* Wed Sep 24 2025 Jean-Philippe Pialasse <jpp@koozali.org> 11.0.0-117.sme

- set correctly X-Forwarded-Proto for TKT auth [SME: 13175] updated CSP for smanager
delete test file
2025-09-24 15:11:06 -04:00 · 2025-09-16 18:55:08 +02:00 · 2025-09-16 18:52:26 +02:00 · 2025-09-15 11:11:20 +01:00 · 2025-09-14 11:31:59 +01:00 · 2025-09-13 15:53:19 +01:00
14 changed files with 406 additions and 340 deletions
--- a/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/27SManagerProxyPass
+++ b/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/27SManagerProxyPass
@@ -3,16 +3,14 @@

    $haveSSL = (exists ${modSSL}{status} and ${modSSL}{status} eq "enabled") ?  'yes' : 'no';
    $plainTextAccess = ${'httpd-admin'}{PermitPlainTextAccess} || 'no';
-    $plainPort = ${'httpd-e-smith'}{TCPPort} || '80';
    $adminPort2 = ${'smanager'}{TCPPort} || '982';
    $adminAccess = ${'smanager'}{access} || 'private';
-    $sslPort = ${modSSL}{TCPPort} || '443';

    $OUT = '';

    foreach $place ('smanager')
    {
-        if (($port eq $plainPort) && ($haveSSL eq 'yes') && ($plainTextAccess ne 'yes'))
+        if (($port eq $httpPort) && ($haveSSL eq 'yes') && ($plainTextAccess ne 'yes'))
        {
            $OUT .= '    RewriteCond %{REMOTE_ADDR} !^127\.0\.0\.1$' . "\n";
            $OUT .= "    RewriteRule ^/$place(/.*|\$)    https://%{HTTP_HOST}/$place\$1 [L,R]\n";
@@ -24,14 +22,18 @@
        $OUT .= "    ProxyPreserveHost On\n";
        $OUT .= "    ProxyPass /$place http://127.0.0.1:$adminPort2 keepalive=On\n";
        $OUT .= "    ProxyPassReverse /$place http://127.0.0.1:$adminPort2\n";
-        $OUT .= "    RequestHeader set X-Forwarded-Proto 'http'\n";
+        if ($port eq $httpsPort)
+        {
+            # mod_auth_tkt needs to know the protocol to write  307 redirection
+            $OUT .= "    RequestHeader set X-Forwarded-Proto \"https\"\n";
+        }

        $OUT .= "    <Location '/$place'>\n";
-        if ($port eq $plainPort)
+        if ($port eq $httpPort)
        {
            $OUT .= '        Require ip 127.0.0.1' . "\n";
        }
-        elsif (($haveSSL eq 'yes') && ($port eq $sslPort) && ($adminAccess eq 'public'))
+        elsif (($haveSSL eq 'yes') && ($port eq $httpsPort) && ($adminAccess eq 'public'))
        {
            $OUT .= "#       public access requested in conf db\n";
            $OUT .= "        Require all granted\n";
@@ -40,15 +42,25 @@
            $OUT .= "        Require ip $localAccess $externalSSLAccess\n";
        }
        # any smanager script or style added in line should be hashed and added here to run in a modern browser
-        $OUT .= "                   Header set Content-Security-Policy  \"script-src 'self' 'unsafe-eval' 'unsafe-hashes' "
-        ." 'sha256-X8Qwlk0M9iDTQZqFVpbVcThRjBqQXpwTOZCLX8I+Frk=' 'sha256-inQ04nmqTZI75Z5g/tAzjahedNugPFfrhxHyoFezFkM=' 'sha256-5IsIX+Vbow7wwy2RjR3+5X06R/0CQZPkw3OHj/228cM=' 'sha256-tfVskwioRaNsV75h89itf7FujMgIrodfs1Ea4UAJNpE=' 'sha256-P51OyslUh5bGkoWk9qY+o4Su4HuwNFoQcFCeNxF7Ms8=' ; "
+        $OUT .= "        Header set Content-Security-Policy  \"script-src 'self' 'unsafe-eval' 'unsafe-hashes' "
+        # list of hashes for script-src we accept and reference to find them
+        ." 'sha256-T5nv1LP9Xxdv7I1tsdTYprjvwoZyVEvfe8Y4TLx59pk='" # $(document).ready(function() \{    $('#tognav').click(function() 
+        ." 'sha256-TxVHbw3t1mXreukND/yBI+H+CscZDpyxPoNoBrRhmSE=' " # (function($) \{    $.fn.swapClass = function(class1, class2) 
+        ." 'sha256-30Xxu25YbRvjbQ2ngJ8EyneSz0No788PqjM9XbQh+qM=' " # ...const togglePassword...
+        ." 'sha256-5PrS/6zSCY/wROLKhAm4ymOuYsfvvScrC9Vp8FtOpxU=' " # nutups:316 window.onload = function() \{		SelectInput(); 
+        ." 'sha256-pxCVW6zyLaFSTIpOP2p4ULot8y+QsEmSEjKE54zDTWQ=' " # nutups:317 window.onload = function() \{   SelectInput();
+        #." 'sha256-X8Qwlk0M9iDTQZqFVpbVcThRjBqQXpwTOZCLX8I+Frk=' 'sha256-inQ04nmqTZI75Z5g/tAzjahedNugPFfrhxHyoFezFkM=' 'sha256-5IsIX+Vbow7wwy2RjR3+5X06R/0CQZPkw3OHj/228cM=' 'sha256-tfVskwioRaNsV75h89itf7FujMgIrodfs1Ea4UAJNpE=' 'sha256-P51OyslUh5bGkoWk9qY+o4Su4HuwNFoQcFCeNxF7Ms8=' " #need valiation if still needed
+        ." ; "
        ." style-src 'self'  'unsafe-hashes' "
-        #'sha256-EhT63KK1JBrsUM27H+5RMNifDFpVB+GXcTtavKXwCK8=' #h2l1
-        #'sha256-msdEhWmYTu7vqzGaQHDfvy6lzlDsbKkouwvN2R6Co9E=' #busy-indicator
-        #'sha256-iYwYhiMcsGmXCUzLEpEzZNz5dINrlkqf1sLbLhEcqGM=' _footer.html.ep style="position:relative;"
-        #'sha256-bOTFT8zacR4Rfja/WIKXgAQQXVaPyG3oBlvAhU4ga8g=' _usr_list style="min-width:35em"
-        #'sha256-CP93jJ1Y8nMwUoDzFbo1srdgsbADPasAc0Wjig1ahpY=' groups style="min-width:15em"
-        ." 'sha256-msdEhWmYTu7vqzGaQHDfvy6lzlDsbKkouwvN2R6Co9E=' 'sha256-iYwYhiMcsGmXCUzLEpEzZNz5dINrlkqf1sLbLhEcqGM='  'sha256-bOTFT8zacR4Rfja/WIKXgAQQXVaPyG3oBlvAhU4ga8g=' 'sha256-CP93jJ1Y8nMwUoDzFbo1srdgsbADPasAc0Wjig1ahpY=' 'sha256-EhT63KK1JBrsUM27H+5RMNifDFpVB+GXcTtavKXwCK8=' ;"
+        # list of hashes for  style-src we accept and reference to find them  
+        ." 'sha256-EhT63KK1JBrsUM27H+5RMNifDFpVB+GXcTtavKXwCK8=' " #h2l1
+        ." 'sha256-msdEhWmYTu7vqzGaQHDfvy6lzlDsbKkouwvN2R6Co9E=' " # busy-indicator
+        ." 'sha256-iYwYhiMcsGmXCUzLEpEzZNz5dINrlkqf1sLbLhEcqGM=' " # _footer.html.ep style="position:relative;"
+        ." 'sha256-bOTFT8zacR4Rfja/WIKXgAQQXVaPyG3oBlvAhU4ga8g=' " # _usr_list style="min-width:35em"
+        ." 'sha256-CP93jJ1Y8nMwUoDzFbo1srdgsbADPasAc0Wjig1ahpY=' " # groups style="min-width:15em"
+        ." 'sha256-0Mf27W7YqYYDBxV28E9yUhPk/SHgCYEyL73kR5dJkDM=' " # useraccounts:410 useraccounts:506 and useraccounts:602 style = background:pink;
+        ." 'sha256-65hozXHuXYaN7oOyWz8cFCjqLsPmy6O7++aP2PECi5M=' " # legacypanel:306 style="width:99%;height:1784px;
+        ." ;"
 	." \"\n"; 
 	$OUT .= "    </Location>\n";
        # prevent caching of manager files in browser
--- a/root/usr/share/smanager/themes/default/templates/partials/_dom_list.html.ep
+++ b/root/usr/share/smanager/themes/default/templates/partials/_dom_list.html.ep
@@ -51,73 +51,77 @@
          % my $csrf_token = "TOKEN"; # CSRF token for security
          % my $domain_name = $domain->{Domain}; # Domain name extracted from the data structure
          % my $actionModify = qq{
-            % <a href="domains2?CsrfDef=$csrf_token&trt=UPD&Domain=$domain_name">
-              % <button type='button' class='sme-modify-button' title='$modify_text' >
-                % $modify_text
-                % </button>
-              % </a>
-          % };
-        % my $removable = ( $domain->{Removable} || 'yes' );
-        % my $actionRemove = '&nbsp;';
-        % if ($removable eq 'yes') {
-          % my $remove_text = l('REMOVE'); # Localized text
-          % my $csrf_token = "TOKEN"; # CSRF token for security
-          % my $domain_name = $domain->{Domain}; # Domain name extracted from the data structure
-          % $actionRemove = qq{
-            % <a href="domains2?CsrfDef=$csrf_token&trt=DEL&Domain=$domain_name">
-              % <button type='button' class='sme-remove-button' title='$remove_text' >
-                % $remove_text
-                % </button>
-              % </a>
-          % };
-        %# $actionRemove = "<a href='domains2?CsrfDef=TOKEN&trt=DEL&Domain=" . $domain->{Domain} . "'>" . "<button class='sme-remove-button' title=".l('REMOVE').">".l('REMOVE')."</button>" . "</a>";
+            % <a href="domains2?CsrfDef=$csrf_token&trt=UPD&Domain=$domain_name"
+            % class="sme-modify-button unset ui-button ui-corner-all ui-widget ui-button-icon-only"
+            % title="$modify_text" aria-label="$modify_text"
+            % style="background:white;">
+            % <span class="ui-icon ui-icon-pencil"></span>
+            % <span class="ui-button-text">$modify_text</span>
+            % </a>
        % };
-        <td class='sme-border' style="min-width:15em">
-          <%= $c->render_to_string( inline => $actionModify ) %> <%= $c->render_to_string( inline => $actionRemove ) %>
-        </td>
-      </tr>
-      % }
+      % my $removable = ( $domain->{Removable} || 'yes' );
+      % my $actionRemove = '&nbsp;';
+      % if ($removable eq 'yes') {
+        % my $remove_text = l('REMOVE'); # Localized text
+        % my $csrf_token = "TOKEN"; # CSRF token for security
+        % my $domain_name = $domain->{Domain}; # Domain name extracted from the data structure
+        % $actionRemove = qq{
+          % <a href="domains2?CsrfDef=$csrf_token&trt=DEL&Domain=$domain_name"
+          % class="sme-remove-button unset ui-button ui-corner-all ui-widget ui-button-icon-only"
+          % title="$remove_text" aria-label="$remove_text"
+          % style="background:white;">
+          % <span class="ui-icon ui-icon-delete"></span>
+          % <span class="ui-button-text">$remove_text</span>
+          % </a>
+      % };
+    %# $actionRemove = "<a href='domains2?CsrfDef=TOKEN&trt=DEL&Domain=" . $domain->{Domain} . "'>" . "<button class='sme-remove-button' title=".l('REMOVE').">".l('REMOVE')."</button>" . "</a>";
+    % };
+    <td class='sme-border' style="min-width:15em">
+      <%= $c->render_to_string( inline => $actionModify ) %> <%= $c->render_to_string( inline => $actionRemove ) %>
+    </td>
+  </tr>
+  % }

-    </tbody>
-  </table>
+</tbody>
+</table>

-  %= hidden_field 'trt' => 'ADD'
+%= hidden_field 'trt' => 'ADD'

-  %= form_for '/domains' => ( method => 'POST' ) => begin
+%= form_for '/domains' => ( method => 'POST' ) => begin

-    <!-- <HR class="sectionbar">-->
-    <br>
+  <!-- <HR class="sectionbar">-->
+  <br>

-    % my $btn2 = l('dom_DOMAINS_PAGE_CORPORATE_DNS');
+  % my $btn2 = l('dom_DOMAINS_PAGE_CORPORATE_DNS');

-    <h3>
-      %= l 'dom_DESC_CORPORATE_DNS_CURRENT'
-    </h3>
-
-    <p>
-      <span class=label>
-        %= l 'dom_LABEL_CORPORATE_DNS_PRIMARY'
-      </span><span class=data>
-        %= $dom_datas->{forwarder}
-      </span>
-    </p>
-
-    % if ($dom_datas->{forwarder2}) {
-      <p>
-        <span class=label>
-          %= l 'dom_LABEL_CORPORATE_DNS_SECONDARY'
-        </span><span class=data>
-          %= $dom_datas->{forwarder2}
-        </span>
-      </p>
-    % }
+  <h3>
+    %= l 'dom_DESC_CORPORATE_DNS_CURRENT'
+  </h3>

  <p>
-    %= submit_button "$btn2", class => 'action'
+    <span class=label>
+      %= l 'dom_LABEL_CORPORATE_DNS_PRIMARY'
+    </span><span class=data>
+      %= $dom_datas->{forwarder}
+    </span>
  </p>
-  %= hidden_field 'trt' => 'UP2'
-  % end
+
+  % if ($dom_datas->{forwarder2}) {
+    <p>
+      <span class=label>
+        %= l 'dom_LABEL_CORPORATE_DNS_SECONDARY'
+      </span><span class=data>
+        %= $dom_datas->{forwarder2}
+      </span>
+    </p>
+  % }
+
+<p>
+  %= submit_button "$btn2", class => 'action'
+</p>
+%= hidden_field 'trt' => 'UP2'
+% end



-</div>
+</div>
--- a/root/usr/share/smanager/themes/default/templates/partials/_grp_list.html.ep
+++ b/root/usr/share/smanager/themes/default/templates/partials/_grp_list.html.ep
@@ -43,30 +43,34 @@
              % my $csrf_token = "TOKEN"; # CSRF token for security
              % my $group_name = $group->key; # group name extracted from the data structure
              % my $actionModify = qq{
-                % <a href="groups2?CsrfDef=$csrf_token&trt=UPD&group=$group_name">
-                  % <button type='button' class='sme-modify-button' title='$modify_text' >
-                    % $modify_text
-                    % </button>
-                  % </a>
-              % };
-            % my $remove_text = l('REMOVE'); # Localized text
-            % my $csrf_token = "TOKEN"; # CSRF token for security
-            % my $group_name = $group->key; # group name extracted from the data structure
-            % my $actionRemove = qq{
-              % <a href="groups2?CsrfDef=$csrf_token&trt=DEL&group=$group_name">
-                % <button type='button' class='sme-remove-button' title='$remove_text' >
-                  % $remove_text
-                  % </button>
+                % <a href="groups2?CsrfDef=$csrf_token&trt=UPD&group=$group_name"
+                % class="sme-modify-button unset ui-button ui-corner-all ui-widget ui-button-icon-only"
+                % title="$modify_text" aria-label="$modify_text"
+                % style="background:white;">
+                % <span class="ui-icon ui-icon-pencil"></span>
+                % <span class="ui-button-text">$modify_text</span>
                % </a>
            % };
-            <%= $c->render_to_string( inline => $actionModify ) %> <%= $c->render_to_string( inline => $actionRemove ) %>
-          </td>
-        </tr>
-        % }
-      </tbody>
-    </table>
-    <% } %>
-  </p>
+          % my $remove_text = l('REMOVE'); # Localized text
+          % my $csrf_token = "TOKEN"; # CSRF token for security
+          % my $group_name = $group->key; # group name extracted from the data structure
+          % my $actionRemove = qq{
+            % <a href="groups2?CsrfDef=$csrf_token&trt=DEL&group=$group_name"
+            % class="sme-remove-button unset ui-button ui-corner-all ui-widget ui-button-icon-only"
+            % title="$remove_text" aria-label="$remove_text"
+            % style="background:white;">
+            % <span class="ui-icon ui-icon-delete"></span>
+            % <span class="ui-button-text">$remove_text</span>
+            % </a>
+        % };
+        <%= $c->render_to_string( inline => $actionModify ) %> <%= $c->render_to_string( inline => $actionRemove ) %>
+      </td>
+    </tr>
+    % }
+  </tbody>
+</table>
+<% } %>
+</p>


