security_options.rb 2.4 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677
  1. # Copyright (C) 2012-2024 Zammad Foundation, https://zammad-foundation.org/
  2. class SecureMailing::SMIME::SecurityOptions < SecureMailing::Backend::HandlerSecurityOptions
  3. def type
  4. 'S/MIME'
  5. end
  6. private
  7. def sign_security_options_status_default_message
  8. __('There was no certificate found.')
  9. end
  10. def config
  11. Setting.get('smime_config')
  12. end
  13. def group_has_valid_secure_objects?(signing_result, group_email)
  14. begin
  15. cert = SMIMECertificate.find_by_email_address(from(group_email), filter: { key: 'private', usage: :signature, ignore_usable: true }).first
  16. return certificate_valid?(signing_result, cert, group_email)
  17. rescue => e
  18. signing_result.message = e.message
  19. end
  20. false
  21. end
  22. def certificate_valid?(signing_result, cert, email)
  23. result = false
  24. if cert
  25. result = cert.parsed.usable?
  26. signing_result.message = if cert.parsed.usable?
  27. __('The certificate for %s was found.')
  28. else
  29. __('The certificate for %s was found, but it is not valid yet or has expired.')
  30. end
  31. else
  32. signing_result.message = __('The certificate for %s was not found.')
  33. end
  34. signing_result.message_placeholders = [email]
  35. result
  36. end
  37. def recipients_have_valid_secure_objects?(encryption_result, recipients)
  38. certs = SMIMECertificate.find_for_multiple_email_addresses!(recipients, filter: { key: 'public', usage: :encryption, ignore_usable: true }, blame: true)
  39. certificates_valid?(encryption_result, certs, recipients)
  40. rescue => e
  41. encryption_result.message = e.message
  42. false
  43. end
  44. def certificates_valid?(encryption_result, certs, recipients)
  45. result = false
  46. if certs
  47. result = certs.none? { |cert| !cert.parsed.usable? }
  48. encryption_result.message = if certs.any? { |cert| !cert.parsed.usable? }
  49. __('There were certificates found for %s, but at least one of them is not valid yet or has expired.')
  50. else
  51. __('The certificates for %s were found.')
  52. end
  53. encryption_result.message_placeholders = [recipients.join(', ')]
  54. else
  55. encryption_result.message = __('The certificates for %s were not found.')
  56. end
  57. result
  58. end
  59. end