Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CDN Features for files uploaded to system #123

Open
wants to merge 226 commits into
base: master
Choose a base branch
from
Open

CDN Features for files uploaded to system #123

wants to merge 226 commits into from

Conversation

iHunt101
Copy link

Can you add this functionality o a script of php, just like the CDN rules that transfer or store all files on another server? Currently base on the plugin available, it oly store data in a folder. This will be a big help for a small storage server.

Jared Hancock and others added 30 commits December 13, 2013 10:23
If the search_base is not defined or not correct for the user being
authenticated and a search user and password is given and is correct,
attempt to lookup the user's DN and authenticate as the found DN with the
given password.
Add the "Telephone Number" field on the "General" tab of the Windows user
manager dialog to the "Phone Number" field of the user-to-be-created when
adding users from the LDAP directory into the system.
If the DNS servers were not considered, the empty string would be
interpreted as a list of one DNS server with an empty IP address. Therefore,
the name servers specified in the system DNS configuration would not be
used.

This patch corrects the issue by filtering empty DNS server specifications.
This is necessary so we can split Staff/User authentication.
Authentication Backends Revisited

Reviewed-By: Jared Hancock <[email protected]>
Add plugin builder script to create PHAR files
Previously the DN length was capped at 80 chars. This patch allows
specification of up to 120 chars.
ldap: Allow specification of extremely long DNs
ldap: AD: Add validation errors
Also search for inetOrgPerson objectClass objects for standard LDAP systems
rather than assuming that all users have the posixAccount class as well.
display some more information to the admin user configuring the plugin
Use composer to download and manage dependencies
Attachment storage in Amazon S3

Reviewed-By: Peter Rotich <[email protected]>
JediKev and others added 30 commits December 5, 2022 17:12
This addresses an issue where we are still using the static ID instead
of using the Backend ID causing Agent lookups and searches to fail. This
updates both places we use the static ID to `getBkId()` instead. This
will retrieve the proper Backend ID and will allow Agent lookups and
searches to function successfully.
This addresses an issue reported on the Forum where you click a direct
link from an email or something, you hit the login page, you login via
OAuth2 SSO, and when you are redirected back you are not presented with
the original URL. This is due to not accounting for the destination URL
in the `onSignIn()` methods for the OAuth2 User/Agent backends. This adds
a ternary statement that uses the dest URL from the session, otherwise
it defaults to the base URL.
This addresses an issue where `msad` schemas can return `false` when
calling `current()` on an LDAP search result. We do not check if
`current()` is false before attempting to call `dn()` on it so this adds
a check to see if `current()` returns a value before using it.
This commit addresses an issue where Refersh Token expires after
90 days for users using Office 365 as the provider.

It turns out Microsoft (Office 365) issues a new Refresh Token
everytime Access Token is refreshed, otherwise the original Refresh
Token expires after 90 days from the time it was issued.

This commit adds the logic to update Refresh Token while refreshing Access
Token, **if reissued**.
This issue has been discussed in the following forum post
https://forum.osticket.com/d/101462-oauth2-shared-mailboxes/34

This push fixes and resolves the issue so that the
**`resource_owner_email`** is set correctly as the **Shared Mailbox**
email on the **_Remote Mailbox_** tab and the **User Mailbox / Global
Admin** is set on the **_Outgoing (SMTP)_** tab.

The logic for this is

- To pickup emails you need to use the email address of the account that
  emails were sent to, this can either be a **User Mailbox** or a
**Shared Mailbox**.
- To send emails a **_Licenced Microsoft 365 User Mailbox_** must be
  used, so the emails are sent from the **User Mailbox** account that is
used to authenticate the **Shared Mailbox** or the actual **User
Mailbox** on the Microsoft 365 OAuth2 challenge.

If using Shared Mailboxes, the User Mailbox account that is used to send
emails is often referred to as a **Service Account** or a **Global
Admin** account.  This account needs to have permissions to be able to
access and send emails on behalf of the Shared Mailbox(es) that you
configure on your osTicket configuration.
This commit simply cleans up the logic in commit `231acddb1` to make sure it only targets
Office 365 Accounts as intended.
This is a temp hack to delegate strict matching mode checking to
provider.
This commit reverses changes added in 512d93d to remove Application
logic from plugin level. Core osTicket will handle Shared Mailbox logic
going forward.
This resolves and issue where when hydrating the S3 plugin it's still
including uneeded dependencies even though the plugin info includes the
script and extra tags. This is due to `make.php` not taking those into
account when resolving the dependencies. This updates the
`resolveDependencies` method to account for the scripts and extra tags
and will include them if found. This also addresses an small issue
where the extra value needs to be an array otherwise it causes fatal
error.
This adds the OAuth2 Authentication defaults for Okta provider. This
will make Okta setup a little easier.
This is the second part to the main core pull that fixes an issue where
using any other language than English and attempting to export `All`
events for a specific object fails. This removes the translation method
from the instances that do not need it and cause issues.
This addresses PHP 8.1 compatibilty issues with the LDAP plugin. Since
the LDAP resources were converted to LDAP\Connection, LDAP\Result, and
LDAP\ResultEntry objects respectively, the previous `is_resource()`
checks fail. This updates all relevant cases of `is_resource()` to `!==
false` checks to make LDAP plugin compatible with PHP 8.1.
This addresses an error reported in 270 where we are attempting to call
`dn()` on `$r->current()` but `current()` can sometimes return `false`.
This adds a check for `!$r->current()` before continuing to `dn()`. See
similar issue here: 260
This is a commit that goes along with a core commit for password length.
We should limit passwords to minimum of 1 and maximum of 128.
This addresses an issue where `ldap://` and `ldaps://` gets stripped
from the hostname by weak REGEX. This updates the REGEX to make it
account for `ldap://` and `ldaps://` so that it remains as part of the
hostname. This will allow people to typehint LDAPS connections.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.