def POST(self):
i = web.input(_unicode=False, mail=[])
self.mails = i.get('mail', [])
self.action = i.get('action', None)
msg = i.get('msg', None)
adminLib = adminlib.Admin()
if self.action == 'delete':
result = adminLib.delete(mails=self.mails, )
msg = 'DELETED'
elif self.action == 'disable':
result = adminLib.enableOrDisableAccount(
accounts=self.mails,
active=False,
)
msg = 'DISABLED'
elif self.action == 'enable':
result = adminLib.enableOrDisableAccount(
accounts=self.mails,
active=True,
)
msg = 'ENABLED'
else:
result = (False, 'INVALID_ACTION')
if result[0] is True:
raise web.seeother('/admins?msg=%s' % msg)
else:
raise web.seeother('/admins?msg=?' + web.urlquote(result[1]))
def POST(self, profile_type, mail):
self.profile_type = web.safestr(profile_type)
self.mail = web.safestr(mail)
i = web.input(domainName=[], )
if session.get('domainGlobalAdmin'
) is not True and session.get('username') != self.mail:
# Don't allow to view/update others' profile.
raise web.seeother(
'/profile/admin/general/%s?msg=PERMISSION_DENIED' %
session.get('username'))
adminLib = adminlib.Admin()
result = adminLib.update(
profile_type=self.profile_type,
mail=self.mail,
data=i,
)
if result[0] is True:
raise web.seeother('/profile/admin/%s/%s?msg=UPDATED' %
(self.profile_type, self.mail))
else:
raise web.seeother('/profile/admin/%s/%s?msg=%s' % (
self.profile_type,
self.mail,
web.urlquote(result[1]),
))
def GET(self, cur_page=1):
i = web.input()
cur_page = int(cur_page)
if cur_page == 0:
cur_page == 1
adminLib = adminlib.Admin()
result = adminLib.listAccounts(cur_page=cur_page)
if result[0] is True:
(total, records) = (result[1], result[2])
# Get list of global admins.
allGlobalAdmins = []
qr = adminLib.getAllGlobalAdmins()
if qr[0] is True:
allGlobalAdmins = qr[1]
return web.render(
'mysql/admin/list.html',
cur_page=cur_page,
total=total,
admins=records,
allGlobalAdmins=allGlobalAdmins,
msg=i.get('msg', None),
)
else:
return web.seeother('/domains?msg=%s' % result[1])
def POST(self):
i = web.input()
self.mail = web.safestr(i.get('mail'))
adminLib = adminlib.Admin()
result = adminLib.add(data=i)
if result[0] is True:
# Redirect to assign domains.
return web.seeother('/profile/admin/general/%s?msg=CREATED_SUCCESS' % self.mail)
else:
return web.seeother('/create/admin?msg=' + result[1])
def GET(self, profile_type, mail):
i = web.input()
self.mail = web.safestr(mail)
self.profile_type = web.safestr(profile_type)
if not iredutils.isEmail(self.mail):
return web.seeother('/admins?msg=INVALID_MAIL')
if session.get('domainGlobalAdmin') is not True and session.get('username') != self.mail:
# Don't allow to view/update other admins' profile.
return web.seeother('/profile/admin/general/%s?msg=PERMISSION_DENIED' % session.get('username'))
adminLib = adminlib.Admin()
result = adminLib.profile(mail=self.mail)
if result[0] is True:
domainGlobalAdmin, profile = result[1], result[2]
# Get all domains.
self.allDomains = []
domainLib = domainlib.Domain()
resultOfAllDomains = domainLib.getAllDomains()
if resultOfAllDomains[0] is True:
self.allDomains = resultOfAllDomains[1]
