Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Normal view Permalink
ecloud_account_creator.php 5.2 KiB
Newer Older
Israel Yago Pereira's avatar
gitlab account creation
Israel Yago Pereira committed
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 
<?php
require 'vendor/autoload.php';
require_once('language.php');
require_once('account_creator.php');

use phpseclib3\Net\SSH2;

class ECloudAccountCreator implements AccountCreator
{
    private string $eCloudUrl;
    private string $eCloudUrlUsers;
    private string $eCloudCredentials;
    private int $quotaInMB = 1024;

    public function __construct(string $eCloudUrl, string $USERNAME_ADM, string $PASSWORD_ADM)
    {
        $this->eCloudUrl = endsWith($eCloudUrl, "/") ? $eCloudUrl : $eCloudUrl . "/";
        $this->eCloudUrlUsers = $this->eCloudUrl . "ocs/v2.php/cloud/users/";
        $this->eCloudCredentials = base64_encode($USERNAME_ADM . ":" . $PASSWORD_ADM);
    }
    public function validateData(object $userData): ValidatedData
    {
        $id = "e_cloud_account_data";
        try {
            if ($this->isUsernameTaken($userData->username)) 
                return new \ValidatedData($id, "error_account_taken");
        } catch(\Error $_) {
            return new \ValidatedData($id, "error_server_side");
        }
        return new \ValidatedData($id, null);
    }
    private function isUsernameTaken(string $username): bool
    {
        $curl = curl_init();
        curl_setopt_array($curl, array(
            CURLOPT_URL => $this->eCloudUrlUsers . $username,
            CURLOPT_RETURNTRANSFER => true,
            CURLOPT_ENCODING => "",
            CURLOPT_MAXREDIRS => 10,
            CURLOPT_TIMEOUT => 30,
            CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
            CURLOPT_HTTPHEADER => array(
                "cache-control: no-cache",
                "content-type: application/json",
                "OCS-APIRequest: true",
                "Accept: application/json",
                "Authorization: Basic " . $this->eCloudCredentials
            ),
        ));
        curl_exec($curl);
        $statusCode = curl_getinfo($curl, CURLINFO_RESPONSE_CODE);
        $err = curl_error($curl);
        curl_close($curl);
        if (!empty($err)) {
            throw new Error($err);
        }
        $userFound = $statusCode !== 404;
        return $userFound;
    }
    
    private function createMailAccount($resultmail, $pw, $pw2, $name, $quota, $authmail)
    {
        global $strings;
        $PF_HOSTNAME = "postfixadmin";
        $PF_USER = "pfexec";
        $PF_PWD = getenv("POSTFIXADMIN_SSH_PASSWORD");

        $ssh = new SSH2($PF_HOSTNAME);
        if (!$ssh->login($PF_USER, $PF_PWD)) {
            $error_string = $strings["error_server_side"];
            sendAPIResponse(500, createAPIResponse("general", $error_string));
        }


        // 1 - create the account
        $creationFeedBack = explode("\n", $ssh->exec('/postfixadmin/scripts/postfixadmin-cli mailbox add  "' . $resultmail . '" --password "' . $pw . '" --password2 "' . $pw2 . '" --name "' . $name . '" --email_other ' . $authmail . ' --quota ' . $quota . ' --active 1 --welcome-mail 0 2>&1'));


        $isCreated = preg_grep('/added/', $creationFeedBack);
        $answer = new \stdClass();
        if (empty($isCreated)) {
            // There was an error during account creation on PFA side, return it
            $answer->success = false;
            $answer->type = "error_creating_account";
            return $answer;
        } else {
            // 2 - the account was created, set some settings

            //set user's Email setting on NC
            $resultSetMail = curlCallNextcloud($resultmail, "email", $resultmail);
            $detailSetMail = json_decode($resultSetMail);
            //set user's Quota setting on NC
            $resultSetQuota = curlCallNextcloud($resultmail, "quota", $quota . " MB");
            $detailSetQuota = json_decode($resultSetQuota);

            if (($detailSetMail->ocs->meta->status == "ok") && ($detailSetQuota->ocs->meta->status == "ok")) {
                // ALL GOOD, account correctly created
                $recoveryEmailStatusCode = setRecoveryEmail($resultmail, $authmail);
                if($recoveryEmailStatusCode !== 200) {
                    $message = 'Setting recovery email of user ' . $resultmail . ' failed with status code: ' . $recoveryEmailStatusCode . '(recovery email: ' . $authmail . ')' . PHP_EOL ;
                    error_log($message, 0);
                }
                $answer->success = true;
                return $answer;
            } else {
                if (($detailSetMail->ocs->meta->status != "ok")) {
                    // TODO give distinct error detail about mail or quota error
                    $answer->success = false;
                    $answer->type = "error_setting_mail";
                    return $answer;
                } elseif (($detailSetQuota->ocs->meta->status != "ok")) {
                    $answer->success = false;
                    $answer->type = "error_setting_quota";
                    return $answer;
                }
            }
        }
    }

    public function tryToCreate(object $userData)
    {
        global $strings;
        $pw = $userData->password;
        $answer = $this->createMailAccount($userData->email, $pw, $pw, $userData->name, $this->quotaInMB, $userData->authmail);
        if ($answer->success === false) {
            sendAPIResponse(400, createAPIResponse("general", $strings[$answer->type]));
        }
    }
}