mirror of
https://bitbucket.org/jsuto/piler.git
synced 2025-06-12 23:17:02 +02:00
added ldap type + journal view
This commit is contained in:
SJ
@ -5,7 +5,7 @@ class ModelSaasLdap extends Model
|
||||
|
||||
public function get() {
|
||||
|
||||
$query = $this->db->query("SELECT id, description, ldap_host, ldap_base_dn, ldap_bind_dn FROM " . TABLE_LDAP . " ORDER BY description ASC");
|
||||
$query = $this->db->query("SELECT id, description, ldap_type, ldap_host, ldap_base_dn, ldap_bind_dn FROM " . TABLE_LDAP . " ORDER BY description ASC");
|
||||
|
||||
if($query->num_rows > 0) { return $query->rows; }
|
||||
|
||||
@ -29,11 +29,11 @@ class ModelSaasLdap extends Model
|
||||
public function add($arr = array()) {
|
||||
if(!isset($arr['description']) || !isset($arr['ldap_host'])) { return 0; }
|
||||
|
||||
$query = $this->db->query("INSERT INTO " . TABLE_LDAP . " (description, ldap_host, ldap_base_dn, ldap_bind_dn, ldap_bind_pw) VALUES (?,?,?,?,?)", array($arr['description'], $arr['ldap_host'], $arr['ldap_base_dn'], $arr['ldap_bind_dn'], $arr['ldap_bind_pw']));
|
||||
$query = $this->db->query("INSERT INTO " . TABLE_LDAP . " (description, ldap_host, ldap_base_dn, ldap_bind_dn, ldap_bind_pw, ldap_type) VALUES (?,?,?,?,?,?)", array($arr['description'], $arr['ldap_host'], $arr['ldap_base_dn'], $arr['ldap_bind_dn'], $arr['ldap_bind_pw'], $arr['ldap_type']));
|
||||
|
||||
$rc = $this->db->countAffected();
|
||||
|
||||
LOGGER("add ldap entry: " . $arr['description'] . " / " . $arr['ldap_host'] . " / " . $arr['ldap_base_dn'] . " (rc=$rc)");
|
||||
LOGGER("add ldap entry: " . $arr['description'] . " / " . $arr['ldap_type'] . " / " . $arr['ldap_host'] . " / " . $arr['ldap_base_dn'] . " (rc=$rc)");
|
||||
|
||||
if($rc == 1){ return 1; }
|
||||
|
||||
@ -48,9 +48,9 @@ class ModelSaasLdap extends Model
|
||||
|
||||
list($l,$d) = explode("@", $email);
|
||||
|
||||
$query = $this->db->query("SELECT ldap_host, ldap_base_dn, ldap_bind_dn, ldap_bind_pw from " . TABLE_DOMAIN . " as d, " . TABLE_LDAP . " as l where d.ldap_id=l.id and d.domain=?", array($d));
|
||||
$query = $this->db->query("SELECT ldap_type, ldap_host, ldap_base_dn, ldap_bind_dn, ldap_bind_pw from " . TABLE_DOMAIN . " as d, " . TABLE_LDAP . " as l where d.ldap_id=l.id and d.domain=?", array($d));
|
||||
|
||||
if($query->num_rows > 0) { return array($query->row['ldap_host'], $query->row['ldap_base_dn'], $query->row['ldap_bind_dn'], $query->row['ldap_bind_pw']); }
|
||||
if($query->num_rows > 0) { return array($query->row['ldap_type'], $query->row['ldap_host'], $query->row['ldap_base_dn'], $query->row['ldap_bind_dn'], $query->row['ldap_bind_pw']); }
|
||||
|
||||
return array();
|
||||
}
|
||||
|
||||
@ -178,7 +178,7 @@ class ModelSearchMessage extends Model {
|
||||
$msg = $this->get_raw_message($id);
|
||||
$this->disconnect_from_pilergetd();
|
||||
|
||||
$this->remove_journal($msg);
|
||||
$has_journal = $this->remove_journal($msg);
|
||||
|
||||
$pos = strpos($msg, "\n\r\n");
|
||||
