Thread: [Postfixadmin-devel] postfixadmin with ldap
Brought to you by:
christian_boltz,
gingerdog
Menu
▾
▴
postfixadmin-devel
|
From: Vikas P. <par...@gm...> - 2014-11-17 18:32:29
|
Hi, Some days back i have written some code to use postfixadmin with ldap backend. But i think before put it on the repo. I want to write a plugin that will help to add the ldap backend with postfixadmin. Could any body please give me some suggestion or guidelines on it. |
|
From: Christian B. <pos...@cb...> - 2014-11-24 17:49:45
|
Hello, Am Dienstag, 18. November 2014 schrieb Vikas Parashar: > Some days back i have written some code to use postfixadmin with ldap > backend. But i think before put it on the repo. I want to write a > plugin that will help to add the ldap backend with postfixadmin. Adding LDAP support sounds like lots of work - basically you need to replace all db_*() functions and also need to "translate" the SQL queries to something that LDAP understands. Most queries are built in PFAHandler.php and some db_*() functions nowadays, but we still have some hand-written queries here and there. To make things interesting, LDAP is quite different from SQL. Don't get me wrong - I don't want to stop you. I just want to warn you that this won't be an easy ride ;-) BTW: list-admin.php, list-domain.php, fetchmail.php and vacation.php will be replaced by list.php and edit.php sooner or later, so better don't invest time on them. > Could any body please give me some suggestion or guidelines on it. I'm afraid I can't offer a simple receipe ;-) - maybe the easiest way is to join the #postfixadmin IRC channel on freenode and to ask there. I'm usually there in the (CET) evening (username "cboltz"). Regards, Christian Boltz -- looks like you have some special code in yast for password "x", maybe I should use the even more secure new password "y" in the future ?! ;-) [Harald Koenig in https://bugzilla.novell.com/show_bug.cgi?id=148464] |
|
From: Robert M. <rg...@ht...> - 2014-11-24 18:17:30
|
On 11/24/2014 12:49 PM, Christian Boltz wrote: > Hello, > > Am Dienstag, 18. November 2014 schrieb Vikas Parashar: >> Some days back i have written some code to use postfixadmin with ldap >> backend. But i think before put it on the repo. I want to write a >> plugin that will help to add the ldap backend with postfixadmin. > Adding LDAP support sounds like lots of work - basically you need to > replace all db_*() functions and also need to "translate" the SQL > queries to something that LDAP understands. > > Most queries are built in PFAHandler.php and some db_*() functions > nowadays, but we still have some hand-written queries here and there. Oh it is more than that. All the subsystems that are expecting an sql db for the domain and users and vacations and, would have to be changed. All the postfix, spamassasin, dovecot, amavis-new, roundcube,... Need I go on? Though one might say that there are already instructions for different sql backends for most of these, so an ldap backend would just be one more. As it is, I have heard some rumblings about mariadb. > > To make things interesting, LDAP is quite different from SQL. > > Don't get me wrong - I don't want to stop you. I just want to warn you > that this won't be an easy ride ;-) > > BTW: list-admin.php, list-domain.php, fetchmail.php and vacation.php > will be replaced by list.php and edit.php sooner or later, so better > don't invest time on them. > >> Could any body please give me some suggestion or guidelines on it. > I'm afraid I can't offer a simple receipe ;-) - maybe the easiest way is > to join the #postfixadmin IRC channel on freenode and to ask there. > I'm usually there in the (CET) evening (username "cboltz"). > > > Regards, > > Christian Boltz |
|
From: Vikas P. <par...@gm...> - 2014-11-24 18:26:56
|
Hi Robert/Boltz, Thanks for your support. Actually, i have done it for one of my client in which i have put a elif condition and call the ldap query there. i don't think so it's a right thing to go ahead. Personally, i want to write a plugin that we can easily attached just like a patch. Hope, i shall give you some good news soon. On Mon, Nov 24, 2014 at 12:58 PM, Robert Moskowitz <rg...@ht...> wrote: > > On 11/24/2014 12:49 PM, Christian Boltz wrote: > >> Hello, >> >> Am Dienstag, 18. November 2014 schrieb Vikas Parashar: >> >>> Some days back i have written some code to use postfixadmin with ldap >>> backend. But i think before put it on the repo. I want to write a >>> plugin that will help to add the ldap backend with postfixadmin. >>> >> Adding LDAP support sounds like lots of work - basically you need to >> replace all db_*() functions and also need to "translate" the SQL >> queries to something that LDAP understands. >> >> Most queries are built in PFAHandler.php and some db_*() functions >> nowadays, but we still have some hand-written queries here and there. >> > > Oh it is more than that. All the subsystems that are expecting an sql db > for the domain and users and vacations and, would have to be changed. All > the postfix, spamassasin, dovecot, amavis-new, roundcube,... Need I go on? > > Though one might say that there are already instructions for different sql > backends for most of these, so an ldap backend would just be one more. As > it is, I have heard some rumblings about mariadb. > > > >> To make things interesting, LDAP is quite different from SQL. >> >> Don't get me wrong - I don't want to stop you. I just want to warn you >> that this won't be an easy ride ;-) >> >> BTW: list-admin.php, list-domain.php, fetchmail.php and vacation.php >> will be replaced by list.php and edit.php sooner or later, so better >> don't invest time on them. >> >> Could any body please give me some suggestion or guidelines on it. >>> >> I'm afraid I can't offer a simple receipe ;-) - maybe the easiest way is >> to join the #postfixadmin IRC channel on freenode and to ask there. >> I'm usually there in the (CET) evening (username "cboltz"). >> >> >> Regards, >> >> Christian Boltz >> > > |
|
From: Tanstaafl <tan...@li...> - 2014-11-25 13:20:30
|
On 11/24/2014 12:58 PM, Robert Moskowitz <rg...@ht...> wrote: > Though one might say that there are already instructions for different > sql backends for most of these, so an ldap backend would just be one > more. As it is, I have heard some rumblings about mariadb. Eh? What rumblings? MariaDB is billed as a 'drop-in replacement' for MySQL. Are you saying there are issues with it? I;m asking because we are currently running it, and without issues, but I've been a bit nervous about updates since apparently it is still considered a 'red-headed step-child'. I'd really, really like to see MariaDB become a formally, officially supported DB back end (where current release versions are tested against). |
|
From: Christian B. <pos...@cb...> - 2015-02-13 19:37:54
|
Hello, Am Dienstag, 25. November 2014 schrieb Tanstaafl: > Eh? What rumblings? MariaDB is billed as a 'drop-in replacement' for > MySQL. Are you saying there are issues with it? Basically it is a drop-in replacement, but we managed to write a query in a way that triggered an optimization bug in MariaDB, resulting in wrong query results. This bug is fixed in 2.92 (aka 3.0 beta2) by adding a workaround - if you are interested in details, have a look at bug#313 and bug#325 in the sourceforge tracker. Regards, Christian Boltz -- > [...] is currently down due to a failure in the NAS system. > [...] > your NAS (network attached storage) Oh. I thought it stood for Networked Adrian Schröter :D [> Adrian Schröter and Jean Delvare in opensuse-buildservice] |
|
From: Christian B. <pos...@cb...> - 2014-12-01 18:20:50
|
Hello,
Am Montag, 24. November 2014 schrieb Vikas Parashar:
> Actually, i have done it for one of my client in which i have put a
> elif condition and call the ldap query there. i don't think so it's a
> right thing to go ahead. Personally, i want to write a plugin that we
> can easily attached just like a patch.
That sounds even more interesting :-)
Can you send a patch with your current changes to give us an impression
what changes you needed to do? Even if this probably won't be the final
code, it could be helpful to help you converting it to a plugin.
BTW: I don't know much about LDAP, and AFAIK the other PostfixAdmin
developers also know SQL much better than LDAP. If we include LDAP
support in PostfixAdmin, would you be willing to maintain it?
Regards,
Christian Boltz
--
<jdstrand> jjohansen: curious-- is there a reason why child profiles
can't contain a '-' in their name?
<jjohansen> jdstrand: yes, because its not in the regex :P
<jdstrand> jjohansen: is there a reason why '-' is not in the child
profile regex? ;P [from #apparmor]
|
|
From: Vikas P. <par...@gm...> - 2014-12-08 05:41:04
|
Hello, On Mon, Dec 1, 2014 at 11:50 PM, Christian Boltz <pos...@cb...> wrote: > Hello, > > Am Montag, 24. November 2014 schrieb Vikas Parashar: > > Actually, i have done it for one of my client in which i have put a > > elif condition and call the ldap query there. i don't think so it's a > > right thing to go ahead. Personally, i want to write a plugin that we > > can easily attached just like a patch. > > That sounds even more interesting :-) > > Can you send a patch with your current changes to give us an impression > what changes you needed to do? Even if this probably won't be the final > code, it could be helpful to help you converting it to a plugin. > Give me couple of weeks, will send you soon. > > BTW: I don't know much about LDAP, and AFAIK the other PostfixAdmin > developers also know SQL much better than LDAP. If we include LDAP > support in PostfixAdmin, would you be willing to maintain it? > Yes, i will maintain it. > > > Regards, > > Christian Boltz > -- > <jdstrand> jjohansen: curious-- is there a reason why child profiles > can't contain a '-' in their name? > <jjohansen> jdstrand: yes, because its not in the regex :P > <jdstrand> jjohansen: is there a reason why '-' is not in the child > profile regex? ;P [from #apparmor] > > |
|
From: Vikas P. <par...@gm...> - 2015-01-27 14:59:27
|
Hi Christian, I have written some thing as per our discussion, Could you please guide me how & where i can show you that functionality and my code? As i am not a core programmer, could you please guide me(or give me some pointer) to write good code. So that, i can execute my idea in better way. On Mon, Dec 8, 2014 at 11:10 AM, Vikas Parashar <par...@gm...> wrote: > Hello, > > > On Mon, Dec 1, 2014 at 11:50 PM, Christian Boltz <pos...@cb...> > wrote: > >> Hello, >> >> Am Montag, 24. November 2014 schrieb Vikas Parashar: >> > Actually, i have done it for one of my client in which i have put a >> > elif condition and call the ldap query there. i don't think so it's a >> > right thing to go ahead. Personally, i want to write a plugin that we >> > can easily attached just like a patch. >> >> That sounds even more interesting :-) >> >> Can you send a patch with your current changes to give us an impression >> what changes you needed to do? Even if this probably won't be the final >> code, it could be helpful to help you converting it to a plugin. >> > > Give me couple of weeks, will send you soon. > >> >> BTW: I don't know much about LDAP, and AFAIK the other PostfixAdmin >> developers also know SQL much better than LDAP. If we include LDAP >> support in PostfixAdmin, would you be willing to maintain it? >> > > Yes, i will maintain it. > > >> >> >> Regards, >> >> Christian Boltz >> -- >> <jdstrand> jjohansen: curious-- is there a reason why child profiles >> can't contain a '-' in their name? >> <jjohansen> jdstrand: yes, because its not in the regex :P >> <jdstrand> jjohansen: is there a reason why '-' is not in the child >> profile regex? ;P [from #apparmor] >> >> > |
|
From: Vikas P. <par...@gm...> - 2015-02-02 03:07:03
|
Hello, Can someone guide me? On Tue, Jan 27, 2015 at 8:29 PM, Vikas Parashar <par...@gm...> wrote: > Hi Christian, > > I have written some thing as per our discussion, Could you please guide me > how & where i can show you that functionality and my code? > As i am not a core programmer, could you please guide me(or give me some > pointer) to write good code. So that, i can execute my idea in better way. > > On Mon, Dec 8, 2014 at 11:10 AM, Vikas Parashar <par...@gm...> > wrote: > >> Hello, >> >> >> On Mon, Dec 1, 2014 at 11:50 PM, Christian Boltz <pos...@cb...> >> wrote: >> >>> Hello, >>> >>> Am Montag, 24. November 2014 schrieb Vikas Parashar: >>> > Actually, i have done it for one of my client in which i have put a >>> > elif condition and call the ldap query there. i don't think so it's a >>> > right thing to go ahead. Personally, i want to write a plugin that we >>> > can easily attached just like a patch. >>> >>> That sounds even more interesting :-) >>> >>> Can you send a patch with your current changes to give us an impression >>> what changes you needed to do? Even if this probably won't be the final >>> code, it could be helpful to help you converting it to a plugin. >>> >> >> Give me couple of weeks, will send you soon. >> >>> >>> BTW: I don't know much about LDAP, and AFAIK the other PostfixAdmin >>> developers also know SQL much better than LDAP. If we include LDAP >>> support in PostfixAdmin, would you be willing to maintain it? >>> >> >> Yes, i will maintain it. >> >> >>> >>> >>> Regards, >>> >>> Christian Boltz >>> -- >>> <jdstrand> jjohansen: curious-- is there a reason why child profiles >>> can't contain a '-' in their name? >>> <jjohansen> jdstrand: yes, because its not in the regex :P >>> <jdstrand> jjohansen: is there a reason why '-' is not in the child >>> profile regex? ;P [from #apparmor] >>> >>> >> > |
