diff options
| author | alec <alec@208e9e7b-5314-0410-a742-e7e81cd9613c> | 2011-05-16 08:04:06 +0000 |
|---|---|---|
| committer | alec <alec@208e9e7b-5314-0410-a742-e7e81cd9613c> | 2011-05-16 08:04:06 +0000 |
| commit | c53519bf27504ea0b82398d64dceaf5c64aa8659 (patch) | |
| tree | 5474f7b1211f7e7da9aa3fcad4e9e473c0b47cb9 /plugins/acl | |
| parent | 883448243f446c25a06dd793cc72356e01a972a0 (diff) | |
- Remove acl_username_realm option, use realm auto-detection
git-svn-id: https://svn.roundcube.net/trunk@4773 208e9e7b-5314-0410-a742-e7e81cd9613c
Diffstat (limited to 'plugins/acl')
| -rw-r--r-- | plugins/acl/acl.php | 41 | ||||
| -rw-r--r-- | plugins/acl/config.inc.php.dist | 5 |
2 files changed, 39 insertions, 7 deletions
diff --git a/plugins/acl/acl.php b/plugins/acl/acl.php index 20168da88..450af49ea 100644 --- a/plugins/acl/acl.php +++ b/plugins/acl/acl.php @@ -1,7 +1,7 @@ <?php /** - * Folders Access Control Lists Management + * Folders Access Control Lists Management (RFC4314, RFC2086) * * @version 0.1 * @author Aleksander Machniak <alec@alec.pl> @@ -312,7 +312,7 @@ class acl extends rcube_plugin $acl = array_intersect(str_split($acl), $this->rights_supported()); - if (!strpos($user, '@') && ($realm = $this->rc->config->get('acl_username_realm'))) { + if (!strpos($user, '@') && ($realm = $this->get_realm())) { $user .= '@' . rcube_idn_to_ascii(preg_replace('/^@/', '', $realm)); } @@ -455,4 +455,41 @@ class acl extends rcube_plugin return $this->supported = str_split('lrswi' . $rights . 'pa'); } + + /** + * Username realm detection. + * + * @return string Username realm (domain) + */ + private function get_realm() + { + // When user enters a username without domain part, realm + // alows to add it to the username (and display correct username in the table) + + if (isset($_SESSION['acl_username_realm'])) { + return $_SESSION['acl_username_realm']; + } + + // find realm in username of logged user (?) + list($name, $domain) = explode('@', $_SESSION['username']); + + // Use (always existent) ACL entry on the INBOX for the user to determine + // whether or not the user ID in ACL entries need to be qualified and how + // they would need to be qualified. + if (empty($domain)) { + $acl = $this->rc->imap->get_acl('INBOX'); + if (is_array($acl)) { + $regexp = '/^' . preg_quote($_SESSION['username'], '/') . '@(.*)$/'; + $regexp = '/^' . preg_quote('aleksander.machniak', '/') . '@(.*)$/'; + foreach (array_keys($acl) as $name) { + if (preg_match($regexp, $name, $matches)) { + $domain = $matches[1]; + break; + } + } + } + } + + return $_SESSION['acl_username_realm'] = $domain; + } } diff --git a/plugins/acl/config.inc.php.dist b/plugins/acl/config.inc.php.dist index 6cb3093f3..4ced35861 100644 --- a/plugins/acl/config.inc.php.dist +++ b/plugins/acl/config.inc.php.dist @@ -5,9 +5,4 @@ // In simple mode access rights are grouped into four groups: read, write, delete, full $rcmail_config['acl_advanced_mode'] = false; -// Username realm -// When user enters a username without domain part, realm -// alows to add it to the username (and display correct username in the table) -$rcmail_config['acl_username_realm'] = ''; - ?> |