816cf44117
sftp: Fix uid parsing
...
format is 33/www-data
2019-04-04 22:38:43 -07:00
3dec0ff85b
ldap: remove bogus name response
2019-03-22 15:58:53 -07:00
8868d8e99e
keep it alphabetical
2019-03-22 15:42:16 -07:00
81b721be2b
Fix buffer warnings
2019-03-21 20:06:14 -07:00
acc7b65649
Set uid number from localstorage addon ftp value
2019-03-19 21:17:23 -07:00
77ed177855
Only allow ftp access for apps which support it
2019-03-19 21:13:19 -07:00
4a046ca70e
Check for user access in ldap ftp routes
2019-03-19 16:23:03 -07:00
62ee3fa0f1
Verify proftp ldap connection via ip instead of fake admin account
2019-03-19 15:24:09 -07:00
044b27967e
Make initial sftp connection work
2019-03-19 15:24:09 -07:00
86c4246f75
Do not dump the whole app object into a login event
2019-02-05 16:13:20 +01:00
3470252768
Add user pagination to rest api
2019-01-14 16:39:20 +01:00
4eec2a6414
Add LDAP_MAILBOXES_BASE_DN
...
this got removed by mistake in the email refactor assuming this
was unused (but it is used by sogo)
(cherry picked from commit 6589ba0988
2018-12-16 21:06:52 -08:00
dfa61f1b2d
rework how app mailboxes are allocated
...
Our current setup had a mailbox allocated for an app during app
install (into the mailboxes table). This has many issues:
* When set to a custom mailbox location, there was no way to access
this mailbox even via IMAP. Even when using app credentials, we
cannot use IMAP since the ldap logic was testing on the addon type
(most of our apps only use sendmail addon and thus cannot recvmail).
* The mailboxes table was being used to add hidden 'app' type entries.
This made it very hard for the user to understand why a mailbox conflicts.
For example, if you set an app to use custom mailbox 'blog', this is
hidden from all views.
The solution is to let an app send email as whatever mailbox name is
allocated to it (which we now track in the apps table. the default is in the
db already so that REST response contains it). When not using
Cloudron email, it will just send mail as that mailbox and the auth
checks the "app password" in the addons table. Any replies to that
mailbox will end up in the domain's mail server (not our problem).
When using cloudron email, the app can send mail like above. Any responses
will not end anywhere and bounce since there is no 'mailbox'. This is the
expected behavior. If user wants to access this mailbox name, he can
create a concrete mailbox and set himself as owner OR set this as
an alias.
For apps using the recvmail addon, the workflow is to actually create
a mailbox at some point. Currently, we have no UI for this 'flow'.
It's fine because we have only meemo using it.
Intuitive much!
2018-12-06 22:13:32 -08:00
707b03b8c8
mailbox: ownerType is now purely internal
2018-12-06 20:25:24 -08:00
f2f93ed141
ldap: nobody binds to mailboxes
2018-12-06 19:34:25 -08:00
2de630e491
Put the app owner also into ldap groups
...
Fixes #585
2018-09-03 17:14:11 +02:00
3af358b9bc
List app owner as admins in ldap search
2018-09-03 16:08:05 +02:00
b61478edc9
Attach req.app for further use in ldap routes
2018-09-03 15:38:50 +02:00
fb02e8768c
Remove unused require
2018-08-13 21:05:07 +02:00
78a2176d1d
Make admin simply a boolean instead of group
...
This simplifies a lot of logic. Keeping an admin group has no benefit
2018-07-26 22:29:57 -07:00
ea946396e7
Use users.isAdmin in all places
2018-07-26 13:23:06 -07:00
f24a099e79
Remove user.admin property
...
The UI will now base itself entirely off the scopes of the token
2018-06-17 16:49:56 -07:00
d6e49415d4
Only list user mailboxes in ldap search
2018-05-04 17:02:04 +02:00
cb73eb61d4
Allow binds against mailboxes
2018-05-04 17:02:04 +02:00
4ce3a262a3
Allow search for mailboxes over ldap for a specific domain
2018-05-04 17:02:04 +02:00
b5f8ca6c16
Fix nasssty typo
2018-04-29 17:50:12 -07:00
d8acf92929
UserError -> UsersError
2018-04-29 11:22:15 -07:00
4fd58fb46b
Rename user.js to users.js
2018-04-29 11:19:04 -07:00
d6a8837716
mail: verify with the owner id
2018-04-09 13:17:07 -07:00
b6335a327c
Rename TYPE_* to OWNER_TYPE_*
2018-04-07 18:33:30 -07:00
5af657ee22
rename mail crud functions
2018-04-03 15:06:14 -07:00
726202b040
Amend app object where applicable to login event
2018-03-02 19:21:11 +01:00
39d6ec96b7
amend full user object to login action
2018-03-02 19:21:11 +01:00
83ff295f6d
debug: authenticateMailbox
2018-02-08 18:49:27 -08:00
6470803604
Do not check if email is enabled when an app tries to do sendmail auth through ldap
2018-01-29 19:29:04 +01:00
77961e51ec
mail.get() returns a MailError
2018-01-29 13:14:08 +01:00
f152dbefad
Also check if the domain has mail enabled for ldap sendmail auth
2018-01-22 20:35:08 +01:00
687ba0e248
Verify mailbox against username instead of email
2018-01-22 20:06:18 +01:00
48d557b242
Replace alternateEmail with fallbackEmail
2018-01-21 14:50:24 +01:00
98d493b2d0
ldap: make mailbox search return fully qualified names
2018-01-19 12:14:43 -08:00
af25485fa0
ldap: Make alias return fully qualified alias
2018-01-19 12:11:33 -08:00
2015e7bce9
ldap: make mailing list search return fully qualified members
2018-01-19 12:11:26 -08:00
0f47dcfae6
ldap: mailbox routes now require the cn to be fully qualified
2018-01-18 19:33:38 -08:00
14d575f514
Make mailboxdb aware of domain field
2017-11-20 20:01:50 +01:00
1babfb6e87
Allow admins to access all apps
...
Fixes #420
2017-11-15 19:24:11 -08:00
6a2b0eedb3
Add ldap pagination support
2017-10-27 01:25:07 +02:00
9c02785d49
Support ldap group compare
...
Fixes #463
2017-10-24 02:00:00 +02:00
fc6ce4945f
add sendmail/recvmail ldap tests
2017-03-26 20:42:46 -07:00
6ea741e92f
Verify password for sendmail/recvmail addon
...
Part of #109
2017-03-26 20:07:55 -07:00
c905adde1e
Revert "Limit ldap queries per client to 60 per minute"
...
This reverts commit 466dfdf81f
2017-03-22 19:35:06 +01:00
Girish Ramakrishnan