]>
Commit | Line | Data |
---|---|---|
b66faa68 DM |
1 | package PMG::API2::Quarantine; |
2 | ||
3 | use strict; | |
4 | use warnings; | |
5 | use Time::Local; | |
6 | use Time::Zone; | |
7 | use Data::Dumper; | |
34db0c3f | 8 | use Encode; |
b66faa68 | 9 | |
34db0c3f | 10 | use Mail::Header; |
dae021a8 | 11 | |
b66faa68 | 12 | use PVE::SafeSyslog; |
6e8886d4 | 13 | use PVE::Exception qw(raise_param_exc raise_perm_exc); |
b66faa68 DM |
14 | use PVE::Tools qw(extract_param); |
15 | use PVE::JSONSchema qw(get_standard_option); | |
16 | use PVE::RESTHandler; | |
17 | use PVE::INotify; | |
34db0c3f | 18 | use PVE::APIServer::Formatter; |
b66faa68 | 19 | |
dae021a8 | 20 | use PMG::Utils; |
b66faa68 | 21 | use PMG::AccessControl; |
34db0c3f | 22 | use PMG::Config; |
b66faa68 | 23 | use PMG::DBTools; |
34db0c3f | 24 | use PMG::HTMLMail; |
e84bf942 | 25 | use PMG::Quarantine; |
b66faa68 DM |
26 | |
27 | use base qw(PVE::RESTHandler); | |
28 | ||
1284c016 DM |
29 | my $spamdesc; |
30 | ||
157a946b DM |
31 | my $verify_optional_pmail = sub { |
32 | my ($authuser, $role, $pmail) = @_; | |
33 | ||
34 | if ($role eq 'quser') { | |
5182cea0 | 35 | raise_param_exc({ pmail => "parameter not allwed with role '$role'"}) |
91affd06 | 36 | if defined($pmail) && ($pmail ne $authuser); |
157a946b DM |
37 | $pmail = $authuser; |
38 | } else { | |
5182cea0 | 39 | raise_param_exc({ pmail => "parameter required with role '$role'"}) |
157a946b DM |
40 | if !defined($pmail); |
41 | } | |
42 | return $pmail; | |
43 | }; | |
44 | ||
1284c016 DM |
45 | sub decode_spaminfo { |
46 | my ($info) = @_; | |
47 | ||
48 | $spamdesc = PMG::Utils::load_sa_descriptions() if !$spamdesc; | |
49 | ||
50 | my $res = []; | |
51 | ||
52 | foreach my $test (split (',', $info)) { | |
53 | my ($name, $score) = split (':', $test); | |
54 | ||
55 | my $info = { name => $name, score => $score, desc => '-' }; | |
56 | if (my $si = $spamdesc->{$name}) { | |
57 | $info->{desc} = $si->{desc}; | |
58 | $info->{url} = $si->{url} if defined($si->{url}); | |
59 | } | |
60 | push @$res, $info; | |
61 | } | |
62 | ||
63 | return $res; | |
64 | } | |
b66faa68 | 65 | |
157a946b DM |
66 | my $extract_email = sub { |
67 | my $data = shift; | |
68 | ||
69 | return $data if !$data; | |
70 | ||
71 | if ($data =~ m/^.*\s(\S+)\s*$/) { | |
72 | $data = $1; | |
73 | } | |
74 | ||
75 | if ($data =~ m/^<([^<>\s]+)>$/) { | |
76 | $data = $1; | |
77 | } | |
78 | ||
79 | if ($data !~ m/[\s><]/ && $data =~ m/^(.+\@[^\.]+\..*[^\.]+)$/) { | |
80 | $data = $1; | |
81 | } else { | |
82 | $data = undef; | |
83 | } | |
84 | ||
85 | return $data; | |
86 | }; | |
87 | ||
88 | my $get_real_sender = sub { | |
89 | my ($ref) = @_; | |
90 | ||
91 | my @lines = split('\n', $ref->{header}); | |
92 | my $head = Mail::Header->new(\@lines); | |
93 | ||
94 | my @fromarray = split ('\s*,\s*', $head->get ('from') || $ref->{sender}); | |
95 | my $from = $extract_email->($fromarray[0]) || $ref->{sender};; | |
96 | my $sender = $extract_email->($head->get ('sender')); | |
97 | ||
98 | return $sender if $sender; | |
99 | ||
100 | return $from; | |
101 | }; | |
102 | ||
dae021a8 DM |
103 | my $parse_header_info = sub { |
104 | my ($ref) = @_; | |
105 | ||
106 | my $res = { subject => '', from => '' }; | |
107 | ||
108 | my @lines = split('\n', $ref->{header}); | |
109 | my $head = Mail::Header->new(\@lines); | |
110 | ||
111 | $res->{subject} = PMG::Utils::decode_rfc1522(PVE::Tools::trim($head->get('subject'))) // ''; | |
112 | ||
113 | my @fromarray = split('\s*,\s*', $head->get('from') || $ref->{sender}); | |
114 | ||
115 | $res->{from} = PMG::Utils::decode_rfc1522(PVE::Tools::trim ($fromarray[0])) // ''; | |
116 | ||
117 | my $sender = PMG::Utils::decode_rfc1522(PVE::Tools::trim($head->get('sender'))); | |
1284c016 | 118 | $res->{sender} = $sender if $sender && ($sender ne $res->{from}); |
dae021a8 DM |
119 | |
120 | $res->{envelope_sender} = $ref->{sender}; | |
e84bf942 | 121 | $res->{receiver} = $ref->{receiver} // $ref->{pmail}; |
6e8886d4 | 122 | $res->{id} = 'C' . $ref->{cid} . 'R' . $ref->{rid}; |
dae021a8 DM |
123 | $res->{time} = $ref->{time}; |
124 | $res->{bytes} = $ref->{bytes}; | |
125 | ||
1284c016 DM |
126 | my $qtype = $ref->{qtype}; |
127 | ||
128 | if ($qtype eq 'V') { | |
129 | $res->{virusname} = $ref->{info}; | |
130 | } elsif ($qtype eq 'S') { | |
131 | $res->{spamlevel} = $ref->{spamlevel} // 0; | |
1284c016 DM |
132 | } |
133 | ||
dae021a8 DM |
134 | return $res; |
135 | }; | |
136 | ||
157a946b DM |
137 | my $pmail_param_type = { |
138 | description => "List entries for the user with this primary email address. Quarantine users cannot speficy this parameter, but it is required for all other roles.", | |
139 | type => 'string', format => 'email', | |
140 | optional => 1, | |
141 | }; | |
6e8886d4 | 142 | |
b66faa68 DM |
143 | __PACKAGE__->register_method ({ |
144 | name => 'index', | |
145 | path => '', | |
146 | method => 'GET', | |
147 | permissions => { user => 'all' }, | |
148 | description => "Directory index.", | |
149 | parameters => { | |
150 | additionalProperties => 0, | |
151 | properties => {}, | |
152 | }, | |
153 | returns => { | |
154 | type => 'array', | |
155 | items => { | |
156 | type => "object", | |
157 | properties => {}, | |
158 | }, | |
159 | links => [ { rel => 'child', href => "{name}" } ], | |
160 | }, | |
161 | code => sub { | |
162 | my ($param) = @_; | |
163 | ||
164 | my $result = [ | |
157a946b DM |
165 | { name => 'whitelist' }, |
166 | { name => 'blacklist' }, | |
6e8886d4 | 167 | { name => 'content' }, |
b66faa68 | 168 | { name => 'spam' }, |
4f41cebc | 169 | { name => 'spamusers' }, |
ab02ba10 | 170 | { name => 'spamstatus' }, |
b66faa68 | 171 | { name => 'virus' }, |
c3246f47 | 172 | { name => 'virusstatus' }, |
091d8086 | 173 | { name => 'quarusers' }, |
b66faa68 DM |
174 | ]; |
175 | ||
176 | return $result; | |
177 | }}); | |
178 | ||
157a946b | 179 | |
767657cb DM |
180 | my $read_or_modify_user_bw_list = sub { |
181 | my ($listname, $param, $addrs, $delete) = @_; | |
157a946b DM |
182 | |
183 | my $rpcenv = PMG::RESTEnvironment->get(); | |
184 | my $authuser = $rpcenv->get_user(); | |
185 | my $role = $rpcenv->get_role(); | |
186 | ||
187 | my $pmail = $verify_optional_pmail->($authuser, $role, $param->{pmail}); | |
188 | ||
189 | my $dbh = PMG::DBTools::open_ruledb(); | |
190 | ||
767657cb DM |
191 | my $list = PMG::Quarantine::add_to_blackwhite( |
192 | $dbh, $pmail, $listname, $addrs, $delete); | |
157a946b DM |
193 | |
194 | my $res = []; | |
195 | foreach my $a (@$list) { push @$res, { address => $a }; } | |
196 | return $res; | |
197 | }; | |
198 | ||
767657cb DM |
199 | my $address_pattern = '[a-zA-Z0-9\+\-\_\*\.\@]+'; |
200 | ||
157a946b DM |
201 | __PACKAGE__->register_method ({ |
202 | name => 'whitelist', | |
203 | path => 'whitelist', | |
204 | method => 'GET', | |
205 | permissions => { check => [ 'admin', 'qmanager', 'audit', 'quser'] }, | |
206 | description => "Show user whitelist.", | |
207 | parameters => { | |
208 | additionalProperties => 0, | |
209 | properties => { | |
210 | pmail => $pmail_param_type, | |
211 | }, | |
212 | }, | |
213 | returns => { | |
214 | type => 'array', | |
215 | items => { | |
216 | type => "object", | |
217 | properties => { | |
218 | address => { | |
219 | type => "string", | |
220 | }, | |
221 | }, | |
222 | }, | |
223 | }, | |
224 | code => sub { | |
225 | my ($param) = @_; | |
226 | ||
767657cb DM |
227 | return $read_or_modify_user_bw_list->('WL', $param); |
228 | }}); | |
229 | ||
230 | __PACKAGE__->register_method ({ | |
231 | name => 'whitelist_add', | |
232 | path => 'whitelist', | |
233 | method => 'POST', | |
234 | description => "Add user whitelist entries.", | |
235 | permissions => { check => [ 'admin', 'qmanager', 'audit', 'quser'] }, | |
236 | protected => 1, | |
237 | parameters => { | |
238 | additionalProperties => 0, | |
239 | properties => { | |
