paxton
/
mailcow
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[Web] Allow ratelimt per user, overrides domain tl

master
andryyy 2017-09-12 20:57:54 +02:00
parent eeaa48a729
commit 998523bdfa
3 changed files with 74 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
data/web/edit.php
View File

@ -138,7 +138,7 @@ if (isset($_SESSION['mailcow_cc_role'])) {
!empty($_GET["domain"])) {
$domain = $_GET["domain"];
$result = mailbox('get', 'domain_details', $domain);
$rl = mailbox('get', 'domain_ratelimit', $domain);
$rl = mailbox('get', 'ratelimit', $domain);
$rlyhosts = relayhost('get');
if (!empty($result)) {
?>
@ -251,7 +251,7 @@ if (isset($_SESSION['mailcow_cc_role'])) {
</select>
</div>
<div class="form-group">
<button class="btn btn-default" id="edit_selected" data-id="domratelimit" data-item="<?=$domain;?>" data-api-url='edit/domain-ratelimit' data-api-attr='{}' href="#"><?=$lang['admin']['save'];?></button>
<button class="btn btn-default" id="edit_selected" data-id="domratelimit" data-item="<?=$domain;?>" data-api-url='edit/ratelimit' data-api-attr='{}' href="#"><?=$lang['admin']['save'];?></button>
</div>
</form>
<hr>
@ -314,7 +314,7 @@ if (isset($_SESSION['mailcow_cc_role'])) {
!empty($_GET["aliasdomain"])) {
$alias_domain = $_GET["aliasdomain"];
$result = mailbox('get', 'alias_domain_details', $alias_domain);
$rl = mailbox('get', 'domain_ratelimit', $alias_domain);
$rl = mailbox('get', 'ratelimit', $alias_domain);
if (!empty($result)) {
?>
<h4><?=$lang['edit']['edit_alias_domain'];?></h4>
@ -353,7 +353,7 @@ if (isset($_SESSION['mailcow_cc_role'])) {
</select>
</div>
<div class="form-group">
<button class="btn btn-default" id="edit_selected" data-id="domratelimit" data-item="<?=$alias_domain;?>" data-api-url='edit/domain-ratelimit' data-api-attr='{}' href="#"><?=$lang['admin']['save'];?></button>
<button class="btn btn-default" id="edit_selected" data-id="domratelimit" data-item="<?=$alias_domain;?>" data-api-url='edit/ratelimit' data-api-attr='{}' href="#"><?=$lang['admin']['save'];?></button>
</div>
</form>
<?php
@ -380,6 +380,7 @@ if (isset($_SESSION['mailcow_cc_role'])) {
elseif (isset($_GET['mailbox']) && filter_var($_GET["mailbox"], FILTER_VALIDATE_EMAIL) && !empty($_GET["mailbox"])) {
$mailbox = $_GET["mailbox"];
$result = mailbox('get', 'mailbox_details', $mailbox);
$rl = mailbox('get', 'ratelimit', $mailbox);
if (!empty($result)) {
?>
<h4><?=$lang['edit']['mailbox'];?></h4>
@ -478,6 +479,23 @@ if (isset($_SESSION['mailcow_cc_role'])) {
</div>
</div>
</form>
<hr>
<form data-id="mboxratelimit" class="form-inline well" method="post">
<div class="form-group">
<label class="control-label">Ratelimit</label>
<input name="rl_value" id="rl_value" type="number" value="<?=(!empty($rl['value'])) ? $rl['value'] : null;?>" class="form-control" placeholder="disabled">
</div>
<div class="form-group">
<select name="rl_frame" id="rl_frame" class="form-control">
<option value="s" <?=(isset($rl['frame']) && $rl['frame'] == 's') ? 'selected' : null;?>>msgs / second</option>
<option value="m" <?=(isset($rl['frame']) && $rl['frame'] == 'm') ? 'selected' : null;?>>msgs / minute</option>
<option value="h" <?=(isset($rl['frame']) && $rl['frame'] == 'h') ? 'selected' : null;?>>msgs / hour</option>
</select>
</div>
<div class="form-group">
<button class="btn btn-default" id="edit_selected" data-id="mboxratelimit" data-item="<?=$mailbox;?>" data-api-url='edit/ratelimit' data-api-attr='{}' href="#"><?=$lang['admin']['save'];?></button>
</div>
</form>
<?php
}
}

