public inbox for pmg-devel@lists.proxmox.com
 help / color / mirror / Atom feed
* [pmg-devel] [PATCH pmg-api] fix #2013 spamreport: remove ticket if authmode is ldap
@ 2021-05-17 14:02 Stoiko Ivanov
  2021-06-16 11:10 ` Dominik Csapak
  2021-06-28 13:31 ` [pmg-devel] applied: " Thomas Lamprecht
  0 siblings, 2 replies; 3+ messages in thread
From: Stoiko Ivanov @ 2021-05-17 14:02 UTC (permalink / raw)
  To: pmg-devel

Currently the 'authmode' setting for the spamquarantine is not used
anywhere. According to documentation setting it to 'ldap' should allow
access to the quarantine only with ldap credentials.

This patch addresses the issue by not generating a quarantineticket,
and adapting all links accordingly if the authmode is 'ldap'.

tested by changing the authmode and running
`pmgqm send -receiver <email-address> -debug 1`

Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
---
 src/PMG/CLI/pmgqm.pm | 21 ++++++++++++++++-----
 1 file changed, 16 insertions(+), 5 deletions(-)

diff --git a/src/PMG/CLI/pmgqm.pm b/src/PMG/CLI/pmgqm.pm
index 39253db..1e21bf0 100755
--- a/src/PMG/CLI/pmgqm.pm
+++ b/src/PMG/CLI/pmgqm.pm
@@ -70,8 +70,12 @@ sub get_item_data {
     $item->{file} = $ref->{file};
 
     my $basehref = "$data->{protocol_fqdn_port}/quarantine";
-    my $ticket = uri_escape($data->{ticket});
-    $item->{href} = "$basehref?ticket=$ticket&cselect=$item->{id}&date=$item->{date}";
+    if ($data->{authmode} ne 'ldap') {
+	my $ticket = uri_escape($data->{ticket});
+	$item->{href} = "$basehref?ticket=$ticket&cselect=$item->{id}&date=$item->{date}";
+    } else {
+	$item->{href} = "$basehref?cselect=$item->{id}&date=$item->{date}";
+    }
 
     return $item;
 }
@@ -229,6 +233,8 @@ __PACKAGE__->register_method ({
 	    $protocol_fqdn_port .= ":$port";
 	}
 
+	my $authmode = $cfg->get ('spamquar', 'authmode') // 'ticket';
+
 	my $global_data = {
 	    protocol => $protocol,
 	    port => $port,
@@ -238,6 +244,7 @@ __PACKAGE__->register_method ({
 	    timespan => $timespan,
 	    items => [],
 	    protocol_fqdn_port => $protocol_fqdn_port,
+	    authmode => $authmode,
 	};
 
 	my $mailfrom = $cfg->get ('spamquar', 'mailfrom') //
@@ -306,9 +313,13 @@ __PACKAGE__->register_method ({
 		$mailcount = 0;
 
 		$data->{pmail} = $creceiver;
-		$data->{ticket} = PMG::Ticket::assemble_quarantine_ticket($data->{pmail});
-		my $esc_ticket = uri_escape($data->{ticket});
-		$data->{managehref} = "$protocol_fqdn_port/quarantine?ticket=${esc_ticket}";
+		$data->{managehref} = "$protocol_fqdn_port/quarantine";
+		if ($data->{authmode} ne 'ldap') {
+		    $data->{ticket} = PMG::Ticket::assemble_quarantine_ticket($data->{pmail});
+		    my $esc_ticket = uri_escape($data->{ticket});
+		    $data->{managehref} .= "?ticket=${esc_ticket}";
+		}
+
 	    }
 
 	    push @{$data->{items}}, get_item_data($data, $ref);
-- 
2.20.1





^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [pmg-devel] [PATCH pmg-api] fix #2013 spamreport: remove ticket if authmode is ldap
  2021-05-17 14:02 [pmg-devel] [PATCH pmg-api] fix #2013 spamreport: remove ticket if authmode is ldap Stoiko Ivanov
@ 2021-06-16 11:10 ` Dominik Csapak
  2021-06-28 13:31 ` [pmg-devel] applied: " Thomas Lamprecht
  1 sibling, 0 replies; 3+ messages in thread
From: Dominik Csapak @ 2021-06-16 11:10 UTC (permalink / raw)
  To: Stoiko Ivanov, pmg-devel

Looks good and works like intended, setting the authmode to
ldap does not include the ticket anymore

just want to comment that this is now the opposite behaviour
of pmg <= 4 where setting authmode to ldap would not
change the template, but not accept quarantine tickets anymore
(which we should *probably* also do, since there may be
some valid tickets around; but this can be a separate patch)

Reviewed-By: Dominik Csapak <d.csapak@proxmox.com>
Tested-By: Dominik Csapak <d.csapak@proxmox.com>

