githubFork/roundcubemail.git

Thomas Bruederli

2016-04-17 cde7a9eb74b6fd6315885c30c0763e0ee5332499

commit \| author \| age
48e9c1	1	<?php
T	2
	3	/**
	4	* Folders Access Control Lists Management (RFC4314, RFC2086)
	5	*
	6	* @version @package_version@
	7	* @author Aleksander Machniak <alec@alec.pl>
	8	*
	9	*
	10	* Copyright (C) 2011-2012, Kolab Systems AG
	11	*
07c6c6	12	* This program is free software: you can redistribute it and/or modify
TB	13	* it under the terms of the GNU General Public License as published by
	14	* the Free Software Foundation, either version 3 of the License, or
	15	* (at your option) any later version.
48e9c1	16	*
T	17	* This program is distributed in the hope that it will be useful,
	18	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	19	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	20	* GNU General Public License for more details.
	21	*
07c6c6	22	* You should have received a copy of the GNU General Public License
TB	23	* along with this program. If not, see http://www.gnu.org/licenses/.
48e9c1	24	*/
T	25
	26	class acl extends rcube_plugin
	27	{
	28	public $task = 'settings\|addressbook\|calendar';
	29
	30	private $rc;
	31	private $supported = null;
	32	private $mbox;
	33	private $ldap;
	34	private $specials = array('anyone', 'anonymous');
	35
	36	/**
	37	* Plugin initialization
	38	*/
	39	function init()
	40	{
	41	$this->rc = rcmail::get_instance();
	42
	43	// Register hooks
	44	$this->add_hook('folder_form', array($this, 'folder_form'));
	45	// kolab_addressbook plugin
	46	$this->add_hook('addressbook_form', array($this, 'folder_form'));
	47	$this->add_hook('calendar_form_kolab', array($this, 'folder_form'));
	48	// Plugin actions
	49	$this->register_action('plugin.acl', array($this, 'acl_actions'));
	50	$this->register_action('plugin.acl-autocomplete', array($this, 'acl_autocomplete'));
	51	}
	52
	53	/**
	54	* Handler for plugin actions (AJAX)
	55	*/
	56	function acl_actions()
	57	{
61be82	58	$action = trim(rcube_utils::get_input_value('_act', rcube_utils::INPUT_GPC));
48e9c1	59
T	60	// Connect to IMAP
	61	$this->rc->storage_init();
	62
	63	// Load localization and configuration
	64	$this->add_texts('localization/');
	65	$this->load_config();
	66
	67	if ($action == 'save') {
	68	$this->action_save();
	69	}
	70	else if ($action == 'delete') {
	71	$this->action_delete();
	72	}
	73	else if ($action == 'list') {
	74	$this->action_list();
	75	}
	76
	77	// Only AJAX actions
	78	$this->rc->output->send();
	79	}
	80
	81	/**
	82	* Handler for user login autocomplete request
	83	*/
	84	function acl_autocomplete()
	85	{
	86	$this->load_config();
	87
61be82	88	$search = rcube_utils::get_input_value('_search', rcube_utils::INPUT_GPC, true);
AM	89	$sid = rcube_utils::get_input_value('_id', rcube_utils::INPUT_GPC);
48e9c1	90	$users = array();
T	91
	92	if ($this->init_ldap()) {
	93	$max = (int) $this->rc->config->get('autocomplete_max', 15);
	94	$mode = (int) $this->rc->config->get('addressbook_search_mode');
	95
	96	$this->ldap->set_pagesize($max);
	97	$result = $this->ldap->search('*', $search, $mode);
	98
	99	foreach ($result->records as $record) {
	100	$user = $record['uid'];
	101
	102	if (is_array($user)) {
	103	$user = array_filter($user);
	104	$user = $user[0];
	105	}
	106
	107	if ($user) {
	108	if ($record['name'])
	109	$user = $record['name'] . ' (' . $user . ')';
	110
	111	$users[] = $user;
	112	}
	113	}
a1bb59	114
AM	115	if ($this->rc->config->get('acl_groups')) {
	116	$prefix = $this->rc->config->get('acl_group_prefix');
	117	$result = $this->ldap->list_groups($search, $mode);
	118
	119	foreach ($result as $record) {
	120	$group = $record['name'];
	121
	122	if ($group) {
	123	$users[] = array('name' => ($prefix ? $prefix : '') . $group, 'display' => $group);
	124	$keys[] = $group;
	125	}
	126	}
	127	}
48e9c1	128	}
T	129
	130	sort($users, SORT_LOCALE_STRING);
	131
	132	$this->rc->output->command('ksearch_query_results', $users, $search, $sid);
	133	$this->rc->output->send();
	134	}
	135
	136	/**
	137	* Handler for 'folder_form' hook
	138	*
	139	* @param array $args Hook arguments array (form data)
	140	*
	141	* @return array Hook arguments array
	142	*/
	143	function folder_form($args)
	144	{
	145	$mbox_imap = $args['options']['name'];
b866a2	146	$myrights = $args['options']['rights'];
AM	147
	148	// Edited folder name (empty in create-folder mode)
48e9c1	149	if (!strlen($mbox_imap)) {
T	150	return $args;
	151	}
	152	/*
	153	// Do nothing on protected folders (?)
	154	if ($args['options']['protected']) {
	155	return $args;
	156	}
	157	*/
	158	// Get MYRIGHTS
b866a2	159	if (empty($myrights)) {
48e9c1	160	return $args;
T	161	}
	162
	163	// Load localization and include scripts
	164	$this->load_config();
fc55bc	165	$this->specials = $this->rc->config->get('acl_specials', $this->specials);
48e9c1	166	$this->add_texts('localization/', array('deleteconfirm', 'norights',
f8a57e	167	'nouser', 'deleting', 'saving', 'newuser', 'editperms'));
TB	168	$this->rc->output->add_label('save', 'cancel');
48e9c1	169	$this->include_script('acl.js');
T	170	$this->rc->output->include_script('list.js');
	171	$this->include_stylesheet($this->local_skin_path().'/acl.css');
	172
	173	// add Info fieldset if it doesn't exist
	174	if (!isset($args['form']['props']['fieldsets']['info']))
	175	$args['form']['props']['fieldsets']['info'] = array(
61be82	176	'name' => $this->rc->gettext('info'),
48e9c1	177	'content' => array());
T	178
	179	// Display folder rights to 'Info' fieldset
	180	$args['form']['props']['fieldsets']['info']['content']['myrights'] = array(
61be82	181	'label' => rcube::Q($this->gettext('myrights')),
48e9c1	182	'value' => $this->acl2text($myrights)
T	183	);
	184
	185	// Return if not folder admin
	186	if (!in_array('a', $myrights)) {
	187	return $args;
	188	}
	189
	190	// The 'Sharing' tab
	191	$this->mbox = $mbox_imap;
	192	$this->rc->output->set_env('acl_users_source', (bool) $this->rc->config->get('acl_users_source'));
	193	$this->rc->output->set_env('mailbox', $mbox_imap);
	194	$this->rc->output->add_handlers(array(
	195	'acltable' => array($this, 'templ_table'),
	196	'acluser' => array($this, 'templ_user'),
	197	'aclrights' => array($this, 'templ_rights'),
	198	));
	199
	200	$this->rc->output->set_env('autocomplete_max', (int)$this->rc->config->get('autocomplete_max', 15));
	201	$this->rc->output->set_env('autocomplete_min_length', $this->rc->config->get('autocomplete_min_length'));
	202	$this->rc->output->add_label('autocompletechars', 'autocompletemore');
	203
	204	$args['form']['sharing'] = array(
61be82	205	'name' => rcube::Q($this->gettext('sharing')),
48e9c1	206	'content' => $this->rc->output->parse('acl.table', false, false),
T	207	);
	208
	209	return $args;
	210	}
	211
	212	/**
	213	* Creates ACL rights table
	214	*
	215	* @param array $attrib Template object attributes
	216	*
	217	* @return string HTML Content
	218	*/
	219	function templ_table($attrib)
	220	{
	221	if (empty($attrib['id']))
	222	$attrib['id'] = 'acl-table';
	223
	224	$out = $this->list_rights($attrib);
	225
	226	$this->rc->output->add_gui_object('acltable', $attrib['id']);
	227
	228	return $out;
	229	}
	230
	231	/**
	232	* Creates ACL rights form (rights list part)
	233	*
	234	* @param array $attrib Template object attributes
	235	*
	236	* @return string HTML Content
	237	*/
	238	function templ_rights($attrib)
	239	{
	240	// Get supported rights
	241	$supported = $this->rights_supported();
	242
	243	// depending on server capability either use 'te' or 'd' for deleting msgs
	244	$deleteright = implode(array_intersect(str_split('ted'), $supported));
	245
	246	$out = '';
	247	$ul = '';
	248	$input = new html_checkbox();
	249
	250	// Advanced rights
	251	$attrib['id'] = 'advancedrights';
2db42c	252	foreach ($supported as $key => $val) {
AM	253	$id = "acl$val";
48e9c1	254	$ul .= html::tag('li', null,
T	255	$input->show('', array(
	256	'name' => "acl[$val]", 'value' => $val, 'id' => $id))
	257	. html::label(array('for' => $id, 'title' => $this->gettext('longacl'.$val)),
	258	$this->gettext('acl'.$val)));
	259	}
	260
	261	$out = html::tag('ul', $attrib, $ul, html::$common_attrib);
	262
	263	// Simple rights
