Example #1
0
    def add(self, data):
        self.domain = web.safestr(data.get('domainName', '')).strip().lower()

        # Get company/organization name.
        self.cn = data.get('cn', '')

        # Check domain name.
        if not iredutils.isDomain(self.domain):
            return (False, 'INVALID_DOMAIN_NAME')

        # Check whether domain name already exist (domainName, domainAliasName).
        connutils = connUtils.Utils()
        if connutils.isDomainExists(self.domain):
            return (False, 'ALREADY_EXISTS')

        # Add domain in database.
        try:
            self.conn.insert(
                'domain',
                domain=self.domain,
                description=self.cn,
                transport=cfg.general.get('transport', 'dovecot'),
                created=iredutils.sqlNOW,
                active='1',
            )
            web.logger(msg="Create domain: %s." % (self.domain), domain=self.domain, event='create',)
        except Exception, e:
            return (False, str(e))
Example #2
0
    def delete(self, domains=[]):
        if not isinstance(domains, types.ListType):
            return (False, 'INVALID_DOMAIN_NAME')

        self.domains = [str(v).lower()
                        for v in domains
                        if iredutils.isDomain(v)
                       ]
        self.sql_domains = web.sqlquote(domains)

        # Delete domain and related records.
        try:
            self.conn.delete('alias', where='domain IN %s' % self.sql_domains)
            self.conn.delete(
                'alias_domain',
                where='alias_domain IN %s OR target_domain IN %s' % (self.sql_domains,self.sql_domains,),
            )
            self.conn.delete('domain_admins', where='domain IN %s' % self.sql_domains)
            self.conn.delete('mailbox', where='domain IN %s' % self.sql_domains)
            self.conn.delete('recipient_bcc_domain', where='domain IN %s' % self.sql_domains)
            self.conn.delete('recipient_bcc_user', where='domain IN %s' % self.sql_domains)
            self.conn.delete('sender_bcc_domain', where='domain IN %s' % self.sql_domains)
            self.conn.delete('sender_bcc_user', where='domain IN %s' % self.sql_domains)

            # Finally, delete from table `domain` to make sure all related
            # records were deleted.
            self.conn.delete('domain', where='domain IN %s' % self.sql_domains)

            for d in self.domains:
                web.logger(msg="Delete domain: %s." % (d), domain=d, event='delete',)
            return (True,)
        except Exception, e:
            return (False, str(e))
Example #3
0
    def delete(self, domain, mails=[]):
        self.domain = str(domain)
        if not iredutils.isDomain(self.domain):
            return (False, 'INVALID_DOMAIN_NAME')

        if not isinstance(mails, types.ListType):
            return (False, 'INVALID_MAIL')

        self.mails = [str(v).lower() for v in mails if iredutils.isEmail(v) and str(v).endswith('@'+self.domain)]
        self.sqlMails = web.sqlquote(self.mails)

        # Delete domain and related records.
        try:
            self.conn.delete('mailbox', where='username IN %s' % self.sqlMails)
            self.conn.delete('alias', where='address IN %s' % self.sqlMails)
            self.conn.delete('recipient_bcc_user', where='username IN %s' % self.sqlMails)
            self.conn.delete('sender_bcc_user', where='username IN %s' % self.sqlMails)

            # TODO Remove email from alias.goto.
            #self.conn.delete()

            web.logger(
                msg="Delete user: %s." % ', '.join(self.mails),
                domain=self.domain,
                event='delete',
            )

            return (True,)
        except Exception, e:
            return (False, str(e))
    def add(self, data):
        # msg: {key: value}
        msg = {}
        self.domain = web.safestr(data.get('domainName', '')).strip().lower()

        # Check domain name.
        if not iredutils.isDomain(self.domain):
            return (False, 'INVALID_DOMAIN_NAME')

        # Check whether domain name already exist (domainName, domainAliasName).
        connutils = connUtils.Utils()
        if connutils.isDomainExists(self.domain):
            return (False, 'ALREADY_EXISTS')

        self.dn = ldaputils.convKeywordToDN(self.domain, accountType='domain')

        self.cn = data.get('cn', None)
        ldif = iredldif.ldif_maildomain(domain=self.domain, cn=self.cn,)

        # Add domain dn.
        try:
            result = self.conn.add_s(self.dn, ldif)
            web.logger(msg="Create domain: %s." % (self.domain), domain=self.domain, event='create',)
        except ldap.ALREADY_EXISTS:
            msg[self.domain] = 'ALREADY_EXISTS'
        except ldap.LDAPError, e:
            msg[self.domain] = str(e)
Example #5
0
    def delete(self, domain, mails=None, keep_mailbox_days=0):
        domain = str(domain).lower()

        if not iredutils.is_domain(domain):
            return (False, 'INVALID_DOMAIN_NAME')

        if not mails:
            return (False, 'INVALID_MAIL')

        mails = [
            str(v).lower() for v in mails
            if iredutils.is_email(v) and str(v).endswith('@' + domain)
        ]

        if not mails:
            return (False, 'INVALID_MAIL')

        # Delete user and related records.
        try:
            qr = self.deleteAccounts(accounts=mails,
                                     accountType='user',
                                     keep_mailbox_days=keep_mailbox_days)
            if qr[0] is True:
                web.logger(
                    msg="Delete user: %s." % ', '.join(mails),
                    domain=domain,
                    event='delete',
                )
            else:
                return qr

            return (True, )
        except Exception as e:
            return (False, str(e))
Example #6
0
    def add(self, data):
        domain = web.safestr(data.get('domainName', '')).strip().lower()

        # Get company/organization name.
        cn = data.get('cn', '')

        # Check domain name.
        if not iredutils.is_domain(domain):
            return (False, 'INVALID_DOMAIN_NAME')

        # Check whether domain name already exist (domainName, domainAliasName).
        connutils = connUtils.Utils()
        if connutils.is_domain_exists(domain):
            return (False, 'ALREADY_EXISTS')

        # Add domain in database.
        try:
            self.conn.insert(
                'domain',
                domain=domain,
                description=cn,
                transport=settings.default_mta_transport,
                created=iredutils.get_gmttime(),
                active='1',
            )
            web.logger(
                msg="Create domain: %s." % (domain),
                domain=domain,
                event='create',
            )
        except Exception, e:
            return (False, str(e))
Example #7
0
    def delete(self, domain, mails=[]):
        self.domain = str(domain)
        if not iredutils.isDomain(self.domain):
            return (False, 'INVALID_DOMAIN_NAME')

        if not isinstance(mails, types.ListType):
            return (False, 'INVALID_MAIL')

        self.mails = [
            str(v).lower() for v in mails
            if iredutils.isEmail(v) and str(v).endswith('@' + self.domain)
        ]
        self.sqlMails = web.sqlquote(self.mails)

        # Delete domain and related records.
        try:
            self.conn.delete('mailbox', where='username IN %s' % self.sqlMails)
            self.conn.delete('alias', where='address IN %s' % self.sqlMails)
            self.conn.delete('recipient_bcc_user',
                             where='username IN %s' % self.sqlMails)
            self.conn.delete('sender_bcc_user',
                             where='username IN %s' % self.sqlMails)

            # TODO Remove email from alias.goto.
            #self.conn.delete()

            web.logger(
                msg="Delete user: %s." % ', '.join(self.mails),
                domain=self.domain,
                event='delete',
            )

            return (True, )
        except Exception, e:
            return (False, str(e))
Example #8
0
    def enableOrDisableAccount(self, domain, account, dn, action, accountTypeInLogger=None):
        self.domain = web.safestr(domain).strip().lower()
        self.account = web.safestr(account).strip().lower()
        self.dn = escape_filter_chars(web.safestr(dn))

        # Validate operation action.
        if action in ['enable', 'disable',]:
            self.action = action
        else:
            return (False, 'INVALID_ACTION')

        # Set value of valid account status.
        if action == 'enable':
            self.status = attrs.ACCOUNT_STATUS_ACTIVE
        else:
            self.status = attrs.ACCOUNT_STATUS_DISABLED

        try:
            self.updateAttrSingleValue(
                dn=self.dn,
                attr='accountStatus',
                value=self.status,
            )

            if accountTypeInLogger is not None:
                web.logger(
                    msg="%s %s: %s." % (str(action).capitalize(), str(accountTypeInLogger), self.account),
                    domain=self.domain,
                    event=self.action,
                )

            return (True,)
        except ldap.LDAPError, e:
            return (False, ldaputils.getExceptionDesc(e))
Example #9
0
    def delete(self, domain, mails=[]):
        domain = str(domain)
        if not iredutils.is_domain(domain):
            return (False, 'INVALID_DOMAIN_NAME')

        if not isinstance(mails, list):
            return (False, 'INVALID_MAIL')

        mails = [str(v).lower() for v in mails if iredutils.is_email(v) and str(v).endswith('@' + domain)]
        if not mails:
            return (False, 'INVALID_MAIL')

        # Delete user and related records.
        try:
            qr = self.deleteAccounts(accounts=mails, accountType='user')
            if qr[0] is True:
                web.logger(
                    msg="Delete user: %s." % ', '.join(mails),
                    domain=domain,
                    event='delete',
                )
            else:
                return qr

            return (True,)
        except Exception, e:
            return (False, str(e))
Example #10
0
    def add(self, data):
        self.domain = web.safestr(data.get('domainName', '')).strip().lower()

        # Get company/organization name.
        cn = data.get('cn', '')

        # Check domain name.
        if not iredutils.isDomain(self.domain):
            return (False, 'INVALID_DOMAIN_NAME')

        # Check whether domain name already exist (domainName, domainAliasName).
        connutils = connUtils.Utils()
        if connutils.isDomainExists(self.domain):
            return (False, 'ALREADY_EXISTS')