# Get managed domains.
self.managedDomains = []
qr = adminLib.getManagedDomains(admin=self.mail, domainNameOnly=True, listedOnly=True,)
if qr[0] is True:
self.managedDomains += qr[1]
return web.render(
'mysql/admin/profile.html',
mail=self.mail,
profile_type=self.profile_type,
domainGlobalAdmin=domainGlobalAdmin,
profile=profile,
languagemaps=languages.getLanguageMaps(),
allDomains=self.allDomains,
managedDomains=self.managedDomains,
min_passwd_length=cfg.general.get('min_passwd_length', '0'),
max_passwd_length=cfg.general.get('max_passwd_length', '0'),
msg=i.get('msg'),
)
else:
return web.seeother('/admins?msg=' + result[1])
def GET(self, profile_type, mail):
i = web.input()
self.mail = web.safestr(mail)
self.profile_type = web.safestr(profile_type)
if not iredutils.is_email(self.mail):
raise web.seeother('/admins?msg=INVALID_MAIL')
if session.get('domainGlobalAdmin'
) is not True and session.get('username') != self.mail:
# Don't allow to view/update other admins' profile.
raise web.seeother(
'/profile/admin/general/%s?msg=PERMISSION_DENIED' %
session.get('username'))
adminLib = adminlib.Admin()
result = adminLib.profile(mail=self.mail)
if result[0] is True:
domainGlobalAdmin, profile = result[1], result[2]
# Get all domains.
self.allDomains = []
domainLib = domainlib.Domain()
resultOfAllDomains = domainLib.getAllDomains()
if resultOfAllDomains[0] is True:
self.allDomains = resultOfAllDomains[1]
return web.render(
'mysql/admin/profile.html',
mail=self.mail,
profile_type=self.profile_type,
domainGlobalAdmin=domainGlobalAdmin,
profile=profile,
languagemaps=languages.get_language_maps(),
allDomains=self.allDomains,
min_passwd_length=settings.min_passwd_length,
max_passwd_length=settings.max_passwd_length,
msg=i.get('msg'),
)
else:
raise web.seeother('/admins?msg=' + web.urlquote(result[1]))
def GET(self, cur_page=1):
i = web.input()
cur_page = int(cur_page)
if cur_page == 0:
cur_page == 1
adminLib = adminlib.Admin()
result = adminLib.listAccounts(cur_page=cur_page)
if result[0] is True:
(total, records) = (result[1]['total'], result[1]['records'])
return web.render(
'mysql/admin/list.html',
cur_page=cur_page,
total=total,
admins=records,
msg=i.get('msg', None),
)
else:
raise web.seeother('/domains?msg=%s' % web.urlquote(result[1]))
def add(self, domain, data):
# Get domain name, username, cn.
self.domain = web.safestr(data.get('domainName')).strip().lower()
mail_local_part = web.safestr(data.get('username')).strip().lower()
self.mail = mail_local_part + '@' + self.domain
if not iredutils.is_domain(self.domain):
return (False, 'INVALID_DOMAIN_NAME')
if self.domain != domain:
return (False, 'PERMISSION_DENIED')
if not iredutils.is_email(self.mail):
return (False, 'INVALID_MAIL')
# Check account existing.
connutils = connUtils.Utils()
if connutils.is_email_exists(mail=self.mail):
return (False, 'ALREADY_EXISTS')
# Get domain profile.
domainLib = domainlib.Domain()
resultOfDomainProfile = domainLib.profile(domain=self.domain)
if resultOfDomainProfile[0] is True:
domainProfile = resultOfDomainProfile[1]
else:
return resultOfDomainProfile
# Check account limit.
adminLib = adminlib.Admin()
numberOfExistAccounts = adminLib.getNumberOfManagedAccounts(
accountType='user', domains=[self.domain])
if domainProfile.mailboxes == -1:
return (False, 'NOT_ALLOWED')
elif domainProfile.mailboxes > 0:
if domainProfile.mailboxes <= numberOfExistAccounts:
return (False, 'EXCEEDED_DOMAIN_ACCOUNT_LIMIT')
# Check spare quota and number of spare account limit.
# Get quota from <form>
mailQuota = str(data.get('mailQuota')).strip()
if mailQuota.isdigit():
mailQuota = int(mailQuota)
else:
mailQuota = 0
# Re-calculate mail quota if this domain has limited max quota.
if domainProfile.maxquota > 0:
# Get used quota.
qr = domainLib.getAllocatedQuotaSize(domain=self.domain)
if qr[0] is True:
allocatedQuota = qr[1]
else:
return qr
spareQuota = domainProfile.maxquota - allocatedQuota
if spareQuota > 0:
if spareQuota < mailQuota:
mailQuota = spareQuota
else:
# No enough quota.
return (False, 'EXCEEDED_DOMAIN_QUOTA_SIZE')
#
# Get password from <form>.
#
newpw = web.safestr(data.get('newpw', ''))
confirmpw = web.safestr(data.get('confirmpw', ''))
resultOfPW = iredutils.verify_new_password(
newpw,
confirmpw,
min_passwd_length=settings.min_passwd_length,
max_passwd_length=settings.max_passwd_length,
)
if resultOfPW[0] is True:
pwscheme = None
if 'storePasswordInPlainText' in data and settings.STORE_PASSWORD_IN_PLAIN_TEXT:
pwscheme = 'PLAIN'
passwd = iredutils.generate_password_hash(resultOfPW[1],
pwscheme=pwscheme)
else:
return resultOfPW
# Get display name from <form>
cn = data.get('cn', '')
# Get storage base directory.
tmpStorageBaseDirectory = settings.storage_base_directory.lower()
splitedSBD = tmpStorageBaseDirectory.rstrip('/').split('/')
storageNode = splitedSBD.pop()
storageBaseDirectory = '/'.join(splitedSBD)
try:
# Store new user in SQL db.
self.conn.insert(
'mailbox',
domain=self.domain,
username=self.mail,
password=passwd,
name=cn,
maildir=iredutils.generate_maildir_path(self.mail),
quota=mailQuota,
storagebasedirectory=storageBaseDirectory,
storagenode=storageNode,
mailboxformat=settings.MAILBOX_FORMAT,
created=iredutils.get_gmttime(),
active='1',
)
self.conn.insert('forwardings',
address=self.mail,
forwarding=self.mail,
domain=self.domain,
is_forwarding=1)
web.logger(
msg="Create user: %s." % (self.mail),
domain=self.domain,
event='create',
)
return (True, )
except Exception as e:
return (False, str(e))
def GET(self):
i = web.input(_unicode=False,)
# Get queries.
self.event = web.safestr(i.get('event', 'all'))
self.domain = web.safestr(i.get('domain', 'all'))
self.admin = web.safestr(i.get('admin', 'all'))
self.cur_page = web.safestr(i.get('page', '1'))
if not self.cur_page.isdigit() or self.cur_page == '0':
self.cur_page = 1
else:
self.cur_page = int(self.cur_page)
logLib = loglib.Log()
total, entries = logLib.listLogs(
event=self.event,
domain=self.domain,
admin=self.admin,
cur_page=self.cur_page,
)
# Pre-defined
allDomains = []
allAdmins = []
if cfg.general.backend == 'ldap':
# Get all domains under control.
domainLib = domain.Domain()
result = domainLib.listAccounts(attrs=['domainName'])
if result[0] is True:
allDomains = [ v[1]['domainName'][0] for v in result[1] ]
# Get all admins.
if session.get('domainGlobalAdmin') is True:
adminLib = admin.Admin()
result = adminLib.listAccounts(attrs=['mail'])
if result[0] is not False:
allAdmins = [ v[1]['mail'][0] for v in result[1] ]
else:
allAdmins = [self.admin]
elif cfg.general.backend == 'mysql':
domainLib = domainlib.Domain()
qr = domainLib.getAllDomains(columns=['domain'])
if qr[0] is True:
for r in qr[1]:
allDomains += [r.domain]
# Get all admins.
if session.get('domainGlobalAdmin') is True:
adminLib = adminlib.Admin()
qr = adminLib.getAllAdmins(columns=['username'])
if qr[0] is True:
for r in qr[1]:
allAdmins += [r.username]
else:
allAdmins = [self.admin]
return web.render(
'panel/log.html',
event=self.event,
domain=self.domain,
admin=self.admin,
allEvents=LOG_EVENTS,
cur_page=self.cur_page,
total=total,
entries=entries,
allDomains=allDomains,
allAdmins=allAdmins,
msg=i.get('msg'),
)
def add(self, domain, data):
# Get domain name, username, cn.
self.domain = web.safestr(data.get('domainName')).strip().lower()
self.username = web.safestr(data.get('username')).strip().lower()
self.mail = self.username + '@' + self.domain
if self.domain != domain:
return (False, 'PERMISSION_DENIED')
if not iredutils.isDomain(self.domain):
return (False, 'INVALID_DOMAIN_NAME')
# Check account existing.
connutils = connUtils.Utils()
if connutils.isEmailExists(mail=self.mail):
return (False, 'ALREADY_EXISTS')
# Get domain profile.
domainLib = domainlib.Domain()
resultOfDomainProfile = domainLib.profile(domain=self.domain)
if resultOfDomainProfile[0] is True:
self.domainProfile = resultOfDomainProfile[1]
else:
return resultOfDomainProfile
# Check account limit.
adminLib = adminlib.Admin()
numberOfExistAccounts = adminLib.getNumberOfManagedAccounts(
accountType='user', domains=[self.domain])
if self.domainProfile.mailboxes == 0:
# Unlimited.
pass
elif self.domainProfile.mailboxes <= numberOfExistAccounts:
return (False, 'EXCEEDED_DOMAIN_ACCOUNT_LIMIT')
# Check spare quota and number of spare account limit.
# Get quota from <form>
self.mailQuota = str(data.get('mailQuota')).strip()
self.defaultUserQuota = self.domainProfile.get('defaultuserquota', 0)
if self.mailQuota.isdigit():
self.mailQuota = int(self.mailQuota)
else:
self.mailQuota = self.defaultUserQuota
# Re-calculate mail quota if this domain has limited max quota.
if self.domainProfile.maxquota > 0:
# Get used quota.
qr = domainLib.getAllocatedQuotaSize(domain=self.domain)
if qr[0] is True:
self.allocatedQuota = qr[1]
else:
return qr
spareQuota = self.domainProfile.maxquota - self.allocatedQuota
if spareQuota > 0:
if spareQuota < self.mailQuota:
self.mailQuota = spareQuota
else:
# No enough quota.
return (False, 'EXCEEDED_DOMAIN_QUOTA_SIZE')
#
# Get password from <form>.
#
self.newpw = str(data.get('newpw', ''))
self.confirmpw = str(data.get('confirmpw', ''))
# Get password length limit from domain profile or global setting.
self.minPasswordLength = self.domainProfile.get(
'minpasswordlength', cfg.general.get('min_passwd_length', '0'))
self.maxPasswordLength = self.domainProfile.get(
'maxpasswordlength', cfg.general.get('max_passwd_length', '0'))
resultOfPW = iredutils.verifyNewPasswords(
self.newpw,
self.confirmpw,
min_passwd_length=self.minPasswordLength,
max_passwd_length=self.maxPasswordLength,
)
if resultOfPW[0] is True:
self.passwd = iredutils.getSQLPassword(resultOfPW[1])
else:
return resultOfPW
# Get display name from <form>
self.cn = data.get('cn', '')
# Assign new user to default mail aliases.
assignedAliases = [
str(v).lower()
for v in str(self.domainProfile.defaultuseraliases).split(',')
if iredutils.isEmail(v)
]
try:
# Store new user in SQL db.
self.conn.insert(
'mailbox',
domain=self.domain,
username=self.mail,
password=self.passwd,
name=self.cn,
maildir=iredutils.setMailMessageStore(self.mail),
quota=self.mailQuota,
created=iredutils.sqlNOW,
active='1',
local_part=self.username,
)
# Assign new user to default mail aliases.
if len(assignedAliases) > 0:
for ali in assignedAliases:
try:
self.conn.query('''
UPDATE alias
SET goto=CONCAT(goto, %s)
WHERE address=%s AND domain=%s
''' % (
web.sqlquote(',' + self.mail),
web.sqlquote(ali),
web.sqlquote(self.domain),
))
except:
pass
# Create an alias account: address=goto.
self.conn.insert(
'alias',
address=self.mail,
goto=self.mail,
domain=self.domain,
created=iredutils.sqlNOW,
active='1',
)
web.logger(
msg="Create user: %s." % (self.mail),
domain=self.domain,
event='create',
)
return (True, )
except Exception, e:
return (False, str(e))
