Commit | Line | Data |
---|---|---|
bb0727ea VZ |
1 | <?php |
2 | /*************************************************************************** | |
3 | * Copyright (C) 2003-2008 Polytechnique.org * | |
4 | * http://opensource.polytechnique.org/ * | |
5 | * * | |
6 | * This program is free software; you can redistribute it and/or modify * | |
7 | * it under the terms of the GNU General Public License as published by * | |
8 | * the Free Software Foundation; either version 2 of the License, or * | |
9 | * (at your option) any later version. * | |
10 | * * | |
11 | * This program is distributed in the hope that it will be useful, * | |
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of * | |
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * | |
14 | * GNU General Public License for more details. * | |
15 | * * | |
16 | * You should have received a copy of the GNU General Public License * | |
17 | * along with this program; if not, write to the Free Software * | |
18 | * Foundation, Inc., * | |
19 | * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * | |
20 | ***************************************************************************/ | |
21 | ||
22 | // Checks the admin status of the @p account_name. | |
23 | function is_google_apps_administrator($account_name) { | |
24 | static $last_account_name = null; | |
25 | static $last_result = null; | |
26 | ||
27 | if ($last_account_name == $account_name) { | |
28 | return $last_result; | |
29 | } | |
30 | ||
31 | $res = XDB::query( | |
32 | "SELECT g_admin | |
33 | FROM gapps_accounts | |
34 | WHERE g_account_name = {?} AND g_status = 'active'", | |
35 | $account_name); | |
36 | $last_account_name = $account_name; | |
37 | $last_result = ($res->numRows() > 0 ? (bool)$res->fetchOneRow() : false); | |
38 | return $last_result; | |
39 | } | |
40 | ||
41 | // Post-queue job cleanup functions; they are used to update the plat/al database | |
42 | // when a specific Google Apps queue job enters 'success' state. | |
43 | function post_queue_u_create($job) { | |
44 | global $globals; | |
45 | ||
46 | // Retrieves the user parameters (userid and forlife). | |
47 | $parameters = json_decode($job['j_parameters'], true); | |
48 | $forlife = isset($parameters['username']) ? $parameters['username'] : null; | |
49 | $userid = $job['q_recipient_id']; | |
50 | if (!$forlife || !$userid) { | |
51 | return; | |
52 | } | |
53 | ||
54 | // Adds a redirection to the Google Apps delivery address. | |
55 | $account = new GoogleAppsAccount($userid, $forlife); | |
56 | if ($account->activate_mail_redirection) { | |
57 | require_once('emails.inc.php'); | |
58 | $storage = new MailStorageGoogleApps($userid); | |
59 | $storage->enable(); | |
60 | } | |
61 | ||
62 | // Sends an email to the account owner. | |
63 | $res = XDB::query( | |
64 | "SELECT FIND_IN_SET('femme', u.flags), prenom | |
65 | FROM auth_user_md5 AS u | |
66 | INNER JOIN aliases AS a ON (a.id = u.user_id) | |
67 | WHERE a.alias = {?}", | |
68 | $forlife); | |
69 | list($sexe, $prenom) = $res->fetchOneRow(); | |
70 | ||
71 | $mailer = new PlMailer('googleapps/create.mail.tpl'); | |
72 | $mailer->assign('account', $account); | |
73 | $mailer->assign('email', $forlife . '@' . $globals->mail->domain); | |
74 | $mailer->assign('googleapps_domain', $globals->mailstorage->googleapps_domain); | |
75 | $mailer->assign('prenom', $prenom); | |
76 | $mailer->assign('sexe', $sexe); | |
77 | $mailer->send(); | |
78 | } | |
79 | ||
80 | function post_queue_u_update($job) { | |
81 | global $globals; | |
82 | ||
83 | // If the u_update job was an unsuspend request, re-adds the redirection | |
84 | // to the Google Apps delivery address, provided the account is active (it might | |
85 | // have been deleted between the unsuspension and the post-queue processing). | |
86 | $parameters = json_decode($job['j_parameters'], true); | |
