From 191b575ab28cf1fa4753211a7a95437be9618aeb Mon Sep 17 00:00:00 2001
From: downtownallday <downtownallday@gmail.com>
Date: Tue, 25 Aug 2020 16:33:06 -0400
Subject: [PATCH 1/4] Add a display name for users, saved as 'cn' in LDAP

---
 management/daemon.py            | 12 ++++++--
 management/mailconfig.py        | 36 +++++++++++++++++++----
 management/templates/users.html | 52 ++++++++++++++++++++++++++++++---
 3 files changed, 89 insertions(+), 11 deletions(-)

diff --git a/management/daemon.py b/management/daemon.py
index 56888fa2..46c84778 100755
--- a/management/daemon.py
+++ b/management/daemon.py
@@ -6,7 +6,7 @@ from functools import wraps
 from flask import Flask, request, render_template, abort, Response, send_from_directory, make_response
 
 import auth, utils, multiprocessing.pool
-from mailconfig import get_mail_users, get_mail_users_ex, get_admins, add_mail_user, set_mail_password, remove_mail_user
+from mailconfig import get_mail_users, get_mail_users_ex, get_admins, add_mail_user, set_mail_password, set_mail_display_name, remove_mail_user
 from mailconfig import get_mail_user_privileges, add_remove_mail_user_privilege
 from mailconfig import get_mail_aliases, get_mail_aliases_ex, get_mail_domains, add_mail_alias, remove_mail_alias
 
@@ -154,7 +154,7 @@ def mail_users():
 @authorized_personnel_only
 def mail_users_add():
 	try:
-		return add_mail_user(request.form.get('email', ''), request.form.get('password', ''), request.form.get('privileges', ''), env)
+		return add_mail_user(request.form.get('email', ''), request.form.get('password', ''), request.form.get('privileges', ''), request.form.get('display_name', ''), env)
 	except ValueError as e:
 		return (str(e), 400)
 
@@ -166,6 +166,14 @@ def mail_users_password():
 	except ValueError as e:
 		return (str(e), 400)
 
+@app.route('/mail/users/display_name', methods=['POST'])
+@authorized_personnel_only
+def mail_users_display_name():
+	try:
+		return set_mail_display_name(request.form.get('email', ''), request.form.get('display_name', ''), env)
+	except ValueError as e:
+		return (str(e), 400)
+
 @app.route('/mail/users/remove', methods=['POST'])
 @authorized_personnel_only
 def mail_users_remove():
diff --git a/management/mailconfig.py b/management/mailconfig.py
index 1e6cd79f..078ec809 100755
--- a/management/mailconfig.py
+++ b/management/mailconfig.py
@@ -201,14 +201,15 @@ def get_mail_users(env, as_map=False):
 	# is the user and value is a dict having, dn, maildrop and
 	# mail addresses
 	c = open_database(env)
-	pager = c.paged_search(env.LDAP_USERS_BASE, "(objectClass=mailUser)", attributes=['maildrop','mail'])
+	pager = c.paged_search(env.LDAP_USERS_BASE, "(objectClass=mailUser)", attributes=['maildrop','mail','cn'])
 	if as_map:
 		users = {}
 		for rec in pager:
 			users[rec['maildrop'][0]] = {
 				"dn":   rec['dn'],
 				"mail": rec['mail'],
-				"maildrop": rec['maildrop'][0]
+				"maildrop": rec['maildrop'][0],
+				"display_name": rec['cn'][0]
 			}
 		return users
 	else:
@@ -228,6 +229,7 @@ def get_mail_users_ex(env, with_archived=False):
 	#         email: "name@domain.tld",
 	#         privileges: [ "priv1", "priv2", ... ],
 	#         status: "active" | "inactive",
+	#         display_name: ""
 	#       },
 	#       ...
 	#     ]
@@ -239,16 +241,18 @@ def get_mail_users_ex(env, with_archived=False):
 	users = []
 	active_accounts = set()
 	c = open_database(env)
-	response = c.wait( c.search(env.LDAP_USERS_BASE, "(objectClass=mailUser)", attributes=['maildrop','mailaccess']) )
+	response = c.wait( c.search(env.LDAP_USERS_BASE, "(objectClass=mailUser)", attributes=['maildrop','mailaccess','cn']) )
 
 	for rec in response:
 		email = rec['maildrop'][0]
 		privileges = rec['mailaccess']
+		display_name = rec['cn'][0]
 		active_accounts.add(email)
 		user = {
 			"email": email,
 			"privileges": privileges,
 			"status": "active",
+			"display_name": display_name
 		}
 		users.append(user)
 
