]>
Commit | Line | Data |
---|---|---|
b66faa68 DM |
1 | package PMG::API2::Quarantine; |
2 | ||
3 | use strict; | |
4 | use warnings; | |
5 | use Time::Local; | |
6 | use Time::Zone; | |
7 | use Data::Dumper; | |
34db0c3f | 8 | use Encode; |
b66faa68 | 9 | |
34db0c3f | 10 | use Mail::Header; |
e325aa6f | 11 | use Mail::SpamAssassin; |
dae021a8 | 12 | |
b66faa68 | 13 | use PVE::SafeSyslog; |
6e8886d4 | 14 | use PVE::Exception qw(raise_param_exc raise_perm_exc); |
b66faa68 DM |
15 | use PVE::Tools qw(extract_param); |
16 | use PVE::JSONSchema qw(get_standard_option); | |
17 | use PVE::RESTHandler; | |
18 | use PVE::INotify; | |
34db0c3f | 19 | use PVE::APIServer::Formatter; |
b66faa68 | 20 | |
dae021a8 | 21 | use PMG::Utils; |
b66faa68 | 22 | use PMG::AccessControl; |
34db0c3f | 23 | use PMG::Config; |
b66faa68 | 24 | use PMG::DBTools; |
34db0c3f | 25 | use PMG::HTMLMail; |
e84bf942 | 26 | use PMG::Quarantine; |
b66faa68 DM |
27 | |
28 | use base qw(PVE::RESTHandler); | |
29 | ||
1284c016 DM |
30 | my $spamdesc; |
31 | ||
9efdabf0 DM |
32 | my $extract_pmail = sub { |
33 | my ($authuser, $role) = @_; | |
34 | ||
35 | if ($authuser =~ m/^(.+)\@quarantine$/) { | |
36 | return $1; | |
37 | } | |
38 | raise_param_exc({ pmail => "got unexpected authuser '$authuser' with role '$role'"}); | |
39 | }; | |
40 | ||
157a946b | 41 | my $verify_optional_pmail = sub { |
666b5e8f | 42 | my ($authuser, $role, $pmail_param) = @_; |
157a946b | 43 | |
666b5e8f | 44 | my $pmail; |
157a946b | 45 | if ($role eq 'quser') { |
9efdabf0 | 46 | $pmail = $extract_pmail->($authuser, $role); |
666b5e8f DM |
47 | raise_param_exc({ pmail => "parameter not allwed with role '$role'"}) |
48 | if defined($pmail_param) && ($pmail ne $pmail_param); | |
157a946b | 49 | } else { |
5182cea0 | 50 | raise_param_exc({ pmail => "parameter required with role '$role'"}) |
666b5e8f DM |
51 | if !defined($pmail_param); |
52 | $pmail = $pmail_param; | |
157a946b DM |
53 | } |
54 | return $pmail; | |
55 | }; | |
56 | ||
1284c016 DM |
57 | sub decode_spaminfo { |
58 | my ($info) = @_; | |
59 | ||
e325aa6f DC |
60 | my $saversion = Mail::SpamAssassin->VERSION; |
61 | ||
62 | my $salocaldir = "/var/lib/spamassassin/$saversion/updates_spamassassin_org"; | |
63 | ||
64 | $spamdesc = PMG::Utils::load_sa_descriptions([$salocaldir]) if !$spamdesc; | |
1284c016 DM |
65 | |
66 | my $res = []; | |
67 | ||
68 | foreach my $test (split (',', $info)) { | |
69 | my ($name, $score) = split (':', $test); | |
70 | ||
273c538f | 71 | my $info = { name => $name, score => $score + 0, desc => '-' }; |
1284c016 DM |
72 | if (my $si = $spamdesc->{$name}) { |
73 | $info->{desc} = $si->{desc}; | |
74 | $info->{url} = $si->{url} if defined($si->{url}); | |
75 | } | |
76 | push @$res, $info; | |
77 | } | |
78 | ||
79 | return $res; | |
80 | } | |
b66faa68 | 81 | |
157a946b DM |
82 | my $extract_email = sub { |
83 | my $data = shift; | |
84 | ||
85 | return $data if !$data; | |
86 | ||
87 | if ($data =~ m/^.*\s(\S+)\s*$/) { | |
88 | $data = $1; | |
89 | } | |
90 | ||
91 | if ($data =~ m/^<([^<>\s]+)>$/) { | |
92 | $data = $1; | |
93 | } | |
94 | ||
95 | if ($data !~ m/[\s><]/ && $data =~ m/^(.+\@[^\.]+\..*[^\.]+)$/) { | |
96 | $data = $1; | |
97 | } else { | |
98 | $data = undef; | |
99 | } | |
100 | ||
101 | return $data; | |
102 | }; | |
103 | ||
104 | my $get_real_sender = sub { | |
105 | my ($ref) = @_; | |
106 | ||
107 | my @lines = split('\n', $ref->{header}); | |
108 | my $head = Mail::Header->new(\@lines); | |
109 | ||
110 | my @fromarray = split ('\s*,\s*', $head->get ('from') || $ref->{sender}); | |
111 | my $from = $extract_email->($fromarray[0]) || $ref->{sender};; | |
112 | my $sender = $extract_email->($head->get ('sender')); | |
113 | ||
114 | return $sender if $sender; | |
115 | ||
116 | return $from; | |
117 | }; | |
118 | ||
dae021a8 DM |
119 | my $parse_header_info = sub { |
120 | my ($ref) = @_; | |
121 | ||
122 | my $res = { subject => '', from => '' }; | |
123 | ||
124 | my @lines = split('\n', $ref->{header}); | |
125 | my $head = Mail::Header->new(\@lines); | |
126 | ||
