REQUEST: Allow Users to edit their own rules

Use this forum if you want to discuss a problem or ask a question related to a hMailServer beta release.
Post Reply
prisma
Senior user
Senior user
Posts: 309
Joined: 2010-07-09 13:16

REQUEST: Allow Users to edit their own rules

Post by prisma » 2018-03-02 16:09

Hello,

one design problem of the old and the new webfrontend is, that users aren't able to edit their own rules.
I assume, this is based on source code restrictions and not changeable because PHP only utilizes COM.

Anyway, then let's change the sourcecode.
If normal "Users" should be always able to edit their rules, or only if configured, or if there's a "poweruser" role in future which is able to to that, is discussable.

I know, that hMailserver's development is very slow, and it'll take years before this change could be found in a release. But I'd like to discuss it here before adding an issue to github.
Without request no change.

Cheers Greg

User avatar
jimimaseye
Moderator
Moderator
Posts: 8020
Joined: 2011-09-08 17:48

Re: REQUEST: Allow Users to edit their own rules

Post by jimimaseye » 2018-03-02 16:18

Surely having users able to maintain their own rules at hms level is the same as them putting in message rules at the client level. Also some actions available in the rules are dangerous in the wrong hands and should only be considered by a responsible administrator (such as modifying headers, creating copies and sending or moving to public folders.

How do you see the benefits of giving users this access instead of at client level (which still allows them to delete, auto respond or move to folder)?
HMS 5.6.6 B2383 on Win Server 2008 R2 Foundation, + 5.6.7-B2415 on test.
SpamassassinForWindows 3.4.0 spamd service
AV: Clamwin + Clamd service + sanesecurity defs : https://www.hmailserver.com/forum/viewtopic.php?f=21&t=26829

tunis
Normal user
Normal user
Posts: 216
Joined: 2015-01-05 20:22
Location: Sweden

Re: REQUEST: Allow Users to edit their own rules

Post by tunis » 2018-03-02 17:47

Works for me.

In the config.php file you have a setting to allow that.

Code: Select all

/*

   The rule_editing_level setting defines who should be allowed
   to edit rules. By default, only the server administrator is
   allowed to change the rules.

   You can change this setting if you want domain administrators
   or normal users to be able to edit rules. If you give end-users
   access to rule editing, you should be aware that these users
   may be able to set up rules which will cause problems on the
   server. As an example, they may be able to set up rules which
   generates endless loops of messages.

   Only give end-users or domain administrators rights to rules if
   you trust them to use it wisely.

   If you give domain administrators and end-users access to rules,
   they will only be allowed to edit account-level rules. Server wide
   rules are only accessible by the server administrator.

   Possible values:

      0 - All users on the server should be allowed access.
      1 - Domain administrators and server administrators should be
          allowed access.
      2 - Only server administrators should be allowed access.
*/

$hmail_config['rule_editing_level']	= 2;
HMS 5.6.8 B2437.17 on Windows Server 2019 Core VM.
HMS 5.6.8 B2451.21 on Windows Server 2016 Core VM.
HMS 5.6.7 B2425.16 on Windows Server 2012 R2 Core VM.

User avatar
SorenR
Senior user
Senior user
Posts: 3155
Joined: 2006-08-21 15:38
Location: Denmark

Re: REQUEST: Allow Users to edit their own rules

Post by SorenR » 2018-03-02 18:46

My users can do it in their webmail...

I found an awesome swede on GitHub that made a Roundcube plugin for editing hmailserver user rules AND ... :!: I can have webmail on 'nix and hMail on 'doze. :mrgreen:

Untitled.jpg
SørenR.

The quantum rule of insecurity which states that the act of observing how vulnerable a host or service is changes the insecurity level of the service.

tunis
Normal user
Normal user
Posts: 216
Joined: 2015-01-05 20:22
Location: Sweden

Re: REQUEST: Allow Users to edit their own rules

Post by tunis » 2018-03-02 20:36

SorenR wrote:
2018-03-02 18:46
I found an awesome swede on GitHub that made a Roundcube plugin for editing hmailserver user rules AND
It's probably my plugins on github. This are also find on roundcube plugin site.
HMS 5.6.8 B2437.17 on Windows Server 2019 Core VM.
HMS 5.6.8 B2451.21 on Windows Server 2016 Core VM.
HMS 5.6.7 B2425.16 on Windows Server 2012 R2 Core VM.

User avatar
SorenR
Senior user
Senior user
Posts: 3155
Joined: 2006-08-21 15:38
Location: Denmark

Re: REQUEST: Allow Users to edit their own rules

Post by SorenR » 2018-03-02 22:42

tunis wrote:
2018-03-02 20:36
SorenR wrote:
2018-03-02 18:46
I found an awesome swede on GitHub that made a Roundcube plugin for editing hmailserver user rules AND
It's probably my plugins on github. This are also find on roundcube plugin site.
I also use your remote password driver ;-)
SørenR.

The quantum rule of insecurity which states that the act of observing how vulnerable a host or service is changes the insecurity level of the service.

Post Reply