Merge remote-tracking branch 'remotes/origin/develop' into configImportExport

lam-packaging/debian/changelog

@@ -1,3 +1,9 @@
+ldap-account-manager (7.2.RC1-1) unstable; urgency=medium
+
+  * new upstream release
+
+ -- Roland Gruber <post@rolandgruber.de>  Wed, 22 Apr 2020 20:12:31 +0200
+
 ldap-account-manager (7.1-1) unstable; urgency=medium
 
   * new upstream release

lam-packaging/docker/Dockerfile

@@ -29,7 +29,7 @@
 FROM debian:buster-slim
 LABEL maintainer="Roland Gruber <post@rolandgruber.de>"
 
-ARG LAM_RELEASE=7.1
+ARG LAM_RELEASE=7.2.RC1
 EXPOSE 80
 
 ENV \

lam-packaging/docker/docker-compose.yml

@@ -4,7 +4,7 @@ services:
     build:
       context: .
       args:
-       - LAM_RELEASE=7.1
+       - LAM_RELEASE=7.2.RC1
     image: ldapaccountmanager/lam:latest
     restart: unless-stopped
     ports:

lam/HISTORY

@@ -3,6 +3,9 @@ June 2020 7.2
   - LAM Pro:
    -> EMail sending can be done via SMTP without local mail server
    -> License expiration warning can be sent via email or disabled
+  - Fixed bugs:
+   -> Captcha don't show anymore in Self Service login page (213)
+   -> Unix memberships cannot be changed. This issue can also affect other membership relations.
 
 
 17.03.2020 7.1

lam/VERSION

@@ -1 +1 @@
-7.2.DEV
+7.2.RC1

lam/help/help.inc

@@ -238,9 +238,9 @@ $helpArray = array (
 				'287' => array ("Headline" => _('Licence'),
 					"Text" => _('Please enter your licence key.')),
 				'288' => array ("Headline" => _('Expiration warning'),
-					"Text" => _('Please select how to be warned before your license expires.')),
+					"Text" => _('Please select how to be warned before your licence expires.')),
 				'289' => array ("Headline" => _('From address'),
-					"Text" => _('This email address will be set as sender address of all mails.')),
+					"Text" => _('This email address will be set as sender address of the mails.')),
 				'290' => array ("Headline" => _('TO address'),
 					"Text" => _('This email address will be set as TO address for the mails.')),
 				// 300 - 399
@@ -388,7 +388,7 @@ $helpArray = array (
 				// jobs
 				'800' => array(
 					"Headline" => _('From address'),
-					"Text" => _('This email address will be set as sender address of all mails.')
+					"Text" => _('This email address will be set as sender address of the mails.')
 				),
 				'801' => array(
 					"Headline" => _('Reply-to address'),

lam/lib/account.inc

@@ -756,7 +756,7 @@ function searchLDAPByAttribute($name, $value, $objectClass, $attributes, $scopes
 	$filter = '';
 	$filterParts = array();
 	if ($name != null) {
-		$filterParts[] = '(' . $name . '=' . ldap_escape($value) . ')';
+		$filterParts[] = '(' . $name . '=' . ldap_escape($value, '*', LDAP_ESCAPE_FILTER) . ')';
 	}
 	if ($objectClass != null) {
 		$filterParts[] = '(objectClass=' . $objectClass . ')';

