3 commits - plugins/kolab_auth
Aleksander Machniak
machniak at kolabsys.com
Mon Oct 8 10:18:02 CEST 2012
plugins/kolab_auth/config.inc.php.dist | 8 +--
plugins/kolab_auth/kolab_auth.php | 86 ++++++++++++++++++++++-----------
plugins/kolab_auth/package.xml | 4 -
3 files changed, 65 insertions(+), 33 deletions(-)
New commits:
commit a7c06ff2fd0077bf195a9f16dbddae027bbd0b3e
Author: Aleksander Machniak <machniak at kolabsys.com>
Date: Mon Oct 8 10:15:32 2012 +0200
Support array of fields in kolab_auth_name/kolab_auth_email config,
use first non-empty value (#1012).
Fix lost kolab_auth_email handling.
diff --git a/plugins/kolab_auth/config.inc.php.dist b/plugins/kolab_auth/config.inc.php.dist
index d28ff08..12f43e6 100644
--- a/plugins/kolab_auth/config.inc.php.dist
+++ b/plugins/kolab_auth/config.inc.php.dist
@@ -10,9 +10,11 @@ $rcmail_config['kolab_auth_filter'] = '(&(objectClass=kolabInetOrgPerson)(|(uid=
// Use this fields (from fieldmap configuration) to get authentication ID
$rcmail_config['kolab_auth_login'] = 'email';
-// Use this fields (from fieldmap configuration) for default identity
-$rcmail_config['kolab_auth_name'] = 'name';
-$rcmail_config['kolab_auth_email'] = 'email';
+// Use this fields (from fieldmap configuration) for default identity.
+// Note: These aren't LDAP attributes, but field names in config
+// If the value array contains more than one field, first non-empty will be used
+$rcmail_config['kolab_auth_name'] = array('name', 'cn');
+$rcmail_config['kolab_auth_email'] = array('email');
// Login and password of the admin user. Enables "Login As" feature.
$rcmail_config['kolab_auth_admin_login'] = '';
diff --git a/plugins/kolab_auth/kolab_auth.php b/plugins/kolab_auth/kolab_auth.php
index f993aaf..c5d89ec 100644
--- a/plugins/kolab_auth/kolab_auth.php
+++ b/plugins/kolab_auth/kolab_auth.php
@@ -261,6 +261,7 @@ class kolab_auth extends rcube_plugin
$admin_pass = $rcmail->config->get('kolab_auth_admin_password');
$login_attr = $rcmail->config->get('kolab_auth_login');
$name_attr = $rcmail->config->get('kolab_auth_name');
+ $email_attr = $rcmail->config->get('kolab_auth_email');
// get username and host
$host = rcube_parse_host($args['host']);
@@ -357,18 +358,31 @@ class kolab_auth extends rcube_plugin
// Store UID in session for use by other plugins
$_SESSION['kolab_uid'] = is_array($record['uid']) ? $record['uid'][0] : $record['uid'];
- // Set credentials
+ // Set user login
if ($login_attr) {
$this->data['user_login'] = is_array($record[$login_attr]) ? $record[$login_attr][0] : $record[$login_attr];
}
- if ($name_attr) {
- $this->data['user_name'] = is_array($record[$name_attr]) ? $record[$name_attr][0] : $record[$name_attr];
- }
-
if ($this->data['user_login']) {
$args['user'] = $this->data['user_login'];
}
+ // User name for identity (first log in)
+ foreach ((array)$name_attr as $field) {
+ $name = is_array($record[$field]) ? $record[$field][0] : $record[$field];
+ if (!empty($name)) {
+ $this->data['user_name'] = $name;
+ break;
+ }
+ }
+ // User email for identity (first log in)
+ foreach ((array)$email_attr as $field) {
+ $email = is_array($record[$field]) ? $record[$field][0] : $record[$field];
+ if (!empty($email)) {
+ $this->data['user_email'] = $email;
+ break;
+ }
+ }
+
// Log "Login As" usage
if (!empty($origname)) {
write_log('userlogins', sprintf('Admin login for %s by %s from %s',
diff --git a/plugins/kolab_auth/package.xml b/plugins/kolab_auth/package.xml
