mirror of
https://github.com/mailcow/mailcow-dockerized.git
synced 2024-12-23 02:04:46 +02:00
[Web] hide auth settings for external users
This commit is contained in:
parent
4dc3222f03
commit
5545d8a56c
@ -235,8 +235,11 @@ function mailcow_mbox_apppass_login($user, $pass, $app_passwd_data, $is_internal
|
||||
$protocol = 'sieve';
|
||||
} else if ($app_passwd_data['pop3']){
|
||||
$protocol = 'pop3';
|
||||
} else if (!$is_internal) {
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
// fetch app password data
|
||||
$stmt = $pdo->prepare("SELECT `app_passwd`.`password` as `password`, `app_passwd`.`id` as `app_passwd_id` FROM `app_passwd`
|
||||
INNER JOIN `mailbox` ON `mailbox`.`username` = `app_passwd`.`mailbox`
|
||||
@ -249,11 +252,8 @@ function mailcow_mbox_apppass_login($user, $pass, $app_passwd_data, $is_internal
|
||||
:has_access_query"
|
||||
);
|
||||
// check if app password has protocol access
|
||||
// skip if protocol is false and the call is not external
|
||||
$has_access_query = '';
|
||||
if (!$is_internal || ($is_internal && !empty($protocol))){
|
||||
$has_access_query = " AND `app_passwd`.`" . $protocol . "_access` = '1'";
|
||||
}
|
||||
// skip if protocol is false and the call is internal
|
||||
$has_access_query = ($is_internal && $protocol === false) ? "" : " AND `app_passwd`.`" . $protocol . "_access` = '1'";
|
||||
// fetch password data
|
||||
$stmt->execute(array(
|
||||
':user' => $user,
|
||||
|
@ -896,7 +896,7 @@ function edit_user_account($_data) {
|
||||
}
|
||||
$stmt = $pdo->prepare("SELECT `password` FROM `mailbox`
|
||||
WHERE `kind` NOT REGEXP 'location|thing|group'
|
||||
AND `username` = :user");
|
||||
AND `username` = :user AND authsource = 'mailcow'");
|
||||
$stmt->execute(array(':user' => $username));
|
||||
$row = $stmt->fetch(PDO::FETCH_ASSOC);
|
||||
if (!verify_hash($row['password'], $password_old)) {
|
||||
@ -917,7 +917,7 @@ function edit_user_account($_data) {
|
||||
$stmt = $pdo->prepare("UPDATE `mailbox` SET `password` = :password_hashed,
|
||||
`attributes` = JSON_SET(`attributes`, '$.force_pw_update', '0'),
|
||||
`attributes` = JSON_SET(`attributes`, '$.passwd_update', NOW())
|
||||
WHERE `username` = :username");
|
||||
WHERE `username` = :username AND authsource = 'mailcow'");
|
||||
$stmt->execute(array(
|
||||
':password_hashed' => $password_hashed,
|
||||
':username' => $username
|
||||
|
@ -3165,7 +3165,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
|
||||
$stmt = $pdo->prepare("UPDATE `mailbox` SET
|
||||
`password` = :password_hashed,
|
||||
`attributes` = JSON_SET(`attributes`, '$.passwd_update', NOW())
|
||||
WHERE `username` = :username");
|
||||
WHERE `username` = :username AND authsource = 'mailcow'");
|
||||
$stmt->execute(array(
|
||||
':password_hashed' => $password_hashed,
|
||||
':username' => $username
|
||||
|
@ -97,6 +97,7 @@
|
||||
</div>
|
||||
|
||||
{# TFA #}
|
||||
{% if mailboxdata.authsource == "mailcow" %}
|
||||
<legend class="mt-4">{{ lang.user.authentication }}</legend>
|
||||
<hr>
|
||||
<div class="row">
|
||||
@ -170,6 +171,7 @@
|
||||
</div>
|
||||
<br>
|
||||
</div>
|
||||
{% endif %}
|
||||
</div>
|
||||
<div class="ms-auto col-xl-3 col-lg-5 col-md-12 col-12 d-flex flex-column well flex-grow-1">
|
||||
<legend class="d-flex">
|
||||
|
Loading…
Reference in New Issue
Block a user