display all emails to an user (check more addresses)
authorMarkus Warg <mw@it-sls.de>
Wed, 18 Aug 2010 12:57:13 +0000 (14:57 +0200)
committerMarkus Warg <mw@it-sls.de>
Wed, 18 Aug 2010 12:57:13 +0000 (14:57 +0200)
add method to get all email addresses that are associated to an account,
use list of addresses to allow access to emails (mail ping issue #834 #845)
modified:   manager/application/configs/application.ini
modified:   manager/application/controllers/MailController.php
new file:   manager/library/CAcert/User/Emails.php

manager/application/configs/application.ini
manager/application/controllers/MailController.php
manager/library/CAcert/User/Emails.php [new file with mode: 0644]

index 61edc99..61f7d98 100644 (file)
@@ -10,6 +10,7 @@ resources.frontController.noErrorHandler = 0
 resources.frontController.useDefaultControllerAlways = 0\r
 resources.layout.layoutPath = APPLICATION_PATH "/layouts/scripts"\r
 resources.view[] =\r
+autoloadernamespaces.0 = "CAcert_"\r
 \r
 ; Database settings for Session DB\r
 ca_mgr.db.session.pdo                          = "Pdo_Mysql"\r
index 1ba73e2..e1449fd 100644 (file)
@@ -8,6 +8,11 @@ require_once(LIBRARY_PATH . '/imap/imapConnection.php');
 
 class MailController extends Zend_Controller_Action
 {
+       /**
+        * list of email addresses associated with that account
+        * @var array
+        */
+       private $addresses = array();
 
     public function init()
     {
@@ -25,6 +30,11 @@ class MailController extends Zend_Controller_Action
                        $this->view->url(array('controller' => 'mail', 'action' => 'full'), 'default', true) .
                        '"' . (($action == 'full')?' class="active"':'') . '>' . I18n::_('View all Mails') . '</a>', Zend_View_Helper_Placeholder_Container_Abstract::SET, 2);
        }
+
+       $emails = new CAcert_User_Emails();
+
+       $this->addresses = $emails->getEmailAddressesByLogin($session->authdata['authed_username']);
+
     }
 
     public function indexAction()
@@ -43,7 +53,7 @@ class MailController extends Zend_Controller_Action
                $header = $imap->imapHeader($i+1);
 
                // skip all emails that do not belong to the user
-               if ($header->toaddress != $session->authdata['authed_username'])
+                       if (!in_array($header->toaddress, $this->addresses))
                                continue;
 
                $header->uid = $imap->imapUID($i+1);
@@ -114,7 +124,8 @@ class MailController extends Zend_Controller_Action
                        $header = $imap->imapFetchOverview($uid);
 
                        $session = Zend_Registry::get('session');
-                       if ($session->authdata['authed_role'] != 'Admin' && $header->to != $session->authdata['authed_username']) {
+
+                       if ($session->authdata['authed_role'] != 'Admin' && !in_array($header->to, $this->addresses)) {
                                $this->view->message = I18n::_('This message does not belong to you');
                        }
                        else {
diff --git a/manager/library/CAcert/User/Emails.php b/manager/library/CAcert/User/Emails.php
new file mode 100644 (file)
index 0000000..d345ce8
--- /dev/null
@@ -0,0 +1,57 @@
+<?php\r
+\r
+class CAcert_User_Emails {\r
+       public function __construct() {\r
+               Log::Log()->debug(__METHOD__);\r
+       }\r
+\r
+       /**\r
+        * get list of email addresses by login, needed to be able to filter emails\r
+        * @param string $addr\r
+        * @return array\r
+        */\r
+       public function getEmailAddressesByLogin($addr) {\r
+               $db = Zend_Registry::get('auth2_dbc');\r
+\r
+               /**\r
+                * find out user id by email address\r
+                */\r
+               $sql = 'select users.id from users where email=?';\r
+\r
+               $id = $db->fetchOne($sql, array($addr));\r
+\r
+               /**\r
+                * get secondary email addresses\r
+                */\r
+               $sql = 'select email.email from email where memid=?';\r
+\r
+               $res = $db->query($sql, array($id));\r
+\r
+               $emails = array();\r
+\r
+               $num = $res->rowCount();\r
+               for ($i = 0; $i < $num; $i++) {\r
+                       $row = $res->fetch(PDO::FETCH_ASSOC);\r
+                       $emails[] = $row['email'];\r
+               }\r
+\r
+               /**\r
+                * get additional addresses by domains\r
+                */\r
+               $sql = 'select domains.domain from domains where memid=?';\r
+\r
+               $res = $db->query($sql, array($id));\r
+               $num = $res->rowCount();\r
+               $variants = array('root','hostmaster','postmaster','admin','webmaster');\r
+               for ($i = 0; $i < $num; $i++) {\r
+                       $row = $res->fetch(PDO::FETCH_ASSOC);\r
+\r
+                       foreach ($variants as $variant) {\r
+                               $emails[] = $variants . '@' . $row['domain'];\r
+                       }\r
+               }\r
+\r
+               Log::Log()->debug(__METHOD__ . ' mail addresses ' . var_export($emails, true));\r
+               return $emails;\r
+       }\r
+}
\ No newline at end of file