Small fixes

.scrutinizer.yml

@@ -1,16 +0,0 @@
-filter:
-    path:
-        - 'rainloop-webmail/rainloop/v/0.0.0/app/libraries/MailSo/*'
-        - 'rainloop-webmail/rainloop/v/0.0.0/app/libraries/RainLoop/*'
-        - 'dev/*'
-        - '/*.js'
-    excluded_paths:
-        - '*.min.js'
-        - '*/min/*'
-        - '*.min.css'
-        - 'vendors/*'
-        - 'build/*'
-        - 'data/*'
-checks:
-    javascript: true
-    php: true

build/plugin.xml

@@ -1,122 +0,0 @@
-<project name="Build" basedir=".">
-
-	<property name="INDEX_ROOT" value=".." />
-	<property name="DIST_PATH" value="dist" />
-	<property name="DIST_PLUGINS_PATH" value="dist/plugins" />
-	<property name="GUID" value="tmp" />
-
-	<target name="_pre_">
-		<mkdir dir="${DIST_PATH}" />
-		<mkdir dir="${DIST_PLUGINS_PATH}" />
-	</target>
-
-	<target name="_build_plugin_" depends="_pre_">
-
-		<loadfile property="plugin-version" srcfile="${INDEX_ROOT}/plugins/${plugin-name}/VERSION" />
-
-		<mkdir dir="${DIST_PLUGINS_PATH}/${plugin-name}-${plugin-version}-${GUID}" />
-		<mkdir dir="${DIST_PLUGINS_PATH}/${plugin-name}-${plugin-version}-${GUID}/${plugin-name}" />
-
-		<copy todir="${DIST_PLUGINS_PATH}/${plugin-name}-${plugin-version}-${GUID}/${plugin-name}">
-			<fileset dir="${INDEX_ROOT}/plugins/${plugin-name}" />
-		</copy>
-
-		<zip destfile="${DIST_PLUGINS_PATH}/${plugin-name}-${plugin-version}.zip"
-			basedir="${DIST_PLUGINS_PATH}/${plugin-name}-${plugin-version}-${GUID}" update="true" />
-
-		<delete dir="${DIST_PLUGINS_PATH}/${plugin-name}-${plugin-version}-${GUID}" />
-
-	</target>
-
-	<target name="add-x-originating-ip-header">
-		<antcall target="_build_plugin_">
-			<param name="plugin-name" value="add-x-originating-ip-header"/>
-		</antcall>
-	</target>
-	<target name="google-analytics">
-		<antcall target="_build_plugin_">
-			<param name="plugin-name" value="google-analytics"/>
-		</antcall>
-	</target>
-	<target name="piwik-analytics">
-		<antcall target="_build_plugin_">
-			<param name="plugin-name" value="piwik-analytics"/>
-		</antcall>
-	</target>
-	<target name="convert-headers-styles">
-		<antcall target="_build_plugin_">
-			<param name="plugin-name" value="convert-headers-styles"/>
-		</antcall>
-	</target>
-	<target name="recaptcha">
-		<antcall target="_build_plugin_">
-			<param name="plugin-name" value="recaptcha"/>
-		</antcall>
-	</target>
-	<target name="cpanel-change-password">
-		<antcall target="_build_plugin_">
-			<param name="plugin-name" value="cpanel-change-password"/>
-		</antcall>
-	</target>
-	<target name="directadmin-change-password">
-		<antcall target="_build_plugin_">
-			<param name="plugin-name" value="directadmin-change-password"/>
-		</antcall>
-	</target>
-	<target name="ispconfig-change-password">
-		<antcall target="_build_plugin_">
-			<param name="plugin-name" value="ispconfig-change-password"/>
-		</antcall>
-	</target>
-	<target name="poppassd-change-password">
-		<antcall target="_build_plugin_">
-			<param name="plugin-name" value="poppassd-change-password"/>
-		</antcall>
-	</target>
-	<target name="hmailserver-change-password">
-		<antcall target="_build_plugin_">
-			<param name="plugin-name" value="hmailserver-change-password"/>
-		</antcall>
-	</target>
-	<target name="ldap-change-password">
-		<antcall target="_build_plugin_">
-			<param name="plugin-name" value="ldap-change-password"/>
-		</antcall>
-	</target>
-	<target name="ldap-contacts-suggestions">
-		<antcall target="_build_plugin_">
-			<param name="plugin-name" value="ldap-contacts-suggestions"/>
-		</antcall>
-	</target>
-	<target name="snowfall-on-login-screen">
-		<antcall target="_build_plugin_">
-			<param name="plugin-name" value="snowfall-on-login-screen"/>
-		</antcall>
-	</target>
-	<target name="black-list">
-		<antcall target="_build_plugin_">
-			<param name="plugin-name" value="black-list"/>
-		</antcall>
-	</target>
-	<target name="white-list">
-		<antcall target="_build_plugin_">
-			<param name="plugin-name" value="white-list"/>
-		</antcall>
-	</target>
-	<target name="override-smtp-credentials">
-		<antcall target="_build_plugin_">
-			<param name="plugin-name" value="override-smtp-credentials"/>
-		</antcall>
-	</target>
-	<target name="custom-login-mapping">
-		<antcall target="_build_plugin_">
-			<param name="plugin-name" value="custom-login-mapping"/>
-		</antcall>
-	</target>
-	<target name="video-on-login-screen">
-		<antcall target="_build_plugin_">
-			<param name="plugin-name" value="video-on-login-screen"/>
-		</antcall>
-	</target>
-
-</project>

