JS changes and fixes

master
andryyy 2017-05-13 08:55:34 +02:00
parent b1d0776ad1
commit 15853df84c
9 changed files with 54 additions and 147 deletions

11
data/web/css/animate.min.css vendored 100644

File diff suppressed because one or more lines are too long

View File

@ -44,6 +44,7 @@ endif;
<script src="/js/bootstrap-switch.min.js"></script>
<script src="/js/bootstrap-slider.min.js"></script>
<script src="/js/bootstrap-select.min.js"></script>
<script src="/js/notifications.min.js"></script>
<script src="/js/u2f-api.js"></script>
<script>
// Select language and reopen active URL without POST
@ -53,14 +54,12 @@ function setLang(sel) {
}
$(document).ready(function() {
function mailcow_alert_box(type, message) {
$('.mailcow-alert-box').show();
$('.mailcow-alert-box').addClass("alert-" + type);
$('#mailcow-alert-text').text(message);
function mailcow_alert_box(message, type) {
$.notify({message: message},{type: type,placement: {from: "bottom",align: "right"},animate: {enter: 'animated fadeInUp',exit: 'animated fadeOutDown'}});
}
// PHP error handler
<?php if (isset($_SESSION['return'])): ?>
mailcow_alert_box("<?=$_SESSION['return']['msg'];?>", "<?=$_SESSION['return']['type'];?>");
<?php endif; unset($_SESSION['return']); ?>
// Confirm TFA modal
<?php if (isset($_SESSION['pending_tfa_method'])):?>
$('#ConfirmTFAModal').modal({
@ -226,30 +225,9 @@ $(document).ready(function() {
}
});
});
if ($('#mailcow-alert').hasClass('alert-success')) {
$('#mailcow-alert').delay(5000).animate({right: '-50%'}, 1000);
};
});
</script>
<div class="container">
<div id="mailcow-alert" class="alert" role="alert">
<span id="mailcow-alert-text"></span>
</div>
</div>
</body>
<?php // Notifications ?>
<script>
function mailcow_alert_box(msg, type) {
document.getElementById('mailcow-alert').style.display = 'visible';
document.getElementById('mailcow-alert-text').innerHTML = msg;
document.getElementById("mailcow-alert").className = "alert alert-" + type;
}
<?php if (isset($_SESSION['return'])): ?>
mailcow_alert_box("<?=$_SESSION['return']['msg'];?>", "<?=$_SESSION['return']['type'];?>");
<?php endif; unset($_SESSION['return']); ?>
</script>
</html>
<?php $stmt = null; $pdo = null; ?>

