|
Hylafax Mailing List Archives
|
[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
Re: [hylafax-users] See all fax sent
* hylafax-users-bounce@hylafax.org <hylafax-users-bounce@hylafax.org> [030708 09:30]:
> My problem with Cypheus and Hylafax is that every user can see all fax sent by
> himself and by any other user,
> is it possible to set that each user is able to see only his own fax?
I think there's two ways to accomplish what you're trying to do:
1. Implement Cypheus's MySQL-based "Fax Information Center", and create
users, groups and permissions or
2. Experiment with the attached patch, developed by iFax Solutions as a
quick proof-of-concept for something we were working on, which might get
you part of the way there. All it does is tighten up the current
permisions scheme, making it neccessary to be the owner (or admin) of a
job to see/modify it. Note that you will need to properly be setting
up your user authentication stuff (etc/hosts.hfaxd).
If you do decide to try 2) please bear in mind that the work is
experimental, and not likely to be appropriate to all HylaFAX users and
probably never find its way into the mainstream distribution.
And I have no idea if it even still applies to current hylafax. And
it's tests were minimal (i.e. I did one check to see if I could see
other's faxes). Use at your own blah, blah, blah...
diff -Nrub hylafax-orig/hfaxd/Jobs.c++ HF-scratch/hfaxd/Jobs.c++
--- hylafax-orig/hfaxd/Jobs.c++ Sat Feb 8 17:32:32 2003
+++ HF-scratch/hfaxd/Jobs.c++ Fri Jul 4 20:49:28 2003
@@ -93,57 +93,57 @@
Token t;
u_int protect; // read+write protection
} params[] = {
- { T_BEGBR, A_RUSR|A_WUSR|A_RADM|A_WADM|A_ROTH },
- { T_BEGST, A_RUSR|A_WUSR|A_RADM|A_WADM|A_ROTH },
- { T_CHOPTHRESH, A_RUSR|A_WUSR|A_RADM|A_WADM|A_ROTH },
- { T_CLIENT, A_RUSR|A_RADM|A_WADM|A_ROTH },
- { T_COMMID, A_RUSR|A_RADM|A_ROTH },
- { T_COVER, A_RUSR|A_WUSR|A_RADM|A_WADM|A_ROTH },
- { T_DATAFORMAT, A_RUSR|A_WUSR|A_RADM|A_WADM|A_ROTH },
+ { T_BEGBR, A_RUSR|A_WUSR|A_RADM|A_WADM },
+ { T_BEGST, A_RUSR|A_WUSR|A_RADM|A_WADM },
+ { T_CHOPTHRESH, A_RUSR|A_WUSR|A_RADM|A_WADM },
+ { T_CLIENT, A_RUSR|A_RADM|A_WADM },
+ { T_COMMID, A_RUSR|A_RADM },
+ { T_COVER, A_RUSR|A_WUSR|A_RADM|A_WADM },
+ { T_DATAFORMAT, A_RUSR|A_WUSR|A_RADM|A_WADM },
{ T_DIALSTRING, A_RUSR|A_WUSR|A_RADM|A_WADM },
- { T_DOCUMENT, A_RUSR|A_WUSR|A_RADM|A_WADM|A_ROTH },
- { T_DONEOP, A_RUSR|A_WUSR|A_RADM|A_WADM|A_ROTH },
- { T_EXTERNAL, A_RUSR|A_WUSR|A_RADM|A_WADM|A_ROTH },
- { T_FROM_USER, A_RUSR|A_WUSR|A_RADM|A_WADM|A_ROTH },
- { T_GROUPID, A_RUSR|A_RADM|A_ROTH },
- { T_JOBID, A_RUSR|A_RADM|A_ROTH },
- { T_JOBINFO, A_RUSR|A_WUSR|A_RADM|A_WADM|A_ROTH },
- { T_JOBTYPE, A_RUSR|A_RADM|A_ROTH },
- { T_LASTTIME, A_RUSR|A_MUSR|A_RADM|A_WADM|A_ROTH },
- { T_MAXDIALS, A_RUSR|A_MUSR|A_RADM|A_WADM|A_ROTH },
- { T_MAXPAGES, A_RUSR|A_MUSR|A_RADM|A_WADM|A_ROTH },
- { T_MAXTRIES, A_RUSR|A_MUSR|A_RADM|A_WADM|A_ROTH },
- { T_MINBR, A_RUSR|A_WUSR|A_RADM|A_WADM|A_ROTH },
- { T_MODEM, A_RUSR|A_WUSR|A_RADM|A_WADM|A_ROTH },
- { T_OWNER, A_RUSR|A_RADM|A_WADM|A_ROTH },
- { T_NDIALS, A_RUSR|A_RADM|A_ROTH },
- { T_NOTIFY, A_RUSR|A_WUSR|A_RADM|A_WADM|A_ROTH },
- { T_NOTIFYADDR, A_RUSR|A_WUSR|A_RADM|A_WADM|A_ROTH },
- { T_NPAGES, A_RUSR|A_RADM|A_ROTH },
- { T_NTRIES, A_RUSR|A_RADM|A_ROTH },
- { T_PAGECHOP, A_RUSR|A_WUSR|A_RADM|A_WADM|A_ROTH },
- { T_PAGELENGTH, A_RUSR|A_WUSR|A_RADM|A_WADM|A_ROTH },
- { T_PAGEWIDTH, A_RUSR|A_WUSR|A_RADM|A_WADM|A_ROTH },
+ { T_DOCUMENT, A_RUSR|A_WUSR|A_RADM|A_WADM },
+ { T_DONEOP, A_RUSR|A_WUSR|A_RADM|A_WADM },
+ { T_EXTERNAL, A_RUSR|A_WUSR|A_RADM|A_WADM },
+ { T_FROM_USER, A_RUSR|A_WUSR|A_RADM|A_WADM },
+ { T_GROUPID, A_RUSR|A_RADM },
+ { T_JOBID, A_RUSR|A_RADM },
+ { T_JOBINFO, A_RUSR|A_WUSR|A_RADM|A_WADM },
+ { T_JOBTYPE, A_RUSR|A_RADM },
+ { T_LASTTIME, A_RUSR|A_MUSR|A_RADM|A_WADM },
+ { T_MAXDIALS, A_RUSR|A_MUSR|A_RADM|A_WADM },
+ { T_MAXPAGES, A_RUSR|A_MUSR|A_RADM|A_WADM },
+ { T_MAXTRIES, A_RUSR|A_MUSR|A_RADM|A_WADM },
+ { T_MINBR, A_RUSR|A_WUSR|A_RADM|A_WADM },
+ { T_MODEM, A_RUSR|A_WUSR|A_RADM|A_WADM },
+ { T_OWNER, A_RUSR|A_RADM|A_WADM },
+ { T_NDIALS, A_RUSR|A_RADM },
+ { T_NOTIFY, A_RUSR|A_WUSR|A_RADM|A_WADM },
+ { T_NOTIFYADDR, A_RUSR|A_WUSR|A_RADM|A_WADM },
+ { T_NPAGES, A_RUSR|A_RADM },
