From c107b60d96df2513b3bbaa47be8bf229fcaa3f3a Mon Sep 17 00:00:00 2001
From: Akhil <akhil.potukuchi@gmail.com>
Date: Wed, 11 May 2022 20:16:56 +0530
Subject: [PATCH 01/26] LDAP account creator

---
 htdocs/create.php               |  3 +-
 htdocs/ldap_account_creator.php | 76 +++++++++++++++++++++++++++++++++
 2 files changed, 78 insertions(+), 1 deletion(-)
 create mode 100644 htdocs/ldap_account_creator.php

diff --git a/htdocs/create.php b/htdocs/create.php
index b791a15..9534f1d 100644
--- a/htdocs/create.php
+++ b/htdocs/create.php
@@ -8,6 +8,7 @@ require_once('helpers.php');
 require_once('account_creator.php');
 require_once('gitlab_account_creator.php');
 require_once('ecloud_account_creator.php');
+require_once('ldap_account_creator.php');
 require_once('wp_account_creator.php');
 
 $domain = getenv("DOMAIN");
@@ -119,7 +120,7 @@ function getAccountsCreators(string $domain): array
     $E_SHOP_APP_PASS = getenv("E_SHOP_APP_PASS");
 
     $accountsCreators = array(
-        'ecloud' => new \ECloudAccountCreator($NC_URL)
+        'ecloud' => new \LDAPAccountCreator()
     );
     if (shouldCreateGitlabAccount()) {
       $accountsCreators['gitlab'] = new \GitlabAccountCreator($GITLAB_URL, $GITLAB_TOKEN);
diff --git a/htdocs/ldap_account_creator.php b/htdocs/ldap_account_creator.php
new file mode 100644
index 0000000..2983404
--- /dev/null
+++ b/htdocs/ldap_account_creator.php
@@ -0,0 +1,76 @@
+<?php
+require 'vendor/autoload.php';
+require_once('language.php');
+require_once('account_creator.php');
+require_once('helpers.php');
+require_once('ecloud_account_creator');
+use LDAP\Connection;
+
+class LDAPAccountCreator extends EcloudAccountCreator implements AccountCreator
+{
+    private Connection $conn;
+
+    public function __construct()
+    {
+        $ldapUrl = getenv('LDAP_URL');
+        $adminDn = getenv('LDAP_ADMIN_DN');
+        $adminPassword = getenv('LDAP_ADMIN_PASSWORD');
+        ldap_set_option($conn, LDAP_OPT_PROTOCOL_VERSION, 3);
+        $this->conn = ldap_connect($ldapUrl);
+        try {
+            ldap_bind($this->conn, $adminDn, $adminPassword);
+        } catch (Exception $e) {
+        }
+    }
+
+    public function tryToCreate(object $userData)
+    {
+        global $strings;
+        $pw = $userData->password;
+        $answer = $this->createAccount($userData->email, $userData->username, $pw, $userData->name, $this->quotaInMB, $userData->authmail, $userData->referrerCode);
+        if ($answer->success === false) {
+            sendAPIResponse(400, createAPIResponse("general", $strings[$answer->type]));
+        }
+    }
+
+    private function createAccount(string $email, string $username, string $password, string $name, $quota, $authmail, ?string $referrerCode = null)
+    {
+        $user = [
+            'mailAddress' => $email,
+            'uid' => $username,
+            'userPassword' => $password,
+            'displayName' => $name,
+            'quota' => $quota,
+            'mailAlternate' => $authmail,
+            'recoveryMailAddress' => $authmail,
+            'active'=> true,
+            'mailActive' => true,
+            'objectClass' => ['murenaUser', 'simpleSecurityObject']
+        ];
+        $userDn = "uid=$username,ou=users,dc=murena";
+        $created = ldap_add($this->conn, $userDn, $user);
+        $answer = new \stdClass();
+        $answer->success = $created;
+        if (!$created) {
+            $answer->type = 'error_creating_account';
+        }
+        return $answer;
+    }
+
+
+    private function isUsernameTaken(string $uid) : bool
+    {
+        $filter = "(uid=$uid)";
+        $base = 'ou=users,dc=murena';
+        $attributes = ["uid"];
+        try {
+            $results = ldap_search($this->conn, $base, $filter, $attributes);
+            $results = ldap_get_entries($this->conn, $results);
+            if ($results['count'] === 0) {
+                return false;
+            }
+        } catch (Exception $e) {
+        }
+        return true;
+    }
+}
-- 
GitLab


From 48eb7a34d944b1e47f577392a77ea4fd11e2fbf5 Mon Sep 17 00:00:00 2001
From: Akhil <akhil.potukuchi@gmail.com>
Date: Wed, 11 May 2022 21:32:36 +0530
Subject: [PATCH 02/26] build image with LDAP support

---
 Dockerfile                      | 3 +++
 htdocs/ldap_account_creator.php | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index badba47..5266aab 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -35,6 +35,9 @@ RUN apt-get update && apt-get install -y libyaml-dev nano libpng-dev libfreetype
 RUN docker-php-ext-configure gd --with-freetype --with-jpeg 
 RUN docker-php-ext-install -j$(nproc) gd 
 RUN docker-php-ext-install mysqli
+RUN apt-get install libldap2-dev -y && \
+    docker-php-ext-configure ldap --with-libdir=lib/x86_64-linux-gnu/ && \
+    docker-php-ext-install ldap
 RUN COMPOSER_ALLOW_SUPERUSER=1 composer require --no-plugins --no-scripts pear/mail pear/net_smtp pear/auth_sasl pear/mail_mime phpseclib/phpseclib:~3.0 curl/curl sendgrid/sendgrid
 RUN apt-get remove -y git unzip 
 RUN rm -rf /var/lib/apt/lists/* && rm /usr/bin/composer
diff --git a/htdocs/ldap_account_creator.php b/htdocs/ldap_account_creator.php
index 2983404..fd8f034 100644
--- a/htdocs/ldap_account_creator.php
+++ b/htdocs/ldap_account_creator.php
@@ -3,7 +3,7 @@ require 'vendor/autoload.php';
 require_once('language.php');
 require_once('account_creator.php');
 require_once('helpers.php');
-require_once('ecloud_account_creator');
+require_once('ecloud_account_creator.php');
 use LDAP\Connection;
 
 class LDAPAccountCreator extends EcloudAccountCreator implements AccountCreator
-- 
GitLab


From 034713dac217c253b19d312ef918c9c81e2c9e58 Mon Sep 17 00:00:00 2001
From: Akhil <akhil.potukuchi@gmail.com>
Date: Wed, 11 May 2022 21:33:15 +0530
Subject: [PATCH 03/26] Remove recovery email address for now

---
 htdocs/ldap_account_creator.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/ldap_account_creator.php b/htdocs/ldap_account_creator.php
index fd8f034..ef50b69 100644
--- a/htdocs/ldap_account_creator.php
+++ b/htdocs/ldap_account_creator.php
@@ -42,7 +42,7 @@ class LDAPAccountCreator extends EcloudAccountCreator implements AccountCreator
             'displayName' => $name,
             'quota' => $quota,
             'mailAlternate' => $authmail,
-            'recoveryMailAddress' => $authmail,
+            //'recoveryMailAddress' => $authmail,
             'active'=> true,
             'mailActive' => true,
             'objectClass' => ['murenaUser', 'simpleSecurityObject']
-- 
GitLab


From cb23656b1f12f43c85d40d48e72816da1315967e Mon Sep 17 00:00:00 2001
From: Akhil <akhil.potukuchi@gmail.com>
Date: Wed, 11 May 2022 21:42:29 +0530
Subject: [PATCH 04/26] Remove typed

---
 htdocs/ldap_account_creator.php | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/htdocs/ldap_account_creator.php b/htdocs/ldap_account_creator.php
index ef50b69..c64740c 100644
--- a/htdocs/ldap_account_creator.php
+++ b/htdocs/ldap_account_creator.php
@@ -4,11 +4,10 @@ require_once('language.php');
 require_once('account_creator.php');
 require_once('helpers.php');
 require_once('ecloud_account_creator.php');
-use LDAP\Connection;
 
 class LDAPAccountCreator extends EcloudAccountCreator implements AccountCreator
 {
-    private Connection $conn;
+    private $conn;
 
     public function __construct()
     {
-- 
GitLab


From 450041eb851aa285049bf11238e6c4fb4a4a46ab Mon Sep 17 00:00:00 2001
From: Akhil <akhil.potukuchi@gmail.com>
Date: Wed, 11 May 2022 21:49:37 +0530
Subject: [PATCH 05/26] Add LDAP port

---
 htdocs/ldap_account_creator.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/htdocs/ldap_account_creator.php b/htdocs/ldap_account_creator.php
index c64740c..4523b39 100644
--- a/htdocs/ldap_account_creator.php
+++ b/htdocs/ldap_account_creator.php
@@ -12,10 +12,11 @@ class LDAPAccountCreator extends EcloudAccountCreator implements AccountCreator
     public function __construct()
     {
         $ldapUrl = getenv('LDAP_URL');
+        $ldapPort = getenv('LDAP_PORt');
         $adminDn = getenv('LDAP_ADMIN_DN');
         $adminPassword = getenv('LDAP_ADMIN_PASSWORD');
-        ldap_set_option($conn, LDAP_OPT_PROTOCOL_VERSION, 3);
         $this->conn = ldap_connect($ldapUrl);
+        ldap_set_option($this->conn, LDAP_OPT_PROTOCOL_VERSION, 3);
         try {
             ldap_bind($this->conn, $adminDn, $adminPassword);
         } catch (Exception $e) {
-- 
GitLab


From 221affd34d6ff44af948ee48d8e92ed2bd962d16 Mon Sep 17 00:00:00 2001
From: Akhil <akhil.potukuchi@gmail.com>
Date: Wed, 11 May 2022 21:50:16 +0530
Subject: [PATCH 06/26] Use LDAP port

---
 htdocs/ldap_account_creator.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/ldap_account_creator.php b/htdocs/ldap_account_creator.php
index 4523b39..7736b05 100644
--- a/htdocs/ldap_account_creator.php
+++ b/htdocs/ldap_account_creator.php
@@ -15,7 +15,7 @@ class LDAPAccountCreator extends EcloudAccountCreator implements AccountCreator
         $ldapPort = getenv('LDAP_PORt');
         $adminDn = getenv('LDAP_ADMIN_DN');
         $adminPassword = getenv('LDAP_ADMIN_PASSWORD');
-        $this->conn = ldap_connect($ldapUrl);
+        $this->conn = ldap_connect($ldapUrl, $ldapPort);
         ldap_set_option($this->conn, LDAP_OPT_PROTOCOL_VERSION, 3);
         try {
             ldap_bind($this->conn, $adminDn, $adminPassword);
-- 
GitLab


From 29ee5162ce7b55f42325362dc4f2fdc2e989a764 Mon Sep 17 00:00:00 2001
From: Akhil <akhil.potukuchi@gmail.com>
Date: Mon, 16 May 2022 19:52:30 +0530
Subject: [PATCH 07/26] Working LDAP account creator

---
 htdocs/base_ecloud_account_creator.php | 166 +++++++++++++++++++++++++
 htdocs/create.php                      |  49 +++++---
 htdocs/ecloud_account_creator.php      |  27 ----
 htdocs/ldap_account_creator.php        |  48 +++----
 4 files changed, 213 insertions(+), 77 deletions(-)
 create mode 100644 htdocs/base_ecloud_account_creator.php

diff --git a/htdocs/base_ecloud_account_creator.php b/htdocs/base_ecloud_account_creator.php
new file mode 100644
index 0000000..cb5f109
--- /dev/null
+++ b/htdocs/base_ecloud_account_creator.php
@@ -0,0 +1,166 @@
+<?php
+require 'vendor/autoload.php';
+require_once('language.php');
+require_once('helpers.php');
+
+class BaseEcloudAccountCreator
+{
+    private string $ecloudUrl;
+    private string $ecloudAccountsApiUrl;
+    protected int $quotaInMB = 1024;
+
+    public function __construct(string $ecloudUrl)
+    {
+        $this->ecloudUrl = endsWith($ecloudUrl, "/") ? $ecloudUrl : $ecloudUrl . "/";
+        $this->ecloudAccountsApiUrl = $this->ecloudUrl . 'apps/ecloud-accounts/api/';
+        $quota = getenv('CLOUD_QUOTA_IN_MB');
+        if ($quota !== false) {
+            $this->quotaInMB = intval($quota);
+        }
+    }
+
+    public function validateData(object $userData): ValidatedData
+    {
+        $id = "e_cloud_account_data";
+        try {
+            // We use $userData->email as uid as it is set to username@domain
+            if ($this->isUsernameTaken($userData->username)) {
+                return new \ValidatedData($id, "error_account_taken");
+            }
+        } catch (\Error $_) {
+            return new \ValidatedData($id, "error_server_side");
+        }
+        return new \ValidatedData($id, null);
+    }
+
+    protected function postCreationActions(string $email, string $username, string $authmail, string $quota)
+    {
+        try {
+            $hmeAlias = '';
+            $hmeAlias = $this->createHMEAlias($username);
+            $this->createNewDomainAlias($username, $email);
+        } catch (Error $e) {
+            error_log('Error during alias creation for user: ' . $username . ' with email: ' . $email . ' : ' . $e->getMessage());
+        }
+        $answer = $this->setAccountDataAtNextcloud($username, $email, $quota . ' MB', $authmail, $hmeAlias);
+        return $answer;
+    }
+    private function createHMEAlias(string $resultmail) : string
+    {
+        $token = getenv('COMMON_SERVICES_TOKEN');
+        $url = getenv('COMMON_SERVICES_URL');
+        $domain = getenv('ALIAS_DOMAIN');
+        
+        $endpoint = '/aliases/hide-my-email/';
+        $url .= $endpoint . $resultmail;
+        $data = array(
+            "token" => $token,
+            "domain" => $domain
+        );
+
+        $result = curlPostJSON($url, $data);
+        $output = $result->output;
+        if ($result->statusCode != 200) {
+            $err = $output->message;
+            throw new Error($err);
+        }
+        $alias = isset($output->emailAlias) ? $output->emailAlias : '';
+        return $alias;
+    }
+
+    private function createNewDomainAlias(string $username, string $resultmail)
+    {
+        $token = getenv('COMMON_SERVICES_TOKEN');
+        $url = getenv('COMMON_SERVICES_URL');
+        $domain = getenv('ALIAS_DOMAIN');
+
+        $endpoint = '/aliases/';
+        $url .= $endpoint . $resultmail;
+
+        $data = array(
+            "token" => $token,
+            "alias" => $username,
+            "domain" => $domain
+        );
+        $result = curlPostJSON($url, $data);
+        $output = $result->output;
+        if ($result->statusCode != 200) {
+            $err = $output->message;
+            throw new Error($err);
+        }
+    }
+
+    private function setAccountDataAtNextcloud(string $username, string $email, string $quota, string $recoveryEmail, string $hmeAlias)
+    {
+        $token = getenv('ECLOUD_ACCOUNTS_SECRET');
+
+        $ch = curl_init();
+        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+        curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
+
+        $data = array(
+            "uid" => $username,
+            "token" => $token,
+            "email" => $email,
+            "quota" => $quota,
+            "recoveryEmail" => $recoveryEmail,
+            "hmeAlias" => $hmeAlias
+        );
+        curl_setopt($ch, CURLOPT_URL, $this->ecloudAccountsApiUrl . 'set_account_data');
+        curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data));
+        $output = curl_exec($ch);
+        $output = json_decode($output, false);
+        $statusCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
+
+        $answer = new \stdClass;
+        $answer->success = true;
+
+        $errorNotEmpty = !empty($output->error);
+        $isRecoveryEmailError = $errorNotEmpty && $output->error === 'error_setting_recovery';
+        $isHmeError = $errorNotEmpty && $output->error === 'error_adding_hme_alias';
+
+        if ($isRecoveryEmailError) {
+            $message = 'Setting recovery email of user ' . $email . ' failed with status code: ' . $statusCode . '(recovery email: ' . $recoveryEmail . ')' . PHP_EOL;
+            error_log($message, 0);
+        }
+        if ($isHmeError) {
+            $message = 'Setting HME alias of user ' . $email . ' failed with status code: ' . $statusCode . '(HME alias: ' . $hmeAlias . ')' . PHP_EOL;
+            error_log($message, 0);
+        }
+
+        if ($statusCode !== 200) {
+            // Don't fail if recovery email or hide-my-email alias not set correctly
+            $answer->success = $isRecoveryEmailError || $isHmeError;
+            $answer->type = $errorNotEmpty ? $output->error : 'error_creating_account';
+        }
+
+        return $answer;
+    }
+
+    private function isUsernameTaken(string $uid): bool
+    {
+        $token = getenv('ECLOUD_ACCOUNTS_SECRET');
+
+        $ch = curl_init();
+        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+        curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
+
+        $data = array(
+            "uid" => $uid,
+            "token" => $token,
+        );
+        curl_setopt($ch, CURLOPT_URL, $this->ecloudAccountsApiUrl . 'user_exists');
+        curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data));
+
+        $output = curl_exec($ch);
+        $output = json_decode($output);
+        $statusCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
+
+        if ($statusCode !== 200) {
+            $err = curl_error($ch);
+            throw new Error($err);
+        }
+
+        return $output;
+    }
+}
diff --git a/htdocs/create.php b/htdocs/create.php
index 9534f1d..cdd82a1 100644
--- a/htdocs/create.php
+++ b/htdocs/create.php
@@ -35,11 +35,11 @@ $referrerCode = is_string($referrerCode) ? $referrerCode : null;
 $resultmail = $mbox . "@" . $mail_domain;
 
 if (
-    strlen($mbox) > 30 || 
-    strlen($name) > 30 || 
-    strlen($pw) > 1024 || 
-    strlen($pw2) > 1024 || 
-    strlen($authmail) > 1024 || 
+    strlen($mbox) > 30 ||
+    strlen($name) > 30 ||
+    strlen($pw) > 1024 ||
+    strlen($pw2) > 1024 ||
+    strlen($authmail) > 1024 ||
     strlen($authsecret) > 1024 ||
     is_string($referrerCode) && strlen($referrerCode) > 1024
     ) {
@@ -63,7 +63,7 @@ if (in_array($mbox, array('abuse', 'hostmaster', 'postmaster', 'webmaster', 'pos
     sendAPIResponse(400, createAPIResponse("username", $error_string));
 }
 
-if ( hasEmailAlreadyCreatedAnAccount($authmail) ) {
+if (hasEmailAlreadyCreatedAnAccount($authmail)) {
     $error_string = $strings["error_already_registered"];
     sendAPIResponse(400, createAPIResponse("general", $error_string));
 }
@@ -112,6 +112,7 @@ sendAPIResponse(200, createAPIResponse("success", $success_string));
 
 function getAccountsCreators(string $domain): array
 {
+    global $strings;
     $NC_URL = "https://$domain/";
     $GITLAB_URL = getenv("GITLAB_URL");
     $GITLAB_TOKEN = getenv("GITLAB_TOKEN");
@@ -119,11 +120,22 @@ function getAccountsCreators(string $domain): array
     $E_SHOP_USERNAME = getenv("E_SHOP_USERNAME");
     $E_SHOP_APP_PASS = getenv("E_SHOP_APP_PASS");
 
-    $accountsCreators = array(
-        'ecloud' => new \LDAPAccountCreator()
-    );
+    $ldapBackendEnabled = boolval(getenv('LDAP_BACKEND_ENABLED')) || false;
+    $ecloudAccountCreatorClass = ECloudAccountCreator::class;
+    if ($ldapBackendEnabled) {
+        $ecloudAccountCreatorClass = LDAPAccountCreator::class;
+    }
+    try {
+        $accountsCreators = [
+            'ecloud' => new $ecloudAccountCreatorClass($NC_URL)
+        ];
+    } catch (Exception $e) {
+        error_log('Error while starting LDAP Account Creator '. $e->getMessage());
+        $errorResponse = createAPIResponse('error', $strings['error_creating_account']);
+        sendAPIResponse(500, $errorResponse);
+    }
     if (shouldCreateGitlabAccount()) {
-      $accountsCreators['gitlab'] = new \GitlabAccountCreator($GITLAB_URL, $GITLAB_TOKEN);
+        $accountsCreators['gitlab'] = new \GitlabAccountCreator($GITLAB_URL, $GITLAB_TOKEN);
     }
     
     if (shouldCreateEShopAccount()) {
@@ -166,8 +178,7 @@ function shouldRewardReferrer(object $userData): bool
 
 function createAccounts(array $accountsCreators, object $userData)
 {
-    foreach($accountsCreators as $accountCreator)
-    {
+    foreach ($accountsCreators as $accountCreator) {
         try {
             $accountCreator->tryToCreate($userData);
         } catch (\Exception $err) {
@@ -177,8 +188,7 @@ function createAccounts(array $accountsCreators, object $userData)
         }
     }
 
-    if (shouldRewardReferrer($userData))
-    {
+    if (shouldRewardReferrer($userData)) {
         $E_SHOP_URL = getenv("E_SHOP_URL");
         $E_SHOP_USERNAME = getenv("E_SHOP_USERNAME");
         $E_SHOP_APP_PASS = getenv("E_SHOP_APP_PASS");
@@ -189,10 +199,11 @@ function createAccounts(array $accountsCreators, object $userData)
 
 function validateAccountOnAllServices(array $accountsCreators, object $userData)
 {
-    foreach($accountsCreators as $accountCreator)
-    {
+    foreach ($accountsCreators as $accountCreator) {
         $validatedData = $accountCreator->validateData($userData);
-        if ($validatedData->isValid()) continue;
+        if ($validatedData->isValid()) {
+            continue;
+        }
         sendAPIResponseFromValidatedData($userData, $validatedData);
     }
 }
@@ -200,14 +211,14 @@ function validateAccountOnAllServices(array $accountsCreators, object $userData)
 function sendAPIResponseFromValidatedData(object $userData, ValidatedData $validatedData)
 {
     global $strings;
-    if ($validatedData->getErrorCode() === "error_account_taken" ) {
+    if ($validatedData->getErrorCode() === "error_account_taken") {
         $message = $strings["error_account_taken"];
         $message = str_replace("@@@username@@@", $userData->username, $message);
         $response = createAPIResponse("error", $message);
         sendAPIResponse(400, $response);
     }
 
-    if ($validatedData->getErrorCode() === "error_already_registered" ) {
+    if ($validatedData->getErrorCode() === "error_already_registered") {
         $message = $strings["error_already_registered"];
         $response = createAPIResponse("error", $message);
         sendAPIResponse(400, $response);
diff --git a/htdocs/ecloud_account_creator.php b/htdocs/ecloud_account_creator.php
index 47af0ac..5e9abd0 100644
--- a/htdocs/ecloud_account_creator.php
+++ b/htdocs/ecloud_account_creator.php
@@ -36,33 +36,6 @@ class ECloudAccountCreator implements AccountCreator
         return new \ValidatedData($id, null);
     }
 
-    private function isUsernameTaken(string $uid): bool
-    {
-        $token = getenv('ECLOUD_ACCOUNTS_SECRET');
-
-        $ch = curl_init();
-        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
-        curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
-
-        $data = array(
-            "uid" => $uid,
-            "token" => $token,
-        );
-        curl_setopt($ch, CURLOPT_URL, $this->ecloudAccountsApiUrl . 'user_exists');
-        curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data));
-
-        $output = curl_exec($ch);
-        $output = json_decode($output);
-        $statusCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
-
-        if ($statusCode !== 200) {
-            $err = curl_error($ch);
-            throw new Error($err);
-        }
-
-        return $output;
-    }
-
     private function createHMEAlias(string $resultmail) : string
     {
         $token = getenv('COMMON_SERVICES_TOKEN');
diff --git a/htdocs/ldap_account_creator.php b/htdocs/ldap_account_creator.php
index 7736b05..9423fb2 100644
--- a/htdocs/ldap_account_creator.php
+++ b/htdocs/ldap_account_creator.php
@@ -3,24 +3,22 @@ require 'vendor/autoload.php';
 require_once('language.php');
 require_once('account_creator.php');
 require_once('helpers.php');
-require_once('ecloud_account_creator.php');
+require_once('base_ecloud_account_creator.php');
 
-class LDAPAccountCreator extends EcloudAccountCreator implements AccountCreator
+class LDAPAccountCreator extends BaseEcloudAccountCreator implements AccountCreator
 {
     private $conn;
 
-    public function __construct()
+    public function __construct(string $ecloudUrl)
     {
-        $ldapUrl = getenv('LDAP_URL');
-        $ldapPort = getenv('LDAP_PORt');
+        $ldapUrl = getenv('LDAP_SERVER_URL');
+        $ldapPort = getenv('LDAP_PORT');
         $adminDn = getenv('LDAP_ADMIN_DN');
         $adminPassword = getenv('LDAP_ADMIN_PASSWORD');
         $this->conn = ldap_connect($ldapUrl, $ldapPort);
         ldap_set_option($this->conn, LDAP_OPT_PROTOCOL_VERSION, 3);
-        try {
-            ldap_bind($this->conn, $adminDn, $adminPassword);
-        } catch (Exception $e) {
-        }
+        ldap_bind($this->conn, $adminDn, $adminPassword);
+        parent::__construct($ecloudUrl);
     }
 
     public function tryToCreate(object $userData)
@@ -33,44 +31,32 @@ class LDAPAccountCreator extends EcloudAccountCreator implements AccountCreator
         }
     }
 
-    private function createAccount(string $email, string $username, string $password, string $name, $quota, $authmail, ?string $referrerCode = null)
+    private function createAccount(string $email, string $username, string $password, string $name, int $quota, $authmail, ?string $referrerCode = null)
     {
+        $quotaString = strval($quota) . ' MB';
         $user = [
             'mailAddress' => $email,
-            'uid' => $username,
+            'username' => $username,
+            'usernameWithoutDomain' => $username,
             'userPassword' => $password,
             'displayName' => $name,
-            'quota' => $quota,
+            'quota' => $quotaString,
             'mailAlternate' => $authmail,
             //'recoveryMailAddress' => $authmail,
-            'active'=> true,
-            'mailActive' => true,
+            'active'=> 'TRUE',
+            'mailActive' => 'TRUE',
             'objectClass' => ['murenaUser', 'simpleSecurityObject']
         ];
-        $userDn = "uid=$username,ou=users,dc=murena";
+        $userDn = "username=$username,ou=users,dc=murena";
         $created = ldap_add($this->conn, $userDn, $user);
         $answer = new \stdClass();
         $answer->success = $created;
         if (!$created) {
             $answer->type = 'error_creating_account';
+            return $answer;
         }
+        $answer = $this->postCreationActions($email, $username, $authmail, $quota);
         return $answer;
     }
 
-
-    private function isUsernameTaken(string $uid) : bool
-    {
-        $filter = "(uid=$uid)";
-        $base = 'ou=users,dc=murena';
-        $attributes = ["uid"];
-        try {
-            $results = ldap_search($this->conn, $base, $filter, $attributes);
-            $results = ldap_get_entries($this->conn, $results);
-            if ($results['count'] === 0) {
-                return false;
-            }
-        } catch (Exception $e) {
-        }
-        return true;
-    }
 }
-- 
GitLab


From 6d4597817e3d911cd42be5a622a6cf67198c46d1 Mon Sep 17 00:00:00 2001
From: Akhil <akhil.potukuchi@gmail.com>
Date: Tue, 17 May 2022 15:42:27 +0530
Subject: [PATCH 08/26] Use LdapRecord

