[ SEA-GHOST MINI SHELL]

Path : /scripts/
FILE UPLOADER :
Current File : //scripts/export_horde_contacts_to_vcf

#!/usr/local/cpanel/3rdparty/bin/perl
package scripts::export_horde_contacts_to_vcf;

# cpanel - scripts/export_horde_contacts_to_vcf    Copyright 2022 cPanel, L.L.C.
#                                                           All rights reserved.
# copyright@cpanel.net                                         http://cpanel.net
# This code is subject to the cPanel license. Unauthorized copying is prohibited

use cPstrict;

use parent qw{Cpanel::HelpfulScript};

use Clone                                  ();
use Cpanel::DAV::Principal                 ();
use Cpanel::DAV::Backend::HordeAddressBook ();
use Cpanel::Umask                          ();
use Cpanel::Slurper                        ();
use Cpanel::StringFunc::Trim               ();
use Cwd                                    ();
use MIME::Base64                           ();
use Text::VCardFast                        ();
use Whostmgr::Email                        ();
use Cpanel::AccessIds::ReducedPrivileges   ();
use Cpanel::DAV::Backend::DB::Horde        ();
use Cpanel::Security::Authz                ();

use constant _OPTIONS => ( 'out=s', 'user=s@' );

# OK, so what the Horde DB stores as data is not what they wind up being called
# in vcf files, so we need a translation mapping for when the names differ
# from what the DB name is or if there's extra parameters OR even if it is a
# multi-field.
my %db2vcf_map = (
    'imaddress'   => { key    => 'x-wv-id' },
    'spouse'      => { key    => 'x-spouse' },
    'alias'       => { key    => 'nickname' },
    'anniversary' => { key    => 'x-anniversary' },
    'tz'          => { params => { 'value' => ['text'] } },
    'cellphone'   => { key    => 'tel', params => { type => [qw{CELL VOICE}] } },
    'homephone'   => { key    => 'tel', params => { type => [qw{HOME VOICE}] } },
    'workphone'   => { key    => 'tel', params => { type => [qw{WORK VOICE}] } },
    'fax'         => { key    => 'tel', params => { type => ['FAX'] } },
    'homefax'     => { key    => 'tel', params => { type => [qw{HOME FAX}] } },
    'pager'       => { key    => 'tel', params => { type => ['PAGER'] } },
    'notes'       => { key    => 'note' },                     #seriously?
    'email'       => { params => { type => ['INTERNET'] } },
);

my @ignore_fields =
  qw{photo phototype logo logotype company department homestreet workstreet otherstreet homecity workcity othercity homeprovince workprovince otherprovince homepostalcode workpostalcode otherpostalcode homecountry workcountry othercountry radiophone smimepublickey workpob homepob otherpob yomifirstname yomilastname pgppublickey workphone2 firstname middlenames lastname nameprefix namesuffix manager imaddress2 imaddress3 homephone2 freebusyurl companyphone carphone assistant assistantphone id type};

# Some fields in vcf are synthesized from many DB fields.
my %extra_items = (
    'n'     => [ { 'name' => 'n',     'value' => [qw{lastname firstname middlenames nameprefix namesuffix}], 'format' => '?;?;?;?;?' } ],
    'fn'    => [ { 'name' => 'fn',    'value' => [qw{nameprefix firstname middlenames lastname namesuffix}], 'format' => '? ? ? ? ?' } ],
    'org'   => [ { 'name' => 'org',   'value' => [qw{company department}],                                   'format' => '?;?' } ],
    'photo' => [ { 'name' => 'photo', 'value' => 'photo',                                                    'params' => { 'encoding' => ['b'], 'type' => 'phototype' } } ],
    'logo'  => [ { 'name' => 'logo',  'value' => 'logo',                                                     'params' => { 'encoding' => ['b'], 'type' => 'logotype' } } ],
    'label' => [
        {
            'name'   => 'label',
            'value'  => [qw{homestreet homecity homeprovince homepostalcode}],
            'format' => '?=0A?, ? ?',                                            # Let's hope this works in other locales, haha
            'params' => {
                'type'     => ['HOME'],
                'encoding' => ['QUOTED-PRINTABLE'],
                'charset'  => ['UTF-8'],
            },
        },
        {
            'name'   => 'label',
            'value'  => [qw{workstreet workcity workprovince workpostalcode}],
            'format' => '?=0A?, ? ?',
            'params' => {
                'type'     => ['WORK'],
                'encoding' => ['QUOTED-PRINTABLE'],
                'charset'  => ['UTF-8'],
            },
        },
        {
            'name'   => 'label',
            'value'  => [qw{otherstreet othercity otherprovince otherpostalcode}],
            'format' => '?=0A?, ? ?',
            'params' => {
                'encoding' => ['QUOTED-PRINTABLE'],
                'charset'  => ['UTF-8'],
            },
        },
    ],
    'adr' => [
        {
            'name'   => 'adr',
            'value'  => [qw{homepob homestreet homecity homeprovince homepostalcode homecountry}],
            'format' => '?;;?;?;?;?;?',
            'params' => {
                'type' => ['HOME'],
            },
        },
        {
            'name'   => 'adr',
            'value'  => [qw{workpob workstreet workcity workprovince workpostalcode workcountry}],
            'format' => '?;;?;?;?;?;?',
            'params' => {
                'type' => ['WORK'],
            },
        },