+ { T_NTRIES, A_RUSR|A_RADM },
+ { T_PAGECHOP, A_RUSR|A_WUSR|A_RADM|A_WADM },
+ { T_PAGELENGTH, A_RUSR|A_WUSR|A_RADM|A_WADM },
+ { T_PAGEWIDTH, A_RUSR|A_WUSR|A_RADM|A_WADM },
{ T_PASSWD, A_RUSR|A_WUSR|A_RADM|A_WADM },
- { T_POLL, A_RUSR|A_WUSR|A_RADM|A_WADM|A_ROTH },
- { T_RETRYTIME, A_RUSR|A_MUSR|A_RADM|A_WADM|A_ROTH },
- { T_SCHEDPRI, A_RUSR|A_MUSR|A_RADM|A_WADM|A_ROTH },
- { T_SENDTIME, A_RUSR|A_WUSR|A_RADM|A_WADM|A_ROTH },
- { T_STATE, A_RUSR|A_RADM|A_ROTH },
- { T_STATUS, A_RUSR|A_RADM|A_WADM|A_ROTH },
- { T_SUBADDR, A_RUSR|A_WUSR|A_RADM|A_WADM|A_ROTH },
- { T_TAGLINE, A_RUSR|A_WUSR|A_RADM|A_WADM|A_ROTH },
- { T_TOTDIALS, A_RUSR|A_RADM|A_ROTH },
- { T_TOTPAGES, A_RUSR|A_RADM|A_ROTH },
- { T_TOTTRIES, A_RUSR|A_RADM|A_ROTH },
- { T_TO_COMPANY, A_RUSR|A_WUSR|A_RADM|A_WADM|A_ROTH },
- { T_TO_LOCATION, A_RUSR|A_WUSR|A_RADM|A_WADM|A_ROTH },
- { T_TO_USER, A_RUSR|A_WUSR|A_RADM|A_WADM|A_ROTH },
- { T_USE_CONTCOVER, A_RUSR|A_RADM|A_WADM|A_ROTH },
- { T_USE_ECM, A_RUSR|A_WUSR|A_RADM|A_WADM|A_ROTH },
- { T_USE_TAGLINE, A_RUSR|A_WUSR|A_RADM|A_WADM|A_ROTH },
- { T_USRKEY, A_RUSR|A_WUSR|A_RADM|A_WADM|A_ROTH },
- { T_VRES, A_RUSR|A_WUSR|A_RADM|A_WADM|A_ROTH },
+ { T_POLL, A_RUSR|A_WUSR|A_RADM|A_WADM },
+ { T_RETRYTIME, A_RUSR|A_MUSR|A_RADM|A_WADM },
+ { T_SCHEDPRI, A_RUSR|A_MUSR|A_RADM|A_WADM },
+ { T_SENDTIME, A_RUSR|A_WUSR|A_RADM|A_WADM },
+ { T_STATE, A_RUSR|A_RADM },
+ { T_STATUS, A_RUSR|A_RADM|A_WADM },
+ { T_SUBADDR, A_RUSR|A_WUSR|A_RADM|A_WADM },
+ { T_TAGLINE, A_RUSR|A_WUSR|A_RADM|A_WADM },
+ { T_TOTDIALS, A_RUSR|A_RADM },
+ { T_TOTPAGES, A_RUSR|A_RADM },
+ { T_TOTTRIES, A_RUSR|A_RADM },
+ { T_TO_COMPANY, A_RUSR|A_WUSR|A_RADM|A_WADM },
+ { T_TO_LOCATION, A_RUSR|A_WUSR|A_RADM|A_WADM },
+ { T_TO_USER, A_RUSR|A_WUSR|A_RADM|A_WADM },
+ { T_USE_CONTCOVER, A_RUSR|A_RADM|A_WADM },
+ { T_USE_ECM, A_RUSR|A_WUSR|A_RADM|A_WADM },
+ { T_USE_TAGLINE, A_RUSR|A_WUSR|A_RADM|A_WADM },
+ { T_USRKEY, A_RUSR|A_WUSR|A_RADM|A_WADM },
+ { T_VRES, A_RUSR|A_WUSR|A_RADM|A_WADM },
{ T_NIL, 0 },
};
@@ -1623,7 +1623,6 @@
* implies read access to anything else in the
* job state that is protected.
