diff options
author | Daniel Hoffend <dh@dotlan.net> | 2015-02-18 19:46:18 (GMT) |
---|---|---|
committer | Daniel Hoffend <dh@dotlan.net> | 2015-02-18 19:46:18 (GMT) |
commit | d45ceadf3e8ed70f839579d98dbc1a95ee6f6f0c (patch) | |
tree | 38797be140f71ccfd78574c1e8dc78a583d82f6f | |
parent | c49af8e285556d5c7ba27c30987c3633e952f4e1 (diff) | |
download | kolab-wap-d45ceadf3e8ed70f839579d98dbc1a95ee6f6f0c.tar.gz |
add validate_cn_sharedfolder + validate_kolabtargetfolder_sharedfolder
-rw-r--r-- | lib/api/kolab_api_service_form_value.php | 93 |
1 files changed, 74 insertions, 19 deletions
diff --git a/lib/api/kolab_api_service_form_value.php b/lib/api/kolab_api_service_form_value.php index 3f40310..2dd9aa9 100644 --- a/lib/api/kolab_api_service_form_value.php +++ b/lib/api/kolab_api_service_form_value.php @@ -576,10 +576,27 @@ class kolab_api_service_form_value extends kolab_api_service } } + // no cn given then return empty + if (!trim($postdata['cn'])) { + return ''; + } + + // determine the @emaildomain part + $email_domain = ''; + $at_index = strrpos($postdata['mail'], "@"); + if (!(is_bool($at_index) && !$at_index)) { + $email_domain = substr($postdata['mail'], $at_index+1); + } + + // if no email is set or domain isn't valid return empty + if (!$email_domain || !in_array($email_domain, $this->_get_valid_domains())) { + return ''; + } + $cn = $postdata['cn']; $imap_hierarchysep = '/'; - return $cn ? 'shared' . $imap_hierarchysep . $cn . '@' . $_SESSION['user']->get_domain() : ''; + return $cn ? 'shared' . $imap_hierarchysep . $cn . '@' . $email_domain : ''; } } @@ -1316,6 +1333,32 @@ class kolab_api_service_form_value extends kolab_api_service return 'OK'; } + private function validate_cn_sharedfolder($value, $postdata = array(), $validation_type = null) + { + if (preg_match('/["\']/',$value)) { + throw new Exception("Folder name contains invalid characters: \" ']"); + } + + return 'OK'; + } + + private function validate_kolabtargetfolder_sharedfolder($value, $postdata = array(), $validation_type = null) + { + if (preg_match('/["\'\+]/',$value)) { + throw new Exception("Target IMAP Folder contains invalid characters \" ' +"); + } + + $domains = $this->_get_valid_domains(); + if (!preg_match('#^shared/[^"\'\\+]+@('.implode("|",$domains).')$#',$value)) { + throw new Exception("Target IMAP Folder has to match the following format: 'shared/foldername@mydomain.org'"&& folderpart == cn (other)); + } + + // TODO: check for duplicate shared folder + // same kolabTargetFolder && type = 'mail || type != mail && folderpart == cn (other) + + return 'OK'; + } + private function _list_options_members($postdata, $attribs = array()) { // return specified records only, by exact DN attributes @@ -1566,32 +1609,22 @@ class kolab_api_service_form_value extends kolab_api_service return $valid; } - private function _validate_email_address_in_any_of_my_domains($mail_address) + private function _get_valid_domains($my_primary_domain = null) { - $at_index = strrpos($mail_address, "@"); - if (is_bool($at_index) && !$at_index) { - throw new Exception("Invalid email address: No domain name space", 235); - } else { - $email_domain = substr($mail_address, $at_index+1); - } - - $my_primary_domain = $_SESSION['user']->get_domain(); - - if ($email_domain == $my_primary_domain) { - return true; - } + $my_primary_domain = $my_primary_domain !== null + ? $my_primary_domain + : $_SESSION['user']->get_domain(); $auth = Auth::get_instance(); $conf = Conf::get_instance(); $all_domains = $auth->list_domains(); $all_domains = $all_domains['list']; - $valid_domains = array(); $dna = $conf->get('domain_name_attribute'); - $valid = false; - Log::trace("_validate_email_address_in_any_of_mydomains(\$mail_address = " . var_export($mail_address, TRUE) . ")"); - Log::trace("\$all_domains includes: " . var_export($all_domains, TRUE) . " (must include domain for \$mail_address)"); + Log::trace("__get_valid_domains( " . $my_primary_domain . ")"); + Log::trace("\$all_domains includes: " . var_export($all_domains, TRUE) . " (must include domain for \$my_primary_domain)"); + $valid_domains = array(); foreach ($all_domains as $domain_id => $domain_attrs) { if (!is_array($domain_attrs[$dna])) { $domain_attrs[$dna] = (array)($domain_attrs[$dna]); @@ -1602,7 +1635,29 @@ class kolab_api_service_form_value extends kolab_api_service } } - if (in_array($email_domain, $valid_domains)) { + return $valid_domains; + } + + private function _validate_email_address_in_any_of_my_domains($mail_address) + { + $at_index = strrpos($mail_address, "@"); + if (is_bool($at_index) && !$at_index) { + throw new Exception("Invalid email address: No domain name space", 235); + } else { + $email_domain = substr($mail_address, $at_index+1); + } + + $my_primary_domain = $_SESSION['user']->get_domain(); + + if ($email_domain == $my_primary_domain) { + Log::trace("Found email address to be in one of my domains."); + return true; + } + + $valid = false; + Log::trace("_validate_email_address_in_any_of_mydomains(\$mail_address = " . var_export($mail_address, TRUE) . ")"); + + if (in_array($email_domain, $this->_get_valid_domains())) { $valid = true; } |