---
 Dockerfile                                    |   2 +-
 htdocs/{ => accounts}/account_creator.php     |   2 +-
 .../base_ecloud_account_creator.php           |   7 +-
 htdocs/accounts/ecloud_account_creator.php    |  74 ++++++++
 .../{ => accounts}/gitlab_account_creator.php |   0
 htdocs/accounts/ldap/user.php                 |  10 +
 htdocs/accounts/ldap_account_creator.php      |  94 ++++++++++
 htdocs/{ => accounts}/wp_account_creator.php  |   0
 htdocs/create.php                             |  10 +-
 htdocs/ecloud_account_creator.php             | 177 ------------------
 htdocs/ldap_account_creator.php               |  62 ------
 11 files changed, 189 insertions(+), 249 deletions(-)
 rename htdocs/{ => accounts}/account_creator.php (89%)
 rename htdocs/{ => accounts}/base_ecloud_account_creator.php (98%)
 create mode 100644 htdocs/accounts/ecloud_account_creator.php
 rename htdocs/{ => accounts}/gitlab_account_creator.php (100%)
 create mode 100644 htdocs/accounts/ldap/user.php
 create mode 100644 htdocs/accounts/ldap_account_creator.php
 rename htdocs/{ => accounts}/wp_account_creator.php (100%)
 delete mode 100644 htdocs/ecloud_account_creator.php
 delete mode 100644 htdocs/ldap_account_creator.php

diff --git a/Dockerfile b/Dockerfile
index 5266aab..e5a9297 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -38,7 +38,7 @@ RUN docker-php-ext-install mysqli
 RUN apt-get install libldap2-dev -y && \
     docker-php-ext-configure ldap --with-libdir=lib/x86_64-linux-gnu/ && \
     docker-php-ext-install ldap
-RUN COMPOSER_ALLOW_SUPERUSER=1 composer require --no-plugins --no-scripts pear/mail pear/net_smtp pear/auth_sasl pear/mail_mime phpseclib/phpseclib:~3.0 curl/curl sendgrid/sendgrid
+RUN COMPOSER_ALLOW_SUPERUSER=1 composer require --no-plugins --no-scripts directorytree/ldaprecord pear/mail pear/net_smtp pear/auth_sasl pear/mail_mime phpseclib/phpseclib:~3.0 curl/curl sendgrid/sendgrid
 RUN apt-get remove -y git unzip 
 RUN rm -rf /var/lib/apt/lists/* && rm /usr/bin/composer
 RUN chown -R www-data:www-data /var/www/html/vendor/ /var/www/html/composer.lock /var/www/html/composer.json
diff --git a/htdocs/account_creator.php b/htdocs/accounts/account_creator.php
similarity index 89%
rename from htdocs/account_creator.php
rename to htdocs/accounts/account_creator.php
index faebd8f..d27b9ef 100644
--- a/htdocs/account_creator.php
+++ b/htdocs/accounts/account_creator.php
@@ -1,5 +1,5 @@
 <?php
-require_once('validated_data.php');
+require_once('../validated_data.php');
 
 interface AccountCreator
 {
diff --git a/htdocs/base_ecloud_account_creator.php b/htdocs/accounts/base_ecloud_account_creator.php
similarity index 98%
rename from htdocs/base_ecloud_account_creator.php
rename to htdocs/accounts/base_ecloud_account_creator.php
index cb5f109..7402bb4 100644
--- a/htdocs/base_ecloud_account_creator.php
+++ b/htdocs/accounts/base_ecloud_account_creator.php
@@ -1,7 +1,7 @@
 <?php
-require 'vendor/autoload.php';
-require_once('language.php');
-require_once('helpers.php');
+require '../vendor/autoload.php';
+require_once('../language.php');
+require_once('../helpers.php');
 
 class BaseEcloudAccountCreator
 {
@@ -45,6 +45,7 @@ class BaseEcloudAccountCreator
         $answer = $this->setAccountDataAtNextcloud($username, $email, $quota . ' MB', $authmail, $hmeAlias);
         return $answer;
     }
+
     private function createHMEAlias(string $resultmail) : string
     {
         $token = getenv('COMMON_SERVICES_TOKEN');
diff --git a/htdocs/accounts/ecloud_account_creator.php b/htdocs/accounts/ecloud_account_creator.php
new file mode 100644
index 0000000..bbebef5
--- /dev/null
+++ b/htdocs/accounts/ecloud_account_creator.php
@@ -0,0 +1,74 @@
+<?php
+require 'vendor/autoload.php';
+require_once('language.php');
+require_once('account_creator.php');
+require_once('helpers.php');
+require_once('base_ecloud_account_creator.php');
+
+
+use phpseclib3\Net\SSH2;
+
+class ECloudAccountCreator extends BaseEcloudAccountCreator implements AccountCreator
+{
+    private string $ecloudUrl;
+    private string $ecloudAccountsApiUrl;
+    private int $quotaInMB = 1024;
+
+    public function __construct(string $ecloudUrl)
+    {
+        parent::__construct($ecloudUrl);
+    }
+
+    public function validateData(object $userData): ValidatedData
+    {
+        $id = "e_cloud_account_data";
+        try {
+            // We use $userData->email as uid as it is set to username@domain
+            if ($this->isUsernameTaken($userData->email)) {
+                return new \ValidatedData($id, "error_account_taken");
+            }
+        } catch (\Error $_) {
+            return new \ValidatedData($id, "error_server_side");
+        }
+        return new \ValidatedData($id, null);
+    }
+
+    private function createMailAccount($resultmail, $username, $pw, $pw2, $name, $quota, $authmail, ?string $referrerCode = null)
+    {
+        global $strings;
+        $PF_HOSTNAME = "postfixadmin";
+        $PF_USER = "pfexec";
+        $PF_PWD = getenv("POSTFIXADMIN_SSH_PASSWORD");
+
+        $ssh = new SSH2($PF_HOSTNAME);
+        if (!$ssh->login($PF_USER, $PF_PWD)) {
+            $error_string = $strings["error_server_side"];
+            sendAPIResponse(500, createAPIResponse("general", $error_string));
+        }
+
+
+        // 1 - create the account
+        $creationFeedBack = explode("\n", $ssh->exec('/postfixadmin/scripts/postfixadmin-cli mailbox add ' . escapeshellarg($resultmail) . ' --password ' . escapeshellarg($pw) . ' --password2 ' . escapeshellarg($pw2) . ' --name ' . escapeshellarg($name) . ' --email_other ' . escapeshellarg($authmail) . ' --quota ' . $quota . ' --active 1 --welcome-mail 0 2>&1'));
+        $isCreated = preg_grep('/added/', $creationFeedBack);
+        $answer = new \stdClass();
+        if (empty($isCreated)) {
+            // There was an error during account creation on PFA side, return it
+            $answer->success = false;
+            $answer->type = "error_creating_account";
+            return $answer;
+        } else {
+            $answer = $this->postCreationActions($resultmail, $username, $authmail, $quota);
+            return $answer;
+        }
+    }
+
+    public function tryToCreate(object $userData)
+    {
+        global $strings;
+        $pw = $userData->password;
+        $answer = $this->createMailAccount($userData->email, $userData->username, $pw, $pw, $userData->name, $this->quotaInMB, $userData->authmail, $userData->referrerCode);
+        if ($answer->success === false) {
+            sendAPIResponse(400, createAPIResponse("general", $strings[$answer->type]));
+        }
+    }
+}
diff --git a/htdocs/gitlab_account_creator.php b/htdocs/accounts/gitlab_account_creator.php
similarity index 100%
rename from htdocs/gitlab_account_creator.php
rename to htdocs/accounts/gitlab_account_creator.php
diff --git a/htdocs/accounts/ldap/user.php b/htdocs/accounts/ldap/user.php
new file mode 100644
index 0000000..eaf094f
--- /dev/null
+++ b/htdocs/accounts/ldap/user.php
@@ -0,0 +1,10 @@
+<?php 
+
+use LdapRecord\Models\Model;
+
+class User extends Model {
+    public static $objectClasses = [
+        'murenaUser',
+        'simpleSecurityObject'
+    ];
+};         
\ No newline at end of file
diff --git a/htdocs/accounts/ldap_account_creator.php b/htdocs/accounts/ldap_account_creator.php
new file mode 100644
index 0000000..5811d0c
--- /dev/null
+++ b/htdocs/accounts/ldap_account_creator.php
@@ -0,0 +1,94 @@
+<?php
+require 'vendor/autoload.php';
+require_once('account_creator.php');
+require_once('base_ecloud_account_creator.php');
+require_once('ldap/user.php');
+require_once('../language.php');
+require_once('../helpers.php');
+
+use LdapRecord\Connection;
+use LdapRecord\Container;
+
+class LDAPAccountCreator extends BaseEcloudAccountCreator implements AccountCreator
+{
+    private Connection $conn;
+
+    public function __construct(string $ecloudUrl)
+    {
+        $this->connectToLDAPServer();
+        parent::__construct($ecloudUrl);
+    }
+
+    public function tryToCreate(object $userData)
+    {
+        global $strings;
+        $pw = $userData->password;
+        $answer = $this->createAccount($userData->email, $userData->username, $pw, $userData->name, $this->quotaInMB, $userData->authmail, $userData->referrerCode);
+        if ($answer->success === false) {
+            sendAPIResponse(400, createAPIResponse("general", $strings[$answer->type]));
+        }
+    }
+
+    private function createAccount(string $email, string $username, string $password, string $name, int $quota, $authmail, ?string $referrerCode = null)
+    {
+        $baseDn =  getenv('LDAP_ALIASES_BASE_DN');
+        $userDn = "username=$username," . $baseDn;
+        $quotaString = strval($quota) . ' MB';
+        $answer = new \stdClass();
+        try {
+            $user =[
+                'mailAddress' => $email,
+                'username' => $username,
+                'usernameWithoutDomain' => $username,
+                'userPassword' => $password,
+                'displayName' => $name,
+                'quota' => $quotaString,
+                'mailAlternate' => $authmail,
+                'recoveryMailAddress' => $authmail,
+                'active'=> 'TRUE',
+                'mailActive' => 'TRUE',
+                'objectClass' => ['murenaUser', 'simpleSecurityObject']
+            ];
+            $userEntry = new User($user);
+            $userEntry->setDn($userDn);
+            $userEntry->save();
+        } catch (Exception $e) {
+            error_log('Error creating user ' . $e->getMessage());
+            $answer->success= false;
+            $answer->type = 'error_creating_account';
+            return $answer;
+        }
+        $answer = $this->postCreationActions($email, $username, $authmail, $quota);
+        return $answer;
+    }
+
+
+    private function getLDAPConfig() : array
+    {
+        $ldapHosts = getenv('LDAP_HOSTS');
+        $ldapHosts = explode(",", $ldapHosts);
+        $ldapPort = getenv('LDAP_PORT');
+        $ldapAdminDn = getenv('LDAP_ADMIN_DN');
+        $ldapAdminPassword = getenv('LDAP_ADMIN_PASSWORD');
+
+        $baseDn = getenv('LDAP_ALIASES_BASE_DN');
+
+        return [
+          'hosts' => $ldapHosts,
+          'port' => $ldapPort,
+          'base_dn' =>   $baseDn,
+          'username' => $ldapAdminDn,
+          'password' => $ldapAdminPassword
+        ];
+    }
+
+    private function connectToLDAPServer() : void
+    {
+        $config = $this->getLDAPConfig();
+
+        $this->conn = new Connection(
+            $config
+        );
+        Container::addConnection($this->conn);
+    }
+}
diff --git a/htdocs/wp_account_creator.php b/htdocs/accounts/wp_account_creator.php
similarity index 100%
rename from htdocs/wp_account_creator.php
rename to htdocs/accounts/wp_account_creator.php
diff --git a/htdocs/create.php b/htdocs/create.php
index cdd82a1..63ac125 100644
--- a/htdocs/create.php
+++ b/htdocs/create.php
@@ -5,11 +5,11 @@
 require 'vendor/autoload.php';
 require_once('language.php');
 require_once('helpers.php');
-require_once('account_creator.php');
-require_once('gitlab_account_creator.php');
-require_once('ecloud_account_creator.php');
-require_once('ldap_account_creator.php');
-require_once('wp_account_creator.php');
+require_once('accounts/account_creator.php');
+require_once('accounts/gitlab_account_creator.php');
+require_once('accounts/ecloud_account_creator.php');
+require_once('accounts/ldap_account_creator.php');
+require_once('accounts/wp_account_creator.php');
 