-</div>
+</div>
--- a/root/usr/share/smanager/themes/default/templates/partials/_header.html.ep
+++ b/root/usr/share/smanager/themes/default/templates/partials/_header.html.ep
@@ -2,11 +2,12 @@
 <div id="header2" class="hd2 module gradient-panel">
  <img src="images/KoozaliServerManager.png" alt="Koozali Logo" class="logo" >
  % if ( not defined $c->session->{username} ) {
-    <button type='button' class="login-button"><a class = "no-visited-state" target="_parent" href="login">Login</a></button>
+		<a class="login-button no-visited-state" target="_parent" href="/smanager/login">Login</a>
  % } else {
-  <button type='button' class="login-button"><a class = "no-visited-state" target="_parent" href="logout">Logout <%= $c->session->{username} %></a></button>
+  <!--><button type='button' class="login-button"><a class = "no-visited-state" target="_parent" href="/smanager/logout">Logout <%= $c->session->{username} %></a></button>-->
+		<a class="login-button no-visited-state" target="_parent" href="/smanager/logout">Logout <%= $c->session->{username} %></a>
  % }
  <div id="flag-container" class = "flag-style">
    <!--			 The flag icon will be inserted here -->
  </div>
-</div>
+</div>
--- a/root/usr/share/smanager/themes/default/templates/partials/_hos_list.html.ep
+++ b/root/usr/share/smanager/themes/default/templates/partials/_hos_list.html.ep
@@ -57,28 +57,32 @@
                % my $csrf_token = "TOKEN"; # CSRF token for security
                % my $hostentries_name = $_->{'HostName'}; # hostentries name extracted from the data structure
                % $actionModify = qq{
-                  % <a href="hostentriesd?CsrfDef=$csrf_token&trt=UPD&Hostname=$hostentries_name">
-                    % <button type='button' class='sme-modify-button' title='$modify_text' >
-                      % $modify_text
-                      % </button>
-                    % </a>
-                % };
-              % my $remove_text = l('REMOVE'); # Localized text
-              % $csrf_token = "TOKEN"; # CSRF token for security
-              %# my $hostentries_name = $_->{'HostName'};  # hostentries name extracted from the data structure
-              % $actionRemove = qq{
-                % <a href="hostentriesd?CsrfDef=$csrf_token&trt=DEL&Hostname=$hostentries_name">
-                  % <button type='button' class='sme-remove-button' title='$remove_text' >
-                    % $remove_text
-                    % </button>
+                  % <a href="hostentriesd?CsrfDef=$csrf_token&trt=UPD&Hostname=$hostentries_name"
+                  % class="sme-modify-button unset ui-button ui-corner-all ui-widget ui-button-icon-only"
+                  % title="$modify_text" aria-label="$modify_text"
+                  % style="background:white;">
+                  % <span class="ui-icon ui-icon-pencil"></span>
+                  % <span class="ui-button-text">$modify_text</span>
                  % </a>
              % };
-          % }
-          <%= $c->render_to_string( inline => $actionModify ) %> <%= $c->render_to_string( inline => $actionRemove ) %>
-        </td>
-      </tr>
+            % my $remove_text = l('REMOVE'); # Localized text
+            % $csrf_token = "TOKEN"; # CSRF token for security
+            %# my $hostentries_name = $_->{'HostName'};  # hostentries name extracted from the data structure
+            % $actionRemove = qq{
+              % <a href="hostentriesd?CsrfDef=$csrf_token&trt=DEL&Hostname=$hostentries_name"
+              % class="sme-remove-button unset ui-button ui-corner-all ui-widget ui-button-icon-only"
+              % title="$remove_text" aria-label="$remove_text"
+              % style="background:white;">
+              % <span class="ui-icon ui-icon-delete"></span>
+              % <span class="ui-button-text">$remove_text</span>
+              % </a>
+          % };
      % }
-    </tbody>
-  </table>
+      <%= $c->render_to_string( inline => $actionModify ) %> <%= $c->render_to_string( inline => $actionRemove ) %>
+    </td>
+  </tr>
  % }
-</div>
+</tbody>
+</table>
+% }
+</div>
--- a/root/usr/share/smanager/themes/default/templates/partials/_iba_list.html.ep
+++ b/root/usr/share/smanager/themes/default/templates/partials/_iba_list.html.ep
@@ -53,59 +53,65 @@
              % my $csrf_token = "TOKEN"; # CSRF token for security
              % my $ibays_entry_name = $ibay->key; # ibays_entry name extracted from the data structure
              % $actionModify = qq{
-                % <a href="ibaysd?CsrfDef=$csrf_token&trt=UPD&ibay=$ibays_entry_name">
-                  % <button type='button' class='sme-modify-button' title='$modify_text' >
-                    % $modify_text
-                    % </button>
-                  % </a>
-              % };
-          % }
+                % <a href="ibaysd?CsrfDef=$csrf_token&trt=UPD&ibay=$ibays_entry_name"
+                % class="sme-modify-button unset ui-button ui-corner-all ui-widget ui-button-icon-only"
+                % title="$modify_text" aria-label="$modify_text"
+                % style="background:white;">
+                % <span class="ui-icon ui-icon-pencil"></span>
+                % <span class="ui-button-text">$modify_text</span>
+                % </a>
+            % };
+        % }

-          % if ($passwordable eq 'yes') {
-            % my $password_text = l('PASSWORD_RESET'); # Localized text
-            % my $csrf_token = "TOKEN"; # CSRF token for security
-            % my $ibays_entry_name = $ibay->key; # ibays_entry name extracted from the data structure
-            % if ($ibay->prop('PasswordSet') ne 'yes' && $needPassword) {
-              % $actionResetPw = qq{
-                % <a href="ibaysd?CsrfDef=$csrf_token&trt=PWD&ibay=$ibays_entry_name">
-                  % <button type='button' class='sme-password-button unset' title="$password_text - currently unset" style = background:pink; >
-                    % $password_text
-                    % </button>
-                  % </a>
-              % };
-          % } else {
-          % $actionResetPw = qq{
-            % <a href="ibaysd?CsrfDef=$csrf_token&trt=PWD&ibay=$ibays_entry_name">
-              % <button type='button' class='sme-password-button' title='$password_text' >
-                % $password_text
-                % </button>
-              % </a>
-          % };
-          % }
-
-          % }
-
-          % if ($removable eq 'yes') {
-            % my $remove_text = l('REMOVE'); # Localized text
-            % my $csrf_token = "TOKEN"; # CSRF token for security
-            % my $ibays_entry_name = $ibay->key; # ibays_entry name extracted from the data structure
-            % $actionRemove = qq{
-              % <a href="ibaysd?CsrfDef=$csrf_token&trt=DEL&ibay=$ibays_entry_name">
-                % <button type='button' class='sme-remove-button' title='$remove_text' >
-                  % $remove_text
+        % if ($passwordable eq 'yes') {
+          % my $password_text = l('PASSWORD_RESET'); # Localized text
+          % my $csrf_token = "TOKEN"; # CSRF token for security
+          % my $ibays_entry_name = $ibay->key; # ibays_entry name extracted from the data structure
+          % if ($ibay->prop('PasswordSet') ne 'yes' && $needPassword) {
+            % $actionResetPw = qq{
+              % <a href="ibaysd?CsrfDef=$csrf_token&trt=PWD&ibay=$ibays_entry_name">
+                % <button type='button' class='sme-password-button unset' title="$password_text - currently unset" style = background:pink; >
+                  % $password_text
                  % </button>
                % </a>
            % };
-          % }
-          <%= $c->render_to_string( inline => $actionModify ) %>
-          <%= $c->render_to_string( inline => $actionResetPw ) %>
-          <%= $c->render_to_string( inline => $actionRemove ) %>
-        </td>
-      </tr>
+        % } else {
+        % $actionResetPw = qq{
+          % <a href="ibaysd?CsrfDef=$csrf_token&trt=PWD&ibay=$ibays_entry_name"
+          % class="sme-password-button unset ui-button ui-corner-all ui-widget ui-button-icon-only"
+          % title="$password_text" aria-label="$password_text"
+          % style="background:white;">
+          % <span class="ui-icon ui-icon-refresh"></span>
+          % <span class="ui-button-text">$password_text</span>
+          % </a>
+      % };
      % }
-    </tbody>
-  </table>
-  <% } %>
+
+      % }
+
+      % if ($removable eq 'yes') {
+        % my $remove_text = l('REMOVE'); # Localized text
+        % my $csrf_token = "TOKEN"; # CSRF token for security
+        % my $ibays_entry_name = $ibay->key; # ibays_entry name extracted from the data structure
+        % $actionRemove = qq{
+          % <a href="ibaysd?CsrfDef=$csrf_token&trt=DEL&ibay=$ibays_entry_name"
+          % class="sme-remove-button unset ui-button ui-corner-all ui-widget ui-button-icon-only"
+          % title="$remove_text" aria-label="$remove_text"
+          % style="background:white;">
+          % <span class="ui-icon ui-icon-delete"></span>
+          % <span class="ui-button-text">$remove_text</span>
+          % </a>
+      % };
+    % }
+    <%= $c->render_to_string( inline => $actionModify ) %>
+    <%= $c->render_to_string( inline => $actionResetPw ) %>
+    <%= $c->render_to_string( inline => $actionRemove ) %>
+  </td>
+</tr>
+% }
+</tbody>
+</table>
+<% } %>


-</div>
+</div>
--- a/root/usr/share/smanager/themes/default/templates/partials/_info.html.ep
+++ b/root/usr/share/smanager/themes/default/templates/partials/_info.html.ep
@@ -4,7 +4,7 @@
    <div class="sme-error module"><h5>
        Warning: you have not yet changed the default system password.</h5></div>
  <% } %>
-  <% if ( $c->is_unsafe ) { %>
+  <% if ( $c->is_unsafe && $c->is_logged_in && $c->is_admin) { %>
    <div class="sme-error module"><h5>
        Warning: a reconfigure and reboot is required before proceeding! Failure to do so now
        may leave your system in an unknown state!</h5></div>
@@ -22,4 +22,4 @@
      </br>Please, consult <a href="https://wiki.koozali.org/SME_Server:Download" target="_blank">https://wiki.koozali.org/SME_Server:Download</a> to get the latest version
  </h5></div>
 <% } %>
-</div>
+</div>
--- a/root/usr/share/smanager/themes/default/templates/partials/_ln_list.html.ep
+++ b/root/usr/share/smanager/themes/default/templates/partials/_ln_list.html.ep
@@ -80,18 +80,20 @@
            % my $local_network_entry = $localnetwork->key;
            % my $csrf_token = "TOKEN"; # CSRF token for security
            % $actionRemove = qq{
-              % <a href="localnetworksd?CsrfDef=$csrf_token&trt=DEL&localnetwork=$local_network_entry">
-                % <button type='button' class='sme-remove-button' title='$remove_text' >
-                  % $remove_text
-                  % </button>
-                % </a>
-            % };
-        % }
-        <td class='sme-border'><%= $c->render_to_string( inline => $actionRemove ) %></td>
-      </tr>
+              % <a href="localnetworksd?CsrfDef=$csrf_token&trt=DEL&localnetwork=$local_network_entry"
+              % class="sme-remove-button unset ui-button ui-corner-all ui-widget ui-button-icon-only"
+              % title="$remove_text" aria-label="$remove_text"
+              % style="background:white;">
+              % <span class="ui-icon ui-icon-delete"></span>
+              % <span class="ui-button-text">$remove_text</span>
+              % </a>
+          % };
      % }
-    </tbody>
-  </table>
-  %= hidden_field 'trt' => $ln_datas->{trt}
-  % }
-</div>
+      <td class='sme-border'><%= $c->render_to_string( inline => $actionRemove ) %></td>
+    </tr>
+    % }
+  </tbody>
+</table>
+%= hidden_field 'trt' => $ln_datas->{trt}
+% }
+</div>
--- a/root/usr/share/smanager/themes/default/templates/partials/_pf_list.html.ep
+++ b/root/usr/share/smanager/themes/default/templates/partials/_pf_list.html.ep
@@ -96,21 +96,23 @@
                % my $remove_text = l('REMOVE'); # Localized text
                % my $csrf_token = "TOKEN"; # CSRF token for security
                % my $actionRemove = qq{
-                  % <a href="portforwardingd?CsrfDef=$csrf_token&trt=DEL&sport=$sport&proto=$proto">
-                    % <button type='button' class='sme-remove-button' title='$remove_text' >
-                      % $remove_text
-                      % </button>
-                    % </a>
-                % };
-              <%= $c->render_to_string( inline => $actionRemove ) %>
-            </td>
-          </tr>
-        % }
+                  % <a href="portforwardingd?CsrfDef=$csrf_token&trt=DEL&sport=$sport&proto=$proto"
+                  % class="sme-remove-button unset ui-button ui-corner-all ui-widget ui-button-icon-only"
+                  % title="$remove_text" aria-label="$remove_text"
+                  % style="background:white;">
+                  % <span class="ui-icon ui-icon-delete"></span>
+                  % <span class="ui-button-text">$remove_text</span>
+                  % </a>
+              % };
+            <%= $c->render_to_string( inline => $actionRemove ) %>
+          </td>
+        </tr>
      % }
-      % }
-      % }
-    </tbody>
-  </table>
-  %= hidden_field 'trt' => $pf_datas->{trt}
+    % }
+    % }
+    % }
+  </tbody>
+</table>
+%= hidden_field 'trt' => $pf_datas->{trt}

