From d41869b9f0eed0f9088f13f45807e523dd4012ab Mon Sep 17 00:00:00 2001 From: Tom Mitchell Date: Fri, 10 Mar 2017 13:42:05 -0500 Subject: [PATCH 01/11] Send email from configured address Honor $portal_from_email in km send email page, used when a user asserts their own email address. --- kmtool/www/kmtool/kmsendemail.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/kmtool/www/kmtool/kmsendemail.php b/kmtool/www/kmtool/kmsendemail.php index 3e0e5c66..d8773eaf 100644 --- a/kmtool/www/kmtool/kmsendemail.php +++ b/kmtool/www/kmtool/kmsendemail.php @@ -153,12 +153,14 @@ function get_user_conf_email_body($confirm_url) { // Note that we BCC portal admins function send_user_confirmation_email($user_email, $confirm_url) { global $portal_help_email; + global $portal_from_email; $subject = "GENI Account Email Confirmation"; $body = get_user_conf_email_body($confirm_url); - $headers = "Reply-To: $portal_help_email"; + $headers = "From: \"The GENI Portal\" <$portal_from_email>\r\n"; + $headers .= "Reply-To: $portal_help_email"; $headers .= "\r\nContent-Type: text/plain; charset=UTF-8"; $headers .= "\r\nContent-Transfer-Encoding: 8bit"; - return mail($user_email, $subject, $body, $headers); + return mail($user_email, $subject, $body, $headers, "-f $portal_from_email"); } // Main body From a7f6bad8f8955845b2253c4c1b5d294ea1f1b7d5 Mon Sep 17 00:00:00 2001 From: Tom Mitchell Date: Fri, 10 Mar 2017 13:56:59 -0500 Subject: [PATCH 02/11] Remove trailing whitespace --- lib/php/user.php | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/lib/php/user.php b/lib/php/user.php index 8f367034..206a0f73 100644 --- a/lib/php/user.php +++ b/lib/php/user.php @@ -111,7 +111,7 @@ function init_from_member($member) { } // If we haven't re-read the permissions in this many seconds, re-read - // const STALE_PERMISSION_MANAGER_THRESHOLD_SEC = 30; + // const STALE_PERMISSION_MANAGER_THRESHOLD_SEC = 30; // MSB : Disable the permission manager cache: it is ALWAYS stale const STALE_PERMISSION_MANAGER_THRESHOLD_SEC = -1; @@ -164,7 +164,7 @@ function url() { return null; } } - + // Produce a pretty email name/address for sending like '"My Name" ' function prettyEmailAddress() { return sprintf('"%s" <%s>', $this->prettyName(), @@ -190,7 +190,7 @@ function prettyName() { } } - // Is given permission (function/method/action) allowed in given + // Is given permission (function/method/action) allowed in given // context_type/context_id for given user? function isAllowed($permission, $context_type, $context_id) { @@ -215,10 +215,10 @@ function isAllowed($permission, $context_type, $context_id) // error_log("PMT = " . $permission_manager_timestamp . " " . $now); if ( - ($permission_manager == null) || + ($permission_manager == null) || ($permission_manager_account_id != $this->account_id) || ($now - $permission_manager_timestamp > GeniUser::STALE_PERMISSION_MANAGER_THRESHOLD_SEC) - ) + ) { // error_log("PM = " . $permission_manager . ", " . $this->account_id . ", " . $permission_manager_account_id); // error_log("PMT = " . $permission_manager_timestamp . " " . $now); @@ -228,8 +228,8 @@ function isAllowed($permission, $context_type, $context_id) $permission_manager = get_permissions($cs_url, $this, $this->account_id); $permission_manager_timestamp = $now; $permission_manager_account_id = $this->account_id; - // error_log("Refreshing permission manager " . $permission_manager_timestamp . " " - // . $permission_manager_account_id . " " + // error_log("Refreshing permission manager " . $permission_manager_timestamp . " " + // . $permission_manager_account_id . " " // . print_r($permission_manager, true)); $_SESSION[PERMISSION_MANAGER_TAG] = $permission_manager; $_SESSION[PERMISSION_MANAGER_TIMESTAMP_TAG] = $now; @@ -506,9 +506,9 @@ function geni_loadUser() $user = geni_load_user_by_eppn($eppn, $sfcred); // Non-operators can't use the portal while in maintenance: they go to the 'Maintenance" page - if ($in_maintenance_mode && - !