/** * get groupmemberships of user from sync backend * * @param Tinebase_Model_User|string $_userId * @return array list of group ids */ public function getGroupMembershipsFromSyncBackend($_userId) { $userId = $_userId instanceof Tinebase_Model_User ? $_userId->getId() : $_userId; // find user in AD and retrieve memberOf attribute $filter = Zend_Ldap_Filter::andFilter(Zend_Ldap_Filter::string($this->_userBaseFilter), Zend_Ldap_Filter::equals($this->_userUUIDAttribute, $this->_encodeAccountId($userId))); if (Tinebase_Core::isLogLevel(Zend_Log::TRACE)) { Tinebase_Core::getLogger()->trace(__METHOD__ . '::' . __LINE__ . ' ldap search filter: ' . $filter); } $memberOfs = $this->getLdap()->search($filter, $this->_options['userDn'], $this->_userSearchScope, array('memberof', 'primarygroupid'))->getFirst(); if ($memberOfs === null) { return array(); } // resolve primary group id to dn $domainConfig = $this->getDomainConfiguration(); $filter = Zend_Ldap_Filter::andFilter(Zend_Ldap_Filter::string($this->_groupBaseFilter), Zend_Ldap_Filter::equals('objectsid', Zend_Ldap::filterEscape($domainConfig['domainSidPlain'] . '-' . $memberOfs['primarygroupid'][0]))); $group = $this->getLdap()->search($filter, $this->_options['groupsDn'], $this->_groupSearchScope, array($this->_groupUUIDAttribute))->getFirst(); $memberships = array($this->_decodeGroupId($group[$this->_groupUUIDAttribute][0])); if (isset($memberOfs['memberof'])) { // resolve $this->_groupUUIDAttribute attribute $filter = new Zend_Ldap_Filter_Or(array()); foreach ($memberOfs['memberof'] as $memberOf) { $filter = $filter->addFilter(Zend_Ldap_Filter::equals('distinguishedName', Zend_Ldap::filterEscape($memberOf))); } if (Tinebase_Core::isLogLevel(Zend_Log::TRACE)) { Tinebase_Core::getLogger()->trace(__METHOD__ . '::' . __LINE__ . ' ldap search filter: ' . $filter); } $groups = $this->getLdap()->search($filter, $this->_options['groupsDn'], $this->_groupSearchScope, array($this->_groupUUIDAttribute)); foreach ($groups as $group) { $memberships[] = $this->_decodeGroupId($group[$this->_groupUUIDAttribute][0]); } } if (Tinebase_Core::isLogLevel(Zend_Log::DEBUG)) { Tinebase_Core::getLogger()->debug(__METHOD__ . '::' . __LINE__ . ' group memberships: ' . print_r($memberships, TRUE)); } return array_unique($memberships); }
/** * inspect get user by property * * @param Tinebase_Model_User $_user the user object */ public function inspectGetUserByProperty(Tinebase_Model_User $_user) { if (!$_user instanceof Tinebase_Model_FullUser) { return; } $userId = $_user->getId(); $select = $this->_getSelect(); if ($this->_hasTine20Userid === true) { $select->where($this->_db->quoteIdentifier($this->_propertyMapping['emailUserId']) . ' = ?', $userId); } else { $select->where($this->_db->quoteIdentifier($this->_propertyMapping['emailUserId']) . ' = ?', $this->_convertToInt($userId)); } if (Tinebase_Core::isLogLevel(Zend_Log::TRACE)) { Tinebase_Core::getLogger()->trace(__METHOD__ . '::' . __LINE__ . ' ' . $select->__toString()); } // Perferom query - retrieve user from database $stmt = $this->_db->query($select); $queryResult = $stmt->fetch(); $stmt->closeCursor(); if (!$queryResult) { if (Tinebase_Core::isLogLevel(Zend_Log::DEBUG)) { Tinebase_Core::getLogger()->debug(__METHOD__ . '::' . __LINE__ . 'Dbmail config for user ' . $userId . ' not found!'); } return; } #if (Tinebase_Core::isLogLevel(Zend_Log::DEBUG)) Tinebase_Core::getLogger()->debug(__METHOD__ . '::' . __LINE__ . ' ' . print_r($queryResult, TRUE)); // convert data to Tinebase_Model_EmailUser $emailUser = $this->_rawDataToRecord($queryResult); #if (Tinebase_Core::isLogLevel(Zend_Log::DEBUG)) Tinebase_Core::getLogger()->debug(__METHOD__ . '::' . __LINE__ . ' ' . print_r($emailUser->toArray(), TRUE)); // modify/correct user name // set emailUsername to Tine accout login name and append domain for login purposes if set $emailUser->emailUsername = $this->_appendDomain($_user->accountLoginName); $_user->imapUser = $emailUser; $_user->emailUser = Tinebase_EmailUser::merge(clone $_user->imapUser, isset($_user->emailUser) ? $_user->emailUser : null); }
