evolix/evoadmin-mail
22
0
Fork 0
Code Issues 6 Pull requests Releases Activity

Retrieve dn with getBaseDN static method

Browse source
This commit is contained in:
Victor LABORIE 2017-12-17 18:07:40 +01:00
parent a03f372c72
commit 0b7b63dd35
6 changed files with 87 additions and 93 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
htdocs/auth.php
View file

@ -16,7 +16,7 @@ if (isset($_SESSION['login'])) {
}
if (!empty($_POST['login'])) {
if ($server = new LdapServer(Html::clean($_POST['login']))) {
if ($server = new LdapServer(Html::clean($_POST['login']), LDAP_BASE, LDAP_ADMIN_DN, LDAP_ADMIN_PASS, LDAP_URI)) {
if ($server->login(Html::clean($_POST['password']))) {
$_SESSION['login'] = $server->getLogin();
$_SESSION['dn'] = $server->getDn();

2
htdocs/lib/auth.php
View file

@ -8,7 +8,7 @@ if (empty($_SESSION['login'])) {
exit(0);
} else {
try {
$server = new LdapServer($_SESSION['login']);
$server = new LdapServer($_SESSION['login'], LDAP_BASE, LDAP_ADMIN_DN, LDAP_ADMIN_PASS, LDAP_URI);
if (!empty($_GET['domain'])) {
$domain = new LdapDomain($server, Html::clean($_GET['domain']));
if (!empty($_GET['account'])) {

17
htdocs/lib/class.ldapaccount.php
View file

@ -2,20 +2,17 @@
class LdapAccount extends LdapDomain {
static $objectClass = array('mailAccount', 'posixAccount', 'organizationalRole');
static public function getClassFilter() {
return '(ObjectClass='.self::$objectClass[0].')';
}
static $dn='uid';
protected $domain,$uid,$name,$active=false,$admin=false,$courier=false,$authsmtp=false;
private $aliases=array(),$redirections=array();
public function __construct(LdapDomain $domain, $uid) {
$this->conn = $domain->conn;
$this->domain = $domain->getName();
$this->domain = $domain;
$this->conn = $this->domain->server->getConn();
$this->uid = $uid;
if ($sr = @ldap_search($this->conn, "uid=".$uid.",cn=".$this->domain.",".LDAP_BASE, self::getClassFilter())) {
if ($sr = @ldap_search($this->conn, self::getBaseDN($this->domain, $uid), self::getClassFilter())) {
$objects = ldap_get_entries($this->conn, $sr);
$object = $objects[0];
$this->name = $object['cn'][0];
@ -23,7 +20,7 @@ class LdapAccount extends LdapDomain {
$this->admin = ($object['isadmin'][0] == 'TRUE') ? true : false;
$this->courier = ($object['courieractive'][0] == 'TRUE') ? true : false;
$this->authsmtp = ($object['authsmtpactive'][0] == 'TRUE') ? true : false;
//$this->quota = getquota($this->domain,'user');
//$this->quota = getquota($this->domain->getName(),'user');
$this->aliases = array_filter($object['mailacceptinggeneralid'], "is_string");
$this->redirections = array_filter($object['maildrop'], "is_string");
} else {
@ -43,7 +40,7 @@ class LdapAccount extends LdapDomain {
$info["webmailActive"] = ($webmailactive) ? 'TRUE' : 'FALSE';
$info["authsmtpActive"] = ($authsmtpactive) ? 'TRUE' : 'FALSE';
#$info["amavisBypassSpamChecks"] = ($amavisBypassSpamChecks) ? 'TRUE' : 'FALSE';
if (!ldap_mod_replace($this->conn, "uid=".$this->uid.",cn=".$this->domain.",".LDAP_BASE, $info)) {
if (!ldap_mod_replace($this->conn, self::getBaseDN(), $info)) {
$error = ldap_error($this->conn);
throw new Exception("Erreur pendant la modification du compte : $error");
}
@ -66,7 +63,7 @@ class LdapAccount extends LdapDomain {
}
public function getAliases() {
return preg_replace('/@'.$this->domain.'/', '', $this->aliases);
return preg_replace('/@'.$this->domain->getName().'/', '', $this->aliases);
}
public function getRedirections() {