	264	$ul = '';
	265	$attrib['id'] = 'simplerights';
	266	$items = array(
	267	'read' => 'lrs',
	268	'write' => 'wi',
	269	'delete' => $deleteright,
	270	'other' => preg_replace('/[lrswi'.$deleteright.']/', '', implode($supported)),
	271	);
	272
	273	foreach ($items as $key => $val) {
	274	$id = "acl$key";
	275	$ul .= html::tag('li', null,
	276	$input->show('', array(
	277	'name' => "acl[$val]", 'value' => $val, 'id' => $id))
	278	. html::label(array('for' => $id, 'title' => $this->gettext('longacl'.$key)),
	279	$this->gettext('acl'.$key)));
	280	}
	281
	282	$out .= "\n" . html::tag('ul', $attrib, $ul, html::$common_attrib);
	283
	284	$this->rc->output->set_env('acl_items', $items);
	285
	286	return $out;
	287	}
	288
	289	/**
	290	* Creates ACL rights form (user part)
	291	*
	292	* @param array $attrib Template object attributes
	293	*
	294	* @return string HTML Content
	295	*/
	296	function templ_user($attrib)
	297	{
	298	// Create username input
	299	$attrib['name'] = 'acluser';
	300
	301	$textfield = new html_inputfield($attrib);
	302
	303	$fields['user'] = html::label(array('for' => 'iduser'), $this->gettext('username'))
	304	. ' ' . $textfield->show();
	305
	306	// Add special entries
	307	if (!empty($this->specials)) {
	308	foreach ($this->specials as $key) {
	309	$fields[$key] = html::label(array('for' => 'id'.$key), $this->gettext($key));
	310	}
	311	}
	312
	313	$this->rc->output->set_env('acl_specials', $this->specials);
	314
	315	// Create list with radio buttons
	316	if (count($fields) > 1) {
	317	$ul = '';
	318	$radio = new html_radiobutton(array('name' => 'usertype'));
	319	foreach ($fields as $key => $val) {
	320	$ul .= html::tag('li', null, $radio->show($key == 'user' ? 'user' : '',
	321	array('value' => $key, 'id' => 'id'.$key))
	322	. $val);
	323	}
	324
f8a57e	325	$out = html::tag('ul', array('id' => 'usertype', 'class' => $attrib['class']), $ul, html::$common_attrib);
48e9c1	326	}
T	327	// Display text input alone
	328	else {
	329	$out = $fields['user'];
	330	}
	331
	332	return $out;
	333	}
	334
	335	/**
	336	* Creates ACL rights table
	337	*
	338	* @param array $attrib Template object attributes
	339	*
	340	* @return string HTML Content
	341	*/
	342	private function list_rights($attrib=array())
	343	{
	344	// Get ACL for the folder
	345	$acl = $this->rc->storage->get_acl($this->mbox);
	346
	347	if (!is_array($acl)) {
	348	$acl = array();
	349	}
	350
	351	// Keep special entries (anyone/anonymous) on top of the list
	352	if (!empty($this->specials) && !empty($acl)) {
	353	foreach ($this->specials as $key) {
	354	if (isset($acl[$key])) {
	355	$acl_special[$key] = $acl[$key];
	356	unset($acl[$key]);
	357	}
	358	}
	359	}
	360
	361	// Sort the list by username
	362	uksort($acl, 'strnatcasecmp');
	363
	364	if (!empty($acl_special)) {
	365	$acl = array_merge($acl_special, $acl);
	366	}
	367
	368	// Get supported rights and build column names
	369	$supported = $this->rights_supported();
	370
	371	// depending on server capability either use 'te' or 'd' for deleting msgs
	372	$deleteright = implode(array_intersect(str_split('ted'), $supported));
	373
	374	// Use advanced or simple (grouped) rights
	375	$advanced = $this->rc->config->get('acl_advanced_mode');
	376
	377	if ($advanced) {
	378	$items = array();
	379	foreach ($supported as $sup) {
	380	$items[$sup] = $sup;
	381	}
	382	}
	383	else {
	384	$items = array(
	385	'read' => 'lrs',
	386	'write' => 'wi',
	387	'delete' => $deleteright,
	388	'other' => preg_replace('/[lrswi'.$deleteright.']/', '', implode($supported)),
	389	);
	390	}
	391
	392	// Create the table
	393	$attrib['noheader'] = true;
	394	$table = new html_table($attrib);
