213 lines
7.6 KiB
Python
Executable File
213 lines
7.6 KiB
Python
Executable File
#!/usr/bin/env python3
|
|
from srht.config import cfg, get_origin
|
|
from srht.database import db, DbSession
|
|
db = DbSession(cfg("todo.sr.ht", "connection-string"))
|
|
import todosrht.types
|
|
db.init()
|
|
|
|
from aiosmtpd.lmtp import SMTP, LMTP
|
|
from email.utils import parseaddr
|
|
from grp import getgrnam
|
|
from todosrht.access import get_tracker, get_ticket
|
|
from todosrht.types import TicketAccess, TicketResolution, Tracker, Ticket, User
|
|
from todosrht.tickets import submit_ticket, add_comment
|
|
from srht.validation import Validation
|
|
import asyncio
|
|
import email
|
|
import email.policy
|
|
import os
|
|
import shlex
|
|
import signal
|
|
import sys
|
|
|
|
loop = asyncio.new_event_loop()
|
|
|
|
class MailHandler:
|
|
def lookup_destination(self, address, sender):
|
|
# Address formats are:
|
|
# Tracker (opening a new ticket):
|
|
# ~username/tracker@todo.sr.ht
|
|
# or (for shitty MTAs):
|
|
# u.username.tracker@todo.sr.ht
|
|
# Ticket (participating in dicsussion):
|
|
# ~username/tracker/1234@todo.sr.ht
|
|
# or (for shitty MTAs):
|
|
# u.username.tracker.1234@todo.sr.ht
|
|
address = address[:address.rfind("@")]
|
|
# TODO: Subscribe to trackers & tickets via email
|
|
ticket_id = None, None
|
|
if address.startswith("~"):
|
|
# TODO: user groups
|
|
parts = address.split("/")
|
|
if len(parts) == 2:
|
|
owner, tracker_name = parts
|
|
elif len(parts) == 3:
|
|
owner, tracker_name, ticket_id = parts
|
|
try:
|
|
ticket_id = int(ticket_id)
|
|
except:
|
|
return None, None
|
|
else:
|
|
return None, None
|
|
else:
|
|
address = address.split(".")
|
|
if len(address) == 3:
|
|
prefix, owner, list_name = address
|
|
elif len(address) == 4:
|
|
prefix, owner, list_name, ticket_id = address
|
|
try:
|
|
ticket_id = int(ticket_id)
|
|
except:
|
|
return None, None
|
|
else:
|
|
return None, None
|
|
if prefix == "u":
|
|
owner = "~" + owner
|
|
else:
|
|
# TODO: user groups
|
|
return None, None
|
|
tracker, access = get_tracker(owner, tracker_name, user=sender)
|
|
if not ticket_id:
|
|
return tracker, access
|
|
ticket, access = get_ticket(tracker, ticket_id, user=sender)
|
|
return ticket, access
|
|
|
|
async def handle_RCPT(self, server, session,
|
|
envelope, address, rcpt_options):
|
|
print("RCPT {}".format(address))
|
|
envelope.rcpt_tos.append(address)
|
|
return "250 OK"
|
|
|
|
async def handle_tracker_message(self, tracker, sender, access, mail, body):
|
|
if not TicketAccess.submit in access:
|
|
print("Rejected, insufficient permissions")
|
|
return "550 You do not have permission to post on this tracker."
