feat(horde): add account-only remote wipe UI/actions with 16.1 gating

[TDannhauer]

feat(horde): EAS 16.1 config, permissions, and account-only wipe UI

Repository: horde/horde (Horde base application — listed as “base” in the deployment split)

Summary

Exposes EAS 16.1 in admin configuration and per-user permissions, and adds account-only remote wipe actions in ActiveSync admin and user preferences — gated to devices that negotiated protocol ≥16.1.

Motivation

horde/activesync implements Provision:AccountOnlyRemoteWipe at the protocol layer; users and admins need UI to trigger it. Unsupported devices get a clear notification instead of a silent failure or exception.

Changes

Configuration and permissions

• config/conf.xml — add 16.1 (“Exchange Online / EAS 16.1”) to ActiveSync version enum.
• lib/Application.php — activesync:version permission includes VERSION_SIXTEENONE.

Account-only wipe UI

• admin/activesync.php — accountwipe action sets RWSTATUS_ACCOUNTONLY_PENDING when device version ≥16.1.
• lib/Prefs/Special/Activesync.php — prefs dispatch for accountwipeid; version check via Horde_ActiveSync::deviceSupportsAccountOnlyWipe(); user-facing notification when unsupported.
• templates/activesync/device_table.html.php — show account-only pending/wiped status; account-only wipe button for 16.1+ devices.
• templates/prefs/activesync.html.php — hidden accountwipeid field.
• js/activesyncadmin.js / js/activesyncprefs.js — wire wipe buttons to form actions.

Tests

• test/Unit/Prefs/Special/ActivesyncTest.php — device support helper; prefs sets account-only pending for 16.1 device; notification (not exception) for 16.0 device.

Files changed

config/conf.xml
lib/Application.php
admin/activesync.php
lib/Prefs/Special/Activesync.php
templates/activesync/device_table.html.php
templates/prefs/activesync.html.php
js/activesyncadmin.js
js/activesyncprefs.js
test/Unit/Prefs/Special/ActivesyncTest.php

Dependencies

• activesync — VERSION_SIXTEENONE, RWSTATUS_ACCOUNTONLY_*, deviceSupportsAccountOnlyWipe().

Can merge in parallel with kronolith/itip if activesync is already on framework; UI will only work end-to-end once activesync provision handling is deployed.

Test plan

• vendor/bin/phpunit test/Unit/Prefs/Special/ActivesyncTest.php
• Admin → ActiveSync: 16.1 device shows “Account wipe”; 16.0 device does not (or shows disabled with message).
• User prefs → ActiveSync: same gating; unsupported wipe shows notification mentioning EAS 16.1.
• After wipe initiated, device table shows account-only pending; after client ack, wiped state (with activesync PR).
• Permissions UI lists 16.1 as max protocol version option.

Suggested commit message

feat(horde): add EAS 16.1 config and account-only wipe UI

Expose 16.1 in conf and permissions; add admin/prefs account-only
remote wipe with protocol version gating and user notifications.

Manual test notes (from deployment)

• Global ceiling 16.0 with per-user permission 16.1 successfully negotiated 16.1 on test iPhone after reconnect.
• Phase 1–2 smoke tests (mail, calendar, contacts, tasks, push) passed at 16.1.
• Phase 3 (propose new time, account-only wipe) pending full manual validation after all PRs merge.

[ralflang]

Generally OK but see comments.