	395
	396	// Create table header
	397	$table->add_header('user', $this->gettext('identifier'));
	398	foreach (array_keys($items) as $key) {
	399	$label = $this->gettext('shortacl'.$key);
	400	$table->add_header(array('class' => 'acl'.$key, 'title' => $label), $label);
	401	}
	402
	403	$js_table = array();
	404	foreach ($acl as $user => $rights) {
	405	if ($this->rc->storage->conn->user == $user) {
	406	continue;
	407	}
	408
	409	// filter out virtual rights (c or d) the server may return
	410	$userrights = array_intersect($rights, $supported);
61be82	411	$userid = rcube_utils::html_identifier($user);
48e9c1	412
T	413	if (!empty($this->specials) && in_array($user, $this->specials)) {
	414	$user = $this->gettext($user);
	415	}
	416
	417	$table->add_row(array('id' => 'rcmrow'.$userid));
61be82	418	$table->add('user', rcube::Q($user));
48e9c1	419
T	420	foreach ($items as $key => $right) {
	421	$in = $this->acl_compare($userrights, $right);
	422	switch ($in) {
	423	case 2: $class = 'enabled'; break;
	424	case 1: $class = 'partial'; break;
	425	default: $class = 'disabled'; break;
	426	}
	427	$table->add('acl' . $key . ' ' . $class, '');
	428	}
	429
	430	$js_table[$userid] = implode($userrights);
	431	}
	432
	433	$this->rc->output->set_env('acl', $js_table);
	434	$this->rc->output->set_env('acl_advanced', $advanced);
	435
	436	$out = $table->show();
	437
	438	return $out;
	439	}
	440
	441	/**
	442	* Handler for ACL update/create action
	443	*/
	444	private function action_save()
	445	{
376cbf	446	$mbox = trim(rcube_utils::get_input_value('_mbox', rcube_utils::INPUT_POST, true)); // UTF7-IMAP
AM	447	$user = trim(rcube_utils::get_input_value('_user', rcube_utils::INPUT_POST));
	448	$acl = trim(rcube_utils::get_input_value('_acl', rcube_utils::INPUT_POST));
	449	$oldid = trim(rcube_utils::get_input_value('_old', rcube_utils::INPUT_POST));
48e9c1	450
c027ba	451	$acl = array_intersect(str_split($acl), $this->rights_supported());
AM	452	$users = $oldid ? array($user) : explode(',', $user);
	453	$result = 0;
48e9c1	454
T	455	foreach ($users as $user) {
a1bb59	456	$user = trim($user);
AM	457	$prefix = $this->rc->config->get('acl_groups') ? $this->rc->config->get('acl_group_prefix') : '';
48e9c1	458
a1bb59	459	if ($prefix && strpos($user, $prefix) === 0) {
AM	460	$username = $user;
	461	}
	462	else if (!empty($this->specials) && in_array($user, $this->specials)) {
48e9c1	463	$username = $this->gettext($user);
T	464	}
b61041	465	else if (!empty($user)) {
48e9c1	466	if (!strpos($user, '@') && ($realm = $this->get_realm())) {
61be82	467	$user .= '@' . rcube_utils::idn_to_ascii(preg_replace('/^@/', '', $realm));
48e9c1	468	}
T	469	$username = $user;
	470	}
	471
	472	if (!$acl \|\| !$user \|\| !strlen($mbox)) {
	473	continue;
	474	}
	475
dfb926	476	$user = $this->mod_login($user);
AM	477	$username = $this->mod_login($username);
	478
48e9c1	479	if ($user != $_SESSION['username'] && $username != $_SESSION['username']) {
T	480	if ($this->rc->storage->set_acl($mbox, $user, $acl)) {
61be82	481	$ret = array('id' => rcube_utils::html_identifier($user),
48e9c1	482	'username' => $username, 'acl' => implode($acl), 'old' => $oldid);
T	483	$this->rc->output->command('acl_update', $ret);
	484	$result++;
	485	}
	486	}
	487	}
	488
	489	if ($result) {
	490	$this->rc->output->show_message($oldid ? 'acl.updatesuccess' : 'acl.createsuccess', 'confirmation');
	491	}
	492	else {
	493	$this->rc->output->show_message($oldid ? 'acl.updateerror' : 'acl.createerror', 'error');
	494	}
	495	}
	496
	497	/**
	498	* Handler for ACL delete action
	499	*/
	500	private function action_delete()
	501	{
376cbf	502	$mbox = trim(rcube_utils::get_input_value('_mbox', rcube_utils::INPUT_POST, true)); //UTF7-IMAP
