feat: Internet Message Events Support

Signed-off-by: SebastianKrupinski <[email protected]>
nextcloud · Oct 3, 2024 · 5b71bfc · 5b71bfc
1 parent 2fad3ec
commit 5b71bfc
Show file tree

Hide file tree

Showing 7 changed files with 442 additions and 1 deletion.
diff --git a/appinfo/routes.php b/appinfo/routes.php
@@ -485,6 +485,11 @@
 			'url' => '/api/follow-up/check-message-ids',
 			'verb' => 'POST',
 		],
+		[
+			'name' => 'ime#index',
+			'url' => '/ime',
+			'verb' => 'POST',
+		],
 	],
 	'resources' => [
 		'accounts' => ['url' => '/api/accounts'],

diff --git a/lib/Controller/ImeController.php b/lib/Controller/ImeController.php
@@ -0,0 +1,115 @@
+<?php
+
+declare(strict_types=1);
+
+/**
+ * SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+
+namespace OCA\Mail\Controller;
+
+use Exception;
+use OCA\Mail\AppInfo\Application;
+use OCA\Mail\Http\JsonResponse;
+use OCA\Mail\Service\Ime\ImeService;
+use OCP\AppFramework\Controller;
+use OCP\AppFramework\Http;
+use OCP\IRequest;
+use Psr\Log\LoggerInterface;
+
+#[OpenAPI(scope: OpenAPI::SCOPE_IGNORE)]
+class ImeController extends Controller {
+
+	public function __construct(
+		IRequest $request,
+		private ImeService $ImeService
+	) {
+		parent::__construct(Application::APP_ID, $request);
+	}
+
+	/**
+	 * @NoAdminRequired
+	 * @NoCSRFRequired
+	 * @PublicPage
+	 * @UserRateThrottle(limit=60, period=60)
+	 */
+	public function index(array $events): JsonResponse {
+
+		if (!$this->ImeService->getEnabled() || !$this->authorize()) {
+			return JsonResponse::fail();
+		}
+
+		$this->ImeService->handle($events);
+
+		return JsonResponse::success();
+
+	}
+
+	/**
+	 * authorize ime request
+	 * 
+	 * @return bool
+	 */
+	public function authorize(): bool {
+
+		$restriction = $this->ImeService->getRestrictions();
+		$source = $this->request->__get('server')['REMOTE_ADDR'];
+
+		// evaluate, if id address restriction is set
+		if (!empty($restriction)) {
+			$addresses = explode(' ', $restriction);
+			foreach ($addresses as $entry) {
+				// evaluate, if ip address matches
+				if ($this->ipInCidr($source, $entry)) {
+					return true;
+				}
+			}
+		}
+
+		return false;
+
+	}
+
+	protected function ipInCidr(string $ip, string $cidr): bool {
+
+        if (str_contains($cidr, '/')) {
+            // split cidr and convert to parameters
+            list($cidr_net, $cidr_mask) = explode('/', $cidr);
+            // convert ip address and cidr network to binary
+            $ip = inet_pton($ip);
+            $cidr_net = inet_pton($cidr_net);
+            // evaluate, if ip is valid
+            if ($ip === false) {
+                throw new InvalidArgumentException('Invalid IP Address');
+            }
+            // evaluate, if cidr network is valid
+            if ($cidr_net === false) {
+                throw new InvalidArgumentException('Invalid CIDR Network');
+            }
+            // evaluate, if ip and network are the same version
+            if (strlen($ip) != strlen($cidr_net)) {
+                throw new InvalidArgumentException('IP Address and CIDR Network version do not match');
+            }
+
+            // determain the amount of full bit bytes and add them
+            $mask = str_repeat(chr(255), (int) floor($cidr_mask / 8));
+            // determain, if any bits are remaing
+            if ((strlen($mask) * 8) < $cidr_mask) {
+                $mask .= chr(1 << (8 - ($cidr_mask - (strlen($mask) * 8))));
+            }
+            // determain, the amount of empty bit bytes and add them
+            $mask = str_pad($mask, strlen($cidr_net), chr(0));
+
+            // Compare the mask
+            return ($ip & $mask) === ($cidr_net & $mask);
+
+        }
+        else {
+            // return comparison
+            return inet_pton($ip) === inet_pton($cidr);
+        }
+
+    }
+
+}
diff --git a/lib/Db/MailAccountMapper.php b/lib/Db/MailAccountMapper.php
@@ -104,6 +104,27 @@ public function findByUserIdAndAddress(string $userId, string $address): array {
 		return $this->findEntities($query);
 	}
 
+	/**
+	 * Finds a mail account(s) by inbound user identity
+	 *
+	 * @since 5.0.0
+	 *
+	 * @param string $userId remote system inbound user identity
+	 *
+	 * @return MailAccount[]
+	 */
+	public function findByInboundUserId(string $value): array {
+
+		$qb = $this->db->getQueryBuilder();
+		$query = $qb
+			->select('*')
+			->from($this->getTableName())
+			->where($qb->expr()->eq('inbound_user', $qb->createNamedParameter($value)));
+
+		return $this->findEntities($query);
+
+	}
+
 	/**
 	 * @throws DoesNotExistException
 	 * @throws MultipleObjectsReturnedException

diff --git a/lib/Service/AccountService.php b/lib/Service/AccountService.php
@@ -107,6 +107,23 @@ public function findByUserIdAndAddress(string $userId, string $address): array {
 		}, $this->mapper->findByUserIdAndAddress($userId, $address));
 	}
 
+	/**
+	 * Finds a mail account by inbound user identity
+	 *
+	 * @since 5.0.0
+	 *
+	 * @param string $value remote system inbound user identity
+	 *
+	 * @return Account[]
+	 */
+	public function findByInboundUserId(string $value): array {
+
+		return array_map(static function ($a) {
+			return new Account($a);
+		}, $this->mapper->findByInboundUserId($value));
+
+	}
+
 	/**
 	 * @param string $userId
 	 * @param int $id