git subrepo clone https://github.com/mailcow/mailcow-dockerized.git mailcow/src/mailcow-dockerized
subrepo: subdir: "mailcow/src/mailcow-dockerized"
merged: "a832becb"
upstream: origin: "https://github.com/mailcow/mailcow-dockerized.git"
branch: "master"
commit: "a832becb"
git-subrepo: version: "0.4.3"
origin: "???"
commit: "???"
Change-Id: If5be2d621a211e164c9b6577adaa7884449f16b5
diff --git a/mailcow/src/mailcow-dockerized/data/web/json_api.php b/mailcow/src/mailcow-dockerized/data/web/json_api.php
new file mode 100644
index 0000000..46d6e35
--- /dev/null
+++ b/mailcow/src/mailcow-dockerized/data/web/json_api.php
@@ -0,0 +1,1679 @@
+<?php
+/*
+ see /api
+*/
+
+header('Content-Type: application/json');
+require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/prerequisites.inc.php';
+error_reporting(0);
+
+function api_log($_data) {
+ global $redis;
+ $data_var = array();
+ foreach ($_data as $data => &$value) {
+ if ($data == 'csrf_token') {
+ continue;
+ }
+ if ($value = json_decode($value, true)) {
+ unset($value["csrf_token"]);
+ foreach ($value as $key => &$val) {
+ if(preg_match("/pass/i", $key)) {
+ $val = '*';
+ }
+ }
+ $value = json_encode($value);
+ }
+ $data_var[] = $data . "='" . $value . "'";
+ }
+ try {
+ $log_line = array(
+ 'time' => time(),
+ 'uri' => $_SERVER['REQUEST_URI'],
+ 'method' => $_SERVER['REQUEST_METHOD'],
+ 'remote' => get_remote_ip(),
+ 'data' => implode(', ', $data_var)
+ );
+ $redis->lPush('API_LOG', json_encode($log_line));
+ }
+ catch (RedisException $e) {
+ $_SESSION['return'][] = array(
+ 'type' => 'danger',
+ 'msg' => 'Redis: '.$e
+ );
+ return false;
+ }
+}
+
+if (isset($_GET['query'])) {
+
+ $query = explode('/', $_GET['query']);
+ $action = (isset($query[0])) ? $query[0] : null;
+ $category = (isset($query[1])) ? $query[1] : null;
+ $object = (isset($query[2])) ? $query[2] : null;
+ $extra = (isset($query[3])) ? $query[3] : null;
+
+ // accept json in request body
+ if(strpos($_SERVER['HTTP_CONTENT_TYPE'], 'application/json') !== false) {
+ $request = file_get_contents('php://input');
+ $requestDecoded = json_decode($request, true);
+
+ // check for valid json
+ if ($action != 'get' && $requestDecoded === null) {
+ http_response_code(400);
+ echo json_encode(array(
+ 'type' => 'error',
+ 'msg' => 'Request body doesn\'t contain valid json!'
+ ));
+ exit;
+ }
+
+ // add
+ if ($action == 'add') {
+ $_POST['attr'] = $request;
+ }
+
+ // edit
+ if ($action == 'edit') {
+ $_POST['attr'] = json_encode($requestDecoded['attr']);
+ $_POST['items'] = json_encode($requestDecoded['items']);
+ }
+
+ // delete
+ if ($action == 'delete') {
+ $_POST['items'] = $request;
+ }
+
+ }
+ api_log($_POST);
+
+ $request_incomplete = json_encode(array(
+ 'type' => 'error',
+ 'msg' => 'Cannot find attributes in post data'
+ ));
+
+ switch ($action) {
+ case "add":
+ if ($_SESSION['mailcow_cc_api_access'] == 'ro' || isset($_SESSION['pending_mailcow_cc_username'])) {
+ http_response_code(403);
+ echo json_encode(array(
+ 'type' => 'error',
+ 'msg' => 'API read/write access denied'
+ ));
+ exit();
+ }
+ function process_add_return($return) {
+ $generic_failure = json_encode(array(
+ 'type' => 'error',
+ 'msg' => 'Cannot add item'
+ ));
+ $generic_success = json_encode(array(
+ 'type' => 'success',
+ 'msg' => 'Task completed'
+ ));
+ if ($return === false) {
+ echo isset($_SESSION['return']) ? json_encode($_SESSION['return']) : $generic_failure;
+ }
+ else {
+ echo isset($_SESSION['return']) ? json_encode($_SESSION['return']) : $generic_success;
+ }
+ }
+ if (!isset($_POST['attr']) && $category != "fido2-registration") {
+ echo $request_incomplete;
+ exit;
+ }
+ else {
+ if ($category != "fido2-registration") {
+ $attr = (array)json_decode($_POST['attr'], true);
+ }
+ unset($attr['csrf_token']);
+ }
+ // only allow POST requests to POST API endpoints
+ if ($_SERVER['REQUEST_METHOD'] != 'POST') {
+ http_response_code(405);
+ echo json_encode(array(
+ 'type' => 'error',
+ 'msg' => 'only POST method is allowed'
+ ));
+ exit();
+ }
+
+ switch ($category) {
+ // fido2-registration via POST
+ case "fido2-registration":
+ header('Content-Type: application/json');
+ if (isset($_SESSION["mailcow_cc_role"]) && ($_SESSION["mailcow_cc_role"] == "admin" || $_SESSION["mailcow_cc_role"] == "domainadmin")) {
+ $post = trim(file_get_contents('php://input'));
+ if ($post) {
+ $post = json_decode($post);
+ }
+ $clientDataJSON = base64_decode($post->clientDataJSON);
+ $attestationObject = base64_decode($post->attestationObject);
+ $challenge = $_SESSION['challenge'];
+ try {
+ $data = $WebAuthn->processCreate($clientDataJSON, $attestationObject, $challenge, $GLOBALS['FIDO2_UV_FLAG_REGISTER'], $GLOBALS['FIDO2_USER_PRESENT_FLAG']);
+ }
+ catch (Throwable $ex) {
+ $return = new stdClass();
+ $return->success = false;
+ $return->msg = $ex->getMessage();
+ echo json_encode($return);
+ exit;
+ }
+ fido2(array("action" => "register", "registration" => $data));
+ $return = new stdClass();
+ $return->success = true;
+ echo json_encode($return);
+ exit;
+ }
+ else {
+ echo $request_incomplete;
+ exit;
+ }
+ break;
+ case "time_limited_alias":
+ process_add_return(mailbox('add', 'time_limited_alias', $attr));
+ break;
+ case "relayhost":
+ process_add_return(relayhost('add', $attr));
+ break;
+ case "transport":
+ process_add_return(transport('add', $attr));
+ break;
+ case "rsetting":
+ process_add_return(rsettings('add', $attr));
+ break;
+ case "mailbox":
+ process_add_return(mailbox('add', 'mailbox', $attr));
+ break;
+ case "oauth2-client":
+ process_add_return(oauth2('add', 'client', $attr));
+ break;
+ case "domain":
+ process_add_return(mailbox('add', 'domain', $attr));
+ break;
+ case "resource":
+ process_add_return(mailbox('add', 'resource', $attr));
+ break;
+ case "alias":
+ process_add_return(mailbox('add', 'alias', $attr));
+ break;
+ case "filter":
+ process_add_return(mailbox('add', 'filter', $attr));
+ break;
+ case "global-filter":
+ process_add_return(mailbox('add', 'global_filter', $attr));
+ break;
+ case "domain-policy":
+ process_add_return(policy('add', 'domain', $attr));
+ break;
+ case "mailbox-policy":
+ process_add_return(policy('add', 'mailbox', $attr));
+ break;
+ case "alias-domain":
+ process_add_return(mailbox('add', 'alias_domain', $attr));
+ break;
+ case "fwdhost":
+ process_add_return(fwdhost('add', $attr));
+ break;
+ case "dkim":
+ process_add_return(dkim('add', $attr));
+ break;
+ case "dkim_duplicate":
+ process_add_return(dkim('duplicate', $attr));
+ break;
+ case "dkim_import":
+ process_add_return(dkim('import', $attr));
+ break;
+ case "domain-admin":
+ process_add_return(domain_admin('add', $attr));
+ break;
+ case "admin":
+ process_add_return(admin('add', $attr));
+ break;
+ case "syncjob":
+ process_add_return(mailbox('add', 'syncjob', $attr));
+ break;
+ case "bcc":
+ process_add_return(bcc('add', $attr));
+ break;
+ case "recipient_map":
+ process_add_return(recipient_map('add', $attr));
+ break;
+ case "tls-policy-map":
+ process_add_return(tls_policy_maps('add', $attr));
+ break;
+ case "app-passwd":
+ process_add_return(app_passwd('add', $attr));
+ break;
+ // return no route found if no case is matched
+ default:
+ http_response_code(404);
+ echo json_encode(array(
+ 'type' => 'error',
+ 'msg' => 'route not found'
+ ));
+ exit();
+ }
+ break;
+ case "process":
+ // only allow POST requests to process API endpoints
+ if ($_SERVER['REQUEST_METHOD'] != 'POST') {
+ http_response_code(405);
+ echo json_encode(array(
+ 'type' => 'error',
+ 'msg' => 'only POST method is allowed'
+ ));
+ exit();
+ }
+ switch ($category) {
+ case "fido2-args":
+ header('Content-Type: application/json');
+ $post = trim(file_get_contents('php://input'));
+ if ($post) {
+ $post = json_decode($post);
+ }
+ $clientDataJSON = base64_decode($post->clientDataJSON);
+ $authenticatorData = base64_decode($post->authenticatorData);
+ $signature = base64_decode($post->signature);
+ $id = base64_decode($post->id);
+ $challenge = $_SESSION['challenge'];
+ $process_fido2 = fido2(array("action" => "get_by_b64cid", "cid" => $post->id));
+ if ($process_fido2['pub_key'] === false) {
+ $return = new stdClass();
+ $return->success = false;
+ echo json_encode($return);
+ exit;
+ }
+ try {
+ $WebAuthn->processGet($clientDataJSON, $authenticatorData, $signature, $process_fido2['pub_key'], $challenge, null, $GLOBALS['FIDO2_UV_FLAG_LOGIN'], $GLOBALS['FIDO2_USER_PRESENT_FLAG']);
+ }
+ catch (Throwable $ex) {
+ unset($process_fido2);
+ $return = new stdClass();
+ $return->success = false;
+ echo json_encode($return);
+ exit;
+ }
+ $return = new stdClass();
+ $return->success = true;
+ $stmt = $pdo->prepare("SELECT `superadmin` FROM `admin` WHERE `username` = :username");
+ $stmt->execute(array(':username' => $process_fido2['username']));
+ $obj_props = $stmt->fetch(PDO::FETCH_ASSOC);
+ if ($obj_props['superadmin'] === 1) {
+ $_SESSION["mailcow_cc_role"] = "admin";
+ }
+ else {
+ $_SESSION["mailcow_cc_role"] = "domainadmin";
+ }
+ $_SESSION["mailcow_cc_username"] = $process_fido2['username'];
+ $_SESSION['mailcow_cc_last_login'] = last_login($process_fido2['username']);
+ $_SESSION["fido2_cid"] = $process_fido2['cid'];
+ unset($_SESSION["challenge"]);
+ $_SESSION['return'][] = array(
+ 'type' => 'success',
+ 'log' => array("fido2_login"),
+ 'msg' => array('logged_in_as', $process_fido2['username'])
+ );
+ echo json_encode($return);
+ break;
+ }
+ break;
+ case "get":
+ function process_get_return($data) {
+ echo (!isset($data) || empty($data)) ? '{}' : json_encode($data, JSON_UNESCAPED_UNICODE | JSON_PRETTY_PRINT);
+ }
+ // only allow GET requests to GET API endpoints
+ if ($_SERVER['REQUEST_METHOD'] != 'GET') {
+ http_response_code(405);
+ echo json_encode(array(
+ 'type' => 'error',
+ 'msg' => 'only GET method is allowed'
+ ));
+ exit();
+ }
+ switch ($category) {
+ case "u2f-registration":
+ header('Content-Type: application/javascript');
+ if (isset($_SESSION["mailcow_cc_role"]) &&
+ ($_SESSION["mailcow_cc_role"] == "admin" || $_SESSION["mailcow_cc_role"] == "domainadmin") &&
+ $_SESSION["mailcow_cc_username"] == $object) {
+ list($req, $sigs) = $u2f->getRegisterData(get_u2f_registrations($object));
+ $_SESSION['regReq'] = json_encode($req);
+ $_SESSION['regSigs'] = json_encode($sigs);
+ echo 'var req = ' . json_encode($req) . ';';
+ echo 'var registeredKeys = ' . json_encode($sigs) . ';';
+ echo 'var appId = req.appId;';
+ echo 'var registerRequests = [{version: req.version, challenge: req.challenge}];';
+ return;
+ }
+ else {
+ return;
+ }
+ break;
+ // fido2-registration via GET
+ case "fido2-registration":
+ header('Content-Type: application/json');
+ if (isset($_SESSION["mailcow_cc_role"]) &&
+ ($_SESSION["mailcow_cc_role"] == "admin" || $_SESSION["mailcow_cc_role"] == "domainadmin") &&
+ $_SESSION["mailcow_cc_username"] == $object) {
+ // Exclude existing CredentialIds, if any
+ $excludeCredentialIds = fido2(array("action" => "get_user_cids"));
+ $createArgs = $WebAuthn->getCreateArgs($_SESSION["mailcow_cc_username"], $_SESSION["mailcow_cc_username"], $_SESSION["mailcow_cc_username"], 30, true, $GLOBALS['FIDO2_UV_FLAG_REGISTER'], $excludeCredentialIds);
+ print(json_encode($createArgs));
+ $_SESSION['challenge'] = $WebAuthn->getChallenge();
+ return;
+ }
+ else {
+ return;
+ }
+ break;
+ case "u2f-authentication":
+ header('Content-Type: application/javascript');
+ if (isset($_SESSION['pending_mailcow_cc_username']) && $_SESSION['pending_mailcow_cc_username'] == $object) {
+ $auth_data = $u2f->getAuthenticateData(get_u2f_registrations($object));
+ $challenge = $auth_data[0]->challenge;
+ $appId = $auth_data[0]->appId;
+ foreach ($auth_data as $each) {
+ $key = array(); // Empty array
+ $key['version'] = $each->version;
+ $key['keyHandle'] = $each->keyHandle;
+ $registeredKey[] = $key;
+ }
+ $_SESSION['authReq'] = json_encode($auth_data);
+ echo 'var appId = "' . $appId . '";';
+ echo 'var challenge = ' . json_encode($challenge) . ';';
+ echo 'var registeredKeys = ' . json_encode($registeredKey) . ';';
+ return;
+ }
+ else {
+ return;
+ }
+ break;
+ case "fido2-get-args":
+ header('Content-Type: application/json');
+ // Login without username, no ids!
+ // $ids = fido2(array("action" => "get_all_cids"));
+ // if (count($ids) == 0) {
+ // return;
+ // }
+ $ids = NULL;
+ $getArgs = $WebAuthn->getGetArgs($ids, 30, true, true, true, true, $GLOBALS['FIDO2_UV_FLAG_LOGIN']);
+ print(json_encode($getArgs));
+ $_SESSION['challenge'] = $WebAuthn->getChallenge();
+ return;
+ break;
+ }
+ if (isset($_SESSION['mailcow_cc_role'])) {
+ switch ($category) {
+ case "rspamd":
+ switch ($object) {
+ case "actions":
+ $data = rspamd_actions();
+ if ($data) {
+ echo json_encode($data, JSON_UNESCAPED_UNICODE | JSON_PRETTY_PRINT);
+ }
+ else {
+ echo '{}';
+ }
+ break;
+ }
+ break;
+
+ case "domain":
+ switch ($object) {
+ case "all":
+ $domains = mailbox('get', 'domains');
+ if (!empty($domains)) {
+ foreach ($domains as $domain) {
+ if ($details = mailbox('get', 'domain_details', $domain)) {
+ $data[] = $details;
+ }
+ else {
+ continue;
+ }
+ }
+ process_get_return($data);
+ }
+ else {
+ echo '{}';
+ }
+ break;
+
+ default:
+ $data = mailbox('get', 'domain_details', $object);
+ process_get_return($data);
+ break;
+ }
+ break;
+
+ case "app-passwd":
+ switch ($object) {
+ case "all":
+ if (empty($extra)) {
+ $app_passwds = app_passwd('get');
+ }
+ else {
+ $app_passwds = app_passwd('get', array('username' => $extra));
+ }
+ if (!empty($app_passwds)) {
+ foreach ($app_passwds as $app_passwd) {
+ $details = app_passwd('details', array('id' => $app_passwd['id']));
+ if ($details !== false) {
+ $data[] = $details;
+ }
+ else {
+ continue;
+ }
+ }
+ process_get_return($data);
+ }
+ else {
+ echo '{}';
+ }
+ break;
+
+ default:
+ $data = app_passwd('details', array('id' => $object['id']));
+ process_get_return($data);
+ break;
+ }
+ break;
+
+ case "mailq":
+ switch ($object) {
+ case "all":
+ $mailq = mailq('get');
+ if (!empty($mailq)) {
+ echo $mailq;
+ }
+ else {
+ echo '[]';
+ }
+ break;
+ }
+ break;
+
+ case "postcat":
+ switch ($object) {
+ default:
+ $data = mailq('cat', array('qid' => $object));
+ echo $data;
+ break;
+ }
+ break;
+
+ case "global_filters":
+ $global_filters = mailbox('get', 'global_filter_details');
+ switch ($object) {
+ case "all":
+ if (!empty($global_filters)) {
+ process_get_return($global_filters);
+ }
+ else {
+ echo '{}';
+ }
+ break;
+ case "prefilter":
+ if (!empty($global_filters['prefilter'])) {
+ process_get_return($global_filters['prefilter']);
+ }
+ else {
+ echo '{}';
+ }
+ break;
+ case "postfilter":
+ if (!empty($global_filters['postfilter'])) {
+ process_get_return($global_filters['postfilter']);
+ }
+ else {
+ echo '{}';
+ }
+ break;
+ }
+ break;
+
+ case "rl-domain":
+ switch ($object) {
+ case "all":
+ $domains = array_merge(mailbox('get', 'domains'), mailbox('get', 'alias_domains'));
+ if (!empty($domains)) {
+ foreach ($domains as $domain) {
+ if ($details = ratelimit('get', 'domain', $domain)) {
+ $details['domain'] = $domain;
+ $data[] = $details;
+ }
+ else {
+ continue;
+ }
+ }
+ process_get_return($data);
+ }
+ else {
+ echo '{}';
+ }
+ break;
+
+ default:
+ $data = ratelimit('get', 'domain', $object);
+ process_get_return($data);
+ break;
+ }
+ break;
+
+ case "rl-mbox":
+ switch ($object) {
+ case "all":
+ $domains = mailbox('get', 'domains');
+ if (!empty($domains)) {
+ foreach ($domains as $domain) {
+ $mailboxes = mailbox('get', 'mailboxes', $domain);
+ if (!empty($mailboxes)) {
+ foreach ($mailboxes as $mailbox) {
+ if ($details = ratelimit('get', 'mailbox', $mailbox)) {
+ $details['mailbox'] = $mailbox;
+ $data[] = $details;
+ }
+ else {
+ continue;
+ }
+ }
+ }
+ }
+ process_get_return($data);
+ }
+ else {
+ echo '{}';
+ }
+ break;
+
+ default:
+ $data = ratelimit('get', 'mailbox', $object);
+ process_get_return($data);
+ break;
+ }
+ break;
+
+ case "relayhost":
+ switch ($object) {
+ case "all":
+ $relayhosts = relayhost('get');
+ if (!empty($relayhosts)) {
+ foreach ($relayhosts as $relayhost) {
+ if ($details = relayhost('details', $relayhost['id'])) {
+ $data[] = $details;
+ }
+ else {
+ continue;
+ }
+ }
+ process_get_return($data);
+ }
+ else {
+ echo '{}';
+ }
+ break;
+
+ default:
+ $data = relayhost('details', $object);
+ process_get_return($data);
+ break;
+ }
+ break;
+
+ case "transport":
+ switch ($object) {
+ case "all":
+ $transports = transport('get');
+ if (!empty($transports)) {
+ foreach ($transports as $transport) {
+ if ($details = transport('details', $transport['id'])) {
+ $data[] = $details;
+ }
+ else {
+ continue;
+ }
+ }
+ process_get_return($data);
+ }
+ else {
+ echo '{}';
+ }
+ break;
+
+ default:
+ $data = transport('details', $object);
+ process_get_return($data);
+ break;
+ }
+ break;
+
+ case "rsetting":
+ switch ($object) {
+ case "all":
+ $rsettings = rsettings('get');
+ if (!empty($rsettings)) {
+ foreach ($rsettings as $rsetting) {
+ if ($details = rsettings('details', $rsetting['id'])) {
+ $data[] = $details;
+ }
+ else {
+ continue;
+ }
+ }
+ process_get_return($data);
+ }
+ else {
+ echo '{}';
+ }
+ break;
+
+ default:
+ $data = rsettings('details', $object);
+ process_get_return($data);
+ break;
+ }
+ break;
+
+ case "oauth2-client":
+ switch ($object) {
+ case "all":
+ $clients = oauth2('get', 'clients');
+ if (!empty($clients)) {
+ foreach ($clients as $client) {
+ if ($details = oauth2('details', 'client', $client)) {
+ $data[] = $details;
+ }
+ else {
+ continue;
+ }
+ }
+ process_get_return($data);
+ }
+ else {
+ echo '{}';
+ }
+ break;
+
+ default:
+ $data = oauth2('details', 'client', $object);
+ process_get_return($data);
+ break;
+ }
+ break;
+
+ case "logs":
+ switch ($object) {
+ case "dovecot":
+ // 0 is first record, so empty is fine
+ if (isset($extra)) {
+ $extra = preg_replace('/[^\d\-]/i', '', $extra);
+ $logs = get_logs('dovecot-mailcow', $extra);
+ }
+ else {
+ $logs = get_logs('dovecot-mailcow');
+ }
+ echo (isset($logs) && !empty($logs)) ? json_encode($logs, JSON_UNESCAPED_UNICODE | JSON_PRETTY_PRINT) : '{}';
+ break;
+ case "ratelimited":
+ // 0 is first record, so empty is fine
+ if (isset($extra)) {
+ $extra = preg_replace('/[^\d\-]/i', '', $extra);
+ $logs = get_logs('ratelimited', $extra);
+ }
+ else {
+ $logs = get_logs('ratelimited');
+ }
+ echo (isset($logs) && !empty($logs)) ? json_encode($logs, JSON_UNESCAPED_UNICODE | JSON_PRETTY_PRINT) : '{}';
+ break;
+ case "netfilter":
+ // 0 is first record, so empty is fine
+ if (isset($extra)) {
+ $extra = preg_replace('/[^\d\-]/i', '', $extra);
+ $logs = get_logs('netfilter-mailcow', $extra);
+ }
+ else {
+ $logs = get_logs('netfilter-mailcow');
+ }
+ echo (isset($logs) && !empty($logs)) ? json_encode($logs, JSON_UNESCAPED_UNICODE | JSON_PRETTY_PRINT) : '{}';
+ break;
+ case "postfix":
+ // 0 is first record, so empty is fine
+ if (isset($extra)) {
+ $extra = preg_replace('/[^\d\-]/i', '', $extra);
+ $logs = get_logs('postfix-mailcow', $extra);
+ }
+ else {
+ $logs = get_logs('postfix-mailcow');
+ }
+ echo (isset($logs) && !empty($logs)) ? json_encode($logs, JSON_UNESCAPED_UNICODE | JSON_PRETTY_PRINT) : '{}';
+ break;
+ case "autodiscover":
+ // 0 is first record, so empty is fine
+ if (isset($extra)) {
+ $extra = preg_replace('/[^\d\-]/i', '', $extra);
+ $logs = get_logs('autodiscover-mailcow', $extra);
+ }
+ else {
+ $logs = get_logs('autodiscover-mailcow');
+ }
+ echo (isset($logs) && !empty($logs)) ? json_encode($logs, JSON_UNESCAPED_UNICODE | JSON_PRETTY_PRINT) : '{}';
+ break;
+ case "sogo":
+ // 0 is first record, so empty is fine
+ if (isset($extra)) {
+ $extra = preg_replace('/[^\d\-]/i', '', $extra);
+ $logs = get_logs('sogo-mailcow', $extra);
+ }
+ else {
+ $logs = get_logs('sogo-mailcow');
+ }
+ echo (isset($logs) && !empty($logs)) ? json_encode($logs, JSON_UNESCAPED_UNICODE | JSON_PRETTY_PRINT) : '{}';
+ break;
+ case "ui":
+ // 0 is first record, so empty is fine
+ if (isset($extra)) {
+ $extra = preg_replace('/[^\d\-]/i', '', $extra);
+ $logs = get_logs('mailcow-ui', $extra);
+ }
+ else {
+ $logs = get_logs('mailcow-ui');
+ }
+ echo (isset($logs) && !empty($logs)) ? json_encode($logs, JSON_UNESCAPED_UNICODE | JSON_PRETTY_PRINT) : '{}';
+ break;
+ case "watchdog":
+ // 0 is first record, so empty is fine
+ if (isset($extra)) {
+ $extra = preg_replace('/[^\d\-]/i', '', $extra);
+ $logs = get_logs('watchdog-mailcow', $extra);
+ }
+ else {
+ $logs = get_logs('watchdog-mailcow');
+ }
+ echo (isset($logs) && !empty($logs)) ? json_encode($logs, JSON_UNESCAPED_UNICODE | JSON_PRETTY_PRINT) : '{}';
+ break;
+ case "acme":
+ // 0 is first record, so empty is fine
+ if (isset($extra)) {
+ $extra = preg_replace('/[^\d\-]/i', '', $extra);
+ $logs = get_logs('acme-mailcow', $extra);
+ }
+ else {
+ $logs = get_logs('acme-mailcow');
+ }
+ echo (isset($logs) && !empty($logs)) ? json_encode($logs, JSON_UNESCAPED_UNICODE | JSON_PRETTY_PRINT) : '{}';
+ break;
+ case "api":
+ // 0 is first record, so empty is fine
+ if (isset($extra)) {
+ $extra = preg_replace('/[^\d\-]/i', '', $extra);
+ $logs = get_logs('api-mailcow', $extra);
+ }
+ else {
+ $logs = get_logs('api-mailcow');
+ }
+ echo (isset($logs) && !empty($logs)) ? json_encode($logs, JSON_UNESCAPED_UNICODE | JSON_PRETTY_PRINT) : '{}';
+ break;
+ case "rspamd-history":
+ // 0 is first record, so empty is fine
+ if (isset($extra)) {
+ $extra = preg_replace('/[^\d\-]/i', '', $extra);
+ $logs = get_logs('rspamd-history', $extra);
+ }
+ else {
+ $logs = get_logs('rspamd-history');
+ }
+ echo (isset($logs) && !empty($logs)) ? json_encode($logs, JSON_UNESCAPED_UNICODE | JSON_PRETTY_PRINT) : '{}';
+ break;
+ case "rspamd-stats":
+ $logs = get_logs('rspamd-stats');
+ echo (isset($logs) && !empty($logs)) ? json_encode($logs, JSON_UNESCAPED_UNICODE | JSON_PRETTY_PRINT) : '{}';
+ break;
+ // return no route found if no case is matched
+ default:
+ http_response_code(404);
+ echo json_encode(array(
+ 'type' => 'error',
+ 'msg' => 'route not found'
+ ));
+ exit();
+ }
+ break;
+ case "mailbox":
+ switch ($object) {
+ case "all":
+ if (empty($extra)) {
+ $domains = mailbox('get', 'domains');
+ }
+ else {
+ $domains = array($extra);
+ }
+ if (!empty($domains)) {
+ foreach ($domains as $domain) {
+ $mailboxes = mailbox('get', 'mailboxes', $domain);
+ if (!empty($mailboxes)) {
+ foreach ($mailboxes as $mailbox) {
+ if ($details = mailbox('get', 'mailbox_details', $mailbox)) {
+ $data[] = $details;
+ }
+ else {
+ continue;
+ }
+ }
+ }
+ }
+ process_get_return($data);
+ }
+ else {
+ echo '{}';
+ }
+ break;
+
+ default:
+ $data = mailbox('get', 'mailbox_details', $object);
+ process_get_return($data);
+ break;
+ }
+ break;
+ case "syncjobs":
+ switch ($object) {
+ case "all":
+ $domains = mailbox('get', 'domains');
+ if (!empty($domains)) {
+ foreach ($domains as $domain) {
+ $mailboxes = mailbox('get', 'mailboxes', $domain);
+ if (!empty($mailboxes)) {
+ foreach ($mailboxes as $mailbox) {
+ $syncjobs = mailbox('get', 'syncjobs', $mailbox);
+ if (!empty($syncjobs)) {
+ foreach ($syncjobs as $syncjob) {
+ if (isset($extra)) {
+ $details = mailbox('get', 'syncjob_details', $syncjob, explode(',', $extra));
+ }
+ else {
+ $details = mailbox('get', 'syncjob_details', $syncjob);
+ }
+ if ($details) {
+ $data[] = $details;
+ }
+ else {
+ continue;
+ }
+ }
+ }
+ }
+ }
+ }
+ process_get_return($data);
+ }
+ else {
+ echo '{}';
+ }
+ break;
+
+ default:
+ $syncjobs = mailbox('get', 'syncjobs', $object);
+ if (!empty($syncjobs)) {
+ foreach ($syncjobs as $syncjob) {
+ if (isset($extra)) {
+ $details = mailbox('get', 'syncjob_details', $syncjob, explode(',', $extra));
+ }
+ else {
+ $details = mailbox('get', 'syncjob_details', $syncjob);
+ }
+ if ($details) {
+ $data[] = $details;
+ }
+ else {
+ continue;
+ }
+ }
+ }
+ process_get_return($data);
+ break;
+ }
+ break;
+ case "active-user-sieve":
+ if (isset($object)) {
+ $sieve_filter = mailbox('get', 'active_user_sieve', $object);
+ if (!empty($sieve_filter)) {
+ $data[] = $sieve_filter;
+ }
+ }
+ process_get_return($data);
+ break;
+ case "filters":
+ switch ($object) {
+ case "all":
+ $domains = mailbox('get', 'domains');
+ if (!empty($domains)) {
+ foreach ($domains as $domain) {
+ $mailboxes = mailbox('get', 'mailboxes', $domain);
+ if (!empty($mailboxes)) {
+ foreach ($mailboxes as $mailbox) {
+ $filters = mailbox('get', 'filters', $mailbox);
+ if (!empty($filters)) {
+ foreach ($filters as $filter) {
+ if ($details = mailbox('get', 'filter_details', $filter)) {
+ $data[] = $details;
+ }
+ else {
+ continue;
+ }
+ }
+ }
+ }
+ }
+ }
+ process_get_return($data);
+ }
+ else {
+ echo '{}';
+ }
+ break;
+
+ default:
+ $filters = mailbox('get', 'filters', $object);
+ if (!empty($filters)) {
+ foreach ($filters as $filter) {
+ if ($details = mailbox('get', 'filter_details', $filter)) {
+ $data[] = $details;
+ }
+ else {
+ continue;
+ }
+ }
+ }
+ process_get_return($data);
+ break;
+ }
+ break;
+ case "bcc":
+ switch ($object) {
+ case "all":
+ $bcc_items = bcc('get');
+ if (!empty($bcc_items)) {
+ foreach ($bcc_items as $bcc_item) {
+ if ($details = bcc('details', $bcc_item)) {
+ $data[] = $details;
+ }
+ else {
+ continue;
+ }
+ }
+ }
+ process_get_return($data);
+ break;
+ default:
+ $data = bcc('details', $object);
+ if (!empty($data)) {
+ $data[] = $details;
+ }
+ process_get_return($data);
+ break;
+ }
+ break;
+ case "recipient_map":
+ switch ($object) {
+ case "all":
+ $recipient_map_items = recipient_map('get');
+ if (!empty($recipient_map_items)) {
+ foreach ($recipient_map_items as $recipient_map_item) {
+ if ($details = recipient_map('details', $recipient_map_item)) {
+ $data[] = $details;
+ }
+ else {
+ continue;
+ }
+ }
+ }
+ process_get_return($data);
+ break;
+ default:
+ $data = recipient_map('details', $object);
+ if (!empty($data)) {
+ $data[] = $details;
+ }
+ process_get_return($data);
+ break;
+ }
+ break;
+ case "tls-policy-map":
+ switch ($object) {
+ case "all":
+ $tls_policy_maps_items = tls_policy_maps('get');
+ if (!empty($tls_policy_maps_items)) {
+ foreach ($tls_policy_maps_items as $tls_policy_maps_item) {
+ if ($details = tls_policy_maps('details', $tls_policy_maps_item)) {
+ $data[] = $details;
+ }
+ else {
+ continue;
+ }
+ }
+ }
+ process_get_return($data);
+ break;
+ default:
+ $data = tls_policy_maps('details', $object);
+ if (!empty($data)) {
+ $data[] = $details;
+ }
+ process_get_return($data);
+ break;
+ }
+ break;
+ case "policy_wl_mailbox":
+ switch ($object) {
+ default:
+ $data = policy('get', 'mailbox', $object)['whitelist'];
+ process_get_return($data);
+ break;
+ }
+ break;
+ case "policy_bl_mailbox":
+ switch ($object) {
+ default:
+ $data = policy('get', 'mailbox', $object)['blacklist'];
+ process_get_return($data);
+ break;
+ }
+ break;
+ case "policy_wl_domain":
+ switch ($object) {
+ default:
+ $data = policy('get', 'domain', $object)['whitelist'];
+ process_get_return($data);
+ break;
+ }
+ break;
+ case "policy_bl_domain":
+ switch ($object) {
+ default:
+ $data = policy('get', 'domain', $object)['blacklist'];
+ process_get_return($data);
+ break;
+ }
+ break;
+ case "time_limited_aliases":
+ switch ($object) {
+ default:
+ $data = mailbox('get', 'time_limited_aliases', $object);
+ process_get_return($data);
+ break;
+ }
+ break;
+ case "fail2ban":
+ switch ($object) {
+ default:
+ $data = fail2ban('get');
+ process_get_return($data);
+ break;
+ }
+ break;
+ case "resource":
+ switch ($object) {
+ case "all":
+ $domains = mailbox('get', 'domains');
+ if (!empty($domains)) {
+ foreach ($domains as $domain) {
+ $resources = mailbox('get', 'resources', $domain);
+ if (!empty($resources)) {
+ foreach ($resources as $resource) {
+ if ($details = mailbox('get', 'resource_details', $resource)) {
+ $data[] = $details;
+ }
+ else {
+ continue;
+ }
+ }
+ }
+ }
+ process_get_return($data);
+ }
+ else {
+ echo '{}';
+ }
+ break;
+ default:
+ $data = mailbox('get', 'resource_details', $object);
+ process_get_return($data);
+ break;
+ }
+ break;
+ case "fwdhost":
+ switch ($object) {
+ case "all":
+ process_get_return(fwdhost('get'));
+ break;
+ default:
+ process_get_return(fwdhost('details', $object));
+ break;
+ }
+ break;
+ case "quarantine":
+ // "all" will not print details
+ switch ($object) {
+ case "all":
+ process_get_return(quarantine('get'));
+ break;
+ default:
+ process_get_return(quarantine('details', $object));
+ break;
+ }
+ break;
+ case "alias-domain":
+ switch ($object) {
+ case "all":
+ $alias_domains = mailbox('get', 'alias_domains');
+ if (!empty($alias_domains)) {
+ foreach ($alias_domains as $alias_domain) {
+ if ($details = mailbox('get', 'alias_domain_details', $alias_domain)) {
+ $data[] = $details;
+ }
+ else {
+ continue;
+ }
+ }
+ }
+ process_get_return($data);
+ break;
+ default:
+ process_get_return(mailbox('get', 'alias_domain_details', $object));
+ break;
+ }
+ break;
+ case "alias":
+ switch ($object) {
+ case "all":
+ if (empty($extra)) {
+ $domains = array_merge(mailbox('get', 'domains'), mailbox('get', 'alias_domains'));
+ }
+ else {
+ $domains = array($extra);
+ }
+ if (!empty($domains)) {
+ foreach ($domains as $domain) {
+ $aliases = mailbox('get', 'aliases', $domain);
+ if (!empty($aliases)) {
+ foreach ($aliases as $alias) {
+ if ($details = mailbox('get', 'alias_details', $alias)) {
+ $data[] = $details;
+ }
+ else {
+ continue;
+ }
+ }
+ }
+ }
+ process_get_return($data);
+ }
+ else {
+ echo '{}';
+ }
+ break;
+
+ default:
+ process_get_return(mailbox('get', 'alias_details', $object));
+ break;
+ }
+ break;
+ case "domain-admin":
+ switch ($object) {
+ case "all":
+ $domain_admins = domain_admin('get');
+ if (!empty($domain_admins)) {
+ foreach ($domain_admins as $domain_admin) {
+ if ($details = domain_admin('details', $domain_admin)) {
+ $data[] = $details;
+ }
+ else {
+ continue;
+ }
+ }
+ process_get_return($data);
+ }
+ else {
+ echo '{}';
+ }
+ break;
+
+ default:
+ process_get_return(domain_admin('details', $object));
+ break;
+ }
+ break;
+ case "admin":
+ switch ($object) {
+ case "all":
+ $admins = admin('get');
+ if (!empty($admins)) {
+ foreach ($admins as $admin) {
+ if ($details = admin('details', $admin)) {
+ $data[] = $details;
+ }
+ else {
+ continue;
+ }
+ }
+ process_get_return($data);
+ }
+ else {
+ echo '{}';
+ }
+ break;
+
+ default:
+ process_get_return(admin('details', $object));
+ break;
+ }
+ break;
+ case "dkim":
+ switch ($object) {
+ default:
+ $data = dkim('details', $object);
+ process_get_return($data);
+ break;
+ }
+ break;
+ case "presets":
+ switch ($object) {
+ case "rspamd":
+ process_get_return(presets('get', 'rspamd'));
+ break;
+ case "sieve":
+ process_get_return(presets('get', 'sieve'));
+ break;
+ }
+ break;
+ case "status":
+ if ($_SESSION['mailcow_cc_role'] == "admin") {
+ switch ($object) {
+ case "containers":
+ $containers = (docker('info'));
+ foreach ($containers as $container => $container_info) {
+ $container . ' (' . $container_info['Config']['Image'] . ')';
+ $containerstarttime = ($container_info['State']['StartedAt']);
+ $containerstate = ($container_info['State']['Status']);
+ $containerimage = ($container_info['Config']['Image']);
+ $temp[$container] = array(
+ 'type' => 'info',
+ 'container' => $container,
+ 'state' => $containerstate,
+ 'started_at' => $containerstarttime,
+ 'image' => $containerimage
+ );
+ }
+ echo json_encode($temp, JSON_UNESCAPED_SLASHES);
+ break;
+ case "vmail":
+ $exec_fields_vmail = array('cmd' => 'system', 'task' => 'df', 'dir' => '/var/vmail');
+ $vmail_df = explode(',', json_decode(docker('post', 'dovecot-mailcow', 'exec', $exec_fields_vmail), true));
+ $temp = array(
+ 'type' => 'info',
+ 'disk' => $vmail_df[0],
+ 'used' => $vmail_df[2],
+ 'total'=> $vmail_df[1],
+ 'used_percent' => $vmail_df[4]
+ );
+ echo json_encode($temp, JSON_UNESCAPED_SLASHES);
+ break;
+ case "solr":
+ $solr_status = solr_status();
+ $solr_size = ($solr_status['status']['dovecot-fts']['index']['size']);
+ $solr_documents = ($solr_status['status']['dovecot-fts']['index']['numDocs']);
+ if (strtolower(getenv('SKIP_SOLR')) != 'n') {
+ $solr_enabled = false;
+ }
+ else {
+ $solr_enabled = true;
+ }
+ echo json_encode(array(
+ 'type' => 'info',
+ 'solr_enabled' => $solr_enabled,
+ 'solr_size' => $solr_size,
+ 'solr_documents' => $solr_documents
+ ));
+ break;
+ }
+ }
+ break;
+ break;
+ // return no route found if no case is matched
+ default:
+ http_response_code(404);
+ echo json_encode(array(
+ 'type' => 'error',
+ 'msg' => 'route not found'
+ ));
+ exit();
+ }
+ }
+ break;
+ case "delete":
+ if ($_SESSION['mailcow_cc_api_access'] == 'ro' || isset($_SESSION['pending_mailcow_cc_username']) || !isset($_SESSION["mailcow_cc_username"])) {
+ http_response_code(403);
+ echo json_encode(array(
+ 'type' => 'error',
+ 'msg' => 'API read/write access denied'
+ ));
+ exit();
+ }
+ function process_delete_return($return) {
+ $generic_failure = json_encode(array(
+ 'type' => 'error',
+ 'msg' => 'Cannot delete item'
+ ));
+ $generic_success = json_encode(array(
+ 'type' => 'success',
+ 'msg' => 'Task completed'
+ ));
+ if ($return === false) {
+ echo isset($_SESSION['return']) ? json_encode($_SESSION['return']) : $generic_failure;
+ }
+ else {
+ echo isset($_SESSION['return']) ? json_encode($_SESSION['return']) : $generic_success;
+ }
+ }
+ if (!isset($_POST['items'])) {
+ echo $request_incomplete;
+ exit;
+ }
+ else {
+ $items = (array)json_decode($_POST['items'], true);
+ }
+ // only allow POST requests to POST API endpoints
+ if ($_SERVER['REQUEST_METHOD'] != 'POST') {
+ http_response_code(405);
+ echo json_encode(array(
+ 'type' => 'error',
+ 'msg' => 'only POST method is allowed'
+ ));
+ exit();
+ }
+ switch ($category) {
+ case "alias":
+ process_delete_return(mailbox('delete', 'alias', array('id' => $items)));
+ break;
+ case "oauth2-client":
+ process_delete_return(oauth2('delete', 'client', array('id' => $items)));
+ break;
+ case "app-passwd":
+ process_delete_return(app_passwd('delete', array('id' => $items)));
+ break;
+ case "relayhost":
+ process_delete_return(relayhost('delete', array('id' => $items)));
+ break;
+ case "transport":
+ process_delete_return(transport('delete', array('id' => $items)));
+ break;
+ case "rsetting":
+ process_delete_return(rsettings('delete', array('id' => $items)));
+ break;
+ case "syncjob":
+ process_delete_return(mailbox('delete', 'syncjob', array('id' => $items)));
+ break;
+ case "filter":
+ process_delete_return(mailbox('delete', 'filter', array('id' => $items)));
+ break;
+ case "mailq":
+ process_delete_return(mailq('delete', array('qid' => $items)));
+ break;
+ case "qitem":
+ process_delete_return(quarantine('delete', array('id' => $items)));
+ break;
+ case "bcc":
+ process_delete_return(bcc('delete', array('id' => $items)));
+ break;
+ case "recipient_map":
+ process_delete_return(recipient_map('delete', array('id' => $items)));
+ break;
+ case "tls-policy-map":
+ process_delete_return(tls_policy_maps('delete', array('id' => $items)));
+ break;
+ case "fwdhost":
+ process_delete_return(fwdhost('delete', array('forwardinghost' => $items)));
+ break;
+ case "dkim":
+ process_delete_return(dkim('delete', array('domains' => $items)));
+ break;
+ case "domain":
+ file_put_contents('/tmp/dssaa', $items);
+ process_delete_return(mailbox('delete', 'domain', array('domain' => $items)));
+ break;
+ case "alias-domain":
+ process_delete_return(mailbox('delete', 'alias_domain', array('alias_domain' => $items)));
+ break;
+ case "mailbox":
+ process_delete_return(mailbox('delete', 'mailbox', array('username' => $items)));
+ break;
+ case "resource":
+ process_delete_return(mailbox('delete', 'resource', array('name' => $items)));
+ break;
+ case "mailbox-policy":
+ process_delete_return(policy('delete', 'mailbox', array('prefid' => $items)));
+ break;
+ case "domain-policy":
+ process_delete_return(policy('delete', 'domain', array('prefid' => $items)));
+ break;
+ case "time_limited_alias":
+ process_delete_return(mailbox('delete', 'time_limited_alias', array('address' => $items)));
+ break;
+ case "eas_cache":
+ process_delete_return(mailbox('delete', 'eas_cache', array('username' => $items)));
+ break;
+ case "sogo_profile":
+ process_delete_return(mailbox('delete', 'sogo_profile', array('username' => $items)));
+ break;
+ case "domain-admin":
+ process_delete_return(domain_admin('delete', array('username' => $items)));
+ break;
+ case "admin":
+ process_delete_return(admin('delete', array('username' => $items)));
+ break;
+ case "rlhash":
+ echo ratelimit('delete', null, implode($items));
+ break;
+ // return no route found if no case is matched
+ default:
+ http_response_code(404);
+ echo json_encode(array(
+ 'type' => 'error',
+ 'msg' => 'route not found'
+ ));
+ exit();
+ }
+ break;
+ case "edit":
+ if ($_SESSION['mailcow_cc_api_access'] == 'ro' || isset($_SESSION['pending_mailcow_cc_username']) || !isset($_SESSION["mailcow_cc_username"])) {
+ http_response_code(403);
+ echo json_encode(array(
+ 'type' => 'error',
+ 'msg' => 'API read/write access denied'
+ ));
+ exit();
+ }
+ function process_edit_return($return) {
+ $generic_failure = json_encode(array(
+ 'type' => 'error',
+ 'msg' => 'Cannot edit item'
+ ));
+ $generic_success = json_encode(array(
+ 'type' => 'success',
+ 'msg' => 'Task completed'
+ ));
+ if ($return === false) {
+ echo isset($_SESSION['return']) ? json_encode($_SESSION['return']) : $generic_failure;
+ }
+ else {
+ echo isset($_SESSION['return']) ? json_encode($_SESSION['return']) : $generic_success;
+ }
+ }
+ if (!isset($_POST['attr'])) {
+ echo $request_incomplete;
+ exit;
+ }
+ else {
+ $attr = (array)json_decode($_POST['attr'], true);
+ unset($attr['csrf_token']);
+ $items = isset($_POST['items']) ? (array)json_decode($_POST['items'], true) : null;
+ }
+ // only allow POST requests to POST API endpoints
+ if ($_SERVER['REQUEST_METHOD'] != 'POST') {
+ http_response_code(405);
+ echo json_encode(array(
+ 'type' => 'error',
+ 'msg' => 'only POST method is allowed'
+ ));
+ exit();
+ }
+ switch ($category) {
+ case "bcc":
+ process_edit_return(bcc('edit', array_merge(array('id' => $items), $attr)));
+ break;
+ case "pushover":
+ process_edit_return(pushover('edit', array_merge(array('username' => $items), $attr)));
+ break;
+ case "pushover-test":
