loop
/
alps
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
A webmail client. Forked from https://git.sr.ht/~migadu/alps
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
324 Commits
1 Branch
708 KiB
 
 
 
 
Tree: 6ecb243620
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '6ecb243620'
${ noResults }
alps/plugins/base/routes.go

1160 lines
30 KiB
Raw Blame History 

  1. package alpsbase

  2. 

  3. import (

  4. 	"bytes"

  5. 	"fmt"

  6. 	"io"

  7. 	"io/ioutil"

  8. 	"mime"

  9. 	"net/http"

  10. 	"net/textproto"

  11. 	"net/url"

  12. 	"strconv"

  13. 	"strings"

  14. 

  15. 	"git.sr.ht/~emersion/alps"

  16. 	"github.com/emersion/go-imap"

  17. 	imapmove "github.com/emersion/go-imap-move"

  18. 	imapclient "github.com/emersion/go-imap/client"

  19. 	"github.com/emersion/go-message"

  20. 	"github.com/emersion/go-message/mail"

  21. 	"github.com/emersion/go-smtp"

  22. 	"github.com/labstack/echo/v4"

  23. )

  24. 

  25. func registerRoutes(p *alps.GoPlugin) {

  26. 	p.GET("/", func(ctx *alps.Context) error {

  27. 		return ctx.Redirect(http.StatusFound, "/mailbox/INBOX")

  28. 	})

  29. 

  30. 	p.GET("/mailbox/:mbox", handleGetMailbox)

  31. 	p.POST("/mailbox/:mbox", handleGetMailbox)

  32. 

  33. 	p.GET("/new-mailbox", handleNewMailbox)

  34. 	p.POST("/new-mailbox", handleNewMailbox)

  35. 

  36. 	p.GET("/delete-mailbox/:mbox", handleDeleteMailbox)

  37. 	p.POST("/delete-mailbox/:mbox", handleDeleteMailbox)

  38. 

  39. 	p.GET("/message/:mbox/:uid", func(ctx *alps.Context) error {

  40. 		return handleGetPart(ctx, false)

  41. 	})

  42. 	p.GET("/message/:mbox/:uid/raw", func(ctx *alps.Context) error {

  43. 		return handleGetPart(ctx, true)

  44. 	})

  45. 

  46. 	p.GET("/login", handleLogin)

  47. 	p.POST("/login", handleLogin)

  48. 

  49. 	p.GET("/logout", handleLogout)

  50. 

  51. 	p.GET("/compose", handleComposeNew)

  52. 	p.POST("/compose", handleComposeNew)

  53. 

  54. 	p.POST("/compose/attachment", handleComposeAttachment)

  55. 	p.POST("/compose/attachment/:uuid/remove", handleCancelAttachment)

  56. 

  57. 	p.GET("/message/:mbox/:uid/reply", handleReply)

  58. 	p.POST("/message/:mbox/:uid/reply", handleReply)

  59. 

  60. 	p.GET("/message/:mbox/:uid/forward", handleForward)

  61. 	p.POST("/message/:mbox/:uid/forward", handleForward)

  62. 

  63. 	p.GET("/message/:mbox/:uid/edit", handleEdit)

  64. 	p.POST("/message/:mbox/:uid/edit", handleEdit)

  65. 

  66. 	p.POST("/message/:mbox/move", handleMove)

  67. 

  68. 	p.POST("/message/:mbox/delete", handleDelete)

  69. 

  70. 	p.POST("/message/:mbox/flag", handleSetFlags)

  71. 

  72. 	p.GET("/settings", handleSettings)

  73. 	p.POST("/settings", handleSettings)

  74. }

  75. 

  76. type IMAPBaseRenderData struct {

  77. 	alps.BaseRenderData

  78. 	CategorizedMailboxes CategorizedMailboxes

  79. 	Mailboxes            []MailboxInfo

  80. 	Mailbox              *MailboxStatus

  81. 	Inbox                *MailboxStatus

  82. }

  83. 

  84. type MailboxRenderData struct {

  85. 	IMAPBaseRenderData

  86. 	Messages             []IMAPMessage

  87. 	PrevPage, NextPage   int

  88. 	Query                string

  89. }

  90. 

  91. // Organizes mailboxes into common/uncommon categories

  92. type CategorizedMailboxes struct {

  93. 	Common struct {

  94. 		Inbox   *MailboxInfo

  95. 		Drafts  *MailboxInfo

  96. 		Sent    *MailboxInfo

  97. 		Junk    *MailboxInfo

  98. 		Trash   *MailboxInfo

  99. 		Archive *MailboxInfo

  100. 	}

  101. 	Additional []*MailboxInfo

  102. }

  103. 

  104. func newIMAPBaseRenderData(ctx *alps.Context,

  105. 	base *alps.BaseRenderData) (*IMAPBaseRenderData, error) {

  106. 

  107. 	mboxName, err := url.PathUnescape(ctx.Param("mbox"))

  108. 	if err != nil {

  109. 		return nil, echo.NewHTTPError(http.StatusBadRequest, err)

  110. 	}

  111. 

  112. 	var mailboxes []MailboxInfo

  113. 	var active, inbox, outbox *MailboxStatus

  114. 	err = ctx.Session.DoIMAP(func(c *imapclient.Client) error {

  115. 		var err error

  116. 		if mailboxes, err = listMailboxes(c); err != nil {

  117. 			return err

  118. 		}

  119. 		if mboxName != "" {

  120. 			if active, err = getMailboxStatus(c, mboxName); err != nil {

  121. 				return err

  122. 			}

  123. 		}

  124. 		if mboxName == "INBOX" {

  125. 			inbox = active

  126. 		} else {

  127. 			if inbox, err = getMailboxStatus(c, "INBOX"); err != nil {

  128. 				return err

  129. 			}

  130. 		}

  131. 		return nil

  132. 	})

  133. 	if err != nil {

  134. 		return nil, err

  135. 	}

  136. 

  137. 	var categorized CategorizedMailboxes

  138. 	mmap := map[string]**MailboxInfo{

  139. 		"INBOX": &categorized.Common.Inbox,

  140. 		"Drafts": &categorized.Common.Drafts,

  141. 		"Sent": &categorized.Common.Sent,

  142. 		"Junk": &categorized.Common.Junk,

  143. 		"Trash": &categorized.Common.Trash,

  144. 		"Archive": &categorized.Common.Archive,

  145. 	}

  146. 

  147. 	for i, _ := range mailboxes {

  148. 		// Populate unseen & active states

  149. 		if active != nil && mailboxes[i].Name == active.Name {

  150. 			mailboxes[i].Unseen = int(active.Unseen)

  151. 			mailboxes[i].Total = int(active.Messages)

  152. 			mailboxes[i].Active = true

  153. 		}

  154. 		if mailboxes[i].Name == inbox.Name {

  155. 			mailboxes[i].Unseen = int(inbox.Unseen)

  156. 			mailboxes[i].Total = int(inbox.Messages)

  157. 		}

  158. 		if outbox != nil && mailboxes[i].Name == outbox.Name {

  159. 			mailboxes[i].Unseen = int(outbox.Unseen)

  160. 			mailboxes[i].Total = int(outbox.Messages)

  161. 		}

  162. 

  163. 		if ptr, ok := mmap[mailboxes[i].Name]; ok {

  164. 			*ptr = &mailboxes[i]

  165. 		} else {

  166. 			categorized.Additional = append(

  167. 				categorized.Additional, &mailboxes[i])

  168. 		}

  169. 	}

  170. 

  171. 	return &IMAPBaseRenderData{

  172. 		BaseRenderData:       *base,

  173. 		CategorizedMailboxes: categorized,

  174. 		Mailboxes:            mailboxes,

  175. 		Inbox:                inbox,

  176. 		Mailbox:              active,

  177. 	}, nil

  178. }

  179. 

  180. func handleGetMailbox(ctx *alps.Context) error {

  181. 	ibase, err := newIMAPBaseRenderData(ctx, alps.NewBaseRenderData(ctx))

  182. 	if err != nil {

  183. 		return err

  184. 	}

  185. 

  186. 	mbox := ibase.Mailbox

  187. 	title := mbox.Name

  188. 	if title == "INBOX" {

  189. 		title = "Inbox"

  190. 	}

  191. 	if mbox.Unseen > 0 {

  192. 		title = fmt.Sprintf("(%d) %s", mbox.Unseen, title)

  193. 	}

  194. 	ibase.BaseRenderData.WithTitle(title)

  195. 

  196. 	page := 0

  197. 	if pageStr := ctx.QueryParam("page"); pageStr != "" {

  198. 		var err error

  199. 		if page, err = strconv.Atoi(pageStr); err != nil || page < 0 {

  200. 			return echo.NewHTTPError(http.StatusBadRequest, "invalid page index")

  201. 		}

  202. 	}

  203. 

  204. 	settings, err := loadSettings(ctx.Session.Store())

  205. 	if err != nil {

  206. 		return err

  207. 	}

  208. 	messagesPerPage := settings.MessagesPerPage

  209. 

  210. 	query := ctx.QueryParam("query")

  211. 

  212. 	var (

  213. 		msgs  []IMAPMessage

  214. 		total int

  215. 	)

  216. 	err = ctx.Session.DoIMAP(func(c *imapclient.Client) error {

  217. 		var err  error

  218. 		if query != "" {

  219. 			msgs, total, err = searchMessages(c, mbox.Name, query, page, messagesPerPage)

  220. 		} else {

  221. 			msgs, err = listMessages(c, mbox, page, messagesPerPage)

  222. 		}

  223. 		if err != nil {

  224. 			return err

  225. 		}

  226. 		return nil

  227. 	})

  228. 	if err != nil {

  229. 		return err

  230. 	}

  231. 

  232. 	prevPage, nextPage := -1, -1

  233. 	if query != "" {

  234. 		if page > 0 {

  235. 			prevPage = page - 1

  236. 		}

  237. 		if (page+1)*messagesPerPage <= total {

  238. 			nextPage = page + 1

  239. 		}

  240. 	} else {

  241. 		if page > 0 {

  242. 			prevPage = page - 1

  243. 		}

  244. 		if (page+1)*messagesPerPage < int(mbox.Messages) {

  245. 			nextPage = page + 1

  246. 		}

  247. 	}

  248. 

  249. 	return ctx.Render(http.StatusOK, "mailbox.html", &MailboxRenderData{

  250. 		IMAPBaseRenderData:  *ibase,

  251. 		Messages:             msgs,

  252. 		PrevPage:             prevPage,

  253. 		NextPage:             nextPage,

  254. 		Query:                query,

  255. 	})

  256. }

  257. 

  258. type NewMailboxRenderData struct {

  259. 	IMAPBaseRenderData

  260. 	Error string

  261. }

  262. 

  263. func handleNewMailbox(ctx *alps.Context) error {

  264. 	ibase, err := newIMAPBaseRenderData(ctx, alps.NewBaseRenderData(ctx))

  265. 	if err != nil {

  266. 		return err

  267. 	}

  268. 	ibase.BaseRenderData.WithTitle("Create new folder")

  269. 

  270. 	if ctx.Request().Method == http.MethodPost {

  271. 		name := ctx.FormValue("name")

  272. 		if name == "" {

  273. 			return ctx.Render(http.StatusOK, "new-mailbox.html", &NewMailboxRenderData{

  274. 				IMAPBaseRenderData: *ibase,

  275. 				Error: "Name is required",

  276. 			})

  277. 		}

  278. 

  279. 		err := ctx.Session.DoIMAP(func(c *imapclient.Client) error {

  280. 			return c.Create(name)

  281. 		})

  282. 

  283. 		if err != nil {

  284. 			return ctx.Render(http.StatusOK, "new-mailbox.html", &NewMailboxRenderData{

  285. 				IMAPBaseRenderData: *ibase,

  286. 				Error: err.Error(),

  287. 			})

  288. 		}

  289. 

  290. 		return ctx.Redirect(http.StatusFound, fmt.Sprintf("/mailbox/%s", url.PathEscape(name)))

  291. 	}

  292. 

  293. 	return ctx.Render(http.StatusOK, "new-mailbox.html", &NewMailboxRenderData{

  294. 		IMAPBaseRenderData: *ibase,

  295. 		Error: "",

  296. 	})

  297. }

  298. 

