def delete_domain_sigs(self, sigid): "Delete domain signature" sign = self._get_domsign(sigid) if not sign: abort(404) c.form = SigForm(request.POST, sign, csrf_context=session) signature_type = c.form.signature_type.data del c.form['signature_type'] if request.method == 'POST' and c.form.validate(): domain = sign.domain files = [] basedir = config.get('ms.signatures.base', '/etc/MailScanner/signatures') if sign.signature_type == 1: sigfile = os.path.join(basedir, 'domains', domain.name, 'sig.txt') files.append(sigfile) else: if sign.image: for imgobj in sign.image: imgfile = os.path.join(basedir, 'domains', domain.name, imgobj.name) files.append(imgfile) sigfile = os.path.join(basedir, 'domains', domain.name, 'sig.html') files.append(sigfile) Session.delete(sign) Session.commit() if not domain.signatures: sigfile = os.path.join(basedir, 'domains', domain.name) files.append(sigfile) for alias in domain.aliases: sigfile = os.path.join(basedir, 'domains', alias.name) files.append(sigfile) delete_sig.apply_async(args=[files], exchange=FANOUT_XCHG) backend_sig_update(signature_type) info = auditmsgs.DELETEDOMSIG_MSG % dict(d=domain.name) audit_log(c.user.username, 4, unicode(info), request.host, request.remote_addr, arrow.utcnow().datetime) flash(_('The signature has been deleted')) redirect(url('domain-settings-sigs', domainid=domain.id)) c.sign = sign return self.render('/settings/domain_deletesig.html')
def delete_account_sigs(self, sigid): "Delete account signatures" sign = self._get_usrsign(sigid) if not sign: abort(404) c.form = SigForm(request.POST, sign, csrf_context=session) del c.form['signature_type'] if request.POST and c.form.validate(): user_id = sign.user_id user_name = sign.user.username files = [] basedir = config.get('ms.signatures.base', '/etc/MailScanner/signatures') if sign.signature_type == 1: user = self._get_user(user_id) if user: sigfile = os.path.join(basedir, 'users', user.username, 'sig.txt') files.append(sigfile) else: if sign.image: imgfile = os.path.join(basedir, 'users', user.username, sign.image.name) files.append(imgfile) sigfile = os.path.join(basedir, 'users', user.username, 'sig.html') files.append(sigfile) Session.delete(sign) Session.commit() delete_sig.apply_async(args=[files], queue='msbackend') info = DELETEACCSIG_MSG % dict(u=user_name) audit_log(c.user.username, 4, info, request.host, request.remote_addr, datetime.now()) flash(_('The signature has been deleted')) redirect(url('account-detail', userid=user_id)) c.sign = sign return render('/settings/account_deletesig.html')
def delete_domain_sigs(self, sigid): "Delete domain signature" sign = self._get_domsign(sigid) if not sign: abort(404) c.form = SigForm(request.POST, sign, csrf_context=session) del c.form['signature_type'] if request.POST and c.form.validate(): domain_id = sign.domain_id domain_name = sign.domain.name files = [] basedir = config.get('ms.signatures.base', '/etc/MailScanner/signatures') if sign.signature_type == 1: domain = self._get_domain(domain_id) if domain: sigfile = os.path.join(basedir, 'domains', domain.name, 'sig.txt') files.append(sigfile) else: if sign.image: imgfile = os.path.join(basedir, 'domains', domain.name, sign.image.name) files.append(imgfile) sigfile = os.path.join(basedir, 'domains', domain.name, 'sig.html') files.append(sigfile) Session.delete(sign) Session.commit() delete_sig.apply_async(args=[files], queue='msbackend') info = DELETEDOMSIG_MSG % dict(d=domain_name) audit_log(c.user.username, 4, info, request.host, request.remote_addr, datetime.now()) flash(_('The signature has been deleted')) redirect(url('domain-settings-sigs', domainid=domain_id)) c.sign = sign return render('/settings/domain_deletesig.html')
def delete_account_sigs(self, sigid): "Delete account signatures" sign = self._get_usrsign(sigid) if not sign: abort(404) c.form = SigForm(request.POST, sign, csrf_context=session) del c.form['signature_type'] if request.POST and c.form.validate(): user_id = sign.user_id user_name = sign.user.username files = [] basedir = config.get('ms.signatures.base', '/etc/MailScanner/signatures') if sign.signature_type == 1: user = self._get_user(user_id) if user: sigfile = os.path.join(basedir, 'users', user.username, 'sig.txt') files.append(sigfile) else: if sign.image: imgfile = os.path.join(basedir, 'users', user.username, sign.image.name) files.append(imgfile) sigfile = os.path.join(basedir, 'users', user.username, 'sig.html') files.append(sigfile) Session.delete(sign) Session.commit() delete_sig.apply_async(args=[files], queue='msbackend') info = DELETEACCSIG_MSG % dict(u=user_name) audit_log(c.user.username, 4, info, request.host, request.remote_addr, now()) flash(_('The signature has been deleted')) redirect(url('account-detail', userid=user_id)) c.sign = sign return render('/settings/account_deletesig.html')
def delete_domain_sigs(self, sigid): "Delete domain signature" sign = self._get_domsign(sigid) if not sign: abort(404) c.form = SigForm(request.POST, sign, csrf_context=session) del c.form['signature_type'] if request.POST and c.form.validate(): domain_id = sign.domain_id domain_name = sign.domain.name files = [] basedir = config.get('ms.signatures.base', '/etc/MailScanner/signatures') if sign.signature_type == 1: domain = self._get_domain(domain_id) if domain: sigfile = os.path.join(basedir, 'domains', domain.name, 'sig.txt') files.append(sigfile) else: if sign.image: imgfile = os.path.join(basedir, 'domains', domain.name, sign.image.name) files.append(imgfile) sigfile = os.path.join(basedir, 'domains', domain.name, 'sig.html') files.append(sigfile) Session.delete(sign) Session.commit() delete_sig.apply_async(args=[files], queue='msbackend') info = DELETEDOMSIG_MSG % dict(d=domain_name) audit_log(c.user.username, 4, info, request.host, request.remote_addr, now()) flash(_('The signature has been deleted')) redirect(url('domain-settings-sigs', domainid=domain_id)) c.sign = sign return render('/settings/domain_deletesig.html')
class FilemanagerController(BaseController): def __before__(self): "set context" BaseController.__before__(self) if self.identity: c.user = self.identity['user'] else: c.user = None def index(self, domainid=None, userid=None): "Index" action = request.GET.get('action', None) if not action: body = dict(success=False, error=_("Action not supported"), errorno=255) response.headers['Content-Type'] = 'application/json' return json.dumps(body) kw = {} if domainid: requesturl = url('fm-domains', domainid=domainid) model = DomSigImg domain = self._get_domain(domainid) if not domain: abort(404) if (not c.user.is_superadmin and not check_domain_ownership(c.user.id, domainid)): abort(404) ownerattr = 'domain_id' kw[ownerattr] = domainid ownerid = domainid else: requesturl = url('fm-users', userid=userid) model = UserSigImg user = self._get_user(userid) if not user: abort(404) if c.user.is_peleb and c.user.id != user.id: abort(403) if not c.user.is_superadmin and c.user.id != user.id: orgs = [org.id for org in c.user.organizations] doms = [dom.id for dom in user.domains] if not check_dom_access(orgs, doms): abort(403) ownerattr = 'user_id' kw[ownerattr] = userid ownerid = userid if action == 'auth': body = dict(success=True, data=dict( move=dict(enabled=False, handler=requesturl), rename=dict(enabled=False, handler=requesturl), remove=dict(enabled=True, handler=requesturl), mkdir=dict(enabled=False, handler=requesturl), upload=dict(enabled=True, handler=requesturl + '?action=upload', accept_ext=['gif', 'jpg', 'png']), baseUrl='') ) elif action == 'list': imgq = Session.query(model).filter_by(**kw).all() imgs = {} def builddict(img): sigtype = 'domains' if domainid else 'users' format = img.name.split('.')[-1] or 'png' imgs[img.name] = url('fm-view-img', sigtype=sigtype, imgid=img.id, format=format) [builddict(img) for img in imgq] body = dict(success=True, data=dict( directories={}, files=imgs) ) elif action == 'upload': form = Fmgr(request.POST, csrf_context=session) if request.POST and form.validate(): try: count = Session.query(model).filter_by(**kw).count() if count > 0: raise ValueError(_('Only one image is permitted per signature')) imgdata = request.POST['handle'] mime = magic.Magic(mime=True) content_type = mime.from_buffer(imgdata.file.read(1024)) imgdata.file.seek(0) chunk = imgdata.file.read() ext = imghdr.what('./xxx', chunk) if not ext in ['gif', 'jpg', 'png', 'jpeg']: raise ValueError(_('The uploaded file is not acceptable')) name = form.newName.data or 'sigimage.%s' % ext name = os.path.basename(name) dbimg = model() dbimg.name = name dbimg.image = base64.encodestring(chunk) dbimg.content_type = content_type setattr(dbimg, ownerattr, ownerid) imgdata.file.close() Session.add(dbimg) Session.commit() respond = _('File has been uploaded') except ValueError, msg: if 'imgdata' in locals() and hasattr(imgdata, 'file'): imgdata.file.close() respond = msg else: respond = _('Invalid upload request') return respond elif action == 'remove': fname = request.GET.get('file', None) imgs = Session.query(model).filter(model.name == fname).all() basedir = config.get('ms.signatures.base', '/etc/MailScanner/signatures') files = [] for img in imgs: if userid: imgfile = os.path.join(basedir, 'users', user.username, img.name) else: imgfile = os.path.join(basedir, 'domains', domain.name, img.name) files.append(imgfile) Session.delete(img) Session.commit() respond = _('The file has been deleted') body = dict(success=True, data=respond) delete_sig.apply_async(args=[files])