 $domain = getenv("DOMAIN");
 $mail_domain = getMailDomain();
diff --git a/htdocs/ecloud_account_creator.php b/htdocs/ecloud_account_creator.php
deleted file mode 100644
index 5e9abd0..0000000
--- a/htdocs/ecloud_account_creator.php
+++ /dev/null
@@ -1,177 +0,0 @@
-<?php
-require 'vendor/autoload.php';
-require_once('language.php');
-require_once('account_creator.php');
-require_once('helpers.php');
-
-use phpseclib3\Net\SSH2;
-
-class ECloudAccountCreator implements AccountCreator
-{
-    private string $ecloudUrl;
-    private string $ecloudAccountsApiUrl;
-    private int $quotaInMB = 1024;
-
-    public function __construct(string $ecloudUrl)
-    {
-        $this->ecloudUrl = endsWith($ecloudUrl, "/") ? $ecloudUrl : $ecloudUrl . "/";
-        $this->ecloudAccountsApiUrl = $this->ecloudUrl . 'apps/ecloud-accounts/api/';
-        $quota = getenv('CLOUD_QUOTA_IN_MB');
-        if ($quota !== false) {
-            $this->quotaInMB = intval($quota);
-        }
-    }
-
-    public function validateData(object $userData): ValidatedData
-    {
-        $id = "e_cloud_account_data";
-        try {
-            // We use $userData->email as uid as it is set to username@domain
-            if ($this->isUsernameTaken($userData->email)) {
-                return new \ValidatedData($id, "error_account_taken");
-            }
-        } catch (\Error $_) {
-            return new \ValidatedData($id, "error_server_side");
-        }
-        return new \ValidatedData($id, null);
-    }
-
-    private function createHMEAlias(string $resultmail) : string
-    {
-        $token = getenv('COMMON_SERVICES_TOKEN');
-        $url = getenv('COMMON_SERVICES_URL');
-        $domain = getenv('ALIAS_DOMAIN');
-        
-        $endpoint = '/aliases/hide-my-email/';
-        $url .= $endpoint . $resultmail;
-        $data = array(
-            "token" => $token,
-            "domain" => $domain
-        );
-
-        $result = curlPostJSON($url, $data);
-        $output = $result->output;
-        if ($result->statusCode != 200) {
-            $err = $output->message;
-            throw new Error($err);
-        }
-        $alias = isset($output->emailAlias) ? $output->emailAlias : '';
-        return $alias;
-    }
-
-    private function createNewDomainAlias(string $username, string $resultmail)
-    {
-        $token = getenv('COMMON_SERVICES_TOKEN');
-        $url = getenv('COMMON_SERVICES_URL');
-        $domain = getenv('ALIAS_DOMAIN');
-
-        $endpoint = '/aliases/';
-        $url .= $endpoint . $resultmail;
-
-        $data = array(
-            "token" => $token,
-            "alias" => $username,
-            "domain" => $domain
-        );
-        $result = curlPostJSON($url, $data);
-        $output = $result->output;
-        if ($result->statusCode != 200) {
-            $err = $output->message;
-            throw new Error($err);
-        }
-    }
-
-    private function setAccountDataAtNextcloud(string $email, string $quota, string $recoveryEmail, string $hmeAlias)
-    {
-        $token = getenv('ECLOUD_ACCOUNTS_SECRET');
-
-        $ch = curl_init();
-        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
-        curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
-
-        $data = array(
-            "uid" => $email,
-            "token" => $token,
-            "email" => $email,
-            "quota" => $quota,
-            "recoveryEmail" => $recoveryEmail,
-            "hmeAlias" => $hmeAlias
-        );
-        curl_setopt($ch, CURLOPT_URL, $this->ecloudAccountsApiUrl . 'set_account_data');
-        curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data));
-        $output = curl_exec($ch);
-        $output = json_decode($output, false);
-        $statusCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
-
-        $answer = new \stdClass;
-        $answer->success = true;
-
-        $errorNotEmpty = !empty($output->error);
-        $isRecoveryEmailError = $errorNotEmpty && $output->error === 'error_setting_recovery';
-        $isHmeError = $errorNotEmpty && $output->error === 'error_adding_hme_alias';
-
-        if ($isRecoveryEmailError) {
-            $message = 'Setting recovery email of user ' . $email . ' failed with status code: ' . $statusCode . '(recovery email: ' . $recoveryEmail . ')' . PHP_EOL;
-            error_log($message, 0);
-        }
-        if ($isHmeError) {
-            $message = 'Setting HME alias of user ' . $email . ' failed with status code: ' . $statusCode . '(HME alias: ' . $hmeAlias . ')' . PHP_EOL;
-            error_log($message, 0);
-        }
-
-        if ($statusCode !== 200) {
-            // Don't fail if recovery email or hide-my-email alias not set correctly
-            $answer->success = $isRecoveryEmailError || $isHmeError;
-            $answer->type = $errorNotEmpty ? $output->error : 'error_creating_account';
-        }
-
-        return $answer;
-    }
-
-    private function createMailAccount($resultmail, $username, $pw, $pw2, $name, $quota, $authmail, ?string $referrerCode = null)
-    {
-        global $strings;
-        $PF_HOSTNAME = "postfixadmin";
-        $PF_USER = "pfexec";
-        $PF_PWD = getenv("POSTFIXADMIN_SSH_PASSWORD");
-
-        $ssh = new SSH2($PF_HOSTNAME);
-        if (!$ssh->login($PF_USER, $PF_PWD)) {
-            $error_string = $strings["error_server_side"];
-            sendAPIResponse(500, createAPIResponse("general", $error_string));
-        }
-
-
-        // 1 - create the account
-        $creationFeedBack = explode("\n", $ssh->exec('/postfixadmin/scripts/postfixadmin-cli mailbox add ' . escapeshellarg($resultmail) . ' --password ' . escapeshellarg($pw) . ' --password2 ' . escapeshellarg($pw2) . ' --name ' . escapeshellarg($name) . ' --email_other ' . escapeshellarg($authmail) . ' --quota ' . $quota . ' --active 1 --welcome-mail 0 2>&1'));
-        $isCreated = preg_grep('/added/', $creationFeedBack);
-        $answer = new \stdClass();
-        if (empty($isCreated)) {
-            // There was an error during account creation on PFA side, return it
-            $answer->success = false;
-            $answer->type = "error_creating_account";
-            return $answer;
-        } else {
-            // 2 - the account was created, set some settings
-            $hmeAlias = '';
-            try {
-                $hmeAlias = $this->createHMEAlias($resultmail);
-                $this->createNewDomainAlias($username, $resultmail);
-            } catch (Error $e) {
-                error_log('Error during alias creation for user: ' . $resultmail . ' : ' . $e->getMessage());
-            }
-            $answer = $this->setAccountDataAtNextcloud($resultmail, $quota . ' MB', $authmail, $hmeAlias);
-            return $answer;
-        }
-    }
-
-    public function tryToCreate(object $userData)
-    {
-        global $strings;
-        $pw = $userData->password;
-        $answer = $this->createMailAccount($userData->email, $userData->username, $pw, $pw, $userData->name, $this->quotaInMB, $userData->authmail, $userData->referrerCode);
-        if ($answer->success === false) {
-            sendAPIResponse(400, createAPIResponse("general", $strings[$answer->type]));
-        }
-    }
-}
diff --git a/htdocs/ldap_account_creator.php b/htdocs/ldap_account_creator.php
deleted file mode 100644
index 9423fb2..0000000
--- a/htdocs/ldap_account_creator.php
+++ /dev/null
@@ -1,62 +0,0 @@
-<?php
-require 'vendor/autoload.php';
-require_once('language.php');
-require_once('account_creator.php');
-require_once('helpers.php');
-require_once('base_ecloud_account_creator.php');
-
-class LDAPAccountCreator extends BaseEcloudAccountCreator implements AccountCreator
-{
-    private $conn;
-
-    public function __construct(string $ecloudUrl)
-    {
-        $ldapUrl = getenv('LDAP_SERVER_URL');
-        $ldapPort = getenv('LDAP_PORT');
-        $adminDn = getenv('LDAP_ADMIN_DN');
-        $adminPassword = getenv('LDAP_ADMIN_PASSWORD');
-        $this->conn = ldap_connect($ldapUrl, $ldapPort);
-        ldap_set_option($this->conn, LDAP_OPT_PROTOCOL_VERSION, 3);
-        ldap_bind($this->conn, $adminDn, $adminPassword);
-        parent::__construct($ecloudUrl);
-    }
-
-    public function tryToCreate(object $userData)
-    {
-        global $strings;
-        $pw = $userData->password;
-        $answer = $this->createAccount($userData->email, $userData->username, $pw, $userData->name, $this->quotaInMB, $userData->authmail, $userData->referrerCode);
-        if ($answer->success === false) {
-            sendAPIResponse(400, createAPIResponse("general", $strings[$answer->type]));
-        }
-    }
-
-    private function createAccount(string $email, string $username, string $password, string $name, int $quota, $authmail, ?string $referrerCode = null)
-    {
-        $quotaString = strval($quota) . ' MB';
-        $user = [
-            'mailAddress' => $email,
-            'username' => $username,
-            'usernameWithoutDomain' => $username,
-            'userPassword' => $password,
-            'displayName' => $name,
-            'quota' => $quotaString,
-            'mailAlternate' => $authmail,
-            //'recoveryMailAddress' => $authmail,
-            'active'=> 'TRUE',
-            'mailActive' => 'TRUE',
-            'objectClass' => ['murenaUser', 'simpleSecurityObject']
-        ];
-        $userDn = "username=$username,ou=users,dc=murena";
-        $created = ldap_add($this->conn, $userDn, $user);
-        $answer = new \stdClass();
-        $answer->success = $created;
-        if (!$created) {
-            $answer->type = 'error_creating_account';
-            return $answer;
-        }
-        $answer = $this->postCreationActions($email, $username, $authmail, $quota);
-        return $answer;
-    }
-
-}
-- 
GitLab


From 63bb66873c3b6e62c8e29e25ff9e3043368638f2 Mon Sep 17 00:00:00 2001
From: Akhil <akhil.potukuchi@gmail.com>
Date: Tue, 17 May 2022 15:50:09 +0530
Subject: [PATCH 09/26] quota in bytes for ldap

---
 htdocs/accounts/ecloud_account_creator.php |  4 ----
 htdocs/accounts/ldap_account_creator.php   | 11 ++++++++---
 2 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/htdocs/accounts/ecloud_account_creator.php b/htdocs/accounts/ecloud_account_creator.php
index bbebef5..6f821ef 100644
--- a/htdocs/accounts/ecloud_account_creator.php
+++ b/htdocs/accounts/ecloud_account_creator.php
@@ -10,10 +10,6 @@ use phpseclib3\Net\SSH2;
 
 class ECloudAccountCreator extends BaseEcloudAccountCreator implements AccountCreator
 {
-    private string $ecloudUrl;
-    private string $ecloudAccountsApiUrl;
-    private int $quotaInMB = 1024;
-
     public function __construct(string $ecloudUrl)
     {
         parent::__construct($ecloudUrl);
diff --git a/htdocs/accounts/ldap_account_creator.php b/htdocs/accounts/ldap_account_creator.php
index 5811d0c..2d5379e 100644
--- a/htdocs/accounts/ldap_account_creator.php
+++ b/htdocs/accounts/ldap_account_creator.php
@@ -13,9 +13,15 @@ class LDAPAccountCreator extends BaseEcloudAccountCreator implements AccountCrea
 {
     private Connection $conn;
 
+    private int $quotaInBytes = 1073741824;
+
     public function __construct(string $ecloudUrl)
     {
         $this->connectToLDAPServer();
+        $quota = getenv('CLOUD_QUOTA_IN_BYTES');
+        if ($quota !== false) {
+            $this->quotaInBytes = intval($quota);
+        }
         parent::__construct($ecloudUrl);
     }
 
@@ -23,7 +29,7 @@ class LDAPAccountCreator extends BaseEcloudAccountCreator implements AccountCrea
     {
         global $strings;
         $pw = $userData->password;
-        $answer = $this->createAccount($userData->email, $userData->username, $pw, $userData->name, $this->quotaInMB, $userData->authmail, $userData->referrerCode);
+        $answer = $this->createAccount($userData->email, $userData->username, $pw, $userData->name, $this->quotaInBytes, $userData->authmail, $userData->referrerCode);
         if ($answer->success === false) {
             sendAPIResponse(400, createAPIResponse("general", $strings[$answer->type]));
         }
@@ -33,7 +39,6 @@ class LDAPAccountCreator extends BaseEcloudAccountCreator implements AccountCrea
     {
         $baseDn =  getenv('LDAP_ALIASES_BASE_DN');
         $userDn = "username=$username," . $baseDn;
-        $quotaString = strval($quota) . ' MB';
         $answer = new \stdClass();
         try {
             $user =[
@@ -42,7 +47,7 @@ class LDAPAccountCreator extends BaseEcloudAccountCreator implements AccountCrea
                 'usernameWithoutDomain' => $username,
                 'userPassword' => $password,
                 'displayName' => $name,
-                'quota' => $quotaString,
+                'quota' => $quota,
                 'mailAlternate' => $authmail,
                 'recoveryMailAddress' => $authmail,
                 'active'=> 'TRUE',
-- 
GitLab


From fdc5828d099f3a57149972cbce3b2e08e6a1304e Mon Sep 17 00:00:00 2001
From: Akhil <akhil.potukuchi@gmail.com>
Date: Tue, 17 May 2022 15:54:43 +0530
Subject: [PATCH 10/26] Added LDAP_USERS_BASE_DN

---
 htdocs/accounts/ldap_account_creator.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/htdocs/accounts/ldap_account_creator.php b/htdocs/accounts/ldap_account_creator.php
index 2d5379e..73483e6 100644
--- a/htdocs/accounts/ldap_account_creator.php
+++ b/htdocs/accounts/ldap_account_creator.php
@@ -37,7 +37,7 @@ class LDAPAccountCreator extends BaseEcloudAccountCreator implements AccountCrea
 
     private function createAccount(string $email, string $username, string $password, string $name, int $quota, $authmail, ?string $referrerCode = null)
     {
-        $baseDn =  getenv('LDAP_ALIASES_BASE_DN');
+        $baseDn =  getenv('LDAP_USERS_BASE_DN');
         $userDn = "username=$username," . $baseDn;
         $answer = new \stdClass();
         try {
@@ -76,7 +76,7 @@ class LDAPAccountCreator extends BaseEcloudAccountCreator implements AccountCrea
         $ldapAdminDn = getenv('LDAP_ADMIN_DN');
         $ldapAdminPassword = getenv('LDAP_ADMIN_PASSWORD');
 
-        $baseDn = getenv('LDAP_ALIASES_BASE_DN');
+        $baseDn = getenv('LDAP_USERS_BASE_DN');
 
         return [
           'hosts' => $ldapHosts,
-- 
GitLab


From a00d03c8fdde1e352c77aa6b2a8c309ad509bcfd Mon Sep 17 00:00:00 2001
From: Akhil <akhil.potukuchi@gmail.com>
Date: Tue, 17 May 2022 15:59:24 +0530
Subject: [PATCH 11/26] Fixed imports

