From 47a15c21aaa69715e88535fc72925714004dfa2c Mon Sep 17 00:00:00 2001 From: andryyy Date: Thu, 16 Apr 2020 21:58:30 +0200 Subject: [PATCH] [Rspamd] Pushover, check sender by regex --- data/conf/rspamd/meta_exporter/pushover.php | 8 ++++ data/web/edit.php | 7 +++- data/web/inc/functions.inc.php | 3 ++ data/web/inc/functions.pushover.inc.php | 42 ++++++++++++++++----- data/web/inc/init_db.inc.php | 3 +- data/web/js/build/012-api.js | 13 +++++++ data/web/lang/lang.de.json | 10 +++-- data/web/lang/lang.en.json | 8 ++-- data/web/user.php | 9 ++++- 9 files changed, 82 insertions(+), 21 deletions(-) diff --git a/data/conf/rspamd/meta_exporter/pushover.php b/data/conf/rspamd/meta_exporter/pushover.php index 637b103a..680c20e8 100644 --- a/data/conf/rspamd/meta_exporter/pushover.php +++ b/data/conf/rspamd/meta_exporter/pushover.php @@ -201,7 +201,15 @@ foreach ($rcpt_final_mailboxes as $rcpt_final) { $attributes = json_decode($api_data['attributes'], true); $senders = explode(',', $api_data['senders']); $senders = array_filter($senders); + $senders_regex = $api_data['senders_regex']; + $sender_validated = true; + if (!empty($senders_regex) && !preg_match($senders_regex, $sender)) { + $sender_validated = false; + } if (!empty($senders) && !in_array($sender, $senders)) { + $sender_validated = false; + } + if ($sender_validated === false) { error_log("NOTIFY: pushover pipe: skipping unwanted sender " . $sender); continue; } diff --git a/data/web/edit.php b/data/web/edit.php index 6d92b28e..668b69f4 100644 --- a/data/web/edit.php +++ b/data/web/edit.php @@ -738,7 +738,6 @@ if (isset($_SESSION['mailcow_cc_role'])) { -

@@ -777,6 +776,12 @@ if (isset($_SESSION['mailcow_cc_role'])) {
+
+
+ + +
+
diff --git a/data/web/inc/functions.inc.php b/data/web/inc/functions.inc.php index 74a13391..03eece88 100644 --- a/data/web/inc/functions.inc.php +++ b/data/web/inc/functions.inc.php @@ -1,4 +1,7 @@ 'danger', + 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr), + 'msg' => 'access_denied' + ); + continue; + } + if (!empty($senders_regex) && !is_valid_regex($senders_regex)) { + $_SESSION['return'][] = array( + 'type' => 'danger', + 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr), + 'msg' => 'Invalid regex' + ); + continue; + } + $senders = array_map('trim', preg_split( "/( |,|;|\n)/", $senders)); foreach ($senders as $i => &$sender) { if (empty($sender)) { continue; @@ -75,21 +99,19 @@ function pushover($_action, $_data = null) { ); continue; } - $title = $_data['title']; - $text = $_data['text']; - $active = intval($_data['active']); $po_attributes = json_encode( array( 'evaluate_x_prio' => strval(intval($evaluate_x_prio)), 'only_x_prio' => strval(intval($only_x_prio)) ) ); - $stmt = $pdo->prepare("REPLACE INTO `pushover` (`username`, `key`, `attributes`, `senders`, `token`, `title`, `text`, `active`) - VALUES (:username, :key, :po_attributes, :senders, :token, :title, :text, :active)"); + $stmt = $pdo->prepare("REPLACE INTO `pushover` (`username`, `key`, `attributes`, `senders_regex`, `senders`, `token`, `title`, `text`, `active`) + VALUES (:username, :key, :po_attributes, :senders_regex, :senders, :token, :title, :text, :active)"); $stmt->execute(array( ':username' => $username, ':key' => $key, ':po_attributes' => $po_attributes, + ':senders_regex' => $senders_regex, ':senders' => $senders, ':token' => $token, ':title' => $title, diff --git a/data/web/inc/init_db.inc.php b/data/web/inc/init_db.inc.php index 0f257097..3506c97d 100644 --- a/data/web/inc/init_db.inc.php +++ b/data/web/inc/init_db.inc.php @@ -3,7 +3,7 @@ function init_db_schema() { try { global $pdo; - $db_version = "16042020_1004"; + $db_version = "16042020_2104"; $stmt = $pdo->query("SHOW TABLES LIKE 'versions'"); $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC)); @@ -841,6 +841,7 @@ function init_db_schema() { "title" => "TEXT", "text" => "TEXT", "senders" => "TEXT", + "senders_regex" => "TEXT", "active" => "TINYINT(1) NOT NULL DEFAULT '1'" ), "keys" => array( diff --git a/data/web/js/build/012-api.js b/data/web/js/build/012-api.js index 9b34904f..b0808590 100644 --- a/data/web/js/build/012-api.js +++ b/data/web/js/build/012-api.js @@ -4,6 +4,7 @@ $(document).ready(function() { var re = /^(([^<>()[\]\\.,;:\s@\"]+(\.[^<>()[\]\\.,;:\s@\"]+)*)|(\".+\"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/; return re.test(email); } + function validateRegex(e){var t=e.split("/"),n=e,r="";t.length>1&&(n=t[1],r=t[2]);try{return new RegExp(n,r),!0}catch(e){return!1}} function is_active(elem) { if ($(elem).data('submitted') == '1') { return true; @@ -134,6 +135,18 @@ $(document).ready(function() { } } } + if ($(this).val() && $(this).attr("regex")) { + var regex_content = $(this).val(); + $(this).removeClass('inputMissingAttr'); + if(!validateRegex(regex_content)) { + invalid = true; + $(this).addClass('inputMissingAttr'); + } + if(!regex_content.startsWith('/') || !/\/[ims]?$/.test(regex_content)){ + invalid = true; + $(this).addClass('inputMissingAttr'); + } + } }); if (!invalid) { var attr_to_merge = $(this).closest("form").serializeObject(); diff --git a/data/web/lang/lang.de.json b/data/web/lang/lang.de.json index faf9eab6..74d8423a 100644 --- a/data/web/lang/lang.de.json +++ b/data/web/lang/lang.de.json @@ -237,8 +237,9 @@ "pushover_title": "Notification Titel", "text": "Text", "pushover_text": "Notification Text", - "pushover_vars": "Verwendbare Variablen für Titel und Text (Datenschutzrichtlinien beachten)", - "pushover_sender_array": "Nur folgende Sender E-Mail-Adressen berücksichtigen (getrennt durch Komma)", + "pushover_vars": "Wenn kein Sender-Filter definiert ist, werden alle E-Mails berücksichtigt.
Die direkte Absenderprüfung und reguläre Ausdrücke werden unabhängig voneinander geprüft, sie hängen nicht voneinander ab und werden der Reihe nach ausgeführt.
Verwendbare Variablen für Titel und Text (Datenschutzrichtlinien beachten)", + "pushover_sender_array": "Folgende Sender E-Mail-Adressen berücksichtigen (getrennt durch Komma)", + "pushover_sender_regex": "Sender mit folgendem regulären Ausdruck auswählen", "last_mail_login": "Letzter Mail-Login", "no_last_login": "Keine letzte UI Anmeldung gespeichert", "save": "Änderungen speichern", @@ -357,8 +358,9 @@ "pushover_title": "Notification Titel", "text": "Text", "pushover_text": "Notification Text", - "pushover_vars": "Verwendbare Variablen für Titel und Text (Datenschutzrichtlinien beachten)", - "pushover_sender_array": "Nur folgende Sender E-Mail-Adressen berücksichtigen (getrennt durch Komma)", + "pushover_vars": "Wenn kein Sender-Filter definiert ist, werden alle E-Mails berücksichtigt.
Die direkte Absenderprüfung und reguläre Ausdrücke werden unabhängig voneinander geprüft, sie hängen nicht voneinander ab und werden der Reihe nach ausgeführt.
Verwendbare Variablen für Titel und Text (Datenschutzrichtlinien beachten)", + "pushover_sender_array": "Folgende Sender E-Mail-Adressen berücksichtigen (getrennt durch Komma)", + "pushover_sender_regex": "Sender mit folgendem regulären Ausdruck auswählen", "spamfilter": "Spamfilter", "domain_s": "Domain(s)", "rspamd-com_settings": "Ein Name wird automatisch generiert. Beispielinhalte zur Einsicht stehen nachstehend bereit. Siehe auch Rspamd docs", diff --git a/data/web/lang/lang.en.json b/data/web/lang/lang.en.json index 7aded417..15fa0263 100644 --- a/data/web/lang/lang.en.json +++ b/data/web/lang/lang.en.json @@ -237,8 +237,9 @@ "pushover_title": "Notification title", "text": "Text", "pushover_text": "Notification text", - "pushover_vars": "Useable variables for text and title (please take note of data protection)", - "pushover_sender_array": "Only consider the following sender email addresses (comma-separated)", + "pushover_vars": "When no sender filter is defined, all mails will be considered.
Regex filters as well as exact sender checks can be defined individually and will be considered sequentially. They do not depend on each other.
Useable variables for text and title (please take note of data protection policies)", + "pushover_sender_array": "Consider the following sender email addresses (comma-separated)", + "pushover_sender_regex": "Match senders by the following regex", "no_last_login": "No last UI login information", "last_mail_login": "Last mail login", "save": "Save changes", @@ -357,8 +358,9 @@ "pushover_title": "Notification title", "text": "Text", "pushover_text": "Notification text", - "pushover_vars": "Useable variables for text and title (please take note of data protection)", + "pushover_vars": "When no sender filter is defined, all mails will be considered.
Regex filters as well as exact sender checks can be defined individually and will be considered sequentially. They do not depend on each other.
Useable variables for text and title (please take note of data protection policies)", "pushover_sender_array": "Only consider the following sender email addresses (comma-separated)", + "pushover_sender_regex": "Consider the following sender regex", "spamfilter": "Spam filter", "domain": "Domain", "domain_s": "Domain/s", diff --git a/data/web/user.php b/data/web/user.php index e581e09e..936eff94 100644 --- a/data/web/user.php +++ b/data/web/user.php @@ -479,7 +479,6 @@ elseif (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == ' -

@@ -515,7 +514,13 @@ elseif (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == '
- + +
+
+
+
+ +