87 | $forlife = isset($parameters['username']) ? $parameters['username'] : null; | |
88 | $userid = $job['q_recipient_id']; | |
89 | if (!$forlife || !$userid) { | |
90 | return; | |
91 | } | |
92 | ||
93 | if (isset($parameters['suspended']) && $parameters['suspended'] == false) { | |
94 | require_once('emails.inc.php'); | |
95 | $account = new GoogleAppsAccount($userid, $forlife); | |
96 | if ($account->g_status == 'active') { | |
97 | // Re-adds the email redirection (if the user did request it). | |
98 | if ($account->activate_mail_redirection) { | |
99 | $storage = new MailStorageGoogleApps($userid); | |
100 | $storage->enable(); | |
101 | } | |
102 | ||
103 | // Sends an email to the account owner. | |
104 | $res = XDB::query( | |
105 | "SELECT FIND_IN_SET('femme', u.flags), prenom | |
106 | FROM auth_user_md5 AS u | |
107 | INNER JOIN aliases AS a ON (a.id = u.user_id) | |
108 | WHERE a.alias = {?}", | |
109 | $forlife); | |
110 | list($sexe, $prenom) = $res->fetchOneRow(); | |
111 | ||
112 | $mailer = new PlMailer('googleapps/unsuspend.mail.tpl'); | |
113 | $mailer->assign('account', $account); | |
114 | $mailer->assign('email', $forlife . '@' . $globals->mail->domain); | |
115 | $mailer->assign('prenom', $prenom); | |
116 | $mailer->assign('sexe', $sexe); | |
117 | $mailer->send(); | |
118 | } | |
119 | } | |
120 | } | |
121 | ||
122 | // Reprensentation of an SQL-stored Google Apps account. | |
123 | class GoogleAppsAccount | |
124 | { | |
125 | private $uid; | |
126 | public $g_account_name; | |
127 | ||
128 | public $sync_password; | |
129 | public $activate_mail_redirection; | |
130 | public $g_status; | |
131 | public $g_suspension; | |
132 | public $r_disk_usage; | |
133 | public $r_creation; | |
134 | public $r_last_login; | |
135 | public $r_last_webmail; | |
136 | public $reporting_date; | |
137 | ||
138 | public $pending_create; | |
139 | public $pending_delete; | |
140 | public $pending_update; | |
141 | public $pending_update_admin; | |
142 | public $pending_update_other; | |
143 | public $pending_update_password; | |
144 | public $pending_update_suspension; | |
145 | ||
146 | public $pending_validation_unsuspend; | |
147 | ||
148 | public function __construct($uid, $account_name) | |
149 | { | |
150 | $this->uid = $uid; | |
151 | $this->g_account_name = $account_name; | |
152 | $this->g_status = NULL; | |
153 | ||
154 | $res = XDB::query( | |
155 | "SELECT l_sync_password, l_activate_mail_redirection, | |
156 | g_account_name, g_status, g_suspension, r_disk_usage, | |
157 | UNIX_TIMESTAMP(r_creation) as r_creation, | |
158 | UNIX_TIMESTAMP(r_last_login) as r_last_login, | |
159 | UNIX_TIMESTAMP(r_last_webmail) as r_last_webmail | |
160 | FROM gapps_accounts | |
161 | WHERE g_account_name = {?}", | |
162 | $account_name); | |
163 | if ($account = $res->fetchOneAssoc()) { | |
164 | $this->sync_password = $account['l_sync_password']; | |
165 | $this->activate_mail_redirection = $account['l_activate_mail_redirection']; | |
166 | $this->g_status = $account['g_status']; | |
167 | $this->g_suspension = $account['g_suspension']; | |
168 | $this->r_disk_usage = $account['r_disk_usage']; | |
169 | $this->r_creation = $account['r_creation']; | |
170 | $this->r_last_login = $account['r_last_webmail']; | |
171 | $this->r_last_webmail = $account['r_last_webmail']; | |
172 | ||
173 | $this->load_pending_counts(); | |
174 | $this->load_pending_validations(); | |
175 | if ($this->pending_update) { | |
176 | $this->load_pending_updates(); | |
177 | } | |
178 | ||
179 | $res = XDB::query("SELECT MAX(date) FROM gapps_reporting"); | |
180 | $this->reporting_date = $res->fetchOneCell(); | |
181 | } | |
182 | } | |
183 | ||
184 | // Account object initialization methods. | |
185 | private function load_pending_counts() | |
186 | { | |
187 | // Determines if changes to the Google Account are currently waiting | |
