Gitiles
Code Review Sign In
gerrit.benkard.de / kubeia / b382b1029eb22053bfe89c2042f46369d29cf821^! / . / mailcow / src / mailcow-dockerized / data / web / inc / functions.pushover.inc.php
commitb382b1029eb22053bfe89c2042f46369d29cf821[log] [tgz]
authorMatthias Andreas Benkard <code@mail.matthias.benkard.de>Sat Jan 02 15:32:21 2021 +0100
committerMatthias Andreas Benkard <code@mail.matthias.benkard.de>Sat Jan 02 15:32:21 2021 +0100
tree02aa76cf6a8fc0031d564c4f8cf82cd20aa2067a
parent6e270560206c2f99e57faf1c6de62268037aeb62 [diff] [blame]
git subrepo clone https://github.com/mailcow/mailcow-dockerized.git mailcow/src/mailcow-dockerized

subrepo: subdir:   "mailcow/src/mailcow-dockerized"
  merged:   "a832becb"
upstream: origin:   "https://github.com/mailcow/mailcow-dockerized.git"
  branch:   "master"
  commit:   "a832becb"
git-subrepo: version:  "0.4.3"
  origin:   "???"
  commit:   "???"
Change-Id: If5be2d621a211e164c9b6577adaa7884449f16b5

diff --git a/mailcow/src/mailcow-dockerized/data/web/inc/functions.pushover.inc.php b/mailcow/src/mailcow-dockerized/data/web/inc/functions.pushover.inc.php
new file mode 100644
index 0000000..e8d4670
--- /dev/null
+++ b/mailcow/src/mailcow-dockerized/data/web/inc/functions.pushover.inc.php

@@ -0,0 +1,221 @@
+<?php

+function pushover($_action, $_data = null) {

+	global $pdo;

+  switch ($_action) {

+    case 'edit':

+      if (!isset($_SESSION['acl']['pushover']) || $_SESSION['acl']['pushover'] != "1" ) {

+        $_SESSION['return'][] = array(

+          'type' => 'danger',

+          'log' => array(__FUNCTION__, $_action, $_data),

+          'msg' => 'access_denied'

+        );

+        return false;

+      }

+      if (!is_array($_data['username'])) {

+        $usernames = array();

+        $usernames[] = $_data['username'];

+      }

+      else {

+        $usernames = $_data['username'];

+      }

+      foreach ($usernames as $username) {

+        if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $username)) {

+          $_SESSION['return'][] = array(

+            'type' => 'danger',

+            'log' => array(__FUNCTION__, $_action, $_data),

+            'msg' => 'access_denied'

+          );

+          continue;

+        }

+        $delete = $_data['delete'];

+        if ($delete == "true") {

+          $stmt = $pdo->prepare("DELETE FROM `pushover` WHERE `username` = :username");

+          $stmt->execute(array(

+            ':username' => $username

+          ));

+          $_SESSION['return'][] = array(

+            'type' => 'success',

+            'log' => array(__FUNCTION__, $_action, $_data),

+            'msg' => 'pushover_settings_edited'

+          );

+          continue;

+        }

+        $is_now = pushover('get', $username);

+        if (!empty($is_now)) {

+          $key = (!empty($_data['key'])) ? $_data['key'] : $is_now['key'];

+          $token = (!empty($_data['token'])) ? $_data['token'] : $is_now['token'];

+          $senders = (isset($_data['senders'])) ? $_data['senders'] : $is_now['senders'];

+          $senders_regex = (isset($_data['senders_regex'])) ? $_data['senders_regex'] : $is_now['senders_regex'];

+          $title = (!empty($_data['title'])) ? $_data['title'] : $is_now['title'];

+          $text = (!empty($_data['text'])) ? $_data['text'] : $is_now['text'];

+          $active = (isset($_data['active'])) ? intval($_data['active']) : $is_now['active'];

+          $evaluate_x_prio = (isset($_data['evaluate_x_prio'])) ? intval($_data['evaluate_x_prio']) : $is_now['evaluate_x_prio'];

+          $only_x_prio = (isset($_data['only_x_prio'])) ? intval($_data['only_x_prio']) : $is_now['only_x_prio'];

+        }

+        else {

+          $_SESSION['return'][] = array(

+            'type' => 'danger',

+            'log' => array(__FUNCTION__, $_action, $_data),

+            'msg' => 'access_denied'

+          );

+          continue;

+        }

+        if (!empty($senders_regex) && !is_valid_regex($senders_regex)) {

+          $_SESSION['return'][] = array(

+            'type' => 'danger',

+            'log' => array(__FUNCTION__, $_action, $_data),

+            'msg' => 'Invalid regex'

+          );

+          continue;

+        }

+        $senders = array_map('trim', preg_split( "/( |,|;|\n)/", $senders));

+        foreach ($senders as $i => &$sender) {

+          if (empty($sender)) {

+            continue;

+          }

+          if (!filter_var($sender, FILTER_VALIDATE_EMAIL) === true) {

+            unset($senders[$i]);

+            continue;

+          }

+          $senders[$i] = preg_replace('/\.(?=.*?@gmail\.com$)/', '$1', $sender);

