ispmail-on-rails 0.2.2

data/app/assets/stylesheets/application.css

@@ -0,0 +1,21 @@
+/*
+ * This is a manifest file that'll be compiled into application.css, which will include all the files
+ * listed below.
+ *
+ * Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
+ * or any plugin's vendor/assets/stylesheets directory can be referenced here using a relative path.
+ *
+ * You're free to add application-wide styles to this file and they'll appear at the bottom of the
+ * compiled file so the styles you add here take precedence over styles defined in any styles
+ * defined in the other CSS/SCSS files in this directory. It is generally better to create a new
+ * file per style scope.
+ *
+ *= require_tree .
+ *= require_self
+ *= require foundation_and_overrides
+ *= require clearance
+
+ */
+.domain-heading .columns p {
+  margin-top: 1.35em;
+}

data/app/assets/stylesheets/clearance.scss

@@ -0,0 +1,6 @@
+@import "foundation";
+
+#clearance {
+  @include grid-column(3);
+  @include grid-column-position(center);
+}

data/app/assets/stylesheets/foundation_and_overrides.scss

@@ -0,0 +1,51 @@
+@charset 'utf-8';
+
+@import 'settings';
+@import 'foundation';
+
+// If you'd like to include motion-ui the foundation-rails gem comes prepackaged with it, uncomment the 3 @imports, if you are not using the gem you need to install the motion-ui sass package.
+//
+// @import 'motion-ui/motion-ui';
+
+// We include everything by default.  To slim your CSS, remove components you don't use.
+
+@include foundation-global-styles;
+@include foundation-grid;
+@include foundation-typography;
+@include foundation-button;
+@include foundation-forms;
+@include foundation-visibility-classes;
+@include foundation-float-classes;
+@include foundation-accordion;
+@include foundation-accordion-menu;
+@include foundation-badge;
+@include foundation-breadcrumbs;
+@include foundation-button-group;
+@include foundation-callout;
+@include foundation-close-button;
+@include foundation-drilldown-menu;
+@include foundation-dropdown;
+@include foundation-dropdown-menu;
+@include foundation-flex-video;
+@include foundation-label;
+@include foundation-media-object;
+@include foundation-menu;
+@include foundation-off-canvas;
+@include foundation-orbit;
+@include foundation-pagination;
+@include foundation-progress-bar;
+@include foundation-slider;
+@include foundation-sticky;
+@include foundation-reveal;
+@include foundation-switch;
+@include foundation-table;
+@include foundation-tabs;
+@include foundation-thumbnail;
+@include foundation-title-bar;
+@include foundation-tooltip;
+@include foundation-top-bar;
+
+// If you'd like to include motion-ui the foundation-rails gem comes prepackaged with it, uncomment the 3 @imports, if you are not using the gem you need to install the motion-ui sass package.
+//
+// @include motion-ui-transitions;
+// @include motion-ui-animations;

data/app/assets/stylesheets/virtual_aliases.scss

@@ -0,0 +1,3 @@
+// Place all the styles related to the VirtualAliases controller here.
+// They will automatically be included in application.css.
+// You can use Sass (SCSS) here: http://sass-lang.com/

data/app/assets/stylesheets/virtual_domains.scss

@@ -0,0 +1,3 @@
+// Place all the styles related to the VirtualDomains controller here.
+// They will automatically be included in application.css.
+// You can use Sass (SCSS) here: http://sass-lang.com/

data/app/assets/stylesheets/virtual_users.scss

@@ -0,0 +1,3 @@
+// Place all the styles related to the VirtualUsers controller here.
+// They will automatically be included in application.css.
+// You can use Sass (SCSS) here: http://sass-lang.com/

data/app/controllers/api/base_controller.rb

@@ -0,0 +1,90 @@
+# See https://blog.codelation.com/rails-restful-api-just-add-water/
+module Api
+  class BaseController < ApplicationController
+    protect_from_forgery with: :null_session
+    before_action :set_resource, only: [:destroy, :show, :update]
+
+    # POST /api/{plural_resource_name}
+    def create
+      set_resource(resource_class.new(resource_params))
+
+      if get_resource.save
+        render :show, status: :created
+      else
+        render json: get_resource.errors.full_messages, status: :unprocessable_entity
+      end
+    end
+
+    # DELETE /api/{plural_resource_name}/1
+    def destroy
+      get_resource.destroy
+      head :no_content
+    end
+
+    # GET /api/{plural_resource_name}
+    def index
+      plural_resource_name = "@#{resource_name.pluralize}"
+      resources = resource_class.where(query_params)
+
+      instance_variable_set(plural_resource_name, resources)
+      instance_variable_get(plural_resource_name)
+    end
+
+    # GET /api/{plural_resource_name}/1
+    def show
+      get_resource
+    end
+
+    # PATCH/PUT /api/{plural_resource_name}/1
+    def update
+      if get_resource.update(resource_params)
+        render :show
+      else
+        render json: get_resource.errors.full_messages, status: :unprocessable_entity
+      end
+    end
+
+    private
+
+    # Returns the resource from the created instance variable
+    # @return [Object]
+    def get_resource
+      instance_variable_get("@#{resource_name}")
+    end
+
+    # Returns the allowed parameters for searching
+    # Override this method in each API controller
+    # to permit additional parameters to search on
+    # @return [Hash]
+    def query_params
+      {}
+    end
+
+    # The resource class based on the controller
+    # @return [Class]
+    def resource_class
+      @resource_class ||= resource_name.classify.constantize
+    end
+
+    # The singular name for the resource class based on the controller
+    # @return [String]
+    def resource_name
+      @resource_name ||= self.controller_name.singularize
+    end
+
+    # Only allow a trusted parameter "white list" through.
+    # If a single resource is loaded for #create or #update,
+    # then the controller for the resource must implement
+    # the method "#{resource_name}_params" to limit permitted
+    # parameters for the individual model.
+    def resource_params
+      @resource_params ||= self.send("#{resource_name}_params")
+    end
+
+    # Use callbacks to share common setup or constraints between actions.
+    def set_resource(resource = nil)
+      resource ||= resource_class.find(params[:id])
+      instance_variable_set("@#{resource_name}", resource)
+    end
+  end
+end

data/app/controllers/api/virtual_aliases_controller.rb

@@ -0,0 +1,12 @@
+module Api
+  class VirtualAliasesController < Api::BaseController
+
+    private
+
+    def virtual_alias_params
+      params.require(:virtual_alias).permit(:source, :destination, :domain_id)
+    end
+
+  end
+end
+

data/app/controllers/api/virtual_domains_controller.rb

@@ -0,0 +1,15 @@
+module Api
+  class VirtualDomainsController < Api::BaseController
+
+    private
+
+      def virtual_domain_params
+        params.require(:virtual_domain).permit(:name)
+      end
+
+      def query_params
+        params.permit(:name)
+      end
+
+  end
+end

data/app/controllers/api/virtual_users_controller.rb

@@ -0,0 +1,15 @@
+module Api
+  class VirtualUsersController < Api::BaseController
+
+    private
+
+    def virtual_user_params
+      params.require(:virtual_user).permit(:email, :domain_id, :new_password)
+    end
+
+    def query_params
+      params.permit(:email)
+    end
+
+  end
+end

data/app/controllers/application_controller.rb

@@ -0,0 +1,9 @@
+class ApplicationController < ActionController::Base
+  include Clearance::Controller
+
+  before_action :require_login
+
+  # Prevent CSRF attacks by raising an exception.
+  # For APIs, you may want to use :null_session instead.
+  protect_from_forgery with: :exception
+end

data/app/controllers/virtual_aliases_controller.rb

@@ -0,0 +1,6 @@
+class VirtualAliasesController < ApplicationController
+  def index
+    @domain = VirtualDomain.find_by_name(params.require(:id))
+    @virtual_alias = VirtualAlias.new(virtual_domain: @domain)
+  end
+end

data/app/controllers/virtual_domains_controller.rb

@@ -0,0 +1,6 @@
+class VirtualDomainsController < ApplicationController
+  def index
+    @domains = VirtualDomain.includes(:virtual_users, :virtual_aliases).all
+    @domain = VirtualDomain.new
+  end
+end

data/app/controllers/virtual_users_controller.rb

@@ -0,0 +1,6 @@
+class VirtualUsersController < ApplicationController
+  def index
+    @domain = VirtualDomain.find_by_name(params.require(:id))
+    @virtual_user = VirtualUser.new(virtual_domain: @domain)
+  end
+end

data/app/helpers/application_helper.rb

@@ -0,0 +1,33 @@
+module ApplicationHelper
+  def form_error_callout(form_id)
+    form_callout = <<-ajax_error
+      $('form##{form_id}').bind('ajax:error', function(evt, data, status, xhr){
+        $("#messages").html(
+          '#{flash_messages('data.responseJSON.join("<br/>")', true, true)}'
+        );
+        $('#messages').foundation('open');
+      })
+    ajax_error
+    form_callout.html_safe
+  end
+
+  # Render HTML flash messages callout
+  def flash_messages(text, warning=false, javascript=false)
+    html = <<-messages
+      <div id="flash" class="callout #{warning ? 'warning' : 'secondary' }" data-closable>
+        REPLACEME
+        <button class="close-button" aria-label="Dismiss alert" type="button" data-close>
+          <span aria-hidden="true">&times;</span>
+        </button>
+      </div>
+    messages
+    if javascript
+      js = html.split("\n").map(&:strip).join("'+'")
+      return js.sub(/'REPLACEME'/, text)
+    else
+      html.sub!(/REPLACEME/, text)
+      return html.html_safe
+    end
+    html.html_safe
+  end
+end

data/app/helpers/virtual_aliases_helper.rb

@@ -0,0 +1,2 @@
+module VirtualAliasesHelper
+end

data/app/helpers/virtual_domains_helper.rb

@@ -0,0 +1,2 @@
+module VirtualDomainsHelper
+end

data/app/helpers/virtual_users_helper.rb

@@ -0,0 +1,2 @@
+module VirtualUsersHelper
+end

data/app/models/user.rb

@@ -0,0 +1,3 @@
+class User < ActiveRecord::Base
+  include Clearance::User
+end

data/app/models/virtual_alias.rb

@@ -0,0 +1,16 @@
+class VirtualAlias < ActiveRecord::Base
+  validates :source, presence: true, domain_name: true, email: true
+  validates :destination, presence: true, email: true
+  validates :domain_id, presence: true
+
+  belongs_to :virtual_domain, foreign_key: :domain_id
+
+  before_validation :complete_emails
+
+  private
+  def complete_emails
+    self.source += "@#{virtual_domain.name}" unless source =~ /@/
+    self.destination += "@#{virtual_domain.name}" unless destination =~ /@/
+  end
+
+end

data/app/models/virtual_domain.rb

@@ -0,0 +1,22 @@
+# Email domains
+class VirtualDomain < ActiveRecord::Base
+  validates :name, presence: true, uniqueness: true, domain_name: true
+
+  has_many :virtual_users, foreign_key: :domain_id
+  has_many :virtual_aliases, foreign_key: :domain_id
+
+  attr_reader :mx_records
+
+  # What are the DNS MX records for this VirtualDomain
+  def mx_records
+    @mx_records ||= Resolv::DNS.open do |dns|
+      records = dns.getresources(name, Resolv::DNS::Resource::IN::MX)
+      records.map(&:exchange).join(" ")
+    end
+  end
+
+  # Does this VirtualDomain's MX record resolve to the local machine?
+  def does_resolve_to_host?
+    mx_records.include? Socket.gethostname
+  end
+end

data/app/models/virtual_user.rb

@@ -0,0 +1,35 @@
+# These are the actual email addresses with passwords
+class VirtualUser < ActiveRecord::Base
+  validates_presence_of :domain_id
+  validates :email, uniqueness: true, presence: true, domain_name: true, email: true
+  validates :new_password, password: true
+
+  belongs_to :virtual_domain, foreign_key: :domain_id
+
+  attr_accessor :new_password
+
+  before_validation :complete_email
+  before_save :encrypt_new_password
+
+  # Capture any misplaced password changes
+  def password=(value)
+    self.new_password = value
+  end
+
+  def password_changing?
+    !new_password.blank?
+  end
+
+  private
+  def complete_email
+    unless email =~ /@/
+      self.email += "@#{virtual_domain.name}"
+    end
+  end
+
+  def encrypt_new_password
+    if password_changing?
+      self["password"] = UnixCrypt::SHA256.build(new_password)
+    end
+  end
+end

data/app/validators/domain_name_validator.rb

@@ -0,0 +1,21 @@
+# Validates the attribute's value includes the virtual_domain.name after an at symbol
+class DomainNameValidator < ActiveModel::EachValidator
+  def validate_each(record, attribute, value)
+    if record.class == VirtualDomain
+      domain_check = Regexp.new "^[a-zA-Z0-9][a-zA-Z0-9-_]{0,61}[a-zA-Z0-9]{0,1}\.([a-zA-Z]{1,6}|[a-zA-Z0-9-]{1,30}\.[a-zA-Z]{2,})$"
+      tld = value.split(".").last
+      unless IANA::TLD.valid?(tld)
+        record.errors[attribute] << (options[:message] || ".#{tld} is not accepted by IANA as a Top Level Domain")
+      end
+      unless record.name =~ domain_check
+        record.errors[attribute] << (options[:message] || "is not a valid domain name")
+      end
+    else
+      domain = record.virtual_domain.name
+      domain_check = Regexp.new "@"+domain+"$"
+      unless value =~ domain_check
+        record.errors[attribute] << (options[:message] || "is not under #{domain}")
+      end
+    end
+  end
+end

data/app/validators/password_validator.rb

@@ -0,0 +1,10 @@
+# Validates the attribute's value is an acceptable password
+class PasswordValidator < ActiveModel::EachValidator
+  def validate_each(record, attribute, value)
+    if record.password_changing? && value.to_s.size <= 10
+      record.errors[attribute] << (options[:message] || "must be minimum 10 characters long")
+    elsif record.password.blank? && !record.password_changing?
+      record.errors[attribute] << (options[:message] || "must be set")
+    end
+  end
+end

data/app/views/api/virtual_aliases/index.json.jbuilder

@@ -0,0 +1,6 @@
+json.virtual_aliases @virtual_aliases do |virtual_alias|
+  json.id             virtual_alias.id
+  json.domain_id      virtual_alias.domain_id
+  json.source         virtual_alias.source
+  json.destination    virtual_alias.destination
+end