andryyy 2019-10-02 19:01:12 +02:00
commit 23dcb68f50
8 changed files with 90 additions and 43 deletions

View File

@ -64,11 +64,11 @@ class container_post(Resource):
print("api call: %s, container_id: %s" % (api_call_method_name, container_id))
return api_call_method(container_id)
except Exception as e:
print("error - container_post: %s" % str(e))
print("error - container_post: %s" % str(e))
return jsonify(type='danger', msg=str(e))
else:
return jsonify(type='danger', msg='invalid container id or missing action')
return jsonify(type='danger', msg='invalid container id or missing action')
# api call: container_post - post_action: stop
@ -107,7 +107,7 @@ class container_post(Resource):
# api call: container_post - post_action: exec - cmd: mailq - task: delete
def container_post__exec__mailq__delete(self, container_id):
if 'items' in request.json:
if 'items' in request.json:
r = re.compile("^[0-9a-fA-F]+$")
filtered_qids = filter(r.match, request.json['items'])
if filtered_qids:
@ -121,7 +121,7 @@ class container_post(Resource):
# api call: container_post - post_action: exec - cmd: mailq - task: hold
def container_post__exec__mailq__hold(self, container_id):
if 'items' in request.json:
if 'items' in request.json:
r = re.compile("^[0-9a-fA-F]+$")
filtered_qids = filter(r.match, request.json['items'])
if filtered_qids:
@ -135,7 +135,7 @@ class container_post(Resource):
# api call: container_post - post_action: exec - cmd: mailq - task: unhold
def container_post__exec__mailq__unhold(self, container_id):
if 'items' in request.json:
if 'items' in request.json:
r = re.compile("^[0-9a-fA-F]+$")
filtered_qids = filter(r.match, request.json['items'])
if filtered_qids:
@ -149,7 +149,7 @@ class container_post(Resource):
# api call: container_post - post_action: exec - cmd: mailq - task: deliver
def container_post__exec__mailq__deliver(self, container_id):
if 'items' in request.json:
if 'items' in request.json:
r = re.compile("^[0-9a-fA-F]+$")
filtered_qids = filter(r.match, request.json['items'])
if filtered_qids:
@ -206,7 +206,7 @@ class container_post(Resource):
def container_post__exec__system__df(self, container_id):
if 'dir' in request.json:
for container in docker_client.containers.list(filters={"id": container_id}):
df_return = container.exec_run(["/bin/bash", "-c", "/bin/df -H '" + request.json['dir'].replace("'", "'\\''") + "' | /usr/bin/tail -n1 | /usr/bin/tr -s [:blank:] | /usr/bin/tr ' ' ','"], user='nobody')
df_return = container.exec_run(["/bin/bash", "-c", "/bin/df '" + request.json['dir'].replace("'", "'\\''") + "' | /usr/bin/tail -n1 | /usr/bin/tr -s [:blank:] | /usr/bin/tr ' ' ','"], user='nobody')
if df_return.exit_code == 0:
return df_return.output.decode('utf-8').rstrip()
else:
@ -264,7 +264,7 @@ class container_post(Resource):
def container_post__exec__sieve__print(self, container_id):
if 'username' in request.json and 'script_name' in request.json:
for container in docker_client.containers.list(filters={"id": container_id}):
cmd = ["/bin/bash", "-c", "/usr/bin/doveadm sieve get -u '" + request.json['username'].replace("'", "'\\''") + "' '" + request.json['script_name'].replace("'", "'\\''") + "'"]
cmd = ["/bin/bash", "-c", "/usr/bin/doveadm sieve get -u '" + request.json['username'].replace("'", "'\\''") + "' '" + request.json['script_name'].replace("'", "'\\''") + "'"]
sieve_return = container.exec_run(cmd)
return exec_run_handler('utf8_text_only', sieve_return)
@ -286,7 +286,7 @@ class container_post(Resource):
for container in docker_client.containers.list(filters={"id": container_id}):
cmd = "/usr/bin/rspamadm pw -e -p '" + request.json['raw'].replace("'", "'\\''") + "' 2> /dev/null"
cmd_response = exec_cmd_container(container, cmd, user="_rspamd")
matched = False
for line in cmd_response.split("\n"):
if '$2$' in line:
@ -306,7 +306,7 @@ class container_post(Resource):
return jsonify(type='success', msg='command completed successfully')
else:
return jsonify(type='danger', msg='command did not complete')
def exec_cmd_container(container, cmd, user, timeout=2, shell_cmd="/bin/bash"):
@ -333,7 +333,7 @@ def exec_cmd_container(container, cmd, user, timeout=2, shell_cmd="/bin/bash"):
except:
pass
return ''.join(total_data)
try :
socket = container.exec_run([shell_cmd], stdin=True, socket=True, user=user).output._sock
if not cmd.endswith("\n"):

