From 38fc85dd749d0c1be063f6e565cd4267a19e3ee5 Mon Sep 17 00:00:00 2001 From: diroots Date: Mon, 16 Mar 2020 18:03:57 +0100 Subject: [PATCH 01/18] adding postDelete.php script AND dependancies in Dockerfile --- Dockerfile | 2 +- htdocs/postDelete.php | 205 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 206 insertions(+), 1 deletion(-) create mode 100644 htdocs/postDelete.php diff --git a/Dockerfile b/Dockerfile index 3f72312..fe248b5 100644 --- a/Dockerfile +++ b/Dockerfile @@ -13,7 +13,7 @@ COPY --from=composer:1.8 /usr/bin/composer /usr/bin/composer RUN apt-get update && apt-get install -y --no-install-recommends git unzip \ # these params are recommended for installing untrusted extensions # https://getcomposer.org/doc/faqs/how-to-install-untrusted-packages-safely.md - && composer require --no-plugins --no-scripts pear/mail pear/net_smtp pear/auth_sasl pear/mail_mime \ + && composer require --no-plugins --no-scripts pear/mail pear/net_smtp pear/auth_sasl pear/mail_mime phpseclib/phpseclib curl/curl \ && apt-get remove -y git unzip \ && rm -rf /var/lib/apt/lists/* \ # composer shouldnt be present in production setups diff --git a/htdocs/postDelete.php b/htdocs/postDelete.php new file mode 100644 index 0000000..a13a20b --- /dev/null +++ b/htdocs/postDelete.php @@ -0,0 +1,205 @@ + $line) { + if (preg_match($regex, $line) == 1) { + // temporarely save the line for later use on the file below + $tmpLine = $line; + + unset($lines[$key]); + } + } + if ($tmpLine) { + //Unique line was found, save $AUTH_FILE_DONE with exclusive lock on the file + $data = implode(PHP_EOL, $lines); + file_put_contents($AUTH_FILE_DONE, $data, LOCK_EX); + + + + // for $AUTH_FILE, line pattern is : + // + // MAIL_USED_FOR_REGISTRATION:SECRET + // + // remove ALL lines on this file based on MAIL_USED_FOR_REGISTRATION + + + // get MAIL_USED_FOR_REGISTRATION from line + $mail = strtok($tmpLine,":"); + // create regex pattern to prevent false positives : + // lines STARTING with $mail + $regex = "/^".$mail.":/"; + + // find and delete all the line containing this MAIL_USED_FOR_REGISTRATION + $lines = file($AUTH_FILE, FILE_IGNORE_NEW_LINES); + foreach($lines as $key => $line) { + if (preg_match($regex, $line) == 1) unset($lines[$key]); + } + $data = implode(PHP_EOL, $lines); + //save $AUTH_FILE with exclusive lock on the file + file_put_contents($AUTH_FILE, $data, LOCK_EX); + + // return MAIL_USED_FOR_REGISTRATION, 2BE used by purgeWebsiteFiles function + return $mail; + } else return NULL; //NO line was found for this user, return NULL + +} + +function deleteMailAccount(){ + // function to : + // 1 : connect to postfixadmin container to delete user account, using postfixadmin-cli + // 2 : delete account's maildir as mail persistent volume is now bind mounted to PFA container too + + $PF_HOSTNAME = "postfixadmin"; + $PF_USER = "pfexec"; + $PF_PWD = getenv("PFA_SSH_PASSWORD");; + + // Dir where /mnt/repo-base/volumes/mail/ is bind mounted on postfixadmin container + $baseDir = "/var/mail/"; + + global $user2delete, $domain; + $mailboxDir = getStrippedUserAccount(); + + if(($domain!="") || ($mailboxDir!="")) { + // confirm vars to build path to delete are not empty + + // ssh connect to postfixadmin container + $ssh = new SSH2($PF_HOSTNAME); + if (!$ssh->login($PF_USER, $PF_PWD)) { + exit('Login Failed'); + } + + + // 1 - account deletion in database + // for sthis step we need $user2delete + $ssh->exec('/postfixadmin/scripts/postfixadmin-cli mailbox delete "'.$user2delete.'"'); + + // 2 - user's mailbox dir deletion + // for sthis step we need $mailboxDir + // build path to delete + $fullPath = $baseDir.$domain."/".$mailboxDir; + $ssh->exec('rm -rf '.$fullPath); + + // verify it's done + + $delDbConfirm = $ssh->exec('/postfixadmin/scripts/postfixadmin-cli mailbox view "'.$user2delete.'" 2>&1 |grep 'not valid''); + + + $delDirConfirm = $ssh->exec('[ ! -d "'.$fullPath.'" ] && echo "DELETED"'); + if (($delDbConfirm == "Error: The EMAIL is not valid!")&&($delDbConfirm == "DELETED")) { + + return TRUE; + } else return FALSE; // one of the deletion did not go well! + } else return NULL; // $domain OR $mailborDir empty, do nothing!! + + +} + +function purgeWebsiteFiles($externalMailAddress) { + //!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + //!!! specific to ecloud production config !!! + //!!! not to be implemented in self_hosting !!! + //!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + + // function to purge remaining files on e.foundation website + // preventing users to re register on /e/ website registration form + // find&delete lines with email used for registration, I.E. external email + // grab external mail from $AUTH_FILE + + $E_WEBSITE = "https://e.foundation"; + $E_DELETE_SCRIPT = "/delete_email_invite.php"; + $E_SECRET = "not_stored_here"; + + + $E_url = $E_WEBSITE.$E_DELETE_SCRIPT; + $curl = new Curl\Curl(); + $curl->post($E_url, array( + 'mail' => $externalMailAddress, + 'auth' => $E_SECRET, + )); + if ($curl->error) { + return $curl->error_code; + } + else { + return $curl->response; + } +} + + + + +if (sha1($_POST['sec']) !