index 5213103..abbd21f 100644
--- a/plugins/kolab_auth/package.xml
+++ b/plugins/kolab_auth/package.xml
@@ -18,9 +18,9 @@
<email>machniak at kolabsys.com</email>
<active>yes</active>
</lead>
- <date>2012-02-29</date>
+ <date>2012-10-08</date>
<version>
- <release>0.2</release>
+ <release>0.3</release>
<api>0.1</api>
</version>
<stability>
commit ad9a89eece8b6814ba9efcabfdafa2c46b7d35a0
Author: Aleksander Machniak <machniak at kolabsys.com>
Date: Mon Oct 8 09:38:16 2012 +0200
Throw login error when LDAP connection failes or user not found in LDAP (Bug #512)
diff --git a/plugins/kolab_auth/kolab_auth.php b/plugins/kolab_auth/kolab_auth.php
index 7999956..f993aaf 100644
--- a/plugins/kolab_auth/kolab_auth.php
+++ b/plugins/kolab_auth/kolab_auth.php
@@ -252,6 +252,7 @@ class kolab_auth extends rcube_plugin
$this->load_config();
if (!$this->init_ldap()) {
+ $args['abort'] = true;
return $args;
}
@@ -268,6 +269,7 @@ class kolab_auth extends rcube_plugin
$loginas = trim(get_input_value('_loginas', RCUBE_INPUT_POST));
if (empty($user) || empty($pass)) {
+ $args['abort'] = true;
return $args;
}
@@ -275,6 +277,7 @@ class kolab_auth extends rcube_plugin
$record = $this->get_user_record($user, $host);
if (empty($record)) {
+ $args['abort'] = true;
return $args;
}
@@ -339,7 +342,7 @@ class kolab_auth extends rcube_plugin
}
if (empty($record)) {
- $args['valid'] = false;
+ $args['abort'] = true;
return $args;
}
@@ -351,21 +354,19 @@ class kolab_auth extends rcube_plugin
$_SESSION['kolab_auth_password'] = $rcmail->encrypt($admin_pass);
}
- // Set credentials
- if ($record) {
- // Store UID in session for use by other plugins
- $_SESSION['kolab_uid'] = is_array($record['uid']) ? $record['uid'][0] : $record['uid'];
+ // Store UID in session for use by other plugins
+ $_SESSION['kolab_uid'] = is_array($record['uid']) ? $record['uid'][0] : $record['uid'];
- if ($login_attr) {
- $this->data['user_login'] = is_array($record[$login_attr]) ? $record[$login_attr][0] : $record[$login_attr];
- }
- if ($name_attr) {
- $this->data['user_name'] = is_array($record[$name_attr]) ? $record[$name_attr][0] : $record[$name_attr];
- }
+ // Set credentials
+ if ($login_attr) {
+ $this->data['user_login'] = is_array($record[$login_attr]) ? $record[$login_attr][0] : $record[$login_attr];
+ }
+ if ($name_attr) {
+ $this->data['user_name'] = is_array($record[$name_attr]) ? $record[$name_attr][0] : $record[$name_attr];
+ }
- if ($this->data['user_login']) {
- $args['user'] = $this->data['user_login'];
- }
+ if ($this->data['user_login']) {
+ $args['user'] = $this->data['user_login'];
}
// Log "Login As" usage
commit e0962a39363ae1c354d82c2748718978bb0f32c7
Author: Aleksander Machniak <machniak at kolabsys.com>
Date: Mon Oct 8 09:22:07 2012 +0200
CS fixes
diff --git a/plugins/kolab_auth/kolab_auth.php b/plugins/kolab_auth/kolab_auth.php
index 00b9f8b..7999956 100644
--- a/plugins/kolab_auth/kolab_auth.php
+++ b/plugins/kolab_auth/kolab_auth.php
@@ -130,10 +130,12 @@ class kolab_auth extends rcube_plugin
}
}
+ $dont_override = (array) $rcmail->config->get('dont_override');
+
if (!isset($setting['allow_override']) || !$setting['allow_override']) {
- $rcmail->config->set('dont_override', array_merge($rcmail->config->get('dont_override', Array()), Array($setting_name)));
- } else {
- $dont_override = $rcmail->config->get('dont_override');
+ $rcmail->config->set('dont_override', array_merge($dont_override, array($setting_name)));
