/**
* Action FOR ADMINS AND SUPERADMINS to change the password of a mailbox.
*/
public function passwordAction()
{
if (!$this->getMailbox()) {
$this->addMessage(_('No mailbox id passed.'), OSS_Message::ERROR);
$this->redirect('list');
}
$this->view->mailbox = $this->_mailbox;
$this->view->form = $form = new ViMbAdmin_Form_Admin_Password();
if (isset($this->_options['defaults']['mailbox']['min_password_length'])) {
$form->setMinPasswordLength($this->_options['defaults']['mailbox']['min_password_length']);
}
if ($this->getRequest()->isPost() && $form->isValid($_POST)) {
$this->notify('mailbox', 'password', 'postValidation', $this);
$this->getMailbox()->setPassword(OSS_Auth_Password::hash($form->getValue('password'), ['pwhash' => $this->_options['defaults']['mailbox']['password_scheme'], 'pwsalt' => isset($this->_options['defaults']['mailbox']['password_salt']) ? $this->_options['defaults']['mailbox']['password_salt'] : null, 'pwdovecot' => isset($this->_options['defaults']['mailbox']['dovecot_pw_binary']) ? $this->_options['defaults']['mailbox']['dovecot_pw_binary'] : null, 'username' => $this->getMailbox()->getUsername()]));
$this->log(\Entities\Log::ACTION_MAILBOX_PW_CHANGE, "{$this->getAdmin()->getFormattedName()} changed password for mailbox {$this->getMailbox()->getUsername()}");
$this->notify('mailbox', 'password', 'preFlush', $this);
$this->getD2EM()->flush();
$this->notify('mailbox', 'password', 'postFlush', $this, ['options' => $this->_options]);
if ($form->getValue('email')) {
$mailer = $this->getMailer();
$mailer->setSubject(_('New Password for ' . $this->getMailbox()->getUsername()));
$mailer->setFrom($this->_options['server']['email']['address'], $this->_options['server']['email']['name']);
$mailer->addTo($this->getMailbox()->getUsername(), $this->getMailbox()->getName());
$this->view->admin = $this->getAdmin();
$this->view->newPassword = $form->getValue('password');
$mailer->setBodyText($this->view->render('mailbox/email/change_password.phtml'));
try {
$mailer->send();
} catch (Zend_Mail_Exception $vException) {
$this->getLogger()->debug($vException->getTraceAsString());
$this->addMessage(_('Could not send email.'), OSS_Message::ALERT);
$this->_redirect('mailbox/list');
}
}
$this->addMessage(_("Password has been sucessfully changed."), OSS_Message::SUCCESS);
$this->_redirect('mailbox/list');
}
}
/**
* Action FOR ADMINS AND SUPERADMINS to change the password of a mailbox.
*/
public function passwordAction()
{
if (!$this->_mailbox) {
$this->_helper->viewRenderer->setNoRender(true);
$this->addMessage(_('No mailbox id passed.'), ViMbAdmin_Message::ERROR);
return print $this->view->render('close_colorbox_reload_parent.phtml');
}
$this->view->mailbox = $this->_mailbox;
$form = new ViMbAdmin_Form_Admin_Password();
if ($this->getRequest()->isPost() && $form->isValid($_POST)) {
$plainPassword = $form->getValue('password');
$this->_mailbox->hashPassword($this->_options['defaults']['mailbox']['password_scheme'], $plainPassword, $this->_options['defaults']['mailbox']['password_hash']);
$this->_mailbox->save();
if ($form->getValue('email')) {
$mailer = new Zend_Mail();
$mailer->setSubject(_('New Password for ' . $this->_mailbox['username']));
$mailer->setFrom($this->_options['server']['email']['address'], $this->_options['server']['email']['name']);
$mailer->addTo($this->_mailbox['username'], $this->_mailbox['name']);
$this->view->newPassword = $form->getValue('password');
$mailer->setBodyText($this->view->render('mailbox/email/change_password.phtml'));
try {
$mailer->send();
} catch (Zend_Mail_Exception $vException) {
$this->getLogger()->debug($vException->getTraceAsString());
$this->addMessage(_('Could not send email.'), ViMbAdmin_Message::ALERT);
return false;
}
}
LogTable::log('MAILBOX_PW_CHANGE', "Changed password for {$this->_mailbox['username']}", $this->getAdmin(), $this->_mailbox['domain']);
$this->_helper->viewRenderer->setNoRender(true);
$this->addMessage(_('Password has been sucessfully changed.'), ViMbAdmin_Message::SUCCESS);
print $this->view->render('close_colorbox_reload_parent.phtml');
}
$this->view->form = $form;
}
/**
* Set the password for an admin, and optionally send an email to him/her with the new password.