15
htdocs/lib/class.ldapalias.php
View file

@ -2,20 +2,17 @@
class LdapAlias extends LdapDomain {
static $objectClass = array('mailAlias');
static public function getClassFilter() {
return '(ObjectClass='.self::$objectClass[0].')';
}
static $dn='cn';
protected $domain,$name,$active=false;
private $aliases=array(),$redirections=array();
public function __construct(LdapDomain $domain, $name) {
$this->conn = $domain->conn;
$this->domain = $domain->getName();
$this->domain = $domain;
$this->conn = $this->conn = $this->domain->server->getConn();
$this->name = $name;
if ($sr = @ldap_search($this->conn, "cn=".$name.",cn=".$this->domain.",".LDAP_BASE, self::getClassFilter())) {
if ($sr = @ldap_search($this->conn, self::getBaseDN($this->domain, $name), self::getClassFilter())) {
$objects = ldap_get_entries($this->conn, $sr);
$object = $objects[0];
$this->active = ($object['isactive'][0] == 'TRUE') ? true : false;
@ -37,7 +34,7 @@ class LdapAlias extends LdapDomain {
return filter_var($value, FILTER_VALIDATE_EMAIL);
});
if (!@ldap_mod_replace($this->conn, "cn=".$this->getName().",cn=".$this->domain.",".LDAP_BASE, $info)) {
if (!@ldap_mod_replace($this->conn, self::getBaseDN($this), $info)) {
$error = ldap_error($this->conn);
throw new Exception("Erreur pendant la modification de l'alias : $error");
}
@ -48,7 +45,7 @@ class LdapAlias extends LdapDomain {
}
public function getAliases() {
return preg_replace('/@'.$this->domain.'/', '', $this->aliases);
return preg_replace('/@'.$this->domain->getName().'/', '', $this->aliases);
}
public function getRedirections() {

