Merge pull request #120 from Alphix/improve_change_password

[change-password] Improve change password

Last .js change is correct. It was a leftover of the old RainLoop AuthAccountHash system.
AuthAccountHash was some kind of login hash system to get logged in mail account.
This commit is contained in:
the-djmaze 2021-08-23 16:39:55 +02:00 committed by GitHub
commit f0549e1735
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 18 additions and 15 deletions

View file

@ -7,8 +7,8 @@ class ChangePasswordDriverLDAP
DESCRIPTION = 'Change passwords in LDAP.';
private
$sHostName = 'localhost',
$iHostPort = 389,
$sLdapUri = 'ldap://localhost:389',
$bUseStartTLS = True,
$sUserDnFormat = '',
$sPasswordField = 'userPassword',
$sPasswordEncType = 'SHA';
@ -21,8 +21,8 @@ class ChangePasswordDriverLDAP
function __construct(\RainLoop\Config\Plugin $oConfig, \MailSo\Log\Logger $oLogger)
{
$this->oLogger = $oLogger;
$this->sHostName = \trim($oConfig->Get('plugin', 'ldap_hostname', ''));
$this->iHostPort = (int) $oConfig->Get('plugin', 'ldap_port', 389);
$this->sLdapUri = \trim($oConfig->Get('plugin', 'ldap_uri', ''));
$this->bUseStartTLS = (bool) \trim($oConfig->Get('plugin', 'ldap_use_start_tls', ''));
$this->sUserDnFormat = \trim($oConfig->Get('plugin', 'ldap_user_dn_format', ''));
$this->sPasswordField = \trim($oConfig->Get('plugin', 'ldap_password_field', ''));
$this->sPasswordEncType = \trim($oConfig->Get('plugin', 'ldap_password_enc_type', ''));
@ -37,11 +37,12 @@ class ChangePasswordDriverLDAP
public static function configMapping() : array
{
return array(
\RainLoop\Plugins\Property::NewInstance('ldap_hostname')->SetLabel('Hostname')
->SetDefaultValue('localhost'),
\RainLoop\Plugins\Property::NewInstance('ldap_port')->SetLabel('Port')
->SetType(\RainLoop\Enumerations\PluginPropertyType::INT)
->SetDefaultValue(389),
\RainLoop\Plugins\Property::NewInstance('ldap_uri')->SetLabel('LDAP URI')
->SetDefaultValue('ldap://localhost:389')
->SetDescription('LDAP server URI(s), space separated'),
\RainLoop\Plugins\Property::NewInstance('ldap_use_start_tls')->SetLabel('Use StartTLS')
->SetType(\RainLoop\Enumerations\PluginPropertyType::BOOL)
->SetDefaultValue(True),
\RainLoop\Plugins\Property::NewInstance('ldap_user_dn_format')->SetLabel('User DN format')
->SetDescription('LDAP user dn format. Supported tokens: {email}, {email:user}, {email:domain}, {login}, {domain}, {domain:dc}, {imap:login}, {imap:host}, {imap:port}, {gecos}')
->SetDefaultValue('uid={imap:login},ou=Users,{domain:dc}'),
@ -70,7 +71,7 @@ class ChangePasswordDriverLDAP
'{gecos}' => \function_exists('posix_getpwnam') ? \posix_getpwnam($oAccount->Login()) : ''
));
$oCon = \ldap_connect($this->sHostName, $this->iHostPort);
$oCon = \ldap_connect($this->sLdapUri);
if (!$oCon) {
return false;
}
@ -82,8 +83,10 @@ class ChangePasswordDriverLDAP
'LDAP'
);
}
else if (!\ldap_start_tls($oCon)) {
$this->oLogger->Write("ldap_start_tls failed: ".$oCon, \MailSo\Log\Enumerations\Type::WARNING, 'LDAP');
if ($this->bUseStartTLS && !@\ldap_start_tls($oCon))
{
throw new \Exception('ldap_start_tls error '.\ldap_errno($oCon).': '.\ldap_error($oCon));
}
if (!\ldap_bind($oCon, $sUserDn, $sPrevPassword)) {

View file

@ -6,7 +6,7 @@ class ChangePasswordPlugin extends \RainLoop\Plugins\AbstractPlugin
{
const
NAME = 'Change Password',
VERSION = '2.2',
VERSION = '2.3',
RELEASE = '2021-07-20',
REQUIRED = '2.5.0',
CATEGORY = 'Security',
@ -99,7 +99,8 @@ class ChangePasswordPlugin extends \RainLoop\Plugins\AbstractPlugin
$result[] = \RainLoop\Plugins\Property::NewInstance("driver_{$name}_enabled")
->SetLabel('Enable ' . $class::NAME)
->SetType(\RainLoop\Enumerations\PluginPropertyType::BOOL)
->SetDescription($class::DESCRIPTION);
->SetDescription($class::DESCRIPTION)
->SetDefaultValue(false);
$result[] = \RainLoop\Plugins\Property::NewInstance("driver_{$name}_allowed_emails")
->SetLabel('Allowed emails')
->SetType(\RainLoop\Enumerations\PluginPropertyType::STRING_TEXT)

View file

@ -117,7 +117,6 @@
this.newPassword('');
this.newPassword2('');
this.passwordUpdateSuccess(true);
rl.hash.set();
rl.settings.set('AuthAccountHash', data.Result);
}
}