def add(self, data):
self.cn = data.get('cn', '')
self.mail = web.safestr(data.get('mail')).strip().lower()
if not iredutils.isEmail(self.mail):
return (False, 'INVALID_MAIL')
# Check admin exist.
connutils = connUtils.Utils()
if connutils.isAdminExists(self.mail):
return (False, 'ALREADY_EXISTS')
# Get domainGlobalAdmin setting.
self.domainGlobalAdmin = web.safestr(data.get('domainGlobalAdmin', 'no'))
if self.domainGlobalAdmin not in ['yes', 'no', ]:
self.domainGlobalAdmin = 'no'
# Get language setting.
preferredLanguage = web.safestr(data.get('preferredLanguage', 'en_US'))
# Get new password.
self.newpw = web.safestr(data.get('newpw'))
self.confirmpw = web.safestr(data.get('confirmpw'))
result = iredutils.verifyNewPasswords(self.newpw, self.confirmpw)
if result[0] is True:
self.passwd = result[1]
else:
return result
try:
self.conn.insert(
'dbmail_admins',
username=self.mail,
name=self.cn,
password=iredutils.getSQLPassword(self.passwd),
language=preferredLanguage,
created=iredutils.getGMTTime(),
active='1',
)
if self.domainGlobalAdmin == 'yes':
self.conn.insert(
'dbmail_domain_admins',
username=self.mail,
domain='ALL',
created=iredutils.getGMTTime(),
active='1',
)
web.logger(msg="Create admin: %s." % (self.mail), event='create',)
return (True,)
except Exception, e:
return (False, str(e))
def add(self, data):
self.cn = data.get('cn', '')
self.mail = web.safestr(data.get('mail')).strip().lower()
if not iredutils.isEmail(self.mail):
return (False, 'INVALID_MAIL')
# Check admin exist.
connutils = connUtils.Utils()
if connutils.isAdminExists(self.mail):
return (False, 'ALREADY_EXISTS')
# Get domainGlobalAdmin setting.
self.domainGlobalAdmin = 'yes'
# Get language setting.
self.preferredLanguage = web.safestr(data.get('preferredLanguage', 'en_US'))
# Get new password.
self.newpw = web.safestr(data.get('newpw'))
self.confirmpw = web.safestr(data.get('confirmpw'))
result = iredutils.verifyNewPasswords(self.newpw, self.confirmpw)
if result[0] is True:
self.passwd = result[1]
else:
return result
try:
self.conn.insert(
'admin',
username=self.mail,
name=self.cn,
password=iredutils.getSQLPassword(self.passwd),
language=self.preferredLanguage,
created=iredutils.sqlNOW,
active='1',
)
if self.domainGlobalAdmin == 'yes':
self.conn.insert(
'domain_admins',
username=self.mail,
domain='ALL',
created=iredutils.sqlNOW,
active='1',
)
web.logger(msg="Create admin: %s." % (self.mail), event='create',)
return (True,)
except Exception, e:
return (False, str(e))
def add(self, data):
self.cn = data.get('cn')
self.mail = web.safestr(data.get('mail')).strip().lower()
if not iredutils.isEmail(self.mail):
return (False, 'INVALID_MAIL')
self.domainGlobalAdmin = web.safestr(
data.get('domainGlobalAdmin', 'no'))
if self.domainGlobalAdmin not in [
'yes',
'no',
]:
self.domainGlobalAdmin = 'no'
self.preferredLanguage = web.safestr(
data.get('preferredLanguage', 'en_US'))
# Check password.
self.newpw = web.safestr(data.get('newpw'))
self.confirmpw = web.safestr(data.get('confirmpw'))
result = iredutils.verifyNewPasswords(self.newpw, self.confirmpw)
if result[0] is True:
self.passwd = ldaputils.generatePasswd(result[1])
else:
return result
ldif = iredldif.ldif_mailadmin(
mail=self.mail,
passwd=self.passwd,
cn=self.cn,
preferredLanguage=self.preferredLanguage,
domainGlobalAdmin=self.domainGlobalAdmin,
)
self.dn = ldaputils.convKeywordToDN(self.mail, accountType='admin')
try:
self.conn.add_s(self.dn, ldif)
web.logger(
msg="Create admin: %s." % (self.mail),
event='create',
)
return (True, )
except ldap.ALREADY_EXISTS:
return (False, 'ALREADY_EXISTS')
except Exception, e:
return (False, ldaputils.getExceptionDesc(e))
def add(self, data):
self.cn = data.get('cn')
self.mail = web.safestr(data.get('mail')).strip().lower()
if not iredutils.isEmail(self.mail):
return (False, 'INVALID_MAIL')
self.domainGlobalAdmin = web.safestr(data.get('domainGlobalAdmin', 'no'))
if self.domainGlobalAdmin not in ['yes', 'no',]:
self.domainGlobalAdmin = 'no'
self.preferredLanguage = web.safestr(data.get('preferredLanguage', 'en_US'))
# Check password.
self.newpw = web.safestr(data.get('newpw'))
self.confirmpw = web.safestr(data.get('confirmpw'))
result = iredutils.verifyNewPasswords(self.newpw, self.confirmpw)
if result[0] is True:
self.passwd = ldaputils.generatePasswd(result[1])
else:
return result
ldif = iredldif.ldif_mailadmin(
mail=self.mail,
passwd=self.passwd,
cn=self.cn,
preferredLanguage=self.preferredLanguage,
domainGlobalAdmin=self.domainGlobalAdmin,
)
self.dn = ldaputils.convKeywordToDN(self.mail, accountType='admin')
try:
self.conn.add_s(self.dn, ldif)
web.logger(msg="Create admin: %s." % (self.mail), event='create',)
return (True,)
except ldap.ALREADY_EXISTS:
return (False, 'ALREADY_EXISTS')
except Exception, e:
return (False, ldaputils.getExceptionDesc(e))
def add(self, domain, data):
# Get domain name, username, cn.
self.domain = web.safestr(data.get('domainName')).strip().lower()
self.username = web.safestr(data.get('username')).strip().lower()
self.mail = self.username + '@' + self.domain
self.groups = data.get('groups', [])
if not iredutils.isDomain(self.domain) or not iredutils.isEmail(self.mail):
return (False, 'MISSING_DOMAIN_OR_USERNAME')
# Check account existing.
connutils = connUtils.Utils()
if connutils.isAccountExists(domain=self.domain, filter='(mail=%s)' % self.mail):
return (False, 'ALREADY_EXISTS')
# Get @domainAccountSetting.
domainLib = domainlib.Domain()
result_domain_profile = domainLib.profile(self.domain)
# Initial parameters.
domainAccountSetting = {}
self.aliasDomains = []
if result_domain_profile[0] is True:
domainProfile = result_domain_profile[1]
domainAccountSetting = ldaputils.getAccountSettingFromLdapQueryResult(domainProfile, key='domainName').get(self.domain, {})
self.aliasDomains = domainProfile[0][1].get('domainAliasName', [])
# Check password.
self.newpw = web.safestr(data.get('newpw'))
self.confirmpw = web.safestr(data.get('confirmpw'))
result = iredutils.verifyNewPasswords(self.newpw, self.confirmpw,
min_passwd_length=domainAccountSetting.get('minPasswordLength', '0'),
max_passwd_length=domainAccountSetting.get('maxPasswordLength', '0'),
)
if result[0] is True:
self.passwd = ldaputils.generatePasswd(result[1])
else:
return result
# Get display name.
self.cn = data.get('cn')
# Get user quota. Unit is MB.
# 0 or empty is not allowed if domain quota is set, set to
# @defaultUserQuota or @domainSpareQuotaSize
# Initial final mailbox quota.
self.quota = 0
# Get mail quota from web form.
defaultUserQuota = domainLib.getDomainDefaultUserQuota(self.domain, domainAccountSetting)
self.mailQuota = str(data.get('mailQuota')).strip()
if self.mailQuota.isdigit():
self.mailQuota = int(self.mailQuota)
else:
self.mailQuota = defaultUserQuota
# 0 means unlimited.
domainQuotaSize, domainQuotaUnit = domainAccountSetting.get('domainQuota', '0:GB').split(':')
if int(domainQuotaSize) == 0:
# Unlimited.
self.quota = self.mailQuota
else:
# Get domain quota, convert to MB.
if domainQuotaUnit == 'TB':
domainQuota = int(domainQuotaSize) * 1024 * 1024 # TB
elif domainQuotaUnit == 'GB':
domainQuota = int(domainQuotaSize) * 1024 # GB
else:
domainQuota = int(domainQuotaSize) # MB
# TODO Query whole domain and calculate current quota size, not read from domain profile.
#domainCurrentQuotaSize = int(domainProfile[0][1].get('domainCurrentQuotaSize', ['0'])[0]) / (1024*1024)
result = connutils.getDomainCurrentQuotaSizeFromLDAP(domain=self.domain)
if result[0] is True:
domainCurrentQuotaSize = result[1]
else:
domainCurrentQuotaSize = 0
# Spare quota.
domainSpareQuotaSize = domainQuota - domainCurrentQuotaSize/(1024*1024)
if domainSpareQuotaSize <= 0:
return (False, 'EXCEEDED_DOMAIN_QUOTA_SIZE')
# Get FINAL mailbox quota.
if self.mailQuota == 0:
self.quota = domainSpareQuotaSize
else:
if domainSpareQuotaSize > self.mailQuota:
self.quota = self.mailQuota
else:
self.quota = domainSpareQuotaSize
# Get default groups.
self.groups = [ web.safestr(v)
for v in domainAccountSetting.get('defaultList', '').split(',')
if iredutils.isEmail(v)
]
self.defaultStorageBaseDirectory = domainAccountSetting.get('defaultStorageBaseDirectory', None)
# Get default mail list which set in domain accountSetting.
ldif = iredldif.ldif_mailuser(
domain=self.domain,
aliasDomains=self.aliasDomains,
username=self.username,
cn=self.cn,
passwd=self.passwd,
quota=self.quota,
groups=self.groups,
storageBaseDirectory=self.defaultStorageBaseDirectory,
)
if attrs.RDN_USER == 'mail':
self.dn = ldaputils.convKeywordToDN(self.mail, accountType='user')
elif attrs.RDN_USER == 'cn':
self.dn = 'cn=' + self.cn + ',' + attrs.DN_BETWEEN_USER_AND_DOMAIN + \
ldaputils.convKeywordToDN(self.domain, accountType='domain')
elif attrs.RDN_USER == 'uid':
self.dn = 'uid=' + self.username + ',' + attrs.DN_BETWEEN_USER_AND_DOMAIN + \
ldaputils.convKeywordToDN(self.domain, accountType='domain')
else:
return (False, 'UNSUPPORTED_USER_RDN')
try:
self.conn.add_s(ldap.filter.escape_filter_chars(self.dn), ldif,)
web.logger(msg="Create user: %s." % (self.mail), domain=self.domain, event='create',)
return (True,)
except ldap.ALREADY_EXISTS:
return (False, 'ALREADY_EXISTS')
except Exception, e:
return (False, ldaputils.getExceptionDesc(e))
else:
accountStatus = 'disabled'
mod_attrs += [ (ldap.MOD_REPLACE, 'accountStatus', accountStatus) ]
elif self.profile_type == 'password':
# Get password length from @domainAccountSetting.
minPasswordLength = domainAccountSetting.get('minPasswordLength', cfg.general.get('min_passwd_length', '0'))
maxPasswordLength = domainAccountSetting.get('maxPasswordLength', cfg.general.get('max_passwd_length', '0'))
# Get new passwords from user input.
self.newpw = str(data.get('newpw', None))
self.confirmpw = str(data.get('confirmpw', None))
result = iredutils.verifyNewPasswords(
newpw=self.newpw,
confirmpw=self.confirmpw,
min_passwd_length=minPasswordLength,
max_passwd_length=maxPasswordLength,
)
if result[0] is True:
self.passwd = ldaputils.generatePasswd(result[1])
mod_attrs += [ (ldap.MOD_REPLACE, 'userPassword', self.passwd) ]
else:
return result
try:
self.conn.modify_s(self.dn, mod_attrs)
return (True,)
except Exception, e:
return (False, ldaputils.getExceptionDesc(e))
for i in self.domainsAddAdmins:
result = connutils.addOrDelAttrValue(
dn=ldaputils.convKeywordToDN(i, accountType='domain'),
attr='domainAdmin',
value=self.mail,
action='add',
)
if result[0] is False:
return result
return (True, )
elif self.profile_type == 'password':
self.cur_passwd = data.get('oldpw', None)
self.newpw = data.get('newpw')
self.confirmpw = data.get('confirmpw')
result = iredutils.verifyNewPasswords(self.newpw, self.confirmpw)
if result[0] is True:
self.passwd = result[1]
else:
return result
# Change password.
if self.cur_passwd is None and session.get(
'domainGlobalAdmin') is True:
# Reset password without verify old password.
self.cur_passwd = None
else:
self.cur_passwd = str(self.cur_passwd)
connutils = connUtils.Utils()
result = connutils.changePasswd(
def add(self, domain, data):
# Get domain name, username, cn.
self.domain = web.safestr(data.get('domainName')).strip().lower()
self.username = web.safestr(data.get('username')).strip().lower()
self.mail = self.username + '@' + self.domain
self.groups = data.get('groups', [])
if not iredutils.isDomain(self.domain) or not iredutils.isEmail(
self.mail):
return (False, 'MISSING_DOMAIN_OR_USERNAME')
# Check account existing.
connutils = connUtils.Utils()
if connutils.isAccountExists(domain=self.domain,
filter='(mail=%s)' % self.mail):
return (False, 'ALREADY_EXISTS')
# Get @domainAccountSetting.
domainLib = domainlib.Domain()
result_domain_profile = domainLib.profile(self.domain)
# Initial parameters.
domainAccountSetting = {}
self.aliasDomains = []
if result_domain_profile[0] is True:
domainProfile = result_domain_profile[1]
domainAccountSetting = ldaputils.getAccountSettingFromLdapQueryResult(
domainProfile, key='domainName').get(self.domain, {})
self.aliasDomains = domainProfile[0][1].get('domainAliasName', [])
# Check password.
self.newpw = web.safestr(data.get('newpw'))
self.confirmpw = web.safestr(data.get('confirmpw'))
result = iredutils.verifyNewPasswords(
self.newpw,
self.confirmpw,
min_passwd_length=domainAccountSetting.get('minPasswordLength',
'0'),
max_passwd_length=domainAccountSetting.get('maxPasswordLength',
'0'),
)
if result[0] is True:
self.passwd = ldaputils.generatePasswd(result[1])
else:
return result
# Get display name.
self.cn = data.get('cn')
# Get user quota. Unit is MB.
# 0 or empty is not allowed if domain quota is set, set to
# @defaultUserQuota or @domainSpareQuotaSize
# Initial final mailbox quota.
self.quota = 0
# Get mail quota from web form.
defaultUserQuota = domainLib.getDomainDefaultUserQuota(
self.domain, domainAccountSetting)
self.mailQuota = str(data.get('mailQuota')).strip()
if self.mailQuota.isdigit():
self.mailQuota = int(self.mailQuota)
else:
self.mailQuota = defaultUserQuota
# 0 means unlimited.
domainQuotaSize, domainQuotaUnit = domainAccountSetting.get(
'domainQuota', '0:GB').split(':')
if int(domainQuotaSize) == 0:
# Unlimited.
self.quota = self.mailQuota
else:
# Get domain quota, convert to MB.
if domainQuotaUnit == 'TB':
domainQuota = int(domainQuotaSize) * 1024 * 1024 # TB
elif domainQuotaUnit == 'GB':
domainQuota = int(domainQuotaSize) * 1024 # GB
else:
domainQuota = int(domainQuotaSize) # MB
# TODO Query whole domain and calculate current quota size, not read from domain profile.
#domainCurrentQuotaSize = int(domainProfile[0][1].get('domainCurrentQuotaSize', ['0'])[0]) / (1024*1024)
result = connutils.getDomainCurrentQuotaSizeFromLDAP(
domain=self.domain)
if result[0] is True:
domainCurrentQuotaSize = result[1]
else:
domainCurrentQuotaSize = 0
# Spare quota.
domainSpareQuotaSize = domainQuota - domainCurrentQuotaSize / (
1024 * 1024)
if domainSpareQuotaSize <= 0:
return (False, 'EXCEEDED_DOMAIN_QUOTA_SIZE')
# Get FINAL mailbox quota.
if self.mailQuota == 0:
self.quota = domainSpareQuotaSize
else:
if domainSpareQuotaSize > self.mailQuota:
self.quota = self.mailQuota
else:
self.quota = domainSpareQuotaSize
# Get default groups.
self.groups = [
web.safestr(v)
for v in domainAccountSetting.get('defaultList', '').split(',')
if iredutils.isEmail(v)
]
self.defaultStorageBaseDirectory = domainAccountSetting.get(
'defaultStorageBaseDirectory', None)
# Get default mail list which set in domain accountSetting.
ldif = iredldif.ldif_mailuser(
domain=self.domain,
aliasDomains=self.aliasDomains,
username=self.username,
cn=self.cn,
passwd=self.passwd,
quota=self.quota,
groups=self.groups,
storageBaseDirectory=self.defaultStorageBaseDirectory,
)
if attrs.RDN_USER == 'mail':
self.dn = ldaputils.convKeywordToDN(self.mail, accountType='user')
elif attrs.RDN_USER == 'cn':
self.dn = 'cn=' + self.cn + ',' + attrs.DN_BETWEEN_USER_AND_DOMAIN + \
ldaputils.convKeywordToDN(self.domain, accountType='domain')
elif attrs.RDN_USER == 'uid':
self.dn = 'uid=' + self.username + ',' + attrs.DN_BETWEEN_USER_AND_DOMAIN + \
ldaputils.convKeywordToDN(self.domain, accountType='domain')
else:
return (False, 'UNSUPPORTED_USER_RDN')
try:
self.conn.add_s(
ldap.filter.escape_filter_chars(self.dn),
ldif,
)
web.logger(
msg="Create user: %s." % (self.mail),
domain=self.domain,
event='create',
)
return (True, )
except ldap.ALREADY_EXISTS:
return (False, 'ALREADY_EXISTS')
except Exception, e:
return (False, ldaputils.getExceptionDesc(e))
mod_attrs += [(ldap.MOD_REPLACE, 'accountStatus', accountStatus)]
elif self.profile_type == 'password':
# Get password length from @domainAccountSetting.
minPasswordLength = domainAccountSetting.get(
'minPasswordLength', cfg.general.get('min_passwd_length', '0'))
maxPasswordLength = domainAccountSetting.get(
'maxPasswordLength', cfg.general.get('max_passwd_length', '0'))
# Get new passwords from user input.
self.newpw = str(data.get('newpw', None))
self.confirmpw = str(data.get('confirmpw', None))
result = iredutils.verifyNewPasswords(
newpw=self.newpw,
confirmpw=self.confirmpw,
min_passwd_length=minPasswordLength,
max_passwd_length=maxPasswordLength,
)
if result[0] is True:
self.passwd = ldaputils.generatePasswd(result[1])
mod_attrs += [(ldap.MOD_REPLACE, 'userPassword', self.passwd)]
else:
return result
try:
self.conn.modify_s(self.dn, mod_attrs)
return (True, )
except Exception, e:
return (False, ldaputils.getExceptionDesc(e))
def add(self, domain, data):
# Get domain name, username, cn.
self.domain = web.safestr(data.get('domainName')).strip().lower()
self.username = web.safestr(data.get('username')).strip().lower()
self.mail = self.username + '@' + self.domain
if self.domain != domain:
return (False, 'PERMISSION_DENIED')
if not iredutils.isDomain(self.domain):
return (False, 'INVALID_DOMAIN_NAME')
# Check account existing.
connutils = connUtils.Utils()
if connutils.isEmailExists(mail=self.mail):
return (False, 'ALREADY_EXISTS')
# Get domain profile.
domainLib = domainlib.Domain()
resultOfDomainProfile = domainLib.profile(domain=self.domain)
if resultOfDomainProfile[0] is True:
self.domainProfile = resultOfDomainProfile[1]
else:
return resultOfDomainProfile
# Check account limit.
adminLib = adminlib.Admin()
numberOfExistAccounts = adminLib.getNumberOfManagedAccounts(accountType='user', domains=[self.domain])
if self.domainProfile.mailboxes == 0:
# Unlimited.
pass
elif self.domainProfile.mailboxes <= numberOfExistAccounts:
return (False, 'EXCEEDED_DOMAIN_ACCOUNT_LIMIT')
# Check spare quota and number of spare account limit.
# Get quota from <form>
self.mailQuota = str(data.get('mailQuota')).strip()
self.defaultUserQuota = self.domainProfile.get('defaultuserquota', 0)
if self.mailQuota.isdigit():
self.mailQuota = int(self.mailQuota)
else:
self.mailQuota = self.defaultUserQuota
# Re-calculate mail quota if this domain has limited max quota.
if self.domainProfile.maxquota > 0:
# Get used quota.
qr = domainLib.getAllocatedQuotaSize(domain=self.domain)
if qr[0] is True:
self.allocatedQuota = qr[1]
else:
return qr
spareQuota = self.domainProfile.maxquota - self.allocatedQuota
if spareQuota > 0:
if spareQuota < self.mailQuota:
self.mailQuota = spareQuota
else:
# No enough quota.
return (False, 'EXCEEDED_DOMAIN_QUOTA_SIZE')
#
# Get password from <form>.
#
self.newpw = str(data.get('newpw', ''))
self.confirmpw = str(data.get('confirmpw', ''))
# Get password length limit from domain profile or global setting.
self.minPasswordLength = self.domainProfile.get('minpasswordlength',cfg.general.get('min_passwd_length', '0'))
self.maxPasswordLength = self.domainProfile.get('maxpasswordlength', cfg.general.get('max_passwd_length', '0'))
resultOfPW = iredutils.verifyNewPasswords(
self.newpw,
self.confirmpw,
min_passwd_length=self.minPasswordLength,
max_passwd_length=self.maxPasswordLength,
)
if resultOfPW[0] is True:
self.passwd = iredutils.getSQLPassword(resultOfPW[1])
else:
return resultOfPW
# Get display name from <form>
self.cn = data.get('cn', '')
# Assign new user to default mail aliases.
assignedAliases = [str(v).lower()
for v in str(self.domainProfile.defaultuseraliases).split(',')
if iredutils.isEmail(v)
]
try:
# Store new user in SQL db.
self.conn.insert(
'mailbox',
domain=self.domain,
username=self.mail,
password=self.passwd,
name=self.cn,
maildir=iredutils.setMailMessageStore(self.mail),
quota=self.mailQuota,
created=iredutils.sqlNOW,
active='1',
local_part=self.username,
)
# Assign new user to default mail aliases.
if len(assignedAliases) > 0:
for ali in assignedAliases:
try:
self.conn.query(
'''
UPDATE alias
SET goto=CONCAT(goto, %s)
WHERE address=%s AND domain=%s
''' % (
web.sqlquote(','+self.mail),
web.sqlquote(ali),
web.sqlquote(self.domain),
)
)
except:
pass
# Create an alias account: address=goto.
self.conn.insert(
'alias',
address=self.mail,
goto=self.mail,
domain=self.domain,
created=iredutils.sqlNOW,
active='1',
)
web.logger(msg="Create user: %s." % (self.mail), domain=self.domain, event='create',)
return (True,)
except Exception, e:
return (False, str(e))
self.conn.insert(
'alias',
**inserts
)
return (True,)
except Exception, e:
return (False, str(e))
else:
return (True,)
elif self.profile_type == 'password':
self.newpw = str(data.get('newpw', ''))
self.confirmpw = str(data.get('confirmpw', ''))
# Verify new passwords.
qr = iredutils.verifyNewPasswords(self.newpw, self.confirmpw)
if qr[0] is True:
self.passwd = iredutils.getSQLPassword(qr[1])
else:
return qr
# Hash/encrypt new password.
updates['password'] = self.passwd
elif self.profile_type == 'advanced':
# Get enabled services.
self.enabledService = [str(v).lower()
for v in data.get('enabledService', [])
if v in ENABLED_SERVICES
]
self.disabledService = [v for v in ENABLED_SERVICES if v not in self.enabledService]
def add(self, domain, data):
# Get domain name, username, cn.
self.domain = web.safestr(data.get('domainName')).strip().lower()
self.username = web.safestr(data.get('username')).strip().lower()
self.mail = self.username + '@' + self.domain
if self.domain != domain:
return (False, 'PERMISSION_DENIED')
if not iredutils.isDomain(self.domain):
return (False, 'INVALID_DOMAIN_NAME')
# Check account existing.
connutils = connUtils.Utils()
if connutils.isEmailExists(mail=self.mail):
return (False, 'ALREADY_EXISTS')
# Get domain profile.
domainLib = domainlib.Domain()
resultOfDomainProfile = domainLib.profile(domain=self.domain)
if resultOfDomainProfile[0] is True:
self.domainProfile = resultOfDomainProfile[1]
else:
return resultOfDomainProfile
# Check account limit.
adminLib = adminlib.Admin()
numberOfExistAccounts = adminLib.getNumberOfManagedAccounts(
accountType='user', domains=[self.domain])
if self.domainProfile.mailboxes == 0:
# Unlimited.
pass
elif self.domainProfile.mailboxes <= numberOfExistAccounts:
return (False, 'EXCEEDED_DOMAIN_ACCOUNT_LIMIT')
# Check spare quota and number of spare account limit.
# Get quota from <form>
self.mailQuota = str(data.get('mailQuota')).strip()
self.defaultUserQuota = self.domainProfile.get('defaultuserquota', 0)
if self.mailQuota.isdigit():
self.mailQuota = int(self.mailQuota)
else:
self.mailQuota = self.defaultUserQuota
# Re-calculate mail quota if this domain has limited max quota.
if self.domainProfile.maxquota > 0:
# Get used quota.
qr = domainLib.getAllocatedQuotaSize(domain=self.domain)
if qr[0] is True:
self.allocatedQuota = qr[1]
else:
return qr
spareQuota = self.domainProfile.maxquota - self.allocatedQuota
if spareQuota > 0:
if spareQuota < self.mailQuota:
self.mailQuota = spareQuota
else:
# No enough quota.
return (False, 'EXCEEDED_DOMAIN_QUOTA_SIZE')
#
# Get password from <form>.
#
self.newpw = str(data.get('newpw', ''))
self.confirmpw = str(data.get('confirmpw', ''))
# Get password length limit from domain profile or global setting.
self.minPasswordLength = self.domainProfile.get(
'minpasswordlength', cfg.general.get('min_passwd_length', '0'))
self.maxPasswordLength = self.domainProfile.get(
'maxpasswordlength', cfg.general.get('max_passwd_length', '0'))
resultOfPW = iredutils.verifyNewPasswords(
self.newpw,
self.confirmpw,
min_passwd_length=self.minPasswordLength,
max_passwd_length=self.maxPasswordLength,
)
if resultOfPW[0] is True:
self.passwd = iredutils.getSQLPassword(resultOfPW[1])
else:
return resultOfPW
# Get display name from <form>
self.cn = data.get('cn', '')
# Assign new user to default mail aliases.
assignedAliases = [
str(v).lower()
for v in str(self.domainProfile.defaultuseraliases).split(',')
if iredutils.isEmail(v)
]
try:
# Store new user in SQL db.
self.conn.insert(
'mailbox',
domain=self.domain,
username=self.mail,
password=self.passwd,
name=self.cn,
maildir=iredutils.setMailMessageStore(self.mail),
quota=self.mailQuota,
created=iredutils.sqlNOW,
active='1',
local_part=self.username,
)
# Assign new user to default mail aliases.
if len(assignedAliases) > 0:
for ali in assignedAliases:
try:
self.conn.query('''
UPDATE alias
SET goto=CONCAT(goto, %s)
WHERE address=%s AND domain=%s
''' % (
web.sqlquote(',' + self.mail),
web.sqlquote(ali),
web.sqlquote(self.domain),
))
except:
pass
# Create an alias account: address=goto.
self.conn.insert(
'alias',
address=self.mail,
goto=self.mail,
domain=self.domain,
created=iredutils.sqlNOW,
active='1',
)
web.logger(
msg="Create user: %s." % (self.mail),
domain=self.domain,
event='create',
)
return (True, )
except Exception, e:
return (False, str(e))
def add(self, domain, data):
# Get domain name, username, cn.
self.domain = web.safestr(data.get('domainName')).strip().lower()
self.username = web.safestr(data.get('username')).strip().lower()
self.mail = self.username + '@' + self.domain
sql_vars = {
'mail': self.mail,
}
if not iredutils.isDomain(self.domain):
return (False, 'INVALID_DOMAIN_NAME')
if self.domain != domain:
return (False, 'PERMISSION_DENIED')
if not iredutils.isEmail(self.mail):
return (False, 'INVALID_MAIL')
# Check account existing.
connutils = connUtils.Utils()
if connutils.isEmailExists(self.mail):
return (False, 'ALREADY_EXISTS')
# Get domain profile.
domainLib = domainlib.Domain()
resultOfDomainProfile = domainLib.profile(domain=self.domain)
if resultOfDomainProfile[0] is True:
self.domainProfile = resultOfDomainProfile[1]
else:
return resultOfDomainProfile
# Check account limit.
adminLib = adminlib.Admin()
numberOfExistAccounts = adminLib.getNumberOfManagedAccounts(
accountType='user', domains=[self.domain])
if self.domainProfile.mailboxes == -1:
return (False, 'NOT_ALLOWED')
elif self.domainProfile.mailboxes > 0:
if self.domainProfile.mailboxes <= numberOfExistAccounts:
return (False, 'EXCEEDED_DOMAIN_ACCOUNT_LIMIT')
columns = {
'userid': self.mail,
'domain': self.domain,
}
# Check spare quota and number of spare account limit.
# Get quota from form.
self.mailQuota = str(data.get('mailQuota')).strip()
self.defaultUserQuota = self.domainProfile.get('defaultuserquota', 0)
if self.mailQuota.isdigit():
self.mailQuota = int(self.mailQuota)
else:
self.mailQuota = self.defaultUserQuota
# Re-calculate mail quota if this domain has max quota limit.
if self.domainProfile.maxquota > 0:
# Get used quota.
qr = domainLib.getAllocatedQuotaSize(domain=self.domain)
if qr[0] is True:
self.allocatedQuota = qr[1]
else:
return qr
spareQuota = self.domainProfile.maxquota - self.allocatedQuota / 1024 / 1024
if spareQuota > 0:
if spareQuota < self.mailQuota:
self.mailQuota = spareQuota
else:
# No enough quota.
return (False, 'EXCEEDED_DOMAIN_QUOTA_SIZE')
columns['maxmail_size'] = self.mailQuota * 1024 * 1024
#
# Get password from <form>.
#
newpw = web.safestr(data.get('newpw', ''))
confirmpw = web.safestr(data.get('confirmpw', ''))
# Get password length limit from domain profile or global setting.
self.minPasswordLength = self.domainProfile.get(
'minpasswordlength', cfg.general.get('min_passwd_length', '0'))
self.maxPasswordLength = self.domainProfile.get(
'maxpasswordlength', cfg.general.get('max_passwd_length', '0'))
resultOfPW = iredutils.verifyNewPasswords(
newpw,
confirmpw,
min_passwd_length=self.minPasswordLength,
max_passwd_length=self.maxPasswordLength,
)
if resultOfPW[0] is True:
if 'storePasswordInPlainText' in data:
columns['passwd'] = iredutils.getSQLPassword(resultOfPW[1],
pwscheme='PLAIN')
columns['encryption_type'] = ''
else:
columns['passwd'] = iredutils.getSQLPassword(resultOfPW[1])
columns[
'encryption_type'] = settings.SQL_DEFAULT_PASSWD_SCHEME.lower(
)
else:
return resultOfPW
# Get display name from <form>
columns['name'] = data.get('cn', '')
# Assign new user to default mail aliases.
assignedAliases = [
str(addr).lower()
for addr in str(self.domainProfile.defaultuseraliases).split(',')
if iredutils.isEmail(addr)
]
try:
# Store new user in SQL db.
self.conn.insert('dbmail_users', **columns)
# Get dbmail_users.user_idnr.
qr = self.conn.select(
'dbmail_users',
vars=sql_vars,
what='user_idnr,client_idnr',
where='userid=$mail',
limit=1,
)
p = qr[0]
user_idnr, client_idnr = p.user_idnr, p.client_idnr
self.conn.insert(
'dbmail_aliases',
alias=self.mail,
deliver_to=user_idnr,
client_idnr=client_idnr,
)
# Create and subscribe to default IMAP folders.
if settings.DBMAIL_CREATE_DEFAULT_IMAP_FOLDERS:
# Create default IMAP folders.
imap_folders = [
'(%d, "%s")' % (user_idnr, fld)
for fld in settings.DBMAIL_DEFAULT_IMAP_FOLDERS
]
self.conn.query(
'''INSERT INTO dbmail_mailboxes (owner_idnr, name) VALUES %s'''
% ','.join(imap_folders))
# Subscribe to folders by default.
self.conn.query(
'''INSERT INTO dbmail_subscription (user_id, mailbox_id)
SELECT owner_idnr, mailbox_idnr FROM dbmail_mailboxes WHERE owner_idnr = %d
''' % user_idnr)
# Assign new user to default mail aliases.
if len(assignedAliases) > 0:
for ali in assignedAliases:
try:
self.conn.update(
'dbmail_aliases',
vars={
'mail': self.mail,
'ali': ali,
'user_idnr': user_idnr,
},
where='alias = $ali AND deliver_to <> $user_idnr',
deliver_to=web.sqlliteral(
'CONCAT($mail, ",", deliver_to)'),
)
except:
pass
vars_addition_sql = {
'user_idnr': user_idnr,
'mail': self.mail,
'username': self.username,
'domain': self.domain,
}
# Execute addition SQL commands after successfully created new users.
if settings.DBMAIL_SQL_FOR_NEWLY_CREATED_USER:
try:
for sql_cmd in settings.DBMAIL_SQL_FOR_NEWLY_CREATED_USER:
self.conn.query(sql_cmd, vars=vars_addition_sql)
except Exception:
pass
# Create Amavisd policy for newly created user.
if settings.AMAVISD_EXECUTE_SQL_WITHOUT_ENABLED and settings.AMAVISD_SQL_FOR_NEWLY_CREATED_USER:
try:
from libs.amavisd.core import AmavisdWrap
amwrap = AmavisdWrap()
for sql_cmd in settings.AMAVISD_SQL_FOR_NEWLY_CREATED_USER:
amwrap.db.query(sql_cmd, vars=vars_addition_sql)
except:
pass
web.logger(
msg="Create user: %s." % (self.mail),
domain=self.domain,
event='create',
)
return (True, )
except Exception, e:
return (False, str(e))
)
throttleLib.updateThrottlingSetting(
account=self.mail,
accountType='recipient',
setting=self.recipientThrottlingSetting,
)
except Exception, e:
pass
elif self.profile_type == 'password':
newpw = str(data.get('newpw', ''))
confirmpw = str(data.get('confirmpw', ''))
# Verify new passwords.
qr = iredutils.verifyNewPasswords(newpw, confirmpw)
if qr[0] is True:
if 'storePasswordInPlainText' in data:
self.passwd = iredutils.getSQLPassword(qr[1],
pwscheme='PLAIN')
else:
self.passwd = iredutils.getSQLPassword(qr[1])
else:
return qr
# Hash/encrypt new password.
updates['passwd'] = self.passwd
elif self.profile_type == 'advanced':
# Get enabled services.
"""
