[Rt-commit] rt branch, 4.4/crypt-minor-fixes, updated. rt-4.4.4-242-g53e13897f1
Dianne Skoll
dianne at bestpractical.com
Thu Feb 4 08:25:56 EST 2021
The branch, 4.4/crypt-minor-fixes has been updated
via 53e13897f11ac805df63f1c6d9c0a713ac9cad9e (commit)
from 8922a3f80f556c74868d366b92f860e62bc86cef (commit)
Summary of changes:
share/html/Crypt/GetSMIMECert.html | 32 +++++++++++++++++++-------------
share/html/Elements/CryptStatus | 2 +-
2 files changed, 20 insertions(+), 14 deletions(-)
- Log -----------------------------------------------------------------
commit 53e13897f11ac805df63f1c6d9c0a713ac9cad9e
Author: Dianne Skoll <dianne at bestpractical.com>
Date: Thu Feb 4 08:25:14 2021 -0500
Download S/MIME certificate by Transaction Id instead of User Id
This allows RT to restrict downloading to users who have permission
to see the transaction.
diff --git a/share/html/Crypt/GetSMIMECert.html b/share/html/Crypt/GetSMIMECert.html
index f7d6d198ff..99c9f1948b 100644
--- a/share/html/Crypt/GetSMIMECert.html
+++ b/share/html/Crypt/GetSMIMECert.html
@@ -53,26 +53,32 @@
<& /Elements/ListActions, actions => \@results &>
<%ARGS>
-$User => undef
+$TxnId => undef
$title => loc('Download S/MIME Certificate')
</%ARGS>
<%INIT>
my @results;
-if (!$User || $User !~ /^\d+$/) {
- push(@results, loc('User must be supplied to download an S/MIME certificate.'));
+if (!$TxnId || $TxnId !~ /^\d+$/) {
+ push(@results, loc('Transaction ID must be supplied to download an S/MIME certificate.'));
} else {
- my $u = RT::User->new(RT->SystemUser);
- $u->Load($User);
- if (!$u->id || !$u->SMIMECertificate) {
- push(@results, loc('Could not find S/MIME certificate for specified user'));
+ my $txn = RT::Transaction->new( $session{'CurrentUser'} );
+ my ($status, $msg) = $txn->Load($TxnId);
+ if (!$status) {
+ push(@results, $msg);
} else {
- my $name = $u->EmailAddress || $u->Name || $u->id;
- $r->content_type('application/x-x509-user-cert');
- $r->header_out('Content-Disposition' => "attachment; filename=\"$name.crt\"");
- $m->out($u->SMIMECertificate);
- $m->flush_buffer;
- $m->abort();
+ my $u = RT::User->new(RT->SystemUser);
+ $u->Load($txn->Creator);
+ if (!$u->id || !$u->SMIMECertificate) {
+ push(@results, loc('Could not find S/MIME certificate for specified user'));
+ } else {
+ my $name = $u->EmailAddress || $u->Name || $u->id;
+ $r->content_type('application/x-x509-user-cert');
+ $r->header_out('Content-Disposition' => "attachment; filename=\"$name.crt\"");
+ $m->out($u->SMIMECertificate);
+ $m->flush_buffer;
+ $m->abort();
+ }
}
}
diff --git a/share/html/Elements/CryptStatus b/share/html/Elements/CryptStatus
index a55a259e43..d39b1722c5 100644
--- a/share/html/Elements/CryptStatus
+++ b/share/html/Elements/CryptStatus
@@ -118,7 +118,7 @@ sub KeyDownloadLink {
}
} elsif ($protocol eq 'SMIME') {
if ($Message && $Message->TransactionObj && $Message->TransactionObj->Creator) {
- $txt = '<a href="' . RT->Config->Get('WebPath') . '/Crypt/GetSMIMECert.html?User=' . $Message->TransactionObj->Creator . '"> ' . loc('(Download S/MIME Certificate)') . '</a>';
+ $txt = '<a href="' . RT->Config->Get('WebPath') . '/Crypt/GetSMIMECert.html?TxnId=' . $Message->TransactionObj->Id . '"> ' . loc('(Download S/MIME Certificate)') . '</a>';
}
}
-----------------------------------------------------------------------
More information about the rt-commit
mailing list