57
htdocs/lib/class.ldapdomain.php
View file

@ -2,22 +2,17 @@
class LdapDomain extends LdapServer {
static $objectClass = array('postfixDomain', 'posixGroup');
static $dn='cn';
static public function getClassFilter() {
return '(ObjectClass='.self::$objectClass[0].')';
}
protected $domain,$active=false;
protected $domain,$active=false,$server;
private $quota="0M/0M",$mail_accounts=array(),$mail_alias=array(),$posix_accounts=array(),$smb_accounts=array(),$accounts=array(),$alias=array();
public function __construct(LdapServer $server, $name) {
$this->conn = $server->conn;
$this->login = $server->login;
$this->superadmin = $server->superadmin;
$this->dn = $server->dn;
$this->server = $server;
$this->conn = $server->getConn();
$this->domain = $name;
if ($sr = @ldap_search($this->conn, "cn=".$this->domain.",".LDAP_BASE, "(ObjectClass=*)")) {
if ($sr = @ldap_search($this->conn, self::getBaseDN($this), "(ObjectClass=*)")) {
$objects = ldap_get_entries($this->conn, $sr);
foreach($objects as $object) {
@ -29,10 +24,10 @@ class LdapDomain extends LdapServer {
array_push($this->posix_accounts,$object['uid'][0]);
}
if (in_array(LdapAccount::$objectClass[0], $object['objectclass'])) {
array_push($this->mail_accounts,$object['uid'][0]);
array_push($this->mail_accounts,$object[LdapAccount::$dn][0]);
}
if (in_array(LdapAlias::$objectClass[0], $object['objectclass'])) {
array_push($this->mail_alias,$object['cn'][0]);
array_push($this->mail_alias,$object[LdapAlias::$dn][0]);
}
if (in_array("sambaSamAccount",$object['objectclass'])) {
array_push($this->smb_accounts,$object['uid'][0]);
@ -46,18 +41,12 @@ class LdapDomain extends LdapServer {
}
public function getAccounts() {
global $conf;
if (count($this->accounts) == 0) {
if (! $conf['domaines']['onlyone']) {
$rdn = ($conf['evoadmin']['version'] > 2) ? "cn=" .$this->domain. "," .LDAP_BASE : "domain=" .$this->domain. "," .LDAP_BASE;
} else {
$rdn = "ou=people," .LDAP_BASE;
}
$sr = ldap_search($this->conn, $rdn, LdapAccount::getClassfilter());
$sr = ldap_search($this->conn, self::getBaseDN($this), LdapAccount::getClassfilter());
$objects = ldap_get_entries($this->conn, $sr);
foreach($objects as $object) {
if(!empty($object["uid"][0])) {
$account = new LdapAccount($this, $object["uid"][0]);
if(!empty($object[LdapAccount::$dn][0])) {
$account = new LdapAccount($this, $object[LdapAccount::$dn][0]);
array_push($this->accounts, $account);
}
}
@ -66,18 +55,12 @@ class LdapDomain extends LdapServer {
}
public function getAlias() {
global $conf;
if (count($this->alias) == 0) {
if (! $conf['domaines']['onlyone']) {
$rdn = ($conf['evoadmin']['version'] > 2) ? "cn=" .$this->domain. "," .LDAP_BASE : "domain=" .$this->domain. "," .LDAP_BASE;
} else {
$rdn = "ou=people," .LDAP_BASE;
}
$sr = ldap_search($this->conn, $rdn, LdapAlias::getClassFilter());
