feat(PROJ-33): IMAP UID-Stabilität + Shared/Personal-Modus
Backend: - storage: uid BIGSERIAL Migration, MailWithUID, GetMailsWithUID, GetMailsByRecipient - tenantstore: imap_mode Spalte, GetIMAPMode, SetIMAPMode - imapserver: stable UIDs aus DB, personal/shared Modus, userEmail in session - api: GET/PUT /api/admin/settings/imap-mode (domain_admin only, double opt-in) Frontend: - IMAPSettingsTab: Modus-Anzeige + Toggle mit Double-Opt-In Dialog - Admin-Panel: IMAP-Tab für domain_admin Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
sysops
@@ -0,0 +1,61 @@
|
||||
package api
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"net/http"
|
||||
|
||||
"github.com/archivmail/internal/audit"
|
||||
)
|
||||
|
||||
// handleGetIMAPMode returns the current IMAP mode for the tenant.
|
||||
// GET /api/admin/settings/imap-mode
|
||||
func (s *Server) handleGetIMAPMode(w http.ResponseWriter, r *http.Request) {
|
||||
tenantID := tenantFromCtx(r.Context())
|
||||
if tenantID == nil {
|
||||
writeError(w, http.StatusBadRequest, "no tenant context")
|
||||
return
|
||||
}
|
||||
mode, err := s.tenantStore.GetIMAPMode(r.Context(), *tenantID)
|
||||
if err != nil {
|
||||
writeError(w, http.StatusInternalServerError, err.Error())
|
||||
return
|
||||
}
|
||||
writeJSON(w, http.StatusOK, map[string]string{"mode": mode})
|
||||
}
|
||||
|
||||
// handleSetIMAPMode sets the IMAP mode for the tenant.
|
||||
// PUT /api/admin/settings/imap-mode
|
||||
// Body: { "mode": "shared"|"personal", "confirmed": true }
|
||||
func (s *Server) handleSetIMAPMode(w http.ResponseWriter, r *http.Request) {
|
||||
tenantID := tenantFromCtx(r.Context())
|
||||
if tenantID == nil {
|
||||
writeError(w, http.StatusBadRequest, "no tenant context")
|
||||
return
|
||||
}
|
||||
var req struct {
|
||||
Mode string `json:"mode"`
|
||||
Confirmed bool `json:"confirmed"`
|
||||
}
|
||||
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
|
||||
writeError(w, http.StatusBadRequest, "invalid request body")
|
||||
return
|
||||
}
|
||||
// Double opt-in for shared mode
|
||||
if req.Mode == "shared" && !req.Confirmed {
|
||||
writeError(w, http.StatusBadRequest, "confirmed must be true to enable shared mode")
|
||||
return
|
||||
}
|
||||
if err := s.tenantStore.SetIMAPMode(r.Context(), *tenantID, req.Mode); err != nil {
|
||||
writeError(w, http.StatusBadRequest, err.Error())
|
||||
return
|
||||
}
|
||||
sess := sessionFromCtx(r.Context())
|
||||
s.audlog.Log(audit.Entry{
|
||||
EventType: "imap_mode_changed",
|
||||
Username: sess.Username,
|
||||
IPAddress: s.remoteIP(r),
|
||||
Detail: "imap_mode set to " + req.Mode,
|
||||
Success: true,
|
||||
})
|
||||
writeJSON(w, http.StatusOK, map[string]string{"mode": req.Mode})
|
||||
}
|
||||
Reference in New Issue
Block a user