<?php
// $Id: ldapprov_sip.module,v 1.7 2008-10-09 08:04:07 miglius Exp $

/**
 * @file
 * Adds LDAP SIP extensions upon creation of a new usere via LDAP provisioning
 */

//////////////////////////////////////////////////////////////////////////////

define('LDAPPROV_SIP_ENABLED', variable_get('ldapprov_sip_enabled', FALSE));
define('LDAPPROV_SIP_NAME',    variable_get('ldapprov_sip_name', '!name_!ldap_ou'));
define('LDAPPROV_SIP_ENTRY',   variable_get('ldapprov_sip_entry', "objectClass: astSipGeneric\nobjectClass: astSipUser\nobjectClass: astSipPeer\nobjectClass: astVoicemail\nastname: !sip_name\nastMd5Secret: !sip_pass\nastHost: dynamic\nastContext: default\nastNat: yes\nastCanReinvite: yes\nastVoicemailContext: default\nastVoicemailVoiceboxNr: !sip_name\nastVoicemailPassword: !sip_voicemail_pass\nastipaddr: 0.0.0.0\nastPort: 5060\nastRegseconds: 3600\nastUsername: !sip_name"));

define('LDAPPROV_SIP_OBJECTCLASS', 'astSipUser');

//////////////////////////////////////////////////////////////////////////////
// Core API hooks

/**
 * Implementation of hook_menu().
 */
function ldapprov_sip_menu() {
  return array(
    'admin/settings/ldap/ldapprov/sip' => array(
      'title' => 'SIP',
      'description' => 'Configure LDAP provisioning SIP settings.',
      'page callback' => 'drupal_get_form',
      'page arguments' => array('ldapprov_sip_admin_settings'),
      'access arguments' => array('administer site configuration'),
      'file' => 'ldapprov_sip.admin.inc',
    ),
  );
}

/**
 * Implementation of hook_user().
 */
function ldapprov_sip_user($op, &$edit, &$account, $category = NULL) {
  if (LDAPPROV_ENABLED && LDAPPROV_SIP_ENABLED) {
    switch ($op) {
      case 'view':
        if (isset($account->ldap_authentified) && _ldapprov_sip_check($account)) {
          return _ldapprov_sip_user_view($account);
        }
        break;
      case 'form':
        if (isset($account->ldap_authentified) && _ldapprov_sip_check($account) && $category == 'account') {
          $form['sip'] = array(
            '#type' => 'fieldset',
            '#title' => t('SIP settings'),
            '#collapsible' => TRUE,
            '#collapsed' => FALSE,
            '#weight' => 4,
          );
          $form['sip']['voice_mail_pass'] = array(
            '#type' => 'textfield',
            '#title' => t('Voice mail password'),
            '#default_value' => _ldapprov_sip_get_voicemail_pass($account),
            '#size' => 5,
            '#maxlength' => 4,
            '#description' => t('Your four digits voice mail password.'),
          );

          return $form;
        }
        break;
      case 'validate':
        if (isset($account->ldap_authentified) && _ldapprov_sip_check($account) && $category == 'account') {
          if (!preg_match('/\d\d\d\d/', $edit['voice_mail_pass'])) {
            form_set_error('voice_mail_pass', t('The voice mail password should be four digits.'));
          }
        }
        break;
      case 'submit':
        if (isset($account->ldap_authentified) && $category == 'account') {
          _ldapprov_sip_user_submit($account, $edit);
        }
        break;
    }
  }
}

//////////////////////////////////////////////////////////////////////////////
// ldapprov hooks

/**
 * Implementation of hook_ldapuser().
 */
function ldapprov_sip_ldapuser(&$account) {
  if (LDAPPROV_SIP_ENABLED) {
    global $_ldapprov_ldap;

    $name_vars['!name'] = isset($account->new_name) ? $account->new_name : $account->name;
    $name_vars['!ou'] = preg_replace('/.*ou=([^,]+),.*/', '\1', $_ldapprov_ldap->getOption('basedn'));
    $sip_name = _ldapprov_sip_name($account);
    $sip_pass = _ldapprov_sip_password($sip_name, $account->clear_pass);

    $sip_voicemail_pass = '';
    for ($i = 0; $i < 4; $i++) {
      $sip_voicemail_pass .= mt_rand(0, 9);
    }

    $sip_vars['!sip_name'] = $sip_name;
    $sip_vars['!sip_pass'] = $sip_pass;
    $sip_vars['!sip_voicemail_pass'] = $sip_voicemail_pass;

    foreach (explode("\n", LDAPPROV_SIP_ENTRY) as $line) {
      $line = str_replace("\r", '', $line);
      if (preg_match('/^\s*$/', $line) || preg_match('/^#.*$/', $line)) {
        continue;
      }
      list($attr, $var) = explode(': ', $line);
      $ldif[$attr][] = strtr($var, $sip_vars);
    }

    // Print ldif if debugging is enabled.
    if (LDAPPROV_DEBUG) {
      $ldif_out = '';
      foreach ($ldif as $key => $val) {
        foreach ($val as $k => $v) {
          $ldif_out .= "$key: $v<br />";
        }
      }
      drupal_set_message($ldif_out);
    }

    if (!$_ldapprov_ldap->connect(LDAPPROV_DN, LDAPPROV_PASS)) {
      watchdog('ldapprov_sip', 'User create: user data could not be written in the LDAP directory. Could not bind as %dn.', array('%dn' => LDAPPROV_DN), WATCHDOG_ERROR);
      return;
    }

