summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com>2015-08-13 12:04:46 +0200
committerJeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com>2015-08-13 12:04:46 +0200
commit7350f6c2bde2d6f56b4f1e42b3d7936f7d7b2cc8 (patch)
tree5ff77bb6f4cd22b5726504442095e4e98abd5513
parenta6fc1774043e4fe83f5a90e1ab58455afce47761 (diff)
downloadpykolab-7350f6c2bde2d6f56b4f1e42b3d7936f7d7b2cc8.tar.gz
Avoid using undefined variable, reject if no delegatees are specified on the target entry (#4936)
-rwxr-xr-xbin/kolab_smtp_access_policy.py24
1 files changed, 19 insertions, 5 deletions
diff --git a/bin/kolab_smtp_access_policy.py b/bin/kolab_smtp_access_policy.py
index 321f488..0b96644 100755
--- a/bin/kolab_smtp_access_policy.py
+++ b/bin/kolab_smtp_access_policy.py
@@ -580,6 +580,7 @@ class PolicyRequest(object):
Verify whether the authenticated user is a delegate of the envelope
sender.
"""
+ sender_is_delegate = False
if self.sender_domain == None:
if len(self.sender.split('@')) > 1:
@@ -646,6 +647,17 @@ class PolicyRequest(object):
self.sender_user = utils.normalize(user_attrs)
if not self.sender_user.has_key('kolabdelegate'):
+ # Got a final answer here, do the caching thing.
+ if not cache == False:
+ record_id = cache_update(
+ function='verify_sender',
+ sender=self.sender,
+ recipients=self.recipients,
+ result=(int)(False),
+ sasl_username=self.sasl_username,
+ sasl_sender=self.sasl_sender
+ )
+
reject(
_("%s is unauthorized to send on behalf of %s") % (
self.sasl_user['dn'],
@@ -674,7 +686,12 @@ class PolicyRequest(object):
sasl_sender=self.sasl_sender
)
- sender_is_delegate = False
+ reject(
+ _("%s is unauthorized to send on behalf of %s") % (
+ self.sasl_user['dn'],
+ self.sender_user['dn']
+ )
+ )
else:
# See if we can match the value of the envelope sender delegates to
@@ -703,6 +720,7 @@ class PolicyRequest(object):
'uid'
)
+
sender_delegates = self.sender_user['kolabdelegate']
if not type(sender_delegates) == list:
@@ -731,10 +749,6 @@ class PolicyRequest(object):
sender_is_delegate = True
- # If nothing matches sender_is_delegate is still None.
- if not sender_is_delegate == True:
- sender_is_delegate = False
-
return sender_is_delegate
def verify_recipient(self, recipient):