Branch 'kolab-webadmin-3.0' - 5 commits - lib/api lib/Auth lib/Auth.php

Jeroen van Meeuwen vanmeeuwen at kolabsys.com
Thu Dec 27 19:21:27 CET 2012


 lib/Auth.php                             |   10 +++
 lib/Auth/LDAP.php                        |   79 +++++++++++++++++++++----------
 lib/api/kolab_api_service_form_value.php |   69 +++++++++++++++++++++++----
 3 files changed, 124 insertions(+), 34 deletions(-)

New commits:
commit aa565f6d71292bb5b3dd545da2075a38e74c53cd
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date:   Thu Dec 27 19:18:26 2012 +0100

    Correct detecting the base dn for subjects (object's key/type) that are being added. Adding a domain in the web administration panel now functionally does not require adding a section in the kolab.conf configuration file any longer.

diff --git a/lib/Auth.php b/lib/Auth.php
index 26f1d0b..a2a9907 100644
--- a/lib/Auth.php
+++ b/lib/Auth.php
@@ -397,6 +397,11 @@ class Auth {
         return call_user_func_array(Array($this->auth_instance(), 'search'), func_get_args());
     }
 
+    public function subject_base_dn($subject)
+    {
+        return $this->auth_instance()->subject_base_dn($subject);
+    }
+
     public function user_add($attributes, $typeid = null)
     {
         return $this->auth_instance()->user_add($attributes, $typeid);
diff --git a/lib/Auth/LDAP.php b/lib/Auth/LDAP.php
index 15b3057..bcf2176 100644
--- a/lib/Auth/LDAP.php
+++ b/lib/Auth/LDAP.php
@@ -542,6 +542,11 @@ class LDAP extends Net_LDAP3 {
         return parent::search($base_dn, $filter, $scope, $sort, $search);
     }
 
+    public function subject_base_dn($subject)
+    {
+        return $this->_subject_base_dn($subject);
+    }
+
     public function user_add($attrs, $typeid = null)
     {
         $base_dn = $this->entry_base_dn('user', $typeid);
@@ -1217,10 +1222,6 @@ class LDAP extends Net_LDAP3 {
      */
     private function domain_root_dn($domain)
     {
-        if (!empty($this->domain_root_dn)) {
-            return $this->domain_root_dn;
-        }
-
         if (!$this->connect()) {
             $this->_log(LOG_DEBUG, "Could not connect");
             return false;
@@ -1257,22 +1258,22 @@ class LDAP extends Net_LDAP3 {
 
         if (is_array($entry_attrs)) {
             if (in_array('inetdomainbasedn', $entry_attrs) && !empty($entry_attrs['inetdomainbasedn'])) {
-                $this->domain_root_dn = $entry_attrs['inetdomainbasedn'];
+                $domain_root_dn = $entry_attrs['inetdomainbasedn'];
             }
             else {
                 if (is_array($entry_attrs[$domain_name_attribute])) {
-                    $this->domain_root_dn = $this->_standard_root_dn($entry_attrs[$domain_name_attribute][0]);
+                    $domain_root_dn = $this->_standard_root_dn($entry_attrs[$domain_name_attribute][0]);
                 }
                 else {
-                    $this->domain_root_dn = $this->_standard_root_dn($entry_attrs[$domain_name_attribute]);
+                    $domain_root_dn = $this->_standard_root_dn($entry_attrs[$domain_name_attribute]);
                 }
             }
         }
         else {
-            $this->domain_root_dn = $this->_standard_root_dn($domain);
+            $domain_root_dn = $this->_standard_root_dn($domain);
         }
 
-        return $this->domain_root_dn;
+        return $domain_root_dn;
 
     }
 
diff --git a/lib/api/kolab_api_service_form_value.php b/lib/api/kolab_api_service_form_value.php
index b9fd055..7536340 100644
--- a/lib/api/kolab_api_service_form_value.php
+++ b/lib/api/kolab_api_service_form_value.php
@@ -980,15 +980,7 @@ class kolab_api_service_form_value extends kolab_api_service
         $object_type = $postdata['object_type'];
         $object_key  = $postdata['type_key'];
 
-        if ($object_key && $object_type) {
-            $base_dn = $conf->get($object_key . '_' . $object_type . '_base_dn');
-        }
-        if (!$base_dn && $object_type) {
-            $base_dn = $conf->get($object_type . '_base_dn');
-        }
-        if (!$base_dn) {
-            $base_dn = $conf->get('base_dn');
-        }
+        $base_dn = $auth->subject_base_dn($object_key . '_' . $object_type);
 
         if (!empty($postdata['id'])) {
             $subjects = $auth->search($base_dn, '(' . $unique_attr . '=' . $postdata['id'] . ')')->entries(true);


commit db839380bd42cacb522e288e596720c9a77edaeb
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date:   Wed Dec 26 14:49:55 2012 +0100

    Deduplicate secondary recipient email addresses that are already the primary mail address

diff --git a/lib/api/kolab_api_service_form_value.php b/lib/api/kolab_api_service_form_value.php
index 1a1a469..b9fd055 100644
--- a/lib/api/kolab_api_service_form_value.php
+++ b/lib/api/kolab_api_service_form_value.php
@@ -737,6 +737,12 @@ class kolab_api_service_form_value extends kolab_api_service
 
             }
 
+            if (in_array($postdata['mail'], $secondary_mail_addresses)) {
+                Log::trace("Found primary mail as part of the secondary mail addresses");
+
+                unset($secondary_mail_addresses[array_search($postdata['mail'], $secondary_mail_addresses)]);
+            }
+
             return $secondary_mail_addresses;
         }
     }


commit b7f17aafaffa9d2976eafb3314366489bcc2ae40
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date:   Wed Dec 26 14:35:12 2012 +0100

    Attach generate_secondary_mail() to finding (other) recipients that may already have the recipient address in use.

diff --git a/lib/api/kolab_api_service_form_value.php b/lib/api/kolab_api_service_form_value.php
index 2beee83..1a1a469 100644
--- a/lib/api/kolab_api_service_form_value.php
+++ b/lib/api/kolab_api_service_form_value.php
@@ -682,9 +682,60 @@ class kolab_api_service_form_value extends kolab_api_service
                 }
             }
 
-            $secondary_mail_addresses = kolab_recipient_policy::secondary_mail($postdata);
+            $_secondary_mail_addresses = kolab_recipient_policy::secondary_mail($postdata);
 
             // TODO: Check for uniqueness. Not sure what to do if not unique.
+            $secondary_mail_addresses = Array();
+
+            $auth = Auth::get_instance();
+            $conf = Conf::get_instance();
+
+            // Find the authentication mechanism in order to be able to fall back from a
+            // '[$domain]' section setting for the mail attributes list, to an '[$auth_mech]'
+            // section setting
+            $auth_mech = $conf->get($_SESSION['user']->get_domain(), 'auth_mechanism');
+            if (empty($auth_mech)) {
+                $auth_mech = $conf->get('kolab', 'auth_mechanism');
+            }
+            if (empty($auth_mech)) {
+                $auth_mech = 'ldap';
+            }
+
+            $mail_attrs = $conf->get_list($_SESSION['user']->get_domain(), 'mail_attributes');
+            if (empty($mail_attrs)) {
+                $mail_attrs = $conf->get_list($auth_mech, 'mail_attributes');
+            }
+            if (empty($mail_attrs)) {
+                $mail_attrs = array('mail', 'alias');
+            }
+
+            foreach ($_secondary_mail_addresses as $num => $alias) {
+                list($_local, $_domain) = explode("@", $alias);
+                $local = $_local;
+
+                $x = 2;
+                while (($user_found = $auth->find_recipient($local . "@" . $_domain))) {
+                    Log::trace(__FUNCTION__ . ": An entry with address " . $local . "@" . $_domain . " was found.");
+
+                    if (!empty($postdata['id'])) {
+                        $user_found_dn = key($user_found);
+                        $user_found_unique_attr = $auth->get_entry_attribute($user_found_dn, $unique_attr);
+                        if ($user_found_unique_attr == $postdata['id']) {
+                            Log::trace(__FUNCTION__ . ": Entry with address " . $local . "@" . $_domain . " is actually us.");
+                            break;
+                        }
+                    } // empty($postdata['id'])
+
+                    // Otherwise this is a new user and therefore the entry found with
+                    // this address is definitely not us
+
+                    $local = $_local . $x;
+                    $x++;
+                }
+
+                $secondary_mail_addresses[] = $local . "@" . $_domain;
+
+            }
 
             return $secondary_mail_addresses;
         }


commit 8491629ef52d8025713cb1332873a466c5c29832
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date:   Wed Dec 26 14:34:17 2012 +0100

    Add a function find_recipient in order to determine whether a specific recipient address is in use already

diff --git a/lib/Auth.php b/lib/Auth.php
index d7a0467..26f1d0b 100644
--- a/lib/Auth.php
+++ b/lib/Auth.php
@@ -234,6 +234,11 @@ class Auth {
         return $this->auth_instance()->domain_info($domaindata);
     }
 
