docker-mailserver/target/scripts/helpers/database/manage/postfix-accounts.sh
Brennan Kinney 57aeb6db2a
refactor: CLI commands for database management (#2654)
See the associated PR for more detailed commentary on specific changes.

### Commands refactored:
- User (**All:** add / list / update / del + _dovecot-master variants_)
- Quota (**All:** set / del)
- Virtual Alias (**All:** add / list /del)
- Relay (**All:** add-relayhost / add-sasl / exclude-domain)

### Overall changes involve:
- **Fairly common structure:**
  - `_main` method at the top provides an overview of logical steps:
    - After all methods are declared beneath it (_and imported from the new `helpers/database/db.sh`_), the `_main` is called at the bottom of the file.
    - `delmailuser` additionally processes option support for `-y` prior to calling `_main`.
  - `__usage` is now consistent with each of these commands, along with the `help` command.
  - Most logic delegated to new helper scripts. Some duplicate content remains on the basis that it's low-risk to maintenance and avoids less hassle to jump between files to check a single line, usually this is arg validation.
  - Error handling should be more consistent, along with var names (_no more `USER`/`EMAIL`/`FULL_EMAIL` to refer to the same expected value_).
- **Three new management scripts** (in `helpers/database/manage/`) using a common structure for managing changes to their respective "Database" config file.
  - `postfix-accounts.sh` unified not only add and update commands, but also all the dovecot-master versions, a single password call for all 4 of them, with a 5th consumer of the password prompt from the relay command `addsaslpassword`.
  - These scripts delegate actual writes to `helpers/database/db.sh` which provides a common API to support the changes made.
     - This is more verbose/complex vs the current inline operations each command currently has, as it provides generic support instead of slightly different variations being maintained, along with handling some edge cases that existed and would lead to bugs (notably substring matches).
     - Centralizing changes here seems wiser than scattered about. I've tried to make it easy to grok, hopefully it's not worse than the current situation.
     - List operations were kept in their respective commands, `db.sh` is only really managing writes. I didn't see a nice way for removing the code duplication for list commands as the duplication was fairly minimal, especially for `listalias` and `listdovecotmasteruser` which were quite simple in their differences in the loop body.
     - `listmailuser` and `delmailuser` also retain methods exclusive to respective commands, I wasn't sure if there was any benefit to move those, but they were refactored.
2022-07-29 12:10:23 +12:00

101 lines
3.3 KiB
Bash

#! /bin/bash
# Manage DB writes for:
# - DATABASE_ACCOUNTS
# - DATABASE_DOVECOT_MASTERS
# Logic to perform for requested operations handled here:
function _manage_accounts
{
local ACTION=${1}
local DATABASE=${2}
local MAIL_ACCOUNT=${3}
# Only for ACTION 'create' or 'update':
local PASSWD=${4}
_arg_expect_mail_account
case "${ACTION}" in
( 'create' | 'update' )
# Fail early before requesting password:
[[ ${ACTION} == 'create' ]] && _account_should_not_exist_yet
[[ ${ACTION} == 'update' ]] && _account_should_already_exist
_password_request_if_missing
local PASSWD_HASH
PASSWD_HASH=$(doveadm pw -s SHA512-CRYPT -u "${MAIL_ACCOUNT}" -p "${PASSWD}")
# Early failure above ensures correct operation => Add (create) or Replace (update):
_db_entry_add_or_replace "${DATABASE}" "${MAIL_ACCOUNT}" "${PASSWD_HASH}"
;;
( 'delete' )
_db_entry_remove "${DATABASE}" "${MAIL_ACCOUNT}"
;;
( * ) # This should not happen if using convenience wrapper methods:
_exit_with_error "Unsupported Action: '${ACTION}'"
;;
esac
}
# Convenience wrappers:
DATABASE_ACCOUNTS='/tmp/docker-mailserver/postfix-accounts.cf'
function _manage_accounts_create { _manage_accounts 'create' "${DATABASE_ACCOUNTS}" "${@}" ; }
function _manage_accounts_update { _manage_accounts 'update' "${DATABASE_ACCOUNTS}" "${@}" ; }
function _manage_accounts_delete { _manage_accounts 'delete' "${DATABASE_ACCOUNTS}" "${@}" ; }
# Dovecot Master account support can leverage the same management logic:
DATABASE_DOVECOT_MASTERS='/tmp/docker-mailserver/dovecot-masters.cf'
function _manage_accounts_dovecotmaster_create { _manage_accounts 'create' "${DATABASE_DOVECOT_MASTERS}" "${@}" ; }
function _manage_accounts_dovecotmaster_update { _manage_accounts 'update' "${DATABASE_DOVECOT_MASTERS}" "${@}" ; }
function _manage_accounts_dovecotmaster_delete { _manage_accounts 'delete' "${DATABASE_DOVECOT_MASTERS}" "${@}" ; }
#
# Validation Methods
#
# These validation helpers rely on:
# - Exteral vars to be declared prior to calling them (MAIL_ACCOUNT, PASSWD, DATABASE).
# - Calling external method '__usage' as part of error handling.
# Also used by setquota, delquota
function _arg_expect_mail_account
{
[[ -z ${MAIL_ACCOUNT} ]] && { __usage ; _exit_with_error 'No account specified' ; }
# Dovecot Master accounts are validated (they are not email addresses):
[[ ${DATABASE} == "${DATABASE_DOVECOT_MASTERS}" ]] && return 0
# Account has both local and domain parts:
[[ ${MAIL_ACCOUNT} =~ .*\@.* ]] || { __usage ; _exit_with_error "'${MAIL_ACCOUNT}' should include the domain (eg: user@example.com)" ; }
}
function _account_should_not_exist_yet
{
__account_already_exists && _exit_with_error "'${MAIL_ACCOUNT}' already exists"
}
# Also used by delmailuser, setquota, delquota
function _account_should_already_exist
{
! __account_already_exists && _exit_with_error "'${MAIL_ACCOUNT}' does not exist"
}
function __account_already_exists
{
local DATABASE=${DATABASE:-"${DATABASE_ACCOUNTS}"}
_db_has_entry_with_key "${MAIL_ACCOUNT}" "${DATABASE}"
}
# Also used by addsaslpassword
function _password_request_if_missing
{
if [[ -z ${PASSWD} ]]
then
read -r -s -p 'Enter Password: ' PASSWD
echo
[[ -z ${PASSWD} ]] && _exit_with_error 'Password must not be empty'
fi
}