when removing an address, remove it as member from aliases

unless the address is the last member, then the admin must either remove the
alias first, or add new members. we don't want to accidentally remove an alias
address.

in the admin page for removing addresses, we warn the admin that the address
will be removed from any aliases.
This commit is contained in:
Mechiel Lukkien 2024-04-28 11:44:51 +02:00
parent e2924af8d2
commit 32cf6500bd
No known key found for this signature in database
3 changed files with 41 additions and 4 deletions

View file

@ -1117,6 +1117,9 @@ func AddressAdd(ctx context.Context, address, account string) (rerr error) {
// AddressRemove removes an email address and reloads the configuration. // AddressRemove removes an email address and reloads the configuration.
// Address can be a catchall address for the domain of the form "@<domain>". // Address can be a catchall address for the domain of the form "@<domain>".
//
// If the address is member of an alias, remove it from from the alias, unless it
// is the last member.
func AddressRemove(ctx context.Context, address string) (rerr error) { func AddressRemove(ctx context.Context, address string) (rerr error) {
log := pkglog.WithContext(ctx) log := pkglog.WithContext(ctx)
defer func() { defer func() {
@ -1192,12 +1195,42 @@ func AddressRemove(ctx context.Context, address string) (rerr error) {
} }
na.FromIDLoginAddresses = fromIDLoginAddresses na.FromIDLoginAddresses = fromIDLoginAddresses
// And remove as member from aliases configured in domains.
domains := maps.Clone(Conf.Dynamic.Domains)
for _, aa := range na.Aliases {
if aa.SubscriptionAddress != address {
continue
}
aliasAddr := fmt.Sprintf("%s@%s", aa.Alias.LocalpartStr, aa.Alias.Domain.Name())
dom, ok := Conf.Dynamic.Domains[aa.Alias.Domain.Name()]
if !ok {
return fmt.Errorf("cannot find domain for alias %s", aliasAddr)
}
a, ok := dom.Aliases[aa.Alias.LocalpartStr]
if !ok {
return fmt.Errorf("cannot find alias %s", aliasAddr)
}
a.Addresses = slices.Clone(a.Addresses)
a.Addresses = slices.DeleteFunc(a.Addresses, func(v string) bool { return v == address })
if len(a.Addresses) == 0 {
return fmt.Errorf("address is last member of alias %s, add new members or remove alias first", aliasAddr)
}
a.ParsedAddresses = nil // Filled when parsing config.
dom.Aliases = maps.Clone(dom.Aliases)
dom.Aliases[aa.Alias.LocalpartStr] = a
domains[aa.Alias.Domain.Name()] = dom
}
na.Aliases = nil // Filled when parsing config.
nc := Conf.Dynamic nc := Conf.Dynamic
nc.Accounts = map[string]config.Account{} nc.Accounts = map[string]config.Account{}
for name, a := range Conf.Dynamic.Accounts { for name, a := range Conf.Dynamic.Accounts {
nc.Accounts[name] = a nc.Accounts[name] = a
} }
nc.Accounts[ad.Account] = na nc.Accounts[ad.Account] = na
nc.Domains = domains
if err := writeDynamic(ctx, log, nc); err != nil { if err := writeDynamic(ctx, log, nc); err != nil {
return fmt.Errorf("writing domains.conf: %w", err) return fmt.Errorf("writing domains.conf: %w", err)