+ }
+ else {
if (in_array($setting_name, $dont_override)) {
$_dont_override = array();
foreach ($dont_override as $_setting) {
@@ -162,20 +164,23 @@ class kolab_auth extends rcube_plugin
$prio = $args['name'] == 'errors' ? LOG_ERR : LOG_INFO;
syslog($prio, $args['line']);
return $args;
- } else {
+ }
+ else {
$line = sprintf("[%s]: %s\n", $args['date'], $args['line']);
// log_driver == 'file' is assumed here
- $log_dir = $rcmail->config->get('log_dir', INSTALL_PATH . 'logs');
+ $log_dir = $rcmail->config->get('log_dir', INSTALL_PATH . 'logs');
+ $log_path = $log_dir.'/'.strtolower($_SESSION['kolab_auth_admin']).'/'.strtolower($_SESSION['username']);
// Append original username + target username
- if (!is_dir($log_dir.'/'.strtolower($_SESSION['kolab_auth_admin']).'/'.strtolower($_SESSION['username']))) {
+ if (!is_dir($log_path)) {
// Attempt to create the directory
- if (@mkdir($log_dir.'/'.strtolower($_SESSION['kolab_auth_admin']).'/'.strtolower($_SESSION['username']), 0750, true)) {
- $log_dir = $log_dir.'/'.strtolower($_SESSION['kolab_auth_admin']).'/'.strtolower($_SESSION['username']);
+ if (@mkdir($log_path, 0750, true)) {
+ $log_dir = $log_path;
}
- } else {
- $log_dir = $log_dir.'/'.strtolower($_SESSION['kolab_auth_admin']).'/'.strtolower($_SESSION['username']);
+ }
+ else {
+ $log_dir = $log_path;
}
// try to open specific log file for writing
@@ -187,8 +192,9 @@ class kolab_auth extends rcube_plugin
fclose($fp);
return $args;
}
- else
+ else {
trigger_error("Error writing to log file $logfile; Please check permissions", E_USER_WARNING);
+ }
}
return $args;
@@ -199,10 +205,12 @@ class kolab_auth extends rcube_plugin
*/
public function user_create($args)
{
- if (!empty($this->data['user_email']))
+ if (!empty($this->data['user_email'])) {
$args['user_email'] = $this->data['user_email'];
- if (!empty($this->data['user_name']))
+ }
+ if (!empty($this->data['user_name'])) {
$args['user_name'] = $this->data['user_name'];
+ }
return $args;
}
@@ -316,10 +324,12 @@ class kolab_auth extends rcube_plugin
}
// Save original user login for log (see below)
- if ($login_attr)
+ if ($login_attr) {
$origname = is_array($record[$login_attr]) ? $record[$login_attr][0] : $record[$login_attr];
- else
+ }
+ else {
$origname = $user;
+ }
$record = null;
@@ -346,13 +356,16 @@ class kolab_auth extends rcube_plugin
// Store UID in session for use by other plugins
$_SESSION['kolab_uid'] = is_array($record['uid']) ? $record['uid'][0] : $record['uid'];
- if ($login_attr)
+ if ($login_attr) {
$this->data['user_login'] = is_array($record[$login_attr]) ? $record[$login_attr][0] : $record[$login_attr];
- if ($name_attr)
+ }
+ if ($name_attr) {
$this->data['user_name'] = is_array($record[$name_attr]) ? $record[$name_attr][0] : $record[$name_attr];
+ }
- if ($this->data['user_login'])
+ if ($this->data['user_login']) {
$args['user'] = $this->data['user_login'];
+ }
}
// Log "Login As" usage
@@ -460,10 +473,12 @@ class kolab_auth extends rcube_plugin
$domain = $rcmail->config->get('username_domain');
if (!empty($domain) && strpos($user, '@') === false) {
- if (is_array($domain) && isset($domain[$host]))
+ if (is_array($domain) && isset($domain[$host])) {
$user .= '@'.rcube_parse_host($domain[$host], $host);
- else if (is_string($domain))
+ }
+ else if (is_string($domain)) {
$user .= '@'.rcube_parse_host($domain, $host);
+ }
}
// replace variables in filter
More information about the commits
mailing list