def check_login(*args, **kwargs):
if 'code' not in args[1].params.keys():
raise RError(5)
db = RDataBase()
if not db.query("SELECT * FROM invite_codes WHERE code = %s AND used = %s", (args[1].params['code'], used)):
raise RError(6)
func(*args, code=args[1].params['code'], **kwargs)
class RUser:
def __init__(self):
self.db = RDataBase()
@utils.require_login
@utils.require_domain_owner
def on_get(self, req, resp, domain_id, user):
req.context["result"] = {
"result": self.db.query("SELECT id, domain_id, email FROM virtual_users WHERE domain_id = %s", (domain_id,))
}
resp.status = falcon.HTTP_200
@utils.require_login
@utils.require_domain_owner
def on_post(self, req, resp, domain_id, user):
if "request" not in req.context.keys():
raise RError(16)
request = req.context["request"]
if "username" not in request.keys():
raise RError(20)
if not re.match("^[a-z0-9A-Z][a-z0-9A-Z_\+\.]{0,60}$", request["username"]):
raise RError(13)
if "password" not in request.keys():
raise RError(14)
domain = self.db.query("SELECT name FROM virtual_domains WHERE id = %s", (domain_id,))
if self.db.query(
"SELECT * FROM virtual_users WHERE email = %s", ((request["username"] + "@" + domain[0]["name"]),)
):
raise RError(17)
self.db.execute(
"INSERT INTO virtual_users (domain_id,password, email) VALUES "
"(%s, ENCRYPT(%s, CONCAT('$6$', SUBSTRING(SHA(RAND()), -16))), %s)",
(domain_id, request["password"], (request["username"] + "@" + domain[0]["name"])),
)
resp.status = falcon.HTTP_200
class RTransport:
def __init__(self):
self.db = RDataBase()
@utils.require_login
@utils.require_domain_owner
def on_get(self, req, resp, user, domain_id):
result = self.db.query("SELECT id,source,destination,region FROM transport_domains WHERE domain_id=%s",
(domain_id,))
req.context['result'] = {"result": result}
@utils.require_login
@utils.require_domain_owner
@utils.require_level(5)
def on_post(self, req, resp, user, domain_id):
if 'request' not in req.context.keys():
raise RError(16)
request = req.context['request']
if 'source' not in request.keys():
raise RError(20)
if 'destination' not in request.keys():
raise RError(20)
if 'region' not in request.keys():
raise RError(20)
if not (re.match('^[a-z0-9A-Z_\+\.]{1,60}@$', request['source']) or request['source'] == ""):
raise RError(13)
domain = self.db.query("SELECT * FROM virtual_domains WHERE id = %s", (domain_id,))
self.db.execute("INSERT INTO transport_domains(domain_id, source, destination, region) VALUES (%s,%s,%s,%s)",
(domain_id, (request['source'] + domain[0]['name']), request['destination'],
request['region']))
class RTransportDefaultModify:
def __init__(self):
self.db = RDataBase()
@utils.require_login
@utils.require_domain_owner
def on_post(self, req, resp, user, domain_id, operate_id):
if operate_id == "1":
if 'request' not in req.context.keys():
raise RError(16)
request = req.context['request']
if 'id' not in request.keys():
raise RError(20)
server = self.db.query("SELECT * FROM mynetworks WHERE id = %s", (str(request['id']),) )
domain = self.db.query("SELECT * FROM virtual_domains WHERE id = %s", (domain_id,))
if not server:
raise RError(30)
cursor = self.db.begin()
cursor.execute("DELETE FROM transport_domains WHERE domain_id = %s", (domain_id,))
cursor.execute(
"INSERT INTO transport_domains(domain_id, source, destination, region) VALUES (%s, %s, %s, '0default')",
(domain_id, domain[0]['name'], "smtp:[" + server[0]['domain_name'] + "]"))
cursor.execute(
"INSERT INTO transport_domains(domain_id, source, destination, region) VALUES( %s, %s, %s, %s)",
(domain_id, domain[0]['name'], "lmtp:unix:private/dovecot-lmtp", server[0]['server_mark']))
cursor.commit()
else:
raise RError(31)
def check_owner(*args, **kwargs):
if 'user' not in kwargs.keys():
raise RError(22)
user = kwargs['user']
if 'domain_id' not in kwargs.keys():
raise RError(23)
if user.info.level == 100:
return func(*args, **kwargs)
db = RDataBase()
if not db.query("SELECT * FROM virtual_domains WHERE id = %s AND admin_user_id = %s",
(kwargs['domain_id'], kwargs['user'].info.id)):
raise RError(24)
func(*args, **kwargs)
def __init__(self, token=''):
self.sessions = RMemorySessionStore()
self.utils = RUtils()
self.database = RDataBase()
self.data = None
if token != '':
self.restore_from_token(token)
class RServer:
def __init__(self):
self.db = RDataBase()
@utils.require_login
def on_get(self, req, resp, user):
result = self.db.query("SELECT domain_name, server_mark, region_mark, default_mark FROM mynetworks", ())
req.context['result'] = {"result": result}
def __init__(self, token=None):
self.session = RMemorySessionStore()
self.db = RDataBase()
self.info = RAdminUserInfo()
self.config = RConfig()
if token:
self.info.token = token
if self.info.token != "":
self.login_by_token()
class RAliasModify:
def __init__(self):
self.db = RDataBase()
@utils.require_login
@utils.require_domain_owner
def on_get(self, req, resp, user, domain_id, alias_id):
result = self.db.query("SELECT id,source,destination FROM virtual_aliases WHERE id = %s AND domain_id = %s",
(alias_id, domain_id))
if not result:
raise RError(29)
req.context['result'] = {"result": result[0]}
@utils.require_login
@utils.require_domain_owner
@utils.require_level(5)
def on_delete(self, req, resp, user, domain_id, alias_id):
result = self.db.execute("DELETE FROM virtual_aliases WHERE id = %s AND domain_id = %s", (alias_id, domain_id))
if not result:
raise RError(18)
class RBccModify:
def __init__(self):
self.db = RDataBase()
@utils.require_login
@utils.require_domain_owner
def on_get(self, req, resp, user, domain_id, bcc_id):
result = self.db.query(
"SELECT id,source,destination,region FROM recipient_bcc WHERE id = %s AND domain_id = %s",
(bcc_id, domain_id))
if not result:
raise RError(32)
req.context['result'] = {"result": result[0]}
@utils.require_login
@utils.require_domain_owner
@utils.require_level(5)
def on_delete(self, req, resp, user, domain_id, bcc_id):
result = self.db.execute("DELETE FROM recipient_bcc WHERE id = %s AND domain_id = %s", (bcc_id, domain_id))
if not result:
raise RError(18)
class RDomain:
def __init__(self):
self.db = RDataBase()
@utils.require_login
def on_get(self, req, resp, user):
if user.info.level == 100:
result = self.db.query("SELECT id, name FROM virtual_domains", ())
else:
result = self.db.query("SELECT id, name FROM virtual_domains WHERE admin_user_id = %s", (user.info.id,))
req.context['result'] = {'result': result}
resp.status = falcon.HTTP_200
@utils.require_login
def on_post(self, req, resp, user):
if 'request' not in req.context.keys():
raise RError(16)
request = req.context['request']
if 'domain' not in request.keys():
raise RError(7)
if self.db.query("SELECT id FROM virtual_domains WHERE name = %s", (request['domain'],)):
raise RError(8)
if not re.match('^([a-zA-Z0-9][-a-zA-Z0-9]{0,62}\.){1,5}[a-zA-Z0-9][-a-zA-Z0-9]{0,62}$', request['domain']):
raise RError(9)
self.db.execute("INSERT INTO virtual_domains (name, admin_user_id) VALUES (%s, %s)",
(request['domain'], user.info.id))
req.context['result'] = {'result': self.db.query('SELECT id, name FROM virtual_domains WHERE name = %s',
(request['domain'],))[0]}
resp.status = falcon.HTTP_200
class RUserModify:
def __init__(self):
self.db = RDataBase()
@utils.require_login
@utils.require_domain_owner
def on_get(self, req, resp, domain_id, user_id, user):
result = self.db.query(
"SELECT id, domain_id, email FROM virtual_users WHERE id = %s AND domain_id = %s", (user_id, domain_id)
)
if not result:
raise RError(26)
req.context["result"] = {"result": result[0]}
@utils.require_login
@utils.require_domain_owner
def on_put(self, req, resp, domain_id, user_id, user):
if "request" not in req.context.keys():
raise RError(16)
request = req.context["request"]
if not user_id:
raise RError(15)
if "password" not in request.keys():
raise RError(14)
if not self.db.execute(
"UPDATE virtual_users SET password = ENCRYPT(%s, CONCAT('$6$', SUBSTRING(SHA(RAND()), -16))) "
"WHERE domain_id = %s AND id = %s",
(request["password"], domain_id, user_id),
):
raise RError(18)
resp.status = falcon.HTTP_200
@utils.require_login
@utils.require_domain_owner
def on_delete(self, req, resp, domain_id, user_id, user):
if not user_id:
raise RError(15)
if not self.db.execute("DELETE FROM virtual_users WHERE id = %s AND domain_id = %s", (user_id, domain_id)):
raise RError(26)
resp.status = falcon.HTTP_200
class RDomainModify():
def __init__(self):
self.db = RDataBase()
@utils.require_login
@utils.require_domain_owner
def on_get(self, req, resp, domain_id, user):
result = self.db.query('SELECT id, name FROM virtual_domains WHERE id = %s;', (domain_id, ))
if not result:
raise RError(24)
req.context['result'] = {'result': result[0]}
resp.status = falcon.HTTP_200
@utils.require_login
@utils.require_domain_owner
def on_delete(self, req, resp, domain_id, user):
result = self.db.execute("DELETE FROM virtual_users WHERE domain_id = %s;", (domain_id,))
result = self.db.execute("DELETE FROM virtual_domains WHERE id = %s;", (domain_id,))
if not result:
raise RError(18)
resp.status = falcon.HTTP_200
class RUser:
def __init__(self, token=''):
self.sessions = RMemorySessionStore()
self.utils = RUtils()
self.database = RDataBase()
self.data = None
if token != '':
self.restore_from_token(token)
def restore_from_token(self, token):
if self.sessions.contains(token):
self.data = self.sessions.get(token)
return True
else:
result = self.database.query('SELECT * FROM token WHERE token = %s AND expired_time > now()',
(token,))
if result:
self.data = UserData()
self.data.id = result[0]['user_id']
self.data.ifLogin = True
self.reload()
return True
self.data = UserData()
return False
def reload(self):
result = self.database.query('SELECT * FROM users WHERE id = %s', (self.data.id,))
if not result:
return False
self.data.username = result[0]['username']
self.data.status = result[0]['status']
self.data.email = result[0]['email']
return True
def login(self, username, password):
if self.data.ifLogin:
return True
result = self.database.query('SELECT * FROm users
class RAdminUser():
def __init__(self, token=None):
self.session = RMemorySessionStore()
self.db = RDataBase()
self.info = RAdminUserInfo()
self.config = RConfig()
if token:
self.info.token = token
if self.info.token != "":
self.login_by_token()
def login_by_token(self):
if not self.info.token:
return False
if self.session.contains(self.info.token):
self.info = self.session.get(self.info.token)
if self.info.expired_time < time.time():
self.info.ifLogin = False
self.session.remove(self.info.token)
if self.info.ifLogin:
return True
return False
def login_by_password(self, username="", password="", token=""):
if username == "" or password == "" or token == "":
raise RError(20)
password = hashlib.sha512(password + self.config.password_salt).hexdigest()[0: 64]
result = self.db.query("SELECT * FROM admin_user WHERE username=%s AND password=%s", (username, password))
if not result:
raise RError(25)
self.info.id = result[0]['id']
self.info.ifLogin = True
self.info.token = token
return self.sync_from_mysql()
def logout(self):
if not self.info.ifLogin:
return True
if self.info.token == "":
return True
self.session.remove(self.info.token)
self.info.ifLogin = False
return True
def sync_from_mysql(self):
if not self.info.ifLogin:
return False
if self.info.id <= 0:
return False
result = self.db.query("SELECT * FROM admin_user WHERE id = %s", (self.info.id,))
if not result:
return False
self.info.username = result[0]['username']
self.info.invite_code_id = result[0]['invite_code_id']
self.info.level = result[0]['level']
self.session.push(self.info.token, self.info)
return True
def register(self, code="", username="", password=""):
if code == "" or password == "" or username == "":
raise RError(20)
password = hashlib.sha512(password + self.config.password_salt).hexdigest()[0: 64]
if self.db.query("SELECT * FROM admin_user WHERE username = %s", (username,)):
raise RError(19)
result = self.db.execute(
"INSERT INTO admin_user(username, password, level, invite_code_id) "
"VALUES(%s,%s,1, (SELECT id FROM invite_codes WHERE code = %s))", (username, password, code))
if not result:
raise RError(0)
result = self.db.execute("UPDATE invite_codes SET used = 1 WHERE code = %s", (code,))
return True
def reset_password(self, code="", password=""):
if code == "" or password == "":
raise RError(20)
password = hashlib.sha512(password + self.config.password_salt).hexdigest()[0: 64]
result = self.db.execute(
"UPDATE admin_user SET password = %s WHERE invite_code_id in (SELECT id FROM invite_codes WHERE code = %s)",
(password, code))
return True
def __init__(self):
self.db = RDataBase()
class RDKIM:
def __init__(self):
self.db = RDataBase()
@utils.require_login
@utils.require_domain_owner
def on_get(self, req, resp, user, domain_id):
domain = self.db.query("SELECT * FROM virtual_domains WHERE id = %s", (domain_id,))
opendkim_id = self.db.query("SELECT * FROM opendkim_signings WHERE author = %s", (domain[0]['name'],))
if not opendkim_id:
return
opendkim_key = self.db.query("SELECT * FROM opendkim_keys WHERE id =%s", (opendkim_id[0]['dkim_id'],))
if not opendkim_key:
return
req.context['result'] = {"domain": opendkim_key[0]['domain_name'], "selector": opendkim_key[0]['selector'],
"key_sha512": hashlib.sha512(opendkim_key[0]['private_key']).hexdigest()}
@utils.require_login
@utils.require_domain_owner
def on_put(self, req, resp, user, domain_id):
if 'request' not in req.context.keys():
raise RError(16)
request = req.context['request']
if 'selector' not in request.keys():
raise RError(20)
if 'private_key' not in request.keys():
raise RError(20)
domain = self.db.query("SELECT * FROM virtual_domains WHERE id = %s", (domain_id,))
opendkim_id = self.db.query("SELECT * FROM opendkim_signings WHERE author = %s", (domain[0]['name'],))
if not opendkim_id:
self.db.execute("INSERT INTO opendkim_keys(domain_name, selector, private_key) VALUES (%s,%s,%s)",
(domain[0]['name'], request['selector'], request['private_key']))
self.db.execute(
"INSERT INTO opendkim_signings(author, dkim_id) "
"VALUES (%s, (SELECT id FROM opendkim_keys WHERE domain_name = %s))",
(domain[0]['name'], domain[0]['name']))
else:
self.db.execute("UPDATE opendkim_keys SET selector=%s, private_key=%s WHERE domain_name = %s",
(request['selector'], request['private_key'], domain[0]['name']))