diff --git a/src/app/Backends/LDAP.php b/src/app/Backends/LDAP.php --- a/src/app/Backends/LDAP.php +++ b/src/app/Backends/LDAP.php @@ -954,7 +954,12 @@ { $settings = $group->getSettings(['sender_policy']); - $entry['kolaballowsmtpsender'] = json_decode($settings['sender_policy'] ?: '[]', true); + // Make sure the policy does not contain duplicates, they aren't allowed + // by the ldap definition of kolabAllowSMTPSender attribute + $sender_policy = json_decode($settings['sender_policy'] ?: '[]', true); + $sender_policy = array_values(array_unique(array_map('strtolower', $sender_policy))); + + $entry['kolaballowsmtpsender'] = $sender_policy; $entry['cn'] = $group->name; $entry['uniquemember'] = []; diff --git a/src/app/Console/Commands/Group/ResyncCommand.php b/src/app/Console/Commands/Group/ResyncCommand.php new file mode 100644 --- /dev/null +++ b/src/app/Console/Commands/Group/ResyncCommand.php @@ -0,0 +1,110 @@ +argument('group'); + $deleted_only = $this->option('deleted-only'); + $dry_run = $this->option('dry-run'); + $with_ldap = \config('app.with_ldap'); + + if (!empty($group)) { + if ($req_group = $this->getGroup($group, true)) { + $groups = [$req_group]; + } else { + $this->error("Group not found."); + return 1; + } + } else { + $groups = Group::withTrashed(); + + if ($deleted_only) { + $groups->whereNotNull('deleted_at') + ->where(function ($query) { + $query->where('status', '&', Group::STATUS_LDAP_READY); + }); + } + + $groups = $groups->orderBy('id')->cursor(); + } + + // TODO: Maybe we should also have account:resync, domain:resync, resource:resync and so on. + + foreach ($groups as $group) { + if ($group->trashed()) { + if ($with_ldap && $group->isLdapReady()) { + if ($dry_run) { + $this->info("{$group->email}: will be pushed"); + continue; + } + + if ($group->isDeleted()) { + // Remove the DELETED flag so the DeleteJob can do the work + $group->timestamps = false; + $group->update(['status' => $group->status ^ Group::STATUS_DELETED]); + } + + // TODO: Do this not asyncronously as an option or when a signle group is requested? + \App\Jobs\Group\DeleteJob::dispatch($group->id); + + $this->info("{$group->email}: pushed"); + } else { + // Group properly deleted, no need to push. + // Here potentially we could connect to ldap/imap backend and check to be sure + // that the group is really deleted no matter what status it has in the database. + + $this->info("{$group->email}: in-sync"); + } + } else { + if (!$group->isActive() || ($with_ldap && !$group->isLdapReady())) { + if ($dry_run) { + $this->info("{$group->email}: will be pushed"); + continue; + } + + \App\Jobs\Group\CreateJob::dispatch($group->id); + + $this->info("{$group->email}: pushed"); + } elseif (!empty($req_group)) { + if ($dry_run) { + $this->info("{$group->email}: will be pushed"); + continue; + } + + // We push the update only if a specific group is requested, + // We don't want to flood the database/backend with an update of all groups + \App\Jobs\Group\UpdateJob::dispatch($group->id); + + $this->info("{$group->email}: pushed"); + } else { + $this->info("{$group->email}: in-sync"); + } + } + } + } +} diff --git a/src/app/Console/Commands/User/ResyncCommand.php b/src/app/Console/Commands/User/ResyncCommand.php --- a/src/app/Console/Commands/User/ResyncCommand.php +++ b/src/app/Console/Commands/User/ResyncCommand.php @@ -89,6 +89,8 @@ } \App\Jobs\User\CreateJob::dispatch($user->id); + + $this->info("{$user->email}: pushed"); } elseif (!empty($req_user)) { if ($dry_run) { $this->info("{$user->email}: will be pushed"); diff --git a/src/tests/Feature/Backends/LDAPTest.php b/src/tests/Feature/Backends/LDAPTest.php --- a/src/tests/Feature/Backends/LDAPTest.php +++ b/src/tests/Feature/Backends/LDAPTest.php @@ -163,13 +163,13 @@ // Update members $group->members = ['member3@testldap.com']; $group->save(); - $group->setSetting('sender_policy', '["test.com","-"]'); + $group->setSetting('sender_policy', '["test.com","Test.com","-"]'); LDAP::updateGroup($group); // TODO: Should we force this to be always an array? $expected['uniquemember'] = 'uid=member3@testldap.com,ou=People,ou=kolab.org,' . $root_dn; - $expected['kolaballowsmtpsender'] = ['test.com', '-']; + $expected['kolaballowsmtpsender'] = ['test.com', '-']; // duplicates removed $ldap_group = LDAP::getGroup($group->email);