Ajout du support de liste blanche de groupes

root/etc/e-smith/templates/usr/share/mozilla-mcd/conf.php/10All

@@ -7,12 +7,11 @@ my $ldapbase = esmith::util::ldapBase ($DomainName);
 my $tbpref = ((${'mozilla-mcd'}{'TBEnforce'} || 'disabled') =~ m/^enabled|on|1|yes$/) ? "lockPref":"defaultPref";
 my $ffpref = ((${'mozilla-mcd'}{'FFEnforce'} || 'disabled') =~ m/^enabled|on|1|yes$/) ? "lockPref":"defaultPref";
 my $url = ${'mozilla-mcd'}{'HomeURL'} || 'https://auth.' . "$DomainName";
-my $noenforcegroups = ${'mozilla-mcd'}{'NoEnforceGroups'} || '';
-# Format as a PHP array
-$noenforcegroups =~ s/^,+|,+$//g;
-$noenforcegroups =~ s/^/'/g;
-$noenforcegroups =~ s/$/'/g;
-$noenforcegroups =~ s/[;,]/','/g;
+my @noenforcegroups = split( /[;,]/, (${'mozilla-mcd'}{'NoEnforceGroups'} || '') );
+my @wlgroups = split( /[;,]/, (${'mozilla-mcd'}{'WhiteListGroups'} || '') );
+
+my $noenforcegroups = join (',', @noenforcegroups);
+my $wlgroups = join (',', @wlgroups);
 
 $OUT .=<<"EOF";
 
@@ -27,6 +26,7 @@ define('TB_PREF', '$tbpref');
 define('FF_PREF', '$ffpref');
 define('HOME_URL', '$url');
 \$NOENFORCEGROUPS = array($noenforcegroups);
+\$WHITELISTGROUPS = array($wlgroups);
 
 EOF
 

root/usr/share/mozilla-mcd/thunderbird.php

@@ -41,6 +41,20 @@ if(isset($_SERVER['QUERY_STRING']) && preg_match('/^.+@' . DOMAIN . '$/', $_SERV
             break;
         }
     }
+    // Stop here if the user is not part of the whitelist groups
+    if (count($WHITELISTGROUPS) > 0){
+        $conf = 0;
+        foreach ($user[0]['posixmemberof'] as $group){
+            if (in_array($group, $WHITELISTGROUPS)){
+                $conf = 1;
+                break;
+            }
+        }
+        if ($conf != 1){
+            header("HTTP/1.1 403 Forbidden");
+            exit;
+        }
+    }
 }
 else {
     // We've not received a valid email address