@@ -266,6 +270,7 @@ def get_mail_users_ex(env, with_archived=False):
 						"privileges": [],
 						"status": "inactive",
 						"mailbox": mbox,
+						"display_name": ""
 					}
 					users.append(user)
 
@@ -615,13 +620,14 @@ def remove_mail_domain(env, domain, validate=True):
 	return True
 
 
-def add_mail_user(email, pw, privs, env):
+def add_mail_user(email, pw, privs, display_name, env):
 	# Add a new mail user.
 	#
 	# email: the new user's email address
 	# pw: the new user's password
 	# privs: either an array of privilege strings, or a newline
 	# separated string of privilege names
+	# display_name: a string with users givenname and surname (eg "Al Woods")
 	#
 	# If an error occurs, the function returns a tuple of (message,
 	# http-status).
@@ -673,7 +679,10 @@ def add_mail_user(email, pw, privs, env):
 	uid = m.hexdigest()
 
 	# choose a common name and surname (required attributes)
-	cn = email.split("@")[0].replace('.',' ').replace('_',' ')
+	if display_name:
+		cn = display_name
+	else:
+		cn = email.split("@")[0].replace('.',' ').replace('_',' ')
 	sn = cn[cn.find(' ')+1:]
 	
 	# compile user's attributes
@@ -723,6 +732,23 @@ def set_mail_password(email, pw, env):
 
 	return "OK"
 
+def set_mail_display_name(email, display_name, env):
+	# validate arguments
+	if not display_name or display_name.strip() == "":
+		return ("Display name may not be empty!", 400)
+	
+	# find the user
+	conn = open_database(env)
+	user = find_mail_user(env, email, ['cn', 'sn'], conn)
+	if user is None:
+		return ("That's not a user (%s)." % email, 400)
+
+	# update cn and sn
+	sn = display_name[display_name.strip().find(' ')+1:]
+	conn.modify_record(user, {'cn': display_name.strip(), 'sn': sn})
+	
+	return "OK"
+
 def validate_login(email, pw, env):
 	# Validate that `email` exists and has password `pw`.
 	# Returns True if valid, or False if invalid.
diff --git a/management/templates/users.html b/management/templates/users.html
index 78fef61a..f23adad2 100644
--- a/management/templates/users.html
+++ b/management/templates/users.html
@@ -15,20 +15,30 @@
 
 <form class="form-inline" role="form" onsubmit="return do_add_user(); return false;">
   <div class="form-group">
+    <div>User (email address)</div>
     <label class="sr-only" for="adduserEmail">Email address</label>
     <input type="email" class="form-control" id="adduserEmail" placeholder="Email Address">
   </div>
   <div class="form-group">
+    <div>Password</div>
     <label class="sr-only" for="adduserPassword">Password</label>
     <input type="password" class="form-control" id="adduserPassword" placeholder="Password">
   </div>
   <div class="form-group">
+    <div>Privilege</div>
     <select class="form-control" id="adduserPrivs">
       <option value="">Normal User</option>
       <option value="admin">Administrator</option>
     </select>
   </div>
-  <button type="submit" class="btn btn-primary">Add User</button>
+  <div class="form-group">
+    <div>Display Name</div>
+    <input id="adduserDisplayName" class="form-control" type="text" placeholder="eg: John Smith">
+  </div>
+  <div class="text-center">
+    <div>&nbsp;</div>    
+    <button type="submit" class="btn btn-primary">Add User</button>
+  </div>
 </form>
 <ul style="margin-top: 1em; padding-left: 1.5em; font-size: 90%;">
   <li>Passwords must be at least eight characters consisting of English lettters and numbers only. For best results, <a href="#" onclick="return generate_random_password()">generate a random password</a>.</li>
@@ -52,7 +62,8 @@
 <div style="display: none">
   <table>
   <tr id="user-template">
-    <td class='address'>
+    <td>
+      <span class="address"></span> <span class="display_name_wrapper">(<a class="display_name" href="#" onclick="users_set_displayname(this); return false;" title="Change display name"></a>)</span>
     </td>
     <td class='actions'>
         <span class='privs'>
@@ -152,7 +163,13 @@ function show_users() {
           n2.addClass("account_" + user.status);
 
