wildduck/lib/api/mailboxes.js

614 lines
19 KiB
JavaScript
Raw Normal View History

2017-07-26 16:52:55 +08:00
'use strict';
const Joi = require('joi');
const ObjectId = require('mongodb').ObjectId;
2017-07-26 16:52:55 +08:00
const imapTools = require('../../imap-core/lib/imap-tools');
const tools = require('../tools');
2018-08-30 17:24:21 +08:00
const roles = require('../roles');
const util = require('util');
2020-07-20 01:51:06 +08:00
const { sessSchema, sessIPSchema, booleanSchema } = require('../schemas');
2017-07-26 16:52:55 +08:00
module.exports = (db, server, mailboxHandler) => {
2018-08-30 17:24:21 +08:00
const getMailboxCounter = util.promisify(tools.getMailboxCounter);
2018-08-30 17:47:31 +08:00
const updateMailbox = util.promisify(mailboxHandler.update.bind(mailboxHandler));
const deleteMailbox = util.promisify(mailboxHandler.del.bind(mailboxHandler));
2018-08-30 17:42:06 +08:00
const createMailbox = util.promisify((...args) => {
let callback = args.pop();
mailboxHandler.create(...args, (err, status, id) => {
if (err) {
return callback(err);
}
return callback(null, { status, id });
});
});
2018-08-30 17:24:21 +08:00
server.get(
'/users/:user/mailboxes',
tools.asyncifyJson(async (req, res, next) => {
res.charSet('utf-8');
const schema = Joi.object().keys({
2020-07-02 18:08:16 +08:00
user: Joi.string().hex().lowercase().length(24).required(),
2020-07-20 01:51:06 +08:00
specialUse: booleanSchema.default(false),
showHidden: booleanSchema.default(false),
counters: booleanSchema.default(false),
sizes: booleanSchema.default(false),
sess: sessSchema,
ip: sessIPSchema
2017-07-26 16:52:55 +08:00
});
2020-07-20 01:51:06 +08:00
const result = schema.validate(req.params, {
2018-08-30 17:24:21 +08:00
abortEarly: false,
convert: true
});
if (result.error) {
res.status(400);
2018-08-30 17:24:21 +08:00
res.json({
error: result.error.message,
code: 'InputValidationError',
details: tools.validationErrors(result)
2018-08-30 17:24:21 +08:00
});
return next();
}
// permissions check
if (req.user && req.user === result.value.user) {
req.validate(roles.can(req.role).readOwn('mailboxes'));
} else {
req.validate(roles.can(req.role).readAny('mailboxes'));
}
let user = new ObjectId(result.value.user);
2018-08-30 17:24:21 +08:00
let counters = result.value.counters;
let sizes = result.value.sizes;
let sizeValues = false;
2018-08-30 17:24:21 +08:00
let userData;
try {
userData = await db.users.collection('users').findOne(
{
_id: user
},
{
projection: {
address: true
}
}
);
} catch (err) {
2021-05-20 19:47:20 +08:00
res.status(500);
2018-08-30 17:24:21 +08:00
res.json({
error: 'MongoDB Error: ' + err.message,
code: 'InternalDatabaseError'
});
return next();
}
if (!userData) {
2021-05-20 19:47:20 +08:00
res.status(404);
2018-08-30 17:24:21 +08:00
res.json({
error: 'This user does not exist',
code: 'UserNotFound'
});
return next();
}
if (sizes) {
try {
sizeValues = await db.database
.collection('messages')
.aggregate([
{
$match: {
user
}
},
{
$project: {
mailbox: '$mailbox',
size: '$size'
}
},
{
$group: {
_id: '$mailbox',
mailboxSize: {
$sum: '$size'
}
}
}
])
.toArray();
} catch (err) {
// ignore
}
}
2018-08-30 17:24:21 +08:00
let mailboxes;
try {
mailboxes = await db.database
2017-11-28 17:51:45 +08:00
.collection('mailboxes')
.find({
user
})
2018-08-30 17:24:21 +08:00
.toArray();
} catch (err) {
2021-05-20 19:47:20 +08:00
res.status(500);
2018-08-30 17:24:21 +08:00
res.json({
error: 'MongoDB Error: ' + err.message,
code: 'InternalDatabaseError'
});
return next();
}
2017-07-26 16:52:55 +08:00
2018-08-30 17:24:21 +08:00
if (!mailboxes) {
mailboxes = [];
}
if (result.value.specialUse) {
mailboxes = mailboxes.filter(mailboxData => mailboxData.path === 'INBOX' || mailboxData.specialUse);
}
2018-08-30 17:24:21 +08:00
2020-07-02 18:08:16 +08:00
if (!result.value.showHidden) {
mailboxes = mailboxes.filter(mailboxData => !mailboxData.hidden);
}
2019-07-31 16:26:38 +08:00
mailboxes = mailboxes
.map(mailboxData => mailboxData)
.sort((a, b) => {
if (a.path === 'INBOX') {
return -1;
}
if (b.path === 'INBOX') {
return 1;
}
if (a.path.indexOf('INBOX/') === 0 && b.path.indexOf('INBOX/') !== 0) {
return -1;
}
if (a.path.indexOf('INBOX/') !== 0 && b.path.indexOf('INBOX/') === 0) {
return 1;
}
if (a.subscribed !== b.subscribed) {
return (a.subscribed ? 0 : 1) - (b.subscribed ? 0 : 1);
}
return a.path.localeCompare(b.path);
});
2018-08-30 17:24:21 +08:00
let responses = [];
2019-07-31 16:26:38 +08:00
let counterOps = [];
2018-08-30 17:24:21 +08:00
for (let mailboxData of mailboxes) {
let path = mailboxData.path.split('/');
let name = path.pop();
let response = {
2021-01-07 15:41:48 +08:00
id: mailboxData._id.toString(),
2018-08-30 17:24:21 +08:00
name,
path: mailboxData.path,
specialUse: mailboxData.specialUse,
modifyIndex: mailboxData.modifyIndex,
2020-07-02 18:08:16 +08:00
subscribed: mailboxData.subscribed,
hidden: !mailboxData.hidden
2018-08-30 17:24:21 +08:00
};
if (mailboxData.retention) {
response.retention = mailboxData.retention;
}
if (sizeValues) {
for (let sizeValue of sizeValues) {
if (mailboxData._id.equals(sizeValue._id)) {
response.size = sizeValue.mailboxSize;
break;
}
}
}
2018-08-30 17:24:21 +08:00
if (!counters) {
responses.push(response);
continue;
}
let total, unseen;
2017-07-26 16:52:55 +08:00
2019-07-31 16:32:41 +08:00
counterOps.push(
(async () => {
try {
total = await getMailboxCounter(db, mailboxData._id, false);
} catch (err) {
// ignore
}
response.total = total;
})()
);
2018-08-30 17:24:21 +08:00
2019-07-31 16:32:41 +08:00
counterOps.push(
(async () => {
try {
unseen = await getMailboxCounter(db, mailboxData._id, 'unseen');
} catch (err) {
// ignore
}
response.unseen = unseen;
})()
);
2018-08-30 17:24:21 +08:00
responses.push(response);
2017-11-28 17:51:45 +08:00
}
2018-08-30 17:24:21 +08:00
2019-07-31 16:26:38 +08:00
if (counterOps.length) {
await Promise.all(counterOps);
}
2018-08-30 17:24:21 +08:00
res.json({
success: true,
results: responses
});
})
);
2017-07-26 16:52:55 +08:00
2018-08-30 17:42:06 +08:00
server.post(
'/users/:user/mailboxes',
tools.asyncifyJson(async (req, res, next) => {
res.charSet('utf-8');
2017-07-26 16:52:55 +08:00
2018-08-30 17:42:06 +08:00
const schema = Joi.object().keys({
2020-07-02 18:08:16 +08:00
user: Joi.string().hex().lowercase().length(24).required(),
2018-08-30 17:42:06 +08:00
path: Joi.string()
2018-10-19 00:07:13 +08:00
.regex(/\/{2,}|\/$/, { invert: true })
2018-08-30 17:42:06 +08:00
.required(),
2020-07-20 01:51:06 +08:00
hidden: booleanSchema.default(false),
