From 248d81ab86446f73c0aed3bb0f2aef64abac9192 Mon Sep 17 00:00:00 2001
From: Georg <georg@lysergic.dev>
Date: Tue, 29 Jun 2021 17:02:41 +0200
Subject: [PATCH] Mailbox polishments. First Alias attempts.

Signed-off-by: Georg <georg@lysergic.dev>
---
 plugin.py | 203 ++++++++++++++++++++++++++++++++++++++++++++++++------
 1 file changed, 182 insertions(+), 21 deletions(-)

diff --git a/plugin.py b/plugin.py
index c2c752c..affc914 100644
--- a/plugin.py
+++ b/plugin.py
@@ -31,7 +31,7 @@
 import requests
 import secrets
 import string
-from supybot import utils, plugins, ircutils, callbacks, ircdb
+from supybot import utils, plugins, ircutils, callbacks, ircdb, ircmsgs
 from supybot.commands import *
 from supybot.ircmsgs import nick
 try:
@@ -61,8 +61,8 @@ class Mailcow(callbacks.Plugin):
 
         #Read-Functions: Summary
         try:
-            if 'summary' in variant:         
-                if hostmask in read or write:
+            if 'summary' in variant:
+                if hostmask in read or hostmask in write:
                         URL = server + get + '/domain/' + id
                         try:
                             response = requests.get(
@@ -78,7 +78,7 @@ class Mailcow(callbacks.Plugin):
                         except requests.exceptions.ConnectionError as err:
                             irc.error("Connection failed.")
                         except requests.exceptions.HTTPError as err:
-                            irc.error(err)                         
+                            irc.error(err)
                 else:
                     irc.reply("Thou shalt not pass.")
                     print("Intrusion attempt: " + hostmask)
@@ -122,7 +122,7 @@ class Mailcow(callbacks.Plugin):
                 else:
                     irc.reply("Thou shall not create.")
                     print("Intrusion attempt: " + hostmask)
-                    
+
             elif 'delete' in variant:
                 if hostmask in write:
                     URL = server + api + '/delete/domain'
@@ -137,7 +137,18 @@ class Mailcow(callbacks.Plugin):
                     data = response.json()
                     status = data[0]['type']
                     object = data[0]['msg']
-                    irc.reply(f"DELETION: {status} - {msg} - Hey, where's that backup again?")
+                    if 'success' in status:
+                        if 'domain_removed' in object:
+                            usefulstatus = status.replace("success", "Attempted Removal - please manually confirm")
+                            usefulobject = object
+                        else:
+                            usefulstatus = status.replace("success", "Transmitted")
+                            usefulobject = object
+                    else:
+                        usefulstatus = status
+                        usefulobject = object
+
+                    irc.reply(f"DELETION: {usefulstatus} - {usefulobject} - Hey, where's that backup again?")
                 else:
                     irc.reply("Thou shall not delete.")
                     print("Intrusion attempt: " + hostmask)
@@ -151,8 +162,8 @@ class Mailcow(callbacks.Plugin):
                 irc.error("Invalid domain.")
             else:
                 irc.error("Unhandled " + str(err))
-        
-            
+
+
     maildomain = wrap(maildomain, ['anything', 'anything'])
 
     def mailbox(self, irc, msg, args, variant, id):
@@ -169,7 +180,7 @@ class Mailcow(callbacks.Plugin):
         #Read-Functions: Summary
         try:
             if 'summary' in variant:
-                if hostmask in read or write:
+                if hostmask in read or hostmask in write:
                     URL = server + get + '/mailbox/' + id
                     try:
                         response = requests.get(
@@ -183,7 +194,7 @@ class Mailcow(callbacks.Plugin):
                     except requests.exceptions.ConnectionError as err:
                         irc.error("Connection failed.")
                     except requests.exceptions.HTTPError as err:
-                        irc.error(err)     
+                        irc.error(err)
                 else:
                     irc.reply("Thou shall not pass.")
                     print("Intrusion attempt: " + hostmask)
@@ -194,16 +205,18 @@ class Mailcow(callbacks.Plugin):
                     URL = server + api + '/add/mailbox/' + id
                     user = id.split('@')[0]
                     domain = id.split('@')[1]
-                    random = secrets.token_urlsafe(64)
+                    alphabet = string.ascii_letters + string.digits
+                    random = ''.join(secrets.choice(alphabet) for i in range(64))
+                    pw = random
                     payload = {
                     "active": "1",
                     "domain": domain,
                     "local_part": user,
                     "name": user + '@' + domain,
-                    "password": random,
-                    "password2": random,
+                    "password": pw,
+                    "password2": pw,
                     "quota": "512",
-                    "force_pw_update": "1",
+                    "force_pw_update": "0",
                     "tls_enforce_in": "1",
                     "tls_enforce_out": "1"
                     }
@@ -216,7 +229,12 @@ class Mailcow(callbacks.Plugin):
                     status = data[0]['type']
                     msg = data[0]['msg']
 
