Ticket #1484478 (assigned Patches)

Opened 14 months ago

Last modified 12 months ago

Patch to force email address of identities to belong to a certain set of domains (ie. vanity domains)

Reported by: phallstrom Owned by: till
Priority: 5 Milestone: later
Component: Client Scripts Version: 0.1-rc1
Severity: normal Keywords:
Cc:

Description

Our system has a single mailbox per user. And users login using only their username and password (no domain part). However, we'd like them to be able to pick from one of several domains, but *not* change their username (so as to make it harder to spoof email as easily).

The below patch adds a configuration option "identity_domains" that contains a list of domains the identity can "belong to". If set the edit/save identity pages have been modified to turn the email text field into a select field containing a list of the domains prepended with their username. A couple of the helper methods (for generating form elements) were also updated to allow passing in a select field. 

Index: config/main.inc.php
===================================================================
--- config/main.inc.php (revision 7)
+++ config/main.inc.php (working copy)
@@ -49,6 +49,10 @@
 // Specify an array with 'host' => 'domain' values to support multiple hosts
 $rcmail_config['mail_domain'] = 'example.com';

+// If set identity email addresses will be composed of the user login
+// and one of these domains.
+$rcmail_config['identity_domains'] = array('example.com', 'exampleone.com', 'exampletwo.com');
+
 // Path to a virtuser table file to resolve user names and e-mail addresses
 $rcmail_config['virtuser_file'] = '';

Index: program/include/main.inc
===================================================================
--- program/include/main.inc    (revision 6)
+++ program/include/main.inc    (working copy)
@@ -1242,6 +1242,16 @@
     $attrib['cols'] = $attrib['size'];
     $input = new textarea($attrib);
     }
+  else if ($type=='select')
+    {
+    $options = $attrib['options'];
+    unset($attrib['options']);
+    $input = new select($attrib);
+    foreach ($options as $key => $val)
+      {
+      $input->add($val, (is_numeric($key) ? $val : $key));
+      }
+    }
   else
     $input = new textfield($attrib);

Index: program/steps/settings/save_identity.inc
===================================================================
--- program/steps/settings/save_identity.inc    (revision 2)
+++ program/steps/settings/save_identity.inc    (working copy)
@@ -32,7 +32,19 @@
   return;
   }
 
+// if identity_domains is set make sure the email domain is included
+if (isset($CONFIG['identity_domains']) && is_array($CONFIG['identity_domains']))
+  {
+  list($user, $domain) = split('@', $_POST['_email']);
+  if (!in_array($domain, $CONFIG['identity_domains']))
+    {
+    $OUTPUT->show_message('noemailwarning', 'warning');
+    rcmail_overwrite_action('edit-identitiy');
+    return;
+    }
+  }
 
+
 // update an existing contact
 if ($_POST['_iid'])
   {

{{{
Index: program/steps/settings/edit_identity.inc
===================================================================
--- program/steps/settings/edit_identity.inc    (revision 2)
+++ program/steps/settings/edit_identity.inc    (working copy)
@@ -44,7 +44,7 @@
 
 function rcube_identity_form($attrib)
   {
-  global $IDENTITY_RECORD, $OUTPUT;
+  global $CONFIG, $IDENTITY_RECORD, $OUTPUT;
 
 /*
   $OUTPUT->include_script('tiny_mce/tiny_mce_src.js');
@@ -70,14 +70,28 @@
   list($form_start, $form_end) = get_form_tags($attrib, 'save-identity', array('name' => '_iid', 'value' => $IDENTITY_RECORD['identity_id']));
   unset($attrib['form']);
 
+  // create list of valid email addresses for identity form
+  if (isset($CONFIG['identity_domains']) && is_array($CONFIG['identity_domains']))
+    {
+    foreach ($CONFIG['identity_domains'] as $domain)
+      {
+      $email_options[] = $_SESSION['username'] . '@' . $domain;
+      }
+    $email_a_show_cols = array('type' => 'select', 'options' => $email_options);
+    }
+  else
+    {
+    $email_a_show_cols = array('type' => 'text');
+    }
 
+
   // list of available cols
   $a_show_cols = array('name'         => array('type' => 'text'),
-                       'email'        => array('type' => 'text'),
+                       'email'        => $email_a_show_cols,
                        'organization' => array('type' => 'text'),
                        'reply-to'     => array('type' => 'text', 'label' => 'replyto'),
                        'bcc'          => array('type' => 'text'),
                        'signature'       => array('type' => 'textarea', 'size' => "40", 'rows' => "4"),
                    //  'html_signature'=>array('type' => 'checkbox', 'label' => 'htmlsignature', 'onclick' => 'return rcmail.toggle_editor(this, \'_signature\');
'),
                        'standard'     => array('type' => 'checkbox', 'label' => 'setdefault'));
 
@@ -122,6 +136,15 @@
       unset($attrib['mce_editable']);
       }
 
+    if ($colprop['type'] == 'select')
+      {
+      $attrib['options'] = $colprop['options'];
+      }
+    else
+      {
+      unset($attrib['options']);
+      }
+
     $label = strlen($colprop['label']) ? $colprop['label'] : $col;
     $value = rcmail_get_edit_field($col, $IDENTITY_RECORD[$col], $attrib, $colprop['type']);
 
}}}

Change History

Changed 12 months ago by till

  • owner set to till
  • status changed from new to assigned
  • milestone set to later
Note: See TracTickets for help on using tickets.