mirror of
				https://github.com/nodemailer/wildduck.git
				synced 2025-10-25 05:27:35 +08:00 
			
		
		
		
	
		
			
				
	
	
		
			349 lines
		
	
	
	
		
			12 KiB
		
	
	
	
		
			JavaScript
		
	
	
	
	
	
			
		
		
	
	
			349 lines
		
	
	
	
		
			12 KiB
		
	
	
	
		
			JavaScript
		
	
	
	
	
	
| 'use strict';
 | |
| 
 | |
| const Joi = require('joi');
 | |
| const ObjectID = require('mongodb').ObjectID;
 | |
| const tools = require('../tools');
 | |
| const roles = require('../roles');
 | |
| 
 | |
| module.exports = (db, server) => {
 | |
|     /**
 | |
|      * @api {put} /users/:user/autoreply Update Autoreply information
 | |
|      * @apiName PutAutoreply
 | |
|      * @apiGroup Autoreplies
 | |
|      * @apiHeader {String} X-Access-Token Optional access token if authentication is enabled
 | |
|      * @apiHeaderExample {json} Header-Example:
 | |
|      * {
 | |
|      *   "X-Access-Token": "59fc66a03e54454869460e45"
 | |
|      * }
 | |
|      *
 | |
|      * @apiParam {String} user ID of the User
 | |
|      * @apiParam {Boolean} [status] Is the autoreply enabled (true) or not (false)
 | |
|      * @apiParam {String} [name] Name that is used for the From: header in autoreply message
 | |
|      * @apiParam {String} [subject] Subject line for the autoreply. If empty then uses subject of the original message
 | |
|      * @apiParam {String} [html] HTML formatted content of the autoreply message
 | |
|      * @apiParam {String} [text] Plaintext formatted content of the autoreply message
 | |
|      * @apiParam {String} [start] Datestring of the start of the autoreply or boolean false to disable start checks
 | |
|      * @apiParam {String} [end] Datestring of the end of the autoreply or boolean false to disable end checks
 | |
|      *
 | |
|      * @apiSuccess {Boolean} success Indicates successful response
 | |
|      *
 | |
|      * @apiError error Description of the error
 | |
|      *
 | |
|      * @apiExample {curl} Example usage:
 | |
|      *     curl -i -XPUT http://localhost:8080/users/59fc66a03e54454869460e45/autoreply \
 | |
|      *     -H 'Content-type: application/json' \
 | |
|      *     -d '{
 | |
|      *       "status": true,
 | |
|      *       "text": "Away from office until Dec.19",
 | |
|      *       "start": "2017-11-15T00:00:00.000Z",
 | |
|      *       "end": "2017-12-19T00:00:00.000Z"
 | |
|      *     }'
 | |
|      *
 | |
|      * @apiSuccessExample {json} Success-Response:
 | |
|      *     HTTP/1.1 200 OK
 | |
|      *     {
 | |
|      *       "success": true
 | |
|      *     }
 | |
|      *
 | |
|      * @apiErrorExample {json} Error-Response:
 | |
|      *     HTTP/1.1 200 OK
 | |
|      *     {
 | |
|      *       "error": "This user does not exist"
 | |
|      *     }
 | |
|      */
 | |
|     server.put(
 | |
|         '/users/:user/autoreply',
 | |
|         tools.asyncifyJson(async (req, res, next) => {
 | |
|             res.charSet('utf-8');
 | |
| 
 | |
|             const schema = Joi.object().keys({
 | |
|                 user: Joi.string()
 | |
|                     .hex()
 | |
|                     .lowercase()
 | |
|                     .length(24)
 | |
|                     .required(),
 | |
|                 status: Joi.boolean()
 | |
|                     .truthy(['Y', 'true', 'yes', 'on', '1', 1])
 | |
|                     .falsy(['N', 'false', 'no', 'off', '0', 0, ''])
 | |
|                     .default(false),
 | |
|                 name: Joi.string()
 | |
|                     .empty('')
 | |
|                     .trim()
 | |
|                     .max(128),
 | |
|                 subject: Joi.string()
 | |
|                     .empty('')
 | |
|                     .trim()
 | |
|                     .max(128),
 | |
|                 text: Joi.string()
 | |
|                     .empty('')
 | |
|                     .trim()
 | |
|                     .max(128 * 1024),
 | |
|                 html: Joi.string()
 | |
|                     .empty('')
 | |
|                     .trim()
 | |
|                     .max(128 * 1024),
 | |
|                 start: Joi.date()
 | |
|                     .empty('')
 | |
|                     .allow(false),
 | |
|                 end: Joi.date()
 | |
|                     .empty('')
 | |
|                     .allow(false),
 | |
|                 sess: Joi.string().max(255),
 | |
|                 ip: Joi.string().ip({
 | |
|                     version: ['ipv4', 'ipv6'],
 | |
|                     cidr: 'forbidden'
 | |
|                 })
 | |
|             });
 | |
| 
 | |
|             const result = Joi.validate(req.params, schema, {
 | |
|                 abortEarly: false,
 | |
|                 convert: true
 | |
|             });
 | |
| 
 | |
|             if (result.error) {
 | |
|                 res.json({
 | |
|                     error: result.error.message,
 | |
|                     code: 'InputValidationError'
 | |
|                 });
 | |
|                 return next();
 | |
|             }
 | |
| 
 | |
|             // permissions check
 | |
|             if (req.user && req.user === result.value.user) {
 | |
|                 req.validate(roles.can(req.role).updateOwn('autoreplies'));
 | |
|             } else {
 | |
|                 req.validate(roles.can(req.role).updateAny('autoreplies'));
 | |
|             }
 | |
| 
 | |
|             if (!result.value.name && 'name' in req.params) {
 | |
|                 result.value.name = '';
 | |
|             }
 | |
| 
 | |
|             if (!result.value.subject && 'subject' in req.params) {
 | |
|                 result.value.subject = '';
 | |
|             }
 | |
| 
 | |
|             if (!result.value.text && 'text' in req.params) {
 | |
|                 result.value.text = '';
 | |
|                 if (!result.value.html) {
 | |
|                     // make sure we also update html part
 | |
|                     result.value.html = '';
 | |
|                 }
 | |
|             }
 | |
| 
 | |
|             if (!result.value.html && 'html' in req.params) {
 | |
|                 result.value.html = '';
 | |
|                 if (!result.value.text) {
 | |
|                     // make sure we also update plaintext part
 | |
|                     result.value.text = '';
 | |
|                 }
 | |
|             }
 | |
| 
 | |
|             let user = new ObjectID(result.value.user);
 | |
| 
 | |
|             let r = await db.users.collection('users').updateOne({ _id: user }, { $set: { autoreply: result.value.status } });
 | |
| 
 | |
|             if (!r.matchedCount) {
 | |
|                 res.json({
 | |
|                     error: 'Unknown user'
 | |
|                 });
 | |
|                 return next();
 | |
|             }
 | |
| 
 | |
|             result.value.user = user;
 | |
|             r = await db.database.collection('autoreplies').updateOne({ user }, { $set: result.value }, { upsert: true });
 | |
| 
 | |
|             res.json({
 | |
|                 success: true,
 | |
|                 id: r.insertedId
 | |
|             });
 | |
| 
 | |
|             return next();
 | |
|         })
 | |
|     );
 | |
| 
 | |
|     /**
 | |
|      * @api {get} /users/:user/autoreply Request Autoreply information
 | |
|      * @apiName GetAutoreply
 | |
|      * @apiGroup Autoreplies
 | |
|      * @apiHeader {String} X-Access-Token Optional access token if authentication is enabled
 | |
|      * @apiHeaderExample {json} Header-Example:
 | |
|      * {
 | |
|      *   "X-Access-Token": "59fc66a03e54454869460e45"
 | |
|      * }
 | |
|      *
 | |
|      * @apiParam {String} user ID of the User
 | |
|      *
 | |
|      * @apiSuccess {Boolean} success Indicates successful response
 | |
|      * @apiSuccess {Boolean} status Is the autoreply enabled (true) or not (false)
 | |
|      * @apiSuccess {String} name Name that is used for the From: header in autoreply message
 | |
|      * @apiSuccess {String} subject Subject line for the autoreply. If empty then uses subject of the original message
 | |
|      * @apiSuccess {String} html HTML formatted content of the autoreply message
 | |
|      * @apiSuccess {String} text Plaintext formatted content of the autoreply message
 | |
|      * @apiSuccess {String} start Datestring of the start of the autoreply
 | |
|      * @apiSuccess {String} end Datestring of the end of the autoreply
 | |
|      *
 | |
|      *
 | |
|      * @apiError error Description of the error
 | |
|      *
 | |
|      * @apiExample {curl} Example usage:
 | |
|      *     curl -i http://localhost:8080/users/59fc66a03e54454869460e45/autoreply
 | |
|      *
 | |
|      * @apiSuccessExample {json} Success-Response:
 | |
|      *     HTTP/1.1 200 OK
 | |
|      *     {
 | |
|      *       "success": true,
 | |
|      *       "status": true,
 | |
|      *       "subject": "",
 | |
|      *       "text": "Away from office until Dec.19",
 | |
|      *       "html": "",
 | |
|      *       "start": "2017-11-15T00:00:00.000Z",
 | |
|      *       "end": "2017-12-19T00:00:00.000Z"
 | |
|      *     }
 | |
|      *
 | |
|      * @apiErrorExample {json} Error-Response:
 | |
|      *     HTTP/1.1 200 OK
 | |
|      *     {
 | |
|      *       "error": "This user does not exist"
 | |
|      *     }
 | |
|      */
 | |
|     server.get(
 | |
|         '/users/:user/autoreply',
 | |
|         tools.asyncifyJson(async (req, res, next) => {
 | |
|             res.charSet('utf-8');
 | |
| 
 | |
|             const schema = Joi.object().keys({
 | |
|                 user: Joi.string()
 | |
|                     .hex()
 | |
|                     .lowercase()
 | |
|                     .length(24)
 | |
|                     .required(),
 | |
|                 sess: Joi.string().max(255),
 | |
|                 ip: Joi.string().ip({
 | |
|                     version: ['ipv4', 'ipv6'],
 | |
|                     cidr: 'forbidden'
 | |
|                 })
 | |
|             });
 | |
| 
 | |
|             const result = Joi.validate(req.params, schema, {
 | |
|                 abortEarly: false,
 | |
|                 convert: true
 | |
|             });
 | |
| 
 | |
|             if (result.error) {
 | |
|                 res.json({
 | |
|                     error: result.error.message,
 | |
|                     code: 'InputValidationError'
 | |
|                 });
 | |
|                 return next();
 | |
|             }
 | |
| 
 | |
|             // permissions check
 | |
|             if (req.user && req.user === result.value.user) {
 | |
|                 req.validate(roles.can(req.role).readOwn('autoreplies'));
 | |
|             } else {
 | |
|                 req.validate(roles.can(req.role).readAny('autoreplies'));
 | |
|             }
 | |
| 
 | |
|             let user = new ObjectID(result.value.user);
 | |
| 
 | |
|             let entry = await db.database.collection('autoreplies').findOne({ user });
 | |
| 
 | |
|             entry = entry || {};
 | |
|             res.json({
 | |
|                 success: true,
 | |
|                 status: !!entry.status,
 | |
|                 name: entry.name || '',
 | |
|                 subject: entry.subject || '',
 | |
|                 text: entry.text || '',
 | |
|                 html: entry.html || '',
 | |
|                 start: entry.start || false,
 | |
|                 end: entry.end || false
 | |
|             });
 | |
| 
 | |
|             return next();
 | |
|         })
 | |
|     );
 | |
| 
 | |
|     /**
 | |
|      * @api {delete} /users/:user/autoreply Delete Autoreply information
 | |
|      * @apiName DeleteAutoreply
 | |
|      * @apiGroup Autoreplies
 | |
|      * @apiHeader {String} X-Access-Token Optional access token if authentication is enabled
 | |
|      * @apiHeaderExample {json} Header-Example:
 | |
|      * {
 | |
|      *   "X-Access-Token": "59fc66a03e54454869460e45"
 | |
|      * }
 | |
|      *
 | |
|      * @apiParam {String} user ID of the User
 | |
|      *
 | |
|      * @apiSuccess {Boolean} success Indicates successful response
 | |
|      *
 | |
|      * @apiError error Description of the error
 | |
|      *
 | |
|      * @apiExample {curl} Example usage:
 | |
|      *     curl -i -XDELETE http://localhost:8080/users/59fc66a03e54454869460e45/autoreply
 | |
|      *
 | |
|      * @apiSuccessExample {json} Success-Response:
 | |
|      *     HTTP/1.1 200 OK
 | |
|      *     {
 | |
|      *       "success": true
 | |
|      *     }
 | |
|      *
 | |
|      * @apiErrorExample {json} Error-Response:
 | |
|      *     HTTP/1.1 200 OK
 | |
|      *     {
 | |
|      *       "error": "This user does not exist"
 | |
|      *     }
 | |
|      */
 | |
|     server.del(
 | |
|         '/users/:user/autoreply',
 | |
|         tools.asyncifyJson(async (req, res, next) => {
 | |
|             res.charSet('utf-8');
 | |
| 
 | |
|             const schema = Joi.object().keys({
 | |
|                 user: Joi.string()
 | |
|                     .hex()
 | |
|                     .lowercase()
 | |
|                     .length(24)
 | |
|                     .required(),
 | |
|                 sess: Joi.string().max(255),
 | |
|                 ip: Joi.string().ip({
 | |
|                     version: ['ipv4', 'ipv6'],
 | |
|                     cidr: 'forbidden'
 | |
|                 })
 | |
|             });
 | |
| 
 | |
|             const result = Joi.validate(req.params, schema, {
 | |
|                 abortEarly: false,
 | |
|                 convert: true
 | |
|             });
 | |
| 
 | |
|             if (result.error) {
 | |
|                 res.json({
 | |
|                     error: result.error.message,
 | |
|                     code: 'InputValidationError'
 | |
|                 });
 | |
|                 return next();
 | |
|             }
 | |
| 
 | |
|             // permissions check
 | |
|             if (req.user && req.user === result.value.user) {
 | |
|                 req.validate(roles.can(req.role).deleteOwn('autoreplies'));
 | |
|             } else {
 | |
|                 req.validate(roles.can(req.role).deleteAny('autoreplies'));
 | |
|             }
 | |
| 
 | |
|             let user = new ObjectID(result.value.user);
 | |
| 
 | |
|             await db.users.collection('users').updateOne({ _id: user }, { $set: { autoreply: false } });
 | |
|             await db.database.collection('autoreplies').deleteOne({ user });
 | |
| 
 | |
|             res.json({
 | |
|                 success: true
 | |
|             });
 | |
| 
 | |
|             return next();
 | |
|         })
 | |
|     );
 | |
| };
 |