I'am a bit confused about sys_* values in database. Example data: table: client PHP: Array( [client_id] => 261 [sys_userid] => 1 [sys_groupid] => 1 [sys_perm_user] => riud [sys_perm_group] => riud [sys_perm_other] =><...>) table: sys_group PHP: Array( [groupid] => 262 [name] => user [description] => test [client_id] => 261) table: web_domain PHP: Array(<...> [sys_userid] => 262 [sys_grouip] => 262<...>) Take a look at "client" table data. It has sys_userid and sys_groupid as 1. And all user has it. Is this normal?
Yes, that's normal and as it should be. The sys_* values describe who owns a record, the ownership works similar to Linux file ownerships, there is a user and a group ownership where the users are in sys_user and the group is in sys_group. Each client has a group and you can look up the group of a client in sys_group table by client_id. The client database record itself is owned by the admin as you are the admin it's your client; if the client would own its own client record, he would be able to change his own limits, which makes no sense.
Seems logical. But at the moment I face interesting problem with API. Call "mail_user_add" has "../mail/form/mail_user.tform.php" which has code: PHP: if(!$app->auth->is_admin()) { $client_group_id = $_SESSION['s']['user']['default_group']; $client = $app->db->queryOneRecord("SELECT limit_mail_backup FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id); if($client['limit_mail_backup'] != 'y') $backup_available = false;} This code seems takes admin user ID for sys_groupid value in mail_user table. And it is hardcoded, because if I explicitly say API to use 'sys_groupid' for new mail user account, it is still defaults to 1. And 1 is for admin user which is API user . And correct sys_groupid matters when I query mailboxes by user_id. At the moment I guess I will modify "mail_user_add" API call to remove that check, as all action is performed only via API.
That's not what this code is doing. You can not set a sys_groupid via API in any function. sys_* records do not get passed in $params array at all, if you pass them, they will get ignored. The ownership of a record when you use the API is set by $client_id parameter in the API call, it is not set in $params array. and take care to not mix up group ID#s and client ID's, that's tow different things as I explained in my first answer.
Ok, but than how to list mailboxes by user ID? This API call: PHP: public function mail_user_get_all_by_client($session_id, $client_id) { global $app; if(!$this->checkPerm($session_id, 'mail_user_get_all_by_client')) { throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.'); return false; } $app->uses('remoting_lib'); $sql = "SELECT u.* FROM `mail_user` u LEFT JOIN `sys_group` g ON (u.sys_groupid=g.groupid) WHERE g.client_id=?"; $params[] = $client_id; $result = $app->db->queryAllRecords($sql, true, $params); return $result; }
You can use the *_get() functions in the API to search by any value incl. wildcard searches, see: https://forum.howtoforge.com/threads/api-listing-functions.89185/#post-437306 https://forum.howtoforge.com/threads/rest-api-get-all-active-domains.79073/#post-374092 https://forum.howtoforge.com/threads/remote-client-retrieve-zone-info-by-domain-name.74707/
I believe there is no other identifiers like sys_groupid to distinguish record owner in 'mail_user' table. Probably I could grab mailboxes by part of email address... %domain%
You can select them either by sys_groupid, the sys_groupid of dependant records like mailboxes must be the same as the sys_groupid of the email domain, so your issue might just be that you created the mail_domain as wrong user. which means that the mail_users inherit the ownership from mail_domain. But you can also select them by domain, this all depends on how your application works that uses the API.
mail_domain record has sys_groupid and sys_userid 262 . If I create mailbox via ISPC directly - all goes fine, but if via API, that ID 1 is assigned to sys_groupid for mailbox.
This is it! I have NOT set client_id while doing API call. Usually it should fail with SOAP error. Anyway, yet again my blunders took your time. Thank you for patience.
No, it will default to admin unless a different valid client ID is set as the API itself is 'admin'. So it's the same as in the GUI; if you are logged in as admin and do not select that, e.g., a client shall own a website, then it is owned by the admin.
Last question while we are in momentum: why mail_user 'password' field changes even if I don't send any new password? Does it by default generates random password if none is provided upon mailbox update?
The password field does not change, unless you submit a new password during update. And a new password means a non empty password field. My guess is that you are sending something in password field when you update the record, take care that the password field is empty if you do not want to alter the password.