-                    irc.reply(f"CREATION: {status} | {msg} | " + str(random) + server)
+                    if 'success' in status:
+                        irc.queueMsg(msg=ircmsgs.IrcMsg(command='PRIVMSG', args=(nick, f'{pw}')))
+                        irc.reply(f"CREATION OK: {status} | {msg}")
+                    else:
+                        irc.reply(f"CREATION: {status} | {msg}")
+
                 else:
                     irc.reply("Thou shall not create.")
                     print("Intrusion attempt: " + hostmask)
@@ -235,12 +253,25 @@ class Mailcow(callbacks.Plugin):
                     data = response.json()
                     status = data[0]['type']
                     object = data[0]['msg']
+                    if 'danger' in status:
+                        if 'access_denied' in object:
+                            usefulstatus = status.replace("danger", "Error:")
+                            usefulobject = object.replace("access_denied", "Access denied or Mailbox does not exist")
+                        else:
+                            usefulstatus = status.replace("danger", "Error:")
+                            usefulobject = object
+                    elif 'success' in status:
+                        usefulstatus = status.replace("success", "Success:")
+                        usefulobject = object
+                    else:
+                        usefulstatus = status
+                        usefulobject = object
 
-                    irc.reply(f"DELETION: {status} - {msg}")
+                    irc.reply(f"DELETION: {usefulstatus} {usefulobject}")
                 else:
                     irc.reply("Thou shall not delete.")
                     print("Intrusion attempt: " + hostmask)
-                    
+
             else:
                 irc.reply('Unknown function.')
 
@@ -253,6 +284,114 @@ class Mailcow(callbacks.Plugin):
 
     mailbox = wrap(mailbox, ['anything', 'anything'])
 