---
 htdocs/accounts/account_creator.php             |  2 +-
 htdocs/accounts/base_ecloud_account_creator.php |  6 +++---
 htdocs/accounts/ecloud_account_creator.php      |  4 ++--
 htdocs/accounts/gitlab_account_creator.php      |  2 +-
 htdocs/accounts/ldap_account_creator.php        | 10 +++++-----
 htdocs/accounts/wp_account_creator.php          |  2 +-
 6 files changed, 13 insertions(+), 13 deletions(-)

diff --git a/htdocs/accounts/account_creator.php b/htdocs/accounts/account_creator.php
index d27b9ef..faebd8f 100644
--- a/htdocs/accounts/account_creator.php
+++ b/htdocs/accounts/account_creator.php
@@ -1,5 +1,5 @@
 <?php
-require_once('../validated_data.php');
+require_once('validated_data.php');
 
 interface AccountCreator
 {
diff --git a/htdocs/accounts/base_ecloud_account_creator.php b/htdocs/accounts/base_ecloud_account_creator.php
index 7402bb4..77b6ce9 100644
--- a/htdocs/accounts/base_ecloud_account_creator.php
+++ b/htdocs/accounts/base_ecloud_account_creator.php
@@ -1,7 +1,7 @@
 <?php
-require '../vendor/autoload.php';
-require_once('../language.php');
-require_once('../helpers.php');
+require 'vendor/autoload.php';
+require_once('language.php');
+require_once('helpers.php');
 
 class BaseEcloudAccountCreator
 {
diff --git a/htdocs/accounts/ecloud_account_creator.php b/htdocs/accounts/ecloud_account_creator.php
index 6f821ef..bd6e1c6 100644
--- a/htdocs/accounts/ecloud_account_creator.php
+++ b/htdocs/accounts/ecloud_account_creator.php
@@ -1,9 +1,9 @@
 <?php
 require 'vendor/autoload.php';
 require_once('language.php');
-require_once('account_creator.php');
 require_once('helpers.php');
-require_once('base_ecloud_account_creator.php');
+require_once('accounts/account_creator.php');
+require_once('accounts/base_ecloud_account_creator.php');
 
 
 use phpseclib3\Net\SSH2;
diff --git a/htdocs/accounts/gitlab_account_creator.php b/htdocs/accounts/gitlab_account_creator.php
index e040c4b..443d86a 100644
--- a/htdocs/accounts/gitlab_account_creator.php
+++ b/htdocs/accounts/gitlab_account_creator.php
@@ -1,5 +1,5 @@
 <?php
-require_once('account_creator.php');
+require_once('accounts/account_creator.php');
 
 class GitlabAccountCreator implements AccountCreator
 {
diff --git a/htdocs/accounts/ldap_account_creator.php b/htdocs/accounts/ldap_account_creator.php
index 73483e6..9328859 100644
--- a/htdocs/accounts/ldap_account_creator.php
+++ b/htdocs/accounts/ldap_account_creator.php
@@ -1,10 +1,10 @@
 <?php
 require 'vendor/autoload.php';
-require_once('account_creator.php');
-require_once('base_ecloud_account_creator.php');
-require_once('ldap/user.php');
-require_once('../language.php');
-require_once('../helpers.php');
+require_once('accounts/account_creator.php');
+require_once('accounts/base_ecloud_account_creator.php');
+require_once('accounts/ldap/user.php');
+require_once('language.php');
+require_once('helpers.php');
 
 use LdapRecord\Connection;
 use LdapRecord\Container;
diff --git a/htdocs/accounts/wp_account_creator.php b/htdocs/accounts/wp_account_creator.php
index f3b4c9c..11e5fb6 100644
--- a/htdocs/accounts/wp_account_creator.php
+++ b/htdocs/accounts/wp_account_creator.php
@@ -1,5 +1,5 @@
 <?php
-require_once('account_creator.php');
+require_once('accounts/account_creator.php');
 
 class WPAccountCreator implements AccountCreator
 {
-- 
GitLab


From 80f5a0ea2253a82b095bfb8f0f4dd488fb9eef43 Mon Sep 17 00:00:00 2001
From: Akhil <akhil.potukuchi@gmail.com>
Date: Tue, 17 May 2022 16:57:54 +0530
Subject: [PATCH 12/26] Check both username and email

---
 htdocs/accounts/base_ecloud_account_creator.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/htdocs/accounts/base_ecloud_account_creator.php b/htdocs/accounts/base_ecloud_account_creator.php
index 77b6ce9..ec72211 100644
--- a/htdocs/accounts/base_ecloud_account_creator.php
+++ b/htdocs/accounts/base_ecloud_account_creator.php
@@ -23,8 +23,8 @@ class BaseEcloudAccountCreator
     {
         $id = "e_cloud_account_data";
         try {
-            // We use $userData->email as uid as it is set to username@domain
-            if ($this->isUsernameTaken($userData->username)) {
+            // We check if account with uid set to email or username exists
+            if ($this->isUsernameTaken($userData->email) || $this->isUsernameTaken($userData->username)) {
                 return new \ValidatedData($id, "error_account_taken");
             }
         } catch (\Error $_) {
-- 
GitLab


From 4a2a0879e33315866a0f22f5134b3150fc67a72e Mon Sep 17 00:00:00 2001
From: Akhil <akhil.potukuchi@gmail.com>
Date: Wed, 18 May 2022 00:09:32 +0530
Subject: [PATCH 13/26] Consume v2 api

---
 htdocs/accounts/base_ecloud_account_creator.php | 14 +++++++-------
 htdocs/accounts/ecloud_account_creator.php      | 14 --------------
 htdocs/accounts/ldap_account_creator.php        |  2 +-
 3 files changed, 8 insertions(+), 22 deletions(-)

diff --git a/htdocs/accounts/base_ecloud_account_creator.php b/htdocs/accounts/base_ecloud_account_creator.php
index ec72211..71922a1 100644
--- a/htdocs/accounts/base_ecloud_account_creator.php
+++ b/htdocs/accounts/base_ecloud_account_creator.php
@@ -33,12 +33,12 @@ class BaseEcloudAccountCreator
         return new \ValidatedData($id, null);
     }
 
-    protected function postCreationActions(string $email, string $username, string $authmail, string $quota)
+    protected function postCreationActions(string $email, string $username, string $authmail, string $quota, string $apiVersion = '')
     {
         try {
             $hmeAlias = '';
-            $hmeAlias = $this->createHMEAlias($username);
-            $this->createNewDomainAlias($username, $email);
+            $hmeAlias = $this->createHMEAlias($username, $apiVersion);
+            $this->createNewDomainAlias($username, $email, $apiVersion);
         } catch (Error $e) {
             error_log('Error during alias creation for user: ' . $username . ' with email: ' . $email . ' : ' . $e->getMessage());
         }
@@ -46,13 +46,13 @@ class BaseEcloudAccountCreator
         return $answer;
     }
 
-    private function createHMEAlias(string $resultmail) : string
+    private function createHMEAlias(string $resultmail, string $apiVersion) : string
     {
         $token = getenv('COMMON_SERVICES_TOKEN');
         $url = getenv('COMMON_SERVICES_URL');
         $domain = getenv('ALIAS_DOMAIN');
         
-        $endpoint = '/aliases/hide-my-email/';
+        $endpoint = $apiVersion . '/aliases/hide-my-email/';
         $url .= $endpoint . $resultmail;
         $data = array(
             "token" => $token,
@@ -69,13 +69,13 @@ class BaseEcloudAccountCreator
         return $alias;
     }
 
-    private function createNewDomainAlias(string $username, string $resultmail)
+    private function createNewDomainAlias(string $username, string $resultmail, string $apiVersion)
     {
         $token = getenv('COMMON_SERVICES_TOKEN');
         $url = getenv('COMMON_SERVICES_URL');
         $domain = getenv('ALIAS_DOMAIN');
 
-        $endpoint = '/aliases/';
+        $endpoint = $apiVersion . '/aliases/';
         $url .= $endpoint . $resultmail;
 
         $data = array(
diff --git a/htdocs/accounts/ecloud_account_creator.php b/htdocs/accounts/ecloud_account_creator.php
index bd6e1c6..c853eef 100644
--- a/htdocs/accounts/ecloud_account_creator.php
+++ b/htdocs/accounts/ecloud_account_creator.php
@@ -15,20 +15,6 @@ class ECloudAccountCreator extends BaseEcloudAccountCreator implements AccountCr
         parent::__construct($ecloudUrl);
     }
 
-    public function validateData(object $userData): ValidatedData
-    {
-        $id = "e_cloud_account_data";
-        try {
-            // We use $userData->email as uid as it is set to username@domain
-            if ($this->isUsernameTaken($userData->email)) {
-                return new \ValidatedData($id, "error_account_taken");
-            }
-        } catch (\Error $_) {
-            return new \ValidatedData($id, "error_server_side");
-        }
-        return new \ValidatedData($id, null);
-    }
-
     private function createMailAccount($resultmail, $username, $pw, $pw2, $name, $quota, $authmail, ?string $referrerCode = null)
     {
         global $strings;
diff --git a/htdocs/accounts/ldap_account_creator.php b/htdocs/accounts/ldap_account_creator.php
index 9328859..cfeab0f 100644
--- a/htdocs/accounts/ldap_account_creator.php
+++ b/htdocs/accounts/ldap_account_creator.php
@@ -63,7 +63,7 @@ class LDAPAccountCreator extends BaseEcloudAccountCreator implements AccountCrea
             $answer->type = 'error_creating_account';
             return $answer;
         }
-        $answer = $this->postCreationActions($email, $username, $authmail, $quota);
+        $answer = $this->postCreationActions($email, $username, $authmail, $quota, 'v2');
         return $answer;
     }
 
-- 
GitLab


From f95cb95b0f60b252b7c285e421e6a4231202f3b7 Mon Sep 17 00:00:00 2001
From: Akhil <akhil.potukuchi@gmail.com>
Date: Wed, 18 May 2022 00:14:45 +0530
Subject: [PATCH 14/26] Use object class definition from User model

---
 htdocs/accounts/ldap_account_creator.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/accounts/ldap_account_creator.php b/htdocs/accounts/ldap_account_creator.php
index cfeab0f..ff133cf 100644
--- a/htdocs/accounts/ldap_account_creator.php
+++ b/htdocs/accounts/ldap_account_creator.php
@@ -52,7 +52,7 @@ class LDAPAccountCreator extends BaseEcloudAccountCreator implements AccountCrea
                 'recoveryMailAddress' => $authmail,
                 'active'=> 'TRUE',
                 'mailActive' => 'TRUE',
-                'objectClass' => ['murenaUser', 'simpleSecurityObject']
+                'objectClass' => User::$objectClasses
             ];
             $userEntry = new User($user);
             $userEntry->setDn($userDn);
-- 
GitLab


From a3f851e95831ee0306b20ef47d28a606672b52ee Mon Sep 17 00:00:00 2001
From: Akhil <akhil.potukuchi@gmail.com>
Date: Wed, 18 May 2022 12:34:00 +0530
Subject: [PATCH 15/26] Rename apiVersion variable

---
 htdocs/accounts/base_ecloud_account_creator.php | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/htdocs/accounts/base_ecloud_account_creator.php b/htdocs/accounts/base_ecloud_account_creator.php
index 71922a1..e54ea8b 100644
--- a/htdocs/accounts/base_ecloud_account_creator.php
+++ b/htdocs/accounts/base_ecloud_account_creator.php
@@ -33,12 +33,12 @@ class BaseEcloudAccountCreator
         return new \ValidatedData($id, null);
     }
 
-    protected function postCreationActions(string $email, string $username, string $authmail, string $quota, string $apiVersion = '')
+    protected function postCreationActions(string $email, string $username, string $authmail, string $quota, string $commonApiVersion = '')
     {
         try {
             $hmeAlias = '';
-            $hmeAlias = $this->createHMEAlias($username, $apiVersion);
-            $this->createNewDomainAlias($username, $email, $apiVersion);
+            $hmeAlias = $this->createHMEAlias($username, $commonApiVersion);
+            $this->createNewDomainAlias($username, $email, $commonApiVersion);
         } catch (Error $e) {
             error_log('Error during alias creation for user: ' . $username . ' with email: ' . $email . ' : ' . $e->getMessage());
         }
@@ -46,13 +46,13 @@ class BaseEcloudAccountCreator
         return $answer;
     }
 
-    private function createHMEAlias(string $resultmail, string $apiVersion) : string
+    private function createHMEAlias(string $resultmail, string $commonApiVersion) : string
     {
         $token = getenv('COMMON_SERVICES_TOKEN');
         $url = getenv('COMMON_SERVICES_URL');
         $domain = getenv('ALIAS_DOMAIN');
         
-        $endpoint = $apiVersion . '/aliases/hide-my-email/';
+        $endpoint = $commonApiVersion . '/aliases/hide-my-email/';
         $url .= $endpoint . $resultmail;
         $data = array(
             "token" => $token,
@@ -69,13 +69,13 @@ class BaseEcloudAccountCreator
         return $alias;
     }
 
-    private function createNewDomainAlias(string $username, string $resultmail, string $apiVersion)
+    private function createNewDomainAlias(string $username, string $resultmail, string $commonApiVersion)
     {
         $token = getenv('COMMON_SERVICES_TOKEN');
         $url = getenv('COMMON_SERVICES_URL');
         $domain = getenv('ALIAS_DOMAIN');
 
-        $endpoint = $apiVersion . '/aliases/';
+        $endpoint = $commonApiVersion . '/aliases/';
         $url .= $endpoint . $resultmail;
 
         $data = array(
-- 
GitLab


From c6b17157e4b6ecf123ee793ff408fc987270a273 Mon Sep 17 00:00:00 2001
From: Akhil <akhil.potukuchi@gmail.com>
Date: Wed, 18 May 2022 14:01:11 +0530
Subject: [PATCH 16/26] Use common api url before calls to create new aliases

---
 htdocs/accounts/base_ecloud_account_creator.php | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/htdocs/accounts/base_ecloud_account_creator.php b/htdocs/accounts/base_ecloud_account_creator.php
index e54ea8b..5f14654 100644
--- a/htdocs/accounts/base_ecloud_account_creator.php
+++ b/htdocs/accounts/base_ecloud_account_creator.php
@@ -37,8 +37,10 @@ class BaseEcloudAccountCreator
     {
         try {
             $hmeAlias = '';
-            $hmeAlias = $this->createHMEAlias($username, $commonApiVersion);
-            $this->createNewDomainAlias($username, $email, $commonApiVersion);
+            $commonApiUrl = getenv('COMMON_SERVICES_URL');
+            $commonApiUrl = endsWith($commonApiUrl, '/') ? $commonApiUrl : $commonApiUrl . '/';
+            $hmeAlias = $this->createHMEAlias($username, $commonApiUrl, $commonApiVersion);
+            $this->createNewDomainAlias($username, $email, $commonApiUrl, $commonApiVersion);
         } catch (Error $e) {
             error_log('Error during alias creation for user: ' . $username . ' with email: ' . $email . ' : ' . $e->getMessage());
         }
@@ -46,14 +48,13 @@ class BaseEcloudAccountCreator
         return $answer;
     }
 
-    private function createHMEAlias(string $resultmail, string $commonApiVersion) : string
+    private function createHMEAlias(string $resultmail, string $commonApiUrl, string $commonApiVersion) : string
     {
         $token = getenv('COMMON_SERVICES_TOKEN');
-        $url = getenv('COMMON_SERVICES_URL');
         $domain = getenv('ALIAS_DOMAIN');
         
         $endpoint = $commonApiVersion . '/aliases/hide-my-email/';
-        $url .= $endpoint . $resultmail;
+        $url = $commonApiUrl . $endpoint . $resultmail;
         $data = array(
             "token" => $token,
             "domain" => $domain
@@ -69,14 +70,13 @@ class BaseEcloudAccountCreator
         return $alias;
     }
 
-    private function createNewDomainAlias(string $username, string $resultmail, string $commonApiVersion)
+    private function createNewDomainAlias(string $username, string $resultmail, string $commonApiUrl, string $commonApiVersion)
     {
         $token = getenv('COMMON_SERVICES_TOKEN');
-        $url = getenv('COMMON_SERVICES_URL');
         $domain = getenv('ALIAS_DOMAIN');
 
         $endpoint = $commonApiVersion . '/aliases/';
-        $url .= $endpoint . $resultmail;
+        $url = $commonApiUrl . $endpoint . $resultmail;
 
         $data = array(
             "token" => $token,
-- 
GitLab


From 8b9ffd626fa512163da6f9802a0b9de7b0698cb5 Mon Sep 17 00:00:00 2001
From: Akhil <akhil.potukuchi@gmail.com>
Date: Wed, 18 May 2022 14:04:11 +0530
Subject: [PATCH 17/26] Update readme md

---
 README.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/README.md b/README.md
index 1b6647d..0d063fa 100644
--- a/README.md
+++ b/README.md
@@ -71,6 +71,10 @@ flowchart TD
     B --> |4. Create entry for user's email, code and ecloud username| E[(auth.file.done)]
     B --> |5. Send user welcome email| A
 ```
+# To use with LDAP backend
+
+- Add the following environment variables to use welcome with LDAP backend
+    - `LDAP_HOSTS`, `LDAP_PORT`, `LDAP_ADMIN_DN`, `LDAP_ADMIN_PASSWORD`, `LDAP_USERS_BASE_DN`
 
 # SendGrid integration
 To be able to use [SendGrid](https://sendgrid.com/) as the email sender, you need to set the following ENV variables:
-- 
GitLab


From 5c8dcd2f94ecdd09133ae58c36473651f79ca2a6 Mon Sep 17 00:00:00 2001
From: Akhil <akhil.potukuchi@gmail.com>
Date: Wed, 18 May 2022 14:05:42 +0530
Subject: [PATCH 18/26] Correct docs

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 0d063fa..c7b6a47 100644
--- a/README.md
+++ b/README.md
@@ -74,7 +74,7 @@ flowchart TD
 # To use with LDAP backend
 
 - Add the following environment variables to use welcome with LDAP backend
-    - `LDAP_HOSTS`, `LDAP_PORT`, `LDAP_ADMIN_DN`, `LDAP_ADMIN_PASSWORD`, `LDAP_USERS_BASE_DN`
+    - `LDAP_HOSTS`, `LDAP_PORT`, `LDAP_ADMIN_DN`, `LDAP_ADMIN_PASSWORD`, `LDAP_USERS_BASE_DN`, `LDAP_BACKEND_ENABLED`
 
 # SendGrid integration
 To be able to use [SendGrid](https://sendgrid.com/) as the email sender, you need to set the following ENV variables:
-- 
GitLab


From 2458f1963b7305c30c9172bc0438c4e34c1448a6 Mon Sep 17 00:00:00 2001
From: Akhil <akhil.potukuchi@gmail.com>
Date: Thu, 19 May 2022 21:20:24 +0530
Subject: [PATCH 19/26] Fix postDelete.php

---
 htdocs/postDelete.php | 45 ++++---------------------------------------
 1 file changed, 4 insertions(+), 41 deletions(-)

diff --git a/htdocs/postDelete.php b/htdocs/postDelete.php
index e4db385..6a84c7c 100644
--- a/htdocs/postDelete.php
+++ b/htdocs/postDelete.php
@@ -94,7 +94,7 @@ function purgeAccountFiles()
  * - delete account's maildir as mail  volume is now bind mounted to PFA container too
  *
  */
-function deleteMailAccount()
+function deleteMailFolders()
 {
     $PF_HOSTNAME = "postfixadmin";
     $PF_USER = "pfexec";
@@ -103,7 +103,7 @@ function deleteMailAccount()
     // Dir where /mnt/repo-base/volumes/mail/ is bind mounted on postfixadmin container
     $baseDir = "/var/mail/vhosts/";
 
-    global $user2delete, $userOnly, $domain;
+    global $userOnly, $domain;
 
     if (!empty($domain) && !empty($userOnly)) {
         $ssh = new SSH2($PF_HOSTNAME);
@@ -111,54 +111,17 @@ function deleteMailAccount()
             exit('Login Failed');
         }
 
-        $ssh->exec('/postfixadmin/scripts/postfixadmin-cli mailbox delete ' . escapeshellarg($user2delete));
-
         $ssh->exec('sudo /usr/local/bin/postfixadmin-mailbox-postdeletion.sh ' . escapeshellarg($userOnly) . ' ' . escapeshellarg($domain));
-
-        $aliases2delete = getUserAliases();
-        foreach ($aliases2delete as $alias) {
-            $feedback = explode('\n', $ssh->exec('/postfixadmin/scripts/postfixadmin-cli alias delete ' . escapeshellarg($alias)));
-            $isDeleted = preg_grep('/deleted/', $feedback);
-            if (!$isDeleted) {
-                error_log('Error deleting alias '. $alias . ' for user ' . $user2delete);
-            }
-        }
-        // verify it's done
-        $delDbConfirm = $ssh->exec('/postfixadmin/scripts/postfixadmin-cli mailbox view ' . escapeshellarg($user2delete) . ' 2>&1 |grep "not valid"');
-
         // build path to check deletion
         $fullPath = $baseDir . $domain . "/" . $userOnly;
         $delDirConfirm = $ssh->exec('[ ! -d ' . escapeshellarg($fullPath) . ' ] && echo "DELETED"');
 
-        if (($delDbConfirm === "Error: The EMAIL is not valid!") && ($delDirConfirm === "DELETED")) {
-            return true;
-        } else {
-            return false;
-        } // one of the deletion did not go well!
+        return $delDirConfirm === "DELETED";
     } else {
         return null;
     } // $domain OR $userOnly empty, do nothing!!
 }
 
-function getUserAliases()
-{
-    global $user2delete;
-
-    $dbUser = getenv('PFDB_USR');
-    $password = getenv('PFDB_PW');
-    $db = getenv('PFDB_DB');
-    $host = getenv("PFDB_HOST");
-
-    $mysqli = new mysqli($host, $dbUser, $password, $db);
-    $stmt = $mysqli->prepare('SELECT address FROM alias where goto= ?');
-    $stmt->bind_param('s', $user2delete);
-    $stmt->execute();
-
-    $result = $stmt->get_result();
-    $aliases = $result->fetch_all(MYSQLI_ASSOC);
-    $aliases = array_map(fn ($entry) => $entry['address'], $aliases);
-    return $aliases;
-}
 
 if (sha1($_POST['sec']) !== getenv("WELCOME_SECRET_SHA")) {
     http_response_code(403);
@@ -170,7 +133,7 @@ if (sha1($_POST['sec']) !== getenv("WELCOME_SECRET_SHA")) {
     $domain = $exploded[1];
 
     // STEP 1 : remove $user2delete from postfix database AND remove its mail folder
-    $mailDeletionReturn = deleteMailAccount();
+    $mailDeletionReturn = deleteMailFolders();
     if ($mailDeletionReturn == true) {
         /**
          * mail DB account AND mailbox dir successfully deleted
-- 
GitLab


From ae1125a99de3f06ce91409548fc9d6399ea7538f Mon Sep 17 00:00:00 2001
From: Akhil <akhil.potukuchi@gmail.com>
Date: Thu, 19 May 2022 21:27:08 +0530
Subject: [PATCH 20/26] Add postDeleteLDAP.php

---
 htdocs/postDelete.php     |  45 +++++++++++-
 htdocs/postDeleteLDAP.php | 150 ++++++++++++++++++++++++++++++++++++++
 2 files changed, 191 insertions(+), 4 deletions(-)
 create mode 100644 htdocs/postDeleteLDAP.php

diff --git a/htdocs/postDelete.php b/htdocs/postDelete.php
index 6a84c7c..e4db385 100644
--- a/htdocs/postDelete.php
+++ b/htdocs/postDelete.php
@@ -94,7 +94,7 @@ function purgeAccountFiles()
  * - delete account's maildir as mail  volume is now bind mounted to PFA container too
  *
  */
-function deleteMailFolders()
+function deleteMailAccount()
 {
     $PF_HOSTNAME = "postfixadmin";
     $PF_USER = "pfexec";
@@ -103,7 +103,7 @@ function deleteMailFolders()
     // Dir where /mnt/repo-base/volumes/mail/ is bind mounted on postfixadmin container
     $baseDir = "/var/mail/vhosts/";
 
-    global $userOnly, $domain;
+    global $user2delete, $userOnly, $domain;
 
     if (!empty($domain) && !empty($userOnly)) {
         $ssh = new SSH2($PF_HOSTNAME);
@@ -111,17 +111,54 @@ function deleteMailFolders()
             exit('Login Failed');
         }
 
+        $ssh->exec('/postfixadmin/scripts/postfixadmin-cli mailbox delete ' . escapeshellarg($user2delete));
+
         $ssh->exec('sudo /usr/local/bin/postfixadmin-mailbox-postdeletion.sh ' . escapeshellarg($userOnly) . ' ' . escapeshellarg($domain));
+
+        $aliases2delete = getUserAliases();
+        foreach ($aliases2delete as $alias) {
+            $feedback = explode('\n', $ssh->exec('/postfixadmin/scripts/postfixadmin-cli alias delete ' . escapeshellarg($alias)));
+            $isDeleted = preg_grep('/deleted/', $feedback);
+            if (!$isDeleted) {
+                error_log('Error deleting alias '. $alias . ' for user ' . $user2delete);
+            }
+        }
+        // verify it's done
+        $delDbConfirm = $ssh->exec('/postfixadmin/scripts/postfixadmin-cli mailbox view ' . escapeshellarg($user2delete) . ' 2>&1 |grep "not valid"');
+
         // build path to check deletion
         $fullPath = $baseDir . $domain . "/" . $userOnly;
         $delDirConfirm = $ssh->exec('[ ! -d ' . escapeshellarg($fullPath) . ' ] && echo "DELETED"');
 
-        return $delDirConfirm === "DELETED";
+        if (($delDbConfirm === "Error: The EMAIL is not valid!") && ($delDirConfirm === "DELETED")) {
+            return true;
+        } else {
+            return false;
+        } // one of the deletion did not go well!
     } else {
         return null;
     } // $domain OR $userOnly empty, do nothing!!
 }
 
+function getUserAliases()
+{
+    global $user2delete;
+
+    $dbUser = getenv('PFDB_USR');
+    $password = getenv('PFDB_PW');
+    $db = getenv('PFDB_DB');
+    $host = getenv("PFDB_HOST");
+
+    $mysqli = new mysqli($host, $dbUser, $password, $db);
+    $stmt = $mysqli->prepare('SELECT address FROM alias where goto= ?');
+    $stmt->bind_param('s', $user2delete);
+    $stmt->execute();
+
+    $result = $stmt->get_result();
+    $aliases = $result->fetch_all(MYSQLI_ASSOC);
+    $aliases = array_map(fn ($entry) => $entry['address'], $aliases);
+    return $aliases;
+}
 
 if (sha1($_POST['sec']) !== getenv("WELCOME_SECRET_SHA")) {
     http_response_code(403);
@@ -133,7 +170,7 @@ if (sha1($_POST['sec']) !== getenv("WELCOME_SECRET_SHA")) {
     $domain = $exploded[1];
 
     // STEP 1 : remove $user2delete from postfix database AND remove its mail folder
-    $mailDeletionReturn = deleteMailFolders();
+    $mailDeletionReturn = deleteMailAccount();
     if ($mailDeletionReturn == true) {
         /**
          * mail DB account AND mailbox dir successfully deleted
diff --git a/htdocs/postDeleteLDAP.php b/htdocs/postDeleteLDAP.php
new file mode 100644
index 0000000..6a84c7c
--- /dev/null
+++ b/htdocs/postDeleteLDAP.php
@@ -0,0 +1,150 @@
+<?php
+
+require '/var/www/html/vendor/autoload.php';
+
+use phpseclib3\Net\SSH2;
+
+/**
+ * function to purge system files on NC account deletion
+ * for users to be able to re-register after account deletion
+ * with same origin email
+ *
+ */
+function purgeAccountFiles()
+{
+
+    // system files maintaining registration informations.
+    $AUTH_FILE_DONE = "/var/accounts/auth.file.done";
+    $AUTH_FILE = "/var/accounts/auth.file";
+
+    /**
+     * for $AUTH_FILE_DONE, line pattern is :
+     * MAIL_USED_FOR_REGISTRATION:SECRET:$userOnly
+     *
+     * remove UNIQUE line on this file based on $userOnly
+     *
+     * create regex pattern to prevent false positives :
+     * $userOnly is 'john'
+     * we don't want to find lines with john_doe, bigjohn, johnny,...
+     *
+     */
+    global $userOnly;
+    $regex = "/:" . preg_quote($userOnly) . "$/i";
+
+    $lockedFileDone = fopen($AUTH_FILE_DONE, "c", LOCK_EX);
+    // c mode to open the file in write mode WITH EXCLUSIVE LOCK, but DO NOT truncate it
+
+    // find and delete the line
+    $lines = file($AUTH_FILE_DONE, FILE_IGNORE_NEW_LINES);
+    foreach ($lines as $key => $line) {
+        if (preg_match($regex, $line) == 1) {
+            // temporarely save the line for later use on the file below
+            $tmpLine = $line;
+
+            unset($lines[$key]);
+        }
+    }
+    if ($tmpLine) {
+        //Unique line was found, save $AUTH_FILE_DONE with exclusive lock on the file
+        $lines[] = "";
+        $data = implode(PHP_EOL, $lines);
+        ftruncate($lockedFileDone, 0);
+        fwrite($lockedFileDone, $data);
+        fclose($lockedFileDone);
+
+        /**
+         * for $AUTH_FILE, line pattern is :
+         * MAIL_USED_FOR_REGISTRATION:SECRET
+         *
+         * remove ALL lines on this file based on MAIL_USED_FOR_REGISTRATION
+         *
+         * get MAIL_USED_FOR_REGISTRATION from $tmpLine stored earlier
+         * create regex pattern to prevent false positives :only lines STARTING with $mail
+         */
+        $mail = strtok($tmpLine, ":");
+        $regex = "/^" . preg_quote($mail) . ":/";
+
+        $lockedFile = fopen($AUTH_FILE, "c", LOCK_EX);
+        // c mode to open the file in write mode WITH EXCLUSIVE LOCK, but DO NOT truncate it
+
+        // find and delete all the line containing this MAIL_USED_FOR_REGISTRATION
+        $lines = file($AUTH_FILE, FILE_IGNORE_NEW_LINES);
+        foreach ($lines as $key => $line) {
+            if (preg_match($regex, $line) == 1) {
+                unset($lines[$key]);
+            }
+        }
+        $lines[] = "";
+        $data = implode(PHP_EOL, $lines);
+        //save $AUTH_FILE with exclusive lock on the file
+        ftruncate($lockedFile, 0);
+        fwrite($lockedFile, $data);
+        fclose($lockedFile);
+
+        // return MAIL_USED_FOR_REGISTRATION
+        return $mail;
+    } else {
+        return null;
+    } //NO line was found for this user
+}
+
+/**
+ * function to  :
+ * - connect to postfixadmin container to delete user account, using postfixadmin-cli
+ * - delete account's maildir as mail  volume is now bind mounted to PFA container too
+ *
+ */
+function deleteMailFolders()
+{
+    $PF_HOSTNAME = "postfixadmin";
+    $PF_USER = "pfexec";
+    $PF_PWD = getenv("POSTFIXADMIN_SSH_PASSWORD");
+
+    // Dir where /mnt/repo-base/volumes/mail/ is bind mounted on postfixadmin container
+    $baseDir = "/var/mail/vhosts/";
+
+    global $userOnly, $domain;
+
+    if (!empty($domain) && !empty($userOnly)) {
+        $ssh = new SSH2($PF_HOSTNAME);
+        if (!$ssh->login($PF_USER, $PF_PWD)) {
+            exit('Login Failed');
+        }
+
+        $ssh->exec('sudo /usr/local/bin/postfixadmin-mailbox-postdeletion.sh ' . escapeshellarg($userOnly) . ' ' . escapeshellarg($domain));
+        // build path to check deletion
+        $fullPath = $baseDir . $domain . "/" . $userOnly;
+        $delDirConfirm = $ssh->exec('[ ! -d ' . escapeshellarg($fullPath) . ' ] && echo "DELETED"');
+
+        return $delDirConfirm === "DELETED";
+    } else {
+        return null;
+    } // $domain OR $userOnly empty, do nothing!!
+}
+
+
+if (sha1($_POST['sec']) !== getenv("WELCOME_SECRET_SHA")) {
+    http_response_code(403);
+    exit();
+} else {
+    $user2delete = $_POST['uid'];
+    $exploded = explode("@", $user2delete);
+    $userOnly = $exploded[0];
+    $domain = $exploded[1];
+
+    // STEP 1 : remove $user2delete from postfix database AND remove its mail folder
+    $mailDeletionReturn = deleteMailFolders();
+    if ($mailDeletionReturn == true) {
+        /**
+         * mail DB account AND mailbox dir successfully deleted
+         * NO user data remaining on the server
+         * TODO :
+         * - fire mail for user to confirm deletion of his account is complete
+         * - handle onlyoffice part
+         *
+         */
+    }
+    // STEP 2 : Purge system files AUTH_FILE & AUTH_FILE_DONE
+    $registrationMail = purgeAccountFiles();
+    return ($registrationMail !== null);
+}
-- 
GitLab


From 3d15753902a9a05922dbbb12de4a3fcd29ee440e Mon Sep 17 00:00:00 2001
From: Akhil <akhil.potukuchi@gmail.com>
Date: Thu, 19 May 2022 23:48:52 +0530
Subject: [PATCH 21/26] Update postDeleteLDAP.php

---
 htdocs/postDeleteLDAP.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/htdocs/postDeleteLDAP.php b/htdocs/postDeleteLDAP.php
index 6a84c7c..3d6ee53 100644
--- a/htdocs/postDeleteLDAP.php
+++ b/htdocs/postDeleteLDAP.php
@@ -96,7 +96,7 @@ function purgeAccountFiles()
  */
 function deleteMailFolders()
 {
-    $PF_HOSTNAME = "postfixadmin";
+    $PF_HOSTNAME = "common_microservices";
     $PF_USER = "pfexec";
     $PF_PWD = getenv("POSTFIXADMIN_SSH_PASSWORD");
 
@@ -111,7 +111,7 @@ function deleteMailFolders()
             exit('Login Failed');
         }
 
-        $ssh->exec('sudo /usr/local/bin/postfixadmin-mailbox-postdeletion.sh ' . escapeshellarg($userOnly) . ' ' . escapeshellarg($domain));
+        $ssh->exec('sudo /usr/local/bin/mailbox-postdeletion.sh ' . escapeshellarg($userOnly) . ' ' . escapeshellarg($domain));
         // build path to check deletion
         $fullPath = $baseDir . $domain . "/" . $userOnly;
         $delDirConfirm = $ssh->exec('[ ! -d ' . escapeshellarg($fullPath) . ' ] && echo "DELETED"');
-- 
GitLab


From f3e0177617304f5bae610c594a85a6aec131fdd7 Mon Sep 17 00:00:00 2001
From: Akhil <akhil.potukuchi@gmail.com>
Date: Fri, 20 May 2022 14:28:00 +0530
Subject: [PATCH 22/26] Create a new alias same as username on creation

---
 .../accounts/base_ecloud_account_creator.php  | 28 ++++++++---
 htdocs/accounts/ecloud_account_creator.php    | 13 +----
 htdocs/accounts/ldap/alias.php                |  9 ++++
 htdocs/accounts/ldap_account_creator.php      | 47 ++++++++++++-------
 4 files changed, 64 insertions(+), 33 deletions(-)
 create mode 100644 htdocs/accounts/ldap/alias.php

diff --git a/htdocs/accounts/base_ecloud_account_creator.php b/htdocs/accounts/base_ecloud_account_creator.php
index 5f14654..543b2dd 100644
--- a/htdocs/accounts/base_ecloud_account_creator.php
+++ b/htdocs/accounts/base_ecloud_account_creator.php
@@ -3,11 +3,12 @@ require 'vendor/autoload.php';
 require_once('language.php');
 require_once('helpers.php');
 
-class BaseEcloudAccountCreator
+class BaseEcloudAccountCreator implements AccountCreator
 {
     private string $ecloudUrl;
     private string $ecloudAccountsApiUrl;
-    protected int $quotaInMB = 1024;
+    protected int $quota = 1024;
+    protected bool $usernameIsEmail = true;
 
     public function __construct(string $ecloudUrl)
     {
@@ -15,7 +16,17 @@ class BaseEcloudAccountCreator
         $this->ecloudAccountsApiUrl = $this->ecloudUrl . 'apps/ecloud-accounts/api/';
         $quota = getenv('CLOUD_QUOTA_IN_MB');
         if ($quota !== false) {
-            $this->quotaInMB = intval($quota);
+            $this->quota = intval($quota);
+        }
+    }
+
+    public function tryToCreate(object $userData)
+    {
+        global $strings;
+        $pw = $userData->password;
+        $answer = $this->createAccount($userData->email, $userData->username, $pw, $pw, $userData->name, $this->quota, $userData->authmail, $userData->referrerCode);
+        if ($answer->success === false) {
+            sendAPIResponse(400, createAPIResponse("general", $strings[$answer->type]));
         }
     }
 
@@ -99,14 +110,15 @@ class BaseEcloudAccountCreator
         curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
         curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
 
-        $data = array(
-            "uid" => $username,
+        $data = [
             "token" => $token,
             "email" => $email,
             "quota" => $quota,
             "recoveryEmail" => $recoveryEmail,
