def image_fixups(content, msgid, archive, richformat, allowimgs):
"Replace the CID links stored messages"
html = local_fromstring(content)
for element, attribute, link, _ in iterlinks(html):
if not link.startswith('cid:'):
if not allowimgs and attribute == 'src':
element.attrib['src'] = '%simgs/blocked.gif' % media_url()
element.attrib['title'] = link
if richformat:
if archive:
displayurl = url('message-preview-archived-with-imgs',
msgid=msgid)
else:
displayurl = url('message-preview-with-imgs',
msgid=msgid)
flash(ugettext('This message contains external'
' images, which have been blocked. ') +
literal(link_to(ugettext('Display images'),
displayurl)))
else:
imgname = link.replace('cid:', '')
if archive:
imgurl = url('messages-preview-archived-img',
img=imgname.replace('/', '__xoxo__'),
msgid=msgid)
else:
imgurl = url('messages-preview-img',
img=imgname.replace('/', '__xoxo__'),
msgid=msgid)
element.attrib['src'] = imgurl
return tostring(html)
def image_fixups(content, msgid, archive, richformat, allowimgs):
"Replace the CID links stored messages"
html = local_fromstring(content)
for element, attribute, link, _ in iterlinks(html):
if not link.startswith('cid:'):
if not allowimgs and attribute == 'src':
element.attrib['src'] = '%simgs/blocked.gif' % media_url()
element.attrib['title'] = link
if richformat:
if archive:
displayurl = url('message-preview-archived-with-imgs',
msgid=msgid)
else:
displayurl = url('message-preview-with-imgs',
msgid=msgid)
flash(
ugettext('This message contains external'
' images, which have been blocked. ') +
literal(link_to(ugettext('Display images'),
displayurl)))
else:
imgname = link.replace('cid:', '')
if archive:
imgurl = url('messages-preview-archived-img',
img=imgname.replace('/', '__xoxo__'),
msgid=msgid)
else:
imgurl = url('messages-preview-img',
img=imgname.replace('/', '__xoxo__'),
msgid=msgid)
element.attrib['src'] = imgurl
return tostring(html)
def img_fixups(content, queueid, allowimgs, richformat):
"Replace the CID links in Queued messages"
html = local_fromstring(content)
for element, attribute, link, _ in iterlinks(html):
if not link.startswith('cid:'):
if not allowimgs and attribute == 'src':
element.attrib['src'] = '%simgs/blocked.gif' % media_url()
element.attrib['title'] = link
if richformat:
flash(ugettext('This message contains external '
'images, which have been blocked. ') +
literal(link_to(ugettext('Display images'),
url('queue-preview-with-imgs', queueid=queueid))))
else:
imgname = link.replace('cid:', '')
element.attrib['src'] = url('queue-preview-img',
imgid=imgname.replace('/', '__xoxo__'),
queueid=queueid)
return tostring(html)
def img_fixups(content, queueid, allowimgs, richformat):
"Replace the CID links in Queued messages"
html = local_fromstring(content)
for element, attribute, link, _ in iterlinks(html):
if not link.startswith('cid:'):
if not allowimgs and attribute == 'src':
element.attrib['src'] = '%simgs/blocked.gif' % media_url()
element.attrib['title'] = link
if richformat:
flash(
ugettext('This message contains external '
'images, which have been blocked. ') +
literal(
link_to(
ugettext('Display images'),
url('queue-preview-with-imgs',
queueid=queueid))))
else:
imgname = link.replace('cid:', '')
element.attrib['src'] = url('queue-preview-img',
imgid=imgname.replace('/', '__xoxo__'),
queueid=queueid)
return tostring(html)
def preview(self, id, archive=None, attachment=None, img=None,
allowimgs=None):
"""Preview a message stored in the quarantine
:param id: the database message id
:param archive: optional. message archived status
:param attachment: optional. request is for an attachmeny
:param img: optional request is for an image
:param allowimgs: optional allow display of remote images
"""
if archive:
message = self._get_archive(id)
else:
message = self._get_message(id)
if not message:
abort(404)
try:
localtmz = config.get('baruwa.timezone', 'Africa/Johannesburg')
args = [message.messageid,
convert_date(message.timestamp, localtmz).strftime('%Y%m%d'),
attachment,
img,
allowimgs]
task = preview_msg.apply_async(args=args,
queue=message.hostname.strip())
task.wait(30)
if task.result:
if img:
if message.isdangerous and c.user.is_peleb:
abort(404)
response.content_type = task.result['content_type']
if task.result and 'img' in task.result:
info = MSGDOWNLOAD_MSG % dict(m=message.id,
a=task.result['name'])
audit_log(c.user.username,
1, unicode(info), request.host,
request.remote_addr, now())
return base64.decodestring(task.result['img'])
abort(404)
if attachment:
if message.isdangerous and c.user.is_peleb:
raise ValueError
info = MSGDOWNLOAD_MSG % dict(m=message.id,
a=task.result['name'])
audit_log(c.user.username,
1, unicode(info), request.host,
request.remote_addr, now())
response.content_type = task.result['mimetype']