+ process_edit_return(pushover('test', array_merge(array('username' => $items), $attr)));
+ break;
+ case "oauth2-client":
+ process_edit_return(oauth2('edit', 'client', array_merge(array('id' => $items), $attr)));
+ break;
+ case "recipient_map":
+ process_edit_return(recipient_map('edit', array_merge(array('id' => $items), $attr)));
+ break;
+ case "app-passwd":
+ process_edit_return(app_passwd('edit', array_merge(array('id' => $items), $attr)));
+ break;
+ case "tls-policy-map":
+ process_edit_return(tls_policy_maps('edit', array_merge(array('id' => $items), $attr)));
+ break;
+ case "alias":
+ process_edit_return(mailbox('edit', 'alias', array_merge(array('id' => $items), $attr)));
+ break;
+ case "rspamd-map":
+ process_edit_return(rspamd_maps('edit', array_merge(array('map' => $items), $attr)));
+ break;
+ case "fido2-fn":
+ process_edit_return(fido2(array('action' => 'edit_fn', 'fido2_attrs' => $attr)));
+ break;
+ case "app_links":
+ process_edit_return(customize('edit', 'app_links', $attr));
+ break;
+ case "relayhost":
+ process_edit_return(relayhost('edit', array_merge(array('id' => $items), $attr)));
+ break;
+ case "transport":
+ process_edit_return(transport('edit', array_merge(array('id' => $items), $attr)));
+ break;
+ case "rsetting":
+ process_edit_return(rsettings('edit', array_merge(array('id' => $items), $attr)));
+ break;
+ case "delimiter_action":
+ process_edit_return(mailbox('edit', 'delimiter_action', array_merge(array('username' => $items), $attr)));
+ break;
+ case "tls_policy":
+ process_edit_return(mailbox('edit', 'tls_policy', array_merge(array('username' => $items), $attr)));
+ break;
+ case "quarantine_notification":
+ process_edit_return(mailbox('edit', 'quarantine_notification', array_merge(array('username' => $items), $attr)));
+ break;
+ case "quarantine_category":
+ process_edit_return(mailbox('edit', 'quarantine_category', array_merge(array('username' => $items), $attr)));
+ break;
+ case "qitem":
+ process_edit_return(quarantine('edit', array_merge(array('id' => $items), $attr)));
+ break;
+ case "quarantine":
+ process_edit_return(quarantine('edit', $attr));
+ break;
+ case "quota_notification":
+ process_edit_return(quota_notification('edit', $attr));
+ break;
+ case "mailq":
+ process_edit_return(mailq('edit', array_merge(array('qid' => $items), $attr)));
+ break;
+ case "time_limited_alias":
+ process_edit_return(mailbox('edit', 'time_limited_alias', array_merge(array('address' => $items), $attr)));
+ break;
+ case "mailbox":
+ process_edit_return(mailbox('edit', 'mailbox', array_merge(array('username' => $items), $attr)));
+ break;
+ case "syncjob":
+ process_edit_return(mailbox('edit', 'syncjob', array_merge(array('id' => $items), $attr)));
+ break;
+ case "filter":
+ process_edit_return(mailbox('edit', 'filter', array_merge(array('id' => $items), $attr)));
+ break;
+ case "resource":
+ process_edit_return(mailbox('edit', 'resource', array_merge(array('name' => $items), $attr)));
+ break;
+ case "domain":
+ process_edit_return(mailbox('edit', 'domain', array_merge(array('domain' => $items), $attr)));
+ break;
+ case "rl-domain":
+ process_edit_return(ratelimit('edit', 'domain', array_merge(array('object' => $items), $attr)));
+ break;
+ case "rl-mbox":
+ process_edit_return(ratelimit('edit', 'mailbox', array_merge(array('object' => $items), $attr)));
+ break;
+ case "user-acl":
+ process_edit_return(acl('edit', 'user', array_merge(array('username' => $items), $attr)));
+ break;
+ case "da-acl":
+ process_edit_return(acl('edit', 'domainadmin', array_merge(array('username' => $items), $attr)));
+ break;
+ case "alias-domain":
+ process_edit_return(mailbox('edit', 'alias_domain', array_merge(array('alias_domain' => $items), $attr)));
+ break;
+ case "spam-score":
+ process_edit_return(mailbox('edit', 'spam_score', array_merge(array('username' => $items), $attr)));
+ break;
+ case "domain-admin":
+ process_edit_return(domain_admin('edit', array_merge(array('username' => $items), $attr)));
+ break;
+ case "admin":
+ process_edit_return(admin('edit', array_merge(array('username' => $items), $attr)));
+ break;
+ case "fwdhost":
+ process_edit_return(fwdhost('edit', array_merge(array('fwdhost' => $items), $attr)));
+ break;
+ case "fail2ban":
+ process_edit_return(fail2ban('edit', array_merge(array('network' => $items), $attr)));
+ break;
+ case "ui_texts":
+ process_edit_return(customize('edit', 'ui_texts', $attr));
+ break;
+ case "self":
+ if ($_SESSION['mailcow_cc_role'] == "domainadmin") {
+ process_edit_return(domain_admin('edit', $attr));
+ }
+ elseif ($_SESSION['mailcow_cc_role'] == "user") {
+ process_edit_return(edit_user_account($attr));
+ }
+ break;
+ // return no route found if no case is matched
+ default:
+ http_response_code(404);
+ echo json_encode(array(
+ 'type' => 'error',
+ 'msg' => 'route not found'
+ ));
+ exit();
+ }
+ break;
+ // return no route found if no case is matched
+ default:
+ http_response_code(404);
+ echo json_encode(array(
+ 'type' => 'error',
+ 'msg' => 'route not found'
+ ));
+ exit();
+ }
+}
+if ($_SESSION['mailcow_cc_api'] === true) {
+ if (isset($_SESSION['mailcow_cc_api']) && $_SESSION['mailcow_cc_api'] === true) {
+ unset($_SESSION['return']);
+ }
+}