From 15ce95e78d262322cd65f1a6241753d686e462e3 Mon Sep 17 00:00:00 2001 From: andryyy Date: Fri, 29 Oct 2021 06:15:10 +0200 Subject: [PATCH] [Web, Dovecot] Add sieve and pop3 to protocol access for app passwords --- data/Dockerfiles/dovecot/docker-entrypoint.sh | 6 +++--- data/web/inc/functions.app_passwd.inc.php | 16 ++++++++++++++-- data/web/inc/init_db.inc.php | 4 +++- data/web/js/site/user.js | 4 +++- data/web/templates/edit/app-passwd.twig | 2 ++ data/web/templates/modals/user.twig | 2 ++ 6 files changed, 27 insertions(+), 7 deletions(-) diff --git a/data/Dockerfiles/dovecot/docker-entrypoint.sh b/data/Dockerfiles/dovecot/docker-entrypoint.sh index b6b775fb0..6645331bd 100755 --- a/data/Dockerfiles/dovecot/docker-entrypoint.sh +++ b/data/Dockerfiles/dovecot/docker-entrypoint.sh @@ -164,9 +164,9 @@ function auth_password_verify(req, pass) end -- check against app passwds for imap and smtp - -- app passwords are only available for imap and smtp in dovecot - if req.service == "smtp" or req.service == "imap" then - local cur,errorString = con:execute(string.format([[SELECT app_passwd.id, app_passwd.imap_access, app_passwd.smtp_access, app_passwd.password FROM app_passwd + -- app passwords are only available for imap, smtp, sieve and pop3 when using sasl + if req.service == "smtp" or req.service == "imap" or req.service == "sieve" or req.service == "pop3" then + local cur,errorString = con:execute(string.format([[SELECT app_passwd.id, app_passwd.imap_access, app_passwd.smtp_access, app_passwd.sieve_access, app_passwd.pop3_access, app_passwd.password FROM app_passwd INNER JOIN mailbox ON mailbox.username = app_passwd.mailbox WHERE mailbox = '%s' AND app_passwd.%s_access = '1' diff --git a/data/web/inc/functions.app_passwd.inc.php b/data/web/inc/functions.app_passwd.inc.php index 701bbe686..b493fc914 100644 --- a/data/web/inc/functions.app_passwd.inc.php +++ b/data/web/inc/functions.app_passwd.inc.php @@ -32,6 +32,8 @@ function app_passwd($_action, $_data = null) { $dav_access = (in_array('dav_access', $protocols)) ? 1 : 0; $smtp_access = (in_array('smtp_access', $protocols)) ? 1 : 0; $eas_access = (in_array('eas_access', $protocols)) ? 1 : 0; + $pop3_access = (in_array('pop3_access', $protocols)) ? 1 : 0; + $sieve_access = (in_array('sieve_access', $protocols)) ? 1 : 0; $domain = mailbox('get', 'mailbox_details', $username)['domain']; if (empty($domain)) { $_SESSION['return'][] = array( @@ -66,8 +68,8 @@ function app_passwd($_action, $_data = null) { ); return false; } - $stmt = $pdo->prepare("INSERT INTO `app_passwd` (`name`, `mailbox`, `domain`, `password`, `imap_access`, `smtp_access`, `eas_access`, `dav_access`, `active`) - VALUES (:app_name, :mailbox, :domain, :password, :imap_access, :smtp_access, :eas_access, :dav_access, :active)"); + $stmt = $pdo->prepare("INSERT INTO `app_passwd` (`name`, `mailbox`, `domain`, `password`, `imap_access`, `smtp_access`, `eas_access`, `dav_access`, `pop3_access`, `sieve_access`, `active`) + VALUES (:app_name, :mailbox, :domain, :password, :imap_access, :smtp_access, :eas_access, :dav_access, :pop3_access, :sieve_access, :active)"); $stmt->execute(array( ':app_name' => $app_name, ':mailbox' => $username, @@ -77,6 +79,8 @@ function app_passwd($_action, $_data = null) { ':smtp_access' => $smtp_access, ':eas_access' => $eas_access, ':dav_access' => $dav_access, + ':pop3_access' => $pop3_access, + ':sieve_access' => $sieve_access, ':active' => $active )); $_SESSION['return'][] = array( @@ -99,12 +103,16 @@ function app_passwd($_action, $_data = null) { $dav_access = (in_array('dav_access', $protocols)) ? 