content_disposition = 'attachment; filename="%s"' % \
task.result['name'].encode('ascii', 'replace')
response.headers['Content-Disposition'] = str(content_disposition)
response.headers['Content-Length'] = len(task.result['attachment'])
response.headers['Pragma'] = 'public'
response.headers['Cache-Control'] = 'max-age=0'
return base64.decodestring(task.result['attachment'])
for part in task.result['parts']:
if part['type'] == 'html':
html = fromstring(part['content'])
for element, attribute, link, pos in iterlinks(html):
if not link.startswith('cid:'):
if not allowimgs and attribute == 'src':
element.attrib['src'] = '%simgs/blocked.gif' % media_url()
element.attrib['title'] = link
flash(_('This message contains external images, which have been blocked. ') +
literal(link_to(_('Display images'),
url('message-preview-archived-with-imgs', id=id) \
if archive else url('message-preview-with-imgs', id=id),
class_='uline')))
else:
imgname = link.replace('cid:', '')
element.attrib['src'] = url('messages-preview-archived-img', img=imgname.replace('/', '__xoxo__'), id=id) \
if archive else url('messages-preview-img', img=imgname.replace('/', '__xoxo__'), id=id)
part['content'] = tostring(html)
c.message = task.result
info = MSGPREVIEW_MSG % dict(m=message.id)
audit_log(c.user.username,
1, unicode(info), request.host,
request.remote_addr, now())
else:
c.message = {}
except (socket.error, TimeoutError, QueueNotFound):
flash_alert(_('The message could not be previewed, try again later'))
whereto = url('message-archive', id=id) if archive else url('message-detail', id=id)
redirect(whereto)
except ValueError:
flash_alert(_('The attachment is either prohibited or dangerous.'
' Contact your system admin for assistance'))
whereto = url('message-archive', msgid=msgid) if archive \
else url('message-detail', msgid=msgid)
redirect(whereto)
c.messageid = message.messageid
c.id = message.id
c.archived = archive
c.isdangerous = message.isdangerous
return render('/messages/preview.html')
def mailq_preview(self, queueid, attachid=None, imgid=None, allowimgs=None):
"preview a queued message"
query = Session.query(MailQueueItem)
uquery = UserFilter(Session, c.user, query, model=MailQueueItem)
query = uquery.filter()
try:
mailqitem = query.filter(MailQueueItem.id == queueid).one()
except NoResultFound:
flash_alert(_('The requested queued message was not found.'))
redirect(url('mailq-status'))
try:
task = preview_queued_msg.apply_async(args=[mailqitem.messageid,
mailqitem.direction, attachid, imgid],
queue=mailqitem.hostname)
task.wait(30)
if task.result:
if imgid:
response.content_type = task.result['content_type']
if task.result and 'img' in task.result:
info = QUEUEDOWNLOAD_MSG % dict(m=mailqitem.messageid,
a=task.result['name'])
audit_log(c.user.username,
1, info, request.host,
request.remote_addr, now())
return base64.decodestring(task.result['img'])
abort(404)
if attachid:
info = QUEUEDOWNLOAD_MSG % dict(m=mailqitem.messageid,
a=task.result['name'])
audit_log(c.user.username,
1, info, request.host,
request.remote_addr, now())
response.content_type = task.result['mimetype']
dispos = 'attachment; filename="%s"' % task.result['name']
response.headers['Content-Disposition'] = str(dispos)
content_len = len(task.result['attachment'])
response.headers['Content-Length'] = content_len
response.headers['Pragma'] = 'public'
response.headers['Cache-Control'] = 'max-age=0'
return base64.decodestring(task.result['attachment'])
for part in task.result['parts']:
if part['type'] == 'html':
html = fromstring(part['content'])
for element, attribute, link, pos in iterlinks(html):
if not link.startswith('cid:'):
if not allowimgs and attribute == 'src':
element.attrib['src'] = '%simgs/blocked.gif' % media_url()
element.attrib['title'] = link
flash(_('This message contains external images, which have been blocked. ') +
literal(link_to(_('Display images'),
url('queue-preview-with-imgs', queueid=queueid), class_='uline')))
else:
imgname = link.replace('cid:', '')
element.attrib['src'] = url('queue-preview-img',
imgid=imgname.replace('/', '__xoxo__'),
queueid=queueid)
part['content'] = tostring(html)
c.message = task.result
info = QUEUEPREVIEW_MSG % dict(m=mailqitem.messageid)
audit_log(c.user.username,
1, info, request.host,
request.remote_addr, now())
else:
raise TimeoutError
except (TimeoutError, QueueNotFound):
flash_alert(_('The message could not be processed'))
redirect(url('mailq-status'))
c.queueid = queueid
c.messageid = mailqitem.messageid
return render('/status/preview.html')
def preview(self, id, archive=None, attachment=None, img=None,
allowimgs=None):
if archive:
message = self._get_archive(id)
else:
message = self._get_message(id)
if not message:
abort(404)
try:
args = [message.messageid,
str(message.date),
attachment,
img,
allowimgs]
task = preview_msg.apply_async(args=args,
queue=message.hostname.strip())
task.wait(30)
if task.result:
if img:
response.content_type = task.result['content_type']
if task.result and 'img' in task.result:
info = MSGDOWNLOAD_MSG % dict(m=message.id,
a=task.result['name'])
audit_log(c.user.username,
1, info, request.host,
request.remote_addr, datetime.now())
return base64.decodestring(task.result['img'])
abort(404)
if attachment:
info = MSGDOWNLOAD_MSG % dict(m=message.id,
a=task.result['name'])
audit_log(c.user.username,
1, info, request.host,
request.remote_addr, datetime.now())
response.content_type = task.result['mimetype']
response.headers['Content-Disposition'] = 'attachment; filename="%s"' % task.result['name']
response.headers['Content-Length'] = len(task.result['attachment'])
response.headers['Pragma'] = 'public'
response.headers['Cache-Control'] = 'max-age=0'
return base64.decodestring(task.result['attachment'])
for part in task.result['parts']:
if part['type'] == 'html':
html = fromstring(part['content'])
for element, attribute, link, pos in iterlinks(html):
if not link.startswith('cid:'):
if not allowimgs and attribute == 'src':
element.attrib['src'] = '%simgs/blocked.gif' % media_url()
element.attrib['title'] = link
flash(_('This message contains external images, which have been blocked. ') +
literal(link_to(_('Display images'),
url('message-preview-archived-with-imgs', id=id) \
if archive else url('message-preview-with-imgs', id=id),
class_='uline')))
else:
imgname = link.replace('cid:', '')
element.attrib['src'] = url('messages-preview-archived-img', img=imgname.replace('/', '__xoxo__'), id=id) \
if archive else url('messages-preview-img', img=imgname.replace('/', '__xoxo__'), id=id)
part['content'] = tostring(html)
c.message = task.result
info = MSGPREVIEW_MSG % dict(m=message.id)
audit_log(c.user.username,
1, info, request.host,
request.remote_addr, datetime.now())
else:
c.message = {}
except (socket.error, TimeoutError, QueueNotFound):
flash_alert(_('The message could not be previewed, try again later'))
whereto = url('message-archive', id=id) if archive else url('message-detail', id=id)
redirect(whereto)
c.messageid = message.messageid
c.id = message.id
c.archived = archive
return render('/messages/preview.html')
def mailq_preview(self, queueid, attachid=None, imgid=None, allowimgs=None):
"preview a queued message"
query = Session.query(MailQueueItem)
uquery = UserFilter(Session, c.user, query, model=MailQueueItem)
query = uquery.filter()
try:
mailqitem = query.filter(MailQueueItem.id == queueid).one()
except NoResultFound:
flash_alert(_('The requested queued message was not found.'))
redirect(url('mailq-status'))
try:
task = preview_queued_msg.apply_async(args=[mailqitem.messageid,
mailqitem.direction, attachid, imgid],
queue=mailqitem.hostname)
task.wait(30)
if task.result:
if imgid:
response.content_type = task.result['content_type']
if task.result and 'img' in task.result:
info = QUEUEDOWNLOAD_MSG % dict(m=mailqitem.messageid,
a=task.result['name'])
audit_log(c.user.username,
1, info, request.host,
request.remote_addr, datetime.now())
return base64.decodestring(task.result['img'])
abort(404)
if attachid:
info = QUEUEDOWNLOAD_MSG % dict(m=mailqitem.messageid,
a=task.result['name'])
audit_log(c.user.username,
1, info, request.host,
request.remote_addr, datetime.now())
response.content_type = task.result['mimetype']
dispos = 'attachment; filename="%s"' % task.result['name']
response.headers['Content-Disposition'] = dispos
content_len = len(task.result['attachment'])
response.headers['Content-Length'] = content_len
response.headers['Pragma'] = 'public'
response.headers['Cache-Control'] = 'max-age=0'
return base64.decodestring(task.result['attachment'])
for part in task.result['parts']:
if part['type'] == 'html':
html = fromstring(part['content'])
for element, attribute, link, pos in iterlinks(html):
if not link.startswith('cid:'):
if not allowimgs and attribute == 'src':
element.attrib['src'] = '%simgs/blocked.gif' % media_url()
element.attrib['title'] = link
flash(_('This message contains external images, which have been blocked. ') +
literal(link_to(_('Display images'),
url('queue-preview-with-imgs', queueid=queueid), class_='uline')))
else:
imgname = link.replace('cid:', '')
element.attrib['src'] = url('queue-preview-img',
imgid=imgname.replace('/', '__xoxo__'),
queueid=queueid)
part['content'] = tostring(html)
c.message = task.result
info = QUEUEPREVIEW_MSG % dict(m=mailqitem.messageid)
audit_log(c.user.username,
1, info, request.host,
request.remote_addr, datetime.now())
else:
raise TimeoutError
except (TimeoutError, QueueNotFound):
flash_alert(_('The message could not be processed'))
redirect(url('mailq-status'))
c.queueid = queueid
c.messageid = mailqitem.messageid
return render('/status/preview.html')