/** * returns SQL condition for implicit grants * * @param string $_requiredGrant * @param Tinebase_Model_User $_user (defaults to current user) * @return string */ protected function _getImplicitGrantCondition($_requiredGrant, $_user = NULL) { $accountId = $_user ? $_user->getId() : Tinebase_Core::getUser()->getId(); $contactId = $_user ? $_user->contact_id : Tinebase_Core::getUser()->contact_id; // delte grant couldn't be gained implicitly if ($_requiredGrant == Tinebase_Model_Grants::GRANT_DELETE) { return '1=0'; } // organizer gets all other grants implicitly $sql = $this->_db->quoteIdentifier('cal_events.organizer') . " = " . $this->_db->quote($contactId); // attendee get read, sync, export and private grants implicitly if (in_array($_requiredGrant, array(Tinebase_Model_Grants::GRANT_READ, Tinebase_Model_Grants::GRANT_SYNC, Tinebase_Model_Grants::GRANT_EXPORT, Tinebase_Model_Grants::GRANT_PRIVATE))) { $readCond = $this->_db->quoteIdentifier('attendeeaccounts.id') . ' = ' . $this->_db->quote($accountId) . ' AND (' . $this->_db->quoteInto($this->_db->quoteIdentifier('attendee.user_type') . ' = ?', Calendar_Model_Attender::USERTYPE_USER) . ' OR ' . $this->_db->quoteInto($this->_db->quoteIdentifier('attendee.user_type') . ' = ?', Calendar_Model_Attender::USERTYPE_GROUPMEMBER) . ')'; $sql = "({$sql}) OR ({$readCond})"; } return "({$sql})"; }
/** * set notes * * @param Tinebase_Record_Interface $_updatedRecord the just updated record * @param Tinebase_Record_Interface $_record the update record * @param string $_systemNoteType * @param Tinebase_Record_RecordSet $_currentMods */ protected function _setNotes($_updatedRecord, $_record, $_systemNoteType = Tinebase_Model_Note::SYSTEM_NOTE_NAME_CREATED, $_currentMods = NULL) { if (!$_record->has('notes')) { return; } if (isset($_record->notes) && is_array($_record->notes)) { $_updatedRecord->notes = $_record->notes; Tinebase_Notes::getInstance()->setNotesOfRecord($_updatedRecord); } Tinebase_Notes::getInstance()->addSystemNote($_updatedRecord, $this->_currentAccount->getId(), $_systemNoteType, $_currentMods); }
/** * get grants for containers assigned to given account of multiple records * * @param Tinebase_Record_RecordSet $_records records to get the grants for * @param string|Tinebase_Model_User $_accountId the account to get the grants for * @param string $_containerProperty container property * @param string $_grantModel * @throws Tinebase_Exception_NotFound * @return array of containers|void */ public function getContainerGrantsOfRecords(Tinebase_Record_RecordSet $_records, $_accountId, $_containerProperty = 'container_id', $_grantModel = 'Tinebase_Model_Grants') { $containerIds = array(); foreach ($_records as $record) { if (isset($record[$_containerProperty]) && !isset($containerIds[Tinebase_Model_Container::convertContainerIdToInt($record[$_containerProperty])])) { $containerIds[Tinebase_Model_Container::convertContainerIdToInt($record[$_containerProperty])] = null; } } if (empty($containerIds)) { return array(); } $accountId = $_accountId instanceof Tinebase_Record_Abstract ? $_accountId->getId() : $_accountId; $select = $this->_getSelect('*', TRUE)->where("{$this->_db->quoteIdentifier('container.id')} IN (?)", array_keys($containerIds))->join(array('container_acl' => SQL_TABLE_PREFIX . 