ticketfrei3/kibicara/platforms/email/webapi.py

235 lines
7.9 KiB
Python
Raw Normal View History

2020-07-05 21:35:56 +00:00
# Copyright (C) 2020 by Maike <maike@systemli.org>
2020-07-15 21:50:24 +00:00
# Copyright (C) 2020 by Cathy Hu <cathy.hu@fau.de>
# Copyright (C) 2020 by Thomas Lindner <tom@dl6tom.de>
2020-07-05 21:35:56 +00:00
#
# SPDX-License-Identifier: 0BSD
2020-07-15 21:50:24 +00:00
from fastapi import APIRouter, Depends, HTTPException, Response, status
2020-07-16 12:29:57 +00:00
from kibicara import email
2020-07-05 21:35:56 +00:00
from kibicara.platforms.email.bot import spawner
from kibicara.platforms.email.model import Email, EmailSubscribers
2020-07-05 21:35:56 +00:00
from kibicara.platformapi import Message
2020-07-06 15:00:24 +00:00
from kibicara.config import config
2020-07-15 21:50:24 +00:00
from kibicara.webapi.admin import from_token, to_token
from kibicara.webapi.hoods import get_hood, get_hood_unauthorized
2020-07-15 21:50:24 +00:00
from logging import getLogger
from ormantic.exceptions import NoMatch
2020-07-06 15:57:24 +00:00
from os import urandom
from pydantic import BaseModel, validator
2020-07-07 13:28:51 +00:00
from smtplib import SMTPException
2020-07-15 21:50:24 +00:00
from sqlite3 import IntegrityError
logger = getLogger(__name__)
2020-07-05 21:35:56 +00:00
2020-07-15 21:50:24 +00:00
class BodyEmail(BaseModel):
name: str
@validator('name')
def valid_prefix(cls, value):
if not value.startswith('kibicara-'):
raise ValueError('Recipient address didn\'t start with kibicara-')
return value
2020-07-15 21:50:24 +00:00
2020-07-05 21:35:56 +00:00
class BodyMessage(BaseModel):
""" This model shows which values are supplied by the MDA listener script. """
2020-07-06 19:26:32 +00:00
2020-07-05 21:35:56 +00:00
text: str
secret: str
2020-07-15 21:50:24 +00:00
class BodySubscriber(BaseModel):
""" This model holds the email address of a fresh subscriber. """
2020-07-06 19:26:32 +00:00
email: str
2020-07-15 21:50:24 +00:00
async def get_email(email_id: int, hood=Depends(get_hood)):
2020-07-11 03:12:29 +00:00
""" Get Email row by hood.
You can specify an email_id to nail it down, but it works without as well.
:param hood: Hood the Email bot belongs to.
:return: Email row of the found email bot.
"""
try:
2020-07-15 21:50:24 +00:00
return await Email.objects.get(id=email_id, hood=hood)
except NoMatch:
return HTTPException(status_code=status.HTTP_404_NOT_FOUND)
async def get_subscriber(subscriber_id: int, hood=Depends(get_hood)):
try:
return await EmailSubscribers.objects.get(id=subscriber_id, hood=hood)
except NoMatch:
2020-07-07 13:28:51 +00:00
return HTTPException(status_code=status.HTTP_404_NOT_FOUND)
2020-07-11 03:12:29 +00:00
# registers the routes, gets imported in /kibicara/webapi/__init__.py
2020-07-06 19:53:48 +00:00
router = APIRouter()
2020-07-05 21:35:56 +00:00
2020-07-15 21:50:24 +00:00
@router.get('/')
async def email_read_all(hood=Depends(get_hood)):
return await Email.objects.filter(hood=hood).all()
2020-07-06 19:53:48 +00:00
@router.post('/', status_code=status.HTTP_201_CREATED)
2020-07-15 21:50:24 +00:00
async def email_create(values: BodyEmail, response: Response, hood=Depends(get_hood)):
""" Create an Email bot. Call this when creating a hood.
2020-07-11 03:12:29 +00:00
:param hood: Hood row of the hood the Email bot is supposed to belong to.
:return: Email row of the new email bot.
"""
2020-07-05 21:35:56 +00:00
try:
2020-07-15 21:50:24 +00:00
email = await Email.objects.create(
hood=hood, secret=urandom(32).hex(), **values.__dict__
)
response.headers['Location'] = '%d' % hood.id
return email
2020-07-05 21:35:56 +00:00
except IntegrityError:
raise HTTPException(status_code=status.HTTP_409_CONFLICT)
2020-07-06 15:57:24 +00:00
@router.get('/status', status_code=status.HTTP_200_OK)
async def email_status(hood=Depends(get_hood)):
return {'status': spawner.get(hood).status.name}
@router.post('/start', status_code=status.HTTP_200_OK)
async def email_start(hood=Depends(get_hood)):
await hood.update(email_enabled=True)
spawner.get(hood).start()
return {}
@router.post('/stop', status_code=status.HTTP_200_OK)
async def email_stop(hood=Depends(get_hood)):
await hood.update(email_enabled=False)
spawner.get(hood).stop()
return {}
2020-07-15 21:50:24 +00:00
@router.get('/{email_id}')
async def email_read(email=Depends(get_email)):
return email
@router.delete('/{email_id}', status_code=status.HTTP_204_NO_CONTENT)
async def email_delete(email=Depends(get_email)):
""" Delete an Email bot.
Stops and deletes the Email bot.
:param hood: Hood the Email bot belongs to.
"""
2020-07-15 21:50:24 +00:00
await email.delete()
2020-07-05 21:35:56 +00:00
2020-07-12 15:02:59 +00:00
@router.post('/subscribe/', status_code=status.HTTP_202_ACCEPTED)
2020-07-15 21:50:24 +00:00
async def email_subscribe(
subscriber: BodySubscriber, hood=Depends(get_hood_unauthorized)
):
""" Send a confirmation mail to subscribe to messages via email.
:param subscriber: Subscriber object, holds the email address.
:param hood: Hood the Email bot belongs to.
:return: Returns status code 200 after sending confirmation email.
"""
2020-07-15 21:50:24 +00:00
token = to_token(hood=hood.id, email=subscriber.email)
2020-07-16 12:29:57 +00:00
confirm_link = '%s/api/hoods/%d/email/subscribe/confirm/%s' % (
2020-07-15 21:50:24 +00:00
config['root_url'],
hood.id,
token,
2020-07-06 17:14:12 +00:00
)
2020-07-07 13:28:51 +00:00
try:
2020-07-16 12:29:57 +00:00
email.send_email(
2020-07-07 13:28:51 +00:00
subscriber.email,
"Subscribe to Kibicara " + hood.name,
sender=hood.name,
2020-07-15 21:50:24 +00:00
body='To confirm your subscription, follow this link: ' + confirm_link,
2020-07-07 13:28:51 +00:00
)
2020-07-15 21:50:24 +00:00
return {}
except ConnectionRefusedError:
logger.info(token)
logger.error("Sending subscription confirmation email failed.", exc_info=True)
raise HTTPException(status_code=status.HTTP_502_BAD_GATEWAY)
except SMTPException:
logger.info(token)
2020-07-07 13:28:51 +00:00
logger.error("Sending subscription confirmation email failed.", exc_info=True)
raise HTTPException(status_code=status.HTTP_502_BAD_GATEWAY)
@router.post('/subscribe/confirm/{token}', status_code=status.HTTP_201_CREATED)
async def email_subscribe_confirm(token, hood=Depends(get_hood_unauthorized)):
""" Confirm a new subscriber and add them to the database.
:param token: encrypted JSON token, holds the email of the subscriber.
:param hood: Hood the Email bot belongs to.
:return: Returns status code 200 after adding the subscriber to the database.
"""
payload = from_token(token)
2020-07-15 21:50:24 +00:00
# If token.hood and url.hood are different, raise an error:
if hood.id is not payload['hood']:
raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST)
try:
await EmailSubscribers.objects.create(hood=hood.id, email=payload['email'])
2020-07-15 21:50:24 +00:00
return {}
except IntegrityError:
raise HTTPException(status_code=status.HTTP_409_CONFLICT)
@router.delete('/unsubscribe/{token}', status_code=status.HTTP_204_NO_CONTENT)
async def email_unsubscribe(token, hood=Depends(get_hood_unauthorized)):
""" Remove a subscriber from the database when they click on an unsubscribe link.
:param token: encrypted JSON token, holds subscriber email + hood.id.
:param hood: Hood the Email bot belongs to.
"""
logger.warning("token is: " + token)
payload = from_token(token)
# If token.hood and url.hood are different, raise an error:
if hood.id is not payload['hood']:
2020-07-06 17:14:12 +00:00
raise HTTPException(status_code=status.HTTP_400_BAD_REQUEST)
2020-07-16 12:29:57 +00:00
subscriber = await EmailSubscribers.objects.filter(
hood=payload['hood'], email=payload['email']
).get()
await subscriber.delete()
2020-07-15 21:50:24 +00:00
@router.get('/subscribers/')
async def subscribers_read_all(hood=Depends(get_hood)):
return await EmailSubscribers.objects.filter(hood=hood).all()
@router.get('/subscribers/{subscriber_id}')
async def subscribers_read(subscriber=Depends(get_subscriber)):
return subscriber
2020-07-05 21:35:56 +00:00
@router.post('/messages/', status_code=status.HTTP_201_CREATED)
async def email_message_create(
message: BodyMessage, hood=Depends(get_hood_unauthorized)
):
""" Receive a message from the MDA and pass it to the censor.
:param message: BodyMessage object, holds the message.
2020-07-06 19:53:48 +00:00
:param hood: Hood the Email bot belongs to.
:return: returns status code 201 if the message is accepted by the censor.
"""
for receiver in await Email.objects.filter(hood=hood).all():
if message.secret == receiver.secret:
2020-07-15 21:50:24 +00:00
# pass message.text to bot.py
if await spawner.get(hood).publish(Message(message.text)):
logger.warning("Message was accepted: " + message.text)
return {}
else:
logger.warning("Message was't accepted: " + message.text)
raise HTTPException(
status_code=status.HTTP_451_UNAVAILABLE_FOR_LEGAL_REASONS
)
logger.warning(
"Someone is trying to submit an email without the correct API secret"
)
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED)