diff -Nur smeserver-ezmlm-web-1.1.3.old/root/etc/e-smith/templates/etc/httpd/admin-conf/httpd.conf/85EzmlmWebAccess smeserver-ezmlm-web-1.1.3/root/etc/e-smith/templates/etc/httpd/admin-conf/httpd.conf/85EzmlmWebAccess
--- smeserver-ezmlm-web-1.1.3.old/root/etc/e-smith/templates/etc/httpd/admin-conf/httpd.conf/85EzmlmWebAccess 1969-12-31 19:00:00.000000000 -0500
+++ smeserver-ezmlm-web-1.1.3/root/etc/e-smith/templates/etc/httpd/admin-conf/httpd.conf/85EzmlmWebAccess 2017-04-17 16:25:00.239000000 -0400
@@ -0,0 +1,15 @@
+Alias /ezmlm-web /usr/local/share/ezmlm-web/www-data
+
+
+ Options +ExecCGI
+ order deny,allow
+ deny from all
+ allow from { "$localAccess"; }
+ AuthName "SME User manager"
+ AuthType Basic
+ TKTAuthLoginURL /server-common/cgi-bin/login
+ require valid-user
+ Satisfy all
+
+
+
diff -Nur smeserver-ezmlm-web-1.1.3.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/85EzmlmWebAccess smeserver-ezmlm-web-1.1.3/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/85EzmlmWebAccess
--- smeserver-ezmlm-web-1.1.3.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/85EzmlmWebAccess 2017-04-17 16:17:40.685000000 -0400
+++ smeserver-ezmlm-web-1.1.3/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/85EzmlmWebAccess 1969-12-31 19:00:00.000000000 -0500
@@ -1,8 +0,0 @@
-Alias /ezmlm-web /usr/local/share/ezmlm-web/www-data
-
-
- Options +ExecCGI
- order deny,allow
- deny from all
- allow from { "$localAccess $externalSSLAccess"; }
-
diff -Nur smeserver-ezmlm-web-1.1.3.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/28ezmlm-web smeserver-ezmlm-web-1.1.3/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/28ezmlm-web
--- smeserver-ezmlm-web-1.1.3.old/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/28ezmlm-web 1969-12-31 19:00:00.000000000 -0500
+++ smeserver-ezmlm-web-1.1.3/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/28ezmlm-web 2017-04-17 16:26:39.897000000 -0400
@@ -0,0 +1,31 @@
+{
+ # vim: ft=perl:
+
+ $haveSSL = (exists ${modSSL}{status} and ${modSSL}{status} eq "enabled") ? 'yes' : 'no';
+ $plainTextAccess = ${'httpd-admin'}{PermitPlainTextAccess} || 'no';
+ $UserAlias = ${UserPanelAlias} || 'user';
+
+
+ $OUT = '';
+ foreach $place ('ezmlm-web')
+ {
+ if (($port eq "80") && ($haveSSL eq 'yes') && ($plainTextAccess ne 'yes'))
+ {
+ $OUT .= " RewriteRule ^/$place(/.*|\$) https://%{HTTP_HOST}/$place\$1 [L,R]\n";
+ } else {
+ $OUT .= " ProxyPass /$place http://127.0.0.1:${'httpd-admin'}{TCPPort}/$place\n";
+ $OUT .= " ProxyPassReverse /$place http://127.0.0.1:${'httpd-admin'}{TCPPort}/$place\n";
+ }
+
+ $OUT .= " \n";
+ $OUT .= " order deny,allow\n";
+ $OUT .= " deny from all\n";
+ if (($haveSSL eq 'yes') && (($port eq "443") || ($plainTextAccess ne 'yes')))
+ {
+ $OUT .= " allow from $localAccess $externalSSLAccess\n";
+ } else {
+ $OUT .= " allow from $localAccess\n";
+ }
+ $OUT .= " \n";
+ }
+}
diff -Nur smeserver-ezmlm-web-1.1.3.old/root/etc/e-smith/templates/home/e-smith/files/ezmlm/lists/webusers/10webusers smeserver-ezmlm-web-1.1.3/root/etc/e-smith/templates/home/e-smith/files/ezmlm/lists/webusers/10webusers
--- smeserver-ezmlm-web-1.1.3.old/root/etc/e-smith/templates/home/e-smith/files/ezmlm/lists/webusers/10webusers 1969-12-31 19:00:00.000000000 -0500
+++ smeserver-ezmlm-web-1.1.3/root/etc/e-smith/templates/home/e-smith/files/ezmlm/lists/webusers/10webusers 2017-04-17 16:23:43.385000000 -0400