== '958a89fc0da6d1f7fa12ca93a07ab57b84e0e72d') { + http_response_code(403); + exit(); +} else { + $user2delete = $_POST['uid']; + $domain = $_POST['domain']; + + $actualdomain = $domain=getenv("DOMAIN"); + + + + // STEP 1 : remove $user2delete from postfix database AND remove it's mail folder + $mailDeletionReturn = deleteMailAccount(); + if ($mailDeletionReturn == TRUE){ + // mail DB account AND mailbox dir successfully deleted + // NO user data remaining on the server + // TODO : fire mail for user to confirm deletion of his account is complete + } + // STEP 2 : Purge system files AUTH_FILE & AUTH_FILE_DONE + $registrationMail = purgeAccountFiles(); + + + //!!! specific to ecloud production config !!! + if ($actualdomain == "ecloud.global") { + // STEP 3 : Purge files on /e/ website + if ($registrationMail !== NULL){ + //only if we have a mail to delete + + purgeWebsiteFiles($registrationMail); + return TRUE; + } else return FALSE; // STEP 2 not done, not doing STEP 3 either + } + + + +} + + + +?> \ No newline at end of file -- GitLab From 8cdbdf9a09ca04017b609beb1503187d54c77990 Mon Sep 17 00:00:00 2001 From: diroots Date: Mon, 16 Mar 2020 18:09:12 +0100 Subject: [PATCH 02/18] dynamic welcome secret SHA from env --- htdocs/postDelete.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/postDelete.php b/htdocs/postDelete.php index a13a20b..97afc72 100644 --- a/htdocs/postDelete.php +++ b/htdocs/postDelete.php @@ -87,7 +87,7 @@ function deleteMailAccount(){ $PF_HOSTNAME = "postfixadmin"; $PF_USER = "pfexec"; - $PF_PWD = getenv("PFA_SSH_PASSWORD");; + $PF_PWD = getenv("PFA_SSH_PASSWORD"); // Dir where /mnt/repo-base/volumes/mail/ is bind mounted on postfixadmin container $baseDir = "/var/mail/"; @@ -163,7 +163,7 @@ function purgeWebsiteFiles($externalMailAddress) { -if (sha1($_POST['sec']) !== '958a89fc0da6d1f7fa12ca93a07ab57b84e0e72d') { +if (sha1($_POST['sec']) !== getenv("WELCOME_SECRET_SHA")) { http_response_code(403); exit(); } else { -- GitLab From 45b74d2fe2be09878a17c3fd008423e41e8c28b6 Mon Sep 17 00:00:00 2001 From: diroots Date: Tue, 17 Mar 2020 16:41:20 +0100 Subject: [PATCH 03/18] purgeAccountFiles() : add exclusive lock during whole search & replace process. --- htdocs/postDelete.php | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/htdocs/postDelete.php b/htdocs/postDelete.php index 97afc72..db7629f 100644 --- a/htdocs/postDelete.php +++ b/htdocs/postDelete.php @@ -35,6 +35,9 @@ function purgeAccountFiles() { // we don't want to find lines with johnmike, mikejunior, mikey,... $regex = "/:".getStrippedUserAccount()."$/"; + $lockedFileDone = fopen($AUTH_FILE_DONE, "c", LOCK_EX); + // c mode to open the file in write mode WITH EXCLUSIVE LOCK, but DO NOT truncate it + // find and delete the line $lines = file($AUTH_FILE_DONE, FILE_IGNORE_NEW_LINES); foreach($lines as $key => $line) { @@ -48,7 +51,9 @@ function purgeAccountFiles() { if ($tmpLine) { //Unique line was found, save $AUTH_FILE_DONE with exclusive lock on the file $data = implode(PHP_EOL, $lines); - file_put_contents($AUTH_FILE_DONE, $data, LOCK_EX); + ftruncate($lockedFileDone,0); + fwrite($lockedFileDone,$data); + fclose($lockedFileDone); @@ -65,6 +70,9 @@ function purgeAccountFiles() { // lines STARTING with $mail $regex = "/^".$mail.":/"; + $lockedFile = fopen($AUTH_FILE, "c", LOCK_EX); + // c mode to open the file in write mode WITH EXCLUSIVE LOCK, but DO NOT truncate it + // find and delete all the line containing this MAIL_USED_FOR_REGISTRATION $lines = file($AUTH_FILE, FILE_IGNORE_NEW_LINES); foreach($lines as $key => $line) { @@ -72,7 +80,9 @@ function purgeAccountFiles() { } $data = implode(PHP_EOL, $lines); //save $AUTH_FILE with exclusive lock on the file - file_put_contents($AUTH_FILE, $data, LOCK_EX); + ftruncate($lockedFile,0); + fwrite($lockedFile,$data); + fclose($lockedFile); // return MAIL_USED_FOR_REGISTRATION, 2BE used by purgeWebsiteFiles function return $mail; -- GitLab From 208a1a0a3f982a17c406573309118553ec923b25 Mon Sep 17 00:00:00 2001 From: diroots Date: Wed, 18 Mar 2020 13:33:31 +0100 Subject: [PATCH 04/18] use WEBSITE_SECRET env var for purgeWebsiteFiles() function --- htdocs/postDelete.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/htdocs/postDelete.php b/htdocs/postDelete.php index db7629f..bced80d 100644 --- a/htdocs/postDelete.php +++ b/htdocs/postDelete.php @@ -153,7 +153,7 @@ function purgeWebsiteFiles($externalMailAddress) { $E_WEBSITE = "https://e.foundation"; $E_DELETE_SCRIPT = "/delete_email_invite.php"; - $E_SECRET = "not_stored_here"; + $E_SECRET = getenv("WEBSITE_SECRET"); $E_url = $E_WEBSITE.$E_DELETE_SCRIPT; @@ -195,9 +195,9 @@ if (sha1($_POST['sec']) !== getenv("WELCOME_SECRET_SHA")) { $registrationMail = purgeAccountFiles(); - //!!! specific to ecloud production config !!! - if ($actualdomain == "ecloud.global") { - // STEP 3 : Purge files on /e/ website + //!!! /e/ specific !!! + if (getenv("WEBSITE_SECRET") != "") { + // STEP 3 : Purge files on website's form if ($registrationMail !== NULL){ //only if we have a mail to delete -- GitLab From 27d3261db9bf16434b701a4e48c2347211c903e1 Mon Sep 17 00:00:00 2001 From: diroots Date: Fri, 20 Mar 2020 10:37:06 +0100 Subject: [PATCH 05/18] replace rm with call to dedicated script in PFA container --- htdocs/postDelete.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/postDelete.php b/htdocs/postDelete.php index bced80d..39820c2 100644 --- a/htdocs/postDelete.php +++ b/htdocs/postDelete.php @@ -123,7 +123,7 @@ function deleteMailAccount(){ // for sthis step we need $mailboxDir // build path to delete $fullPath = $baseDir.$domain."/".$mailboxDir; - $ssh->exec('rm -rf '.$fullPath); + $ssh->exec('sh /usr/local/bin/postfixadmin-mailbox-postdeletion.sh '.$mailboxDir." ".$domain); // verify it's done @@ -196,7 +196,7 @@ if (sha1($_POST['sec']) !== getenv("WELCOME_SECRET_SHA")) { //!!! /e/ specific !!! - if (getenv("WEBSITE_SECRET") != "") { + if (getenv("WEBSITE_SECRET") != "not_defined") { // STEP 3 : Purge files on website's form if ($registrationMail !== NULL){ //only if we have a mail to delete -- GitLab From 14a7db2c72979d2ac4c8015c2f374558bd7432fc Mon Sep 17 00:00:00 2001 From: diroots Date: Fri, 20 Mar 2020 10:44:59 +0100 Subject: [PATCH 06/18] really use sudo! --- htdocs/postDelete.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/postDelete.php b/htdocs/postDelete.php index 39820c2..0882c07 100644 --- a/htdocs/postDelete.php +++ b/htdocs/postDelete.php @@ -123,7 +123,7 @@ function deleteMailAccount(){ // for sthis step we need $mailboxDir // build path to delete $fullPath = $baseDir.$domain."/".$mailboxDir; - $ssh->exec('sh /usr/local/bin/postfixadmin-mailbox-postdeletion.sh '.$mailboxDir." ".$domain); + $ssh->exec('sudo sh /usr/local/bin/postfixadmin-mailbox-postdeletion.sh '.$mailboxDir." ".$domain); // verify it's done -- GitLab From 16cf1db945f472e7d15c6ed815200d458cbc5290 Mon Sep 17 00:00:00 2001 From: diroots Date: Fri, 20 Mar 2020 12:57:57 +0100 Subject: [PATCH 07/18] PFA postdeletion script is now executable, don't need to "sh.." it --- htdocs/postDelete.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/postDelete.php b/htdocs/postDelete.php index 0882c07..dc30b0e 100644 --- a/htdocs/postDelete.php +++ b/htdocs/postDelete.php @@ -123,7 +123,7 @@ function deleteMailAccount(){ // for sthis step we need $mailboxDir // build path to delete $fullPath = $baseDir.$domain."/".$mailboxDir; - $ssh->exec('sudo sh /usr/local/bin/postfixadmin-mailbox-postdeletion.sh '.$mailboxDir." ".$domain); + $ssh->exec('sudo /usr/local/bin/postfixadmin-mailbox-postdeletion.sh '.$mailboxDir." ".$domain); // verify it's done -- GitLab From eea6b66bd2b7016e44667a0d9cc3cfa6806e5d15 Mon Sep 17 00:00:00 2001 From: diroots Date: Mon, 23 Mar 2020 17:02:11 +0100 Subject: [PATCH 08/18] fixing some wrong var names,... --- htdocs/postDelete.php | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/htdocs/postDelete.php b/htdocs/postDelete.php index dc30b0e..aafbd4c 100644 --- a/htdocs/postDelete.php +++ b/htdocs/postDelete.php @@ -16,8 +16,8 @@ function purgeAccountFiles() { // with same origin email // system files maintaining registration informations. - $AUTH_FILE_DONE = "/var/accounts//auth.file.done"; - $AUTH_FILE = "/var/www/accounts/auth.file"; + $AUTH_FILE_DONE = "/var/accounts/auth.file.done"; + $AUTH_FILE = "/var/accounts/auth.file"; // for $AUTH_FILE_DONE, line pattern is : @@ -97,10 +97,10 @@ function deleteMailAccount(){ $PF_HOSTNAME = "postfixadmin"; $PF_USER = "pfexec"; - $PF_PWD = getenv("PFA_SSH_PASSWORD"); + $PF_PWD = getenv("POSTFIXADMIN_SSH_PASSWORD"); // Dir where /mnt/repo-base/volumes/mail/ is bind mounted on postfixadmin container - $baseDir = "/var/mail/"; + $baseDir = "/var/mail/vhosts/"; global $user2delete, $domain; $mailboxDir = getStrippedUserAccount(); @@ -127,7 +127,7 @@ function deleteMailAccount(){ // verify it's done - $delDbConfirm = $ssh->exec('/postfixadmin/scripts/postfixadmin-cli mailbox view "'.$user2delete.'" 2>&1 |grep 'not valid''); + $delDbConfirm = $ssh->exec('/postfixadmin/scripts/postfixadmin-cli mailbox view "'.$user2delete.'" 2>&1 |grep "not valid"'); $delDirConfirm = $ssh->exec('[ ! -d "'.$fullPath.'" ] && echo "DELETED"'); @@ -182,6 +182,12 @@ if (sha1($_POST['sec']) !== getenv("WELCOME_SECRET_SHA")) { $actualdomain = $domain=getenv("DOMAIN"); +$fp = fopen('/var/www/html/info.txt', 'a'); +fwrite($fp, "after delete "); +fwrite($fp, " user ".$user2delete); +fwrite($fp, " domain ".$actualdomain); +fclose($fp); + // STEP 1 : remove $user2delete from postfix database AND remove it's mail folder -- GitLab From 3fc38526a3e31edd6f63de064a15c0371357d1bc Mon Sep 17 00:00:00 2001 From: diroots Date: Mon, 23 Mar 2020 17:04:46 +0100 Subject: [PATCH 09/18] fixing incorrect var names --- htdocs/postDelete.php | 7 ------- 1 file changed, 7 deletions(-) diff --git a/htdocs/postDelete.php b/htdocs/postDelete.php index aafbd4c..bc4457a 100644 --- a/htdocs/postDelete.php +++ b/htdocs/postDelete.php @@ -182,13 +182,6 @@ if (sha1($_POST['sec']) !== getenv("WELCOME_SECRET_SHA")) { $actualdomain = $domain=getenv("DOMAIN"); -$fp = fopen('/var/www/html/info.txt', 'a'); -fwrite($fp, "after delete "); -fwrite($fp, " user ".$user2delete); -fwrite($fp, " domain ".$actualdomain); -fclose($fp); - - // STEP 1 : remove $user2delete from postfix database AND remove it's mail folder $mailDeletionReturn = deleteMailAccount(); -- GitLab From 6c553c56f599cc05e3b824461d21452ae6b0d6e1 Mon Sep 17 00:00:00 2001 From: diroots Date: Tue, 24 Mar 2020 12:21:26 +0100 Subject: [PATCH 10/18] cleaning comments --- htdocs/postDelete.php | 124 +++++++++++++++++++++--------------------- 1 file changed, 62 insertions(+), 62 deletions(-) diff --git a/htdocs/postDelete.php b/htdocs/postDelete.php index bc4457a..ea770ce 100644 --- a/htdocs/postDelete.php +++ b/htdocs/postDelete.php @@ -4,35 +4,40 @@ require '/var/www/html/vendor/autoload.php'; use phpseclib\Net\SSH2; +/** + * Helper function + */ function getStrippedUserAccount() { global $user2delete, $domain; return str_replace("@".