Close #2372: Implement a GUI for WILDCARD_SENDERS

2 years ago · 38507b2e1b
parent 6a22c82c02
commit 38507b2e1b
7 changed files with 31 additions and 2 deletions
--- a/core/admin/mailu/internal/views/postfix.py
+++ b/core/admin/mailu/internal/views/postfix.py
@ -145,8 +145,9 @@ def postfix_sender_login(sender):
    localpart = localpart[:next((i for i, ch in enumerate(localpart) if ch in flask.current_app.config.get('RECIPIENT_DELIMITER')), None)]
    destinations = models.Email.resolve_destination(localpart, domain_name, True) or []
    destinations.extend(wildcard_senders)
+    destinations.extend(i[0] for i in models.User.query.filter_by(allow_spoofing=True).with_entities(models.User.email).all())
    if destinations:
-        return flask.jsonify(",".join(idna_encode(destinations)))
+        return flask.jsonify(",".join(idna_encode(list(set(destinations)))))
    return flask.abort(404)

@internal.route("/postfix/sender/rate/<path:sender>")
--- a/core/admin/mailu/models.py
+++ b/core/admin/mailu/models.py
@ -501,6 +501,7 @@ class User(Base, Email):
    # Features
    enable_imap = db.Column(db.Boolean, nullable=False, default=True)
    enable_pop = db.Column(db.Boolean, nullable=False, default=True)
+    allow_spoofing = db.Column(db.Boolean, nullable=False, default=False)

    # Filters
    forward_enabled = db.Column(db.Boolean, nullable=False, default=False)
--- a/core/admin/mailu/ui/forms.py
+++ b/core/admin/mailu/ui/forms.py
@ -84,6 +84,7 @@ class UserForm(flask_wtf.FlaskForm):
    quota_bytes = fields_.IntegerSliderField(_('Quota'), default=10**9)
    enable_imap = fields.BooleanField(_('Allow IMAP access'), default=True)
    enable_pop = fields.BooleanField(_('Allow POP3 access'), default=True)
+    allow_spoofing = fields.BooleanField(_('Allow the user to spoof the sender (send email as anyone)'), default=False)
    displayed_name = fields.StringField(_('Displayed name'))
    comment = fields.StringField(_('Comment'))
    enabled = fields.BooleanField(_('Enabled'), default=True)
--- a/core/admin/mailu/ui/templates/user/create.html
+++ b/core/admin/mailu/ui/templates/user/create.html
@ -25,6 +25,7 @@
      prepend='<span class="input-group-text"><span id="quota_bytes_value"></span>&nbsp;GB</span>') }}
  {{ macros.form_field(form.enable_imap) }}
  {{ macros.form_field(form.enable_pop) }}
+  {{ macros.form_field(form.allow_spoofing) }}
  {%- endcall %}

  {{ macros.form_field(form.submit) }}
--- a/core/admin/migrations/versions/7ac252f2bbbf_.py
+++ b/core/admin/migrations/versions/7ac252f2bbbf_.py
@ -0,0 +1,22 @@
+"""empty message
+
+Revision ID: 7ac252f2bbbf
+Revises: 8f9ea78776f4
+Create Date: 2022-11-20 08:57:16.879152
+
+"""
+
+# revision identifiers, used by Alembic.
+revision = '7ac252f2bbbf'
+down_revision = '8f9ea78776f4'
+
+from alembic import op
+import sqlalchemy as sa
+
+
+def upgrade():
+    op.add_column('user', sa.Column('allow_spoofing', sa.Boolean(), nullable=False))
+
+
+def downgrade():
+    op.drop_column('user', 'allow_spoofing')
--- a/docs/webadministration.rst
+++ b/docs/webadministration.rst
@ -321,7 +321,7 @@ This page also shows an overview of the following settings of an user:

 * Email. The email address of the user.

-* Features. Shows if IMAP or POP3 access is enabled.
+* Features. Shows if IMAP or POP3 access is enabled and whether the user should be allowed to spoof emails.

 * Storage quota. Shows how much assigned storage has been consumed.

@ -357,6 +357,8 @@ For adding a new user the following options can be configured.

 * Allow POP3 access. When ticked, allows email retrieval via the POP3 protocol.

+* Allow the user to spoof the sender. When ticked, allows the user to send email as anyone.
+

 Aliases
 ```````
--- a/towncrier/newsfragments/2372.feature
+++ b/towncrier/newsfragments/2372.feature
@ -0,0 +1 @@
+Create a GUI for WILDCARD_SENDERS