mirror of
https://github.com/marcus-alicia/iRedAdmin-Pro-SQL.git
synced 2026-05-26 15:13:38 +00:00
201 lines
5.9 KiB
Python
201 lines
5.9 KiB
Python
import web
|
|
|
|
from controllers.utils import api_render
|
|
|
|
from libs import iredutils, form_utils
|
|
from libs.amavisd import wblist as lib_wblist
|
|
import settings
|
|
|
|
session = web.config.get('_session')
|
|
|
|
|
|
if settings.backend == 'ldap':
|
|
from libs.ldaplib.general import is_domain_admin
|
|
else:
|
|
from libs.sqllib.general import is_domain_admin
|
|
|
|
|
|
def verify_permission(account):
|
|
account = str(account).lower()
|
|
|
|
if account == 'global':
|
|
if not session.get('is_global_admin'):
|
|
return False, 'PERMISSION_DENIED'
|
|
|
|
wblist_account = '@.'
|
|
else:
|
|
if iredutils.is_domain(account):
|
|
domain = account
|
|
wblist_account = '@' + account
|
|
elif iredutils.is_email(account):
|
|
domain = account.split('@', 1)[-1]
|
|
wblist_account = account
|
|
else:
|
|
return False, 'INVALID_ACCOUNT'
|
|
|
|
if not is_domain_admin(domain=domain, admin=session.get('username'), conn=None):
|
|
return False, 'PERMISSION_DENIED'
|
|
|
|
return True, wblist_account
|
|
|
|
|
|
def get_inout_wb(inout, wb):
|
|
_is_in_wl = False
|
|
_is_in_bl = False
|
|
_is_out_wl = False
|
|
_is_out_bl = False
|
|
if inout == 'inbound':
|
|
if wb == 'whitelist':
|
|
_is_in_wl = True
|
|
else:
|
|
_is_in_bl = True
|
|
else:
|
|
if wb == 'whitelist':
|
|
_is_out_wl = True
|
|
else:
|
|
_is_out_bl = True
|
|
|
|
return {'is_in_wl': _is_in_wl,
|
|
'is_in_bl': _is_in_bl,
|
|
'is_out_wl': _is_out_wl,
|
|
'is_out_bl': _is_out_bl}
|
|
|
|
|
|
class APIWBList:
|
|
def GET(self, inout, wb, account):
|
|
"""Get existing wblist.
|
|
|
|
curl -X GET -i -b cookie.txt https://<server>/api/wblist/inbound/whitelist/global
|
|
curl -X GET -i -b cookie.txt https://<server>/api/wblist/inbound/blacklist/global
|
|
curl -X GET -i -b cookie.txt https://<server>/api/wblist/outbound/whitelist/global
|
|
curl -X GET -i -b cookie.txt https://<server>/api/wblist/outbound/blacklist/global
|
|
"""
|
|
_qr = verify_permission(account)
|
|
if not _qr[0]:
|
|
return api_render(_qr)
|
|
|
|
wblist_account = _qr[1]
|
|
inout_wb = get_inout_wb(inout=inout, wb=wb)
|
|
|
|
qr = lib_wblist.get_wblist(
|
|
account=wblist_account,
|
|
whitelist=inout_wb['is_in_wl'],
|
|
blacklist=inout_wb['is_in_bl'],
|
|
outbound_whitelist=inout_wb['is_out_wl'],
|
|
outbound_blacklist=inout_wb['is_out_bl'],
|
|
)
|
|
|
|
if not qr[0]:
|
|
return api_render(qr)
|
|
|
|
result = qr[1]
|
|
if inout_wb['is_in_wl']:
|
|
addresses = result['inbound_whitelists']
|
|
elif inout_wb['is_in_bl']:
|
|
addresses = result['inbound_blacklists']
|
|
elif inout_wb['is_out_wl']:
|
|
addresses = result['outbound_whitelists']
|
|
else:
|
|
# inout_wb['is_out_bl']
|
|
addresses = result['outbound_blacklists']
|
|
|
|
return api_render((True, addresses))
|
|
|
|
def POST(self, inout, wb, account):
|
|
"""Create new wblist.
|
|
|
|
curl -X POST ... \
|
|
-d "addresses=user@domain.com,user2@domain.com" \
|
|
https://<server>/api/wblist/inbound/whitelist/global
|
|
|
|
curl -X POST ... \
|
|
-d "addresses=user@domain.com,user2@domain.com" \
|
|
https://<server>/api/wblist/inbound/blacklist/global
|
|
|
|
curl -X POST ... \
|
|
-d "addresses=user@domain.com,user2@domain.com" \
|
|
https://<server>/api/wblist/outbound/whitelist/global
|
|
|
|
curl -X POST ... \
|
|
-d "addresses=user@domain.com,user2@domain.com" \
|
|
https://<server>/api/wblist/outbound/blacklist/global
|
|
"""
|
|
_qr = verify_permission(account)
|
|
if not _qr[0]:
|
|
return api_render(_qr)
|
|
|
|
wblist_account = _qr[1]
|
|
inout_wb = get_inout_wb(inout=inout, wb=wb)
|
|
|
|
form = web.input(_unicode=False)
|
|
_addresses = form_utils.get_multi_values_from_api(form=form, input_name='addresses')
|
|
_addresses = [i for i in _addresses if iredutils.is_valid_amavisd_address(i)]
|
|
|
|
d = {}
|
|
for (k, v) in list(inout_wb.items()):
|
|
_name = k.replace("is_", "")
|
|
if v is True:
|
|
d[_name] = _addresses
|
|
else:
|
|
d[_name] = None
|
|
|
|
qr = lib_wblist.add_wblist(
|
|
account=wblist_account,
|
|
wl_senders=d["in_wl"],
|
|
bl_senders=d["in_bl"],
|
|
wl_rcpts=d["out_wl"],
|
|
bl_rcpts=d["out_bl"],
|
|
flush_before_import=False,
|
|
)
|
|
|
|
return api_render(qr)
|
|
|
|
def PUT(self, inout, wb, account):
|
|
# Delete addresses
|
|
_qr = verify_permission(account)
|
|
if not _qr[0]:
|
|
return api_render(_qr)
|
|
|
|
wblist_account = _qr[1]
|
|
inout_wb = get_inout_wb(inout=inout, wb=wb)
|
|
|
|
form = web.input(_unicode=False)
|
|
_addresses = form_utils.get_multi_values_from_api(form=form, input_name='addresses')
|
|
_addresses = [i for i in _addresses if iredutils.is_valid_amavisd_address(i)]
|
|
|
|
d = {}
|
|
for (k, v) in list(inout_wb.items()):
|
|
_name = k.replace("is_", "")
|
|
if v is True:
|
|
d[_name] = _addresses
|
|
else:
|
|
d[_name] = None
|
|
|
|
qr = lib_wblist.delete_wblist(
|
|
account=wblist_account,
|
|
wl_senders=d["in_wl"],
|
|
bl_senders=d["in_bl"],
|
|
wl_rcpts=d["out_wl"],
|
|
bl_rcpts=d["out_bl"],
|
|
)
|
|
|
|
return api_render(qr)
|
|
|
|
def DELETE(self, inout, wb, account):
|
|
_qr = verify_permission(account)
|
|
if not _qr[0]:
|
|
return api_render(_qr)
|
|
|
|
wblist_account = _qr[1]
|
|
inout_wb = get_inout_wb(inout=inout, wb=wb)
|
|
|
|
qr = lib_wblist.delete_all_wblist(
|
|
account=wblist_account,
|
|
wl_senders=inout_wb['is_in_wl'],
|
|
bl_senders=inout_wb['is_in_bl'],
|
|
wl_rcpts=inout_wb['is_out_wl'],
|
|
bl_rcpts=inout_wb['is_out_bl'],
|
|
)
|
|
|
|
return api_render(qr)
|