  299. func handleDeleteMailbox(ctx *alps.Context) error {

  300. 	ibase, err := newIMAPBaseRenderData(ctx, alps.NewBaseRenderData(ctx))

  301. 	if err != nil {

  302. 		return err

  303. 	}

  304. 

  305. 	mbox := ibase.Mailbox

  306. 	ibase.BaseRenderData.WithTitle("Delete folder '" + mbox.Name + "'")

  307. 

  308. 	if ctx.Request().Method == http.MethodPost {

  309. 		ctx.Session.DoIMAP(func(c *imapclient.Client) error {

  310. 			return c.Delete(mbox.Name)

  311. 		})

  312. 		return ctx.Redirect(http.StatusFound, "/mailbox/INBOX")

  313. 	}

  314. 

  315. 	return ctx.Render(http.StatusOK, "delete-mailbox.html", ibase)

  316. }

  317. 

  318. func handleLogin(ctx *alps.Context) error {

  319. 	username := ctx.FormValue("username")

  320. 	password := ctx.FormValue("password")

  321. 	remember := ctx.FormValue("remember-me")

  322. 

  323. 	renderData := struct {

  324. 		alps.BaseRenderData

  325. 		CanRememberMe bool

  326. 	}{

  327. 		BaseRenderData: *alps.NewBaseRenderData(ctx),

  328. 		CanRememberMe:  ctx.Server.Options.LoginKey != nil,

  329. 	}

  330. 

  331. 	if username == "" && password == "" {

  332. 		username, password = ctx.GetLoginToken()

  333. 	}

  334. 

  335. 	if username != "" && password != "" {

  336. 		s, err := ctx.Server.Sessions.Put(username, password)

  337. 		if err != nil {

  338. 			if _, ok := err.(alps.AuthError); ok {

  339. 				return ctx.Render(http.StatusOK, "login.html", &renderData)

  340. 			}

  341. 			return fmt.Errorf("failed to put connection in pool: %v", err)

  342. 		}

  343. 		ctx.SetSession(s)

  344. 

  345. 		if remember == "on" {

  346. 			ctx.SetLoginToken(username, password)

  347. 		}

  348. 

  349. 		if path := ctx.QueryParam("next"); path != "" && path[0] == '/' && path != "/login" {

  350. 			return ctx.Redirect(http.StatusFound, path)

  351. 		}

  352. 		return ctx.Redirect(http.StatusFound, "/mailbox/INBOX")

  353. 	}

  354. 

  355. 	return ctx.Render(http.StatusOK, "login.html", &renderData)

  356. }

  357. 

  358. func handleLogout(ctx *alps.Context) error {

  359. 	ctx.Session.Close()

  360. 	ctx.SetSession(nil)

  361. 	ctx.SetLoginToken("", "")

  362. 	return ctx.Redirect(http.StatusFound, "/login")

  363. }

  364. 

  365. type MessageRenderData struct {

  366. 	IMAPBaseRenderData

  367. 	Message     *IMAPMessage

  368. 	Part        *IMAPPartNode

  369. 	View        interface{}

  370. 	MailboxPage int

  371. 	Flags       map[string]bool

  372. }

  373. 

  374. func handleGetPart(ctx *alps.Context, raw bool) error {

  375. 	_, uid, err := parseMboxAndUid(ctx.Param("mbox"), ctx.Param("uid"))

  376. 	ibase, err := newIMAPBaseRenderData(ctx, alps.NewBaseRenderData(ctx))

  377. 	if err != nil {

  378. 		return err

  379. 	}

  380. 	mbox := ibase.Mailbox

  381. 

  382. 	partPath, err := parsePartPath(ctx.QueryParam("part"))

  383. 	if err != nil {

  384. 		return echo.NewHTTPError(http.StatusBadRequest, err)

  385. 	}

  386. 

  387. 	settings, err := loadSettings(ctx.Session.Store())

  388. 	if err != nil {

  389. 		return err

  390. 	}

  391. 	messagesPerPage := settings.MessagesPerPage

  392. 

  393. 	var msg *IMAPMessage

  394. 	var part *message.Entity

  395. 	err = ctx.Session.DoIMAP(func(c *imapclient.Client) error {

  396. 		var err error

  397. 		if msg, part, err = getMessagePart(c, mbox.Name, uid, partPath); err != nil {

  398. 			return err

  399. 		}

  400. 		return nil

  401. 	})

  402. 	if err != nil {

  403. 		return err

  404. 	}

  405. 

  406. 	mimeType, _, err := part.Header.ContentType()

  407. 	if err != nil {

  408. 		return fmt.Errorf("failed to parse part Content-Type: %v", err)

  409. 	}

  410. 	if len(partPath) == 0 {

  411. 		if ctx.QueryParam("plain") == "1" {

  412. 			mimeType = "text/plain"

  413. 		} else {

  414. 			mimeType = "message/rfc822"

  415. 		}

  416. 	}

  417. 

  418. 	if raw {

  419. 		ctx.Response().Header().Set("Content-Type", mimeType)

  420. 

  421. 		disp, dispParams, _ := part.Header.ContentDisposition()

  422. 		filename := dispParams["filename"]

  423. 		if len(partPath) == 0 {

  424. 			filename = msg.Envelope.Subject + ".eml"

  425. 		}

  426. 

  427. 		// TODO: set Content-Length if possible

  428. 

  429. 		// Be careful not to serve types like text/html as inline

  430. 		if !strings.EqualFold(mimeType, "text/plain") || strings.EqualFold(disp, "attachment") {

  431. 			dispParams := make(map[string]string)

  432. 			if filename != "" {

  433. 				dispParams["filename"] = filename

  434. 			}

  435. 			disp := mime.FormatMediaType("attachment", dispParams)

  436. 			ctx.Response().Header().Set("Content-Disposition", disp)

  437. 		}

  438. 

  439. 		if len(partPath) == 0 {

  440. 			return part.WriteTo(ctx.Response())

  441. 		} else {

  442. 			return ctx.Stream(http.StatusOK, mimeType, part.Body)

  443. 		}

  444. 	}

  445. 

