From 47a15c21aaa69715e88535fc72925714004dfa2c Mon Sep 17 00:00:00 2001 From: andryyy Date: Thu, 16 Apr 2020 21:58:30 +0200 Subject: [PATCH] [Rspamd] Pushover, check sender by regex --- data/conf/rspamd/meta_exporter/pushover.php | 8 ++++ data/web/edit.php | 7 +++- data/web/inc/functions.inc.php | 3 ++ data/web/inc/functions.pushover.inc.php | 42 ++++++++++++++++----- data/web/inc/init_db.inc.php | 3 +- data/web/js/build/012-api.js | 13 +++++++ data/web/lang/lang.de.json | 10 +++-- data/web/lang/lang.en.json | 8 ++-- data/web/user.php | 9 ++++- 9 files changed, 82 insertions(+), 21 deletions(-) diff --git a/data/conf/rspamd/meta_exporter/pushover.php b/data/conf/rspamd/meta_exporter/pushover.php index 637b103a2..680c20e81 100644 --- a/data/conf/rspamd/meta_exporter/pushover.php +++ b/data/conf/rspamd/meta_exporter/pushover.php @@ -201,7 +201,15 @@ foreach ($rcpt_final_mailboxes as $rcpt_final) { $attributes = json_decode($api_data['attributes'], true); $senders = explode(',', $api_data['senders']); $senders = array_filter($senders); + $senders_regex = $api_data['senders_regex']; + $sender_validated = true; + if (!empty($senders_regex) && !preg_match($senders_regex, $sender)) { + $sender_validated = false; + } if (!empty($senders) && !in_array($sender, $senders)) { + $sender_validated = false; + } + if ($sender_validated === false) { error_log("NOTIFY: pushover pipe: skipping unwanted sender " . $sender); continue; } diff --git a/data/web/edit.php b/data/web/edit.php index 6d92b28e9..668b69f44 100644 --- a/data/web/edit.php +++ b/data/web/edit.php @@ -738,7 +738,6 @@ if (isset($_SESSION['mailcow_cc_role'])) { -

@@ -777,6 +776,12 @@ if (isset($_SESSION['mailcow_cc_role'])) {
+
+
+ + +
+
diff --git a/data/web/inc/functions.inc.php b/data/web/inc/functions.inc.php index 74a13391f..03eece884 100644 --- a/data/web/inc/functions.inc.php +++ b/data/web/inc/functions.inc.php @@ -1,4 +1,7 @@ 'danger', + 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr), + 'msg' => 'access_denied' + ); + continue; + } + if (!empty($senders_regex) && !is_valid_regex($senders_regex)) { + $_SESSION['return'][] = array( + 'type' => 'danger', + 'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr), + 'msg' => 'Invalid regex' + ); + continue; + } + $senders = array_map('trim', preg_split( "/( |,|;|\n)/", $senders)); foreach ($senders as $i => &$sender) { if (empty($sender)) { continue; @@ -75,21 +99,19 @@ function pushover($_action, $_data = null) { ); continue; } - $title = $_data['title']; - $text = $_data['text']; - $active = intval($_data['active']); $po_attributes = json_encode( array( 'evaluate_x_prio' => strval(intval($evaluate_x_prio)), 'only_x_prio' => strval(intval($only_x_prio)) ) ); - $stmt = $pdo->prepare("REPLACE INTO `pushover` (`username`, `key`, `attributes`, `senders`, `token`, `title`, `text`, `active`) - VALUES (:username, :key, :po_attributes, :senders, :token, :title, :text, :active)"); + $stmt = $pdo->prepare("REPLACE INTO `pushover` (`username`, `key`, `attributes`, `senders_regex`, `senders`, `token`, `title`, `text`, `active`) + VALUES (:username, :key, :po_attributes, :senders_regex, :senders, :token, :title, :text, :active)"); $stmt->execute(array( ':username' => $username, ':key' => $key, ':po_attributes' => $po_attributes, + ':senders_regex' => $senders_regex, ':senders' => $senders, ':token' => $token, ':title' => $title, diff --git a/data/web/inc/init_db.inc.php b/data/web/inc/init_db.inc.php index 0f257097f..3506c97d9 100644 --- a/data/web/inc/init_db.inc.php +++ b/data/web/inc/init_db.inc.php @@ -3,7 +3,7 @@ function init_db_schema() { try { global $pdo; - $db_version = "16042020_1004"; + $db_version = "16042020_2104"; $stmt = $pdo->query("SHOW TABLES LIKE 'versions'"); $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC)); @@ -841,6 +841,7 @@ function init_db_schema() { "title" => "TEXT", "text" => "TEXT", "senders" => "TEXT", + "senders_regex" => "TEXT", "active" => "TINYINT(1) NOT NULL DEFAULT '1'" ), "keys" => array( diff --git a/data/web/js/build/012-api.js b/data/web/js/build/012-api.js index 9b34904fc..b08085908 100644 --- a/data/web/js/build/012-api.js +++ b/data/web/js/build/012-api.js @@ -4,6 +4,7 @@ $(document).ready(function() { var re = /^(([^<>()[\]\\.,;:\s@\"]+(\.[^<>()[\]\\.,;:\s@\"]+)*)|(\".+\"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/; return re.test(email); } + function validateRegex(e){var t=e.split("/"),n=e,r="";t.length>1&&(n=t[1],r=t[2]);try{return new RegExp(n,r),!0}catch(e){return!1}} function is_active(elem) { if ($(elem).data('submitted') == '1') { return true; @@ -134,6 +135,18 @@ $(document).ready(function() { } } } + if ($(this).val() && $(this).attr("regex")) { + var regex_content = $(this).val(); + $(this).removeClass('inputMissingAttr'); + if(!validateRegex(regex_content)) { + invalid = true; + $(this).addClass('inputMissingAttr'); + } + if(!regex_content.startsWith('/') || !/\/[ims]?$/.test(regex_content)){ + invalid = true; + $(this).addClass('inputMissingAttr'); + } + } }); if (!invalid) { var attr_to_merge = $(this).closest("form").serializeObject(); diff --git a/data/web/lang/lang.de.json b/data/web/lang/lang.de.json index faf9eab60..74d8423a7 100644 --- a/data/web/lang/lang.de.json +++ b/data/web/lang/lang.de.json @@ -237,8 +237,9 @@ "pushover_title": "Notification Titel", "text": "Text", "pushover_text": "Notification Text", - "pushover_vars": "Verwendbare Variablen für Titel und Text (Datenschutzrichtlinien beachten)", - "pushover_sender_array": "Nur folgende Sender E-Mail-Adressen berücksichtigen (getrennt durch Komma)", + "pushover_vars": "Wenn kein Sender-Filter definiert ist, werden alle E-Mails berücksichtigt.
