/** * Action FOR ADMINS AND SUPERADMINS to change the password of a mailbox. */ public function passwordAction() { if (!$this->getMailbox()) { $this->addMessage(_('No mailbox id passed.'), OSS_Message::ERROR); $this->redirect('list'); } $this->view->mailbox = $this->_mailbox; $this->view->form = $form = new ViMbAdmin_Form_Admin_Password(); if (isset($this->_options['defaults']['mailbox']['min_password_length'])) { $form->setMinPasswordLength($this->_options['defaults']['mailbox']['min_password_length']); } if ($this->getRequest()->isPost() && $form->isValid($_POST)) { $this->notify('mailbox', 'password', 'postValidation', $this); $this->getMailbox()->setPassword(OSS_Auth_Password::hash($form->getValue('password'), ['pwhash' => $this->_options['defaults']['mailbox']['password_scheme'], 'pwsalt' => isset($this->_options['defaults']['mailbox']['password_salt']) ? $this->_options['defaults']['mailbox']['password_salt'] : null, 'pwdovecot' => isset($this->_options['defaults']['mailbox']['dovecot_pw_binary']) ? $this->_options['defaults']['mailbox']['dovecot_pw_binary'] : null, 'username' => $this->getMailbox()->getUsername()])); $this->log(\Entities\Log::ACTION_MAILBOX_PW_CHANGE, "{$this->getAdmin()->getFormattedName()} changed password for mailbox {$this->getMailbox()->getUsername()}"); $this->notify('mailbox', 'password', 'preFlush', $this); $this->getD2EM()->flush(); $this->notify('mailbox', 'password', 'postFlush', $this, ['options' => $this->_options]); if ($form->getValue('email')) { $mailer = $this->getMailer(); $mailer->setSubject(_('New Password for ' . $this->getMailbox()->getUsername())); $mailer->setFrom($this->_options['server']['email']['address'], $this->_options['server']['email']['name']); $mailer->addTo($this->getMailbox()->getUsername(), $this->getMailbox()->getName()); $this->view->admin = $this->getAdmin(); $this->view->newPassword = $form->getValue('password'); $mailer->setBodyText($this->view->render('mailbox/email/change_password.phtml')); try { $mailer->send(); } catch (Zend_Mail_Exception $vException) { $this->getLogger()->debug($vException->getTraceAsString()); $this->addMessage(_('Could not send email.'), OSS_Message::ALERT); $this->_redirect('mailbox/list'); } } $this->addMessage(_("Password has been sucessfully changed."), OSS_Message::SUCCESS); $this->_redirect('mailbox/list'); } }
/** * Action FOR ADMINS AND SUPERADMINS to change the password of a mailbox. */ public function passwordAction() { if (!$this->_mailbox) { $this->_helper->viewRenderer->setNoRender(true); $this->addMessage(_('No mailbox id passed.'), ViMbAdmin_Message::ERROR); return print $this->view->render('close_colorbox_reload_parent.phtml'); } $this->view->mailbox = $this->_mailbox; $form = new ViMbAdmin_Form_Admin_Password(); if ($this->getRequest()->isPost() && $form->isValid($_POST)) { $plainPassword = $form->getValue('password'); $this->_mailbox->hashPassword($this->_options['defaults']['mailbox']['password_scheme'], $plainPassword, $this->_options['defaults']['mailbox']['password_hash']); $this->_mailbox->save(); if ($form->getValue('email')) { $mailer = new Zend_Mail(); $mailer->setSubject(_('New Password for ' . $this->_mailbox['username'])); $mailer->setFrom($this->_options['server']['email']['address'], $this->_options['server']['email']['name']); $mailer->addTo($this->_mailbox['username'], $this->_mailbox['name']); $this->view->newPassword = $form->getValue('password'); $mailer->setBodyText($this->view->render('mailbox/email/change_password.phtml')); try { $mailer->send(); } catch (Zend_Mail_Exception $vException) { $this->getLogger()->debug($vException->getTraceAsString()); $this->addMessage(_('Could not send email.'), ViMbAdmin_Message::ALERT); return false; } } LogTable::log('MAILBOX_PW_CHANGE', "Changed password for {$this->_mailbox['username']}", $this->getAdmin(), $this->_mailbox['domain']); $this->_helper->viewRenderer->setNoRender(true); $this->addMessage(_('Password has been sucessfully changed.'), ViMbAdmin_Message::SUCCESS); print $this->view->render('close_colorbox_reload_parent.phtml'); } $this->view->form = $form; }
/** * Set the password for an admin, and optionally send an email to him/her with the new password. */ public function passwordAction() { $redirectUrl = $this->getAdmin()->isSuper() ? 'admin/list' : 'domain/list'; if (!$this->getTargetAdmin()) { $this->addMessage('Invalid or non-existent admin.', OSS_Message::ERROR); $this->redirect($redirectUrl); } $this->view->targetAdmin = $this->getTargetAdmin(); $self = false; if ($this->getTargetAdmin()->getId() == $this->getAdmin()->getId()) { $self = true; } if (!$this->authorise(true, null, false) && !$self) { $this->getLogger()->alert(sprintf('Admin %s tried to set the password for %s but has no sufficient privileges.', $this->getAdmin()->getUsername(), $this->getTargetAdmin()->getUsername()), OSS_Message::ALERT); $this->addMessage(_('You have insufficient privileges for this task.'), OSS_Message::ERROR); $this->redirect($redirectUrl); } if ($self) { $this->view->form = $form = new ViMbAdmin_Form_Admin_ChangePassword(); } else { $this->view->form = $form = new ViMbAdmin_Form_Admin_Password(); } if ($this->getRequest()->isPost() && $form->isValid($_POST)) { if ($self) { if (!OSS_Auth_Password::verify($form->getValue('current_password'), $this->getTargetAdmin()->getPassword(), $this->getOptions()['resources']['auth']['oss'])) { $form->getElement('current_password')->addError('Invalid password.'); return; } } $this->getTargetAdmin()->setPassword(OSS_Auth_Password::hash($form->getValue('password'), $this->_options['resources']['auth']['oss'])); if (!$self) { $this->log(\Entities\Log::ACTION_ADMIN_PW_CHANGE, "{$this->getAdmin()->getFormattedName()} changed password for admin {$this->getTargetAdmin()->getFormattedName()}"); } $this->getD2EM()->flush(); if ($form->getValue('email')) { $mailer = $this->getMailer(); $mailer->setSubject(_('ViMbAdmin :: New Password')); $mailer->setFrom($this->_options['server']['email']['address'], $this->_options['server']['email']['name']); $mailer->addTo($this->getTargetAdmin()->getUsername()); $this->view->newPassword = $form->getValue('password'); $mailer->setBodyText($this->view->render('admin/email/change_password.phtml')); try { $mailer->send(); } catch (Zend_Mail_Exception $e) { $this->getLogger()->debug($e->getTraceAsString()); $this->addMessage(_('Sending the change password email failed.'), OSS_Message::INFO); } } if (!$self) { $this->addMessage("You have successfully changed the user's password.", OSS_Message::SUCCESS); } else { $this->addMessage("You have successfully changed your password.", OSS_Message::SUCCESS); } $this->redirect($redirectUrl); } }
/** * Set the password for an admin, and optionally send an email to him/her with the new password. */ public function passwordAction() { if (!$this->_targetAdmin) { $this->_helper->viewRenderer->setNoRender(true); $this->addMessage(_('Invalid or non-existent admin.'), ViMbAdmin_Message::ERROR); print $this->view->render('close_colorbox_reload_parent.phtml'); } if (!$this->authorise(true, null, false) && $this->_targetAdmin->id != $this->getAdmin()->id) { $this->getLogger()->alert(_('Admin') . ' ' . $this->_admin->username . ' ' . _('tried to set the password for ') . ' ' . $this->_targetAdmin->username . ' , ' . _('but has no sufficient privileges.'), ViMbAdmin_Message::ALERT); $this->_helper->viewRenderer->setNoRender(true); $this->addMessage(_('You have insufficient privileges for this task.'), ViMbAdmin_Message::ERROR); print $this->view->render('close_colorbox_reload_parent.phtml'); } $form = new ViMbAdmin_Form_Admin_Password(); if ($this->_targetAdmin->id == $this->getAdmin()->id) { $form->removeElement('email'); } if ($this->getRequest()->isPost() && $form->isValid($_POST)) { $this->_targetAdmin->setPassword($form->getValue('password'), $this->_options['securitysalt'], true); if ($form->getValue('email')) { $mailer = new Zend_Mail(); $mailer->setSubject(_('ViMbAdmin :: New Password')); $mailer->setFrom($this->_options['server']['email']['address'], $this->_options['server']['email']['name']); $mailer->addTo($this->_targetAdmin->username); $this->view->newPassword = $form->getValue('password'); $mailer->setBodyText($this->view->render('admin/email/change_password.phtml')); try { $mailer->send(); } catch (Zend_Mail_Exception $vException) { $this->getLogger()->debug($vException->getTraceAsString()); $this->addMessage(_('Sending the change password email failed.'), ViMbAdmin_Message::INFO); return false; } } LogTable::log('ADMIN_PW_CHANGE', "Changed password of {$this->_targetAdmin['username']}", $this->getAdmin(), null); $this->_helper->viewRenderer->setNoRender(true); if ($this->_targetAdmin->id != $this->getAdmin()->id) { $this->addMessage(_("You have successfully changed the user's password."), ViMbAdmin_Message::SUCCESS); } else { $this->addMessage(_("You have successfully changed your password."), ViMbAdmin_Message::SUCCESS); } return print $this->view->render('close_colorbox_reload_parent.phtml'); } $this->view->form = $form; }