recvmail: check for active mailbox
This commit is contained in:
Girish Ramakrishnan
11
src/ldap.js
11
src/ldap.js
@@ -624,14 +624,19 @@ async function authenticateMailAddon(req, res, next) {
|
||||
|
||||
if (addonId === 'recvmail' && !domain.enabled) return next(new ldap.NoSuchObjectError(req.dn.toString()));
|
||||
|
||||
const [getMailboxError, mailbox] = await safe(mail.getMailbox(parts[0], parts[1]));
|
||||
if (getMailboxError) return next(new ldap.OperationsError(getMailboxError.message));
|
||||
|
||||
const [appPasswordError] = await safe(verifyAppMailboxPassword(addonId, email, req.credentials || ''));
|
||||
if (!appPasswordError) return res.end(); // validated as app
|
||||
if (!appPasswordError) { // validated as app
|
||||
if (addonId === 'recvmail' && (!mailbox || !mailbox.active)) return next(new ldap.NoSuchObjectError(req.dn.toString())); // recvmail requires active mailbox
|
||||
return res.end();
|
||||
}
|
||||
|
||||
if (appPasswordError && appPasswordError.reason === BoxError.INVALID_CREDENTIALS) return next(new ldap.InvalidCredentialsError(req.dn.toString()));
|
||||
if (appPasswordError && appPasswordError.reason !== BoxError.NOT_FOUND) return next(new ldap.OperationsError(appPasswordError.message));
|
||||
|
||||
const [getMailboxError, mailbox] = await safe(mail.getMailbox(parts[0], parts[1]));
|
||||
if (getMailboxError) return next(new ldap.OperationsError(getMailboxError.message));
|
||||
// user password check requires an active mailbox for recvmail and sendmail addon
|
||||
if (!mailbox) return next(new ldap.NoSuchObjectError(req.dn.toString()));
|
||||
if (!mailbox.active) return next(new ldap.NoSuchObjectError(req.dn.toString()));
|
||||
|
||||
|
||||
Reference in New Issue
Block a user