AM	503	$user = trim(rcube_utils::get_input_value('_user', rcube_utils::INPUT_POST));
48e9c1	504
T	505	$user = explode(',', $user);
	506
	507	foreach ($user as $u) {
	508	$u = trim($u);
	509	if ($this->rc->storage->delete_acl($mbox, $u)) {
61be82	510	$this->rc->output->command('acl_remove_row', rcube_utils::html_identifier($u));
48e9c1	511	}
T	512	else {
	513	$error = true;
	514	}
	515	}
	516
	517	if (!$error) {
	518	$this->rc->output->show_message('acl.deletesuccess', 'confirmation');
	519	}
	520	else {
	521	$this->rc->output->show_message('acl.deleteerror', 'error');
	522	}
	523	}
	524
	525	/**
	526	* Handler for ACL list update action (with display mode change)
	527	*/
	528	private function action_list()
	529	{
	530	if (in_array('acl_advanced_mode', (array)$this->rc->config->get('dont_override'))) {
	531	return;
	532	}
	533
61be82	534	$this->mbox = trim(rcube_utils::get_input_value('_mbox', rcube_utils::INPUT_GPC, true)); // UTF7-IMAP
AM	535	$advanced = trim(rcube_utils::get_input_value('_mode', rcube_utils::INPUT_GPC));
48e9c1	536	$advanced = $advanced == 'advanced' ? true : false;
T	537
	538	// Save state in user preferences
	539	$this->rc->user->save_prefs(array('acl_advanced_mode' => $advanced));
	540
	541	$out = $this->list_rights();
	542
	543	$out = preg_replace(array('/^<table[^>]+>/', '/<\/table>$/'), '', $out);
	544
	545	$this->rc->output->command('acl_list_update', $out);
	546	}
	547
	548	/**
	549	* Creates <UL> list with descriptive access rights
	550	*
	551	* @param array $rights MYRIGHTS result
	552	*
	553	* @return string HTML content
	554	*/
	555	function acl2text($rights)
	556	{
	557	if (empty($rights)) {
	558	return '';
	559	}
	560
	561	$supported = $this->rights_supported();
	562	$list = array();
	563	$attrib = array(
	564	'name' => 'rcmyrights',
	565	'style' => 'margin:0; padding:0 15px;',
	566	);
	567
	568	foreach ($supported as $right) {
	569	if (in_array($right, $rights)) {
61be82	570	$list[] = html::tag('li', null, rcube::Q($this->gettext('acl' . $right)));
48e9c1	571	}
T	572	}
	573
	574	if (count($list) == count($supported))
61be82	575	return rcube::Q($this->gettext('aclfull'));
48e9c1	576
T	577	return html::tag('ul', $attrib, implode("\n", $list));
	578	}
	579
	580	/**
	581	* Compares two ACLs (according to supported rights)
	582	*
	583	* @param array $acl1 ACL rights array (or string)
	584	* @param array $acl2 ACL rights array (or string)
	585	*
	586	* @param int Comparision result, 2 - full match, 1 - partial match, 0 - no match
	587	*/
	588	function acl_compare($acl1, $acl2)
	589	{
	590	if (!is_array($acl1)) $acl1 = str_split($acl1);
	591	if (!is_array($acl2)) $acl2 = str_split($acl2);
	592
	593	$rights = $this->rights_supported();
	594
	595	$acl1 = array_intersect($acl1, $rights);
	596	$acl2 = array_intersect($acl2, $rights);
	597	$res = array_intersect($acl1, $acl2);
	598
	599	$cnt1 = count($res);
	600	$cnt2 = count($acl2);
	601
	602	if ($cnt1 == $cnt2)
	603	return 2;
	604	else if ($cnt1)
	605	return 1;
	606	else
	607	return 0;
	608	}
	609
	610	/**
	611	* Get list of supported access rights (according to RIGHTS capability)
	612	*
	613	* @return array List of supported access rights abbreviations
	614	*/
	615	function rights_supported()
	616	{
	617	if ($this->supported !== null) {
	618	return $this->supported;
	619	}
	620
	621	$capa = $this->rc->storage->get_capability('RIGHTS');
	622
	623	if (is_array($capa)) {
	624	$rights = strtolower($capa[0]);
	625	}
	626	else {
	627	$rights = 'cd';
	628	}
	629
	630	return $this->supported = str_split('lrswi' . $rights . 'pa');
	631	}
	632
	633	/**
	634	* Username realm detection.
	635	*
	636	* @return string Username realm (domain)
	637	*/
	638	private function get_realm()
	639	{
	640	// When user enters a username without domain part, realm
654ac1	641	// allows to add it to the username (and display correct username in the table)
48e9c1	642
T	643	if (isset($_SESSION['acl_username_realm'])) {
	644	return $_SESSION['acl_username_realm'];
	645	}
	646
	647	// find realm in username of logged user (?)
	648	list($name, $domain) = explode('@', $_SESSION['username']);
	649
	650	// Use (always existent) ACL entry on the INBOX for the user to determine
	651	// whether or not the user ID in ACL entries need to be qualified and how
	652	// they would need to be qualified.
	653	if (empty($domain)) {
	654	$acl = $this->rc->storage->get_acl('INBOX');
	655	if (is_array($acl)) {
	656	$regexp = '/^' . preg_quote($_SESSION['username'], '/') . '@(.*)$/';
	657	foreach (array_keys($acl) as $name) {
	658	if (preg_match($regexp, $name, $matches)) {
	659	$domain = $matches[1];
	660	break;
	661	}
	662	}
	663	}
	664	}
	665
	666	return $_SESSION['acl_username_realm'] = $domain;
	667	}
	668
	669	/**
	670	* Initializes autocomplete LDAP backend
	671	*/
	672	private function init_ldap()
	673	{
	674	if ($this->ldap)
	675	return $this->ldap->ready;
	676
	677	// get LDAP config
	678	$config = $this->rc->config->get('acl_users_source');
	679
	680	if (empty($config)) {
	681	return false;
	682	}
	683
	684	// not an array, use configured ldap_public source
	685	if (!is_array($config)) {
	686	$ldap_config = (array) $this->rc->config->get('ldap_public');
	687	$config = $ldap_config[$config];
	688	}
	689
	690	$uid_field = $this->rc->config->get('acl_users_field', 'mail');
	691	$filter = $this->rc->config->get('acl_users_filter');
	692
	693	if (empty($uid_field) \|\| empty($config)) {
	694	return false;
	695	}
	696
	697	// get name attribute
	698	if (!empty($config['fieldmap'])) {
	699	$name_field = $config['fieldmap']['name'];
	700	}
	701	// ... no fieldmap, use the old method
	702	if (empty($name_field)) {
	703	$name_field = $config['name_field'];
	704	}
	705
	706	// add UID field to fieldmap, so it will be returned in a record with name
	707	$config['fieldmap'] = array(
	708	'name' => $name_field,
	709	'uid' => $uid_field,
	710	);
	711
	712	// search in UID and name fields
	713	$config['search_fields'] = array_values($config['fieldmap']);
	714	$config['required_fields'] = array($uid_field);
	715
	716	// set search filter
	717	if ($filter)
	718	$config['filter'] = $filter;
	719
	720	// disable vlv
	721	$config['vlv'] = false;
	722
	723	// Initialize LDAP connection
	724	$this->ldap = new rcube_ldap($config,
	725	$this->rc->config->get('ldap_debug'),
	726	$this->rc->config->mail_domain($_SESSION['imap_host']));
	727
	728	return $this->ldap->ready;
	729	}
dfb926	730
AM	731	/**
	732	* Modify user login according to 'login_lc' setting
	733	*/
	734	protected function mod_login($user)
	735	{
	736	$login_lc = $this->rc->config->get('login_lc');
	737
	738	if ($login_lc === true \|\| $login_lc == 2) {
	739	$user = mb_strtolower($user);
	740	}
	741	// lowercase domain name
	742	else if ($login_lc && strpos($user, '@')) {
	743	list($local, $domain) = explode('@', $user);
	744	$user = $local . '@' . mb_strtolower($domain);
	745	}
	746
	747	return $user;
	748	}
48e9c1	749	}