Branch 'kolab-webadmin-3.0' - 5 commits - lib/api lib/Auth lib/Auth.php
Jeroen van Meeuwen
vanmeeuwen at kolabsys.com
Thu Dec 27 19:21:27 CET 2012
lib/Auth.php | 10 +++
lib/Auth/LDAP.php | 79 +++++++++++++++++++++----------
lib/api/kolab_api_service_form_value.php | 69 +++++++++++++++++++++++----
3 files changed, 124 insertions(+), 34 deletions(-)
New commits:
commit aa565f6d71292bb5b3dd545da2075a38e74c53cd
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date: Thu Dec 27 19:18:26 2012 +0100
Correct detecting the base dn for subjects (object's key/type) that are being added. Adding a domain in the web administration panel now functionally does not require adding a section in the kolab.conf configuration file any longer.
diff --git a/lib/Auth.php b/lib/Auth.php
index 26f1d0b..a2a9907 100644
--- a/lib/Auth.php
+++ b/lib/Auth.php
@@ -397,6 +397,11 @@ class Auth {
return call_user_func_array(Array($this->auth_instance(), 'search'), func_get_args());
}
+ public function subject_base_dn($subject)
+ {
+ return $this->auth_instance()->subject_base_dn($subject);
+ }
+
public function user_add($attributes, $typeid = null)
{
return $this->auth_instance()->user_add($attributes, $typeid);
diff --git a/lib/Auth/LDAP.php b/lib/Auth/LDAP.php
index 15b3057..bcf2176 100644
--- a/lib/Auth/LDAP.php
+++ b/lib/Auth/LDAP.php
@@ -542,6 +542,11 @@ class LDAP extends Net_LDAP3 {
return parent::search($base_dn, $filter, $scope, $sort, $search);
}
+ public function subject_base_dn($subject)
+ {
+ return $this->_subject_base_dn($subject);
+ }
+
public function user_add($attrs, $typeid = null)
{
$base_dn = $this->entry_base_dn('user', $typeid);
@@ -1217,10 +1222,6 @@ class LDAP extends Net_LDAP3 {
*/
private function domain_root_dn($domain)
{
- if (!empty($this->domain_root_dn)) {
- return $this->domain_root_dn;
- }
-
if (!$this->connect()) {
$this->_log(LOG_DEBUG, "Could not connect");
return false;
@@ -1257,22 +1258,22 @@ class LDAP extends Net_LDAP3 {
if (is_array($entry_attrs)) {
if (in_array('inetdomainbasedn', $entry_attrs) && !empty($entry_attrs['inetdomainbasedn'])) {
- $this->domain_root_dn = $entry_attrs['inetdomainbasedn'];
+ $domain_root_dn = $entry_attrs['inetdomainbasedn'];
}
else {
if (is_array($entry_attrs[$domain_name_attribute])) {
- $this->domain_root_dn = $this->_standard_root_dn($entry_attrs[$domain_name_attribute][0]);
+ $domain_root_dn = $this->_standard_root_dn($entry_attrs[$domain_name_attribute][0]);
}
else {
- $this->domain_root_dn = $this->_standard_root_dn($entry_attrs[$domain_name_attribute]);
+ $domain_root_dn = $this->_standard_root_dn($entry_attrs[$domain_name_attribute]);
}
}
}
else {
- $this->domain_root_dn = $this->_standard_root_dn($domain);
+ $domain_root_dn = $this->_standard_root_dn($domain);
}
- return $this->domain_root_dn;
+ return $domain_root_dn;
}
diff --git a/lib/api/kolab_api_service_form_value.php b/lib/api/kolab_api_service_form_value.php
index b9fd055..7536340 100644
--- a/lib/api/kolab_api_service_form_value.php
+++ b/lib/api/kolab_api_service_form_value.php
@@ -980,15 +980,7 @@ class kolab_api_service_form_value extends kolab_api_service
$object_type = $postdata['object_type'];
$object_key = $postdata['type_key'];
- if ($object_key && $object_type) {
- $base_dn = $conf->get($object_key . '_' . $object_type . '_base_dn');
- }
- if (!$base_dn && $object_type) {
- $base_dn = $conf->get($object_type . '_base_dn');
- }
- if (!$base_dn) {
- $base_dn = $conf->get('base_dn');
- }
+ $base_dn = $auth->subject_base_dn($object_key . '_' . $object_type);
if (!empty($postdata['id'])) {
$subjects = $auth->search($base_dn, '(' . $unique_attr . '=' . $postdata['id'] . ')')->entries(true);
commit db839380bd42cacb522e288e596720c9a77edaeb
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date: Wed Dec 26 14:49:55 2012 +0100
Deduplicate secondary recipient email addresses that are already the primary mail address
diff --git a/lib/api/kolab_api_service_form_value.php b/lib/api/kolab_api_service_form_value.php
index 1a1a469..b9fd055 100644
--- a/lib/api/kolab_api_service_form_value.php
+++ b/lib/api/kolab_api_service_form_value.php
@@ -737,6 +737,12 @@ class kolab_api_service_form_value extends kolab_api_service
}
+ if (in_array($postdata['mail'], $secondary_mail_addresses)) {
+ Log::trace("Found primary mail as part of the secondary mail addresses");
+
+ unset($secondary_mail_addresses[array_search($postdata['mail'], $secondary_mail_addresses)]);
+ }
+
return $secondary_mail_addresses;
}
}
commit b7f17aafaffa9d2976eafb3314366489bcc2ae40
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date: Wed Dec 26 14:35:12 2012 +0100
Attach generate_secondary_mail() to finding (other) recipients that may already have the recipient address in use.
