/**
* update to 6.1
* - changepw config option has moved
*/
public function update_0()
{
$changepwSetting = Tinebase_User::getBackendConfiguration('changepw', TRUE);
if (!$changepwSetting) {
Tinebase_Config::getInstance()->set(Tinebase_Config::PASSWORD_CHANGE, FALSE);
}
$this->setApplicationVersion('Tinebase', '6.1');
}
/**
* the constructor
*
*/
public function __construct(array $_options = array())
{
parent::__construct($_options);
$ldapOptions = Tinebase_User::getBackendConfiguration();
$config = Tinebase_EmailUser::getConfig($this->_backendType);
$this->_options = array_merge($this->_options, $config);
if (Tinebase_Core::isLogLevel(Zend_Log::TRACE)) {
Tinebase_Core::getLogger()->trace(__METHOD__ . '::' . __LINE__ . ' ' . print_r($this->_options, true));
}
}
/**
* the constructor
*
* don't use the constructor. use the singleton
*/
private function __construct()
{
if (!Tinebase_Core::getConfig()->samba) {
throw new Admin_Exception('No samba settings defined in config.');
}
if (Tinebase_User::getConfiguredBackend() != Tinebase_User::LDAP) {
throw new Admin_Exception('Works only with LDAP user backend.');
}
$ldapOptions = Tinebase_User::getBackendConfiguration();
$sambaOptions = Tinebase_Core::getConfig()->samba->toArray();
$options = array_merge($ldapOptions, $sambaOptions);
$options['machineGroup'] = isset($options['machineGroup']) ? $options['machineGroup'] : 'Domain Computers';
$this->_options = $options;
$this->_applicationName = 'Admin';
// we might want to add a factory here when we support multiple backends
$this->_backend = new Admin_Backend_SambaMachine($this->_options);
}
/**
* return an instance of the current backend
*
* @param string $_backendType name of the backend
* @return Tinebase_SambaSAM_Abstract
* @throws Tinebase_Exception_InvalidArgument
*/
public static function factory($_backendType)
{
switch ($_backendType) {
case self::LDAP:
$ldapOptions = Tinebase_User::getBackendConfiguration();
$sambaOptions = Tinebase_Core::getConfig()->samba->toArray();
$options = array_merge($ldapOptions, $sambaOptions);
$result = new Tinebase_SambaSAM_Ldap($options);
break;
// case self::SQL:
// $result = Tinebase_SambaSAM_Sql::getInstance();
// break;
// case self::SQL:
// $result = Tinebase_SambaSAM_Sql::getInstance();
// break;
default:
throw new Tinebase_Exception_InvalidArgument("Backend type {$_backendType} not implemented.");
}
return $result;
}
/**
* Returns registry data of tinebase.
* @see Tinebase_Application_Json_Abstract
*
* @return mixed array 'variable name' => 'data'
*/
public function getRegistryData()
{
$locale = Tinebase_Core::get('locale');
$tbFrontendHttp = new Tinebase_Frontend_Http();
// default credentials
if (isset(Tinebase_Core::getConfig()->login)) {
$loginConfig = Tinebase_Core::getConfig()->login;
$defaultUsername = isset($loginConfig->username) ? $loginConfig->username : '';
$defaultPassword = isset($loginConfig->password) ? $loginConfig->password : '';
} else {
$defaultUsername = '';
$defaultPassword = '';
}
$registryData = array('serviceMap' => $tbFrontendHttp->getServiceMap(), 'timeZone' => Tinebase_Core::get(Tinebase_Core::USERTIMEZONE), 'locale' => array('locale' => $locale->toString(), 'language' => Zend_Locale::getTranslation($locale->getLanguage(), 'language', $locale), 'region' => Zend_Locale::getTranslation($locale->getRegion(), 'country', $locale)), 'version' => array('buildType' => TINE20_BUILDTYPE, 'codeName' => TINE20_CODENAME, 'packageString' => TINE20_PACKAGESTRING, 'releaseTime' => TINE20_RELEASETIME, 'filesHash' => TINE20_BUILDTYPE != 'DEVELOPMENT' ? $tbFrontendHttp->getJsCssHash() : null), 'defaultUsername' => $defaultUsername, 'defaultPassword' => $defaultPassword, 'denySurveys' => Tinebase_Core::getConfig()->denySurveys, 'titlePostfix' => Tinebase_Config::getInstance()->getConfig(Tinebase_Model_Config::PAGETITLEPOSTFIX, NULL, '')->value, 'redirectUrl' => Tinebase_Config::getInstance()->getConfig(Tinebase_Model_Config::REDIRECTURL, NULL, '')->value, 'maxFileUploadSize' => convertToBytes(ini_get('upload_max_filesize')), 'maxPostSize' => convertToBytes(ini_get('post_max_size')));
if (Tinebase_Core::isRegistered(Tinebase_Core::USER)) {
$user = Tinebase_Core::getUser();
$userContactArray = array();
if (Tinebase_Application::getInstance()->isInstalled('Addressbook') === true) {
try {
$userContactArray = Addressbook_Controller_Contact::getInstance()->getContactByUserId($user->getId(), TRUE)->toArray();
} catch (Addressbook_Exception_NotFound $aenf) {
if (Tinebase_Core::isLogLevel(Zend_Log::NOTICE)) {
Tinebase_Core::getLogger()->notice(__METHOD__ . '::' . __LINE__ . ' User not found in Addressbook: ' . $user->accountDisplayName);
}
}
}
$registryData += array('currentAccount' => $user->toArray(), 'userContact' => $userContactArray, 'accountBackend' => Tinebase_User::getConfiguredBackend(), 'jsonKey' => Tinebase_Core::get('jsonKey'), 'userApplications' => $user->getApplications()->toArray(), 'NoteTypes' => $this->getNoteTypes(), 'stateInfo' => Tinebase_State::getInstance()->loadStateInfo(), 'changepw' => Tinebase_User::getBackendConfiguration('changepw', true), 'mustchangepw' => $user->mustChangePassword(), 'mapPanel' => Tinebase_Config::getInstance()->getConfig(Tinebase_Config::MAPPANEL, NULL, TRUE)->value, 'confirmLogout' => Tinebase_Core::getPreference()->getValue(Tinebase_Preference::CONFIRM_LOGOUT, 1), 'persistentFilters' => Tinebase_Frontend_Json_PersistentFilter::getAllPersistentFilters(), 'messenger' => $this->getMessengerConfig());
}
return $registryData;
}
/**
* testGetDefaultAdminGroup
*/
public function testGetDefaultAdminGroup()
{
$group = Tinebase_Group::getInstance()->getDefaultAdminGroup();
$expectedGroupName = Tinebase_User::getBackendConfiguration(Tinebase_User::DEFAULT_ADMIN_GROUP_NAME_KEY);
$this->assertEquals($expectedGroupName, $group->name);
}
/**
* delete backend config
*/
public function testDeleteBackendConfiguration()
{
Tinebase_User::setBackendType(Tinebase_User::LDAP);
$key = 'host';
Tinebase_User::setBackendConfiguration('configured-host', $key);
Tinebase_User::deleteBackendConfiguration($key);
$this->assertEquals('default-host', Tinebase_User::getBackendConfiguration($key, 'default-host'));
$configOptionsCount = count(Tinebase_User::getBackendConfiguration());
Tinebase_User::deleteBackendConfiguration('non-existing-key');
$this->assertEquals($configOptionsCount, count(Tinebase_User::getBackendConfiguration()));
$this->assertTrue($configOptionsCount > 0, 'user backend config should be not empty');
Tinebase_User::deleteBackendConfiguration();
$this->assertTrue(count(Tinebase_User::getBackendConfiguration()) == 0, 'should be empty: ' . print_r(Tinebase_User::getBackendConfiguration(), TRUE));
}
/**
* get config for type IMAP/SMTP
*