    $oc = $_ldapprov_ldap->retrieveMultiAttribute($account->ldap_dn, 'objectClass');
    $ldif['objectClass'] = array_merge($oc, $ldif['objectClass']);
    $_ldapprov_ldap->writeAttributes($account->ldap_dn, $ldif);

    $_ldapprov_ldap->disconnect();
  }
}

//////////////////////////////////////////////////////////////////////////////
// Misc functions

/**
 * Sets SIP name.
 */
function _ldapprov_sip_name(&$account) {
  global $_ldapprov_ldap;

  $name_vars['!name'] = isset($account->new_name) ? $account->new_name : $account->name;
  $name_vars['!ldap_ou'] = preg_replace('/.*ou=([^,]+),.*/', '\1', $_ldapprov_ldap->getOption('basedn'));
  $sip_name = strtr(LDAPPROV_SIP_NAME, $name_vars);

  return $sip_name;
}

/*
 * Sets SIP password
 */
function _ldapprov_sip_password($sip_name, $pass) {
  return md5($sip_name .':asterisk:'. $pass);
}

/**
 * Checks if a user has SIP extensions.
 */
function _ldapprov_sip_check(&$account) {
  global $_ldapprov_ldap;

  if (!$_ldapprov_ldap->connect(LDAPPROV_DN, LDAPPROV_PASS)) {
    watchdog('ldapprov_sip', 'User view: user data could not be read in the LDAP directory. Could not bind as %dn.', array('%dn' => LDAPPROV_DN), WATCHDOG_ERROR);
    return;
  }

  $oc = $_ldapprov_ldap->retrieveMultiAttribute($account->ldap_dn, 'objectClass');
  $_ldapprov_ldap->disconnect();

  return in_array(LDAPPROV_SIP_OBJECTCLASS, $oc);
}

/**
 * Prints SIP information in profile.
 */
function _ldapprov_sip_user_view(&$account) {
  global $_ldapprov_ldap;

  if (!$_ldapprov_ldap->connect(LDAPPROV_DN, LDAPPROV_PASS)) {
    watchdog('ldapprov_sip', 'User view: user data could not be read in the LDAP directory. Could not bind as %dn.', array('%dn' => LDAPPROV_DN), WATCHDOG_ERROR);
    return;
  }

  $sip_name = $_ldapprov_ldap->retrieveAttribute($account->ldap_dn, 'astName');

  $_ldapprov_ldap->disconnect();

  if ($sip_name) {
    $item[] = array('title' => t('SIP number'), 'value' => '<a href="sip:'. $sip_name .'">'. $sip_name .'</a>', 'class' => 'sip');
    $ret = array(t('SIP') => $item);
  }

  return $ret;
}

/**
 * Gets voicemail password.
 */
function _ldapprov_sip_get_voicemail_pass(&$account) {
  global $_ldapprov_ldap;

  if (!$_ldapprov_ldap->connect(LDAPPROV_DN, LDAPPROV_PASS)) {
    watchdog('ldapprov_sip', 'User view: user data could not be written in the LDAP directory. Could not bind as %dn.', array('%dn' => LDAPPROV_DN), WATCHDOG_ERROR);
    return;
  }

  $voicemail_pass = $_ldapprov_ldap->retrieveAttribute($account->ldap_dn, 'astVoicemailPassword');

  $_ldapprov_ldap->disconnect();

  return $voicemail_pass;
}

/**
 * Saves sip extensions.
 */
function _ldapprov_sip_user_submit(&$account, &$edit) {
  global $_ldapprov_ldap;

  $sip_extensions = _ldapprov_sip_check($account);

  if ($sip_extensions) {
    if (!$_ldapprov_ldap->connect(LDAPPROV_DN, LDAPPROV_PASS)) {
      watchdog('ldapprov_sip', 'User edit: user data could not be written in the LDAP directory. Could not bind as %dn.', array('%dn' => LDAPPROV_DN), WATCHDOG_ERROR);
      return;
    }

    if (isset($edit['voice_mail_pass'])) {
      $_ldapprov_ldap->writeAttributes($account->ldap_dn, array('astVoicemailPassword' => $edit['voice_mail_pass']));
    }

    $sip_vars = array();
    if (isset($edit['name']) && $account->name != $edit['name']) {
      $account->new_name = $edit['name'];
      $sip_name = _ldapprov_sip_name($account);
      $sip_vars['!sip_name'] = $sip_name;
    }
    else {
      $sip_name = $_ldapprov_ldap->retrieveAttribute($account->ldap_dn, 'astName');
    }

    if (isset($edit['pass'])) {
      $sip_vars['!sip_pass'] = _ldapprov_sip_password($sip_name, $edit['pass']);
    }

    if (!empty($sip_vars)) {
      foreach (explode("\n", LDAPPROV_SIP_ENTRY) as $line) {
        $line = str_replace("\r", '', $line);
        if (preg_match('/^\s*$/', $line) || preg_match('/^#.*$/', $line)) {
          continue;
        }
        list($attr, $var) = explode(': ', $line);
        foreach ($sip_vars as $key => $sip_var) {
          if (preg_match('/'. $key .'/', $var)) {
            $ldif[$attr][] = strtr($var, $sip_vars);
          }
        }
      }

      if (is_array($ldif)) {
        $_ldapprov_ldap->writeAttributes($account->ldap_dn, $ldif);
      }
    }

    $_ldapprov_ldap->disconnect();
  }
  else {
    // create sip extensions.
    // the sip password will be saved only on drupal password change.
    if (isset($edit['name']) && $account->name != $edit['name']) {
      $account->new_name = $edit['name'];
    }
    $account->clear_pass = $edit['pass'];

    ldapprov_sip_ldapuser($account);
  }
}