]> git.proxmox.com Git - pmg-api.git/blob - src/PMG/API2/Quarantine.pm
projects / pmg-api.git / blob
? search:


272dfdb64f1e6dd3ea77247fb5e87ba3f020644b
[pmg-api.git] / src / PMG / API2 / Quarantine.pm
1 package PMG::API2::Quarantine;
2
3 use strict;
4 use warnings;
5 use Time::Local;
6 use Time::Zone;
7 use Data::Dumper;
8 use Encode;
9 use File::Path;
10 use IO::File;
11
12 use Mail::Header;
13 use Mail::SpamAssassin;
14
15 use PVE::SafeSyslog;
16 use PVE::Exception qw(raise_param_exc raise_perm_exc);
17 use PVE::Tools qw(extract_param);
18 use PVE::JSONSchema qw(get_standard_option);
19 use PVE::RESTHandler;
20 use PVE::INotify;
21 use PVE::APIServer::Formatter;
22
23 use PMG::Utils;
24 use PMG::AccessControl;
25 use PMG::Config;
26 use PMG::DBTools;
27 use PMG::HTMLMail;
28 use PMG::Quarantine;
29 use PMG::MailQueue;
30 use PMG::MIMEUtils;
31
32 use base qw(PVE::RESTHandler);
33
34 my $spamdesc;
35
36 my $extract_pmail = sub {
37 my ($authuser, $role) = @_;
38
39 if ($authuser =~ m/^(.+)\@quarantine$/) {
40 return $1;
41 }
42 raise_param_exc({ pmail => "got unexpected authuser '$authuser' with role '$role'"});
43 };
44
45 my $verify_optional_pmail = sub {
46 my ($authuser, $role, $pmail_param) = @_;
47
48 my $pmail;
49 if ($role eq 'quser') {
50 $pmail = $extract_pmail->($authuser, $role);
51 raise_param_exc({ pmail => "parameter not allwed with role '$role'"})
52 if defined($pmail_param) && ($pmail ne $pmail_param);
53 } else {
54 raise_param_exc({ pmail => "parameter required with role '$role'"})
55 if !defined($pmail_param);
56 $pmail = $pmail_param;
57 }
58 return $pmail;
59 };
60
61 sub decode_spaminfo {
62 my ($info) = @_;
63
64 my $res = [];
65 return $res if !defined($info);
66
67 my $saversion = Mail::SpamAssassin->VERSION;
68
69 my $salocaldir = "/var/lib/spamassassin/$saversion/updates_spamassassin_org";
70
71 $spamdesc = PMG::Utils::load_sa_descriptions([$salocaldir]) if !$spamdesc;
72
73 foreach my $test (split (',', $info)) {
74 my ($name, $score) = split (':', $test);
75
76 my $info = { name => $name, score => $score + 0, desc => '-' };
77 if (my $si = $spamdesc->{$name}) {
78 $info->{desc} = $si->{desc};
79 $info->{url} = $si->{url} if defined($si->{url});
80 }
81 push @$res, $info;
82 }
83
84 return $res;
85 }
86
87 my $extract_email = sub {
88 my $data = shift;
89
90 return $data if !$data;
91
92 if ($data =~ m/^.*\s(\S+)\s*$/) {
93 $data = $1;
94 }
95
96 if ($data =~ m/^<([^<>\s]+)>$/) {
97 $data = $1;
98 }
99
100 if ($data !~ m/[\s><]/ && $data =~ m/^(.+\@[^\.]+\..*[^\.]+)$/) {
101 $data = $1;
102 } else {
103 $data = undef;
104 }
105
106 return $data;
107 };
108
109 my $get_real_sender = sub {
110 my ($ref) = @_;
111
112 my @lines = split('\n', $ref->{header});
113 my $head = Mail::Header->new(\@lines);
114
115 my @fromarray = split ('\s*,\s*', $head->get ('from') || $ref->{sender});
116 my $from = $extract_email->($fromarray[0]) || $ref->{sender};;
117 my $sender = $extract_email->($head->get ('sender'));
118
119 return $sender if $sender;
120
121 return $from;
122 };
123
124 my $parse_header_info = sub {
125 my ($ref) = @_;
126
127 my $res = { subject => '', from => '' };
128
129 my @lines = split('\n', $ref->{header});
130 my $head = Mail::Header->new(\@lines);
131
132 $res->{subject} = PMG::Utils::decode_rfc1522(PVE::Tools::trim($head->get('subject'))) // '';
133
134 my @fromarray = split('\s*,\s*', $head->get('from') || $ref->{sender});
135
136 $res->{from} = PMG::Utils::decode_rfc1522(PVE::Tools::trim ($fromarray[0])) // '';
137
138 my $sender = PMG::Utils::decode_rfc1522(PVE::Tools::trim($head->get('sender')));
139 $res->{sender} = $sender if $sender && ($sender ne $res->{from});
140
141 $res->{envelope_sender} = $ref->{sender};
142 $res->{receiver} = $ref->{receiver} // $ref->{pmail};
143 $res->{id} = 'C' . $ref->{cid} . 'R' . $ref->{rid} . 'T' . $ref->{ticketid};
144 $res->{time} = $ref->{time};
145 $res->{bytes} = $ref->{bytes};
146
147 my $qtype = $ref->{qtype};
148
149 if ($qtype eq 'V') {
150 $res->{virusname} = $ref->{info};
151 $res->{spamlevel} = 0;
152 } elsif ($qtype eq 'S') {
153 $res->{spamlevel} = $ref->{spamlevel} // 0;
154 }
155
156 return $res;
157 };
158
159 my $pmail_param_type = get_standard_option('pmg-email-address', {
160 description => "List entries for the user with this primary email address. Quarantine users cannot speficy this parameter, but it is required for all other roles.",
161 optional => 1,
162 });
163
164 __PACKAGE__->register_method ({
165 name => 'index',
166 path => '',
167 method => 'GET',
168 permissions => { user => 'all' },
169 description => "Directory index.",
170 parameters => {
171 additionalProperties => 0,
172 properties => {},
173 },
174 returns => {
175 type => 'array',
176 items => {
177 type => "object",
178 properties => {},
179 },
180 links => [ { rel => 'child', href => "{name}" } ],
181 },
182 code => sub {
183 my ($param) = @_;
184
185 my $result = [
186 { name => 'whitelist' },
187 { name => 'blacklist' },
188 { name => 'content' },
189 { name => 'spam' },
190 { name => 'spamusers' },
191 { name => 'spamstatus' },
192 { name => 'virus' },
193 { name => 'virusstatus' },
194 { name => 'quarusers' },
195 { name => 'attachment' },
196 { name => 'listattachments' },
197 { name => 'download' },
198 ];
199
200 return $result;
201 }});
202
203
204 my $read_or_modify_user_bw_list = sub {
205 my ($listname, $param, $addrs, $delete) = @_;
206
207 my $rpcenv = PMG::RESTEnvironment->get();
208 my $authuser = $rpcenv->get_user();
209 my $role = $rpcenv->get_role();
210
211 my $pmail = $verify_optional_pmail->($authuser, $role, $param->{pmail});
212
213 my $dbh = PMG::DBTools::open_ruledb();
214
215 my $list = PMG::Quarantine::add_to_blackwhite(
216 $dbh, $pmail, $listname, $addrs, $delete);
217
218 my $res = [];
219 foreach my $a (@$list) { push @$res, { address => $a }; }
220 return $res;
221 };
222
223 __PACKAGE__->register_method ({
224 name => 'whitelist',
225 path => 'whitelist',
226 method => 'GET',
227 permissions => { check => [ 'admin', 'qmanager', 'audit', 'quser'] },
228 description => "Show user whitelist.",
229 parameters => {
230 additionalProperties => 0,
231 properties => {
232 pmail => $pmail_param_type,
233 },
234 },
235 returns => {
236 type => 'array',
237 items => {
238 type => "object",
239 properties => {
240 address => {
241 type => "string",
242 },
243 },
244 },
245 },
246 code => sub {
247 my ($param) = @_;
248
249 return $read_or_modify_user_bw_list->('WL', $param);
250 }});
251
252 __PACKAGE__->register_method ({
253 name => 'whitelist_add',
254 path => 'whitelist',
255 method => 'POST',
256 description => "Add user whitelist entries.",
257 permissions => { check => [ 'admin', 'qmanager', 'audit', 'quser'] },
258 protected => 1,
259 parameters => {
260 additionalProperties => 0,
261 properties => {
262 pmail => $pmail_param_type,
263 address => get_standard_option('pmg-whiteblacklist-entry-list', {
264 description => "The address you want to add.",
265 }),
266 },
267 },
268 returns => { type => 'null' },
269 code => sub {
270 my ($param) = @_;
271
272 my $addresses = [split(',', $param->{address})];
273 $read_or_modify_user_bw_list->('WL', $param, $addresses);
274
275 return undef;
276 }});
277
278 __PACKAGE__->register_method ({
279 name => 'whitelist_delete_base',
280 path => 'whitelist',
281 method => 'DELETE',
282 description => "Delete user whitelist entries.",
283 permissions => { check => [ 'admin', 'qmanager', 'audit', 'quser'] },
284 protected => 1,
285 parameters => {
286 additionalProperties => 0,
287 properties => {
288 pmail => $pmail_param_type,
289 address => get_standard_option('pmg-whiteblacklist-entry-list', {
290 pattern => '',
291 description => "The address you want to remove.",
292 }),
293 },
294 },
295 returns => { type => 'null' },
296 code => sub {
297 my ($param) = @_;
298
299 my $addresses = [split(',', $param->{address})];
300 $read_or_modify_user_bw_list->('WL', $param, $addresses, 1);
301
302 return undef;
303 }});
304
305 __PACKAGE__->register_method ({
306 name => 'whitelist_delete',
307 path => 'whitelist/{address}',
308 method => 'DELETE',
309 description => "Delete user whitelist entries.",
310 permissions => { check => [ 'admin', 'qmanager', 'audit', 'quser'] },
311 protected => 1,
312 parameters => {
313 additionalProperties => 0,
314 properties => {
315 pmail => $pmail_param_type,
316 address => get_standard_option('pmg-whiteblacklist-entry-list', {
317 description => "The address you want to remove.",
318 }),
319 },
320 },
321 returns => { type => 'null' },
322 code => sub {
323 my ($param) = @_;
324
325 my $addresses = [split(',', $param->{address})];
326 $read_or_modify_user_bw_list->('WL', $param, $addresses, 1);
327
328 return undef;
329 }});
330
331 __PACKAGE__->register_method ({
332 name => 'blacklist',
333 path => 'blacklist',
334 method => 'GET',
335 permissions => { check => [ 'admin', 'qmanager', 'audit', 'quser'] },
336 description => "Show user blacklist.",
337 parameters => {
338 additionalProperties => 0,
339 properties => {
340 pmail => $pmail_param_type,
341 },
342 },
343 returns => {
344 type => 'array',
345 items => {
346 type => "object",
347 properties => {
348 address => {
349 type => "string",
350 },
351 },
352 },
353 },
354 code => sub {
355 my ($param) = @_;
356
357 return $read_or_modify_user_bw_list->('BL', $param);
358 }});
359
360 __PACKAGE__->register_method ({
361 name => 'blacklist_add',
362 path => 'blacklist',
363 method => 'POST',
364 description => "Add user blacklist entries.",
365 permissions => { check => [ 'admin', 'qmanager', 'audit', 'quser'] },
366 protected => 1,
367 parameters => {
368 additionalProperties => 0,
369 properties => {
370 pmail => $pmail_param_type,
371 address => get_standard_option('pmg-whiteblacklist-entry-list', {
372 description => "The address you want to add.",
373 }),
374 },
375 },
376 returns => { type => 'null' },
377 code => sub {
378 my ($param) = @_;
379
380 my $addresses = [split(',', $param->{address})];
381 $read_or_modify_user_bw_list->('BL', $param, $addresses);
382
383 return undef;
384 }});
385
386 __PACKAGE__->register_method ({
387 name => 'blacklist_delete_base',
388 path => 'blacklist',
389 method => 'DELETE',
390 description => "Delete user blacklist entries.",
391 permissions => { check => [ 'admin', 'qmanager', 'audit', 'quser'] },
392 protected => 1,
393 parameters => {
394 additionalProperties => 0,
395 properties => {
396 pmail => $pmail_param_type,
397 address => get_standard_option('pmg-whiteblacklist-entry-list', {
398 pattern => '',
399 description => "The address you want to remove.",
400 }),
401 },
402 },
403 returns => { type => 'null' },
404 code => sub {
405 my ($param) = @_;
406
407 my $addresses = [split(',', $param->{address})];
408 $read_or_modify_user_bw_list->('BL', $param, $addresses, 1);
409
410 return undef;
411 }});
412
413 __PACKAGE__->register_method ({
414 name => 'blacklist_delete',
415 path => 'blacklist/{address}',
416 method => 'DELETE',
417 description => "Delete user blacklist entries.",
418 permissions => { check => [ 'admin', 'qmanager', 'audit', 'quser'] },
419 protected => 1,
420 parameters => {
421 additionalProperties => 0,
422 properties => {
423 pmail => $pmail_param_type,
424 address => get_standard_option('pmg-whiteblacklist-entry-list', {
425 description => "The address you want to remove.",
426 }),
427 },
428 },
429 returns => { type => 'null' },
430 code => sub {
431 my ($param) = @_;
432
433 my $addresses = [split(',', $param->{address})];
434 $read_or_modify_user_bw_list->('BL', $param, $addresses, 1);
435
436 return undef;
437 }});
438
439 __PACKAGE__->register_method ({
440 name => 'spamusers',
441 path => 'spamusers',
442 method => 'GET',
443 permissions => { check => [ 'admin', 'qmanager', 'audit'] },
444 description => "Get a list of receivers of spam in the given timespan (Default the last 24 hours).",
445 parameters => {
446 additionalProperties => 0,
447 properties => {
448 starttime => get_standard_option('pmg-starttime'),
449 endtime => get_standard_option('pmg-endtime'),
450 },
451 },
452 returns => {
453 type => 'array',
454 items => {
455 type => "object",
456 properties => {
457 mail => {
458 description => 'the receiving email',
459 type => 'string',
460 },
461 },
462 },
463 },
464 code => sub {
465 my ($param) = @_;
466
467 my $rpcenv = PMG::RESTEnvironment->get();
468 my $authuser = $rpcenv->get_user();
469
470 my $res = [];
471
472 my $dbh = PMG::DBTools::open_ruledb();
473
474 my $start = $param->{starttime} // (time - 86400);
475 my $end = $param->{endtime} // ($start + 86400);
476
477 my $sth = $dbh->prepare(
478 "SELECT DISTINCT pmail " .
