summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--.arcconfig3
-rw-r--r--bin/domain_delete.php5
-rw-r--r--doc/kolab_wap.oracle.sql4
-rw-r--r--doc/kolab_wap.sql2
-rw-r--r--doc/sample-insert-hosted-user_types.php313
-rw-r--r--doc/sample-insert-user_types.php2
-rw-r--r--lib/Auth/LDAP.php4
-rw-r--r--lib/api/kolab_api_service_form_value.php31
-rw-r--r--lib/kolab_api_service.php69
9 files changed, 334 insertions, 99 deletions
diff --git a/.arcconfig b/.arcconfig
new file mode 100644
index 0000000..b9fd1a3
--- /dev/null
+++ b/.arcconfig
@@ -0,0 +1,3 @@
+{
+ "phabricator.uri": "https://git.kolab.org"
+}
diff --git a/bin/domain_delete.php b/bin/domain_delete.php
index 74889cf..4dbe729 100644
--- a/bin/domain_delete.php
+++ b/bin/domain_delete.php
@@ -34,7 +34,10 @@ $username = $CONF->get('ldap', 'bind_dn');
$password = $CONF->get('ldap', 'bind_pw');
$domain = $CONF->get('kolab', 'primary_domain');
-$LDAP->authenticate($username, $password, $domain);
+// see https://cgit.kolab.org/webadmin/tree/lib/kolab_api_controller.php#n292
+session_start();
+$_SESSION['user'] = new User();
+$_SESSION['user']->authenticate($username, $password, $domain);
// get list of domains to delete
$domains = list_deleted_domains();
diff --git a/doc/kolab_wap.oracle.sql b/doc/kolab_wap.oracle.sql
index b9bc465..0c4a187 100644
--- a/doc/kolab_wap.oracle.sql
+++ b/doc/kolab_wap.oracle.sql
@@ -209,11 +209,11 @@ END;
INSERT ALL
INTO "user_types" ("id", "key", "name", "description", "attributes", "used_for", "is_default")
- VALUES (1,'kolab','Kolab User','A Kolab User','{"auto_form_fields":{"alias":{"type":"list","data":["givenname","preferredlanguage","sn"]},"cn":{"data":["givenname","sn"]},"displayname":{"data":["givenname","sn"]},"mail":{"data":["givenname","preferredlanguage","sn"]},"mailhost":{"optional":true},"uid":{"data":["givenname","preferredlanguage","sn"]},"userpassword":{"optional":true}},"form_fields":{"alias":{"optional":true},"givenname":[],"initials":{"optional":true},"kolabdelegate":{"type":"list","autocomplete":true,"optional":true},"kolabinvitationpolicy":{"type":"list","optional":true},"kolaballowsmtprecipient":{"type":"list","optional":true},"kolaballowsmtpsender":{"type":"list","optional":true},"l":{"optional":true},"mailalternateaddress":{"type":"list","optional":true},"mailquota":{"type":"text-quota","optional":true},"mobile":{"optional":true},"nsroledn":{"type":"list","autocomplete":true,"optional":true},"o":{"optional":true},"ou":{"type":"select"},"pager":{"optional":true},"postalcode":{"optional":true},"preferredlanguage":{"type":"select"},"sn":[],"street":{"optional":true},"telephonenumber":{"optional":true},"title":{"optional":true},"userpassword":{"optional":true}},"fields":{"objectclass":["top","inetorgperson","kolabinetorgperson","mailrecipient","organizationalperson","person"]}}',NULL,1)
+ VALUES (1,'kolab','Kolab User','A Kolab User','{"auto_form_fields":{"alias":{"type":"list","data":["givenname","preferredlanguage","sn"]},"cn":{"data":["givenname","sn"]},"displayname":{"data":["givenname","sn"]},"mail":{"data":["givenname","preferredlanguage","sn"]},"mailhost":{"optional":true},"uid":{"data":["givenname","preferredlanguage","sn"]},"userpassword":{"optional":true}},"form_fields":{"alias":{"type":"list","optional":true,"validate":"extended"},"givenname":[],"initials":{"optional":true},"kolabdelegate":{"type":"list","autocomplete":true,"optional":true},"kolabinvitationpolicy":{"type":"list","optional":true},"kolaballowsmtprecipient":{"type":"list","optional":true},"kolaballowsmtpsender":{"type":"list","optional":true},"l":{"optional":true},"mailalternateaddress":{"type":"list","optional":true},"mailquota":{"type":"text-quota","optional":true},"mobile":{"optional":true},"nsroledn":{"type":"list","autocomplete":true,"optional":true},"o":{"optional":true},"ou":{"type":"select"},"pager":{"optional":true},"postalcode":{"optional":true},"preferredlanguage":{"type":"select"},"sn":[],"street":{"optional":true},"telephonenumber":{"optional":true},"title":{"optional":true},"userpassword":{"optional":true}},"fields":{"objectclass":["top","inetorgperson","kolabinetorgperson","mailrecipient","organizationalperson","person"]}}',NULL,1)
INTO "user_types" ("id", "key", "name", "description", "attributes", "used_for", "is_default")