*/
- bool haveAccess = checkAccess(job, T_DIALSTRING, A_READ);
for (const char* cp = fmt; *cp; cp++) {
if (*cp == '%') {
#define MAXSPEC 20
@@ -1654,167 +1653,322 @@
fp[1] = '\0';
switch (c) {
case 'A':
+ if (checkAccess(job, T_SUBADDR, A_READ) )
fprintf(fd, fspec, (const char*) job.subaddr);
+ else
+ fprintf(fd, fspec, "");
break;
case 'B':
- fprintf(fd, fspec, haveAccess ? (const char*) job.passwd : "");
+ if (checkAccess(job, T_PASSWD, A_READ) )
+ fprintf(fd, fspec, (const char*) job.passwd);
+ else
+ fprintf(fd, fspec, "");
break;
case 'C':
+ if (checkAccess(job, T_TO_COMPANY, A_READ) )
fprintf(fd, fspec, (const char*) job.company);
+ else
+ fprintf(fd, fspec, "");
break;
case 'D':
+ if (checkAccess(job, T_TOTDIALS, A_READ) )
fprintf(fd, fspec, (const char*)fxStr::format("%2u:%-2u", job.totdials, job.maxdials));
+ else
+ fprintf(fd, fspec, 0);
break;
case 'E':
+ if (checkAccess(job, T_BEGBR, A_READ) )
fprintf(fd, fspec, job.desiredbr);
+ else
+ fprintf(fd, fspec, 0);
break;
case 'F':
+ if (checkAccess(job, T_TAGLINE, A_READ) )
fprintf(fd, fspec, (const char*) job.tagline);
+ else
+ fprintf(fd, fspec, "");
break;
case 'G':
+ if (checkAccess(job, T_BEGST, A_READ) )
fprintf(fd, fspec, job.desiredst);
+ else
+ fprintf(fd, fspec, 0);
break;
case 'H':
+ if (checkAccess(job, T_DATAFORMAT, A_READ) )
fprintf(fd, fspec, job.desireddf);
+ else
+ fprintf(fd, fspec, "");
break;
case 'I':
+ if (checkAccess(job, T_SCHEDPRI, A_READ) )
fprintf(fd, fspec, job.usrpri);
+ else
+ fprintf(fd, fspec, 0);
break;
case 'J':
+ if (checkAccess(job, T_USRKEY, A_READ) )
fprintf(fd, fspec, (const char*) job.jobtag);
+ else
+ fprintf(fd, fspec, "");
break;
case 'K':
+ if (checkAccess(job, T_USE_ECM, A_READ) )
fprintf(fd, fspec, "D HF"[job.desiredec]);
+ else
+ fprintf(fd, fspec, '?');
break;
case 'L':
+ if (checkAccess(job, T_TO_LOCATION, A_READ) )
fprintf(fd, fspec, (const char*) job.location);
+ else
+ fprintf(fd, fspec, "");
break;
case 'M':
+ if (checkAccess(job, T_NOTIFYADDR, A_READ) )
fprintf(fd, fspec, (const char*) job.mailaddr);
+ else
+ fprintf(fd, fspec, "");
break;
case 'N':
+ if (checkAccess(job, T_TAGLINE, A_READ) )
fprintf(fd, fspec, " P"[job.desiredtl]);
+ else
+ fprintf(fd, fspec, '?');
break;
case 'O':
+ if (checkAccess(job, T_USE_CONTCOVER, A_READ) )
fprintf(fd, fspec, "N "[job.useccover]);
+ else
+ fprintf(fd, fspec, '?');
break;
case 'P':
+ if (checkAccess(job, T_NPAGES, A_READ) )
fprintf(fd, fspec, (const char*)fxStr::format("%2u:%-2u", job.npages, job.totpages));
+ else
+ fprintf(fd, fspec, 0);
break;
case 'Q':
+ if (checkAccess(job, T_MINBR, A_READ) )
fprintf(fd, fspec, job.minsp);
+ else
+ fprintf(fd, fspec, 0);
break;
case 'R':
+ if (checkAccess(job, T_TO_USER, A_READ) )