+        }

+        $senders = array_filter($senders);

+        if (empty($senders)) { $senders = ''; }

+        $senders = implode(",", $senders);

+        if (!ctype_alnum($key) || strlen($key) != 30) {

+          $_SESSION['return'][] = array(

+            'type' => 'danger',

+            'log' => array(__FUNCTION__, $_action, $_data, $_data),

+            'msg' => 'pushover_key'

+          );

+          continue;

+        }

+        if (!ctype_alnum($token) || strlen($token) != 30) {

+          $_SESSION['return'][] = array(

+            'type' => 'danger',

+            'log' => array(__FUNCTION__, $_action, $_data, $_data),

+            'msg' => 'pushover_token'

+          );

+          continue;

+        }

+        $po_attributes = json_encode(

+          array(

+            'evaluate_x_prio' => strval(intval($evaluate_x_prio)),

+            'only_x_prio' => strval(intval($only_x_prio))

+          )

+        );

+        $stmt = $pdo->prepare("REPLACE INTO `pushover` (`username`, `key`, `attributes`, `senders_regex`, `senders`, `token`, `title`, `text`, `active`)

+          VALUES (:username, :key, :po_attributes, :senders_regex, :senders, :token, :title, :text, :active)");

+        $stmt->execute(array(

+          ':username' => $username,

+          ':key' => $key,

+          ':po_attributes' => $po_attributes,

+          ':senders_regex' => $senders_regex,

+          ':senders' => $senders,

+          ':token' => $token,

+          ':title' => $title,

+          ':text' => $text,

+          ':active' => $active

+        ));

+        $_SESSION['return'][] = array(

+          'type' => 'success',

+          'log' => array(__FUNCTION__, $_action, $_data),

+          'msg' => 'pushover_settings_edited'

+        );

+      }

+    break;

+    case 'get':

+      if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $_data)) {

+        $_SESSION['return'][] = array(

+          'type' => 'danger',

+          'log' => array(__FUNCTION__, $_action, $_data),

+          'msg' => 'access_denied'

+        );

+        return false;

+      }

+      $stmt = $pdo->prepare("SELECT * FROM `pushover` WHERE `username` = :username");

+      $stmt->execute(array(

+        ':username' => $_data

+      ));

+      $data = $stmt->fetch(PDO::FETCH_ASSOC);

+      $data['attributes'] = json_decode($data['attributes'], true);

+      if (empty($data)) {

+        return false;

+      }

+      else {

+        return $data;

+      }

+    break;

+    case 'test':

+      if (!isset($_SESSION['acl']['pushover']) || $_SESSION['acl']['pushover'] != "1" ) {

+        $_SESSION['return'][] = array(

+          'type' => 'danger',

+          'log' => array(__FUNCTION__, $_action, $_data),

+          'msg' => 'access_denied'

+        );

+        return false;

+      }

+      if (!is_array($_data['username'])) {

+        $usernames = array();

+        $usernames[] = $_data['username'];

+      }

+      else {

+        $usernames = $_data['username'];

+      }

+      foreach ($usernames as $username) {

+        if (!hasMailboxObjectAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $username)) {

+          $_SESSION['return'][] = array(

+            'type' => 'danger',

+            'log' => array(__FUNCTION__, $_action, $_data),

+            'msg' => 'access_denied'

+          );

+          continue;

+        }

+        $stmt = $pdo->prepare("SELECT * FROM `pushover`

+          WHERE `username` = :username");

+        $stmt->execute(array(

+          ':username' => $username

+        ));

+        $api_data = $stmt->fetch(PDO::FETCH_ASSOC);

+        if (!empty($api_data)) {

+          $title = (!empty($api_data['title'])) ? $api_data['title'] : 'Mail';

+          $text = (!empty($api_data['text'])) ? $api_data['text'] : 'You\'ve got mail 📧';

+          curl_setopt_array($ch = curl_init(), array(

+            CURLOPT_URL => "https://api.pushover.net/1/users/validate.json",

+            CURLOPT_POSTFIELDS => array(

+              "token" => $api_data['token'],

+              "user" => $api_data['key']

+            ),

+            CURLOPT_SAFE_UPLOAD => true,

+            CURLOPT_RETURNTRANSFER => true,

+          ));

+          $result = curl_exec($ch);

+          $httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE);

+          curl_close($ch);

+          if ($httpcode == 200) {

+            $_SESSION['return'][] = array(

+              'type' => 'success',

+              'log' => array(__FUNCTION__, $_action, $_data),

+              'msg' => sprintf('Pushover API OK (%d): %s', $httpcode, $result)

+            );

+          }

+          else {

+            $_SESSION['return'][] = array(

+              'type' => 'danger',

+              'log' => array(__FUNCTION__, $_action, $_data),

+              'msg' => sprintf('Pushover API ERR (%d): %s', $httpcode, $result)

+            );

+          }

+        }

+        else {

+          $_SESSION['return'][] = array(

+            'type' => 'danger',

+            'log' => array(__FUNCTION__, $_action, $_data),

+            'msg' => 'pushover_credentials_missing'

+          );

+          return false;

+        }

+      }

+    break;

+  }

+}