Эхлэл Бүгдийг харах Тусламж
Нэвтрэх
mirrors
/
mailcow-dockerized
-ын хуулбар https://github.com/mailcow/mailcow-dockerized
2
0
Салаа 0
Файлууд Асуудлууд 0 Мэдлэгийн сан
Эх сурвалжийг харах

Merge pull request #6386 from mailcow/staging

Automatic PR to nightly from 2025-03-24T08:36:34Z
FreddleSpl0it 5 сар өмнө
parent
986b0afbfa 1c9d80f554
commit
9351cf24fe
8 өөрчлөгдсөн 46 нэмэгдсэн , 14 устгасан
Өөрчлөлтийг ялгаж харах Өөрчлөлтийн статистик харах
  1. 2 2
      data/conf/nginx/templates/nginx.conf.j2
  2. 2 1
      data/web/api/openapi.yaml
  3. 0 0
      data/web/css/build/007-languages.min.css
  4. 10 7
      data/web/inc/functions.inc.php
  5. 1 1
      data/web/inc/functions.mailbox.inc.php
  6. 6 1
      data/web/inc/triggers.admin.inc.php
  7. 6 1
      data/web/inc/triggers.domainadmin.inc.php
  8. 19 1
      data/web/inc/triggers.user.inc.php

+ 2 - 2
data/conf/nginx/templates/nginx.conf.j2
Файл харах 

@@ -182,6 +182,8 @@ http {
 
         }
 
     }
 
 
+    include /etc/nginx/conf.d/*.conf;
 
+
 
     {% for cert in valid_cert_dirs %}
 
     server {
 
         {% if not HTTP_REDIRECT %}
 
@@ -206,6 +208,4 @@ http {
 
         include /etc/nginx/includes/sites-default.conf;
 
     }
 
     {% endfor %}
 
-
 
-    include /etc/nginx/conf.d/*.conf;
 
 }

+ 2 - 1
data/web/api/openapi.yaml
Файл харах 

@@ -346,7 +346,8 @@ paths:
 
                   description: the domain which emails should be forwarded
 
                   type: string
 
                 type:
 
-                  description: the type of bcc map can be `sender` or `recipient`
 
+                  description: the type of bcc map can be `sender` or `rcpt`
 
+                  enum: [sender, rcpt]
 
                   type: string
 
               type: object
 
       summary: Create BCC Map

Файлын зөрүү хэтэрхий том тул дарагдсан байна
+ 0 - 0
data/web/css/build/007-languages.min.css


+ 10 - 7
data/web/inc/functions.inc.php
Файл харах 

@@ -1385,6 +1385,7 @@ function fido2($_data) {
 
       );

     break;

     case "verify":

+      $role = "";

       $tokenData = json_decode($_data['token']);

       $clientDataJSON = base64_decode($tokenData->clientDataJSON);

       $authenticatorData = base64_decode($tokenData->authenticatorData);

@@ -1418,17 +1419,17 @@ function fido2($_data) {
 
       $stmt->execute(array(':username' => $process_fido2['username']));

       $obj_props = $stmt->fetch(PDO::FETCH_ASSOC);

       if ($obj_props['superadmin'] === 1 && (!$_data['user'] || $_data['user'] == "admin")) {

-        $_SESSION["mailcow_cc_role"] = "admin";

+        $role = "admin";

       }

       elseif ($obj_props['superadmin'] === 0 && (!$_data['user'] || $_data['user'] == "domainadmin")) {

-        $_SESSION["mailcow_cc_role"] = "domainadmin";

+        $role = "domainadmin";

       }

       elseif (!isset($obj_props['superadmin']) && (!$_data['user'] || $_data['user'] == "user")) {

         $stmt = $pdo->prepare("SELECT `username` FROM `mailbox` WHERE `username` = :username");

         $stmt->execute(array(':username' => $process_fido2['username']));

         $row = $stmt->fetch(PDO::FETCH_ASSOC);

         if ($row['username'] == $process_fido2['username']) {

-          $_SESSION["mailcow_cc_role"] = "user";

+          $role = "user";

         }

       }

       else {

@@ -1439,7 +1440,7 @@ function fido2($_data) {
 
         );

         return false;

       }

-      if (empty($_SESSION["mailcow_cc_role"])) {

+      if (empty($role)) {

         session_unset();

         session_destroy();

         $_SESSION['return'][] =  array(

@@ -1449,15 +1450,17 @@ function fido2($_data) {
 
         );

         return false;

       }

-      $_SESSION["mailcow_cc_username"] = $process_fido2['username'];

-      $_SESSION["fido2_cid"] = $process_fido2['cid'];

       unset($_SESSION["challenge"]);

       $_SESSION['return'][] =  array(

         'type' => 'success',

         'log' => array("fido2_login", $_data['user'], $process_fido2['username']),

         'msg' => array('logged_in_as', $process_fido2['username'])