    ],
);

__PACKAGE__->new(@ARGV)->run() if !caller;

sub run {
    my ($self) = @_;

    my $users  = $self->getopt('user');
    my $outdir = $self->getopt('out');
    my $abs    = Cwd::abs_path($outdir) if $outdir;
    $outdir = $abs ? $abs : $outdir;    # At least we tried

    die $self->help() if !defined $users || ref $users ne 'ARRAY';

    # The below check which is being nooped out is understandable in the
    # context of "a user wants to write to the DB". However, in this case we
    # are not going to write, instead only reading from the users' DBs in bulk.
    {
        no warnings qw{redefine};
        local *Cpanel::Security::Authz::verify_not_root = sub { };

        # Note, need to get all webmail users for this user too

        foreach my $user (@$users) {

            my $skinner = Cpanel::DAV::Principal->get_principal($user);
            my $dbh     = Cpanel::DAV::Backend::DB::Horde::get_dbh( $skinner->{'name'} );

            my $pops = Whostmgr::Email::list_pops_for($user);
            unshift @$pops, $user;

            foreach my $mailuser (@$pops) {
                $skinner = Cpanel::DAV::Principal->get_principal($mailuser) if $mailuser ne $user;
                my $vbooks = Cpanel::DAV::Backend::HordeAddressBook::get_addressbooks( $skinner, $dbh );
                my $vcf_hr = {
                    'objects' => [],
                };

                # Yep, the shared addressbook dupes em, so we have to de-dupe
                my %seen_obj_uids;

                foreach my $vbook ( @{ $vbooks->{data} } ) {
                    my $uid   = $vbook->{'uid'};
                    my $query = 'SELECT * FROM turba_objects WHERE owner_id in ( ?, ? )';
                    my ( $matches, $exception ) = Cpanel::DAV::Backend::DB::Horde::select_all( $dbh, $query, $skinner->{'name'}, $uid );
                    foreach my $record ( @{$matches} ) {
                        next if exists( $seen_obj_uids{ $record->{'object_uid'} } );
                        $seen_obj_uids{ $record->{'object_uid'} } = 1;

                        my $obj_hr = {
                            'type'       => 'vcard',
                            'properties' => {
                                'version' => [ { 'name' => 'version', 'value' => '2.1' } ],
                            }
                        };

                        # I would have used map here, but the values for the keys
                        # are all ARRAY, so you can push multiple onto the stack
                        # of values for any given key. Thus key => value overwrites.
                        my @params_filtered = grep {
                            my $param       = $_;
                            my $param_short = substr( $param, 7 );
                            $record->{$param} && index( $param, 'owner_' ) != 0 && !grep { $_ eq $param_short } @ignore_fields
                        } sort keys( %{$record} );
                        foreach my $param (@params_filtered) {

                            # object_ length = 7
                            my $param_truncated = substr( $param, 7 );
                            my $name            = $param_truncated;
                            if ( ref $db2vcf_map{$param_truncated} eq 'HASH' && $db2vcf_map{$param_truncated}->{key} ) {
                                $name = $db2vcf_map{$param_truncated}->{key};
                            }
                            my $struct = {
                                value => $record->{$param},
                                name  => $name,
                            };
                            $struct->{'params'} = $db2vcf_map{$param_truncated}->{'params'} if $db2vcf_map{$param_truncated}->{'params'};
                            if ( $obj_hr->{'properties'}{$name} ) {
                                push @{ $obj_hr->{'properties'}{$name} }, $struct;
                            }
                            else {
                                $obj_hr->{'properties'}{$name} = [$struct];
                            }
                        }