127 | $res->{subject} = PMG::Utils::decode_rfc1522(PVE::Tools::trim($head->get('subject'))) // ''; | |
128 | ||
129 | my @fromarray = split('\s*,\s*', $head->get('from') || $ref->{sender}); | |
130 | ||
131 | $res->{from} = PMG::Utils::decode_rfc1522(PVE::Tools::trim ($fromarray[0])) // ''; | |
132 | ||
133 | my $sender = PMG::Utils::decode_rfc1522(PVE::Tools::trim($head->get('sender'))); | |
1284c016 | 134 | $res->{sender} = $sender if $sender && ($sender ne $res->{from}); |
dae021a8 DM |
135 | |
136 | $res->{envelope_sender} = $ref->{sender}; | |
e84bf942 | 137 | $res->{receiver} = $ref->{receiver} // $ref->{pmail}; |
666b5e8f | 138 | $res->{id} = 'C' . $ref->{cid} . 'R' . $ref->{rid} . 'T' . $ref->{ticketid}; |
dae021a8 DM |
139 | $res->{time} = $ref->{time}; |
140 | $res->{bytes} = $ref->{bytes}; | |
141 | ||
1284c016 DM |
142 | my $qtype = $ref->{qtype}; |
143 | ||
144 | if ($qtype eq 'V') { | |
145 | $res->{virusname} = $ref->{info}; | |
2ad4def7 | 146 | $res->{spamlevel} = 0; |
1284c016 DM |
147 | } elsif ($qtype eq 'S') { |
148 | $res->{spamlevel} = $ref->{spamlevel} // 0; | |
1284c016 DM |
149 | } |
150 | ||
dae021a8 DM |
151 | return $res; |
152 | }; | |
153 | ||
7b6ff2ee | 154 | my $pmail_param_type = get_standard_option('pmg-email-address', { |
157a946b | 155 | description => "List entries for the user with this primary email address. Quarantine users cannot speficy this parameter, but it is required for all other roles.", |
157a946b | 156 | optional => 1, |
7b6ff2ee | 157 | }); |
6e8886d4 | 158 | |
b66faa68 DM |
159 | __PACKAGE__->register_method ({ |
160 | name => 'index', | |
161 | path => '', | |
162 | method => 'GET', | |
163 | permissions => { user => 'all' }, | |
164 | description => "Directory index.", | |
165 | parameters => { | |
166 | additionalProperties => 0, | |
167 | properties => {}, | |
168 | }, | |
169 | returns => { | |
170 | type => 'array', | |
171 | items => { | |
172 | type => "object", | |
173 | properties => {}, | |
174 | }, | |
175 | links => [ { rel => 'child', href => "{name}" } ], | |
176 | }, | |
177 | code => sub { | |
178 | my ($param) = @_; | |
179 | ||
180 | my $result = [ | |
157a946b DM |
181 | { name => 'whitelist' }, |
182 | { name => 'blacklist' }, | |
6e8886d4 | 183 | { name => 'content' }, |
b66faa68 | 184 | { name => 'spam' }, |
4f41cebc | 185 | { name => 'spamusers' }, |
ab02ba10 | 186 | { name => 'spamstatus' }, |
b66faa68 | 187 | { name => 'virus' }, |
c3246f47 | 188 | { name => 'virusstatus' }, |
091d8086 | 189 | { name => 'quarusers' }, |
b66faa68 DM |
190 | ]; |
191 | ||
192 | return $result; | |
193 | }}); | |
194 | ||
157a946b | 195 | |
767657cb DM |
196 | my $read_or_modify_user_bw_list = sub { |
197 | my ($listname, $param, $addrs, $delete) = @_; | |
157a946b DM |
198 | |
199 | my $rpcenv = PMG::RESTEnvironment->get(); | |
200 | my $authuser = $rpcenv->get_user(); | |
201 | my $role = $rpcenv->get_role(); | |
202 | ||
203 | my $pmail = $verify_optional_pmail->($authuser, $role, $param->{pmail}); | |
204 | ||
205 | my $dbh = PMG::DBTools::open_ruledb(); | |
206 | ||
767657cb DM |
207 | my $list = PMG::Quarantine::add_to_blackwhite( |
208 | $dbh, $pmail, $listname, $addrs, $delete); | |
157a946b DM |
209 | |
210 | my $res = []; | |
211 | foreach my $a (@$list) { push @$res, { address => $a }; } | |
212 | return $res; | |
213 | }; | |
214 | ||
215 | __PACKAGE__->register_method ({ | |
216 | name => 'whitelist', | |
217 | path => 'whitelist', | |
218 | method => 'GET', | |
219 | permissions => { check => [ 'admin', 'qmanager', 'audit', 'quser'] }, | |
220 | description => "Show user whitelist.", | |
221 | parameters => { | |
222 | additionalProperties => 0, | |
223 | properties => { | |
224 | pmail => $pmail_param_type, | |
225 | }, | |
226 | }, | |
227 | returns => { | |
228 | type => 'array', | |
229 | items => { | |
230 | type => "object", | |
231 | properties => { | |
232 | address => { | |
233 | type => "string", | |
234 | }, | |
235 | }, | |
236 | }, | |
237 | }, | |
238 | code => sub { | |
239 | my ($param) = @_; | |
240 | ||
767657cb DM |
241 | return $read_or_modify_user_bw_list->('WL', $param); |