$user->isAllowed(CS_ACTION::ADMINISTER_MEMBERS, CS_CONTEXT_TYPE::MEMBER, - null)) + if ($in_maintenance_mode && + !$user->isAllowed(CS_ACTION::ADMINISTER_MEMBERS, CS_CONTEXT_TYPE::MEMBER, + null)) { error_log($user->prettyName() . " tried to access portal during maintenance"); relative_redirect("maintenance_redirect_page.php"); From 9bf3cff1ead9f149b2a5237960bf84ee0c8c56ec Mon Sep 17 00:00:00 2001 From: Tom Mitchell Date: Fri, 10 Mar 2017 14:06:34 -0500 Subject: [PATCH 03/11] Send email from configured address Honor $portal_from_email on insufficient attribute email to admins. --- lib/php/user.php | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/lib/php/user.php b/lib/php/user.php index 206a0f73..05b11803 100644 --- a/lib/php/user.php +++ b/lib/php/user.php @@ -422,6 +422,8 @@ function send_attribute_fail_email() { // From /etc/geni-ch/settings.php global $portal_admin_email; + global $portal_from_email; + global $portal_help_email; $server_host = $_SERVER['SERVER_NAME']; $body = "An access attempt on $server_host failed"; if (array_key_exists("Shib-Identity-Provider", $_SERVER)) { @@ -435,10 +437,13 @@ function send_attribute_fail_email() foreach ($array as $var => $value) { $body .= "$var = $value\n"; } - $headers = "Content-Type: text/plain; charset=UTF-8\r\nContent-Transfer-Encoding: 8bit"; + $headers = "From: \"The GENI Portal\" <$portal_from_email>"; + $headers .= "\r\nReply-To: $portal_help_email"; + $headers .= "\r\nContent-Type: text/plain; charset=UTF-8"; + $headers .= "\r\nContent-Transfer-Encoding: 8bit"; mail($portal_admin_email, "Portal access failure on $server_host", - $body, $headers); + $body, $headers, "-f $portal_from_email"); } function geni_load_user_by_eppn($eppn, $sfcred) From 1fabbff0aa8b21f9f86a055b29a45acb9edac728 Mon Sep 17 00:00:00 2001 From: Tom Mitchell Date: Fri, 10 Mar 2017 14:49:24 -0500 Subject: [PATCH 04/11] Remove trailing whitespace --- portal/www/portal/do-handle-lead-request.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/portal/www/portal/do-handle-lead-request.php b/portal/www/portal/do-handle-lead-request.php index e6e071a5..33c514e3 100644 --- a/portal/www/portal/do-handle-lead-request.php +++ b/portal/www/portal/do-handle-lead-request.php @@ -39,7 +39,7 @@ exit(); } -// Handle the HTTP request to figure out which LEAD request we're dealing with +// Handle the HTTP request to figure out which LEAD request we're dealing with if (array_key_exists('request_id', $_REQUEST) && array_key_exists('new_status', $_REQUEST) && array_key_exists('user_uid', $_REQUEST)) { $request_id = $_REQUEST['request_id']; $new_status = $_REQUEST['new_status']; @@ -60,7 +60,7 @@ } // Update the lead_request db row identified by $request_id with $new_note -function add_request_note($request_id, $new_note) +function add_request_note($request_id, $new_note) { $conn = portal_conn(); $sql = "UPDATE lead_request set " @@ -76,9 +76,9 @@ function add_request_note($request_id, $new_note) } } -// Update the lead_request db row identified by $request_id with $new_status, +// Update the lead_request db row identified by $request_id with $new_status, // $approver, $user_uid, and $reason -function handle_lead_request($request_id, $new_status, $approver, $user_uid, $reason, $signer) +function handle_lead_request($request_id, $new_status, $approver, $user_uid, $reason, $signer) { $ma_url = get_first_service_of_type(SR_SERVICE_TYPE::MEMBER_AUTHORITY); $conn = portal_conn(); @@ -106,7 +106,7 @@ function handle_lead_request($request_id, $new_status, $approver, $user_uid, $re } // Send email to admins about the fact that $new_lead was approved because of $reason -function send_approved_mail($new_lead, $reason, $approver) +function send_approved_mail($new_lead, $reason, $approver) { global $portal_admin_email; $pretty_name = $new_lead->prettyName(); From 9c11e43d55fa492a6e75333a905c4d55472b2dbb Mon Sep 17 00:00:00 2001 From: Tom Mitchell Date: Fri, 10 Mar 2017 14:57:00 -0500 Subject: [PATCH 05/11] Send email from configured address Honor $portal_from_email when sending notification to admins that a new project lead has been approved. --- portal/www/portal/do-handle-lead-request.php | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/portal/www/portal/do-handle-lead-request.php b/portal/www/portal/do-handle-lead-request.php index 33c514e3..30ae0480 100644 --- a/portal/www/portal/do-handle-lead-request.php +++ b/portal/www/portal/do-handle-lead-request.php @@ -109,6 +109,8 @@ function handle_lead_request($request_id, $new_status, $approver, $user_uid, $re function send_approved_mail($new_lead, $reason, $approver) { global $portal_admin_email; + global $portal_help_email; + global $portal_from_email; $pretty_name = $new_lead->prettyName(); $body = "$pretty_name approved to be project lead by $approver. \r\n"; $body .= "Approved because: " . $reason . "\r\n"; @@ -116,11 +118,13 @@ function send_approved_mail($new_lead, $reason, $approver) $body .= "Their email: " . $new_lead->email() . "\r\n"; $body .= "Their reason: " . $new_lead->reason() . "\r\n"; $body .= "Their link: " . $new_lead->url() . "\r\n"; - $headers = "Content-Type: text/plain; charset=UTF-8\r\n"; + $headers = "From: \"The GENI Portal\" <$portal_from_email>\r\n"; + $headers .= "Reply-To: $portal_help_email\r\n"; + $headers .= "Content-Type: text/plain; charset=UTF-8\r\n"; $headers .= "Content-Transfer-Encoding: 8bit\r\n"; $to = $portal_admin_email; $subject = "Approved project lead request"; - mail($to, $subject, $body, $headers); + mail($to, $subject, $body, $headers, "-f $portal_from_email"); } ?> From a3bdf2042014421a6a2ab7f05f0d3ab4af4ded68 Mon Sep 17 00:00:00 2001 From: Tom Mitchell Date: Fri, 10 Mar 2017 17:14:18 -0500 Subject: [PATCH 06/11] Remove trailing whitespace --- portal/www/portal/do-handle-project-request.php | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/portal/www/portal/do-handle-project-request.php b/portal/www/portal/do-handle-project-request.php index 4d557783..12da6891 100644 --- a/portal/www/portal/do-handle-project-request.php +++ b/portal/www/portal/do-handle-project-request.php @@ -34,7 +34,7 @@ // Check the selections from the handle-project-request are valid -// If so, add the approved members, resolve the requests and +// If so, add the approved members, resolve the requests and // send emails (positive or negative) to the requestors. @@ -173,11 +173,11 @@ $resolution_status_label = "approved (see " . relative_url("project.php?project_id=".