'container_acl'), "{$this->_db->quoteIdentifier('container_acl.container_id')} = {$this->_db->quoteIdentifier('container.id')}", array('*', 'account_grants' => $this->_dbCommand->getAggregate('container_acl.account_grant')))->group('container.id', 'container_acl.account_type', 'container_acl.account_id'); $this->addGrantsSql($select, $accountId, '*'); Tinebase_Backend_Sql_Abstract::traitGroup($select); $stmt = $this->_db->query('/*' . __FUNCTION__ . '*/' . $select); $rows = $stmt->fetchAll(Zend_Db::FETCH_ASSOC); $containers = array(); // add results to container ids and get grants array foreach ($rows as $row) { // NOTE id is non-ambiguous $row['id'] = $row['container_id']; $grantsArray = array_unique(explode(',', $row['account_grants'])); $row['account_grants'] = $this->_getGrantsFromArray($grantsArray, $accountId, $_grantModel)->toArray(); $containers[$row['id']] = new Tinebase_Model_Container($row, TRUE); try { $containers[$row['id']]->path = $containers[$row['id']]->getPath(); } catch (Exception $e) { // @todo is it correct to catch all exceptions here? Tinebase_Exception::log($e); } } return $containers; }
/** * inspect get user by property * * @param Tinebase_Model_User $_user the user object */ public function inspectGetUserByProperty(Tinebase_Model_User $_user) { if (!$_user instanceof Tinebase_Model_FullUser) { return; } $userId = $_user->getId(); $select = $this->_getSelect()->where($this->_db->quoteIdentifier($this->_userTable . '.' . $this->_propertyMapping['emailUserId']) . ' = ?', $userId); // Perform query - retrieve user from database $stmt = $this->_db->query($select); $queryResult = $stmt->fetch(); $stmt->closeCursor(); if (!$queryResult) { if (Tinebase_Core::isLogLevel(Zend_Log::DEBUG)) { Tinebase_Core::getLogger()->debug(__METHOD__ . '::' . __LINE__ . ' ' . $this->_subconfigKey . ' config for user ' . $userId . ' not found!'); } } if (Tinebase_Core::isLogLevel(Zend_Log::TRACE)) { Tinebase_Core::getLogger()->trace(__METHOD__ . '::' . __LINE__ . ' ' . print_r($queryResult, TRUE)); } // convert data to Tinebase_Model_EmailUser $emailUser = $this->_rawDataToRecord((array) $queryResult); if (Tinebase_Core::isLogLevel(Zend_Log::TRACE)) { Tinebase_Core::getLogger()->trace(__METHOD__ . '::' . __LINE__ . ' ' . print_r($emailUser->toArray(), TRUE)); } // modify/correct user name // set emailUsername to Tine 2.0 account login name and append domain for login purposes if set if (empty($emailUser->emailUsername)) { $emailUser->emailUsername = $this->_getEmailUserName($_user); } if ($this instanceof Tinebase_EmailUser_Smtp_Interface) { $_user->smtpUser = $emailUser; $_user->emailUser = Tinebase_EmailUser::merge($_user->emailUser, clone $_user->smtpUser); } else { $_user->imapUser = $emailUser; $_user->emailUser = Tinebase_EmailUser::merge(clone $_user->imapUser, $_user->emailUser); } }
/** * get all calendar grants * * @param Tinebase_Model_User $user * @return array */ protected function _getAllCalendarGrants($user = null) { return array('account_id' => $user ? $user->getId() : Tinebase_Core::getUser()->getId(), 'account_type' => 'user', Tinebase_Model_Grants::GRANT_READ => true, Tinebase_Model_Grants::GRANT_ADD => true, Tinebase_Model_Grants::GRANT_EDIT => true, Tinebase_Model_Grants::GRANT_DELETE => true, Tinebase_Model_Grants::GRANT_PRIVATE => true, Tinebase_Model_Grants::GRANT_ADMIN => true, Tinebase_Model_Grants::GRANT_FREEBUSY => true); }
/** * append accountfilter * * @param Zend_Db_Select $select * @param Tinebase_Backend_Sql_Abstract $backend * @param Tinebase_Model_User $user */ protected function _appendAccountFilter($select, $backend, $user) { $accountIdFilter = $this->_findFilter('account_id'); $userId = $user->getId(); // set user account id as filter if ($accountIdFilter === null) { $accountIdFilter = $this->createFilter('account_id', 'equals', $userId); $this->addFilter($accountIdFilter); } else { $accountIdFilter->setValue($userId); } $groupSelect = new Tinebase_Backend_Sql_Filter_GroupSelect($select); $db = $backend->getAdapter(); $accountIdFilter->appendFilterSql($groupSelect, $backend); $groupSelect->orWhere($db->quoteIdentifier('filter.account_id') . ' IS NULL'); $groupSelect->appendWhere(Zend_Db_Select::SQL_AND); $this->removeFilter('account_id'); }