From d01f9fc7f5a369284fbfd92c6e804d84147e42a1 Mon Sep 17 00:00:00 2001 From: Aleksander Machniak Date: Mon, 4 Aug 2014 19:03:27 +0200 Subject: Add option (disabled_actions) to disable UI elements/actions (#1489638) --- CHANGELOG | 1 + config/defaults.inc.php | 3 +++ index.php | 8 ++++++++ program/include/rcmail_output_html.php | 30 ++++++++++++++++++++++++++--- program/steps/mail/func.inc | 1 + skins/classic/includes/messagetoolbar.html | 30 ++++++++++++++--------------- skins/classic/templates/compose.html | 4 ++-- skins/classic/templates/messagepreview.html | 4 ++-- skins/larry/includes/mailtoolbar.html | 30 ++++++++++++++--------------- skins/larry/templates/addressbook.html | 16 +++++++-------- skins/larry/templates/compose.html | 4 ++-- skins/larry/templates/folders.html | 4 ++-- skins/larry/templates/mail.html | 30 ++++++++++++++--------------- skins/larry/templates/message.html | 4 ++-- skins/larry/templates/messagepreview.html | 4 ++-- 15 files changed, 105 insertions(+), 68 deletions(-) diff --git a/CHANGELOG b/CHANGELOG index f2bbe353d..4b799ca62 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,6 +1,7 @@ CHANGELOG Roundcube Webmail =========================== +- Add option (disabled_actions) to disable UI elements/actions (#1489638) - Support password encryption using openssl extension (#1489989) - Create/rename groups in UI dialogs (#1489951) - Added 'contact_search_name' option to define autocompletion entry format diff --git a/config/defaults.inc.php b/config/defaults.inc.php index 18171b75f..625d4ea80 100644 --- a/config/defaults.inc.php +++ b/config/defaults.inc.php @@ -285,6 +285,9 @@ $config['enable_installer'] = false; // don't allow these settings to be overriden by the user $config['dont_override'] = array(); +// List of disabled UI elements/actions +$config['disabled_actions'] = array(); + // define which settings should be listed under the 'advanced' block // which is hidden by default $config['advanced_prefs'] = array(); diff --git a/index.php b/index.php index e0aaf77f8..3154daf68 100644 --- a/index.php +++ b/index.php @@ -260,6 +260,14 @@ else { 'message' => "Referer check failed"), true, true); } } + + // check access to disabled actions + $disabled_actions = (array) $RCMAIL->config->get('disabled_actions'); + if (in_array($RCMAIL->task . '.' . ($RCMAIL->action ?: 'index'), $disabled_actions)) { + rcube::raise_error(array( + 'code' => 403, 'type' => 'php', + 'message' => "Action disabled"), true, true); + } } // we're ready, user is authenticated and the request is safe diff --git a/program/include/rcmail_output_html.php b/program/include/rcmail_output_html.php index 705a72ece..a84824648 100644 --- a/program/include/rcmail_output_html.php +++ b/program/include/rcmail_output_html.php @@ -1139,7 +1139,8 @@ EOF; */ public function button($attrib) { - static $s_button_count = 100; + static $s_button_count = 100; + static $disabled_actions = null; // these commands can be called directly via url $a_static_commands = array('compose', 'list', 'preferences', 'folders', 'identities'); @@ -1148,9 +1149,14 @@ EOF; return ''; } + // try to find out the button type if ($attrib['type']) { $attrib['type'] = strtolower($attrib['type']); + if ($pos = strpos($attrib['type'], '-menuitem')) { + $attrib['type'] = substr($attrib['type'], 0, -9); + $menuitem = true; + } } else { $attrib['type'] = ($attrib['image'] || $attrib['imagepas'] || $attrib['imageact']) ? 'image' : 'link'; @@ -1158,8 +1164,21 @@ EOF; $command = $attrib['command']; - if ($attrib['task']) - $command = $attrib['task'] . '.' . $command; + if ($attrib['task']) { + $element = $command = $attrib['task'] . '.' . $command; + } + else { + $element = ($this->env['task'] ? $this->env['task'] . '.' : '') . $command; + } + + if ($disabled_actions === null) { + $disabled_actions = (array) $this->config->get('disabled_actions'); + } + + // remove buttons for disabled actions + if (in_array($element, $disabled_actions)) { + return ''; + } if (!