[horde] H5.2 & IMP 6.2.6 list user capability is "true" wrongly

Steffen skhorde at smail.inf.fh-bonn-rhein-sieg.de
Mon Jan 26 11:16:20 UTC 2015 

On Thu, 22 Jan 2015, Steffen wrote:
> On Wed, 21 Jan 2015, Steffen wrote:
>> On Wed, 21 Jan 2015, Jan Schneider wrote:
>>> Zitat von Steffen <skhorde at smail.inf.fh-bonn-rhein-sieg.de>:
>>> 
>>>> I have configured IMP as auth backend for Horde, but I have no admin user 
>>>> in the backend: "
>>>> * admin: (array) Use this if you want to enable mailbox management for
>>>> *   administrators via Horde's user administration interface. The mailbox
>>>> *   management gets enabled if you let IMP handle the Horde 
>>>> authentication
>>>> *   the 'application' authentication driver.  Your IMAP server needs to
>>>> *   support mailbox management via IMAP commands.
>>>> *
>>>> *   Do not define this value if you do not want mailbox management 
>>>> [DEFAULT].
>>>> "
>>>> 
>>>> I don't want mailbox management from Horde and till H5.1 & IMP 6.1.7 to 
>>>> create new calendars and sharing anything worked without a list of users 
>>>> .
>>>> 
>>>> Now, in webmail 5.2.4 usernames cannot be validated in the share dialogue 
>>>> in services/shares/edit.php, because $auth->hasCapability('list') returns 
>>>> true .
>>>> 
>>>> problem 1)
>>>> After upgrade from IMP 6.1.7 to 6.2.6 I cannot create new calenders no 
>>>> longer. This can be avoided by setting
>>>> $conf['auth']['list_users'] = 'input';
>>>> 
>>>> This error is thrown: "Admin access not enabled."
>>>> 
>>>> If I change in ./imp/lib/Factory/AuthImap.php:
>>>>
>>>>        $admin = 
>>>> $injector->getInstance('IMP_Factory_Imap')->create()->config->admin;
>>>>        if (!$admin) {
>>>>            //throw new IMP_Exception('Admin access not enabled.');
>>>>            $admin = array();		// TODO
>>>>        }
>>>> 
>>>> I get "Listing of users is nor supported."
>>>> 
>>>> problem 2)
>>>> sharing calendars, tasklists, notebooks and such I cannot set permission 
>>>> to other users, because the user cannot be validated, because of this 
>>>> snippet in edit.php:
>>>>
>>>>        } elseif ($auth->hasCapability('list') && 
>>>> !$auth->exists($new_owner_backend)) {
>>>>            $notification->push(sprintf(_("The user \"%s\" does not 
>>>> exist."), $new_owner_backend), 'horde.error');
>>>> 
>>>> ====
>>>> 
>>>> I patched Core/Auth/Application.php to return false always:
>>>> 
>>>>
>>>>        if($capability == "list")	//TODO
>>>>        	return false;
>>>>        return in_array(strtolower($capability), $this->_appCapabilities);
>>>> 
>>>> Now H5.2 behaves as H5.1.
>>>> 
>>>> Did the upgrade from H5.1 to H5.2 introduced a new setting controlling 
>>>> this capability? I did not found something in Horde nor Imp config.
>>> 
>>> Bug 13808
>> 
>> I can access a shared calendar via CalDAV.
>> Imp 6.2.6 seems to include the patch in comment #3.
>> 
>> The capabilities at line 142 of imp/lib/Application are good:
>> 
>> imp/Application.php _init $auth = array (#012  1 => 'authenticate',#012  3 
>> => 'transparent',#012)
>> 
>> still, in services/shares/edit.php the call $auth->hasCapability('list') 
>> returns true. Looks like
>> 
>> For testing purpose, I added the
>> if(empty($injector->getInstance('IMP_Factory_Imap')->create()->config->admin)) 
>> {
>>  $this->auth = array_diff($this->auth, array('add', 'list', 'remove'));
>> }
>> 
>> to bootstrap, too, but the problem persists.

Hmm, I reinstalled imp via PEAR, added the patch in 
http://bugs.horde.org/ticket/13808#c9 and now it works.

-- 
Steffen

More information about the horde mailing list