From 248d81ab86446f73c0aed3bb0f2aef64abac9192 Mon Sep 17 00:00:00 2001 From: Georg <georg@lysergic.dev> Date: Tue, 29 Jun 2021 17:02:41 +0200 Subject: [PATCH] Mailbox polishments. First Alias attempts. Signed-off-by: Georg <georg@lysergic.dev> --- plugin.py | 203 ++++++++++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 182 insertions(+), 21 deletions(-) diff --git a/plugin.py b/plugin.py index c2c752c..affc914 100644 --- a/plugin.py +++ b/plugin.py @@ -31,7 +31,7 @@ import requests import secrets import string -from supybot import utils, plugins, ircutils, callbacks, ircdb +from supybot import utils, plugins, ircutils, callbacks, ircdb, ircmsgs from supybot.commands import * from supybot.ircmsgs import nick try: @@ -61,8 +61,8 @@ class Mailcow(callbacks.Plugin): #Read-Functions: Summary try: - if 'summary' in variant: - if hostmask in read or write: + if 'summary' in variant: + if hostmask in read or hostmask in write: URL = server + get + '/domain/' + id try: response = requests.get( @@ -78,7 +78,7 @@ class Mailcow(callbacks.Plugin): except requests.exceptions.ConnectionError as err: irc.error("Connection failed.") except requests.exceptions.HTTPError as err: - irc.error(err) + irc.error(err) else: irc.reply("Thou shalt not pass.") print("Intrusion attempt: " + hostmask) @@ -122,7 +122,7 @@ class Mailcow(callbacks.Plugin): else: irc.reply("Thou shall not create.") print("Intrusion attempt: " + hostmask) - + elif 'delete' in variant: if hostmask in write: URL = server + api + '/delete/domain' @@ -137,7 +137,18 @@ class Mailcow(callbacks.Plugin): data = response.json() status = data[0]['type'] object = data[0]['msg'] - irc.reply(f"DELETION: {status} - {msg} - Hey, where's that backup again?") + if 'success' in status: + if 'domain_removed' in object: + usefulstatus = status.replace("success", "Attempted Removal - please manually confirm") + usefulobject = object + else: + usefulstatus = status.replace("success", "Transmitted") + usefulobject = object + else: + usefulstatus = status + usefulobject = object + + irc.reply(f"DELETION: {usefulstatus} - {usefulobject} - Hey, where's that backup again?") else: irc.reply("Thou shall not delete.") print("Intrusion attempt: " + hostmask) @@ -151,8 +162,8 @@ class Mailcow(callbacks.Plugin): irc.error("Invalid domain.") else: irc.error("Unhandled " + str(err)) - - + + maildomain = wrap(maildomain, ['anything', 'anything']) def mailbox(self, irc, msg, args, variant, id): @@ -169,7 +180,7 @@ class Mailcow(callbacks.Plugin): #Read-Functions: Summary try: if 'summary' in variant: - if hostmask in read or write: + if hostmask in read or hostmask in write: URL = server + get + '/mailbox/' + id try: response = requests.get( @@ -183,7 +194,7 @@ class Mailcow(callbacks.Plugin): except requests.exceptions.ConnectionError as err: irc.error("Connection failed.") except requests.exceptions.HTTPError as err: - irc.error(err) + irc.error(err) else: irc.reply("Thou shall not pass.") print("Intrusion attempt: " + hostmask) @@ -194,16 +205,18 @@ class Mailcow(callbacks.Plugin): URL = server + api + '/add/mailbox/' + id user = id.split('@')[0] domain = id.split('@')[1] - random = secrets.token_urlsafe(64) + alphabet = string.ascii_letters + string.digits + random = ''.join(secrets.choice(alphabet) for i in range(64)) + pw = random payload = { "active": "1", "domain": domain, "local_part": user, "name": user + '@' + domain, - "password": random, - "password2": random, + "password": pw, + "password2": pw, "quota": "512", - "force_pw_update": "1", + "force_pw_update": "0", "tls_enforce_in": "1", "tls_enforce_out": "1" } @@ -216,7 +229,12 @@ class Mailcow(callbacks.Plugin): status = data[0]['type'] msg = data[0]['msg'] - irc.reply(f"CREATION: {status} | {msg} | " + str(random) + server) + if 'success' in status: + irc.queueMsg(msg=ircmsgs.IrcMsg(command='PRIVMSG', args=(nick, f'{pw}'))) + irc.reply(f"CREATION OK: {status} | {msg}") + else: + irc.reply(f"CREATION: {status} | {msg}") + else: irc.reply("Thou shall not create.") print("Intrusion attempt: " + hostmask) @@ -235,12 +253,25 @@ class Mailcow(callbacks.Plugin): data = response.json() status = data[0]['type'] object = data[0]['msg'] + if 'danger' in status: + if 'access_denied' in object: + usefulstatus = status.replace("danger", "Error:") + usefulobject = object.replace("access_denied", "Access denied or Mailbox does not exist") + else: + usefulstatus = status.replace("danger", "Error:") + usefulobject = object + elif 'success' in status: + usefulstatus = status.replace("success", "Success:") + usefulobject = object + else: + usefulstatus = status + usefulobject = object - irc.reply(f"DELETION: {status} - {msg}") + irc.reply(f"DELETION: {usefulstatus} {usefulobject}") else: irc.reply("Thou shall not delete.") print("Intrusion attempt: " + hostmask) - + else: irc.reply('Unknown function.') @@ -253,6 +284,114 @@ class Mailcow(callbacks.Plugin): mailbox = wrap(mailbox, ['anything', 'anything']) + def mailalias(self, irc, msg, args, variant, id, id2): + """<option> <id> [<id2>] + i.e. 