188 | // in the Google Apps queue. | |
189 | $res = XDB::query( | |
190 | "SELECT SUM(j_type = 'u_create') AS pending_create, | |
191 | SUM(j_type = 'u_update') AS pending_update, | |
192 | SUM(j_type = 'u_delete') AS pending_delete | |
193 | FROM gapps_queue | |
194 | WHERE q_recipient_id = {?} AND | |
195 | p_status IN ('idle', 'active', 'softfail') | |
196 | GROUP BY j_type", | |
197 | $this->uid); | |
198 | $pending = $res->fetchOneAssoc(); | |
199 | $this->pending_create = $pending['pending_create']; | |
200 | $this->pending_update = $pending['pending_update']; | |
201 | $this->pending_delete = $pending['pending_delete']; | |
202 | ||
203 | $this->pending_update_admin = false; | |
204 | $this->pending_update_other = false; | |
205 | $this->pending_update_password = false; | |
206 | $this->pending_update_suspension = false; | |
207 | } | |
208 | ||
209 | private function load_pending_validations() | |
210 | { | |
211 | require_once('validations.inc.php'); | |
212 | $this->pending_validation_unsuspend = | |
213 | Validate::get_typed_requests_count($this->uid, 'gapps-unsuspend'); | |
214 | } | |
215 | ||
216 | private function load_pending_updates() | |
217 | { | |
218 | // If updates are pending, determines their nature (more specifically: | |
219 | // determines which part of the account is concerned). | |
220 | $res = XDB::iterator( | |
221 | "SELECT j_parameters | |
222 | FROM gapps_queue | |
223 | WHERE q_recipient_id = {?} AND | |
224 | p_status IN ('idle', 'active', 'softfail') AND | |
225 | j_type = 'u_update'", | |
226 | $this->uid); | |
227 | while ($update = $res->next()) { | |
228 | $update_data = json_decode($update["j_parameters"], true); | |
229 | ||
230 | if (isset($update_data["suspended"])) { | |
231 | $this->pending_update_suspension = true; | |
232 | } elseif (isset($update_data["password"])) { | |
233 | $this->pending_update_password = true; | |
234 | } elseif (isset($update_data["admin"])) { | |
235 | $this->pending_update_admin = true; | |
236 | } else { | |
237 | $this->pending_update_other = true; | |
238 | } | |
239 | } | |
240 | } | |
241 | ||
242 | // Creates a queue job of the @p type, for the user represented by this | |
243 | // GoogleAppsAccount object, using @p parameters. | |
244 | private function create_queue_job($type, $parameters) { | |
245 | $parameters["username"] = $this->g_account_name; | |
246 | XDB::execute( | |
247 | "INSERT INTO gapps_queue | |
248 | SET q_owner_id = {?}, q_recipient_id = {?}, | |
249 | p_entry_date = NOW(), p_notbefore_date = NOW(), | |
250 | p_priority = 'normal', | |
251 | j_type = {?}, j_parameters = {?}", | |
252 | S::v('uid'), | |
253 | $this->uid, | |
254 | $type, | |
255 | json_encode($parameters)); | |
256 | } | |
257 | ||
258 | // Changes the GoogleApps password. | |
259 | public function set_password($password) { | |
260 | if ($this->g_status == NULL || $this->g_status == 'unprovisioned') { | |
261 | return; | |
262 | } | |
263 | ||
264 | if (!$this->pending_update_password) { | |
265 | $this->create_queue_job('u_update', array('password' => $password)); | |
266 | } | |
267 | } | |
268 | ||
269 | // Changes the password synchronization status ("sync = true" means that the | |
270 | // Polytechnique.org password will be replicated to the Google Apps account). | |
271 | public function set_password_sync($sync) { | |
272 | if ($this->g_status == NULL || $this->g_status == 'unprovisioned') { | |
273 | return; | |
274 | } | |
275 | ||
276 | $this->sync_password = $sync; | |
277 | XDB::execute( | |
278 | "UPDATE gapps_accounts | |
279 | SET l_sync_password = {?} | |
280 | WHERE g_account_name = {?}", | |
281 | $sync, | |
282 | $this->g_account_name); | |
283 | } | |
284 | ||
285 | // Suspends the Google Apps account. | |
286 | public function suspend() { | |
287 | if ($this->g_status == NULL || $this->g_status == 'unprovisioned') { | |