On 5/17/21 4:02 PM, Stoiko Ivanov wrote:
> Currently the 'authmode' setting for the spamquarantine is not used
> anywhere. According to documentation setting it to 'ldap' should allow
> access to the quarantine only with ldap credentials.
> 
> This patch addresses the issue by not generating a quarantineticket,
> and adapting all links accordingly if the authmode is 'ldap'.
> 
> tested by changing the authmode and running
> `pmgqm send -receiver <email-address> -debug 1`
> 
> Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
> ---
>   src/PMG/CLI/pmgqm.pm | 21 ++++++++++++++++-----
>   1 file changed, 16 insertions(+), 5 deletions(-)
> 
> diff --git a/src/PMG/CLI/pmgqm.pm b/src/PMG/CLI/pmgqm.pm
> index 39253db..1e21bf0 100755
> --- a/src/PMG/CLI/pmgqm.pm
> +++ b/src/PMG/CLI/pmgqm.pm
> @@ -70,8 +70,12 @@ sub get_item_data {
>       $item->{file} = $ref->{file};
>   
>       my $basehref = "$data->{protocol_fqdn_port}/quarantine";
> -    my $ticket = uri_escape($data->{ticket});
> -    $item->{href} = "$basehref?ticket=$ticket&cselect=$item->{id}&date=$item->{date}";
> +    if ($data->{authmode} ne 'ldap') {
> +	my $ticket = uri_escape($data->{ticket});
> +	$item->{href} = "$basehref?ticket=$ticket&cselect=$item->{id}&date=$item->{date}";
> +    } else {
> +	$item->{href} = "$basehref?cselect=$item->{id}&date=$item->{date}";
> +    }
>   
>       return $item;
>   }
> @@ -229,6 +233,8 @@ __PACKAGE__->register_method ({
>   	    $protocol_fqdn_port .= ":$port";
>   	}
>   
> +	my $authmode = $cfg->get ('spamquar', 'authmode') // 'ticket';
> +
>   	my $global_data = {
>   	    protocol => $protocol,
>   	    port => $port,
> @@ -238,6 +244,7 @@ __PACKAGE__->register_method ({
>   	    timespan => $timespan,
>   	    items => [],
>   	    protocol_fqdn_port => $protocol_fqdn_port,
> +	    authmode => $authmode,
>   	};
>   
>   	my $mailfrom = $cfg->get ('spamquar', 'mailfrom') //
> @@ -306,9 +313,13 @@ __PACKAGE__->register_method ({
>   		$mailcount = 0;
>   
>   		$data->{pmail} = $creceiver;
> -		$data->{ticket} = PMG::Ticket::assemble_quarantine_ticket($data->{pmail});
> -		my $esc_ticket = uri_escape($data->{ticket});
> -		$data->{managehref} = "$protocol_fqdn_port/quarantine?ticket=${esc_ticket}";
> +		$data->{managehref} = "$protocol_fqdn_port/quarantine";
> +		if ($data->{authmode} ne 'ldap') {
> +		    $data->{ticket} = PMG::Ticket::assemble_quarantine_ticket($data->{pmail});
> +		    my $esc_ticket = uri_escape($data->{ticket});
> +		    $data->{managehref} .= "?ticket=${esc_ticket}";
> +		}
> +
>   	    }
>   
>   	    push @{$data->{items}}, get_item_data($data, $ref);
> 




^ permalink raw reply	[flat|nested] 3+ messages in thread

* [pmg-devel] applied: [PATCH pmg-api] fix #2013 spamreport: remove ticket if authmode is ldap
  2021-05-17 14:02 [pmg-devel] [PATCH pmg-api] fix #2013 spamreport: remove ticket if authmode is ldap Stoiko Ivanov
  2021-06-16 11:10 ` Dominik Csapak
@ 2021-06-28 13:31 ` Thomas Lamprecht
  1 sibling, 0 replies; 3+ messages in thread
From: Thomas Lamprecht @ 2021-06-28 13:31 UTC (permalink / raw)
  To: Stoiko Ivanov, pmg-devel

On 17.05.21 16:02, Stoiko Ivanov wrote:
> Currently the 'authmode' setting for the spamquarantine is not used
> anywhere. According to documentation setting it to 'ldap' should allow
> access to the quarantine only with ldap credentials.
> 
> This patch addresses the issue by not generating a quarantineticket,
> and adapting all links accordingly if the authmode is 'ldap'.
> 
> tested by changing the authmode and running
> `pmgqm send -receiver <email-address> -debug 1`
> 
> Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
> ---
>  src/PMG/CLI/pmgqm.pm | 21 ++++++++++++++++-----
>  1 file changed, 16 insertions(+), 5 deletions(-)
> 
>

applied, with Dominiks R-b, T-b tags, thanks!

His comment was left unanswered though, just as a reminder:

> just want to comment that this is now the opposite behaviour
> of pmg <= 4 where setting authmode to ldap would not
> change the template, but not accept quarantine tickets anymore
> (which we should *probably* also do, since there may be
> some valid tickets around; but this can be a separate patch) 

(no hard feelings regarding this from my side, as said, just a reminder
to ensure it did not get lost, or was discussed off-list and the result of
that did not made it to the list or the like)




^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2021-06-28 13:32 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-05-17 14:02 [pmg-devel] [PATCH pmg-api] fix #2013 spamreport: remove ticket if authmode is ldap Stoiko Ivanov
2021-06-16 11:10 ` Dominik Csapak
2021-06-28 13:31 ` [pmg-devel] applied: " Thomas Lamprecht

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal