From a3db685477691c0fa14c53e5e134d7a350e8715a Mon Sep 17 00:00:00 2001 From: Thomas Lamprecht Date: Mon, 22 Mar 2021 08:49:55 +0100 Subject: [PATCH] fix #3164: api: quarantine: allow to return spam from all users The pmail was only checked for the spam quarantine call, and there mainly to ensure that the quarantine user only can check their own mails. Make the pmail parameter also optional for this quarantine related endpoint as long as one has a role other than quser. This allows to query all spam quarantine entries from all pmails at once, providing the backend side to address #3164. The main argument against this was performance, but postgres can handle even hundreds of thousands of rows rather fine, it's a high performant database after all and this is quite the simple query (single join, but no functions on columns, nested queries or other performance hogs). Some data, 45k records on a read limited disk, gathered with EXPLAIN ANALYZE commands: All caches dropped and fresh start: 440ms Running for a bit with caches warm: 55ms A simple extrapolation would mean that for half a million rows we would spent about 5s in the DB, which is not too bad considering our hard limit of 30s per requests, and the overhead of perl/https seems to put the limit on my not so beefy VM at at least ~1.5 million rows from a *cold* cache, which seems plenty (default 7 days keep window and an avg. of 10 spam mails per day means >21k qusers). And with warm caches and a beefier machine one can probably gain one or even two order of magnitudes here. And at the end, no mail admin is forced to use this and if they run a setup with tens of millions of spam in their spam-keep time window, well, they really should not be surprised that querying all has a certain cost. Signed-off-by: Thomas Lamprecht Tested-By: Stoiko Ivanov Reviewed-By: Stoiko Ivanov --- src/PMG/API2/Quarantine.pm | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/PMG/API2/Quarantine.pm b/src/PMG/API2/Quarantine.pm index 56f248d..666dffa 100644 --- a/src/PMG/API2/Quarantine.pm +++ b/src/PMG/API2/Quarantine.pm @@ -597,14 +597,14 @@ my $quarantine_api = sub { my $rpcenv = PMG::RESTEnvironment->get(); my $authuser = $rpcenv->get_user(); + my $role = $rpcenv->get_role(); my $start = $param->{starttime} // (time - 86400); my $end = $param->{endtime} // ($start + 86400); my $select; my $pmail; - if ($check_pmail) { - my $role = $rpcenv->get_role(); + if ($check_pmail || $role eq 'quser') { $pmail = $verify_optional_pmail->($authuser, $role, $param->{pmail}); $select = "SELECT * " . "FROM CMailStore, CMSReceivers WHERE " . @@ -700,7 +700,7 @@ __PACKAGE__->register_method ({ }, code => sub { my ($param) = @_; - return $quarantine_api->($param, 'S', 1); + return $quarantine_api->($param, 'S', defined($param->{pmail})); }}); __PACKAGE__->register_method ({ -- 2.39.2