       );

-      return true;

+      return array(

+        "role" => $role,

+        "username" => $process_fido2['username'],

+        "cid" => $process_fido2['cid']

+      );

     break;

   }

 }

+ 1 - 1
data/web/inc/functions.mailbox.inc.php
Файл харах 

@@ -3324,7 +3324,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
 
           }

 

           $is_now = mailbox('get', 'mailbox_details', $old_username);

-          if (empty($is_now)) {

+          if (empty($is_now) || ($is_now['active'] != '1' && $is_now['active'] != '2')) {

             $_SESSION['return'][] = array(

               'type' => 'danger',

               'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),

+ 6 - 1
data/web/inc/triggers.admin.inc.php
Файл харах 

@@ -19,11 +19,16 @@ if (isset($_POST["verify_tfa_login"])) {
 
   unset($_SESSION['pending_tfa_methods']);
 
 }
 
 if (isset($_POST["verify_fido2_login"])) {
 
-  fido2(array(
 
+  $res = fido2(array(
 
     "action" => "verify",
 
     "token" => $_POST["token"],
 
     "user" => "admin"
 
   ));
 
+  if (is_array($res) && $res['role'] == "admin" && !empty($res['username'])){
 
+    $_SESSION["mailcow_cc_username"] = $res['username'];
 
+    $_SESSION["mailcow_cc_role"] = $res['role'];
 
+    $_SESSION["fido2_cid"] = $res['cid'];
 
+  }
 
   exit;
 
 }

+ 6 - 1
data/web/inc/triggers.domainadmin.inc.php
Файл харах 

@@ -30,11 +30,16 @@ if (isset($_POST["verify_tfa_login"])) {
 
   unset($_SESSION['pending_tfa_methods']);
 
 }
 
 if (isset($_POST["verify_fido2_login"])) {
 
-  fido2(array(
 
+  $res = fido2(array(
 
     "action" => "verify",
 
     "token" => $_POST["token"],
 
     "user" => "domainadmin"
 
   ));
 
+  if (is_array($res) && $res['role'] == "domainadmin" && !empty($res['username'])){
 
+    $_SESSION["mailcow_cc_username"] = $res['username'];
 
+    $_SESSION["mailcow_cc_role"] = $res['role'];
 
+    $_SESSION["fido2_cid"] = $res['cid'];
 
+  }
 
   exit;
 
 }

+ 19 - 1
data/web/inc/triggers.user.inc.php
Файл харах 

@@ -66,6 +66,14 @@ if (isset($_POST["verify_tfa_login"])) {
 
         die();
 
       } else {
 
         set_user_loggedin_session($_SESSION['pending_mailcow_cc_username']);
 
+
 
+        if (isset($_SESSION['oauth2_request'])) {
 
+          $oauth2_request = $_SESSION['oauth2_request'];
 
+          unset($_SESSION['oauth2_request']);
 
+          header('Location: ' . $oauth2_request);
 
+          die();
 
+        }
 
+
 
         $user_details = mailbox("get", "mailbox_details", $_SESSION['mailcow_cc_username']);
 
         $is_dual = (!empty($_SESSION["dual-login"]["username"])) ? true : false;
 
         if (intval($user_details['attributes']['sogo_access']) == 1 && !$is_dual) {
 
@@ -84,11 +92,15 @@ if (isset($_POST["verify_tfa_login"])) {
 
   unset($_SESSION['pending_tfa_methods']);
 
 }
 
 if (isset($_POST["verify_fido2_login"])) {
 
-  fido2(array(
 
+  $res = fido2(array(
 
     "action" => "verify",
 
     "token" => $_POST["token"],
 
     "user" => "user"
 
   ));
 
+  if (is_array($res) && $res['role'] == "user" && !empty($res['username'])){
 
+    set_user_loggedin_session($res['username']);
 
+    $_SESSION["fido2_cid"] = $res['cid'];
 
+  }
 
   exit;
 
 }
 
 
@@ -118,6 +130,12 @@ if (isset($_POST["login_user"]) && isset($_POST["pass_user"])) {
 
         header("Location: /mobileconfig.php");
 
         die();
 
     }
 
+    if (isset($_SESSION['oauth2_request'])) {
 
+      $oauth2_request = $_SESSION['oauth2_request'];
 
+      unset($_SESSION['oauth2_request']);
 
+      header('Location: ' . $oauth2_request);
 
+      die();
 
+    }
 
 
     $user_details = mailbox("get", "mailbox_details", $login_user);
 
     $is_dual = (!empty($_SESSION["dual-login"]["username"])) ? true : false;

Энэ ялгаанд хэт олон файл өөрчлөгдсөн тул зарим файлыг харуулаагүй болно