479 "FROM CMailStore, CMSReceivers WHERE " .
480 "time >= $start AND time < $end AND " .
481 "QType = 'S' AND CID = CMailStore_CID AND RID = CMailStore_RID " .
482 "AND Status = 'N' ORDER BY pmail");
483
484 $sth->execute();
485
486 while (my $ref = $sth->fetchrow_hashref()) {
487 push @$res, { mail => $ref->{pmail} };
488 }
489
490 return $res;
491 }});
492
493 __PACKAGE__->register_method ({
494 name => 'spamstatus',
495 path => 'spamstatus',
496 method => 'GET',
497 permissions => { check => [ 'admin', 'qmanager', 'audit'] },
498 description => "Get Spam Quarantine Status",
499 parameters => {
500 additionalProperties => 0,
501 properties => {},
502 },
503 returns => {
504 type => "object",
505 properties => {
506 count => {
507 description => 'Number of stored mails.',
508 type => 'integer',
509 },
510 mbytes => {
511 description => "Estimated disk space usage in MByte.",
512 type => 'number',
513 },
514 avgbytes => {
515 description => "Average size of stored mails in bytes.",
516 type => 'number',
517 },
518 avgspam => {
519 description => "Average spam level.",
520 type => 'number',
521 },
522 },
523 },
524 code => sub {
525 my ($param) = @_;
526
527 my $dbh = PMG::DBTools::open_ruledb();
528 my $ref = PMG::DBTools::get_quarantine_count($dbh, 'S');
529
530 return $ref;
531 }});
532
533 __PACKAGE__->register_method ({
534 name => 'quarusers',
535 path => 'quarusers',
536 method => 'GET',
537 permissions => { check => [ 'admin', 'qmanager', 'audit'] },
538 description => "Get a list of users with whitelist/blacklist setttings.",
539 parameters => {
540 additionalProperties => 0,
541 properties => {
542 list => {
543 type => 'string',
544 description => 'If set, limits the result to the given list.',
545 enum => ['BL', 'WL'],
546 optional => 1,
547 },
548 },
549 },
550 returns => {
551 type => 'array',
552 items => {
553 type => "object",
554 properties => {
555 mail => {
556 description => 'the receiving email',
557 type => 'string',
558 },
559 },
560 },
561 },
562 code => sub {
563 my ($param) = @_;
564
565 my $rpcenv = PMG::RESTEnvironment->get();
566 my $authuser = $rpcenv->get_user();
567
568 my $res = [];
569
570 my $dbh = PMG::DBTools::open_ruledb();
571
572 my $sth;
573 if ($param->{list}) {
574 $sth = $dbh->prepare("SELECT DISTINCT pmail FROM UserPrefs WHERE name = ? ORDER BY pmail");
575 $sth->execute($param->{list});
576 } else {
577 $sth = $dbh->prepare("SELECT DISTINCT pmail FROM UserPrefs ORDER BY pmail");
578 $sth->execute();
579 }
580
581 while (my $ref = $sth->fetchrow_hashref()) {
582 push @$res, { mail => $ref->{pmail} };
583 }
584
585 return $res;
586 }});
587
588 my $quarantine_api = sub {
589 my ($param, $quartype, $check_pmail) = @_;
590
591 my $rpcenv = PMG::RESTEnvironment->get();
592 my $authuser = $rpcenv->get_user();
593
594 my $start = $param->{starttime} // (time - 86400);
595 my $end = $param->{endtime} // ($start + 86400);
596
597 my $select;
598 my $pmail;
599 if ($check_pmail) {
600 my $role = $rpcenv->get_role();
601 $pmail = $verify_optional_pmail->($authuser, $role, $param->{pmail});
602 $select = "SELECT * " .
603 "FROM CMailStore, CMSReceivers WHERE " .
604 "pmail = ? AND time >= $start AND time < $end AND " .
605 "QType = '$quartype' AND CID = CMailStore_CID AND RID = CMailStore_RID " .
606 "AND Status = 'N' ORDER BY pmail, time, receiver";
607 } else {
608 $select = "SELECT * " .
609 "FROM CMailStore, CMSReceivers WHERE " .
610 "time >= $start AND time < $end AND " .
611 "QType = '$quartype' AND CID = CMailStore_CID AND RID = CMailStore_RID " .
612 "AND Status = 'N' ORDER BY time, receiver";
613 }
614
615 my $res = [];
616
617 my $dbh = PMG::DBTools::open_ruledb();
618
619 my $sth = $dbh->prepare($select);
620
621 if ($check_pmail) {
622 $sth->execute($pmail);
623 } else {
624 $sth->execute();
625 }
626
627 while (my $ref = $sth->fetchrow_hashref()) {
628 my $data = $parse_header_info->($ref);
629 push @$res, $data;
630 }
631
632 return $res;
633 };
634
635 __PACKAGE__->register_method ({
636 name => 'spam',
637 path => 'spam',
638 method => 'GET',
639 permissions => { check => [ 'admin', 'qmanager', 'audit', 'quser'] },
640 description => "Get a list of quarantined spam mails in the given timeframe (default the last 24 hours) for the given user.",
641 parameters => {
642 additionalProperties => 0,
643 properties => {
644 starttime => get_standard_option('pmg-starttime'),
645 endtime => get_standard_option('pmg-endtime'),
646 pmail => $pmail_param_type,
647 },
648 },
649 returns => {
650 type => 'array',
651 items => {
652 type => "object",
653 properties => {
654 id => {
655 description => 'Unique ID',
656 type => 'string',
657 },
658 bytes => {
659 description => "Size of raw email.",
660 type => 'integer' ,
661 },
662 envelope_sender => {
663 description => "SMTP envelope sender.",
664 type => 'string',
665 },
666 from => {
667 description => "Header 'From' field.",
668 type => 'string',
669 },
670 sender => {
671 description => "Header 'Sender' field.",
672 type => 'string',
673 optional => 1,
674 },
675 receiver => {
676 description => "Receiver email address",
677 type => 'string',
678 },
679 subject => {
680 description => "Header 'Subject' field.",
681 type => 'string',
682 },
683 time => {
684 description => "Receive time stamp",
685 type => 'integer',
686 },
687 spamlevel => {
688 description => "Spam score.",
689 type => 'number',
690 },
691 },
692 },
693 },
694 code => sub {
695 my ($param) = @_;
696 return $quarantine_api->($param, 'S', 1);
697 }});
698
699 __PACKAGE__->register_method ({
700 name => 'virus',
701 path => 'virus',
702 method => 'GET',
703 permissions => { check => [ 'admin', 'qmanager', 'audit' ] },
704 description => "Get a list of quarantined virus mails in the given timeframe (default the last 24 hours).",
705 parameters => {
706 additionalProperties => 0,
707 properties => {
708 starttime => get_standard_option('pmg-starttime'),
709 endtime => get_standard_option('pmg-endtime'),
710 },
711 },
712 returns => {
713 type => 'array',
714 items => {
715 type => "object",
716 properties => {
717 id => {
718 description => 'Unique ID',
719 type => 'string',
720 },
721 bytes => {
722 description => "Size of raw email.",
723 type => 'integer' ,
724 },
725 envelope_sender => {
726 description => "SMTP envelope sender.",
727 type => 'string',
728 },
729 from => {
730 description => "Header 'From' field.",
731 type => 'string',
732 },
733 sender => {
734 description => "Header 'Sender' field.",
735 type => 'string',
736 optional => 1,
737 },
738 receiver => {
739 description => "Receiver email address",
740 type => 'string',
741 },
742 subject => {
743 description => "Header 'Subject' field.",
744 type => 'string',
745 },
746 time => {
747 description => "Receive time stamp",
748 type => 'integer',
749 },
750 virusname => {
751 description => "Virus name.",
752 type => 'string',
753 },
754 },
755 },
756 },
757 code => sub {
758 my ($param) = @_;
759 return $quarantine_api->($param, 'V');
760 }});
761
762 __PACKAGE__->register_method ({
763 name => 'attachment',
764 path => 'attachment',
765 method => 'GET',
766 permissions => { check => [ 'admin', 'qmanager', 'audit' ] },
767 description => "Get a list of quarantined attachment mails in the given timeframe (default the last 24 hours).",
768 parameters => {
769 additionalProperties => 0,
770 properties => {
771 starttime => get_standard_option('pmg-starttime'),
772 endtime => get_standard_option('pmg-endtime'),
773 },
774 },
775 returns => {
776 type => 'array',
777 items => {
778 type => "object",
779 properties => {
780 id => {
781 description => 'Unique ID',
782 type => 'string',
783 },
784 bytes => {
785 description => "Size of raw email.",
786 type => 'integer' ,
787 },
788 envelope_sender => {
789 description => "SMTP envelope sender.",
790 type => 'string',
791 },
792 from => {
793 description => "Header 'From' field.",
794 type => 'string',
795 },
796 sender => {
797 description => "Header 'Sender' field.",
798 type => 'string',
799 optional => 1,
800 },
801 receiver => {
802 description => "Receiver email address",
803 type => 'string',
804 },
805 subject => {
806 description => "Header 'Subject' field.",
807 type => 'string',
808 },
809 time => {
810 description => "Receive time stamp",
811 type => 'integer',
812 },
813 },
814 },
815 },
816 code => sub {
817 my ($param) = @_;
818 return $quarantine_api->($param, 'A');
819 }});
820
821 __PACKAGE__->register_method ({
822 name => 'virusstatus',
823 path => 'virusstatus',
824 method => 'GET',
825 permissions => { check => [ 'admin', 'qmanager', 'audit'] },
826 description => "Get Virus Quarantine Status",
827 parameters => {
828 additionalProperties => 0,
829 properties => {},
830 },
831 returns => {
832 type => "object",
833 properties => {
834 count => {
835 description => 'Number of stored mails.',
836 type => 'integer',
837 },
838 mbytes => {
839 description => "Estimated disk space usage in MByte.",
840 type => 'number',
841 },
842 avgbytes => {
843 description => "Average size of stored mails in bytes.",
844 type => 'number',
845 },
846 },
847 },
848 code => sub {
849 my ($param) = @_;
850
851 my $dbh = PMG::DBTools::open_ruledb();
852 my $ref = PMG::DBTools::get_quarantine_count($dbh, 'V');
853
854 delete $ref->{avgspam};
855
856 return $ref;
857 }});
858
859 my $get_and_check_mail = sub {
860 my ($id, $rpcenv, $dbh) = @_;
861
862 my ($cid, $rid, $tid) = $id =~ m/^C(\d+)R(\d+)T(\d+)$/;
863 $cid = int($cid);
864 $rid = int($rid);
865 $tid = int($tid);
866
867 if (!$dbh) {
868 $dbh = PMG::DBTools::open_ruledb();
869 }
870
871 my $ref = PMG::DBTools::load_mail_data($dbh, $cid, $rid, $tid);
872
873 my $authuser = $rpcenv->get_user();
874 my $role = $rpcenv->get_role();
875
876 if ($role eq 'quser') {
877 my $quar_username = $ref->{pmail} . '@quarantine';
878 raise_perm_exc("mail does not belong to user '$authuser' ($ref->{pmail})")
879 if $authuser ne $quar_username;
880 }
881
882 return $ref;
883 };
884
885 __PACKAGE__->register_method ({
886 name => 'content',
887 path => 'content',
888 method => 'GET',
889 permissions => { check => [ 'admin', 'qmanager', 'audit', 'quser'] },
890 description => "Get email data. There is a special formatter called 'htmlmail' to get sanitized html view of the mail content (use the '/api2/htmlmail/quarantine/content' url).",
891 parameters => {
892 additionalProperties => 0,
893 properties => {
894 id => {
895 description => 'Unique ID',
896 type => 'string',
897 pattern => 'C\d+R\d+T\d+',
898 maxLength => 60,
899 },
900 raw => {
901 description => "Display 'raw' eml data. Deactivates size limit.",
902 type => 'boolean',
903 optional => 1,
904 default => 0,
905 },
906 },
907 },
908 returns => {
909 type => "object",
910 properties => {
911 id => {
912 description => 'Unique ID',
913 type => 'string',
914 },
915 bytes => {
916 description => "Size of raw email.",
917 type => 'integer' ,
918 },
919 envelope_sender => {
920 description => "SMTP envelope sender.",
921 type => 'string',
922 },
923 from => {
924 description => "Header 'From' field.",
925 type => 'string',
926 },
927 sender => {
928 description => "Header 'Sender' field.",
929 type => 'string',
930 optional => 1,
931 },
932 receiver => {
933 description => "Receiver email address",
934 type => 'string',
935 },
936 subject => {
937 description => "Header 'Subject' field.",
938 type => 'string',
939 },
940 time => {