+    public function find_recipient($address)
+    {
+        return $this->auth_instance()->find_recipient($address);
+    }
+
     public function find_user_groups($member_dn)
     {
         return $this->auth_instance()->find_user_groups($member_dn);
diff --git a/lib/Auth/LDAP.php b/lib/Auth/LDAP.php
index 60a870c..15b3057 100644
--- a/lib/Auth/LDAP.php
+++ b/lib/Auth/LDAP.php
@@ -243,6 +243,35 @@ class LDAP extends Net_LDAP3 {
 
     }
 
+    public function find_recipient($address)
+    {
+        $this->bind($_SESSION['user']->user_bind_dn, $_SESSION['user']->user_bind_pw);
+
+        $mail_attrs = $this->conf->get_list('mail_attributes', array('mail', 'alias'));
+
+        $search = array(
+                'params' => array(
+                        'type' => 'exact'
+                    ),
+                'operator' => "OR"
+            );
+
+        foreach ($mail_attrs as $num => $attr) {
+            $search['params'][$attr] = array(
+                        'type' => 'exact',
+                        'value' => $address,
+                );
+        }
+
+        $result = $this->search_entries($this->config_get('root_dn'), '(objectclass=*)', 'sub', null, $search);
+
+        if ($result->count() > 0) {
+            return $result->entries(TRUE);
+        } else {
+            return FALSE;
+        }
+    }
+
     public function get_attributes($subject_dn, $attributes)
     {
         $this->_log(LOG_DEBUG, "Auth::LDAP::get_attributes() for $subject_dn");


commit ba25c2447276f31f8dc2a69e2612211a3bc08b4b
Author: Aleksander Machniak <alec at alec.pl>
Date:   Thu Dec 20 14:04:51 2012 +0100

    Fix detecting base_dn for created objects (Bug #1464)

diff --git a/lib/Auth/LDAP.php b/lib/Auth/LDAP.php
index 0371834..60a870c 100644
--- a/lib/Auth/LDAP.php
+++ b/lib/Auth/LDAP.php
@@ -679,7 +679,7 @@ class LDAP extends Net_LDAP3 {
             $sql = $db->fetch_assoc($db->query("SELECT `key` FROM {$type}_types WHERE id = ?", $typeid));
 
             // Check if the type has a specific base DN specified.
-            $base_dn = $this->_subject_base_dn($sql['key'] . '_' . $type);
+            $base_dn = $this->_subject_base_dn($sql['key'] . '_' . $type, true);
         }
 
         if (empty($base_dn)) {
@@ -746,8 +746,19 @@ class LDAP extends Net_LDAP3 {
         }
     }
 
-    private function _subject_base_dn($subject)
+    private function _subject_base_dn($subject, $strict = false)
     {
+        $subject_base_dn = $this->conf->get_raw($this->domain, $subject . "_base_dn");
+
+        if (empty($subject_base_dn)) {
+            $subject_base_dn = $this->conf->get_raw("ldap", $subject . "_base_dn");
+        }
+
+        if (empty($subject_base_dn) && $strict) {
+            $this->_log(LOG_DEBUG, "subject_base_dn for subject $subject not found");
+            return null;
+        }
+
         // Attempt to get a configured base_dn
         $base_dn = $this->conf->get($this->domain, "base_dn");
 
@@ -755,21 +766,11 @@ class LDAP extends Net_LDAP3 {
             $base_dn = $this->domain_root_dn($this->domain);
         }
 
-        $this->_log(LOG_DEBUG, __FILE__ . "::" . __FUNCTION__ . " using base_dn $base_dn");
-
-        if (empty($subject)) {
-            return $base_dn;
-        } else {
-            $subject_base_dn = $this->conf->get_raw($this->domain, $subject . "_base_dn");
-            if (empty($subject_base_dn)) {
-                $subject_base_dn = $this->conf->get_raw("ldap", $subject . "_base_dn");
-            }
-            if (!empty($subject_base_dn)) {
-                $base_dn = $this->conf->expand($subject_base_dn, array("base_dn" => $base_dn));
-            }
+        if (!empty($subject_base_dn)) {
+            $base_dn = $this->conf->expand($subject_base_dn, array("base_dn" => $base_dn));
         }
 
-        $this->_log(LOG_DEBUG, "subject_base_dn for subject $subject results in $base_dn");
+        $this->_log(LOG_DEBUG, "subject_base_dn for subject $subject is $base_dn");
 
         return $base_dn;
     }





More information about the commits mailing list