$project_id) . ")"; $resolution_description = ""; $email_subject = "Request to join GENI project $project_name"; - // $email_subject = "GENI Request " . print_r($request_id, true) . + // $email_subject = "GENI Request " . print_r($request_id, true) . // " to join project " . $project_name; if ($role <= 0) { // This is a 'do not add' selection - // Send rejection letter + // Send rejection letter // FIXME: Allow custom deny letter $num_members_rejected = $num_members_rejected + 1; $resolution_description = "Request rejected"; @@ -199,7 +199,7 @@ } } // This is an 'add' selection - // Add member + // Add member add_project_member($sa_url, $user, $project_id, $member_id, $role); // I _believe_ we'll have been redirected to the error page if the add fails @@ -215,7 +215,7 @@ // Send acceptance/rejection letter $hostname = $_SERVER['SERVER_NAME']; - $email_message = "Your request to join GENI project " . $project_name . + $email_message = "Your request to join GENI project " . $project_name . " has been " . $resolution_status_label . " by " . $user->prettyName() . ".\n\n"; if (isset($reason) && $reason != '') { $email_message = $email_message . " @@ -230,9 +230,8 @@ } // end of loop over rows to process -$_SESSION['lastmessage'] = "Added $num_members_added members; Rejected $num_members_rejected members"; +$_SESSION['lastmessage'] = "Added $num_members_added members; Rejected $num_members_rejected members"; -relative_redirect("project.php?project_id=".$project_id); +relative_redirect("project.php?project_id=".$project_id); ?> - From e1f43e2369732597324bef2286d76caee35e2fd4 Mon Sep 17 00:00:00 2001 From: Tom Mitchell Date: Fri, 10 Mar 2017 17:25:55 -0500 Subject: [PATCH 07/11] Send email from configured address Honor $portal_from_email when sending notification to a user that their project join request has been processed. --- portal/www/portal/do-handle-project-request.php | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/portal/www/portal/do-handle-project-request.php b/portal/www/portal/do-handle-project-request.php index 12da6891..75d42b6f 100644 --- a/portal/www/portal/do-handle-project-request.php +++ b/portal/www/portal/do-handle-project-request.php @@ -225,8 +225,13 @@ } $email_message = $email_message . "GENI Portal Operations"; - $headers = "Cc: " . $user->prettyEmailAddress() . "\r\nContent-Type: text/plain; charset=UTF-8\r\nContent-Transfer-Encoding: 8bit"; - mail($email_address, $email_subject, $email_message,$headers); + $headers = "From: \"The GENI Portal\" <$portal_from_email>\r\n"; + $headers .= "Cc: " . $user->prettyEmailAddress() . "\r\n"; + $headers .= "Reply-To: $portal_help_email\r\n"; + $headers .= "Content-Type: text/plain; charset=UTF-8\r\n"; + $headers .= "Content-Transfer-Encoding: 8bit\r\n"; + mail($email_address, $email_subject, $email_message, $headers, + "-f $portal_from_email"); } // end of loop over rows to process From bc1f92901e2cc44648fa60aa577886558718c863 Mon Sep 17 00:00:00 2001 From: Tom Mitchell Date: Fri, 10 Mar 2017 17:49:22 -0500 Subject: [PATCH 08/11] Send email from configured address Honor $portal_from_email when sending account change and project lead request emails. --- portal/www/portal/do-modify.php | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/portal/www/portal/do-modify.php b/portal/www/portal/do-modify.php index e90cf1cf..e1f2bc3c 100644 --- a/portal/www/portal/do-modify.php +++ b/portal/www/portal/do-modify.php @@ -170,7 +170,12 @@ function store_lead_request($urn, $uuid, $eppn) { $body .= "(Duplicate request)"; } - mail($portal_admin_email, $subject, $body); + $headers = "From: \"The GENI Portal\" <$portal_from_email>\r\n"; + $headers .= "Reply-To: $portal_help_email\r\n"; + $headers .= "Content-Type: text/plain; charset=UTF-8\r\n"; + $headers .