65
data/web/inc/functions.mailbox.inc.php
View File

@ -1189,7 +1189,7 @@ function mailbox($_action, $_type, $_data = null) {
'msg' => sprintf($lang['success']['mailbox_modified'], implode(', ', $usernames))
);
break;
case 'domain_ratelimit':
case 'ratelimit':
$rl_value = intval($_data['rl_value']);
$rl_frame = $_data['rl_frame'];
if (!in_array($rl_frame, array('s', 'm', 'h'))) {
@ -1199,24 +1199,38 @@ function mailbox($_action, $_type, $_data = null) {
);
return false;
}
if (!is_array($_data['domain'])) {
$domains = array();
$domains[] = $_data['domain'];
if (!is_array($_data['object'])) {
$objects = array();
$objects[] = $_data['object'];
}
else {
$domains = $_data['domain'];
$objects = $_data['object'];
}
foreach ($domains as $domain) {
if (!is_valid_domain_name($domain) || !hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['access_denied'])
);
foreach ($objects as $object) {
if (is_valid_domain_name($object)) {
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $object)) {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['access_denied'])
);
return false;
}
}
elseif (filter_var($object, FILTER_VALIDATE_EMAIL)) {
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $object)) {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['access_denied'])
);
return false;
}
}
else {
return false;
}
if (empty($rl_value)) {
try {
$redis->hDel('RL_VALUE', $domain);
$redis->hDel('RL_VALUE', $object);
}
catch (RedisException $e) {
$_SESSION['return'] = array(
@ -1228,7 +1242,7 @@ function mailbox($_action, $_type, $_data = null) {
}
else {
try {
$redis->hSet('RL_VALUE', $domain, $rl_value . ' / 1' . $rl_frame);
$redis->hSet('RL_VALUE', $object, $rl_value . ' / 1' . $rl_frame);
}
catch (RedisException $e) {
$_SESSION['return'] = array(
@ -1241,7 +1255,7 @@ function mailbox($_action, $_type, $_data = null) {
}
$_SESSION['return'] = array(
'type' => 'success',
'msg' => sprintf($lang['success']['domain_modified'], implode(', ', $domains))
'msg' => sprintf($lang['success']['domain_modified'], implode(', ', $objects))
);
break;
case 'syncjob':
@ -2385,9 +2399,26 @@ function mailbox($_action, $_type, $_data = null) {
}
return $aliases;
break;
case 'domain_ratelimit':
$aliases = array();
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $_data)) {
case 'ratelimit':
if (is_valid_domain_name($_data)) {
if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $_data)) {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['access_denied'])
);
return false;
}
}
elseif (filter_var($_data, FILTER_VALIDATE_EMAIL)) {
if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $_data)) {
$_SESSION['return'] = array(
'type' => 'danger',
'msg' => sprintf($lang['danger']['access_denied'])
);
return false;
}
}
else {
return false;
}
try {

8
data/web/json_api.php
View File

@ -2133,13 +2133,13 @@ if (isset($_SESSION['mailcow_cc_role']) || isset($_SESSION['pending_mailcow_cc_u
));
}
break;
case "domain-ratelimit":
case "ratelimit":
if (isset($_POST['items']) && isset($_POST['attr'])) {
$items = (array)json_decode($_POST['items'], true);
$attr = (array)json_decode($_POST['attr'], true);
$postarray = array_merge(array('domain' => $items), $attr);
if (is_array($postarray['domain'])) {
if (mailbox('edit', 'domain_ratelimit', $postarray) === false) {
$postarray = array_merge(array('object' => $items), $attr);
if (is_array($postarray['object'])) {
if (mailbox('edit', 'ratelimit', $postarray) === false) {
if (isset($_SESSION['return'])) {
echo json_encode($_SESSION['return']);
}