lam/lib/modules/quota.inc

@@ -599,6 +599,9 @@ class quota extends baseModule {
 				}
 				$dirs = explode(":", $quotas);
 				array_pop($dirs); // remove empty element at the end
+				if (empty($dirs)) {
+					continue;
+				}
 				for ($i = 0; $i < sizeof($dirs); $i++) {
 					if (strpos($dirs[$i], self::$QUOTA_PREFIX) !== 0) {
 						unset($dirs[$i]);
@@ -660,41 +663,40 @@ class quota extends baseModule {
 			$remote->disconnect();
 			$dirs = explode(":", $quotas);
 			array_pop($dirs); // remove empty element at the end
-			for ($i = 0; $i < sizeof($dirs); $i++) {
-				if (strpos($dirs[$i], self::$QUOTA_PREFIX) !== 0) {
-					unset($dirs[$i]);
-					$i--;
+			if (empty($dirs)) {
+				continue;
+			}
+			$quotaDirs = array();
+			foreach ($dirs as $dirString) {
+				if (strpos($dirString, self::$QUOTA_PREFIX) !== 0) {
 					continue;
 				}
-				$dirs[$i] = substr($dirs[$i], strlen(self::$QUOTA_PREFIX));
-				$dirs[$i] = explode(",", $dirs[$i]);
-				$dirs[$i] = $dirs[$i][0];
+				$dirData = explode(",", substr($dirString, strlen(self::$QUOTA_PREFIX)));
+				$quotaDirs[] = $dirData[0];
 			}
-			$dirs = array_values($dirs);
-			for ($i = 0; $i < sizeof($dirs); $i++) {
-				if (!empty($options["quota_softblock_" . $id . "_" . $dirs[$i]][0]) && !get_preg($options["quota_softblock_" . $id . "_" . $dirs[$i]][0], 'quotaNumber')) {
+			foreach ($quotaDirs as $dirName) {
+				if (!empty($options["quota_softblock_" . $id . "_" . $dirName][0]) && !get_preg($options["quota_softblock_" . $id . "_" . $dirName][0], 'quotaNumber')) {
 					$return[] = $this->messages['softblock'][0];
 				}
-				if (!empty($options["quota_hardblock_" . $id . "_" . $dirs[$i]][0]) && !get_preg($options["quota_hardblock_" . $id . "_" . $dirs[$i]][0], 'quotaNumber')) {
+				if (!empty($options["quota_hardblock_" . $id . "_" . $dirName][0]) && !get_preg($options["quota_hardblock_" . $id . "_" . $dirName][0], 'quotaNumber')) {
 					$return[] = $this->messages['hardblock'][0];
 				}
-				if (!empty($options["quota_softinode_" . $id . "_" . $dirs[$i]][0]) && !get_preg($options["quota_softinode_" . $id . "_" . $dirs[$i]][0], 'quotaNumber')) {
+				if (!empty($options["quota_softinode_" . $id . "_" . $dirName][0]) && !get_preg($options["quota_softinode_" . $id . "_" . $dirName][0], 'quotaNumber')) {
 					$return[] = $this->messages['softinode'][0];
 				}
-				if (!empty($options["quota_hardinode_" . $id . "_" . $dirs[$i]][0]) && !get_preg($options["quota_hardinode_" . $id . "_" . $dirs[$i]][0], 'quotaNumber')) {
+				if (!empty($options["quota_hardinode_" . $id . "_" . $dirName][0]) && !get_preg($options["quota_hardinode_" . $id . "_" . $dirName][0], 'quotaNumber')) {
 					$return[] = $this->messages['hardinode'][0];
 				}
-				if (!empty($options["quota_softblock_" . $id . "_" . $dirs[$i]][0])
-					&& !empty($options["quota_hardblock_" . $id . "_" . $dirs[$i]][0])
-					&& ($this->getQuotaNumber($options["quota_softblock_" . $id . "_" . $dirs[$i]][0]) > $this->getQuotaNumber($options["quota_hardblock_" . $id . "_" . $dirs[$i]][0]))) {
+				if (!empty($options["quota_softblock_" . $id . "_" . $dirName][0])
+					&& !empty($options["quota_hardblock_" . $id . "_" . $dirName][0])
+					&& ($this->getQuotaNumber($options["quota_softblock_" . $id . "_" . $dirName][0]) > $this->getQuotaNumber($options["quota_hardblock_" . $id . "_" . $dirName][0]))) {
 					$return[] = $this->messages['block_cmp'][0];
 				}
-				if (!empty($options["quota_softinode_" . $id . "_" . $dirs[$i]][0])
-					&& !empty($options["quota_hardinode_" . $id . "_" . $dirs[$i]][0])
-					&& ($this->getQuotaNumber($options["quota_softinode_" . $id . "_" . $dirs[$i]][0]) > $this->getQuotaNumber($options["quota_hardinode_" . $id . "_" . $dirs[$i]][0]))) {
+				if (!empty($options["quota_softinode_" . $id . "_" . $dirName][0])
+					&& !empty($options["quota_hardinode_" . $id . "_" . $dirName][0])
+					&& ($this->getQuotaNumber($options["quota_softinode_" . $id . "_" . $dirName][0]) > $this->getQuotaNumber($options["quota_hardinode_" . $id . "_" . $dirName][0]))) {
 					$return[] = $this->messages['inode_cmp'][0];
 				}
-				$i++;
 			}
 		}
 		return $return;

lam/lib/security.inc

@@ -687,7 +687,7 @@ function getSecurityTokenValue() {
 function setLAMHeaders() {
 	if (!headers_sent()) {
 		header('X-Frame-Options: sameorigin');
-		header('Content-Security-Policy: frame-ancestors \'self\'; form-action \'self\'; base-uri \'none\'; object-src \'none\'; frame-src \'self\' https://*.duosecurity.com; worker-src \'self\'');
+		header('Content-Security-Policy: frame-ancestors \'self\'; form-action \'self\'; base-uri \'none\'; object-src \'none\'; frame-src \'self\' https://*.duosecurity.com https://www.google.com/recaptcha/; worker-src \'self\'');
 		header('X-Content-Type-Options: nosniff');
 		header('X-XSS-Protection: 1; mode=block');
 		header("Feature-Policy: ambient-light-sensor 'none'; autoplay 'none'; accelerometer 'none'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'self'; usb 'none'; vr 'none'");

lam/style/500_layout.css

@@ -287,6 +287,11 @@ table.collapse {
 
 .rightToLeftText {
 	text-align: right;
+	text-align-last: right;
+}
+
+.rightToLeftText option {
+	direction: rtl;
 }
 
 .text-left {

lam/templates/config/mainmanage.php

@@ -111,11 +111,11 @@ if (isset($_POST['submitFormData'])) {
 		$cfg->licenseEmailTo = $_POST['licenseEmailTo'];
 		if ((($cfg->licenseWarningType === LAMCfgMain::LICENSE_WARNING_EMAIL) || ($cfg->licenseWarningType === LAMCfgMain::LICENSE_WARNING_ALL))
             && !get_preg($cfg->licenseEmailFrom, 'email')) {
-		    $errors[] = _('License') . ': ' . _('From address') . ' - ' . _('Please enter a valid email address!');
+		    $errors[] = _('Licence') . ': ' . _('From address') . ' - ' . _('Please enter a valid email address!');
         }
 		if ((($cfg->licenseWarningType === LAMCfgMain::LICENSE_WARNING_EMAIL) || ($cfg->licenseWarningType === LAMCfgMain::LICENSE_WARNING_ALL))
 			&& !get_preg($cfg->licenseEmailTo, 'email')) {
-			$errors[] = _('License') . ': ' . _('TO address') . ' - ' . _('Please enter a valid email address!');
+			$errors[] = _('Licence') . ': ' . _('TO address') . ' - ' . _('Please enter a valid email address!');
 		}
 	}
 	// set session timeout