feat: add support for mysubmail (#1095 )

* feat: add support for mysubmail * Update email.go Co-authored-by: Yang Luo <hsluoyz@qq.com>
Add receiver for Email provider
2025-08-23 05:40:33 +08:00 · 2022-09-04 12:09:50 +08:00 · 2022-09-04 11:37:36 +08:00 · 2022-09-04 11:21:20 +08:00 · 2022-09-03 18:52:35 +08:00 · 2022-09-03 16:45:58 +08:00
15 changed files with 105 additions and 48 deletions
--- a/build.sh
+++ b/build.sh
@@ -6,6 +6,6 @@ then
    echo "Successfully connected to Google, no need to use Go proxy"
 else
    echo "Google is blocked, Go proxy is enabled: GOPROXY=https://goproxy.cn,direct"
-    GO_PROXY_SETTING=GOPROXY=https://goproxy.cn,direct
+    GO_PROXY_SETTING=$(GOPROXY=https://goproxy.cn,direct)
 fi
 CGO_ENABLED=0 GOOS=linux GOARCH=amd64 $GO_PROXY_SETTING go build -ldflags="-w -s" -o server .
--- a/object/check.go
+++ b/object/check.go
@@ -302,6 +302,10 @@ func CheckAccessPermission(userId string, application *Application) (bool, error
 		}

 		if isHit {
+			containsAsterisk := ContainsAsterisk(userId, permission.Users)
+			if containsAsterisk {
+				return true, err
+			}
 			enforcer := getEnforcer(permission)
 			allowed, err = enforcer.Enforce(userId, application.Name, "read")
 			break
--- a/object/email.go
+++ b/object/email.go
@@ -16,10 +16,28 @@

 package object

-import "github.com/go-gomail/gomail"
+import (
+	"crypto/tls"
+
+	"github.com/go-gomail/gomail"
+)
+
+func getDialer(provider *Provider) *gomail.Dialer {
+	dialer := &gomail.Dialer{}
+	if provider.Type == "SUBMAIL" {
+		dialer = gomail.NewDialer(provider.Host, provider.Port, provider.AppId, provider.ClientSecret)
+		dialer.TLSConfig = &tls.Config{InsecureSkipVerify: true}
+	} else {
+		dialer = gomail.NewDialer(provider.Host, provider.Port, provider.ClientId, provider.ClientSecret)
+	}
+
+	dialer.SSL = !provider.DisableSsl
+
+	return dialer
+}

 func SendEmail(provider *Provider, title string, content string, dest string, sender string) error {
-	dialer := gomail.NewDialer(provider.Host, provider.Port, provider.ClientId, provider.ClientSecret)
+	dialer := getDialer(provider)

 	message := gomail.NewMessage()
 	message.SetAddressHeader("From", provider.ClientId, sender)
@@ -32,8 +50,7 @@ func SendEmail(provider *Provider, title string, content string, dest string, se

 // DailSmtpServer Dail Smtp server
 func DailSmtpServer(provider *Provider) error {
-	dialer := gomail.NewDialer(provider.Host, provider.Port, provider.ClientId, provider.ClientSecret)
-	dialer.SSL = !provider.DisableSsl
+	dialer := getDialer(provider)

 	sender, err := dialer.Dial()
 	if err != nil {
--- a/object/init.go
+++ b/object/init.go
@@ -25,6 +25,8 @@ import (
 )

 func InitDb() {
+	MigratePermissionRule()
+
 	existed := initBuiltInOrganization()
 	if !existed {
 		initBuiltInModel()
@@ -276,7 +278,7 @@ func initBuiltInPermission() {
 		Name:         "permission-built-in",
 		CreatedTime:  util.GetCurrentTime(),
 		DisplayName:  "Built-in Permission",
-		Users:        []string{"built-in/admin"},
+		Users:        []string{"built-in/*"},
 		Roles:        []string{},
 		Domains:      []string{},
 		Model:        "model-built-in",
--- a/object/oidc_discovery.go
+++ b/object/oidc_discovery.go
@@ -43,6 +43,11 @@ type OidcDiscovery struct {
 }

 func getOriginFromHost(host string) (string, string) {
+	origin := conf.GetConfigString("origin")
+	if origin != "" {
+		return origin, origin
+	}
+
 	protocol := "https://"
 	if strings.HasPrefix(host, "localhost") {
 		protocol = "http://"
@@ -58,12 +63,6 @@ func getOriginFromHost(host string) (string, string) {
 func GetOidcDiscovery(host string) OidcDiscovery {
 	originFrontend, originBackend := getOriginFromHost(host)

