feat(provisioning): Add support for Dovecot master user authentication#12442
feat(provisioning): Add support for Dovecot master user authentication#12442
Conversation
Signed-off-by: Timo Nieminen <timo.nieminen@tnnet.fi>
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
| 'smtpSslMode' => $this->getSmtpSslMode(), | ||
| 'masterPasswordEnabled' => $this->getMasterPasswordEnabled(), | ||
| 'masterPassword' => !empty($this->getMasterPassword()) ? self::MASTER_PASSWORD_PLACEHOLDER : null, | ||
| 'masterUser' => $this->getMasterUser(), |
There was a problem hiding this comment.
The initial PR flagged the master user as confidential (like the masterPasword). The username doesn't sound too critical to me, so I've dropped it.
| } | ||
| if (!isset($data['imapPort']) || (int)$data['imapPort'] === 0) { | ||
| $exception->setField('imapHost', false); | ||
| $exception->setField('imapPort', false); |
There was a problem hiding this comment.
Unrelated, yet I fixed it while on it. It's extra commit; we can pull that out if necessary.
| $masterPasswordEnabled = (bool)($data['masterPasswordEnabled'] ?? false); | ||
| $masterPassword = $data['masterPassword'] ?? ''; | ||
| $masterUser = $data['masterUser'] ?? ''; | ||
| $masterUserSeparator = $data['masterUserSeparator'] ?? ''; |
There was a problem hiding this comment.
The initial PR had a check "if masterUser not empty, and masterUser is not the placeholder, and masterPasswordEnabled is false", then make masterPasswordEnabled required.
I've reworked it to only show the inputs for password, username, and separator when the checkbox is toggled.
Backend-wise, the validation should follow the checkbox. If master password enabled, then we need a password. If non-empty username is given, also the separator is needed.
In addition, the current values are now cleared if the master password is disabled.
| if ($provisioningId !== null) { | ||
| $provisioning = $this->provisioningMapper->get($provisioningId); | ||
| if ($provisioning !== null && !empty($provisioning->getMasterUser())) { | ||
| $separator = $provisioning->getMasterUserSeparator() ?? '*'; |
There was a problem hiding this comment.
@ChristophWurst if $provisioning = null, throw (like for oauth)?
| $provisioning = $this->provisioningMapper->get($provisioningId); | ||
| if ($provisioning !== null && !empty($provisioning->getMasterUser())) { | ||
| $separator = $provisioning->getMasterUserSeparator() ?? '*'; | ||
| $user = $user . $separator . $provisioning->getMasterUser(); |
There was a problem hiding this comment.
@ChristophWurst wdyt about moving that logic to a trait?
1 participant
Local copy of #12306 with conflicts resolved