* @param string $_configType
* @return array
*/
public static function getConfig($_configType)
{
if (!isset(self::$_configs[$_configType])) {
self::$_configs[$_configType] = Tinebase_Config::getInstance()->get($_configType, new Tinebase_Config_Struct())->toArray();
/*
* If LDAP-Url is given (instead of comma separated domains) add secondary domains from LDAP
* e.g. ldap://localhost/ou=domains,ou=mailConfig,dc=example,dc=com?dc?sub?objectclass=mailDomain
*/
if ($_configType == Tinebase_Config::SMTP && array_key_exists('secondarydomains', self::$_configs[Tinebase_Config::SMTP]) && preg_match("~^ldaps?://~i", self::$_configs[Tinebase_Config::SMTP]['secondarydomains'])) {
$ldap_url = parse_url(self::$_configs[Tinebase_Config::SMTP]['secondarydomains']);
$ldap_url['path'] = substr($ldap_url['path'], 1);
$query = explode('?', $ldap_url['query']);
count($query) > 0 ? $ldap_url['attributes'] = explode(',', $query[0]) : ($ldap_url['attributes'] = array());
$ldap_url['scope'] = Zend_Ldap::SEARCH_SCOPE_BASE;
if (count($query) > 1) {
switch ($query[1]) {
case 'subtree':
case 'sub':
$ldap_url['scope'] = Zend_Ldap::SEARCH_SCOPE_SUB;
break;
case 'one':
$ldap_url['scope'] = Zend_Ldap::SEARCH_SCOPE_ONE;
break;
}
}
count($query) > 2 ? $ldap_url['filter'] = $query[2] : ($ldap_url['filter'] = 'objectClass=*');
// By now your options are limited to configured server
$ldap = new Tinebase_Ldap(Tinebase_User::getBackendConfiguration());
$ldap->connect()->bind();
$secondarydomains = $ldap->searchEntries($ldap_url['filter'], $ldap_url['path'], $ldap_url['scope'], $ldap_url['attributes']);
self::$_configs[Tinebase_Config::SMTP]['secondarydomains'] = '';
foreach ($secondarydomains as $dn) {
foreach ($ldap_url['attributes'] as $attr) {
if (array_key_exists($attr, $dn)) {
foreach ($dn[$attr] as $domain) {
self::$_configs[Tinebase_Config::SMTP]['secondarydomains'] != '' ? $domain = ',' . $domain : $domain;
self::$_configs[Tinebase_Config::SMTP]['secondarydomains'] .= $domain;
}
}
}
}
if (Tinebase_Core::isLogLevel(Zend_Log::TRACE)) {
Tinebase_Core::getLogger()->trace(__METHOD__ . '::' . __LINE__ . ' Secondarydomains: ' . print_r(self::$_configs[Tinebase_Config::SMTP]['secondarydomains'], true));
}
}
}
return self::$_configs[$_configType];
}
/**
* create initial groups
*
* Method is called during Setup Initialization
*/
public static function createInitialGroups()
{
$defaultAdminGroupName = Tinebase_User::getBackendConfiguration(Tinebase_User::DEFAULT_ADMIN_GROUP_NAME_KEY) ? Tinebase_User::getBackendConfiguration(Tinebase_User::DEFAULT_ADMIN_GROUP_NAME_KEY) : self::DEFAULT_ADMIN_GROUP;
$adminGroup = new Tinebase_Model_Group(array('name' => $defaultAdminGroupName, 'description' => 'Group of administrative accounts'));
Tinebase_Group::getInstance()->addGroup($adminGroup);
$defaultUserGroupName = Tinebase_User::getBackendConfiguration(Tinebase_User::DEFAULT_USER_GROUP_NAME_KEY) ? Tinebase_User::getBackendConfiguration(Tinebase_User::DEFAULT_USER_GROUP_NAME_KEY) : self::DEFAULT_USER_GROUP;
$userGroup = new Tinebase_Model_Group(array('name' => $defaultUserGroupName, 'description' => 'Group of user accounts'));
Tinebase_Group::getInstance()->addGroup($userGroup);
}
/**
* get default group for users/admins
*
* @param string $_name group name (Users|Administrators)
* @return unknown_type
*/
protected function _getDefaultGroup($_name = 'Users')
{
