Home Explore Help
Sign In
mirrors
/
mailcow-dockerized
mirror of https://github.com/mailcow/mailcow-dockerized
2
0
Fork 0
Files Issues 0 Wiki
Tree: 1c15133a52
Branches Tags
mailcow-dockeri...
/
data
/
web
/
edit.php

edit.php 7.6 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193 
  1. <?php
    2. 

  2. require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/prerequisites.inc.php';
    3. 

  3. $AuthUsers = array("admin", "domainadmin", "user");
    4. 

  4. if (!isset($_SESSION['mailcow_cc_role']) OR !in_array($_SESSION['mailcow_cc_role'], $AuthUsers)) {
    5. 

  5.   header('Location: /');
    6. 

  6.   exit();
    7. 

  7. }
    8. 

  8. require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/header.inc.php';
    9. 

  9. 

  10. $template = 'edit.twig';
    11. 

  11. $template_data = [];
    12. 

  12. $result = null;
    13. 

  13. if (isset($_SESSION['mailcow_cc_role'])) {
    14. 

  14.   if ($_SESSION['mailcow_cc_role'] == "admin" || $_SESSION['mailcow_cc_role'] == "domainadmin") {
    15. 

  15.     if (isset($_GET["alias"]) &&
    16. 

  16.       !empty($_GET["alias"])) {
    17. 

  17.         $alias = html_entity_decode(rawurldecode($_GET["alias"]));
    18. 

  18.         $result = mailbox('get', 'alias_details', $alias);
    19. 

  19. 

  20.         $template = 'edit/alias.twig';
    21. 

  21.         $template_data = [
    22. 

  22.           'alias' => $alias,
    23. 

  23.           'goto' => (preg_match('/^(null|ham|spam)@localhost$/i', $result['goto'])) ? null : $result['goto'],
    24. 

  24.         ];
    25. 

  25.     }
    26. 

  26.     elseif (isset($_GET['domainadmin'])) {
    27. 

  27.       $domain_admin = $_GET["domainadmin"];
    28. 

  28.       $result = domain_admin('details', $domain_admin);
    29. 

  29.       $template = 'edit/domainadmin.twig';
    30. 

  30.       $template_data = [
    31. 

  31.         'domain_admin' => $domain_admin,
    32. 

  32.         'da_acls' => acl('get', 'domainadmin', $domain_admin),
    33. 

  33.       ];
    34. 

  34.     }
    35. 

  35.     elseif (isset($_GET['admin'])) {
    36. 

  36.       $admin = $_GET["admin"];
    37. 

  37.       $result = admin('details', $admin);
    38. 

  38.       $template = 'edit/admin.twig';
    39. 

  39.       $template_data = ['admin' => $admin];
    40. 

  40.     }
    41. 

  41.     elseif (isset($_GET['domain']) &&
    42. 

  42.       is_valid_domain_name($_GET["domain"]) &&
    43. 

  43.       !empty($_GET["domain"])) {
    44. 

  44.         $domain = $_GET["domain"];
    45. 

  45.         $result = mailbox('get', 'domain_details', $domain);
    46. 

  46.         $quota_notification_bcc = quota_notification_bcc('get', $domain);
    47. 

  47.         $rl = ratelimit('get', 'domain', $domain);
    48. 

  48.         $rlyhosts = relayhost('get');
    49. 

  49.         $template = 'edit/domain.twig';
    50. 

  50.         $template_data = [
    51. 

  51.           'acl' => $_SESSION['acl'],
    52. 

  52.           'domain' => $domain,
    53. 

  53.           'quota_notification_bcc' => $quota_notification_bcc,
    54. 

  54.           'rl' => $rl,
    55. 

  55.           'rlyhosts' => $rlyhosts,
    56. 

  56.           'dkim' => dkim('details', $domain),
    57. 

  57.           'domain_details' => $result,
    58. 

  58.         ];
    59. 

  59.     }
    60. 

  60.     elseif (isset($_GET['oauth2client']) &&
    61. 

  61.       is_numeric($_GET["oauth2client"]) &&
    62. 

  62.       !empty($_GET["oauth2client"])) {
    63. 

  63.         $oauth2client = $_GET["oauth2client"];
    64. 

  64.         $result = oauth2('details', 'client', $oauth2client);
    65. 

  65.         $template = 'edit/oauth2client.twig';
    66. 

  66.         $template_data = ['oauth2client' => $oauth2client];
    67. 

  67.     }
    68. 

  68.     elseif (isset($_GET['aliasdomain']) &&
    69. 

  69.       is_valid_domain_name(html_entity_decode(rawurldecode($_GET["aliasdomain"]))) &&
    70. 

  70.       !empty($_GET["aliasdomain"])) {
    71. 

  71.         $alias_domain = html_entity_decode(rawurldecode($_GET["aliasdomain"]));
    72. 

  72.         $result = mailbox('get', 'alias_domain_details', $alias_domain);
    73. 

  73.         $rl = ratelimit('get', 'domain', $alias_domain);
    74. 

  74.         $template = 'edit/aliasdomain.twig';
    75. 

  75.         $template_data = [
    76. 

  76.           'alias_domain' => $alias_domain,
    77. 

  77.           'rl' => $rl,
    78. 

  78.           'domains' => mailbox('get', 'domains'),
    79. 

  79.           'dkim' => dkim('details', $alias_domain),
    80. 

  80.         ];
    81. 

  81.     }
    82. 

  82.     elseif (isset($_GET['mailbox']) && filter_var(html_entity_decode(rawurldecode($_GET["mailbox"])), FILTER_VALIDATE_EMAIL) && !empty($_GET["mailbox"])) {
    83. 

  83.       $mailbox = html_entity_decode(rawurldecode($_GET["mailbox"]));
    84. 

  84.       $result = mailbox('get', 'mailbox_details', $mailbox);
    85. 

  85.       $rl = ratelimit('get', 'mailbox', $mailbox);
    86. 

  86.       $pushover_data = pushover('get', $mailbox);
    87. 

  87.       $quarantine_notification = mailbox('get', 'quarantine_notification', $mailbox);
    88. 

  88.       $quarantine_category = mailbox('get', 'quarantine_category', $mailbox);
    89. 

  89.       $get_tls_policy = mailbox('get', 'tls_policy', $mailbox);
    90. 

  90.       $rlyhosts = relayhost('get');
    91. 

  91.       $template = 'edit/mailbox.twig';
    92. 

  92.       $template_data = [
    93. 

  93.         'acl' => $_SESSION['acl'],
    94. 

  94.         'mailbox' => $mailbox,
    95. 

  95.         'rl' => $rl,
    96. 

  96.         'pushover_data' => $pushover_data,
    97. 

  97.         'quarantine_notification' => $quarantine_notification,
    98. 

  98.         'quarantine_category' => $quarantine_category,
    99. 

  99.         'get_tls_policy' => $get_tls_policy,
    100. 

  100.         'rlyhosts' => $rlyhosts,
    101. 

  101.         'sender_acl_handles' => mailbox('get', 'sender_acl_handles', $mailbox),
    102. 

  102.         'user_acls' => acl('get', 'user', $mailbox),
    103. 

  103.         'mailbox_details' => $result
    104. 

  104.       ];
    105. 

  105.     }
    106. 

  106.     elseif (isset($_GET['relayhost']) && is_numeric($_GET["relayhost"]) && !empty($_GET["relayhost"])) {
    107. 

  107.         $relayhost = intval($_GET["relayhost"]);
    108. 

  108.         $result = relayhost('details', $relayhost);
    109. 

  109.         $template = 'edit/relayhost.twig';
    110. 

  110.         $template_data = ['relayhost' => $relayhost];
    111. 

  111.     }
    112. 

  112.     elseif (isset($_GET['transport']) && is_numeric($_GET["transport"]) && !empty($_GET["transport"])) {
    113. 

  113.         $transport = intval($_GET["transport"]);
    114. 

  114.         $result = transport('details', $transport);
    115. 

  115.         $template = 'edit/transport.twig';
    116. 

  116.         $template_data = ['transport' => $transport];
    117. 

  117.     }
    118. 

  118.     elseif (isset($_GET['resource']) && filter_var(html_entity_decode(rawurldecode($_GET["resource"])), FILTER_VALIDATE_EMAIL) && !empty($_GET["resource"])) {
    119. 

  119.         $resource = html_entity_decode(rawurldecode($_GET["resource"]));
    120. 