fprintf(fd, fspec, (const char*) job.receiver);
+ else
+ fprintf(fd, fspec, "");
break;
case 'S':
+ if (checkAccess(job, T_FROM_USER, A_READ) )
fprintf(fd, fspec, (const char*) job.sender);
+ else
+ fprintf(fd, fspec, "");
break;
case 'T':
+ if (checkAccess(job, T_MAXTRIES, A_READ) )
fprintf(fd, fspec, (const char*)fxStr::format("%2u:%-2u", job.tottries, job.maxtries));
+ else
+ fprintf(fd, fspec, 0);
break;
case 'U':
+ if (checkAccess(job, T_CHOPTHRESH, A_READ) )
fprintf(fd, fspec, (const char*)fxStr::format("%.1f", job.chopthreshold));
+ else
+ fprintf(fd, fspec, "");
break;
case 'V':
+ if (checkAccess(job, T_DONEOP, A_READ) )
fprintf(fd, fspec, (const char*) job.doneop);
+ else
+ fprintf(fd, fspec, "");
break;
case 'W':
+ if (checkAccess(job, T_COMMID, A_READ) )
fprintf(fd, fspec, (const char*) job.commid);
+ else
+ fprintf(fd, fspec, "");
break;
case 'X':
+ if (checkAccess(job, T_JOBTYPE, A_READ) )
fprintf(fd, fspec, toupper(job.jobtype[0]));
+ else
+ fprintf(fd, fspec, '?');
break;
#if OLDPROTO_SUPPORT
case 'Y':
- { char buf[30]; // XXX HP C++
+ if (checkAccess(job, T_SENDTIME, A_READ) )
+ {
+ char buf[30]; // XXX HP C++
strftime(buf, sizeof (buf), "%Y/%m/%d %H.%M.%S",
localtime(&job.tts));
fprintf(fd, fspec, buf);
- }
+ } else
+ fprintf(fd, fspec, "");
break;
case 'Z':
+ if (checkAccess(job, T_SENDTIME, A_READ) )
fprintf(fd, fspec, job.tts);
+ else
+ fprintf(fd, fspec, "");
break;
#endif /* OLDPROTO_SUPPORT */
case 'a':
+ if (checkAccess(job, T_STATE, A_READ) )
fprintf(fd, fspec, "?TPSBWRDF"[job.state]);
+ else
+ fprintf(fd, fspec, '?');
break;
case 'b':
+ if (checkAccess(job, T_NTRIES, A_READ) )
fprintf(fd, fspec, job.ntries);
+ else
+ fprintf(fd, fspec, 0);
break;
case 'c':
+ if (checkAccess(job, T_CLIENT, A_READ) )
fprintf(fd, fspec, (const char*) job.client);
+ else
+ fprintf(fd, fspec, "");
break;
case 'd':
+ if (checkAccess(job, T_TOTDIALS, A_READ) )
fprintf(fd, fspec, job.totdials);
+ else
+ fprintf(fd, fspec, "");
break;
case 'e':
+ if (checkAccess(job, T_EXTERNAL, A_READ) )
fprintf(fd, fspec, (const char*) job.external);
+ else
+ fprintf(fd, fspec, "");
break;
case 'f':
+ if (checkAccess(job, T_NDIALS, A_READ) )
fprintf(fd, fspec, job.ndials);
+ else
+ fprintf(fd, fspec, 0);
break;
case 'g':
+ if (checkAccess(job, T_GROUPID, A_READ) )
fprintf(fd, fspec, (const char*) job.groupid);
+ else
+ fprintf(fd, fspec, "");
break;
case 'h':
+ if (checkAccess(job, T_PAGECHOP, A_READ) )
fprintf(fd, fspec, " DAL"[job.pagechop]);
+ else
+ fprintf(fd, fspec, '?');
break;
case 'i':
+ if (checkAccess(job, T_SCHEDPRI, A_READ) )
fprintf(fd, fspec, job.pri);
+ else
+ fprintf(fd, fspec, 0);
break;
case 'j':
+ if (checkAccess(job, T_JOBID, A_READ) )
fprintf(fd, fspec, (const char*) job.jobid);