'summary cranberrry@lib.casa' will print some details about this alias""" + + server = self.registryValue('api.server') + api_key = self.registryValue('api.key') + read = self.registryValue('access.read') + write = self.registryValue('access.write') + nick = msg.nick + hostmask = irc.state.nickToHostmask(msg.nick) + + #Read-Functions: Summary + try: + if 'summary' in variant: + if hostmask in read or hostmask in write: + URL = server + get + '/alias/' + id + try: + response = requests.get( + URL, + params={'q': 'requests'}, + headers={'accept': 'application/json', 'X-API-Key': api_key}, + ) + data = response.json() + print(response.json()) + if 'address' not in data: + irc.error('Alias not found or error not handled.') + else: + irc.reply('From: ' + data['address'] + ' | To: ' + str(data['goto']) + ' | ID: ' + str(data['id']) + ' | Catch-All: ' + str(data['is_catch_all']) + ' | Comment: ' + str(data['public_comment']) + ' | Active: ' + str(data['active'])) + except requests.exceptions.ConnectionError as err: + irc.error("Connection failed.") + except requests.exceptions.HTTPError as err: + irc.error(err) + + else: + irc.reply("Thou shall not pass.") + print("Intrusion attempt: " + hostmask) + + #Write-Functions: Create/Delete + elif 'create' in variant: #IN PROGRESS + if hostmask in write: + URL = server + api + '/add/alias' + fromaddress = id + toaddress = id2 + payload = { + "active": "1", + "address": fromaddress, + "goto": toaddress, + } + response = requests.post( + URL, + headers = {'accept': 'application/json', 'X-API-Key': api_key, 'Content-Type': 'application/json'}, + json = payload, + ) + data = response.json() + status = data[0]['type'] + msg = data[0]['msg'] + + irc.reply(f"Alias Creation: {status} | {msg}") + + else: + irc.reply("Thou shall not create.") + print("Intrusion attempt: " + hostmask) + + elif 'delete' in variant: #EXAMPLE EXAMPLE EXAMPLE + if hostmask in write: + URL = server + api + '/delete/mailbox/' + id + payload = [ + id + ] + response = requests.post( + URL, + headers = {'accept': 'application/json', 'X-API-Key': api_key, 'Content-Type': 'application/json'}, + json = payload, + ) + data = response.json() + status = data[0]['type'] + object = data[0]['msg'] + if 'danger' in status: + if 'access_denied' in object: + usefulstatus = status.replace("danger", "Error:") + usefulobject = object.replace("access_denied", "Access denied or Mailbox does not exist") + else: + usefulstatus = status.replace("danger", "Error:") + usefulobject = object + elif 'success' in status: + usefulstatus = status.replace("success", "Success:") + usefulobject = object + else: + usefulstatus = status + usefulobject = object + + irc.reply(f"DELETION: {usefulstatus} {usefulobject}") + else: + irc.reply("Thou shall not delete.") + print("Intrusion attempt: " + hostmask) + + else: + irc.reply('Unknown function.') + + except KeyError as err: + key = err.args[0] + if key == 'username': + irc.error("Invalid alias.") + else: + irc.error("Unhandled " + str(err)) + + mailalias = wrap(mailalias, ['anything', 'anything', optional('anything')]) + ############################################################ #FOR DEBUGGING / REMOVE BEFORE RELEASE (or don't, developers hostmask is hardcoded) ############################################################ @@ -269,12 +408,12 @@ class Mailcow(callbacks.Plugin): if hostmask in read or hostmask in write: if hostmask == 'cranberry!~u@cranberry.juice': - if 'key' in variant: + if 'key' in variant: irc.reply('> ' + api_key + ' <') - - elif 'server' in variant: + + elif 'server' in variant: irc.reply('> ' + server + ' <') - + elif 'user' in variant: u = ircdb.users.getUser(msg.prefix) nick = msg.nick @@ -288,6 +427,28 @@ class Mailcow(callbacks.Plugin): elif 'write' in variant: irc.reply('> ' + str(write) + ' <') + elif 'whois' in variant: + user = 'foo.bar' + # this does not work. i tried to do some cool logic that figures out if the user you request a box for exists in order to send them their password directly + # i suck + # help me?? + requester = ircmsgs.IrcMsg(command='WHO', args=(nick, 'n')) + receiver = ircmsgs.IrcMsg(command='WHO', args=(user, 'n')) + print('DEBUG WHO', requester, receiver) + if 'nick' in requester: + irc.reply('found requester.', requester) + elif not 'nick' in requester: + irc.reply('did not find requester. what the fuck.', requester) + else: + irc.reply('program me better', requester) + if 'user' in receiver: + irc.reply('found receiver.', receiver) + elif not 'user' in receiver: + irc.reply('did not find receiver.', receiver) + else: + irc.reply('program me better', receiver) + irc.reply('see console') + else: irc.reply("What?") else: