Persist provisioned accounts

Signed-off-by: Christoph Wurst <[email protected]>

Author: ChristophWurst

appinfo/info.xml

@@ -12,7 +12,7 @@
 - **🙈 We’re not reinventing the wheel!** Based on the great [Horde](http://horde.org) libraries.
 - **📬 Want to host your own mail server?** We don’t have to reimplement this as you could set up [Mail-in-a-Box](https://mailinabox.email)!
 	]]></description>
-	<version>0.19.1</version>
+	<version>0.20.0</version>
 	<licence>agpl</licence>
 	<author>Christoph Wurst</author>
 	<author>Jan-Christoph Borchardt</author>
@@ -34,10 +34,15 @@
 	<repair-steps>
 		<post-migration>
 			<step>OCA\Mail\Migration\FixCollectedAddresses</step>
+			<step>OCA\Mail\Migration\MigrateProvisioningConfig</step>
+			<step>OCA\Mail\Migration\ProvisionAccounts</step>
 		</post-migration>
 	</repair-steps>
 	<commands>
 		<command>OCA\Mail\Command\CreateAccount</command>
 		<command>OCA\Mail\Command\ExportAccount</command>
 	</commands>
+	<settings>
+		<admin>OCA\Mail\Settings\AdminSettings</admin>
+	</settings>
 </info>

appinfo/routes.php

@@ -113,6 +113,16 @@
 			'url' => '/proxy',
 			'verb' => 'GET'
 		],
+		[
+			'name' => 'settings#provisioning',
+			'url' => '/api/settings/provisioning',
+			'verb' => 'POST'
+		],
+		[
+			'name' => 'settings#deprovision',
+			'url' => '/api/settings/provisioning',
+			'verb' => 'DELETE'
+		],
 	],
 	'resources' => [
 		'accounts' => ['url' => '/api/accounts'],

doc/admin.md

@@ -9,52 +9,6 @@ Then open the Mail app from the app menu. Put in your mail account credentials a
 
 Certain advanced or experimental features need to be specifically enabled in your `config.php`:
 
-### Automatic account creation
-
-In cases where an external user back-end is used for both your Nextcloud and your mail server you may want to have imap accounts set up automatically for your users.
-
-### Available patterns
-
-Two patterns are available to automatically construct credentials:
-* `%USERID%`, e.g. `jan`
-* `%EMAIL%`, e.g. `[email protected]`
-
-### Minimal configuration
-
-The following minimal configuration will add such an account as soon as the user logs in. The login password is used for the IMAP and SMTP authentication.
-
-Note: Valid values for SSL are `'none'`, `'ssl'` and `'tls'`.
-
-```
-  'app.mail.accounts.default' => [
-    'email' => '%USERID%@domain.tld',
-    'imapHost' => 'imap.domain.tld',
-    'imapPort' => 993,
-    'imapSslMode' => 'ssl',
-    'smtpHost' => 'smtp.domain.tld',
-    'smtpPort' => 486,
-    'smtpSslMode' => 'tls',
-  ],
-```
-
-### Advanced configuration
-
-In case you have to tweak IMAP and SMTP username, you can do that too.
-
-```
-  'app.mail.accounts.default' => [
-    'email' => '%USERID%@domain.tld',
-    'imapHost' => 'imap.domain.tld',
-    'imapPort' => 993,
-    'imapUser' => '%USERID%@domain.tld',
-    'imapSslMode' => 'ssl',
-    'smtpHost' => 'smtp.domain.tld',
-    'smtpPort' => 486,
-    'smtpUser' => '%USERID%@domain.tld',
-    'smtpSslMode' => 'tls',
-  ],
-```
-
 ### Timeouts
 Depending on your mail host, it may be necessary to increase your IMAP and/or SMTP timeout threshold. Currently IMAP defaults to 20 seconds and SMTP defaults to 2 seconds. They can be changed as follows:
 

lib/AppInfo/BootstrapSingleton.php

@@ -23,6 +23,7 @@
 
 namespace OCA\Mail\AppInfo;
 
+use OC\Hooks\PublicEmitter;
 use OCA\Mail\Contracts\IAttachmentService;
 use OCA\Mail\Contracts\IAvatarService;
 use OCA\Mail\Contracts\IMailManager;
@@ -34,6 +35,7 @@
 use OCA\Mail\Events\MessageSentEvent;
 use OCA\Mail\Events\SaveDraftEvent;
 use OCA\Mail\Http\Middleware\ErrorMiddleware;
+use OCA\Mail\Http\Middleware\ProvisioningMiddleware;
 use OCA\Mail\Listener\AddressCollectionListener;
 use OCA\Mail\Listener\DeleteDraftListener;
 use OCA\Mail\Listener\DraftMailboxCreatorListener;
@@ -50,7 +52,8 @@
 use OCA\Mail\Service\UserPreferenceSevice;
 use OCP\AppFramework\IAppContainer;
 use OCP\EventDispatcher\IEventDispatcher;
-use OCP\IContainer;
+use OCP\IUser;
+use OCP\IUserManager;
 use OCP\Util;
 
 class BootstrapSingleton {
@@ -108,6 +111,7 @@ private function initializeAppContainer(IAppContainer $container) {
 
 		$container->registerAlias('ErrorMiddleware', ErrorMiddleware::class);
 		$container->registerMiddleWare('ErrorMiddleware');
+		$container->registerMiddleWare(ProvisioningMiddleware::class);
 
 		$container->registerAlias(IGroupService::class, NextcloudGroupService::class);
 	}

lib/Controller/SettingsController.php

@@ -0,0 +1,73 @@
+<?php declare(strict_types=1);
+
+/**
+ * @copyright 2019 Christoph Wurst <[email protected]>
+ *
+ * @author 2019 Christoph Wurst <[email protected]>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+namespace OCA\Mail\Controller;
+
+use OCA\Mail\AppInfo\Application;
+use OCA\Mail\Service\Provisioning\Manager as ProvisioningManager;
+use OCP\AppFramework\Controller;
+use OCP\AppFramework\Http\JSONResponse;
+use OCP\IRequest;
+
+class SettingsController extends Controller {
+
+	/** @var ProvisioningManager */
+	private $provisioningManager;
+
+	public function __construct(IRequest $request,
+								ProvisioningManager $provisioningManager) {
+		parent::__construct(Application::APP_ID, $request);
+		$this->provisioningManager = $provisioningManager;
+	}
+
+	public function provisioning(string $emailTemplate,
+								 string $imapUser,
+								 string $imapHost,
+								 int $imapPort,
+								 string $imapSslMode,
+								 string $smtpUser,
+								 string $smtpHost,
+								 int $smtpPort,
+								 string $smtpSslMode): JSONResponse {
+		$this->provisioningManager->newProvisioning(
+			$emailTemplate,
+			$imapUser,
+			$imapHost,
+			$imapPort,
+			$imapSslMode,
+			$smtpUser,
+			$smtpHost,
+			$smtpPort,
+			$smtpSslMode
+		);
+
+		return new JSONResponse(null);
+	}
+
+	public function deprovision(): JSONResponse {
+		$this->provisioningManager->deprovision();
+
+		return new JSONResponse(null);
+	}
+
+}

lib/Db/MailAccount.php

@@ -45,7 +45,7 @@
  * @method void setInboundSslMode(string $inboundSslMode)
  * @method string getInboundUser()
  * @method void setInboundUser(string $inboundUser)
- * @method string getInboundPassword()
+ * @method string|null getInboundPassword()
  * @method void setInboundPassword(string $inboundPassword)
  * @method string getOutboundHost()
  * @method void setOutboundHost(string $outboundHost)
@@ -55,14 +55,16 @@
  * @method void setOutboundSslMode(string $outboundSslMode)
  * @method string getOutboundUser()
  * @method void setOutboundUser(string $outboundUser)
- * @method string getOutboundPassword()
+ * @method string|null getOutboundPassword()
  * @method void setOutboundPassword(string $outboundPassword)
  * @method string|null getSignature()
  * @method void setSignature(string|null $signature)
  * @method int getLastMailboxSync()
  * @method void setLastMailboxSync(int $time)
  * @method string getEditorMode()
  * @method void setEditorMode(string $editorMode)
+ * @method bool getProvisioned()
+ * @method void setProvisioned(bool $provisioned)
  */
 class MailAccount extends Entity {
 
@@ -82,12 +84,12 @@ class MailAccount extends Entity {
 	protected $signature;
 	protected $lastMailboxSync;
 	protected $editorMode;
+	protected $provisioned;
 
 	/**
 	 * @param array $params
 	 */
 	public function __construct(array $params=[]) {
-
 		if (isset($params['accountId'])) {
 			$this->setId($params['accountId']);
 		}
@@ -131,6 +133,7 @@ public function __construct(array $params=[]) {
 		}
 
 		$this->addType('lastMailboxSync', 'integer');
+		$this->addType('provisioned', 'bool');
 	}
 
 	/**
@@ -147,6 +150,7 @@ public function toJson() {
 			'imapSslMode' => $this->getInboundSslMode(),
 			'signature' => $this->getSignature(),
 			'editorMode' => $this->getEditorMode(),
+			'provisioned' => $this->getProvisioned(),
 		];
 
 		if (!is_null($this->getOutboundHost())) {

lib/Db/MailAccountMapper.php

@@ -25,8 +25,12 @@
 
 namespace OCA\Mail\Db;
 
+use OCP\AppFramework\Db\DoesNotExistException;
+use OCP\AppFramework\Db\MultipleObjectsReturnedException;
 use OCP\AppFramework\Db\QBMapper;
+use OCP\DB\QueryBuilder\IQueryBuilder;
 use OCP\IDBConnection;
+use OCP\IUser;
 
 class MailAccountMapper extends QBMapper {
 
@@ -72,6 +76,24 @@ public function findByUserId(string $userId): array {
 		return $this->findEntities($query);
 	}
 
+	/**
+	 * @throws DoesNotExistException
+	 * @throws MultipleObjectsReturnedException
+	 */
+	public function findProvisionedAccount(IUser $user): MailAccount {
+		$qb = $this->db->getQueryBuilder();
+
+		$query = $qb
+			->select('*')
+			->from($this->getTableName())
+			->where(
+				$qb->expr()->eq('user_id', $qb->createNamedParameter($user->getUID())),
+				$qb->expr()->eq('provisioned', $qb->createNamedParameter(true, IQueryBuilder::PARAM_BOOL))
+			);
+
+		return $this->findEntity($query);
+	}
+
 	/**
 	 * Saves an User Account into the database
 	 *
@@ -80,12 +102,20 @@ public function findByUserId(string $userId): array {
 	 * @return MailAccount
 	 */
 	public function save(MailAccount $account): MailAccount {
-		if (is_null($account->getId())) {
+		if ($account->getId() === null) {
 			return $this->insert($account);
-		} else {
-			$this->update($account);
-			return $account;
 		}
+
+		return $this->update($account);
+	}
+
+	public function deleteProvisionedAccounts(): void {
+		$qb = $this->db->getQueryBuilder();
+
+		$delete = $qb->delete($this->getTableName())
+			->where($qb->expr()->eq('provisioned', $qb->createNamedParameter(true, IQueryBuilder::PARAM_BOOL)));
+
+		$delete->execute();
 	}
 
 }