loop
/
alps
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
A webmail client. Forked from https://git.sr.ht/~migadu/alps
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
337 Commits
1 Branch
708 KiB
 
 
 
 
Tree: 405c18d213
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '405c18d213'
${ noResults }
alps/plugins/base/routes.go

1176 lines
30 KiB
Raw Blame History 

  1. package alpsbase

  2. 

  3. import (

  4. 	"bytes"

  5. 	"fmt"

  6. 	"io"

  7. 	"io/ioutil"

  8. 	"mime"

  9. 	"net/http"

  10. 	"net/textproto"

  11. 	"net/url"

  12. 	"strconv"

  13. 	"strings"

  14. 

  15. 	"git.sr.ht/~emersion/alps"

  16. 	"github.com/emersion/go-imap"

  17. 	"github.com/emersion/go-message"

  18. 	"github.com/emersion/go-message/mail"

  19. 	"github.com/emersion/go-smtp"

  20. 	"github.com/labstack/echo/v4"

  21. 	"jaytaylor.com/html2text"

  22. 	imapclient "github.com/emersion/go-imap/client"

  23. 	imapmove "github.com/emersion/go-imap-move"

  24. )

  25. 

  26. func registerRoutes(p *alps.GoPlugin) {

  27. 	p.GET("/", func(ctx *alps.Context) error {

  28. 		return ctx.Redirect(http.StatusFound, "/mailbox/INBOX")

  29. 	})

  30. 

  31. 	p.GET("/mailbox/:mbox", handleGetMailbox)

  32. 	p.POST("/mailbox/:mbox", handleGetMailbox)

  33. 

  34. 	p.GET("/new-mailbox", handleNewMailbox)

  35. 	p.POST("/new-mailbox", handleNewMailbox)

  36. 

  37. 	p.GET("/delete-mailbox/:mbox", handleDeleteMailbox)

  38. 	p.POST("/delete-mailbox/:mbox", handleDeleteMailbox)

  39. 

  40. 	p.GET("/message/:mbox/:uid", func(ctx *alps.Context) error {

  41. 		return handleGetPart(ctx, false)

  42. 	})

  43. 	p.GET("/message/:mbox/:uid/raw", func(ctx *alps.Context) error {

  44. 		return handleGetPart(ctx, true)

  45. 	})

  46. 

  47. 	p.GET("/login", handleLogin)

  48. 	p.POST("/login", handleLogin)

  49. 

  50. 	p.GET("/logout", handleLogout)

  51. 

  52. 	p.GET("/compose", handleComposeNew)

  53. 	p.POST("/compose", handleComposeNew)

  54. 

  55. 	p.POST("/compose/attachment", handleComposeAttachment)

  56. 	p.POST("/compose/attachment/:uuid/remove", handleCancelAttachment)

  57. 

  58. 	p.GET("/message/:mbox/:uid/reply", handleReply)

  59. 	p.POST("/message/:mbox/:uid/reply", handleReply)

  60. 

  61. 	p.GET("/message/:mbox/:uid/forward", handleForward)

  62. 	p.POST("/message/:mbox/:uid/forward", handleForward)

  63. 

  64. 	p.GET("/message/:mbox/:uid/edit", handleEdit)

  65. 	p.POST("/message/:mbox/:uid/edit", handleEdit)

  66. 

  67. 	p.POST("/message/:mbox/move", handleMove)

  68. 

  69. 	p.POST("/message/:mbox/delete", handleDelete)

  70. 

  71. 	p.POST("/message/:mbox/flag", handleSetFlags)

  72. 

  73. 	p.GET("/settings", handleSettings)

  74. 	p.POST("/settings", handleSettings)

  75. }

  76. 

  77. type IMAPBaseRenderData struct {

  78. 	alps.BaseRenderData

  79. 	CategorizedMailboxes CategorizedMailboxes

  80. 	Mailboxes            []MailboxInfo

  81. 	Mailbox              *MailboxStatus

  82. 	Inbox                *MailboxStatus

  83. }

  84. 

  85. type MailboxRenderData struct {

  86. 	IMAPBaseRenderData

  87. 	Messages             []IMAPMessage

  88. 	PrevPage, NextPage   int

  89. 	Query                string

  90. }

  91. 

  92. // Organizes mailboxes into common/uncommon categories

  93. type CategorizedMailboxes struct {

  94. 	Common struct {

  95. 		Inbox   *MailboxInfo

  96. 		Drafts  *MailboxInfo

  97. 		Sent    *MailboxInfo

  98. 		Junk    *MailboxInfo

  99. 		Trash   *MailboxInfo

  100. 		Archive *MailboxInfo

  101. 	}

  102. 	Additional []*MailboxInfo

  103. }

  104. 

  105. func newIMAPBaseRenderData(ctx *alps.Context,

  106. 	base *alps.BaseRenderData) (*IMAPBaseRenderData, error) {

  107. 

  108. 	mboxName, err := url.PathUnescape(ctx.Param("mbox"))

  109. 	if err != nil {

  110. 		return nil, echo.NewHTTPError(http.StatusBadRequest, err)

  111. 	}

  112. 

  113. 	var mailboxes []MailboxInfo

  114. 	var active, inbox *MailboxStatus

  115. 	err = ctx.Session.DoIMAP(func(c *imapclient.Client) error {

  116. 		var err error

  117. 		if mailboxes, err = listMailboxes(c); err != nil {

  118. 			return err

  119. 		}

  120. 		if mboxName != "" {

  121. 			if active, err = getMailboxStatus(c, mboxName); err != nil {

  122. 				return echo.NewHTTPError(http.StatusNotFound, err)

  123. 			}

  124. 		}

  125. 		if mboxName == "INBOX" {

  126. 			inbox = active

  127. 		} else {

  128. 			if inbox, err = getMailboxStatus(c, "INBOX"); err != nil {

  129. 				return err

  130. 			}

  131. 		}

  132. 		return nil

  133. 	})

  134. 	if err != nil {

  135. 		return nil, err

  136. 	}

  137. 

  138. 	var categorized CategorizedMailboxes

  139. 	mmap := map[string]**MailboxInfo{

  140. 		"INBOX": &categorized.Common.Inbox,

  141. 		"Drafts": &categorized.Common.Drafts,

  142. 		"Sent": &categorized.Common.Sent,

  143. 		"Junk": &categorized.Common.Junk,

  144. 		"Trash": &categorized.Common.Trash,

  145. 		"Archive": &categorized.Common.Archive,

  146. 	}

  147. 