240 | pmail => $pmail_param_type, | |
241 | address => { | |
242 | description => "The address you want to add.", | |
243 | type => "string", | |
244 | pattern => $address_pattern, | |
245 | maxLength => 512, | |
246 | }, | |
247 | }, | |
248 | }, | |
249 | returns => { type => 'null' }, | |
250 | code => sub { | |
251 | my ($param) = @_; | |
252 | ||
253 | $read_or_modify_user_bw_list->('WL', $param, [ $param->{address} ]); | |
254 | ||
255 | return undef; | |
256 | }}); | |
257 | ||
258 | __PACKAGE__->register_method ({ | |
259 | name => 'whitelist_delete', | |
260 | path => 'whitelist/{address}', | |
261 | method => 'DELETE', | |
262 | description => "Delete user whitelist entries.", | |
263 | permissions => { check => [ 'admin', 'qmanager', 'audit', 'quser'] }, | |
264 | protected => 1, | |
265 | parameters => { | |
266 | additionalProperties => 0, | |
267 | properties => { | |
268 | pmail => $pmail_param_type, | |
269 | address => { | |
270 | description => "The address you want to remove.", | |
271 | type => "string", | |
272 | pattern => $address_pattern, | |
273 | maxLength => 512, | |
274 | }, | |
275 | }, | |
276 | }, | |
277 | returns => { type => 'null' }, | |
278 | code => sub { | |
279 | my ($param) = @_; | |
280 | ||
281 | $read_or_modify_user_bw_list->('WL', $param, [ $param->{address} ], 1); | |
282 | ||
283 | return undef; | |
157a946b DM |
284 | }}); |
285 | ||
286 | __PACKAGE__->register_method ({ | |
287 | name => 'blacklist', | |
288 | path => 'blacklist', | |
289 | method => 'GET', | |
290 | permissions => { check => [ 'admin', 'qmanager', 'audit', 'quser'] }, | |
291 | description => "Show user blacklist.", | |
292 | parameters => { | |
293 | additionalProperties => 0, | |
294 | properties => { | |
295 | pmail => $pmail_param_type, | |
296 | }, | |
297 | }, | |
298 | returns => { | |
299 | type => 'array', | |
300 | items => { | |
301 | type => "object", | |
302 | properties => { | |
303 | address => { | |
304 | type => "string", | |
305 | }, | |
306 | }, | |
307 | }, | |
308 | }, | |
309 | code => sub { | |
310 | my ($param) = @_; | |
311 | ||
767657cb DM |
312 | return $read_or_modify_user_bw_list->('BL', $param); |
313 | }}); | |
314 | ||
315 | __PACKAGE__->register_method ({ | |
316 | name => 'blacklist_add', | |
317 | path => 'blacklist', | |
318 | method => 'POST', | |
319 | description => "Add user blacklist entries.", | |
320 | permissions => { check => [ 'admin', 'qmanager', 'audit', 'quser'] }, | |
321 | protected => 1, | |
322 | parameters => { | |
323 | additionalProperties => 0, | |
324 | properties => { | |
325 | pmail => $pmail_param_type, | |
326 | address => { | |
327 | description => "The address you want to add.", | |
328 | type => "string", | |
329 | pattern => $address_pattern, | |
330 | maxLength => 512, | |
331 | }, | |
332 | }, | |
333 | }, | |
334 | returns => { type => 'null' }, | |
335 | code => sub { | |
336 | my ($param) = @_; | |
337 | ||
338 | $read_or_modify_user_bw_list->('BL', $param, [ $param->{address} ]); | |
339 | ||
340 | return undef; | |
341 | }}); | |
342 | ||
343 | __PACKAGE__->register_method ({ | |
344 | name => 'blacklist_delete', | |
345 | path => 'blacklist/{address}', | |
346 | method => 'DELETE', | |
347 | description => "Delete user blacklist entries.", | |
348 | permissions => { check => [ 'admin', 'qmanager', 'audit', 'quser'] }, | |
349 | protected => 1, | |
350 | parameters => { | |
351 | additionalProperties => 0, | |
352 | properties => { | |
353 | pmail => $pmail_param_type, | |
354 | address => { | |
355 | description => "The address you want to remove.", | |
356 | type => "string", | |
357 | pattern => $address_pattern, | |
358 | maxLength => 512, | |
359 | }, | |
360 | }, | |
361 | }, | |
362 | returns => { type => 'null' }, | |
363 | code => sub { | |
364 | my ($param) = @_; | |
365 | ||
366 | $read_or_modify_user_bw_list->('BL', $param, [ $param->{address} ], 1); | |
367 | ||
368 | return undef; | |
157a946b DM |
