fixed sync user mail aliases with update virtual_users file

SE/se-lib/ObjectUser.php

@@ -7,6 +7,7 @@ class ObjectUser {
 	public $password;// optional (required in createUser)
 	public $name;
 	public $email;
+	public $aliasesList;
 	public $phone;
 	public $homeEmail;
 	public $homePhone;
@@ -26,6 +27,7 @@ class ObjectUser {
 		$data->password = $this->password;
 		$data->name = $this->name;
 		$data->email = $this->email;
+		$data->aliasesList = $this->aliasesList;
 		$data->phone = $this->phone;
 		$data->homeEmail = $this->homeEmail;
 		$data->homePhone = $this->homePhone;

SE/se-lib/SyncUsers.php

@@ -110,7 +110,15 @@ class SyncUsers {
 
 		$updateData = array();
 		if ($usrFrom->name != $usrTo->name) $updateData['name'] = $usrFrom->name;
-		if ($usrFrom->email != $usrTo->email) $updateData['email'] = $usrFrom->email;
+		{// check aliasesList
+			$diffFromTo = array_diff($usrFrom->aliasesList, $usrTo->aliasesList);
+			$diffToFrom = array_diff($usrTo->aliasesList, $usrFrom->aliasesList);
+			if (!empty($diffFromTo) || !empty($diffToFrom)) {
+				$updateData['aliasesList'] = array();
+				$updateData['aliasesList']['add'] = $diffFromTo;
+				$updateData['aliasesList']['remove'] = $diffToFrom;
+			}
+		}
 		if ($usrFrom->phone != $usrTo->phone) $updateData['phone'] = $usrFrom->phone;
 		if ($usrFrom->homeEmail != $usrTo->homeEmail) $updateData['homeEmail'] = $usrFrom->homeEmail;
 		if ($usrFrom->homePhone != $usrTo->homePhone) $updateData['homePhone'] = $usrFrom->homePhone;
@@ -155,7 +163,22 @@ class SyncUsers {
 			//throw new Exception("Użytkownik '{$usrLogin}' jest zablokowany bazie danych, więc nie ma potrzeby aktualizacji jego danych w bazie LDAP.");
 			$updateData = array();
 			if ($usrFrom->name != $usrTo->name) $updateData['name'] = $usrFrom->name;
-			if ($usrFrom->email != $usrTo->email) $updateData['email'] = $usrFrom->email;
+			//if ($usrFrom->email != $usrTo->email) $updateData['email'] = $usrFrom->email;
+			{// check aliasesList
+				$diffFromTo = array_diff($usrFrom->aliasesList, $usrTo->aliasesList);
+				$diffToFrom = array_diff($usrTo->aliasesList, $usrFrom->aliasesList);
+				DBG::_('DBG_SU', '>2', "aliasesList: from:", $usrFrom->aliasesList, __CLASS__, __FUNCTION__, __LINE__);
+				DBG::_('DBG_SU', '>2', "aliasesList: to:", $usrTo->aliasesList, __CLASS__, __FUNCTION__, __LINE__);
+				DBG::_('DBG_SU', '>2', "aliasesList: diff from,to:", $diffFromTo, __CLASS__, __FUNCTION__, __LINE__);
+				DBG::_('DBG_SU', '>2', "aliasesList: diff to,from:", $diffToFrom, __CLASS__, __FUNCTION__, __LINE__);
+				if (!empty($diffFromTo) || !empty($diffToFrom)) {
+					$updateData['aliasy'] = array();
+					if (!empty($diffFromTo)) $updateData['aliasy'][] = "dodaj (" . implode(", ", $diffFromTo) . ")";
+					if (!empty($diffToFrom)) $updateData['aliasy'][] = "usuń (" . implode(", ", $diffToFrom) . ")";
+					$updateData['aliasy'] = implode(" / ", $updateData['aliasy']);
+				}
+				DBG::_('DBG_SU', '>2', "aliasesList: updateData:", $updateData['aliasesList'], __CLASS__, __FUNCTION__, __LINE__);
+			}
 			if ($usrFrom->phone != $usrTo->phone) $updateData['phone'] = $usrFrom->phone;
 			if ($usrFrom->homeEmail != $usrTo->homeEmail) $updateData['homeEmail'] = $usrFrom->homeEmail;
 			if ($usrFrom->homePhone != $usrTo->homePhone) $updateData['homePhone'] = $usrFrom->homePhone;

SE/se-lib/UserStorageDB.php

@@ -62,6 +62,19 @@ class UserStorageDB extends UserStorageBase {
 		$user->password = $r->password;
 		$user->name = trim($r->name);
 		$user->email = trim($r->email);
+
+		$user->aliasesList = array();
+		{
+			$aliasesEx = $r->email;
+			$aliasesEx = explode(' ', trim($aliasesEx));
+			foreach ($aliasesEx as $emailAlias) {
+				$emailAlias = trim($emailAlias);
+				if (!empty($emailAlias) && filter_var($emailAlias, FILTER_VALIDATE_EMAIL)) {
+					$user->aliasesList[] = $emailAlias;
+				}
+			}
+		}
+
 		$user->phone = trim($r->phone);
 		$user->homeEmail = trim($r->homeEmail);
 		$user->homePhone = trim($r->homePhone);

SE/se-lib/UserStorageMacOSX.php

@@ -32,16 +32,50 @@ class UserStorageMacOSX extends UserStorageBase {
 	/**
 	 * @return ObjectUserLdap
 	 */
-	public function getUser($userName) {
-		$usrLdap = UsersLdapHelper::getUser($userName, true);
-		if (empty($usrLdap[0])) return null;
-		DBG::_('DBG_SU', true, 'usrLdap', $usrLdap[0], __CLASS__, __FUNCTION__, __LINE__);
+	public function getUser($usrLogin) {
+		$usrLdap = $this->getRawLdapUser($usrLogin);
+		if (empty($usrLdap)) return null;
 
-		$user = $this->_buildUserFromLdap($usrLdap[0]);
+		$user = $this->_buildUserFromLdap($usrLdap);
 
 		return $user;
 	}
 
+	private function getRawLdapUser($usrLogin) {
+		$usrLdap = UsersLdapHelper::getUser($usrLogin, $allAttrs = true, $onyFirstAttr = false);
+		if (empty($usrLdap[0])) return null;
+		$usrLdap = $usrLdap[0];
+		DBG::_('DBG_SU', '>2', 'usrLdapRaw', $usrLdap, __CLASS__, __FUNCTION__, __LINE__);
+		if (!empty($usrLdap->uid) && is_array($usrLdap->uid)) {
+			$usrLdap->uid = $usrLdap->uid[0];
+		}
+		$fldPassPolicy = "apple-user-passwordpolicy";
+		if (isset($usrLdap->$fldPassPolicy)) unset($usrLdap->$fldPassPolicy);
+		if (isset($usrLdap->authAuthority)) unset($usrLdap->authAuthority);
+		if (isset($usrLdap->altSecurityIdentities)) unset($usrLdap->altSecurityIdentities);
+		if (!empty($usrLdap->mail) && is_array($usrLdap->mail)) {
+			$usrLdap->aliasesList = array();
+			{
+				$aliasesEx = $usrLdap->mail;
+				foreach ($aliasesEx as $emailAlias) {
+					$emailAlias = trim($emailAlias);
+					if (!empty($emailAlias) && filter_var($emailAlias, FILTER_VALIDATE_EMAIL)) {
+						$usrLdap->aliasesList[] = $emailAlias;
+					}
+				}
+			}
+			$usrLdap->mail = reset($usrLdap->aliasesList);
+		}
+		// join all fiels by ' ', skip aliasesList
+		foreach ($usrLdap as $fldName => $fdlVal) {
+			if ('aliasesList' != $fldName && !empty($fdlVal) && is_array($fdlVal)) {
+				$usrLdap->$fldName = implode(' ', $fdlVal);
+			}
+		}
+		DBG::_('DBG_SU', true, 'usrLdap', $usrLdap, __CLASS__, __FUNCTION__, __LINE__);
+		return $usrLdap;
+	}
+
 	private function _buildUserFromLdap($usrLdap) {
 		$user = new ObjectUserLdap($this);
 		$user->primaryKey = V::get('uidNumber', '', $usrLdap);
@@ -49,6 +83,7 @@ class UserStorageMacOSX extends UserStorageBase {
 		$user->password = '';
 		$user->name = V::get('cn', '', $usrLdap);
 		$user->email = V::get('mail', '', $usrLdap);
+		$user->aliasesList = V::get('aliasesList', array(), $usrLdap, 'array');
 		$user->phone = V::get('telephoneNumber', '', $usrLdap);
 		$user->homeEmail = V::get('carLicense', '', $usrLdap);
 		$user->homePhone = V::get('homePhone', '', $usrLdap);
@@ -205,26 +240,15 @@ class UserStorageMacOSX extends UserStorageBase {
 	public function updateUser($userName, $updateData) {
 		if (empty($updateData)) return true;
 		foreach ($updateData as $fldName => $val) {
-			$val = trim($val);
+			if (is_scalar($val)) $val = trim($val);
 			switch ($fldName) {
-				case 'email':
-					$ldap = $this->_getAdminLdap();
-					if ($ldap) {
-						$attr = array();
-						$emailEx = (false !== strpos($val, ' '))? explode(' ', $val) : array($val);
-						$emailAliasList = array();
-						foreach ($emailEx as $emailAlias) {
-							$emailAlias = trim($emailAlias);
-							if (!empty($emailAlias) && filter_var($emailAlias, FILTER_VALIDATE_EMAIL)) {
-								$emailAliasList[] = $emailAlias;
-							}
-						}
-						if (!empty($emailAliasList)) {
-							$attr['mail'] = $emailAliasList;
-							$ldap->mod_replace($userName, $attr);
-						} else {
-							$attr['mail'] = '';
-							$ldap->mod_del($userName, $attr);
+				case 'aliasesList':
+					$updateAliasesList = $val;
+					if (!empty($updateAliasesList) && is_array($updateAliasesList) && is_array($updateAliasesList)) {
+						$ldap = $this->_getAdminLdap();
+						if ($ldap) {
+							if (!empty($updateAliasesList['add'])) $this->_addMailAliases($userName, $updateAliasesList['add']);
+							if (!empty($updateAliasesList['remove'])) $this->_removeMailAliases($userName, $updateAliasesList['remove']);
 						}
 					}
 					break;
@@ -369,8 +393,7 @@ class UserStorageMacOSX extends UserStorageBase {
 
 	public function getGroupsByUserUid($usrLogin) {
 		$groups = array();
-		$rawUsrLdap = UsersLdapHelper::getUser($usrLogin, true);
-		$rawUsrLdap = (!empty($rawUsrLdap))? $rawUsrLdap[0] : null;
+		$rawUsrLdap = $this->getRawLdapUser($usrLogin);
 		if (!$rawUsrLdap) return $groups;
 		$usrAppleUid = V::get('apple-generateduid', '', $rawUsrLdap);
 		DBG::_('DBG_SU', '>0', "CleanupAppleMemberUidTodoList user apple-generateduid({$usrAppleUid})", $rawUsrLdap, __CLASS__, __FUNCTION__, __LINE__);
@@ -765,8 +788,7 @@ class UserStorageMacOSX extends UserStorageBase {
 	}
 
 	public function removeUserUidFromGroup($usrLogin, $group) {
-		$rawUsrLdap = UsersLdapHelper::getUser($usrLogin, true);
-		$rawUsrLdap = (!empty($rawUsrLdap))? $rawUsrLdap[0] : null;
+		$rawUsrLdap = $this->getRawLdapUser($usrLogin);
 		if (!$rawUsrLdap) throw new Exception("Cannot find user '{$usrLogin}'");
 		$usrAppleUid = V::get('apple-generateduid', '', $rawUsrLdap);
 		if (empty($usrAppleUid)) throw new Exception("Cannot find uid for user '{$usrLogin}'");
@@ -839,5 +861,29 @@ class UserStorageMacOSX extends UserStorageBase {
 		return true;
 	}
 
+	public function _addMailAliases($usrLogin, $aliasList) {
+		if (empty($usrLogin)) throw new Exception("Cannot add mail alias: Unknown user login!");
+		if (empty($aliasList)) throw new Exception("Cannot add mail alias: Empty alias list!");
+
+		$aliasListFlat = implode(' ', $aliasList);
+		$cmdDsclAuth = "dscl -u {$this->_rootUser} -P {$this->_rootPass} /LDAPv3/127.0.0.1 ";
+		$cmd = "{$cmdDsclAuth} -append /Users/{$usrLogin} EMailAddress {$aliasListFlat} ";
+		$cmdOut = null; $cmdRet = null;
+		exec($cmd, $cmdOut, $cmdRet);
+		if ($cmdRet != 0) throw new Exception("Nie udało się dodać aliasów: {$aliasListFlat}");
+	}
+
+	public function _removeMailAliases($usrLogin, $aliasList) {
+		if (empty($usrLogin)) throw new Exception("Cannot remove mail alias: Unknown user login!");
+		if (empty($aliasList)) throw new Exception("Cannot remove mail alias: Empty alias list!");
+
+		$aliasListFlat = implode(' ', $aliasList);
+		$cmdDsclAuth = "dscl -u {$this->_rootUser} -P {$this->_rootPass} /LDAPv3/127.0.0.1 ";
+		$cmd = "{$cmdDsclAuth} -delete /Users/{$usrLogin} EMailAddress {$aliasListFlat} ";
+		$cmdOut = null; $cmdRet = null;
+		exec($cmd, $cmdOut, $cmdRet);
+		if ($cmdRet != 0) throw new Exception("Nie udało się usunąć aliasów: {$aliasListFlat}");
+	}
+
 }
 

SE/se-lib/UsersLdapHelper.php

@@ -3,7 +3,7 @@
 
 class UsersLdapHelper {
 
-	public static function getUser($userName, $allAttrs = false) {
+	public static function getUser($userName, $allAttrs = false, $onyFirstAttr = false) {
 		$ldapUsers = array();
 
 		//$attrMap = array('uid', 'apple-generateduid', 'givenName', 'uidNumber', 'cn', 'mail', 'apple-user-mailattribute');// (givenName, sn) = cn
@@ -34,14 +34,22 @@ class UsersLdapHelper {
 					$vAttrName = $attrs[$i];
 					$vAttrVal = $attrs[$vAttrName];
 					if (is_array($vAttrVal) && !empty($vAttrVal)) {
-						$userObj->{$vAttrName} = $vAttrVal[0];
+//						$userObj->{$vAttrName} = $vAttrVal[0];
+						if (!$onyFirstAttr && !empty($vAttrVal['count']) && $vAttrVal['count'] > 1) {
+							$userObj->{$vAttrName} = array();
+							for ($j = 0; $j < $vAttrVal['count']; $j++) {
+								$userObj->{$vAttrName}[] = $vAttrVal[$j];
+							}
+						} else {
+							$userObj->{$vAttrName} = $vAttrVal[0];
+						}
 					}
 				}
 			} else {
 				foreach ($attrMap as $kAttrName => $vFldName) {
 					$vAttrVal = V::get($kAttrName, '', $attrs);
 					if (is_array($vAttrVal) && !empty($vAttrVal)) {
-						if ($vAttrVal['count'] > 1) {
+						if (!empty($vAttrVal['count']) && $vAttrVal['count'] > 1) {
 							$userObj->{$vFldName} = array();
 							for ($j = 0; $j < $vAttrVal['count']; $j++) {
 								$userObj->{$vFldName}[] = $vAttrVal[$j];