if($pos == false) {
|
||||
@ -193,6 +193,55 @@ class ModelSearchMessage extends Model {
|
||||
$data = preg_replace("/\</", "<", $data);
|
||||
$data = preg_replace("/\>/", ">", $data);
|
||||
|
||||
return array('headers' => $data, 'has_journal' => $has_journal);
|
||||
}
|
||||
|
||||
|
||||
public function get_message_journal($id = '') {
|
||||
$data = '< >';
|
||||
$boundary = '';
|
||||
|
||||
$this->connect_to_pilergetd();
|
||||
$msg = $this->get_raw_message($id);
|
||||
$this->disconnect_from_pilergetd();
|
||||
|
||||
$hdr = substr($msg, 0, 8192);
|
||||
|
||||
$s = preg_split("/\n/", $hdr);
|
||||
while(list($k, $v) = each($s)) {
|
||||
if(preg_match("/boundary\s{0,}=\s{0,}\"{0,}([\w\_\-\@\.]+)\"{0,}/i", $v, $m)) {
|
||||
if(isset($m[1])) { $boundary = $m[1]; break; }
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
$p = strstr($msg, "\nX-MS-Journal-Report:");
|
||||
$msg = '';
|
||||
|
||||
if($p) {
|
||||
|
||||
$s = preg_split("/\n/", $p);
|
||||
|
||||
$i=0; $j=0; $data = '';
|
||||
|
||||
while(list($k, $v) = each($s)) {
|
||||
if(strstr($v, $boundary)) { $i++; }
|
||||
if($i > 0 && preg_match("/^\s{1,}$/", $v)) { $j++; }
|
||||
|
||||
if($j == 1) {
|
||||
$data .= "$v\n";
|
||||
}
|
||||
|
||||
if($i >= 2) { break; }
|
||||
}
|
||||
|
||||
$p = '';
|
||||
|
||||
$data = preg_replace("/\</", "<", $data);
|
||||
$data = preg_replace("/\>/", ">", $data);
|
||||
|
||||
}
|
||||
|
||||
return $data;
|
||||
}
|
||||
|
||||
@ -200,6 +249,7 @@ class ModelSearchMessage extends Model {
|
||||
public function remove_journal(&$msg = '') {
|
||||
$p = $q = '';
|
||||
$boundary = '';
|
||||
$has_journal = 0;
|
||||
|
||||
$hdr = substr($msg, 0, 4096);
|
||||
|
||||
@ -212,6 +262,8 @@ class ModelSearchMessage extends Model {
|
||||
|
||||
$p = strstr($msg, "\nX-MS-Journal-Report:");
|
||||
if($p) {
|
||||
$has_journal = 1;
|
||||
|
||||
$msg = '';
|
||||
$q = strstr($p, "Received: from");
|
||||
if($q) {
|
||||
@ -225,7 +277,11 @@ class ModelSearchMessage extends Model {
|
||||
}
|
||||
}
|
||||
|
||||
if($boundary) { $msg = substr($msg, 0, strlen($msg) - strlen($boundary) - 6); }
|
||||
if($boundary) {
|
||||
$msg = substr($msg, 0, strlen($msg) - strlen($boundary) - 6);
|
||||
}
|
||||
|
||||
return $has_journal;
|
||||
}
|
||||
|
||||
|
||||
@ -250,7 +306,7 @@ class ModelSearchMessage extends Model {
|
||||
$msg = $this->get_raw_message($id);
|
||||
$this->disconnect_from_pilergetd();
|
||||
|
||||
$this->remove_journal($msg);
|
||||
$has_journal = $this->remove_journal($msg);
|
||||
|
||||
$a = explode("\n", $msg); $msg = "";
|
||||
|
||||
@ -365,7 +421,8 @@ class ModelSearchMessage extends Model {
|
||||
'to' => $this->decode_my_str($to),
|
||||
'subject' => $this->highlight_search_terms($this->decode_my_str($subject), $terms),
|
||||
'date' => $this->decode_my_str($date),
|
||||
'message' => $this->highlight_search_terms($message, $terms)
|
||||
'message' => $this->highlight_search_terms($message, $terms),
|
||||
'has_journal' => $has_journal