-</div>
+</div>
--- a/root/usr/share/smanager/themes/default/templates/partials/_prt_list.html.ep
+++ b/root/usr/share/smanager/themes/default/templates/partials/_prt_list.html.ep
@@ -62,20 +62,22 @@
              % my $csrf_token = "TOKEN"; # CSRF token for security
              % my $printer_name = $printer->key;
              % my $actionRemove = qq{
-                % <a href="printers2?CsrfDef=$csrf_token&trt=DEL&&printer=$printer_name">
-                  % <button type='button' class='sme-remove-button' title='$remove_text' >
-                    % $remove_text
-                    % </button>
-                  % </a>
-              % };
-            <%= $c->render_to_string( inline => $actionRemove ) %>
-          </td>
-        </tr>
-        % }
-      </tbody>
-    </table>
-    <% } %>
-  </p>
+                % <a href="printers2?CsrfDef=$csrf_token&trt=DEL&&printer=$printer_name"
+                % class="sme-remove-button unset ui-button ui-corner-all ui-widget ui-button-icon-only"
+                % title="$remove_text" aria-label="$remove_text"
+                % style="background:white;">
+                % <span class="ui-icon ui-icon-delete"></span>
+                % <span class="ui-button-text">$remove_text</span>
+                % </a>
+            % };
+          <%= $c->render_to_string( inline => $actionRemove ) %>
+        </td>
+      </tr>
+      % }
+    </tbody>
+  </table>
+  <% } %>
+</p>


-</div>
+</div>
--- a/root/usr/share/smanager/themes/default/templates/partials/_pse_list.html.ep
+++ b/root/usr/share/smanager/themes/default/templates/partials/_pse_list.html.ep
@@ -61,36 +61,40 @@
                % my $csrf_token = "TOKEN"; # CSRF token for security
                % my $pseudonyms_entry_name = $pseudonym->key; # pseudonyms_entry name extracted from the data structure
                % $actionModify = qq{
-                  % <a href="pseudonyms2?CsrfDef=$csrf_token&trt=UPD&pseudonym=$pseudonyms_entry_name">
-                    % <button type='button' class='sme-modify-button' title='$modify_text' >
-                      % $modify_text
-                      % </button>
-                    % </a>
-                % };
-            % }
-
-            % if ($removable eq 'yes') {
-              % my $remove_text = l('REMOVE'); # Localized text
-              % my $csrf_token = "TOKEN"; # CSRF token for security
-              % my $pseudonyms_entry_name = $pseudonym->key; # pseudonyms_entry name extracted from the data structure
-              % $actionRemove = qq{
-                % <a href="pseudonyms2?CsrfDef=$csrf_token&trt=DEL&pseudonym=$pseudonyms_entry_name">
-                  % <button type='button' class='sme-remove-button' title='$remove_text' >
-                    % $remove_text
-                    % </button>
+                  % <a href="pseudonyms2?CsrfDef=$csrf_token&trt=UPD&pseudonym=$pseudonyms_entry_name"
+                  % class="sme-modify-button unset ui-button ui-corner-all ui-widget ui-button-icon-only"
+                  % title="$modify_text" aria-label="$modify_text"
+                  % style="background:white;">
+                  % <span class="ui-icon ui-icon-pencil"></span>
+                  % <span class="ui-button-text">$modify_text</span>
                  % </a>
              % };
-            % }
-            <%= $c->render_to_string( inline => $actionModify ) %> <%= $c->render_to_string( inline => $actionRemove ) %>
+          % }

-          </td>
-        </tr>
+          % if ($removable eq 'yes') {
+            % my $remove_text = l('REMOVE'); # Localized text
+            % my $csrf_token = "TOKEN"; # CSRF token for security
+            % my $pseudonyms_entry_name = $pseudonym->key; # pseudonyms_entry name extracted from the data structure
+            % $actionRemove = qq{
+              % <a href="pseudonyms2?CsrfDef=$csrf_token&trt=DEL&pseudonym=$pseudonyms_entry_name"
+              % class="sme-remove-button unset ui-button ui-corner-all ui-widget ui-button-icon-only"
+              % title="$remove_text" aria-label="$remove_text"
+              % style="background:white;">
+              % <span class="ui-icon ui-icon-delete"></span>
+              % <span class="ui-button-text">$remove_text</span>
+              % </a>
+          % };
        % }
-      </tbody>
-    </table>
-    <% } %>
-  </p>
+        <%= $c->render_to_string( inline => $actionModify ) %> <%= $c->render_to_string( inline => $actionRemove ) %>
+
+      </td>
+    </tr>
+    % }
+  </tbody>
+</table>
+<% } %>
+</p>



-</div>
+</div>
--- a/root/usr/share/smanager/themes/default/templates/partials/_quo_list.html.ep
+++ b/root/usr/share/smanager/themes/default/templates/partials/_quo_list.html.ep
@@ -62,21 +62,23 @@
            % my $csrf_token = "TOKEN"; # CSRF token for security
            % my $quota_user_name = $user->key; # quotas_entry name extracted from the data structure
            % my $actionModify = qq{
-              % <a href="quotad?CsrfDef=$csrf_token&trt=UPD&user=$quota_user_name">
-                % <button type='button' class='sme-modify-button' title='$modify_text' >
-                  % $modify_text
-                  % </button>
-                % </a>
-            % };
-            <%= $c->render_to_string( inline => $actionModify ) %>
-          </td>
-        </tr>
-        % }
-      </tbody>
-    </table>
-    <% } %>
-  </p>
+              % <a href="quotad?CsrfDef=$csrf_token&trt=UPD&user=$quota_user_name"
+              % class="sme-modify-button unset ui-button ui-corner-all ui-widget ui-button-icon-only"
+              % title="$modify_text" aria-label="$modify_text"
+              % style="background:white;">
+              % <span class="ui-icon ui-icon-pencil"></span>
+              % <span class="ui-button-text">$modify_text</span>
+              % </a>
+          % };
+          <%= $c->render_to_string( inline => $actionModify ) %>
+        </td>
+      </tr>
+      % }
+    </tbody>
+  </table>
+  <% } %>
+</p>

-  %= hidden_field 'trt' => $quo_datas->{trt}
+%= hidden_field 'trt' => $quo_datas->{trt}

-</div>
+</div>
--- a/root/usr/share/smanager/themes/default/templates/partials/_usr_list.html.ep
+++ b/root/usr/share/smanager/themes/default/templates/partials/_usr_list.html.ep
@@ -66,93 +66,102 @@
          % my $password_text = l("PASSWORD_RESET");
          % if ($useraccounts_user_name eq 'admin') {
            % $actionModify = qq{
-              % <a href="useraccountsd?CsrfDef=$csrf_token&trt=UPS&user=$useraccounts_user_name">
-                % <button type='button' class='sme-modify-button' title='$modify_text'>
-                  % $modify_text
-                  % </button>
-                % </a>
-            % };
-          % $actionResetPw = qq{
-            % <a href="useraccountsd?CsrfDef=$csrf_token&trt=PWS&user=$useraccounts_user_name">
-              % <button type='button' class='sme-password-button' title='$password_text' >
-                % $password_text
-                % </button>
+              % <a href="useraccountsd?CsrfDef=$csrf_token&trt=UPS&user=$useraccounts_user_name"
+              % class="sme-modify-button ui-button ui-corner-all ui-widget ui-button-icon-only"
+              % title="$modify_text" aria-label="$modify_text">
+              % <span class="ui-icon ui-icon-pencil"></span>
+              % <span class="ui-button-text">$modify_text</span>
              % </a>
          % };
-        % } else {
-        % $actionModify = qq{
-          % <a href="useraccountsd?CsrfDef=$csrf_token&trt=UPD&user=$useraccounts_user_name">
-            % <button type='button' class='sme-modify-button' title='$modify_text' >
-              % $modify_text
-              % </button>
-            % </a>
-        % };
-        % }
-        % if ($password_set ne 'yes') {
-          % $actionLock = l('ACCOUNT_LOCKED');
-          % $actionResetPw = qq{
-            % <a href="useraccountsd?CsrfDef=$csrf_token&trt=PWD&user=$useraccounts_user_name">
-              % <button type='button' class='sme-password-button unset' title="$password_text - currently unset" style = background:pink; >
-                % $password_text
-                % </button>
-              % </a>
-          % };
-        % } elsif ($useraccounts_user_name ne 'admin') {
-        % my $lock_text = l('ACCOUNT LOCKED'); # Localized text
-        % my $csrf_token = "TOKEN"; # CSRF token for security
-        % my $useraccounts_user_name = $user->key; # useraccountss_entry name extracted from the data structure
-        % $actionLock = qq{
-          % <a href="useraccountsd?CsrfDef=$csrf_token&trt=LCK&user=$useraccounts_user_name">
-            % <button type='button' class='sme-lock-button' title='$lock_text' >
-              % $lock_text
-              % </button>
-            % </a>
-        % };
        % $actionResetPw = qq{
-          % <a href="useraccountsd?CsrfDef=$csrf_token&trt=PWD&user=$useraccounts_user_name">
-            % <button type='button' class='sme-password-button' title='$password_text' >
-              % $password_text
-              % </button>
-            % </a>
-        % };
-        % }
-        % if ( $removable eq 'yes' ) {
-          % my $remove_text = l('REMOVE'); # Localized text
-          % my $csrf_token = "TOKEN"; # CSRF token for security
-          % $actionRemove = qq{
-            % <a href="useraccountsd?CsrfDef=$csrf_token&trt=DEL&user=$useraccounts_user_name">
-              % <button type='button' class='sme-remove-button' title='$remove_text' >
-                % $remove_text
-                % </button>
-              % </a>
-          % };
-        % }
+          % <a href="useraccountsd?CsrfDef=$csrf_token&trt=PWS&user=$useraccounts_user_name"
+          % class="sme-password-button ui-button ui-corner-all ui-widget ui-button-icon-only"
+          % title="$password_text" aria-label="$password_text">
+          % <span class="ui-icon ui-icon-refresh"></span>
+          % <span class="ui-button-text">$password_text</span>
+          % </a>
+      % };
+    % } else {
+    % $actionModify = qq{
+      % <a href="useraccountsd?CsrfDef=$csrf_token&trt=UPD&user=$useraccounts_user_name"
+      % class="sme-modify-button ui-button ui-corner-all ui-widget ui-button-icon-only"
+      % title="$modify_text" aria-label="$modify_text">
+      % <span class="ui-icon ui-icon-pencil"></span>
+      % <span class="ui-button-text">$modify_text</span>
+      % </a>
+  % };
+  % }
+  % if ($password_set ne 'yes') {
+    % $actionLock = l('ACCOUNT_LOCKED');
+    % $actionResetPw = qq{
+      % <a href="useraccountsd?CsrfDef=$csrf_token&trt=PWD&user=$useraccounts_user_name"
+      % class="sme-password-button unset ui-button ui-corner-all ui-widget ui-button-icon-only"
+      % title="$password_text" aria-label="$password_text"
+      % style="background:pink;">
+      % <span class="ui-icon ui-icon-refresh"></span>
+      % <span class="ui-button-text">$password_text</span>
+      % </a>
+  % };
+% } elsif ($useraccounts_user_name ne 'admin') {
+% my $lock_text = l('LOCK_ACCOUNT'); # Localized text
+% my $csrf_token = "TOKEN"; # CSRF token for security
+% my $useraccounts_user_name = $user->key; # useraccountss_entry name extracted from the data structure
+% $actionLock = qq{
+  % <a href="useraccountsd?CsrfDef=$csrf_token&trt=LCK&user=$useraccounts_user_name"
+  % class="sme-lock-button ui-button ui-corner-all ui-widget ui-button-icon-only"
+  % title="$lock_text" aria-label="$lock_text">
+  % <span class="ui-icon ui-icon-locked"></span>
+  % <span class="ui-button-text">$lock_text</span>
+  % </a>
+% };
+% $actionResetPw = qq{
+  % <a href="useraccountsd?CsrfDef=$csrf_token&trt=PWD&user=$useraccounts_user_name"
+  % class="sme-password-button ui-button ui-corner-all ui-widget ui-button-icon-only"
+  % title="$password_text" aria-label="$password_text">
+  % <span class="ui-icon ui-icon-refresh"></span>
+  % <span class="ui-button-text">$password_text</span>
+  % </a>
+% };
+% }
+% if ( $removable eq 'yes' ) {
+  % my $remove_text = l('REMOVE'); # Localized text
+  % my $csrf_token = "TOKEN"; # CSRF token for security
+  % $actionRemove = qq{
+    % <a href="useraccountsd?CsrfDef=$csrf_token&trt=DEL&user=$useraccounts_user_name"
+    % class="sme-remove-button ui-button ui-corner-all ui-widget ui-button-icon-only"
+    % title="$remove_text" aria-label="$remove_text">
+    % <span class="ui-icon ui-icon-trash"></span>
+    % <span class="ui-button-text">$remove_text</span>
+    % </a>
+  % };
+% }

-        % my $thisdomain = $c->req->url->to_abs->host;
-        % my $roundcube_text = l('Webmail'); # Localized text
-        % $csrf_token = "TOKEN"; # CSRF token for security
-        % $useraccounts_user_name = $user->key; # useraccountss_entry name extracted from the data structure
-        % $actionroundcube = qq{
-          % <a href="roundcubepanel?CsrfDef=$csrf_token&url=https://$thisdomain/roundcube?_user=$useraccounts_user_name&height=600px">
-            % <button type='button' class='sme-email-button' title='$roundcube_text' >
-              % $roundcube_text
-              % </button>
-            % </a>
-        % };
-        <td class='sme-border' style="min-width:35em">
-          <%= $c->render_to_string( inline => $actionModify ) %>
-          <%= $c->render_to_string( inline => $actionResetPw ) %>
-          <%= $c->render_to_string( inline => $actionLock ) %>
-          <%= $c->render_to_string( inline => $actionRemove ) %>
-          <%= $c->render_to_string( inline => $actionroundcube ) %>
-        </td>
-      </tr>
-      % }
-    </tbody>
-  </table>
+% my $thisdomain = $c->req->url->to_abs->host;
+% my $roundcube_text = l('Webmail'); # Localized text
+% $csrf_token = "TOKEN"; # CSRF token for security
+% $useraccounts_user_name = $user->key; # useraccountss_entry name extracted from the data structure
+% $actionroundcube = qq{
+  % <a href="roundcubepanel?CsrfDef=$csrf_token&url=https://$thisdomain/roundcube?_user=$useraccounts_user_name&height=600px"
+  % class="sme-email-button ui-button ui-corner-all ui-widget ui-button-icon-only"
+  % title="$roundcube_text" aria-label="$roundcube_text">
+  % <span class="ui-icon ui-icon-mail-closed"></span>
+  % <span class="ui-button-text">$roundcube_text</span>
+  % </a>
+% };
+<td class='sme-border' style="min-width:35em">
+  <%= $c->render_to_string( inline => $actionModify ) %>
+  <%= $c->render_to_string( inline => $actionResetPw ) %>
+  <%= $c->render_to_string( inline => $actionLock ) %>
+  <%= $c->render_to_string( inline => $actionRemove ) %>
+  <%= $c->render_to_string( inline => $actionroundcube ) %>
+</td>
+</tr>
+% }
+</tbody>
+</table>

-  <% } %>
+<% } %>

-  %= hidden_field 'trt' => $usr_datas->{trt}
+%= hidden_field 'trt' => $usr_datas->{trt}

-</div>
+</div>
--- a/smeserver-manager.spec
+++ b/smeserver-manager.spec
@@ -2,7 +2,7 @@ Summary: Sme Server Configuration : Manager 2
 %define name smeserver-manager
 Name: %{name}
 %define version 11.0.0
-%define release 113
+%define release 117
 Version: %{version}
 Release: %{release}%{?dist}
 License: GPL
@@ -35,6 +35,7 @@ Requires: perl(Mojolicious::Plugin::CSRFDefender) >= 0.0.8
 Requires: perl(Net::Netmask) >= 1.9
 Requires: perl(DBM::Deep) >= 2.0011-1
 Requires: perl(Mojo::JWT) >= 0.08-1
+#Requires: perl(IPS:Run) >= 0.99-1 - needed for enahnced qmailanalog run of pflogsumm
 #Requires: perl(Time::TAI64) >= 2.11
 Requires: perl(Data::Validate::IP)
 Requires: mutt >= 1.5.21
@@ -146,6 +147,19 @@ true
 %defattr(-,root,root)

 %changelog
+* Wed Sep 24 2025 Jean-Philippe Pialasse <jpp@koozali.org> 11.0.0-117.sme
+- set correctly X-Forwarded-Proto for TKT auth [SME: 13175]
+  updated CSP for smanager
+
+* Mon Sep 15 2025 Brian Read <brianr@koozali.org> 11.0.0-116.sme
+- Fix other buttons in lists for elinks [SME: 13113]
+
+* Sat Sep 13 2025 Brian Read <brianr@koozali.org> 11.0.0-115.sme
+- Fix login and logout and user table buttons so that they are valid html and work for elinks [SME: 13113]
+
+* Sat Sep 13 2025 Brian Read <brianr@koozali.org> 11.0.0-114.sme
+- edit intial screen to suppress reconfig message unless admin logged in  [SME: 13112]
+
 * Mon Aug 11 2025 Brian Read <brianr@koozali.org> 11.0.0-113.sme
 - Re-factor all template files to make them nicely formatted  [SME: 13103]
Author	SHA1	Message	Date
Jean-Philippe Pialasse	c6f8378881	* Wed Sep 24 2025 Jean-Philippe Pialasse <jpp@koozali.org> 11.0.0-117.sme - set correctly X-Forwarded-Proto for TKT auth [SME: 13175] updated CSP for smanager	2025-09-24 15:11:06 -04:00
Brian Read	d720304f1a	delete test file	2025-09-16 18:55:08 +02:00
Brian Read	371a05379f	Test for sync	2025-09-16 18:52:26 +02:00
Brian Read	7cb9591eb8	* Mon Sep 15 2025 Brian Read <brianr@koozali.org> 11.0.0-116.sme - Fix other buttons in lists for elinks [SME: 13113]	2025-09-15 11:11:20 +01:00
Brian Read	a0524a7484	* Sat Sep 13 2025 Brian Read <brianr@koozali.org> 11.0.0-115.sme - Fix login and logout and user table buttons so that they are valid html and work for elinks [SME: 13113]	2025-09-14 11:31:59 +01:00
Brian Read	687e763684	* Sat Sep 13 2025 Brian Read <brianr@koozali.org> 11.0.0-114.sme - edit intial screen to suppress reconfig message unless admin logged in [SME: 13112]	2025-09-13 15:53:19 +01:00