doc/sample-insert-hosted-user_types.php hosted/js lib/hosted

Torsten Grote grote at kolabsys.com
Wed Jul 11 20:06:41 CEST 2012 

 doc/sample-insert-hosted-user_types.php |    3 -
 hosted/js/kolab_hosted.js               |    5 +-
 lib/hosted/kolab_client_task_signup.php |   78 +++++++++++++++++++++++---------
 3 files changed, 63 insertions(+), 23 deletions(-)

New commits:
commit 31d4f7419a63029a64de35dc3945b6d48e8b841d
Author: Torsten Grote <grote at kolabsys.com>
Date:   Wed Jul 11 18:05:19 2012 +0200

    improved hosted session handling, fixed user checking and made signup work

diff --git a/doc/sample-insert-hosted-user_types.php b/doc/sample-insert-hosted-user_types.php
index 6f72bc4..fd82e61 100644
--- a/doc/sample-insert-hosted-user_types.php
+++ b/doc/sample-insert-hosted-user_types.php
@@ -65,6 +65,7 @@
                      * for the user.
                      */
                     "mailalternateaddress" => Array(
+                            "optional" => true,
                         ),
                     "sn" => Array(),
                     "uid" => Array(),
@@ -148,7 +149,7 @@
                      * for the user.
                      */
                     "mailalternateaddress" => Array(
-//                            "optional" => true,
+                            "optional" => true,
                         ),
                     "sn" => Array(),
                     "uid" => Array(),
diff --git a/hosted/js/kolab_hosted.js b/hosted/js/kolab_hosted.js
index 1252cbf..793dde0 100644
--- a/hosted/js/kolab_hosted.js
+++ b/hosted/js/kolab_hosted.js
@@ -27,7 +27,7 @@ kadm.user_save = function(reload, section)
     var data = kadm.serialize_form('#'+this.env.form_id);
 
     // check email address
-    if(!isValidEmailAddress(data.mailalternateaddress)) {
+    if(typeof data.mailalternateaddress != 'undefined' && !isValidEmailAddress(data.mailalternateaddress)) {
         // TODO use translatable error message
         kadm.display_message('Please provide a valid email adress as this is where your password will be sent to.', 'error');
         kadm.form_value_error('mailalternateaddress');
@@ -67,6 +67,9 @@ kadm.check_user_availability = function()
         // update future mail form field
         $('input[name="mail"]').val(mail);
         
+        // switch domain before checking for user availability
+        kadm.http_post('signup.check_user', {data: {'domain': data['domain']}});
+
         // check if user with that email address already exists
         kadm.api_post('users.list', {'search': {'mail': {'value': mail} } }, 'check_user_availability_response');
     } else {
diff --git a/lib/hosted/kolab_client_task_signup.php b/lib/hosted/kolab_client_task_signup.php
index b535650..2709adc 100644
--- a/lib/hosted/kolab_client_task_signup.php
+++ b/lib/hosted/kolab_client_task_signup.php
@@ -40,15 +40,22 @@ class kolab_client_task_signup extends kolab_client_task
         // Assign self to template variable
         $this->output->assign('engine', $this);
         
-        // Login ($result is a kolab_client_api_result instance))
-        $result = $this->api->login($this->config->get('ldap', 'bind_dn'), $this->config->get('ldap', 'bind_pw'), $this->config->get('kolab', 'primary_domain') );
-
-        // Set the session token we got in the API client instance, so subsequent
-        // API calls are made in the same session.
-        $this->token = $result->get('session_token');
-        $this->api->set_session_token($this->token);
-        $_SESSION['user']['token'] = $this->token;
-                
+        // Session handling
+        $timeout = $this->config_get('session_timeout', 3600);
+        if (empty($_SESSION['user']) || empty($_SESSION['user']['token']) || ($timeout && $_SESSION['time'] && $_SESSION['time'] < time() - $timeout)) {
+            // Login ($result is a kolab_client_api_result instance))
+            $result = $this->api->login($this->config->get('ldap', 'bind_dn'), $this->config->get('ldap', 'bind_pw'), $this->config->get('kolab', 'primary_domain') );
+
+            // Set the session token we got in the API client instance, so subsequent
+            // API calls are made in the same session.
+            $this->token = $result->get('session_token');
+            $this->api->set_session_token($this->token);
+            $_SESSION['user']['token'] = $this->token;
+
+            // update session time
+            $_SESSION['time'] = time();
+        }
+
         // Run security checks
         // TODO figure out to reenable this
 //        $this->input_checks();
@@ -89,6 +96,15 @@ class kolab_client_task_signup extends kolab_client_task
         $this->output->set_object('taskcontent', $form);
     }
     
+    // switching to proper domain is necessary before calling users.list for that domain
+    public function action_switch_domain($data = array()) {
+        if(count($data) == 0) $data = $this->get_input('data', 'POST');
+
+        // Login in user-chosen domain
+        // TODO perform security check on value of $data['domain']
+        $result = $this->api->get('system.select_domain', array('domain' => $data['domain']));
+    }
+
     public function action_add_user() {
         $data = $this->get_input('data', 'POST');
 
@@ -106,11 +122,38 @@ class kolab_client_task_signup extends kolab_client_task
             return;
         }
 
-        // TODO actually add user here
-        $this->output->command('display_message', 'Not adding user here, yet', 'notice');
-//        $result = $this->api->post('user.add', null, $data);
-//        console($result);
-//        $this->output->command('display_message', 'user.add.success', 'notice');
+        // Log in to proper domain
+        $this->action_switch_domain($data);
+
+        // Assemble mail attribute and throw away submitted attribute
+        $mail = $data['uid'].'@'.$data['domain'];
+        $data['mail'] = $mail;
+
+        // Check again for user availability before adding user
+        // TODO perform security check on value of $data['uid'] and $data['domain']
+        $post = array('search' => array('mail' => array('value' => $mail) ) );
+        $result = $this->api->post('users.list', null, $post);
+
+        if($result->get('count') > 0) {
+            // TODO make this message translatable
+            $this->output->command('display_message', 'A user with that username already exists. Please choose another one.', 'error');
+            return false;
+        }
+
+        // Remove domain from $data before adding user
+        unset($data['domain']);
+
+        // Add user
+        $result = $this->api->post('user.add', null, $data);
+
+        if (array_key_exists('error_code', $result)) {
+            // TODO make this message translatable
+            $this->output->command('display_message', 'An Error occured. You could not be signed up. Please try again.', 'error');
+            return;
+        } else {
+            // TODO make this message translatable
+            $this->output->set_object('taskcontent', '<h3>Your account has been successfully added!</h3>Congratulations, you now have your own Kolab account.');
+        }
     }
 
     private function user_form($data = array()) {
@@ -179,13 +222,6 @@ class kolab_client_task_signup extends kolab_client_task
             $fields['cn']['type'] = kolab_form::INPUT_HIDDEN;
         }
 
-        // Prevent add mode so mail field value is kept when selecting user type
-        $fields['id'] = array(
-            'section'   => 'system',
-            'type'      => kolab_form::INPUT_HIDDEN,
-            'value'     => 'test',
-        );
-        
         // Add password confirmation
         if (isset($fields['userpassword'])) {
             $fields['userpassword2'] = $fields['userpassword'];

More information about the commits mailing list