$domain,"",$user2delete); } +/** + * function to purge system files on NC account deletion + * for users to be able to re-register after account deletion + * with same origin email + * + */ function purgeAccountFiles() { - // function to purge system files on NC account deletion - // for users to be able to re-register after account deletion - // with same origin email - + // system files maintaining registration informations. $AUTH_FILE_DONE = "/var/accounts/auth.file.done"; $AUTH_FILE = "/var/accounts/auth.file"; - - // for $AUTH_FILE_DONE, line pattern is : - // - // MAIL_USED_FOR_REGISTRATION:SECRET:ECLOUD_LOGIN_WITHOUT_@DOMAIN - // - // remove UNIQUE line on this file based on ECLOUD_LOGIN_WITHOUT_@DOMAIN - - - - // get ECLOUD_LOGIN_WITHOUT_@DOMAIN from $user2delete - // create regex pattern to prevent false positives : - // $user2delete is mike@$domain - // ECLOUD_LOGIN_WITHOUT_@DOMAIN is 'mike' - // we don't want to find lines with johnmike, mikejunior, mikey,... + /** + * for $AUTH_FILE_DONE, line pattern is : + * MAIL_USED_FOR_REGISTRATION:SECRET:ECLOUD_LOGIN_WITHOUT_@DOMAIN + * + * remove UNIQUE line on this file based on ECLOUD_LOGIN_WITHOUT_@DOMAIN + * + * get ECLOUD_LOGIN_WITHOUT_@DOMAIN from $user2delete + * create regex pattern to prevent false positives : + * $user2delete is mike@$domain + * ECLOUD_LOGIN_WITHOUT_@DOMAIN is 'mike' + * we don't want to find lines with johnmike, mikejunior, mikey,... + * + */ $regex = "/:".getStrippedUserAccount()."$/"; $lockedFileDone = fopen($AUTH_FILE_DONE, "c", LOCK_EX); @@ -55,19 +60,16 @@ function purgeAccountFiles() { fwrite($lockedFileDone,$data); fclose($lockedFileDone); - - - // for $AUTH_FILE, line pattern is : - // - // MAIL_USED_FOR_REGISTRATION:SECRET - // - // remove ALL lines on this file based on MAIL_USED_FOR_REGISTRATION - - - // get MAIL_USED_FOR_REGISTRATION from line - $mail = strtok($tmpLine,":"); - // create regex pattern to prevent false positives : - // lines STARTING with $mail + /** + * for $AUTH_FILE, line pattern is : + * MAIL_USED_FOR_REGISTRATION:SECRET + * + * remove ALL lines on this file based on MAIL_USED_FOR_REGISTRATION + * + * get MAIL_USED_FOR_REGISTRATION from $tmpLine stored earlier + * create regex pattern to prevent false positives :only lines STARTING with $mail + */ + $mail = strtok($tmpLine,":"); $regex = "/^".$mail.":/"; $lockedFile = fopen($AUTH_FILE, "c", LOCK_EX); @@ -90,11 +92,14 @@ function purgeAccountFiles() { } +/** + * function to : + * - connect to postfixadmin container to delete user account, using postfixadmin-cli + * - delete account's maildir as mail volume is now bind mounted to PFA container too + * + */ function deleteMailAccount(){ - // function to : - // 1 : connect to postfixadmin container to delete user account, using postfixadmin-cli - // 2 : delete account's maildir as mail persistent volume is now bind mounted to PFA container too - + $PF_HOSTNAME = "postfixadmin"; $PF_USER = "pfexec"; $PF_PWD = getenv("POSTFIXADMIN_SSH_PASSWORD"); @@ -106,31 +111,22 @@ function deleteMailAccount(){ $mailboxDir = getStrippedUserAccount(); if(($domain!="") || ($mailboxDir!="")) { - // confirm vars to build path to delete are not empty - - // ssh connect to postfixadmin container $ssh = new SSH2($PF_HOSTNAME); if (!$ssh->login($PF_USER, $PF_PWD)) { exit('Login Failed'); } - - // 1 - account deletion in database - // for sthis step we need $user2delete $ssh->exec('/postfixadmin/scripts/postfixadmin-cli mailbox delete "'.$user2delete.'"'); - // 2 - user's mailbox dir deletion - // for sthis step we need $mailboxDir - // build path to delete - $fullPath = $baseDir.$domain."/".$mailboxDir; $ssh->exec('sudo /usr/local/bin/postfixadmin-mailbox-postdeletion.sh '.$mailboxDir." ".$domain); // verify it's done - $delDbConfirm = $ssh->exec('/postfixadmin/scripts/postfixadmin-cli mailbox view "'.$user2delete.'" 2>&1 |grep "not valid"'); - + // build path to check deletion + $fullPath = $baseDir.$domain."/".$mailboxDir; $delDirConfirm = $ssh->exec('[ ! -d "'.$fullPath.'" ] && echo "DELETED"'); + if (($delDbConfirm == "Error: The EMAIL is not valid!")&&($delDbConfirm == "DELETED")) { return TRUE; @@ -140,17 +136,18 @@ function deleteMailAccount(){ } +/** + * !!! specific to ecloud production config !!! + * !!! not to be implemented in self_hosting !!! + * + * function to purge remaining files on e.foundation website + * preventing users to re register on /e/ website registration form + * find&delete lines with email used for registration, I.E. external email + * grab external mail from $AUTH_FILE + * + */ function purgeWebsiteFiles($externalMailAddress) { - //!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - //!!! specific to ecloud production config !!! - //!!! not to be implemented in self_hosting !!! - //!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - - // function to purge remaining files on e.foundation website - // preventing users to re register on /e/ website registration form - // find&delete lines with email used for registration, I.E. external email - // grab external mail from $AUTH_FILE - + $E_WEBSITE = "https://e.foundation"; $E_DELETE_SCRIPT = "/delete_email_invite.php"; $E_SECRET = getenv("WEBSITE_SECRET"); @@ -179,22 +176,25 @@ if (sha1($_POST['sec']) !== getenv("WELCOME_SECRET_SHA")) { } else { $user2delete = $_POST['uid']; $domain = $_POST['domain']; - $actualdomain = $domain=getenv("DOMAIN"); // STEP 1 : remove $user2delete from postfix database AND remove it's mail folder $mailDeletionReturn = deleteMailAccount(); if ($mailDeletionReturn == TRUE){ - // mail DB account AND mailbox dir successfully deleted - // NO user data remaining on the server - // TODO : fire mail for user to confirm deletion of his account is complete + /** + * mail DB account AND mailbox dir successfully deleted + * NO user data remaining on the server + * TODO : fire mail for user to confirm deletion of his account is complete + * + */ + } // STEP 2 : Purge system files AUTH_FILE & AUTH_FILE_DONE $registrationMail = purgeAccountFiles(); - //!!! /e/ specific !!! + // !!! /e/ specific !!! if (getenv("WEBSITE_SECRET") != "not_defined") { // STEP 3 : Purge files on website's form if ($registrationMail !== NULL){ -- GitLab From 666a4f0516d12d7fe0e616548b3390bfaa886753 Mon Sep 17 00:00:00 2001 From: diroots Date: Wed, 25 Mar 2020 00:03:54 +0100 Subject: [PATCH 11/18] remove old useless var --- htdocs/postDelete.php | 6 ------ 1 file changed, 6 deletions(-) diff --git a/htdocs/postDelete.php b/htdocs/postDelete.php index ea770ce..9ce4bac 100644 --- a/htdocs/postDelete.php +++ b/htdocs/postDelete.php @@ -176,9 +176,7 @@ if (sha1($_POST['sec']) !== getenv("WELCOME_SECRET_SHA")) { } else { $user2delete = $_POST['uid']; $domain = $_POST['domain']; - $actualdomain = $domain=getenv("DOMAIN"); - // STEP 1 : remove $user2delete from postfix database AND remove it's mail folder $mailDeletionReturn = deleteMailAccount(); if ($mailDeletionReturn == TRUE){ @@ -208,7 +206,3 @@ if (sha1($_POST['sec']) !== getenv("WELCOME_SECRET_SHA")) { } - - - -?> \ No newline at end of file -- GitLab From fb50296940af5baf12e49c81963c8eac03d43dc7 Mon Sep 17 00:00:00 2001 From: diroots Date: Wed, 25 Mar 2020 09:56:57 +0100 Subject: [PATCH 12/18] add empty line at the end of auth files for other script to really append data to new line, and not at the end of last line --- htdocs/postDelete.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/htdocs/postDelete.php b/htdocs/postDelete.php index 9ce4bac..26ed855 100644 --- a/htdocs/postDelete.php +++ b/htdocs/postDelete.php @@ -55,6 +55,7 @@ function purgeAccountFiles() { } if ($tmpLine) { //Unique line was found, save $AUTH_FILE_DONE with exclusive lock on the file + $lines[]=""; $data = implode(PHP_EOL, $lines); ftruncate($lockedFileDone,0); fwrite($lockedFileDone,$data); @@ -80,6 +81,7 @@ function purgeAccountFiles() { foreach($lines as $key => $line) { if (preg_match($regex, $line) == 1) unset($lines[$key]); } + $lines[]=""; $data = implode(PHP_EOL, $lines); //save $AUTH_FILE with exclusive lock on the file ftruncate($lockedFile,0); -- GitLab From b814ca6f26a75d0af90bf9ffb1c1b6f5db2b7124 Mon Sep 17 00:00:00 2001 From: diroots Date: Wed, 25 Mar 2020 10:15:30 +0100 Subject: [PATCH 13/18] use of preg_quote to escape special characters in regexp vars --- htdocs/postDelete.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/postDelete.php b/htdocs/postDelete.php index 26ed855..8a1e4d8 100644 --- a/htdocs/postDelete.php +++ b/htdocs/postDelete.php @@ -38,7 +38,7 @@ function purgeAccountFiles() { * we don't want to find lines with johnmike, mikejunior, mikey,... * */ - $regex = "/:".getStrippedUserAccount()."$/"; + $regex = "/:".preg_quote(getStrippedUserAccount())."$/"; $lockedFileDone = fopen($AUTH_FILE_DONE, "c", LOCK_EX); // c mode to open the file in write mode WITH EXCLUSIVE LOCK, but DO NOT truncate it @@ -71,7 +71,7 @@ function purgeAccountFiles() { * create regex pattern to prevent false positives :only lines STARTING with $mail */ $mail = strtok($tmpLine,":"); - $regex = "/^".$mail.":/"; + $regex = "/^".preg_quote($mail).":/"; $lockedFile = fopen($AUTH_FILE, "c", LOCK_EX); // c mode to open the file in write mode WITH EXCLUSIVE LOCK, but DO NOT truncate it -- GitLab From b8ade254f76725bd431e7eb04060b5959772524e Mon Sep 17 00:00:00 2001 From: diroots Date: Wed, 25 Mar 2020 15:09:56 +0100 Subject: [PATCH 14/18] update to handle account deletion not depending on NC's main domain --- htdocs/postDelete.php | 42 +++++++++++++++++------------------------- 1 file changed, 17 insertions(+), 25 deletions(-) diff --git a/htdocs/postDelete.php b/htdocs/postDelete.php index 8a1e4d8..027353e 100644 --- a/htdocs/postDelete.php +++ b/htdocs/postDelete.php @@ -4,15 +4,6 @@ require '/var/www/html/vendor/autoload.php'; use phpseclib\Net\SSH2; -/** - * Helper function - */ -function getStrippedUserAccount() { - global $user2delete, $domain; - return str_replace("@".$domain,"",$user2delete); - -} - /** * function to purge system files on NC account deletion * for users to be able to re-register after account deletion @@ -27,18 +18,16 @@ function purgeAccountFiles() { /** * for $AUTH_FILE_DONE, line pattern is : - * MAIL_USED_FOR_REGISTRATION:SECRET:ECLOUD_LOGIN_WITHOUT_@DOMAIN + * MAIL_USED_FOR_REGISTRATION:SECRET:$userOnly * - * remove UNIQUE line on this file based on ECLOUD_LOGIN_WITHOUT_@DOMAIN + * remove UNIQUE line on this file based on $userOnly * - * get ECLOUD_LOGIN_WITHOUT_@DOMAIN from $user2delete * create regex pattern to prevent false positives : - * $user2delete is mike@$domain - * ECLOUD_LOGIN_WITHOUT_@DOMAIN is 'mike' - * we don't want to find lines with johnmike, mikejunior, mikey,... + * $userOnly is 'john' + * we don't want to find lines with john_doe, bigjohn, johnny,... * */ - $regex = "/:".preg_quote(getStrippedUserAccount())."$/"; + $regex = "/:".preg_quote($userOnly)."$/"; $lockedFileDone = fopen($AUTH_FILE_DONE, "c", LOCK_EX); // c mode to open the file in write mode WITH EXCLUSIVE LOCK, but DO NOT truncate it @@ -109,10 +98,9 @@ function deleteMailAccount(){ // Dir where /mnt/repo-base/volumes/mail/ is bind mounted on postfixadmin container $baseDir = "/var/mail/vhosts/"; - global $user2delete, $domain; - $mailboxDir = getStrippedUserAccount(); - - if(($domain!="") || ($mailboxDir!="")) { + global $user2delete, $userOnly, $domain; + + if(($domain!="") || ($userOnly!="")) { $ssh = new SSH2($PF_HOSTNAME); if (!$ssh->login($PF_USER, $PF_PWD)) { exit('Login Failed'); @@ -120,20 +108,20 @@ function deleteMailAccount(){ $ssh->exec('/postfixadmin/scripts/postfixadmin-cli mailbox delete "'.$user2delete.'"'); - $ssh->exec('sudo /usr/local/bin/postfixadmin-mailbox-postdeletion.sh '.$mailboxDir." ".$domain); + $ssh->exec('sudo /usr/local/bin/postfixadmin-mailbox-postdeletion.sh '.$userOnly." ".$domain); // verify it's done $delDbConfirm = $ssh->exec('/postfixadmin/scripts/postfixadmin-cli mailbox view "'.$user2delete.'" 2>&1 |grep "not valid"'); // build path to check deletion - $fullPath = $baseDir.$domain."/".$mailboxDir; + $fullPath = $baseDir.$domain."/".$userOnly; $delDirConfirm = $ssh->exec('[ ! -d "'.$fullPath.'" ] && echo "DELETED"'); if (($delDbConfirm == "Error: The EMAIL is not valid!")&&($delDbConfirm == "DELETED")) { return TRUE; } else return FALSE; // one of the deletion did not go well! - } else return NULL; // $domain OR $mailborDir empty, do nothing!! + } else return NULL; // $domain OR $userOnly empty, do nothing!! } @@ -177,7 +165,9 @@ if (sha1($_POST['sec']) !== getenv("WELCOME_SECRET_SHA")) { exit(); } else { $user2delete = $_POST['uid']; - $domain = $_POST['domain']; + $exploded = explode("@",$user2delete); + $userOnly = $exploded[0]; + $domain = $exploded[1]; // STEP 1 : remove $user2delete from postfix database AND remove it's mail folder $mailDeletionReturn = deleteMailAccount(); @@ -185,7 +175,9 @@ if (sha1($_POST['sec']) !== getenv("WELCOME_SECRET_SHA")) { /** * mail DB account AND mailbox dir successfully deleted * NO user data remaining on the server - * TODO : fire mail for user to confirm deletion of his account is complete + * TODO : + * - fire mail for user to confirm deletion of his account is complete + * - handle onlyoffice part * */ -- GitLab From 0e664a2f3e0a5453ea7f7cf8af860a405fbe49af Mon Sep 17 00:00:00 2001 From: diroots Date: Wed, 25 Mar 2020 16:34:40 +0100 Subject: [PATCH 15/18] userOnly not instanciated in purgeAccountFiles function --- htdocs/postDelete.php | 1 + 1 file changed, 1 insertion(+) diff --git a/htdocs/postDelete.php b/htdocs/postDelete.php index 027353e..48dcb4b 100644 --- a/htdocs/postDelete.php +++ b/htdocs/postDelete.php @@ -27,6 +27,7 @@ function purgeAccountFiles() { * we don't want to find lines with john_doe, bigjohn, johnny,... * */ + global $userOnly; $regex = "/:".preg_quote($userOnly)."$/"; $lockedFileDone = fopen($AUTH_FILE_DONE, "c", LOCK_EX); -- GitLab From 974bf5e270b56b284728d9a86b284ae09cf49d9d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Arnau=20V=C3=A0zquez?= Date: Wed, 25 Mar 2020 21:15:55 +0000 Subject: [PATCH 16/18] Apply suggestion to htdocs/postDelete.php --- htdocs/postDelete.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/postDelete.php b/htdocs/postDelete.php index 48dcb4b..92abf86 100644 --- a/htdocs/postDelete.php +++ b/htdocs/postDelete.php @@ -170,7 +170,7 @@ if (sha1($_POST['sec']) !== getenv("WELCOME_SECRET_SHA")) { $userOnly = $exploded[0]; $domain = $exploded[1]; - // STEP 1 : remove $user2delete from postfix database AND remove it's mail folder + // STEP 1 : remove $user2delete from postfix database AND remove its mail folder $mailDeletionReturn = deleteMailAccount(); if ($mailDeletionReturn == TRUE){ /** -- GitLab From fed6b7267be11867e4afe66076d5deedba6aab1d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Arnau=20V=C3=A0zquez?= Date: Wed, 25 Mar 2020 21:16:20 +0000 Subject: [PATCH 17/18] Apply suggestion to htdocs/postDelete.php --- htdocs/postDelete.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/postDelete.php b/htdocs/postDelete.php index 92abf86..e83aa55 100644 --- a/htdocs/postDelete.php +++ b/htdocs/postDelete.php @@ -118,7 +118,7 @@ function deleteMailAccount(){ $fullPath = $baseDir.$domain."/".$userOnly; $delDirConfirm = $ssh->exec('[ ! -d "'.$fullPath.'" ] && echo "DELETED"'); - if (($delDbConfirm == "Error: The EMAIL is not valid!")&&($delDbConfirm == "DELETED")) { + if (($delDbConfirm == "Error: The EMAIL is not valid!") && ($delDirConfirm == "DELETED")) { return TRUE; } else return FALSE; // one of the deletion did not go well! -- GitLab From b561464a41e31403e94c21bab6ce0bff3e55f1b5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Arnau=20V=C3=A0zquez=20Palma?= Date: Wed, 25 Mar 2020 22:30:52 +0100 Subject: [PATCH 18/18] Idea autoformatting and lowercase constants as per PSR-2. --- htdocs/postDelete.php | 331 +++++++++++++++++++++--------------------- 1 file changed, 162 insertions(+), 169 deletions(-) diff --git a/htdocs/postDelete.php b/htdocs/postDelete.php index e83aa55..053489e 100644 --- a/htdocs/postDelete.php +++ b/htdocs/postDelete.php @@ -8,196 +8,189 @@ use phpseclib\Net\SSH2; * function to purge system files on NC account deletion * for users to be able to re-register after account deletion * with same origin email - * + * */ -function purgeAccountFiles() { - - // system files maintaining registration informations. - $AUTH_FILE_DONE = "/var/accounts/auth.file.done"; - $AUTH_FILE = "/var/accounts/auth.file"; - - /** - * for $AUTH_FILE_DONE, line pattern is : - * MAIL_USED_FOR_REGISTRATION:SECRET:$userOnly - * - * remove UNIQUE line on this file based on $userOnly - * - * create regex pattern to prevent false positives : - * $userOnly is 'john' - * we don't want to find lines with john_doe, bigjohn, johnny,... - * - */ - global $userOnly; - $regex = "/:".preg_quote($userOnly)."$/"; - - $lockedFileDone = fopen($AUTH_FILE_DONE, "c", LOCK_EX); - // c mode to open the file in write mode WITH EXCLUSIVE LOCK, but DO NOT truncate it - - // find and delete the line - $lines = file($AUTH_FILE_DONE, FILE_IGNORE_NEW_LINES); - foreach($lines as $key => $line) { - if (preg_match($regex, $line) == 1) { - // temporarely save the line for later use on the file below - $tmpLine = $line; - - unset($lines[$key]); - } +function purgeAccountFiles() +{ + + // system files maintaining registration informations. + $AUTH_FILE_DONE = "/var/accounts/auth.file.done"; + $AUTH_FILE = "/var/accounts/auth.file"; + + /** + * for $AUTH_FILE_DONE, line pattern is : + * MAIL_USED_FOR_REGISTRATION:SECRET:$userOnly + * + * remove UNIQUE line on this file based on $userOnly + * + * create regex pattern to prevent false positives : + * $userOnly is 'john' + * we don't want to find lines with john_doe, bigjohn, johnny,... + * + */ + global $userOnly; + $regex = "/:" . preg_quote($userOnly) . "$/"; + + $lockedFileDone = fopen($AUTH_FILE_DONE, "c", LOCK_EX); + // c mode to open the file in write mode WITH EXCLUSIVE LOCK, but DO NOT truncate it + + // find and delete the line + $lines = file($AUTH_FILE_DONE, FILE_IGNORE_NEW_LINES); + foreach ($lines as $key => $line) { + if (preg_match($regex, $line) == 1) { + // temporarely save the line for later use on the file below + $tmpLine = $line; + + unset($lines[$key]); + } } if ($tmpLine) { - //Unique line was found, save $AUTH_FILE_DONE with exclusive lock on the file - $lines[]=""; - $data = implode(PHP_EOL, $lines); - ftruncate($lockedFileDone,0); - fwrite($lockedFileDone,$data); - fclose($lockedFileDone); - - /** - * for $AUTH_FILE, line pattern is : - * MAIL_USED_FOR_REGISTRATION:SECRET - * - * remove ALL lines on this file based on MAIL_USED_FOR_REGISTRATION - * - * get MAIL_USED_FOR_REGISTRATION from $tmpLine stored earlier - * create regex pattern to prevent false positives :only lines STARTING with $mail - */ - $mail = strtok($tmpLine,":"); - $regex = "/^".preg_quote($mail).":/"; - - $lockedFile = fopen($AUTH_FILE, "c", LOCK_EX); - // c mode to open the file in write mode WITH EXCLUSIVE LOCK, but DO NOT truncate it - - // find and delete all the line containing this MAIL_USED_FOR_REGISTRATION - $lines = file($AUTH_FILE, FILE_IGNORE_NEW_LINES); - foreach($lines as $key => $line) { - if (preg_match($regex, $line) == 1) unset($lines[$key]); - } - $lines[]=""; - $data = implode(PHP_EOL, $lines); - //save $AUTH_FILE with exclusive lock on the file - ftruncate($lockedFile,0); - fwrite($lockedFile,$data); - fclose($lockedFile); - - // return MAIL_USED_FOR_REGISTRATION, 2BE used by purgeWebsiteFiles function - return $mail; - } else return NULL; //NO line was found for this user, return NULL - + //Unique line was found, save $AUTH_FILE_DONE with exclusive lock on the file + $lines[] = ""; + $data = implode(PHP_EOL, $lines); + ftruncate($lockedFileDone, 0); + fwrite($lockedFileDone, $data); + fclose($lockedFileDone); + + /** + * for $AUTH_FILE, line pattern is : + * MAIL_USED_FOR_REGISTRATION:SECRET + * + * remove ALL lines on this file based on MAIL_USED_FOR_REGISTRATION + * + * get MAIL_USED_FOR_REGISTRATION from $tmpLine stored earlier + * create regex pattern to prevent false positives :only lines STARTING with $mail + */ + $mail = strtok($tmpLine, ":"); + $regex = "/^" . preg_quote($mail) . ":/"; + + $lockedFile = fopen($AUTH_FILE, "c", LOCK_EX); + // c mode to open the file in write mode WITH EXCLUSIVE LOCK, but DO NOT truncate it + + // find and delete all the line containing this MAIL_USED_FOR_REGISTRATION + $lines = file($AUTH_FILE, FILE_IGNORE_NEW_LINES); + foreach ($lines as $key => $line) { + if (preg_match($regex, $line) == 1) unset($lines[$key]); + } + $lines[] = ""; + $data = implode(PHP_EOL, $lines); + //save $AUTH_FILE with exclusive lock on the file + ftruncate($lockedFile, 0); + fwrite($lockedFile, $data); + fclose($lockedFile); + + // return MAIL_USED_FOR_REGISTRATION, 2BE used by purgeWebsiteFiles function + return $mail; + } else return null; //NO line was found for this user + } /** * function to : - * - connect to postfixadmin container to delete user account, using postfixadmin-cli + * - connect to postfixadmin container to delete user account, using postfixadmin-cli * - delete account's maildir as mail volume is now bind mounted to PFA container too - * + * */ -function deleteMailAccount(){ - - $PF_HOSTNAME = "postfixadmin"; - $PF_USER = "pfexec"; - $PF_PWD = getenv("POSTFIXADMIN_SSH_PASSWORD"); - - // Dir where /mnt/repo-base/volumes/mail/ is bind mounted on postfixadmin container - $baseDir = "/var/mail/vhosts/"; - - global $user2delete, $userOnly, $domain; - - if(($domain!="") || ($userOnly!="")) { - $ssh = new SSH2($PF_HOSTNAME); - if (!$ssh->login($PF_USER, $PF_PWD)) { - exit('Login Failed'); - } - - $ssh->exec('/postfixadmin/scripts/postfixadmin-cli mailbox delete "'.$user2delete.'"'); - - $ssh->exec('sudo /usr/local/bin/postfixadmin-mailbox-postdeletion.sh '.$userOnly." ".$domain); - - // verify it's done - $delDbConfirm = $ssh->exec('/postfixadmin/scripts/postfixadmin-cli mailbox view "'.$user2delete.'" 2>&1 |grep "not valid"'); - - // build path to check deletion - $fullPath = $baseDir.$domain."/".$userOnly; - $delDirConfirm = $ssh->exec('[ ! -d "'.$fullPath.'" ] && echo "DELETED"'); - - if (($delDbConfirm == "Error: The EMAIL is not valid!") && ($delDirConfirm == "DELETED")) { - - return TRUE; - } else return FALSE; // one of the deletion did not go well! - } else return NULL; // $domain OR $userOnly empty, do nothing!! - - +function deleteMailAccount() +{ + + $PF_HOSTNAME = "postfixadmin"; + $PF_USER = "pfexec"; + $PF_PWD = getenv("POSTFIXADMIN_SSH_PASSWORD"); + + // Dir where /mnt/repo-base/volumes/mail/ is bind mounted on postfixadmin container + $baseDir = "/var/mail/vhosts/"; + + global $user2delete, $userOnly, $domain; + + if (($domain != "") || ($userOnly != "")) { + $ssh = new SSH2($PF_HOSTNAME); + if (!$ssh->login($PF_USER, $PF_PWD)) { + exit('Login Failed'); + } + + $ssh->exec('/postfixadmin/scripts/postfixadmin-cli mailbox delete "' . $user2delete . '"'); + + $ssh->exec('sudo /usr/local/bin/postfixadmin-mailbox-postdeletion.sh ' . $userOnly . " " . $domain); + + // verify it's done + $delDbConfirm = $ssh->exec('/postfixadmin/scripts/postfixadmin-cli mailbox view "' . $user2delete . '" 2>&1 |grep "not valid"'); + + // build path to check deletion + $fullPath = $baseDir . $domain . "/" . $userOnly; + $delDirConfirm = $ssh->exec('[ ! -d "' . $fullPath . '" ] && echo "DELETED"'); + + if (($delDbConfirm == "Error: The EMAIL is not valid!") && ($delDirConfirm == "DELETED")) { + return true; + } else return false; // one of the deletion did not go well! + } else return null; // $domain OR $userOnly empty, do nothing!! + } /** * !!! specific to ecloud production config !!! * !!! not to be implemented in self_hosting !!! - * - * function to purge remaining files on e.foundation website + * + * function to purge remaining files on e.foundation website * preventing users to re register on /e/ website registration form * find&delete lines with email used for registration, I.E. external email * grab external mail from $AUTH_FILE - * + * */ -function purgeWebsiteFiles($externalMailAddress) { - - $E_WEBSITE = "https://e.foundation"; - $E_DELETE_SCRIPT = "/delete_email_invite.php"; - $E_SECRET = getenv("WEBSITE_SECRET"); - - - $E_url = $E_WEBSITE.$E_DELETE_SCRIPT; - $curl = new Curl\Curl(); - $curl->post($E_url, array( - 'mail' => $externalMailAddress, - 'auth' => $E_SECRET, - )); - if ($curl->error) { - return $curl->error_code; - } - else { - return $curl->response; - } +function purgeWebsiteFiles($externalMailAddress) +{ + + $E_WEBSITE = "https://e.foundation"; + $E_DELETE_SCRIPT = "/delete_email_invite.php"; + $E_SECRET = getenv("WEBSITE_SECRET"); + + + $E_url = $E_WEBSITE . $E_DELETE_SCRIPT; + $curl = new Curl\Curl(); + $curl->post($E_url, array( + 'mail' => $externalMailAddress, + 'auth' => $E_SECRET, + )); + if ($curl->error) { + return $curl->error_code; + } else { + return $curl->response; + } } - - - if (sha1($_POST['sec']) !== getenv("WELCOME_SECRET_SHA")) { http_response_code(403); exit(); } else { - $user2delete = $_POST['uid']; - $exploded = explode("@",$user2delete); - $userOnly = $exploded[0]; - $domain = $exploded[1]; - - // STEP 1 : remove $user2delete from postfix database AND remove its mail folder - $mailDeletionReturn = deleteMailAccount(); - if ($mailDeletionReturn == TRUE){ - /** - * mail DB account AND mailbox dir successfully deleted - * NO user data remaining on the server - * TODO : - * - fire mail for user to confirm deletion of his account is complete - * - handle onlyoffice part - * - */ - - } - // STEP 2 : Purge system files AUTH_FILE & AUTH_FILE_DONE - $registrationMail = purgeAccountFiles(); - - - // !!! /e/ specific !!! - if (getenv("WEBSITE_SECRET") != "not_defined") { - // STEP 3 : Purge files on website's form - if ($registrationMail !== NULL){ - //only if we have a mail to delete - - purgeWebsiteFiles($registrationMail); - return TRUE; - } else return FALSE; // STEP 2 not done, not doing STEP 3 either - } - - - -} + $user2delete = $_POST['uid']; + $exploded = explode("@", $user2delete); + $userOnly = $exploded[0]; + $domain = $exploded[1]; + + // STEP 1 : remove $user2delete from postfix database AND remove its mail folder + $mailDeletionReturn = deleteMailAccount(); + if ($mailDeletionReturn == true) { + /** + * mail DB account AND mailbox dir successfully deleted + * NO user data remaining on the server + * TODO : + * - fire mail for user to confirm deletion of his account is complete + * - handle onlyoffice part + * + */ + + } + // STEP 2 : Purge system files AUTH_FILE & AUTH_FILE_DONE + $registrationMail = purgeAccountFiles(); + + // !!! /e/ specific !!! + if (getenv("WEBSITE_SECRET") != "not_defined") { + // STEP 3 : Purge files on website's form + if ($registrationMail !== null) { + //only if we have a mail to delete + + purgeWebsiteFiles($registrationMail); + return true; + } else return false; // STEP 2 not done, not doing STEP 3 either + } +} \ No newline at end of file -- GitLab