def contact_detail_route(contact_id):
contact = Contact.get(contact_id)
if not contact or contact.user_id != current_user.id:
flash("You cannot see this page", "warning")
return redirect(url_for("dashboard.index"))
alias = contact.alias
if request.method == "POST":
if request.form.get("form-name") == "pgp":
if request.form.get("action") == "save":
if not current_user.is_premium():
flash("Only premium plan can add PGP Key", "warning")
return redirect(
url_for("dashboard.contact_detail_route",
contact_id=contact_id))
contact.pgp_public_key = request.form.get("pgp")
try:
contact.pgp_finger_print = load_public_key_and_check(
contact.pgp_public_key)
except PGPException:
flash("Cannot add the public key, please verify it",
"error")
else:
db.session.commit()
flash(
f"PGP public key for {contact.email} is saved successfully",
"success",
)
return redirect(
url_for("dashboard.contact_detail_route",
contact_id=contact_id))
elif request.form.get("action") == "remove":
# Free user can decide to remove contact PGP key
contact.pgp_public_key = None
contact.pgp_finger_print = None
db.session.commit()
flash(f"PGP public key for {contact.email} is removed",
"success")
return redirect(
url_for("dashboard.contact_detail_route",
contact_id=contact_id))
return render_template("dashboard/contact_detail.html",
contact=contact,
alias=alias)
def mailbox_detail_route(mailbox_id):
mailbox = Mailbox.get(mailbox_id)
if not mailbox or mailbox.user_id != current_user.id:
flash("You cannot see this page", "warning")
return redirect(url_for("dashboard.index"))
change_email_form = ChangeEmailForm()
if mailbox.new_email:
pending_email = mailbox.new_email
else:
pending_email = None
if request.method == "POST":
if (request.form.get("form-name") == "update-email"
and change_email_form.validate_on_submit()):
new_email = change_email_form.email.data.lower().strip()
if new_email != mailbox.email and not pending_email:
# check if this email is not already used
if mailbox_already_used(
new_email,
current_user) or Alias.get_by(email=new_email):
flash(f"Email {new_email} already used", "error")
elif not email_can_be_used_as_mailbox(new_email):
flash("You cannot use this email address as your mailbox",
"error")
else:
mailbox.new_email = new_email
db.session.commit()
try:
verify_mailbox_change(current_user, mailbox, new_email)
except SMTPRecipientsRefused:
flash(
f"Incorrect mailbox, please recheck {mailbox.email}",
"error",
)
else:
flash(
f"You are going to receive an email to confirm {new_email}.",
"success",
)
return redirect(
url_for("dashboard.mailbox_detail_route",
mailbox_id=mailbox_id))
elif request.form.get("form-name") == "force-spf":
if not ENFORCE_SPF:
flash("SPF enforcement globally not enabled", "error")
return redirect(url_for("dashboard.index"))
mailbox.force_spf = (True if request.form.get("spf-status") == "on"
else False)
db.session.commit()
flash(
"SPF enforcement was " +
"enabled" if request.form.get("spf-status") else "disabled" +
" successfully",
"success",
)
return redirect(
url_for("dashboard.mailbox_detail_route",
mailbox_id=mailbox_id))
elif request.form.get("form-name") == "add-authorized-address":
address = request.form.get("email").lower().strip().replace(
" ", "")
if AuthorizedAddress.get_by(mailbox_id=mailbox.id, email=address):
flash(f"{address} already added", "error")
else:
AuthorizedAddress.create(
user_id=current_user.id,
mailbox_id=mailbox.id,
email=address,
commit=True,
)
flash(f"{address} added as authorized address", "success")
return redirect(
url_for("dashboard.mailbox_detail_route",
mailbox_id=mailbox_id))
elif request.form.get("form-name") == "delete-authorized-address":
authorized_address_id = request.form.get("authorized-address-id")
authorized_address: AuthorizedAddress = AuthorizedAddress.get(
authorized_address_id)
if not authorized_address or authorized_address.mailbox_id != mailbox.id:
flash("Unknown error. Refresh the page", "warning")
else:
address = authorized_address.email
AuthorizedAddress.delete(authorized_address_id)
db.session.commit()
flash(f"{address} has been deleted", "success")
return redirect(
url_for("dashboard.mailbox_detail_route",
mailbox_id=mailbox_id))
elif request.form.get("form-name") == "pgp":
if request.form.get("action") == "save":
if not current_user.is_premium():
flash("Only premium plan can add PGP Key", "warning")
return redirect(
url_for("dashboard.mailbox_detail_route",
mailbox_id=mailbox_id))
mailbox.pgp_public_key = request.form.get("pgp")
try:
mailbox.pgp_finger_print = load_public_key_and_check(
mailbox.pgp_public_key)
except PGPException:
flash("Cannot add the public key, please verify it",
"error")
else:
db.session.commit()
flash("Your PGP public key is saved successfully",
"success")
return redirect(
url_for("dashboard.mailbox_detail_route",
mailbox_id=mailbox_id))
elif request.form.get("action") == "remove":
# Free user can decide to remove their added PGP key
mailbox.pgp_public_key = None
mailbox.pgp_finger_print = None
mailbox.disable_pgp = False
db.session.commit()
flash("Your PGP public key is removed successfully", "success")
return redirect(
url_for("dashboard.mailbox_detail_route",
mailbox_id=mailbox_id))
elif request.form.get("form-name") == "toggle-pgp":
if request.form.get("pgp-enabled") == "on":
mailbox.disable_pgp = False
flash(f"PGP is enabled on {mailbox.email}", "success")
else:
mailbox.disable_pgp = True
flash(f"PGP is disabled on {mailbox.email}", "info")
db.session.commit()
return redirect(
url_for("dashboard.mailbox_detail_route",
mailbox_id=mailbox_id))
elif request.form.get("form-name") == "generic-subject":
if request.form.get("action") == "save":
if not mailbox.pgp_enabled():
flash(
"Generic subject can only be used on PGP-enabled mailbox",
"error",
)
return redirect(
url_for("dashboard.mailbox_detail_route",
mailbox_id=mailbox_id))
mailbox.generic_subject = request.form.get("generic-subject")
db.session.commit()
flash("Generic subject for PGP-encrypted email is enabled",
"success")
return redirect(
url_for("dashboard.mailbox_detail_route",
mailbox_id=mailbox_id))
elif request.form.get("action") == "remove":
mailbox.generic_subject = None
db.session.commit()
flash("Generic subject for PGP-encrypted email is disabled",
"success")
return redirect(
url_for("dashboard.mailbox_detail_route",
mailbox_id=mailbox_id))
spf_available = ENFORCE_SPF
return render_template("dashboard/mailbox_detail.html", **locals())