View file

@ -2253,7 +2253,9 @@ const account = async (name) => {
} }
return dom.tr(dom.td(v), dom.td(dom.clickbutton('Remove', async function click(e) { return dom.tr(dom.td(v), dom.td(dom.clickbutton('Remove', async function click(e) {
e.preventDefault(); e.preventDefault();
if (!window.confirm('Are you sure you want to remove this address?')) { const aliases = (config.Aliases || []).filter(aa => aa.SubscriptionAddress === k).map(aa => aa.Alias.LocalpartStr + "@" + domainName(aa.Alias.Domain));
const aliasmsg = aliases.length > 0 ? ' Address will be removed from alias(es): ' + aliases.join(', ') : '';
if (!window.confirm('Are you sure you want to remove this address?' + aliasmsg)) {
return; return;
} }
await check(e.target, client.AddressRemove(k)); await check(e.target, client.AddressRemove(k));
@ -2441,7 +2443,7 @@ const domain = async (d) => {
}; };
dom._kids(page, crumbs(crumblink('Mox Admin', '#'), 'Domain ' + domainString(dnsdomain)), dom.ul(dom.li(dom.a('Required DNS records', attr.href('#domains/' + d + '/dnsrecords'))), dom.li(dom.a('Check current actual DNS records and domain configuration', attr.href('#domains/' + d + '/dnscheck')))), dom.br(), dom.h2('Client configuration'), dom.p('If autoconfig/autodiscover does not work with an email client, use the settings below for this domain. Authenticate with email address and password. ', dom.span('Explicitly configure', attr.title('To prevent authentication mechanism downgrade attempts that may result in clients sending plain text passwords to a MitM.')), ' the first supported authentication mechanism: SCRAM-SHA-256-PLUS, SCRAM-SHA-1-PLUS, SCRAM-SHA-256, SCRAM-SHA-1, CRAM-MD5.'), dom.table(dom.thead(dom.tr(dom.th('Protocol'), dom.th('Host'), dom.th('Port'), dom.th('Listener'), dom.th('Note'))), dom.tbody((clientConfigs.Entries || []).map(e => dom.tr(dom.td(e.Protocol), dom.td(domainString(e.Host)), dom.td('' + e.Port), dom.td('' + e.Listener), dom.td('' + e.Note))))), dom.br(), dom.h2('DMARC aggregate reports summary'), renderDMARCSummaries(dmarcSummaries || []), dom.br(), dom.h2('TLS reports summary'), renderTLSRPTSummaries(tlsrptSummaries || []), dom.br(), dom.h2('Addresses'), dom.table(dom.thead(dom.tr(dom.th('Address'), dom.th('Account'), dom.th('Action'))), dom.tbody(Object.entries(localpartAccounts).map(t => dom.tr(dom.td(prewrap(t[0]) || '(catchall)'), dom.td(dom.a(t[1], attr.href('#accounts/' + t[1]))), dom.td(dom.clickbutton('Remove', async function click(e) { dom._kids(page, crumbs(crumblink('Mox Admin', '#'), 'Domain ' + domainString(dnsdomain)), dom.ul(dom.li(dom.a('Required DNS records', attr.href('#domains/' + d + '/dnsrecords'))), dom.li(dom.a('Check current actual DNS records and domain configuration', attr.href('#domains/' + d + '/dnscheck')))), dom.br(), dom.h2('Client configuration'), dom.p('If autoconfig/autodiscover does not work with an email client, use the settings below for this domain. Authenticate with email address and password. ', dom.span('Explicitly configure', attr.title('To prevent authentication mechanism downgrade attempts that may result in clients sending plain text passwords to a MitM.')), ' the first supported authentication mechanism: SCRAM-SHA-256-PLUS, SCRAM-SHA-1-PLUS, SCRAM-SHA-256, SCRAM-SHA-1, CRAM-MD5.'), dom.table(dom.thead(dom.tr(dom.th('Protocol'), dom.th('Host'), dom.th('Port'), dom.th('Listener'), dom.th('Note'))), dom.tbody((clientConfigs.Entries || []).map(e => dom.tr(dom.td(e.Protocol), dom.td(domainString(e.Host)), dom.td('' + e.Port), dom.td('' + e.Listener), dom.td('' + e.Note))))), dom.br(), dom.h2('DMARC aggregate reports summary'), renderDMARCSummaries(dmarcSummaries || []), dom.br(), dom.h2('TLS reports summary'), renderTLSRPTSummaries(tlsrptSummaries || []), dom.br(), dom.h2('Addresses'), dom.table(dom.thead(dom.tr(dom.th('Address'), dom.th('Account'), dom.th('Action'))), dom.tbody(Object.entries(localpartAccounts).map(t => dom.tr(dom.td(prewrap(t[0]) || '(catchall)'), dom.td(dom.a(t[1], attr.href('#accounts/' + t[1]))), dom.td(dom.clickbutton('Remove', async function click(e) {
e.preventDefault(); e.preventDefault();
if (!window.confirm('Are you sure you want to remove this address?')) { if (!window.confirm('Are you sure you want to remove this address? If it is a member of an alias, it will be removed from the alias.')) {
return; return;
} }
await check(e.target, client.AddressRemove(t[0] + '@' + d)); await check(e.target, client.AddressRemove(t[0] + '@' + d));

View file

@ -837,7 +837,9 @@ const account = async (name: string) => {
dom.td( dom.td(
dom.clickbutton('Remove', async function click(e: MouseEvent) { dom.clickbutton('Remove', async function click(e: MouseEvent) {
e.preventDefault() e.preventDefault()
if (!window.confirm('Are you sure you want to remove this address?')) { const aliases = (config.Aliases || []).filter(aa => aa.SubscriptionAddress === k).map(aa => aa.Alias.LocalpartStr+"@"+domainName(aa.Alias.Domain))
const aliasmsg = aliases.length > 0 ? ' Address will be removed from alias(es): '+aliases.join(', ') : ''
if (!window.confirm('Are you sure you want to remove this address?'+aliasmsg)) {
return return
} }
await check(e.target! as HTMLButtonElement, client.AddressRemove(k)) await check(e.target! as HTMLButtonElement, client.AddressRemove(k))
@ -1273,7 +1275,7 @@ const domain = async (d: string) => {
dom.td( dom.td(
dom.clickbutton('Remove', async function click(e: MouseEvent) { dom.clickbutton('Remove', async function click(e: MouseEvent) {
e.preventDefault() e.preventDefault()
if (!window.confirm('Are you sure you want to remove this address?')) { if (!window.confirm('Are you sure you want to remove this address? If it is a member of an alias, it will be removed from the alias.')) {
return return
} }
await check(e.target! as HTMLButtonElement, client.AddressRemove(t[0] + '@' + d)) await check(e.target! as HTMLButtonElement, client.AddressRemove(t[0] + '@' + d))