  148. 	for i, _ := range mailboxes {

  149. 		// Populate unseen & active states

  150. 		if active != nil && mailboxes[i].Name == active.Name {

  151. 			mailboxes[i].Unseen = int(active.Unseen)

  152. 			mailboxes[i].Total = int(active.Messages)

  153. 			mailboxes[i].Active = true

  154. 		}

  155. 		if mailboxes[i].Name == inbox.Name {

  156. 			mailboxes[i].Unseen = int(inbox.Unseen)

  157. 			mailboxes[i].Total = int(inbox.Messages)

  158. 		}

  159. 

  160. 		if ptr, ok := mmap[mailboxes[i].Name]; ok {

  161. 			*ptr = &mailboxes[i]

  162. 		} else {

  163. 			categorized.Additional = append(

  164. 				categorized.Additional, &mailboxes[i])

  165. 		}

  166. 	}

  167. 

  168. 	return &IMAPBaseRenderData{

  169. 		BaseRenderData:       *base,

  170. 		CategorizedMailboxes: categorized,

  171. 		Mailboxes:            mailboxes,

  172. 		Inbox:                inbox,

  173. 		Mailbox:              active,

  174. 	}, nil

  175. }

  176. 

  177. func handleGetMailbox(ctx *alps.Context) error {

  178. 	ibase, err := newIMAPBaseRenderData(ctx, alps.NewBaseRenderData(ctx))

  179. 	if err != nil {

  180. 		return err

  181. 	}

  182. 

  183. 	mbox := ibase.Mailbox

  184. 	title := mbox.Name

  185. 	if title == "INBOX" {

  186. 		title = "Inbox"

  187. 	}

  188. 	if mbox.Unseen > 0 {

  189. 		title = fmt.Sprintf("(%d) %s", mbox.Unseen, title)

  190. 	}

  191. 	ibase.BaseRenderData.WithTitle(title)

  192. 

  193. 	page := 0

  194. 	if pageStr := ctx.QueryParam("page"); pageStr != "" {

  195. 		var err error

  196. 		if page, err = strconv.Atoi(pageStr); err != nil || page < 0 {

  197. 			return echo.NewHTTPError(http.StatusBadRequest, "invalid page index")

  198. 		}

  199. 	}

  200. 

  201. 	settings, err := loadSettings(ctx.Session.Store())

  202. 	if err != nil {

  203. 		return err

  204. 	}

  205. 	messagesPerPage := settings.MessagesPerPage

  206. 

  207. 	query := ctx.QueryParam("query")

  208. 

  209. 	var (

  210. 		msgs  []IMAPMessage

  211. 		total int

  212. 	)

  213. 	err = ctx.Session.DoIMAP(func(c *imapclient.Client) error {

  214. 		var err  error

  215. 		if query != "" {

  216. 			msgs, total, err = searchMessages(c, mbox.Name, query, page, messagesPerPage)

  217. 		} else {

  218. 			msgs, err = listMessages(c, mbox, page, messagesPerPage)

  219. 		}

  220. 		if err != nil {

  221. 			return err

  222. 		}

  223. 		return nil

  224. 	})

  225. 	if err != nil {

  226. 		return err

  227. 	}

  228. 

  229. 	prevPage, nextPage := -1, -1

  230. 	if query != "" {

  231. 		if page > 0 {

  232. 			prevPage = page - 1

  233. 		}

  234. 		if (page+1)*messagesPerPage <= total {

  235. 			nextPage = page + 1

  236. 		}

  237. 	} else {

  238. 		if page > 0 {

  239. 			prevPage = page - 1

  240. 		}

  241. 		if (page+1)*messagesPerPage < int(mbox.Messages) {

  242. 			nextPage = page + 1

  243. 		}

  244. 	}

  245. 

  246. 	return ctx.Render(http.StatusOK, "mailbox.html", &MailboxRenderData{

  247. 		IMAPBaseRenderData:  *ibase,

  248. 		Messages:             msgs,

  249. 		PrevPage:             prevPage,

  250. 		NextPage:             nextPage,

  251. 		Query:                query,

  252. 	})

  253. }

  254. 

  255. type NewMailboxRenderData struct {

  256. 	IMAPBaseRenderData

  257. 	Error string

  258. }

  259. 

  260. func handleNewMailbox(ctx *alps.Context) error {

  261. 	ibase, err := newIMAPBaseRenderData(ctx, alps.NewBaseRenderData(ctx))

  262. 	if err != nil {

  263. 		return err

  264. 	}

  265. 	ibase.BaseRenderData.WithTitle("Create new folder")

  266. 

  267. 	if ctx.Request().Method == http.MethodPost {

  268. 		name := ctx.FormValue("name")

  269. 		if name == "" {

  270. 			return ctx.Render(http.StatusOK, "new-mailbox.html", &NewMailboxRenderData{

  271. 				IMAPBaseRenderData: *ibase,

  272. 				Error: "Name is required",

  273. 			})

  274. 		}

  275. 

  276. 		err := ctx.Session.DoIMAP(func(c *imapclient.Client) error {

  277. 			return c.Create(name)

  278. 		})

  279. 

  280. 		if err != nil {

  281. 			return ctx.Render(http.StatusOK, "new-mailbox.html", &NewMailboxRenderData{

  282. 				IMAPBaseRenderData: *ibase,

  283. 				Error: err.Error(),

  284. 			})

  285. 		}

  286. 

  287. 		return ctx.Redirect(http.StatusFound, fmt.Sprintf("/mailbox/%s", url.PathEscape(name)))

  288. 	}

  289. 

  290. 	return ctx.Render(http.StatusOK, "new-mailbox.html", &NewMailboxRenderData{

  291. 		IMAPBaseRenderData: *ibase,

  292. 		Error: "",

  293. 	})

  294. }

  295. 

  296. func handleDeleteMailbox(ctx *alps.Context) error {

  297. 	ibase, err := newIMAPBaseRenderData(ctx, alps.NewBaseRenderData(ctx))

  298. 	if err != nil {

  299. 		return err

  300. 	}

  301. 

