def add(self, data):
self.cn = data.get('cn', '')
self.mail = web.safestr(data.get('mail')).strip().lower()
if not iredutils.isEmail(self.mail):
return (False, 'INVALID_MAIL')
# Check admin exist.
connutils = connUtils.Utils()
if connutils.isAdminExists(self.mail):
return (False, 'ALREADY_EXISTS')
# Get domainGlobalAdmin setting.
self.domainGlobalAdmin = web.safestr(data.get('domainGlobalAdmin', 'no'))
if self.domainGlobalAdmin not in ['yes', 'no', ]:
self.domainGlobalAdmin = 'no'
# Get language setting.
preferredLanguage = web.safestr(data.get('preferredLanguage', 'en_US'))
# Get new password.
self.newpw = web.safestr(data.get('newpw'))
self.confirmpw = web.safestr(data.get('confirmpw'))
result = iredutils.verifyNewPasswords(self.newpw, self.confirmpw)
if result[0] is True:
self.passwd = result[1]
else:
return result
try:
self.conn.insert(
'dbmail_admins',
username=self.mail,
name=self.cn,
password=iredutils.getSQLPassword(self.passwd),
language=preferredLanguage,
created=iredutils.getGMTTime(),
active='1',
)
if self.domainGlobalAdmin == 'yes':
self.conn.insert(
'dbmail_domain_admins',
username=self.mail,
domain='ALL',
created=iredutils.getGMTTime(),
active='1',
)
web.logger(msg="Create admin: %s." % (self.mail), event='create',)
return (True,)
except Exception, e:
return (False, str(e))
def add(self, data):
self.cn = data.get('cn', '')
self.mail = web.safestr(data.get('mail')).strip().lower()
if not iredutils.isEmail(self.mail):
return (False, 'INVALID_MAIL')
# Check admin exist.
connutils = connUtils.Utils()
if connutils.isAdminExists(self.mail):
return (False, 'ALREADY_EXISTS')
# Get domainGlobalAdmin setting.
self.domainGlobalAdmin = 'yes'
# Get language setting.
self.preferredLanguage = web.safestr(data.get('preferredLanguage', 'en_US'))
# Get new password.
self.newpw = web.safestr(data.get('newpw'))
self.confirmpw = web.safestr(data.get('confirmpw'))
result = iredutils.verifyNewPasswords(self.newpw, self.confirmpw)
if result[0] is True:
self.passwd = result[1]
else:
return result
try:
self.conn.insert(
'admin',
username=self.mail,
name=self.cn,
password=iredutils.getSQLPassword(self.passwd),
language=self.preferredLanguage,
created=iredutils.sqlNOW,
active='1',
)
if self.domainGlobalAdmin == 'yes':
self.conn.insert(
'domain_admins',
username=self.mail,
domain='ALL',
created=iredutils.sqlNOW,
active='1',
)
web.logger(msg="Create admin: %s." % (self.mail), event='create',)
return (True,)
except Exception, e:
return (False, str(e))
domain=d,
active=accountStatus,
created=iredutils.getGMTTime(),
)
except Exception, e:
return (False, str(e))
elif self.profile_type == 'password':
self.cur_passwd = str(data.get('oldpw', ''))
self.newpw = web.safestr(data.get('newpw', ''))
self.confirmpw = web.safestr(data.get('confirmpw', ''))
# Verify new passwords.
qr = iredutils.verifyNewPasswords(self.newpw, self.confirmpw)
if qr[0] is True:
self.passwd = iredutils.getSQLPassword(qr[1])
else:
return qr
if session.get('domainGlobalAdmin') is not True:
# Verify old password.
auth = core.Auth()
qr = auth.auth(username=self.mail, password=self.cur_passwd, verifyPassword=True,)
if qr[0] is False:
return qr
# Hash/Encrypt new password.
try:
self.conn.update(
'dbmail_admins',
vars=sql_vars,
def add(self, domain, data):
# Get domain name, username, cn.
self.domain = web.safestr(data.get('domainName')).strip().lower()
self.username = web.safestr(data.get('username')).strip().lower()
self.mail = self.username + '@' + self.domain
if self.domain != domain:
return (False, 'PERMISSION_DENIED')
if not iredutils.isDomain(self.domain):
return (False, 'INVALID_DOMAIN_NAME')