288 | return; | |
289 | } | |
290 | ||
291 | if (!$this->pending_update_suspension) { | |
292 | $this->create_queue_job('u_update', array('suspended' => true)); | |
293 | $this->pending_update_suspension = true; | |
294 | } | |
295 | } | |
296 | ||
297 | // Adds an unsuspension request to the validation queue (used on user-request). | |
298 | public function unsuspend($activate_mail_redirection = NULL) { | |
299 | if ($this->g_status == NULL || $this->g_status == 'unprovisioned') { | |
300 | return; | |
301 | } | |
302 | if ($activate_mail_redirection !== NULL) { | |
303 | $this->activate_mail_redirection = $activate_mail_redirection; | |
304 | XDB::execute( | |
305 | "UPDATE gapps_accounts | |
306 | SET l_activate_mail_redirection = {?} | |
307 | WHERE g_account_name = {?}", | |
308 | $activate_mail_redirection); | |
309 | } | |
310 | ||
311 | if (!$this->pending_update_suspension && !$this->pending_validation_unsuspend) { | |
312 | require_once('validations.inc.php'); | |
313 | $unsuspend = new GoogleAppsUnsuspendReq($this->uid); | |
314 | $unsuspend->submit(); | |
315 | $this->pending_validation_unsuspend = true; | |
316 | } | |
317 | } | |
318 | ||
319 | // Unsuspends the Google Apps account (used on admin-request, or on validation of | |
320 | // an user-request). | |
321 | public function do_unsuspend() { | |
322 | if ($this->g_status == NULL || $this->g_status == 'unprovisioned') { | |
323 | return; | |
324 | } | |
325 | ||
326 | if (!$this->pending_update_suspension) { | |
327 | if ($this->sync_password) { | |
328 | $res = XDB::query( | |
329 | "SELECT password | |
330 | FROM auth_user_md5 | |
331 | WHERE user_id = {?}", | |
332 | $this->uid); | |
333 | $password = ($res->numRows() > 0 ? $res->fetchOneCell() : false); | |
334 | } else { | |
335 | $password = false; | |
336 | } | |
337 | ||
338 | if ($password) { | |
339 | $this->create_queue_job('u_update', array('suspended' => false, 'password' => $password)); | |
340 | } else { | |
341 | $this->create_queue_job('u_update', array('suspended' => false)); | |
342 | } | |
343 | $this->pending_update_suspension = true; | |
344 | return true; | |
345 | } | |
346 | return false; | |
347 | } | |
348 | ||
349 | // Adds a creation request in the job queue. | |
350 | public function create($password_sync, $password, $redirect_mails) { | |
351 | if ($this->g_status != NULL) { | |
352 | return; | |
353 | } | |
354 | ||
355 | if (!$this->pending_create) { | |
356 | // Retrieves information on the new account. | |
357 | $res = XDB::query( | |
358 | "SELECT nom, nom_usage, prenom | |
359 | FROM auth_user_md5 | |
360 | WHERE user_id = {?}", | |
361 | $this->uid); | |
362 | list($nom, $nom_usage, $prenom) = $res->fetchOneRow(); | |
363 | ||
364 | // Adds an entry in the gapps_accounts table. | |
365 | XDB::execute( | |
366 | "INSERT INTO gapps_accounts | |
367 | SET l_userid = {?}, | |
368 | l_sync_password = {?}, | |
369 | l_activate_mail_redirection = {?}, | |
370 | g_account_name = {?}, | |
371 | g_first_name = {?}, | |
372 | g_last_name = {?}, | |
373 | g_status = 'unprovisioned'", | |
374 | $this->uid, | |
375 | $password_sync, | |
376 | $redirect_mails, | |
377 | $this->g_account_name, | |
378 | $prenom, | |
379 | ($nom_usage ? $nom_usage : $nom)); | |
380 | ||
381 | // Adds the creation job in the GApps queue. | |
382 | $this->create_queue_job( | |
383 | 'u_create', | |
384 | array( | |
385 | 'username' => $this->g_account_name, | |
386 | 'first_name' => $prenom, | |
387 | 'last_name' => ($nom_usage ? $nom_usage : $nom), | |
388 | 'password' => $password, | |
389 | )); | |
390 | ||
391 | // Updates the GoogleAppsAccount status. | |
392 | $this->__construct($this->uid, $this->g_account_name); | |
393 | } | |
394 | } | |
395 | } | |
396 | ||
397 | // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8: | |
398 | ?> |