/**
* Authenticates the remote user
* The sent HTTP authentication information is used to on Backend->Logon().
* As second step the GET-User verified by Backend->Setup() for permission check
* Request::GetGETUser() is usually the same as the Request::GetAuthUser().
* If the GETUser is different from the AuthUser, the AuthUser MUST HAVE admin
* permissions on GETUsers data store. Only then the Setup() will be sucessfull.
* This allows the user 'john' to do operations as user 'joe' if he has sufficient privileges.
*
* @access public
* @return
* @throws AuthenticationRequiredException
*/
public static function Authenticate()
{
self::$userIsAuthenticated = false;
// when a certificate is sent, allow authentication only as the certificate owner
if (defined("CERTIFICATE_OWNER_PARAMETER") && isset($_SERVER[CERTIFICATE_OWNER_PARAMETER]) && strtolower($_SERVER[CERTIFICATE_OWNER_PARAMETER]) != strtolower(Request::GetAuthUser())) {
throw new AuthenticationRequiredException(sprintf("Access denied. Access is allowed only for the certificate owner '%s'", $_SERVER[CERTIFICATE_OWNER_PARAMETER]));
}
$backend = ZPush::GetBackend();
if ($backend->Logon(Request::GetAuthUser(), Request::GetAuthDomain(), Request::GetAuthPassword()) == false) {
throw new AuthenticationRequiredException("Access denied. Username or password incorrect");
}
// mark this request as "authenticated"
self::$userIsAuthenticated = true;
}
/**
* Authenticates the remote user
* The sent HTTP authentication information is used to on Backend->Logon().
* As second step the GET-User verified by Backend->Setup() for permission check
* Request::GetGETUser() is usually the same as the Request::GetAuthUser().
* If the GETUser is different from the AuthUser, the AuthUser MUST HAVE admin
* permissions on GETUsers data store. Only then the Setup() will be sucessfull.
* This allows the user 'john' to do operations as user 'joe' if he has sufficient privileges.
*
* @access public
* @return
* @throws AuthenticationRequiredException
*/
public static function Authenticate()
{
self::$userIsAuthenticated = false;
$backend = ZPush::GetBackend();
if ($backend->Logon(Request::GetAuthUser(), Request::GetAuthDomain(), Request::GetAuthPassword()) == false) {
throw new AuthenticationRequiredException("Access denied. Username or password incorrect");
}
// mark this request as "authenticated"
self::$userIsAuthenticated = true;
// check Auth-User's permissions on GETUser's store
if ($backend->Setup(Request::GetGETUser(), true) == false) {
throw new AuthenticationRequiredException(sprintf("Not enough privileges of '%s' to setup for user '%s': Permission denied", Request::GetAuthUser(), Request::GetGETUser()));
}
}
function update_calendar_attendee($uid, $mailto, $status)
{
ZLog::Write(LOGLEVEL_DEBUG, sprintf("BackendIMAP->update_calendar_attendee('%s', '%s', '%s'): Updating calendar event attendee", $uid, $mailto, $status));
$updated = false;
if ($uid === false) {
ZLog::Write(LOGLEVEL_WARN, "BackendIMAP->update_calendar_attendee(): UID not found; report the full calendar object to developers");
} else {
if (defined('IMAP_MEETING_USE_CALDAV') && IMAP_MEETING_USE_CALDAV) {
$caldav = new BackendCalDAV();
if ($caldav->Logon(Request::GetAuthUser(), Request::GetAuthDomain(), Request::GetAuthPassword())) {
$events = $caldav->FindCalendar($uid);
if (count($events) == 1) {
$href = $events[0]["href"];
$etag = $events[0]["etag"];
ZLog::Write(LOGLEVEL_DEBUG, sprintf("BackendIMAP->update_calendar_attendee(): found event with href '%s' etag '%s'; updating", $href, $etag));
// Get Attendee status
$old_status = "";
if (strcasecmp($old_status, $status) != 0) {
ZLog::Write(LOGLEVEL_DEBUG, sprintf("BackendIMAP->update_calendar_attendee(): Before <%s>", $events[0]["data"]));
$ical = new iCalComponent();
$ical->ParseFrom($events[0]["data"]);
$ical->SetCPParameterValue("VEVENT", "ATTENDEE", "PARTSTAT", strtoupper($status), $mailto);
ZLog::Write(LOGLEVEL_DEBUG, sprintf("BackendIMAP->update_calendar_attendee(): After <%s>", $ical->Render()));
$etag = $caldav->CreateUpdateCalendar($ical->Render(), $href, $etag);
ZLog::Write(LOGLEVEL_DEBUG, sprintf("BackendIMAP->update_calendar_attendee(): Calendar updated with etag '%s'", $etag));
// Update new status
$updated = true;
}
$caldav->Logoff();
} else {
ZLog::Write(LOGLEVEL_ERROR, "BackendIMAP->update_calendar_attendee(): event not found or duplicated event");
}
} else {
ZLog::Write(LOGLEVEL_ERROR, "BackendIMAP->update_calendar_attendee(): Error connecting with BackendCalDAV");
}
}
}
return $updated;
}
public function decryptSmtpPassword()
{
if (!empty(\GO::session()->values['emailModule']['smtpPasswords'][$this->id])) {
$decrypted = \GO\Base\Util\Crypt::decrypt(\GO::session()->values['emailModule']['smtpPasswords'][$this->id]);
} else {
//support for z-push without storing passwords
if (empty($this->smtp_password) && method_exists('Request', 'GetAuthPassword') && Request::GetAuthUser() == $this->smtp_username) {
$decrypted = Request::GetAuthPassword();
} else {
$decrypted = \GO\Base\Util\Crypt::decrypt($this->smtp_password);
}
}
return $decrypted ? $decrypted : $this->smtp_password;
}