        # Add domain in database.
        try:
            self.conn.insert(
                'dbmail_domains',
                domain=self.domain,
                description=cn,
                transport=settings.DBMAIL_DEFAULT_DOMAIN_TRANSPORT,
            )
            web.logger(
                msg="Create domain: %s." % (self.domain),
                domain=self.domain,
                event='create',
            )
        except Exception, e:
            return (False, str(e))
Example #11
0
    def deleteSingleUser(
        self,
        mail,
        deleteFromGroups=True,
    ):
        self.mail = web.safestr(mail)
        if not iredutils.isEmail(self.mail):
            return (False, 'INVALID_MAIL')

        # Get domain name of this account.
        self.domain = self.mail.split('@')[-1]

        # Get dn of mail user and domain.
        self.dnUser = ldaputils.convKeywordToDN(self.mail, accountType='user')

        # Delete user object.
        try:
            #deltree.DelTree(self.conn, self.dnUser, ldap.SCOPE_SUBTREE)
            self.conn.delete_s(self.dnUser)

            if deleteFromGroups:
                self.deleteSingleUserFromGroups(self.mail)

            # Log delete action.
            web.logger(
                msg="Delete user: %s." % (self.mail),
                domain=self.domain,
                event='delete',
            )
            return (True, )
        except ldap.LDAPError, e:
            return (False, ldaputils.getExceptionDesc(e))
Example #12
0
    def delete(self, mails=[]):
        if not isinstance(mails, list):
            return (False, 'INVALID_MAIL')

        self.mails = [str(v).lower() for v in mails if iredutils.is_email(v)]
        sql_vars = {
            'username': self.mails,
        }

        # Delete domain and related records.
        try:
            self.conn.delete(
                'admin',
                vars=sql_vars,
                where='username IN $username',
            )
            self.conn.delete(
                'domain_admins',
                vars=sql_vars,
                where='username IN $username',
            )

            web.logger(
                msg="Delete admin: %s." % ', '.join(self.mails),
                event='delete',
            )
            return (True, )
        except Exception as e:
            return (False, str(e))
Example #13
0
    def deleteSingleUser(self, mail, deleteFromGroups=True,):
        self.mail = web.safestr(mail)
        if not iredutils.isEmail(self.mail):
            return (False, 'INVALID_MAIL')

        # Get domain name of this account.
        self.domain = self.mail.split('@')[-1]

        # Get dn of mail user and domain.
        self.dnUser = ldaputils.convKeywordToDN(self.mail, accountType='user')

        # Delete user object.
        try:
            #deltree.DelTree(self.conn, self.dnUser, ldap.SCOPE_SUBTREE)
            self.conn.delete_s(self.dnUser)

            if deleteFromGroups:
                self.deleteSingleUserFromGroups(self.mail)

            # Log delete action.
            web.logger(
                    msg="Delete user: %s." % (self.mail),
                    domain=self.domain,
                    event='delete',
            )
            return (True,)
        except ldap.LDAPError, e:
            return (False, ldaputils.getExceptionDesc(e))
Example #14
0
    def deleteObjWithDN(
        self,
        domain,
        dn,
        account,
        accountType,
    ):
        self.domain = web.safestr(domain)
        if not iredutils.is_domain(self.domain):
            return (False, 'INVALID_DOMAIN_NAME')

        self.dn = escape_filter_chars(dn)

        # Used for logger.
        self.account = web.safestr(account)

        try:
            delete_ldap_tree(dn=self.dn, conn=self.conn)
            web.logger(
                msg="Delete %s: %s." % (str(accountType), self.account),
                domain=self.domain,
                event='delete',
            )

            return (True, )
        except Exception, e:
            return (False, ldaputils.getExceptionDesc(e))
Example #15
0
    def POST(self):
        # Get username, password.
        i = web.input(_unicode=False)

        username = web.safestr(i.get('username').strip())
        password = str(i.get('password').strip())
        save_pass = web.safestr(i.get('save_pass', 'no').strip())

        auth = core.Auth()
        auth_result = auth.auth(username=username, password=password)

        if auth_result[0] is True:
            # Config session data.
            web.config.session_parameters['cookie_name'] = 'iRedAdmin-Pro'
            # Session expire when client ip was changed.
            web.config.session_parameters['ignore_change_ip'] = False
            # Don't ignore session expiration.
            web.config.session_parameters['ignore_expiry'] = False

            if save_pass == 'yes':
                # Session timeout (in seconds).
                web.config.session_parameters['timeout'] = 86400    # 24 hours
            else:
                # Expire session when browser closed.
                web.config.session_parameters['timeout'] = 600      # 10 minutes

            web.logger(msg="Login success", event='login',)
            raise web.seeother('/dashboard/checknew')
        else:
            session['failedTimes'] += 1
            web.logger(msg="Login failed.", admin=username, event='login', loglevel='error',)
            raise web.seeother('/login?msg=%s' % web.urlquote(auth_result[1]))
Example #16
0
    def delete(self, mails):
        if mails is None or len(mails) == 0:
            return (False, "NO_ACCOUNT_SELECTED")

        result = {}

        for mail in mails:
            self.mail = web.safestr(mail)
            dn = ldaputils.convert_keyword_to_dn(self.mail, accountType="admin")
            if dn[0] is False:
                return dn

            try:
                deltree.DelTree(self.conn, dn, ldap.SCOPE_SUBTREE)
                web.logger(msg="Delete admin: %s." % (self.mail,), event="delete")
            except ldap.NO_SUCH_OBJECT:
                # This is a mail user admin
                dn = ldaputils.convert_keyword_to_dn(self.mail, accountType="user")
                try:
                    connutils = connUtils.Utils()
                    # Delete enabledService=domainadmin
                    connutils.addOrDelAttrValue(dn=dn, attr="enabledService", value="domainadmin", action="delete")

                    # Delete domainGlobalAdmin=yes
                    connutils.addOrDelAttrValue(dn=dn, attr="domainGlobalAdmin", value="yes", action="delete")
                    web.logger(msg="Delete admin: %s." % (self.mail), event="delete")
                except Exception, e:
                    result[self.mail] = str(e)
            except ldap.LDAPError, e:
                result[self.mail] = str(e)
Example #17
0
    def deleteSingleUser(self, mail, deleteFromGroups=True):
        self.mail = web.safestr(mail)
        if not iredutils.is_email(self.mail):
            return (False, "INVALID_MAIL")

        # Get domain name of this account.
        self.domain = self.mail.split("@")[-1]

        # Get dn of mail user and domain.
        self.dnUser = ldaputils.convert_keyword_to_dn(self.mail, accountType="user")
        if self.dnUser[0] is False:
            return self.dnUser

        # Delete user object.
        try:
            # Delete single object.
            # self.conn.delete_s(self.dnUser)

            # Delete object and its subtree.
            deltree.DelTree(self.conn, self.dnUser, ldap.SCOPE_SUBTREE)

            if deleteFromGroups:
                self.deleteSingleUserFromGroups(self.mail)

            # Delete record from SQL database: real-time used quota.
            try:
                connUtils.deleteAccountFromUsedQuota([self.mail])
            except Exception, e:
                pass

            # Log delete action.
            web.logger(msg="Delete user: %s." % (self.mail), domain=self.domain, event="delete")
            return (True,)
Example #18
0
    def POST(self):
        # Get username, password.
        i = web.input(_unicode=False)

        username = web.safestr(i.get('username').strip())
        password = str(i.get('password').strip())
        save_pass = web.safestr(i.get('save_pass', 'no').strip())

        auth = core.Auth()
        auth_result = auth.auth(username=username, password=password)

        if auth_result[0] is True:
            # Config session data.
            web.config.session_parameters['cookie_name'] = 'iRedAdmin'
            # Session expire when client ip was changed.
            web.config.session_parameters['ignore_change_ip'] = False
            # Don't ignore session expiration.
            web.config.session_parameters['ignore_expiry'] = False

            if save_pass == 'yes':
                # Session timeout (in seconds).
                web.config.session_parameters['timeout'] = 86400    # 24 hours
            else:
                # Expire session when browser closed.
                web.config.session_parameters['timeout'] = 600      # 10 minutes

            web.logger(msg="Login success", event='login',)
            return web.seeother('/dashboard/checknew')
        else:
            session['failedTimes'] += 1
            web.logger(msg="Login failed.", admin=username, event='login', loglevel='error',)
            return web.seeother('/login?msg=%s' % auth_result[1])
Example #19
0
    def delete(self, domains=[]):
        if not isinstance(domains, list):
            return (False, 'INVALID_DOMAIN_NAME')

        domains = [str(v).lower() for v in domains if iredutils.is_domain(v)]

        if not domains:
            return (True, )

        msg = {}
        for domain in domains:
            dn = ldaputils.convert_keyword_to_dn(web.safestr(domain),
                                                 accountType='domain')
            if dn[0] is False:
                return dn

            try:
                deltree.DelTree(self.conn, dn, ldap.SCOPE_SUBTREE)
                web.logger(
                    msg="Delete domain: %s." % (domain),
                    domain=domain,
                    event='delete',
                )
            except ldap.LDAPError, e:
                msg[domain] = str(e)
Example #20
0
    def add(self, data):
        domain = web.safestr(data.get('domainName', '')).strip().lower()