Die direkte Absenderprüfung und reguläre Ausdrücke werden unabhängig voneinander geprüft, sie hängen nicht voneinander ab und werden der Reihe nach ausgeführt.
Verwendbare Variablen für Titel und Text (Datenschutzrichtlinien beachten)", + "pushover_sender_array": "Folgende Sender E-Mail-Adressen berücksichtigen (getrennt durch Komma)", + "pushover_sender_regex": "Sender mit folgendem regulären Ausdruck auswählen", "last_mail_login": "Letzter Mail-Login", "no_last_login": "Keine letzte UI Anmeldung gespeichert", "save": "Änderungen speichern", @@ -357,8 +358,9 @@ "pushover_title": "Notification Titel", "text": "Text", "pushover_text": "Notification Text", - "pushover_vars": "Verwendbare Variablen für Titel und Text (Datenschutzrichtlinien beachten)", - "pushover_sender_array": "Nur folgende Sender E-Mail-Adressen berücksichtigen (getrennt durch Komma)", + "pushover_vars": "Wenn kein Sender-Filter definiert ist, werden alle E-Mails berücksichtigt.
Die direkte Absenderprüfung und reguläre Ausdrücke werden unabhängig voneinander geprüft, sie hängen nicht voneinander ab und werden der Reihe nach ausgeführt.
Verwendbare Variablen für Titel und Text (Datenschutzrichtlinien beachten)", + "pushover_sender_array": "Folgende Sender E-Mail-Adressen berücksichtigen (getrennt durch Komma)", + "pushover_sender_regex": "Sender mit folgendem regulären Ausdruck auswählen", "spamfilter": "Spamfilter", "domain_s": "Domain(s)", "rspamd-com_settings": "Ein Name wird automatisch generiert. Beispielinhalte zur Einsicht stehen nachstehend bereit. Siehe auch Rspamd docs", diff --git a/data/web/lang/lang.en.json b/data/web/lang/lang.en.json index 7aded417d..15fa02639 100644 --- a/data/web/lang/lang.en.json +++ b/data/web/lang/lang.en.json @@ -237,8 +237,9 @@ "pushover_title": "Notification title", "text": "Text", "pushover_text": "Notification text", - "pushover_vars": "Useable variables for text and title (please take note of data protection)", - "pushover_sender_array": "Only consider the following sender email addresses (comma-separated)", + "pushover_vars": "When no sender filter is defined, all mails will be considered.
Regex filters as well as exact sender checks can be defined individually and will be considered sequentially. They do not depend on each other.
Useable variables for text and title (please take note of data protection policies)", + "pushover_sender_array": "Consider the following sender email addresses (comma-separated)", + "pushover_sender_regex": "Match senders by the following regex", "no_last_login": "No last UI login information", "last_mail_login": "Last mail login", "save": "Save changes", @@ -357,8 +358,9 @@ "pushover_title": "Notification title", "text": "Text", "pushover_text": "Notification text", - "pushover_vars": "Useable variables for text and title (please take note of data protection)", + "pushover_vars": "When no sender filter is defined, all mails will be considered.
Regex filters as well as exact sender checks can be defined individually and will be considered sequentially. They do not depend on each other.
Useable variables for text and title (please take note of data protection policies)", "pushover_sender_array": "Only consider the following sender email addresses (comma-separated)", + "pushover_sender_regex": "Consider the following sender regex", "spamfilter": "Spam filter", "domain": "Domain", "domain_s": "Domain/s", diff --git a/data/web/user.php b/data/web/user.php index e581e09e7..936eff942 100644 --- a/data/web/user.php +++ b/data/web/user.php @@ -479,7 +479,6 @@ elseif (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == ' -

@@ -515,7 +514,13 @@ elseif (isset($_SESSION['mailcow_cc_role']) && $_SESSION['mailcow_cc_role'] == '
- + +
+
+
+
+ +