fix(Admin): userInternal account failed reset PW of user

tine20 · Apr 4, 2023 · 6043123 · 6043123
1 parent 9424f35
commit 6043123
Show file tree

Hide file tree

Showing 4 changed files with 82 additions and 0 deletions.
diff --git a/tests/tine20/Admin/Frontend/Json/EmailAccountTest.php b/tests/tine20/Admin/Frontend/Json/EmailAccountTest.php
@@ -623,6 +623,30 @@ public function testCreatePersonalSystemAccount()
 
         // write message to userInternal account
         $this->_sendMessageWithAccount(null, $userInternalAccount['email']);
+
+        return $account;
+    }
+
+    public function testResetUserPWOfPersonalSystemAccount()
+    {
+        $this->_skipIfLDAPBackend();
+
+        $adminFE = new Admin_Frontend_Json();
+        $adminFE->resetPassword($this->_personas['sclever']->getId(), '12345', false);
+        $this->testCreatePersonalSystemAccount();
+        $adminFE->resetPassword($this->_personas['sclever']->getId(), '54321', false);
+
+        $account = Admin_Controller_EmailAccount::getInstance()->search(
+            Tinebase_Model_Filter_FilterGroup::getFilterForModel(Felamimail_Model_Account::class, [
+            ['field' => 'type', 'operator' => 'equals', 'value' => Felamimail_Model_Account::TYPE_USER_INTERNAL],
+            ['field' => 'user_id', 'operator' => 'equals', 'value' => $this->_personas['sclever']['accountId']]
+        ]))->getFirstRecord();
+        $emailUser = Tinebase_EmailUser_XpropsFacade::getEmailUserFromRecord($account);        
+        // fetch email pw from db
+        $dovecot = Tinebase_User::getInstance()->getSqlPlugin(Tinebase_EmailUser_Imap_Dovecot::class);
+        $rawDovecotUser = $dovecot->getRawUserById($emailUser);
+        $hashPw = new Hash_Password();
+        $this->assertTrue($hashPw->validate($rawDovecotUser['password'], '54321'), 'password mismatch: ' . print_r($rawDovecotUser, TRUE));
     }
 
     /**

diff --git a/tine20/Felamimail/Controller.php b/tine20/Felamimail/Controller.php
@@ -107,6 +107,27 @@ protected function _handleEvent(Tinebase_Event_Abstract $_eventObject)
                         $_eventObject->account, $_eventObject->oldAccount, $_eventObject->pwd);
                 }
                 break;
+            case Tinebase_Event_User_ChangePassword::class:
+                /** @var Tinebase_Event_User_ChangePassword $_eventObject */
+                try {
+                    $internalAccounts = Admin_Controller_EmailAccount::getInstance()->search(Tinebase_Model_Filter_FilterGroup::getFilterForModel(Felamimail_Model_Account::class, [
+                        ['field' => 'type', 'operator' => 'equals', 'value' => Felamimail_Model_Account::TYPE_USER_INTERNAL],
+                        ['field' => 'user_id', 'operator' => 'equals', 'value' => $_eventObject->userId]
+                    ]));
+                    $emailUserBackend = Tinebase_EmailUser::getInstance(Tinebase_Config::IMAP);
+                    $emailUserSMTPBackend = Tinebase_EmailUser::getInstance(Tinebase_Config::SMTP);
+
+                    foreach ($internalAccounts as $internalAccount) {
+                        /** @var Tinebase_EmailUser_Sql $emailUserBackend */
+                        $emailUserId = Tinebase_EmailUser_XpropsFacade::getEmailUserId($internalAccount);
+                        $emailUserBackend->inspectSetPassword($emailUserId, $_eventObject->password, );
+                        $emailUserSMTPBackend->inspectSetPassword($emailUserId, $_eventObject->password);
+                    }
+                } catch (Exception $e) {
+                    Tinebase_Core::getLogger()->err(__METHOD__ . '::' . __LINE__ . ' Could not change internal email accounts password: ' . $e);
+                    throw new Tinebase_Exception_Backend($e->getMessage());
+                }
+                break;
             case Tinebase_Event_User_DeleteAccount::class:
                 /** @var Tinebase_Event_User_DeleteAccount $_eventObject */
                 if ($_eventObject->deleteEmailAccounts()) {

diff --git a/tine20/Tinebase/Event/User/ChangePassword.php b/tine20/Tinebase/Event/User/ChangePassword.php
@@ -0,0 +1,31 @@
+<?php
+/**
+ * Tine 2.0
+ *
+ * @package     Admin
+ * @subpackage  Event
+ * @license     http://www.gnu.org/licenses/agpl.html AGPL Version 3
+ * @copyright   Copyright (c) 2023 Metaways Infosystems GmbH (http://www.metaways.de)
+ * @author      Ching En Cheng <c.cheng@metaways.de>
+ */
+
+/**
+ * event class for change password
+ *
+ * @package     Tinebas
+ * @subpackage  Event
+ */
+class Tinebase_Event_User_ChangePassword extends Tinebase_Event_Abstract
+{
+    /**
+     * id of Tinebase_Model_FullUser
+     *
+     */
+    public $userId;
+
+    /**
+     * new password
+     * 
+     */
+    public $password;
+}
diff --git a/tine20/Tinebase/User/Sql.php b/tine20/Tinebase/User/Sql.php
@@ -508,6 +508,12 @@ public function setPassword($_userId, $_password, $_encrypt = TRUE, $_mustChange
         $accountData = $this->_updatePasswordProperty($userId, $_password, 'password', $_encrypt, $_mustChange);
         $this->_setPluginsPassword($user, $_password, $_encrypt);
 
+        // fire needed events
+        $event = new Tinebase_Event_User_ChangePassword();
+        $event->userId = $userId;
+        $event->password = $_password;
+        Tinebase_Event::fireEvent($event);
+
         $accountData['id'] = $userId;
         $oldPassword = new Tinebase_Model_UserPassword(array('id' => $userId), true);
         $newPassword = new Tinebase_Model_UserPassword($accountData, true);