diff --git a/CHANGELOG b/CHANGELOG
index cbe7be903..1077b34cc 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -28,6 +28,7 @@ CHANGELOG Roundcube Webmail
- Elastic: Fix keyboard navigation in some menus, e.g. the contact menu
- Elastic: Fix visual issue with long buttons in .boxwarning (#6797)
- Larry: Fix regression where menu actions didn't work with keyboard (#6740)
+- ACL: Display user/group names (from ldap) instead of acl identifier
- Password: Added ldap_exop driver (#4992)
- Managesieve: Fix bug where global includes were requested for vacation (#6716)
- Managesieve: Use RFC-compliant line endings, CRLF instead of LF (#6686)
diff --git a/plugins/acl/acl.js b/plugins/acl/acl.js
index 97975a299..67cd631cc 100644
--- a/plugins/acl/acl.js
+++ b/plugins/acl/acl.js
@@ -257,15 +257,14 @@ rcube_webmail.prototype.acl_add_row = function(o, sel)
cl = items[cl];
if (cl == 'user')
- td.addClass(cl).append($('').text(o.username));
+ td.addClass(cl).attr('title', o.title).append($('').text(o.display));
else
td.addClass(this.className + ' ' + rcmail.acl_class(o.acl, cl)).html('');
$(this).replaceWith(td);
});
- row.attr('id', 'rcmrow'+id);
- row = row.get(0);
+ row = row.attr({id: 'rcmrow' + id, 'data-userid': o.username}).get(0);
this.env.acl[id] = o.acl;
@@ -339,7 +338,7 @@ rcube_webmail.prototype.acl_init_form = function(id)
});
if (!this.env.acl_specials.length || $.inArray(id, this.env.acl_specials) < 0)
- val = $('td.user', row).text();
+ val = $(row).data('userid');
else
type = id;
}
diff --git a/plugins/acl/acl.php b/plugins/acl/acl.php
index 73a0fdacb..a7e43369d 100644
--- a/plugins/acl/acl.php
+++ b/plugins/acl/acl.php
@@ -407,10 +407,10 @@ class acl extends rcube_plugin
}
else {
$items = array(
- 'read' => 'lrs',
- 'write' => 'wi',
+ 'read' => 'lrs',
+ 'write' => 'wi',
'delete' => $deleteright,
- 'other' => preg_replace('/[lrswi'.$deleteright.']/', '', implode($supported)),
+ 'other' => preg_replace('/[lrswi'.$deleteright.']/', '', implode($supported)),
);
// give plugins the opportunity to adjust this list
@@ -438,14 +438,19 @@ class acl extends rcube_plugin
// filter out virtual rights (c or d) the server may return
$userrights = array_intersect($rights, $supported);
- $userid = rcube_utils::html_identifier($user);
+ $userid = rcube_utils::html_identifier($user);
+ $title = null;
if (!empty($this->specials) && in_array($user, $this->specials)) {
- $user = $this->gettext($user);
+ $username = $this->gettext($user);
+ }
+ else {
+ $username = $this->resolve_acl_identifier($user, $title);
}
- $table->add_row(array('id' => 'rcmrow'.$userid));
- $table->add('user', html::a(array('id' => 'rcmlinkrow'.$userid), rcube::Q($user)));
+ $table->add_row(array('id' => 'rcmrow' . $userid, 'data-userid' => $user));
+ $table->add(array('class' => 'user text-nowrap', 'title' => $title),
+ html::a(array('id' => 'rcmlinkrow' . $userid), rcube::Q($username)));
foreach ($items as $key => $right) {
$in = $this->acl_compare($userrights, $right);
@@ -515,9 +520,15 @@ class acl extends rcube_plugin
if ($user != $_SESSION['username'] && $username != $_SESSION['username']) {
if ($this->rc->storage->set_acl($mbox, $user, $acl)) {
- $ret = array('id' => rcube_utils::html_identifier($user),
- 'username' => $username, 'acl' => implode($acl), 'old' => $oldid);
- $this->rc->output->command('acl_update', $ret);
+ $display = $this->resolve_acl_identifier($username, $title);
+ $this->rc->output->command('acl_update', array(
+ 'id' => rcube_utils::html_identifier($user),
+ 'username' => $username,
+ 'title' => $title,
+ 'display' => $display,
+ 'acl' => implode($acl),
+ 'old' => $oldid
+ ));
$result++;
}
}
@@ -608,8 +619,9 @@ class acl extends rcube_plugin
}
}
- if (count($list) == count($supported))
+ if (count($list) == count($supported)) {
return rcube::Q($this->gettext('aclfull'));
+ }
return html::tag('ul', $attrib, implode("\n", $list));
}
@@ -636,12 +648,15 @@ class acl extends rcube_plugin
$cnt1 = count($res);
$cnt2 = count($acl2);
- if ($cnt1 == $cnt2)
+ if ($cnt1 == $cnt2) {
return 2;
- else if ($cnt1)
+ }
+
+ if ($cnt1) {
return 1;
- else
- return 0;
+ }
+
+ return 0;
}
/**
@@ -787,4 +802,51 @@ class acl extends rcube_plugin
return $user;
}
+
+ /**
+ * Resolve acl identifier to user/group name
+ */
+ protected function resolve_acl_identifier($id, &$title = null)
+ {
+ if ($this->init_ldap()) {
+ $groups = $this->rc->config->get('acl_groups');
+ $prefix = $this->rc->config->get('acl_group_prefix');
+ $group_field = $this->rc->config->get('acl_group_field', 'name');
+
+ // Unfortunately this works only if group_field=name,
+ // list_groups() allows searching by group name only
+ if ($groups && $prefix && $group_field === 'name' && strpos($id, $prefix) === 0) {
+ $gid = substr($id, strlen($prefix));
+ $result = $this->ldap->list_groups($gid, rcube_addressbook::SEARCH_STRICT);
+
+ if (count($result) === 1 && ($record = $result[0])) {
+ if ($record[$group_field] === $gid) {
+ $display = $record['name'];
+ if ($display != $gid) {
+ $title = sprintf('%s (%s)', $display, $gid);
+ }
+
+ return $display;
+ }
+ }
+
+ return $id;
+ }
+
+ $this->ldap->set_pagesize('2');
+ // Note: 'uid' works here because we overwrite fieldmap in init_ldap() above
+ $result = $this->ldap->search('uid', $id, rcube_addressbook::SEARCH_STRICT);
+
+ if ($result->count === 1 && ($record = $result->first())) {
+ if ($record['uid'] === $id) {
+ $title = rcube_addressbook::compose_search_name($record);
+ $display = rcube_addressbook::compose_list_name($record);
+
+ return $display;
+ }
+ }
+ }
+
+ return $id;
+ }
}
diff --git a/plugins/acl/composer.json b/plugins/acl/composer.json
index a51cce323..7b80e4eaf 100644
--- a/plugins/acl/composer.json
+++ b/plugins/acl/composer.json
@@ -3,7 +3,7 @@
"type": "roundcube-plugin",
"description": "IMAP Folders Access Control Lists Management (RFC4314, RFC2086).",
"license": "GPLv3+",
- "version": "1.7",
+ "version": "1.8",
"authors": [
{
"name": "Aleksander Machniak",