/**
* Grant privileges to user@database
* @TODO Limited usage to a few basic commands only
* @param string $user User name (with or without prefix)
* @param string $database Database name (with or without prefix)
* @param string $priv Privileges
* @return boolean
*/
public function grant($user, $database, $priv)
{
// Connect to database
$rc = $this->_connect();
if ($rc === false) {
return false;
}
// Input validation
if ($user == '' || $database == '') {
Log::error('Input validation failed');
return false;
}
$this->_parsePrefix($user);
$this->_parsePrefix($database);
Log::debug('Grant privileges to: ' . $user . '/' . $database);
// Grant privileges
$rc = $this->mdb->query("GRANT " . $priv . " ON `" . $database . "`.* TO '" . $user . "'@'localhost'");
if ($rc === false) {
Log::error('Error while granting privileges: ' . $priv . ' to ' . $user . '@' . $database);
return false;
}
return true;
}
/**
* Delete a virtual host
* @param string $domainName Domain name to delete
* @param boolean $keepHome Delete (default) or keep the user home directory
* @return boolean
*/
public function delete($domainName = '', $keepHome = false)
{
// Validate input
if ($domainName !== '') {
$this->domainName = $domainName;
}
if ($this->domainName === '') {
Log::error('Input validation failed');
return false;
}
// Get domain name from database
$rc = $this->get();
if ($rc === false) {
return false;
}
// Make sure this is a virtual host and not a parked domain
if ($this->parkedUnder != '') {
Log::error('The domain \'' . $this->domainName . '\' is not a virtual host, but a parked domain');
return false;
}
Log::debug('Delete virtual host: ' . $domainName);
// Get parked domains
$parkedDomains = $this->_relatedParkedDomains();
// Loop parked domains
foreach ($parkedDomains as $p) {
// Delete parked domains
$rc = $this->removeParkedDomain($p);
if ($rc === false) {
Log::error('Error while removing parked domain');
return false;
}
}
// Delete system user account
if ($keepHome === false) {
$keepHome = '-f -r ';
} else {
$keepHome = '';
}
exec('/usr/sbin/userdel ' . $keepHome . escapeshellarg($this->unixName));
// PKI/TLS
if (is_file(Config::read('pkitls|directoryCerts') . '/' . $this->domainName . '.crt')) {
unlink(Config::read('pkitls|directoryCerts') . '/' . $this->domainName . '.crt');
}
if (is_file(Config::read('pkitls|directoryCerts') . '/' . $this->domainName . '.cabundle')) {
unlink(Config::read('pkitls|directoryCerts') . '/' . $this->domainName . '.cabundle');
}
if (is_file(Config::read('pkitls|directoryPrivate') . '/' . $this->domainName . '.key')) {
unlink(Config::read('pkitls|directoryPrivate') . '/' . $this->domainName . '.key');
}
// Delete NSD configuration and zone files
if (is_file(Config::read('nsd|directoryConfD') . '/' . $this->domainName . '.conf')) {
unlink(Config::read('nsd|directoryConfD') . '/' . $this->domainName . '.conf');
}
if (is_file(Config::read('nsd|directoryConfD') . '/' . $this->domainName . '.zone')) {
unlink(Config::read('nsd|directoryConfD') . '/' . $this->domainName . '.zone');
}
// Delete vhost directory
if (is_link('/etc/dovecot/vhost/' . $this->domainName)) {
unlink('/etc/dovecot/vhost/' . $this->domainName);
}
// Delete Apache virtual host file
if (is_file(Config::read('apache|directoryConfD') . '/' . $this->domainName . '.conf')) {
unlink(Config::read('apache|directoryConfD') . '/' . $this->domainName . '.conf');
}
// Delete Apache log files
if (is_file('/var/log/httpd/' . $this->domainName)) {
unlink('/var/log/httpd/' . $this->domainName);
}
if (is_file('/var/log/httpd/' . $this->domainName . '-bytes_log')) {
unlink('/var/log/httpd/' . $this->domainName . '-bytes_log');
}
if (is_file('/var/log/httpd/' . $this->domainName . '-ssl_log')) {
unlink('/var/log/httpd/' . $this->domainName . '-ssl_log');
}
// Delete cron file
if (is_file('/var/spool/cron/' . $this->unixName)) {
unlink('/var/spool/cron/' . $this->unixName);
}
// Remove from database
// Prepare statement
$preped = $this->db->conn->prepare("DELETE FROM `virtualHostMx` WHERE VirtualHost_ID=:id");
// Bind parameter
$preped->bindParam(':id', $this->id);
// Execute prepared statement
$rc = $preped->execute();
if ($rc === false) {
Log::error('Error while deleting mail exchange server from the database table: virtualHostMx');
return false;
}
// Prepare statement
$preped = $this->db->conn->prepare("DELETE FROM `virtualHostNs` WHERE VirtualHost_ID=:id");
// Bind parameter
$preped->bindParam(':id', $this->id);
// Execute prepared statement
$rc = $preped->execute();
if ($rc === false) {
Log::error('Error while deleting name server from the database table: virtualHostNs');
return false;
}
// Prepare statement
$preped = $this->db->conn->prepare("DELETE FROM `virtualHost` WHERE Id=:id");
// Bind parameter
$preped->bindParam(':id', $this->id);
// Execute prepared statement
$rc = $preped->execute();
if ($rc === false) {
Log::error('Error while deleting virtual host from the database table: virtualHost');
return false;
}
// Check if MariaDB is enabled
if (Config::read('mariadb') === 'enabled') {
// Create database object
$mdb = new DatabaseMariaDb();
if ($mdb === false) {
Log::error('Error while creating database object');
return false;
}
// Open database connection
$mdb->open();
if ($mdb === false) {
Log::error('Error while opening connection to database');
return false;
}
// Find all relevant databases for this user
$preped = $mdb->conn->prepare("SHOW DATABASES LIKE :dbprefix");
// Bind parameter
$expandLike = $this->dbPrefix . '_%';
$preped->bindParam(':dbprefix', $expandLike);
// Execute prepared statement
$rc = $preped->execute();
if ($rc === false) {
Log::error('Error while running SHOW DATABASES');
return false;
}
// Fetch all results in one array
$result = $preped->fetchAll(PDO::FETCH_NUM);
// Loop and drop all databases
foreach ($result as $r) {
$rc = $mdb->query('DROP DATABASE `' . $r[0] . '`');
if ($rc === false) {
Log::error('Error while dropping database: ' . $r[0]);
}
}
// Find all relevant users
$preped = $mdb->conn->prepare("SELECT DISTINCT User FROM mysql.db WHERE User LIKE :dbprefix");
// Bind parameter
$expandLike = $this->dbPrefix . '_%';
$preped->bindParam(':dbprefix', $expandLike);
// Execute prepared statement
$rc = $preped->execute();
if ($rc === false) {
Log::error('Error while running SELECT DISTINCT');
return false;
}
// Fetch all results in one array
$result = $preped->fetchAll(PDO::FETCH_NUM);
// Manually add the database prefix user
$result[] = array($this->dbPrefix);
// Prepare statement
$preped = $mdb->conn->prepare("DROP USER :dbprefix@'localhost'");
// Loop and drop all databases
foreach ($result as $r) {
$preped->bindParam(':dbprefix', $r[0]);
$rc = $preped->execute();
if ($rc === false) {
Log::error('Error while dropping user: ' . $r[0]);
}
}
}
return true;
}
installFile($vhost, $sslKey, Config::read('pkitls|directoryPrivate') . '/' . $vhost->domainName . '.key', 0600);
}
// Install SSL/TLS certificate
if ($sslCert != '') {
Log::debug('Installing SSL/TLS certificate');
installFile($vhost, $sslCert, Config::read('pkitls|directoryCerts') . '/' . $vhost->domainName . '.crt', 0600);
}
// Install SSL/TLS CA bundle
if ($sslBundle != '') {
Log::debug('Installing SSL/TLS certificate');
installFile($vhost, $sslBundle, Config::read('pkitls|directoryCerts') . '/' . $vhost->domainName . '.cabundle', 0600);
}
// Check if MariaDB is enabled
if (Config::read('mariadb') === 'enabled') {
// Create database object
$mdb = new DatabaseMariaDb();
if ($mdb === false) {
Log::error('Error while creating database object');
exit(9);
}
// Open database connection
$rc = $mdb->open();
if ($rc === false) {
Log::error('Error while opening connection to database');
exit(9);
}
if ($vhost->sqlPrivileges != '') {
Log::debug('Executing MariaDB privileges');
// Remove comments
$patterns = array('/^-- .*$/m', '/^\\/\\*.*$/m', '/\\/\\*(.*)\\*\\//u');
$vhost->sqlPrivileges = preg_replace($patterns, '', $vhost->sqlPrivileges);
/**
* Export configuration (config.inc.php)
* @param DatabaseSqlite3 &$db Database object
* @return boolean
*/
public function exportConfiguration(&$db)
{
Log::debug('Export configuration: roundcube');
// If MariaDB is enabled
if (Config::read('mariadb') === 'enabled') {
// Create database object
$mdb = new DatabaseMariaDb();
if ($mdb === false) {
return false;
}
// Open database connection
$mdb->open();
if ($mdb === false) {
return false;
}
// Detect if the Roundcube table ('roundcubemail') has already been created and privileges already set
$mdb->query('SHOW DATABASES LIKE "roundcubemail"');
$mdb->next_row();
if ($mdb->row === false) {
// Create database
$mdb->query('CREATE DATABASE roundcubemail CHARACTER SET = "utf8" COLLATE = "utf8_unicode_ci"');
// Set privileges
$mdb->query("GRANT ALL PRIVILEGES ON roundcubemail.* TO roundcubemail@'localhost' IDENTIFIED BY '" . Config::read('roundcube|dbPassword') . "'");
$mdb->query('FLUSH PRIVILEGES');
// Select database
$mdb->query('USE roundcubemail');
// Load initial SQL database scheme
$sql = file_get_contents('/usr/share/roundcubemail/SQL/mysql.initial.sql');
// Remove comments
$patterns = array('/^-- .*$/m', '/^\\/\\*.*$/m', '/\\/\\*(.*)\\*\\//u');
$sql = preg_replace($patterns, '', $sql);
// Convert to a single line of multiple statements
$sql = str_replace("\n", ' ', preg_replace(array('/,\\n/', '/\\n\\)/m', '/\\)\\n/', '/\\(\\n/'), array(', ', ') ', ') ', '( '), $sql));
// Execute
$mdb->conn->exec($sql);
} else {
// Select table
$mdb->query('USE roundcubemail');
// Reset password of roundcubemail user, in case this is a re-run of the setup, this avoids stale passwords
$mdb->query("SET PASSWORD FOR roundcubemail@'localhost' = PASSWORD('" . Config::read('roundcube|dbPassword') . "')");
}
}
// Smarty template
$smarty = TemplateFactory::create();
if ($smarty === false) {
return false;
}
// Assign variables
$smarty->assign('USER', 'roundcubemail');
$smarty->assign('PASSWORD', Config::read('roundcube|dbPassword'));
$smarty->assign('DESKEY', Config::read('roundcube|desKey'));
// Generate config.inc.php
$rc = $this->saveConfigFile(Config::read('roundcube|configFile'), 'configincphp', 'roundcube.tpl', $smarty, '<' . '?php ');
if ($rc === false) {
return false;
}
// Restrict permissions and ownership
chmod(Config::read('roundcube|configFile'), 0640);
chgrp(Config::read('roundcube|configFile'), 'apache');
// Generate roundcubemail.conf
$rc = $this->saveConfigFile(Config::read('apache|directoryConfD') . '/roundcubemail.conf', 'roundcubemailconf', 'roundcube.tpl', $smarty);
if ($rc === false) {
return false;
} else {
return true;
}
}
