mirror of
https://github.com/nodemailer/wildduck.git
synced 2025-01-04 07:02:45 +08:00
53cda36329
update
613 lines
19 KiB
JavaScript
613 lines
19 KiB
JavaScript
'use strict';
|
|
|
|
const Joi = require('joi');
|
|
const ObjectId = require('mongodb').ObjectId;
|
|
const imapTools = require('../../imap-core/lib/imap-tools');
|
|
const tools = require('../tools');
|
|
const roles = require('../roles');
|
|
const util = require('util');
|
|
const { sessSchema, sessIPSchema, booleanSchema } = require('../schemas');
|
|
|
|
module.exports = (db, server, mailboxHandler) => {
|
|
const getMailboxCounter = util.promisify(tools.getMailboxCounter);
|
|
const updateMailbox = util.promisify(mailboxHandler.update.bind(mailboxHandler));
|
|
const deleteMailbox = util.promisify(mailboxHandler.del.bind(mailboxHandler));
|
|
const createMailbox = util.promisify((...args) => {
|
|
let callback = args.pop();
|
|
mailboxHandler.create(...args, (err, status, id) => {
|
|
if (err) {
|
|
return callback(err);
|
|
}
|
|
return callback(null, { status, id });
|
|
});
|
|
});
|
|
|
|
server.get(
|
|
'/users/:user/mailboxes',
|
|
tools.asyncifyJson(async (req, res, next) => {
|
|
res.charSet('utf-8');
|
|
|
|
const schema = Joi.object().keys({
|
|
user: Joi.string().hex().lowercase().length(24).required(),
|
|
specialUse: booleanSchema.default(false),
|
|
showHidden: booleanSchema.default(false),
|
|
counters: booleanSchema.default(false),
|
|
sizes: booleanSchema.default(false),
|
|
sess: sessSchema,
|
|
ip: sessIPSchema
|
|
});
|
|
|
|
const result = schema.validate(req.params, {
|
|
abortEarly: false,
|
|
convert: true
|
|
});
|
|
|
|
if (result.error) {
|
|
res.status(400);
|
|
res.json({
|
|
error: result.error.message,
|
|
code: 'InputValidationError',
|
|
details: tools.validationErrors(result)
|
|
});
|
|
return next();
|
|
}
|
|
|
|
// permissions check
|
|
if (req.user && req.user === result.value.user) {
|
|
req.validate(roles.can(req.role).readOwn('mailboxes'));
|
|
} else {
|
|
req.validate(roles.can(req.role).readAny('mailboxes'));
|
|
}
|
|
|
|
let user = new ObjectId(result.value.user);
|
|
let counters = result.value.counters;
|
|
let sizes = result.value.sizes;
|
|
|
|
let sizeValues = false;
|
|
|
|
let userData;
|
|
try {
|
|
userData = await db.users.collection('users').findOne(
|
|
{
|
|
_id: user
|
|
},
|
|
{
|
|
projection: {
|
|
address: true
|
|
}
|
|
}
|
|
);
|
|
} catch (err) {
|
|
res.status(500);
|
|
res.json({
|
|
error: 'MongoDB Error: ' + err.message,
|
|
code: 'InternalDatabaseError'
|
|
});
|
|
return next();
|
|
}
|
|
if (!userData) {
|
|
res.status(404);
|
|
res.json({
|
|
error: 'This user does not exist',
|
|
code: 'UserNotFound'
|
|
});
|
|
return next();
|
|
}
|
|
|
|
if (sizes) {
|
|
try {
|
|
sizeValues = await db.database
|
|
.collection('messages')
|
|
.aggregate([
|
|
{
|
|
$match: {
|
|
user
|
|
}
|
|
},
|
|
{
|
|
$project: {
|
|
mailbox: '$mailbox',
|
|
size: '$size'
|
|
}
|
|
},
|
|
{
|
|
$group: {
|
|
_id: '$mailbox',
|
|
mailboxSize: {
|
|
$sum: '$size'
|
|
}
|
|
}
|
|
}
|
|
])
|
|
.toArray();
|
|
} catch (err) {
|
|
// ignore
|
|
}
|
|
}
|
|
|
|
let mailboxes;
|
|
try {
|
|
mailboxes = await db.database
|
|
.collection('mailboxes')
|
|
.find({
|
|
user
|
|
})
|
|
.toArray();
|
|
} catch (err) {
|
|
res.status(500);
|
|
res.json({
|
|
error: 'MongoDB Error: ' + err.message,
|
|
code: 'InternalDatabaseError'
|
|
});
|
|
return next();
|
|
}
|
|
|
|
if (!mailboxes) {
|
|
mailboxes = [];
|
|
}
|
|
|
|
if (result.value.specialUse) {
|
|
mailboxes = mailboxes.filter(mailboxData => mailboxData.path === 'INBOX' || mailboxData.specialUse);
|
|
}
|
|
|
|
if (!result.value.showHidden) {
|
|
mailboxes = mailboxes.filter(mailboxData => !mailboxData.hidden);
|
|
}
|
|
|
|
mailboxes = mailboxes
|
|
.map(mailboxData => mailboxData)
|
|
.sort((a, b) => {
|
|
if (a.path === 'INBOX') {
|
|
return -1;
|
|
}
|
|
if (b.path === 'INBOX') {
|
|
return 1;
|
|
}
|
|
if (a.path.indexOf('INBOX/') === 0 && b.path.indexOf('INBOX/') !== 0) {
|
|
return -1;
|
|
}
|
|
if (a.path.indexOf('INBOX/') !== 0 && b.path.indexOf('INBOX/') === 0) {
|
|
return 1;
|
|
}
|
|
if (a.subscribed !== b.subscribed) {
|
|
return (a.subscribed ? 0 : 1) - (b.subscribed ? 0 : 1);
|
|
}
|
|
return a.path.localeCompare(b.path);
|
|
});
|
|
|
|
let responses = [];
|
|
|
|
let counterOps = [];
|
|
|
|
for (let mailboxData of mailboxes) {
|
|
let path = mailboxData.path.split('/');
|
|
let name = path.pop();
|
|
|
|
let response = {
|
|
id: mailboxData._id.toString(),
|
|
name,
|
|
path: mailboxData.path,
|
|
specialUse: mailboxData.specialUse,
|
|
modifyIndex: mailboxData.modifyIndex,
|
|
subscribed: mailboxData.subscribed,
|
|
hidden: !mailboxData.hidden
|
|
};
|
|
|
|
if (mailboxData.retention) {
|
|
response.retention = mailboxData.retention;
|
|
}
|
|
|
|
if (sizeValues) {
|
|
for (let sizeValue of sizeValues) {
|
|
if (mailboxData._id.equals(sizeValue._id)) {
|
|
response.size = sizeValue.mailboxSize;
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
|
|
if (!counters) {
|
|
responses.push(response);
|
|
continue;
|
|
}
|
|
|
|
let total, unseen;
|
|
|
|
counterOps.push(
|
|
(async () => {
|
|
try {
|
|
total = await getMailboxCounter(db, mailboxData._id, false);
|
|
} catch (err) {
|
|
// ignore
|
|
}
|
|
response.total = total;
|
|
})()
|
|
);
|
|
|
|
counterOps.push(
|
|
(async () => {
|
|
try {
|
|
unseen = await getMailboxCounter(db, mailboxData._id, 'unseen');
|
|
} catch (err) {
|
|
// ignore
|
|
}
|
|
response.unseen = unseen;
|
|
})()
|
|
);
|
|
|
|
responses.push(response);
|
|
}
|
|
|
|
if (counterOps.length) {
|
|
await Promise.all(counterOps);
|
|
}
|
|
|
|
res.json({
|
|
success: true,
|
|
results: responses
|
|
});
|
|
})
|
|
);
|
|
|
|
server.post(
|
|
'/users/:user/mailboxes',
|
|
tools.asyncifyJson(async (req, res, next) => {
|
|
res.charSet('utf-8');
|
|
|
|
const schema = Joi.object().keys({
|
|
user: Joi.string().hex().lowercase().length(24).required(),
|
|
path: Joi.string()
|
|
.regex(/\/{2,}|\/$/, { invert: true })
|
|
.required(),
|
|
hidden: booleanSchema.default(false),
|
|
retention: Joi.number().min(0),
|
|
sess: sessSchema,
|
|
ip: sessIPSchema
|
|
});
|
|
|
|
const result = schema.validate(req.params, {
|
|
abortEarly: false,
|
|
convert: true
|
|
});
|
|
|
|
if (result.error) {
|
|
res.status(400);
|
|
res.json({
|
|
error: result.error.message,
|
|
code: 'InputValidationError',
|
|
details: tools.validationErrors(result)
|
|
});
|
|
return next();
|
|
}
|
|
|
|
// permissions check
|
|
if (req.user && req.user === result.value.user) {
|
|
req.validate(roles.can(req.role).createOwn('mailboxes'));
|
|
} else {
|
|
req.validate(roles.can(req.role).createAny('mailboxes'));
|
|
}
|
|
|
|
let user = new ObjectId(result.value.user);
|
|
let path = imapTools.normalizeMailbox(result.value.path);
|
|
let retention = result.value.retention;
|
|
|
|
let opts = {
|
|
subscribed: true,
|
|
hidden: !!result.value.hidden
|
|
};
|
|
|
|
if (retention) {
|
|
opts.retention = retention;
|
|
}
|
|
|
|
let status, id;
|
|
try {
|
|
let data = await createMailbox(user, path, opts);
|
|
status = data.status;
|
|
id = data.id;
|
|
} catch (err) {
|
|
res.status(500); // TODO: use response code specific status
|
|
res.json({
|
|
error: err.message,
|
|
code: err.code
|
|
});
|
|
return next();
|
|
}
|
|
|
|
if (typeof status === 'string') {
|
|
res.json({
|
|
error: 'Mailbox creation failed with code ' + status
|
|
});
|
|
return next();
|
|
}
|
|
|
|
res.json({
|
|
success: !!status,
|
|
id
|
|
});
|
|
return next();
|
|
})
|
|
);
|
|
|
|
server.get(
|
|
'/users/:user/mailboxes/:mailbox',
|
|
tools.asyncifyJson(async (req, res, next) => {
|
|
res.charSet('utf-8');
|
|
const schema = Joi.object().keys({
|
|
user: Joi.string().hex().lowercase().length(24).required(),
|
|
mailbox: Joi.string().hex().lowercase().length(24).allow('resolve').required(),
|
|
path: Joi.string().regex(/\/{2,}|\/$/, { invert: true }),
|
|
sess: sessSchema,
|
|
ip: sessIPSchema
|
|
});
|
|
|
|
const result = schema.validate(req.params, {
|
|
abortEarly: false,
|
|
convert: true
|
|
});
|
|
|
|
if (result.error) {
|
|
res.status(400);
|
|
res.json({
|
|
error: result.error.message,
|
|
code: 'InputValidationError',
|
|
details: tools.validationErrors(result)
|
|
});
|
|
return next();
|
|
}
|
|
|
|
// permissions check
|
|
if (req.user && req.user === result.value.user) {
|
|
req.validate(roles.can(req.role).readOwn('mailboxes'));
|
|
} else {
|
|
req.validate(roles.can(req.role).readAny('mailboxes'));
|
|
}
|
|
|
|
let user = new ObjectId(result.value.user);
|
|
let mailbox = result.value.mailbox !== 'resolve' ? new ObjectId(result.value.mailbox) : 'resolve';
|
|
|
|
let userData;
|
|
|
|
try {
|
|
userData = await db.users.collection('users').findOne(
|
|
{
|
|
_id: user
|
|
},
|
|
{
|
|
projection: {
|
|
address: true
|
|
}
|
|
}
|
|
);
|
|
} catch (err) {
|
|
res.status(500);
|
|
res.json({
|
|
error: 'MongoDB Error: ' + err.message,
|
|
code: 'InternalDatabaseError'
|
|
});
|
|
return next();
|
|
}
|
|
if (!userData) {
|
|
res.status(404);
|
|
res.json({
|
|
error: 'This user does not exist',
|
|
code: 'UserNotFound'
|
|
});
|
|
return next();
|
|
}
|
|
|
|
let mailboxQuery = {
|
|
_id: mailbox,
|
|
user
|
|
};
|
|
|
|
if (mailbox === 'resolve') {
|
|
mailboxQuery = {
|
|
path: result.value.path,
|
|
user
|
|
};
|
|
}
|
|
|
|
let mailboxData;
|
|
try {
|
|
mailboxData = await db.database.collection('mailboxes').findOne(mailboxQuery);
|
|
} catch (err) {
|
|
res.status(500);
|
|
res.json({
|
|
error: 'MongoDB Error: ' + err.message,
|
|
code: 'InternalDatabaseError'
|
|
});
|
|
return next();
|
|
}
|
|
if (!mailboxData) {
|
|
res.status(404);
|
|
res.json({
|
|
error: 'This mailbox does not exist',
|
|
code: 'NoSuchMailbox'
|
|
});
|
|
return next();
|
|
}
|
|
|
|
mailbox = mailboxData._id;
|
|
|
|
let path = mailboxData.path.split('/');
|
|
let name = path.pop();
|
|
|
|
let total, unseen;
|
|
|
|
try {
|
|
total = await getMailboxCounter(db, mailboxData._id, false);
|
|
} catch (err) {
|
|
// ignore
|
|
}
|
|
|
|
try {
|
|
unseen = await getMailboxCounter(db, mailboxData._id, 'unseen');
|
|
} catch (err) {
|
|
// ignore
|
|
}
|
|
|
|
res.json({
|
|
success: true,
|
|
id: mailbox,
|
|
name,
|
|
path: mailboxData.path,
|
|
specialUse: mailboxData.specialUse,
|
|
modifyIndex: mailboxData.modifyIndex,
|
|
subscribed: mailboxData.subscribed,
|
|
hidden: !!mailboxData.hidden,
|
|
total,
|
|
unseen
|
|
});
|
|
return next();
|
|
})
|
|
);
|
|
|
|
server.put(
|
|
'/users/:user/mailboxes/:mailbox',
|
|
tools.asyncifyJson(async (req, res, next) => {
|
|
res.charSet('utf-8');
|
|
|
|
const schema = Joi.object().keys({
|
|
user: Joi.string().hex().lowercase().length(24).required(),
|
|
mailbox: Joi.string().hex().lowercase().length(24).required(),
|
|
path: Joi.string().regex(/\/{2,}|\/$/, { invert: true }),
|
|
retention: Joi.number().empty('').min(0),
|
|
subscribed: booleanSchema,
|
|
hidden: booleanSchema,
|
|
sess: sessSchema,
|
|
ip: sessIPSchema
|
|
});
|
|
|
|
const result = schema.validate(req.params, {
|
|
abortEarly: false,
|
|
convert: true
|
|
});
|
|
|
|
if (result.error) {
|
|
res.status(400);
|
|
res.json({
|
|
error: result.error.message,
|
|
code: 'InputValidationError',
|
|
details: tools.validationErrors(result)
|
|
});
|
|
return next();
|
|
}
|
|
|
|
// permissions check
|
|
if (req.user && req.user === result.value.user) {
|
|
req.validate(roles.can(req.role).updateOwn('mailboxes'));
|
|
} else {
|
|
req.validate(roles.can(req.role).updateAny('mailboxes'));
|
|
}
|
|
|
|
let user = new ObjectId(result.value.user);
|
|
let mailbox = new ObjectId(result.value.mailbox);
|
|
|
|
let updates = {};
|
|
let update = false;
|
|
Object.keys(result.value || {}).forEach(key => {
|
|
if (!['user', 'mailbox'].includes(key)) {
|
|
updates[key] = result.value[key];
|
|
update = true;
|
|
}
|
|
});
|
|
|
|
if (!update) {
|
|
res.json({
|
|
error: 'Nothing was changed'
|
|
});
|
|
return next();
|
|
}
|
|
|
|
let status;
|
|
try {
|
|
status = await updateMailbox(user, mailbox, updates);
|
|
} catch (err) {
|
|
res.status(500); // TODO: use response code specific status
|
|
res.json({
|
|
error: err.message,
|
|
code: err.code
|
|
});
|
|
return next();
|
|
}
|
|
|
|
if (typeof status === 'string') {
|
|
res.json({
|
|
error: 'Mailbox update failed with code ' + status
|
|
});
|
|
return next();
|
|
}
|
|
|
|
res.json({
|
|
success: true
|
|
});
|
|
return next();
|
|
})
|
|
);
|
|
|
|
server.del(
|
|
'/users/:user/mailboxes/:mailbox',
|
|
tools.asyncifyJson(async (req, res, next) => {
|
|
res.charSet('utf-8');
|
|
|
|
const schema = Joi.object().keys({
|
|
user: Joi.string().hex().lowercase().length(24).required(),
|
|
mailbox: Joi.string().hex().lowercase().length(24).required(),
|
|
sess: sessSchema,
|
|
ip: sessIPSchema
|
|
});
|
|
|
|
const result = schema.validate(req.params, {
|
|
abortEarly: false,
|
|
convert: true
|
|
});
|
|
|
|
if (result.error) {
|
|
res.status(400);
|
|
res.json({
|
|
error: result.error.message,
|
|
code: 'InputValidationError',
|
|
details: tools.validationErrors(result)
|
|
});
|
|
return next();
|
|
}
|
|
|
|
// permissions check
|
|
if (req.user && req.user === result.value.user) {
|
|
req.validate(roles.can(req.role).deleteOwn('mailboxes'));
|
|
} else {
|
|
req.validate(roles.can(req.role).deleteAny('mailboxes'));
|
|
}
|
|
|
|
let user = new ObjectId(result.value.user);
|
|
let mailbox = new ObjectId(result.value.mailbox);
|
|
|
|
let status;
|
|
try {
|
|
status = await deleteMailbox(user, mailbox);
|
|
} catch (err) {
|
|
res.status(500); // TODO: use response code specific status
|
|
res.json({
|
|
error: err.message,
|
|
code: err.code
|
|
});
|
|
return next();
|
|
}
|
|
|
|
if (typeof status === 'string') {
|
|
res.status(500); // TODO: use response code specific status
|
|
res.json({
|
|
error: 'Mailbox deletion failed with code ' + status,
|
|
code: status
|
|
});
|
|
return next();
|
|
}
|
|
|
|
res.json({
|
|
success: true
|
|
});
|
|
return next();
|
|
})
|
|
);
|
|
};
|