  446. 	view, err := viewMessagePart(ctx, msg, part)

  447. 	if err == ErrViewUnsupported {

  448. 		view = nil

  449. 	}

  450. 

  451. 	flags := make(map[string]bool)

  452. 	for _, f := range mbox.PermanentFlags {

  453. 		f = imap.CanonicalFlag(f)

  454. 		if f == imap.TryCreateFlag {

  455. 			continue

  456. 		}

  457. 		flags[f] = msg.HasFlag(f)

  458. 	}

  459. 

  460. 	ibase.BaseRenderData.WithTitle(msg.Envelope.Subject)

  461. 

  462. 	return ctx.Render(http.StatusOK, "message.html", &MessageRenderData{

  463. 		IMAPBaseRenderData: *ibase,

  464. 		Message:            msg,

  465. 		Part:               msg.PartByPath(partPath),

  466. 		View:               view,

  467. 		MailboxPage:        int(mbox.Messages-msg.SeqNum) / messagesPerPage,

  468. 		Flags:              flags,

  469. 	})

  470. }

  471. 

  472. type ComposeRenderData struct {

  473. 	IMAPBaseRenderData

  474. 	Message *OutgoingMessage

  475. }

  476. 

  477. type messagePath struct {

  478. 	Mailbox string

  479. 	Uid     uint32

  480. }

  481. 

  482. type composeOptions struct {

  483. 	Draft     *messagePath

  484. 	Forward   *messagePath

  485. 	InReplyTo *messagePath

  486. }

  487. 

  488. // Send message, append it to the Sent mailbox, mark the original message as

  489. // answered

  490. func submitCompose(ctx *alps.Context, msg *OutgoingMessage, options *composeOptions) error {

  491. 	err := ctx.Session.DoSMTP(func (c *smtp.Client) error {

  492. 		return sendMessage(c, msg)

  493. 	})

  494. 	if err != nil {

  495. 		if _, ok := err.(alps.AuthError); ok {

  496. 			return echo.NewHTTPError(http.StatusForbidden, err)

  497. 		}

  498. 		return fmt.Errorf("failed to send message: %v", err)

  499. 	}

  500. 

  501. 	if inReplyTo := options.InReplyTo; inReplyTo != nil {

  502. 		err = ctx.Session.DoIMAP(func(c *imapclient.Client) error {

  503. 			return markMessageAnswered(c, inReplyTo.Mailbox, inReplyTo.Uid)

  504. 		})

  505. 		if err != nil {

  506. 			return fmt.Errorf("failed to mark original message as answered: %v", err)

  507. 		}

  508. 	}

  509. 

  510. 	err = ctx.Session.DoIMAP(func(c *imapclient.Client) error {

  511. 		if _, err := appendMessage(c, msg, mailboxSent); err != nil {

  512. 			return err

  513. 		}

  514. 		if draft := options.Draft; draft != nil {

  515. 			if err := deleteMessage(c, draft.Mailbox, draft.Uid); err != nil {

  516. 				return err

  517. 			}

  518. 		}

  519. 		return nil

  520. 	})

  521. 	if err != nil {

  522. 		return fmt.Errorf("failed to save message to Sent mailbox: %v", err)

  523. 	}

  524. 

  525. 	return ctx.Redirect(http.StatusFound, "/mailbox/INBOX")

  526. }

  527. 

  528. func handleCompose(ctx *alps.Context, msg *OutgoingMessage, options *composeOptions) error {

  529. 	ibase, err := newIMAPBaseRenderData(ctx, alps.NewBaseRenderData(ctx))

  530. 	if err != nil {

  531. 		return err

  532. 	}

  533. 

  534. 	if msg.From == "" && strings.ContainsRune(ctx.Session.Username(), '@') {

  535. 		msg.From = ctx.Session.Username()

  536. 	}

  537. 

  538. 	if ctx.Request().Method == http.MethodPost {

  539. 		formParams, err := ctx.FormParams()

  540. 		if err != nil {

  541. 			return fmt.Errorf("failed to parse form: %v", err)

  542. 		}

  543. 		_, saveAsDraft := formParams["save_as_draft"]

  544. 

  545. 		msg.From = ctx.FormValue("from")

  546. 		msg.To = parseAddressList(ctx.FormValue("to"))

  547. 		msg.Subject = ctx.FormValue("subject")

  548. 		msg.Text = ctx.FormValue("text")

  549. 		msg.InReplyTo = ctx.FormValue("in_reply_to")

  550. 		msg.MessageID = ctx.FormValue("message_id")

  551. 

  552. 		form, err := ctx.MultipartForm()

  553. 		if err != nil {

  554. 			return fmt.Errorf("failed to get multipart form: %v", err)

  555. 		}

  556. 

  557. 		// Fetch previous attachments from original message

  558. 		var original *messagePath

  559. 		if options.Draft != nil {

  560. 			original = options.Draft

  561. 		} else if options.Forward != nil {

  562. 			original = options.Forward

  563. 		}

  564. 		if original != nil {

  565. 			for _, s := range form.Value["prev_attachments"] {

  566. 				path, err := parsePartPath(s)

  567. 				if err != nil {

  568. 					return fmt.Errorf("failed to parse original attachment path: %v", err)

  569. 				}

  570. 

  571. 				var part *message.Entity

  572. 				err = ctx.Session.DoIMAP(func(c *imapclient.Client) error {

  573. 					var err error

  574. 					_, part, err = getMessagePart(c, original.Mailbox, original.Uid, path)

  575. 					return err

  576. 				})

  577. 				if err != nil {

  578. 					return fmt.Errorf("failed to fetch attachment from original message: %v", err)

  579. 				}

  580. 

  581. 				var buf bytes.Buffer

  582. 				if _, err := io.Copy(&buf, part.Body); err != nil {

  583. 					return fmt.Errorf("failed to copy attachment from original message: %v", err)

  584. 				}

  585. 

  586. 				h := mail.AttachmentHeader{part.Header}

  587. 				mimeType, _, _ := h.ContentType()

  588. 				filename, _ := h.Filename()

  589. 				msg.Attachments = append(msg.Attachments, &imapAttachment{

  590. 					Mailbox: original.Mailbox,

  591. 					Uid:     original.Uid,

  592. 					Node: &IMAPPartNode{

  593. 						Path:     path,

  594. 						MIMEType: mimeType,

  595. 						Filename: filename,

  596. 					},

  597. 					Body: buf.Bytes(),

  598. 				})

  599. 			}

  600. 		} else if len(form.Value["prev_attachments"]) > 0 {

  601. 			return fmt.Errorf("previous attachments specified but no original message available")

  602. 		}

  603. 

  604. 		for _, fh := range form.File["attachments"] {

  605. 			msg.Attachments = append(msg.Attachments, &formAttachment{fh})

  606. 		}

  607. 

  608. 		uuids := ctx.FormValue("attachment-uuids")

  609. 		for _, uuid := range strings.Split(uuids, ",") {

  610. 			if uuid == "" {

  611. 				continue

  612. 			}

  613. 

  614. 			attachment := ctx.Session.PopAttachment(uuid)

  615. 			if attachment == nil {

  616. 				return fmt.Errorf("Unable to retrieve message attachment %s from session", uuid)

  617. 			}

  618. 			msg.Attachments = append(msg.Attachments,

  619. 				&formAttachment{attachment.File})

  620. 			defer attachment.Form.RemoveAll()

  621. 		}

  622. 

  623. 		if saveAsDraft {

  624. 			var (

  625. 				drafts *MailboxInfo

  626. 				uid    uint32

  627. 			)

  628. 			err = ctx.Session.DoIMAP(func(c *imapclient.Client) error {

  629. 				drafts, err = appendMessage(c, msg, mailboxDrafts)

  630. 				if err != nil {

  631. 					return err

  632. 				}

  633. 

  634. 				if draft := options.Draft; draft != nil {

  635. 					if err := deleteMessage(c, draft.Mailbox, draft.Uid); err != nil {

  636. 						return err

  637. 					}

  638. 				}

  639. 

  640. 				criteria := &imap.SearchCriteria{

  641. 					Header: make(textproto.MIMEHeader),

  642. 				}

  643. 				criteria.Header.Add("Message-Id", msg.MessageID)

  644. 				if uids, err := c.UidSearch(criteria); err != nil {

  645. 					return err

  646. 				} else {

  647. 					if len(uids) != 1 {

  648. 						panic(fmt.Errorf("Duplicate message ID"))

  649. 					}

  650. 					uid = uids[0]

  651. 				}

  652. 				return nil

  653. 			})

  654. 			if err != nil {

  655. 				return fmt.Errorf("failed to save message to Draft mailbox: %v", err)

  656. 			}

  657. 			return ctx.Redirect(http.StatusFound, fmt.Sprintf(

  658. 				"/message/%s/%d/edit?part=1", drafts.Name, uid))

  659. 		} else {

  660. 			return submitCompose(ctx, msg, options)

  661. 		}

  662. 	}

  663. 

  664. 	return ctx.Render(http.StatusOK, "compose.html", &ComposeRenderData{

  665. 		IMAPBaseRenderData: *ibase,

  666. 		Message:            msg,

  667. 	})

  668. }

  669. 

  670. func handleComposeNew(ctx *alps.Context) error {

  671. 	// These are common mailto URL query parameters

  672. 	// TODO: cc, bcc

  673. 	return handleCompose(ctx, &OutgoingMessage{

  674. 		To:        strings.Split(ctx.QueryParam("to"), ","),

  675. 		Subject:   ctx.QueryParam("subject"),

  676. 		Text:      ctx.QueryParam("body"),

  677. 		MessageID: mail.GenerateMessageID(),

  678. 		InReplyTo: ctx.QueryParam("in-reply-to"),

  679. 	}, &composeOptions{})

  680. }

  681. 

  682. func handleComposeAttachment(ctx *alps.Context) error {

  683. 	reader, err := ctx.Request().MultipartReader()

  684. 	if err != nil {

  685. 		return ctx.JSON(http.StatusBadRequest, map[string]string{

  686. 			"error": "Invalid request",

  687. 		})

  688. 	}

  689. 	form, err := reader.ReadForm(32 << 20) // 32 MB

  690. 	if err != nil {

  691. 		return ctx.JSON(http.StatusBadRequest, map[string]string{

  692. 			"error": "Invalid request",

  693. 		})

  694. 	}

  695. 

  696. 	var uuids []string

  697. 	for _, fh := range form.File["attachments"] {

  698. 		uuid, err := ctx.Session.PutAttachment(fh, form)

  699. 		if err != nil {

  700. 			ctx.Logger().Printf("PutAttachment: %v\n", err)

  701. 			return ctx.JSON(http.StatusBadRequest, map[string]string{

  702. 				"error": "failed to store attachment",

  703. 			})

  704. 		}

  705. 		uuids = append(uuids, uuid)

  706. 	}

  707. 

  708. 	return ctx.JSON(http.StatusOK, &uuids)

  709. }

  710. 

  711. func handleCancelAttachment(ctx *alps.Context) error {

  712. 	uuid := ctx.Param("uuid")

  713. 	a := ctx.Session.PopAttachment(uuid)

  714. 	if a != nil {

  715. 		a.Form.RemoveAll()

  716. 	}

  717. 	return ctx.JSON(http.StatusOK, nil)

  718. }

  719. 

  720. func unwrapIMAPAddressList(addrs []*imap.Address) []string {

  721. 	l := make([]string, len(addrs))

  722. 	for i, addr := range addrs {

  723. 		l[i] = addr.Address()

  724. 	}

  725. 	return l

  726. }

  727. 

  728. func handleReply(ctx *alps.Context) error {

  729. 	var inReplyToPath messagePath

  730. 	var err error

  731. 	inReplyToPath.Mailbox, inReplyToPath.Uid, err = parseMboxAndUid(ctx.Param("mbox"), ctx.Param("uid"))

  732. 	if err != nil {

  733. 		return echo.NewHTTPError(http.StatusBadRequest, err)

  734. 	}

  735. 

  736. 	var msg OutgoingMessage

  737. 	if ctx.Request().Method == http.MethodGet {

  738. 		// Populate fields from original message

  739. 		partPath, err := parsePartPath(ctx.QueryParam("part"))

  740. 		if err != nil {

  741. 			return echo.NewHTTPError(http.StatusBadRequest, err)

  742. 		}

  743. 

  744. 		var inReplyTo *IMAPMessage

  745. 		var part *message.Entity

  746. 		err = ctx.Session.DoIMAP(func(c *imapclient.Client) error {

  747. 			var err error

  748. 			inReplyTo, part, err = getMessagePart(c, inReplyToPath.Mailbox, inReplyToPath.Uid, partPath)

  749. 			return err

  750. 		})

  751. 		if err != nil {

  752. 			return err

  753. 		}

  754. 

  755. 		mimeType, _, err := part.Header.ContentType()

  756. 		if err != nil {

  757. 			return fmt.Errorf("failed to parse part Content-Type: %v", err)

  758. 		}

  759. 

  760. 		if !strings.EqualFold(mimeType, "text/plain") {

  761. 			err := fmt.Errorf("cannot reply to %q part", mimeType)

  762. 			return echo.NewHTTPError(http.StatusBadRequest, err)

  763. 		}

  764. 

  765. 		// TODO: strip HTML tags if text/html

  766. 		msg.Text, err = quote(part.Body)

  767. 		if err != nil {

  768. 			return err

  769. 		}

  770. 

  771. 		msg.MessageID = mail.GenerateMessageID()

  772. 		msg.InReplyTo = inReplyTo.Envelope.MessageId

  773. 		// TODO: populate From from known user addresses and inReplyTo.Envelope.To

  774. 		replyTo := inReplyTo.Envelope.ReplyTo

  775. 		if len(replyTo) == 0 {

  776. 			replyTo = inReplyTo.Envelope.From

  777. 		}

  778. 		msg.To = unwrapIMAPAddressList(replyTo)

  779. 		msg.Subject = inReplyTo.Envelope.Subject

  780. 		if !strings.HasPrefix(strings.ToLower(msg.Subject), "re:") {

  781. 			msg.Subject = "Re: " + msg.Subject

  782. 		}

  783. 	}

  784. 

  785. 	return handleCompose(ctx, &msg, &composeOptions{InReplyTo: &inReplyToPath})

  786. }

  787. 

  788. func handleForward(ctx *alps.Context) error {

  789. 	var sourcePath messagePath

  790. 	var err error

  791. 	sourcePath.Mailbox, sourcePath.Uid, err = parseMboxAndUid(ctx.Param("mbox"), ctx.Param("uid"))

  792. 	if err != nil {

  793. 		return echo.NewHTTPError(http.StatusBadRequest, err)

  794. 	}

  795. 

  796. 	var msg OutgoingMessage

  797. 	if ctx.Request().Method == http.MethodGet {

  798. 		// Populate fields from original message

  799. 		partPath, err := parsePartPath(ctx.QueryParam("part"))

  800. 		if err != nil {

  801. 			return echo.NewHTTPError(http.StatusBadRequest, err)

  802. 		}

  803. 

  804. 		var source *IMAPMessage

  805. 		var part *message.Entity

  806. 		err = ctx.Session.DoIMAP(func(c *imapclient.Client) error {

  807. 			var err error

  808. 			source, part, err = getMessagePart(c, sourcePath.Mailbox, sourcePath.Uid, partPath)

  809. 			return err

  810. 		})

  811. 		if err != nil {

  812. 			return err

  813. 		}

  814. 

  815. 		mimeType, _, err := part.Header.ContentType()

  816. 		if err != nil {

  817. 			return fmt.Errorf("failed to parse part Content-Type: %v", err)

  818. 		}

  819. 

  820. 		if !strings.EqualFold(mimeType, "text/plain") {

  821. 			err := fmt.Errorf("cannot forward %q part", mimeType)

  822. 			return echo.NewHTTPError(http.StatusBadRequest, err)

  823. 		}

  824. 

  825. 		msg.Text, err = quote(part.Body)

  826. 		if err != nil {

  827. 			return err

  828. 		}

  829. 

  830. 		msg.MessageID = mail.GenerateMessageID()

  831. 		msg.Subject = source.Envelope.Subject

  832. 		if !strings.HasPrefix(strings.ToLower(msg.Subject), "fwd:") &&

  833. 			!strings.HasPrefix(strings.ToLower(msg.Subject), "fw:") {

  834. 			msg.Subject = "Fwd: " + msg.Subject

  835. 		}

  836. 		msg.InReplyTo = source.Envelope.InReplyTo

  837. 

  838. 		attachments := source.Attachments()

  839. 		for i := range attachments {

  840. 			// No need to populate attachment body here, we just need the

  841. 			// metadata

  842. 			msg.Attachments = append(msg.Attachments, &imapAttachment{

  843. 				Mailbox: sourcePath.Mailbox,

  844. 				Uid:     sourcePath.Uid,

  845. 				Node:    &attachments[i],

  846. 			})

  847. 		}

  848. 	}

  849. 

  850. 	return handleCompose(ctx, &msg, &composeOptions{Forward: &sourcePath})

  851. }

  852. 

  853. func handleEdit(ctx *alps.Context) error {

  854. 	var sourcePath messagePath

  855. 	var err error

  856. 	sourcePath.Mailbox, sourcePath.Uid, err = parseMboxAndUid(ctx.Param("mbox"), ctx.Param("uid"))

  857. 	if err != nil {

  858. 		return echo.NewHTTPError(http.StatusBadRequest, err)

  859. 	}

  860. 

  861. 	// TODO: somehow get the path to the In-Reply-To message (with a search?)

  862. 

  863. 	var msg OutgoingMessage

  864. 	if ctx.Request().Method == http.MethodGet {

  865. 		// Populate fields from source message

  866. 		partPath, err := parsePartPath(ctx.QueryParam("part"))

  867. 		if err != nil {

  868. 			return echo.NewHTTPError(http.StatusBadRequest, err)

  869. 		}

  870. 

  871. 		var source *IMAPMessage

  872. 		var part *message.Entity

  873. 		err = ctx.Session.DoIMAP(func(c *imapclient.Client) error {

  874. 			var err error

  875. 			source, part, err = getMessagePart(c, sourcePath.Mailbox, sourcePath.Uid, partPath)

  876. 			return err

  877. 		})

  878. 		if err != nil {

  879. 			return err

  880. 		}

  881. 

  882. 		mimeType, _, err := part.Header.ContentType()

  883. 		if err != nil {

  884. 			return fmt.Errorf("failed to parse part Content-Type: %v", err)

  885. 		}

  886. 

  887. 		if !strings.EqualFold(mimeType, "text/plain") {

  888. 			err := fmt.Errorf("cannot edit %q part", mimeType)

  889. 			return echo.NewHTTPError(http.StatusBadRequest, err)

  890. 		}

  891. 

  892. 		b, err := ioutil.ReadAll(part.Body)

  893. 		if err != nil {

  894. 			return fmt.Errorf("failed to read part body: %v", err)

  895. 		}

  896. 		msg.Text = string(b)

  897. 

  898. 		if len(source.Envelope.From) > 0 {

  899. 			msg.From = source.Envelope.From[0].Address()

  900. 		}

  901. 		msg.To = unwrapIMAPAddressList(source.Envelope.To)

  902. 		msg.Subject = source.Envelope.Subject

  903. 		msg.InReplyTo = source.Envelope.InReplyTo

  904. 		msg.MessageID = source.Envelope.MessageId

  905. 

  906. 		attachments := source.Attachments()

  907. 		for i := range attachments {

  908. 			// No need to populate attachment body here, we just need the

  909. 			// metadata

  910. 			msg.Attachments = append(msg.Attachments, &imapAttachment{

  911. 				Mailbox: sourcePath.Mailbox,

  912. 				Uid:     sourcePath.Uid,

  913. 				Node:    &attachments[i],

  914. 			})

  915. 		}

  916. 	}

  917. 

  918. 	return handleCompose(ctx, &msg, &composeOptions{Draft: &sourcePath})

  919. }

  920. 

  921. func formOrQueryParam(ctx *alps.Context, k string) string {

  922. 	if v := ctx.FormValue(k); v != "" {

  923. 		return v

  924. 	}

  925. 	return ctx.QueryParam(k)

  926. }

  927. 

  928. func handleMove(ctx *alps.Context) error {

  929. 	mboxName, err := url.PathUnescape(ctx.Param("mbox"))

  930. 	if err != nil {

  931. 		return echo.NewHTTPError(http.StatusBadRequest, err)

  932. 	}

  933. 

  934. 	formParams, err := ctx.FormParams()

  935. 	if err != nil {

  936. 		return echo.NewHTTPError(http.StatusBadRequest, err)

  937. 	}

  938. 	uids, err := parseUidList(formParams["uids"])

  939. 	if err != nil {

  940. 		return echo.NewHTTPError(http.StatusBadRequest, err)

  941. 	}

  942. 

  943. 	to := formOrQueryParam(ctx, "to")

  944. 	if to == "" {

  945. 		return echo.NewHTTPError(http.StatusBadRequest, "missing 'to' form parameter")

  946. 	}

  947. 

  948. 	err = ctx.Session.DoIMAP(func(c *imapclient.Client) error {

  949. 		mc := imapmove.NewClient(c)

  950. 

  951. 		if err := ensureMailboxSelected(c, mboxName); err != nil {

  952. 			return err

  953. 		}

  954. 

  955. 		var seqSet imap.SeqSet

  956. 		seqSet.AddNum(uids...)

  957. 		if err := mc.UidMoveWithFallback(&seqSet, to); err != nil {

  958. 			return fmt.Errorf("failed to move message: %v", err)

  959. 		}

  960. 

  961. 		// TODO: get the UID of the message in the destination mailbox with UIDPLUS

  962. 		return nil

  963. 	})

  964. 	if err != nil {

  965. 		return err

  966. 	}

  967. 

  968. 	if path := formOrQueryParam(ctx, "next"); path != "" {

  969. 		return ctx.Redirect(http.StatusFound, path)

  970. 	}

  971. 	return ctx.Redirect(http.StatusFound, fmt.Sprintf("/mailbox/%v", url.PathEscape(mboxName)))

  972. }

  973. 

  974. func handleDelete(ctx *alps.Context) error {

  975. 	mboxName, err := url.PathUnescape(ctx.Param("mbox"))

  976. 	if err != nil {

  977. 		return echo.NewHTTPError(http.StatusBadRequest, err)

  978. 	}

  979. 

  980. 	formParams, err := ctx.FormParams()

  981. 	if err != nil {

  982. 		return echo.NewHTTPError(http.StatusBadRequest, err)

  983. 	}

  984. 	uids, err := parseUidList(formParams["uids"])

  985. 	if err != nil {

  986. 		return echo.NewHTTPError(http.StatusBadRequest, err)

  987. 	}

  988. 

  989. 	err = ctx.Session.DoIMAP(func(c *imapclient.Client) error {

  990. 		if err := ensureMailboxSelected(c, mboxName); err != nil {

  991. 			return err

  992. 		}

  993. 

  994. 		var seqSet imap.SeqSet

  995. 		seqSet.AddNum(uids...)

  996. 

  997. 		item := imap.FormatFlagsOp(imap.AddFlags, true)

  998. 		flags := []interface{}{imap.DeletedFlag}

  999. 		if err := c.UidStore(&seqSet, item, flags, nil); err != nil {

  1000. 			return fmt.Errorf("failed to add deleted flag: %v", err)

  1001. 		}

  1002. 

  1003. 		if err := c.Expunge(nil); err != nil {

  1004. 			return fmt.Errorf("failed to expunge mailbox: %v", err)

  1005. 		}

  1006. 

  1007. 		// Deleting a message invalidates our cached message count

  1008. 		// TODO: listen to async updates instead

  1009. 		if _, err := c.Select(mboxName, false); err != nil {

  1010. 			return fmt.Errorf("failed to select mailbox: %v", err)

  1011. 		}

  1012. 

  1013. 		return nil

  1014. 	})

  1015. 	if err != nil {

  1016. 		return err

  1017. 	}

  1018. 

  1019. 	if path := formOrQueryParam(ctx, "next"); path != "" {

  1020. 		return ctx.Redirect(http.StatusFound, path)

  1021. 	}

  1022. 	return ctx.Redirect(http.StatusFound, fmt.Sprintf("/mailbox/%v", url.PathEscape(mboxName)))

  1023. }

  1024. 

  1025. func handleSetFlags(ctx *alps.Context) error {

  1026. 	mboxName, err := url.PathUnescape(ctx.Param("mbox"))

  1027. 	if err != nil {

  1028. 		return echo.NewHTTPError(http.StatusBadRequest, err)

  1029. 	}

  1030. 

  1031. 	formParams, err := ctx.FormParams()

  1032. 	if err != nil {

  1033. 		return echo.NewHTTPError(http.StatusBadRequest, err)

  1034. 	}

  1035. 

  1036. 	uids, err := parseUidList(formParams["uids"])

  1037. 	if err != nil {

  1038. 		return echo.NewHTTPError(http.StatusBadRequest, err)

  1039. 	}

  1040. 

  1041. 	flags, ok := formParams["flags"]

  1042. 	if !ok {

  1043. 		flagsStr := ctx.QueryParam("to")

  1044. 		if flagsStr == "" {

  1045. 			return echo.NewHTTPError(http.StatusBadRequest, "missing 'flags' form parameter")

  1046. 		}

  1047. 		flags = strings.Fields(flagsStr)

  1048. 	}

  1049. 

  1050. 	actionStr := ctx.FormValue("action")

  1051. 	if actionStr == "" {

  1052. 		actionStr = ctx.QueryParam("action")

  1053. 	}

  1054. 

  1055. 	var op imap.FlagsOp

  1056. 	switch actionStr {

  1057. 	case "", "set":

  1058. 		op = imap.SetFlags

  1059. 	case "add":

  1060. 		op = imap.AddFlags

  1061. 	case "remove":

  1062. 		op = imap.RemoveFlags

  1063. 	default:

  1064. 		return echo.NewHTTPError(http.StatusBadRequest, "invalid 'action' value")

  1065. 	}

  1066. 

  1067. 	err = ctx.Session.DoIMAP(func(c *imapclient.Client) error {

  1068. 		if err := ensureMailboxSelected(c, mboxName); err != nil {

  1069. 			return err

  1070. 		}

  1071. 

  1072. 		var seqSet imap.SeqSet

  1073. 		seqSet.AddNum(uids...)

  1074. 

  1075. 		storeItems := make([]interface{}, len(flags))

  1076. 		for i, f := range flags {

  1077. 			storeItems[i] = f

  1078. 		}

  1079. 

  1080. 		item := imap.FormatFlagsOp(op, true)

  1081. 		if err := c.UidStore(&seqSet, item, storeItems, nil); err != nil {

  1082. 			return fmt.Errorf("failed to add deleted flag: %v", err)

  1083. 		}

  1084. 

  1085. 		return nil

  1086. 	})

  1087. 	if err != nil {

  1088. 		return err

  1089. 	}

  1090. 

  1091. 	if path := formOrQueryParam(ctx, "next"); path != "" {

  1092. 		return ctx.Redirect(http.StatusFound, path)

  1093. 	}

  1094. 	if len(uids) != 1 || (op == imap.RemoveFlags && len(flags) == 1 && flags[0] == imap.SeenFlag) {

  1095. 		// Redirecting to the message view would mark the message as read again

  1096. 		return ctx.Redirect(http.StatusFound, fmt.Sprintf("/mailbox/%v", url.PathEscape(mboxName)))

  1097. 	}

  1098. 	return ctx.Redirect(http.StatusFound, fmt.Sprintf("/message/%v/%v", url.PathEscape(mboxName), uids[0]))

  1099. }

  1100. 

  1101. const settingsKey = "base.settings"

  1102. const maxMessagesPerPage = 100

  1103. 

  1104. type Settings struct {

  1105. 	MessagesPerPage int

  1106. }

  1107. 

  1108. func loadSettings(s alps.Store) (*Settings, error) {

  1109. 	settings := &Settings{

  1110. 		MessagesPerPage: 50,

  1111. 	}

  1112. 	if err := s.Get(settingsKey, settings); err != nil && err != alps.ErrNoStoreEntry {

  1113. 		return nil, err

  1114. 	}

  1115. 	if err := settings.check(); err != nil {

  1116. 		return nil, err

  1117. 	}

  1118. 	return settings, nil

  1119. }

  1120. 

  1121. func (s *Settings) check() error {

  1122. 	if s.MessagesPerPage <= 0 || s.MessagesPerPage > maxMessagesPerPage {

  1123. 		return fmt.Errorf("messages per page out of bounds: %v", s.MessagesPerPage)

  1124. 	}

  1125. 	return nil

  1126. }

  1127. 

  1128. type SettingsRenderData struct {

  1129. 	alps.BaseRenderData

  1130. 	Settings *Settings

  1131. }

  1132. 

  1133. func handleSettings(ctx *alps.Context) error {

  1134. 	settings, err := loadSettings(ctx.Session.Store())

  1135. 	if err != nil {

  1136. 		return fmt.Errorf("failed to load settings: %v", err)

  1137. 	}

  1138. 

  1139. 	if ctx.Request().Method == http.MethodPost {

  1140. 		settings.MessagesPerPage, err = strconv.Atoi(ctx.FormValue("messages_per_page"))

  1141. 		if err != nil {

  1142. 			return echo.NewHTTPError(http.StatusBadRequest, "invalid messages per page: %v", err)

  1143. 		}

  1144. 

  1145. 		if err := settings.check(); err != nil {

  1146. 			return echo.NewHTTPError(http.StatusBadRequest, err)

  1147. 		}

  1148. 		if err := ctx.Session.Store().Put(settingsKey, settings); err != nil {

  1149. 			return fmt.Errorf("failed to save settings: %v", err)

  1150. 		}

  1151. 

  1152. 		return ctx.Redirect(http.StatusFound, "/mailbox/INBOX")

  1153. 	}

  1154. 

  1155. 	return ctx.Render(http.StatusOK, "settings.html", &SettingsRenderData{

  1156. 		BaseRenderData: *alps.NewBaseRenderData(ctx),

  1157. 		Settings:       settings,

  1158. 	})

  1159. }