diff --git a/lib/api/kolab_api_service_form_value.php b/lib/api/kolab_api_service_form_value.php
index 2beee83..1a1a469 100644
--- a/lib/api/kolab_api_service_form_value.php
+++ b/lib/api/kolab_api_service_form_value.php
@@ -682,9 +682,60 @@ class kolab_api_service_form_value extends kolab_api_service
}
}
- $secondary_mail_addresses = kolab_recipient_policy::secondary_mail($postdata);
+ $_secondary_mail_addresses = kolab_recipient_policy::secondary_mail($postdata);
// TODO: Check for uniqueness. Not sure what to do if not unique.
+ $secondary_mail_addresses = Array();
+
+ $auth = Auth::get_instance();
+ $conf = Conf::get_instance();
+
+ // Find the authentication mechanism in order to be able to fall back from a
+ // '[$domain]' section setting for the mail attributes list, to an '[$auth_mech]'
+ // section setting
+ $auth_mech = $conf->get($_SESSION['user']->get_domain(), 'auth_mechanism');
+ if (empty($auth_mech)) {
+ $auth_mech = $conf->get('kolab', 'auth_mechanism');
+ }
+ if (empty($auth_mech)) {
+ $auth_mech = 'ldap';
+ }
+
+ $mail_attrs = $conf->get_list($_SESSION['user']->get_domain(), 'mail_attributes');
+ if (empty($mail_attrs)) {
+ $mail_attrs = $conf->get_list($auth_mech, 'mail_attributes');
+ }
+ if (empty($mail_attrs)) {
+ $mail_attrs = array('mail', 'alias');
+ }
+
+ foreach ($_secondary_mail_addresses as $num => $alias) {
+ list($_local, $_domain) = explode("@", $alias);
+ $local = $_local;
+
+ $x = 2;
+ while (($user_found = $auth->find_recipient($local . "@" . $_domain))) {
+ Log::trace(__FUNCTION__ . ": An entry with address " . $local . "@" . $_domain . " was found.");
+
+ if (!empty($postdata['id'])) {
+ $user_found_dn = key($user_found);
+ $user_found_unique_attr = $auth->get_entry_attribute($user_found_dn, $unique_attr);
+ if ($user_found_unique_attr == $postdata['id']) {
+ Log::trace(__FUNCTION__ . ": Entry with address " . $local . "@" . $_domain . " is actually us.");
+ break;
+ }
+ } // empty($postdata['id'])
+
+ // Otherwise this is a new user and therefore the entry found with
+ // this address is definitely not us
+
+ $local = $_local . $x;
+ $x++;
+ }
+
+ $secondary_mail_addresses[] = $local . "@" . $_domain;
+
+ }
return $secondary_mail_addresses;
}
commit 8491629ef52d8025713cb1332873a466c5c29832
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date: Wed Dec 26 14:34:17 2012 +0100
Add a function find_recipient in order to determine whether a specific recipient address is in use already
diff --git a/lib/Auth.php b/lib/Auth.php
index d7a0467..26f1d0b 100644
--- a/lib/Auth.php
+++ b/lib/Auth.php
@@ -234,6 +234,11 @@ class Auth {
return $this->auth_instance()->domain_info($domaindata);
}
+ public function find_recipient($address)
+ {
+ return $this->auth_instance()->find_recipient($address);
+ }
+
public function find_user_groups($member_dn)
{
return $this->auth_instance()->find_user_groups($member_dn);
diff --git a/lib/Auth/LDAP.php b/lib/Auth/LDAP.php
index 60a870c..15b3057 100644
--- a/lib/Auth/LDAP.php
+++ b/lib/Auth/LDAP.php
