {
  try {
    global $pdo;

-    $db_version = "08022018_2019";
+    $db_version = "16022018_1419";

    $stmt = $pdo->query("SHOW TABLES LIKE 'versions'");
    $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
@@ -187,6 +187,7 @@ function init_db_schema() {
          "domain" => "VARCHAR(255) NOT NULL",
          "tls_enforce_in" => "TINYINT(1) NOT NULL DEFAULT '0'",
          "tls_enforce_out" => "TINYINT(1) NOT NULL DEFAULT '0'",
+          "attributes" => "JSON DEFAULT '{}'",
          "kind" => "VARCHAR(100) NOT NULL DEFAULT ''",
          "multiple_bookings" => "TINYINT(1) NOT NULL DEFAULT '0'",
          "created" => "DATETIME(0) NOT NULL DEFAULT NOW(0)",
--- a/data/web/lang/lang.de.php
+++ b/data/web/lang/lang.de.php
@@ -85,6 +85,7 @@ $lang['danger']['sender_acl_invalid'] = 'Sender ACL Wert muss eine Adresse oder
 $lang['danger']['domain_not_empty'] = 'Kann nur leere Domains entfernen';
 $lang['danger']['validity_missing'] = 'Bitte geben Sie eine Gültigkeitsdauer an';
 $lang['user']['loading'] = "Lade...";
+$lang['user']['force_pw_update'] = 'Das Passwort für diesen Benutzer <b>muss</b> geändert werden, damit die Zugriffssperre auf die Groupwarekomponenten wieder freigeschaltet wird.';
 $lang['user']['active_sieve'] = "Aktiver Filter";
 $lang['user']['show_sieve_filters'] = "Zeige aktiven Filter des Benutzers";
 $lang['user']['no_active_filter'] = "Kein aktiver Filter vorhanden";
@@ -250,6 +251,8 @@ $lang['edit']['max_mailboxes'] = 'Max. Mailboxanzahl:';
 $lang['edit']['title'] = 'Objekt bearbeiten';
 $lang['edit']['target_address'] = 'Ziel-Adresse(n) <small>(getrennt durch Komma)</small>:';
 $lang['edit']['active'] = 'Aktiv';
+$lang['edit']['force_pw_update'] = 'Erzwinge Passwortänderung bei nächstem Login';
+$lang['edit']['force_pw_update_info'] = 'Dem Benutzer wird lediglich der Zugang zur mailcow UI ermöglicht.';
 $lang['edit']['target_domain'] = 'Ziel-Domain:';
 $lang['edit']['password'] = 'Passwort:';
 $lang['edit']['password_repeat'] = 'Passwort (Wiederholung):';
--- a/data/web/lang/lang.en.php
+++ b/data/web/lang/lang.en.php
@@ -84,6 +84,7 @@ $lang['danger']['sender_acl_invalid'] = "Sender ACL value is invalid";
 $lang['danger']['domain_not_empty'] = "Cannot remove non-empty domain";
 $lang['danger']['validity_missing'] = 'Please assign a period of validity';
 $lang['user']['loading'] = "Loading...";
+$lang['user']['force_pw_update'] = 'You <b>must</b> set a new password to be able to access groupware related services.';
 $lang['user']['active_sieve'] = "Active filter";
 $lang['user']['show_sieve_filters'] = "Show active user sieve filter";
 $lang['user']['no_active_filter'] = "No active filter available";
@@ -249,6 +250,8 @@ $lang['edit']['max_mailboxes'] = 'Max. possible mailboxes';
 $lang['edit']['title'] = 'Edit object';
 $lang['edit']['target_address'] = 'Goto address/es <small>(comma-separated)</small>';
 $lang['edit']['active'] = 'Active';
+$lang['edit']['force_pw_update'] = 'Force password update at next login';
+$lang['edit']['force_pw_update_info'] = 'This user will only be able to login to mailcow UI.';
 $lang['edit']['target_domain'] = 'Target domain';
 $lang['edit']['password'] = 'Password';
 $lang['edit']['password_repeat'] = 'Confirmation password (repeat)';
--- a/data/web/user.php
+++ b/data/web/user.php
@@ -89,6 +89,9 @@ elseif (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == '
 <div class="panel-body">
  <div class="row">
    <div class="col-sm-offset-3 col-sm-9">
+      <?php if ($mailboxdata['attributes']['force_pw_update'] == "1"): ?>
+      <div class="alert alert-danger"><?=$lang['user']['force_pw_update'];?></div>
+      <?php endif; ?>
      <p><a href="#pwChangeModal" data-toggle="modal">[<?=$lang['user']['change_password'];?>]</a></p>
      <p><a target="_blank" href="https://mailcow.github.io/mailcow-dockerized-docs/client/#<?=$clientconfigstr;?>">[<?=$lang['user']['client_configuration'];?>]</a></p>
    </div>