@@ -0,0 +1,22 @@
+{
+# set users with privileges on all lists on ALL
+my $ALLusers = $ezmlm{'ALL'} || "";
+$ALLusers =~ s/[,:]/ /g;
+$OUT = "ALL: admin $ALLusers\n";
+
+# set allowed users on ALLOW_CREATE
+# currently unecessary as we have disabled the ezmlm-web feature to create lists
+# and we use our own process, thus only admin can create lists
+my $ALLOWusers = $ezmlm{'ALLOW_CREATE'} || "";
+$ALLOWusers =~ s/[,:]/ /g;
+$OUT .= "ALLOW_CREATE: admin $ALLOWusers\n";
+
+# set privileges on individual lists
+my $accounts = esmith::ConfigDB->open_ro('accounts');
+foreach my $mllist ( $accounts->get_all_by_prop(type=>('mailinglist')) ) {
+ my $listname = $mllist->key;
+ my $users = $mllist->prop('webusers') || '';
+ $users =~ s/[,:]/ /g;
+ $OUT .= "$listname: $users \n" unless $users eq '';
+ }
+}
diff -Nur smeserver-ezmlm-web-1.1.3.old/root/etc/e-smith/templates.metadata/home/e-smith/files/ezmlm/lists/webusers smeserver-ezmlm-web-1.1.3/root/etc/e-smith/templates.metadata/home/e-smith/files/ezmlm/lists/webusers
--- smeserver-ezmlm-web-1.1.3.old/root/etc/e-smith/templates.metadata/home/e-smith/files/ezmlm/lists/webusers 1969-12-31 19:00:00.000000000 -0500
+++ smeserver-ezmlm-web-1.1.3/root/etc/e-smith/templates.metadata/home/e-smith/files/ezmlm/lists/webusers 2017-04-17 16:34:22.788000000 -0400
@@ -0,0 +1,3 @@
+PERMS=0640
+UID="ezmlm"
+GID="admin"
diff -Nur smeserver-ezmlm-web-1.1.3.old/root/etc/e-smith/web/functions/mailinglists smeserver-ezmlm-web-1.1.3/root/etc/e-smith/web/functions/mailinglists
--- smeserver-ezmlm-web-1.1.3.old/root/etc/e-smith/web/functions/mailinglists 2017-04-17 16:17:40.685000000 -0400
+++ smeserver-ezmlm-web-1.1.3/root/etc/e-smith/web/functions/mailinglists 2017-04-17 16:32:11.732000000 -0400
@@ -47,6 +47,8 @@
sub performModifyList ($);
sub deleteList ($);
sub performDeleteList ($);
+sub performWebusersList ($);
+sub webusersList ($);
BEGIN
{
@@ -109,6 +111,18 @@
{
performDeleteList ($q);
}
+
+elsif ($q->param ('state') eq "webusers")
+{
+ webusersList ($q);
+}
+
+
+elsif ($q->param ('state') eq "performWebusers")
+{
+ performWebusersList ($q);
+}
+
else
{
esmith::cgi::genStateError ($q, undef);
@@ -171,6 +185,7 @@
esmith::cgi::genSmallCell ($q, $q->b ('Domain')),
esmith::cgi::genSmallCell ($q, $q->b ('Description')),
$q->td (' '),
+ $q->td (' '),
$q->td (' ')
);
@@ -189,12 +204,48 @@
'Modify...')),
esmith::cgi::genSmallCell ($q,
+ $q->a ( { href => $q->url (-absolute => 1) .
+ "?state=webusers&list=" .
+ $list->key },
+ 'Webusers...')),
+
+ esmith::cgi::genSmallCell ($q,
$q->a ({href => $q->url (-absolute => 1)
. "?state=delete&list="
. $list->key}, 'Remove...'))
);
}
+ print $q->Tr ( esmith::cgi::genSmallCell ($q, 'ALL:'),
+ esmith::cgi::genSmallCell ($q, ''),
+ esmith::cgi::genSmallCell ($q, 'Generik webmanagement rights'),
+ esmith::cgi::genSmallCell ($q,''),
+
+ esmith::cgi::genSmallCell ($q,
+ $q->a ( { href => $q->url (-absolute => 1) .
+ "?state=webusers&list=" .
+ 'ALL' },
+ 'Webusers...')),
+
+ esmith::cgi::genSmallCell ($q,'')
+ );
+
+#/* future use
+# print $q->Tr ( esmith::cgi::genSmallCell ($q, 'ALLOW_CREATE'),
+# esmith::cgi::genSmallCell ($q, ''),
+# esmith::cgi::genSmallCell ($q, 'future use'),
+# esmith::cgi::genSmallCell ($q,''),
+#
+# esmith::cgi::genSmallCell ($q,
+# $q->a ( { href => $q->url (-absolute => 1) .
+# "?state=webusers&list=" .
