Page MenuHomePhorge
Files F117881183

D5199.1775346341.diff
No OneTemporary
Actions

Authored By
Unknown
Size
70 KB
Referenced Files
None
Subscribers
None

D5199.1775346341.diff
View Options

diff --git a/plugins/kolab/Kolab/Addresses.php b/plugins/kolab/Kolab/Addresses.php
new file mode 100644
--- /dev/null
+++ b/plugins/kolab/Kolab/Addresses.php
@@ -0,0 +1,77 @@
+<?php
+
+namespace Kolab;
+
+/**
+ * This feature replaces text input field with a select in the identity form.
+ * The select will contain all email addresses available to the user
+ * (including delegated ones).
+ */
+class Addresses extends Feature
+{
+ /**
+ * Feature initialization
+ */
+ public function init()
+ {
+ $this->plugin->add_hook('identity_form', [$this, 'identityFormHook']);
+ }
+
+ /**
+ * Identity-form action handler
+ */
+ public function identityFormHook($args): array
+ {
+ // Hook to replace the plain text input field for email address by a drop-down list
+ // with all email addresses (including aliases) available to the user
+
+ $ident_level = intval($this->rc->config->get('identities_level', 0));
+
+ // do nothing if email address modification is disabled
+ if ($ident_level == 1 || $ident_level == 3) {
+ return $args;
+ }
+
+ $emails = $this->getMyAddresses();
+
+ // TODO: Use <optgroup> in the select to separate delegator's addresses
+
+ if (!empty($emails)) {
+ // Pre-select the main email address if not provided (new identity)
+ if (empty($args['record']['email']) && !isset($_POST['_email'])) {
+ $_POST['_email'] = $this->rc->get_user_email();
+ }
+
+ $args['form']['addressing']['content']['email'] = [
+ 'type' => 'select',
+ 'skip-empty' => true,
+ 'options' => array_combine($emails, $emails),
+ ];
+ }
+
+ return $args;
+ }
+
+ /**
+ * Get list of user email addresses, including delegated ones.
+ *
+ * @return array List of email addresses
+ */
+ protected function getMyAddresses(): array
+ {
+ $emails = Client::getMyAddresses();
+
+ // Delegators' addresses
+ foreach (Client::getDelegators() as $delegator) {
+ $emails[] = $delegator->email;
+ if (!empty($delegator->aliases)) {
+ $emails = array_merge($emails, $delegator->aliases);
+ }
+ }
+
+ $emails = array_unique($emails);
+ sort($emails);
+
+ return $emails;
+ }
+}
diff --git a/plugins/kolab/Kolab/Client.php b/plugins/kolab/Kolab/Client.php
new file mode 100644
--- /dev/null
+++ b/plugins/kolab/Kolab/Client.php
@@ -0,0 +1,197 @@
+<?php
+
+namespace Kolab;
+
+/**
+ * Kolab Cockpit API (HTTP) client
+ */
+class Client
+{
+ /**
+ * Makes a HTTP request to the Cockpit API
+ */
+ private static function request($method, $path, $query = [], $post = [])
+ {
+ $rcube = \rcube::get_instance();
+
+ $base_uri = $rcube->config->get('kolab_api_url', 'https://' . $_SERVER['HTTP_HOST']);
+ $debug = $rcube->config->get('kolab_api_debug');
+
+ $path = ltrim($path, '/');
+
+ $stack = new \GuzzleHttp\HandlerStack();
+ $stack->setHandler(\GuzzleHttp\choose_handler());
+
+ if (!str_starts_with($path, 'api/auth/login')) {
+ $stack->push(\GuzzleHttp\Middleware::retry(
+ function (
+ int $retries,
+ \GuzzleHttp\Psr7\Request $request,
+ \GuzzleHttp\Psr7\Response $response = null,
+ $exception = null
+ ) {
+ $maxRetries = 2;
+
+ if ($retries >= $maxRetries) {
+ return false;
+ }
+
+ if ($response && $response->getStatusCode() === 401) {
+ self::refreshAccessToken();
+ return true;
+ }
+
+ return false;
+ }
+ ));
+
+ $stack->push(\GuzzleHttp\Middleware::mapRequest(
+ function (\GuzzleHttp\Psr7\Request $request) use ($rcube) {
+ $token = isset($_SESSION['kolab_access_token']) ? $rcube->decrypt($_SESSION['kolab_access_token']) : '';
+ if ($token) {
+ return $request->withHeader('Authorization', 'Bearer ' . $token);
+ }
+
+ return $request;
+ }
+ ));
+ }
+
+ $client = $rcube->get_http_client([
+ 'http_errors' => false, // No exceptions from Guzzle on error responses
+ 'base_uri' => rtrim($base_uri, '/') . '/',
+ 'handler' => $stack,
+ 'verify' => false,
+ 'connect_timeout' => 5,
+ 'timeout' => 10,
+ ]);
+
+ try {
+ if ($debug) {
+ $log_request = $method . ': ' . $path;
+ if (!empty($query)) {
+ $log_request .= '?' . http_build_query($query);
+ }
+ $rcube->write_log('kolab', $log_request);
+ }
+
+ $request = [
+ 'json' => $post,
+ 'query' => $query,
+ ];
+
+ $response = $client->request($method, $path, $request);
+
+ if ($response->getStatusCode() == 200) {
+ $json = json_decode((string) $response->getBody());
+
+ if ($debug) {
+ $rcube->write_log('kolab', '[200] ' . json_encode($json));
+ }
+
+ return $json;
+ } else {
+ if ($debug) {
+ $rcube->write_log('kolab', '[' . $response->getStatusCode() . '] ' . $response->getReasonPhrase());
+ }
+ }
+ } catch (\Exception $e) {
+ $rcube->raise_error($e, true, false);
+ }
+ }
+
+ /**
+ * Get a new access token
+ */
+ private static function refreshAccessToken()
+ {
+ $rcube = \rcube::get_instance();
+ $username = $_SESSION['username'];
+ $password = $rcube->decrypt($_SESSION['password']);
+
+ $response = self::request('POST', 'api/auth/login', [], ['email' => $username, 'password' => $password]);
+
+ if ($response && isset($response->access_token)) {
+ $_SESSION['kolab_access_token'] = $rcube->encrypt($response->access_token);
+ $_SESSION['kolab_user_id'] = $response->id ?? null;
+ }
+ }
+
+ /**
+ * Get current user delegators
+ */
+ public static function getDelegators(): array
+ {
+ $result = [];
+
+ if ($id = self::getUserId()) {
+ $response = self::request('GET', "api/v4/users/{$id}/delegators");
+
+ if ($response && isset($response->list)) {
+ return $response->list;
+ }
+ }
+
+ return $result;
+ }
+
+ /**
+ * Returns current user email addresses
+ */
+ public static function getMyAddresses(): array
+ {
+ $response = self::request('GET', 'api/v4/search/self', ['alias' => 1, 'limit' => 999]);
+
+ if ($response && isset($response->list)) {
+ return array_column($response->list, 'email');
+ }
+
+ return [];
+ }
+
+ /**
+ * Get current user identifier in Cockpit
+ */
+ private static function getUserId()
+ {
+ if (empty($_SESSION['kolab_user_id'])) {
+ self::refreshAccessToken();
+ }
+
+ return $_SESSION['kolab_user_id'] ?? 0;
+ }
+
+ /**
+ * User search
+ */
+ public static function getUsers(string $search, int $limit = 15): array
+ {
+ $response = self::request('GET', 'api/v4/search/user', ['alias' => 0, 'search' => $search, 'limit' => $limit]);
+
+ if ($response && isset($response->list)) {
+ return $response->list;
+ }
+
+ return [];
+ }
+
+ /**
+ * Resolve user email into user name
+ */
+ /*
+ public static function getUserName(string $email): ?string
+ {
+ $response = self::request('GET', 'api/v4/search/user', ['alias' => 0, 'search' => $email, 'limit' => 10]);
+
+ if ($response && isset($response->list)) {
+ foreach ($response->list as $user) {
+ if ($user->email === $email) {
+ return $user->name;
+ }
+ }
+ }
+
+ return null;
+ }
+ */
+}
diff --git a/plugins/kolab/Kolab/Delegation.php b/plugins/kolab/Kolab/Delegation.php
new file mode 100644
--- /dev/null
+++ b/plugins/kolab/Kolab/Delegation.php
@@ -0,0 +1,411 @@
+<?php
+
+namespace Kolab;
+
+/**
+ * This feature is responsible for handling delegation
+ */
+class Delegation extends Feature
+{
+ protected $context;
+ protected $delegators;
+
+ /**
+ * Feature initialization
+ */
+ public function init()
+ {
+ $this->plugin->require_plugin('libkolab');
+
+ // Check-recent action
+ $this->plugin->add_hook('check_recent', [$this, 'checkRecentHook']);
+
+ // Message-send action
+ $this->plugin->add_hook('message_before_send', [$this, 'messageBeforeSendHook']);
+
+ // Calendar and Tasklist plugins
+ $this->plugin->add_hook('message_load', [$this, 'messageLoadHook']);
+ $this->plugin->add_hook('calendar_user_emails', [$this, 'calendarUserEmailsHook']);
+ $this->plugin->add_hook('calendar_list_filter', [$this, 'calendarListFilterHook']);
+ $this->plugin->add_hook('calendar_load_itip', [$this, 'calendarLoadItipHook']);
+ $this->plugin->add_hook('tasklist_list_filter', [$this, 'tasklistListFilterHook']);
+
+ // Enigma plugin
+ $this->plugin->add_hook('enigma_user_identities', [$this, 'enigmaUserIdentitiesHook']);
+
+ // Calendar/Tasklist plugin UI bindings
+ $this->plugin->add_hook('ready', [$this, 'readyHook']);
+ }
+
+ /**
+ * Check-recent action handler
+ */
+ public function checkRecentHook($args): array
+ {
+ // Checking for new messages shall be extended to Inbox folders of all
+ // delegators if 'check_all_folders' is set to false.
+
+ if ($this->rc->task != 'mail') {
+ return $args;
+ }
+
+ if (!empty($args['all'])) {
+ return $args;
+ }
+
+ $storage = $this->rc->get_storage();
+ $other_ns = $storage->get_namespace('other');
+ $folders = $storage->list_folders_subscribed('', '*', 'mail');
+
+ foreach (array_keys($this->getDelegators()) as $email) {
+ foreach ($other_ns as $ns) {
+ $folder = $ns[0] . $email;
+ if (in_array($folder, $folders) && !in_array($folder, $args['folders'])) {
+ $args['folders'][] = $folder;
+ }
+ }
+ }
+
+ return $args;
+ }
+
+ /**
+ * Mail send action handler
+ */
+ public function messageBeforeSendHook($args)
+ {
+ // Checking headers of email being send, we'll add Sender: header
+ // if mail is being sent on behalf of someone else
+
+ /** @var \Mail_mime $msg */
+ $msg = $args['message'];
+
+ // Get sender's email address from the From: header
+ $from = \rcube_mime::decode_address_list($msg->headers()['From'], 1, false, null, true);
+ $from = $from[array_key_first($from)];
+
+ // Add Sender: header with current user default identity
+ foreach ($this->getDelegators() as $delegator) {
+ if (in_array($from, $delegator['emails'])) {
+ $identity = $this->rc->user->get_identity();
+ $sender = format_email_recipient($identity['email'], $identity['name']);
+
+ $msg->headers(['Sender' => $sender], false, true);
+ break;
+ }
+ }
+
+ return $args;
+ }
+
+ /**
+ * E-mail message loading action
+ */
+ public function messageLoadHook($args): array
+ {
+ // This is a place where we detect delegate context.
+ // So we can handle event invitations on behalf of a delegator
+ // @TODO: should we do this only in delegators' folders?
+
+ /** @var \rcube_message $msg */
+ $msg = $args['object'];
+
+ // Skip invalid messages
+ if (empty($msg->headers)) {
+ return $args;
+ }
+
+ // Match delegators' addresses with the recipient address.
+ // Roundcube sends invitations to every attendee separately,
+ // but maybe there's a software which sends with CC header or many addresses in To:
+
+ $emails = \rcube_mime::decode_address_list($msg->get_header('to'), null, false, null, true);
+
+ foreach ($emails as $email) {
+ foreach ($this->getDelegators() as $email => $delegator) {
+ if (in_array($email, $delegator['emails'])) {
+ $this->rc->output->set_env('delegator_context', $email);
+ $this->plugin->include_script('js/delegation.js');
+ break;
+ }
+ }
+ }
+
+ return $args;
+ }
+
+ /**
+ * calendar::get_user_emails() handler
+ */
+ public function calendarUserEmailsHook($args)
+ {
+ // In delegator context we'll use delegator's addresses instead of the current user addresses
+
+ $this->filterEmails($args);
+ return $args;
+ }
+
+ /**
+ * calendar_driver::list_calendars() handler
+ */
+ public function calendarListFilterHook($args)
+ {
+ // In delegator context we'll use delegator's folders instead of the current user folders
+
+ $this->filterFolders($args, 'calendars');
+ return $args;
+ }
+
+ /**
+ * tasklist_driver::get_lists() handler
+ */
+ public function tasklistListFilterHook($args)
+ {
+ // In delegator context we'll use delegator's folders instead of the current user folders
+
+ $this->filterFolders($args, 'tasklists');
+ return $args;
+ }
+
+ /**
+ * calendar::load_itip() handler
+ */
+ public function calendarLoadItipHook($args)
+ {
+ // In delegator context we'll use delegator's address/name
+ // for invitation responses
+
+ $this->filterIdentities($args);
+ return $args;
+ }
+
+ /**
+ * Delegation support in Enigma plugin
+ */
+ public function enigmaUserIdentitiesHook($args): array
+ {
+ // Remove delegators' identities from the key generation form
+ // TODO: Should we rather fetch email and aliases of the user?
+
+ $delegators = $this->getDelegators();
+
+ $args['identities'] = array_filter($args['identities'], function ($ident) use ($delegators) {
+ foreach ($delegators as $delegator) {
+ if (in_array($ident['email'], $delegator['emails'])) {
+ return false;
+ }
+ }
+
+ return true;
+ });
+
+ return $args;
+ }
+
+ /**
+ * Delegation support in Calendar/Tasks plugin UI
+ */
+ public function readyHook($args)
+ {
+ // Initialize handling of delegators' identities in event/task form
+
+ if (
+ $this->rc->output->type == 'html'
+ && ($this->rc->task == 'calendar' || $this->rc->task == 'tasks')
+ && empty($_REQUEST['_framed'])
+ ) {
+ // $this->rc->output->set_env('namespace', $this->namespaceJS());
+ $this->rc->output->set_env('delegators', $this->jsDelegatorsList());
+ $this->plugin->include_script('js/delegation.js');
+ }
+ }
+
+ /**
+ * Set user identity according to delegator delegator
+ *
+ * @param array $args Reference to plugin hook arguments
+ */
+ protected function filterIdentities(&$args): void
+ {
+ $context = $this->getContext();
+
+ if (!$context) {
+ return;
+ }
+
+ $delegators = $this->getDelegators();
+ $identities = $this->rc->user->list_emails();
+ $emails = $delegators[$context]['emails'] ?? [];
+
+ foreach ($identities as $ident) {
+ if (in_array($ident['email'], $emails)) {
+ $args['identity'] = $ident;
+ return;
+ }
+ }
+
+ // fallback to default identity
+ $args['identity'] = array_shift($identities);
+ }
+
+ /**
+ * Filter user emails according to delegator context
+ *
+ * @param array $args Reference to plugin hook arguments
+ */
+ protected function filterEmails(&$args): void
+ {
+ $context = $this->getContext();
+ $delegators = $this->getDelegators();
+
+ // try to derive context from the given user email
+ if (!$context && !empty($args['emails'])) {
+ if (($email = $args['emails'][0]) && isset($delegators[$email])) {
+ $context = $email;
+ }
+ }
+
+ // return delegator's addresses
+ if ($context) {
+ $args['emails'] = $delegators[$context]['emails'] ?? [];
+ $args['abort'] = true;
+ }
+ // return only user addresses (exclude all delegators addresses)
+ elseif (!empty($delegators)) {
+ $identities = $this->rc->user->list_emails();
+ $emails[] = $this->rc->user->get_username();
+
+ foreach ($identities as $identity) {
+ $emails[] = $identity['email'];
+ }
+
+ foreach ($delegators as $delegator) {
+ $emails = array_diff($emails, $delegator['emails']);
+ }
+
+ $args['emails'] = array_unique($emails);
+ $args['abort'] = true;
+ }
+ }
+
+ /**
+ * Filters list of calendar/task folders according to delegator context
+ *
+ * @param array $args Reference to plugin hook arguments
+ */
+ protected function filterFolders(&$args, $mode = 'calendars'): void
+ {
+ $context = $this->getContext();
+
+ if (empty($context)) {
+ return;
+ }
+
+ if ($mode == 'calendars') {
+ $editable = $args['filter'] & \calendar_driver::FILTER_WRITEABLE;
+ $active = $args['filter'] & \calendar_driver::FILTER_ACTIVE;
+ $personal = $args['filter'] & \calendar_driver::FILTER_PERSONAL;
+ $shared = $args['filter'] & \calendar_driver::FILTER_SHARED;
+ } else {
+ $editable = $args['filter'] & \tasklist_driver::FILTER_WRITEABLE;
+ $active = $args['filter'] & \tasklist_driver::FILTER_ACTIVE;
+ $personal = $args['filter'] & \tasklist_driver::FILTER_PERSONAL;
+ $shared = $args['filter'] & \tasklist_driver::FILTER_SHARED;
+ }
+
+ $folders = [];
+
+ foreach ($args['list'] as $folder) {
+ if (isset($folder->ready) && !$folder->ready) {
+ continue;
+ }
+
+ if ($editable && !$folder->editable) {
+ continue;
+ }
+
+ if ($active && !$folder->storage->is_active()) {
+ continue;
+ }
+
+ if ($personal || $shared) {
+ $ns = $folder->get_namespace();
+
+ if ($personal && $ns == 'personal') {
+ continue;
+ } elseif ($personal && $ns == 'other') {
+ if ($folder->get_owner() != $context) {
+ continue;
+ }
+ } elseif (!$shared || $ns != 'shared') {
+ continue;
+ }
+ }
+
+ $folders[$folder->id] = $folder;
+ }
+
+ $args[$mode] = $folders;
+ $args['abort'] = true;
+ }
+
+ /**
+ * Return (set) current delegator context
+ *
+ * @return ?string Delegator UID
+ */
+ protected function getContext(): ?string
+ {
+ if (!$this->context) {
+ $context = \rcube_utils::get_input_string('_context', \rcube_utils::INPUT_GPC);
+ if ($context) {
+ $delegators = $this->getDelegators();
+ if (isset($delegators[$context])) {
+ $this->context = $context;
+ }
+ }
+ }
+
+ return $this->context;
+ }
+
+ /**
+ * Get list of users that delegated the current user
+ *
+ * @return array<string, array> List of delegators indexed by delegator email
+ */
+ protected function getDelegators(): array
+ {
+ if ($this->delegators === null) {
+ $this->delegators = [];
+ foreach (Client::getDelegators() as $delegator) {
+ $this->delegators[$delegator->email] = [
+ 'emails' => array_merge([$delegator->email], $delegator->aliases),
+ 'name' => $delegator->name ?? '',
+ ];
+ }
+ }
+
+ return $this->delegators;
+ }
+
+ /**
+ * List current user delegators in format compatible with Calendar plugin
+ *
+ * @return array List of delegators
+ */
+ public function jsDelegatorsList(): array
+ {
+ $result = [];
+
+ foreach ($this->getDelegators() as $key => $delegator) {
+ $result[$key] = [
+ 'emails' => ';' . implode(';', $delegator['emails']),
+ 'email' => $delegator['emails'][0],
+ 'name' => $delegator['name'],
+ ];
+ }
+
+ return $result;
+ }
+}
diff --git a/plugins/kolab/Kolab/Feature.php b/plugins/kolab/Kolab/Feature.php
new file mode 100644
--- /dev/null
+++ b/plugins/kolab/Kolab/Feature.php
@@ -0,0 +1,28 @@
+<?php
+
+namespace Kolab;
+
+/**
+ * An abstract class for a Kolab integration feature
+ */
+abstract class Feature
+{
+ protected $plugin;
+ protected $rc;
+
+ /**
+ * Object constructor
+ *
+ * @param \rcube_plugin $plugin Kolab plugin instance
+ */
+ public function __construct(\rcube_plugin $plugin)
+ {
+ $this->plugin = $plugin;
+ $this->rc = \rcmail::get_instance();
+ }
+
+ /**
+ * Feature initialization
+ */
+ abstract public function init();
+}
diff --git a/plugins/kolab/Kolab/Users.php b/plugins/kolab/Kolab/Users.php
new file mode 100644
--- /dev/null
+++ b/plugins/kolab/Kolab/Users.php
@@ -0,0 +1,92 @@
+<?php
+
+namespace Kolab;
+
+/**
+ * Provides user autocompletion for some inputs that expect a user identifier (email).
+ * For example folder sharing forms
+ */
+class Users extends Feature
+{
+ /**
+ * Feature initialization
+ */
+ public function init()
+ {
+ $this->plugin->add_hook('ready', [$this, 'readyHook']);
+ $this->plugin->add_hook('render_page', [$this, 'renderPageHook']);
+ }
+
+ /**
+ * Handler for 'ready' hook
+ */
+ public function readyHook($args): array
+ {
+ $action = $args['task'] . '/' . $args['action'];
+
+ // Intercept the user autocompletion request
+ $autocomplete_actions = [
+ 'settings/plugin.acl-autocomplete',
+ ];
+
+ if (in_array($action, $autocomplete_actions)) {
+ $this->autocompleteHandler();
+ }
+
+ return $args;
+ }
+
+ /**
+ * Handler for 'render_page' hook
+ */
+ public function renderPageHook($args): array
+ {
+ if (
+ $args['write'] === false // rendering of sub-pages
+ || !in_array($this->rc->task, ['settings', 'calendar', 'tasks', 'addressbook'])
+ ) {
+ return $args;
+ }
+
+ // In some places the autocompletion is initialized only when a specific env variable is set
+ // 'acl' plugin
+ $this->rc->output->set_env('acl_users_source', 'kolab4');
+ // 'libkolab' plugin: Sharing tab for DAV folders
+ $this->rc->output->set_env('kolab_autocomplete', 'kolab4');
+
+ // Register some extra info for the client side
+ $this->rc->output->set_env('autocomplete_max', (int) $this->rc->config->get('autocomplete_max', 15));
+ $this->rc->output->set_env('autocomplete_min_length', $this->rc->config->get('autocomplete_min_length'));
+ $this->rc->output->add_label('autocompletechars', 'autocompletemore');
+
+ return $args;
+ }
+
+ /**
+ * User autocompletion request handler
+ */
+ public function autocompleteHandler(): void
+ {
+ $search = \rcube_utils::get_input_string('_search', \rcube_utils::INPUT_GPC, true);
+ $reqid = \rcube_utils::get_input_string('_reqid', \rcube_utils::INPUT_GPC);
+
+ $max = (int) $this->rc->config->get('autocomplete_max', 15);
+ $email = $this->rc->get_user_email();
+ $users = [];
+
+ foreach (Client::getUsers($search, $max) as $user) {
+ if ($user->email == $email) {
+ continue;
+ }
+
+ $users[] = [
+ 'name' => $user->email,
+ 'display' => \format_email_recipient($user->email, $user->name),
+ 'type' => null, // or 'group'
+ ];
+ }
+
+ $this->rc->output->command('ksearch_query_results', $users, $search, $reqid);
+ $this->rc->output->send();
+ }
+}
diff --git a/plugins/kolab/LICENSE b/plugins/kolab/LICENSE
new file mode 100644
--- /dev/null
+++ b/plugins/kolab/LICENSE
@@ -0,0 +1,661 @@
+ GNU AFFERO GENERAL PUBLIC LICENSE
+ Version 3, 19 November 2007
+
+ Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+ Preamble
+
+ The GNU Affero General Public License is a free, copyleft license for
+software and other kinds of works, specifically designed to ensure
+cooperation with the community in the case of network server software.
+
+ The licenses for most software and other practical works are designed
+to take away your freedom to share and change the works. By contrast,
+our General Public Licenses are intended to guarantee your freedom to
+share and change all versions of a program--to make sure it remains free
+software for all its users.
+
+ When we speak of free software, we are referring to freedom, not
+price. Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+them if you wish), that you receive source code or can get it if you
+want it, that you can change the software or use pieces of it in new
+free programs, and that you know you can do these things.
+
+ Developers that use our General Public Licenses protect your rights
+with two steps: (1) assert copyright on the software, and (2) offer
+you this License which gives you legal permission to copy, distribute
+and/or modify the software.
+
+ A secondary benefit of defending all users' freedom is that
+improvements made in alternate versions of the program, if they
+receive widespread use, become available for other developers to
+incorporate. Many developers of free software are heartened and
+encouraged by the resulting cooperation. However, in the case of
+software used on network servers, this result may fail to come about.
+The GNU General Public License permits making a modified version and
+letting the public access it on a server without ever releasing its
+source code to the public.
+
+ The GNU Affero General Public License is designed specifically to
+ensure that, in such cases, the modified source code becomes available
+to the community. It requires the operator of a network server to
+provide the source code of the modified version running there to the
+users of that server. Therefore, public use of a modified version, on
+a publicly accessible server, gives the public access to the source
+code of the modified version.
+
+ An older license, called the Affero General Public License and
+published by Affero, was designed to accomplish similar goals. This is
+a different license, not a version of the Affero GPL, but Affero has
+released a new version of the Affero GPL which permits relicensing under
+this license.
+
+ The precise terms and conditions for copying, distribution and
+modification follow.
+
+ TERMS AND CONDITIONS
+
+ 0. Definitions.
+
+ "This License" refers to version 3 of the GNU Affero General Public License.
+
+ "Copyright" also means copyright-like laws that apply to other kinds of
+works, such as semiconductor masks.
+
+ "The Program" refers to any copyrightable work licensed under this
+License. Each licensee is addressed as "you". "Licensees" and
+"recipients" may be individuals or organizations.
+
+ To "modify" a work means to copy from or adapt all or part of the work
+in a fashion requiring copyright permission, other than the making of an
+exact copy. The resulting work is called a "modified version" of the
+earlier work or a work "based on" the earlier work.
+
+ A "covered work" means either the unmodified Program or a work based
+on the Program.
+
+ To "propagate" a work means to do anything with it that, without
+permission, would make you directly or secondarily liable for
+infringement under applicable copyright law, except executing it on a
+computer or modifying a private copy. Propagation includes copying,
+distribution (with or without modification), making available to the
+public, and in some countries other activities as well.
+
+ To "convey" a work means any kind of propagation that enables other
+parties to make or receive copies. Mere interaction with a user through
+a computer network, with no transfer of a copy, is not conveying.
+
+ An interactive user interface displays "Appropriate Legal Notices"
+to the extent that it includes a convenient and prominently visible
+feature that (1) displays an appropriate copyright notice, and (2)
+tells the user that there is no warranty for the work (except to the
+extent that warranties are provided), that licensees may convey the
+work under this License, and how to view a copy of this License. If
+the interface presents a list of user commands or options, such as a
+menu, a prominent item in the list meets this criterion.
+
+ 1. Source Code.
+
+ The "source code" for a work means the preferred form of the work
+for making modifications to it. "Object code" means any non-source
+form of a work.
+
+ A "Standard Interface" means an interface that either is an official
+standard defined by a recognized standards body, or, in the case of
+interfaces specified for a particular programming language, one that
+is widely used among developers working in that language.
+
+ The "System Libraries" of an executable work include anything, other
+than the work as a whole, that (a) is included in the normal form of
+packaging a Major Component, but which is not part of that Major
+Component, and (b) serves only to enable use of the work with that
+Major Component, or to implement a Standard Interface for which an
+implementation is available to the public in source code form. A
+"Major Component", in this context, means a major essential component
+(kernel, window system, and so on) of the specific operating system
+(if any) on which the executable work runs, or a compiler used to
+produce the work, or an object code interpreter used to run it.
+
+ The "Corresponding Source" for a work in object code form means all
+the source code needed to generate, install, and (for an executable
+work) run the object code and to modify the work, including scripts to
+control those activities. However, it does not include the work's
+System Libraries, or general-purpose tools or generally available free
+programs which are used unmodified in performing those activities but
+which are not part of the work. For example, Corresponding Source
+includes interface definition files associated with source files for
+the work, and the source code for shared libraries and dynamically
+linked subprograms that the work is specifically designed to require,
+such as by intimate data communication or control flow between those
+subprograms and other parts of the work.
+
+ The Corresponding Source need not include anything that users
+can regenerate automatically from other parts of the Corresponding
+Source.
+
+ The Corresponding Source for a work in source code form is that
+same work.
+
+ 2. Basic Permissions.
+
+ All rights granted under this License are granted for the term of
+copyright on the Program, and are irrevocable provided the stated
+conditions are met. This License explicitly affirms your unlimited
+permission to run the unmodified Program. The output from running a
+covered work is covered by this License only if the output, given its
+content, constitutes a covered work. This License acknowledges your
+rights of fair use or other equivalent, as provided by copyright law.
+
+ You may make, run and propagate covered works that you do not
+convey, without conditions so long as your license otherwise remains
+in force. You may convey covered works to others for the sole purpose
+of having them make modifications exclusively for you, or provide you
+with facilities for running those works, provided that you comply with
+the terms of this License in conveying all material for which you do
+not control copyright. Those thus making or running the covered works
+for you must do so exclusively on your behalf, under your direction
+and control, on terms that prohibit them from making any copies of
+your copyrighted material outside their relationship with you.
+
+ Conveying under any other circumstances is permitted solely under
+the conditions stated below. Sublicensing is not allowed; section 10
+makes it unnecessary.
+
+ 3. Protecting Users' Legal Rights From Anti-Circumvention Law.
+
+ No covered work shall be deemed part of an effective technological
+measure under any applicable law fulfilling obligations under article
+11 of the WIPO copyright treaty adopted on 20 December 1996, or
+similar laws prohibiting or restricting circumvention of such
+measures.
+
+ When you convey a covered work, you waive any legal power to forbid
+circumvention of technological measures to the extent such circumvention
+is effected by exercising rights under this License with respect to
+the covered work, and you disclaim any intention to limit operation or
+modification of the work as a means of enforcing, against the work's
+users, your or third parties' legal rights to forbid circumvention of
+technological measures.
+
+ 4. Conveying Verbatim Copies.
+
+ You may convey verbatim copies of the Program's source code as you
+receive it, in any medium, provided that you conspicuously and
+appropriately publish on each copy an appropriate copyright notice;
+keep intact all notices stating that this License and any
+non-permissive terms added in accord with section 7 apply to the code;
+keep intact all notices of the absence of any warranty; and give all
+recipients a copy of this License along with the Program.
+
+ You may charge any price or no price for each copy that you convey,
+and you may offer support or warranty protection for a fee.
+
+ 5. Conveying Modified Source Versions.
+
+ You may convey a work based on the Program, or the modifications to
+produce it from the Program, in the form of source code under the
+terms of section 4, provided that you also meet all of these conditions:
+
+ a) The work must carry prominent notices stating that you modified
+ it, and giving a relevant date.
+
+ b) The work must carry prominent notices stating that it is
+ released under this License and any conditions added under section
+ 7. This requirement modifies the requirement in section 4 to
+ "keep intact all notices".
+
+ c) You must license the entire work, as a whole, under this
+ License to anyone who comes into possession of a copy. This
+ License will therefore apply, along with any applicable section 7
+ additional terms, to the whole of the work, and all its parts,
+ regardless of how they are packaged. This License gives no
+ permission to license the work in any other way, but it does not
+ invalidate such permission if you have separately received it.
+
+ d) If the work has interactive user interfaces, each must display
+ Appropriate Legal Notices; however, if the Program has interactive
+ interfaces that do not display Appropriate Legal Notices, your
+ work need not make them do so.
+
+ A compilation of a covered work with other separate and independent
+works, which are not by their nature extensions of the covered work,
+and which are not combined with it such as to form a larger program,
+in or on a volume of a storage or distribution medium, is called an
+"aggregate" if the compilation and its resulting copyright are not
+used to limit the access or legal rights of the compilation's users
+beyond what the individual works permit. Inclusion of a covered work
+in an aggregate does not cause this License to apply to the other
+parts of the aggregate.
+
+ 6. Conveying Non-Source Forms.
+
+ You may convey a covered work in object code form under the terms
+of sections 4 and 5, provided that you also convey the
+machine-readable Corresponding Source under the terms of this License,
+in one of these ways:
+
+ a) Convey the object code in, or embodied in, a physical product
+ (including a physical distribution medium), accompanied by the
+ Corresponding Source fixed on a durable physical medium
+ customarily used for software interchange.
+
+ b) Convey the object code in, or embodied in, a physical product
+ (including a physical distribution medium), accompanied by a
+ written offer, valid for at least three years and valid for as
+ long as you offer spare parts or customer support for that product
+ model, to give anyone who possesses the object code either (1) a
+ copy of the Corresponding Source for all the software in the
+ product that is covered by this License, on a durable physical
+ medium customarily used for software interchange, for a price no
+ more than your reasonable cost of physically performing this
+ conveying of source, or (2) access to copy the
+ Corresponding Source from a network server at no charge.
+
+ c) Convey individual copies of the object code with a copy of the
+ written offer to provide the Corresponding Source. This
+ alternative is allowed only occasionally and noncommercially, and
+ only if you received the object code with such an offer, in accord
+ with subsection 6b.
+
+ d) Convey the object code by offering access from a designated
+ place (gratis or for a charge), and offer equivalent access to the
+ Corresponding Source in the same way through the same place at no
+ further charge. You need not require recipients to copy the
+ Corresponding Source along with the object code. If the place to
+ copy the object code is a network server, the Corresponding Source
+ may be on a different server (operated by you or a third party)
+ that supports equivalent copying facilities, provided you maintain
+ clear directions next to the object code saying where to find the
+ Corresponding Source. Regardless of what server hosts the
+ Corresponding Source, you remain obligated to ensure that it is
+ available for as long as needed to satisfy these requirements.
+
+ e) Convey the object code using peer-to-peer transmission, provided
+ you inform other peers where the object code and Corresponding
+ Source of the work are being offered to the general public at no
+ charge under subsection 6d.
+
+ A separable portion of the object code, whose source code is excluded
+from the Corresponding Source as a System Library, need not be
+included in conveying the object code work.
+
+ A "User Product" is either (1) a "consumer product", which means any
+tangible personal property which is normally used for personal, family,
+or household purposes, or (2) anything designed or sold for incorporation
+into a dwelling. In determining whether a product is a consumer product,
+doubtful cases shall be resolved in favor of coverage. For a particular
+product received by a particular user, "normally used" refers to a
+typical or common use of that class of product, regardless of the status
+of the particular user or of the way in which the particular user
+actually uses, or expects or is expected to use, the product. A product
+is a consumer product regardless of whether the product has substantial
+commercial, industrial or non-consumer uses, unless such uses represent
+the only significant mode of use of the product.
+
+ "Installation Information" for a User Product means any methods,
+procedures, authorization keys, or other information required to install
+and execute modified versions of a covered work in that User Product from
+a modified version of its Corresponding Source. The information must
+suffice to ensure that the continued functioning of the modified object
+code is in no case prevented or interfered with solely because
+modification has been made.
+
+ If you convey an object code work under this section in, or with, or
+specifically for use in, a User Product, and the conveying occurs as
+part of a transaction in which the right of possession and use of the
+User Product is transferred to the recipient in perpetuity or for a
+fixed term (regardless of how the transaction is characterized), the
+Corresponding Source conveyed under this section must be accompanied
+by the Installation Information. But this requirement does not apply
+if neither you nor any third party retains the ability to install
+modified object code on the User Product (for example, the work has
+been installed in ROM).
+
+ The requirement to provide Installation Information does not include a
+requirement to continue to provide support service, warranty, or updates
+for a work that has been modified or installed by the recipient, or for
+the User Product in which it has been modified or installed. Access to a
+network may be denied when the modification itself materially and
+adversely affects the operation of the network or violates the rules and
+protocols for communication across the network.
+
+ Corresponding Source conveyed, and Installation Information provided,
+in accord with this section must be in a format that is publicly
+documented (and with an implementation available to the public in
+source code form), and must require no special password or key for
+unpacking, reading or copying.
+
+ 7. Additional Terms.
+
+ "Additional permissions" are terms that supplement the terms of this
+License by making exceptions from one or more of its conditions.
+Additional permissions that are applicable to the entire Program shall
+be treated as though they were included in this License, to the extent
+that they are valid under applicable law. If additional permissions
+apply only to part of the Program, that part may be used separately
+under those permissions, but the entire Program remains governed by
+this License without regard to the additional permissions.
+
+ When you convey a copy of a covered work, you may at your option
+remove any additional permissions from that copy, or from any part of
+it. (Additional permissions may be written to require their own
+removal in certain cases when you modify the work.) You may place
+additional permissions on material, added by you to a covered work,
+for which you have or can give appropriate copyright permission.
+
+ Notwithstanding any other provision of this License, for material you
+add to a covered work, you may (if authorized by the copyright holders of
+that material) supplement the terms of this License with terms:
+
+ a) Disclaiming warranty or limiting liability differently from the
+ terms of sections 15 and 16 of this License; or
+
+ b) Requiring preservation of specified reasonable legal notices or
+ author attributions in that material or in the Appropriate Legal
+ Notices displayed by works containing it; or
+
+ c) Prohibiting misrepresentation of the origin of that material, or
+ requiring that modified versions of such material be marked in
+ reasonable ways as different from the original version; or
+
+ d) Limiting the use for publicity purposes of names of licensors or
+ authors of the material; or
+
+ e) Declining to grant rights under trademark law for use of some
+ trade names, trademarks, or service marks; or
+
+ f) Requiring indemnification of licensors and authors of that
+ material by anyone who conveys the material (or modified versions of
+ it) with contractual assumptions of liability to the recipient, for
+ any liability that these contractual assumptions directly impose on
+ those licensors and authors.
+
+ All other non-permissive additional terms are considered "further
+restrictions" within the meaning of section 10. If the Program as you
+received it, or any part of it, contains a notice stating that it is
+governed by this License along with a term that is a further
+restriction, you may remove that term. If a license document contains
+a further restriction but permits relicensing or conveying under this
+License, you may add to a covered work material governed by the terms
+of that license document, provided that the further restriction does
+not survive such relicensing or conveying.
+
+ If you add terms to a covered work in accord with this section, you
+must place, in the relevant source files, a statement of the
+additional terms that apply to those files, or a notice indicating
+where to find the applicable terms.
+
+ Additional terms, permissive or non-permissive, may be stated in the
+form of a separately written license, or stated as exceptions;
+the above requirements apply either way.
+
+ 8. Termination.
+
+ You may not propagate or modify a covered work except as expressly
+provided under this License. Any attempt otherwise to propagate or
+modify it is void, and will automatically terminate your rights under
+this License (including any patent licenses granted under the third
+paragraph of section 11).
+
+ However, if you cease all violation of this License, then your
+license from a particular copyright holder is reinstated (a)
+provisionally, unless and until the copyright holder explicitly and
+finally terminates your license, and (b) permanently, if the copyright
+holder fails to notify you of the violation by some reasonable means
+prior to 60 days after the cessation.
+
+ Moreover, your license from a particular copyright holder is
+reinstated permanently if the copyright holder notifies you of the
+violation by some reasonable means, this is the first time you have
+received notice of violation of this License (for any work) from that
+copyright holder, and you cure the violation prior to 30 days after
+your receipt of the notice.
+
+ Termination of your rights under this section does not terminate the
+licenses of parties who have received copies or rights from you under
+this License. If your rights have been terminated and not permanently
+reinstated, you do not qualify to receive new licenses for the same
+material under section 10.
+
+ 9. Acceptance Not Required for Having Copies.
+
+ You are not required to accept this License in order to receive or
+run a copy of the Program. Ancillary propagation of a covered work
+occurring solely as a consequence of using peer-to-peer transmission
+to receive a copy likewise does not require acceptance. However,
+nothing other than this License grants you permission to propagate or
+modify any covered work. These actions infringe copyright if you do
+not accept this License. Therefore, by modifying or propagating a
+covered work, you indicate your acceptance of this License to do so.
+
+ 10. Automatic Licensing of Downstream Recipients.
+
+ Each time you convey a covered work, the recipient automatically
+receives a license from the original licensors, to run, modify and
+propagate that work, subject to this License. You are not responsible
+for enforcing compliance by third parties with this License.
+
+ An "entity transaction" is a transaction transferring control of an
+organization, or substantially all assets of one, or subdividing an
+organization, or merging organizations. If propagation of a covered
+work results from an entity transaction, each party to that
+transaction who receives a copy of the work also receives whatever
+licenses to the work the party's predecessor in interest had or could
+give under the previous paragraph, plus a right to possession of the
+Corresponding Source of the work from the predecessor in interest, if
+the predecessor has it or can get it with reasonable efforts.
+
+ You may not impose any further restrictions on the exercise of the
+rights granted or affirmed under this License. For example, you may
+not impose a license fee, royalty, or other charge for exercise of
+rights granted under this License, and you may not initiate litigation
+(including a cross-claim or counterclaim in a lawsuit) alleging that
+any patent claim is infringed by making, using, selling, offering for
+sale, or importing the Program or any portion of it.
+
+ 11. Patents.
+
+ A "contributor" is a copyright holder who authorizes use under this
+License of the Program or a work on which the Program is based. The
+work thus licensed is called the contributor's "contributor version".
+
+ A contributor's "essential patent claims" are all patent claims
+owned or controlled by the contributor, whether already acquired or
+hereafter acquired, that would be infringed by some manner, permitted
+by this License, of making, using, or selling its contributor version,
+but do not include claims that would be infringed only as a
+consequence of further modification of the contributor version. For
+purposes of this definition, "control" includes the right to grant
+patent sublicenses in a manner consistent with the requirements of
+this License.
+
+ Each contributor grants you a non-exclusive, worldwide, royalty-free
+patent license under the contributor's essential patent claims, to
+make, use, sell, offer for sale, import and otherwise run, modify and
+propagate the contents of its contributor version.
+
+ In the following three paragraphs, a "patent license" is any express
+agreement or commitment, however denominated, not to enforce a patent
+(such as an express permission to practice a patent or covenant not to
+sue for patent infringement). To "grant" such a patent license to a
+party means to make such an agreement or commitment not to enforce a
+patent against the party.
+
+ If you convey a covered work, knowingly relying on a patent license,
+and the Corresponding Source of the work is not available for anyone
+to copy, free of charge and under the terms of this License, through a
+publicly available network server or other readily accessible means,
+then you must either (1) cause the Corresponding Source to be so
+available, or (2) arrange to deprive yourself of the benefit of the
+patent license for this particular work, or (3) arrange, in a manner
+consistent with the requirements of this License, to extend the patent
+license to downstream recipients. "Knowingly relying" means you have
+actual knowledge that, but for the patent license, your conveying the
+covered work in a country, or your recipient's use of the covered work
+in a country, would infringe one or more identifiable patents in that
+country that you have reason to believe are valid.
+
+ If, pursuant to or in connection with a single transaction or
+arrangement, you convey, or propagate by procuring conveyance of, a
+covered work, and grant a patent license to some of the parties
+receiving the covered work authorizing them to use, propagate, modify
+or convey a specific copy of the covered work, then the patent license
+you grant is automatically extended to all recipients of the covered
+work and works based on it.
+
+ A patent license is "discriminatory" if it does not include within
+the scope of its coverage, prohibits the exercise of, or is
+conditioned on the non-exercise of one or more of the rights that are
+specifically granted under this License. You may not convey a covered
+work if you are a party to an arrangement with a third party that is
+in the business of distributing software, under which you make payment
+to the third party based on the extent of your activity of conveying
+the work, and under which the third party grants, to any of the
+parties who would receive the covered work from you, a discriminatory
+patent license (a) in connection with copies of the covered work
+conveyed by you (or copies made from those copies), or (b) primarily
+for and in connection with specific products or compilations that
+contain the covered work, unless you entered into that arrangement,
+or that patent license was granted, prior to 28 March 2007.
+
+ Nothing in this License shall be construed as excluding or limiting
+any implied license or other defenses to infringement that may
+otherwise be available to you under applicable patent law.
+
+ 12. No Surrender of Others' Freedom.
+
+ If conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License. If you cannot convey a
+covered work so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you may
+not convey it at all. For example, if you agree to terms that obligate you
+to collect a royalty for further conveying from those to whom you convey
+the Program, the only way you could satisfy both those terms and this
+License would be to refrain entirely from conveying the Program.
+
+ 13. Remote Network Interaction; Use with the GNU General Public License.
+
+ Notwithstanding any other provision of this License, if you modify the
+Program, your modified version must prominently offer all users
+interacting with it remotely through a computer network (if your version
+supports such interaction) an opportunity to receive the Corresponding
+Source of your version by providing access to the Corresponding Source
+from a network server at no charge, through some standard or customary
+means of facilitating copying of software. This Corresponding Source
+shall include the Corresponding Source for any work covered by version 3
+of the GNU General Public License that is incorporated pursuant to the
+following paragraph.
+
+ Notwithstanding any other provision of this License, you have
+permission to link or combine any covered work with a work licensed
+under version 3 of the GNU General Public License into a single
+combined work, and to convey the resulting work. The terms of this
+License will continue to apply to the part which is the covered work,
+but the work with which it is combined will remain governed by version
+3 of the GNU General Public License.
+
+ 14. Revised Versions of this License.
+
+ The Free Software Foundation may publish revised and/or new versions of
+the GNU Affero General Public License from time to time. Such new versions
+will be similar in spirit to the present version, but may differ in detail to
+address new problems or concerns.
+
+ Each version is given a distinguishing version number. If the
+Program specifies that a certain numbered version of the GNU Affero General
+Public License "or any later version" applies to it, you have the
+option of following the terms and conditions either of that numbered
+version or of any later version published by the Free Software
+Foundation. If the Program does not specify a version number of the
+GNU Affero General Public License, you may choose any version ever published
+by the Free Software Foundation.
+
+ If the Program specifies that a proxy can decide which future
+versions of the GNU Affero General Public License can be used, that proxy's
+public statement of acceptance of a version permanently authorizes you
+to choose that version for the Program.
+
+ Later license versions may give you additional or different
+permissions. However, no additional obligations are imposed on any
+author or copyright holder as a result of your choosing to follow a
+later version.
+
+ 15. Disclaimer of Warranty.
+
+ THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
+APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
+HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
+OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
+THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
+IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
+ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
+
+ 16. Limitation of Liability.
+
+ IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
+THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
+GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
+USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
+DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
+PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
+EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
+SUCH DAMAGES.
+
+ 17. Interpretation of Sections 15 and 16.
+
+ If the disclaimer of warranty and limitation of liability provided
+above cannot be given local legal effect according to their terms,
+reviewing courts shall apply local law that most closely approximates
+an absolute waiver of all civil liability in connection with the
+Program, unless a warranty or assumption of liability accompanies a
+copy of the Program in return for a fee.
+
+ END OF TERMS AND CONDITIONS
+
+ How to Apply These Terms to Your New Programs
+
+ If you develop a new program, and you want it to be of the greatest
+possible use to the public, the best way to achieve this is to make it
+free software which everyone can redistribute and change under these terms.
+
+ To do so, attach the following notices to the program. It is safest
+to attach them to the start of each source file to most effectively
+state the exclusion of warranty; and each file should have at least
+the "copyright" line and a pointer to where the full notice is found.
+
+ <one line to give the program's name and a brief idea of what it does.>
+ Copyright (C) <year> <name of author>
+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU Affero General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU Affero General Public License for more details.
+
+ You should have received a copy of the GNU Affero General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+Also add information on how to contact you by electronic and paper mail.
+
+ If your software can interact with users remotely through a computer
+network, you should also make sure that it provides a way for users to
+get its source. For example, if your program is a web application, its
+interface could display a "Source" link that leads users to an archive
+of the code. There are many ways you could offer source, and different
+solutions will be better for different programs; see section 13 for the
+specific requirements.
+
+ You should also get your employer (if you work as a programmer) or school,
+if any, to sign a "copyright disclaimer" for the program, if necessary.
+For more information on this, and how to apply and follow the GNU AGPL, see
+<http://www.gnu.org/licenses/>.
diff --git a/plugins/kolab/README.md b/plugins/kolab/README.md
new file mode 100644
--- /dev/null
+++ b/plugins/kolab/README.md
@@ -0,0 +1,55 @@
+Kolab Groupware integration plugin
+==================================
+
+This plugin implements some features of Kolab Groupware, especially those that require access to
+information via the Kolab Cockpit API.
+
+WARNING: This plugin does work with calendar/tasklist plugins if they are configured to use
+DAV drivers.
+
+
+1. Delegation
+-------------
+
+Extends Calendar/Tasks/Mail UI with user delegation features. For example, user can
+send mail in the name of another user or create events in his calendar. To work this
+requires delegation relation to be created in Cockpit. Cockpit will take care of
+sharing folders and creating identities.
+
+TODO: Select delegator's Sent folder when switching identity to delegator's email in mail composer,
+or when replying in the name of a delegator (the identity is already pre-selected).
+
+
+2. Users listing (autocompletion)
+---------------------------------
+
+It replaces LDAP-based autocompletion for:
+- the `acl` plugin's "Sharing" tab on IMAP folders
+- the `libkolab` plugin's "Sharing" tab for DAV folders
+
+Notes:
+- It requires APP_WITH_USER_SEARCH=true in Cockpit.
+- For "Files" user autocompletion (in document editing session) is done via Chwala, we can't easily intercept that.
+ So, we probably would do some changes to the kolab_files plugin to make it possible. Otherwise we'd need
+ to put the same code in Chwala's `kolabfiles` driver.
+- Calendar/Task attendees and mail recipients are autocompleted via mail/autocomplete action as they
+ include contacts. We should not intercept it, but rather implement a global addressbook source.
+
+
+3. Identity addresses
+---------------------
+
+This feature replaces text input field with a select element in the identity form.
+The select will contain all email addresses available to the user (including delegated ones).
+
+
+Future scope
+------------
+
+- The plugin might use the same API to find user name by email address, e.g. to display name
+ instead of/additionally to an email address (uid) in the UI.
+- The plugin could provide a global addressbook (search could automatically include existing users)
+- The plugin could control availability of 2FA plugin (or some other settings/features) depending
+ on user subscriptions in Cockpit.
+- The plugin could implement helpdesk mode ("Login as" feature).
+- Some API requests could be cached, e.g. we fetch delegators list a lot.
diff --git a/plugins/kolab/config.inc.php.dist b/plugins/kolab/config.inc.php.dist
new file mode 100644
--- /dev/null
+++ b/plugins/kolab/config.inc.php.dist
@@ -0,0 +1,7 @@
+<?php
+
+// Kolab Cockpit API location. Defaults to hostname from the HTTP request
+$config['kolab_api_url'] = null;
+
+// Enable logging Cockcpit API requests/responses (to logs/kolab.log)
+$config['kolab_api_debug'] = false;
diff --git a/plugins/kolab/js/delegation.js b/plugins/kolab/js/delegation.js
new file mode 100644
--- /dev/null
+++ b/plugins/kolab/js/delegation.js
@@ -0,0 +1,153 @@
+/**
+ * Client scripts for the Kolab Delegation
+ *
+ * @author Aleksander Machniak <machniak@kolabsys.com>
+ * @author Thomas Bruederli <bruederli@kolabsys.com>
+ *
+ * @licstart The following is the entire license notice for the
+ * JavaScript code in this file.