             "hmeAlias" => $hmeAlias
-        );
+        ];
+        $data['uid'] = $this->usernameIsEmail ? $email : $username;
+        
         curl_setopt($ch, CURLOPT_URL, $this->ecloudAccountsApiUrl . 'set_account_data');
         curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data));
         $output = curl_exec($ch);
@@ -164,4 +176,8 @@ class BaseEcloudAccountCreator
 
         return $output;
     }
+
+    private function createAccount( string $resultmail, string $username, string $pw, string $pw2, string $name, $quota, string $authmail, ?string $referrerCode = null)
+    {
+    }
 }
diff --git a/htdocs/accounts/ecloud_account_creator.php b/htdocs/accounts/ecloud_account_creator.php
index c853eef..3d10449 100644
--- a/htdocs/accounts/ecloud_account_creator.php
+++ b/htdocs/accounts/ecloud_account_creator.php
@@ -8,14 +8,14 @@ require_once('accounts/base_ecloud_account_creator.php');
 
 use phpseclib3\Net\SSH2;
 
-class ECloudAccountCreator extends BaseEcloudAccountCreator implements AccountCreator
+class ECloudAccountCreator extends BaseEcloudAccountCreator
 {
     public function __construct(string $ecloudUrl)
     {
         parent::__construct($ecloudUrl);
     }
 
-    private function createMailAccount($resultmail, $username, $pw, $pw2, $name, $quota, $authmail, ?string $referrerCode = null)
+    private function createAccount(string $resultmail, string $username, string $pw, string $pw2, string $name, int $quota, string $authmail, ?string $referrerCode = null)
     {
         global $strings;
         $PF_HOSTNAME = "postfixadmin";
@@ -44,13 +44,4 @@ class ECloudAccountCreator extends BaseEcloudAccountCreator implements AccountCr
         }
     }
 
-    public function tryToCreate(object $userData)
-    {
-        global $strings;
-        $pw = $userData->password;
-        $answer = $this->createMailAccount($userData->email, $userData->username, $pw, $pw, $userData->name, $this->quotaInMB, $userData->authmail, $userData->referrerCode);
-        if ($answer->success === false) {
-            sendAPIResponse(400, createAPIResponse("general", $strings[$answer->type]));
-        }
-    }
 }
diff --git a/htdocs/accounts/ldap/alias.php b/htdocs/accounts/ldap/alias.php
new file mode 100644
index 0000000..739de99
--- /dev/null
+++ b/htdocs/accounts/ldap/alias.php
@@ -0,0 +1,9 @@
+<?php 
+
+use LdapRecord\Models\Model;
+
+class Alias extends Model {
+    public static $objectClasses = [
+        'murenaAlias',
+    ];
+};         
\ No newline at end of file
diff --git a/htdocs/accounts/ldap_account_creator.php b/htdocs/accounts/ldap_account_creator.php
index ff133cf..70723d2 100644
--- a/htdocs/accounts/ldap_account_creator.php
+++ b/htdocs/accounts/ldap_account_creator.php
@@ -3,13 +3,14 @@ require 'vendor/autoload.php';
 require_once('accounts/account_creator.php');
 require_once('accounts/base_ecloud_account_creator.php');
 require_once('accounts/ldap/user.php');
+require_once('accounts/ldap/alias.php');
 require_once('language.php');
 require_once('helpers.php');
 
 use LdapRecord\Connection;
 use LdapRecord\Container;
 
-class LDAPAccountCreator extends BaseEcloudAccountCreator implements AccountCreator
+class LDAPAccountCreator extends BaseEcloudAccountCreator
 {
     private Connection $conn;
 
@@ -17,28 +18,22 @@ class LDAPAccountCreator extends BaseEcloudAccountCreator implements AccountCrea
 
     public function __construct(string $ecloudUrl)
     {
-        $this->connectToLDAPServer();
-        $quota = getenv('CLOUD_QUOTA_IN_BYTES');
-        if ($quota !== false) {
-            $this->quotaInBytes = intval($quota);
-        }
         parent::__construct($ecloudUrl);
-    }
-
-    public function tryToCreate(object $userData)
-    {
-        global $strings;
-        $pw = $userData->password;
-        $answer = $this->createAccount($userData->email, $userData->username, $pw, $userData->name, $this->quotaInBytes, $userData->authmail, $userData->referrerCode);
-        if ($answer->success === false) {
-            sendAPIResponse(400, createAPIResponse("general", $strings[$answer->type]));
+        $quota = getenv('CLOUD_QUOTA_IN_BYTES');
+        if (!$quota) {
+            $this->quota = $this->quotaInBytes;
+        } else {
+            $this->quota = intval($quota);
         }
+        $this->usernameIsEmail = false;
+        $this->connectToLDAPServer();
     }
 
-    private function createAccount(string $email, string $username, string $password, string $name, int $quota, $authmail, ?string $referrerCode = null)
+    private function createAccount(string $email, string $username, string $password, string $pw2, string $name, int $quota, string $authmail, ?string $referrerCode = null)
     {
         $baseDn =  getenv('LDAP_USERS_BASE_DN');
         $userDn = "username=$username," . $baseDn;
+        $userClusterID = getenv('CLUSTER_ID');
         $answer = new \stdClass();
         try {
             $user =[
@@ -52,6 +47,7 @@ class LDAPAccountCreator extends BaseEcloudAccountCreator implements AccountCrea
                 'recoveryMailAddress' => $authmail,
                 'active'=> 'TRUE',
                 'mailActive' => 'TRUE',
+                'userClusterID' => $userClusterID,
                 'objectClass' => User::$objectClasses
             ];
             $userEntry = new User($user);
@@ -63,10 +59,29 @@ class LDAPAccountCreator extends BaseEcloudAccountCreator implements AccountCrea
             $answer->type = 'error_creating_account';
             return $answer;
         }
+        $this->createUserEmailAlias($email);
         $answer = $this->postCreationActions($email, $username, $authmail, $quota, 'v2');
         return $answer;
     }
 
+    private function createUserEmailAlias($email)
+    {
+        try {
+            $baseDn = getenv('LDAP_ALIASES_BASE_DN');
+            $aliasDn = "alias=$email," . $baseDn;
+            $alias = [
+            'alias' => $email,
+            'mailAddress' => $email,
+            'active' => 'TRUE',
+            'objectClasses' => Alias::$objectClasses,
+        ];
+            $aliasEntry = new Alias($alias);
+            $aliasEntry->setDn($aliasDn);
+            $aliasEntry->save();
+        } catch (Exception $e) {
+            error_log('Error creating user email alias for email: ' . $email);
+        }
+    }
 
     private function getLDAPConfig() : array
     {
-- 
GitLab


From 2f2eeb4e44d90a8f5c6d96891cb57808df3295ae Mon Sep 17 00:00:00 2001
From: Akhil <akhil.potukuchi@gmail.com>
Date: Fri, 20 May 2022 14:37:48 +0530
Subject: [PATCH 23/26] Make createAccount protected

---
 htdocs/accounts/base_ecloud_account_creator.php | 2 +-
 htdocs/accounts/ecloud_account_creator.php      | 2 +-
 htdocs/accounts/ldap_account_creator.php        | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/htdocs/accounts/base_ecloud_account_creator.php b/htdocs/accounts/base_ecloud_account_creator.php
index 543b2dd..4c52a2d 100644
--- a/htdocs/accounts/base_ecloud_account_creator.php
+++ b/htdocs/accounts/base_ecloud_account_creator.php
@@ -177,7 +177,7 @@ class BaseEcloudAccountCreator implements AccountCreator
         return $output;
     }
 
-    private function createAccount( string $resultmail, string $username, string $pw, string $pw2, string $name, $quota, string $authmail, ?string $referrerCode = null)
+    protected function createAccount( string $resultmail, string $username, string $pw, string $pw2, string $name, int $quota, string $authmail, ?string $referrerCode = null)
     {
     }
 }
diff --git a/htdocs/accounts/ecloud_account_creator.php b/htdocs/accounts/ecloud_account_creator.php
index 3d10449..b5dc4fd 100644
--- a/htdocs/accounts/ecloud_account_creator.php
+++ b/htdocs/accounts/ecloud_account_creator.php
@@ -15,7 +15,7 @@ class ECloudAccountCreator extends BaseEcloudAccountCreator
         parent::__construct($ecloudUrl);
     }
 
-    private function createAccount(string $resultmail, string $username, string $pw, string $pw2, string $name, int $quota, string $authmail, ?string $referrerCode = null)
+    protected function createAccount(string $resultmail, string $username, string $pw, string $pw2, string $name, int $quota, string $authmail, ?string $referrerCode = null)
     {
         global $strings;
         $PF_HOSTNAME = "postfixadmin";
diff --git a/htdocs/accounts/ldap_account_creator.php b/htdocs/accounts/ldap_account_creator.php
index 70723d2..4428586 100644
--- a/htdocs/accounts/ldap_account_creator.php
+++ b/htdocs/accounts/ldap_account_creator.php
@@ -29,7 +29,7 @@ class LDAPAccountCreator extends BaseEcloudAccountCreator
         $this->connectToLDAPServer();
     }
 
-    private function createAccount(string $email, string $username, string $password, string $pw2, string $name, int $quota, string $authmail, ?string $referrerCode = null)
+    protected function createAccount(string $email, string $username, string $password, string $pw2, string $name, int $quota, string $authmail, ?string $referrerCode = null)
     {
         $baseDn =  getenv('LDAP_USERS_BASE_DN');
         $userDn = "username=$username," . $baseDn;
-- 
GitLab


From 951ac362196e8eaa015366f520cafdb6d3803c27 Mon Sep 17 00:00:00 2001
From: Akhil <akhil.potukuchi@gmail.com>
Date: Fri, 20 May 2022 15:02:17 +0530
Subject: [PATCH 24/26] Handle all aliases through common

---
 .../accounts/base_ecloud_account_creator.php  | 23 +++++++++++--------
 htdocs/accounts/ldap/alias.php                |  9 --------
 htdocs/accounts/ldap_account_creator.php      | 21 -----------------
 3 files changed, 14 insertions(+), 39 deletions(-)
 delete mode 100644 htdocs/accounts/ldap/alias.php

diff --git a/htdocs/accounts/base_ecloud_account_creator.php b/htdocs/accounts/base_ecloud_account_creator.php
index 4c52a2d..a488464 100644
--- a/htdocs/accounts/base_ecloud_account_creator.php
+++ b/htdocs/accounts/base_ecloud_account_creator.php
@@ -50,8 +50,16 @@ class BaseEcloudAccountCreator implements AccountCreator
             $hmeAlias = '';
             $commonApiUrl = getenv('COMMON_SERVICES_URL');
             $commonApiUrl = endsWith($commonApiUrl, '/') ? $commonApiUrl : $commonApiUrl . '/';
-            $hmeAlias = $this->createHMEAlias($username, $commonApiUrl, $commonApiVersion);
-            $this->createNewDomainAlias($username, $email, $commonApiUrl, $commonApiVersion);
+            
+            // Create alias with same name as email pointing to email
+            $domain = getenv('DOMAIN');
+            $this->createNewDomainAlias($username, $email, $commonApiUrl, $commonApiVersion, $domain);
+            
+            $aliasDomain =  getenv('ALIAS_DOMAIN');
+            // Create HME Alias
+            $hmeAlias = $this->createHMEAlias($email, $commonApiUrl, $commonApiVersion, $aliasDomain);
+            // Create Alias to new domain
+            $this->createNewDomainAlias($username, $email, $commonApiUrl, $commonApiVersion, $aliasDomain);
         } catch (Error $e) {
             error_log('Error during alias creation for user: ' . $username . ' with email: ' . $email . ' : ' . $e->getMessage());
         }
@@ -59,11 +67,9 @@ class BaseEcloudAccountCreator implements AccountCreator
         return $answer;
     }
 
-    private function createHMEAlias(string $resultmail, string $commonApiUrl, string $commonApiVersion) : string
+    private function createHMEAlias(string $resultmail, string $commonApiUrl, string $commonApiVersion, string $domain) : string
     {
         $token = getenv('COMMON_SERVICES_TOKEN');
-        $domain = getenv('ALIAS_DOMAIN');
-        
         $endpoint = $commonApiVersion . '/aliases/hide-my-email/';
         $url = $commonApiUrl . $endpoint . $resultmail;
         $data = array(
@@ -81,17 +87,16 @@ class BaseEcloudAccountCreator implements AccountCreator
         return $alias;
     }
 
-    private function createNewDomainAlias(string $username, string $resultmail, string $commonApiUrl, string $commonApiVersion)
+    private function createNewDomainAlias(string $alias, string $resultmail, string $commonApiUrl, string $commonApiVersion, string $domain)
     {
         $token = getenv('COMMON_SERVICES_TOKEN');
-        $domain = getenv('ALIAS_DOMAIN');
 
         $endpoint = $commonApiVersion . '/aliases/';
         $url = $commonApiUrl . $endpoint . $resultmail;
 
         $data = array(
             "token" => $token,
-            "alias" => $username,
+            "alias" => $alias,
             "domain" => $domain
         );
         $result = curlPostJSON($url, $data);
@@ -177,7 +182,7 @@ class BaseEcloudAccountCreator implements AccountCreator
         return $output;
     }
 
-    protected function createAccount( string $resultmail, string $username, string $pw, string $pw2, string $name, int $quota, string $authmail, ?string $referrerCode = null)
+    protected function createAccount(string $resultmail, string $username, string $pw, string $pw2, string $name, int $quota, string $authmail, ?string $referrerCode = null)
     {
     }
 }
diff --git a/htdocs/accounts/ldap/alias.php b/htdocs/accounts/ldap/alias.php
deleted file mode 100644
index 739de99..0000000
--- a/htdocs/accounts/ldap/alias.php
+++ /dev/null
@@ -1,9 +0,0 @@
-<?php 
-
-use LdapRecord\Models\Model;
-
-class Alias extends Model {
-    public static $objectClasses = [
-        'murenaAlias',
-    ];
-};         
\ No newline at end of file
diff --git a/htdocs/accounts/ldap_account_creator.php b/htdocs/accounts/ldap_account_creator.php
index 4428586..9767623 100644
--- a/htdocs/accounts/ldap_account_creator.php
+++ b/htdocs/accounts/ldap_account_creator.php
@@ -3,7 +3,6 @@ require 'vendor/autoload.php';
 require_once('accounts/account_creator.php');
 require_once('accounts/base_ecloud_account_creator.php');
 require_once('accounts/ldap/user.php');
-require_once('accounts/ldap/alias.php');
 require_once('language.php');
 require_once('helpers.php');
 
@@ -59,30 +58,10 @@ class LDAPAccountCreator extends BaseEcloudAccountCreator
             $answer->type = 'error_creating_account';
             return $answer;
         }
-        $this->createUserEmailAlias($email);
         $answer = $this->postCreationActions($email, $username, $authmail, $quota, 'v2');
         return $answer;
     }
 
-    private function createUserEmailAlias($email)
-    {
-        try {
-            $baseDn = getenv('LDAP_ALIASES_BASE_DN');
-            $aliasDn = "alias=$email," . $baseDn;
-            $alias = [
-            'alias' => $email,
-            'mailAddress' => $email,
-            'active' => 'TRUE',
-            'objectClasses' => Alias::$objectClasses,
-        ];
-            $aliasEntry = new Alias($alias);
-            $aliasEntry->setDn($aliasDn);
-            $aliasEntry->save();
-        } catch (Exception $e) {
-            error_log('Error creating user email alias for email: ' . $email);
-        }
-    }
-
     private function getLDAPConfig() : array
     {
         $ldapHosts = getenv('LDAP_HOSTS');
-- 
GitLab


From c9b330f53dc324ba4035ca7d94aa49b40640373d Mon Sep 17 00:00:00 2001
From: Akhil <akhil.potukuchi@gmail.com>
Date: Fri, 20 May 2022 15:08:13 +0530
Subject: [PATCH 25/26] Move same email alias creation below hme

---
 htdocs/accounts/base_ecloud_account_creator.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/htdocs/accounts/base_ecloud_account_creator.php b/htdocs/accounts/base_ecloud_account_creator.php
index a488464..5caca9a 100644
--- a/htdocs/accounts/base_ecloud_account_creator.php
+++ b/htdocs/accounts/base_ecloud_account_creator.php
@@ -51,15 +51,15 @@ class BaseEcloudAccountCreator implements AccountCreator
             $commonApiUrl = getenv('COMMON_SERVICES_URL');
             $commonApiUrl = endsWith($commonApiUrl, '/') ? $commonApiUrl : $commonApiUrl . '/';
             
-            // Create alias with same name as email pointing to email
-            $domain = getenv('DOMAIN');
-            $this->createNewDomainAlias($username, $email, $commonApiUrl, $commonApiVersion, $domain);
-            
             $aliasDomain =  getenv('ALIAS_DOMAIN');
             // Create HME Alias
             $hmeAlias = $this->createHMEAlias($email, $commonApiUrl, $commonApiVersion, $aliasDomain);
             // Create Alias to new domain
             $this->createNewDomainAlias($username, $email, $commonApiUrl, $commonApiVersion, $aliasDomain);
+
+            // Create alias with same name as email pointing to email to block this alias
+            $domain = getenv('DOMAIN');
+            $this->createNewDomainAlias($username, $email, $commonApiUrl, $commonApiVersion, $domain);
         } catch (Error $e) {
             error_log('Error during alias creation for user: ' . $username . ' with email: ' . $email . ' : ' . $e->getMessage());
         }
-- 
GitLab


From b5a811fa4f89a268f999e511d4a88a78707bf7a8 Mon Sep 17 00:00:00 2001
From: Akhil <akhil.potukuchi@gmail.com>
Date: Fri, 20 May 2022 15:15:41 +0530
Subject: [PATCH 26/26] Use mail domain when creating same email alias

---
 htdocs/accounts/base_ecloud_account_creator.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/accounts/base_ecloud_account_creator.php b/htdocs/accounts/base_ecloud_account_creator.php
index 5caca9a..fe1d389 100644
--- a/htdocs/accounts/base_ecloud_account_creator.php
+++ b/htdocs/accounts/base_ecloud_account_creator.php
@@ -58,7 +58,7 @@ class BaseEcloudAccountCreator implements AccountCreator
             $this->createNewDomainAlias($username, $email, $commonApiUrl, $commonApiVersion, $aliasDomain);
 
             // Create alias with same name as email pointing to email to block this alias
-            $domain = getenv('DOMAIN');
+            $domain = getMailDomain();
             $this->createNewDomainAlias($username, $email, $commonApiUrl, $commonApiVersion, $domain);
         } catch (Error $e) {
             error_log('Error during alias creation for user: ' . $username . ' with email: ' . $email . ' : ' . $e->getMessage());
-- 
GitLab