369 | }}); |
370 | ||
4f41cebc DC |
371 | __PACKAGE__->register_method ({ |
372 | name => 'spamusers', | |
373 | path => 'spamusers', | |
374 | method => 'GET', | |
24a0be04 | 375 | permissions => { check => [ 'admin', 'qmanager', 'audit'] }, |
4f41cebc DC |
376 | description => "Get a list of receivers of spam in the given timespan (Default the last 24 hours).", |
377 | parameters => { | |
378 | additionalProperties => 0, | |
379 | properties => { | |
380 | starttime => { | |
381 | description => "Only consider entries newer than 'starttime' (unix epoch). Default is 'now - 1day'.", | |
382 | type => 'integer', | |
383 | minimum => 0, | |
384 | optional => 1, | |
385 | }, | |
386 | endtime => { | |
387 | description => "Only consider entries older than 'endtime' (unix epoch). This is set to '<start> + 1day' by default.", | |
388 | type => 'integer', | |
389 | minimum => 1, | |
390 | optional => 1, | |
391 | }, | |
392 | }, | |
393 | }, | |
394 | returns => { | |
395 | type => 'array', | |
396 | items => { | |
397 | type => "object", | |
398 | properties => { | |
399 | mail => { | |
400 | description => 'the receiving email', | |
401 | type => 'string', | |
402 | }, | |
403 | }, | |
404 | }, | |
405 | }, | |
406 | code => sub { | |
407 | my ($param) = @_; | |
408 | ||
409 | my $rpcenv = PMG::RESTEnvironment->get(); | |
410 | my $authuser = $rpcenv->get_user(); | |
4f41cebc DC |
411 | |
412 | my $res = []; | |
413 | ||
414 | my $dbh = PMG::DBTools::open_ruledb(); | |
415 | ||
416 | my $start = $param->{starttime} // (time - 86400); | |
417 | my $end = $param->{endtime} // ($start + 86400); | |
418 | ||
419 | my $sth = $dbh->prepare( | |
420 | "SELECT DISTINCT pmail " . | |
421 | "FROM CMailStore, CMSReceivers WHERE " . | |
422 | "time >= $start AND time < $end AND " . | |
423 | "QType = 'S' AND CID = CMailStore_CID AND RID = CMailStore_RID " . | |
424 | "AND Status = 'N' ORDER BY pmail"); | |
425 | ||
426 | $sth->execute(); | |
427 | ||
428 | while (my $ref = $sth->fetchrow_hashref()) { | |
429 | push @$res, { mail => $ref->{pmail} }; | |
430 | } | |
431 | ||
432 | return $res; | |
433 | }}); | |
434 | ||
ab02ba10 DM |
435 | __PACKAGE__->register_method ({ |
436 | name => 'spamstatus', | |
437 | path => 'spamstatus', | |
438 | method => 'GET', | |
439 | permissions => { check => [ 'admin', 'qmanager', 'audit'] }, | |
440 | description => "Get Spam Quarantine Status", | |
441 | parameters => { | |
442 | additionalProperties => 0, | |
443 | properties => {}, | |
444 | }, | |
445 | returns => { | |
446 | type => "object", | |
447 | properties => { | |
448 | count => { | |
449 | description => 'Number of stored mails.', | |
450 | type => 'integer', | |
451 | }, | |
452 | mbytes => { | |
453 | description => "Estimated disk space usage in MByte.", | |
454 | type => 'number', | |
455 | }, | |
456 | avgbytes => { | |
457 | description => "Average size of stored mails in bytes.", | |
458 | type => 'number', | |
459 | }, | |
460 | avgspam => { | |
461 | description => "Average spam level.", | |
462 | type => 'number', | |
463 | }, | |
464 | }, | |
465 | }, | |
466 | code => sub { | |
467 | my ($param) = @_; | |
468 | ||
ab02ba10 DM |
469 | my $dbh = PMG::DBTools::open_ruledb(); |
470 | my $ref = PMG::DBTools::get_quarantine_count($dbh, 'S'); | |
471 | ||
472 | return $ref; | |
473 | }}); | |
474 | ||
9867e2da DM |
475 | __PACKAGE__->register_method ({ |
476 | name => 'quarusers', | |
477 | path => 'quarusers', | |
478 | method => 'GET', | |
479 | permissions => { check => [ 'admin', 'qmanager', 'audit'] }, | |
480 | description => "Get a list of users with whitelist/blacklist setttings.", | |
481 | parameters => { | |
482 | additionalProperties => 0, | |
483 | properties => {}, | |
484 | }, | |
485 | returns => { | |
486 | type => 'array', | |
487 | items => { | |
488 | type => "object", | |
489 | properties => { | |
490 | mail => { | |
491 | description => 'the receiving email', | |
492 | type => 'string', | |
493 | }, | |
494 | }, | |
495 | }, | |
496 | }, | |
497 | code => sub { | |
498 | my ($param) = @_; | |
499 | ||
500 | my $rpcenv = PMG::RESTEnvironment->get(); | |
501 | my $authuser = $rpcenv->get_user(); | |
9867e2da DM |
502 | |
503 | my $res = []; | |
504 | ||
505 | my $dbh = PMG::DBTools::open_ruledb(); | |
506 | ||
507 | my $sth = $dbh->prepare( | |
508 | "SELECT DISTINCT pmail FROM UserPrefs ORDER BY pmail"); | |
509 | ||
510 | $sth->execute(); | |
511 | ||
512 | while (my $ref = $sth->fetchrow_hashref()) { | |
513 | push @$res, { mail => $ref->{pmail} }; | |
514 | } | |
515 | ||
516 | return $res; | |
517 | }}); | |
518 | ||
ded33c7c | 519 | __PACKAGE__->register_method ({ |
83ce499f DC |
520 | name => 'spam', |
521 | path => 'spam', | |
ded33c7c DM |
522 | method => 'GET', |
523 | permissions => { check => [ 'admin', 'qmanager', 'audit', 'quser'] }, | |
83ce499f | 524 | description => "Get a list of quarantined spam mails in the given timeframe (default the last 24 hours) for the given user.", |
ded33c7c DM |
525 | parameters => { |
526 | additionalProperties => 0, | |
527 | properties => { | |
528 | starttime => { | |
83ce499f | 529 | description => "Only consider entries newer than 'starttime' (unix epoch). This is set to 'now - 1day' by default.", |
ded33c7c DM |
530 | type => 'integer', |
531 | minimum => 0, | |
83ce499f | 532 | optional => 1, |
ded33c7c DM |
533 | }, |
534 | endtime => { | |
535 | description => "Only consider entries older than 'endtime' (unix epoch). This is set to '<start> + 1day' by default.", | |
536 | type => 'integer', | |
537 | minimum => 1, | |
538 | optional => 1, | |
539 | }, | |
157a946b | 540 | pmail => $pmail_param_type, |
ded33c7c DM |
541 | }, |
542 | }, | |
543 | returns => { | |
544 | type => 'array', | |
545 | items => { | |
546 | type => "object", | |
dae021a8 DM |
547 | properties => { |
548 | id => { | |
549 | description => 'Unique ID', | |
550 | type => 'string', | |
551 | }, | |
552 | bytes => { | |
553 | description => "Size of raw email.", | |
554 | type => 'integer' , | |
555 | }, | |
556 | envelope_sender => { | |
557 | description => "SMTP envelope sender.", | |
558 | type => 'string', | |
559 | }, | |
560 | from => { | |
561 | description => "Header 'From' field.", | |
562 | type => 'string', | |
563 | }, | |
564 | sender => { | |
565 | description => "Header 'Sender' field.", | |
566 | type => 'string', | |
567 | optional => 1, | |
568 | }, | |
569 | receiver => { | |
570 | description => "Receiver email address", | |
571 | type => 'string', | |
572 | }, | |
573 | subject => { | |
574 | description => "Header 'Subject' field.", | |
575 | type => 'string', | |
576 | }, | |
577 | time => { | |
578 | description => "Receive time stamp", | |
579 | type => 'integer', | |
580 | }, | |
1284c016 DM |
581 | spamlevel => { |
582 | description => "Spam score.", | |
583 | type => 'number', | |
584 | }, | |
dae021a8 | 585 | }, |
ded33c7c DM |
586 | }, |
587 | }, | |
588 | code => sub { | |
589 | my ($param) = @_; | |
590 | ||
591 | my $rpcenv = PMG::RESTEnvironment->get(); | |
592 | my $authuser = $rpcenv->get_user(); | |
593 | my $role = $rpcenv->get_role(); | |
594 | ||
157a946b | 595 | my $pmail = $verify_optional_pmail->($authuser, $role, $param->{pmail}); |
b66faa68 | 596 | |
ded33c7c DM |
597 | my $res = []; |
598 | ||
599 | my $dbh = PMG::DBTools::open_ruledb(); | |
600 | ||
83ce499f | 601 | my $start = $param->{starttime} // (time - 86400); |
ded33c7c DM |
602 | my $end = $param->{endtime} // ($start + 86400); |
603 | ||
604 | my $sth = $dbh->prepare( | |
605 | "SELECT * " . | |
606 | "FROM CMailStore, CMSReceivers WHERE " . | |
607 | "pmail = ? AND time >= $start AND time < $end AND " . | |
608 | "QType = 'S' AND CID = CMailStore_CID AND RID = CMailStore_RID " . | |
609 | "AND Status = 'N' ORDER BY pmail, time, receiver"); | |
610 | ||
611 | $sth->execute($pmail); | |
612 | ||
b66faa68 | 613 | while (my $ref = $sth->fetchrow_hashref()) { |