242 | }}); | |
243 | ||
244 | __PACKAGE__->register_method ({ | |
245 | name => 'whitelist_add', | |
246 | path => 'whitelist', | |
247 | method => 'POST', | |
248 | description => "Add user whitelist entries.", | |
249 | permissions => { check => [ 'admin', 'qmanager', 'audit', 'quser'] }, | |
250 | protected => 1, | |
251 | parameters => { | |
252 | additionalProperties => 0, | |
253 | properties => { | |
254 | pmail => $pmail_param_type, | |
1a1bde13 | 255 | address => get_standard_option('pmg-whiteblacklist-entry-list', { |
767657cb | 256 | description => "The address you want to add.", |
01929101 | 257 | }), |
767657cb DM |
258 | }, |
259 | }, | |
260 | returns => { type => 'null' }, | |
261 | code => sub { | |
262 | my ($param) = @_; | |
263 | ||
1a1bde13 DC |
264 | my $addresses = [split(',', $param->{address})]; |
265 | $read_or_modify_user_bw_list->('WL', $param, $addresses); | |
767657cb DM |
266 | |
267 | return undef; | |
268 | }}); | |
269 | ||
270 | __PACKAGE__->register_method ({ | |
271 | name => 'whitelist_delete', | |
272 | path => 'whitelist/{address}', | |
273 | method => 'DELETE', | |
274 | description => "Delete user whitelist entries.", | |
275 | permissions => { check => [ 'admin', 'qmanager', 'audit', 'quser'] }, | |
276 | protected => 1, | |
277 | parameters => { | |
278 | additionalProperties => 0, | |
279 | properties => { | |
280 | pmail => $pmail_param_type, | |
1a1bde13 | 281 | address => get_standard_option('pmg-whiteblacklist-entry-list', { |
767657cb | 282 | description => "The address you want to remove.", |
01929101 | 283 | }), |
767657cb DM |
284 | }, |
285 | }, | |
286 | returns => { type => 'null' }, | |
287 | code => sub { | |
288 | my ($param) = @_; | |
289 | ||
1a1bde13 DC |
290 | my $addresses = [split(',', $param->{address})]; |
291 | $read_or_modify_user_bw_list->('WL', $param, $addresses, 1); | |
767657cb DM |
292 | |
293 | return undef; | |
157a946b DM |
294 | }}); |
295 | ||
296 | __PACKAGE__->register_method ({ | |
297 | name => 'blacklist', | |
298 | path => 'blacklist', | |
299 | method => 'GET', | |
300 | permissions => { check => [ 'admin', 'qmanager', 'audit', 'quser'] }, | |
301 | description => "Show user blacklist.", | |
302 | parameters => { | |
303 | additionalProperties => 0, | |
304 | properties => { | |
305 | pmail => $pmail_param_type, | |
306 | }, | |
307 | }, | |
308 | returns => { | |
309 | type => 'array', | |
310 | items => { | |
311 | type => "object", | |
312 | properties => { | |
313 | address => { | |
314 | type => "string", | |
315 | }, | |
316 | }, | |
317 | }, | |
318 | }, | |
319 | code => sub { | |
320 | my ($param) = @_; | |
321 | ||
767657cb DM |
322 | return $read_or_modify_user_bw_list->('BL', $param); |
323 | }}); | |
324 | ||
325 | __PACKAGE__->register_method ({ | |
326 | name => 'blacklist_add', | |
327 | path => 'blacklist', | |
328 | method => 'POST', | |
329 | description => "Add user blacklist entries.", | |
330 | permissions => { check => [ 'admin', 'qmanager', 'audit', 'quser'] }, | |
331 | protected => 1, | |
332 | parameters => { | |
333 | additionalProperties => 0, | |
334 | properties => { | |
335 | pmail => $pmail_param_type, | |
1a1bde13 | 336 | address => get_standard_option('pmg-whiteblacklist-entry-list', { |
767657cb | 337 | description => "The address you want to add.", |
01929101 | 338 | }), |
767657cb DM |
339 | }, |
340 | }, | |
341 | returns => { type => 'null' }, | |
342 | code => sub { | |
343 | my ($param) = @_; | |
344 | ||
1a1bde13 DC |
345 | my $addresses = [split(',', $param->{address})]; |
346 | $read_or_modify_user_bw_list->('BL', $param, $addresses); | |
767657cb DM |
347 | |
348 | return undef; | |
349 | }}); | |
350 | ||
351 | __PACKAGE__->register_method ({ | |
352 | name => 'blacklist_delete', | |
353 | path => 'blacklist/{address}', | |
354 | method => 'DELETE', | |
355 | description => "Delete user blacklist entries.", | |
356 | permissions => { check => [ 'admin', 'qmanager', 'audit', 'quser'] }, | |
357 | protected => 1, | |
358 | parameters => { | |
359 | additionalProperties => 0, | |
360 | properties => { | |
361 | pmail => $pmail_param_type, | |
1a1bde13 | 362 | address => get_standard_option('pmg-whiteblacklist-entry-list', { |
767657cb | 363 | description => "The address you want to remove.", |
01929101 | 364 | }), |
767657cb DM |
365 | }, |
366 | }, | |
367 | returns => { type => 'null' }, | |
368 | code => sub { | |
369 | my ($param) = @_; | |
370 | ||
1a1bde13 DC |
371 | my $addresses = [split(',', $param->{address})]; |
372 | $read_or_modify_user_bw_list->('BL', $param, $addresses, 1); | |
767657cb DM |
373 | |
374 | return undef; | |
157a946b DM |
375 | }}); |
376 | ||
4f41cebc DC |
377 | __PACKAGE__->register_method ({ |
378 | name => 'spamusers', | |
379 | path => 'spamusers', | |
380 | method => 'GET', | |
24a0be04 | 381 | permissions => { check => [ 'admin', 'qmanager', 'audit'] }, |
4f41cebc DC |
382 | description => "Get a list of receivers of spam in the given timespan (Default the last 24 hours).", |
383 | parameters => { | |
384 | additionalProperties => 0, | |
385 | properties => { | |
6214b5cf DM |
386 | starttime => get_standard_option('pmg-starttime'), |
387 | endtime => get_standard_option('pmg-endtime'), | |
4f41cebc DC |
388 | }, |
389 | }, | |
390 | returns => { | |
391 | type => 'array', | |
392 | items => { | |
393 | type => "object", | |
394 | properties => { | |
395 | mail => { | |
396 | description => 'the receiving email', | |
397 | type => 'string', | |
398 | }, | |
399 | }, | |
400 | }, | |
401 | }, | |
402 | code => sub { | |
403 | my ($param) = @_; | |
404 | ||
405 | my $rpcenv = PMG::RESTEnvironment->get(); | |
406 | my $authuser = $rpcenv->get_user(); | |
4f41cebc DC |
407 | |
408 | my $res = []; | |
409 | ||
410 | my $dbh = PMG::DBTools::open_ruledb(); | |
411 | ||
412 | my $start = $param->{starttime} // (time - 86400); | |
413 | my $end = $param->{endtime} // ($start + 86400); | |
414 | ||
415 | my $sth = $dbh->prepare( | |
416 | "SELECT DISTINCT pmail " . | |
417 | "FROM CMailStore, CMSReceivers WHERE " . | |
418 | "time >= $start AND time < $end AND " . | |
419 | "QType = 'S' AND CID = CMailStore_CID AND RID = CMailStore_RID " . | |
420 | "AND Status = 'N' ORDER BY pmail"); | |
421 | ||
422 | $sth->execute(); | |
423 | ||
424 | while (my $ref = $sth->fetchrow_hashref()) { | |
425 | push @$res, { mail => $ref->{pmail} }; | |
426 | } | |
427 | ||
428 | return $res; | |
429 | }}); | |
430 | ||
ab02ba10 DM |
431 | __PACKAGE__->register_method ({ |
432 | name => 'spamstatus', | |
433 | path => 'spamstatus', | |
434 | method => 'GET', | |
435 | permissions => { check => [ 'admin', 'qmanager', 'audit'] }, | |
436 | description => "Get Spam Quarantine Status", | |
437 | parameters => { | |
438 | additionalProperties => 0, | |
439 | properties => {}, | |
440 | }, | |
441 | returns => { | |
442 | type => "object", | |
443 | properties => { | |
444 | count => { | |
445 | description => 'Number of stored mails.', | |
446 | type => 'integer', | |
447 | }, | |
448 | mbytes => { | |
449 | description => "Estimated disk space usage in MByte.", | |
450 | type => 'number', | |
451 | }, | |
452 | avgbytes => { | |
453 | description => "Average size of stored mails in bytes.", | |
454 | type => 'number', | |
455 | }, | |
456 | avgspam => { | |
457 | description => "Average spam level.", | |
458 | type => 'number', | |
459 | }, | |
460 | }, | |
461 | }, | |
462 | code => sub { | |
463 | my ($param) = @_; | |
464 | ||
ab02ba10 DM |
465 | my $dbh = PMG::DBTools::open_ruledb(); |
466 | my $ref = PMG::DBTools::get_quarantine_count($dbh, 'S'); | |
467 | ||
468 | return $ref; | |
469 | }}); | |
470 | ||
9867e2da DM |
471 | __PACKAGE__->register_method ({ |
472 | name => 'quarusers', | |
473 | path => 'quarusers', | |
474 | method => 'GET', | |
475 | permissions => { check => [ 'admin', 'qmanager', 'audit'] }, | |
476 | description => "Get a list of users with whitelist/blacklist setttings.", | |
477 | parameters => { | |
478 | additionalProperties => 0, | |
648954c6 DC |
479 | properties => { |
480 | list => { | |
481 | type => 'string', | |
482 | description => 'If set, limits the result to the given list.', | |
483 | enum => ['BL', 'WL'], | |
484 | optional => 1, | |
485 | }, | |
486 | }, | |
9867e2da DM |
487 | }, |
488 | returns => { | |
489 | type => 'array', | |
490 | items => { | |
491 | type => "object", | |
492 | properties => { | |
493 | mail => { | |
494 | description => 'the receiving email', | |
495 | type => 'string', | |
496 | }, | |
497 | }, | |
498 | }, | |
499 | }, | |
500 | code => sub { | |
501 | my ($param) = @_; | |
502 | ||
503 | my $rpcenv = PMG::RESTEnvironment->get(); | |
504 | my $authuser = $rpcenv->get_user(); | |
9867e2da DM |
505 | |
506 | my $res = []; | |
507 | ||
508 | my $dbh = PMG::DBTools::open_ruledb(); | |
509 | ||
648954c6 DC |
510 | my $sth; |
511 | if ($param->{list}) { | |
512 | $sth = $dbh->prepare("SELECT DISTINCT pmail FROM UserPrefs WHERE name = ? ORDER BY pmail"); | |
513 | $sth->execute($param->{list}); | |
514 | } else { | |
515 | $sth = $dbh->prepare("SELECT DISTINCT pmail FROM UserPrefs ORDER BY pmail"); | |
516 | $sth->execute(); | |
517 | } | |
9867e2da DM |
518 | |
519 | while (my $ref = $sth->fetchrow_hashref()) { | |
520 | push @$res, { mail => $ref->{pmail} }; | |
521 | } | |
522 | ||
523 | return $res; | |
524 | }}); | |
525 | ||
ded33c7c | 526 | __PACKAGE__->register_method ({ |
83ce499f DC |
527 | name => 'spam', |
528 | path => 'spam', | |
ded33c7c DM |
529 | method => 'GET', |
530 | permissions => { check => [ 'admin', 'qmanager', 'audit', 'quser'] }, | |
83ce499f | 531 | description => "Get a list of quarantined spam mails in the given timeframe (default the last 24 hours) for the given user.", |
ded33c7c DM |
532 | parameters => { |
533 | additionalProperties => 0, | |
534 | properties => { | |
6214b5cf DM |
535 | starttime => get_standard_option('pmg-starttime'), |
536 | endtime => get_standard_option('pmg-endtime'), | |
157a946b | 537 | pmail => $pmail_param_type, |
ded33c7c DM |
538 | }, |
539 | }, | |
540 | returns => { | |
541 | type => 'array', | |
542 | items => { | |
543 | type => "object", | |
dae021a8 DM |
544 | properties => { |
545 | id => { | |
546 | description => 'Unique ID', | |
547 | type => 'string', | |
548 | }, | |
549 | bytes => { | |
550 | description => "Size of raw email.", | |
551 | type => 'integer' , | |
552 | }, | |
553 | envelope_sender => { | |
554 | description => "SMTP envelope sender.", | |
555 | type => 'string', | |
556 | }, | |
557 | from => { | |
558 | description => "Header 'From' field.", | |
559 | type => 'string', | |
560 | }, | |
561 | sender => { | |
562 | description => "Header 'Sender' field.", | |
563 | type => 'string', | |
564 | optional => 1, | |
565 | }, | |
566 | receiver => { | |
567 | description => "Receiver email address", | |
568 | type => 'string', | |
569 | }, | |
570 | subject => { | |
571 | description => "Header 'Subject' field.", | |
572 | type => 'string', | |
573 | }, | |
574 | time => { | |
575 | description => "Receive time stamp", | |
576 | type => 'integer', | |
577 | }, | |
1284c016 DM |
578 | spamlevel => { |
579 | description => "Spam score.", | |
580 | type => 'number', | |
581 | }, | |
dae021a8 | 582 | }, |
ded33c7c DM |
583 | }, |
584 | }, | |
585 | code => sub { | |
586 | my ($param) = @_; | |
587 | ||
588 | my $rpcenv = PMG::RESTEnvironment->get(); | |
589 | my $authuser = $rpcenv->get_user(); | |
590 | my $role = $rpcenv->get_role(); | |
591 | ||
157a946b | 592 | my $pmail = $verify_optional_pmail->($authuser, $role, $param->{pmail}); |
b66faa68 | 593 | |
ded33c7c DM |
594 | my $res = []; |
595 | ||
596 | my $dbh = PMG::DBTools::open_ruledb(); | |
597 | ||
83ce499f | 598 | my $start = $param->{starttime} // (time - 86400); |
ded33c7c DM |
599 | my $end = $param->{endtime} // ($start + 86400); |
600 | ||
601 | my $sth = $dbh->prepare( | |
602 | "SELECT * " . | |
603 | "FROM CMailStore, CMSReceivers WHERE " . | |
604 | "pmail = ? AND time >= $start AND time < $end AND " . | |
605 | "QType = 'S' AND CID = CMailStore_CID AND RID = CMailStore_RID " . | |
606 | "AND Status = 'N' ORDER BY pmail, time, receiver"); | |
607 | ||
608 | $sth->execute($pmail); | |
609 | ||
b66faa68 | 610 | while (my $ref = $sth->fetchrow_hashref()) { |
dae021a8 DM |
611 | my $data = $parse_header_info->($ref); |
612 | push @$res, $data; | |
b66faa68 DM |
613 | } |
614 | ||
615 | return $res; | |
616 | }}); | |
617 | ||
bb01dcf8 DM |
618 | __PACKAGE__->register_method ({ |
619 | name => 'virus', | |
620 | path => 'virus', | |
621 | method => 'GET', | |
622 | permissions => { check => [ 'admin', 'qmanager', 'audit' ] }, | |
623 | description => "Get a list of quarantined virus mails in the given timeframe (default the last 24 hours).", | |
624 | parameters => { | |
625 | additionalProperties => 0, | |
626 | properties => { | |
6214b5cf DM |
627 | starttime => get_standard_option('pmg-starttime'), |
628 | endtime => get_standard_option('pmg-endtime'), | |
bb01dcf8 DM |
629 | }, |
630 | }, | |
631 | returns => { | |
632 | type => 'array', | |
633 | items => { | |
634 | type => "object", | |
635 | properties => { | |
636 | id => { | |
637 | description => 'Unique ID', | |
638 | type => 'string', | |
639 | }, | |
640 | bytes => { | |
641 | description => "Size of raw email.", | |
642 | type => 'integer' , | |
643 | }, | |
644 | envelope_sender => { | |
645 | description => "SMTP envelope sender.", | |
646 | type => 'string', | |
647 | }, | |
648 | from => { | |
649 | description => "Header 'From' field.", | |
650 | type => 'string', | |
651 | }, | |
652 | sender => { | |
653 | description => "Header 'Sender' field.", | |
654 | type => 'string', | |
655 | optional => 1, | |
656 | }, | |
657 | receiver => { | |
658 | description => "Receiver email address", | |
659 | type => 'string', | |
660 | }, | |
661 | subject => { | |
662 | description => "Header 'Subject' field.", | |
663 | type => 'string', | |
664 | }, | |
665 | time => { | |
666 | description => "Receive time stamp", | |
667 | type => 'integer', | |
668 | }, | |
669 | virusname => { | |
670 | description => "Virus name.", | |
671 | type => 'string', | |
672 | }, | |
673 | }, | |
674 | }, | |
675 | }, | |
676 | code => sub { | |
677 | my ($param) = @_; | |
678 | ||
679 | my $rpcenv = PMG::RESTEnvironment->get(); | |
680 | my $authuser = $rpcenv->get_user(); | |
bb01dcf8 DM |
681 | |
682 | my $res = []; | |
683 | ||
684 | my $dbh = PMG::DBTools::open_ruledb(); | |
685 | ||
686 | my $start = $param->{starttime} // (time - 86400); | |
687 | my $end = $param->{endtime} // ($start + 86400); | |
688 | ||
689 | my $sth = $dbh->prepare( | |
690 | "SELECT * " . | |
691 | "FROM CMailStore, CMSReceivers WHERE " . | |
692 | "time >= $start AND time < $end AND " . | |
693 | "QType = 'V' AND CID = CMailStore_CID AND RID = CMailStore_RID " . | |
694 | "AND Status = 'N' ORDER BY time, receiver"); | |
695 | ||
696 | $sth->execute(); | |
697 | ||
698 | while (my $ref = $sth->fetchrow_hashref()) { | |
699 | my $data = $parse_header_info->($ref); | |
700 | push @$res, $data; | |
701 | } | |
702 | ||
703 | return $res; | |
704 | }}); | |
705 | ||
c3246f47 DM |
706 | __PACKAGE__->register_method ({ |
707 | name => 'virusstatus', | |
708 | path => 'virusstatus', | |
709 | method => 'GET', | |
710 | permissions => { check => [ 'admin', 'qmanager', 'audit'] }, | |
711 | description => "Get Virus Quarantine Status", | |
712 | parameters => { | |
713 | additionalProperties => 0, | |
714 | properties => {}, | |
715 | }, | |
716 | returns => { | |
717 | type => "object", | |
718 | properties => { | |
719 | count => { | |
720 | description => 'Number of stored mails.', | |
721 | type => 'integer', | |
722 | }, | |
723 | mbytes => { | |
724 | description => "Estimated disk space usage in MByte.", | |
725 | type => 'number', | |
726 | }, | |
727 | avgbytes => { | |
728 | description => "Average size of stored mails in bytes.", | |
729 | type => 'number', | |
730 | }, | |
731 | }, | |
732 | }, | |
733 | code => sub { | |
734 | my ($param) = @_; | |
735 | ||
736 | my $dbh = PMG::DBTools::open_ruledb(); | |
737 | my $ref = PMG::DBTools::get_quarantine_count($dbh, 'V'); | |
738 | ||
f7fa880f DM |
739 | delete $ref->{avgspam}; |
740 | ||
c3246f47 DM |
741 | return $ref; |
742 | }}); | |
743 | ||
6e8886d4 DM |
744 | __PACKAGE__->register_method ({ |
745 | name => 'content', | |
746 | path => 'content', | |
747 | method => 'GET', | |
748 | permissions => { check => [ 'admin', 'qmanager', 'audit', 'quser'] }, | |
34db0c3f | 749 | description => "Get email data. There is a special formatter called 'htmlmail' to get sanitized html view of the mail content (use the '/api2/htmlmail/quarantine/content' url).", |
6e8886d4 DM |
750 | parameters => { |
751 | additionalProperties => 0, | |
752 | properties => { | |
753 | id => { | |
754 | description => 'Unique ID', | |
755 | type => 'string', | |
666b5e8f DM |
756 | pattern => 'C\d+R\d+T\d+', |
757 | maxLength => 60, | |
6e8886d4 | 758 | }, |
34db0c3f | 759 | raw => { |
c81cf188 | 760 | description => "Display 'raw' eml data. Deactivates size limit.", |
34db0c3f DM |
761 | type => 'boolean', |
762 | optional => 1, | |
763 | default => 0, | |
764 | }, | |
6e8886d4 DM |
765 | }, |
766 | }, | |
767 | returns => { | |
768 | type => "object", | |
cd31bb45 DM |
769 | properties => { |
770 | id => { | |
771 | description => 'Unique ID', | |
772 | type => 'string', | |
773 | }, | |
774 | bytes => { | |
775 | description => "Size of raw email.", | |
776 | type => 'integer' , | |
777 | }, | |
778 | envelope_sender => { | |
779 | description => "SMTP envelope sender.", | |
780 | type => 'string', | |
781 | }, | |
782 | from => { | |
783 | description => "Header 'From' field.", | |
784 | type => 'string', | |
785 | }, | |
786 | sender => { | |
787 | description => "Header 'Sender' field.", | |
788 | type => 'string', | |
789 | optional => 1, | |
790 | }, | |
791 | receiver => { | |
792 | description => "Receiver email address", | |
793 | type => 'string', | |
794 | }, | |
795 | subject => { | |
796 | description => "Header 'Subject' field.", | |
797 | type => 'string', | |
798 | }, | |
799 | time => { | |
800 | description => "Receive time stamp", | |
801 | type => 'integer', | |
802 | }, | |
803 | spamlevel => { | |
804 | description => "Spam score.", | |
805 | type => 'number', | |
806 | }, | |
807 | spaminfo => { | |
808 | description => "Information about matched spam tests (name, score, desc, url).", | |
809 | type => 'array', | |
810 | }, | |
811 | header => { | |
812 | description => "Raw email header data.", | |
813 | type => 'string', | |
814 | }, | |
815 | content => { | |
816 | description => "Raw email data (first 4096 bytes). Useful for preview. NOTE: The 'htmlmail' formatter displays the whole email.", | |
817 | type => 'string', | |
6eac8473 | 818 | }, |
cd31bb45 | 819 | }, |
6e8886d4 DM |
820 | }, |
821 | code => sub { | |
822 | my ($param) = @_; | |
823 | ||
824 | my $rpcenv = PMG::RESTEnvironment->get(); | |
825 | my $authuser = $rpcenv->get_user(); | |
826 | my $role = $rpcenv->get_role(); | |
34db0c3f | 827 | my $format = $rpcenv->get_format(); |
6e8886d4 | 828 | |
c81cf188 DC |
829 | my $raw = $param->{raw} // 0; |
830 | ||
666b5e8f | 831 | my ($cid, $rid, $tid) = $param->{id} =~ m/^C(\d+)R(\d+)T(\d+)$/; |
6e8886d4 DM |
832 | $cid = int($cid); |
833 | $rid = int($rid); | |
666b5e8f | 834 | $tid = int($tid); |
9efdabf0 | 835 | |
6e8886d4 DM |
836 | my $dbh = PMG::DBTools::open_ruledb(); |
837 | ||
666b5e8f | 838 | my $ref = PMG::DBTools::load_mail_data($dbh, $cid, $rid, $tid); |
6e8886d4 DM |
839 | |
840 | if ($role eq 'quser') { | |
6060e345 | 841 | my $quar_username = $ref->{pmail} . '@quarantine'; |
666b5e8f | 842 | raise_perm_exc("mail does not belong to user '$authuser' ($ref->{pmail})") |
6060e345 | 843 | if $authuser ne $quar_username; |
6e8886d4 DM |
844 | } |
845 | ||
846 | my $res = $parse_header_info->($ref); | |
847 | ||
6e8886d4 DM |
848 | my $filename = $ref->{file}; |
849 | my $spooldir = $PMG::MailQueue::spooldir; | |
850 | ||
851 | my $path = "$spooldir/$filename"; | |
852 | ||
34db0c3f DM |
853 | if ($format eq 'htmlmail') { |
854 | ||
855 | my $cfg = PMG::Config->new(); | |
856 | my $viewimages = $cfg->get('spamquar', 'viewimages'); | |
857 | my $allowhref = $cfg->get('spamquar', 'allowhrefs'); | |
858 | ||
c81cf188 | 859 | $res->{content} = PMG::HTMLMail::email_to_html($path, $raw, $viewimages, $allowhref); |