+# 'ALLOW_CREATE' },
+# 'Webusers...')),
+#
+# esmith::cgi::genSmallCell ($q,'')
+# );
+#*/
+
print '';
}
@@ -202,6 +253,116 @@
}
#------------------------------------------------------------
+#
+#------------------------------------------------------------
+sub webusersList ($)
+{
+ my ($q) = @_;
+ my $members = "";
+ my $listName = $q->param ('list');
+ esmith::cgi::genHeaderNonCacheable
+ ($q, undef, 'Manage webusers for the following mailinglist: '. $listName );
+
+ print $q->startform (-method => 'POST',
+ -action => $q->url (-absolute => 1));
+
+
+ if ($listName eq "ALL") {
+ $members = $conf->get('ezmlm')->prop('ALL') || '';
+ }
+ elsif ($listName eq "ALLOW_CREATE") {
+ $members = $conf->get('ezmlm')->prop('ALLOW_CREATE') || '';
+ }
+ elsif ($accounts->get($listName)) {
+ $members = $accounts->get($listName)->prop('webusers') || '';
+ }
+ my %members;
+ foreach my $member ( split ( /,/, $members ) ) {
+ $members{$member} = 1;
+ }
+ my @users = sort { $a->key() cmp $b->key() } $accounts->users();
+
+
+ my $out = "\n | "
+ . 'Webusers :' #$fm->localise('GROUP_MEMBERS')
+ . " | \n \n"
+ . " \n | \n
\n";
+
+ print $q->table ({border => 0, cellspacing => 0, cellpadding => 4},
+ esmith::cgi::genTextRow ($q,
+
+ $q->p ('Please select the users who need to be able to manage the list ',
+ 'using the web panel. Any user present in the generic list "ALL"',
+ 'will be able to administer all existing and future lists.',
+ 'The admin is always member of the list ALL.') . ' ' ),
+
+ esmith::cgi::genTextRow ($q,$out),
+ esmith::cgi::genButtonRow ($q,
+ $q->submit (-name => 'action',
+ -value => 'Update')));
+
+ print '';
+
+
+ print $q->hidden (-name => 'state',
+ -override => 1,
+ -default => 'performWebusers');
+ print $q->hidden (-name => 'list',
+ -override => 1,
+ -default => $listName);
+
+
+ print $q->endform;
+
+ esmith::cgi::genFooter ($q);
+ return;
+}
+
+#------------------------------------------------------------
+#
+#------------------------------------------------------------
+sub performWebusersList ($)
+{
+ my $q = shift;
+
+ my @members = $q->param('groupMembers');
+ my $listName = $q->param('list');
+ # Untaint groupName before use in system()
+ ($listName) = ($listName =~ /^([a-zA-Z][\-\_\.a-zA-Z0-9]*)$/);
+
+ if ($listName eq "ALL") {
+ $conf->get('ezmlm')->prop('ALL');
+ $conf->get('ezmlm')->set_prop( 'ALL', join ( ',', @members ) );
+ }
+ elsif ($listName eq "ALLOW_CREATE") {
+ $conf->get('ezmlm')->set_prop( 'ALLOW_CREATE', join ( ',', @members ) );
+ }
+ else {
+ $accounts->get($listName)->set_prop( 'webusers', join ( ',', @members ) );
+ }
+ return system("/sbin/e-smith/expand-template", "/home/e-smith/files/ezmlm/lists/webusers") ?
+ showInitial ($q, "Error: updating webusers for $listName") : showInitial ($q, "Successfully updated webusers for $listName.");
+ return;
+}
+
+#------------------------------------------------------------
#
#------------------------------------------------------------
sub createList ($)
diff -Nur smeserver-ezmlm-web-1.1.3.old/root/etc/e-smith/web/functions/userpanel-mailinglists smeserver-ezmlm-web-1.1.3/root/etc/e-smith/web/functions/userpanel-mailinglists
--- smeserver-ezmlm-web-1.1.3.old/root/etc/e-smith/web/functions/userpanel-mailinglists 1969-12-31 19:00:00.000000000 -0500
+++ smeserver-ezmlm-web-1.1.3/root/etc/e-smith/web/functions/userpanel-mailinglists 2017-04-17 16:28:35.769000000 -0400
@@ -0,0 +1,48 @@
+#!/usr/bin/perl -wT
+
+#----------------------------------------------------------------------
+# heading : Collaboration
+# description : Mailing lists
+# navigation : 3000 3600
+#
+# copyright (C) 2000-2006 Gormand Pty Ltd
+# copyright (C) 2001,2006 Mitel Networks Corporation
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+#
+# Technical support for this program is available from Gorman Pty Ltd
+# Please visit our web site www.gormand.com.au for contact details.
+#----------------------------------------------------------------------
+use strict;
+use CGI':all';
+use CGI::Carp qw(fatalsToBrowser);
+
+
+BEGIN
+{
+ $ENV {'PATH'} = '/bin:/usr/bin:/sbin';
+ $ENV {'SHELL'} = '/bin/bash';
+ delete $ENV {'ENV'};
+}
+
+
+my $q = new CGI;
+my $content="0; url=https://".$ENV {'HTTP_X_FORWARDED_HOST'}."/ezmlm-web";
+$q->default_dtd('-//W3C//DTD XHTML 1.0 Transitional//EN');
+
+print $q->header ('text/html');
+print $q->start_html (-head=>meta({-http_equiv=>'refresh', -content=>$content}));
+
+print $q->end_html;