1 : 0; $smtp_access = (in_array('smtp_access', $protocols)) ? 1 : 0; $eas_access = (in_array('eas_access', $protocols)) ? 1 : 0; + $pop3_access = (in_array('pop3_access', $protocols)) ? 1 : 0; + $sieve_access = (in_array('sieve_access', $protocols)) ? 1 : 0; } else { $imap_access = $is_now['imap_access']; $smtp_access = $is_now['smtp_access']; $dav_access = $is_now['dav_access']; $eas_access = $is_now['eas_access']; + $pop3_access = $is_now['pop3_access']; + $sieve_access = $is_now['sieve_access']; } $active = (isset($_data['active'])) ? intval($_data['active']) : $is_now['active']; } @@ -152,6 +160,8 @@ function app_passwd($_action, $_data = null) { `smtp_access` = :smtp_access, `eas_access` = :eas_access, `dav_access` = :dav_access, + `pop3_access` = :pop3_access, + `sieve_access` = :sieve_access, `active` = :active WHERE `id` = :id"); $stmt->execute(array( @@ -161,6 +171,8 @@ function app_passwd($_action, $_data = null) { ':smtp_access' => $smtp_access, ':eas_access' => $eas_access, ':dav_access' => $dav_access, + ':pop3_access' => $pop3_access, + ':sieve_access' => $sieve_access, ':active' => $active, ':id' => $id )); diff --git a/data/web/inc/init_db.inc.php b/data/web/inc/init_db.inc.php index f3aada9ad..395ce2e1b 100644 --- a/data/web/inc/init_db.inc.php +++ b/data/web/inc/init_db.inc.php @@ -3,7 +3,7 @@ function init_db_schema() { try { global $pdo; - $db_version = "28102021_1600"; + $db_version = "29102021_0620"; $stmt = $pdo->query("SHOW TABLES LIKE 'versions'"); $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC)); @@ -368,6 +368,8 @@ function init_db_schema() { "smtp_access" => "TINYINT(1) NOT NULL DEFAULT '1'", "dav_access" => "TINYINT(1) NOT NULL DEFAULT '1'", "eas_access" => "TINYINT(1) NOT NULL DEFAULT '1'", + "pop3_access" => "TINYINT(1) NOT NULL DEFAULT '1'", + "sieve_access" => "TINYINT(1) NOT NULL DEFAULT '1'", "active" => "TINYINT(1) NOT NULL DEFAULT '1'" ), "keys" => array( diff --git a/data/web/js/site/user.js b/data/web/js/site/user.js index 62d6e7891..f37ae7473 100644 --- a/data/web/js/site/user.js +++ b/data/web/js/site/user.js @@ -277,7 +277,9 @@ jQuery(function($){ if (item.imap_access == 1) { item.protocols.push("IMAP"); } if (item.smtp_access == 1) { item.protocols.push("SMTP"); } if (item.eas_access == 1) { item.protocols.push("EAS/ActiveSync"); } - if (item.dav_access == 1) { item.protocols.push("DAV"); } + if (item.dav_access == 1) { item.protocols.push("DAV"); } + if (item.pop3_access == 1) { item.protocols.push("POP3"); } + if (item.sieve_access == 1) { item.protocols.push("Sieve"); } item.protocols = item.protocols.join(" ") if (acl_data.app_passwds === 1) { item.action = '
' + diff --git a/data/web/templates/edit/app-passwd.twig b/data/web/templates/edit/app-passwd.twig index d7bb617a2..046a34f52 100644 --- a/data/web/templates/edit/app-passwd.twig +++ b/data/web/templates/edit/app-passwd.twig @@ -39,6 +39,8 @@ + +
diff --git a/data/web/templates/modals/user.twig b/data/web/templates/modals/user.twig index 130658390..6de779b90 100644 --- a/data/web/templates/modals/user.twig +++ b/data/web/templates/modals/user.twig @@ -221,6 +221,8 @@ + +