|
From: Christian B. <pos...@cb...> - 2015-02-03 12:31:55
|
Hello,
Am Montag, 2. Februar 2015 schrieb Vikas Parashar:
> Can someone guide me?
Yes, of course. Sorry for the delay!
> On Tue, Jan 27, 2015 at 8:29 PM, Vikas Parashar wrote:
> > I have written some thing as per our discussion, Could you please
> > guide me how & where i can show you that functionality and my code?
I think you are talking about uploading your changed files or patches.
The tracker on Sourceforge is probably the best place for this:
http://sourceforge.net/p/postfixadmin/patches/
(Feel free to use a tarball if you want to upload multiple files.)
> > As i am not a core programmer, could you please guide me(or give me
> > some pointer) to write good code. So that, i can execute my idea in
> > better way.
That's an interesting question ;-)
Short answer: for coding style, have a look at
http://sourceforge.net/p/postfixadmin/wiki/Coding_guidelines/
which lists some basic rules.
Besides that, we don't have written rules. Maybe the best question to
answer is : if someone forces you to change your code in a year, would
you happily do that or would you heavily protest? ;-)
If you are looking for some examples,
- model/*, edit.php and list.php are what I'd call "good" code
- most of the files in the main directory are, well, not so good. With
the exception of edit.php and list.php, those files contain "grown"
code which also collected quite some issues over the years that make
maintenance harder.
- also, older versions of PostfixAdmin contain some interesting[tm]
stuff I don't want to see again - especially lots of code duplication
with different bugs in each copy :-/
Regards,
Christian Boltz
--
Oh großer Meister! Darf man euch untertänigst darauf aufmerksam
machen, daß das diff'en von Postscriptfonts komplette Unterordner
synchronisiert und diff't, unter Berücksichtigung von Links? :-)
[Ratti in fontlinge-devel]
|
|
From: Vikas P. <par...@gm...> - 2015-02-06 07:28:01
|
Hi Christian, Thanks you very much for your kind support. On Tue, Feb 3, 2015 at 5:43 PM, Christian Boltz <pos...@cb...> wrote: > Hello, > > Am Montag, 2. Februar 2015 schrieb Vikas Parashar: > > Can someone guide me? > > Yes, of course. Sorry for the delay! > There is nothing to say sorry, thank you for your valuable points. > > > On Tue, Jan 27, 2015 at 8:29 PM, Vikas Parashar wrote: > > > I have written some thing as per our discussion, Could you please > > > guide me how & where i can show you that functionality and my code? > > I think you are talking about uploading your changed files or patches. > The tracker on Sourceforge is probably the best place for this: > http://sourceforge.net/p/postfixadmin/patches/ > (Feel free to use a tarball if you want to upload multiple files.) > Ahh!, here i am using git, i can continue with svn as well. Personally, i think svn is too old fashion and very heavy. May be, we can think to move on git. Anyway, i can commit it to svn as well.. I would like to request to you kindly see my code on my git repo when will you get the chance. Right from the beginning, i am looking for some guidelines. I know only one rule KISS(Keep it simply stupid). :) Please check it here https://vic...