                        foreach my $item ( keys(%extra_items) ) {
                            my $arr = Clone::clone( $extra_items{$item} );
                            for ( my $i = 0; $i <= scalar(@$arr) - 1; $i++ ) {

                                if ( ref $arr->[$i]{'value'} eq 'ARRAY' ) {
                                    my $format = delete $arr->[$i]{'format'};
                                    foreach my $value ( @{ $arr->[$i]{'value'} } ) {
                                        my $actual = $record->{ 'object_' . $value } || '';
                                        my $sep    = $actual ? '' : ';?';
                                        $format =~ s/\?$sep/$actual/;
                                    }

                                    if ( $format && !grep { Cpanel::StringFunc::Trim::ws_trim($format) eq $_ } ( ';', '=0A,' ) ) {
                                        $arr->[$i]{'value'} = $format;
                                    }
                                    else {
                                        delete $arr->[$i]{'value'};
                                    }
                                }
                                else {
                                    if ( $record->{ 'object_' . $arr->[$i]{'value'} } ) {
                                        $arr->[$i]{'value'} = $record->{ 'object_' . $arr->[$i]{'value'} };
                                    }
                                    else {
                                        delete $arr->[$i]{'value'};
                                    }
                                }
                                if ( ref $arr->[$i]{'params'} eq 'HASH' && $arr->[$i]{'params'}{'type'} && !ref $arr->[$i]{'params'}{'type'} ) {
                                    my $type       = delete $arr->[$i]{'params'}{'type'};
                                    my $actualtype = $record->{"object_$type"};
                                    $arr->[$i]{'params'}{'type'} = [$actualtype] if $actualtype;
                                    if ( $actualtype && $actualtype =~ m/^image/ ) {
                                        $arr->[$i]{'value'} = MIME::Base64::encode_base64( $arr->[$i]{'value'}, '' );
                                    }
                                }
                            }

                            # Yea yea, I'm double looping. That said, running splice
                            # on the array you iterate through above to get rid of
                            # elements which ultimately don't have any value to
                            # ain't the best idea either, so I ain't got any good
                            # ideas to avoid this.
                            @$arr = grep { $_->{'value'} } @$arr;
                            $obj_hr->{'properties'}{$item} = $arr if scalar @$arr;
                        }

                        push @{ $vcf_hr->{'objects'} }, $obj_hr;
                    }
                }
                my $vcf_blob = Text::VCardFast::hash2vcard($vcf_hr);
                $vcf_blob =~ s/\\\;/\;/g;    # roundcube 1.5 does not comply with latest rfc
                if ($outdir) {

                    # HB-6674: If outdir looks like cpanelroundcube's home,
                    # Write it for that user instead.
                    $user = 'cpanelroundcube' if index( $outdir, "/var/cpanel/userhomes/cpanelroundcube" ) == 0;
                    Cpanel::AccessIds::ReducedPrivileges::call_as_user(
                        $user,
                        sub {
                            if ( !-d $outdir ) {
                                my $mask = Cpanel::Umask->new(0027);
                                mkdir("$outdir") or die "Can't create outdir '$outdir': $!";
                            }

                            # Dies on fail, so don't guard it
                            Cpanel::Slurper::write( "$outdir/$mailuser.vcf", $vcf_blob, 0644 );
                        }
                    );
                }
                else {
                    print $vcf_blob, "\n";
                }
            }
        }
    }

    return;
}

=head1 USAGE

    /usr/local/cpanel/scripts/export_horde_contacts_to_vcf --out ~/dump.vcf --user 'john_doe' --user 'john_doe2' ...

This script will export Horde contacts for the specified user(s) to the
specified outdir (or to STDOUT if none is specified).

=head2 OPTIONS

--user: cPanel User(s) whose Horde address books should be exported. Any mail
users associated with the account will also be exported.

--out: Directory to which the output should be sent. Each mail user's address
book is exported to '$MAILUSER.vcf' file in the specified directory. If
the specified directory does not exist, the script will attempt to create it.
When not specified, output will be sent to STDOUT, with address books separated
by two new lines each.

=cut

1;

SEA-GHOST - SHELL CODING BY SEA-GHOST