        # Get company/organization name.
        cn = data.get('cn', '')

        # Check domain name.
        if not iredutils.is_domain(domain):
            return (False, 'INVALID_DOMAIN_NAME')

        # Check whether domain name already exist (domainName, domainAliasName).
        connutils = connUtils.Utils()
        if connutils.is_domain_exists(domain):
            return (False, 'ALREADY_EXISTS')

        # Add domain in database.
        try:
            self.conn.insert(
                'domain',
                domain=domain,
                description=cn,
                transport=settings.default_mta_transport,
                created=iredutils.get_gmttime(),
                active='1',
            )
            web.logger(msg="Create domain: %s." % (domain), domain=domain, event='create',)
        except Exception, e:
            return (False, str(e))
Example #21
0
    def add(self, data):
        self.domain = web.safestr(data.get("domainName", "")).strip().lower()

        # Get company/organization name.
        self.cn = data.get("cn", "")

        # Check domain name.
        if not iredutils.isDomain(self.domain):
            return (False, "INVALID_DOMAIN_NAME")

        # Check whether domain name already exist (domainName, domainAliasName).
        connutils = connUtils.Utils()
        if connutils.isDomainExists(self.domain):
            return (False, "ALREADY_EXISTS")

        # Add domain in database.
        try:
            self.conn.insert(
                "domain",
                domain=self.domain,
                description=self.cn,
                transport=cfg.general.get("transport", "dovecot"),
                created=iredutils.sqlNOW,
                active="1",
            )
            web.logger(msg="Create domain: %s." % (self.domain), domain=self.domain, event="create")
        except Exception, e:
            return (False, str(e))
Example #22
0
    def add(self, data):
        # msg: {key: value}
        msg = {}
        self.domain = web.safestr(data.get('domainName', '')).strip().lower()

        # Check domain name.
        if not iredutils.is_domain(self.domain):
            return (False, 'INVALID_DOMAIN_NAME')

        # Check whether domain name already exist (domainName, domainAliasName).
        connutils = connUtils.Utils()
        if connutils.is_domain_exists(self.domain):
            return (False, 'ALREADY_EXISTS')

        self.dn = ldaputils.convert_keyword_to_dn(self.domain, accountType='domain')
        if self.dn[0] is False:
            return self.dn

        self.cn = data.get('cn', None)
        ldif = iredldif.ldif_maildomain(domain=self.domain, cn=self.cn,)

        # Add domain dn.
        try:
            self.conn.add_s(self.dn, ldif)
            web.logger(msg="Create domain: %s." % (self.domain), domain=self.domain, event='create',)
        except ldap.ALREADY_EXISTS:
            msg[self.domain] = 'ALREADY_EXISTS'
        except ldap.LDAPError, e:
            msg[self.domain] = str(e)
Example #23
0
    def delete(self, domains=[]):
        if not isinstance(domains, types.ListType):
            return (False, "INVALID_DOMAIN_NAME")

        self.domains = [str(v).lower() for v in domains if iredutils.isDomain(v)]
        self.sql_domains = web.sqlquote(domains)

        # Delete domain and related records.
        try:
            self.conn.delete("alias", where="domain IN %s" % self.sql_domains)
            self.conn.delete(
                "alias_domain", where="alias_domain IN %s OR target_domain IN %s" % (self.sql_domains, self.sql_domains)
            )
            self.conn.delete("domain_admins", where="domain IN %s" % self.sql_domains)
            self.conn.delete("mailbox", where="domain IN %s" % self.sql_domains)
            self.conn.delete("recipient_bcc_domain", where="domain IN %s" % self.sql_domains)
            self.conn.delete("recipient_bcc_user", where="domain IN %s" % self.sql_domains)
            self.conn.delete("sender_bcc_domain", where="domain IN %s" % self.sql_domains)
            self.conn.delete("sender_bcc_user", where="domain IN %s" % self.sql_domains)

            # Finally, delete from table `domain` to make sure all related
            # records were deleted.
            self.conn.delete("domain", where="domain IN %s" % self.sql_domains)

            for d in self.domains:
                web.logger(msg="Delete domain: %s." % (d), domain=d, event="delete")
            return (True,)
        except Exception, e:
            return (False, str(e))
Example #24
0
    def enableOrDisableAccount(self, domain, account, dn, action, accountTypeInLogger=None):
        self.domain = web.safestr(domain).strip().lower()
        self.account = web.safestr(account).strip().lower()
        self.dn = escape_filter_chars(web.safestr(dn))

        # Validate operation action.
        if action in ["enable", "disable"]:
            self.action = action
        else:
            return (False, "INVALID_ACTION")

        # Set value of valid account status.
        if action == "enable":
            self.status = attrs.ACCOUNT_STATUS_ACTIVE
        else:
            self.status = attrs.ACCOUNT_STATUS_DISABLED

        try:
            self.updateAttrSingleValue(dn=self.dn, attr="accountStatus", value=self.status)

            if accountTypeInLogger is not None:
                web.logger(
                    msg="%s %s: %s." % (str(action).capitalize(), str(accountTypeInLogger), self.account),
                    domain=self.domain,
                    event=self.action,
                )

            return (True,)
        except ldap.LDAPError, e:
            return (False, ldaputils.getExceptionDesc(e))
Example #25
0
    def setAccountStatus(self, accounts, accountType, active=True):
        # accounts must be a list/tuple.
        # accountType in ['domain', 'user', 'admin']
        # active: True -> active, False -> disabled
        if not len(accounts) > 0:
            return (True,)

        accountType = str(accountType)
        if active is True:
            active = 1
            action = 'Active'
        else:
            active = 0
            action = 'Disable'

        if accountType == 'domain':
            accounts = [str(v) for v in accounts if iredutils.is_domain(v)]
            try:
                self.conn.update(
                    'domain',
                    vars={'accounts': accounts},
                    where='domain IN $accounts',
                    active=active,
                )
            except Exception as e:
                return (False, str(e))
        elif accountType == 'user':
            accounts = [str(v) for v in accounts if iredutils.is_email(v)]
            try:
                self.conn.update(
                    'mailbox',
                    vars={'accounts': accounts},
                    where='username IN $accounts',
                    active=active,
                )
            except Exception as e:
                return (False, str(e))
        elif accountType == 'admin':
            accounts = [str(v) for v in accounts if iredutils.is_email(v)]
            try:
                self.conn.update(
                    'admin',
                    vars={'accounts': accounts},
                    where='username IN $accounts',
                    active=active,
                )
            except Exception as e:
                return (False, str(e))
        else:
            pass

        try:
            web.logger(
                msg="%s %s: %s." % (action, accountType, ', '.join(accounts)),
                event=action.lower(),
            )
        except:
            pass
        return (True,)
Example #26
0
    def add(self, data):
        # msg: {key: value}
        msg = {}
        self.domain = web.safestr(data.get('domainName', '')).strip().lower()

        # Check domain name.
        if not iredutils.is_domain(self.domain):
            return (False, 'INVALID_DOMAIN_NAME')

        # Check whether domain name already exist (domainName, domainAliasName).
        connutils = connUtils.Utils()
        if connutils.is_domain_exists(self.domain):
            return (False, 'ALREADY_EXISTS')

        self.dn = ldaputils.convert_keyword_to_dn(self.domain,
                                                  accountType='domain')
        if self.dn[0] is False:
            return self.dn

        self.cn = data.get('cn', None)
        ldif = iredldif.ldif_maildomain(
            domain=self.domain,
            cn=self.cn,
        )

        # Add domain dn.
        try:
            self.conn.add_s(self.dn, ldif)
            web.logger(
                msg="Create domain: %s." % (self.domain),
                domain=self.domain,
                event='create',
            )
        except ldap.ALREADY_EXISTS:
            msg[self.domain] = 'ALREADY_EXISTS'
        except ldap.LDAPError as e:
            msg[self.domain] = str(e)

        # Add default groups under domain.
        if len(attrs.DEFAULT_GROUPS) >= 1:
            for i in attrs.DEFAULT_GROUPS:
                try:
                    group_dn = 'ou=' + str(i) + ',' + str(self.dn)
                    group_ldif = iredldif.ldif_group(str(i))

                    self.conn.add_s(group_dn, group_ldif)
                except ldap.ALREADY_EXISTS:
                    pass
                except ldap.LDAPError as e:
                    msg[i] = str(e)
        else:
            pass

        if len(msg) == 0:
            return (True, )
        else:
            return (False, ldaputils.getExceptionDesc(msg))
Example #27
0
    def delete(self, domains=[]):
        if not isinstance(domains, list):
            return (False, 'INVALID_DOMAIN_NAME')

        domains = [str(v).lower() for v in domains if iredutils.is_domain(v)]

        if not domains:
            return (True, )

        sql_vars = {
            'domains': domains,
        }

        # Delete domain and related records.
        try:
            self.conn.delete(
                'domain',
                vars=sql_vars,
                where='domain IN $domains',
            )

            self.conn.delete(
                'alias_domain',
                vars=sql_vars,
                where='alias_domain IN $domains OR target_domain IN $domains',
            )

            for tbl in ['alias', 'domain_admins', 'mailbox', \
                        'recipient_bcc_domain', 'recipient_bcc_user', \
                        'sender_bcc_domain', 'sender_bcc_user', \
                       ]:
                self.conn.delete(
                    tbl,
                    vars=sql_vars,
                    where='domain IN $domains',
                )