View File

@ -457,10 +457,6 @@ function get_time_limited_aliases($username = null) {
$data = array();
if (isset($username) && filter_var($username, FILTER_VALIDATE_EMAIL)) {
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $username)) {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['access_denied'])
);
return false;
}
}
@ -687,19 +683,11 @@ function get_policy_list($object = null) {
if (!filter_var($object, FILTER_VALIDATE_EMAIL) && is_valid_domain_name($object)) {
$object = idn_to_ascii(strtolower(trim($object)));
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $object)) {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['access_denied'])
);
return false;
}
}
elseif (filter_var($object, FILTER_VALIDATE_EMAIL)) {
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $object)) {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['access_denied'])
);
return false;
}
}
@ -885,10 +873,6 @@ function get_syncjobs($username = null) {
$data = array();
if (isset($username) && filter_var($username, FILTER_VALIDATE_EMAIL)) {
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $username)) {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['access_denied'])
);
return false;
}
}
@ -916,17 +900,9 @@ function get_syncjob_details($id) {
$syncjobdetails = array();
if ($_SESSION['mailcow_cc_role'] != "user" &&
$_SESSION['mailcow_cc_role'] != "admin") {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['access_denied'])
);
return false;
}
if (!is_numeric($id)) {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['access_denied'])
);
return false;
}
try {
@ -1301,10 +1277,6 @@ function get_tls_policy($username = null) {
$data = array();
if (isset($username) && filter_var($username, FILTER_VALIDATE_EMAIL)) {
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $username)) {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['access_denied'])
);
return false;
}
}
@ -1687,26 +1659,14 @@ function get_domain_admin_details($domain_admin) {
global $lang;
$domainadmindata = array();
if (isset($domain_admin) && $_SESSION['mailcow_cc_role'] != "admin") {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['access_denied'])
);
return false;
}
if (!isset($domain_admin) && $_SESSION['mailcow_cc_role'] != "domainadmin") {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['access_denied'])
);
return false;
}
(!isset($domain_admin)) ? $domain_admin = $_SESSION['mailcow_cc_username'] : null;
if (!ctype_alnum(str_replace(array('_', '.', '-'), '', $domain_admin))) {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['username_invalid'])
);
return false;
}
try {
@ -2351,10 +2311,6 @@ function get_admin_details() {
global $lang;
$data = array();
if ($_SESSION['mailcow_cc_role'] != 'admin') {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['access_denied'])
);
return false;
}
try {
@ -2469,15 +2425,16 @@ function dkim_add_key($postarray) {
}
}
function dkim_get_key_details($domain) {
$data = array();
global $redis;
if (hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
if ($redis_dkim_key_data = $redis->hGet('DKIM_PUB_KEYS', $domain)) {
$data['pubkey'] = $redis_dkim_key_data;
$data['length'] = (strlen($data['pubkey']) < 391) ? 1024 : 2048;
$data['dkim_txt'] = 'v=DKIM1;k=rsa;t=s;s=email;p=' . $redis_dkim_key_data;
$data['dkim_selector'] = $redis->hGet('DKIM_SELECTORS', $domain);
}
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
return false;
}
$data = array();
if ($redis_dkim_key_data = $redis->hGet('DKIM_PUB_KEYS', $domain)) {
$data['pubkey'] = $redis_dkim_key_data;
$data['length'] = (strlen($data['pubkey']) < 391) ? 1024 : 2048;
$data['dkim_txt'] = 'v=DKIM1;k=rsa;t=s;s=email;p=' . $redis_dkim_key_data;
$data['dkim_selector'] = $redis->hGet('DKIM_SELECTORS', $domain);
}
return $data;
}
@ -2485,10 +2442,6 @@ function dkim_get_blind_keys() {
global $redis;
global $lang;
if ($_SESSION['mailcow_cc_role'] != "admin") {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['access_denied'])
);
return false;
}
$domains = array();
@ -4044,10 +3997,6 @@ function mailbox_get_mailboxes($domain = null) {
global $pdo;
$mailboxes = array();
if (isset($domain) && !hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['access_denied'])
);
return false;
}
elseif (isset($domain) && hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
@ -4096,10 +4045,6 @@ function mailbox_get_resources($domain = null) {
global $pdo;
$resources = array();
if (isset($domain) && !hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['access_denied'])
);
return false;
}
elseif (isset($domain) && hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
@ -4151,10 +4096,6 @@ function mailbox_get_alias_domains($domain = null) {
global $pdo;
$aliasdomains = array();
if (isset($domain) && !hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['access_denied'])
);
return false;
}
elseif (isset($domain) && hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
@ -4203,10 +4144,6 @@ function mailbox_get_aliases($domain) {
global $pdo;
$aliases = array();
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['access_denied'])
);
return false;
}
@ -4268,10 +4205,6 @@ function mailbox_get_alias_details($address) {
$aliasdata['created'] = $row['created'];
$aliasdata['modified'] = $row['modified'];
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $aliasdata['domain'])) {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['access_denied'])
);
return false;
}
}
@ -4317,10 +4250,6 @@ function mailbox_get_alias_domain_details($aliasdomain) {
return false;
}
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $aliasdomaindata['target_domain'])) {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['access_denied'])
);
return false;
}
return $aliasdomaindata;
@ -4331,9 +4260,11 @@ function mailbox_get_domains() {
// Domain does not need to be active
global $lang;
global $pdo;
$domains = array();
if ($_SESSION['mailcow_cc_role'] != "admin" && $_SESSION['mailcow_cc_role'] != "domainadmin") {
return false;
}
try {
$domains = array();
$stmt = $pdo->prepare("SELECT `domain` FROM `domain`
WHERE (`domain` IN (
SELECT `domain` from `domain_admins`
@ -4367,10 +4298,6 @@ function mailbox_get_domain_details($domain) {
$domain = idn_to_ascii(strtolower(trim($domain)));
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['access_denied'])
);
return false;
}
@ -4461,10 +4388,6 @@ function mailbox_get_mailbox_details($mailbox) {
global $lang;
global $pdo;
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $mailbox)) {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['access_denied'])
);
return false;
}
$mailboxdata = array();
@ -4538,10 +4461,6 @@ function mailbox_get_resource_details($resource) {
global $pdo;
$resourcedata = array();
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $resource)) {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['access_denied'])
);
return false;
}
try {
@ -4579,10 +4498,6 @@ function mailbox_get_resource_details($resource) {
}
if (!isset($resourcedata['domain']) ||
(isset($resourcedata['domain']) && !hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $resourcedata['domain']))) {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['access_denied'])
);
return false;
}
@ -5047,10 +4962,6 @@ function mailbox_get_sender_acl_handles($mailbox) {
global $pdo;
global $lang;
if ($_SESSION['mailcow_cc_role'] != "admin" && $_SESSION['mailcow_cc_role'] != "domainadmin") {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['access_denied'])
);
return false;
}
@ -5184,9 +5095,6 @@ function get_forwarding_host_details($host) {
if (!isset($host) || empty($host)) {
return false;
}
if (filter_var($host, FILTER_VALIDATE_IP)) {
return;
}
try {
if ($source = $redis->hGet('WHITELISTED_FWD_HOST', $host)) {
$data['host'] = $host;
@ -5301,10 +5209,6 @@ function get_logs($container, $lines = 100) {
global $lang;
global $redis;
if ($_SESSION['mailcow_cc_role'] != "admin") {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['access_denied'])
);
return false;
}
$lines = intval($lines);