  120.         $result = mailbox('get', 'resource_details', $resource);
    121. 

  121.         $template = 'edit/resource.twig';
    122. 

  122.     }
    123. 

  123.     elseif (isset($_GET['bcc']) && !empty($_GET["bcc"])) {
    124. 

  124.         $bcc = intval($_GET["bcc"]);
    125. 

  125.         $result = bcc('details', $bcc);
    126. 

  126.         $template = 'edit/bcc.twig';
    127. 

  127.         $template_data = ['bcc' => $bcc];
    128. 

  128.     }
    129. 

  129.     elseif (isset($_GET['recipient_map']) &&
    130. 

  130.       !empty($_GET["recipient_map"]) &&
    131. 

  131.       $_SESSION['mailcow_cc_role'] == "admin") {
    132. 

  132.         $map = intval($_GET["recipient_map"]);
    133. 

  133.         $result = recipient_map('details', $map);
    134. 

  134.         if (substr($result['recipient_map_old'], 0, 1) == '@') {
    135. 

  135.           $result['recipient_map_old'] = substr($result['recipient_map_old'], 1);
    136. 

  136.         }
    137. 

  137.         $template = 'edit/recipient_map.twig';
    138. 

  138.         $template_data = ['map' => $map];
    139. 

  139.     }
    140. 

  140.     elseif (isset($_GET['tls_policy_map']) &&
    141. 

  141.       !empty($_GET["tls_policy_map"]) &&
    142. 

  142.       $_SESSION['mailcow_cc_role'] == "admin") {
    143. 

  143.         $map = intval($_GET["tls_policy_map"]);
    144. 

  144.         $result = tls_policy_maps('details', $map);
    145. 

  145.         $template = 'edit/tls_policy_map.twig';
    146. 

  146.         $template_data = [
    147. 

  147.           'map' => $map,
    148. 

  148.           'policy_options' => [
    149. 

  149.             'none',
    150. 

  150.             'may',
    151. 

  151.             'encrypt',
    152. 

  152.             'dane',
    153. 

  153.             'dane-only',
    154. 

  154.             'fingerprint',
    155. 

  155.             'verify',
    156. 

  156.             'secure',
    157. 

  157.           ],
    158. 

  158.         ];
    159. 

  159.     }
    160. 

  160.   }
    161. 

  161.   if ($_SESSION['mailcow_cc_role'] == "admin"  || $_SESSION['mailcow_cc_role'] == "domainadmin" || $_SESSION['mailcow_cc_role'] == "user") {
    162. 

  162.     if (isset($_GET['syncjob']) &&
    163. 

  163.       is_numeric($_GET['syncjob'])) {
    164. 

  164.         $id = $_GET["syncjob"];
    165. 

  165.         $result = mailbox('get', 'syncjob_details', $id);
    166. 

  166.         $template = 'edit/syncjob.twig';
    167. 

  167.       }
    168. 

  168.     elseif (isset($_GET['filter']) &&
    169. 

  169.       is_numeric($_GET['filter'])) {
    170. 

  170.         $id = $_GET["filter"];
    171. 

  171.         $result = mailbox('get', 'filter_details', $id);
    172. 

  172.         $template = 'edit/filter.twig';
    173. 

  173.     }
    174. 

  174.     elseif (isset($_GET['app-passwd']) &&
    175. 

  175.       is_numeric($_GET['app-passwd'])) {
    176. 

  176.         $id = $_GET["app-passwd"];
    177. 

  177.         $result = app_passwd('details', $id);
    178. 

  178.         $template = 'edit/app-passwd.twig';
    179. 

  179.     }
    180. 

  180.   }
    181. 

  181. }
    182. 

  182. else {
    183. 

  183.   $template_data['access_denied'] = true;
    184. 

  184. }
    185. 

  185. 

  186. $js_minifier->add('/web/js/site/edit.js');
    187. 

  187. $js_minifier->add('/web/js/site/pwgen.js');
    188. 

  188. 

  189. $template_data['result'] = $result;
    190. 

  190. $template_data['return_to'] = $_SESSION['return_to'];
    191. 

  191. $template_data['lang_user'] = json_encode($lang['user']);
    192. 

  192. 

  193. require_once $_SERVER['DOCUMENT_ROOT'] . '/inc/footer.inc.php';
    194.