@gi.../vickally/postfixadmin.git > > > As i am not a core programmer, could you please guide me(or give me > > > some pointer) to write good code. So that, i can execute my idea in > > > better way. > > That's an interesting question ;-) > Short answer: for coding style, have a look at > http://sourceforge.net/p/postfixadmin/wiki/Coding_guidelines/ > which lists some basic rules. > > Besides that, we don't have written rules. Maybe the best question to > answer is : if someone forces you to change your code in a year, would > you happily do that or would you heavily protest? ;-) > That depends on requirement, situation and community feedback. Yes, i would happily do that if required. > If you are looking for some examples, > - model/*, edit.php and list.php are what I'd call "good" code > - most of the files in the main directory are, well, not so good. With > the exception of edit.php and list.php, those files contain "grown" > code which also collected quite some issues over the years that make > maintenance harder. > - also, older versions of PostfixAdmin contain some interesting[tm] > stuff I don't want to see again - especially lots of code duplication > with different bugs in each copy :-/ > > > Regards, > > Christian Boltz > -- > Oh großer Meister! Darf man euch untertänigst darauf aufmerksam > machen, daß das diff'en von Postscriptfonts komplette Unterordner > synchronisiert und diff't, unter Berücksichtigung von Links? :-) > [Ratti in fontlinge-devel] > > |
|
From: Vikas P. <par...@gm...> - 2015-02-12 07:50:31
|
Hi Christian, Did you get the chance to look in it, as of now, i get stuck somewhere due to fear(or you might say conflict that would come). My fear is that more code more problem. So, i don't want to complete my code in one run. Guide me if i am driving on wrong way. Rg: Vikas Parashar On Fri, Feb 6, 2015 at 12:57 PM, Vikas Parashar <par...@gm...> wrote: > Hi Christian, > > Thanks you very much for your kind support. > > On Tue, Feb 3, 2015 at 5:43 PM, Christian Boltz <pos...@cb...> > wrote: > >> Hello, >> >> Am Montag, 2. Februar 2015 schrieb Vikas Parashar: >> > Can someone guide me? >> >> Yes, of course. Sorry for the delay! >> > There is nothing to say sorry, thank you for your valuable points. > >> >> > On Tue, Jan 27, 2015 at 8:29 PM, Vikas Parashar wrote: >> > > I have written some thing as per our discussion, Could you please >> > > guide me how & where i can show you that functionality and my code? >> >> I think you are talking about uploading your changed files or patches. >> The tracker on Sourceforge is probably the best place for this: >> http://sourceforge.net/p/postfixadmin/patches/ >> (Feel free to use a tarball if you want to upload multiple files.) >> > > Ahh!, here i am using git, i can continue with svn as well. Personally, i > think svn is too old fashion and very heavy. May be, we can think to move > on git. Anyway, i can commit it to svn as well.. > > I would like to request to you kindly see my code on my git repo when will > you get the chance. Right from the beginning, i am looking for some > guidelines. I know only one rule KISS(Keep it simply stupid). :) > > Please check it here https://vic...@gi.../vickally/postfixadmin.git > > > > >> > > As i am not a core programmer, could you please guide me(or give me >> > > some pointer) to write good code. So that, i can execute my idea in >> > > better way. >> >> That's an interesting question ;-) >> Short answer: for coding style, have a look at >> http://sourceforge.net/p/postfixadmin/wiki/Coding_guidelines/ >> which lists some basic rules. >> >> Besides that, we don't have written rules. Maybe the best question to >> answer is : if someone forces you to change your code in a year, would >> you happily do that or would you heavily protest? ;-) >> > > That depends on requirement, situation and community feedback. Yes, i > would happily do that if required. > > >> If you are looking for some examples, >> - model/*, edit.php and list.php are what I'd call "good" code >> - most of the files in the main directory are, well, not so good. With >> the exception of edit.php and list.php, those files contain "grown" >> code which also collected quite some issues over the years that make >> maintenance harder. >> - also, older versions of PostfixAdmin contain some interesting[tm] >> stuff I don't want to see again - especially lots of code duplication >> with different bugs in each copy :-/ >> >> >> Regards, >> >> Christian Boltz >> -- >> Oh großer Meister! Darf man euch untertänigst darauf aufmerksam >> machen, daß das diff'en von Postscriptfonts komplette Unterordner >> synchronisiert und diff't, unter Berücksichtigung von Links? :-) >> [Ratti in fontlinge-devel] >> >> > |
|
From: Christian B. <pos...@cb...> - 2015-02-13 19:28:08
|
Hello,
Am Donnerstag, 12. Februar 2015 schrieb Vikas Parashar:
> Did you get the chance to look in it, as of now, i get stuck somewhere
> due to fear(or you might say conflict that would come). My fear is
> that more code more problem. So, i don't want to complete my code in
> one run.
>
> Guide me if i am driving on wrong way.
I'm currently busy _and_ ill :-/ - but I'll give you a short review
nevertheless (based on your git commits). Please don't expect this
review to be complete, but you should at least get the most important
points.
Also note that I don't know much about LDAP, so please correct me if one
of my comments is wrong and/or crazy ;-)
In ldap.php, you have several lines like
+ if ($key == "domain" )
+ {
+ $new_array["vd"] = str_replace("'", '', $value);
+ }
This approach will break if for example someone adds a field.
Please do the escaping based on the field type specified in
$this->struct (see initStruct() in model/*Handler.php) or, if you want a
simple way, on every field.
(Speaking of escaping - does LDAP really allow all chars except ' as
valid? If not, using a char whitelist with allowed chars would be a
better option.)
Instead of
+ global $CONF;
please use Config::Read (or Config::bool etc. if it fits better)
Also, instead of having functions like ldap_domain_add() (what about
adding a mailbox or an admin? you'll need another function) it's much
better to use PFAHandler.php as a base. This probably isn't as easy as
it sounds because SQL and LDAP queries are much different, but I'm sure
it's possible.
For your local config changes, please create a file config.local.php
instead of editing config.inc.php. (You can of course add ldap examples
to config.inc.php.)
Also, please keep out templates_c/* out of git - those files are cache
files you can delete at any time without breaking something.
I see that you parse SELECT queries to convert them to LDAP at least in
some cases. Let me warn you that this will explode with the more
interesting SQL queries (for example, test list.php?table=domain is in
SNV, but not used yet - and does interesting SQL magic ;-)
Better modify the functions that generate the SQL queries. (I know that
list-$whatever.php still uses hardcoded queries - feel free to try
list.php instead).
> On Fri, Feb 6, 2015 at 12:57 PM, Vikas Parashar <par...@gm...>
> wrote:
> > On Tue, Feb 3, 2015 at 5:43 PM, Christian Boltzwrote:
> >> Am Montag, 2. Februar 2015 schrieb Vikas Parashar:
> > Ahh!, here i am using git, i can continue with svn as well.
> > Personally, i think svn is too old fashion and very heavy. May be,
> > we can think to move on git. Anyway, i can commit it to svn as
> > well..
That's an old discussion we had more than once ;-)
The advantage of SVN is that we can use the release number in
upgrade.php function names, which means adding a function is enough
(without the need to adjust a "highest function number" somewhere).
I'f open for ideas how to do this with git ;-)
That said - while you are writing your patch, using git is fine.
> > I would like to request to you kindly see my code on my git repo
> > when will you get the chance. Right from the beginning, i am
> > looking for some guidelines. I know only one rule KISS(Keep it
> > simply stupid). :)
Well, the other rules more or less base on KISS ;-)
If you think that we should add something less obvious to the coding
guidelines, just propose it ;-)
> > Please check it here
> > https://vic...@gi.../vickally/postfixadmin.git>
Regards,
Christian Boltz
--
> Also, Hosen runter:
Hose*n*! Du hast nur "die" Hose runtergelassen und die Unterhose
anbehalten. Nix da!
[> Stefan G. Weichinger und Peer Heinlein in postfixbuch-users]
|
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X