           n.attr('data-email', user.email);
-          n.find('.address').text(user.email)
+          n.find('.address').text(user.email);
+          if (user.status == "inactive") {
+            n.find('.display_name_wrapper').text('[archived]');
+          }
+          else {
+            n.find('.display_name').text(user.display_name);
+          }
           n2.find('.restore_info tt').text(user.mailbox);
 
           if (user.status == 'inactive') continue;
@@ -181,13 +198,15 @@ function do_add_user() {
   var email = $("#adduserEmail").val();
   var pw = $("#adduserPassword").val();
   var privs = $("#adduserPrivs").val();
+  var display_name = $("#adduserDisplayName").val();
   api(
     "/mail/users/add",
     "POST",
     {
       email: email,
       password: pw,
-      privileges: privs
+      privileges: privs,
+      display_name: display_name
     },
     function(r) {
       // Responses are multiple lines of pre-formatted text.
@@ -229,6 +248,31 @@ function users_set_password(elem) {
     });
 }
 
+function users_set_displayname(elem) {
+  var email = $(elem).parents('tr').attr('data-email');
+  var display_name = $(elem).text();
+  show_modal_confirm(
+      "Change Display Name",
+      $('<p>Change display name of ' + email + ' (' + display_name + ')?</p> <p><label for="users_set_displayname_name">New display name:</label><input type="text" id="users_set_displayname_name" value="' + display_name + '" placeholder="eg: Mary Jay" onfocus="this.select();"></p>'),
+      "Change Display Name",
+      function() {
+          api("/mail/users/display_name",
+              "POST",
+              {
+                  email: email,
+                  display_name: $('#users_set_displayname_name').val()
+              },
+              function(r) {
+                  // Responses are multiple lines of pre-formatted text.
+                  show_modal_error("Change Display Name", $("<pre/>").text(r));
+                  show_users();
+              },
+              function(r) {
+                  show_modal_error("Change Display Name", r);
+              });
+      });
+}
+
 function users_remove(elem) {
   var email = $(elem).parents('tr').attr('data-email');
 

From 2b2856b517e911cb4c1a5f315ba7d8f0168ffe1f Mon Sep 17 00:00:00 2001
From: downtownallday <downtownallday@gmail.com>
Date: Tue, 25 Aug 2020 16:33:20 -0400
Subject: [PATCH 2/4] Fix wording

---
 ehdd/mount.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ehdd/mount.sh b/ehdd/mount.sh
index 36accea9..10a9509c 100755
--- a/ehdd/mount.sh
+++ b/ehdd/mount.sh
@@ -3,7 +3,7 @@
 . "ehdd/ehdd_funcs.sh" || exit 1
 
 if [ ! -e "$EHDD_IMG" ]; then
-    echo "No ecrypted HDD not found at $EHDD_IMG, not mounting"
+    echo "No ecrypted HDD found at $EHDD_IMG, not mounting"
     exit 0
 fi
 

From 5eb008cae98415394cf7132cca443d0e744cab2e Mon Sep 17 00:00:00 2001
From: downtownallday <downtownallday@gmail.com>
Date: Tue, 25 Aug 2020 16:34:56 -0400
Subject: [PATCH 3/4] Skip system updates if SKIP_SYSTEM_UPDATE environment
 variable is set to "1"

---
 setup/system.sh                      | 10 ++++++----
 tests/system-setup/setup-defaults.sh |  1 +
 tests/system-setup/setup-funcs.sh    |  2 +-
 3 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/setup/system.sh b/setup/system.sh
index 4d33deb6..db399e12 100755
--- a/setup/system.sh
+++ b/setup/system.sh
@@ -99,15 +99,17 @@ hide_output add-apt-repository -y ppa:certbot/certbot
 # of things from Ubuntu, as well as the directory of packages provide by the
 # PPAs so we can install those packages later.
 