retention: Joi.number().min(0),
2020-07-20 01:51:06 +08:00
sess: sessSchema,
ip: sessIPSchema
2018-08-30 17:42:06 +08:00
});
2017-07-26 16:52:55 +08:00
2020-07-20 01:51:06 +08:00
const result = schema.validate(req.params, {
2018-08-30 17:42:06 +08:00
abortEarly: false,
convert: true
2017-07-26 16:52:55 +08:00
});
2018-08-30 17:42:06 +08:00
if (result.error) {
res.status(400);
2018-08-30 17:42:06 +08:00
res.json({
error: result.error.message,
code: 'InputValidationError',
details: tools.validationErrors(result)
2018-08-30 17:42:06 +08:00
});
return next();
}
2017-07-26 16:52:55 +08:00
2018-08-30 17:42:06 +08:00
// permissions check
if (req.user && req.user === result.value.user) {
req.validate(roles.can(req.role).createOwn('mailboxes'));
} else {
req.validate(roles.can(req.role).createAny('mailboxes'));
}
2017-07-26 16:52:55 +08:00
let user = new ObjectId(result.value.user);
2018-08-30 17:42:06 +08:00
let path = imapTools.normalizeMailbox(result.value.path);
let retention = result.value.retention;
let opts = {
2020-07-02 18:23:06 +08:00
subscribed: true,
hidden: !!result.value.hidden
2018-08-30 17:42:06 +08:00
};
2020-07-02 18:23:06 +08:00
2018-08-30 17:42:06 +08:00
if (retention) {
opts.retention = retention;
}
let status, id;
try {
let data = await createMailbox(user, path, opts);
status = data.status;
id = data.id;
} catch (err) {
2021-05-20 19:47:20 +08:00
res.status(500); // TODO: use response code specific status
2017-07-26 16:52:55 +08:00
res.json({
2018-08-30 17:47:31 +08:00
error: err.message,
code: err.code
2017-07-26 16:52:55 +08:00
});
return next();
}
if (typeof status === 'string') {
res.json({
error: 'Mailbox creation failed with code ' + status
});
return next();
}
res.json({
success: !!status,
id
});
return next();
2018-08-30 17:42:06 +08:00
})
);
2017-07-26 16:52:55 +08:00
2018-08-30 17:42:06 +08:00
server.get(
'/users/:user/mailboxes/:mailbox',
tools.asyncifyJson(async (req, res, next) => {
res.charSet('utf-8');
const schema = Joi.object().keys({
2020-07-02 18:08:16 +08:00
user: Joi.string().hex().lowercase().length(24).required(),
mailbox: Joi.string().hex().lowercase().length(24).allow('resolve').required(),
2020-07-16 16:15:04 +08:00
path: Joi.string().regex(/\/{2,}|\/$/, { invert: true }),
2020-07-20 01:51:06 +08:00
sess: sessSchema,
ip: sessIPSchema
2018-08-30 17:42:06 +08:00
});
2017-07-26 16:52:55 +08:00
2020-07-20 01:51:06 +08:00
const result = schema.validate(req.params, {
2018-08-30 17:42:06 +08:00
abortEarly: false,
convert: true
2017-07-26 16:52:55 +08:00
});
2018-08-30 17:42:06 +08:00
if (result.error) {
res.status(400);
2018-08-30 17:42:06 +08:00
res.json({
error: result.error.message,
code: 'InputValidationError',
details: tools.validationErrors(result)
2018-08-30 17:42:06 +08:00
});
return next();
}
2018-01-25 03:04:53 +08:00
2018-08-30 17:42:06 +08:00
// permissions check
if (req.user && req.user === result.value.user) {
req.validate(roles.can(req.role).readOwn('mailboxes'));
} else {
req.validate(roles.can(req.role).readAny('mailboxes'));
}
2018-01-25 03:04:53 +08:00
let user = new ObjectId(result.value.user);
let mailbox = result.value.mailbox !== 'resolve' ? new ObjectId(result.value.mailbox) : 'resolve';
2018-08-30 17:42:06 +08:00
let userData;
try {
userData = await db.users.collection('users').findOne(
{
_id: user
},
{
projection: {
address: true
}
2018-01-25 03:04:53 +08:00
}
2018-08-30 17:42:06 +08:00
);
} catch (err) {
2021-05-20 19:47:20 +08:00
res.status(500);
2018-08-30 17:42:06 +08:00
res.json({
error: 'MongoDB Error: ' + err.message,
code: 'InternalDatabaseError'
});
return next();
}
if (!userData) {
2021-05-20 19:47:20 +08:00
res.status(404);
2018-08-30 17:42:06 +08:00
res.json({
error: 'This user does not exist',
code: 'UserNotFound'
});
return next();
}
2018-01-25 03:04:53 +08:00
2018-08-30 17:42:06 +08:00
let mailboxQuery = {
_id: mailbox,
user
};
2017-11-28 17:51:45 +08:00
2018-08-30 17:42:06 +08:00
if (mailbox === 'resolve') {
mailboxQuery = {
2020-07-16 16:15:04 +08:00
path: result.value.path,
2018-08-30 17:42:06 +08:00
user
};
}
2017-11-28 17:51:45 +08:00
2018-08-30 17:42:06 +08:00
let mailboxData;
try {
mailboxData = await db.database.collection('mailboxes').findOne(mailboxQuery);
} catch (err) {
2021-05-20 19:47:20 +08:00
res.status(500);
2018-08-30 17:42:06 +08:00
res.json({
error: 'MongoDB Error: ' + err.message,
code: 'InternalDatabaseError'
2018-01-25 03:04:53 +08:00
});
2018-08-30 17:42:06 +08:00
return next();
2017-11-28 17:51:45 +08:00
}
2018-08-30 17:42:06 +08:00
if (!mailboxData) {
2021-05-20 19:47:20 +08:00
res.status(404);
2018-08-30 17:42:06 +08:00
res.json({
2018-08-30 18:14:13 +08:00
error: 'This mailbox does not exist',
code: 'NoSuchMailbox'
2018-08-30 17:42:06 +08:00
});
return next();
}
mailbox = mailboxData._id;
let path = mailboxData.path.split('/');
let name = path.pop();
let total, unseen;
try {
total = await getMailboxCounter(db, mailboxData._id, false);
} catch (err) {
// ignore
}
try {
unseen = await getMailboxCounter(db, mailboxData._id, 'unseen');
} catch (err) {
// ignore
}
res.json({
success: true,
id: mailbox,
name,
path: mailboxData.path,
specialUse: mailboxData.specialUse,
modifyIndex: mailboxData.modifyIndex,
subscribed: mailboxData.subscribed,
2020-07-02 18:08:16 +08:00
hidden: !!mailboxData.hidden,
2018-08-30 17:42:06 +08:00
total,
unseen
});
return next();
})
);
2017-07-26 16:52:55 +08:00
2018-08-30 17:47:31 +08:00
server.put(
'/users/:user/mailboxes/:mailbox',
tools.asyncifyJson(async (req, res, next) => {
res.charSet('utf-8');
2017-07-26 16:52:55 +08:00
2018-08-30 17:47:31 +08:00
const schema = Joi.object().keys({
2020-07-02 18:08:16 +08:00
user: Joi.string().hex().lowercase().length(24).required(),
mailbox: Joi.string().hex().lowercase().length(24).required(),
2018-10-19 00:07:13 +08:00
path: Joi.string().regex(/\/{2,}|\/$/, { invert: true }),
2020-07-02 18:08:16 +08:00
retention: Joi.number().empty('').min(0),
2020-07-20 01:51:06 +08:00
subscribed: booleanSchema,
hidden: booleanSchema,
sess: sessSchema,
ip: sessIPSchema
2018-08-30 17:47:31 +08:00
});
2017-07-26 16:52:55 +08:00
2020-07-20 01:51:06 +08:00
const result = schema.validate(req.params, {
2018-08-30 17:47:31 +08:00
abortEarly: false,
convert: true
2017-07-26 16:52:55 +08:00
});
2018-08-30 17:47:31 +08:00
if (result.error) {
res.status(400);
2018-08-30 17:47:31 +08:00
res.json({
error: result.error.message,
code: 'InputValidationError',
details: tools.validationErrors(result)
2018-08-30 17:47:31 +08:00
});
return next();
}