*/
public function passwordAction()
{
$redirectUrl = $this->getAdmin()->isSuper() ? 'admin/list' : 'domain/list';
if (!$this->getTargetAdmin()) {
$this->addMessage('Invalid or non-existent admin.', OSS_Message::ERROR);
$this->redirect($redirectUrl);
}
$this->view->targetAdmin = $this->getTargetAdmin();
$self = false;
if ($this->getTargetAdmin()->getId() == $this->getAdmin()->getId()) {
$self = true;
}
if (!$this->authorise(true, null, false) && !$self) {
$this->getLogger()->alert(sprintf('Admin %s tried to set the password for %s but has no sufficient privileges.', $this->getAdmin()->getUsername(), $this->getTargetAdmin()->getUsername()), OSS_Message::ALERT);
$this->addMessage(_('You have insufficient privileges for this task.'), OSS_Message::ERROR);
$this->redirect($redirectUrl);
}
if ($self) {
$this->view->form = $form = new ViMbAdmin_Form_Admin_ChangePassword();
} else {
$this->view->form = $form = new ViMbAdmin_Form_Admin_Password();
}
if ($this->getRequest()->isPost() && $form->isValid($_POST)) {
if ($self) {
if (!OSS_Auth_Password::verify($form->getValue('current_password'), $this->getTargetAdmin()->getPassword(), $this->getOptions()['resources']['auth']['oss'])) {
$form->getElement('current_password')->addError('Invalid password.');
return;
}
}
$this->getTargetAdmin()->setPassword(OSS_Auth_Password::hash($form->getValue('password'), $this->_options['resources']['auth']['oss']));
if (!$self) {
$this->log(\Entities\Log::ACTION_ADMIN_PW_CHANGE, "{$this->getAdmin()->getFormattedName()} changed password for admin {$this->getTargetAdmin()->getFormattedName()}");
}
$this->getD2EM()->flush();
if ($form->getValue('email')) {
$mailer = $this->getMailer();
$mailer->setSubject(_('ViMbAdmin :: New Password'));
$mailer->setFrom($this->_options['server']['email']['address'], $this->_options['server']['email']['name']);
$mailer->addTo($this->getTargetAdmin()->getUsername());
$this->view->newPassword = $form->getValue('password');
$mailer->setBodyText($this->view->render('admin/email/change_password.phtml'));
try {
$mailer->send();
} catch (Zend_Mail_Exception $e) {
$this->getLogger()->debug($e->getTraceAsString());
$this->addMessage(_('Sending the change password email failed.'), OSS_Message::INFO);
}
}
if (!$self) {
$this->addMessage("You have successfully changed the user's password.", OSS_Message::SUCCESS);
} else {
$this->addMessage("You have successfully changed your password.", OSS_Message::SUCCESS);
}
$this->redirect($redirectUrl);
}
}
/**
* Set the password for an admin, and optionally send an email to him/her with the new password.
*/
public function passwordAction()
{
if (!$this->_targetAdmin) {
$this->_helper->viewRenderer->setNoRender(true);
$this->addMessage(_('Invalid or non-existent admin.'), ViMbAdmin_Message::ERROR);
print $this->view->render('close_colorbox_reload_parent.phtml');
}
if (!$this->authorise(true, null, false) && $this->_targetAdmin->id != $this->getAdmin()->id) {
$this->getLogger()->alert(_('Admin') . ' ' . $this->_admin->username . ' ' . _('tried to set the password for ') . ' ' . $this->_targetAdmin->username . ' , ' . _('but has no sufficient privileges.'), ViMbAdmin_Message::ALERT);
$this->_helper->viewRenderer->setNoRender(true);
$this->addMessage(_('You have insufficient privileges for this task.'), ViMbAdmin_Message::ERROR);
print $this->view->render('close_colorbox_reload_parent.phtml');
}
$form = new ViMbAdmin_Form_Admin_Password();
if ($this->_targetAdmin->id == $this->getAdmin()->id) {
$form->removeElement('email');
}
if ($this->getRequest()->isPost() && $form->isValid($_POST)) {
$this->_targetAdmin->setPassword($form->getValue('password'), $this->_options['securitysalt'], true);
if ($form->getValue('email')) {
$mailer = new Zend_Mail();
$mailer->setSubject(_('ViMbAdmin :: New Password'));
$mailer->setFrom($this->_options['server']['email']['address'], $this->_options['server']['email']['name']);
$mailer->addTo($this->_targetAdmin->username);
$this->view->newPassword = $form->getValue('password');
$mailer->setBodyText($this->view->render('admin/email/change_password.phtml'));
try {
$mailer->send();
} catch (Zend_Mail_Exception $vException) {
$this->getLogger()->debug($vException->getTraceAsString());
$this->addMessage(_('Sending the change password email failed.'), ViMbAdmin_Message::INFO);
return false;
}
}
LogTable::log('ADMIN_PW_CHANGE', "Changed password of {$this->_targetAdmin['username']}", $this->getAdmin(), null);
$this->_helper->viewRenderer->setNoRender(true);
if ($this->_targetAdmin->id != $this->getAdmin()->id) {
$this->addMessage(_("You have successfully changed the user's password."), ViMbAdmin_Message::SUCCESS);
} else {
$this->addMessage(_("You have successfully changed your password."), ViMbAdmin_Message::SUCCESS);
}
return print $this->view->render('close_colorbox_reload_parent.phtml');
}
$this->view->form = $form;
}