View File

@ -44,4 +44,14 @@ tbody {
.container-indicator {
width: 15px;
height: 15px;
}
}
.disk_space {
margin-top: 20px;
}
.progress-bar-committed {
background-color: #B6E1F2;
}
.usage-info {
display: inline-block;
margin-right: 5px;
}

View File

@ -43,6 +43,11 @@ else {
<?php
$exec_fields = array('cmd' => 'system', 'task' => 'df', 'dir' => '/var/vmail');
$vmail_df = explode(',', json_decode(docker('post', 'dovecot-mailcow', 'exec', $exec_fields), true));
$used_percent = substr($vmail_df[4], 0, -1);
$quota_stats = mailbox('get','quota_stats');
$quotaPercent1 = round(($quota_stats['total_quota']/$vmail_df[3])*100);
$quotaPercent2 = round((($quota_stats['total_quota']-$quota_stats['used_bytes'])/$vmail_df[3])*100);
$quotaPercent2 = ($quotaPercent2+$used_percent>100) ? 100-$used_percent : $quotaPercent2;
?>
<div role="tabpanel" class="tab-pane active" id="tab-containers">
<div class="panel panel-default">
@ -53,12 +58,15 @@ else {
<div class="row">
<div class="col-sm-3">
<p>/var/vmail on <?=$vmail_df[0];?></p>
<p><?=$vmail_df[2];?> / <?=$vmail_df[1];?> (<?=$vmail_df[4];?>)</p>
<p class="disk_space"><?=$lang['debug']['disk_space'];?> <?=formatBytes($vmail_df[3]*1024);?></p>
</div>
<div class="col-sm-9">
<div class="progress">
<div class="progress-bar progress-bar-info" role="progressbar" style="width:<?=$vmail_df[4];?>"></div>
<div class="progress-bar progress-bar-info" role="progressbar" style="width:<?=$used_percent;?>%"></div>
<div class="progress-bar progress-bar-committed" role="progressbar" style="width:<?=$quotaPercent2;?>%"></div>
</div>
<p><span class="container-indicator label usage-info progress-bar-info">&nbsp;</span> <?=$lang['debug']['disk_used'];?> <?=formatBytes($vmail_df[2]*1024);?> (<?=$used_percent;?>%)</p>
<p><span class="container-indicator label usage-info progress-bar-committed">&nbsp;</span> <?=$lang['debug']['total_quota'];?> <?=formatBytes($quota_stats['total_quota']*1024);?> (<?=$quotaPercent1;?>%)</p>
</div>
</div>
</div>
@ -344,7 +352,6 @@ $lang_admin = json_encode($lang['admin']);
echo "var lang = ". $lang_admin . ";\n";
echo "var csrf_token = '". $_SESSION['CSRF']['TOKEN'] . "';\n";
echo "var log_pagination_size = '". $LOG_PAGINATION_SIZE . "';\n";
?>
</script>
<?php