2017-07-26 16:52:55 +08:00
2018-08-30 17:47:31 +08:00
// permissions check
if (req.user && req.user === result.value.user) {
req.validate(roles.can(req.role).updateOwn('mailboxes'));
} else {
req.validate(roles.can(req.role).updateAny('mailboxes'));
2017-07-26 16:52:55 +08:00
}
let user = new ObjectId(result.value.user);
let mailbox = new ObjectId(result.value.mailbox);
2018-08-30 17:47:31 +08:00
let updates = {};
let update = false;
Object.keys(result.value || {}).forEach(key => {
if (!['user', 'mailbox'].includes(key)) {
updates[key] = result.value[key];
update = true;
}
2017-07-26 16:52:55 +08:00
});
2018-08-30 17:47:31 +08:00
if (!update) {
res.json({
error: 'Nothing was changed'
});
return next();
}
let status;
try {
status = await updateMailbox(user, mailbox, updates);
} catch (err) {
2021-05-20 19:47:20 +08:00
res.status(500); // TODO: use response code specific status
2017-07-26 16:52:55 +08:00
res.json({
2018-08-30 17:47:31 +08:00
error: err.message,
code: err.code
2017-07-26 16:52:55 +08:00
});
return next();
}
if (typeof status === 'string') {
res.json({
error: 'Mailbox update failed with code ' + status
});
return next();
}
res.json({
success: true
});
return next();
2018-08-30 17:47:31 +08:00
})
);
2017-07-26 16:52:55 +08:00
2018-08-30 17:47:31 +08:00
server.del(
'/users/:user/mailboxes/:mailbox',
tools.asyncifyJson(async (req, res, next) => {
res.charSet('utf-8');
2017-07-26 16:52:55 +08:00
2018-08-30 17:47:31 +08:00
const schema = Joi.object().keys({
2020-07-02 18:08:16 +08:00
user: Joi.string().hex().lowercase().length(24).required(),
mailbox: Joi.string().hex().lowercase().length(24).required(),
2020-07-20 01:51:06 +08:00
sess: sessSchema,
ip: sessIPSchema
2018-08-30 17:47:31 +08:00
});
2017-07-26 16:52:55 +08:00
2020-07-20 01:51:06 +08:00
const result = schema.validate(req.params, {
2018-08-30 17:47:31 +08:00
abortEarly: false,
convert: true
2017-07-26 16:52:55 +08:00
});
2018-08-30 17:47:31 +08:00
if (result.error) {
res.status(400);
2018-08-30 17:47:31 +08:00
res.json({
error: result.error.message,
code: 'InputValidationError',
details: tools.validationErrors(result)
2018-08-30 17:47:31 +08:00
});
return next();
}
2017-07-26 16:52:55 +08:00
2018-08-30 17:47:31 +08:00
// permissions check
if (req.user && req.user === result.value.user) {
req.validate(roles.can(req.role).deleteOwn('mailboxes'));
} else {
req.validate(roles.can(req.role).deleteAny('mailboxes'));
}
let user = new ObjectId(result.value.user);
let mailbox = new ObjectId(result.value.mailbox);
2018-08-30 17:47:31 +08:00
let status;
try {
status = await deleteMailbox(user, mailbox);
} catch (err) {
2021-05-20 19:47:20 +08:00
res.status(500); // TODO: use response code specific status
2017-07-26 16:52:55 +08:00
res.json({
2018-08-30 17:47:31 +08:00
error: err.message,
code: err.code
2017-07-26 16:52:55 +08:00
});
return next();
}
if (typeof status === 'string') {
2021-05-20 19:47:20 +08:00
res.status(500); // TODO: use response code specific status
2017-07-26 16:52:55 +08:00
res.json({
2018-08-30 17:47:31 +08:00
error: 'Mailbox deletion failed with code ' + status,
code: status
2017-07-26 16:52:55 +08:00
});
return next();
}
res.json({
success: true
});
return next();
2018-08-30 17:47:31 +08:00
})
);
2017-07-26 16:52:55 +08:00
};