|
||||
);
|
||||
}
|
||||
|
||||
|
||||
@ -68,20 +68,59 @@ class ModelUserAuth extends Model {
|
||||
$ldap_helper_dn = LDAP_HELPER_DN;
|
||||
$ldap_helper_password = LDAP_HELPER_PASSWORD;
|
||||
|
||||
$ldap_mail_attr = LDAP_MAIL_ATTR;
|
||||
$ldap_account_objectclass = LDAP_ACCOUNT_OBJECTCLASS;
|
||||
$ldap_distributionlist_attr = LDAP_DISTRIBUTIONLIST_ATTR;
|
||||
$ldap_distributionlist_objectclass = LDAP_DISTRIBUTIONLIST_OBJECTCLASS;
|
||||
|
||||
if(ENABLE_SAAS == 1) {
|
||||
$a = $this->model_saas_ldap->get_ldap_params_by_email($username);
|
||||
|
||||
$ldap_host = $a[0];
|
||||
$ldap_base_dn = $a[1];
|
||||
$ldap_helper_dn = $a[2];
|
||||
$ldap_helper_password = $a[3];
|
||||
$ldap_type = $a[0];
|
||||
$ldap_host = $a[1];
|
||||
$ldap_base_dn = $a[2];
|
||||
$ldap_helper_dn = $a[3];
|
||||
$ldap_helper_password = $a[4];
|
||||
|
||||
switch ($ldap_type) {
|
||||
|
||||
case 'AD':
|
||||
$ldap_mail_attr = 'mail';
|
||||
$ldap_account_objectclass = 'user';
|
||||
$ldap_distributionlist_attr = 'member';
|
||||
$ldap_distributionlist_objectclass = 'group';
|
||||
break;
|
||||
|
||||
case 'zimbra':
|
||||
$ldap_mail_attr = 'mail';
|
||||
$ldap_account_objectclass = 'zimbraAccount';
|
||||
$ldap_distributionlist_attr = 'zimbraMailForwardingAddress';
|
||||
$ldap_distributionlist_objectclass = 'zimbraDistributionList';
|
||||
break;
|
||||
|
||||
case 'iredmail':
|
||||
$ldap_mail_attr = 'mail';
|
||||
$ldap_account_objectclass = 'mailUser';
|
||||
$ldap_distributionlist_attr = 'memberOfGroup';
|
||||
$ldap_distributionlist_objectclass = 'mailList';
|
||||
break;
|
||||
|
||||
case 'lotus':
|
||||
$ldap_mail_attr = 'mail';
|
||||
$ldap_account_objectclass = 'dominoPerson';
|
||||
$ldap_distributionlist_attr = 'mail';
|
||||
$ldap_distributionlist_objectclass = 'dominoGroup';
|
||||
break;
|
||||
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
$ldap = new LDAP($ldap_host, $ldap_helper_dn, $ldap_helper_password);
|
||||
|
||||
if($ldap->is_bind_ok()) {
|
||||
|
||||
$query = $ldap->query($ldap_base_dn, "(&(objectClass=" . LDAP_ACCOUNT_OBJECTCLASS . ")(" . LDAP_MAIL_ATTR . "=$username))", array());
|
||||
$query = $ldap->query($ldap_base_dn, "(&(objectClass=$ldap_account_objectclass)($ldap_mail_attr=$username))", array());
|
||||
|
||||
if(isset($query->row['dn']) && $query->row['dn']) {
|
||||
$a = $query->row;
|
||||
@ -92,7 +131,7 @@ class ModelUserAuth extends Model {
|
||||
|
||||
if($ldap_auth->is_bind_ok()) {
|
||||
|
||||
$query = $ldap->query($ldap_base_dn, "(|(&(objectClass=" . LDAP_ACCOUNT_OBJECTCLASS . ")(" . LDAP_MAIL_ATTR . "=$username))(&(objectClass=" . LDAP_DISTRIBUTIONLIST_OBJECTCLASS . ")(" . LDAP_DISTRIBUTIONLIST_ATTR . "=$username)" . ")(&(objectClass=" . LDAP_DISTRIBUTIONLIST_OBJECTCLASS . ")(" . LDAP_DISTRIBUTIONLIST_ATTR . "=" . stripslashes($a['dn']) . ")))", array());
|
||||