  302. 	mbox := ibase.Mailbox

  303. 	ibase.BaseRenderData.WithTitle("Delete folder '" + mbox.Name + "'")

  304. 

  305. 	if ctx.Request().Method == http.MethodPost {

  306. 		ctx.Session.DoIMAP(func(c *imapclient.Client) error {

  307. 			return c.Delete(mbox.Name)

  308. 		})

  309. 		return ctx.Redirect(http.StatusFound, "/mailbox/INBOX")

  310. 	}

  311. 

  312. 	return ctx.Render(http.StatusOK, "delete-mailbox.html", ibase)

  313. }

  314. 

  315. func handleLogin(ctx *alps.Context) error {

  316. 	username := ctx.FormValue("username")

  317. 	password := ctx.FormValue("password")

  318. 	remember := ctx.FormValue("remember-me")

  319. 

  320. 	renderData := struct {

  321. 		alps.BaseRenderData

  322. 		CanRememberMe bool

  323. 	}{

  324. 		BaseRenderData: *alps.NewBaseRenderData(ctx),

  325. 		CanRememberMe:  ctx.Server.Options.LoginKey != nil,

  326. 	}

  327. 

  328. 	if username == "" && password == "" {

  329. 		username, password = ctx.GetLoginToken()

  330. 	}

  331. 

  332. 	if username != "" && password != "" {

  333. 		s, err := ctx.Server.Sessions.Put(username, password)

  334. 		if err != nil {

  335. 			if _, ok := err.(alps.AuthError); ok {

  336. 				return ctx.Render(http.StatusOK, "login.html", &renderData)

  337. 			}

  338. 			return fmt.Errorf("failed to put connection in pool: %v", err)

  339. 		}

  340. 		ctx.SetSession(s)

  341. 

  342. 		if remember == "on" {

  343. 			ctx.SetLoginToken(username, password)

  344. 		}

  345. 

  346. 		if path := ctx.QueryParam("next"); path != "" && path[0] == '/' && path != "/login" {

  347. 			return ctx.Redirect(http.StatusFound, path)

  348. 		}

  349. 		return ctx.Redirect(http.StatusFound, "/mailbox/INBOX")

  350. 	}

  351. 

  352. 	return ctx.Render(http.StatusOK, "login.html", &renderData)

  353. }

  354. 

  355. func handleLogout(ctx *alps.Context) error {

  356. 	ctx.Session.Close()

  357. 	ctx.SetSession(nil)

  358. 	ctx.SetLoginToken("", "")

  359. 	return ctx.Redirect(http.StatusFound, "/login")

  360. }

  361. 

  362. type MessageRenderData struct {

  363. 	IMAPBaseRenderData

  364. 	Message     *IMAPMessage

  365. 	Part        *IMAPPartNode

  366. 	View        interface{}

  367. 	MailboxPage int

  368. 	Flags       map[string]bool

  369. }

  370. 

  371. func handleGetPart(ctx *alps.Context, raw bool) error {

  372. 	_, uid, err := parseMboxAndUid(ctx.Param("mbox"), ctx.Param("uid"))

  373. 	ibase, err := newIMAPBaseRenderData(ctx, alps.NewBaseRenderData(ctx))

  374. 	if err != nil {

  375. 		return err

  376. 	}

  377. 	mbox := ibase.Mailbox

  378. 

  379. 	partPath, err := parsePartPath(ctx.QueryParam("part"))

  380. 	if err != nil {

  381. 		return echo.NewHTTPError(http.StatusBadRequest, err)

  382. 	}

  383. 

  384. 	settings, err := loadSettings(ctx.Session.Store())

  385. 	if err != nil {

  386. 		return err

  387. 	}

  388. 	messagesPerPage := settings.MessagesPerPage

  389. 

  390. 	var msg *IMAPMessage

  391. 	var part *message.Entity

  392. 	err = ctx.Session.DoIMAP(func(c *imapclient.Client) error {

  393. 		var err error

  394. 		if msg, part, err = getMessagePart(c, mbox.Name, uid, partPath); err != nil {

  395. 			return err

  396. 		}

  397. 		return nil

  398. 	})

  399. 	if err != nil {

  400. 		return err

  401. 	}

  402. 

  403. 	mimeType, _, err := part.Header.ContentType()

  404. 	if err != nil {

  405. 		return fmt.Errorf("failed to parse part Content-Type: %v", err)

  406. 	}

  407. 	if len(partPath) == 0 {

  408. 		if ctx.QueryParam("plain") == "1" {

  409. 			mimeType = "text/plain"

  410. 		} else {

  411. 			mimeType = "message/rfc822"

  412. 		}

  413. 	}

  414. 

  415. 	if raw {

  416. 		ctx.Response().Header().Set("Content-Type", mimeType)

  417. 

  418. 		disp, dispParams, _ := part.Header.ContentDisposition()

  419. 		filename := dispParams["filename"]

  420. 		if len(partPath) == 0 {

  421. 			filename = msg.Envelope.Subject + ".eml"

  422. 		}

  423. 

  424. 		// TODO: set Content-Length if possible

  425. 

  426. 		// Be careful not to serve types like text/html as inline

  427. 		if !strings.EqualFold(mimeType, "text/plain") || strings.EqualFold(disp, "attachment") {

  428. 			dispParams := make(map[string]string)

  429. 			if filename != "" {

  430. 				dispParams["filename"] = filename

  431. 			}

  432. 			disp := mime.FormatMediaType("attachment", dispParams)

  433. 			ctx.Response().Header().Set("Content-Disposition", disp)

  434. 		}

  435. 

  436. 		if len(partPath) == 0 {

  437. 			return part.WriteTo(ctx.Response())

  438. 		} else {

  439. 			return ctx.Stream(http.StatusOK, mimeType, part.Body)

  440. 		}

  441. 	}

  442. 

  443. 	view, err := viewMessagePart(ctx, msg, part)

  444. 	if err == ErrViewUnsupported {

  445. 		view = nil

  446. 	}

  447. 

  448. 	flags := make(map[string]bool)

  449. 	for _, f := range mbox.PermanentFlags {

  450. 		f = imap.CanonicalFlag(f)

  451. 		if f == imap.TryCreateFlag {

  452. 			continue

  453. 		}

  454. 		flags[f] = msg.HasFlag(f)

  455. 	}

  456. 

  457. 	ibase.BaseRenderData.WithTitle(msg.Envelope.Subject)

  458. 

  459. 	return ctx.Render(http.StatusOK, "message.html", &MessageRenderData{

  460. 		IMAPBaseRenderData: *ibase,

  461. 		Message:            msg,

  462. 		Part:               msg.PartByPath(partPath),

  463. 		View:               view,

  464. 		MailboxPage:        int(mbox.Messages-msg.SeqNum) / messagesPerPage,

  465. 		Flags:              flags,

  466. 	})

  467. }

  468. 

  469. type ComposeRenderData struct {

  470. 	IMAPBaseRenderData

  471. 	Message *OutgoingMessage

  472. }

  473. 

  474. type messagePath struct {

  475. 	Mailbox string

  476. 	Uid     uint32

  477. }

  478. 

  479. type composeOptions struct {

  480. 	Draft     *messagePath

  481. 	Forward   *messagePath

  482. 	InReplyTo *messagePath

  483. }

  484. 

  485. // Send message, append it to the Sent mailbox, mark the original message as

  486. // answered

  487. func submitCompose(ctx *alps.Context, msg *OutgoingMessage, options *composeOptions) error {

  488. 	err := ctx.Session.DoSMTP(func (c *smtp.Client) error {

  489. 		return sendMessage(c, msg)

  490. 	})

  491. 	if err != nil {

  492. 		if _, ok := err.(alps.AuthError); ok {

  493. 			return echo.NewHTTPError(http.StatusForbidden, err)

  494. 		}

  495. 		return fmt.Errorf("failed to send message: %v", err)

  496. 	}

  497. 

  498. 	if inReplyTo := options.InReplyTo; inReplyTo != nil {

  499. 		err = ctx.Session.DoIMAP(func(c *imapclient.Client) error {

  500. 			return markMessageAnswered(c, inReplyTo.Mailbox, inReplyTo.Uid)

  501. 		})

  502. 		if err != nil {

  503. 			return fmt.Errorf("failed to mark original message as answered: %v", err)

  504. 		}

  505. 	}

  506. 

  507. 	err = ctx.Session.DoIMAP(func(c *imapclient.Client) error {

  508. 		if _, err := appendMessage(c, msg, mailboxSent); err != nil {

  509. 			return err

  510. 		}

  511. 		if draft := options.Draft; draft != nil {

  512. 			if err := deleteMessage(c, draft.Mailbox, draft.Uid); err != nil {

  513. 				return err

  514. 			}

  515. 		}

  516. 		return nil

  517. 	})

  518. 	if err != nil {

  519. 		return fmt.Errorf("failed to save message to Sent mailbox: %v", err)

  520. 	}

  521. 

  522. 	return ctx.Redirect(http.StatusFound, "/mailbox/INBOX")

  523. }

  524. 

  525. func handleCompose(ctx *alps.Context, msg *OutgoingMessage, options *composeOptions) error {

  526. 	ibase, err := newIMAPBaseRenderData(ctx, alps.NewBaseRenderData(ctx))

  527. 	if err != nil {

  528. 		return err

  529. 	}

  530. 

  531. 	if msg.From == "" && strings.ContainsRune(ctx.Session.Username(), '@') {

  532. 		msg.From = ctx.Session.Username()

  533. 	}

  534. 

  535. 	if ctx.Request().Method == http.MethodPost {

  536. 		formParams, err := ctx.FormParams()

  537. 		if err != nil {

  538. 			return fmt.Errorf("failed to parse form: %v", err)

  539. 		}

  540. 		_, saveAsDraft := formParams["save_as_draft"]

  541. 

  542. 		msg.From = ctx.FormValue("from")

  543. 		msg.To = parseAddressList(ctx.FormValue("to"))

  544. 		msg.Subject = ctx.FormValue("subject")

  545. 		msg.Text = ctx.FormValue("text")

  546. 		msg.InReplyTo = ctx.FormValue("in_reply_to")

  547. 		msg.MessageID = ctx.FormValue("message_id")

  548. 

  549. 		form, err := ctx.MultipartForm()

  550. 		if err != nil {

  551. 			return fmt.Errorf("failed to get multipart form: %v", err)

  552. 		}

  553. 

  554. 		// Fetch previous attachments from original message

  555. 		var original *messagePath

  556. 		if options.Draft != nil {

  557. 			original = options.Draft

  558. 		} else if options.Forward != nil {

  559. 			original = options.Forward

  560. 		}

  561. 		if original != nil {

  562. 			for _, s := range form.Value["prev_attachments"] {

  563. 				path, err := parsePartPath(s)

  564. 				if err != nil {

  565. 					return fmt.Errorf("failed to parse original attachment path: %v", err)

  566. 				}

  567. 

  568. 				var part *message.Entity

  569. 				err = ctx.Session.DoIMAP(func(c *imapclient.Client) error {

  570. 					var err error

  571. 					_, part, err = getMessagePart(c, original.Mailbox, original.Uid, path)

  572. 					return err

  573. 				})

  574. 				if err != nil {

  575. 					return fmt.Errorf("failed to fetch attachment from original message: %v", err)

  576. 				}

  577. 

  578. 				var buf bytes.Buffer

  579. 				if _, err := io.Copy(&buf, part.Body); err != nil {

  580. 					return fmt.Errorf("failed to copy attachment from original message: %v", err)

  581. 				}

  582. 

  583. 				h := mail.AttachmentHeader{part.Header}

  584. 				mimeType, _, _ := h.ContentType()

  585. 				filename, _ := h.Filename()

  586. 				msg.Attachments = append(msg.Attachments, &imapAttachment{

  587. 					Mailbox: original.Mailbox,

  588. 					Uid:     original.Uid,

  589. 					Node: &IMAPPartNode{

  590. 						Path:     path,

  591. 						MIMEType: mimeType,

  592. 						Filename: filename,

  593. 					},

  594. 					Body: buf.Bytes(),

  595. 				})

  596. 			}

  597. 		} else if len(form.Value["prev_attachments"]) > 0 {

  598. 			return fmt.Errorf("previous attachments specified but no original message available")

  599. 		}

  600. 

  601. 		for _, fh := range form.File["attachments"] {

  602. 			msg.Attachments = append(msg.Attachments, &formAttachment{fh})

  603. 		}

  604. 

  605. 		uuids := ctx.FormValue("attachment-uuids")

  606. 		for _, uuid := range strings.Split(uuids, ",") {

  607. 			if uuid == "" {

  608. 				continue

  609. 			}

  610. 

  611. 			attachment := ctx.Session.PopAttachment(uuid)

  612. 			if attachment == nil {

  613. 				return fmt.Errorf("Unable to retrieve message attachment %s from session", uuid)

  614. 			}

  615. 			msg.Attachments = append(msg.Attachments,

  616. 				&formAttachment{attachment.File})

  617. 			defer attachment.Form.RemoveAll()

  618. 		}

  619. 

  620. 		if saveAsDraft {

  621. 			var (

  622. 				drafts *MailboxInfo

  623. 				uid    uint32

  624. 			)

  625. 			err = ctx.Session.DoIMAP(func(c *imapclient.Client) error {

  626. 				drafts, err = appendMessage(c, msg, mailboxDrafts)

  627. 				if err != nil {

  628. 					return err

  629. 				}

  630. 

  631. 				if draft := options.Draft; draft != nil {

  632. 					if err := deleteMessage(c, draft.Mailbox, draft.Uid); err != nil {

  633. 						return err

  634. 					}

  635. 				}

  636. 

  637. 				criteria := &imap.SearchCriteria{

  638. 					Header: make(textproto.MIMEHeader),

  639. 				}

  640. 				criteria.Header.Add("Message-Id", msg.MessageID)

  641. 				if uids, err := c.UidSearch(criteria); err != nil {

  642. 					return err

  643. 				} else {

  644. 					if len(uids) != 1 {

  645. 						panic(fmt.Errorf("Duplicate message ID"))

  646. 					}

  647. 					uid = uids[0]

  648. 				}

  649. 				return nil

  650. 			})

  651. 			if err != nil {

  652. 				return fmt.Errorf("failed to save message to Draft mailbox: %v", err)

  653. 			}

  654. 			return ctx.Redirect(http.StatusFound, fmt.Sprintf(

  655. 				"/message/%s/%d/edit?part=1", drafts.Name, uid))

  656. 		} else {

  657. 			return submitCompose(ctx, msg, options)

  658. 		}

  659. 	}

  660. 

  661. 	return ctx.Render(http.StatusOK, "compose.html", &ComposeRenderData{

  662. 		IMAPBaseRenderData: *ibase,

  663. 		Message:            msg,

  664. 	})

  665. }

  666. 

  667. func handleComposeNew(ctx *alps.Context) error {

  668. 	// These are common mailto URL query parameters

  669. 	// TODO: cc, bcc

  670. 	return handleCompose(ctx, &OutgoingMessage{

  671. 		To:        strings.Split(ctx.QueryParam("to"), ","),

  672. 		Subject:   ctx.QueryParam("subject"),

  673. 		Text:      ctx.QueryParam("body"),

  674. 		MessageID: mail.GenerateMessageID(),

  675. 		InReplyTo: ctx.QueryParam("in-reply-to"),

  676. 	}, &composeOptions{})

  677. }

  678. 

  679. func handleComposeAttachment(ctx *alps.Context) error {

  680. 	reader, err := ctx.Request().MultipartReader()

  681. 	if err != nil {

  682. 		return ctx.JSON(http.StatusBadRequest, map[string]string{

  683. 			"error": "Invalid request",

  684. 		})

  685. 	}

  686. 	form, err := reader.ReadForm(32 << 20) // 32 MB

  687. 	if err != nil {

  688. 		return ctx.JSON(http.StatusBadRequest, map[string]string{

  689. 			"error": "Invalid request",

  690. 		})

  691. 	}

  692. 

  693. 	var uuids []string

  694. 	for _, fh := range form.File["attachments"] {

  695. 		uuid, err := ctx.Session.PutAttachment(fh, form)

  696. 		if err == alps.ErrAttachmentCacheSize {

  697. 			form.RemoveAll()

  698. 			return ctx.JSON(http.StatusBadRequest, map[string]string{

  699. 				"error": "Your attachments exceed the maximum file size. Remove some and try again.",

  700. 			})

  701. 		} else if err != nil {

  702. 			form.RemoveAll()

  703. 			ctx.Logger().Printf("PutAttachment: %v\n", err)

  704. 			return ctx.JSON(http.StatusBadRequest, map[string]string{

  705. 				"error": "failed to store attachment",

  706. 			})

  707. 		}

  708. 		uuids = append(uuids, uuid)

  709. 	}

  710. 

  711. 	return ctx.JSON(http.StatusOK, &uuids)

  712. }

  713. 

  714. func handleCancelAttachment(ctx *alps.Context) error {

  715. 	uuid := ctx.Param("uuid")

  716. 	a := ctx.Session.PopAttachment(uuid)

  717. 	if a != nil {

  718. 		a.Form.RemoveAll()

  719. 	}

  720. 	return ctx.JSON(http.StatusOK, nil)

  721. }

  722. 

  723. func unwrapIMAPAddressList(addrs []*imap.Address) []string {

  724. 	l := make([]string, len(addrs))

  725. 	for i, addr := range addrs {

  726. 		l[i] = addr.Address()

  727. 	}

  728. 	return l

  729. }

  730. 

  731. func handleReply(ctx *alps.Context) error {

  732. 	var inReplyToPath messagePath

  733. 	var err error

  734. 	inReplyToPath.Mailbox, inReplyToPath.Uid, err = parseMboxAndUid(ctx.Param("mbox"), ctx.Param("uid"))

  735. 	if err != nil {

  736. 		return echo.NewHTTPError(http.StatusBadRequest, err)

  737. 	}

  738. 

  739. 	var msg OutgoingMessage

  740. 	if ctx.Request().Method == http.MethodGet {

  741. 		// Populate fields from original message

  742. 		partPath, err := parsePartPath(ctx.QueryParam("part"))

  743. 		if err != nil {

  744. 			return echo.NewHTTPError(http.StatusBadRequest, err)

  745. 		}

  746. 

  747. 		var inReplyTo *IMAPMessage

  748. 		var part *message.Entity

  749. 		err = ctx.Session.DoIMAP(func(c *imapclient.Client) error {

  750. 			var err error

  751. 			inReplyTo, part, err = getMessagePart(c, inReplyToPath.Mailbox, inReplyToPath.Uid, partPath)

  752. 			return err

  753. 		})

  754. 		if err != nil {

  755. 			return err

  756. 		}

  757. 

  758. 		mimeType, _, err := part.Header.ContentType()

  759. 		if err != nil {

  760. 			return fmt.Errorf("failed to parse part Content-Type: %v", err)

  761. 		}

  762. 

  763. 		if mimeType == "text/plain" {

  764. 			msg.Text, err = quote(part.Body)

  765. 			if err != nil {

  766. 				return err

  767. 			}

  768. 		} else if mimeType == "text/html" {

  769. 			text, err := html2text.FromReader(part.Body, html2text.Options{})

  770. 			if err != nil {

  771. 				return err

  772. 			}

  773. 			msg.Text, err = quote(strings.NewReader(text))

  774. 			if err != nil {

  775. 				return nil

  776. 			}

  777. 		} else {

  778. 			err := fmt.Errorf("cannot forward %q part", mimeType)

  779. 			return echo.NewHTTPError(http.StatusBadRequest, err)

  780. 		}

  781. 

  782. 		msg.MessageID = mail.GenerateMessageID()

  783. 		msg.InReplyTo = inReplyTo.Envelope.MessageId

  784. 		// TODO: populate From from known user addresses and inReplyTo.Envelope.To

  785. 		replyTo := inReplyTo.Envelope.ReplyTo

  786. 		if len(replyTo) == 0 {

  787. 			replyTo = inReplyTo.Envelope.From

  788. 		}

  789. 		msg.To = unwrapIMAPAddressList(replyTo)

  790. 		msg.Subject = inReplyTo.Envelope.Subject

  791. 		if !strings.HasPrefix(strings.ToLower(msg.Subject), "re:") {

  792. 			msg.Subject = "Re: " + msg.Subject

  793. 		}

  794. 	}

  795. 

  796. 	return handleCompose(ctx, &msg, &composeOptions{InReplyTo: &inReplyToPath})

  797. }

  798. 

  799. func handleForward(ctx *alps.Context) error {

  800. 	var sourcePath messagePath

  801. 	var err error

  802. 	sourcePath.Mailbox, sourcePath.Uid, err = parseMboxAndUid(ctx.Param("mbox"), ctx.Param("uid"))

  803. 	if err != nil {

  804. 		return echo.NewHTTPError(http.StatusBadRequest, err)

  805. 	}

  806. 

  807. 	var msg OutgoingMessage

  808. 	if ctx.Request().Method == http.MethodGet {

  809. 		// Populate fields from original message

  810. 		partPath, err := parsePartPath(ctx.QueryParam("part"))

  811. 		if err != nil {

  812. 			return echo.NewHTTPError(http.StatusBadRequest, err)

  813. 		}

  814. 

  815. 		var source *IMAPMessage

  816. 		var part *message.Entity

  817. 		err = ctx.Session.DoIMAP(func(c *imapclient.Client) error {

  818. 			var err error

  819. 			source, part, err = getMessagePart(c, sourcePath.Mailbox, sourcePath.Uid, partPath)

  820. 			return err

  821. 		})

  822. 		if err != nil {

  823. 			return err

  824. 		}

  825. 

  826. 		mimeType, _, err := part.Header.ContentType()

  827. 		if err != nil {

  828. 			return fmt.Errorf("failed to parse part Content-Type: %v", err)

  829. 		}

  830. 

  831. 		if mimeType == "text/plain" {

  832. 			msg.Text, err = quote(part.Body)

  833. 			if err != nil {

  834. 				return err

  835. 			}

  836. 		} else if mimeType == "text/html" {

  837. 			msg.Text, err = html2text.FromReader(part.Body, html2text.Options{})

  838. 			if err != nil {

  839. 				return err

  840. 			}

  841. 		} else {

  842. 			err := fmt.Errorf("cannot forward %q part", mimeType)

  843. 			return echo.NewHTTPError(http.StatusBadRequest, err)

  844. 		}

  845. 

  846. 		msg.MessageID = mail.GenerateMessageID()

  847. 		msg.Subject = source.Envelope.Subject

  848. 		if !strings.HasPrefix(strings.ToLower(msg.Subject), "fwd:") &&

  849. 			!strings.HasPrefix(strings.ToLower(msg.Subject), "fw:") {

  850. 			msg.Subject = "Fwd: " + msg.Subject

  851. 		}

  852. 		msg.InReplyTo = source.Envelope.InReplyTo

  853. 

  854. 		attachments := source.Attachments()

  855. 		for i := range attachments {

  856. 			// No need to populate attachment body here, we just need the

  857. 			// metadata

  858. 			msg.Attachments = append(msg.Attachments, &imapAttachment{

  859. 				Mailbox: sourcePath.Mailbox,

  860. 				Uid:     sourcePath.Uid,

  861. 				Node:    &attachments[i],

  862. 			})

  863. 		}

  864. 	}

  865. 

  866. 	return handleCompose(ctx, &msg, &composeOptions{Forward: &sourcePath})

  867. }

  868. 

  869. func handleEdit(ctx *alps.Context) error {

  870. 	var sourcePath messagePath

  871. 	var err error

  872. 	sourcePath.Mailbox, sourcePath.Uid, err = parseMboxAndUid(ctx.Param("mbox"), ctx.Param("uid"))

  873. 	if err != nil {

  874. 		return echo.NewHTTPError(http.StatusBadRequest, err)

  875. 	}

  876. 

  877. 	// TODO: somehow get the path to the In-Reply-To message (with a search?)

  878. 

  879. 	var msg OutgoingMessage

  880. 	if ctx.Request().Method == http.MethodGet {

  881. 		// Populate fields from source message

  882. 		partPath, err := parsePartPath(ctx.QueryParam("part"))

  883. 		if err != nil {

  884. 			return echo.NewHTTPError(http.StatusBadRequest, err)

  885. 		}

  886. 

  887. 		var source *IMAPMessage

  888. 		var part *message.Entity

  889. 		err = ctx.Session.DoIMAP(func(c *imapclient.Client) error {

  890. 			var err error

  891. 			source, part, err = getMessagePart(c, sourcePath.Mailbox, sourcePath.Uid, partPath)

  892. 			return err

  893. 		})

  894. 		if err != nil {

  895. 			return err

  896. 		}

  897. 

  898. 		mimeType, _, err := part.Header.ContentType()

  899. 		if err != nil {

  900. 			return fmt.Errorf("failed to parse part Content-Type: %v", err)

  901. 		}

  902. 

  903. 		if !strings.EqualFold(mimeType, "text/plain") {

  904. 			err := fmt.Errorf("cannot edit %q part", mimeType)

  905. 			return echo.NewHTTPError(http.StatusBadRequest, err)

  906. 		}

  907. 

  908. 		b, err := ioutil.ReadAll(part.Body)

  909. 		if err != nil {

  910. 			return fmt.Errorf("failed to read part body: %v", err)

  911. 		}

  912. 		msg.Text = string(b)

  913. 

  914. 		if len(source.Envelope.From) > 0 {

  915. 			msg.From = source.Envelope.From[0].Address()

  916. 		}

  917. 		msg.To = unwrapIMAPAddressList(source.Envelope.To)

  918. 		msg.Subject = source.Envelope.Subject

  919. 		msg.InReplyTo = source.Envelope.InReplyTo

  920. 		msg.MessageID = source.Envelope.MessageId

  921. 

  922. 		attachments := source.Attachments()

  923. 		for i := range attachments {

  924. 			// No need to populate attachment body here, we just need the

  925. 			// metadata

  926. 			msg.Attachments = append(msg.Attachments, &imapAttachment{

  927. 				Mailbox: sourcePath.Mailbox,

  928. 				Uid:     sourcePath.Uid,

  929. 				Node:    &attachments[i],

  930. 			})

  931. 		}

  932. 	}

  933. 

  934. 	return handleCompose(ctx, &msg, &composeOptions{Draft: &sourcePath})

  935. }

  936. 

  937. func formOrQueryParam(ctx *alps.Context, k string) string {

  938. 	if v := ctx.FormValue(k); v != "" {

  939. 		return v

  940. 	}

  941. 	return ctx.QueryParam(k)

  942. }

  943. 

  944. func handleMove(ctx *alps.Context) error {

  945. 	mboxName, err := url.PathUnescape(ctx.Param("mbox"))

  946. 	if err != nil {

  947. 		return echo.NewHTTPError(http.StatusBadRequest, err)

  948. 	}

  949. 

  950. 	formParams, err := ctx.FormParams()

  951. 	if err != nil {

  952. 		return echo.NewHTTPError(http.StatusBadRequest, err)

  953. 	}

  954. 	uids, err := parseUidList(formParams["uids"])

  955. 	if err != nil {

  956. 		return echo.NewHTTPError(http.StatusBadRequest, err)

  957. 	}

  958. 

  959. 	to := formOrQueryParam(ctx, "to")

  960. 	if to == "" {

  961. 		return echo.NewHTTPError(http.StatusBadRequest, "missing 'to' form parameter")

  962. 	}

  963. 

  964. 	err = ctx.Session.DoIMAP(func(c *imapclient.Client) error {

  965. 		mc := imapmove.NewClient(c)

  966. 

  967. 		if err := ensureMailboxSelected(c, mboxName); err != nil {

  968. 			return err

  969. 		}

  970. 

  971. 		var seqSet imap.SeqSet

  972. 		seqSet.AddNum(uids...)

  973. 		if err := mc.UidMoveWithFallback(&seqSet, to); err != nil {

  974. 			return fmt.Errorf("failed to move message: %v", err)

  975. 		}

  976. 

  977. 		// TODO: get the UID of the message in the destination mailbox with UIDPLUS

  978. 		return nil

  979. 	})

  980. 	if err != nil {

  981. 		return err

  982. 	}

  983. 

  984. 	if path := formOrQueryParam(ctx, "next"); path != "" {

  985. 		return ctx.Redirect(http.StatusFound, path)

  986. 	}

  987. 	return ctx.Redirect(http.StatusFound, fmt.Sprintf("/mailbox/%v", url.PathEscape(mboxName)))

  988. }

  989. 

  990. func handleDelete(ctx *alps.Context) error {

  991. 	mboxName, err := url.PathUnescape(ctx.Param("mbox"))

  992. 	if err != nil {

  993. 		return echo.NewHTTPError(http.StatusBadRequest, err)

  994. 	}

  995. 

  996. 	formParams, err := ctx.FormParams()

  997. 	if err != nil {

  998. 		return echo.NewHTTPError(http.StatusBadRequest, err)

  999. 	}

  1000. 	uids, err := parseUidList(formParams["uids"])

  1001. 	if err != nil {

  1002. 		return echo.NewHTTPError(http.StatusBadRequest, err)

  1003. 	}

  1004. 

  1005. 	err = ctx.Session.DoIMAP(func(c *imapclient.Client) error {

  1006. 		if err := ensureMailboxSelected(c, mboxName); err != nil {

  1007. 			return err

  1008. 		}

  1009. 

  1010. 		var seqSet imap.SeqSet

  1011. 		seqSet.AddNum(uids...)

  1012. 

  1013. 		item := imap.FormatFlagsOp(imap.AddFlags, true)

  1014. 		flags := []interface{}{imap.DeletedFlag}

  1015. 		if err := c.UidStore(&seqSet, item, flags, nil); err != nil {

  1016. 			return fmt.Errorf("failed to add deleted flag: %v", err)

  1017. 		}

  1018. 

  1019. 		if err := c.Expunge(nil); err != nil {

  1020. 			return fmt.Errorf("failed to expunge mailbox: %v", err)

  1021. 		}

  1022. 

  1023. 		// Deleting a message invalidates our cached message count

  1024. 		// TODO: listen to async updates instead

  1025. 		if _, err := c.Select(mboxName, false); err != nil {

  1026. 			return fmt.Errorf("failed to select mailbox: %v", err)

  1027. 		}

  1028. 

  1029. 		return nil

  1030. 	})

  1031. 	if err != nil {

  1032. 		return err

  1033. 	}

  1034. 

  1035. 	if path := formOrQueryParam(ctx, "next"); path != "" {

  1036. 		return ctx.Redirect(http.StatusFound, path)

  1037. 	}

  1038. 	return ctx.Redirect(http.StatusFound, fmt.Sprintf("/mailbox/%v", url.PathEscape(mboxName)))

  1039. }

  1040. 

  1041. func handleSetFlags(ctx *alps.Context) error {

  1042. 	mboxName, err := url.PathUnescape(ctx.Param("mbox"))

  1043. 	if err != nil {

  1044. 		return echo.NewHTTPError(http.StatusBadRequest, err)

  1045. 	}

  1046. 

  1047. 	formParams, err := ctx.FormParams()

  1048. 	if err != nil {

  1049. 		return echo.NewHTTPError(http.StatusBadRequest, err)

  1050. 	}

  1051. 

  1052. 	uids, err := parseUidList(formParams["uids"])

  1053. 	if err != nil {

  1054. 		return echo.NewHTTPError(http.StatusBadRequest, err)

  1055. 	}

  1056. 

  1057. 	flags, ok := formParams["flags"]

  1058. 	if !ok {

  1059. 		flagsStr := ctx.QueryParam("to")

  1060. 		if flagsStr == "" {

  1061. 			return echo.NewHTTPError(http.StatusBadRequest, "missing 'flags' form parameter")

  1062. 		}

  1063. 		flags = strings.Fields(flagsStr)

  1064. 	}

  1065. 

  1066. 	actionStr := ctx.FormValue("action")

  1067. 	if actionStr == "" {

  1068. 		actionStr = ctx.QueryParam("action")

  1069. 	}

  1070. 

  1071. 	var op imap.FlagsOp

  1072. 	switch actionStr {

  1073. 	case "", "set":

  1074. 		op = imap.SetFlags

  1075. 	case "add":

  1076. 		op = imap.AddFlags

  1077. 	case "remove":

  1078. 		op = imap.RemoveFlags

  1079. 	default:

  1080. 		return echo.NewHTTPError(http.StatusBadRequest, "invalid 'action' value")

  1081. 	}

  1082. 

  1083. 	err = ctx.Session.DoIMAP(func(c *imapclient.Client) error {

  1084. 		if err := ensureMailboxSelected(c, mboxName); err != nil {

  1085. 			return err

  1086. 		}

  1087. 

  1088. 		var seqSet imap.SeqSet

  1089. 		seqSet.AddNum(uids...)

  1090. 

  1091. 		storeItems := make([]interface{}, len(flags))

  1092. 		for i, f := range flags {

  1093. 			storeItems[i] = f

  1094. 		}

  1095. 

  1096. 		item := imap.FormatFlagsOp(op, true)

  1097. 		if err := c.UidStore(&seqSet, item, storeItems, nil); err != nil {

  1098. 			return fmt.Errorf("failed to add deleted flag: %v", err)

  1099. 		}

  1100. 

  1101. 		return nil

  1102. 	})

  1103. 	if err != nil {

  1104. 		return err

  1105. 	}

  1106. 

  1107. 	if path := formOrQueryParam(ctx, "next"); path != "" {

  1108. 		return ctx.Redirect(http.StatusFound, path)

  1109. 	}

  1110. 	if len(uids) != 1 || (op == imap.RemoveFlags && len(flags) == 1 && flags[0] == imap.SeenFlag) {

  1111. 		// Redirecting to the message view would mark the message as read again

  1112. 		return ctx.Redirect(http.StatusFound, fmt.Sprintf("/mailbox/%v", url.PathEscape(mboxName)))

  1113. 	}

  1114. 	return ctx.Redirect(http.StatusFound, fmt.Sprintf("/message/%v/%v", url.PathEscape(mboxName), uids[0]))

  1115. }

  1116. 

  1117. const settingsKey = "base.settings"

  1118. const maxMessagesPerPage = 100

  1119. 

  1120. type Settings struct {

  1121. 	MessagesPerPage int

  1122. }

  1123. 

  1124. func loadSettings(s alps.Store) (*Settings, error) {

  1125. 	settings := &Settings{

  1126. 		MessagesPerPage: 50,

  1127. 	}

  1128. 	if err := s.Get(settingsKey, settings); err != nil && err != alps.ErrNoStoreEntry {

  1129. 		return nil, err

  1130. 	}

  1131. 	if err := settings.check(); err != nil {

  1132. 		return nil, err

  1133. 	}

  1134. 	return settings, nil

  1135. }

  1136. 

  1137. func (s *Settings) check() error {

  1138. 	if s.MessagesPerPage <= 0 || s.MessagesPerPage > maxMessagesPerPage {

  1139. 		return fmt.Errorf("messages per page out of bounds: %v", s.MessagesPerPage)

  1140. 	}

  1141. 	return nil

  1142. }

  1143. 

  1144. type SettingsRenderData struct {

  1145. 	alps.BaseRenderData

  1146. 	Settings *Settings

  1147. }

  1148. 

  1149. func handleSettings(ctx *alps.Context) error {

  1150. 	settings, err := loadSettings(ctx.Session.Store())

  1151. 	if err != nil {

  1152. 		return fmt.Errorf("failed to load settings: %v", err)

  1153. 	}

  1154. 

  1155. 	if ctx.Request().Method == http.MethodPost {

  1156. 		settings.MessagesPerPage, err = strconv.Atoi(ctx.FormValue("messages_per_page"))

  1157. 		if err != nil {

  1158. 			return echo.NewHTTPError(http.StatusBadRequest, "invalid messages per page: %v", err)

  1159. 		}

  1160. 

  1161. 		if err := settings.check(); err != nil {

  1162. 			return echo.NewHTTPError(http.StatusBadRequest, err)

  1163. 		}

  1164. 		if err := ctx.Session.Store().Put(settingsKey, settings); err != nil {

  1165. 			return fmt.Errorf("failed to save settings: %v", err)

  1166. 		}

  1167. 

  1168. 		return ctx.Redirect(http.StatusFound, "/mailbox/INBOX")

  1169. 	}

  1170. 

  1171. 	return ctx.Render(http.StatusOK, "settings.html", &SettingsRenderData{

  1172. 		BaseRenderData: *alps.NewBaseRenderData(ctx),

  1173. 		Settings:       settings,

  1174. 	})

  1175. }