-	origin := conf.GetConfigString("origin")
-	if origin != "" {
-		originFrontend = origin
-		originBackend = origin
-	}
-
 	// Examples:
 	// https://login.okta.com/.well-known/openid-configuration
 	// https://auth0.auth0.com/.well-known/openid-configuration
--- a/object/permission.go
+++ b/object/permission.go
@@ -16,6 +16,7 @@ package object

 import (
 	"fmt"
+	"strings"

 	"github.com/casdoor/casdoor/util"
 	"xorm.io/core"
@@ -207,3 +208,44 @@ func GetPermissionsBySubmitter(owner string, submitter string) []*Permission {

 	return permissions
 }
+
+func MigratePermissionRule() {
+	models := []*Model{}
+	err := adapter.Engine.Find(&models, &Model{})
+	if err != nil {
+		panic(err)
+	}
+
+	isHit := false
+	for _, model := range models {
+		if strings.Contains(model.ModelText, "permission") {
+			// update model table
+			model.ModelText = strings.Replace(model.ModelText, "permission,", "", -1)
+			UpdateModel(model.GetId(), model)
+			isHit = true
+		}
+	}
+
+	if isHit {
+		// update permission_rule table
+		sql := "UPDATE `permission_rule`SET V0 = V1, V1 = V2, V2 = V3, V3 = V4, V4 = V5 WHERE V0 IN (SELECT CONCAT(owner, '/', name) AS permission_id FROM `permission`)"
+		_, err = adapter.Engine.Exec(sql)
+		if err != nil {
+			return
+		}
+	}
+}
+
+func ContainsAsterisk(userId string, users []string) bool {
+	containsAsterisk := false
+	group, _ := util.GetOwnerAndNameFromId(userId)
+	for _, user := range users {
+		permissionGroup, permissionUserName := util.GetOwnerAndNameFromId(user)
+		if permissionGroup == group && permissionUserName == "*" {
+			containsAsterisk = true
+			break
+		}
+	}
+
+	return containsAsterisk
+}
--- a/object/provider.go
+++ b/object/provider.go
@@ -48,6 +48,7 @@ type Provider struct {
 	DisableSsl bool   `json:"disableSsl"`
 	Title      string `xorm:"varchar(100)" json:"title"`
 	Content    string `xorm:"varchar(1000)" json:"content"`
+	Receiver   string `xorm:"varchar(100)" json:"receiver"`

 	RegionId     string `xorm:"varchar(100)" json:"regionId"`
 	SignName     string `xorm:"varchar(100)" json:"signName"`
--- a/object/saml_idp.go
+++ b/object/saml_idp.go
@@ -29,7 +29,6 @@ import (

 	"github.com/RobotsAndPencils/go-saml"
 	"github.com/beevik/etree"
-	"github.com/casdoor/casdoor/conf"
 	"github.com/golang-jwt/jwt/v4"
 	dsig "github.com/russellhaering/goxmldsig"
 	uuid "github.com/satori/go.uuid"
@@ -176,16 +175,12 @@ type Attribute struct {
 }

 func GetSamlMeta(application *Application, host string) (*IdpEntityDescriptor, error) {
-	//_, originBackend := getOriginFromHost(host)
 	cert := getCertByApplication(application)
 	block, _ := pem.Decode([]byte(cert.Certificate))
 	certificate := base64.StdEncoding.EncodeToString(block.Bytes)

-	origin := conf.GetConfigString("origin")
 	originFrontend, originBackend := getOriginFromHost(host)
-	if origin != "" {
-		originBackend = origin
-	}
+
 	d := IdpEntityDescriptor{
 		XMLName: xml.Name{
 			Local: "md:EntityDescriptor",
--- a/object/saml_sp.go
+++ b/object/saml_sp.go
@@ -70,10 +70,12 @@ func GenerateSamlLoginUrl(id, relayState string) (string, string, error) {
 }

 func buildSp(provider *Provider, samlResponse string) (*saml2.SAMLServiceProvider, error) {
+	origin := conf.GetConfigString("origin")
+
 	certStore := dsig.MemoryX509CertificateStore{
 		Roots: []*x509.Certificate{},
 	}
-	origin := conf.GetConfigString("origin")
+
 	certEncodedData := ""
 	if samlResponse != "" {
 		certEncodedData = parseSamlResponse(samlResponse, provider.Type)
--- a/object/token_jwt.go
+++ b/object/token_jwt.go
@@ -18,7 +18,6 @@ import (
 	"fmt"
 	"time"

-	"github.com/casdoor/casdoor/conf"
 	"github.com/casdoor/casdoor/util"
 	"github.com/golang-jwt/jwt/v4"
 )
@@ -67,11 +66,7 @@ func generateJwtToken(application *Application, user *User, nonce string, scope
 	refreshExpireTime := nowTime.Add(time.Duration(application.RefreshExpireInHours) * time.Hour)

 	user.Password = ""
-	origin := conf.GetConfigString("origin")
 	_, originBackend := getOriginFromHost(host)
-	if origin != "" {
-		originBackend = origin
-	}

 	name := util.GenerateId()
 	jti := fmt.Sprintf("%s/%s", application.Owner, name)
--- a/object/user.go
+++ b/object/user.go
@@ -18,7 +18,6 @@ import (
 	"fmt"
 	"strings"

-	"github.com/casdoor/casdoor/conf"
 	"github.com/casdoor/casdoor/util"
 	"github.com/duo-labs/webauthn/webauthn"
 	"xorm.io/core"
@@ -527,11 +526,8 @@ func GetUserInfo(userId string, scope string, aud string, host string) (*Userinf
 	if user == nil {
 		return nil, fmt.Errorf("the user: %s doesn't exist", userId)
 	}
-	origin := conf.GetConfigString("origin")
+
 	_, originBackend := getOriginFromHost(host)
-	if origin != "" {
-		originBackend = origin
-	}

 	resp := Userinfo{
 		Sub: user.Id,
--- a/object/user_webauthn.go
+++ b/object/user_webauthn.go
@@ -27,12 +27,9 @@ import (
 func GetWebAuthnObject(host string) *webauthn.WebAuthn {
 	var err error

-	origin := conf.GetConfigString("origin")
-	if origin == "" {
-		_, origin = getOriginFromHost(host)
-	}
+	_, originBackend := getOriginFromHost(host)

-	localUrl, err := url.Parse(origin)
+	localUrl, err := url.Parse(originBackend)
 	if err != nil {
 		panic("error when parsing origin:" + err.Error())
 	}
@@ -40,7 +37,7 @@ func GetWebAuthnObject(host string) *webauthn.WebAuthn {
 	webAuthn, err := webauthn.New(&webauthn.Config{
 		RPDisplayName: conf.GetConfigString("appname"),      // Display Name for your site
 		RPID:          strings.Split(localUrl.Host, ":")[0], // Generally the domain name for your site, it's ok because splits cannot return empty array
-		RPOrigin:      origin,                               // The origin URL for WebAuthn requests
+		RPOrigin:      originBackend,                        // The origin URL for WebAuthn requests
 		// RPIcon:     "https://duo.com/logo.png",           // Optional icon URL for your site
 	})
 	if err != nil {
--- a/web/src/ProviderEditPage.js
+++ b/web/src/ProviderEditPage.js
@@ -34,7 +34,6 @@ class ProviderEditPage extends React.Component {
      providerName: props.match.params.providerName,
      provider: null,
      mode: props.location.mode !== undefined ? props.location.mode : "edit",
-      testEmail: this.props.account["email"] !== undefined ? this.props.account["email"] : "",
    };
  }

