protected function afterLoad(&$response, &$model, &$params)
{
// create message model from client's content field, turned into HTML format
$message = \GO\Email\Model\SavedMessage::model()->createFromMimeData($model->content);
$html = empty($params['content_type']) || $params['content_type'] == 'html';
$response['data'] = array_merge($response['data'], $message->toOutputArray($html));
unset($response['data']['content']);
return parent::afterLoad($response, $model, $params);
}
public function actionMessageAttachment($params)
{
$account = Account::model()->findByPk($params['account_id']);
$tmpFile = \GO\Base\Fs\File::tempFile('message.eml');
$imap = $account->openImapConnection($params['mailbox']);
/* @var $imap \GO\Base\Mail\Imap */
$imap->save_to_file($params['uid'], $tmpFile->path(), $params['number'], $params['encoding']);
$message = \GO\Email\Model\SavedMessage::model()->createFromMimeData($tmpFile->getContents());
$response = $message->toOutputArray();
$response = $this->_checkXSS($params, $response);
$response['path'] = $tmpFile->stripTempPath();
$response['is_tmp_file'] = true;
$response['success'] = true;
return $response;
}
/**
* This action will generate multiple Email Download link and return a JSON
* response with the generated links in the email subject
* @param array $params
* - string ids: json encode file ids to mail
* - timestamp expire_time: chosen email link expire time
* - int template_id: id of used template
* - int alias_id: id of alias to mail from
* - string content_type : html | plain
* @return string Json response
*/
protected function actionEmailDownloadLink($params)
{
$files = \GO\Files\Model\File::model()->findByAttribute('id', json_decode($params['ids']));
$html = $params['content_type'] == 'html';
$bodyindex = $html ? 'htmlbody' : 'plainbody';
$lb = $html ? '<br />' : "\n";
$text = $html ? \GO::t('clickHereToDownload', "files") : \GO::t('copyPasteToDownload', "files");
$linktext = $html ? "<ul>" : $lb;
foreach ($files as $file) {
$url = $file->getEmailDownloadURL($html, \GO\Base\Util\Date::date_add($params['expire_time'], 1), $params['delete_when_expired']);
$linktext .= $html ? '<li><a href="' . $url . '">' . $file->name . '</a></li>' . $lb : $url . $lb;
}
$linktext .= $html ? "</ul>" : "\n";
$text .= ' (' . \GO::t('possibleUntil', 'files') . ' ' . \GO\Base\Util\Date::get_timestamp(\GO\Base\Util\Date::date_add($file->expire_time, -1), false) . ')' . $lb;
$text .= $linktext;
if ($params['template_id'] && ($template = \GO\Addressbook\Model\Template::model()->findByPk($params['template_id']))) {
$message = \GO\Email\Model\SavedMessage::model()->createFromMimeData($template->content);
$response['data'] = $message->toOutputArray($html, true);
if (strpos($response['data'][$bodyindex], '{body}')) {
$response['data'][$bodyindex] = \GO\Addressbook\Model\Template::model()->replaceUserTags($response['data'][$bodyindex], true);
\GO\Addressbook\Model\Template::model()->htmlSpecialChars = false;
$response['data'][$bodyindex] = \GO\Addressbook\Model\Template::model()->replaceCustomTags($response['data'][$bodyindex], array('body' => $text));
} else {
$response['data'][$bodyindex] = \GO\Addressbook\Model\Template::model()->replaceUserTags($response['data'][$bodyindex], false);
$response['data'][$bodyindex] = $text . $response['data'][$bodyindex];
}
} else {
$response['data'][$bodyindex] = $text;
}
$response['data']['subject'] = \GO::t('downloadLink', 'files');
//.' '.$file->name;
$response['success'] = true;
return $response;
}
public static function toOutputArray(array &$response, \GO\Email\Model\ImapMessage $imapMessage)
{
if ($imapMessage->content_type == 'application/x-pkcs7-mime') {
$imapMessage->content_type = 'application/pkcs7-mime';
}
if ($imapMessage->content_type == 'application/pkcs7-mime' && isset($imapMessage->content_type_attributes['smime-type']) && $imapMessage->content_type_attributes['smime-type'] == 'signed-data') {
//signed data but not in clear text. Outlook has this option.
$outfile = \GO\Base\Fs\File::tempFile();
$imapMessage->getImapConnection()->save_to_file($imapMessage->uid, $outfile->path());
$verifyOutfile = \GO\Base\Fs\File::tempFile();
// $cmd = '/usr/bin/openssl smime -verify -in ' . $outfile->path() . ' -out ' . $verifyOutfile->path();
// exec($cmd);
//
//PHP can't output the verified data without the signature without
//suppling the extracerts option. We generated a dummy certificate for
//this.
openssl_pkcs7_verify($outfile->path(), null, "/dev/null", array(), GO::config()->root_path . "modules/smime/dummycert.pem", $verifyOutfile->path());
$message = \GO\Email\Model\SavedMessage::model()->createFromMimeData($verifyOutfile->getContents());
//remove temp files
$outfile->delete();
$verifyOutfile->delete();
$newResponse = $message->toOutputArray(true);
unset($newResponse['to']);
unset($newResponse['cc']);
foreach ($newResponse as $key => $value) {
if (!empty($value) || $key == 'attachments') {
$response[$key] = $value;
}
}
// $response['path'] = $outfile->stripTempPath();
return;
}
if ($imapMessage->content_type == 'application/pkcs7-mime') {
$encrypted = !isset($imapMessage->content_type_attributes['smime-type']) || $imapMessage->content_type_attributes['smime-type'] != 'signed-data';
if ($encrypted) {
GO::debug("Message is encrypted");
$cert = Model\Certificate::model()->findByPk($imapMessage->account->id);
if (!$cert || empty($cert->cert)) {
GO::debug('SMIME: No private key at all found for this account');
$response['htmlbody'] = GO::t('noPrivateKeyForDecrypt', 'smime');
return false;
}
if (isset($_REQUEST['password'])) {
GO::session()->values['smime']['passwords'][$imapMessage->account->id] = $_REQUEST['password'];
}
if (!isset(GO::session()->values['smime']['passwords'][$imapMessage->account->id])) {
$response['askPassword'] = true;
GO::debug("Need to ask for password");
return false;
}
}
$attachments = $imapMessage->getAttachments();
$att = array_shift($attachments);
// array (
// 'type' => 'application',
// 'subtype' => 'pkcs7-mime',
// 'smime-type' => 'enveloped-data',
// 'name' => 'smime.p7m',
// 'id' => false,
// 'encoding' => 'base64',
// 'size' => '2302',
// 'md5' => false,
// 'disposition' => false,
// 'language' => false,
// 'location' => false,
// 'charset' => false,
// 'lines' => false,
// 'number' => 1,
// 'extension' => 'p7m',
// 'human_size' => '2,2 KB',
// 'tmp_file' => false,
// )
$infile = \GO\Base\Fs\File::tempFile();
$outfile = \GO\Base\Fs\File::tempFile();
//$outfilerel = $reldir . 'unencrypted.txt';
if ($encrypted) {
GO::debug('Message is encrypted');
// $imapMessage->getImapConnection()->save_to_file($imapMessage->uid, $infile->path(), 'TEXT', 'base64');
// throw new \Exception($infile->path());
if (!$imapMessage->saveToFile($infile->path())) {
throw new \Exception("Could not save IMAP message to file for decryption");
}
$password = GO::session()->values['smime']['passwords'][$imapMessage->account->id];
openssl_pkcs12_read($cert->cert, $certs, $password);
if (empty($certs)) {
//password invalid
$response['askPassword'] = true;
GO::debug("Invalid password");
return false;
}
$return = openssl_pkcs7_decrypt($infile->path(), $outfile->path(), $certs['cert'], array($certs['pkey'], $password));
$infile->delete();
if (!$return || !$outfile->exists() || !$outfile->size()) {
$response['htmlbody'] = GO::t('decryptionFailed', 'smime') . '<br />';
while ($str = openssl_error_string()) {
$response['htmlbody'] .= '<br />' . $str;
}
GO::debug("Decryption failed");
return false;
} else {
//check if also signed
$data = $outfile->getContents();
if (strpos($data, 'signed-data')) {
$verifyOutfile = \GO\Base\Fs\File::tempFile();
openssl_pkcs7_verify($outfile->path(), null, "/dev/null", array(), GO::config()->root_path . "modules/smime/dummycert.pem", $verifyOutfile->path());
$outfile = $verifyOutfile;
}
$message = \GO\Email\Model\SavedMessage::model()->createFromMimeData($outfile->getContents());
$newResponse = $message->toOutputArray(true);
unset($newResponse['to']);
unset($newResponse['to_string']);
unset($newResponse['cc']);
foreach ($newResponse as $key => $value) {
if (!empty($value) || $key == 'attachments') {
$response[$key] = $value;
}
}
$response['smime_encrypted'] = true;
//$response['path']=$outfile->stripTempPath();
$outfile->delete();
}
} else {
GO::debug('Message is NOT encrypted');
}
}
}