$query = $ldap->query($ldap_base_dn, "(|(&(objectClass=$ldap_account_objectclass)($ldap_mail_attr=$username))(&(objectClass=$ldap_distributionlist_objectclass)($ldap_distributionlist_attr=$username)" . ")(&(objectClass=$ldap_distributionlist_objectclass)($ldap_distributionlist_attr=" . stripslashes($a['dn']) . ")))", array("mail", "mailalternateaddress", "proxyaddresses", $ldap_distributionlist_attr));
|
||||
|
||||
$is_auditor = $this->check_ldap_membership($query->rows);
|
||||
|
||||
@ -148,7 +187,7 @@ class ModelUserAuth extends Model {
|
||||
$data = array();
|
||||
|
||||
foreach($e as $a) {
|
||||
foreach (array("mail", "mailalternateaddress", "proxyaddresses", LDAP_MAIL_ATTR, LDAP_DISTRIBUTIONLIST_ATTR) as $mailattr) {
|
||||
//foreach (array("mail", "mailalternateaddress", "proxyaddresses", LDAP_MAIL_ATTR, LDAP_DISTRIBUTIONLIST_ATTR) as $mailattr) {
|
||||
if(isset($a[$mailattr])) {
|
||||
|
||||
if(isset($a[$mailattr]['count'])) {
|
||||
@ -164,7 +203,7 @@ class ModelUserAuth extends Model {
|
||||
if(!in_array($email, $data) && strchr($email, '@') && substr($email, 0, 4) != 'sip:') { array_push($data, $email); }
|
||||
}
|
||||
}
|
||||
}
|
||||
//}
|
||||
}
|
||||
|
||||
return $data;
|
||||
@ -243,6 +282,11 @@ class ModelUserAuth extends Model {
|
||||
|
||||
|
||||
public function check_ntlm_auth() {
|
||||
$ldap_mail_attr = 'mail';
|
||||
$ldap_account_objectclass = 'user';
|
||||
$ldap_distributionlist_attr = 'member';
|
||||
$ldap_distributionlist_objectclass = 'group';
|
||||
|
||||
if(!isset($_SERVER['REMOTE_USER'])) { return 0; }
|
||||
|
||||
$u = explode("\\", $_SERVER['REMOTE_USER']);
|
||||
@ -253,7 +297,7 @@ class ModelUserAuth extends Model {
|
||||
|
||||
if($ldap->is_bind_ok()) {
|
||||
|
||||
$query = $ldap->query(LDAP_BASE_DN, "(&(objectClass=" . LDAP_ACCOUNT_OBJECTCLASS . ")(samaccountname=" . $u[1] . "))", array());
|
||||
$query = $ldap->query(LDAP_BASE_DN, "(&(objectClass=$ldap_account_objectclass)(samaccountname=" . $u[1] . "))", array());
|
||||
|
||||
if(isset($query->row['dn'])) {
|
||||
$a = $query->row;
|
||||
@ -261,7 +305,7 @@ class ModelUserAuth extends Model {
|
||||
if(isset($a['mail']['count'])) { $username = $a['mail'][0]; } else { $username = $a['mail']; }
|
||||
$username = strtolower(preg_replace("/^smtp\:/i", "", $username));
|
||||
|
||||
$query = $ldap->query(LDAP_BASE_DN, "(|(&(objectClass=" . LDAP_ACCOUNT_OBJECTCLASS . ")(" . LDAP_MAIL_ATTR . "=$username))(&(objectClass=" . LDAP_DISTRIBUTIONLIST_OBJECTCLASS . ")(" . LDAP_DISTRIBUTIONLIST_ATTR . "=$username)" . ")(&(objectClass=" . LDAP_DISTRIBUTIONLIST_OBJECTCLASS . ")(" . LDAP_DISTRIBUTIONLIST_ATTR . "=" . $a['dn'] . ")))", array());
|
||||
$query = $ldap->query(LDAP_BASE_DN, "(|(&(objectClass=$ldap_account_objectclass)($ldap_mail_attr=$username))(&(objectClass=$ldap_distributionlist_objectclass)($ldap_distributionlist_attr=$username)" . ")(&(objectClass=$ldap_distributionlist_objectclass)($ldap_distributionlist_attr=" . $a['dn'] . ")))", array());
|
||||
|
||||
$emails = $this->get_email_array_from_ldap_attr($query->rows);
|
||||
|
||||
|
||||
Reference in New Issue
Block a user