if (!in_array($_name, array('Users', 'Administrators'))) {
throw new Tinebase_Exception_InvalidArgument('Wrong group name: ' . $_name);
}
$configKey = $_name == 'Users' ? Tinebase_User::DEFAULT_USER_GROUP_NAME_KEY : Tinebase_User::DEFAULT_ADMIN_GROUP_NAME_KEY;
$defaultGroupName = Tinebase_User::getBackendConfiguration($configKey);
if (empty($defaultGroupName)) {
Tinebase_Core::getLogger()->notice(__METHOD__ . '::' . __LINE__ . ' ' . $configKey . ' not found. Check your user backend configuration.');
$defaultGroupName = $_name;
}
try {
$result = $this->getGroupByName($defaultGroupName);
} catch (Tinebase_Exception_Record_NotDefined $tenf) {
// create group on the fly
$result = $this->addGroup(new Tinebase_Model_Group(array('name' => $defaultGroupName)));
}
return $result;
}
/**
* update existing group
*
* @param Tinebase_Model_Group $_group
* @return Tinebase_Model_Group
*/
public function update(Tinebase_Model_Group $_group)
{
$this->checkRight('MANAGE_ACCOUNTS');
// update default user group if name has changed
$oldGroup = Tinebase_Group::getInstance()->getGroupById($_group->getId());
$defaultGroupName = Tinebase_User::getBackendConfiguration(Tinebase_User::DEFAULT_USER_GROUP_NAME_KEY);
if ($oldGroup->name == $defaultGroupName && $oldGroup->name != $_group->name) {
Tinebase_Core::getLogger()->info(__METHOD__ . '::' . __LINE__ . ' Updated default group name: ' . $oldGroup->name . ' -> ' . $_group->name);
Tinebase_User::setBackendConfiguration($_group->name, Tinebase_User::DEFAULT_USER_GROUP_NAME_KEY);
Tinebase_User::saveBackendConfiguration();
}
$transactionId = Tinebase_TransactionManager::getInstance()->startTransaction(Tinebase_Core::getDb());
if (Tinebase_Application::getInstance()->isInstalled('Addressbook') === true) {
$_group->list_id = $oldGroup->list_id;
$list = $this->createOrUpdateList($_group);
$_group->list_id = $list->getId();
}
$group = Tinebase_Group::getInstance()->updateGroup($_group);
Tinebase_Group::getInstance()->setGroupMembers($group->getId(), $_group->members);
Tinebase_TransactionManager::getInstance()->commitTransaction($transactionId);
$event = new Admin_Event_UpdateGroup();
$event->group = $group;
Tinebase_Event::fireEvent($event);
return $group;
}
/**
* return sid of group
*
* @param string $_groupId
* @return string the sid of the group
*/
protected function _getGroupSID($_groupId)
{
$ldapOptions = Tinebase_User::getBackendConfiguration();
$filter = Zend_Ldap_Filter::equals($ldapOptions['groupUUIDAttribute'], Zend_Ldap::filterEscape($_groupId));
$groups = $this->_ldap->search($filter, $ldapOptions['groupsDn'], Zend_Ldap::SEARCH_SCOPE_SUB, array('sambasid'));
if (count($groups) == 0) {
throw new Tinebase_Exception_NotFound('Group not found! Filter: ' . $filter->toString());
}
$group = $groups->getFirst();
if (empty($group['sambasid'][0])) {
throw new Tinebase_Exception_NotFound('Group has no sambaSID');
}
return $group['sambasid'][0];
}
/**
* testInstallGroupNameOptions
*/
public function testInstallGroupNameOptions()
{
$this->_uninstallAllApplications();
$this->_installAllApplications(array('defaultAdminGroupName' => 'phpunit-admins', 'defaultUserGroupName' => 'phpunit-users', 'adminLoginName' => Tinebase_Core::get('testconfig')->username, 'adminPassword' => Tinebase_Core::get('testconfig')->password));
$adminUser = Tinebase_Core::get('currentAccount');