+ else
+ fprintf(fd, fspec, "");
break;
case 'k':
+ if (checkAccess(job, T_LASTTIME, A_READ) )
fprintf(fd, fspec, compactTime(job.killtime));
+ else
+ fprintf(fd, fspec, "");
break;
case 'l':
+ if (checkAccess(job, T_PAGELENGTH, A_READ) )
fprintf(fd, fspec, job.pagelength);
+ else
+ fprintf(fd, fspec, 0);
break;
case 'm':
+ if (checkAccess(job, T_MODEM, A_READ) )
fprintf(fd, fspec, (const char*) job.modem);
+ else
+ fprintf(fd, fspec, "");
break;
case 'n':
+ if (checkAccess(job, T_NOTIFY, A_READ) )
fprintf(fd, fspec, " DQA"[job.notify]);
+ else
+ fprintf(fd, fspec, '?');
break;
case 'o':
+ if (checkAccess(job, T_OWNER, A_READ) )
fprintf(fd, fspec, (const char*) job.owner);
+ else
+ fprintf(fd, fspec, "");
break;
case 'p':
+ if (checkAccess(job, T_NPAGES, A_READ) )
fprintf(fd, fspec, job.npages);
+ else
+ fprintf(fd, fspec, 0);
break;
case 'q':
- fprintf(fd, fspec,
- job.retrytime == 0 ? "" : fmtTime(job.retrytime));
+ if (checkAccess(job, T_RETRYTIME, A_READ) )
+ fprintf(fd, fspec, job.retrytime == 0 ? "" : fmtTime(job.retrytime));
+ else
+ fprintf(fd, fspec, "");
break;
case 'r':
+ if (checkAccess(job, T_VRES, A_READ) )
fprintf(fd, fspec, job.resolution);
+ else
+ fprintf(fd, fspec, 0);
break;
case 's':
+ if (checkAccess(job, T_STATUS, A_READ) )
fprintf(fd, fspec, (const char*) job.notice);
+ else
+ fprintf(fd, fspec, "");
break;
case 't':
+ if (checkAccess(job, T_TOTTRIES, A_READ) )
fprintf(fd, fspec, job.tottries);
+ else
+ fprintf(fd, fspec, "");
break;
case 'u':
+ if (checkAccess(job, T_MAXTRIES, A_READ) )
fprintf(fd, fspec, job.maxtries);
+ else
+ fprintf(fd, fspec, "");
break;
case 'v':
- fprintf(fd, fspec, haveAccess ? (const char*) job.number : "");
+ if (checkAccess(job, T_DIALSTRING, A_READ) )
+ fprintf(fd, fspec, (const char*) job.number);
+ else
+ fprintf(fd, fspec, "");
break;
case 'w':
+ if (checkAccess(job, T_PAGEWIDTH, A_READ) )
fprintf(fd, fspec, job.pagewidth);
+ else
+ fprintf(fd, fspec, 0);
break;
case 'x':
+ if (checkAccess(job, T_MAXDIALS, A_READ) )
fprintf(fd, fspec, job.maxdials);
+ else
+ fprintf(fd, fspec, 0);
break;
case 'y':
+ if (checkAccess(job, T_TOTPAGES, A_READ) )
fprintf(fd, fspec, job.totpages);
+ else
+ fprintf(fd, fspec, 0);
break;
case 'z':
+ if (checkAccess(job, T_SENDTIME, A_READ) )
fprintf(fd, fspec, compactTime(job.tts));
+ else
+ fprintf(fd, fspec, "");
break;
}
} else
@@ -1826,11 +1980,11 @@
HylaFAXServer::listSendQ(FILE* fd, const SpoolDir&, DIR* dir)
{
struct dirent* dp;
- while ((dp = readdir(dir)))
+ while (dp = readdir(dir))
if (dp->d_name[0] == 'q') {
fxStr emsg;
Job* job = findJob(&dp->d_name[1], emsg);
- if (job) {
+ if (job && checkAccess(*job, T_JOBID, A_READ) ) {
Jprintf(fd, jobFormat, *job);
fputs("\r\n", fd);
}