View File

@ -44,12 +44,12 @@ function domain_admin($_action, $_data = null) {
WHERE `username` = :username");
$stmt->execute(array(':username' => $username));
$num_results[] = count($stmt->fetchAll(PDO::FETCH_ASSOC));
$stmt = $pdo->prepare("SELECT `username` FROM `admin`
WHERE `username` = :username");
$stmt->execute(array(':username' => $username));
$num_results[] = count($stmt->fetchAll(PDO::FETCH_ASSOC));
$stmt = $pdo->prepare("SELECT `username` FROM `domain_admins`
WHERE `username` = :username");
$stmt->execute(array(':username' => $username));
@ -379,7 +379,7 @@ function domain_admin($_action, $_data = null) {
}
$stmt = $pdo->query("SELECT DISTINCT
`username`
FROM `domain_admins`
FROM `domain_admins`
WHERE `username` IN (
SELECT `username` FROM `admin`
WHERE `superadmin`!='1'
@ -415,7 +415,7 @@ function domain_admin($_action, $_data = null) {
':domain_admin' => $_data
));
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if (empty($row)) {
if (empty($row)) {
return false;
}
$domainadmindata['username'] = $row['username'];

View File

@ -46,7 +46,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$stmt = $pdo->prepare("SELECT `domain` FROM `mailbox` WHERE `username` = :username");
$stmt->execute(array(':username' => $_SESSION['mailcow_cc_username']));
$domain = $stmt->fetch(PDO::FETCH_ASSOC)['domain'];
$validity = strtotime("+".$_data["validity"]." hour");
$validity = strtotime("+".$_data["validity"]." hour");
$letters = 'abcefghijklmnopqrstuvwxyz1234567890';
$random_name = substr(str_shuffle($letters), 0, 24);
$stmt = $pdo->prepare("INSERT INTO `spamalias` (`address`, `goto`, `validity`) VALUES
@ -485,7 +485,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
'msg' => 'comment_too_long'
);
return false;
}
}
if (empty($addresses[0])) {
$_SESSION['return'][] = array(
'type' => 'danger',
@ -841,7 +841,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
WHERE `domain` = :domain");
$stmt->execute(array(':domain' => $domain));
$DomainData = $stmt->fetch(PDO::FETCH_ASSOC);
$stmt = $pdo->prepare("SELECT
$stmt = $pdo->prepare("SELECT
COUNT(*) as count,
COALESCE(ROUND(SUM(`quota`)/1048576), 0) as `quota`
FROM `mailbox`
@ -945,7 +945,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
);
return false;
}
$stmt = $pdo->prepare("INSERT INTO `mailbox` (`username`, `password`, `name`, `quota`, `local_part`, `domain`, `attributes`, `active`)
$stmt = $pdo->prepare("INSERT INTO `mailbox` (`username`, `password`, `name`, `quota`, `local_part`, `domain`, `attributes`, `active`)
VALUES (:username, :password_hashed, :name, :quota_b, :local_part, :domain, :mailbox_attrs, :active)");
$stmt->execute(array(
':username' => $username,
@ -1073,7 +1073,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
);
return false;
}
$stmt = $pdo->prepare("INSERT INTO `mailbox` (`username`, `password`, `name`, `quota`, `local_part`, `domain`, `active`, `multiple_bookings`, `kind`)
$stmt = $pdo->prepare("INSERT INTO `mailbox` (`username`, `password`, `name`, `quota`, `local_part`, `domain`, `active`, `multiple_bookings`, `kind`)
VALUES (:name, 'RESOURCE', :description, 0, :local_part, :domain, :active, :multiple_bookings, :kind)");
$stmt->execute(array(
':name' => $name,
@ -1249,7 +1249,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
'msg' => 'access_denied'
);
continue;
}
}
$stmt = $pdo->prepare("UPDATE `mailbox`
SET `attributes` = JSON_SET(`attributes`, '$.quarantine_notification', :quarantine_notification)
WHERE `username` = :username");
@ -1360,7 +1360,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
continue;
}
$validity = round((int)time() + ($_data['validity'] * 3600));
$stmt = $pdo->prepare("UPDATE `spamalias` SET `validity` = :validity WHERE
$stmt = $pdo->prepare("UPDATE `spamalias` SET `validity` = :validity WHERE
`address` = :address");
$stmt->execute(array(
':address' => $address,
@ -1888,7 +1888,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
);
continue;
}
$stmt = $pdo->prepare("UPDATE `domain` SET
$stmt = $pdo->prepare("UPDATE `domain` SET
`description` = :description,
`gal` = :gal
WHERE `domain` = :domain");
@ -1928,7 +1928,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
continue;
}
// todo: should be using api here
$stmt = $pdo->prepare("SELECT
$stmt = $pdo->prepare("SELECT
COUNT(*) AS count,
MAX(COALESCE(ROUND(`quota`/1048576), 0)) AS `biggest_mailbox`,
COALESCE(ROUND(SUM(`quota`)/1048576), 0) AS `quota_all`
@ -2009,7 +2009,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
);
continue;
}
$stmt = $pdo->prepare("UPDATE `domain` SET
$stmt = $pdo->prepare("UPDATE `domain` SET
`relay_all_recipients` = :relay_all_recipients,
`backupmx` = :backupmx,
`gal` = :gal,
@ -2071,7 +2071,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$domain = $is_now['domain'];
$quota_b = $quota_m * 1048576;
$password = (!empty($_data['password'])) ? $_data['password'] : null;
$password2 = (!empty($_data['password2'])) ? $_data['password2'] : null;
$password2 = (!empty($_data['password2'])) ? $_data['password2'] : null;
}
else {
$_SESSION['return'][] = array(
@ -2517,14 +2517,14 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
}
$stmt = $pdo->prepare("SELECT `domain` FROM `domain`
WHERE `domain` NOT IN (
SELECT REPLACE(`send_as`, '@', '') FROM `sender_acl`
SELECT REPLACE(`send_as`, '@', '') FROM `sender_acl`
WHERE `logged_in_as` = :logged_in_as1
AND `external` = '0'
AND `send_as` LIKE '@%')
UNION
SELECT '*' FROM `domain`
WHERE '*' NOT IN (
SELECT `send_as` FROM `sender_acl`
SELECT `send_as` FROM `sender_acl`
WHERE `logged_in_as` = :logged_in_as2
AND `external` = '0'
)");
@ -2546,7 +2546,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
$stmt = $pdo->prepare("SELECT `address` FROM `alias`
WHERE `goto` != :goto
AND `address` NOT IN (
SELECT `send_as` FROM `sender_acl`
SELECT `send_as` FROM `sender_acl`
WHERE `logged_in_as` = :logged_in_as
AND `external` = '0'
AND `send_as` NOT LIKE '@%')");
@ -3074,11 +3074,11 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
if (!empty($row)) {
$_data = $row['target_domain'];
}
$stmt = $pdo->prepare("SELECT
$stmt = $pdo->prepare("SELECT
`domain`,
`description`,
`aliases`,
`mailboxes`,
`mailboxes`,
`defquota`,
`maxquota`,
`quota`,
@ -3096,7 +3096,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
':domain' => $_data
));
$row = $stmt->fetch(PDO::FETCH_ASSOC);
if (empty($row)) {
if (empty($row)) {
return false;
}
$stmt = $pdo->prepare("SELECT COUNT(*) AS `count`,
@ -3254,6 +3254,24 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
}
return $resourcedata;
break;
case 'quota_stats':
$quotadata = array();
if ($_SESSION['mailcow_cc_role'] != "admin") {
return false;
}
$stmt = $pdo->query("SELECT SUM(`quota2`.`bytes`) AS `bytes`
FROM `mailbox`, `quota2`, `domain`
WHERE `mailbox`.`kind` NOT REGEXP 'location|thing|group'
AND `mailbox`.`username` = `quota2`.`username`
AND `domain`.`domain` = `mailbox`.`domain`
AND `domain`.`active` = 1");
$row = $stmt->fetch(PDO::FETCH_ASSOC);
$quotadata['used_bytes'] = $row['bytes']/1024;
$stmt = $pdo->query("SELECT SUM(`quota`) AS `quota` FROM `domain` WHERE `active`=1");
$row = $stmt->fetch(PDO::FETCH_ASSOC);
$quotadata['total_quota'] = $row['quota']*1024;
return $quotadata;
break;
}
break;
case 'delete':
@ -3724,7 +3742,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
curl_setopt($curl, CURLOPT_HTTPHEADER,array('Content-Type: text/xml'));
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_POSTFIELDS, '<delete><query>user:' . $username . '</query></delete>');
curl_setopt($curl, CURLOPT_POSTFIELDS, '<delete><query>user:' . $username . '</query></delete>');
curl_setopt($curl, CURLOPT_TIMEOUT, 30);
$response = curl_exec($curl);
if ($response === false) {