dae021a8 DM |
614 | my $data = $parse_header_info->($ref); |
615 | push @$res, $data; | |
b66faa68 DM |
616 | } |
617 | ||
618 | return $res; | |
619 | }}); | |
620 | ||
bb01dcf8 DM |
621 | __PACKAGE__->register_method ({ |
622 | name => 'virus', | |
623 | path => 'virus', | |
624 | method => 'GET', | |
625 | permissions => { check => [ 'admin', 'qmanager', 'audit' ] }, | |
626 | description => "Get a list of quarantined virus mails in the given timeframe (default the last 24 hours).", | |
627 | parameters => { | |
628 | additionalProperties => 0, | |
629 | properties => { | |
630 | starttime => { | |
631 | description => "Only consider entries newer than 'starttime' (unix epoch). This is set to 'now - 1day' by default.", | |
632 | type => 'integer', | |
633 | minimum => 0, | |
634 | optional => 1, | |
635 | }, | |
636 | endtime => { | |
637 | description => "Only consider entries older than 'endtime' (unix epoch). This is set to '<start> + 1day' by default.", | |
638 | type => 'integer', | |
639 | minimum => 1, | |
640 | optional => 1, | |
641 | }, | |
642 | }, | |
643 | }, | |
644 | returns => { | |
645 | type => 'array', | |
646 | items => { | |
647 | type => "object", | |
648 | properties => { | |
649 | id => { | |
650 | description => 'Unique ID', | |
651 | type => 'string', | |
652 | }, | |
653 | bytes => { | |
654 | description => "Size of raw email.", | |
655 | type => 'integer' , | |
656 | }, | |
657 | envelope_sender => { | |
658 | description => "SMTP envelope sender.", | |
659 | type => 'string', | |
660 | }, | |
661 | from => { | |
662 | description => "Header 'From' field.", | |
663 | type => 'string', | |
664 | }, | |
665 | sender => { | |
666 | description => "Header 'Sender' field.", | |
667 | type => 'string', | |
668 | optional => 1, | |
669 | }, | |
670 | receiver => { | |
671 | description => "Receiver email address", | |
672 | type => 'string', | |
673 | }, | |
674 | subject => { | |
675 | description => "Header 'Subject' field.", | |
676 | type => 'string', | |
677 | }, | |
678 | time => { | |
679 | description => "Receive time stamp", | |
680 | type => 'integer', | |
681 | }, | |
682 | virusname => { | |
683 | description => "Virus name.", | |
684 | type => 'string', | |
685 | }, | |
686 | }, | |
687 | }, | |
688 | }, | |
689 | code => sub { | |
690 | my ($param) = @_; | |
691 | ||
692 | my $rpcenv = PMG::RESTEnvironment->get(); | |
693 | my $authuser = $rpcenv->get_user(); | |
bb01dcf8 DM |
694 | |
695 | my $res = []; | |
696 | ||
697 | my $dbh = PMG::DBTools::open_ruledb(); | |
698 | ||
699 | my $start = $param->{starttime} // (time - 86400); | |
700 | my $end = $param->{endtime} // ($start + 86400); | |
701 | ||
702 | my $sth = $dbh->prepare( | |
703 | "SELECT * " . | |
704 | "FROM CMailStore, CMSReceivers WHERE " . | |
705 | "time >= $start AND time < $end AND " . | |
706 | "QType = 'V' AND CID = CMailStore_CID AND RID = CMailStore_RID " . | |
707 | "AND Status = 'N' ORDER BY time, receiver"); | |
708 | ||
709 | $sth->execute(); | |
710 | ||
711 | while (my $ref = $sth->fetchrow_hashref()) { | |
712 | my $data = $parse_header_info->($ref); | |
713 | push @$res, $data; | |
714 | } | |
715 | ||
716 | return $res; | |
717 | }}); | |
718 | ||
c3246f47 DM |
719 | __PACKAGE__->register_method ({ |
720 | name => 'virusstatus', | |
721 | path => 'virusstatus', | |
722 | method => 'GET', | |
723 | permissions => { check => [ 'admin', 'qmanager', 'audit'] }, | |
724 | description => "Get Virus Quarantine Status", | |
725 | parameters => { | |
726 | additionalProperties => 0, | |
727 | properties => {}, | |
728 | }, | |
729 | returns => { | |
730 | type => "object", | |
731 | properties => { | |
732 | count => { | |
733 | description => 'Number of stored mails.', | |
734 | type => 'integer', | |
735 | }, | |
736 | mbytes => { | |
737 | description => "Estimated disk space usage in MByte.", | |
738 | type => 'number', | |
739 | }, | |
740 | avgbytes => { | |
741 | description => "Average size of stored mails in bytes.", | |
742 | type => 'number', | |
743 | }, | |
744 | }, | |
745 | }, | |
746 | code => sub { | |
747 | my ($param) = @_; | |
748 | ||
749 | my $dbh = PMG::DBTools::open_ruledb(); | |
750 | my $ref = PMG::DBTools::get_quarantine_count($dbh, 'V'); | |
751 | ||
f7fa880f DM |
752 | delete $ref->{avgspam}; |
753 | ||
c3246f47 DM |
754 | return $ref; |
755 | }}); | |
756 | ||
6e8886d4 DM |
757 | __PACKAGE__->register_method ({ |
758 | name => 'content', | |
759 | path => 'content', | |
760 | method => 'GET', | |
761 | permissions => { check => [ 'admin', 'qmanager', 'audit', 'quser'] }, | |
34db0c3f | 762 | description => "Get email data. There is a special formatter called 'htmlmail' to get sanitized html view of the mail content (use the '/api2/htmlmail/quarantine/content' url).", |
6e8886d4 DM |
763 | parameters => { |
764 | additionalProperties => 0, | |
765 | properties => { | |
766 | id => { | |
767 | description => 'Unique ID', | |
768 | type => 'string', | |
769 | pattern => 'C\d+R\d+', | |
770 | maxLength => 40, | |
771 | }, | |
34db0c3f DM |
772 | raw => { |
773 | description => "Display 'raw' eml data. This is only used with the 'htmlmail' formatter.", | |
774 | type => 'boolean', | |
775 | optional => 1, | |
776 | default => 0, | |
777 | }, | |
6e8886d4 DM |
778 | }, |
779 | }, | |
780 | returns => { | |
781 | type => "object", | |
cd31bb45 DM |
782 | properties => { |
783 | id => { | |
784 | description => 'Unique ID', | |
785 | type => 'string', | |
786 | }, | |
787 | bytes => { | |
788 | description => "Size of raw email.", | |
789 | type => 'integer' , | |
790 | }, | |
791 | envelope_sender => { | |
792 | description => "SMTP envelope sender.", | |
793 | type => 'string', | |
794 | }, | |
795 | from => { | |
796 | description => "Header 'From' field.", | |
797 | type => 'string', | |
798 | }, | |
799 | sender => { | |
800 | description => "Header 'Sender' field.", | |
801 | type => 'string', | |
802 | optional => 1, | |
803 | }, | |
804 | receiver => { | |
805 | description => "Receiver email address", | |
806 | type => 'string', | |
807 | }, | |
808 | subject => { | |
809 | description => "Header 'Subject' field.", | |
810 | type => 'string', | |
811 | }, | |
812 | time => { | |
813 | description => "Receive time stamp", | |
814 | type => 'integer', | |
815 | }, | |
816 | spamlevel => { | |
817 | description => "Spam score.", | |
818 | type => 'number', | |
819 | }, | |
820 | spaminfo => { | |
821 | description => "Information about matched spam tests (name, score, desc, url).", | |
822 | type => 'array', | |
823 | }, | |
824 | header => { | |
825 | description => "Raw email header data.", | |
826 | type => 'string', | |
827 | }, | |
828 | content => { | |
829 | description => "Raw email data (first 4096 bytes). Useful for preview. NOTE: The 'htmlmail' formatter displays the whole email.", | |
830 | type => 'string', | |
6eac8473 | 831 | }, |
cd31bb45 | 832 | }, |
6e8886d4 DM |
833 | }, |
834 | code => sub { | |
835 | my ($param) = @_; | |
836 | ||
837 | my $rpcenv = PMG::RESTEnvironment->get(); | |
838 | my $authuser = $rpcenv->get_user(); | |
839 | my $role = $rpcenv->get_role(); | |
34db0c3f | 840 | my $format = $rpcenv->get_format(); |
6e8886d4 DM |
841 | |
842 | my ($cid, $rid) = $param->{id} =~ m/^C(\d+)R(\d+)$/; | |
843 | $cid = int($cid); | |
844 | $rid = int($rid); | |
845 | ||
846 | my $dbh = PMG::DBTools::open_ruledb(); | |
847 | ||
848 | my $ref = PMG::DBTools::load_mail_data($dbh, $cid, $rid); | |
849 | ||
850 | if ($role eq 'quser') { | |
851 | raise_perm_exc("mail does not belong to user '$authuser'") | |
852 | if $authuser ne $ref->{pmail}; | |
853 | } | |
854 | ||
855 | my $res = $parse_header_info->($ref); | |
856 | ||
6e8886d4 DM |
857 | |
858 | my $filename = $ref->{file}; | |
859 | my $spooldir = $PMG::MailQueue::spooldir; | |
860 | ||
861 | my $path = "$spooldir/$filename"; | |
862 | ||
34db0c3f DM |