941 description => "Receive time stamp",
942 type => 'integer',
943 },
944 spamlevel => {
945 description => "Spam score.",
946 type => 'number',
947 },
948 spaminfo => {
949 description => "Information about matched spam tests (name, score, desc, url).",
950 type => 'array',
951 },
952 header => {
953 description => "Raw email header data.",
954 type => 'string',
955 },
956 content => {
957 description => "Raw email data (first 4096 bytes). Useful for preview. NOTE: The 'htmlmail' formatter displays the whole email.",
958 type => 'string',
959 },
960 },
961 },
962 code => sub {
963 my ($param) = @_;
964
965 my $rpcenv = PMG::RESTEnvironment->get();
966 my $format = $rpcenv->get_format();
967
968 my $raw = $param->{raw} // 0;
969
970 my $ref = $get_and_check_mail->($param->{id}, $rpcenv);
971
972 my $res = $parse_header_info->($ref);
973
974 my $filename = $ref->{file};
975 my $spooldir = $PMG::MailQueue::spooldir;
976
977 my $path = "$spooldir/$filename";
978
979 if ($format eq 'htmlmail') {
980
981 my $cfg = PMG::Config->new();
982 my $viewimages = $cfg->get('spamquar', 'viewimages');
983 my $allowhref = $cfg->get('spamquar', 'allowhrefs');
984
985 $res->{content} = PMG::HTMLMail::email_to_html($path, $raw, $viewimages, $allowhref) // 'unable to parse mail';
986
987 # to make result verification happy
988 $res->{file} = '';
989 $res->{header} = '';
990 $res->{spamlevel} = 0;
991 $res->{spaminfo} = [];
992 } else {
993 # include additional details
994
995 # we want to get the whole email in raw mode
996 my $maxbytes = (!$raw)? 4096 : undef;
997
998 my ($header, $content) = PMG::HTMLMail::read_raw_email($path, $maxbytes);
999
1000 $res->{file} = $ref->{file};
1001 $res->{spaminfo} = decode_spaminfo($ref->{info});
1002 $res->{header} = $header;
1003 $res->{content} = $content;
1004 }
1005
1006 return $res;
1007
1008 }});
1009
1010 my $get_attachments = sub {
1011 my ($mailid, $dumpdir, $with_path) = @_;
1012
1013 my $rpcenv = PMG::RESTEnvironment->get();
1014
1015 my $ref = $get_and_check_mail->($mailid, $rpcenv);
1016
1017 my $filename = $ref->{file};
1018 my $spooldir = $PMG::MailQueue::spooldir;
1019
1020 my $parser = PMG::MIMEUtils::new_mime_parser({
1021 nested => 1,
1022 decode_bodies => 0,
1023 extract_uuencode => 0,
1024 dumpdir => $dumpdir,
1025 });
1026
1027 my $entity = $parser->parse_open("$spooldir/$filename");
1028 PMG::MIMEUtils::fixup_multipart($entity);
1029 PMG::MailQueue::decode_entities($parser, 'attachmentquarantine', $entity);
1030
1031 my $res = [];
1032 my $id = 0;
1033
1034 PMG::MIMEUtils::traverse_mime_parts($entity, sub {
1035 my ($part) = @_;
1036 my $name = PMG::Utils::extract_filename($part->head) || "part-$id";
1037 my $attachment_path = $part->{PMX_decoded_path};
1038 return if !$attachment_path || ! -f $attachment_path;
1039 my $size = -s $attachment_path // 0;
1040 my $entry = {
1041 id => $id,
1042 name => $name,
1043 size => $size,
1044 'content-type' => $part->head->mime_attr('content-type'),
1045 };
1046 $entry->{path} = $attachment_path if $with_path;
1047 push @$res, $entry;
1048 $id++;
1049 });
1050
1051 return $res;
1052 };
1053
1054 __PACKAGE__->register_method ({
1055 name => 'listattachments',
1056 path => 'listattachments',
1057 method => 'GET',
1058 permissions => { check => [ 'admin', 'qmanager', 'audit'] },
1059 description => "Get Attachments for E-Mail in Quarantine.",
1060 parameters => {
1061 additionalProperties => 0,
1062 properties => {
1063 id => {
1064 description => 'Unique ID',
1065 type => 'string',
1066 pattern => 'C\d+R\d+T\d+',
1067 maxLength => 60,
1068 },
1069 },
1070 },
1071 returns => {
1072 type => "array",
1073 items => {
1074 type => "object",
1075 properties => {
1076 id => {
1077 description => 'Attachment ID',
1078 type => 'integer',
1079 },
1080 size => {
1081 description => "Size of raw attachment in bytes.",
1082 type => 'integer' ,
1083 },
1084 name => {
1085 description => "Raw email header data.",
1086 type => 'string',
1087 },
1088 'content-type' => {
1089 description => "Raw email header data.",
1090 type => 'string',
1091 },
1092 },
1093 },
1094 },
1095 code => sub {
1096 my ($param) = @_;
1097
1098 my $dumpdir = "/run/pmgproxy/pmg-$param->{id}-$$";
1099 my $res = $get_attachments->($param->{id}, $dumpdir);
1100 rmtree $dumpdir;
1101
1102 return $res;
1103
1104 }});
1105
1106 __PACKAGE__->register_method ({
1107 name => 'download',
1108 path => 'download',
1109 method => 'GET',
1110 permissions => { check => [ 'admin', 'qmanager', 'audit', 'quser'] },
1111 description => "Download E-Mail or Attachment from Quarantine.",
1112 download => 1,
1113 parameters => {
1114 additionalProperties => 0,
1115 properties => {
1116 mailid => {
1117 description => 'Unique ID',
1118 type => 'string',
1119 pattern => 'C\d+R\d+T\d+',
1120 maxLength => 60,
1121 },
1122 attachmentid => {
1123 description => "The Attachment ID for the mail.",
1124 type => 'integer',
1125 optional => 1,
1126 },
1127 },
1128 },
1129 returns => {
1130 type => "object",
1131 },
1132 code => sub {
1133 my ($param) = @_;
1134
1135 my $mailid = $param->{mailid};
1136 my $attachmentid = $param->{attachmentid};
1137
1138 my $dumpdir = "/run/pmgproxy/pmg-$mailid-$$/";
1139 my $res;
1140
1141 if ($attachmentid) {
1142 my $attachments = $get_attachments->($mailid, $dumpdir, 1);
1143 $res = $attachments->[$attachmentid];
1144 if (!$res) {
1145 raise_param_exc({ attachmentid => "Invalid Attachment ID for Mail."});
1146 }
1147 } else {
1148 my $rpcenv = PMG::RESTEnvironment->get();
1149 my $ref = $get_and_check_mail->($mailid, $rpcenv);
1150 my $spooldir = $PMG::MailQueue::spooldir;
1151
1152 $res = {
1153 'content-type' => 'message/rfc822',
1154 path => "$spooldir/$ref->{file}",
1155 };
1156 }
1157
1158 $res->{fh} = IO::File->new($res->{path}, '<') ||
1159 die "unable to open file '$res->{path}' - $!\n";
1160
1161 rmtree $dumpdir if -e $dumpdir;
1162
1163 return $res;
1164
1165 }});
1166
1167 PVE::APIServer::Formatter::register_page_formatter(
1168 'format' => 'htmlmail',
1169 method => 'GET',
1170 path => '/quarantine/content',
1171 code => sub {
1172 my ($res, $data, $param, $path, $auth, $config) = @_;
1173
1174 if(!HTTP::Status::is_success($res->{status})) {
1175 return ("Error $res->{status}: $res->{message}", "text/plain");
1176 }
1177
1178 my $ct = "text/html;charset=UTF-8";
1179
1180 my $raw = $data->{content};
1181
1182 return (encode('UTF-8', $raw), $ct, 1);
1183 });
1184
1185 __PACKAGE__->register_method ({
1186 name =>'action',
1187 path => 'content',
1188 method => 'POST',
1189 description => "Execute quarantine actions.",
1190 permissions => { check => [ 'admin', 'qmanager', 'quser'] },
1191 protected => 1,
1192 parameters => {
1193 additionalProperties => 0,
1194 properties => {
1195 id => {
1196 description => 'Unique IDs, seperate with ;',
1197 type => 'string',
1198 pattern => 'C\d+R\d+T\d+(;C\d+R\d+T\d+)*',
1199 },
1200 action => {
1201 description => 'Action - specify what you want to do with the mail.',
1202 type => 'string',
1203 enum => ['whitelist', 'blacklist', 'deliver', 'delete'],
1204 },
1205 },
1206 },
1207 returns => { type => "null" },
1208 code => sub {
1209 my ($param) = @_;
1210
1211 my $rpcenv = PMG::RESTEnvironment->get();
1212 my $action = $param->{action};
1213 my @idlist = split(';', $param->{id});
1214
1215 my $dbh = PMG::DBTools::open_ruledb();
1216
1217 for my $id (@idlist) {
1218
1219 my $ref = $get_and_check_mail->($id, $rpcenv, $dbh);
1220 my $sender = $get_real_sender->($ref);
1221
1222 if ($action eq 'whitelist') {
1223 PMG::Quarantine::add_to_blackwhite($dbh, $ref->{pmail}, 'WL', [ $sender ]);
1224 } elsif ($action eq 'blacklist') {
1225 PMG::Quarantine::add_to_blackwhite($dbh, $ref->{pmail}, 'BL', [ $sender ]);
1226 } elsif ($action eq 'deliver') {
1227 PMG::Quarantine::deliver_quarantined_mail($dbh, $ref, $ref->{receiver} // $ref->{pmail});
1228 } elsif ($action eq 'delete') {
1229 PMG::Quarantine::delete_quarantined_mail($dbh, $ref);
1230 } else {
1231 die "internal error"; # should not be reached
1232 }
1233 }
1234
1235 return undef;
1236 }});
1237
1238 1;
PMG API