jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

mail: add flag to enable/disable pop3 access per mailbox

Browse Source
This commit is contained in:
Girish Ramakrishnan
2021-10-08 10:15:48 -07:00
parent 9414041ba8
commit 000db4e33d
6 changed files with 30 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/ldap.js
View File

@@ -616,18 +616,20 @@ async function authenticateMail(req, res, next) {
const parts = email.split('@');
if (parts.length !== 2) return next(new ldap.NoSuchObjectError(req.dn.toString()));
const serviceId = req.dn.rdns[1].attrs.ou.value.toLowerCase(); // msa, imap, sieve
if (serviceId !== 'msa' && serviceId !== 'imap' && serviceId !== 'sieve') return next(new ldap.OperationsError('Invalid DN'));
const knownServices = [ 'msa', 'imap', 'pop3', 'sieve' ];
const serviceId = req.dn.rdns[1].attrs.ou.value.toLowerCase();
if (!knownServices.includes(serviceId)) return next(new ldap.OperationsError('Invalid DN. Unknown service'));
const [error, domain] = await safe(mail.getDomain(parts[1]));
if (error) return next(new ldap.OperationsError(error.message));
if (!domain) return next(new ldap.NoSuchObjectError(req.dn.toString()));
const serviceNeedsMailbox = serviceId === 'imap' || serviceId === 'sieve';
const serviceNeedsMailbox = serviceId === 'imap' || serviceId === 'sieve' || serviceId === 'pop3';
if (serviceNeedsMailbox && !domain.enabled) return next(new ldap.NoSuchObjectError(req.dn.toString()));
const [getMailboxError, mailbox] = await safe(mail.getMailbox(parts[0], parts[1]));
if (getMailboxError) return next(new ldap.OperationsError(getMailboxError.message));
if (serviceId === 'pop3' && !mailbox.enablePop3) return next(new ldap.OperationsError('POP3 is not enabled'));
const [appPasswordError] = await safe(verifyAppMailboxPassword(serviceId, email, req.credentials || ''));
if (!appPasswordError) { // validated as app
@@ -681,6 +683,7 @@ async function start() {
gServer.bind('ou=imap,dc=cloudron', authenticateMail); // dovecot (IMAP auth)
gServer.bind('ou=msa,dc=cloudron', authenticateMail); // haraka (MSA auth)
gServer.bind('ou=sieve,dc=cloudron', authenticateMail); // dovecot (sieve auth)
gServer.bind('ou=pop3,dc=cloudron', authenticateMail); // dovecot (pop3 auth)
gServer.bind('ou=sftp,dc=cloudron', authenticateSftp); // sftp
gServer.search('ou=sftp,dc=cloudron', userSearchSftp);

8
src/mail.js
View File

@@ -106,7 +106,7 @@ const assert = require('assert'),
const DNS_OPTIONS = { timeout: 5000 };
const REMOVE_MAILBOX_CMD = path.join(__dirname, 'scripts/rmmailbox.sh');
const MAILBOX_FIELDS = [ 'name', 'type', 'ownerId', 'ownerType', 'aliasName', 'aliasDomain', 'creationTime', 'membersJson', 'membersOnly', 'domain', 'active' ].join(',');
const MAILBOX_FIELDS = [ 'name', 'type', 'ownerId', 'ownerType', 'aliasName', 'aliasDomain', 'creationTime', 'membersJson', 'membersOnly', 'domain', 'active', 'enablePop3' ].join(',');
const MAILDB_FIELDS = [ 'domain', 'enabled', 'mailFromValidation', 'catchAllJson', 'relayJson', 'dkimSelector', 'bannerJson' ].join(',');
function postProcessMailbox(data) {
@@ -115,6 +115,7 @@ function postProcessMailbox(data) {
data.membersOnly = !!data.membersOnly;
data.active = !!data.active;
data.enablePop3 = !!data.enablePop3;
return data;
}
@@ -1216,10 +1217,11 @@ async function updateMailbox(name, domain, data, auditSource) {
assert.strictEqual(typeof data, 'object');
assert.strictEqual(typeof auditSource, 'object');
const { ownerId, ownerType, active } = data;
const { ownerId, ownerType, active, enablePop3 } = data;
assert.strictEqual(typeof ownerId, 'string');
assert.strictEqual(typeof ownerType, 'string');
assert.strictEqual(typeof active, 'boolean');
assert.strictEqual(typeof enablePop3, 'boolean');
name = name.toLowerCase();
@@ -1228,7 +1230,7 @@ async function updateMailbox(name, domain, data, auditSource) {
const mailbox = await getMailbox(name, domain);
if (!mailbox) throw new BoxError(BoxError.NOT_FOUND, 'No such mailbox');
const result = await database.query('UPDATE mailboxes SET ownerId = ?, ownerType = ?, active = ? WHERE name = ? AND domain = ?', [ ownerId, ownerType, active, name, domain ]);
const result = await database.query('UPDATE mailboxes SET ownerId = ?, ownerType = ?, active = ?, enablePop3 = ? WHERE name = ? AND domain = ?', [ ownerId, ownerType, active, enablePop3, name, domain ]);
if (result.affectedRows === 0) throw new BoxError(BoxError.NOT_FOUND, 'Mailbox not found');
eventlog.add(eventlog.ACTION_MAIL_MAILBOX_UPDATE, auditSource, { name, domain, oldUserId: mailbox.userId, ownerId, ownerType, active });

1
src/routes/mail.js
View File

@@ -189,6 +189,7 @@ async function updateMailbox(req, res, next) {
if (typeof req.body.ownerId !== 'string') return next(new HttpError(400, 'ownerId must be a string'));
if (typeof req.body.ownerType !== 'string') return next(new HttpError(400, 'ownerType must be a string'));
if (typeof req.body.active !== 'boolean') return next(new HttpError(400, 'active must be a boolean'));
if (typeof req.body.enablePop3 !== 'boolean') return next(new HttpError(400, 'enablePop3 must be a boolean'));
const [error] = await safe(mail.updateMailbox(req.params.name, req.params.domain, req.body, AuditSource.fromRequest(req)));
if (error) return next(BoxError.toHttpError(error));