-echo Updating system packages...
-hide_output apt-get update
-apt_get_quiet upgrade
+if [ "$SKIP_SYSTEM_UPDATE" != "1" ]; then
+	echo Updating system packages...
+	hide_output apt-get update
+	apt_get_quiet upgrade
 
 # Old kernels pile up over time and take up a lot of disk space, and because of Mail-in-a-Box
 # changes there may be other packages that are no longer needed. Clear out anything apt knows
 # is safe to delete.
 
-apt_get_quiet autoremove
+	apt_get_quiet autoremove
+fi
 
 # ### Install System Packages
 
diff --git a/tests/system-setup/setup-defaults.sh b/tests/system-setup/setup-defaults.sh
index d36612e9..f9a4330e 100755
--- a/tests/system-setup/setup-defaults.sh
+++ b/tests/system-setup/setup-defaults.sh
@@ -4,6 +4,7 @@
 export PRIMARY_HOSTNAME=${PRIMARY_HOSTNAME:-$(hostname --fqdn || hostname)}
 export NONINTERACTIVE=${NONINTERACTIVE:-1}
 export SKIP_NETWORK_CHECKS=${SKIP_NETWORK_CHECKS:-1}
+export SKIP_SYSTEM_UPDATE=${SKIP_SYSTEM_UPDATE:-1}
 export STORAGE_USER="${STORAGE_USER:-user-data}"
 export STORAGE_ROOT="${STORAGE_ROOT:-/home/$STORAGE_USER}"
 export EMAIL_ADDR="${EMAIL_ADDR:-qa@abc.com}"
diff --git a/tests/system-setup/setup-funcs.sh b/tests/system-setup/setup-funcs.sh
index 3e053450..ca13abfb 100755
--- a/tests/system-setup/setup-funcs.sh
+++ b/tests/system-setup/setup-funcs.sh
@@ -84,7 +84,7 @@ init_test_system() {
     # is upgraded through automatic upgrades (because maybe MiaB was
     # previously installed), it may cause problems with the rest of
     # the setup, such as with name resolution failures
-    if is_false "$TRAVIS"; then
+    if is_false "$TRAVIS" && [ "$SKIP_SYSTEM_UPDATE" != "1" ]; then
         H2 "apt-get upgrade"
         wait_for_apt
         apt-get upgrade -qq || die "apt-get upgrade failed!"

From 07d83d1e5c6d85b34b9adfd350cdb459f2fb60a5 Mon Sep 17 00:00:00 2001
From: downtownallday <downtownallday@gmail.com>
Date: Tue, 25 Aug 2020 16:36:01 -0400
Subject: [PATCH 4/4] Make installed state comparisons ignore new user and
 alias attributes when comparing MiaB to MiaB-LDAP

---
 tests/lib/installed-state.sh                | 50 ++++++++++++++++++---
 tests/system-setup/upgrade-from-upstream.sh |  7 ++-
 2 files changed, 50 insertions(+), 7 deletions(-)

diff --git a/tests/lib/installed-state.sh b/tests/lib/installed-state.sh
index 84e81bc6..c0cab40f 100644
--- a/tests/lib/installed-state.sh
+++ b/tests/lib/installed-state.sh
@@ -25,6 +25,7 @@ installed_state_capture() {
     H2 "create info.txt"
     echo "STATE_VERSION=1" > "$info"
     echo "GIT_VERSION='$(git describe --abbrev=0)'" >>"$info"
+    echo "GIT_ORIGIN='$(git remote -v | grep ^origin | grep 'fetch)$' | awk '{print $2}')'" >>"$info"
     echo "MIGRATION_VERSION=$(cat "$STORAGE_ROOT/mailinabox.version")" >>"$info"
 
     # record users
@@ -43,8 +44,7 @@ installed_state_capture() {
         echo "Unable to get aliases: rc=$? err=$REST_ERROR" 1>&2
         return 2
     fi
-    # ignore/exclude the alias description field
-    echo "$REST_OUTPUT" | grep -v '"description":' > "$state_dir/aliases.json"
+    echo "$REST_OUTPUT" > "$state_dir/aliases.json"
 
     # record dns config
     H2 "record dns details"
@@ -71,9 +71,46 @@ installed_state_compare() {
     local changed="false"
 
     H1 "COMPARE STATES: $(basename "$s1") VS $(basename "$2")"
-    H2 "Users"
+
+    #
+    # determine compare type id (incorporating repo, branch, version, etc)
+    #
+    local compare_type="all"
+    
+    source "$s2/info.txt"
+    if grep "mailinabox-ldap.git" <<<"$GIT_ORIGIN" >/dev/null; then
+        GIT_ORIGIN=""
+        source "$s1/info.txt"
+        if ! grep "mailinabox-ldap.git" <<<"$GIT_ORIGIN" >/dev/null; then
+            compare_type="miab2miab-ldap"
+        fi
+    fi
+    echo "Compare type: $compare_type"
+
+    #
+    # filter data for compare type
+    #
+    cp "$s1/users.json" "$s1/users-cmp.json" || changed="true"
+    cp "$s1/aliases.json" "$s1/aliases-cmp.json" || changed="true"
+    cp "$s2/users.json" "$s2/users-cmp.json" || changed="true"
+    cp "$s2/aliases.json" "$s2/aliases-cmp.json" || changed="true"
+    
+    if [ "$compare_type" == "miab2miab-ldap" ]
+    then
+        # user display names is a feature added to MiaB-LDAP that is
+        # not in MiaB
+        grep -v '"display_name":' "$s2/users.json" > "$s2/users-cmp.json" || changed="true"
+
+        # alias descriptions is a feature added to MiaB-LDAP that is
+        # not in MiaB
+        grep -v '"description":' "$s2/aliases.json" > "$s2/aliases-cmp.json" || changed="true"        
+    fi    
+    
+    #
     # users
-    output="$(diff "$s1/users.json" "$s2/users.json" 2>&1)"
+    #
+    H2 "Users"
+    output="$(diff "$s1/users-cmp.json" "$s2/users-cmp.json" 2>&1)"
     if [ $? -ne 0 ]; then
         changed="true"
         echo "USERS ARE DIFFERENT!"
@@ -82,8 +119,11 @@ installed_state_compare() {
         echo "No change"
     fi
 
+    #
+    # aliases
+    #
     H2 "Aliases"
-    output="$(diff "$s1/aliases.json" "$s2/aliases.json" 2>&1)"
+    output="$(diff "$s1/aliases-cmp.json" "$s2/aliases-cmp.json" 2>&1)"
     if [ $? -ne 0 ]; then
         changed="true"
         echo "ALIASES ARE DIFFERENT!"
diff --git a/tests/system-setup/upgrade-from-upstream.sh b/tests/system-setup/upgrade-from-upstream.sh
index 779cf912..6ae4ac16 100755
--- a/tests/system-setup/upgrade-from-upstream.sh
+++ b/tests/system-setup/upgrade-from-upstream.sh
@@ -39,7 +39,7 @@ init() {
 }
 
 upstream_install() {
-    local upstream_dir="$HOME/mailinabox-upstream"
+    local upstream_dir="$1"
     H1 "INSTALL UPSTREAM"
     [ ! -x /usr/bin/git ] && apt-get install -y -qq git
     
@@ -132,14 +132,17 @@ then
     echo "Warning: MiaB-LDAP is already installed! Skipping installation of upstream"
 else
     # install upstream
-    upstream_install
+    upstream_dir="$HOME/mailinabox-upstream"
+    upstream_install "$upstream_dir"
     . /etc/mailinabox.conf
     
     # populate some data
     populate_by_name "${1:-basic}"
 
     # capture upstream state
+    pushd "$upstream_dir" >/dev/null
     installed_state_capture "/tmp/state/upstream"
+    popd >/dev/null
 fi
 
 # install miab-ldap and capture state