From c15fc6de163d4f4f006d733a6b22143e9ce09b4e Mon Sep 17 00:00:00 2001 From: diroots Date: Thu, 20 Feb 2020 11:43:41 +0100 Subject: [PATCH 1/8] Florent VINCENT's avatar Florent VINCENT's avatar fix e/management#951 manual account deletion also remove persistent info in system files (auth.file.done and auth.file) --- scripts/delete-account.sh | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) diff --git a/scripts/delete-account.sh b/scripts/delete-account.sh index b91d25c..16ef229 100755 --- a/scripts/delete-account.sh +++ b/scripts/delete-account.sh @@ -20,5 +20,38 @@ if [[ $response =~ ^([yY][eE][sS]|[yY])$ ]]; then echo "Deleting email account" docker-compose exec -T postfixadmin /postfixadmin/scripts/postfixadmin-cli mailbox delete "$ACCOUNT" + # Fix #951 + # 2 files to update auth.file.done and auth.file + FILE_MULTIPLE_REGISTRATION_CHECK=/mnt/repo-base/volumes/accounts/auth.file.done + AUTH_FILE=/mnt/repo-base/volumes/accounts/auth.file + + # delete line with $ACCOUNT : this is a e.email + # strip "e.email" suffix to get mbox + MBOX=${ACCOUNT%"@e.email"} + + echo "Updating system persistent info" + # grep |wc -l >> count result, if one line found in auth.file.done, delete it + if [[ $(grep -nR "\:$MBOX$" $FILE_MULTIPLE_REGISTRATION_CHECK |wc -l) = "1" ]]; then + + # Grab mail used to register from the line (to be used for $AUTH_FILE update in #2) + MAIL_USED=$(grep -R "\:$MBOX$" $FILE_MULTIPLE_REGISTRATION_CHECK| cut -f1 -d":") + + echo "#1 Removing $MBOX from file $FILE_MULTIPLE_REGISTRATION_CHECK" + # sed pattern : \:$MBOX$ = line ending with $MBOX ($), and ':' before $MBOX to prevent accidental deletion + # ex : if $MBOX = doe do NOT delete all lines ending with "doe", "johndoe", "john-doe", only delete ":doe" + sed -i "/\:$MBOX$/d" $FILE_MULTIPLE_REGISTRATION_CHECK + + echo "#2 Deleting all lines with $MAIL_USED found in $AUTH_FILE" + # sed pattern : ^$MAIL_USED\: = line starting with $MAIL_USED (^), and ':' after $MAIL_USED to encapsulate it + sed -i "/^$MAIL_USED\:/d" $AUTH_FILE + + elif [[ $(grep -nR "\:$MBOX$" $FILE_MULTIPLE_REGISTRATION_CHECK |wc -l) = "0" ]] + then + echo "$MBOX not found in $FILE_MULTIPLE_REGISTRATION_CHECK" + else + echo "More than one line to be deleted for $MBOX, check $FILE_MULTIPLE_REGISTRATION_CHECK please" + fi + + # TODO: delete onlyoffice account??? fi -- GitLab From 1afae130d04462837fc28845b98e0419fddddcec Mon Sep 17 00:00:00 2001 From: diroots Date: Thu, 20 Feb 2020 11:46:54 +0100 Subject: [PATCH 2/8] minor tab changes --- scripts/delete-account.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/scripts/delete-account.sh b/scripts/delete-account.sh index 16ef229..56d6884 100755 --- a/scripts/delete-account.sh +++ b/scripts/delete-account.sh @@ -23,7 +23,7 @@ if [[ $response =~ ^([yY][eE][sS]|[yY])$ ]]; then # Fix #951 # 2 files to update auth.file.done and auth.file FILE_MULTIPLE_REGISTRATION_CHECK=/mnt/repo-base/volumes/accounts/auth.file.done - AUTH_FILE=/mnt/repo-base/volumes/accounts/auth.file + AUTH_FILE=/mnt/repo-base/volumes/accounts/auth.file # delete line with $ACCOUNT : this is a e.email # strip "e.email" suffix to get mbox @@ -31,21 +31,21 @@ if [[ $response =~ ^([yY][eE][sS]|[yY])$ ]]; then echo "Updating system persistent info" # grep |wc -l >> count result, if one line found in auth.file.done, delete it - if [[ $(grep -nR "\:$MBOX$" $FILE_MULTIPLE_REGISTRATION_CHECK |wc -l) = "1" ]]; then + if [[ $(grep -R "\:$MBOX$" $FILE_MULTIPLE_REGISTRATION_CHECK |wc -l) = "1" ]]; then # Grab mail used to register from the line (to be used for $AUTH_FILE update in #2) MAIL_USED=$(grep -R "\:$MBOX$" $FILE_MULTIPLE_REGISTRATION_CHECK| cut -f1 -d":") echo "#1 Removing $MBOX from file $FILE_MULTIPLE_REGISTRATION_CHECK" # sed pattern : \:$MBOX$ = line ending with $MBOX ($), and ':' before $MBOX to prevent accidental deletion - # ex : if $MBOX = doe do NOT delete all lines ending with "doe", "johndoe", "john-doe", only delete ":doe" + # ex : if $MBOX = doe do NOT delete all lines ending with "doe", "johndoe", "john-doe", only delete ":doe" sed -i "/\:$MBOX$/d" $FILE_MULTIPLE_REGISTRATION_CHECK echo "#2 Deleting all lines with $MAIL_USED found in $AUTH_FILE" # sed pattern : ^$MAIL_USED\: = line starting with $MAIL_USED (^), and ':' after $MAIL_USED to encapsulate it sed -i "/^$MAIL_USED\:/d" $AUTH_FILE - elif [[ $(grep -nR "\:$MBOX$" $FILE_MULTIPLE_REGISTRATION_CHECK |wc -l) = "0" ]] + elif [[ $(grep -R "\:$MBOX$" $FILE_MULTIPLE_REGISTRATION_CHECK |wc -l) = "0" ]] then echo "$MBOX not found in $FILE_MULTIPLE_REGISTRATION_CHECK" else -- GitLab From e59e46140f351616b994e8d9372d9481c81900dc Mon Sep 17 00:00:00 2001 From: diroots Date: Fri, 21 Feb 2020 15:44:37 +0100 Subject: [PATCH 3/8] be more generic in the suffix removal of the $ACCOUNT passed to the script --- scripts/delete-account.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/scripts/delete-account.sh b/scripts/delete-account.sh index 56d6884..d6ed176 100755 --- a/scripts/delete-account.sh +++ b/scripts/delete-account.sh @@ -25,9 +25,9 @@ if [[ $response =~ ^([yY][eE][sS]|[yY])$ ]]; then FILE_MULTIPLE_REGISTRATION_CHECK=/mnt/repo-base/volumes/accounts/auth.file.done AUTH_FILE=/mnt/repo-base/volumes/accounts/auth.file - # delete line with $ACCOUNT : this is a e.email - # strip "e.email" suffix to get mbox - MBOX=${ACCOUNT%"@e.email"} + # delete line with $ACCOUNT : @ACCOUNT is a $MBOX@DOMAIN + # strip @ANDEVERYTHINGAFTER suffix to get mbox only, to be more generic + MBOX=${ACCOUNT%%@*} echo "Updating system persistent info" # grep |wc -l >> count result, if one line found in auth.file.done, delete it -- GitLab From e0a798cce5e497258231ccea87ebaf66683e7f4d Mon Sep 17 00:00:00 2001 From: diroots Date: Wed, 26 Feb 2020 12:20:16 +0100 Subject: [PATCH 4/8] changes according to @nutomic comments --- scripts/delete-account.sh | 31 ++++++++++++++++++------------- 1 file changed, 18 insertions(+), 13 deletions(-) diff --git a/scripts/delete-account.sh b/scripts/delete-account.sh index d6ed176..a705465 100755 --- a/scripts/delete-account.sh +++ b/scripts/delete-account.sh @@ -20,9 +20,8 @@ if [[ $response =~ ^([yY][eE][sS]|[yY])$ ]]; then echo "Deleting email account" docker-compose exec -T postfixadmin /postfixadmin/scripts/postfixadmin-cli mailbox delete "$ACCOUNT" - # Fix #951 # 2 files to update auth.file.done and auth.file - FILE_MULTIPLE_REGISTRATION_CHECK=/mnt/repo-base/volumes/accounts/auth.file.done + AUTH_FILE_DONE=/mnt/repo-base/volumes/accounts/auth.file.done AUTH_FILE=/mnt/repo-base/volumes/accounts/auth.file # delete line with $ACCOUNT : @ACCOUNT is a $MBOX@DOMAIN @@ -30,26 +29,32 @@ if [[ $response =~ ^([yY][eE][sS]|[yY])$ ]]; then MBOX=${ACCOUNT%%@*} echo "Updating system persistent info" - # grep |wc -l >> count result, if one line found in auth.file.done, delete