From f36184df64eb6481c23a9fc11fd06569c62d118c Mon Sep 17 00:00:00 2001 From: FreddleSpl0it Date: Mon, 2 Dec 2024 10:35:45 +0100 Subject: [PATCH] [Web] update mailbox on idp login --- data/web/inc/functions.auth.inc.php | 50 ++++++++++++++++-------- data/web/inc/functions.inc.php | 59 ++++++++++++++--------------- 2 files changed, 63 insertions(+), 46 deletions(-) diff --git a/data/web/inc/functions.auth.inc.php b/data/web/inc/functions.auth.inc.php index 83c0a32eb..9bea24995 100644 --- a/data/web/inc/functions.auth.inc.php +++ b/data/web/inc/functions.auth.inc.php @@ -449,18 +449,26 @@ function keycloak_mbox_login_rest($user, $pass, $extra = null){ return false; } - // get mapped template, if not set return false - // also return false if no mappers were defined + // get mapped template $user_template = $user_res['attributes']['mailcow_template'][0]; - if ($create && (empty($iam_settings['mappers']) || !$user_template)){ - return false; - } else if (!$create) { - // login success - dont create mailbox + $mapper_key = array_search($user_template, $iam_settings['mappers']); + + if (!$create) { + // login success + if ($mapper_key !== false) { + // update user + mailbox('edit', 'mailbox_from_template', array( + 'username' => $user, + 'name' => $user_res['name'], + 'template' => $iam_settings['templates'][$mapper_key], + 'hasAccess' => true + )); + } return 'user'; } // check if matching attribute exist - $mapper_key = array_search($user_template, $iam_settings['mappers']); + if (empty($iam_settings['mappers']) || !$user_template) return false; if ($mapper_key === false) return false; // create mailbox @@ -469,7 +477,8 @@ function keycloak_mbox_login_rest($user, $pass, $extra = null){ 'local_part' => explode('@', $user)[0], 'name' => $user_res['name'], 'authsource' => 'keycloak', - 'template' => $iam_settings['templates'][$mapper_key] + 'template' => $iam_settings['templates'][$mapper_key], + 'hasAccess' => true )); if (!$create_res) return false; @@ -536,18 +545,26 @@ function ldap_mbox_login($user, $pass, $extra = null){ return false; } - // get mapped template, if not set return false - // also return false if no mappers were defined + // get mapped template $user_template = $user_res[$iam_settings['attribute_field']][0]; - if ($create && (empty($iam_settings['mappers']) || !$user_template)){ - return false; - } else if (!$create) { - // login success - dont create mailbox + $mapper_key = array_search($user_template, $iam_settings['mappers']); + + if (!$create) { + // login success + if ($mapper_key !== false) { + // update user + mailbox('edit', 'mailbox_from_template', array( + 'username' => $user, + 'name' => $user_res['displayname'][0], + 'template' => $iam_settings['templates'][$mapper_key], + 'hasAccess' => true + )); + } return 'user'; } // check if matching attribute exist - $mapper_key = array_search($user_template, $iam_settings['mappers']); + if (empty($iam_settings['mappers']) || !$user_template) return false; if ($mapper_key === false) return false; // create mailbox @@ -556,7 +573,8 @@ function ldap_mbox_login($user, $pass, $extra = null){ 'local_part' => explode('@', $user)[0], 'name' => $user_res['displayname'][0], 'authsource' => 'ldap', - 'template' => $iam_settings['templates'][$mapper_key] + 'template' => $iam_settings['templates'][$mapper_key], + 'hasAccess' => true )); if (!$create_res) return false; diff --git a/data/web/inc/functions.inc.php b/data/web/inc/functions.inc.php index 943d53e97..dece39eef 100644 --- a/data/web/inc/functions.inc.php +++ b/data/web/inc/functions.inc.php @@ -2512,31 +2512,9 @@ function identity_provider($_action = null, $_data = null, $_extra = null) { // check if email address is given if (empty($info['email'])) return false; - // get mapped template, if not set return false - // also return false if no mappers were defined + // get mapped template $user_template = $info['mailcow_template']; - if (empty($iam_settings['mappers']) || empty($user_template)){ - clear_session(); - $_SESSION['return'][] = array( - 'type' => 'danger', - 'log' => array(__FUNCTION__, $info['email']), - 'msg' => array('login_failed', 'empty attribute mapping or missing template attribute') - ); - return false; - } - - // check if matching attribute exist $mapper_key = array_search($user_template, $iam_settings['mappers']); - if ($mapper_key === false) { - clear_session(); - $_SESSION['return'][] = array( - 'type' => 'danger', - 'log' => array(__FUNCTION__, $info['email']), - 'msg' => array('login_failed', 'specified template not found') - ); - return false; - } - // token valid, get mailbox $stmt = $pdo->prepare("SELECT * FROM `mailbox` @@ -2550,13 +2528,15 @@ function identity_provider($_action = null, $_data = null, $_extra = null) { $row = $stmt->fetch(PDO::FETCH_ASSOC); if ($row){ // success - // update user - mailbox('edit', 'mailbox_from_template', array( - 'username' => $info['email'], - 'name' => $info['name'], - 'template' => $iam_settings['templates'][$mapper_key], - 'hasAccess' => true - )); + if ($mapper_key !== false) { + // update user + mailbox('edit', 'mailbox_from_template', array( + 'username' => $info['email'], + 'name' => $info['name'], + 'template' => $iam_settings['templates'][$mapper_key], + 'hasAccess' => true + )); + } set_user_loggedin_session($info['email']); $_SESSION['return'][] = array( 'type' => 'success', @@ -2566,6 +2546,25 @@ function identity_provider($_action = null, $_data = null, $_extra = null) { return true; } + if (empty($iam_settings['mappers']) || empty($user_template)){ + clear_session(); + $_SESSION['return'][] = array( + 'type' => 'danger', + 'log' => array(__FUNCTION__, $info['email']), + 'msg' => array('login_failed', 'empty attribute mapping or missing template attribute') + ); + return false; + } + if ($mapper_key === false) { + clear_session(); + $_SESSION['return'][] = array( + 'type' => 'danger', + 'log' => array(__FUNCTION__, $info['email']), + 'msg' => array('login_failed', 'specified template not found') + ); + return false; + } + // create mailbox $create_res = mailbox('add', 'mailbox_from_template', array( 'domain' => explode('@', $info['email'])[1],