@@ -131,6 +130,9 @@ class ProviderEditPage extends React.Component {
    } else if (this.state.provider.category === "SMS" && this.state.provider.type === "Huawei Cloud SMS") {
      text = i18next.t("provider:Channel No.");
      tooltip = i18next.t("provider:Channel No. - Tooltip");
+    } else if (this.state.provider.category === "Email" && this.state.provider.type === "SUBMAIL") {
+      text = i18next.t("provider:App ID");
+      tooltip = i18next.t("provider:App ID - Tooltip");
    } else {
      return null;
    }
@@ -199,9 +201,12 @@ class ProviderEditPage extends React.Component {
                this.updateProviderField("type", "GitHub");
              } else if (value === "Email") {
                this.updateProviderField("type", "Default");
+                this.updateProviderField("host", "smtp.example.com");
+                this.updateProviderField("port", 465);
                this.updateProviderField("disableSsl", false);
                this.updateProviderField("title", "Casdoor Verification Code");
                this.updateProviderField("content", "You have requested a verification code at Casdoor. Here is your code: %s, please enter in 5 minutes.");
+                this.updateProviderField("receiver", this.props.account.email);
              } else if (value === "SMS") {
                this.updateProviderField("type", "Aliyun SMS");
              } else if (value === "Storage") {
@@ -546,19 +551,16 @@ class ProviderEditPage extends React.Component {
                  {Setting.getLabel(i18next.t("provider:Test Email"), i18next.t("provider:Test Email - Tooltip"))} :
                </Col>
                <Col span={4} >
-                  <Input value={this.state.testEmail}
-                    placeHolder = {i18next.t("user:Input your email")}
-                    onChange={e => {
-                      this.setState({testEmail: e.target.value});
-                    }} />
+                  <Input value={this.state.provider.receiver} placeholder = {i18next.t("user:Input your email")} onChange={e => {
+                    this.updateProviderField("receiver", e.target.value);
+                  }} />
                </Col>
-                <Button style={{marginLeft: "10px", marginBottom: "5px"}} type="primary"
-                  onClick={() => ProviderEditTestEmail.connectSmtpServer(this.state.provider)} >
+                <Button style={{marginLeft: "10px", marginBottom: "5px"}} type="primary" onClick={() => ProviderEditTestEmail.connectSmtpServer(this.state.provider)} >
                  {i18next.t("provider:Test Connection")}
                </Button>
                <Button style={{marginLeft: "10px", marginBottom: "5px"}} type="primary"
-                  disabled={!Setting.isValidEmail(this.state.testEmail)}
-                  onClick={() => ProviderEditTestEmail.sendTestEmail(this.state.provider, this.state.testEmail)} >
+                  disabled={!Setting.isValidEmail(this.state.provider.receiver)}
+                  onClick={() => ProviderEditTestEmail.sendTestEmail(this.state.provider, this.state.provider.receiver)} >
                  {i18next.t("provider:Send Test Email")}
                </Button>
              </Row>
--- a/web/src/ResetModal.js
+++ b/web/src/ResetModal.js
@@ -56,8 +56,12 @@ export const ResetModal = (props) => {
    });
  };

-  let placeHolder = "";
-  if (destType === "email") {placeHolder = i18next.t("user:Input your email");} else if (destType === "phone") {placeHolder = i18next.t("user:Input your phone number");}
+  let placeholder = "";
+  if (destType === "email") {
+    placeholder = i18next.t("user:Input your email");
+  } else if (destType === "phone") {
+    placeholder = i18next.t("user:Input your phone number");
+  }

  return (
    <Row>
@@ -80,7 +84,7 @@ export const ResetModal = (props) => {
            <Input
              addonBefore={destType === "email" ? i18next.t("user:New Email") : i18next.t("user:New phone")}
              prefix={destType === "email" ? <MailOutlined /> : <PhoneOutlined />}
-              placeholder={placeHolder}
+              placeholder={placeholder}
              onChange={e => setDest(e.target.value)}
            />
          </Row>
--- a/web/src/Setting.js
+++ b/web/src/Setting.js
@@ -633,6 +633,7 @@ export function getProviderTypeOptions(category) {
    return (
      [
        {id: "Default", name: "Default"},
+        {id: "SUBMAIL", name: "SUBMAIL"},
      ]
    );
  } else if (category === "SMS") {
Author	SHA1	Message	Date
cofecatt	ee54dec3b3	feat: add support for mysubmail (#1095 ) * feat: add support for mysubmail * Update email.go Co-authored-by: Yang Luo <hsluoyz@qq.com>	2022-09-04 12:09:50 +08:00
Gucheng Wang	d278bc9651	Add receiver for Email provider	2022-09-04 11:37:36 +08:00
Gucheng Wang	b23bd0b189	Support SUBMAIL email provider	2022-09-04 11:21:20 +08:00
Gucheng Wang	409be85264	Fix placeholder typo	2022-09-03 18:52:35 +08:00
Yixiang Zhao	0395b7e1a9	feat: migrate permission data (#1083 ) Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com> Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com> Co-authored-by: Yang Luo <hsluoyz@qq.com>	2022-09-03 16:45:58 +08:00
Gucheng Wang	4536fd0636	Use app.conf value in getOriginFromHost()	2022-09-03 15:12:34 +08:00
cofecatt	af9ae7dbb7	feat: buildx failed with: EROR: failed to solve: executor failed running [/bin/sh -c ./build.sh]: exit code: 127 (#1089 )	2022-09-02 14:50:27 +08:00
cofecatt	e266696b32	feat: add default permission to built-in group (#1087 ) * fix: add default permission * fix: add default permission * fix: add default permission	2022-09-02 12:03:13 +08:00