Add currently unused function verify_quota.

Order functions alphabetically.
author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com> 2011-09-21 11:10:25 +0100
committer: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com> 2011-09-21 11:10:25 +0100
commit: 6430642c0925d44b82b89a1c000135d4ffd4bad5 (patch)
tree: bad2822bf396f6cb286aabbc4e2167a36a483a87 /bin
parent: 8f4b809e3a030ea2d3e2b1f93cf71a731f7a4e56 (diff)
download: pykolab-6430642c0925d44b82b89a1c000135d4ffd4bad5.tar.gz
1 files changed, 94 insertions, 20 deletions
diff --git a/bin/kolab_smtp_access_policy.py b/bin/kolab_smtp_access_policy.py
index 74981a7..159117c 100755
--- a/bin/kolab_smtp_access_policy.py
+++ b/bin/kolab_smtp_access_policy.py
@@ -293,26 +293,6 @@ def read_request_input():
 
     return policy_request
 
-def verify_domain(domain):
-    """
-        Verify whether the domain is internal (mine) or external.
-    """
-
-    domain_verified = False
-
-    _mydomains = auth.list_domains()
-
-    for primary, secondaries in _mydomains:
-        if primary == domain:
-            domain_verified = True
-        elif domain in secondaries:
-            domain_verified = True
-
-    if domain_verified == None:
-        domain_verified = False
-
-    return domain_verified
-
 def verify_delegate(policy_request, sender_domain, sender_user):
     """
         Use the information passed along to determine whether the authenticated
@@ -422,6 +402,100 @@ def verify_delegate(policy_request, sender_domain, sender_user):
 
     return sender_is_delegate
 
+def verify_domain(domain):
+    """
+        Verify whether the domain is internal (mine) or external.
+    """
+
+    domain_verified = False
+
+    _mydomains = auth.list_domains()
+
+    for primary, secondaries in _mydomains:
+        if primary == domain:
+            domain_verified = True
+        elif domain in secondaries:
+            domain_verified = True
+
+    if domain_verified == None:
+        domain_verified = False
+
+    return domain_verified
+
+def verify_quota(policy_request):
+    """
+        Verify the quota usage for this user.
+
+        Attempt to find a folder annotated with Kolab mail.sentitems
+        Attempt to find a folder with \Sent SPECIAL-USE flag
+        Use INBOX quota
+
+        If above $x percent, bail out. Get $x from the configuration.
+        If spare space below $y, bail out. Get $y from the policy request.
+
+        Typically only used when sending through submission, or when receiving.
+    """
+
+    global policy_done
+
+    if policy_request['sasl_username'] == '':
+        return True
+
+    # TODO: Under some conditions, the recipient may not be fully qualified.
+    # We'll cross that bridge when we get there, though.
+    domain = policy_request['sasl_username'].split('@')[1]
+
+    # Get the quota setting,
+    if conf.has_section('kolab_smtp_access_policy'):
+        if conf.has_option('kolab_smtp_access_policy', 'max_quota_percentage'):
+            max_quota_percentage = conf.get(
+                    'kolab_smtp_access_policy',
+                    'max_quota_percentage'
+                )
+        else:
+            max_quota_percentage = 101
+
+    else:
+        max_quota_percentage = 101
+
+    if verify_domain(domain):
+        if auth.secondary_domains.has_key(domain):
+            log.debug(_("Using authentication domain %s instead of %s") %(auth.secondary_domains[domain],domain), level=8)
+            domain = auth.secondary_domains[domain]
+        else:
+            log.debug(_("Domain %s is a primary domain") %(domain), level=8)
+    else:
+        log.warning(_("Checking the recipient for domain %s that is not ours") %(domain))
+
+    # Attr search list
+    # TODO: Use the configured filter
+    attr_search = [ 'mail', 'alias', 'mailalternateaddress' ]
+
+    # Find the user,
+    user = {
+            'dn': auth.find_user(
+                    attr_search,
+                    parse_address(policy_request['sasl_username']),
+                    domain=domain,
+                    # TODO: Get the filter from the configuration.
+                    additional_filter="(&(objectclass=kolabinetorgperson)%(search_filter)s)"
+                )
+        }
+
+    # Find the mailbox,
+    mailbox = auth.get_user_attribute(conf.get('cyrus-sasl', 'result_attribute'))
+
+    # Get the quota,
+    (used,current_quota) = self.imap.lq('user/%s' %(folder))
+
+    # Compare, and smile or shoot.
+    if (current_quota - used) <= policy_request['size']:
+        policy_done = True
+        reject(_("Not enough storage"))
+        return False
+
+    return True
+
 def verify_recipient(policy_request):
     """
         Verify whether the sender is allowed send to this recipient, using the
author	Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com>	2011-09-21 11:10:25 +0100
committer	Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com>	2011-09-21 11:10:25 +0100
commit	6430642c0925d44b82b89a1c000135d4ffd4bad5 (patch)
tree	bad2822bf396f6cb286aabbc4e2167a36a483a87 /bin
parent	8f4b809e3a030ea2d3e2b1f93cf71a731f7a4e56 (diff)
download	pykolab-6430642c0925d44b82b89a1c000135d4ffd4bad5.tar.gz