2 /***************************************************************************
3 * Copyright (C) 2003-2008 Polytechnique.org *
4 * http://opensource.polytechnique.org/ *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program; if not, write to the Free Software *
19 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
20 ***************************************************************************/
22 // Post-processes the successful Google Apps account creation queue job.
23 function post_queue_u_create($job) {
26 // Retrieves the user parameters (userid and forlife).
27 $parameters = json_decode($job['j_parameters'], true
);
28 $forlife = isset($parameters['username']) ?
$parameters['username'] : null
;
29 $userid = $job['q_recipient_id'];
30 if (!$forlife ||
!$userid) {
34 // Adds a redirection to the Google Apps delivery address, if requested by
35 // the user at creation time.
36 $account = new GoogleAppsAccount($userid, $forlife);
37 if ($account->activate_mail_redirection
) {
38 require_once('emails.inc.php');
39 $storage = new EmailStorage($userid, 'googleapps');
43 // Sends the 'account created' email to the user, with basic documentation.
45 "SELECT FIND_IN_SET('femme', u.flags), prenom
46 FROM auth_user_md5 AS u
47 INNER JOIN aliases AS a ON (a.id = u.user_id)
50 list($sexe, $prenom) = $res->fetchOneRow();
52 $mailer = new PlMailer('googleapps/create.mail.tpl');
53 $mailer->assign('account', $account);
54 $mailer->assign('email', $forlife . '@' . $globals->mail
->domain
);
55 $mailer->assign('googleapps_domain', $globals->mailstorage
->googleapps_domain
);
56 $mailer->assign('prenom', $prenom);
57 $mailer->assign('sexe', $sexe);
61 // Post-processes the successful Google Apps account update queue job.
62 function post_queue_u_update($job) {
65 // If the u_update job was an unsuspend request, re-adds the redirection
66 // to the Google Apps delivery address, provided the account is active (it might
67 // have been deleted between the unsuspension and the post-queue processing).
68 $parameters = json_decode($job['j_parameters'], true
);
69 $forlife = isset($parameters['username']) ?
$parameters['username'] : null
;
70 $userid = $job['q_recipient_id'];
71 if (!$forlife ||
!$userid) {
75 if (isset($parameters['suspended']) && $parameters['suspended'] == false
) {
76 require_once('emails.inc.php');
77 $account = new GoogleAppsAccount($userid, $forlife);
78 if ($account->active()) {
79 // Re-adds the email redirection (if the user did request it).
80 if ($account->activate_mail_redirection
) {
81 $storage = new EmailStorage($userid, 'googleapps');
85 // Sends an email to the account owner.
87 "SELECT FIND_IN_SET('femme', u.flags), prenom
88 FROM auth_user_md5 AS u
89 INNER JOIN aliases AS a ON (a.id = u.user_id)
92 list($sexe, $prenom) = $res->fetchOneRow();
94 $mailer = new PlMailer('googleapps/unsuspend.mail.tpl');
95 $mailer->assign('account', $account);
96 $mailer->assign('email', $forlife . '@' . $globals->mail
->domain
);
97 $mailer->assign('prenom', $prenom);
98 $mailer->assign('sexe', $sexe);
104 // Reprensentation of an SQL-stored Google Apps account.
105 // This class is the interface with the gappsd SQL tables: gappsd is the python
106 // daemon which deals with Google Apps provisioning APIs.
107 // TODO(vincent.zanotti): add the url of gappsd, when available.
108 class GoogleAppsAccount
110 // User identification: user id, and forlife.
112 public $g_account_name;
114 // Local account parameters.
115 public $sync_password;
116 public $activate_mail_redirection;
118 // Account status, obtained from Google Apps provisioning & reporting APIs.
119 public $g_account_id;
121 public $g_suspension;
122 public $r_disk_usage;
124 public $r_last_login;
125 public $r_last_webmail;
126 public $reporting_date;
128 // Pending requests in the gappsd job queue (cf. top note).
129 public $pending_create;
130 public $pending_delete;
131 public $pending_update;
132 public $pending_update_admin;
133 public $pending_update_other;
134 public $pending_update_password;
135 public $pending_update_suspension;
137 // Pending requests in plat/al validation queue.
138 public $pending_validation_unsuspend;
140 // Constructs the account object, by retrieving all informations from the
141 // GApps account table, from GApps job queue, and from plat/al validation queue.
142 public function __construct($uid, $account_name = NULL
)
144 if ($account_name == NULL
) {
145 require_once 'user.func.inc.php';
146 $account_name = get_user_forlife($uid, '_silent_user_callback');
150 $this->g_account_name
= $account_name;
151 $this->g_status
= NULL
;
152 if (!$this->g_account_name
) {
157 "SELECT l_sync_password, l_activate_mail_redirection,
158 g_account_name, g_account_id, g_status, g_suspension, r_disk_usage,
159 UNIX_TIMESTAMP(r_creation) as r_creation,
160 UNIX_TIMESTAMP(r_last_login) as r_last_login,
161 UNIX_TIMESTAMP(r_last_webmail) as r_last_webmail
163 WHERE g_account_name = {?}",
165 if ($account = $res->fetchOneAssoc()) {
166 $this->sync_password
= $account['l_sync_password'];
167 $this->activate_mail_redirection
= $account['l_activate_mail_redirection'];
168 $this->g_account_id
= $account['g_account_id'];
169 $this->g_status
= $account['g_status'];
170 $this->g_suspension
= $account['g_suspension'];
171 $this->r_disk_usage
= $account['r_disk_usage'];
172 $this->r_creation
= $account['r_creation'];
173 $this->r_last_login
= $account['r_last_webmail'];
174 $this->r_last_webmail
= $account['r_last_webmail'];
176 $this->load_pending_counts();
177 $this->load_pending_validations();
178 if ($this->pending_update
) {
179 $this->load_pending_updates();
182 $res = XDB
::query("SELECT MAX(date) FROM gapps_reporting");
183 $this->reporting_date
= $res->fetchOneCell();
187 // Determines if changes to the Google Account are currently waiting in the
188 // GApps job queue, and initializes the local values accordingly.
189 private function load_pending_counts()
192 "SELECT SUM(j_type = 'u_create') AS pending_create,
193 SUM(j_type = 'u_update') AS pending_update,
194 SUM(j_type = 'u_delete') AS pending_delete
196 WHERE q_recipient_id = {?} AND
197 p_status IN ('idle', 'active', 'softfail')
200 $pending = $res->fetchOneAssoc();
201 $this->pending_create
= $pending['pending_create'];
202 $this->pending_update
= $pending['pending_update'];
203 $this->pending_delete
= $pending['pending_delete'];
205 $this->pending_update_admin
= false
;
206 $this->pending_update_other
= false
;
207 $this->pending_update_password
= false
;
208 $this->pending_update_suspension
= false
;
211 // Checks for unsuspend requests waiting for validation in plat/al
213 private function load_pending_validations()
215 require_once('validations.inc.php');
216 $this->pending_validation_unsuspend
=
217 Validate
::get_typed_requests_count($this->uid
, 'gapps-unsuspend');
220 // Retrieves all the pending update job in the gappsd queue for the current
221 // user, and analyzes the scope of the update (ie. the fields in the user
222 // account which are going to be updated).
223 private function load_pending_updates()
225 $res = XDB
::iterator(
228 WHERE q_recipient_id = {?} AND
229 p_status IN ('idle', 'active', 'softfail') AND
230 j_type = 'u_update'",
232 while ($update = $res->next()) {
233 $update_data = json_decode($update["j_parameters"], true
);
235 if (isset($update_data["suspended"])) {
236 $this->pending_update_suspension
= true
;
237 } elseif (isset($update_data["password"])) {
238 $this->pending_update_password
= true
;
239 } elseif (isset($update_data["admin"])) {
240 $this->pending_update_admin
= true
;
242 $this->pending_update_other
= true
;
247 // Creates a queue job of the @p type, for the user represented by this
248 // GoogleAppsAccount object, using @p parameters. @p parameters is supposed
249 // to be a one-dimension array of key-value mappings.
250 // The created job as a 'immediate' priority, and is scheduled for immediate
252 private function create_queue_job($type, $parameters) {
253 $parameters["username"] = $this->g_account_name
;
255 "INSERT INTO gapps_queue
256 SET q_owner_id = {?}, q_recipient_id = {?},
257 p_entry_date = NOW(), p_notbefore_date = NOW(),
258 p_priority = 'immediate',
259 j_type = {?}, j_parameters = {?}",
263 json_encode($parameters));
267 // Returns true if the account is currently active.
268 public function active()
270 return $this->g_status
== 'active';
273 // Returns true if the account exists in Google Apps.