View File

@ -60,6 +60,7 @@ if (!empty($_SERVER['HTTP_X_API_KEY'])) {
else {
$redis->publish("F2B_CHANNEL", "mailcow UI: Invalid password for API_USER by " . $_SERVER['REMOTE_ADDR']);
error_log("mailcow UI: Invalid password for " . $user . " by " . $_SERVER['REMOTE_ADDR']);
http_response_code(401);
echo json_encode(array(
'type' => 'error',
'msg' => 'api access denied for ip ' . $_SERVER['REMOTE_ADDR']
@ -71,6 +72,7 @@ if (!empty($_SERVER['HTTP_X_API_KEY'])) {
else {
$redis->publish("F2B_CHANNEL", "mailcow UI: Invalid password for API_USER by " . $_SERVER['REMOTE_ADDR']);
error_log("mailcow UI: Invalid password for " . $user . " by " . $_SERVER['REMOTE_ADDR']);
http_response_code(401);
echo json_encode(array(
'type' => 'error',
'msg' => 'authentication failed'

View File

@ -149,8 +149,8 @@ $lang['success']['sogo_profile_reset'] = "ActiveSync Gerät des Benutzers %s wur
$lang['success']['resource_removed'] = 'Ressource %s wurde entfernt';
$lang['warning']['cannot_delete_self'] = 'Kann derzeit eingeloggten Benutzer nicht entfernen';
$lang['warning']['no_active_admin'] = 'Kann letzten aktiven Administrator nicht deaktivieren';
$lang['danger']['max_quota_in_use'] = 'Mailbox Speicherplatzlimit muss größer oder gleich %d MiB sein';
$lang['danger']['domain_quota_m_in_use'] = 'Domain Speicherplatzlimit muss größer oder gleich %d MiB sein';
$lang['danger']['max_quota_in_use'] = 'Mailbox-Speicherplatzlimit muss größer oder gleich %d MiB sein';
$lang['danger']['domain_quota_m_in_use'] = 'Domain-Speicherplatzlimit muss größer oder gleich %d MiB sein';
$lang['danger']['mailboxes_in_use'] = 'Maximale Anzahl an Mailboxen muss größer oder gleich %d sein';
$lang['danger']['aliases_in_use'] = 'Maximale Anzahl an Aliassen muss größer oder gleich %d sein';
$lang['danger']['sender_acl_invalid'] = 'Sender ACL %s ist ungültig';
@ -375,7 +375,7 @@ $lang['edit']['mailbox'] = 'Mailbox bearbeiten';
$lang['edit']['description'] = 'Beschreibung';
$lang['edit']['max_aliases'] = 'Max. Aliasse';
$lang['edit']['max_quota'] = 'Max. Größe per Mailbox (MiB)';
$lang['edit']['domain_quota'] = 'Domain Speicherplatz gesamt (MiB)';
$lang['edit']['domain_quota'] = 'Domain-Speicherplatz gesamt (MiB)';
$lang['edit']['backup_mx_options'] = 'Backup MX Optionen';
$lang['edit']['relay_domain'] = 'Diese Domain relayen';
$lang['edit']['relay_all'] = 'Alle Empfänger-Adressen relayen';
@ -474,7 +474,7 @@ $lang['add']['description'] = 'Beschreibung';
$lang['add']['max_aliases'] = 'Max. mögliche Aliasse';
$lang['add']['max_mailboxes'] = 'Max. mögliche Mailboxen';
$lang['add']['mailbox_quota_m'] = 'Max. Speicherplatz pro Mailbox (MiB)';
