Enigma: added option to force users to use signing/encryption

roundcube · Apr 12, 2016 · 4bb44c3 · 4bb44c3
1 parent d01c06e
commit 4bb44c3
Show file tree

Hide file tree

Showing 4 changed files with 55 additions and 11 deletions.
diff --git a/CHANGELOG b/CHANGELOG
@@ -2,6 +2,7 @@ CHANGELOG Roundcube Webmail
 ===========================
 
 - Managesieve: Refactored script parser to be 100x faster
+- Enigma: added option to force users to use signing/encryption
 - Enigma: Added option to attach public keys to sent mail (#5152)
 - Enigma: Handle messages with text before an encrypted block (#5149)
 - Enigma: Handle encrypted/signed content inside message/rfc822 attachments

diff --git a/config/defaults.inc.php b/config/defaults.inc.php
@@ -688,7 +688,7 @@
 // NOTE: Use folder names with namespace prefix (INBOX. on Courier-IMAP)
 $config['trash_mbox'] = 'Trash';
 
-// automatically create the above listed default folders on first login
+// automatically create the above listed default folders on user login
 $config['create_default_folders'] = false;
 
 // protect the default folders from renames, deletes, and subscription changes

diff --git a/plugins/enigma/config.inc.php.dist b/plugins/enigma/config.inc.php.dist
@@ -45,3 +45,14 @@ $config['enigma_password_time'] = 5;
 // To solve that a hardware entropy generator or
 // an entropy gathering daemon may be installed (e.g. randomsound).
 $config['enigma_keygen_server'] = false;
+
+// With this option you can lock composing options
+// of the plugin forcing the user to use configured settings.
+// The array accepts: 'sign', 'encrypt', 'pubkey'.
+//
+// For example, to force your users to sign every email,
+// you should set:
+//     - enigma_sign_all     = true
+//     - enigma_options_lock = array('sign')
+//     - dont_override       = array('enigma_sign_all')
+$config['enigma_options_lock'] = array();
diff --git a/plugins/enigma/lib/enigma_ui.php b/plugins/enigma/lib/enigma_ui.php
@@ -717,23 +717,36 @@ private function compose_ui()
             'height'   => 32
             ), 'toolbar');
 
+        $locks = (array) $this->rc->config->get('enigma_options_lock');
         $menu  = new html_table(array('cols' => 2));
         $chbox = new html_checkbox(array('value' => 1));
 
         $menu->add(null, html::label(array('for' => 'enigmasignopt'),
             rcube::Q($this->enigma->gettext('signmsg'))));
         $menu->add(null, $chbox->show($this->rc->config->get('enigma_sign_all') ? 1 : 0,
-            array('name' => '_enigma_sign', 'id' => 'enigmasignopt')));
+                array(
+                    'name'     => '_enigma_sign',
+                    'id'       => 'enigmasignopt',
+                    'disabled' => in_array('sign', $locks),
+                )));
 
         $menu->add(null, html::label(array('for' => 'enigmaencryptopt'),
             rcube::Q($this->enigma->gettext('encryptmsg'))));
         $menu->add(null, $chbox->show($this->rc->config->get('enigma_encrypt_all') ? 1 : 0,
-            array('name' => '_enigma_encrypt', 'id' => 'enigmaencryptopt')));
+                array(
+                    'name'     => '_enigma_encrypt',
+                    'id'       => 'enigmaencryptopt',
+                    'disabled' => in_array('encrypt', $locks),
+                )));
 
         $menu->add(null, html::label(array('for' => 'enigmaattachpubkeyopt'),
             rcube::Q($this->enigma->gettext('attachpubkeymsg'))));
-        $menu->add(null, $chbox->show($this->rc->config->get('enigma_attach_pubkey') ? 1 : 0, 
-            array('name' => '_enigma_attachpubkey', 'id' => 'enigmaattachpubkeyopt')));
+        $menu->add(null, $chbox->show($this->rc->config->get('enigma_attach_pubkey') ? 1 : 0,
+                array(
+                    'name'     => '_enigma_attachpubkey',
+                    'id'       => 'enigmaattachpubkeyopt',
+                    'disabled' => in_array('pubkey', $locks),
+                )));
 
         $menu = html::div(array('id' => 'enigmamenu', 'class' => 'popupmenu'), $menu->show());
 
@@ -938,20 +951,34 @@ function message_output($p)
      */
     function message_ready($p)
     {
-        $savedraft = !empty($_POST['_draft']) && empty($_GET['_saveonly']);
+        $savedraft      = !empty($_POST['_draft']) && empty($_GET['_saveonly']);
+        $sign_enable    = (bool) rcube_utils::get_input_value('_enigma_sign', rcube_utils::INPUT_POST);
+        $encrypt_enable = (bool) rcube_utils::get_input_value('_enigma_encrypt', rcube_utils::INPUT_POST);
+        $pubkey_enable  = (bool) rcube_utils::get_input_value('_enigma_attachpubkey', rcube_utils::INPUT_POST);
+        $locks          = (array) $this->rc->config->get('enigma_options_lock');
+
+        if (in_array('sign', $locks)) {
+            $sign_enable = (bool) $this->rc->config->get('enigma_sign_all');
+        }
+        if (in_array('encrypt', $locks)) {
+            $encrypt_enable = (bool) $this->rc->config->get('enigma_encrypt_all');
+        }
+        if (in_array('pubkey', $locks)) {
+            $pubkey_enable = (bool) $this->rc->config->get('enigma_attach_pubkey');
+        }
 
-        if (!$savedraft && rcube_utils::get_input_value('_enigma_attachpubkey', rcube_utils::INPUT_POST)) {
+        if (!$savedraft && $pubkey_enable) {
             $this->enigma->load_engine();
             $this->enigma->engine->attach_public_key($p['message']);
         }
 
-        if (!$savedraft && rcube_utils::get_input_value('_enigma_sign', rcube_utils::INPUT_POST)) {
+        if (!$savedraft && $sign_enable) {
             $this->enigma->load_engine();
             $status = $this->enigma->engine->sign_message($p['message']);
             $mode   = 'sign';
         }
 
-        if ((!$status instanceof enigma_error) && rcube_utils::get_input_value('_enigma_encrypt', rcube_utils::INPUT_POST)) {
+        if ((!$status instanceof enigma_error) && $encrypt_enable) {
             $this->enigma->load_engine();
             $status = $this->enigma->engine->encrypt_message($p['message'], null, $savedraft);
             $mode   = 'encrypt';
@@ -996,6 +1023,7 @@ function message_compose($p)
         }
 
         $engine = $this->enigma->engine;
+        $locks  = (array) $this->rc->config->get('enigma_options_lock');
 
         // Decryption status
         foreach ($engine->decryptions as $status) {
@@ -1021,8 +1049,12 @@ function message_compose($p)
         }
 
         // Check sign/ecrypt options for signed/encrypted drafts
-        $this->rc->output->set_env('enigma_force_encrypt', !empty($engine->decryptions));
-        $this->rc->output->set_env('enigma_force_sign', !empty($engine->signatures));
+        if (!in_array('encrypt', $locks)) {
+            $this->rc->output->set_env('enigma_force_encrypt', !empty($engine->decryptions));
+        }
+        if (!in_array('sign', $locks)) {
+            $this->rc->output->set_env('enigma_force_sign', !empty($engine->signatures));
+        }
 
         return $p;
     }