$sr = ldap_search($this->conn, self::getBaseDN($this), LdapAlias::getClassFilter());
$objects = ldap_get_entries($this->conn, $sr);
foreach($objects as $object) {
if(!empty($object["cn"][0])) {
$alias = new LdapAlias($this, $object["cn"][0]);
if(!empty($object[LdapAlias::$dn][0])) {
$alias = new LdapAlias($this, $object[LdapAlias::$dn][0]);
array_push($this->alias, $alias);
}
}
@ -95,7 +78,7 @@ class LdapDomain extends LdapServer {
}
$mail = $uid.'@'.$this->getName();
$password = "{SSHA}".Ldap::ssha($password);
$info["uid"] = $mail;
$info[LdapAccount::$dn] = $mail;
$info["cn"] = $name;
$info["homeDirectory"] = "/home/vmail/" .$this->getName(). "/" .$uid. "/";
$info["uidNumber"]= $conf['unix']['uid'];
@ -112,7 +95,7 @@ class LdapDomain extends LdapServer {
#$info["amavisBypassSpamChecks"] = ($amavisBypassSpamChecks) ? 'TRUE' : 'FALSE';
$info["userPassword"] = $password;
if (@ldap_add($this->conn, "uid=".$mail.",cn=".$this->domain.",".LDAP_BASE, $info)) {
if (@ldap_add($this->conn, LdapAccount::getBaseDN($this, $mail), $info)) {
mail($name, 'Premier message',"Mail d'initialisation du compte.");
mailnotify($info,$this->getname(),$password);
} else {
@ -122,7 +105,7 @@ class LdapDomain extends LdapServer {
}
public function addAlias($name,$active=false,$mailaccept=array(),$maildrop=array()) {
$info["cn"] = $name;
$info[LdapAlias::$dn] = $name;
$info["isActive"] = ($active) ? 'TRUE' : 'FALSE';
$info["objectclass"] = LdapAlias::$objectClass;
$info["mailacceptinggeneralid"] = $mailaccept;
@ -130,14 +113,14 @@ class LdapDomain extends LdapServer {
return filter_var($value, FILTER_VALIDATE_EMAIL);
});
if (!@ldap_add($this->conn, "cn=".$name.",cn=".$this->domain.",".LDAP_BASE, $info)) {
if (!@ldap_add($this->conn, LdapAlias::getBaseDN($this, $name), $info)) {
$error = ldap_error($this->conn);
throw new Exception("Erreur dans l'ajout de l'alias : $error");
}
}
public function delAccount($uid) {
$dn = "uid=".$uid.",cn=".$this->domain.",".LDAP_BASE;
$dn = LdapAccount::getBaseDN($this, $uid);
if ($sr = @ldap_search($this->conn, $dn, LdapAccount::getClassFilter())) {
// Delete account
if (!ldap_delete($this->conn, $dn)) {
@ -150,7 +133,7 @@ class LdapDomain extends LdapServer {
}
public function delAlias($name) {
$dn = "cn=".$name.",cn=".$this->domain.",".LDAP_BASE;
$dn = LdapAlias::getBaseDN($this, $name);
if ($sr = @ldap_search($this->conn, $dn, LdapAlias::getClassFilter())) {
// Delete alias
if (!ldap_delete($this->conn, $dn)) {
@ -164,7 +147,7 @@ class LdapDomain extends LdapServer {
public function update($active=false) {
$info["isActive"] = ($active) ? 'TRUE' : 'FALSE';
if (!ldap_mod_replace($this->conn, "cn=".$this->getName().",".LDAP_BASE, $info)) {
if (!ldap_mod_replace($this->conn, self::getBaseDN($this), $info)) {
$error = ldap_error($this->conn);
throw new Exception("Erreur pendant la modification du domaine : $error");
}