# Check account existing.
connutils = connUtils.Utils()
if connutils.isEmailExists(mail=self.mail):
return (False, 'ALREADY_EXISTS')
# Get domain profile.
domainLib = domainlib.Domain()
resultOfDomainProfile = domainLib.profile(domain=self.domain)
if resultOfDomainProfile[0] is True:
self.domainProfile = resultOfDomainProfile[1]
else:
return resultOfDomainProfile
# Check account limit.
adminLib = adminlib.Admin()
numberOfExistAccounts = adminLib.getNumberOfManagedAccounts(accountType='user', domains=[self.domain])
if self.domainProfile.mailboxes == 0:
# Unlimited.
pass
elif self.domainProfile.mailboxes <= numberOfExistAccounts:
return (False, 'EXCEEDED_DOMAIN_ACCOUNT_LIMIT')
# Check spare quota and number of spare account limit.
# Get quota from <form>
self.mailQuota = str(data.get('mailQuota')).strip()
self.defaultUserQuota = self.domainProfile.get('defaultuserquota', 0)
if self.mailQuota.isdigit():
self.mailQuota = int(self.mailQuota)
else:
self.mailQuota = self.defaultUserQuota
# Re-calculate mail quota if this domain has limited max quota.
if self.domainProfile.maxquota > 0:
# Get used quota.
qr = domainLib.getAllocatedQuotaSize(domain=self.domain)
if qr[0] is True:
self.allocatedQuota = qr[1]
else:
return qr
spareQuota = self.domainProfile.maxquota - self.allocatedQuota
if spareQuota > 0:
if spareQuota < self.mailQuota:
self.mailQuota = spareQuota
else:
# No enough quota.
return (False, 'EXCEEDED_DOMAIN_QUOTA_SIZE')
#
# Get password from <form>.
#
self.newpw = str(data.get('newpw', ''))
self.confirmpw = str(data.get('confirmpw', ''))
# Get password length limit from domain profile or global setting.
self.minPasswordLength = self.domainProfile.get('minpasswordlength',cfg.general.get('min_passwd_length', '0'))
self.maxPasswordLength = self.domainProfile.get('maxpasswordlength', cfg.general.get('max_passwd_length', '0'))
resultOfPW = iredutils.verifyNewPasswords(
self.newpw,
self.confirmpw,
min_passwd_length=self.minPasswordLength,
max_passwd_length=self.maxPasswordLength,
)
if resultOfPW[0] is True:
self.passwd = iredutils.getSQLPassword(resultOfPW[1])
else:
return resultOfPW
# Get display name from <form>
self.cn = data.get('cn', '')
# Assign new user to default mail aliases.
assignedAliases = [str(v).lower()
for v in str(self.domainProfile.defaultuseraliases).split(',')
if iredutils.isEmail(v)
]
try:
# Store new user in SQL db.
self.conn.insert(
'mailbox',
domain=self.domain,
username=self.mail,
password=self.passwd,
name=self.cn,
maildir=iredutils.setMailMessageStore(self.mail),
quota=self.mailQuota,
created=iredutils.sqlNOW,
active='1',
local_part=self.username,
)
# Assign new user to default mail aliases.
if len(assignedAliases) > 0:
for ali in assignedAliases:
try:
self.conn.query(
'''
UPDATE alias
SET goto=CONCAT(goto, %s)
WHERE address=%s AND domain=%s
''' % (
web.sqlquote(','+self.mail),
web.sqlquote(ali),
web.sqlquote(self.domain),
)
)
except:
pass
# Create an alias account: address=goto.
self.conn.insert(
'alias',
address=self.mail,
goto=self.mail,
domain=self.domain,
created=iredutils.sqlNOW,
active='1',
)
web.logger(msg="Create user: %s." % (self.mail), domain=self.domain, event='create',)
return (True,)
except Exception, e:
return (False, str(e))
**inserts
)
return (True,)
except Exception, e:
return (False, str(e))
else:
return (True,)
elif self.profile_type == 'password':
self.newpw = str(data.get('newpw', ''))
self.confirmpw = str(data.get('confirmpw', ''))
# Verify new passwords.
qr = iredutils.verifyNewPasswords(self.newpw, self.confirmpw)
if qr[0] is True:
self.passwd = iredutils.getSQLPassword(qr[1])
else:
return qr
# Hash/encrypt new password.
updates['password'] = self.passwd
elif self.profile_type == 'advanced':
# Get enabled services.
self.enabledService = [str(v).lower()
for v in data.get('enabledService', [])
if v in ENABLED_SERVICES
]
self.disabledService = [v for v in ENABLED_SERVICES if v not in self.enabledService]
# Append 'sieve', 'sievesecured' for dovecot-1.2.
def add(self, domain, data):
# Get domain name, username, cn.
self.domain = web.safestr(data.get('domainName')).strip().lower()
self.username = web.safestr(data.get('username')).strip().lower()
self.mail = self.username + '@' + self.domain
if self.domain != domain:
return (False, 'PERMISSION_DENIED')
if not iredutils.isDomain(self.domain):
return (False, 'INVALID_DOMAIN_NAME')
# Check account existing.
connutils = connUtils.Utils()
if connutils.isEmailExists(mail=self.mail):
return (False, 'ALREADY_EXISTS')
# Get domain profile.
domainLib = domainlib.Domain()
resultOfDomainProfile = domainLib.profile(domain=self.domain)
if resultOfDomainProfile[0] is True:
self.domainProfile = resultOfDomainProfile[1]
else:
return resultOfDomainProfile
# Check account limit.
adminLib = adminlib.Admin()
numberOfExistAccounts = adminLib.getNumberOfManagedAccounts(
accountType='user', domains=[self.domain])
if self.domainProfile.mailboxes == 0:
# Unlimited.
pass
elif self.domainProfile.mailboxes <= numberOfExistAccounts:
return (False, 'EXCEEDED_DOMAIN_ACCOUNT_LIMIT')
# Check spare quota and number of spare account limit.
# Get quota from <form>
self.mailQuota = str(data.get('mailQuota')).strip()
self.defaultUserQuota = self.domainProfile.get('defaultuserquota', 0)
if self.mailQuota.isdigit():
self.mailQuota = int(self.mailQuota)
else:
self.mailQuota = self.defaultUserQuota
# Re-calculate mail quota if this domain has limited max quota.
if self.domainProfile.maxquota > 0:
# Get used quota.
qr = domainLib.getAllocatedQuotaSize(domain=self.domain)
if qr[0] is True:
self.allocatedQuota = qr[1]
else:
return qr
spareQuota = self.domainProfile.maxquota - self.allocatedQuota
if spareQuota > 0:
if spareQuota < self.mailQuota:
self.mailQuota = spareQuota
else:
# No enough quota.
return (False, 'EXCEEDED_DOMAIN_QUOTA_SIZE')
#
# Get password from <form>.
#
self.newpw = str(data.get('newpw', ''))
self.confirmpw = str(data.get('confirmpw', ''))
# Get password length limit from domain profile or global setting.
self.minPasswordLength = self.domainProfile.get(
'minpasswordlength', cfg.general.get('min_passwd_length', '0'))
self.maxPasswordLength = self.domainProfile.get(
'maxpasswordlength', cfg.general.get('max_passwd_length', '0'))
resultOfPW = iredutils.verifyNewPasswords(
self.newpw,
self.confirmpw,
min_passwd_length=self.minPasswordLength,
max_passwd_length=self.maxPasswordLength,
)
if resultOfPW[0] is True:
self.passwd = iredutils.getSQLPassword(resultOfPW[1])
else:
return resultOfPW
# Get display name from <form>
self.cn = data.get('cn', '')
# Assign new user to default mail aliases.
assignedAliases = [
str(v).lower()
for v in str(self.domainProfile.defaultuseraliases).split(',')
if iredutils.isEmail(v)
]
try:
# Store new user in SQL db.
self.conn.insert(
'mailbox',
domain=self.domain,
username=self.mail,
password=self.passwd,
name=self.cn,
maildir=iredutils.setMailMessageStore(self.mail),
quota=self.mailQuota,
created=iredutils.sqlNOW,
active='1',
local_part=self.username,
)
# Assign new user to default mail aliases.
if len(assignedAliases) > 0:
for ali in assignedAliases:
try:
self.conn.query('''
UPDATE alias
SET goto=CONCAT(goto, %s)
WHERE address=%s AND domain=%s
''' % (
web.sqlquote(',' + self.mail),
web.sqlquote(ali),
web.sqlquote(self.domain),
))
except:
pass
# Create an alias account: address=goto.
self.conn.insert(
'alias',
address=self.mail,
goto=self.mail,
domain=self.domain,
created=iredutils.sqlNOW,
active='1',
)
web.logger(
msg="Create user: %s." % (self.mail),
domain=self.domain,
event='create',
)
return (True, )
except Exception, e:
return (False, str(e))
def add(self, domain, data):
# Get domain name, username, cn.
self.domain = web.safestr(data.get('domainName')).strip().lower()
self.username = web.safestr(data.get('username')).strip().lower()
self.mail = self.username + '@' + self.domain
sql_vars = {
'mail': self.mail,
}
if not iredutils.isDomain(self.domain):
return (False, 'INVALID_DOMAIN_NAME')
if self.domain != domain:
return (False, 'PERMISSION_DENIED')
if not iredutils.isEmail(self.mail):
return (False, 'INVALID_MAIL')
# Check account existing.
connutils = connUtils.Utils()
if connutils.isEmailExists(self.mail):
return (False, 'ALREADY_EXISTS')
# Get domain profile.
domainLib = domainlib.Domain()
resultOfDomainProfile = domainLib.profile(domain=self.domain)
if resultOfDomainProfile[0] is True:
self.domainProfile = resultOfDomainProfile[1]
else:
return resultOfDomainProfile
# Check account limit.
adminLib = adminlib.Admin()
numberOfExistAccounts = adminLib.getNumberOfManagedAccounts(
accountType='user', domains=[self.domain])
if self.domainProfile.mailboxes == -1:
return (False, 'NOT_ALLOWED')
elif self.domainProfile.mailboxes > 0:
if self.domainProfile.mailboxes <= numberOfExistAccounts:
return (False, 'EXCEEDED_DOMAIN_ACCOUNT_LIMIT')
columns = {
'userid': self.mail,
'domain': self.domain,
}
# Check spare quota and number of spare account limit.
# Get quota from form.
self.mailQuota = str(data.get('mailQuota')).strip()
self.defaultUserQuota = self.domainProfile.get('defaultuserquota', 0)
if self.mailQuota.isdigit():
self.mailQuota = int(self.mailQuota)
else:
self.mailQuota = self.defaultUserQuota
# Re-calculate mail quota if this domain has max quota limit.
if self.domainProfile.maxquota > 0:
# Get used quota.
qr = domainLib.getAllocatedQuotaSize(domain=self.domain)
if qr[0] is True:
self.allocatedQuota = qr[1]
else:
return qr
spareQuota = self.domainProfile.maxquota - self.allocatedQuota / 1024 / 1024
if spareQuota > 0:
if spareQuota < self.mailQuota:
self.mailQuota = spareQuota
else:
# No enough quota.
return (False, 'EXCEEDED_DOMAIN_QUOTA_SIZE')
columns['maxmail_size'] = self.mailQuota * 1024 * 1024
#
# Get password from <form>.
#
newpw = web.safestr(data.get('newpw', ''))
confirmpw = web.safestr(data.get('confirmpw', ''))
# Get password length limit from domain profile or global setting.
self.minPasswordLength = self.domainProfile.get(
'minpasswordlength', cfg.general.get('min_passwd_length', '0'))
self.maxPasswordLength = self.domainProfile.get(
'maxpasswordlength', cfg.general.get('max_passwd_length', '0'))
resultOfPW = iredutils.verifyNewPasswords(
newpw,
confirmpw,
min_passwd_length=self.minPasswordLength,
max_passwd_length=self.maxPasswordLength,
)
if resultOfPW[0] is True:
if 'storePasswordInPlainText' in data:
columns['passwd'] = iredutils.getSQLPassword(resultOfPW[1],
pwscheme='PLAIN')
columns['encryption_type'] = ''
else:
columns['passwd'] = iredutils.getSQLPassword(resultOfPW[1])
columns[
'encryption_type'] = settings.SQL_DEFAULT_PASSWD_SCHEME.lower(
)
else:
return resultOfPW
# Get display name from <form>
columns['name'] = data.get('cn', '')
# Assign new user to default mail aliases.
assignedAliases = [
str(addr).lower()
for addr in str(self.domainProfile.defaultuseraliases).split(',')
if iredutils.isEmail(addr)
]
try:
# Store new user in SQL db.
self.conn.insert('dbmail_users', **columns)
# Get dbmail_users.user_idnr.
qr = self.conn.select(
'dbmail_users',
vars=sql_vars,
what='user_idnr,client_idnr',
where='userid=$mail',
limit=1,
)
p = qr[0]
user_idnr, client_idnr = p.user_idnr, p.client_idnr
self.conn.insert(
'dbmail_aliases',
alias=self.mail,
deliver_to=user_idnr,
client_idnr=client_idnr,
)
# Create and subscribe to default IMAP folders.
if settings.DBMAIL_CREATE_DEFAULT_IMAP_FOLDERS:
# Create default IMAP folders.
imap_folders = [
'(%d, "%s")' % (user_idnr, fld)
for fld in settings.DBMAIL_DEFAULT_IMAP_FOLDERS
]
self.conn.query(
'''INSERT INTO dbmail_mailboxes (owner_idnr, name) VALUES %s'''
% ','.join(imap_folders))
# Subscribe to folders by default.
self.conn.query(
'''INSERT INTO dbmail_subscription (user_id, mailbox_id)
SELECT owner_idnr, mailbox_idnr FROM dbmail_mailboxes WHERE owner_idnr = %d
''' % user_idnr)
# Assign new user to default mail aliases.
if len(assignedAliases) > 0:
for ali in assignedAliases:
try:
self.conn.update(
'dbmail_aliases',
vars={
'mail': self.mail,
'ali': ali,
'user_idnr': user_idnr,
},
where='alias = $ali AND deliver_to <> $user_idnr',
deliver_to=web.sqlliteral(
'CONCAT($mail, ",", deliver_to)'),
)
except:
pass
vars_addition_sql = {
'user_idnr': user_idnr,
'mail': self.mail,
'username': self.username,
'domain': self.domain,
}
# Execute addition SQL commands after successfully created new users.
if settings.DBMAIL_SQL_FOR_NEWLY_CREATED_USER:
try:
for sql_cmd in settings.DBMAIL_SQL_FOR_NEWLY_CREATED_USER:
self.conn.query(sql_cmd, vars=vars_addition_sql)
except Exception:
pass
# Create Amavisd policy for newly created user.
if settings.AMAVISD_EXECUTE_SQL_WITHOUT_ENABLED and settings.AMAVISD_SQL_FOR_NEWLY_CREATED_USER:
try:
from libs.amavisd.core import AmavisdWrap
amwrap = AmavisdWrap()
for sql_cmd in settings.AMAVISD_SQL_FOR_NEWLY_CREATED_USER:
amwrap.db.query(sql_cmd, vars=vars_addition_sql)
except:
pass
web.logger(
msg="Create user: %s." % (self.mail),
domain=self.domain,
event='create',
)
return (True, )
except Exception, e:
return (False, str(e))
account=self.mail,
accountType='recipient',
setting=self.recipientThrottlingSetting,
)
except Exception, e:
pass
elif self.profile_type == 'password':
newpw = str(data.get('newpw', ''))
confirmpw = str(data.get('confirmpw', ''))
# Verify new passwords.
qr = iredutils.verifyNewPasswords(newpw, confirmpw)
if qr[0] is True:
if 'storePasswordInPlainText' in data:
self.passwd = iredutils.getSQLPassword(qr[1],
pwscheme='PLAIN')
else:
self.passwd = iredutils.getSQLPassword(qr[1])
else:
return qr
# Hash/encrypt new password.
updates['passwd'] = self.passwd
elif self.profile_type == 'advanced':
# Get enabled services.
"""
self.enabledService = [str(v).lower()
for v in data.get('enabledService', [])
if v in ENABLED_SERVICES
]