$lang['add']['domain_quota_m'] = 'Domain Speicherplatz gesamt (MiB)';
$lang['add']['domain_quota_m'] = 'Domain-Speicherplatz gesamt (MiB)';
$lang['add']['backup_mx_options'] = 'Backup MX Optionen';
$lang['add']['relay_all'] = 'Alle Empfänger-Adressen relayen';
$lang['add']['relay_domain'] = 'Relay Domain';
@ -545,7 +545,7 @@ $lang['tfa']['confirm_totp_token'] = "Bitte bestätigen Sie die Änderung durch
$lang['admin']['rspamd-com_settings'] = '<a href="https://rspamd.com/doc/configuration/settings.html#settings-structure" target="_blank">Rspamd docs</a>
- Ein Name wird automatisch generiert. Beispielinhalte zur Einsicht stehen nachstehend bereit.';
$lang['admin']['no_new_rows'] = 'Keine weiteren Zeilen vorhanden';
$lang['admin']['additional_rows'] = ' zusätzliche Zeilen geladen'; // parses to 'n additional rows were added'
$lang['admin']['private_key'] = 'Private Key';
@ -825,6 +825,13 @@ $lang['debug']['solr_last_modified'] = 'Zuletzt geändert';
$lang['debug']['solr_size'] = 'Größe';
$lang['debug']['solr_docs'] = 'Dokumente';
$lang['debug']['disk_usage'] = 'Festplattenauslastung';
$lang['debug']['containers_info'] = "Container-Informationen";
$lang['debug']['disk_space'] = "Verfügbarer Speicherplatz:";
$lang['debug']['disk_used'] = "Von Mailboxen belegter Speicherplatz:";
$lang['debug']['total_quota'] = "Zugewiesener Domain-Speicherplatz:";
$lang['quarantine']['release_body'] = "Die ursprüngliche Nachricht wurde als EML-Datei im Anhang hinterlegt.";
$lang['danger']['release_send_failed'] = "Die Nachricht konnte nicht versendet werden: %s";
$lang['quarantine']['release_subject'] = "Potentiell schädliche Nachricht aus Quarantäne: %s";

View File

@ -849,6 +849,10 @@ $lang['debug']['disk_usage'] = 'Disk usage';
$lang['debug']['containers_info'] = "Container information";
$lang['debug']['restart_container'] = 'Restart';
$lang['debug']['disk_space'] = "Available disk space:";
$lang['debug']['disk_used'] = "Disk space occupied by mailboxes:";
$lang['debug']['total_quota'] = "Total amount of assigned domain quota:";
$lang['quarantine']['release_body'] = "We have attached your message as eml file to this message.";
$lang['danger']['release_send_failed'] = "Message could not be released: %s";
$lang['quarantine']['release_subject'] = "Potentially damaging quarantine item %s";
@ -936,4 +940,3 @@ $lang['mailbox']['alias_domain_backupmx'] = 'Alias domain inactive for relay dom
$lang['danger']['extra_acl_invalid'] = 'External sender address "%s" is invalid';
$lang['danger']['extra_acl_invalid_domain'] = 'External sender "%s" uses an invalid domain';