87
htdocs/lib/class.ldapserver.php
View file

@ -1,19 +1,48 @@
<?php
class LdapServer {
protected $conn=NULL,$login,$dn,$superadmin=false;
private $domains=array();
private $conn=NULL,$login,$base,$superadmin=false,$domains=array();
public function __construct($login) {
static public function getClassFilter() {
return '(ObjectClass='.static::$objectClass[0].')';
}
static public function getBaseDN($object, $name=NULL) {
$class = get_called_class();
if ($class == "LdapDomain") {
if (empty($name)) {
return static::$dn.'='.$object->getName().','.LdapServer::getBaseDN($object->server);
} else {
return static::$dn.'='.$name.','.LdapServer::getBaseDN($object);
}
} elseif ($class == "LdapAccount") {
if (empty($name)) {
return static::$dn.'='.$object->getUid().','.LdapDomain::getBaseDN($object->domain);
} else {
return static::$dn.'='.$name.','.LdapDomain::getBaseDN($object);
}
} elseif ($class == "LdapAlias") {
if (empty($name)) {
return static::$dn.'='.$object->getName().','.LdapDomain::getBaseDN($object->domain);
} else {
return static::$dn.'='.$name.','.LdapDomain::getBaseDN($object);
}
} else {
return $object->base;
}
}
public function __construct($login, $base, $adminDN, $adminPass, $uri='ldap://127.0.0.1') {
global $conf;
$this->login = $login;
if (!$this->conn = ldap_connect(LDAP_URI)) {
throw new Exception("Impossible de se connecter au serveur LDPA ".LDAP_URI);
$this->base = $base;
if (!$this->conn = ldap_connect($uri)) {
throw new Exception("Impossible de se connecter au serveur LDAP $uri");
}
if (!ldap_set_option($this->conn, LDAP_OPT_PROTOCOL_VERSION, 3)) {
throw new Exception("Impossible de modifier la version du protocole LDAP à 3");
}
if (!ldap_bind($this->conn, LDAP_ADMIN_DN, LDAP_ADMIN_PASS)) {
if (!ldap_bind($this->conn, $adminDN, $adminPass)) {
throw new Exception("Authentification LDAP échoué !");
}
if (in_array($this->login, $conf['admin']['logins'])) {
@ -23,13 +52,12 @@ class LdapServer {
}
public function login($password) {
global $conf;
$sr=ldap_search($this->conn, LDAP_BASE, "(&(uid=".$this->login.")(isAdmin=TRUE))");
$sr=ldap_search($this->conn, self::getBaseDN($this), "(&(uid=".$this->login.")(isAdmin=TRUE))");
$info = ldap_get_entries($this->conn, $sr);
if ($info['count']) {
if (@ldap_bind($this->conn, $info[0]['dn'], $password)) {
unset($password);
$this->dn = $info[0]['dn'];
$this->base = $info[0]['dn'];
# EvoLog::log("Login success for " . $this->login);
return true;
} else {
@ -45,14 +73,13 @@ class LdapServer {
}
public function getDomains() {
global $conf;
if (count($this->domains) == 0) {
if ($this->superadmin) {
$sr = ldap_search($this->conn, LDAP_BASE, LdapDomain::getClassFilter());
$sr = ldap_search($this->conn, self::getBaseDN($this), LdapDomain::getClassFilter());
$objects = ldap_get_entries($this->conn, $sr);
foreach($objects as $object) {
if(!empty($object["cn"][0])) {
$domain = new LdapDomain($this, $object["cn"][0]);
if(!empty($object[LdapDomain::$dn][0])) {
$domain = new LdapDomain($this, $object[LdapDomain::$dn][0]);
array_push($this->domains, $domain);
}
}
@ -67,43 +94,29 @@ class LdapServer {
}
public function addDomain($name,$active=false) {
global $conf;
$info["cn"]=$name;
$info[LdapDomain::$dn]=$name;
$info["objectclass"] = LdapDomain::$objectClass;
$info["isActive"] = ($active) ? 'TRUE' : 'FALSE';
$info["gidNumber"]= getfreegid();
if (!@ldap_add($this->conn, "cn=".$name.",".LDAP_BASE, $info)) {
if (!@ldap_add($this->conn, LdapDomain::getBaseDN($this, $name), $info)) {
$error = ldap_error($this->conn);
throw new Exception("Erreur dans l'ajout du domaine : $error");
}
}
public function delDomain($name) {
if ($sr = @ldap_search($this->conn, "cn=".$name.",".LDAP_BASE, "(ObjectClass=*)")) {
$objects = ldap_get_entries($this->conn, $sr);
if ($domain = new LdapDomain($this, $name)) {
// Delete aliases
foreach($objects as $object) {
if (!empty($object['objectclass']) && !in_array(LdapDomain::$objectClass[0], $object['objectclass']) && in_array(LdapAlias::$objectClass[0], $object['objectclass'])) {
$dn = "cn=".$object['cn'][0]. ",cn=".$name.",".LDAP_BASE;
if (!ldap_delete($this->conn, $dn)) {
$error = ldap_error($this->conn);
throw new Exception("Erreur dans la suppression de l'alias $dn : $error");
}
}
foreach($domain->getAlias() as $alias) {
$domain->delAlias($alias->getName());
}
// Delete accounts
foreach($objects as $object) {
if (!empty($object['objectclass']) && !in_array(LdapDomain::$objectClass[0], $object['objectclass']) && !in_array(LdapAlias::$objectClass[0], $object['objectclass'])) {
$dn = "uid=".$object['cn'][0]. ",cn=".$name.",".LDAP_BASE;
if (!ldap_delete($this->conn, $dn)) {
$error = ldap_error($this->conn);
throw new Exception("Erreur dans la suppression du compte $dn : $error");
}
}
foreach($domain->getAccounts() as $account) {
$domain->delAccount($account->getUid());
}
// Delete domain
$dn = "cn=".$name.",".LDAP_BASE;
$dn = LdapDomain::getBaseDN($this, $name);
if (!ldap_delete($this->conn, $dn)) {
$error = ldap_error($this->conn);
throw new Exception("Erreur dans la suppression du domaine $dn : $error");
@ -125,6 +138,10 @@ class LdapServer {
return $this->dn;
}
public function getConn() {
return $this->conn;
}
public function __destruct() {
ldap_unbind($this->conn);
}