mailcow/data/web/edit.php

192 lines
7.5 KiB
PHP
Raw Normal View History

<?php
require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/prerequisites.inc.php';
$AuthUsers = array("admin", "domainadmin", "user");
if (!isset($_SESSION['mailcow_cc_role']) OR !in_array($_SESSION['mailcow_cc_role'], $AuthUsers)) {
header('Location: /');
exit();
}
require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/header.inc.php';
$template = 'edit.twig';
$template_data = [];
$result = null;
if (isset($_SESSION['mailcow_cc_role'])) {
if ($_SESSION['mailcow_cc_role'] == "admin" || $_SESSION['mailcow_cc_role'] == "domainadmin") {
if (isset($_GET["alias"]) &&
!empty($_GET["alias"])) {
$alias = html_entity_decode(rawurldecode($_GET["alias"]));
$result = mailbox('get', 'alias_details', $alias);
$template = 'edit/alias.twig';
$template_data = [
'alias' => $alias,
'goto' => (preg_match('/^(null|ham|spam)@localhost$/i', $result['goto'])) ? null : $result['goto'],
];
}
elseif (isset($_GET['domainadmin'])) {
$domain_admin = $_GET["domainadmin"];
$result = domain_admin('details', $domain_admin);
$template = 'edit/domainadmin.twig';
$template_data = [
'domain_admin' => $domain_admin,
'da_acls' => acl('get', 'domainadmin', $domain_admin),
];
}
elseif (isset($_GET['admin'])) {
$admin = $_GET["admin"];
$result = admin('details', $admin);
$template = 'edit/admin.twig';
$template_data = ['admin' => $admin];
}
elseif (isset($_GET['domain']) &&
is_valid_domain_name($_GET["domain"]) &&
!empty($_GET["domain"])) {
$domain = $_GET["domain"];
$result = mailbox('get', 'domain_details', $domain);
$quota_notification_bcc = quota_notification_bcc('get', $domain);
$rl = ratelimit('get', 'domain', $domain);
$rlyhosts = relayhost('get');
$template = 'edit/domain.twig';
$template_data = [
'acl' => $_SESSION['acl'],
'domain' => $domain,
'quota_notification_bcc' => $quota_notification_bcc,
'rl' => $rl,
'rlyhosts' => $rlyhosts,
'dkim' => dkim('details', $domain),
];
}
elseif (isset($_GET['oauth2client']) &&
is_numeric($_GET["oauth2client"]) &&
!empty($_GET["oauth2client"])) {
$oauth2client = $_GET["oauth2client"];
$result = oauth2('details', 'client', $oauth2client);
$template = 'edit/oauth2client.twig';
$template_data = ['oauth2client' => $oauth2client];
}
elseif (isset($_GET['aliasdomain']) &&
is_valid_domain_name(html_entity_decode(rawurldecode($_GET["aliasdomain"]))) &&
!empty($_GET["aliasdomain"])) {
$alias_domain = html_entity_decode(rawurldecode($_GET["aliasdomain"]));
$result = mailbox('get', 'alias_domain_details', $alias_domain);
$rl = ratelimit('get', 'domain', $alias_domain);
$template = 'edit/aliasdomain.twig';
$template_data = [
'alias_domain' => $alias_domain,
'rl' => $rl,
'domains' => mailbox('get', 'domains'),
'dkim' => dkim('details', $alias_domain),
];
}
elseif (isset($_GET['mailbox']) && filter_var(html_entity_decode(rawurldecode($_GET["mailbox"])), FILTER_VALIDATE_EMAIL) && !empty($_GET["mailbox"])) {
$mailbox = html_entity_decode(rawurldecode($_GET["mailbox"]));
$result = mailbox('get', 'mailbox_details', $mailbox);
$rl = ratelimit('get', 'mailbox', $mailbox);
$pushover_data = pushover('get', $mailbox);
$quarantine_notification = mailbox('get', 'quarantine_notification', $mailbox);
$quarantine_category = mailbox('get', 'quarantine_category', $mailbox);
$get_tls_policy = mailbox('get', 'tls_policy', $mailbox);
$rlyhosts = relayhost('get');
$template = 'edit/mailbox.twig';
$template_data = [
'acl' => $_SESSION['acl'],
'mailbox' => $mailbox,
'rl' => $rl,
'pushover_data' => $pushover_data,
'quarantine_notification' => $quarantine_notification,
'quarantine_category' => $quarantine_category,
'get_tls_policy' => $get_tls_policy,
'rlyhosts' => $rlyhosts,
'sender_acl_handles' => mailbox('get', 'sender_acl_handles', $mailbox),
'user_acls' => acl('get', 'user', $mailbox),
];
}
elseif (isset($_GET['relayhost']) && is_numeric($_GET["relayhost"]) && !empty($_GET["relayhost"])) {
$relayhost = intval($_GET["relayhost"]);
$result = relayhost('details', $relayhost);
$template = 'edit/relayhost.twig';
$template_data = ['relayhost' => $relayhost];
}
elseif (isset($_GET['transport']) && is_numeric($_GET["transport"]) && !empty($_GET["transport"])) {
$transport = intval($_GET["transport"]);
$result = transport('details', $transport);
$template = 'edit/transport.twig';
$template_data = ['transport' => $transport];
}
elseif (isset($_GET['resource']) && filter_var(html_entity_decode(rawurldecode($_GET["resource"])), FILTER_VALIDATE_EMAIL) && !empty($_GET["resource"])) {
$resource = html_entity_decode(rawurldecode($_GET["resource"]));
$result = mailbox('get', 'resource_details', $resource);
$template = 'edit/resource.twig';
}
elseif (isset($_GET['bcc']) && !empty($_GET["bcc"])) {
$bcc = intval($_GET["bcc"]);
$result = bcc('details', $bcc);
$template = 'edit/bcc.twig';
$template_data = ['bcc' => $bcc];
}
elseif (isset($_GET['recipient_map']) &&
!empty($_GET["recipient_map"]) &&
$_SESSION['mailcow_cc_role'] == "admin") {
$map = intval($_GET["recipient_map"]);
$result = recipient_map('details', $map);
if (substr($result['recipient_map_old'], 0, 1) == '@') {
$result['recipient_map_old'] = substr($result['recipient_map_old'], 1);
}
$template = 'edit/recipient_map.twig';
$template_data = ['map' => $map];
}
elseif (isset($_GET['tls_policy_map']) &&
!empty($_GET["tls_policy_map"]) &&
$_SESSION['mailcow_cc_role'] == "admin") {
$map = intval($_GET["tls_policy_map"]);
$result = tls_policy_maps('details', $map);
$template = 'edit/tls_policy_map.twig';
$template_data = [
'map' => $map,
'policy_options' => [
'none',
'may',
'encrypt',
'dane',
'dane-only',
'fingerprint',
'verify',
'secure',
],
];
}
}
if ($_SESSION['mailcow_cc_role'] == "admin" || $_SESSION['mailcow_cc_role'] == "domainadmin" || $_SESSION['mailcow_cc_role'] == "user") {
if (isset($_GET['syncjob']) &&
is_numeric($_GET['syncjob'])) {
$id = $_GET["syncjob"];
$result = mailbox('get', 'syncjob_details', $id);
$template = 'edit/syncjob.twig';
}
elseif (isset($_GET['filter']) &&
is_numeric($_GET['filter'])) {
$id = $_GET["filter"];
$result = mailbox('get', 'filter_details', $id);
$template = 'edit/filter.twig';
}
elseif (isset($_GET['app-passwd']) &&
is_numeric($_GET['app-passwd'])) {
$id = $_GET["app-passwd"];
$result = app_passwd('details', $id);
$template = 'edit/app-passwd.twig';
}
}
}
else {
$template_data['access_denied'] = true;
}
$js_minifier->add('/web/js/site/edit.js');
$js_minifier->add('/web/js/site/pwgen.js');
$template_data['result'] = $result;
$template_data['return_to'] = $_SESSION['return_to'];
$template_data['lang_user'] = json_encode($lang['user']);
require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/footer.inc.php';