            # Delete real-time mailbox quota.
            try:
                self.conn.query(
                    'DELETE FROM used_quota WHERE %s' % \
                    web.sqlors('username LIKE ', ['%@' + d for d in domains])
                )
            except:
                pass

            for d in domains:
                web.logger(
                    msg="Delete domain: %s." % (d),
                    domain=d,
                    event='delete',
                )

            return (True, )
        except Exception, e:
            return (False, str(e))
Example #28
0
    def POST(self):
        # Get username, password.
        i = web.input(_unicode=False)

        username = web.safestr(i.get('username', '').strip())
        password = i.get('password', '').strip()
        save_pass = web.safestr(i.get('save_pass', 'no').strip())

        if not iredutils.isEmail(username):
            return web.seeother('/login?msg=INVALID_USERNAME')

        if len(password) == 0:
            return web.seeother('/login?msg=EMPTY_PASSWORD')

        # Convert username to ldap dn.
        userdn = ldaputils.convKeywordToDN(username, accountType='admin')

        # Return True if auth success, otherwise return error msg.
        self.auth_result = auth.Auth(cfg.ldap.get('uri', 'ldap://127.0.0.1/'), userdn, password,)

        if self.auth_result is True:
            session['username'] = username
            session['logged'] = True

            # Read preferred language from db.
            adminLib = adminlib.Admin()
            #session['lang'] = adminLib.getPreferredLanguage(userdn) or cfg.general.get('lang', 'en_US')
            adminProfile = adminLib.profile(username)
            if adminProfile[0] is True:
                cn = adminProfile[1][0][1].get('cn', [None])[0]
                lang = adminProfile[1][0][1].get('preferredLanguage', [cfg.general.get('lang', 'en_US')])[0]

                session['cn'] = cn
                session['lang'] = lang
            else:
                pass

            web.config.session_parameters['cookie_name'] = 'iRedAdmin'
            # Session expire when client ip was changed.
            web.config.session_parameters['ignore_change_ip'] = False
            # Don't ignore session expiration.
            web.config.session_parameters['ignore_expiry'] = False

            if save_pass == 'yes':
                # Session timeout (in seconds).
                web.config.session_parameters['timeout'] = 86400    # 24 hours
            else:
                # Expire session when browser closed.
                web.config.session_parameters['timeout'] = 600      # 10 minutes

            web.logger(msg="Login success", event='login',)
            return web.seeother('/dashboard/checknew')
        else:
            session['failedTimes'] += 1
            web.logger(msg="Login failed.", admin=username, event='login', loglevel='error',)
            return web.seeother('/login?msg=%s' % self.auth_result)
Example #29
0
    def add(self, data):
        self.cn = data.get('cn', '')
        self.mail = web.safestr(data.get('mail')).strip().lower()

        if not iredutils.is_email(self.mail):
            return (False, 'INVALID_MAIL')

        # Check admin exist.
        connutils = connUtils.Utils()
        if connutils.isAdminExists(self.mail):
            return (False, 'ALREADY_EXISTS')

        # Get domainGlobalAdmin setting.
        self.domainGlobalAdmin = web.safestr(data.get('domainGlobalAdmin', 'no'))
        if self.domainGlobalAdmin not in ['yes', 'no', ]:
            self.domainGlobalAdmin = 'no'

        # Get language setting.
        self.preferredLanguage = web.safestr(data.get('preferredLanguage', 'en_US'))

        # Get new password.
        self.newpw = web.safestr(data.get('newpw'))
        self.confirmpw = web.safestr(data.get('confirmpw'))

        result = iredutils.verify_new_password(self.newpw, self.confirmpw)

        if result[0] is True:
            self.passwd = result[1]
        else:
            return result

        try:
            self.conn.insert(
                'admin',
                username=self.mail,
                name=self.cn,
                password=iredutils.generate_password_hash(self.passwd),
                language=self.preferredLanguage,
                created=iredutils.get_gmttime(),
                active='1',
            )

            if self.domainGlobalAdmin == 'yes':
                self.conn.insert(
                    'domain_admins',
                    username=self.mail,
                    domain='ALL',
                    created=iredutils.get_gmttime(),
                    active='1',
                )

            web.logger(msg="Create admin: %s." % (self.mail), event='create',)
            return (True,)
        except Exception, e:
            return (False, str(e))
Example #30
0
    def add(self, data):
        self.cn = data.get('cn', '')
        self.mail = web.safestr(data.get('mail')).strip().lower()

        if not iredutils.is_email(self.mail):
            return (False, 'INVALID_MAIL')

        # Check admin exist.
        connutils = connUtils.Utils()
        if connutils.isAdminExists(self.mail):
            return (False, 'ALREADY_EXISTS')

        # Get domainGlobalAdmin setting.
        self.domainGlobalAdmin = web.safestr(data.get('domainGlobalAdmin', 'no'))
        if self.domainGlobalAdmin not in ['yes', 'no', ]:
            self.domainGlobalAdmin = 'no'

        # Get language setting.
        self.preferredLanguage = web.safestr(data.get('preferredLanguage', 'en_US'))

        # Get new password.
        self.newpw = web.safestr(data.get('newpw'))
        self.confirmpw = web.safestr(data.get('confirmpw'))

        result = iredutils.verify_new_password(self.newpw, self.confirmpw)

        if result[0] is True:
            self.passwd = result[1]
        else:
            return result

        try:
            self.conn.insert(
                'admin',
                username=self.mail,
                name=self.cn,
                password=iredutils.generate_password_hash(self.passwd),
                language=self.preferredLanguage,
                created=iredutils.get_gmttime(),
                active='1',
            )

            if self.domainGlobalAdmin == 'yes':
                self.conn.insert(
                    'domain_admins',
                    username=self.mail,
                    domain='ALL',
                    created=iredutils.get_gmttime(),
                    active='1',
                )

            web.logger(msg="Create admin: %s." % (self.mail), event='create',)
            return (True,)
        except Exception, e:
            return (False, str(e))
Example #31
0
    def add(self, domain, data):
        # Get domain name, username, cn.
        self.domain = web.safestr(data.get('domainName')).strip().lower()
        self.username = web.safestr(data.get('listname')).strip().lower()
        self.mail = self.username + '@' + self.domain

        if self.domain != domain:
            return (False, 'PERMISSION_DENIED')

        if not iredutils.isDomain(self.domain):
            return (False, 'INVALID_DOMAIN_NAME')

        if not iredutils.isEmail(self.mail):
            return (False, 'INVALID_MAIL')

        # Define columns and values used to insert.
        columns = {'domain': self.domain, 'alias': self.mail, }

        # Check account existing.
        connutils = connUtils.Utils()
        if connutils.isEmailExists(mail=self.mail):
            return (False, 'ALREADY_EXISTS')

        # Get domain profile.
        domainLib = domainlib.Domain()
        resultOfDomainProfile = domainLib.profile(domain=self.domain)

        if resultOfDomainProfile[0] is True:
            self.domainProfile = resultOfDomainProfile[1]
        else:
            return resultOfDomainProfile

        # Check account limit.
        adminLib = adminlib.Admin()
        numberOfExistAccounts = adminLib.getNumberOfManagedAccounts(accountType='alias', domains=[self.domain])

        if self.domainProfile.aliases == -1:
            return (False, 'NOT_ALLOWED')
        elif self.domainProfile.aliases > 0:
            if self.domainProfile.aliases <= numberOfExistAccounts:
                return (False, 'EXCEEDED_DOMAIN_ACCOUNT_LIMIT')

        # Get display name from <form>
        columns['name'] = data.get('cn', '')

        try:
            # Store new user in required SQL DBs.
            self.conn.insert(
                'dbmail_aliases_extra',
                **columns
            )
            web.logger(msg="Create mail alias: %s." % (self.mail), domain=self.domain, event='create',)
            return (True,)
        except Exception, e:
            return (False, str(e))
Example #32
0
    def add(self, data):
        self.cn = data.get('cn')
        self.mail = web.safestr(data.get('mail')).strip().lower()

        if not iredutils.is_email(self.mail):
            return (False, 'INVALID_MAIL')

        self.domainGlobalAdmin = web.safestr(
            data.get('domainGlobalAdmin', 'no'))
        if self.domainGlobalAdmin not in [
                'yes',
                'no',
        ]:
            self.domainGlobalAdmin = 'no'

        self.preferredLanguage = web.safestr(
            data.get('preferredLanguage', 'en_US'))

        # Check password.
        self.newpw = web.safestr(data.get('newpw'))
        self.confirmpw = web.safestr(data.get('confirmpw'))

        result = iredutils.verify_new_password(self.newpw, self.confirmpw)
        if result[0] is True:
            self.passwd = iredutils.generate_password_hash(result[1])
        else:
            return result

        ldif = iredldif.ldif_mailadmin(
            mail=self.mail,
            passwd=self.passwd,
            cn=self.cn,
            preferredLanguage=self.preferredLanguage,
            domainGlobalAdmin=self.domainGlobalAdmin)

        self.dn = ldaputils.convert_keyword_to_dn(self.mail,
                                                  accountType='admin')
        if self.dn[0] is False:
            return self.dn

        try:
            self.conn.add_s(self.dn, ldif)
            web.logger(
                msg="Create admin: %s." % (self.mail),
                event='create',
            )
            return (True, )
        except ldap.ALREADY_EXISTS:
            return (False, 'ALREADY_EXISTS')
        except Exception, e:
            return (False, ldaputils.getExceptionDesc(e))
Example #33
0
    def delete(self, domains=None, keep_mailbox_days=0):
        if not domains:
            return (False, 'INVALID_DOMAIN_NAME')

        domains = [str(v).lower() for v in domains if iredutils.is_domain(v)]

        if not domains:
            return (True, )

        msg = {}
        for domain in domains:
            dn = ldaputils.convert_keyword_to_dn(web.safestr(domain), accountType='domain')
            if dn[0] is False:
                return dn

            # Log maildir path in SQL table.
            try:
                qr = self.conn.search_s(attrs.DN_BETWEEN_USER_AND_DOMAIN + dn,
                                        ldap.SCOPE_ONELEVEL,
                                        "(objectClass=mailUser)",
                                        ['mail', 'homeDirectory'])

                if keep_mailbox_days == 0:
                    keep_mailbox_days = 36500

                # Convert keep days to string
                _now_in_seconds = time.time()
                _days_in_seconds = _now_in_seconds + (keep_mailbox_days * 24 * 60 * 60)
                sql_keep_days = time.strftime('%Y-%m-%d', time.strptime(time.ctime(_days_in_seconds)))

                v = []
                for obj in qr:
                    deleted_mail = obj[1].get('mail')[0]
                    deleted_maildir = obj[1].get('homeDirectory', [''])[0]
                    v += [{'maildir': deleted_maildir,
                           'username': deleted_mail,
                           'domain': domain,
                           'admin': session.get('username'),
                           'delete_date': sql_keep_days}]

                if v:
                    web.admindb.multiple_insert('deleted_mailboxes', values=v)
            except:
                pass

            try:
                connUtils.delete_ldap_tree(dn=dn, conn=self.conn)
                web.logger(msg="Delete domain: %s." % (domain), domain=domain, event='delete',)
            except ldap.LDAPError, e:
                msg[domain] = str(e)
Example #34
0
    def delete(self, domain, mails=[]):
        self.domain = str(domain)
        if not iredutils.isDomain(self.domain):
            return (False, 'INVALID_DOMAIN_NAME')

        if not isinstance(mails, (list, tuple,)):
            return (False, 'INVALID_MAIL')

        self.mails = [str(v).lower()
                      for v in mails
                      if iredutils.isEmail(v) and str(v).endswith('@' + self.domain)
                     ]

        # Remove alias from domain.defaultuseraliases.
        # Get domain profile.
        domainLib = domainlib.Domain()
        qr = domainLib.simpleProfile(domain=self.domain, columns=['domain', 'defaultuseraliases', ])

        if qr[0] is True:
            self.domainProfile = qr[1]
        else:
            return qr

        self.defaultUserAliases = self.domainProfile.defaultuseraliases.split(',')

        # Remove from domain.defaultuseraliases.
        self.newDefaultAliases = [str(v).lower()
                                  for v in self.defaultUserAliases
                                  if v not in self.mails
                                 ]

        # Delete domain and related records.
        try:
            self.conn.delete('dbmail_aliases_extra', where='%s' % web.sqlors('alias = ', self.mails),)
            self.conn.delete('dbmail_aliases', where='%s' % web.sqlors('alias = ', self.mails),)
            self.conn.update('dbmail_domains',
                             vars={'domain': self.domain, },
                             defaultuseraliases=','.join(self.newDefaultAliases),
                             modified=iredutils.getGMTTime(),
                             where='domain = $domain',
                            )

            web.logger(
                msg="Delete mail alias: %s." % ', '.join(self.mails),
                domain=self.domain,
                event='delete',
            )
            return (True,)
        except Exception, e:
            return (False, str(e))
Example #35
0
    def delete(self, domains=[]):
        if not isinstance(domains, list):
            return (False, 'INVALID_DOMAIN_NAME')

        domains = [str(v).lower()
                   for v in domains
                   if iredutils.is_domain(v)
                  ]

        if not domains:
            return (True, )

        sql_vars = {'domains': domains, }

        # Delete domain and related records.
        try:
            self.conn.delete('domain', vars=sql_vars, where='domain IN $domains', )

            self.conn.delete(
                'alias_domain',
                vars=sql_vars,
                where='alias_domain IN $domains OR target_domain IN $domains',
            )

            for tbl in ['alias', 'domain_admins', 'mailbox', \
                        'recipient_bcc_domain', 'recipient_bcc_user', \
                        'sender_bcc_domain', 'sender_bcc_user', \
                       ]:
                self.conn.delete(
                    tbl,
                    vars=sql_vars,
                    where='domain IN $domains',
                )

            # Delete real-time mailbox quota.
            try:
                self.conn.query(
                    'DELETE FROM used_quota WHERE %s' % \
                    web.sqlors('username LIKE ', ['%@' + d for d in domains])
                )
            except:
                pass

            for d in domains:
                web.logger(msg="Delete domain: %s." % (d), domain=d, event='delete',)

            return (True,)
        except Exception, e:
            return (False, str(e))
Example #36
0
    def delete(self, mails):
        if mails is None or len(mails) == 0:
            return (False, 'NO_ACCOUNT_SELECTED')

        result = {}

        for mail in mails:
            self.mail = web.safestr(mail)
            dn = ldaputils.convKeywordToDN(self.mail, accountType='admin')

            try:
                deltree.DelTree( self.conn, dn, ldap.SCOPE_SUBTREE )
                web.logger(msg="Delete admin: %s." % (self.mail,), event='delete',)
            except ldap.LDAPError, e:
                result[self.mail] = str(e)
Example #37
0
    def delete(self, mails=[]):
        if not isinstance(mails, types.ListType):
            return (False, 'INVALID_MAIL')

        self.mails = [str(v).lower() for v in mails if iredutils.isEmail(v)]
        self.sqlMails = web.sqlquote(self.mails)

        # Delete domain and related records.
        try:
            self.conn.delete('admin', where='username IN %s' % self.sqlMails)
            self.conn.delete('domain_admins', where='username IN %s' % self.sqlMails)

            web.logger(msg="Delete admin: %s." % ', '.join(self.mails), event='delete',)
            return (True,)
        except Exception, e:
            return (False, str(e))
Example #38
0
    def delete(self, domains=[]):
        if not isinstance(domains, types.ListType):
            return (False, 'INVALID_DOMAIN_NAME')

        msg = {}
        for domain in domains:
            if not iredutils.isDomain(domain):
                continue

            dn = ldaputils.convKeywordToDN(web.safestr(domain), accountType='domain')
        
            try:
                deltree.DelTree(self.conn, dn, ldap.SCOPE_SUBTREE)
                web.logger(msg="Delete domain: %s." % (domain), domain=domain, event='delete',)
            except ldap.LDAPError, e:
                msg[domain] = str(e)
Example #39
0
    def deleteObjWithDN(self, domain, dn, account, accountType):
        self.domain = web.safestr(domain)
        if not iredutils.is_domain(self.domain):
            return (False, "INVALID_DOMAIN_NAME")

        self.dn = escape_filter_chars(dn)

        # Used for logger.
        self.account = web.safestr(account)

        try:
            deltree.DelTree(self.conn, self.dn, ldap.SCOPE_SUBTREE)
            web.logger(msg="Delete %s: %s." % (str(accountType), self.account), domain=self.domain, event="delete")

            return (True,)
        except Exception, e:
            return (False, ldaputils.getExceptionDesc(e))
Example #40
0
    def update(self, profile_type, domain, data):
        self.profile_type = web.safestr(profile_type)
        self.domain = web.safestr(domain)
        self.domaindn = ldaputils.convert_keyword_to_dn(self.domain,
                                                        accountType='domain')
        if self.domaindn[0] is False:
            return self.domaindn

        connutils = connUtils.Utils()
        self.accountSetting = []
        mod_attrs = []

        # Allow normal admin to update profiles.
        if self.profile_type == 'general':
            cn = data.get('cn', None)
            mod_attrs += ldaputils.getSingleModAttr(attr='cn',
                                                    value=cn,
                                                    default=self.domain)

        # Allow global admin to update profiles.
        if session.get('domainGlobalAdmin') is True:
            if self.profile_type == 'general':
                # Get accountStatus.
                if 'accountStatus' in data.keys():
                    accountStatus = 'active'
                else:
                    accountStatus = 'disabled'

                mod_attrs += [(ldap.MOD_REPLACE, 'accountStatus',
                               accountStatus)]

        try:
            dn = ldaputils.convert_keyword_to_dn(self.domain,
                                                 accountType='domain')
            if dn[0] is False:
                return dn

            self.conn.modify_s(dn, mod_attrs)
            web.logger(
                msg="Update domain profile: %s (%s)." % (domain, profile_type),
                domain=domain,
                event='update',
            )
            return (True, )
        except Exception, e:
            return (False, ldaputils.getExceptionDesc(e))
Example #41
0
    def update(
        self,
        domain,
        profile_type,
        data,
    ):
        profile_type = str(profile_type)
        domain = str(domain)

        # Pre-defined update key:value.
        updates = {
            'modified': iredutils.get_gmttime(),
        }

        sql_vars = {
            'domain': domain,
        }

        if profile_type == 'general':
            # Get name
            cn = data.get('cn', '')
            updates['description'] = cn

            if session.get('domainGlobalAdmin') is True:
                # Get account status
                if 'accountStatus' in list(data.keys()):
                    updates['active'] = 1
                else:
                    updates['active'] = 0

                # Update SQL db with columns: maxquota, active.
                try:
                    self.conn.update('domain',
                                     vars=sql_vars,
                                     where='domain=$domain',
                                     **updates)
                except Exception as e:
                    return (False, str(e))

        web.logger(msg="Update domain profile: %s (%s)." %
                   (domain, profile_type),
                   domain=domain,
                   event='update')

        return (True, )
Example #42
0
    def delete(self, mails):
        if mails is None or len(mails) == 0:
            return (False, 'NO_ACCOUNT_SELECTED')

        result = {}

        for mail in mails:
            self.mail = web.safestr(mail)
            dn = ldaputils.convKeywordToDN(self.mail, accountType='admin')

            try:
                deltree.DelTree(self.conn, dn, ldap.SCOPE_SUBTREE)
                web.logger(
                    msg="Delete admin: %s." % (self.mail, ),
                    event='delete',
                )
            except ldap.LDAPError, e:
                result[self.mail] = str(e)
Example #43
0
    def add(self, data):
        self.cn = data.get("cn")
        self.mail = web.safestr(data.get("mail")).strip().lower()

        if not iredutils.is_email(self.mail):
            return (False, "INVALID_MAIL")

        self.domainGlobalAdmin = web.safestr(data.get("domainGlobalAdmin", "no"))
        if self.domainGlobalAdmin not in ["yes", "no"]:
            self.domainGlobalAdmin = "no"

        self.preferredLanguage = web.safestr(data.get("preferredLanguage", "en_US"))

        # Check password.
        self.newpw = web.safestr(data.get("newpw"))
        self.confirmpw = web.safestr(data.get("confirmpw"))

        result = iredutils.verify_new_password(self.newpw, self.confirmpw)
        if result[0] is True:
            self.passwd = iredutils.generate_password_hash(result[1])
        else:
            return result

        ldif = iredldif.ldif_mailadmin(
            mail=self.mail,
            passwd=self.passwd,
            cn=self.cn,
            preferredLanguage=self.preferredLanguage,
            domainGlobalAdmin=self.domainGlobalAdmin,
        )

        self.dn = ldaputils.convert_keyword_to_dn(self.mail, accountType="admin")
        if self.dn[0] is False:
            return self.dn

        try:
            self.conn.add_s(self.dn, ldif)
            web.logger(msg="Create admin: %s." % (self.mail), event="create")
            return (True,)
        except ldap.ALREADY_EXISTS:
            return (False, "ALREADY_EXISTS")
        except Exception, e:
            return (False, ldaputils.getExceptionDesc(e))
Example #44
0
    def add(self, data):
        self.cn = data.get('cn')
        self.mail = web.safestr(data.get('mail')).strip().lower()

        if not iredutils.is_email(self.mail):
            return (False, 'INVALID_MAIL')

        self.domainGlobalAdmin = web.safestr(data.get('domainGlobalAdmin', 'no'))
        if self.domainGlobalAdmin not in ['yes', 'no', ]:
            self.domainGlobalAdmin = 'no'

        self.preferredLanguage = web.safestr(data.get('preferredLanguage', 'en_US'))

        # Check password.
        self.newpw = web.safestr(data.get('newpw'))
        self.confirmpw = web.safestr(data.get('confirmpw'))

        result = iredutils.verify_new_password(self.newpw, self.confirmpw)
        if result[0] is True:
            self.passwd = ldaputils.generate_ldap_password(result[1])
        else:
            return result

        ldif = iredldif.ldif_mailadmin(
                mail=self.mail,
                passwd=self.passwd,
                cn=self.cn,
                preferredLanguage=self.preferredLanguage,
                domainGlobalAdmin=self.domainGlobalAdmin,
                )

        self.dn = ldaputils.convert_keyword_to_dn(self.mail, accountType='admin')
        if self.dn[0] is False:
            return self.dn

        try:
            self.conn.add_s(self.dn, ldif)
            web.logger(msg="Create admin: %s." % (self.mail), event='create',)
            return (True,)
        except ldap.ALREADY_EXISTS:
            return (False, 'ALREADY_EXISTS')
        except Exception, e:
            return (False, ldaputils.getExceptionDesc(e))
Example #45
0
    def delete(self, mails):
        if mails is None or len(mails) == 0:
            return (False, 'NO_ACCOUNT_SELECTED')

        result = {}

        for mail in mails:
            self.mail = web.safestr(mail)
            dn = ldaputils.convert_keyword_to_dn(self.mail,
                                                 accountType='admin')
            if dn[0] is False:
                return dn

            try:
                deltree.DelTree(self.conn, dn, ldap.SCOPE_SUBTREE)
                web.logger(
                    msg="Delete admin: %s." % (self.mail, ),
                    event='delete',
                )
            except ldap.NO_SUCH_OBJECT:
                # This is a mail user admin
                dn = ldaputils.convert_keyword_to_dn(self.mail,
                                                     accountType='user')
                try:
                    connutils = connUtils.Utils()
                    # Delete enabledService=domainadmin
                    connutils.addOrDelAttrValue(dn=dn,
                                                attr='enabledService',
                                                value='domainadmin',
                                                action='delete')

                    # Delete domainGlobalAdmin=yes
                    connutils.addOrDelAttrValue(dn=dn,
                                                attr='domainGlobalAdmin',
                                                value='yes',
                                                action='delete')
                    web.logger(msg="Delete admin: %s." % (self.mail),
                               event='delete')
                except Exception, e:
                    result[self.mail] = str(e)
            except ldap.LDAPError, e:
                result[self.mail] = str(e)
Example #46
0
    def deleteSingleUser(
        self,
        mail,
        deleteFromGroups=True,
    ):
        self.mail = web.safestr(mail)
        if not iredutils.is_email(self.mail):
            return (False, 'INVALID_MAIL')

        # Get domain name of this account.
        self.domain = self.mail.split('@')[-1]

        # Get dn of mail user and domain.
        self.dnUser = ldaputils.convert_keyword_to_dn(self.mail,
                                                      accountType='user')
        if self.dnUser[0] is False:
            return self.dnUser

        # Delete user object.
        try:
            # Delete single object.
            #self.conn.delete_s(self.dnUser)

            # Delete object and its subtree.
            deltree.DelTree(self.conn, self.dnUser, ldap.SCOPE_SUBTREE)

            if deleteFromGroups:
                self.deleteSingleUserFromGroups(self.mail)

            # Delete record from SQL database: real-time used quota.
            try:
                connUtils.deleteAccountFromUsedQuota([self.mail])
            except Exception, e:
                pass

            # Log delete action.
            web.logger(
                msg="Delete user: %s." % (self.mail),
                domain=self.domain,
                event='delete',
            )
            return (True, )
Example #47
0
    def delete(self, domains=[]):
        if not isinstance(domains, list):
            return (False, 'INVALID_DOMAIN_NAME')

        self.domains = [
            str(v).lower() for v in domains if iredutils.isDomain(v)
        ]
        sql_vars = {
            'domains': self.domains,
        }

        # Delete domain and related records.
        try:
            self.conn.delete(
                'dbmail_alias_domains',
                vars=sql_vars,
                where='alias_domain IN $domains OR target_domain IN $domains',
            )
            self.conn.delete(
                'dbmail_domain_admins',
                vars=sql_vars,
                where='domain IN $domains',
            )

            # Finally, delete from table `domain` to make sure all related
            # records were deleted.
            self.conn.delete(
                'dbmail_domains',
                vars=sql_vars,
                where='domain IN $domains',
            )

            for d in self.domains:
                web.logger(
                    msg="Delete domain: %s." % (d),
                    domain=d,
                    event='delete',
                )
            return (True, )
        except Exception, e:
            return (False, str(e))
Example #48
0
    def update(self, profile_type, domain, data):
        self.profile_type = web.safestr(profile_type)
        self.domain = web.safestr(domain)
        self.domaindn = ldaputils.convert_keyword_to_dn(self.domain, accountType='domain')
        if self.domaindn[0] is False:
            return self.domaindn

        connutils = connUtils.Utils()
        self.accountSetting = []
        mod_attrs = []

        # Allow normal admin to update profiles.
        if self.profile_type == 'general':
            cn = data.get('cn', None)
            mod_attrs += ldaputils.getSingleModAttr(attr='cn', value=cn, default=self.domain)

        # Allow global admin to update profiles.
        if session.get('domainGlobalAdmin') is True:
            if self.profile_type == 'general':
                # Get accountStatus.
                if 'accountStatus' in data.keys():
                    accountStatus = 'active'
                else:
                    accountStatus = 'disabled'

                mod_attrs += [(ldap.MOD_REPLACE, 'accountStatus', accountStatus)]

        try:
            dn = ldaputils.convert_keyword_to_dn(self.domain, accountType='domain')
            if dn[0] is False:
                return dn

            self.conn.modify_s(dn, mod_attrs)
            web.logger(msg="Update domain profile: %s (%s)." % (domain, profile_type),
                       domain=domain,
                       event='update',
                      )
            return (True,)
        except Exception, e:
            return (False, ldaputils.getExceptionDesc(e))
Example #49
0
    def delete(self, domain, mails=[]):
        self.domain = str(domain)
        if not iredutils.isDomain(self.domain):
            return (False, 'INVALID_DOMAIN_NAME')

        if not isinstance(mails, list):
            return (False, 'INVALID_MAIL')

        self.mails = [
            str(addr).lower() for addr in mails
            if iredutils.isEmail(addr) and str(addr).endswith('@' +
                                                              self.domain)
        ]
        if not self.mails:
            return (False, 'INVALID_MAIL')

        # Delete domain and related records.
        try:
            # Delete from aliases.
            self.conn.delete('dbmail_aliases',
                             where='%s' %
                             web.sqlors('deliver_to = ', self.mails))
            self.conn.delete('dbmail_aliases',
                             where='%s' % web.sqlors('alias = ', self.mails))

            # Delete user record.
            self.conn.delete('dbmail_users',
                             where='%s' % web.sqlors('userid = ', self.mails))

            web.logger(
                msg="Delete user: %s." % ', '.join(self.mails),
                domain=self.domain,
                event='delete',
            )

            return (True, )
        except Exception, e:
            return (False, str(e))
Example #50
0
    def delete(self, domains=[]):
        if not isinstance(domains, list):
            return (False, 'INVALID_DOMAIN_NAME')

        domains = [str(v).lower()
                   for v in domains
                   if iredutils.is_domain(v)
                  ]

        if not domains:
            return (True,)

        msg = {}
        for domain in domains:
            dn = ldaputils.convert_keyword_to_dn(web.safestr(domain), accountType='domain')
            if dn[0] is False:
                return dn

            try:
                deltree.DelTree(self.conn, dn, ldap.SCOPE_SUBTREE)
                web.logger(msg="Delete domain: %s." % (domain), domain=domain, event='delete',)
            except ldap.LDAPError, e:
                msg[domain] = str(e)
Example #51
0
    def delete(self, mails=[]):
        if not isinstance(mails, list):
            return (False, 'INVALID_MAIL')

        self.mails = [str(v).lower() for v in mails if iredutils.is_email(v)]
        sql_vars = {'username': self.mails, }

        # Delete domain and related records.
        try:
            self.conn.delete(
                'admin',
                vars=sql_vars,
                where='username IN $username',
            )
            self.conn.delete(
                'domain_admins',
                vars=sql_vars,
                where='username IN $username',
            )

            web.logger(msg="Delete admin: %s." % ', '.join(self.mails), event='delete',)
            return (True,)
        except Exception, e:
            return (False, str(e))
Example #52
0
    def add(self, domain, data):
        # Get domain name, username, cn.
        self.domain = web.safestr(data.get('domainName')).strip().lower()
        self.username = web.safestr(data.get('username')).strip().lower()
        self.mail = self.username + '@' + self.domain

        if self.domain != domain:
            return (False, 'PERMISSION_DENIED')

        if not iredutils.isDomain(self.domain):
            return (False, 'INVALID_DOMAIN_NAME')

        # Check account existing.
        connutils = connUtils.Utils()
        if connutils.isEmailExists(mail=self.mail):
            return (False, 'ALREADY_EXISTS')

        # Get domain profile.
        domainLib = domainlib.Domain()
        resultOfDomainProfile = domainLib.profile(domain=self.domain)

        if resultOfDomainProfile[0] is True:
            self.domainProfile = resultOfDomainProfile[1]
        else:
            return resultOfDomainProfile

        # Check account limit.
        adminLib = adminlib.Admin()
        numberOfExistAccounts = adminLib.getNumberOfManagedAccounts(accountType='user', domains=[self.domain])

        if self.domainProfile.mailboxes == 0:
            # Unlimited.
            pass
        elif self.domainProfile.mailboxes <= numberOfExistAccounts:
            return (False, 'EXCEEDED_DOMAIN_ACCOUNT_LIMIT')

        # Check spare quota and number of spare account limit.
        # Get quota from <form>
        self.mailQuota = str(data.get('mailQuota')).strip()
        self.defaultUserQuota = self.domainProfile.get('defaultuserquota', 0)

        if self.mailQuota.isdigit():
            self.mailQuota = int(self.mailQuota)
        else:
            self.mailQuota = self.defaultUserQuota

        # Re-calculate mail quota if this domain has limited max quota.
        if self.domainProfile.maxquota > 0:
            # Get used quota.
            qr = domainLib.getAllocatedQuotaSize(domain=self.domain)
            if qr[0] is True:
                self.allocatedQuota = qr[1]
            else:
                return qr

            spareQuota = self.domainProfile.maxquota - self.allocatedQuota

            if spareQuota > 0:
                if spareQuota < self.mailQuota:
                    self.mailQuota = spareQuota
            else:
                # No enough quota.
                return (False, 'EXCEEDED_DOMAIN_QUOTA_SIZE')

        #
        # Get password from <form>.
        #
        self.newpw = str(data.get('newpw', ''))
        self.confirmpw = str(data.get('confirmpw', ''))

        # Get password length limit from domain profile or global setting.
        self.minPasswordLength = self.domainProfile.get('minpasswordlength',cfg.general.get('min_passwd_length', '0'))
        self.maxPasswordLength = self.domainProfile.get('maxpasswordlength', cfg.general.get('max_passwd_length', '0'))

        resultOfPW = iredutils.verifyNewPasswords(
            self.newpw,
            self.confirmpw,
            min_passwd_length=self.minPasswordLength,
            max_passwd_length=self.maxPasswordLength,
        )
        if resultOfPW[0] is True:
            self.passwd = iredutils.getSQLPassword(resultOfPW[1])
        else:
            return resultOfPW

        # Get display name from <form>
        self.cn = data.get('cn', '')

        # Assign new user to default mail aliases.
        assignedAliases = [str(v).lower()
                           for v in str(self.domainProfile.defaultuseraliases).split(',')
                           if iredutils.isEmail(v)
                          ]

        try:
            # Store new user in SQL db.
            self.conn.insert(
                'mailbox',
                domain=self.domain,
                username=self.mail,
                password=self.passwd,
                name=self.cn,
                maildir=iredutils.setMailMessageStore(self.mail),
                quota=self.mailQuota,
                created=iredutils.sqlNOW,
                active='1',
                local_part=self.username,
            )

            # Assign new user to default mail aliases.
            if len(assignedAliases) > 0:
                for ali in assignedAliases:
                    try:
                        self.conn.query(
                            '''
                            UPDATE alias
                            SET goto=CONCAT(goto, %s)
                            WHERE address=%s AND domain=%s
                            ''' % (
                                web.sqlquote(','+self.mail),
                                web.sqlquote(ali),
                                web.sqlquote(self.domain),
                            )
                        )
                    except:
                        pass

            # Create an alias account: address=goto.
            self.conn.insert(
                'alias',
                address=self.mail,
                goto=self.mail,
                domain=self.domain,
                created=iredutils.sqlNOW,
                active='1',
            )

            web.logger(msg="Create user: %s." % (self.mail), domain=self.domain, event='create',)
            return (True,)
        except Exception, e:
            return (False, str(e))
Example #53
0
        elif self.accountType == 'alias':
            self.accounts = [str(v) for v in accounts if iredutils.isEmail(v)]
            try:
                self.conn.update(
                    'alias',
                    where='address IN %s' % (web.sqlquote(self.accounts)),
                    active=self.active,
                )
            except Exception, e:
                return (False, str(e))
        else:
            pass

        try:
            web.logger(
                msg="%s %s: %s." % (self.action, self.accountType, ', '.join(self.accounts)),
                event=self.action.lower(),
            )
        except:
            pass
        return (True,)

    def getUsedBytesMessages(self, domain=None):
        """Return (messages, bytes)"""
        if domain is None:
            resultOfSum = self.conn.query(
                '''
                SELECT
                    SUM(messages) AS messages,
                    SUM(bytes) AS bytes
                FROM mailbox
                '''
Example #54
0
    def add(self, domain, data):
        # Get domain name, username, cn.
        self.domain = web.safestr(data.get('domainName')).strip().lower()
        self.username = web.safestr(data.get('username')).strip().lower()
        self.mail = self.username + '@' + self.domain
        self.groups = data.get('groups', [])

        if not iredutils.isDomain(self.domain) or not iredutils.isEmail(self.mail):
            return (False, 'MISSING_DOMAIN_OR_USERNAME')

        # Check account existing.
        connutils = connUtils.Utils()
        if connutils.isAccountExists(domain=self.domain, filter='(mail=%s)' % self.mail):
            return (False, 'ALREADY_EXISTS')

        # Get @domainAccountSetting.
        domainLib = domainlib.Domain()
        result_domain_profile = domainLib.profile(self.domain)

        # Initial parameters.
        domainAccountSetting = {}
        self.aliasDomains = []

        if result_domain_profile[0] is True:
            domainProfile = result_domain_profile[1]
            domainAccountSetting = ldaputils.getAccountSettingFromLdapQueryResult(domainProfile, key='domainName').get(self.domain, {})
            self.aliasDomains = domainProfile[0][1].get('domainAliasName', [])

        # Check password.
        self.newpw = web.safestr(data.get('newpw'))
        self.confirmpw = web.safestr(data.get('confirmpw'))

        result = iredutils.verifyNewPasswords(self.newpw, self.confirmpw,
                                          min_passwd_length=domainAccountSetting.get('minPasswordLength', '0'),
                                          max_passwd_length=domainAccountSetting.get('maxPasswordLength', '0'),
                                         )
        if result[0] is True:
            self.passwd = ldaputils.generatePasswd(result[1])
        else:
            return result

        # Get display name.
        self.cn = data.get('cn')

        # Get user quota. Unit is MB.
        # 0 or empty is not allowed if domain quota is set, set to
        # @defaultUserQuota or @domainSpareQuotaSize

        # Initial final mailbox quota.
        self.quota = 0

        # Get mail quota from web form.
        defaultUserQuota = domainLib.getDomainDefaultUserQuota(self.domain, domainAccountSetting)
        self.mailQuota = str(data.get('mailQuota')).strip()
        if self.mailQuota.isdigit():
            self.mailQuota = int(self.mailQuota)
        else:
            self.mailQuota = defaultUserQuota

        # 0 means unlimited.
        domainQuotaSize, domainQuotaUnit = domainAccountSetting.get('domainQuota', '0:GB').split(':')
        if int(domainQuotaSize) == 0:
            # Unlimited.
            self.quota = self.mailQuota
        else:
            # Get domain quota, convert to MB.
            if domainQuotaUnit == 'TB':
                domainQuota = int(domainQuotaSize) * 1024 * 1024 # TB
            elif domainQuotaUnit == 'GB':
                domainQuota = int(domainQuotaSize) * 1024  # GB
            else:
                domainQuota = int(domainQuotaSize)  # MB

            # TODO Query whole domain and calculate current quota size, not read from domain profile.
            #domainCurrentQuotaSize = int(domainProfile[0][1].get('domainCurrentQuotaSize', ['0'])[0]) / (1024*1024)
            result = connutils.getDomainCurrentQuotaSizeFromLDAP(domain=self.domain)
            if result[0] is True:
                domainCurrentQuotaSize = result[1]
            else:
                domainCurrentQuotaSize = 0

            # Spare quota.
            domainSpareQuotaSize = domainQuota - domainCurrentQuotaSize/(1024*1024)

            if domainSpareQuotaSize <= 0:
                return (False, 'EXCEEDED_DOMAIN_QUOTA_SIZE')

            # Get FINAL mailbox quota.
            if self.mailQuota == 0:
                self.quota = domainSpareQuotaSize
            else:
                if domainSpareQuotaSize > self.mailQuota:
                    self.quota = self.mailQuota
                else:
                    self.quota = domainSpareQuotaSize

        # Get default groups.
        self.groups = [ web.safestr(v)
                       for v in domainAccountSetting.get('defaultList', '').split(',')
                       if iredutils.isEmail(v)
                      ]

        self.defaultStorageBaseDirectory = domainAccountSetting.get('defaultStorageBaseDirectory', None)

        # Get default mail list which set in domain accountSetting.
        ldif = iredldif.ldif_mailuser(
            domain=self.domain,
            aliasDomains=self.aliasDomains,
            username=self.username,
            cn=self.cn,
            passwd=self.passwd,
            quota=self.quota,
            groups=self.groups,
            storageBaseDirectory=self.defaultStorageBaseDirectory,
        )

        if attrs.RDN_USER == 'mail':
            self.dn = ldaputils.convKeywordToDN(self.mail, accountType='user')
        elif attrs.RDN_USER == 'cn':
            self.dn = 'cn=' + self.cn + ',' + attrs.DN_BETWEEN_USER_AND_DOMAIN + \
                    ldaputils.convKeywordToDN(self.domain, accountType='domain')
        elif attrs.RDN_USER == 'uid':
            self.dn = 'uid=' + self.username + ',' + attrs.DN_BETWEEN_USER_AND_DOMAIN + \
                    ldaputils.convKeywordToDN(self.domain, accountType='domain')
        else:
            return (False, 'UNSUPPORTED_USER_RDN')

        try:
            self.conn.add_s(ldap.filter.escape_filter_chars(self.dn), ldif,)
            web.logger(msg="Create user: %s." % (self.mail), domain=self.domain, event='create',)
            return (True,)
        except ldap.ALREADY_EXISTS:
            return (False, 'ALREADY_EXISTS')
        except Exception, e:
            return (False, ldaputils.getExceptionDesc(e))
Example #55
0
            accounts = [str(v) for v in accounts if iredutils.is_email(v)]
            try:
                self.conn.update(
                    'alias',
                    vars={'accounts': accounts},
                    where='address IN $accounts',
                    active=active,
                )
            except Exception, e:
                return (False, str(e))
        else:
            pass

        try:
            web.logger(
                msg="%s %s: %s." % (action, accountType, ', '.join(accounts)),
                event=action.lower(),
            )
        except:
            pass
        return (True,)

    def deleteAccounts(self, accounts, accountType,):
        # accounts must be a list/tuple.
        # accountType in ['domain', 'user', 'admin', 'alias',]
        if not accounts:
            return (True,)

        accountType = str(accountType)

        if accountType == 'domain':
            accounts = [str(v) for v in accounts if iredutils.is_domain(v)]
Example #56
0
        if sender_records.get(s):
            values.append({"rid": user_id, "sid": sender_records[s], "wb": "W"})

    for s in bl_senders:
        # Filter out same record in blacklist
        if sender_records.get(s) and s not in wl_senders:
            values.append({"rid": user_id, "sid": sender_records[s], "wb": "B"})

    try:
        conn.multiple_insert("wblist", values)

        # Log
        if wl_senders or bl_senders:
            if flush_before_import:
                web.logger(
                    msg="Update whitelists and/or blacklists for %s." % account, admin="CLI", event="update_wblist"
                )
            else:
                if wl_senders:
                    web.logger(
                        msg="Add whitelists for %s: %s." % (account, ", ".join(wl_senders)),
                        admin="CLI",
                        event="update_wblist",
                    )

                if bl_senders:
                    web.logger(
                        msg="Add blacklists for %s: %s." % (account, ", ".join(bl_senders)),
                        admin=session["username"],
                        event="update_wblist",
                    )
Example #57
0
        if profile_type == 'general':
            # Get name
            cn = data.get('cn', '')
            updates['description'] = cn

            if session.get('domainGlobalAdmin') is True:
                # Get account status
                if 'accountStatus' in data.keys():
                    updates['active'] = 1
                else:
                    updates['active'] = 0

                # Update SQL db with columns: maxquota, active.
                try:
                    self.conn.update(
                        'domain',
                        vars=sql_vars,
                        where='domain=$domain',
                        **updates
                    )
                except Exception, e:
                    return (False, str(e))

        web.logger(msg="Update domain profile: %s (%s)." % (domain, profile_type),
                   domain=domain,
                   event='update',
                  )

        return (True,)
Example #58
0
    def add(self, domain, data):
        # Get domain name, username, cn.
        self.domain = web.safestr(data.get('domainName')).strip().lower()
        mail_local_part = web.safestr(data.get('username')).strip().lower()
        self.mail = mail_local_part + '@' + self.domain

        if not iredutils.is_domain(self.domain):
            return (False, 'INVALID_DOMAIN_NAME')

        if self.domain != domain:
            return (False, 'PERMISSION_DENIED')

        if not iredutils.is_email(self.mail):
            return (False, 'INVALID_MAIL')

        # Check account existing.
        connutils = connUtils.Utils()
        if connutils.is_email_exists(mail=self.mail):
            return (False, 'ALREADY_EXISTS')

        # Get domain profile.
        domainLib = domainlib.Domain()
        resultOfDomainProfile = domainLib.profile(domain=self.domain)

        if resultOfDomainProfile[0] is True:
            domainProfile = resultOfDomainProfile[1]
        else:
            return resultOfDomainProfile

        # Check account limit.
        adminLib = adminlib.Admin()
        numberOfExistAccounts = adminLib.getNumberOfManagedAccounts(accountType='user', domains=[self.domain])

        if domainProfile.mailboxes == -1:
            return (False, 'NOT_ALLOWED')
        elif domainProfile.mailboxes > 0:
            if domainProfile.mailboxes <= numberOfExistAccounts:
                return (False, 'EXCEEDED_DOMAIN_ACCOUNT_LIMIT')

        # Check spare quota and number of spare account limit.
        # Get quota from <form>
        mailQuota = str(data.get('mailQuota')).strip()

        if mailQuota.isdigit():
            mailQuota = int(mailQuota)
        else:
            mailQuota = 0

        # Re-calculate mail quota if this domain has limited max quota.
        if domainProfile.maxquota > 0:
            # Get used quota.
            qr = domainLib.getAllocatedQuotaSize(domain=self.domain)
            if qr[0] is True:
                allocatedQuota = qr[1]
            else:
                return qr

            spareQuota = domainProfile.maxquota - allocatedQuota

            if spareQuota > 0:
                if spareQuota < mailQuota:
                    mailQuota = spareQuota
            else:
                # No enough quota.
                return (False, 'EXCEEDED_DOMAIN_QUOTA_SIZE')

        #
        # Get password from <form>.
        #
        newpw = web.safestr(data.get('newpw', ''))
        confirmpw = web.safestr(data.get('confirmpw', ''))

        resultOfPW = iredutils.verify_new_password(
            newpw,
            confirmpw,
            min_passwd_length=settings.min_passwd_length,
            max_passwd_length=settings.max_passwd_length,
        )
        if resultOfPW[0] is True:
            pwscheme = None
            if 'storePasswordInPlainText' in data and settings.STORE_PASSWORD_IN_PLAIN_TEXT:
                pwscheme = 'PLAIN'
            passwd = iredutils.generate_password_for_sql_mail_account(resultOfPW[1], pwscheme=pwscheme)
        else:
            return resultOfPW

        # Get display name from <form>
        cn = data.get('cn', '')

        # Get storage base directory.
        tmpStorageBaseDirectory = settings.storage_base_directory.lower()
        splitedSBD = tmpStorageBaseDirectory.rstrip('/').split('/')
        storageNode = splitedSBD.pop()
        storageBaseDirectory = '/'.join(splitedSBD)

        try:
            # Store new user in SQL db.
            self.conn.insert(
                'mailbox',
                domain=self.domain,
                username=self.mail,
                password=passwd,
                name=cn,
                maildir=iredutils.generate_maildir_path(self.mail),
                quota=mailQuota,
                storagebasedirectory=storageBaseDirectory,
                storagenode=storageNode,
                created=iredutils.get_gmttime(),
                active='1',
                local_part=mail_local_part,
            )

            # Create an alias account: address=goto.
            self.conn.insert(
                'alias',
                address=self.mail,
                goto=self.mail,
                domain=self.domain,
                created=iredutils.get_gmttime(),
                active='1',
            )

            web.logger(msg="Create user: %s." % (self.mail), domain=self.domain, event='create',)
            return (True,)
        except Exception, e:
            return (False, str(e))