mirror of
https://github.com/the-djmaze/snappymail.git
synced 2024-11-10 09:02:45 +08:00
248 lines
6.7 KiB
PHP
248 lines
6.7 KiB
PHP
<?php
|
|
|
|
class LdapContactsSuggestions implements \RainLoop\Providers\Suggestions\ISuggestions
|
|
{
|
|
use \MailSo\Log\Inherit;
|
|
|
|
private string $sLdapUri = 'ldap://localhost:389';
|
|
|
|
private bool $bUseStartTLS = true;
|
|
|
|
private string $sBindDn = '';
|
|
|
|
private string $sBindPassword = '';
|
|
|
|
private string $sBaseDn = 'ou=People,dc=example,dc=com';
|
|
|
|
private string $sObjectClasses = 'inetOrgPerson';
|
|
|
|
private string $sUidAttributes = 'uid';
|
|
|
|
private string $sNameAttributes = 'displayName,cn,givenName,sn';
|
|
|
|
private string $sEmailAttributes = 'mailAddress,mail,mailAlternateAddress,mailAlias';
|
|
|
|
private string $sAllowedEmails = '*';
|
|
|
|
/**
|
|
* @param string $sLdapUri
|
|
* @param bool $bUseStartTLS
|
|
* @param string $sBindDn
|
|
* @param string $sBindPassword
|
|
* @param string $sBaseDn
|
|
* @param string $sObjectClasses
|
|
* @param string $sNameAttributes
|
|
* @param string $sEmailAttributes
|
|
* @param string $sUidAttributes
|
|
* @param string $sAllowedEmails
|
|
*
|
|
* @return \LdapContactsSuggestions
|
|
*/
|
|
public function SetConfig($sLdapUri, $bUseStartTLS, $sBindDn, $sBindPassword, $sBaseDn, $sObjectClasses, $sUidAttributes, $sNameAttributes, $sEmailAttributes, $sAllowedEmails)
|
|
{
|
|
$this->sLdapUri = $sLdapUri;
|
|
$this->bUseStartTLS = $bUseStartTLS;
|
|
if (\strlen($sBindDn)) {
|
|
$this->sBindDn = $sBindDn;
|
|
$this->sBindPassword = $sBindPassword;
|
|
}
|
|
$this->sBaseDn = $sBaseDn;
|
|
$this->sObjectClasses = $sObjectClasses;
|
|
$this->sUidAttributes = $sUidAttributes;
|
|
$this->sNameAttributes = $sNameAttributes;
|
|
$this->sEmailAttributes = $sEmailAttributes;
|
|
$this->sAllowedEmails = $sAllowedEmails;
|
|
|
|
return $this;
|
|
}
|
|
|
|
public function Process(\RainLoop\Model\Account $oAccount, string $sQuery, int $iLimit = 20): array
|
|
{
|
|
$sQuery = \trim($sQuery);
|
|
|
|
if (2 > \strlen($sQuery)
|
|
|| !$oAccount
|
|
|| !\RainLoop\Plugins\Helper::ValidateWildcardValues($oAccount->Email(), $this->sAllowedEmails))
|
|
{
|
|
return array();
|
|
}
|
|
|
|
$sSearchEscaped = $this->escape($sQuery);
|
|
|
|
$aResult = array();
|
|
$oCon = @\ldap_connect($this->sLdapUri);
|
|
if ($oCon) {
|
|
$this->logWrite('ldap_connect: connected', \LOG_INFO, 'LDAP');
|
|
|
|
@\ldap_set_option($oCon, LDAP_OPT_PROTOCOL_VERSION, 3);
|
|
|
|
if ($this->bUseStartTLS && !@\ldap_start_tls($oCon)) {
|
|
$this->logLdapError($oCon, 'ldap_start_tls');
|
|
return $aResult;
|
|
}
|
|
|
|
if (!@\ldap_bind($oCon, $this->sBindDn, $this->sBindPassword)) {
|
|
if (\is_null($this->sBindDn)) {
|
|
$this->logLdapError($oCon, 'ldap_bind (anonymous)');
|
|
} else {
|
|
$this->logLdapError($oCon, 'ldap_bind');
|
|
}
|
|
return $aResult;
|
|
}
|
|
|
|
$sDomain = \MailSo\Base\Utils::getEmailAddressDomain($oAccount->Email());
|
|
$sBaseDn = \strtr($this->sBaseDn, array(
|
|
'{domain}' => $sDomain,
|
|
'{domain:dc}' => 'dc='.\strtr($sDomain, array('.' => ',dc=')),
|
|
'{email}' => $oAccount->Email(),
|
|
'{email:user}' => \MailSo\Base\Utils::getEmailAddressLocalPart($oAccount->Email()),
|
|
'{email:domain}' => $sDomain,
|
|
'{login}' => $oAccount->IncLogin(),
|
|
'{imap:login}' => $oAccount->IncLogin(),
|
|
'{imap:host}' => $oAccount->Domain()->ImapSettings()->host,
|
|
'{imap:port}' => $oAccount->Domain()->ImapSettings()->port
|
|
));
|
|
|
|
$aObjectClasses = empty($this->sObjectClasses) ? array() : \explode(',', $this->sObjectClasses);
|
|
$aEmails = empty($this->sEmailAttributes) ? array() : \explode(',', $this->sEmailAttributes);
|
|
$aNames = empty($this->sNameAttributes) ? array() : \explode(',', $this->sNameAttributes);
|
|
$aUIDs = empty($this->sUidAttributes) ? array() : \explode(',', $this->sUidAttributes);
|
|
|
|
$aObjectClasses = \array_map('trim', $aObjectClasses);
|
|
$aEmails = \array_map('trim', $aEmails);
|
|
$aNames = \array_map('trim', $aNames);
|
|
$aUIDs = \array_map('trim', $aUIDs);
|
|
|
|
$aFields = \array_merge($aEmails, $aNames, $aUIDs);
|
|
|
|
$iObjCount = 0;
|
|
$sObjFilter = '';
|
|
foreach ($aObjectClasses as $sItem) {
|
|
if (!empty($sItem)) {
|
|
++$iObjCount;
|
|
$sObjFilter .= '(objectClass='.$sItem.')';
|
|
}
|
|
}
|
|
|
|
|
|
$aItems = array();
|
|
$sSubFilter = '';
|
|
foreach ($aFields as $sItem) {
|
|
if (!empty($sItem)) {
|
|
$aItems[] = $sItem;
|
|
$sSubFilter .= '('.$sItem.'=*'.$sSearchEscaped.'*)';
|
|
}
|
|
}
|
|
|
|
$sFilter = '(&';
|
|
$sFilter .= (1 < $iObjCount ? '(|' : '').$sObjFilter.(1 < $iObjCount ? ')' : '');
|
|
$sFilter .= (1 < count($aItems) ? '(|' : '').$sSubFilter.(1 < count($aItems) ? ')' : '');
|
|
$sFilter .= ')';
|
|
|
|
$this->logWrite('ldap_search: start: '.$sBaseDn.' / '.$sFilter, \LOG_INFO, 'LDAP');
|
|
$oS = @\ldap_search($oCon, $sBaseDn, $sFilter, $aItems, 0, 30, 30);
|
|
if ($oS) {
|
|
$aEntries = @\ldap_get_entries($oCon, $oS);
|
|
if (is_array($aEntries)) {
|
|
if (isset($aEntries['count'])) {
|
|
unset($aEntries['count']);
|
|
}
|
|
|
|
foreach ($aEntries as $aItem) {
|
|
if ($aItem) {
|
|
$sName = $sEmail = '';
|
|
list ($sEmail, $sName) = $this->findNameAndEmail($aItem, $aEmails, $aNames, $aUIDs);
|
|
if (!empty($sEmail)) {
|
|
$aResult[] = array($sEmail, $sName);
|
|
}
|
|
}
|
|
}
|
|
} else {
|
|
$this->logLdapError($oCon, 'ldap_get_entries');
|
|
}
|
|
} else {
|
|
$this->logLdapError($oCon, 'ldap_search');
|
|
}
|
|
}
|
|
|
|
return \array_slice($aResult, 0, $iLimit);
|
|
}
|
|
|
|
/**
|
|
* @param array $aLdapItem
|
|
* @param array $aEmailAttributes
|
|
* @param array $aNameAttributes
|
|
* @param array $aUidAttributes
|
|
*
|
|
* @return array
|
|
*/
|
|
private function findNameAndEmail($aLdapItem, $aEmailAttributes, $aNameAttributes, $aUidAttributes)
|
|
{
|
|
$sEmail = $sName = $sUid = '';
|
|
if ($aLdapItem) {
|
|
foreach ($aEmailAttributes as $sField) {
|
|
$sField = \strtolower($sField);
|
|
if (!empty($aLdapItem[$sField][0])) {
|
|
$sEmail = \trim($aLdapItem[$sField][0]);
|
|
if (!empty($sEmail)) {
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
|
|
foreach ($aNameAttributes as $sField) {
|
|
$sField = \strtolower($sField);
|
|
if (!empty($aLdapItem[$sField][0])) {
|
|
$sName = \trim($aLdapItem[$sField][0]);
|
|
if (!empty($sName)) {
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
|
|
foreach ($aUidAttributes as $sField) {
|
|
$sField = \strtolower($sField);
|
|
if (!empty($aLdapItem[$sField][0])) {
|
|
$sUid = \trim($aLdapItem[$sField][0]);
|
|
if (!empty($sUid)) {
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
return array($sEmail, $sName, $sUid);
|
|
}
|
|
|
|
/**
|
|
* @param string $sStr
|
|
*
|
|
* @return string
|
|
*/
|
|
public function escape($sStr)
|
|
{
|
|
$aNewChars = array();
|
|
$aChars = array('\\', '*', '(', ')', \chr(0));
|
|
|
|
foreach ($aChars as $iIndex => $sValue) {
|
|
$aNewChars[$iIndex] = '\\'.\str_pad(\dechex(\ord($sValue)), 2, '0');
|
|
}
|
|
|
|
return \str_replace($aChars, $aNewChars, $sStr);
|
|
}
|
|
|
|
/**
|
|
* @param mixed $oCon
|
|
* @param string $sCmd
|
|
*
|
|
* @return string
|
|
*/
|
|
public function logLdapError($oCon, $sCmd)
|
|
{
|
|
if ($this->oLogger) {
|
|
$sError = $oCon ? @\ldap_error($oCon) : '';
|
|
$iErrno = $oCon ? @\ldap_errno($oCon) : 0;
|
|
$this->logWrite($sCmd.' error: '.$sError.' ('.$iErrno.')', \LOG_WARNING, 'LDAP');
|
|
}
|
|
}
|
|
}
|