Gitiles
Code Review Sign In
gerrit.benkard.de / kubeia / d1f5b68b557869443f559de96824b2d2aee3b3e7 / . / mailcow / src / mailcow-dockerized / data / web / inc / triggers.inc.php
blob: 6922429b831605c7b560494498189bce81488021 [file] [log] [blame]
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]1<?php
Matthias Andreas Benkardd1f5b682023-11-18 13:18:30 +0100[diff] [blame^]2// SSO Domain Admin
3if (!empty($_GET['sso_token'])) {
4 $username = domain_admin_sso('check', $_GET['sso_token']);
5
6 if ($username !== false) {
7 $_SESSION['mailcow_cc_username'] = $username;
8 $_SESSION['mailcow_cc_role'] = 'domainadmin';
9 header('Location: /mailbox');
10 }
11}
12
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]13if (isset($_POST["verify_tfa_login"])) {
Matthias Andreas Benkard1ba53812022-12-27 17:32:58 +0100[diff] [blame]14 if (verify_tfa_login($_SESSION['pending_mailcow_cc_username'], $_POST)) {
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]15 $_SESSION['mailcow_cc_username'] = $_SESSION['pending_mailcow_cc_username'];
16 $_SESSION['mailcow_cc_role'] = $_SESSION['pending_mailcow_cc_role'];
17 unset($_SESSION['pending_mailcow_cc_username']);
18 unset($_SESSION['pending_mailcow_cc_role']);
Matthias Andreas Benkard1ba53812022-12-27 17:32:58 +0100[diff] [blame]19 unset($_SESSION['pending_tfa_methods']);
Matthias Andreas Benkardd1f5b682023-11-18 13:18:30 +0100[diff] [blame^]20
Matthias Andreas Benkard1ba53812022-12-27 17:32:58 +0100[diff] [blame]21 header("Location: /user");
22 } else {
23 unset($_SESSION['pending_mailcow_cc_username']);
24 unset($_SESSION['pending_mailcow_cc_role']);
25 unset($_SESSION['pending_tfa_methods']);
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]26 }
27}
28
Matthias Andreas Benkard1ba53812022-12-27 17:32:58 +0100[diff] [blame]29if (isset($_GET["cancel_tfa_login"])) {
30 unset($_SESSION['pending_mailcow_cc_username']);
31 unset($_SESSION['pending_mailcow_cc_role']);
32 unset($_SESSION['pending_tfa_methods']);
33
34 header("Location: /");
35}
36
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]37if (isset($_POST["quick_release"])) {
38 quarantine('quick_release', $_POST["quick_release"]);
39}
40
41if (isset($_POST["quick_delete"])) {
42 quarantine('quick_delete', $_POST["quick_delete"]);
43}
44
45if (isset($_POST["login_user"]) && isset($_POST["pass_user"])) {
46 $login_user = strtolower(trim($_POST["login_user"]));
47 $as = check_login($login_user, $_POST["pass_user"]);
Matthias Andreas Benkardd1f5b682023-11-18 13:18:30 +0100[diff] [blame^]48
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]49 if ($as == "admin") {
50 $_SESSION['mailcow_cc_username'] = $login_user;
51 $_SESSION['mailcow_cc_role'] = "admin";
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]52 header("Location: /admin");
53 }
54 elseif ($as == "domainadmin") {
55 $_SESSION['mailcow_cc_username'] = $login_user;
56 $_SESSION['mailcow_cc_role'] = "domainadmin";
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]57 header("Location: /mailbox");
58 }
59 elseif ($as == "user") {
60 $_SESSION['mailcow_cc_username'] = $login_user;
61 $_SESSION['mailcow_cc_role'] = "user";
Matthias Andreas Benkard1ba53812022-12-27 17:32:58 +0100[diff] [blame]62 $http_parameters = explode('&', $_SESSION['index_query_string']);
63 unset($_SESSION['index_query_string']);
64 if (in_array('mobileconfig', $http_parameters)) {
65 if (in_array('only_email', $http_parameters)) {
Matthias Andreas Benkardd1f5b682023-11-18 13:18:30 +0100[diff] [blame^]66 header("Location: /mobileconfig.php?only_email");
Matthias Andreas Benkard1ba53812022-12-27 17:32:58 +0100[diff] [blame]67 die();
68 }
69 header("Location: /mobileconfig.php");
70 die();
71 }
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]72 header("Location: /user");
73 }
74 elseif ($as != "pending") {
75 unset($_SESSION['pending_mailcow_cc_username']);
76 unset($_SESSION['pending_mailcow_cc_role']);
Matthias Andreas Benkard1ba53812022-12-27 17:32:58 +0100[diff] [blame]77 unset($_SESSION['pending_tfa_methods']);
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]78 unset($_SESSION['mailcow_cc_username']);
79 unset($_SESSION['mailcow_cc_role']);
80 }
81}
82
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]83if (isset($_SESSION['mailcow_cc_role']) && (isset($_SESSION['acl']['login_as']) && $_SESSION['acl']['login_as'] == "1")) {
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]84 if (isset($_GET["duallogin"])) {
85 $duallogin = html_entity_decode(rawurldecode($_GET["duallogin"]));
86 if (filter_var($duallogin, FILTER_VALIDATE_EMAIL)) {
87 if (!empty(mailbox('get', 'mailbox_details', $duallogin))) {
88 $_SESSION["dual-login"]["username"] = $_SESSION['mailcow_cc_username'];
89 $_SESSION["dual-login"]["role"] = $_SESSION['mailcow_cc_role'];
90 $_SESSION['mailcow_cc_username'] = $duallogin;
91 $_SESSION['mailcow_cc_role'] = "user";
92 header("Location: /user");
93 }
94 }
95 else {
96 if (!empty(domain_admin('details', $duallogin))) {
97 $_SESSION["dual-login"]["username"] = $_SESSION['mailcow_cc_username'];
98 $_SESSION["dual-login"]["role"] = $_SESSION['mailcow_cc_role'];
99 $_SESSION['mailcow_cc_username'] = $duallogin;
100 $_SESSION['mailcow_cc_role'] = "domainadmin";
101 header("Location: /user");
102 }
103 }
104 }
105}
106
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]107if (isset($_SESSION['mailcow_cc_role'])) {
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]108 if (isset($_POST["set_tfa"])) {
109 set_tfa($_POST);
110 }
111 if (isset($_POST["unset_tfa_key"])) {
112 unset_tfa_key($_POST);
113 }
114 if (isset($_POST["unset_fido2_key"])) {
115 fido2(array("action" => "unset_fido2_key", "post_data" => $_POST));
116 }
117}
Matthias Andreas Benkard7b2a3a12021-08-16 10:57:25 +0200[diff] [blame]118if (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == "admin" && !isset($_SESSION['mailcow_cc_api'])) {
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]119 // TODO: Move file upload to API?
120 if (isset($_POST["submit_main_logo"])) {
121 if ($_FILES['main_logo']['error'] == 0) {
122 customize('add', 'main_logo', $_FILES);
123 }
Matthias Andreas Benkardd1f5b682023-11-18 13:18:30 +0100[diff] [blame^]124 if ($_FILES['main_logo_dark']['error'] == 0) {
125 customize('add', 'main_logo_dark', $_FILES);
126 }
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]127 }
128 if (isset($_POST["reset_main_logo"])) {
129 customize('delete', 'main_logo');
Matthias Andreas Benkardd1f5b682023-11-18 13:18:30 +0100[diff] [blame^]130 customize('delete', 'main_logo_dark');
Matthias Andreas Benkardb382b102021-01-02 15:32:21 +0100[diff] [blame]131 }
132 // Some actions will not be available via API
133 if (isset($_POST["license_validate_now"])) {
134 license('verify');
135 }
136 if (isset($_POST["admin_api"])) {
137 if (isset($_POST["admin_api"]["ro"])) {
138 admin_api('ro', 'edit', $_POST);
139 }
140 elseif (isset($_POST["admin_api"]["rw"])) {
141 admin_api('rw', 'edit', $_POST);
142 }
143 }
144 if (isset($_POST["admin_api_regen_key"])) {
145 if (isset($_POST["admin_api_regen_key"]["ro"])) {
146 admin_api('ro', 'regen_key', $_POST);
147 }
148 elseif (isset($_POST["admin_api_regen_key"]["rw"])) {
149 admin_api('rw', 'regen_key', $_POST);
150 }
151 }
152 if (isset($_POST["rspamd_ui"])) {
153 rspamd_ui('edit', $_POST);
154 }
155 if (isset($_POST["mass_send"])) {
156 sys_mail($_POST);
157 }
158}
159?>