VALUES (2,'posix','POSIX User','A POSIX user (with a home directory and shell access)','{"auto_form_fields":{"cn":{"data":["givenname","sn"]},"displayname":{"data":["givenname","sn"]},"gidnumber":[],"homedirectory":{"data":["givenname","sn"]},"uid":{"data":["givenname","sn"]},"uidnumber":[],"userpassword":{"optional":true}},"form_fields":{"givenname":[],"initials":{"optional":true},"preferredlanguage":{"type":"select","values":["en_US","de_DE","de_CH","en_GB","fi_FI","fr_FR","hu_HU"]},"loginshell":{"type":"select","values":["/bin/bash","/usr/bin/git-shell","/sbin/nologin"]},"ou":{"type":"select"},"sn":[],"title":{"optional":true},"userpassword":{"optional":true}},"fields":{"objectclass":["top","inetorgperson","organizationalperson","person","posixaccount"]}}',NULL,0)
INTO "user_types" ("id", "key", "name", "description", "attributes", "used_for", "is_default")
- VALUES (3,'kolab_posix','Mail-enabled POSIX User','A mail-enabled POSIX User','{"auto_form_fields":{"alias":{"data":["givenname","preferredlanguage","sn"]},"cn":{"data":["givenname","preferredlanguage","sn"]},"displayname":{"data":["givenname","preferredlanguage","sn"]},"gidnumber":[],"homedirectory":{"data":["givenname","preferredlanguage","sn"]},"mail":{"data":["givenname","preferredlanguage","sn"]},"mailhost":{"optional":true},"uid":{"data":["givenname","preferredlanguage","sn"]},"uidnumber":[],"userpassword":{"optional":true}},"form_fields":{"alias":{"optional":true},"givenname":[],"initials":{"optional":true},"kolabdelegate":{"type":"list","autocomplete":true,"optional":true},"kolabinvitationpolicy":{"type":"list","optional":true},"kolaballowsmtprecipient":{"type":"list","optional":true},"kolaballowsmtpsender":{"type":"list","optional":true},"l":{"optional":true},"loginshell":{"type":"select","values":["/bin/bash","/usr/bin/git-shell","/sbin/nologin"]},"mailalternateaddress":{"type":"list","optional":true},"mailquota":{"type":"text-quota","optional":true},"mobile":{"optional":true},"nsroledn":{"type":"list","autocomplete":true,"optional":true},"o":{"optional":true},"ou":{"type":"select"},"pager":{"optional":true},"postalcode":{"optional":true},"preferredlanguage":{"type":"select"},"sn":[],"street":{"optional":true},"telephonenumber":{"optional":true},"title":{"optional":true},"userpassword":{"optional":true}},"fields":{"objectclass":["top","inetorgperson","kolabinetorgperson","mailrecipient","organizationalperson","person","posixaccount"]}}',NULL,0)
+ VALUES (3,'kolab_posix','Mail-enabled POSIX User','A mail-enabled POSIX User','{"auto_form_fields":{"alias":{"data":["givenname","preferredlanguage","sn"]},"cn":{"data":["givenname","preferredlanguage","sn"]},"displayname":{"data":["givenname","preferredlanguage","sn"]},"gidnumber":[],"homedirectory":{"data":["givenname","preferredlanguage","sn"]},"mail":{"data":["givenname","preferredlanguage","sn"]},"mailhost":{"optional":true},"uid":{"data":["givenname","preferredlanguage","sn"]},"uidnumber":[],"userpassword":{"optional":true}},"form_fields":{"alias":{"type":"list","optional":true,"validate":"extended"},"givenname":[],"initials":{"optional":true},"kolabdelegate":{"type":"list","autocomplete":true,"optional":true},"kolabinvitationpolicy":{"type":"list","optional":true},"kolaballowsmtprecipient":{"type":"list","optional":true},"kolaballowsmtpsender":{"type":"list","optional":true},"l":{"optional":true},"loginshell":{"type":"select","values":["/bin/bash","/usr/bin/git-shell","/sbin/nologin"]},"mailalternateaddress":{"type":"list","optional":true},"mailquota":{"type":"text-quota","optional":true},"mobile":{"optional":true},"nsroledn":{"type":"list","autocomplete":true,"optional":true},"o":{"optional":true},"ou":{"type":"select"},"pager":{"optional":true},"postalcode":{"optional":true},"preferredlanguage":{"type":"select"},"sn":[],"street":{"optional":true},"telephonenumber":{"optional":true},"title":{"optional":true},"userpassword":{"optional":true}},"fields":{"objectclass":["top","inetorgperson","kolabinetorgperson","mailrecipient","organizationalperson","person","posixaccount"]}}',NULL,0)
INTO "user_types" ("id", "key", "name", "description", "attributes", "used_for", "is_default")
VALUES (4,'contact','Contact','A global address book contact','{"auto_form_fields":{"cn":{"data":["givenname","sn"]},"displayname":{"data":["givenname","sn"]},"uid":{"data":["givenname","sn"]},"userpassword":{"optional":true}},"form_fields":{"cn":{"optional":true},"displayname":{"optional":true},"givenname":[],"initials":{"optional":true},"l":{"optional":true},"mail":{"type":"list","optional":true},"mailalternateaddress":{"type":"list","optional":true},"mobile":{"optional":true},"o":{"optional":true},"ou":{"type":"select"},"pager":{"optional":true},"postalcode":{"optional":true},"sn":[],"street":{"optional":true},"telephonenumber":{"optional":true},"title":{"optional":true},"userpassword":{"optional":true}},"fields":{"objectclass":["top","inetorgperson","mailrecipient","organizationalperson","person"]}}',NULL,0)
INTO "user_types" ("id", "key", "name", "description", "attributes", "used_for", "is_default")
diff --git a/doc/kolab_wap.sql b/doc/kolab_wap.sql
index 4ad17dd..6b2104e 100644
--- a/doc/kolab_wap.sql
+++ b/doc/kolab_wap.sql
@@ -214,7 +214,7 @@ CREATE TABLE `user_types` (
LOCK TABLES `user_types` WRITE;
/*!40000 ALTER TABLE `user_types` DISABLE KEYS */;
-INSERT INTO `user_types` VALUES (1,'kolab','Kolab User','A Kolab User','{\"auto_form_fields\":{\"alias\":{\"type\":\"list\",\"optional\":true,\"data\":[\"givenname\",\"preferredlanguage\",\"sn\"]},\"cn\":{\"data\":[\"givenname\",\"sn\"]},\"displayname\":{\"data\":[\"givenname\",\"sn\"]},\"mail\":{\"data\":[\"givenname\",\"preferredlanguage\",\"sn\"]},\"mailhost\":{\"optional\":true},\"uid\":{\"data\":[\"givenname\",\"preferredlanguage\",\"sn\"]},\"userpassword\":{\"optional\":true}},\"form_fields\":{\"alias\":{\"type\":\"list\",\"optional\":true},\"givenname\":[],\"initials\":{\"optional\":true},\"kolabdelegate\":{\"type\":\"list\",\"autocomplete\":true,\"optional\":true},\"kolabinvitationpolicy\":{\"type\":\"list\",\"optional\":true},\"kolaballowsmtprecipient\":{\"type\":\"list\",\"optional\":true},\"kolaballowsmtpsender\":{\"type\":\"list\",\"optional\":true},\"l\":{\"optional\":true},\"mailalternateaddress\":{\"type\":\"list\",\"optional\":true},\"mailquota\":{\"type\":\"text-quota\",\"optional\":true},\"mobile\":{\"optional\":true},\"nsroledn\":{\"type\":\"list\",\"autocomplete\":true,\"optional\":true},\"o\":{\"optional\":true},\"ou\":{\"type\":\"select\"},\"pager\":{\"optional\":true},\"postalcode\":{\"optional\":true},\"preferredlanguage\":{\"type\":\"select\"},\"sn\":[],\"street\":{\"optional\":true},\"telephonenumber\":{\"optional\":true},\"title\":{\"optional\":true},\"userpassword\":{\"optional\":true}},\"fields\":{\"objectclass\":[\"top\",\"inetorgperson\",\"kolabinetorgperson\",\"mailrecipient\",\"organizationalperson\",\"person\"]}}',NULL,1),(2,'posix','POSIX User','A POSIX user (with a home directory and shell access)','{\"auto_form_fields\":{\"cn\":{\"data\":[\"givenname\",\"sn\"]},\"displayname\":{\"data\":[\"givenname\",\"sn\"]},\"gidnumber\":[],\"homedirectory\":{\"data\":[\"givenname\",\"sn\"]},\"uid\":{\"data\":[\"givenname\",\"sn\"]},\"uidnumber\":[],\"userpassword\":{\"optional\":true}},\"form_fields\":{\"givenname\":[],\"initials\":{\"optional\":true},\"preferredlanguage\":{\"type\":\"select\",\"values\":[\"en_US\",\"de_DE\",\"de_CH\",\"en_GB\",\"fi_FI\",\"fr_FR\",\"hu_HU\"]},\"loginshell\":{\"type\":\"select\",\"values\":[\"/bin/bash\",\"/usr/bin/git-shell\",\"/sbin/nologin\"]},\"ou\":{\"type\":\"select\"},\"sn\":[],\"title\":{\"optional\":true},\"userpassword\":{\"optional\":true}},\"fields\":{\"objectclass\":[\"top\",\"inetorgperson\",\"organizationalperson\",\"person\",\"posixaccount\"]}}',NULL,0),(3,'kolab_posix','Mail-enabled POSIX User','A mail-enabled POSIX User','{\"auto_form_fields\":{\"alias\":{\"type\":\"list\",\"optional\":true,\"data\":[\"givenname\",\"preferredlanguage\",\"sn\"]},\"cn\":{\"data\":[\"givenname\",\"preferredlanguage\",\"sn\"]},\"displayname\":{\"data\":[\"givenname\",\"preferredlanguage\",\"sn\"]},\"gidnumber\":[],\"homedirectory\":{\"data\":[\"givenname\",\"preferredlanguage\",\"sn\"]},\"mail\":{\"data\":[\"givenname\",\"preferredlanguage\",\"sn\"]},\"mailhost\":{\"optional\":true},\"uid\":{\"data\":[\"givenname\",\"preferredlanguage\",\"sn\"]},\"uidnumber\":[],\"userpassword\":{\"optional\":true}},\"form_fields\":{\"alias\":{\"type\":\"list\",\"optional\":true},\"givenname\":[],\"initials\":{\"optional\":true},\"kolabdelegate\":{\"type\":\"list\",\"autocomplete\":true,\"optional\":true},\"kolabinvitationpolicy\":{\"type\":\"list\",\"optional\":true},\"kolaballowsmtprecipient\":{\"type\":\"list\",\"optional\":true},\"kolaballowsmtpsender\":{\"type\":\"list\",\"optional\":true},\"l\":{\"optional\":true},\"loginshell\":{\"type\":\"select\",\"values\":[\"/bin/bash\",\"/usr/bin/git-shell\",\"/sbin/nologin\"]},\"mailalternateaddress\":{\"type\":\"list\",\"optional\":true},\"mailquota\":{\"type\":\"text-quota\",\"optional\":true},\"mobile\":{\"optional\":true},\"nsroledn\":{\"type\":\"list\",\"autocomplete\":true,\"optional\":true},\"o\":{\"optional\":true},\"ou\":{\"type\":\"select\"},\"pager\":{\"optional\":true},\"postalcode\":{\"optional\":true},\"preferredlanguage\":{\"type\":\"select\"},\"sn\":[],\"street\":{\"optional\":true},\"telephonenumber\":{\"optional\":true},\"title\":{\"optional\":true},\"userpassword\":{\"optional\":true}},\"fields\":{\"objectclass\":[\"top\",\"inetorgperson\",\"kolabinetorgperson\",\"mailrecipient\",\"organizationalperson\",\"person\",\"posixaccount\"]}}',NULL,0),(4,'contact','Contact','A global address book contact','{\"auto_form_fields\":{\"cn\":{\"data\":[\"givenname\",\"sn\"]},\"displayname\":{\"data\":[\"givenname\",\"sn\"]},\"uid\":{\"data\":[\"givenname\",\"sn\"]},\"userpassword\":{\"optional\":true}},\"form_fields\":{\"cn\":{\"optional\":true},\"displayname\":{\"optional\":true},\"givenname\":[],\"initials\":{\"optional\":true},\"l\":{\"optional\":true},\"mail\":{\"type\":\"list\",\"optional\":true},\"mailalternateaddress\":{\"type\":\"list\",\"optional\":true},\"mobile\":{\"optional\":true},\"o\":{\"optional\":true},\"ou\":{\"type\":\"select\"},\"pager\":{\"optional\":true},\"postalcode\":{\"optional\":true},\"sn\":[],\"street\":{\"optional\":true},\"telephonenumber\":{\"optional\":true},\"title\":{\"optional\":true},\"userpassword\":{\"optional\":true}},\"fields\":{\"objectclass\":[\"top\",\"inetorgperson\",\"mailrecipient\",\"organizationalperson\",\"person\"]}}',NULL,0),(5,'forwarding','Mail Forwarding','A mail forwarding account (forwarding only!)','{\"auto_form_fields\":{\"cn\":{\"data\":[\"givenname\",\"sn\"]},\"displayname\":{\"data\":[\"givenname\",\"sn\"]},\"uid\":{\"data\":[\"givenname\",\"sn\"]},\"userpassword\":{\"optional\":true}},\"form_fields\":{\"cn\":{\"optional\":true},\"displayname\":{\"optional\":true},\"givenname\":[],\"initials\":{\"optional\":true},\"l\":{\"optional\":true},\"mail\":{\"type\":\"list\",\"optional\":true},\"mailalternateaddress\":{\"type\":\"list\",\"optional\":true},\"mailforwardingaddress\":{\"type\":\"list\"},\"mobile\":{\"optional\":true},\"o\":{\"optional\":true},\"ou\":{\"type\":\"select\"},\"pager\":{\"optional\":true},\"postalcode\":{\"optional\":true},\"sn\":[],\"street\":{\"optional\":true},\"telephonenumber\":{\"optional\":true},\"title\":{\"optional\":true},\"userpassword\":{\"optional\":true}},\"fields\":{\"objectclass\":[\"top\",\"inetorgperson\",\"mailrecipient\",\"organizationalperson\",\"person\"]}}',NULL,0);
+INSERT INTO `user_types` VALUES (1,'kolab','Kolab User','A Kolab User','{\"auto_form_fields\":{\"alias\":{\"type\":\"list\",\"optional\":true,\"data\":[\"givenname\",\"preferredlanguage\",\"sn\"]},\"cn\":{\"data\":[\"givenname\",\"sn\"]},\"displayname\":{\"data\":[\"givenname\",\"sn\"]},\"mail\":{\"data\":[\"givenname\",\"preferredlanguage\",\"sn\"]},\"mailhost\":{\"optional\":true},\"uid\":{\"data\":[\"givenname\",\"preferredlanguage\",\"sn\"]},\"userpassword\":{\"optional\":true}},\"form_fields\":{\"alias\":{\"type\":\"list\",\"optional\":true,\"validate\":\"extended\"},\"givenname\":[],\"initials\":{\"optional\":true},\"kolabdelegate\":{\"type\":\"list\",\"autocomplete\":true,\"optional\":true},\"kolabinvitationpolicy\":{\"type\":\"list\",\"optional\":true},\"kolaballowsmtprecipient\":{\"type\":\"list\",\"optional\":true},\"kolaballowsmtpsender\":{\"type\":\"list\",\"optional\":true},\"l\":{\"optional\":true},\"mailalternateaddress\":{\"type\":\"list\",\"optional\":true},\"mailquota\":{\"type\":\"text-quota\",\"optional\":true},\"mobile\":{\"optional\":true},\"nsroledn\":{\"type\":\"list\",\"autocomplete\":true,\"optional\":true},\"o\":{\"optional\":true},\"ou\":{\"type\":\"select\"},\"pager\":{\"optional\":true},\"postalcode\":{\"optional\":true},\"preferredlanguage\":{\"type\":\"select\"},\"sn\":[],\"street\":{\"optional\":true},\"telephonenumber\":{\"optional\":true},\"title\":{\"optional\":true},\"userpassword\":{\"optional\":true}},\"fields\":{\"objectclass\":[\"top\",\"inetorgperson\",\"kolabinetorgperson\",\"mailrecipient\",\"organizationalperson\",\"person\"]}}',NULL,1),(2,'posix','POSIX User','A POSIX user (with a home directory and shell access)','{\"auto_form_fields\":{\"cn\":{\"data\":[\"givenname\",\"sn\"]},\"displayname\":{\"data\":[\"givenname\",\"sn\"]},\"gidnumber\":[],\"homedirectory\":{\"data\":[\"givenname\",\"sn\"]},\"uid\":{\"data\":[\"givenname\",\"sn\"]},\"uidnumber\":[],\"userpassword\":{\"optional\":true}},\"form_fields\":{\"givenname\":[],\"initials\":{\"optional\":true},\"preferredlanguage\":{\"type\":\"select\",\"values\":[\"en_US\",\"de_DE\",\"de_CH\",\"en_GB\",\"fi_FI\",\"fr_FR\",\"hu_HU\"]},\"loginshell\":{\"type\":\"select\",\"values\":[\"/bin/bash\",\"/usr/bin/git-shell\",\"/sbin/nologin\"]},\"ou\":{\"type\":\"select\"},\"sn\":[],\"title\":{\"optional\":true},\"userpassword\":{\"optional\":true}},\"fields\":{\"objectclass\":[\"top\",\"inetorgperson\",\"organizationalperson\",\"person\",\"posixaccount\"]}}',NULL,0),(3,'kolab_posix','Mail-enabled POSIX User','A mail-enabled POSIX User','{\"auto_form_fields\":{\"alias\":{\"type\":\"list\",\"optional\":true,\"data\":[\"givenname\",\"preferredlanguage\",\"sn\"]},\"cn\":{\"data\":[\"givenname\",\"preferredlanguage\",\"sn\"]},\"displayname\":{\"data\":[\"givenname\",\"preferredlanguage\",\"sn\"]},\"gidnumber\":[],\"homedirectory\":{\"data\":[\"givenname\",\"preferredlanguage\",\"sn\"]},\"mail\":{\"data\":[\"givenname\",\"preferredlanguage\",\"sn\"]},\"mailhost\":{\"optional\":true},\"uid\":{\"data\":[\"givenname\",\"preferredlanguage\",\"sn\"]},\"uidnumber\":[],\"userpassword\":{\"optional\":true}},\"form_fields\":{\"alias\":{\"type\":\"list\",\"optional\":true,\"validate\":\"extended\"},\"givenname\":[],\"initials\":{\"optional\":true},\"kolabdelegate\":{\"type\":\"list\",\"autocomplete\":true,\"optional\":true},\"kolabinvitationpolicy\":{\"type\":\"list\",\"optional\":true},\"kolaballowsmtprecipient\":{\"type\":\"list\",\"optional\":true},\"kolaballowsmtpsender\":{\"type\":\"list\",\"optional\":true},\"l\":{\"optional\":true},\"loginshell\":{\"type\":\"select\",\"values\":[\"/bin/bash\",\"/usr/bin/git-shell\",\"/sbin/nologin\"]},\"mailalternateaddress\":{\"type\":\"list\",\"optional\":true},\"mailquota\":{\"type\":\"text-quota\",\"optional\":true},\"mobile\":{\"optional\":true},\"nsroledn\":{\"type\":\"list\",\"autocomplete\":true,\"optional\":true},\"o\":{\"optional\":true},\"ou\":{\"type\":\"select\"},\"pager\":{\"optional\":true},\"postalcode\":{\"optional\":true},\"preferredlanguage\":{\"type\":\"select\"},\"sn\":[],\"street\":{\"optional\":true},\"telephonenumber\":{\"optional\":true},\"title\":{\"optional\":true},\"userpassword\":{\"optional\":true}},\"fields\":{\"objectclass\":[\"top\",\"inetorgperson\",\"kolabinetorgperson\",\"mailrecipient\",\"organizationalperson\",\"person\",\"posixaccount\"]}}',NULL,0),(4,'contact','Contact','A global address book contact','{\"auto_form_fields\":{\"cn\":{\"data\":[\"givenname\",\"sn\"]},\"displayname\":{\"data\":[\"givenname\",\"sn\"]},\"uid\":{\"data\":[\"givenname\",\"sn\"]},\"userpassword\":{\"optional\":true}},\"form_fields\":{\"cn\":{\"optional\":true},\"displayname\":{\"optional\":true},\"givenname\":[],\"initials\":{\"optional\":true},\"l\":{\"optional\":true},\"mail\":{\"type\":\"list\",\"optional\":true},\"mailalternateaddress\":{\"type\":\"list\",\"optional\":true},\"mobile\":{\"optional\":true},\"o\":{\"optional\":true},\"ou\":{\"type\":\"select\"},\"pager\":{\"optional\":true},\"postalcode\":{\"optional\":true},\"sn\":[],\"street\":{\"optional\":true},\"telephonenumber\":{\"optional\":true},\"title\":{\"optional\":true},\"userpassword\":{\"optional\":true}},\"fields\":{\"objectclass\":[\"top\",\"inetorgperson\",\"mailrecipient\",\"organizationalperson\",\"person\"]}}',NULL,0),(5,'forwarding','Mail Forwarding','A mail forwarding account (forwarding only!)','{\"auto_form_fields\":{\"cn\":{\"data\":[\"givenname\",\"sn\"]},\"displayname\":{\"data\":[\"givenname\",\"sn\"]},\"uid\":{\"data\":[\"givenname\",\"sn\"]},\"userpassword\":{\"optional\":true}},\"form_fields\":{\"cn\":{\"optional\":true},\"displayname\":{\"optional\":true},\"givenname\":[],\"initials\":{\"optional\":true},\"l\":{\"optional\":true},\"mail\":{\"type\":\"list\",\"optional\":true},\"mailalternateaddress\":{\"type\":\"list\",\"optional\":true},\"mailforwardingaddress\":{\"type\":\"list\"},\"mobile\":{\"optional\":true},\"o\":{\"optional\":true},\"ou\":{\"type\":\"select\"},\"pager\":{\"optional\":true},\"postalcode\":{\"optional\":true},\"sn\":[],\"street\":{\"optional\":true},\"telephonenumber\":{\"optional\":true},\"title\":{\"optional\":true},\"userpassword\":{\"optional\":true}},\"fields\":{\"objectclass\":[\"top\",\"inetorgperson\",\"mailrecipient\",\"organizationalperson\",\"person\"]}}',NULL,0);
/*!40000 ALTER TABLE `user_types` ENABLE KEYS */;
UNLOCK TABLES;
/*!40103 SET TIME_ZONE=@OLD_TIME_ZONE */;
diff --git a/doc/sample-insert-hosted-user_types.php b/doc/sample-insert-hosted-user_types.php
index 3485865..19251e4 100644
--- a/doc/sample-insert-hosted-user_types.php
+++ b/doc/sample-insert-hosted-user_types.php
@@ -1,7 +1,11 @@
#!/usr/bin/php
<?php
+ /*
+ To configure the Kolab Webadmin user types database.
+ Execute it on the Kolab server from /usr/share/kolab-webadmin/
+ */
- if (isset($_SERVER["REQUEST_METHOD"]) && !empty($SERVER["REQUEST_METHOD"])) {
+ if (php_sapi_name() != 'cli') {
die("Not intended for execution through the webserver, sorry!");
}
@@ -9,159 +13,219 @@
$db = SQL::get_instance();
- $result = $db->query("TRUNCATE TABLE `user_types`");
+ $result = $db->query("TRUNCATE `user_types`");
$attributes = Array(
-
- /*
- * The form fields for which the values can be
- * generated automatically, using the existing
- * values of form_fields
- */
"auto_form_fields" => Array(
- /*
- * The 'cn' attribute is required for
- * the LDAP objectclasses we use, but
- * can be composed from a 'givenname'
- * and 'sn' attribute form_field (of
- * which 'sn' is also a required
- * attribute.
- */
"cn" => Array(
"data" => Array(
"givenname",
"sn",
),
),
- /*
- * The 'mail' attribute is supposed to
- * contain the email address this user
- * will use for this environment, and
- * is (supposed?) to match the 'uid'
- * for the user account.
- *
- * Disable this auto_form_field if
- * the API is not capable of making
- * a 'uid' become a 'uid'@'domain',
- * where 'domain' is not a valid
- * LDAP attribute for a user entry.
- */
"mail" => Array(
"data" => Array(
"uid",
),
),
+ "nsroledn" => Array(
+ "optional" => true,
+ ),
),
"form_fields" => Array(
- /*
- * Givenname is a requirement, but could
- * be filled with random data if not
- * wanted.
- */
+ "title" => Array(
+ "optional" => true,
+ ),
"givenname" => Array(),
- /*
- * The 'mailalternateaddress' is supposed
- * to contain the original email address
- * for the user.
- */
+ "sn" => Array(),
+ "o" => Array(
+ "optional" => true,
+ ),
+ "street" => Array(
+ "optional" => true,
+ ),
+ "postalcode" => Array(
+ "optional" => true,
+ ),
+ "l" => Array(
+ "optional" => true,
+ ),
+ "c" => Array(
+ "type" => "select",
+ "value" => "normal",
+ ),
+ "telephonenumber" => Array(
+ "optional" => true,
+ ),
+ "mobile" => Array(
+ "optional" => true,
+ ),
"mailalternateaddress" => Array(
+ "optional" => false,
+ ),
+ "alias" => Array(
+ "type" => "list",
+ "optional" => true,
+ ),
+ "uid" => Array(
"optional" => true,
),
+ "userpassword" => Array(
+ "type" => "password",
+ "optional" => true,
+ ),
+ "nsroledn" => Array(
+ "optional" => true,
+ ),
+ ),
+ "fields" => Array(
+ "mailquota" => Array(),
+ "objectclass" => Array(
+ "top",
+ "inetorgperson",
+ "kolabinetorgperson",
+ "mailrecipient",
+ "organizationalperson",
+ "country",
+ "person",
+ ),
+ ),
+ );
+
+ $result = $db->query("INSERT INTO `user_types` (`key`, `name`, `description`, `attributes`, `used_for`) " .
+ "VALUES ('individual','individual', 'individual'," .
+ "'" . json_encode($attributes) . "', 'hosted')");
+
+ $attributes = Array(
+ "auto_form_fields" => Array(
+ "cn" => Array(
+ "data" => Array(
+ "givenname",
+ "sn",
+ ),
+ ),
+ "nsroledn" => Array(
+ "optional" => true,
+ ),
+ ),
+ "form_fields" => Array(
+ "givenname" => Array(),
"sn" => Array(),
+ "o" => Array(
+ "optional" => true,
+ ),
+ "street" => Array(
+ "optional" => true,
+ ),
+ "postalcode" => Array(
+ "optional" => true,
+ ),
+ "l" => Array(
+ "optional" => true,
+ ),
+ "c" => Array(
+ "type" => "select",
+ "value" => "normal",
+ ),
+ "telephonenumber" => Array(
+ "optional" => true,
+ ),
+ "mobile" => Array(
+ "optional" => true,
+ ),
+ "mail" => Array(
+ "validate" => false,
+ ),
+ "mailalternateaddress" => Array(),
+ "nsroledn" => Array(
+ "optional" => true,
+ ),
"uid" => Array(),
"userpassword" => Array(
+ "optional" => true,
"type" => "password",
-// "optional" => true,
),
),
"fields" => Array(
- "mailquota" => "131072",
- "nsroledn" => "cn=personal-user,dc=notifytest,dc=tld",
+ "mailquota" => Array(),
+ "nsroledn" => Array(
+ "cn=admin-user,%(base_dn)s",
+ ),
"objectclass" => Array(
"top",
"inetorgperson",
"kolabinetorgperson",
- "mailrecipient",
"organizationalperson",
+ "mailrecipient",
+ "country",
"person",
),
),
);
+
$result = $db->query("INSERT INTO `user_types` (`key`, `name`, `description`, `attributes`, `used_for`) " .
- "VALUES ('personal','Personal', 'A user with a personal hosted plan'," .
+ "VALUES ('organization','organization', 'organization'," .
"'" . json_encode($attributes) . "', 'hosted')");
$attributes = Array(
- /*
- * The form fields for which the values can be
- * generated automatically, using the existing
- * values of form_fields
- */
"auto_form_fields" => Array(
- /*
- * The 'cn' attribute is required for
- * the LDAP objectclasses we use, but
- * can be composed from a 'givenname'
- * and 'sn' attribute form_field (of
- * which 'sn' is also a required
- * attribute.
- */
"cn" => Array(
"data" => Array(
"givenname",
"sn",
),
),
- /*
- * The 'mail' attribute is supposed to
- * contain the email address this user
- * will use for this environment, and
- * is (supposed?) to match the 'uid'
- * for the user account.