= "Content-Transfer-Encoding: 8bit\r\n"; + + mail($portal_admin_email, $subject, $body, $headers, "-f $portal_from_email"); } // Now email them to say we got their lead request (if this is a new request) @@ -190,14 +195,15 @@ function store_lead_request($urn, $uuid, $eppn) { $body .= "GENI Experimenter Support\n"; $body .= "help@geni.net\n"; - $headers = "Reply-To: help@geni.net\r\n"; + $headers = "From: \"The GENI Portal\" <$portal_from_email>\r\n"; + $headers .= "Reply-To: $portal_help_email\r\n"; $headers .= "Bcc: $portal_admin_email\r\n"; $headers .= "Content-Type: text/plain; charset=UTF-8\r\n"; $headers .= "Content-Transfer-Encoding: 8bit\r\n"; $to = $user->prettyEmailAddress(); $subject = "Your GENI Project Lead request has been received"; - mail($to, $subject, $body, $headers); + mail($to, $subject, $body, $headers, "-f $portal_from_email"); } /* @@ -237,7 +243,13 @@ function note_change($field, $new, $old) { if ($req_name !== $user->prettyName()) { $subject = "GENI name change posted"; } - mail($portal_admin_email, $subject, $body); + + $headers = "From: \"The GENI Portal\" <$portal_from_email>\r\n"; + $headers .= "Reply-To: $portal_help_email\r\n"; + $headers .= "Content-Type: text/plain; charset=UTF-8\r\n"; + $headers .= "Content-Transfer-Encoding: 8bit\r\n"; + + mail($portal_admin_email, $subject, $body, $headers, "-f $portal_from_email"); } /* From b5f3ca0d9f963a98014e1e366395392d1544ef60 Mon Sep 17 00:00:00 2001 From: Tom Mitchell Date: Fri, 10 Mar 2017 17:54:54 -0500 Subject: [PATCH 09/11] Add envelope sender argument to join request email --- portal/www/portal/join-this-project.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/portal/www/portal/join-this-project.php b/portal/www/portal/join-this-project.php index aaed62ff..cdb75bd5 100644 --- a/portal/www/portal/join-this-project.php +++ b/portal/www/portal/join-this-project.php @@ -186,7 +186,7 @@ mail($lead->prettyEmailAddress(), "Request to Join GENI project $project_name", - $message, $headers); + $message, $headers, "-f $portal_from_email"); // We could supply the -f arg to make bounces go back to this portal user, // but we probably want to know if the lead's email address is bouncing. From aaf224c7166e51b3fe7e2f078765abf6192f59a9 Mon Sep 17 00:00:00 2001 From: Tom Mitchell Date: Fri, 10 Mar 2017 17:58:12 -0500 Subject: [PATCH 10/11] Add envelope sender argument to bug report email --- portal/www/portal/send_bug_report.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/portal/www/portal/send_bug_report.php b/portal/www/portal/send_bug_report.php index 0cd1c23e..48e10626 100644 --- a/portal/www/portal/send_bug_report.php +++ b/portal/www/portal/send_bug_report.php @@ -283,7 +283,8 @@ function send_bug_report($user, $invocation_user, $invocation_id, $to, $cc, $cus $message .= "\r\n"; $message .= "--PHP-mixed-$boundary_string--\r\n"; - $retVal = mail($to, $subject, $message, implode("\r\n", $headers)); + $retVal = mail($to, $subject, $message, implode("\r\n", $headers), + "-f $portal_from_email"); if($retVal) { if($cc) { From 68d7ff30d9e12452806e2bb533ae23ccbfdde0f4 Mon Sep 17 00:00:00 2001 From: Tom Mitchell Date: Fri, 10 Mar 2017 18:02:39 -0500 Subject: [PATCH 11/11] Note consistent use of configured from address in email --- CHANGES.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGES.md b/CHANGES.md index 12b88969..ab44ddb2 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -4,6 +4,8 @@ ## Changes +* Use configured from address in all portal emails + ([#1777](https://github.com/GENI-NSF/geni-portal/issues/1777)) * Support migrating accounts from GPO IdP to NCSA IdP ([#1786](https://github.com/GENI-NSF/geni-portal/issues/1786))