$this->assertEquals('phpunit-admins', Tinebase_User::getBackendConfiguration(Tinebase_User::DEFAULT_ADMIN_GROUP_NAME_KEY));
$this->assertEquals('phpunit-users', Tinebase_User::getBackendConfiguration(Tinebase_User::DEFAULT_USER_GROUP_NAME_KEY));
//cleanup
$this->_uninstallAllApplications();
}
/**
* the constructor
*
*/
public function __construct(array $_options = array())
{
$config = Tinebase_EmailUser::getConfig(Tinebase_Config::SMTP);
if ($this->_simpleMailConfig === null && isset($config['simplemail']) && isset($config['simplemail']['base'])) {
// load default values = simplemail scheme
$this->_issetOrDefault($config['simplemail']['storage_base'], $config['simplemail']['base']);
$this->_issetOrDefault($config['simplemail']['storage_rdn'], "cn=%u{tine20}");
$this->_issetOrDefault($config['simplemail']['property_mapping'], array('emailAliases' => "mailalternateaddress", 'emailForwards' => "mailforwardingaddress", 'emailForwardOnly' => "maildiscard:boolean"));
$this->_issetOrDefault($config['simplemail']['skeleton'], array('objectclass' => array("simplemail", "mailrouting"), 'mailUserDN' => "%s"));
$this->_issetOrDefault($config['simplemail']['readonly'], false);
$this->_issetOrDefault($config['simplemail']['scope'], Zend_Ldap::SEARCH_SCOPE_SUB);
$this->_simpleMailConfig = $config['simplemail'];
$this->_propertyMapping = $config['simplemail']['property_mapping'];
$this->_ldap = new Tinebase_Ldap(Tinebase_User::getBackendConfiguration());
#$this->_ldap->connect()->bind();
} else {
$this->_simpleMailConfig = NULL;
if (Tinebase_Core::isLogLevel(Zend_Log::ERR)) {
Tinebase_Core::getLogger()->err(__METHOD__ . '::' . __LINE__ . ' SMTP config: simpleMail is missing ldap base!');
}
}
}
/**
* change user password
*
* @param string $_oldPassword
* @param string $_newPassword
* @throws Tinebase_Exception_AccessDenied
* @throws Tinebase_Exception_InvalidArgument
*/
public function changePassword($_oldPassword, $_newPassword)
{
//error_log(print_r(Tinebase_Core::getUser()->toArray(), true));
// check config setting
if (!Tinebase_User::getBackendConfiguration('changepw', true)) {
throw new Tinebase_Exception_AccessDenied('Password change not allowed.');
}
$loginName = Tinebase_Core::getUser()->accountLoginName;
if (Tinebase_Core::isLogLevel(Zend_Log::DEBUG)) {
Tinebase_Core::getLogger()->debug(__METHOD__ . '::' . __LINE__ . " change password for {$loginName}");
}
if (!Tinebase_Auth::getInstance()->isValidPassword($loginName, $_oldPassword)) {
throw new Tinebase_Exception_InvalidArgument('Old password is wrong.');
}
Tinebase_User::getInstance()->setPassword(Tinebase_Core::getUser(), $_newPassword, true, false);
}
/**
* testInstallGroupNameOptions
*/
public function testInstallGroupNameOptions()
{
$this->_uninstallAllApplications();
$testCredentials = Setup_TestServer::getInstance()->getTestCredentials();
$this->_installAllApplications(array('defaultAdminGroupName' => 'phpunit-admins', 'defaultUserGroupName' => 'phpunit-users', 'adminLoginName' => $testCredentials['username'], 'adminPassword' => $testCredentials['password']));
$adminUser = Tinebase_Core::get('currentAccount');
$this->assertEquals('phpunit-admins', Tinebase_User::getBackendConfiguration(Tinebase_User::DEFAULT_ADMIN_GROUP_NAME_KEY));
$this->assertEquals('phpunit-users', Tinebase_User::getBackendConfiguration(Tinebase_User::DEFAULT_USER_GROUP_NAME_KEY));
//cleanup
$this->_uninstallAllApplications();
}