863 | if ($format eq 'htmlmail') { |
864 | ||
865 | my $cfg = PMG::Config->new(); | |
866 | my $viewimages = $cfg->get('spamquar', 'viewimages'); | |
867 | my $allowhref = $cfg->get('spamquar', 'allowhrefs'); | |
868 | ||
34db0c3f DM |
869 | $res->{content} = PMG::HTMLMail::email_to_html($path, $param->{raw}, $viewimages, $allowhref); |
870 | ||
157a946b DM |
871 | # to make result verification happy |
872 | $res->{file} = ''; | |
873 | $res->{header} = ''; | |
874 | $res->{spaminfo} = []; | |
34db0c3f | 875 | } else { |
cd31bb45 | 876 | # include additional details |
34db0c3f | 877 | |
cd31bb45 | 878 | my ($header, $content) = PMG::HTMLMail::read_raw_email($path, 4096); |
157a946b | 879 | |
cd31bb45 DM |
880 | $res->{file} = $ref->{file}; |
881 | $res->{spaminfo} = decode_spaminfo($ref->{info}); | |
34db0c3f DM |
882 | $res->{header} = $header; |
883 | $res->{content} = $content; | |
884 | } | |
6e8886d4 | 885 | |
6e8886d4 DM |
886 | |
887 | return $res; | |
888 | ||
889 | }}); | |
890 | ||
34db0c3f DM |
891 | PVE::APIServer::Formatter::register_page_formatter( |
892 | 'format' => 'htmlmail', | |
893 | method => 'GET', | |
894 | path => '/quarantine/content', | |
895 | code => sub { | |
896 | my ($res, $data, $param, $path, $auth, $config) = @_; | |
897 | ||
898 | if(!HTTP::Status::is_success($res->{status})) { | |
899 | return ("Error $res->{status}: $res->{message}", "text/plain"); | |
900 | } | |
901 | ||
902 | my $ct = "text/html;charset=UTF-8"; | |
903 | ||
904 | my $raw = $data->{content}; | |
905 | ||
906 | return (encode('UTF-8', $raw), $ct, 1); | |
907 | }); | |
908 | ||
157a946b DM |
909 | __PACKAGE__->register_method ({ |
910 | name =>'action', | |
911 | path => 'content', | |
912 | method => 'POST', | |
913 | description => "Execute quarantine actions.", | |
914 | permissions => { check => [ 'admin', 'qmanager', 'quser'] }, | |
915 | protected => 1, | |
916 | parameters => { | |
917 | additionalProperties => 0, | |
918 | properties => { | |
919 | id => { | |
920 | description => 'Unique ID', | |
921 | type => 'string', | |
922 | pattern => 'C\d+R\d+', | |
923 | maxLength => 40, | |
924 | }, | |
925 | action => { | |
926 | description => 'Action - specify what you want to do with the mail.', | |
927 | type => 'string', | |
928 | enum => ['whitelist', 'blacklist', 'deliver', 'delete'], | |
929 | }, | |
930 | }, | |
931 | }, | |
932 | returns => { type => "null" }, | |
933 | code => sub { | |
934 | my ($param) = @_; | |
935 | ||
936 | my $rpcenv = PMG::RESTEnvironment->get(); | |
937 | my $authuser = $rpcenv->get_user(); | |
938 | my $role = $rpcenv->get_role(); | |
939 | my $action = $param->{action}; | |
940 | ||
941 | my ($cid, $rid) = $param->{id} =~ m/^C(\d+)R(\d+)$/; | |
942 | $cid = int($cid); | |
943 | $rid = int($rid); | |
944 | ||
945 | my $dbh = PMG::DBTools::open_ruledb(); | |
946 | ||
947 | my $ref = PMG::DBTools::load_mail_data($dbh, $cid, $rid); | |
948 | ||
949 | if ($role eq 'quser') { | |
950 | raise_perm_exc("mail does not belong to user '$authuser'") | |
951 | if $authuser ne $ref->{pmail}; | |
952 | } | |
953 | ||
954 | my $sender = $get_real_sender->($ref); | |
955 | my $username = $ref->{pmail}; | |
956 | ||
957 | if ($action eq 'whitelist') { | |
e84bf942 | 958 | PMG::Quarantine::add_to_blackwhite($dbh, $username, 'WL', [ $sender ]); |
157a946b | 959 | } elsif ($action eq 'blacklist') { |
e84bf942 | 960 | PMG::Quarantine::add_to_blackwhite($dbh, $username, 'BL', [ $sender ]); |
157a946b | 961 | } elsif ($action eq 'deliver') { |
e84bf942 DM |
962 | my $targets = [ $ref->{pmail} ]; |
963 | PMG::Quarantine::deliver_quarantined_mail($dbh, $ref, $targets); | |
157a946b | 964 | } elsif ($action eq 'delete') { |
e84bf942 DM |
965 | PMG::Quarantine::delete_quarantined_mail($dbh, $ref); |
966 | } else { | |
967 | die "internal error"; # should not be reached | |
157a946b DM |
968 | } |
969 | ||
970 | return undef; | |
971 | }}); | |
e84bf942 | 972 | |
b66faa68 | 973 | 1; |