/**
* get groupmemberships of user from sync backend
*
* @param Tinebase_Model_User|string $_userId
* @return array list of group ids
*/
public function getGroupMembershipsFromSyncBackend($_userId)
{
$userId = $_userId instanceof Tinebase_Model_User ? $_userId->getId() : $_userId;
// find user in AD and retrieve memberOf attribute
$filter = Zend_Ldap_Filter::andFilter(Zend_Ldap_Filter::string($this->_userBaseFilter), Zend_Ldap_Filter::equals($this->_userUUIDAttribute, $this->_encodeAccountId($userId)));
if (Tinebase_Core::isLogLevel(Zend_Log::TRACE)) {
Tinebase_Core::getLogger()->trace(__METHOD__ . '::' . __LINE__ . ' ldap search filter: ' . $filter);
}
$memberOfs = $this->getLdap()->search($filter, $this->_options['userDn'], $this->_userSearchScope, array('memberof', 'primarygroupid'))->getFirst();
if ($memberOfs === null) {
return array();
}
// resolve primary group id to dn
$domainConfig = $this->getDomainConfiguration();
$filter = Zend_Ldap_Filter::andFilter(Zend_Ldap_Filter::string($this->_groupBaseFilter), Zend_Ldap_Filter::equals('objectsid', Zend_Ldap::filterEscape($domainConfig['domainSidPlain'] . '-' . $memberOfs['primarygroupid'][0])));
$group = $this->getLdap()->search($filter, $this->_options['groupsDn'], $this->_groupSearchScope, array($this->_groupUUIDAttribute))->getFirst();
$memberships = array($this->_decodeGroupId($group[$this->_groupUUIDAttribute][0]));
if (isset($memberOfs['memberof'])) {
// resolve $this->_groupUUIDAttribute attribute
$filter = new Zend_Ldap_Filter_Or(array());
foreach ($memberOfs['memberof'] as $memberOf) {
$filter = $filter->addFilter(Zend_Ldap_Filter::equals('distinguishedName', Zend_Ldap::filterEscape($memberOf)));
}
if (Tinebase_Core::isLogLevel(Zend_Log::TRACE)) {
Tinebase_Core::getLogger()->trace(__METHOD__ . '::' . __LINE__ . ' ldap search filter: ' . $filter);
}
$groups = $this->getLdap()->search($filter, $this->_options['groupsDn'], $this->_groupSearchScope, array($this->_groupUUIDAttribute));
foreach ($groups as $group) {
$memberships[] = $this->_decodeGroupId($group[$this->_groupUUIDAttribute][0]);
}
}
if (Tinebase_Core::isLogLevel(Zend_Log::DEBUG)) {
Tinebase_Core::getLogger()->debug(__METHOD__ . '::' . __LINE__ . ' group memberships: ' . print_r($memberships, TRUE));
}
return array_unique($memberships);
}
/**
* inspect get user by property
*
* @param Tinebase_Model_User $_user the user object
*/
public function inspectGetUserByProperty(Tinebase_Model_User $_user)
{
if (!$_user instanceof Tinebase_Model_FullUser) {
return;
}
$userId = $_user->getId();
$select = $this->_getSelect();
if ($this->_hasTine20Userid === true) {
$select->where($this->_db->quoteIdentifier($this->_propertyMapping['emailUserId']) . ' = ?', $userId);
} else {
$select->where($this->_db->quoteIdentifier($this->_propertyMapping['emailUserId']) . ' = ?', $this->_convertToInt($userId));
}
if (Tinebase_Core::isLogLevel(Zend_Log::TRACE)) {
Tinebase_Core::getLogger()->trace(__METHOD__ . '::' . __LINE__ . ' ' . $select->__toString());
}
// Perferom query - retrieve user from database
$stmt = $this->_db->query($select);
$queryResult = $stmt->fetch();
$stmt->closeCursor();
if (!$queryResult) {
if (Tinebase_Core::isLogLevel(Zend_Log::DEBUG)) {
Tinebase_Core::getLogger()->debug(__METHOD__ . '::' . __LINE__ . 'Dbmail config for user ' . $userId . ' not found!');
}
return;
}
#if (Tinebase_Core::isLogLevel(Zend_Log::DEBUG)) Tinebase_Core::getLogger()->debug(__METHOD__ . '::' . __LINE__ . ' ' . print_r($queryResult, TRUE));
// convert data to Tinebase_Model_EmailUser
$emailUser = $this->_rawDataToRecord($queryResult);
#if (Tinebase_Core::isLogLevel(Zend_Log::DEBUG)) Tinebase_Core::getLogger()->debug(__METHOD__ . '::' . __LINE__ . ' ' . print_r($emailUser->toArray(), TRUE));
// modify/correct user name
// set emailUsername to Tine accout login name and append domain for login purposes if set
$emailUser->emailUsername = $this->_appendDomain($_user->accountLoginName);
$_user->imapUser = $emailUser;
$_user->emailUser = Tinebase_EmailUser::merge(clone $_user->imapUser, isset($_user->emailUser) ? $_user->emailUser : null);
}
/**
* returns SQL condition for implicit grants
*
* @param string $_requiredGrant
* @param Tinebase_Model_User $_user (defaults to current user)