- *
- * Disable this auto_form_field if
- * the API is not capable of making
- * a 'uid' become a 'uid'@'domain',
- * where 'domain' is not a valid
- * LDAP attribute for a user entry.
- */
"mail" => Array(
"data" => Array(
"uid",
),
),
+ "nsroledn" => Array(
+ "optional" => true,
+ ),
),
"form_fields" => Array(
- "alias" => Array(
- "type" => "list",
+ "title" => Array(
"optional" => true,
- "maxcount" => 2,
),
- /*
- * Givenname is a requirement, but could
- * be filled with random data if not
- * wanted.
- */
"givenname" => Array(),
- /*
- * The 'mailalternateaddress' is supposed
- * to contain the original email address
- * for the user.
- */
- "mailalternateaddress" => Array(
+ "sn" => Array(),
+ "o" => Array(
+ "optional" => true,
+ ),
+ "street" => Array(
+ "optional" => true,
+ ),
+ "postalcode" => Array(
+ "optional" => true,
+ ),
+ "l" => Array(
+ "optional" => true,
+ ),
+ "telephonenumber" => Array(
+ "optional" => true,
+ ),
+ "mobile" => Array(
+ "optional" => true,
+ ),
+ "alias" => Array(
+ "type" => "list",
"optional" => true,
),
- "sn" => Array(),
- "uid" => Array(),
"userpassword" => Array(
"type" => "password",
-// "optional" => true,
+ "optional" => true,
+ ),
+ "uid" => Array(
+ "optional" => true,
+ ),
+ "nsroledn" => Array(
+ "optional" => true,
),
),
"fields" => Array(
- "mailquota" => "1048576",
- "nsroledn" => "cn=professional-user,dc=notifytest,dc=tld",
+ "mailquota" => Array(),
"objectclass" => Array(
"top",
"inetorgperson",
@@ -174,7 +238,76 @@
);
$result = $db->query("INSERT INTO `user_types` (`key`, `name`, `description`, `attributes`, `used_for`) " .
- "VALUES ('professional','Professional', 'A user with a professional hosted plan'," .
+ "VALUES ('organization-user','organization-user', 'organization-user'," .
"'" . json_encode($attributes) . "', 'hosted')");
+ $attributes = Array(
+ "auto_form_fields" => Array(
+ "cn" => Array(
+ "data" => Array(
+ "givenname",
+ "sn",
+ ),
+ ),
+ "mail" => Array(
+ "data" => Array(
+ "uid",
+ ),
+ ),
+ "nsroledn" => Array(
+ "optional" => true,
+ ),
+ ),
+ "form_fields" => Array(
+ "title" => Array(
+ "optional" => true,
+ ),
+ "givenname" => Array(),
+ "sn" => Array(),
+ "o" => Array(
+ "optional" => true,
+ ),
+ "street" => Array(
+ "optional" => true,
+ ),
+ "postalcode" => Array(
+ "optional" => true,
+ ),
+ "l" => Array(
+ "optional" => true,
+ ),
+ "telephonenumber" => Array(
+ "optional" => true,
+ ),
+ "mobile" => Array(
+ "optional" => true,
+ ),
+ "nsroledn" => Array(
+ "optional" => true,
+ ),
+ "userpassword" => Array(
+ "type" => "password",
+ "optional" => true,
+ ),
+ "uid" => Array(
+ "optional" => true,
+ ),
+ ),
+ "fields" => Array(
+ "objectclass" => Array(
+ "top",
+ "inetorgperson",
+ "kolabinetorgperson",
+ "organizationalperson",
+ "person",
+ ),
+ ),
+ );
+
+ $result = $db->query("INSERT INTO `user_types` (`key`, `name`, `description`, `attributes`, `used_for`) " .
+ "VALUES ('tenant-admin','tenant-admin', 'tenant-admin'," .
+ "'" . json_encode($attributes) . "', '')");
+
+
+
?>
diff --git a/doc/sample-insert-user_types.php b/doc/sample-insert-user_types.php
index 2c9ea06..f2106c5 100644
--- a/doc/sample-insert-user_types.php
+++ b/doc/sample-insert-user_types.php
@@ -64,6 +64,7 @@
"alias" => Array(
"type" => "list",
"optional" => true,
+ "validate" => "extended",
),
"givenname" => Array(),
"initials" => Array(
@@ -292,6 +293,7 @@
"alias" => Array(
"type" => "list",
"optional" => true,
+ "validate" => "extended",
),
"givenname" => Array(),
"initials" => Array(
diff --git a/lib/Auth/LDAP.php b/lib/Auth/LDAP.php
index 2e28c1e..bd7c3f9 100644
--- a/lib/Auth/LDAP.php
+++ b/lib/Auth/LDAP.php
@@ -202,6 +202,10 @@ class LDAP extends Net_LDAP3 {
return false;
}
+ if (!empty($attributes['domainrelatedobject_only'])) {
+ return true;
+ }
+
// Query the ACI for the primary domain
if ($domain_entry = $this->find_domain($primary_domain)) {
if (in_array('inetdomainbasedn', $domain_entry)) {
diff --git a/lib/api/kolab_api_service_form_value.php b/lib/api/kolab_api_service_form_value.php
index 56074bb..7976780 100644
--- a/lib/api/kolab_api_service_form_value.php
+++ b/lib/api/kolab_api_service_form_value.php
@@ -1594,6 +1594,12 @@ class kolab_api_service_form_value extends kolab_api_service
return $valid;
}
+ /**
+ * Lists the valid domains given a primary domain name space.
+ *
+ * Includes the parent domain and any alias or child domains.
+ * Considers domains that point to the same base dn to be child domains.
