X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=modules%2Fgoogleapps.php;h=263a24d3f5156611c95d8b7aa998b14f9c3db855;hb=1dd218522cea6ae08998b0ca107c8fec608ddce8;hp=9dc333bd97062a64acca910d7ddedb554e19bb39;hpb=f5c4bf30937c75b077ce4941a7c66019cc781a67;p=platal.git diff --git a/modules/googleapps.php b/modules/googleapps.php index 9dc333b..263a24d 100644 --- a/modules/googleapps.php +++ b/modules/googleapps.php @@ -1,6 +1,6 @@ $this->make_hook('index', AUTH_MDP), + 'googleapps' => $this->make_hook('index', AUTH_MDP), + 'admin/googleapps' => $this->make_hook('admin', AUTH_MDP, 'admin'), + 'admin/googleapps/job' => $this->make_hook('admin_job', AUTH_MDP, 'admin'), + 'admin/googleapps/user' => $this->make_hook('admin_user', AUTH_MDP, 'admin'), ); } - function handler_index(&$page, $action = null, $subaction = null) + function handler_index(&$page, $action = null) { require_once("emails.inc.php"); require_once("googleapps.inc.php"); $page->changeTpl('googleapps/index.tpl'); - $page->addJsLink('motdepasse.js'); - $page->assign('xorg_title', 'Polytechnique.org - Compte Google Apps'); + $page->addJsLink('password.js'); + $page->setTitle('Compte Google Apps'); - $account = new GoogleAppsAccount(S::v('uid'), S::v('forlife')); + $user = S::user(); + $account = new GoogleAppsAccount($user); // Fills up the 'is Google Apps redirection active' variable. $page->assign('redirect_active', false); $page->assign('redirect_unique', true); if ($account->active()) { - $redirect = new Redirect(S::v('uid')); - $page->assign('redirect_unique', !$redirect->other_active(NULL)); + $redirect = new Redirect($user); + $page->assign('redirect_unique', !$redirect->other_active('googleapps')); - $storage = new MailStorageGoogleApps(S::v('uid')); - $page->assign('redirect_active', $storage->active()); + $storage = new EmailStorage($user, 'googleapps'); + $page->assign('redirect_active', $storage->active); } // Updates the Google Apps account as required. if ($action) { - if ($action == 'password') { - if ($subaction == 'sync') { + if ($action == 'password' && Post::has('pwsync')) { + S::assert_xsrf_token(); + if (Post::v('pwsync') == 'sync') { $account->set_password_sync(true); $account->set_password(S::v('password')); - $page->trig("Ton mot de passe Google Apps sera dorénavant synchronisé avec ton mot de passe Polytechnique.org."); - } else if ($subaction == 'nosync') { + } else { $account->set_password_sync(false); - } else if (Post::has('response2') && !$account->sync_password) { - $account->set_password(Post::v('response2')); } + } elseif ($action == 'password' && Post::has('pwhash') && Post::t('pwhash') && !$account->sync_password) { + S::assert_xsrf_token(); + $account->set_password(Post::t('pwhash')); } if ($action == 'suspend' && Post::has('suspend') && $account->active()) { + S::assert_xsrf_token(); + if ($account->pending_update_suspension) { - $page->trig("Ton compte est déjà en cours de désactivation."); + $page->trigWarning("Ton compte est déjà en cours de désactivation."); } else { - $storage = new MailStorageGoogleApps(S::v('uid')); - if ($storage->disable()) { + if ($redirect->modify_one_email('googleapps', false) == SUCCESS) { $account->suspend(); - $page->trig("Ton compte Google Apps est dorénavant désactivé."); + $page->trigSuccess("Ton compte Google Apps est dorénavant désactivé."); } else { - $page->trig("Ton compte Google Apps est ta seule adresse de redirection. Ton compte ne peux pas être désactivé."); + $page->trigError("Ton compte Google Apps est ta seule adresse de redirection. Ton compte ne peux pas être désactivé."); } } } elseif ($action == 'unsuspend' && Post::has('unsuspend') && $account->suspended()) { $account->unsuspend(Post::b('redirect_mails', true)); - $page->trig("Ta demande de réactivation a bien été prise en compte."); + $page->trigSuccess("Ta demande de réactivation a bien été prise en compte."); } if ($action == 'create') { @@ -91,21 +97,139 @@ class GoogleAppsModule extends PLModule $page->assign('password_sync', Get::b('password_sync', true)); } if ($action == 'create' && Post::has('password_sync') && Post::has('redirect_mails')) { + S::assert_xsrf_token(); + $password_sync = Post::b('password_sync'); $redirect_mails = Post::b('redirect_mails'); if ($password_sync) { - $password = S::v('password'); + $password = $user->password(); } else { - $password = Post::v('response2'); + $password = Post::t('pwhash'); } $account->create($password_sync, $password, $redirect_mails); - $page->trig("La demande de création de ton compte Google Apps a bien été enregistrée."); + $page->trigSuccess("La demande de création de ton compte Google Apps a bien été enregistrée."); } } $page->assign('account', $account); } + + function handler_admin(&$page, $action = null) { + require_once("googleapps.inc.php"); + $page->changeTpl('googleapps/admin.tpl'); + $page->setTitle('Administration Google Apps'); + $page->assign('googleapps_admin', GoogleAppsAccount::is_administrator(S::v('uid'))); + + if ($action == 'ack') { + $qid = @func_get_arg(2); + if ($qid) { + XDB::execute( + "DELETE FROM gapps_queue + WHERE q_id = {?} AND p_status = 'hardfail'", $qid); + $page->trigSuccess("La requête échouée a bien été retirée."); + } + } + + // Retrieves latest pending administrative requests from the gappsd queue. + $res = XDB::iterator( + "SELECT q_id, q_recipient_id, a.alias, j_type, j_parameters, + UNIX_TIMESTAMP(q.p_entry_date) AS p_entry_date + FROM gapps_queue AS q + LEFT JOIN aliases AS a ON (a.uid = q_recipient_id AND a.type = 'a_vie') + WHERE p_status IN ('idle', 'active', 'softfail') AND + p_admin_request IS TRUE + ORDER BY p_entry_date"); + while ($request = $res->next()) { + $j_parameters = json_decode($request['j_parameters'], true); + unset($j_parameters['username']); + $parameters = array_keys($j_parameters); + $request['parameters'] = implode(', ', $parameters); + + $page->append('admin_requests', $request); + } + + // Retrieves latest failed requests from the gappsd queue. + $res = XDB::iterator( + "SELECT q.q_id, q.q_recipient_id, a.alias, q.j_type, q.r_result, + UNIX_TIMESTAMP(q.p_entry_date) AS p_entry_date + FROM gapps_queue AS q + LEFT JOIN aliases AS a ON (a.uid = q.q_recipient_id AND a.type = 'a_vie') + WHERE q.p_status = 'hardfail' + ORDER BY p_entry_date DESC + LIMIT 20"); + $page->assign('failed_requests', $res); + } + + function handler_admin_job(&$page, $job = null) { + require_once("googleapps.inc.php"); + $page->changeTpl('googleapps/admin.job.tpl'); + $page->setTitle('Administration Google Apps'); + $page->assign('googleapps_admin', GoogleAppsAccount::is_administrator(S::v('uid'))); + + if ($job) { + $res = XDB::query( + "SELECT q.*, ao.alias AS q_owner, ar.alias AS q_recipient + FROM gapps_queue AS q + LEFT JOIN aliases AS ao ON (ao.uid = q.q_owner_id AND ao.type = 'a_vie') + LEFT JOIN aliases AS ar ON (ar.uid = q.q_recipient_id AND ar.type = 'a_vie') + WHERE q_id = {?}", $job); + $sql_job = $res->fetchOneAssoc(); + $sql_job['decoded_parameters'] = var_export(json_decode($sql_job['j_parameters'], true), true); + $page->assign('job', $sql_job); + } + } + + function handler_admin_user(&$page, $user = null) { + require_once("emails.inc.php"); + require_once("googleapps.inc.php"); + $page->changeTpl('googleapps/admin.user.tpl'); + $page->setTitle('Administration Google Apps'); + $page->assign('googleapps_admin', GoogleAppsAccount::is_administrator(S::v('uid'))); + + if (!$user && Post::has('login')) { + $user = Post::v('login'); + } + $user = User::get($user); + + if ($user) { + $account = new GoogleAppsAccount($user); + $storage = new EmailStorage($user, 'googleapps'); + + // Apply requested actions. + if (Post::has('suspend') && $account->active() && !$account->pending_update_suspension) { + S::assert_xsrf_token(); + $account->suspend(); + $page->trigSuccess('Le compte est en cours de suspension.'); + } else if (Post::has('unsuspend') && $account->suspended() && !$account->pending_update_suspension) { + S::assert_xsrf_token(); + $account->do_unsuspend(); + $page->trigSuccess('Le compte est en cours de réactivation.'); + } else if (Post::has('forcesync') && $account->active() && $account->sync_password) { + $account->set_password($user->password()); + $page->trigSuccess('Le mot de passe est en cours de synchronisation.'); + } else if (Post::has('sync') && $account->active()) { + $account->set_password($user->password()); + $account->set_password_sync(true); + } else if (Post::has('nosync') && $account->active()) { + $account->set_password_sync(false); + } + + // Displays basic account information. + $page->assign('account', $account); + $page->assign('admin_account', GoogleAppsAccount::is_administrator($user->id())); + $page->assign('googleapps_storage', $storage->active); + $page->assign('user', $user->id()); + + // Retrieves user's pending requests. + $res = XDB::iterator( + "SELECT q_id, q_recipient_id, p_status, j_type, UNIX_TIMESTAMP(p_entry_date) AS p_entry_date + FROM gapps_queue + WHERE q_recipient_id = {?} + ORDER BY p_entry_date DESC", $user->id()); + $page->assign('requests', $res); + } + } } // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8: