Merge pull request #9 from Djip007/master

sso working (like scith)
    new plugins to get ynh mail login.
    update install/config:
        passe admin password by parametre
        sed after copie
        correct login in mysql db.
    change in update script (not tested...)
    include rainloop source in tgz.

conf/config.php

@@ -1,9 +1,27 @@
 <?php
+
+function arguments($argv) {
+	$_ARG = array();
+	foreach ($argv as $arg) {
+		if (ereg('--([^=]+)=(.*)',$arg,$reg)) {
+			$_ARG[$reg[1]] = $reg[2];
+		} elseif(ereg('^-([a-zA-Z0-9])',$arg,$reg)) {
+			$_ARG[$reg[1]] = 'true';
+		} else {
+			$_ARG['input'][]=$arg;
+		}
+	}
+	return $_ARG;
+}
+
+// get args:
+$args = arguments($argv);
+
 $_ENV['RAINLOOP_INCLUDE_AS_API'] = true;
-include '/var/www/rainloop/app/index.php';
+include $args['index'];
 
 $oConfig = \RainLoop\Api::Config();
-$oConfig->SetPassword('ADMINPASSWORD');
+$oConfig->SetPassword($args['password']);
 echo $oConfig->Save() ? 'Admin password updated' : 'Admin password not updated';
 
 ?>

conf/data/configs/application.ini

@@ -135,10 +135,10 @@ sign_me_auto = "DefaultOff"
 
 [plugins]
 ; Enable plugin support
-enable = Off
+enable = On
 
 ; List of enabled plugins
-enabled_list = ""
+enabled_list = "ynh-login-mapping"
 
 [defaults]
 ; Editor mode used by default (Plain, Html, HtmlForced or PlainForced)

conf/data/domains/disabled

@@ -1 +1 @@
-gmail.com,outlook.com,qq.com,yahoo.com
+gmail.com,outlook.com,qq.com,yahoo.com,

scripts/install

@@ -42,66 +42,81 @@ sudo yunohost app setting rainloop mysqlpwd -v $db_pwd
 # Copy files to the right place
 final_path=/var/www/$app
 rainloop_path=${final_path}/app
+#rainloop_path=${final_path}
 
 sudo rm -rf $final_path
 sudo mkdir -p $final_path
 sudo mkdir -p $rainloop_path
 
 # Use of latest community edition
-sudo wget http://repository.rainloop.net/v2/webmail/rainloop-community-latest.zip -O $rainloop_path/rainloop.zip
-sudo unzip $rainloop_path/rainloop.zip -d $rainloop_path/
-sudo rm $rainloop_path/rainloop.zip
+sudo unzip ../sources/rainloop-community.zip -d $rainloop_path/
 
 # Autoconfig
 sudo mkdir -p $rainloop_path/data/_data_/_default_/configs/
-sed -i "s@domain.tld@$domain@g" ../conf/data/configs/application.ini
-sed -i "s@MYSQLUSER@db_user@g" ../conf/data/configs/application.ini
-sed -i "s@MYSQLPASSWORD@$db_pwd@g" ../conf/data/configs/application.ini
+application_file=$rainloop_path/data/_data_/_default_/configs/application.ini
 if [ $(echo $LANG | cut -c1-2) == "fr" ]
 then
     lang=fr
 else
     lang=en
 fi
-sed -i "s@LANGTOCHANGE@$lang@g" ../conf/data/configs/application.ini
-sudo cp ../conf/data/configs/application.ini $rainloop_path/data/_data_/_default_/configs/application.ini
+sudo cp ../conf/data/configs/application.ini $application_file
+sudo sed -i "s@domain.tld@$domain@g"         $application_file
+sudo sed -i "s@MYSQLUSER@$db_user@g"         $application_file
+sudo sed -i "s@MYSQLPASSWORD@$db_pwd@g"      $application_file
+sudo sed -i "s@LANGTOCHANGE@$lang@g"         $application_file
 
 # Set admin password
-sed -i "s@ADMINPASSWORD@$password@g" ../conf/config.php
-sudo php ../conf/config.php
+sudo php ../conf/config.php --index="$rainloop_path/index.php" --password="$password"
 
 # Add default domain configs by looping through all the domains already added
 sudo mkdir -p $rainloop_path/data/_data_/_default_/domains/
-sudo yunohost domain list | sed -e '1d' | while read -r line ; do
-	domain=${line//- }
-	sed -i "s@domain.tld@$domain@g" ../conf/data/domains/domain.tld.ini
+
+# get list of ldap domaine
+domains=`ldapsearch -LLL -x -b ou=domains,dc=yunohost,dc=org -s one "objectclass=top" virtualdomain | grep -v "dn:" | sed "s/virtualdomain://" `
+for domain in $domains ; do
 	sudo cp ../conf/data/domains/domain.tld.ini $rainloop_path/data/_data_/_default_/domains/$domain.ini
-	sed -i "s@$domain@domain.tld@g" ../conf/data/domains/domain.tld.ini
+	sudo sed -i "s@domain.tld@$domain@g"        $rainloop_path/data/_data_/_default_/domains/$domain.ini
 done
 sudo cp ../conf/data/domains/disabled $rainloop_path/data/_data_/_default_/domains/disabled
 
+# now install ynh plugins:
+sudo mkdir -p $rainloop_path/data/_data_/_default_/plugins
+sudo cp -rf ../sources/plugins/ynh-login-mapping $rainloop_path/data/_data_/_default_/plugins/.
+
+
 # Hooks for domains are not implemented yet, so new domains will not be added automatically
 
-# SSO
-sed -i "s@domain.tld@$domain@g" ../conf/sso.php
-sed -i "s@PATHTOCHANGE@$path@g" ../conf/sso.php
-sudo cp ../conf/sso.php $final_path/index.php
+# install SSO and auto version
+if [ $final_path == $rainloop_path ]
+then
+	# use modified version of master index.php that implement sso
+	sudo cp ../sources/sso/index.php      $final_path/index.php
+else
+    # use only sso on master
+	sudo cp ../sources/sso/sso.php                  $final_path/index.php
+	sudo cp ../sources/patch/index_auto_version.php $rainloop_path/index.php
+fi
+sudo sed -i "s@domain.tld@$domain@g"  $final_path/index.php
+sudo sed -i "s@PATHTOCHANGE@$path@g"  $final_path/index.php
 
 # Set permissions to rainloop directory
-# sudo mkdir -p $final_path/logs
 sudo chown -R www-data:www-data $final_path
 
-# Modify Nginx configuration file and copy it to Nginx conf directory
-sed -i "s@PATHTOCHANGE@$path@g" ../conf/nginx.conf
-sed -i "s@ALIASTOCHANGE@$final_path/@g" ../conf/nginx.conf
-sed -i "s@NAMETOCHANGE@$app@g" ../conf/nginx.conf
-sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf
+# Install Nginx configuration file
+nginx_conf_file=/etc/nginx/conf.d/$domain.d/$app.conf
+sudo cp ../conf/nginx.conf $nginx_conf_file
+sudo sed -i "s@PATHTOCHANGE@$path@g"         $nginx_conf_file
+sudo sed -i "s@ALIASTOCHANGE@$final_path/@g" $nginx_conf_file
+sudo sed -i "s@NAMETOCHANGE@$app@g"          $nginx_conf_file
+sudo chown root:                             $nginx_conf_file
+sudo chmod 644                               $nginx_conf_file
 
-sed -i "s@NAMETOCHANGE@$app@g" ../conf/php-fpm.conf
 finalphpconf=/etc/php5/fpm/pool.d/$app.conf
-sudo cp ../conf/php-fpm.conf $finalphpconf
-sudo chown root: $finalphpconf
-sudo chmod 644 $finalphpconf
+sudo cp ../conf/php-fpm.conf        $finalphpconf
+sudo sed -i "s@NAMETOCHANGE@$app@g" $finalphpconf
+sudo chown root:                    $finalphpconf
+sudo chmod 644                      $finalphpconf
 