* @return string
*/
protected function _getImplicitGrantCondition($_requiredGrant, $_user = NULL)
{
$accountId = $_user ? $_user->getId() : Tinebase_Core::getUser()->getId();
$contactId = $_user ? $_user->contact_id : Tinebase_Core::getUser()->contact_id;
// delte grant couldn't be gained implicitly
if ($_requiredGrant == Tinebase_Model_Grants::GRANT_DELETE) {
return '1=0';
}
// organizer gets all other grants implicitly
$sql = $this->_db->quoteIdentifier('cal_events.organizer') . " = " . $this->_db->quote($contactId);
// attendee get read, sync, export and private grants implicitly
if (in_array($_requiredGrant, array(Tinebase_Model_Grants::GRANT_READ, Tinebase_Model_Grants::GRANT_SYNC, Tinebase_Model_Grants::GRANT_EXPORT, Tinebase_Model_Grants::GRANT_PRIVATE))) {
$readCond = $this->_db->quoteIdentifier('attendeeaccounts.id') . ' = ' . $this->_db->quote($accountId) . ' AND (' . $this->_db->quoteInto($this->_db->quoteIdentifier('attendee.user_type') . ' = ?', Calendar_Model_Attender::USERTYPE_USER) . ' OR ' . $this->_db->quoteInto($this->_db->quoteIdentifier('attendee.user_type') . ' = ?', Calendar_Model_Attender::USERTYPE_GROUPMEMBER) . ')';
$sql = "({$sql}) OR ({$readCond})";
}
return "({$sql})";
}
/**
* set notes
*
* @param Tinebase_Record_Interface $_updatedRecord the just updated record
* @param Tinebase_Record_Interface $_record the update record
* @param string $_systemNoteType
* @param Tinebase_Record_RecordSet $_currentMods
*/
protected function _setNotes($_updatedRecord, $_record, $_systemNoteType = Tinebase_Model_Note::SYSTEM_NOTE_NAME_CREATED, $_currentMods = NULL)
{
if (!$_record->has('notes')) {
return;
}
if (isset($_record->notes) && is_array($_record->notes)) {
$_updatedRecord->notes = $_record->notes;
Tinebase_Notes::getInstance()->setNotesOfRecord($_updatedRecord);
}
Tinebase_Notes::getInstance()->addSystemNote($_updatedRecord, $this->_currentAccount->getId(), $_systemNoteType, $_currentMods);
}
/**
* get grants for containers assigned to given account of multiple records
*
* @param Tinebase_Record_RecordSet $_records records to get the grants for
* @param string|Tinebase_Model_User $_accountId the account to get the grants for
* @param string $_containerProperty container property
* @param string $_grantModel
* @throws Tinebase_Exception_NotFound
* @return array of containers|void
*/
public function getContainerGrantsOfRecords(Tinebase_Record_RecordSet $_records, $_accountId, $_containerProperty = 'container_id', $_grantModel = 'Tinebase_Model_Grants')
{
$containerIds = array();
foreach ($_records as $record) {
if (isset($record[$_containerProperty]) && !isset($containerIds[Tinebase_Model_Container::convertContainerIdToInt($record[$_containerProperty])])) {
$containerIds[Tinebase_Model_Container::convertContainerIdToInt($record[$_containerProperty])] = null;
}
}
if (empty($containerIds)) {
return array();
}
$accountId = $_accountId instanceof Tinebase_Record_Abstract ? $_accountId->getId() : $_accountId;
$select = $this->_getSelect('*', TRUE)->where("{$this->_db->quoteIdentifier('container.id')} IN (?)", array_keys($containerIds))->join(array('container_acl' => SQL_TABLE_PREFIX . 'container_acl'), "{$this->_db->quoteIdentifier('container_acl.container_id')} = {$this->_db->quoteIdentifier('container.id')}", array('*', 'account_grants' => $this->_dbCommand->getAggregate('container_acl.account_grant')))->group('container.id', 'container_acl.account_type', 'container_acl.account_id');
$this->addGrantsSql($select, $accountId, '*');
Tinebase_Backend_Sql_Abstract::traitGroup($select);
$stmt = $this->_db->query('/*' . __FUNCTION__ . '*/' . $select);
$rows = $stmt->fetchAll(Zend_Db::FETCH_ASSOC);
$containers = array();
// add results to container ids and get grants array
foreach ($rows as $row) {
// NOTE id is non-ambiguous
$row['id'] = $row['container_id'];
$grantsArray = array_unique(explode(',', $row['account_grants']));
$row['account_grants'] = $this->_getGrantsFromArray($grantsArray, $accountId, $_grantModel)->toArray();
$containers[$row['id']] = new Tinebase_Model_Container($row, TRUE);
try {
$containers[$row['id']]->path = $containers[$row['id']]->getPath();
} catch (Exception $e) {
// @todo is it correct to catch all exceptions here?
Tinebase_Exception::log($e);
}
}
return $containers;
}
/**
* inspect get user by property
*
* @param Tinebase_Model_User $_user the user object
*/
public function inspectGetUserByProperty(Tinebase_Model_User $_user)
{
if (!$_user instanceof Tinebase_Model_FullUser) {
return;
}
$userId = $_user->getId();
$select = $this->_getSelect()->where($this->_db->quoteIdentifier($this->_userTable . '.' . $this->_propertyMapping['emailUserId']) . ' = ?', $userId);
// Perform query - retrieve user from database
$stmt = $this->_db->query($select);
$queryResult = $stmt->fetch();
$stmt->closeCursor();
if (!$queryResult) {
if (Tinebase_Core::isLogLevel(Zend_Log::DEBUG)) {
Tinebase_Core::getLogger()->debug(__METHOD__ . '::' . __LINE__ . ' ' . $this->_subconfigKey . ' config for user ' . $userId . ' not found!');
}
}
if (Tinebase_Core::isLogLevel(Zend_Log::TRACE)) {
Tinebase_Core::getLogger()->trace(__METHOD__ . '::' . __LINE__ . ' ' . print_r($queryResult, TRUE));
}
// convert data to Tinebase_Model_EmailUser
$emailUser = $this->_rawDataToRecord((array) $queryResult);
if (Tinebase_Core::isLogLevel(Zend_Log::TRACE)) {
Tinebase_Core::getLogger()->trace(__METHOD__ . '::' . __LINE__ . ' ' . print_r($emailUser->toArray(), TRUE));
}
// modify/correct user name
// set emailUsername to Tine 2.0 account login name and append domain for login purposes if set
if (empty($emailUser->emailUsername)) {
$emailUser->emailUsername = $this->_getEmailUserName($_user);
}
if ($this instanceof Tinebase_EmailUser_Smtp_Interface) {
$_user->smtpUser = $emailUser;
$_user->emailUser = Tinebase_EmailUser::merge($_user->emailUser, clone $_user->smtpUser);
} else {
$_user->imapUser = $emailUser;
$_user->emailUser = Tinebase_EmailUser::merge(clone $_user->imapUser, $_user->emailUser);
}
}
/**
* get all calendar grants
*
* @param Tinebase_Model_User $user
* @return array
*/
protected function _getAllCalendarGrants($user = null)
{
return array('account_id' => $user ? $user->getId() : Tinebase_Core::getUser()->getId(), 'account_type' => 'user', Tinebase_Model_Grants::GRANT_READ => true, Tinebase_Model_Grants::GRANT_ADD => true, Tinebase_Model_Grants::GRANT_EDIT => true, Tinebase_Model_Grants::GRANT_DELETE => true, Tinebase_Model_Grants::GRANT_PRIVATE => true, Tinebase_Model_Grants::GRANT_ADMIN => true, Tinebase_Model_Grants::GRANT_FREEBUSY => true);
}
/**
* append accountfilter
*
* @param Zend_Db_Select $select
* @param Tinebase_Backend_Sql_Abstract $backend
* @param Tinebase_Model_User $user
*/
protected function _appendAccountFilter($select, $backend, $user)
{
$accountIdFilter = $this->_findFilter('account_id');
$userId = $user->getId();
// set user account id as filter
if ($accountIdFilter === null) {
$accountIdFilter = $this->createFilter('account_id', 'equals', $userId);
$this->addFilter($accountIdFilter);
} else {
$accountIdFilter->setValue($userId);
}
$groupSelect = new Tinebase_Backend_Sql_Filter_GroupSelect($select);
$db = $backend->getAdapter();
$accountIdFilter->appendFilterSql($groupSelect, $backend);
$groupSelect->orWhere($db->quoteIdentifier('filter.account_id') . ' IS NULL');
$groupSelect->appendWhere(Zend_Db_Select::SQL_AND);
$this->removeFilter('account_id');
}