it - if [[ $(grep -R "\:$MBOX$" $FILE_MULTIPLE_REGISTRATION_CHECK |wc -l) = "1" ]]; then + NB_LINES = $(grep -R "\:$MBOX$" $AUTH_FILE_DONE |wc -l) + # if ONLY one line found in auth.file.done, delete it + if [[ $NB_LINES = "1" ]]; then # Grab mail used to register from the line (to be used for $AUTH_FILE update in #2) - MAIL_USED=$(grep -R "\:$MBOX$" $FILE_MULTIPLE_REGISTRATION_CHECK| cut -f1 -d":") + MAIL_USED=$(grep -R "\:$MBOX$" $AUTH_FILE_DONE| cut -f1 -d":") - echo "#1 Removing $MBOX from file $FILE_MULTIPLE_REGISTRATION_CHECK" - # sed pattern : \:$MBOX$ = line ending with $MBOX ($), and ':' before $MBOX to prevent accidental deletion - # ex : if $MBOX = doe do NOT delete all lines ending with "doe", "johndoe", "john-doe", only delete ":doe" - sed -i "/\:$MBOX$/d" $FILE_MULTIPLE_REGISTRATION_CHECK + echo "#1 Removing $MBOX from file $AUTH_FILE_DONE" + # sed pattern : \:$MBOX$ + # use $ after $MBOX to get line ending with $MBOX, + # ':' before $MBOX to prevent accidental deletion + # ex : if $MBOX = doe only delete line ending with ":doe" + # do NOT delete all lines ending with ":doe", ":johndoe" or ":john-doe" + sed -i "/\:$MBOX$/d" $AUTH_FILE_DONE echo "#2 Deleting all lines with $MAIL_USED found in $AUTH_FILE" - # sed pattern : ^$MAIL_USED\: = line starting with $MAIL_USED (^), and ':' after $MAIL_USED to encapsulate it + # sed pattern : ^$MAIL_USED\: + # use ^ before $MAIL_USED to get only line STARTING WITH $MAIL_USED, + # ':' after $MAIL_USED to encapsulate it sed -i "/^$MAIL_USED\:/d" $AUTH_FILE - elif [[ $(grep -R "\:$MBOX$" $FILE_MULTIPLE_REGISTRATION_CHECK |wc -l) = "0" ]] + elif [[ $NB_LINES = "0" ]] then - echo "$MBOX not found in $FILE_MULTIPLE_REGISTRATION_CHECK" + echo "$MBOX not found in $AUTH_FILE_DONE" else - echo "More than one line to be deleted for $MBOX, check $FILE_MULTIPLE_REGISTRATION_CHECK please" + echo "More than one line to be deleted for $MBOX, check $AUTH_FILE_DONE please" fi -- GitLab From 56771afdb549093573f68676fd0e7267b70bdc65 Mon Sep 17 00:00:00 2001 From: diroots Date: Wed, 26 Feb 2020 13:20:25 +0100 Subject: [PATCH 5/8] remove user's mail folder after postfix mailbox delete --- scripts/delete-account.sh | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/scripts/delete-account.sh b/scripts/delete-account.sh index a705465..0acf865 100755 --- a/scripts/delete-account.sh +++ b/scripts/delete-account.sh @@ -6,6 +6,11 @@ source /mnt/repo-base/scripts/base.sh echo "Enter the email address to be deleted:" read ACCOUNT +# strip @ANDEVERYTHINGAFTER suffix to get mbox only +MBOX=${ACCOUNT%%@*} +# strip EVERYTHINGBEFOREAND@ prefix to get domain only +MAIL_DOMAIN=${ACCOUNT##*@} + if ! docker-compose exec -T -u www-data nextcloud php occ user:info "$ACCOUNT" | grep "$ACCOUNT" --quiet; then echo "Error: The account $ACCOUNT does not exist" exit @@ -20,6 +25,21 @@ if [[ $response =~ ^([yY][eE][sS]|[yY])$ ]]; then echo "Deleting email account" docker-compose exec -T postfixadmin /postfixadmin/scripts/postfixadmin-cli mailbox delete "$ACCOUNT" + # remove user's maildir as postfixadmin-cli mailbox delete "$ACCOUNT" is not doing it + MAILDIR="/mnt/repo-base/volumes/mail/vhosts/$MAIL_DOMAIN/$MBOX" + + if [[ -n "$MBOX" && -n "$MAIL_DOMAIN" ]]; then + # double check on $MBOX and $MAIL_DOMAIN not empty + # as we don't want to remove entire /mnt/repo-base/volumes/mail/vhosts/ !! + if [ -d $MAILDIR ]; then + echo "Deleting email folder in $MAILDIR for this account" + rm -rf $MAILDIR + else + echo "$MAILDIR does not exit" + fi + fi + + # 2 files to update auth.file.done and auth.file AUTH_FILE_DONE=/mnt/repo-base/volumes/accounts/auth.file.done AUTH_FILE=/mnt/repo-base/volumes/accounts/auth.file @@ -59,4 +79,7 @@ if [[ $response =~ ^([yY][eE][sS]|[yY])$ ]]; then # TODO: delete onlyoffice account??? + + + fi -- GitLab From 56d80bf4c502c9e114a5cae821a56a15fb7cc5bf Mon Sep 17 00:00:00 2001 From: diroots Date: Mon, 2 Mar 2020 09:54:46 +0100 Subject: [PATCH 6/8] add delete_user query in the user_backend _sql_raw queries returning true, for NC to really delete user's data files --- templates/nextcloud/config.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/templates/nextcloud/config.php b/templates/nextcloud/config.php index 679ea28..452534d 100644 --- a/templates/nextcloud/config.php +++ b/templates/nextcloud/config.php @@ -57,9 +57,11 @@ $CONFIG = array ( 'user_exists' => 'SELECT EXISTS(SELECT 1 FROM mailbox WHERE username = :username)', 'get_users' => 'select username as fqda from mailbox where username like :search or name like :search', 'set_password_hash_for_user' => 'UPDATE mailbox SET password = CONCAT(\'{SHA512-CRYPT}\',:new_password_hash) WHERE username = BINARY :username', + 'delete_user' => 'SELECT EXISTS(SELECT 1 FROM mailbox WHERE username = :username)', 'get_display_name' => 'SELECT name FROM mailbox where username = BINARY :username', 'set_display_name' => 'UPDATE mailbox SET name = :new_display_name WHERE username = BINARY :username', 'count_users' => 'SELECT COUNT(*) FROM mailbox', + 'delete_user' => 'SELECT EXISTS(SELECT 1 FROM mailbox WHERE username = :username)', ), 'hash_algorithm_for_new_passwords' => 'sha512', ), -- GitLab From 905d888b6bf251af007ca660cde8956600bd145a Mon Sep 17 00:00:00 2001 From: diroots Date: Mon, 2 Mar 2020 10:40:35 +0100 Subject: [PATCH 7/8] double paste removal for delete_user query --- templates/nextcloud/config.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/templates/nextcloud/config.php b/templates/nextcloud/config.php index 452534d..5b6c13a 100644 --- a/templates/nextcloud/config.php +++ b/templates/nextcloud/config.php @@ -61,7 +61,8 @@ $CONFIG = array ( 'get_display_name' => 'SELECT name FROM mailbox where username = BINARY :username', 'set_display_name' => 'UPDATE mailbox SET name = :new_display_name WHERE username = BINARY :username', 'count_users' => 'SELECT COUNT(*) FROM mailbox', - 'delete_user' => 'SELECT EXISTS(SELECT 1 FROM mailbox WHERE username = :username)', + //'get_home' => '', + //'create_user' => '', ), 'hash_algorithm_for_new_passwords' => 'sha512', ), -- GitLab From c5710e4a543f5eff72f4a7f98880b748caf6d3be Mon Sep 17 00:00:00 2001 From: diroots Date: Mon, 2 Mar 2020 10:41:16 +0100 Subject: [PATCH 8/8] fix $NB_LINES var value --- scripts/delete-account.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/delete-account.sh b/scripts/delete-account.sh index 0acf865..4b25aaa 100755 --- a/scripts/delete-account.sh +++ b/scripts/delete-account.sh @@ -49,7 +49,7 @@ if [[ $response =~ ^([yY][eE][sS]|[yY])$ ]]; then MBOX=${ACCOUNT%%@*} echo "Updating system persistent info" - NB_LINES = $(grep -R "\:$MBOX$" $AUTH_FILE_DONE |wc -l) + NB_LINES=$(grep -R "\:$MBOX$" $AUTH_FILE_DONE |wc -l) # if ONLY one line found in auth.file.done, delete it if [[ $NB_LINES = "1" ]]; then -- GitLab