Rechtebechebung für User mit Sudorechte

app/Models/Domain.php

@@ -7,6 +7,8 @@ use Illuminate\Database\Eloquent\Relations\HasMany;
 
 class Domain extends Model
 {
+    public $afterCommit = true;
+
     protected $fillable = [
         'domain','description','tags',
         'is_active','is_system','is_server',

app/Observers/DomainObserver.php

@@ -37,31 +37,6 @@ class DomainObserver
             );
         }
     }
-//    public function created(Domain $domain): void
-//    {
-//        if ($domain->is_server) {
-//            return;
-//        }
-//
-//        $selector = (string) config('mailpool.defaults.dkim_selector', 'mwl1');
-//        $bits     = (int) config('mailpool.defaults.dkim_bits', 2048);
-//
-//        $res = app(\App\Services\DkimService::class)
-//            ->generateForDomain($domain, $bits, $selector);
-//
-//        // DNS-Records gleich anlegen/aktualisieren
-//        app(\App\Services\DnsRecordService::class)->provision(
-//            $domain,
-//            $dk->selector,
-//            "v=DKIM1; k=rsa; p={$dk->public_key_txt}",
-//            [
-//                'spf_tail'        => \App\Models\Setting::get('mailpool.spf_tail', '~all'),
-//                'spf_extra'       => \App\Models\Setting::get('mailpool.spf_extra', []),
-//                'dmarc_policy'    => \App\Models\Setting::get('mailpool.dmarc_policy', 'none'),
-//                'rua'             => \App\Models\Setting::get('mailpool.rua', null),
-//            ]
-//        );
-//    }
 
     /**
      * Beim Löschen alle DKIM-Selector dieser Domain aus OpenDKIM entfernen.
@@ -87,6 +62,38 @@ class DomainObserver
             Log::error("Domain delete cleanup failed", ['domain'=>$domain->domain,'error'=>$e->getMessage()]);
         }
     }
+
+    public function forceDeleted(Domain $domain): void
+    {
+        $this->deleted($domain);
+    }
+
+    //    public function created(Domain $domain): void
+//    {
+//        if ($domain->is_server) {
+//            return;
+//        }
+//
+//        $selector = (string) config('mailpool.defaults.dkim_selector', 'mwl1');
+//        $bits     = (int) config('mailpool.defaults.dkim_bits', 2048);
+//
+//        $res = app(\App\Services\DkimService::class)
+//            ->generateForDomain($domain, $bits, $selector);
+//
+//        // DNS-Records gleich anlegen/aktualisieren
+//        app(\App\Services\DnsRecordService::class)->provision(
+//            $domain,
+//            $dk->selector,
+//            "v=DKIM1; k=rsa; p={$dk->public_key_txt}",
+//            [
+//                'spf_tail'        => \App\Models\Setting::get('mailpool.spf_tail', '~all'),
+//                'spf_extra'       => \App\Models\Setting::get('mailpool.spf_extra', []),
+//                'dmarc_policy'    => \App\Models\Setting::get('mailpool.dmarc_policy', 'none'),
+//                'rua'             => \App\Models\Setting::get('mailpool.rua', null),
+//            ]
+//        );
+//    }
+
 //    public function deleted(Domain $domain): void
 //    {
 //        try {
@@ -113,9 +120,4 @@ class DomainObserver
 //            ]);
 //        }
 //    }
-
-    public function forceDeleted(Domain $domain): void
-    {
-        $this->deleted($domain);
-    }
 }

app/Services/DkimService.php

@@ -159,24 +159,50 @@ class DkimService
         return $san;
     }
 
+    // selector optional: wenn null → alle Selector der Domain löschen
     public function removeForDomain(Domain|string $domain, ?string $selector = null): void
     {
-        $name = $domain instanceof \App\Models\Domain ? $domain->domain : $domain;
-        $selector = $selector ?: (string) config('mailpool.defaults.dkim_selector', 'mwl1');
+        $name = $domain instanceof Domain ? $domain->domain : $domain;
 
-        // Root-Helper ausführen
-        $p = Process::run([
-            'sudo','-n','/usr/local/sbin/mailwolt-remove-dkim',
-            $name, $selector
-        ]);
-        if (!$p->successful()) {
-            throw new \RuntimeException('mailwolt-remove-dkim failed: '.$p->errorOutput());
+        if (is_null($selector)) {
+            // alle Selector aus DB holen und nacheinander entfernen
+            $keys = $domain instanceof Domain
+                ? $domain->dkimKeys()->pluck('selector')->all()
+                : \App\Models\DkimKey::whereHas('domain', fn($q) => $q->where('domain', $name))
+                    ->pluck('selector')->all();
+
+            $keys = $keys ?: ['mwl1']; // notfalls versuchen wir Standard
+        } else {
+            $keys = [$selector];
         }
 
-        // OpenDKIM neu laden
-        Process::run(['sudo','-n','/usr/bin/systemctl','reload','opendkim']);
+        foreach ($keys as $sel) {
+            Process::run(['sudo','-n','/usr/local/sbin/mailwolt-remove-dkim',$name,$sel]);
+        }
+
+        // Dienst neu laden (ohne Fehler abbrechen)
+        Process::run(['sudo','-n','/bin/systemctl','reload','opendkim']);
     }
 
+
+//    public function removeForDomain(Domain|string $domain, ?string $selector = null): void
+//    {
+//        $name = $domain instanceof \App\Models\Domain ? $domain->domain : $domain;
+//        $selector = $selector ?: (string) config('mailpool.defaults.dkim_selector', 'mwl1');
+//
+//        // Root-Helper ausführen
+//        $p = Process::run([
+//            'sudo','-n','/usr/local/sbin/mailwolt-remove-dkim',
+//            $name, $selector
+//        ]);
+//        if (!$p->successful()) {
+//            throw new \RuntimeException('mailwolt-remove-dkim failed: '.$p->errorOutput());
+//        }
+//
+//        // OpenDKIM neu laden
+//        Process::run(['sudo','-n','/usr/bin/systemctl','reload','opendkim']);
+//    }
+
 //    public function removeForDomain(Domain|string $domain): void
 //    {
 //        $domainName = $domain instanceof Domain ? $domain->domain : $domain;