34db0c3f | 860 | |
157a946b DM |
861 | # to make result verification happy |
862 | $res->{file} = ''; | |
863 | $res->{header} = ''; | |
2ad4def7 | 864 | $res->{spamlevel} = 0; |
157a946b | 865 | $res->{spaminfo} = []; |
34db0c3f | 866 | } else { |
cd31bb45 | 867 | # include additional details |
34db0c3f | 868 | |
c81cf188 DC |
869 | # we want to get the whole email in raw mode |
870 | my $maxbytes = (!$raw)? 4096 : undef; | |
871 | ||
872 | my ($header, $content) = PMG::HTMLMail::read_raw_email($path, $maxbytes); | |
157a946b | 873 | |
cd31bb45 DM |
874 | $res->{file} = $ref->{file}; |
875 | $res->{spaminfo} = decode_spaminfo($ref->{info}); | |
34db0c3f DM |
876 | $res->{header} = $header; |
877 | $res->{content} = $content; | |
878 | } | |
6e8886d4 | 879 | |
6e8886d4 DM |
880 | |
881 | return $res; | |
882 | ||
883 | }}); | |
884 | ||
34db0c3f DM |
885 | PVE::APIServer::Formatter::register_page_formatter( |
886 | 'format' => 'htmlmail', | |
887 | method => 'GET', | |
888 | path => '/quarantine/content', | |
889 | code => sub { | |
890 | my ($res, $data, $param, $path, $auth, $config) = @_; | |
891 | ||
892 | if(!HTTP::Status::is_success($res->{status})) { | |
893 | return ("Error $res->{status}: $res->{message}", "text/plain"); | |
894 | } | |
895 | ||
896 | my $ct = "text/html;charset=UTF-8"; | |
897 | ||
898 | my $raw = $data->{content}; | |
899 | ||
900 | return (encode('UTF-8', $raw), $ct, 1); | |
901 | }); | |
902 | ||
157a946b DM |
903 | __PACKAGE__->register_method ({ |
904 | name =>'action', | |
905 | path => 'content', | |
906 | method => 'POST', | |
907 | description => "Execute quarantine actions.", | |
908 | permissions => { check => [ 'admin', 'qmanager', 'quser'] }, | |
909 | protected => 1, | |
910 | parameters => { | |
911 | additionalProperties => 0, | |
912 | properties => { | |
913 | id => { | |
b7894d7c | 914 | description => 'Unique IDs, seperate with ;', |
157a946b | 915 | type => 'string', |
b7894d7c | 916 | pattern => 'C\d+R\d+T\d+(;C\d+R\d+T\d+)*', |
157a946b DM |
917 | }, |
918 | action => { | |
919 | description => 'Action - specify what you want to do with the mail.', | |
920 | type => 'string', | |
921 | enum => ['whitelist', 'blacklist', 'deliver', 'delete'], | |
922 | }, | |
923 | }, | |
924 | }, | |
925 | returns => { type => "null" }, | |
926 | code => sub { | |
927 | my ($param) = @_; | |
928 | ||
929 | my $rpcenv = PMG::RESTEnvironment->get(); | |
930 | my $authuser = $rpcenv->get_user(); | |
931 | my $role = $rpcenv->get_role(); | |
932 | my $action = $param->{action}; | |
b7894d7c | 933 | my @idlist = split(';', $param->{id}); |
157a946b | 934 | |
e18901ef DM |
935 | my $dbh = PMG::DBTools::open_ruledb(); |
936 | ||
b7894d7c DC |
937 | for my $id (@idlist) { |
938 | my ($cid, $rid, $tid) = $id =~ m/^C(\d+)R(\d+)T(\d+)$/; | |
939 | $cid = int($cid); | |
940 | $rid = int($rid); | |
941 | $tid = int($tid); | |
8f34e0b1 | 942 | |
b7894d7c | 943 | my $ref = PMG::DBTools::load_mail_data($dbh, $cid, $rid, $tid); |
157a946b | 944 | |
b7894d7c DC |
945 | if ($role eq 'quser') { |
946 | my $quar_username = $ref->{pmail} . '@quarantine'; | |
947 | raise_perm_exc("mail does not belong to user '$authuser' ($ref->{pmail})") | |
6060e345 | 948 | if $authuser ne $quar_username; |
b7894d7c DC |
949 | } |
950 | ||
951 | my $sender = $get_real_sender->($ref); | |
952 | ||
953 | if ($action eq 'whitelist') { | |
954 | PMG::Quarantine::add_to_blackwhite($dbh, $ref->{pmail}, 'WL', [ $sender ]); | |
955 | } elsif ($action eq 'blacklist') { | |
956 | PMG::Quarantine::add_to_blackwhite($dbh, $ref->{pmail}, 'BL', [ $sender ]); | |
957 | } elsif ($action eq 'deliver') { | |
958 | PMG::Quarantine::deliver_quarantined_mail($dbh, $ref, $ref->{receiver} // $ref->{pmail}); | |
959 | } elsif ($action eq 'delete') { | |
960 | PMG::Quarantine::delete_quarantined_mail($dbh, $ref); | |
961 | } else { | |
962 | die "internal error"; # should not be reached | |
963 | } | |
157a946b DM |
964 | } |
965 | ||
966 | return undef; | |
967 | }}); | |
e84bf942 | 968 | |
b66faa68 | 969 | 1; |