build/rsa.php

@@ -1,13 +0,0 @@
-<?php
-
-if (!\class_exists('Crypt_RSA'))
-{
-	\set_include_path(\get_include_path().PATH_SEPARATOR.\dirname(__FILE__).'/../rainloop/v/0.0.0/app/libraries/phpseclib');
-	include_once 'Crypt/RSA.php';
-	\defined('CRYPT_RSA_MODE') || \define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_INTERNAL);
-}
-
-$rsa = new Crypt_RSA();
-$key = $rsa->createKey(1024);
-
-var_dump($key);

build/test_ssl_connection.php

@@ -0,0 +1,30 @@
+<?php
+
+// simple connection test
+
+$host = 'imap.gmail.com';
+$port = 993;
+
+echo $host.':'.$port;
+
+$streamContextSettings = array(
+	'ssl' => array(
+		'verify_host' => true,
+		'verify_peer' => true,
+		'verify_peer_name' => true,
+		'allow_self_signed' => false
+	)
+);
+
+$streamContext = stream_context_create($streamContextSettings);
+
+$errorStr = '';
+$errorNo = 0;
+
+$connection = stream_socket_client($host.':'.$port, $errorNo, $errorStr, 5, STREAM_CLIENT_CONNECT, $streamContext);
+if (is_resource($connection)) {
+	echo ' = OK';
+	fclose($connection);
+} else {
+	echo ' = ERROR ([#'.$errorNo.'] '.$errorStr.')';
+}

dev/Settings/Admin/General.js

@@ -44,6 +44,8 @@ class GeneralAdminSettings
 		this.weakPassword = AppAdminStore.weakPassword;
 		this.newMoveToFolder = AppAdminStore.newMoveToFolder;
 
+		this.dataFolderAccess = AppAdminStore.dataFolderAccess;
+
 		this.mainAttachmentLimit = ko.observable(pInt(settingsGet('AttachmentLimit')) / (Magics.BitLength1024 * Magics.BitLength1024)).extend({posInterer: 25});
 
 		this.uploadData = settingsGet('PhpUploadSizes');

dev/Stores/Admin/App.js

@@ -13,6 +13,8 @@ class AppAdminStore extends AbstractAppStore
 
 		this.weakPassword = ko.observable(false);
 		this.useLocalProxyForExternalImages = ko.observable(false);
+
+		this.dataFolderAccess = ko.observable(false);
 	}
 
 	populate() {
@@ -23,6 +25,14 @@ class AppAdminStore extends AbstractAppStore
 
 		this.weakPassword(!!settingsGet('WeakPassword'));
 		this.useLocalProxyForExternalImages(!!settingsGet('UseLocalProxyForExternalImages'));
+
+		if (settingsGet('Auth')) {
+			this.checkDataFolder();
+		}
+	}
+
+	checkDataFolder() {
+		$.get('./data/VERSION?' + window.Math.random()).then((value) => this.dataFolderAccess(true));
 	}
 }
 

gulpfile.js

@@ -577,6 +577,36 @@ gulp.task('rainloop:owncloud:copy-dist', ['rainloop:owncloud:shortname'], functi
 	});
 });
 
+gulp.task('plugins:build', [], function() {
+
+	var name = argv.name || '';
+	if (true === name || !name) {
+		throw new Error('Empty name parameter');
+	}
+
+	var
+		source = 'plugins/' + name,
+		vesrion = fs.readFileSync(source + '/VERSION', 'utf8')
+	;
+
+	cfg.destPath = 'build/dist/plugins/';
+	cfg.zipFile = name + '-' + vesrion + '.zip';
+
+	fs.mkdirSync(cfg.destPath, '0777', true);
+
+	return gulp.src(source + '/**/*', {base: source})
+		.pipe(require('gulp-zip')(cfg.zipFile))
+		.pipe(gulp.dest(cfg.destPath));
+});
+
+gulp.task('plugins:build:copy-dist', ['plugins:build'], function(callback) {
+	var newPath = cfg.destPath.replace('build/dist/plugins', 'dist/plugins');
+	fs.mkdirSync(newPath, '0777', true);
+	copyFile(cfg.destPath + cfg.zipFile, newPath + cfg.zipFile, callback);
+});
+
+gulp.task('plugins:build:docker', ['plugins:build', 'plugins:build:copy-dist']);
+
 // main
 gulp.task('moment', ['moment:locales']);
 gulp.task('js', ['js:libs', 'js:min', 'js:validate']);
@@ -627,3 +657,6 @@ gulp.task('v', ['js:validate']);
 
 gulp.task('b', ['build']);
 gulp.task('o', ['owncloud']);
+
+gulp.task('p', ['plugins:build']);
+gulp.task('p:d', ['plugins:build:docker']);

rainloop/v/0.0.0/app/.htaccess

@@ -1,19 +1,9 @@
-<IfModule mod_version.c>
+<ifModule mod_authz_core.c>
-<IfVersion < 2.4>
+    Require all denied
-Deny from All
+</ifModule>
-</IfVersion>
+<ifModule !mod_authz_core.c>
-<IfVersion >= 2.4>
+    Deny from all
-Require all denied
+</ifModule>
-</IfVersion>
+<IfModule mod_autoindex.c>
-</IfModule>
+	Options -Indexes
-<IfModule !mod_version.c>
-<IfModule !mod_authz_core.c>
-Deny from all
-</IfModule>
-<IfModule mod_authz_core.c>
-Require all denied
-</IfModule>
-</IfModule>
-<IfModule mod_autoindex.c>
-Options -Indexes
 </ifModule>

rainloop/v/0.0.0/app/libraries/RainLoop/Config/Application.php

@@ -383,7 +383,7 @@ Enables caching in the system'),
 				'allow_prefetch' => array(true),
 				'allow_smart_html_links' => array(true),
 				'cache_system_data' => array(true),
-				'date_from_headers' => array(false),
+				'date_from_headers' => array(true),
 				'autocreate_system_folders' => array(true),
 				'allow_message_append' => array(false),
 				'disable_iconv_if_mbstring_supported' => array(false),
@@ -391,7 +391,7 @@ Enables caching in the system'),
 				'log_ajax_response_write_limit' => array(300),
 				'allow_html_editor_source_button' => array(false),
 				'allow_html_editor_biti_buttons' => array(false),
-				'allow_ctrl_enter_on_compose' => array(false),
+				'allow_ctrl_enter_on_compose' => array(true),
 				'try_to_detect_hidden_images' => array(false),
 				'hide_dangerous_actions' => array(false),
 				'use_app_debug_js' => array(false),

rainloop/v/0.0.0/app/localization/admin/_source.en.yml

@@ -35,6 +35,7 @@ en:
     LABEL_ALLOW_IDENTITIES: "Allow multiple identities"
     LABEL_ALLOW_TEMPLATES: "Allow templates"
     ALERT_WARNING: "Warning!"
+    ALERT_DATA_ACCESS: "RainLoop data folder is accessible. Please configure your web server to hide the data folder from external access. Read more here:"
     HTML_ALERT_WEAK_PASSWORD: |
       You are using the default admin password.
       <br />