|
|
|
|
subject = mail["Subject"]
|
|
valid = Validation({
|
|
"title": subject,
|
|
"description": body,
|
|
})
|
|
|
|
title = valid.require("title")
|
|
desc = valid.optional("description")
|
|
|
|
valid.expect(not title or 3 <= len(title) <= 2048,
|
|
"Title must be between 3 and 2048 characters",
|
|
field="title")
|
|
valid.expect(not desc or len(desc) < 16384,
|
|
"Description must be no more than 16384 characters",
|
|
field="description")
|
|
|
|
if not valid.ok:
|
|
print("Rejecting email due to validation errors")
|
|
return "550 " + ", ".join([e["reason"] for e in valid.errors])
|
|
|
|
ticket = submit_ticket(tracker, sender, title, desc)
|
|
print(f"Created ticket {ticket.ref()}")
|
|
return "250 Message accepted for delivery"
|
|
|
|
async def handle_ticket_message(self, ticket, sender, access, mail, body):
|
|
required_access = TicketAccess.comment
|
|
last_line = body.splitlines()[-1]
|
|
|
|
resolution = None
|
|
resolve = reopen = False
|
|
cmds = ["!resolve", "!reopen", "!assign", "!label", "!unlabel"]
|
|
if any(last_line.startswith(cmd) for cmd in cmds):
|
|
cmd = shlex.split(last_line)
|
|
body = body[:-len(last_line)-1].rstrip()
|
|
required_access = TicketAccess.triage
|
|
if cmd[0] == "!resolve" and len(cmd) == 2:
|
|
resolve = True
|
|
resolution = TicketResolution[cmd[1].lower()]
|
|
elif cmd[0] == "!reopen":
|
|
reopen = True
|
|
# TODO: Remaining commands
|
|
|
|
if not required_access in access:
|
|
print(f"Rejected, {sender.canonical_name} has insufficient " +
|
|
f"permissions (have {access}, want {required_access})")
|
|
return "550 You do not have permission to post on this tracker."
|
|
|
|
if not body or 3 > len(body) > 16384:
|
|
print("Rejected, invalid comment length")
|
|
return "550 Comment must be between 3 and 16384 characters."
|
|
|
|
event = add_comment(sender, ticket, text=body,
|
|
resolution=resolution, resolve=resolve, reopen=reopen)
|
|
print(f"Added comment to {ticket.ref()}")
|
|
return "250 Message accepted for delivery"
|
|
|
|
async def handle_DATA(self, server, session, envelope):
|
|
try:
|
|
return await self._handle_DATA(server, session, envelope)
|
|
except:
|
|
db.session.rollback()
|
|
raise
|
|
|
|
async def _handle_DATA(self, server, session, envelope):
|
|
address = envelope.rcpt_tos[0]
|
|
|
|
mail = email.message_from_bytes(envelope.content,
|
|
policy=email.policy.SMTP)
|
|
_from = parseaddr(mail["From"])
|
|
sender = User.query.filter(User.email == _from[1]).one_or_none()
|
|
|
|
if not sender:
|
|
print(f"Rejecting email from unknown sender {_from[1]}")
|
|
# TODO: allow posting from users without an account
|
|
return ("550 There is no account associated with this address. " +
|
|
"Have you logged into todo.sr.ht on the web before?")
|
|
|
|
dest, access = self.lookup_destination(address, sender)
|
|
if dest is None:
|
|
print("Rejected, destination not found")
|
|
return "550 The tracker or ticket you requested does not exist."
|
|
|
|
body = None
|
|
for part in mail.walk():
|
|
if part.is_multipart():
|
|
continue
|
|
content_type = part.get_content_type()
|
|
[charset] = part.get_charsets("utf-8")
|
|
if content_type == 'text/plain':
|
|
body = part.get_payload(decode=True).decode(charset)
|
|
break
|
|
|
|
if isinstance(dest, Tracker):
|
|
return await self.handle_tracker_message(
|
|
dest, sender, access, mail, body)
|
|
elif isinstance(dest, Ticket):
|
|
return await self.handle_ticket_message(
|
|
dest, sender, access, mail, body)
|
|
else:
|
|
assert False
|
|
|
|
async def create_server():
|
|
sock_gid = getgrnam(cfg("todo.sr.ht::mail", "sock-group")).gr_gid
|
|
handler = MailHandler()
|
|
sock = cfg("todo.sr.ht::mail", "sock")
|
|
if "/" in sock:
|
|
await loop.create_unix_server(
|
|
lambda: LMTP(handler, enable_SMTPUTF8=True),
|
|
path=sock)
|
|
os.chmod(sock, 0o775)
|
|
os.chown(sock, os.getuid(), sock_gid)
|
|
else:
|
|
host, port = sock.split(":")
|
|
await loop.create_server(
|
|
lambda: SMTP(handler, enable_SMTPUTF8=True),
|
|
host=host, port=int(port))
|
|
|
|
def sigint_handler():
|
|
print("Exiting due to SIGINT")
|
|
sys.exit(0)
|
|
|
|
loop.add_signal_handler(signal.SIGINT, sigint_handler)
|
|
|
|
print("Starting incoming mail daemon")
|
|
loop.run_until_complete(create_server())
|
|
loop.run_forever()
|
|
loop.close()
|