 # Make app public if necessary
 sudo yunohost app setting $app is_public -v "$is_public"

scripts/upgrade

@@ -6,56 +6,64 @@ app=rainloop
 domain=$(sudo yunohost app setting $app domain)
 path=$(sudo yunohost app setting $app path)
 is_public=$(sudo yunohost app setting $app is_public)
-dp_pwd=$(sudo yunohost app setting rainloop mysqlpwd)
+dp_pwd=$(sudo yunohost app setting $app mysqlpwd)
 db_user=$app
 
-# Initialize database and store mysql password for upgrade
-root_pwd=$(sudo cat /etc/yunohost/mysql)
-mysql -u root -p$root_pwd -e "DROP DATABASE $db_name ; DROP USER $db_user@localhost ;"
-sudo yunohost app initdb $db_user -p $db_pwd
+# no update for db now...
+#root_pwd=$(sudo cat /etc/yunohost/mysql)
+#mysql -u root -p$root_pwd -e "DROP DATABASE $db_name ; DROP USER $db_user@localhost ;"
+#sudo yunohost app initdb $db_user -p $db_pwd
 
 # Copy files to the right place
 final_path=/var/www/$app
 rainloop_path=${final_path}/app
+#rainloop_path=${final_path}
 
-sudo rm -rf $final_path
-sudo mkdir -p $final_path
-sudo mkdir -p $rainloop_path
+# no delete... we keep old install, the new is in a new path
+#sudo rm -rf $final_path
+#sudo mkdir -p $final_path
+#sudo mkdir -p $rainloop_path
 
 # Use of latest community edition
-sudo wget http://repository.rainloop.net/v2/webmail/rainloop-community-latest.zip -O $rainloop_path/rainloop.zip
-sudo unzip $rainloop_path/rainloop.zip -d $rainloop_path/
-sudo rm $rainloop_path/rainloop.zip
+sudo unzip ../sources/rainloop-community.zip -d $rainloop_path/
 
+# update patch to auto load version.
+sudo cp ../sources/patch/index_auto_version.php $rainloop_path/index.php
 
+# update ynh plugins:
+sudo mkdir -p $rainloop_path/data/_data_/_default_/plugins
+sudo cp -rf ../sources/plugins/ynh-login-mapping $rainloop_path/data/_data_/_default_/plugins/.
 
-# Modify Nginx configuration file and copy it to Nginx conf directory
-sed -i "s@PATHTOCHANGE@$path@g" ../conf/nginx.conf
-sed -i "s@ALIASTOCHANGE@$final_path/@g" ../conf/nginx.conf
-sed -i "s@NAMETOCHANGE@$app@g" ../conf/nginx.conf
-sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/$app.conf
-
-sed -i "s@NAMETOCHANGE@$app@g" ../conf/php-fpm.conf
-finalphpconf=/etc/php5/fpm/pool.d/$app.conf
-sudo cp ../conf/php-fpm.conf $finalphpconf
-sudo chown root: $finalphpconf
-sudo chmod 644 $finalphpconf
-
-# SSO
-sed -i "s@domain.tld@$domain@g" ../conf/sso.php
-sed -i "s@PATHTOCHANGE@$path@g" ../conf/sso.php
-sudo cp ../conf/sso.php $final_path/index.php
+# update SSO and auto version
+if [ $final_path == $rainloop_path ]
+then
+	# use modified version of master index.php that implement sso
+	sudo cp ../sources/sso/index.php      $final_path/index.php
+else
+    # use only sso on master
+	sudo cp ../sources/sso/sso.php                  $final_path/index.php
+	sudo cp ../sources/patch/index_auto_version.php $rainloop_path/index.php
+fi
+sudo sed -i "s@domain.tld@$domain@g"  $final_path/index.php
+sudo sed -i "s@PATHTOCHANGE@$path@g"  $final_path/index.php
 
 # Set permissions to rainloop directory
 sudo chown -R www-data:www-data $final_path
 
-# Make app public if necessary
-sudo yunohost app setting $app is_public -v "$is_public"
-if [ "$is_public" = "Yes" ];
-then
-    sudo yunohost app setting $app skipped_uris -v "/"
-fi
+# Update Nginx configuration file
+nginx_conf_file=/etc/nginx/conf.d/$domain.d/$app.conf
+sudo cp ../conf/nginx.conf $nginx_conf_file
+sudo sed -i "s@PATHTOCHANGE@$path@g"         $nginx_conf_file
+sudo sed -i "s@ALIASTOCHANGE@$final_path/@g" $nginx_conf_file
+sudo sed -i "s@NAMETOCHANGE@$app@g"          $nginx_conf_file
+sudo chown root:                             $nginx_conf_file
+sudo chmod 644                               $nginx_conf_file
 
+finalphpconf=/etc/php5/fpm/pool.d/$app.conf
+sudo cp ../conf/php-fpm.conf        $finalphpconf
+sudo sed -i "s@NAMETOCHANGE@$app@g" $finalphpconf
+sudo chown root:                    $finalphpconf
+sudo chmod 644                      $finalphpconf
 
 # Reload Nginx and regenerate SSOwat conf
 sudo service php5-fpm reload

sources/patch/index_auto_version.php

@@ -0,0 +1,18 @@
+<?php
+if (!defined('APP_VERSION')) {
+	$version = file_get_contents('/var/www/rainloop/app/data/VERSION');
+	if ($version) {
+		define('APP_VERSION', $version);
+		define('APP_INDEX_ROOT_FILE', __FILE__);
+		define('APP_INDEX_ROOT_PATH', str_replace('\\', '/', rtrim(dirname(__FILE__), '\\/').'/'));
+	}
+}
+
+if (file_exists(APP_INDEX_ROOT_PATH.'rainloop/v/'.APP_VERSION.'/include.php')) {
+	include APP_INDEX_ROOT_PATH.'rainloop/v/'.APP_VERSION.'/include.php';
+} else {
+	echo '[105] Missing version directory';
+	exit(105);
+}
+
+?>

sources/plugins/ynh-login-mapping/README

@@ -0,0 +1 @@
+Plugin which allows you to get username from ynh ldap by email address

sources/plugins/ynh-login-mapping/VERSION

@@ -0,0 +1 @@
+0.1

sources/plugins/ynh-login-mapping/index.php

@@ -0,0 +1,82 @@
+<?php
+class YnhLoginMappingPlugin extends \RainLoop\Plugins\AbstractPlugin {
+	public function Init() {
+		// $this->addHook('filter.login-credentials.step-1', 'FilterLoginСredentials1');
+		// $this->addHook('filter.login-credentials.step-2', 'FilterLoginСredentials2');
+		$this->addHook ( 'filter.login-credentials', 'FilterLoginСredentials' );
+	}
+	
+	/* // ca ne semble pas marcher...
+	 * public function FilterLoginCredentials1(&$sEmail, &$sPassword) {
+	 * $this->Manager()->Actions()->Logger()->Write('LdapLoginMappingPlugin::FilterLoginСredentials_S1:');
+	 * }
+	 */
+	
+	/* // ca non plus...
+	 * public function FilterLoginCredentials2(&$sEmail, &$sPassword) {
+	 * $this->Manager()->Actions()->Logger()->Write('LdapLoginMappingPlugin::FilterLoginСredentials_S2:');
+	 * }
+	 */
+	
+	/**
+	 *
+	 * @param string $sEmail        	
+	 * @param string $sLogin        	
+	 * @param string $sPassword        	
+	 *
+	 * @throws \RainLoop\Exceptions\ClientException
+	 */
+	public function FilterLoginСredentials(&$sEmail, &$sLogin, &$sPassword) {
+		$this->Manager()->Actions()->Logger()->Write('LdapLoginMappingPlugin::FilterLoginСredentials IN => '.$sEmail.'/'.$sLogin, \MailSo\Log\Enumerations\Type::INFO);
+		
+		// connection au ldap ynh... en local
+		$cnx = ldap_connect (); // single connection
+		
+		if (! $cnx) {
+			$this->Manager()->Actions()->Logger()->Write('LdapLoginMappingPlugin: Could not connect to LDAP server', \MailSo\Log\Enumerations\Type::ERROR );
+			return;
+		}
+		
+		if (! ldap_bind ( $cnx )) {
+			// bizard... ca renvoie false.... mais ca marche....
+			// $this->Manager()->Actions()->Logger()->Write('LdapLoginMappingPlugin: Could not bind to LDAP server', \MailSo\Log\Enumerations\Type::ERROR);
+			// return;
+		}
+		
+		$dn = "dc=yunohost,dc=org";
+		
+		// on veut mail et uid... pour un mail donné
+		$filter = "(&(objectClass=inetOrgPerson)(mail=$sEmail))";
+		$justthese = array ( 'uid', 'mail' );
+		
+		// OK un petit recherche
+		$sr = ldap_search ( $cnx, $dn, $filter, $justthese ); 
+		if (!$sr) {
+			$this->Manager()->Actions()->Logger()->Write('LdapLoginMappingPlugin: search on LDAP server', \MailSo\Log\Enumerations\Type::ERROR );
+			return;
+		}
+		$result = ldap_get_entries ( $cnx, $sr );
+
+		// OK si on a un resultat on recupere l'identifiant de l'utilisateur...
+		if (($result['count'] > 0) && ($result[0]['uid']['count'] > 0)) {
+			$sLogin = $result[0]['uid'][0];
+		} else {
+			$this->Manager()->Actions()->Logger()->Write('LdapLoginMappingPlugin: user not found', \MailSo\Log\Enumerations\Type::ERROR );
+		}
+		
+		$this->Manager()->Actions()->Logger()->Write('LdapLoginMappingPlugin::FilterLoginСredentials OUT => '. $sEmail.'/'.$sLogin, \MailSo\Log\Enumerations\Type::INFO );
+	}
+	
+	/*
+	 * // pas encore de configuration...
+	 * public function configMapping()
+	 * {
+	 * return array(
+	 * \RainLoop\Plugins\Property::NewInstance('mapping')->SetLabel('Mapping')
+	 * ->SetType(\RainLoop\Enumerations\PluginPropertyType::STRING_TEXT)
+	 * ->SetDescription('email:login mapping')
+	 * ->SetDefaultValue("user@domain.com:user.bob\nadmin@domain.com:user.john2")
+	 * );
+	 * }
+	 */
+}

sources/sso/index.php

@@ -0,0 +1,35 @@
+<?php
+
+if (!defined('APP_VERSION')) {
+	$version = file_get_contents('data/VERSION');
+	if ($version) {
+		define('APP_VERSION', $version);
+		define('APP_INDEX_ROOT_FILE', __FILE__);
+		define('APP_INDEX_ROOT_PATH', str_replace('\\', '/', rtrim(dirname(__FILE__), '\\/').'/'));
+	}
+}
+
+if(isset($_GET["auto_log"])) {
+	$_ENV['RAINLOOP_INCLUDE_AS_API'] = true;
+}
+
+if (file_exists(APP_INDEX_ROOT_PATH.'rainloop/v/'.APP_VERSION.'/include.php')) {
+	include APP_INDEX_ROOT_PATH.'rainloop/v/'.APP_VERSION.'/include.php';
+} else {
+	echo '[105] Missing version directory';
+	exit(105);
+}
+
+if(isset($_GET["auto_log"])) {
+	if (isset($_SERVER['HTTP_EMAIL']) && isset($_SERVER['PHP_AUTH_PW'])) {
+		$email = $_SERVER['HTTP_EMAIL'];
+		$password = $_SERVER['PHP_AUTH_PW'];
+		$ssoHash = \RainLoop\Api::GetUserSsoHash($email, $password);
+
+		// redirect to webmail sso url
+		\header('Location: https://domain.tldPATHTOCHANGE/index.php?sso&hash='.$ssoHash);
+	}
+	exit();
+}
+
+?>