+ *
+ * Copyright (C) Apheleia IT AG <contact@apheleia-it.ch>
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ * @licend The above is the entire license notice
+ * for the JavaScript code in this file.
+ */
+
+window.rcmail && rcmail.addEventListener('init', function(evt) {
+ if (rcmail.env.task == 'mail' || rcmail.env.task == 'calendar' || rcmail.env.task == 'tasks') {
+ // set delegator context for calendar/tasklist requests on invitation message
+ rcmail.addEventListener('requestcalendar/event', function(o) { rcmail.event_delegator_request(o); })
+ .addEventListener('requestcalendar/mailimportitip', function(o) { rcmail.event_delegator_request(o); })
+ .addEventListener('requestcalendar/itip-status', function(o) { rcmail.event_delegator_request(o); })
+ .addEventListener('requestcalendar/itip-remove', function(o) { rcmail.event_delegator_request(o); })
+ .addEventListener('requesttasks/task', function(o) { rcmail.event_delegator_request(o); })
+ .addEventListener('requesttasks/mailimportitip', function(o) { rcmail.event_delegator_request(o); })
+ .addEventListener('requesttasks/itip-status', function(o) { rcmail.event_delegator_request(o); })
+ .addEventListener('requesttasks/itip-remove', function(o) { rcmail.event_delegator_request(o); });
+
+ // Calendar UI
+ if (rcmail.env.delegators && window.rcube_calendar_ui) {
+ rcmail.calendar_identity_init('calendar');
+ // delegator context for calendar event form
+ rcmail.addEventListener('calendar-event-init', function(o) { return rcmail.calendar_event_init(o, 'calendar'); });
+ // change organizer identity on calendar folder change
+ $('#edit-calendar').change(function() { rcmail.calendar_folder_change(this); });
+ }
+ // Tasks UI
+ else if (rcmail.env.delegators && window.rcube_tasklist_ui) {
+ rcmail.calendar_identity_init('tasklist');
+ // delegator context for task form
+ rcmail.addEventListener('tasklist-task-init', function(o) { return rcmail.calendar_event_init(o, 'tasklist'); });
+ // change organizer identity on tasks folder change
+ $('#taskedit-tasklist').change(function() { rcmail.calendar_folder_change(this); });
+ }
+ }
+});
+
+rcube_webmail.prototype.event_delegator_request = function(data)
+{
+ if (!this.env.delegator_context) {
+ return;
+ }
+
+ if (typeof data === 'object') {
+ data._context = this.env.delegator_context;
+ } else {
+ data += '&_context=' + this.env.delegator_context;
+ }
+
+ return data;
+};
+
+// callback for calendar event/task form initialization
+rcube_webmail.prototype.calendar_event_init = function(data, type)
+{
+ var folder = data.o[type == 'calendar' ? 'calendar' : 'list'];
+
+ // set identity for delegator context
+ this.env[type + '_settings'].identity = this.calendar_folder_delegator(folder, type);
+};
+
+// returns delegator's identity data according to selected calendar/tasks folder
+rcube_webmail.prototype.calendar_folder_delegator = function(folder, type)
+{
+ var d, delegator,
+ settings = this.env[type + '_settings'],
+ list = this.env[type == 'calendar' ? 'calendars' : 'tasklists'];
+
+ // derive delegator from the calendar owner property
+ if (list[folder] && list[folder].owner) {
+ delegator = list[folder].owner;
+ }
+
+ if (delegator && (d = this.env.delegators[delegator])) {
+ // find delegator's identity id
+ if (!d.identity_id) {
+ $.each(settings.identities, function(i, v) {
+ if (d.email == v) {
+ d.identity_id = i;
+ return false;
+ }
+ });
+ }
+
+ d.uid = delegator;
+ } else {
+ d = this.env.original_identity;
+ }
+
+ this.env.delegator_context = d.uid;
+
+ return d;
+};
+
+// handler for calendar/tasklist folder change
+rcube_webmail.prototype.calendar_folder_change = function(element)
+{
+ var folder = $(element).val(),
+ type = element.id.indexOf('task') > -1 ? 'tasklist' : 'calendar',
+ sname = type + '_settings',
+ select = $('#edit-identities-list'),
+ old = this.env[sname].identity;
+
+ this.env[sname].identity = this.calendar_folder_delegator(folder, type);
+
+ // change organizer identity in identity selector
+ if (select.length && old != this.env[sname].identity) {
+ var id = this.env[sname].identity.identity_id || select.find('option').first().val();
+ select.val(id).change();
+ }
+};
+
+// modify default identity of the user
+rcube_webmail.prototype.calendar_identity_init = function(type)
+{
+ var identity = this.env[type + '_settings'].identity,
+ emails = identity.emails.split(';');
+
+ // remove delegators' emails from list of emails of the current user
+ emails = $.map(emails, function(v) {
+ for (var n in rcmail.env.delegators) {
+ if (rcmail.env.delegators[n].emails.indexOf(';' + v) > -1) {
+ return null;
+ }
+ return v;
+ }
+ });
+
+ identity.emails = emails.join(';');
+ this.env.original_identity = identity;
+};
diff --git a/plugins/kolab/kolab.php b/plugins/kolab/kolab.php
new file mode 100644
--- /dev/null
+++ b/plugins/kolab/kolab.php
@@ -0,0 +1,79 @@
+<?php
+
+/*
+ * Kolab integration plugin for Roundcube webmail.
+ *
+ * @author Aleksander Machniak <machniak@apheleia-it.ch>
+ *
+ * Copyright (C) Apheleia IT AG <contact@apheleia-it.ch>
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+class kolab extends rcube_plugin
+{
+ // all task excluding 'login' and 'logout'
+ public $task = '?(?!login|logout).*';
+
+ private $features = [
+ 'Kolab\Addresses',
+ // 'Kolab\Contacts', // global addressbook
+ 'Kolab\Delegation',
+ 'Kolab\Users',
+ ];
+
+ /**
+ * Plugin initialization
+ */
+ public function init()
+ {
+ // register autoloader for included classes
+ spl_autoload_register([$this, 'autoloader']);
+
+ $this->add_hook('ready', [$this, 'readyHook']);
+
+ // Load features and let them do the whole work
+ foreach ($this->features as $feature_class) {
+ $feature = new $feature_class($this);
+ $feature->init();
+ }
+ }
+
+ /**
+ * PHP5 autoloader routine for dynamic class loading
+ */
+ public function autoloader(string $classname): bool
+ {
+ if (str_starts_with($classname, "Kolab\\")) {
+ $classname = str_replace("\\", '/', $classname);
+ $filepath = "{$this->home}/{$classname}.php";
+
+ if (is_readable($filepath)) {
+ include_once $filepath;
+ return true;
+ }
+ }
+
+ return false;
+ }
+
+ /**
+ * Handler for 'ready' hook
+ */
+ public function readyHook($p)
+ {
+ // Read the plugin config, we try to not do this in init()
+ $this->load_config();
+ }
+}

File Metadata

Mime Type
text/plain
Expires
Sat, Apr 4, 11:45 PM (15 h, 49 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
18831611
Default Alt Text
D5199.1775346341.diff (70 KB)

Event Timeline