+ */
private function _get_valid_domains($my_primary_domain = null)
{
$my_primary_domain = $my_primary_domain !== null
@@ -1604,10 +1610,11 @@ class kolab_api_service_form_value extends kolab_api_service
$conf = Conf::get_instance();
$all_domains = $auth->list_domains();
$all_domains = $all_domains['list'];
+ $all_basedns = Array();
$dna = $conf->get('domain_name_attribute');
+ $dra = $conf->get('domain_rootdn_attribute');
- Log::trace("__get_valid_domains( " . $my_primary_domain . ")");
- Log::trace("\$all_domains includes: " . var_export($all_domains, TRUE) . " (must include domain for \$my_primary_domain)");
+ Log::trace("_get_valid_domains(" . $my_primary_domain . ")");
$valid_domains = $my_primary_domain ? array($my_primary_domain) : array();
foreach ($all_domains as $domain_id => $domain_attrs) {
@@ -1618,9 +1625,27 @@ class kolab_api_service_form_value extends kolab_api_service
if (in_array($my_primary_domain, $domain_attrs[$dna])) {
$valid_domains = array_merge($valid_domains, $domain_attrs[$dna]);
}
+
+ if (array_key_exists($dra, $domain_attrs)) {
+ if (array_key_exists($domain_attrs[$dra], $all_basedns)) {
+ $all_basedns[$domain_attrs[$dra]] = array_merge($all_basedns[$domain_attrs[$dra]], $domain_attrs[$dna]);
+ } else {
+ $all_basedns[$domain_attrs[$dra]] = $domain_attrs[$dna];
+ }
+ }
}
- return array_unique($valid_domains);
+ foreach ($all_basedns as $base_dn => $domains) {
+ if (in_array($my_primary_domain, $domains)) {
+ $valid_domains = array_merge($valid_domains, $domains);
+ }
+ }
+
+ $result = array_unique($valid_domains);
+
+ Log::trace("_get_valid_domains result: " . var_export($result, TRUE));
+
+ return array_unique($result);
}
private function _validate_email_address_in_any_of_my_domains($mail_address)
diff --git a/lib/kolab_api_service.php b/lib/kolab_api_service.php
index f19486a..1c8480f 100644
--- a/lib/kolab_api_service.php
+++ b/lib/kolab_api_service.php
@@ -28,6 +28,7 @@
*/
abstract class kolab_api_service
{
+ protected $base_dn = null;
protected $cache = array();
protected $conf;
protected $controller;
@@ -155,13 +156,31 @@ abstract class kolab_api_service
// Static attributes score
$elem_values_score = 0;
foreach ((array) $elem['attributes']['fields'] as $attr => $value) {
+ // Skip the object classes we have already compared
+ if ($attr == "objectclass") {
+ continue;
+ }
+
$v = $attributes[$attr];
+
if (is_array($value)) {
+ foreach ($value as $_value) {
+ $_value = $this->conf->expand($_value, $custom = Array('base_dn' => $this->base_dn()));
+
+ if (in_array($_value, (array)$v)) {
+ $elem_values_score++;
+ }
+ }
+
$value = implode('', $value);
+ } else {
+ $value = $this->conf->expand($_value, $custom = Array('base_dn' => $this->base_dn()));
}
+
if (is_array($v)) {
$v = implode('', $v);
}
+
$elem_values_score += intval($v == $value);
}
@@ -350,17 +369,31 @@ abstract class kolab_api_service
if (isset($type_attrs['fields'])) {
foreach ($type_attrs['fields'] as $key => $value) {
if (!is_array($value)) {
- $value2 = $this->conf->expand($value);
+ $value2 = $this->conf->expand($value, $custom = Array('base_dn' => $this->base_dn()));
if ($value !== $value2) {
Log::trace("Made value " . var_export($value, TRUE) . " in to: " . var_export($value2, TRUE));
$value = $value2;
}
+ } else {
+ foreach ($value as $_key => $_value) {
+ $_value2 = $this->conf->expand($_value, $custom = Array('base_dn' => $this->base_dn()));
+ if ($_value !== $_value2) {
+ Log::trace("Made value " . var_export($_value, TRUE) . " in to: " . var_export($_value2, TRUE));
+ $value[$_key] = $_value2;
+ }
+ }
}
if (empty($attribs[$key])) {
$result[$key] = $type_attrs['fields'][$key] = $value;
} else {
- $result[$key] = $attribs[$key] = $value;
+ if (!empty($type_attrs['auto_form_fields'][$key]['optional']) &&
+ $type_attrs['auto_form_fields'][$key]['type'] == "list") {
+
+ $result[$key] = array_unique(array_merge((array)$attribs[$key], (array)$value));
+ } else {
+ $result[$key] = $attribs[$key] = $value;
+ }
}
}
}
@@ -657,4 +690,36 @@ abstract class kolab_api_service
return $this->cache['unique_attributes'][$dn] = $result;
}
+
+ private function base_dn()
+ {
+ if (!empty($this->base_dn)) {
+ return $this->base_dn;
+ }
+
+ // Get the domain information for expansion later
+ $auth = Auth::get_instance();
+ $domain_info = $auth->domain_info($_SESSION['user']->get_domain());
+ $domain_info = $domain_info[key($domain_info)];
+ $dna = $this->conf->get('domain_name_attribute');
+
+ if (empty($dna)) {
+ $dna = 'associateddomain';
+ }
+
+ $domain = $domain_info[$dna];
+ if (is_array($domain)) {
+ $domain = $domain[0];
+ }
+
+ $dba = 'inetdomainbasedn';
+
+ if (empty($domain_info[$dba])) {
+ $this->base_dn = 'dc=' . implode('dc=,', explode('.', $domain));
+ } else {
+ $this->base_dn = $domain_info[$dba];
+ }
+
+ return $this->base_dn;
+ }
}