274 public function provisioned()
276 return $this->g_status
== 'active' or $this->g_status
== 'disabled';
279 // Returns true if the account exists, but cannot be used (user-requested
280 // suspension, or Google-requested suspension).
281 public function suspended()
283 return $this->g_status
== 'disabled';
287 // Changes the GoogleApps password.
288 public function set_password($password) {
289 if (!$this->provisioned()) {
293 if (!$this->pending_update_password
) {
294 $this->create_queue_job('u_update', array('password' => $password));
295 $this->pending_update_password
= true
;
300 // Changes the password synchronization status ("sync = true" means that the
301 // Polytechnique.org password will be replicated to the Google Apps account).
302 public function set_password_sync($sync) {
303 if (!$this->provisioned()) {
307 $this->sync_password
= $sync;
309 "UPDATE gapps_accounts
310 SET l_sync_password = {?}
311 WHERE g_account_name = {?}",
313 $this->g_account_name
);
316 // Suspends the Google Apps account.
317 public function suspend() {
318 if (!$this->provisioned()) {
322 if (!$this->pending_update_suspension
) {
323 $this->create_queue_job('u_update', array('suspended' => true
));
324 $this->pending_update_suspension
= true
;
326 "UPDATE gapps_accounts
327 SET g_status = 'disabled'
328 WHERE g_account_name = {?} AND g_status = 'active'",
329 $this->g_account_name
);
333 // Adds an unsuspension request to the validation queue (used on user-request).
334 public function unsuspend($activate_mail_redirection = NULL
) {
335 if (!$this->provisioned()) {
338 if ($activate_mail_redirection !== NULL
) {
339 $this->activate_mail_redirection
= $activate_mail_redirection;
341 "UPDATE gapps_accounts
342 SET l_activate_mail_redirection = {?}
343 WHERE g_account_name = {?}",
344 $activate_mail_redirection,
345 $this->g_account_name
);
348 if (!$this->pending_update_suspension
&& !$this->pending_validation_unsuspend
) {
349 require_once('validations.inc.php');
350 $unsuspend = new GoogleAppsUnsuspendReq($this->uid
);
351 $unsuspend->submit();
352 $this->pending_validation_unsuspend
= true
;
356 // Unsuspends the Google Apps account (used on admin-request, or on validation of
358 public function do_unsuspend() {
359 if (!$this->provisioned()) {
363 if (!$this->pending_update_suspension
) {
364 if ($this->sync_password
) {
368 WHERE user_id = {?}",
370 $password = ($res->numRows() > 0 ?
$res->fetchOneCell() : false
);
376 $this->create_queue_job('u_update', array('suspended' => false
, 'password' => $password));
378 $this->create_queue_job('u_update', array('suspended' => false
));
380 $this->pending_update_suspension
= true
;
386 // Creates a new Google Apps account with the @p local parameters.
387 public function create($password_sync, $password, $redirect_mails) {
388 if ($this->g_status
!= NULL
) {
392 if (!$this->pending_create
) {
393 // Retrieves information on the new account.
395 "SELECT nom, nom_usage, prenom
397 WHERE user_id = {?}",
399 list($nom, $nom_usage, $prenom) = $res->fetchOneRow();
401 // Adds an 'unprovisioned' entry in the gapps_accounts table.
403 "INSERT INTO gapps_accounts
405 l_sync_password = {?},
406 l_activate_mail_redirection = {?},
407 g_account_name = {?},
410 g_status = 'unprovisioned'",
414 $this->g_account_name
,
416 ($nom_usage ?
$nom_usage : $nom));
418 // Adds the creation job in the GApps queue.
419 $this->create_queue_job(
422 'username' => $this->g_account_name
,
423 'first_name' => $prenom,
424 'last_name' => ($nom_usage ?
$nom_usage : $nom),
425 'password' => $password,
428 // Updates the GoogleAppsAccount status.
429 $this->__construct($this->uid
, $this->g_account_name
);
434 // Returns the status of the Google Apps account for @p user, or false
435 // when no account exists.
436 static public function account_status($uid) {
440 WHERE l_userid = {?}", $uid);
441 return ($res->numRows() > 0 ?
$res->fetchOneCell() : false
);
444 // Returns true if the @p user is an administrator of the Google Apps domain.
445 static public function is_administrator($uid) {
449 WHERE l_userid = {?} AND g_status = 'active'", $uid);
450 return ($res->numRows() > 0 ?
(bool
)$res->fetchOneCell() : false
);
454 // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8: