1
0
mirror of https://github.com/mailcow/mailcow-dockerized.git synced 2024-12-23 02:04:46 +02:00

deny changes on identity provider if it's in use

This commit is contained in:
FreddleSpl0it 2023-07-30 11:24:07 +02:00 committed by DerLinkman
parent 7b47159478
commit 04e2494af8
No known key found for this signature in database
GPG Key ID: F109FD97469550A2
2 changed files with 35 additions and 2 deletions

View File

@ -2122,6 +2122,21 @@ function identity_provider($_action, $_data = null, $_extra = null) {
return false;
}
$stmt = $pdo->prepare("SELECT * FROM `mailbox`
WHERE `authsource` != 'mailcow'
AND `authsource` IS NOT NULL
AND `authsource` != :authsource");
$stmt->execute(array(':authsource' => $_data['authsource']));
$rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
if ($rows) {
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $data_log),
'msg' => array('authsource_in_use', $setting)
);
return false;
}
if ($_data['authsource'] == "keycloak") {
$_data['server_url'] = (!empty($_data['server_url'])) ? rtrim($_data['server_url'], '/') : null;
$_data['mailpassword_flow'] = isset($_data['mailpassword_flow']) ? intval($_data['mailpassword_flow']) : 0;
@ -2235,9 +2250,26 @@ function identity_provider($_action, $_data = null, $_extra = null) {
return false;
}
$stmt = $pdo->prepare("DELETE FROM identity_provider;");
$stmt->execute();
$stmt = $pdo->query("SELECT * FROM `mailbox`
WHERE `authsource` != 'mailcow'
AND `authsource` IS NOT NULL");
$rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
if ($rows) {
$_SESSION['return'][] = array(
'type' => 'danger',
'log' => array(__FUNCTION__, $_action, $data_log),
'msg' => array('authsource_in_use', $setting)
);
return false;
}
$stmt = $pdo->query("DELETE FROM identity_provider;");
$_SESSION['return'][] = array(
'type' => 'success',
'log' => array(__FUNCTION__, $_action, $data_log),
'msg' => array('item_deleted', '')
);
return true;
break;
case "init":

View File

@ -387,6 +387,7 @@
"aliases_in_use": "Max. aliases must be greater or equal to %d",
"app_name_empty": "App name cannot be empty",
"app_passwd_id_invalid": "App password ID %s invalid",
"authsource_in_use": "The identity provider cannot be changed or deleted as it is currently in use by one or more users.",
"bcc_empty": "BCC destination cannot be empty",
"bcc_exists": "A BCC map %s exists for type %s",
"bcc_must_be_email": "BCC destination %s is not a valid email address",