$attrib['image']) { $attrib['image'] = $attrib['imagepas'] ? $attrib['imagepas'] : $attrib['imageact']; @@ -1292,6 +1311,11 @@ EOF; $out = html::tag($attrib['wrapper'], null, $out); } + if ($menuitem) { + $class = $attrib['menuitem-class'] ? ' class="' . $attrib['menuitem-class'] . '"' : ''; + $out = '
  • ' . $out . '
  • '; + } + return $out; } diff --git a/program/steps/mail/func.inc b/program/steps/mail/func.inc index 103d79d73..c6c0b95e6 100644 --- a/program/steps/mail/func.inc +++ b/program/steps/mail/func.inc @@ -2075,6 +2075,7 @@ function rcmail_message_import_form($attrib = array()) )); $content = html::tag('input', array('type' => 'hidden', 'name' => '_unlock', 'value' => '')) + . html::tag('input', array('type' => 'hidden', 'name' => '_framed', 'value' => '1')) . html::div(null, $fileinput->show()) . html::div('hint', $RCMAIL->gettext(array('name' => 'maxuploadsize', 'vars' => array('size' => $max_filesize)))); diff --git a/skins/classic/includes/messagetoolbar.html b/skins/classic/includes/messagetoolbar.html index 9d067fb8d..7cf7d477c 100644 --- a/skins/classic/includes/messagetoolbar.html +++ b/skins/classic/includes/messagetoolbar.html @@ -28,39 +28,39 @@
    diff --git a/skins/classic/templates/compose.html b/skins/classic/templates/compose.html index 19b22bc69..1515eeb06 100644 --- a/skins/classic/templates/compose.html +++ b/skins/classic/templates/compose.html @@ -202,8 +202,8 @@
  • -
  • -
  • + + diff --git a/skins/classic/templates/messagepreview.html b/skins/classic/templates/messagepreview.html index 82414c420..869f03f65 100644 --- a/skins/classic/templates/messagepreview.html +++ b/skins/classic/templates/messagepreview.html @@ -28,8 +28,8 @@
      -
    • -
    • + +
    diff --git a/skins/larry/includes/mailtoolbar.html b/skins/larry/includes/mailtoolbar.html index 7485a93bd..9d66763cd 100644 --- a/skins/larry/includes/mailtoolbar.html +++ b/skins/larry/includes/mailtoolbar.html @@ -21,8 +21,8 @@ @@ -30,8 +30,8 @@ @@ -39,13 +39,13 @@ @@ -53,10 +53,10 @@ diff --git a/skins/larry/templates/addressbook.html b/skins/larry/templates/addressbook.html index 424e96597..62bca3c84 100644 --- a/skins/larry/templates/addressbook.html +++ b/skins/larry/templates/addressbook.html @@ -29,8 +29,8 @@ @@ -76,10 +76,10 @@ @@ -132,8 +132,8 @@ diff --git a/skins/larry/templates/compose.html b/skins/larry/templates/compose.html index 7fa21650e..04a987f89 100644 --- a/skins/larry/templates/compose.html +++ b/skins/larry/templates/compose.html @@ -212,8 +212,8 @@ -
  • -
  • + + diff --git a/skins/larry/templates/folders.html b/skins/larry/templates/folders.html index 034f35ab3..f48169cd4 100644 --- a/skins/larry/templates/folders.html +++ b/skins/larry/templates/folders.html @@ -32,8 +32,8 @@ diff --git a/skins/larry/templates/mail.html b/skins/larry/templates/mail.html index 6da2cf6f6..2c4e0f2c5 100644 --- a/skins/larry/templates/mail.html +++ b/skins/larry/templates/mail.html @@ -157,18 +157,18 @@ @@ -176,21 +176,21 @@ diff --git a/skins/larry/templates/message.html b/skins/larry/templates/message.html index a6b4cf5d8..dde15acfb 100644 --- a/skins/larry/templates/message.html +++ b/skins/larry/templates/message.html @@ -100,8 +100,8 @@ diff --git a/skins/larry/templates/messagepreview.html b/skins/larry/templates/messagepreview.html index 03fc91505..2e3b5efd1 100644 --- a/skins/larry/templates/messagepreview.html +++ b/skins/larry/templates/messagepreview.html @@ -68,8 +68,8 @@ -- cgit v1.2.3