todo.sr.ht/todosrht-lmtp

#!/usr/bin/env python3
from srht.config import cfg, get_origin
from srht.database import db, DbSession
db = DbSession(cfg("todo.sr.ht", "connection-string"))
import todosrht.types
db.init()

from aiosmtpd.lmtp import SMTP, LMTP
from email.utils import parseaddr
from grp import getgrnam
from todosrht.access import get_tracker, get_ticket
from todosrht.types import TicketAccess, TicketResolution, Tracker, Ticket, User
from todosrht.tickets import submit_ticket, add_comment
from srht.validation import Validation
import asyncio
import email
import email.policy
import os
import shlex
import signal
import sys

loop = asyncio.new_event_loop()

class MailHandler:
    def lookup_destination(self, address, sender):
        # Address formats are:
        # Tracker (opening a new ticket):
        # ~username/tracker@todo.sr.ht
        #   or (for shitty MTAs):
        # u.username.tracker@todo.sr.ht
        # Ticket (participating in dicsussion):
        # ~username/tracker/1234@todo.sr.ht
        #   or (for shitty MTAs):
        # u.username.tracker.1234@todo.sr.ht
        address = address[:address.rfind("@")]
        # TODO: Subscribe to trackers & tickets via email
        ticket_id = None, None
        if address.startswith("~"):
            # TODO: user groups
            parts = address.split("/")
            if len(parts) == 2:
                owner, tracker_name = parts
            elif len(parts) == 3:
                owner, tracker_name, ticket_id = parts
                try:
                    ticket_id = int(ticket_id)
                except:
                    return None, None
            else:
                return None, None
        else:
            address = address.split(".")
            if len(address) == 3:
                prefix, owner, list_name = address
            elif len(address) == 4:
                prefix, owner, list_name, ticket_id = address
                try:
                    ticket_id = int(ticket_id)
                except:
                    return None, None
            else:
                return None, None
            if prefix == "u":
                owner = "~" + owner
            else:
                # TODO: user groups
                return None, None
        tracker, access = get_tracker(owner, tracker_name, user=sender)
        if not ticket_id:
            return tracker, access
        ticket, access = get_ticket(tracker, ticket_id, user=sender)
        return ticket, access

    async def handle_RCPT(self, server, session,
            envelope, address, rcpt_options):
        print("RCPT {}".format(address))
        envelope.rcpt_tos.append(address)
        return "250 OK"

    async def handle_tracker_message(self, tracker, sender, access, mail, body):
        if not TicketAccess.submit in access:
            print("Rejected, insufficient permissions")
            return "550 You do not have permission to post on this tracker."

        subject = mail["Subject"]
        valid = Validation({
            "title": subject,
            "description": body,
        })

        title = valid.require("title")
        desc = valid.optional("description")

        valid.expect(not title or 3 <= len(title) <= 2048,
                "Title must be between 3 and 2048 characters",
                field="title")
        valid.expect(not desc or len(desc) < 16384,
                "Description must be no more than 16384 characters",
                field="description")

        if not valid.ok:
            print("Rejecting email due to validation errors")
            return "550 " + ", ".join([e["reason"] for e in valid.errors])

        ticket = submit_ticket(tracker, sender, title, desc)
        print(f"Created ticket {ticket.ref()}")
        return "250 Message accepted for delivery"

    async def handle_ticket_message(self, ticket, sender, access, mail, body):
        required_access = TicketAccess.comment
        last_line = body.splitlines()[-1]

        resolution = None
        resolve = reopen = False
        cmds = ["!resolve", "!reopen", "!assign", "!label", "!unlabel"]
        if any(last_line.startswith(cmd) for cmd in cmds):
            cmd = shlex.split(last_line)
            body = body[:-len(last_line)-1].rstrip()
            required_access = TicketAccess.triage
            if cmd[0] == "!resolve" and len(cmd) == 2:
                resolve = True
                resolution = TicketResolution[cmd[1].lower()]
            elif cmd[0] == "!reopen":
                reopen = True
            # TODO: Remaining commands

        if not required_access in access:
            print(f"Rejected, {sender.canonical_name} has insufficient " +
                f"permissions (have {access}, want {required_access})")
            return "550 You do not have permission to post on this tracker."

        if not body or 3 > len(body) > 16384:
            print("Rejected, invalid comment length")
            return "550 Comment must be between 3 and 16384 characters."

        event = add_comment(sender, ticket, text=body,
                resolution=resolution, resolve=resolve, reopen=reopen)
        print(f"Added comment to {ticket.ref()}")
        return "250 Message accepted for delivery"

    async def handle_DATA(self, server, session, envelope):
        try:
            return await self._handle_DATA(server, session, envelope)
        except:
            db.session.rollback()
            raise

    async def _handle_DATA(self, server, session, envelope):
        address = envelope.rcpt_tos[0]

        mail = email.message_from_bytes(envelope.content,
                policy=email.policy.SMTP)
        _from = parseaddr(mail["From"])
        sender = User.query.filter(User.email == _from[1]).one_or_none()

        if not sender:
            print(f"Rejecting email from unknown sender {_from[1]}")
            # TODO: allow posting from users without an account
            return ("550 There is no account associated with this address. " +
                "Have you logged into todo.sr.ht on the web before?")

        dest, access = self.lookup_destination(address, sender)
        if dest is None:
            print("Rejected, destination not found")
            return "550 The tracker or ticket you requested does not exist."

        body = None
        for part in mail.walk():
            if part.is_multipart():
                continue
            content_type = part.get_content_type()
            [charset] = part.get_charsets("utf-8")
            if content_type == 'text/plain':
                body = part.get_payload(decode=True).decode(charset)
                break

        if isinstance(dest, Tracker):
            return await self.handle_tracker_message(
                    dest, sender, access, mail, body)
        elif isinstance(dest, Ticket):
            return await self.handle_ticket_message(
                    dest, sender, access, mail, body)
        else:
            assert False

async def create_server():
    sock_gid = getgrnam(cfg("todo.sr.ht::mail", "sock-group")).gr_gid
    handler = MailHandler()
    sock = cfg("todo.sr.ht::mail", "sock")
    if "/" in sock:
        await loop.create_unix_server(
                lambda: LMTP(handler, enable_SMTPUTF8=True),
                path=sock)
        os.chmod(sock, 0o775)
        os.chown(sock, os.getuid(), sock_gid)
    else:
        host, port = sock.split(":")
        await loop.create_server(
                lambda: SMTP(handler, enable_SMTPUTF8=True),
                host=host, port=int(port))

def sigint_handler():
    print("Exiting due to SIGINT")
    sys.exit(0)

loop.add_signal_handler(signal.SIGINT, sigint_handler)

print("Starting incoming mail daemon")
loop.run_until_complete(create_server())
loop.run_forever()
loop.close()