View File

@ -18,6 +18,7 @@
<link rel="stylesheet" href="/css/footable.bootstrap.min.css">
<link rel="stylesheet" href="/inc/languages.min.css">
<link rel="stylesheet" href="/css/mailcow.css">
<link rel="stylesheet" href="/css/animate.min.css">
<?=(preg_match("/mailbox.php/i", $_SERVER['REQUEST_URI'])) ? '<link rel="stylesheet" href="/css/mailbox.css">' : null;?>
<?=(preg_match("/admin.php/i", $_SERVER['REQUEST_URI'])) ? '<link rel="stylesheet" href="/css/admin.css">' : null;?>
<link rel="shortcut icon" href="/favicon.png" type="image/png">

View File

@ -16,6 +16,18 @@ require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/lib/vendor/autoload.php';
$u2f = new u2flib_server\U2F('https://' . $_SERVER['HTTP_HOST']);
$tfa = new RobThree\Auth\TwoFactorAuth('mailcow UI');
// OWASP CSRF Protector
$csrfProtector = new csrfProtector;
class mailcowCsrfProtector extends csrfprotector {
public static function logCSRFattack() {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => 'CSRF violation'
);
}
}
mailcowCsrfProtector::init();
// Redis
$redis = new Redis();
$redis->connect('redis-mailcow', 6379);

View File

@ -48,8 +48,8 @@ $(document).ready(function() {
jsonp: false,
complete: function (data) {
// var reponse = (JSON.parse(data.responseText));
// alert(reponse.type);
// alert(reponse.msg);
// console.log(reponse.type);
// console.log(reponse.msg);
location.assign(window.location);
}
});
@ -133,8 +133,8 @@ jQuery(function($){
dataType: 'json',
url: '/api/v1/get/domain/all',
jsonp: false,
error: function () {
alert('Cannot draw domain table');
error: function (data) {
console.log('Cannot draw domain table');
},
success: function (data) {
$.each(data, function (i, item) {
@ -201,7 +201,7 @@ jQuery(function($){
url: '/api/v1/get/mailbox/all',
jsonp: false,
error: function () {
alert('Cannot draw mailbox table');
console.log('Cannot draw mailbox table');
},
success: function (data) {
$.each(data, function (i, item) {
@ -260,7 +260,7 @@ jQuery(function($){
url: '/api/v1/get/resource/all',
jsonp: false,
error: function () {
alert('Cannot draw resource table');
console.log('Cannot draw resource table');
},
success: function (data) {
$.each(data, function (i, item) {
@ -304,7 +304,7 @@ jQuery(function($){
url: '/api/v1/get/alias/all',
jsonp: false,
error: function () {
alert('Cannot draw alias table');
console.log('Cannot draw alias table');
},
success: function (data) {
$.each(data, function (i, item) {
@ -353,7 +353,7 @@ jQuery(function($){
url: '/api/v1/get/alias-domain/all',
jsonp: false,
error: function () {
alert('Cannot draw alias domain table');
console.log('Cannot draw alias domain table');
},
success: function (data) {
$.each(data, function (i, item) {

File diff suppressed because one or more lines are too long

View File

@ -93,7 +93,7 @@ $_SESSION['return_to'] = $_SERVER['REQUEST_URI'];
<h3 class="panel-title"><?=$lang['mailbox']['resources'];?></h3>
</div>
<div class="table-responsive">
<table id="resources_table" class="table table-striped"></table>
<table id="resource_table" class="table table-striped"></table>
</div>
<div class="mass-actions-mailbox">
<div class="btn-group">