@@ -243,6 +243,35 @@ class LDAP extends Net_LDAP3 {
}
+ public function find_recipient($address)
+ {
+ $this->bind($_SESSION['user']->user_bind_dn, $_SESSION['user']->user_bind_pw);
+
+ $mail_attrs = $this->conf->get_list('mail_attributes', array('mail', 'alias'));
+
+ $search = array(
+ 'params' => array(
+ 'type' => 'exact'
+ ),
+ 'operator' => "OR"
+ );
+
+ foreach ($mail_attrs as $num => $attr) {
+ $search['params'][$attr] = array(
+ 'type' => 'exact',
+ 'value' => $address,
+ );
+ }
+
+ $result = $this->search_entries($this->config_get('root_dn'), '(objectclass=*)', 'sub', null, $search);
+
+ if ($result->count() > 0) {
+ return $result->entries(TRUE);
+ } else {
+ return FALSE;
+ }
+ }
+
public function get_attributes($subject_dn, $attributes)
{
$this->_log(LOG_DEBUG, "Auth::LDAP::get_attributes() for $subject_dn");
commit ba25c2447276f31f8dc2a69e2612211a3bc08b4b
Author: Aleksander Machniak <alec at alec.pl>
Date: Thu Dec 20 14:04:51 2012 +0100
Fix detecting base_dn for created objects (Bug #1464)
diff --git a/lib/Auth/LDAP.php b/lib/Auth/LDAP.php
index 0371834..60a870c 100644
--- a/lib/Auth/LDAP.php
+++ b/lib/Auth/LDAP.php
@@ -679,7 +679,7 @@ class LDAP extends Net_LDAP3 {
$sql = $db->fetch_assoc($db->query("SELECT `key` FROM {$type}_types WHERE id = ?", $typeid));
// Check if the type has a specific base DN specified.
- $base_dn = $this->_subject_base_dn($sql['key'] . '_' . $type);
+ $base_dn = $this->_subject_base_dn($sql['key'] . '_' . $type, true);
}
if (empty($base_dn)) {
@@ -746,8 +746,19 @@ class LDAP extends Net_LDAP3 {
}
}
- private function _subject_base_dn($subject)
+ private function _subject_base_dn($subject, $strict = false)
{
+ $subject_base_dn = $this->conf->get_raw($this->domain, $subject . "_base_dn");
+
+ if (empty($subject_base_dn)) {
+ $subject_base_dn = $this->conf->get_raw("ldap", $subject . "_base_dn");
+ }
+
+ if (empty($subject_base_dn) && $strict) {
+ $this->_log(LOG_DEBUG, "subject_base_dn for subject $subject not found");
+ return null;
+ }
+
// Attempt to get a configured base_dn
$base_dn = $this->conf->get($this->domain, "base_dn");
@@ -755,21 +766,11 @@ class LDAP extends Net_LDAP3 {
$base_dn = $this->domain_root_dn($this->domain);
}
- $this->_log(LOG_DEBUG, __FILE__ . "::" . __FUNCTION__ . " using base_dn $base_dn");
-
- if (empty($subject)) {
- return $base_dn;
- } else {
- $subject_base_dn = $this->conf->get_raw($this->domain, $subject . "_base_dn");
- if (empty($subject_base_dn)) {
- $subject_base_dn = $this->conf->get_raw("ldap", $subject . "_base_dn");
- }
- if (!empty($subject_base_dn)) {
- $base_dn = $this->conf->expand($subject_base_dn, array("base_dn" => $base_dn));
- }
+ if (!empty($subject_base_dn)) {
+ $base_dn = $this->conf->expand($subject_base_dn, array("base_dn" => $base_dn));
}
- $this->_log(LOG_DEBUG, "subject_base_dn for subject $subject results in $base_dn");
+ $this->_log(LOG_DEBUG, "subject_base_dn for subject $subject is $base_dn");
return $base_dn;
}
More information about the commits
mailing list