rainloop/v/0.0.0/app/templates/Views/Admin/AdminSettingsGeneral.html

@@ -1,11 +1,20 @@
 <div class="b-admin-general">
 	<div class="row" data-bind="visible: weakPassword">
-		<div class="alert alert-error span8" style="margin-top: 10px;">
+		<div class="alert alert-warning span8" style="margin-top: 10px;">
 			<h4 data-i18n="TAB_GENERAL/ALERT_WARNING"></h4>
 			<br />
 			<div data-i18n="[html]TAB_GENERAL/HTML_ALERT_WEAK_PASSWORD"></div>
 		</div>
 	</div>
+	<div class="row" data-bind="visible: dataFolderAccess">
+		<div class="alert alert-error span8" style="margin-top: 10px;">
+			<h4 data-i18n="TAB_GENERAL/ALERT_WARNING"></h4>
+			<br />
+			<span data-i18n="TAB_GENERAL/ALERT_DATA_ACCESS"></span>
+			&nbsp;
+			<strong><a href="https://rainloop.net/docs/installation/#notice">https://rainloop.net/docs/installation</a></strong>
+		</div>
+	</div>
 	<div class="form-horizontal">
 		<div class="legend i18n i18n-animation" data-i18n="TAB_GENERAL/LEGEND_INTERFACE"></div>
 		<div class="control-group" style="margin-bottom: 10px;">
@@ -13,7 +22,7 @@
 			<div class="controls">
 				<div class="flag-selector">
 					<span class="flag-wrapper">
-						<span data-bind="css: 'flag flag-' + language().toLowerCase()" style=""></span>
+						<span data-bind="css: 'flag flag-' + language().toLowerCase()"></span>
 					</span>
 					<span class="flag-name" tabindex="0" data-bind="text: languageFullName, click: selectLanguage, onSpace: selectLanguage, onEnter: selectLanguage"></span>
 					&nbsp;&nbsp;
@@ -29,7 +38,7 @@
 			<div class="controls">
 				<div class="flag-selector">
 					<span class="flag-wrapper">
-						<span data-bind="css: 'flag flag-' + languageAdmin().toLowerCase()" style=""></span>
+						<span data-bind="css: 'flag flag-' + languageAdmin().toLowerCase()"></span>
 					</span>
 					<span class="flag-name" tabindex="0" data-bind="text: languageAdminFullName, click: selectLanguageAdmin, onSpace: selectLanguageAdmin, onEnter: selectLanguageAdmin"></span>
 					&nbsp;&nbsp;

rainloop/v/0.0.0/include.php

@@ -16,8 +16,6 @@
 			define('APP_VERSION_ROOT_PATH', APP_INDEX_ROOT_PATH.'rainloop/v/'.APP_VERSION.'/');
 
 			define('APP_USE_APC_CACHE', true);
-			define('APP_DEFAULT_DENY_ALL_HTACCESS', @file_exists(APP_VERSION_ROOT_PATH.'app/.htaccess') ?
-				@file_get_contents(APP_VERSION_ROOT_PATH.'app/.htaccess') : '');
 
 			if (function_exists('date_default_timezone_set'))
 			{
@@ -151,8 +149,10 @@
 				@file_put_contents(APP_DATA_FOLDER_PATH.'VERSION', APP_VERSION);
 				@file_put_contents(APP_DATA_FOLDER_PATH.'index.html', 'Forbidden');
 				@file_put_contents(APP_DATA_FOLDER_PATH.'index.php', 'Forbidden');
-				if (0 < strlen(APP_DEFAULT_DENY_ALL_HTACCESS)) {
+
-					@file_put_contents(APP_DATA_FOLDER_PATH.'.htaccess', APP_DEFAULT_DENY_ALL_HTACCESS);
+				if (!@file_exists(APP_DATA_FOLDER_PATH.'.htaccess') && @file_exists(APP_VERSION_ROOT_PATH.'app/.htaccess'))
+				{
+					@file_put_contents(APP_DATA_FOLDER_PATH.'.htaccess', @file_get_contents(APP_VERSION_ROOT_PATH.'app/.htaccess'));
 				}
 
 				if (!@is_dir(APP_PRIVATE_DATA))