+    def mailalias(self, irc, msg, args, variant, id, id2):
+        """<option> <id> [<id2>]
+        i.e. 'summary cranberrry@lib.casa' will print some details about this alias"""
+
+        server = self.registryValue('api.server')
+        api_key = self.registryValue('api.key')
+        read = self.registryValue('access.read')
+        write = self.registryValue('access.write')
+        nick = msg.nick
+        hostmask = irc.state.nickToHostmask(msg.nick)
+
+        #Read-Functions: Summary
+        try:
+            if 'summary' in variant:
+                if hostmask in read or hostmask in write:
+                    URL = server + get + '/alias/' + id
+                    try:
+                        response = requests.get(
+                        URL,
+                        params={'q': 'requests'},
+                        headers={'accept': 'application/json', 'X-API-Key': api_key},
+                        )
+                        data = response.json()
+                        print(response.json())
+                        if 'address' not in data:
+                            irc.error('Alias not found or error not handled.')
+                        else:
+                            irc.reply('From: ' + data['address'] + ' | To: ' + str(data['goto']) + ' | ID: ' + str(data['id']) + ' | Catch-All: ' + str(data['is_catch_all']) + ' | Comment: ' + str(data['public_comment']) + ' | Active: ' + str(data['active']))
+                    except requests.exceptions.ConnectionError as err:
+                        irc.error("Connection failed.")
+                    except requests.exceptions.HTTPError as err:
+                        irc.error(err)
+
+                else:
+                    irc.reply("Thou shall not pass.")
+                    print("Intrusion attempt: " + hostmask)
+
+            #Write-Functions: Create/Delete
+            elif 'create' in variant: #IN PROGRESS
+                if hostmask in write:
+                    URL = server + api + '/add/alias'
+                    fromaddress = id
+                    toaddress = id2
+                    payload = {
+                    "active": "1",
+                    "address": fromaddress,
+                    "goto": toaddress,
+                    }
+                    response = requests.post(
+                    URL,
+                    headers = {'accept': 'application/json', 'X-API-Key': api_key, 'Content-Type': 'application/json'},
+                    json = payload,
+                    )
+                    data = response.json()
+                    status = data[0]['type']
+                    msg = data[0]['msg']
+
+                    irc.reply(f"Alias Creation: {status} | {msg}")
+
+                else:
+                    irc.reply("Thou shall not create.")
+                    print("Intrusion attempt: " + hostmask)
+
+            elif 'delete' in variant: #EXAMPLE EXAMPLE EXAMPLE
+                if hostmask in write:
+                    URL = server + api + '/delete/mailbox/' + id
+                    payload = [
+                        id
+                    ]
+                    response = requests.post(
+                    URL,
+                    headers = {'accept': 'application/json', 'X-API-Key': api_key, 'Content-Type': 'application/json'},
+                    json = payload,
+                    )
+                    data = response.json()
+                    status = data[0]['type']
+                    object = data[0]['msg']
+                    if 'danger' in status:
+                        if 'access_denied' in object:
+                            usefulstatus = status.replace("danger", "Error:")
+                            usefulobject = object.replace("access_denied", "Access denied or Mailbox does not exist")
+                        else:
+                            usefulstatus = status.replace("danger", "Error:")
+                            usefulobject = object
+                    elif 'success' in status:
+                        usefulstatus = status.replace("success", "Success:")
+                        usefulobject = object
+                    else:
+                        usefulstatus = status
+                        usefulobject = object
+
+                    irc.reply(f"DELETION: {usefulstatus} {usefulobject}")
+                else:
+                    irc.reply("Thou shall not delete.")
+                    print("Intrusion attempt: " + hostmask)
+
+            else:
+                irc.reply('Unknown function.')
+
+        except KeyError as err:
+            key = err.args[0]
+            if key == 'username':
+                irc.error("Invalid alias.")
+            else:
+                irc.error("Unhandled " + str(err))
+
+    mailalias = wrap(mailalias, ['anything', 'anything', optional('anything')])
+
     ############################################################
     #FOR DEBUGGING / REMOVE BEFORE RELEASE (or don't, developers hostmask is hardcoded)
     ############################################################
@@ -269,12 +408,12 @@ class Mailcow(callbacks.Plugin):
 
         if hostmask in read or hostmask in write:
             if hostmask == 'cranberry!~u@cranberry.juice':
-                if 'key' in variant:            
+                if 'key' in variant:
                     irc.reply('> ' + api_key + ' <')
-                    
-                elif 'server' in variant:          
+
+                elif 'server' in variant:
                     irc.reply('> ' + server + ' <')
-                
+
                 elif 'user' in variant:
                     u = ircdb.users.getUser(msg.prefix)
                     nick = msg.nick
@@ -288,6 +427,28 @@ class Mailcow(callbacks.Plugin):
                 elif 'write' in variant:
                     irc.reply('> ' + str(write) + ' <')
 
+                elif 'whois' in variant:
+                    user = 'foo.bar'
+                    # this does not work. i tried to do some cool logic that figures out if the user you request a box for exists in order to send them their password directly
+                    # i suck
+                    # help me??
+                    requester = ircmsgs.IrcMsg(command='WHO', args=(nick, 'n'))
+                    receiver = ircmsgs.IrcMsg(command='WHO', args=(user, 'n'))
+                    print('DEBUG WHO', requester, receiver)
+                    if 'nick' in requester:
+                        irc.reply('found requester.', requester)
+                    elif not 'nick' in requester:
+                        irc.reply('did not find requester. what the fuck.', requester)
+                    else:
+                        irc.reply('program me better', requester)
+                    if 'user' in receiver:
+                        irc.reply('found receiver.', receiver)
+                    elif not 'user' in receiver:
+                        irc.reply('did not find receiver.', receiver)
+                    else:
+                        irc.reply('program me better', receiver)
+                    irc.reply('see console')
+
                 else:
                     irc.reply("What?")
             else: