You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

560 lines
23 KiB

  1. ##############################################################################
  2. #
  3. # Author: Avoin.Systems
  4. # Copyright 2018 Avoin.Systems
  5. #
  6. # This program is free software: you can redistribute it and/or modify
  7. # it under the terms of the GNU Affero General Public License as
  8. # published by the Free Software Foundation, either version 3 of the
  9. # License, or (at your option) any later version.
  10. #
  11. # This program is distributed in the hope that it will be useful,
  12. # but WITHOUT ANY WARRANTY; without even the implied warranty of
  13. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14. # GNU Affero General Public License for more details.
  15. #
  16. # You should have received a copy of the GNU Affero General Public License
  17. # along with this program. If not, see <http://www.gnu.org/licenses/>.
  18. #
  19. ##############################################################################
  20. import binascii
  21. import re
  22. import string
  23. from email.message import Message
  24. from odoo import models, fields, api, tools
  25. from odoo.addons.base.models.ir_mail_server import encode_rfc2822_address_header
  26. from email.utils import parseaddr, formataddr
  27. import logging
  28. import random
  29. from odoo.tools import frozendict
  30. from Crypto.Cipher import AES
  31. import base64
  32. _logger = logging.getLogger(__name__)
  33. MESSAGE_PREFIX = 'msg-'
  34. def random_string(length):
  35. return ''.join(
  36. random.choice(string.ascii_lowercase + string.digits)
  37. for _ in range(length)
  38. )
  39. def get_key(env):
  40. return env['ir.config_parameter']\
  41. .get_param('database.secret', 'noneedtobestrong')[:16]
  42. def get_cipher(env):
  43. return AES.new(get_key(env).encode('utf-8'),
  44. mode=AES.MODE_CBC,
  45. iv=b'veryverysecret81')
  46. def encode_msg_id(id, env):
  47. id_padded = "%016d" % id
  48. encrypted = get_cipher(env).encrypt(id_padded.encode('utf-8'))
  49. return base64.b32encode(encrypted).decode('utf-8')
  50. # Remove in Odoo 14
  51. def encode_msg_id_legacy(id, env):
  52. id_padded = "%016d" % id
  53. encrypted = get_cipher(env).encrypt(id_padded.encode('utf-8'))
  54. return base64.urlsafe_b64encode(encrypted).decode('utf-8')
  55. def decode_msg_id(encoded_encrypted_id, env):
  56. try:
  57. # Some email clients don't respect the original Reply-To address case
  58. # and might make them lowercase. Make the encoded ID uppercase.
  59. encrypted = base64.b32decode(encoded_encrypted_id.encode('utf-8')
  60. .upper())
  61. except binascii.Error:
  62. # Fall back to base64, which was used by the previous versions.
  63. # This can be removed in Odoo 14.
  64. try:
  65. encrypted = base64.urlsafe_b64decode(encoded_encrypted_id
  66. .encode('utf-8'))
  67. except binascii.Error:
  68. _logger.error("Unable to decode the message ID. The input value "
  69. "is invalid and cannot be decoded. "
  70. "Encoded value: {}".format(encoded_encrypted_id))
  71. raise
  72. try:
  73. id_str = get_cipher(env).decrypt(encrypted).decode('utf-8')
  74. except UnicodeDecodeError:
  75. _logger.error("Unable to decrypt the message ID. The input value "
  76. "probably wasn't encrypted with the same key. Encoded "
  77. "value: {}".format(encoded_encrypted_id))
  78. raise
  79. return int(id_str)
  80. class MailServer(models.Model):
  81. _inherit = "ir.mail_server"
  82. reply_to_method = fields.Selection(
  83. [
  84. ('default', 'Odoo Default'),
  85. ('alias', 'Alias'),
  86. ('msg_id', 'Message ID'),
  87. ],
  88. 'Reply-To Method',
  89. default='default',
  90. help="Odoo Default: Don't add any unique identifiers into the\n"
  91. "Reply-To address.\n"
  92. "\n"
  93. "Alias: Find or generate an email alias for the Reply-To field of\n "
  94. "every outgoing message so the responses will be automatically \n"
  95. "routed to the correct thread even if the email client (Yes, \n"
  96. "I'm looking at you, Microsoft Outlook) decides to drop the \n"
  97. "References, In-Reply-To and Message-ID fields.\n\n"
  98. "The alias will then be used to generate a RFC 5233 sub-address\n"
  99. "using the Force From Address field as a base, eg.\n"
  100. "odoo@mycompany.fi would become odoo+adf9bacd98732@mycompany.fi\n"
  101. "\n"
  102. "Note that this method has a flaw: if the headers have dropped\n"
  103. "and Odoo can't connect the reply to any message in the thread,\n"
  104. "it will automatically connect it to the first message in the \n"
  105. "thread which often is an internal note and the reply will also\n"
  106. "be marked as an internal note even when it should be a comment."
  107. "\n\n"
  108. "Message ID: Include a prefix and the message ID in encrypted\n"
  109. "and base32 encoded format in the Reply-To\n"
  110. "address to that Odoo will be able to directly connect the\n"
  111. "reply to the original message. Note that in this mode the\n"
  112. "Reply-To address has a priority over References and\n"
  113. "In-Reply-To headers."
  114. )
  115. force_email_reply_to = fields.Char(
  116. 'Force Reply-To Address',
  117. )
  118. force_email_reply_to_name = fields.Char(
  119. 'Force Reply-To Name',
  120. )
  121. force_email_reply_to_domain = fields.Char(
  122. 'Force Reply-To Domain',
  123. )
  124. force_email_from = fields.Char(
  125. 'Force From Address',
  126. )
  127. force_email_sender = fields.Char(
  128. 'Force Sender Address',
  129. )
  130. prioritize_reply_to_over_msgid = fields.Boolean(
  131. 'Prioritize Reply-To Over Email Headers',
  132. default=True,
  133. help="If this field is selected, the unique Reply-To address "
  134. "generated by the Message ID method will be prioritized "
  135. "over the email headers (default Odoo behavior) in incoming "
  136. "emails. This is recommended when the Reply-To method is set to "
  137. "Message ID."
  138. )
  139. headers_example = fields.Text(
  140. 'Example Headers',
  141. compute='_compute_headers_example',
  142. store=False,
  143. )
  144. # TODO Implement field input validators
  145. def _get_reply_to_address(self, alias, original_from_name):
  146. self.ensure_one()
  147. force_email_from = encode_rfc2822_address_header(
  148. self.force_email_from
  149. )
  150. # Split the From address
  151. from_address = force_email_from.split('@')
  152. reply_to_addr = '{alias}@{domain}'.format(
  153. alias=alias if alias else from_address[0],
  154. domain=self.force_email_reply_to_domain or from_address[1]
  155. )
  156. if self.force_email_reply_to_name:
  157. reply_to = formataddr((self.force_email_reply_to_name,
  158. reply_to_addr))
  159. elif original_from_name:
  160. reply_to = formataddr((original_from_name, reply_to_addr))
  161. else:
  162. reply_to = reply_to_addr
  163. return encode_rfc2822_address_header(reply_to)
  164. @api.depends('force_email_sender', 'force_email_reply_to',
  165. 'force_email_reply_to_domain', 'force_email_from',
  166. 'force_email_reply_to_name', 'reply_to_method')
  167. def _compute_headers_example(self):
  168. for server in self:
  169. example = []
  170. if server.force_email_sender:
  171. example.append('Sender: {}'.format(server.force_email_sender))
  172. if server.force_email_reply_to:
  173. example.append('Reply-To: {}'.format(server.force_email_reply_to))
  174. elif server.force_email_from \
  175. and server.reply_to_method != 'default':
  176. reply_to_pair = server.force_email_from.split('@')
  177. if server.reply_to_method == 'alias':
  178. token = '{}+1d278g1082bca'
  179. elif server.reply_to_method == 'msg_id':
  180. token = '{}+' + MESSAGE_PREFIX + 'p2IxKkfEKugl16juheTT0g=='
  181. else:
  182. token = 'INVALID'
  183. _logger.error('Invalid reply_to_method found: '
  184. + server.reply_to_method)
  185. # noinspection PyProtectedMember
  186. reply_to = server._get_reply_to_address(
  187. token.format(reply_to_pair[0]),
  188. 'Original From Person'
  189. )
  190. example.append('Reply-To: {}'.format(reply_to))
  191. else:
  192. example.append('Reply-To: Odoo default')
  193. if server.force_email_from:
  194. example.append('From: {}'.format(formataddr(
  195. ('Original From Person', server.force_email_from)
  196. )))
  197. else:
  198. example.append('From: Odoo default')
  199. server.headers_example = "\n".join(example)
  200. @api.model
  201. def send_email(self, message, mail_server_id=None, smtp_server=None,
  202. smtp_port=None, smtp_user=None, smtp_password=None,
  203. smtp_encryption=None, smtp_debug=False, smtp_session=None):
  204. # Get SMTP Server Details from Mail Server
  205. mail_server = None
  206. if mail_server_id:
  207. mail_server = self.sudo().browse(mail_server_id)
  208. elif not smtp_server:
  209. mail_server = self.sudo().search([], order='sequence', limit=1)
  210. # Note that Odoo already has the ability to use a fixed From address
  211. # by settings "email_from" in the Odoo settings. This is however a
  212. # secondary option and here email_from always overrides that.
  213. if mail_server.force_email_from:
  214. original_from_name = parseaddr(message['From'])[0]
  215. force_email_from = encode_rfc2822_address_header(
  216. mail_server.force_email_from
  217. )
  218. del message['From']
  219. message['From'] = formataddr((
  220. original_from_name,
  221. force_email_from
  222. ))
  223. if mail_server.reply_to_method == 'alias':
  224. # Find or create an email alias
  225. alias = self.find_or_create_alias(force_email_from.split('@'))
  226. # noinspection PyProtectedMember
  227. reply_to = mail_server._get_reply_to_address(
  228. alias,
  229. original_from_name,
  230. )
  231. del message['Reply-To']
  232. message['Reply-To'] = reply_to
  233. elif mail_server.reply_to_method == 'msg_id':
  234. odoo_msg_id = message.get('Message-Id')
  235. if odoo_msg_id:
  236. # The message_id isn't unique. Prefer the one that has a
  237. # model set and only pick the first record. Odoo does
  238. # almost the same thing in mail.thread.message_route().
  239. odoo_msg = self.sudo().env['mail.message']\
  240. .search([('message_id', '=', odoo_msg_id)],
  241. order='model', limit=1)
  242. encrypted_id = encode_msg_id(odoo_msg.id, self.env)
  243. # noinspection PyProtectedMember
  244. reply_to = mail_server._get_reply_to_address(
  245. '{}+{}{}'.format(force_email_from.split('@')[0],
  246. MESSAGE_PREFIX, encrypted_id),
  247. original_from_name,
  248. )
  249. _logger.info(
  250. 'Generated a new reply-to address "{}" for '
  251. 'Message-Id "{}".'
  252. .format(reply_to, odoo_msg_id)
  253. )
  254. del message['Reply-To']
  255. message['Reply-To'] = reply_to
  256. else:
  257. _logger.warning(
  258. "Couldn't get Message-Id from the message {}. The "
  259. "reply might not find its way to the correct thread."
  260. .format(message.as_string())
  261. )
  262. if mail_server.force_email_reply_to:
  263. del message['Reply-To']
  264. message['Reply-To'] = encode_rfc2822_address_header(
  265. mail_server.force_email_reply_to)
  266. if mail_server.force_email_sender:
  267. del message['Sender']
  268. message['Sender'] = encode_rfc2822_address_header(
  269. mail_server.force_email_sender)
  270. return super(MailServer, self).send_email(
  271. message, mail_server_id, smtp_server, smtp_port, smtp_user,
  272. smtp_password, smtp_encryption, smtp_debug, smtp_session
  273. )
  274. def find_or_create_alias(self, from_address):
  275. record_id, record_model_name = self.resolve_record()
  276. if not record_id or not record_model_name:
  277. # Can't create an alias if we don't know the related record
  278. return False
  279. if record_model_name not in self.env:
  280. _logger.error('Unable to find or create an alias for outgoing '
  281. 'email: invalid_model name {}.'
  282. .format(record_model_name))
  283. return False
  284. # Find an alias
  285. alias_model_id = self.env['ir.model'] \
  286. .search([('model', '=', record_model_name)]).id
  287. # noinspection PyPep8Naming
  288. Alias = self.env['mail.alias']
  289. existing_aliases = Alias.search([
  290. ('alias_model_id', '=', alias_model_id),
  291. ('alias_name', 'like', '{from_address}+'.format(from_address=from_address[0])),
  292. ('alias_force_thread_id', '=', record_id),
  293. ('alias_contact', '=', 'everyone'), # TODO: check from record
  294. ])
  295. if existing_aliases:
  296. return existing_aliases[0].alias_name
  297. # Create a new alias
  298. alias = Alias.create({
  299. 'alias_model_id': alias_model_id,
  300. 'alias_name': '{from_address}+{random_string}'.format(from_address=from_address[0],
  301. random_string=random_string(8)),
  302. 'alias_force_thread_id': record_id,
  303. 'alias_contact': 'everyone',
  304. })
  305. return alias.alias_name
  306. def resolve_record(self):
  307. ctx = self.env.context
  308. # Don't ever use active_id or active_model from the context here.
  309. # It might not be the one that you expect. Go ahead and try, open
  310. # a sales order, go to the related purchase order and send the PO.
  311. record_id = ctx.get('default_res_id')
  312. record_model_name = ctx.get('default_model')
  313. # If incoming_routes isn't enough, we can use ctx['incoming_to'] to
  314. # find a alias directly without active_id and active_model_name.
  315. routes = ctx.get('incoming_routes', [])
  316. if (not record_id or not record_model_name) and routes and len(routes) > 0:
  317. route = routes[0]
  318. record_model_name = route[0]
  319. record_id = route[1]
  320. return record_id, record_model_name
  321. @api.model
  322. def encrypt_message_id(self, message_id):
  323. """
  324. A helper encryption method for debugging mail delivery issues.
  325. :param message_id: The id of the `mail.message`
  326. :return: The id of the `mail.message` encrypted and base64 encoded
  327. """
  328. return encode_msg_id(message_id, self.env)
  329. @api.model
  330. def decrypt_message_id(self, encrypted_id):
  331. """
  332. A helper decryption method for debugging mail delivery issues.
  333. :param encrypted_id: The encrypted and base64 encoded id of
  334. the `mail.message` to be decrypted
  335. :return: The id of the `mail.message`
  336. """
  337. return decode_msg_id(encrypted_id, self.env)
  338. class MailThread(models.AbstractModel):
  339. _inherit = 'mail.thread'
  340. """
  341. The process for incoming emails goes something like this:
  342. 1. message_process (processing the incoming message)
  343. 2. message_parse (parsing the email message)
  344. 3. message_route (decides how to route the email)
  345. 4. message_route_process (executes the route)
  346. 5. message_post (posts the message to a thread)
  347. """
  348. @api.model
  349. def message_parse(self, message, save_original=False):
  350. email_to = tools.decode_message_header(message, 'To')
  351. email_to_localpart = (tools.email_split(email_to) or [''])[0] \
  352. .split('@', 1)[0]
  353. config_params = self.env['ir.config_parameter'].sudo()
  354. # Check if the To part contains the prefix and a base32/64 encoded string
  355. # Remove the "24," part when migrating to Odoo 14.
  356. prefix_in_to = email_to_localpart and re.search(
  357. r'.*' + MESSAGE_PREFIX + '(?P<odoo_id>.{24,32}$)',
  358. email_to_localpart
  359. )
  360. prioritize_replyto_over_headers = config_params\
  361. .get_param("email_headers.prioritize_replyto_over_headers", "True")
  362. prioritize_replyto_over_headers = True \
  363. if prioritize_replyto_over_headers != "False" else False
  364. # If the msg prefix part is found in the To part, find the parent
  365. # message and inject the Message-Id to the In-Reply-To part and
  366. # remove References because it by default takes priority over
  367. # In-Reply-To. We want the unique Reply-To address have the priority.
  368. if prefix_in_to and prioritize_replyto_over_headers:
  369. message_id_encrypted = prefix_in_to.group('odoo_id')
  370. try:
  371. message_id = decode_msg_id(message_id_encrypted, self.env)
  372. parent_id = self.env['mail.message'].browse(message_id)
  373. if parent_id:
  374. # See unit test test_reply_to_method_msg_id_priority
  375. del message['References']
  376. del message['In-Reply-To']
  377. message['In-Reply-To'] = parent_id.message_id
  378. else:
  379. _logger.warning(
  380. 'Received an invalid mail.message database id in incoming '
  381. 'email sent to {}. The email type (comment, note) might '
  382. 'be wrong.'.format(email_to)
  383. )
  384. except UnicodeDecodeError:
  385. _logger.warning(
  386. "Unique Reply-To address of an incoming email couldn't be "
  387. "decrypted. Falling back to default Odoo behavior."
  388. )
  389. res = super(MailThread, self).message_parse(message, save_original)
  390. strip_message_id = config_params\
  391. .get_param("email_headers.strip_mail_message_ids", "True")
  392. strip_message_id = True if strip_message_id != "False" else False
  393. if not strip_message_id == 'True':
  394. return res
  395. # When Odoo compares message_id to the one stored in the database when determining
  396. # whether or not the incoming message is a reply to another one, the message_id search
  397. # parameter is stripped before the search. But Odoo does not do anything of the sort when
  398. # a message is created, meaning if some email software (for example Outlook,
  399. # for no particular reason) includes anything strippable at the start of the Message-Id,
  400. # any replies to that message in the future will not find their way correctly, as the
  401. # search yields nothing.
  402. #
  403. # Example of what happened before. The first one is the original Message-Id, and thus also
  404. # the ID that gets stored on the mail.message as the `message_id`
  405. # '\r\n <AM6PR05MB4933DE6BCAD68A037185EBCFFBAF0@AM6PR05MB4933.eurprd05.prod.outlook.com>'
  406. # But when trying to find this message, Odoo takes the above message_id and strips it,
  407. # which results in:
  408. # '<AM6PR05MB4933DE6BCAD68A037185EBCFFBAF0@AM6PR05MB4933.eurprd05.prod.outlook.com>'
  409. # And then the search is done for an exact match, which will fail.
  410. #
  411. # Odoo doesn't, so we must strip the message_ids before they are stored in the database
  412. mail_message_id = res.get('message_id', '')
  413. if mail_message_id:
  414. mail_message_id = mail_message_id.strip()
  415. res['message_id'] = mail_message_id
  416. return res
  417. @api.model
  418. def message_route_process(self, message, message_dict, routes):
  419. ctx = self.env.context.copy()
  420. ctx['incoming_routes'] = routes
  421. ctx['incoming_to'] = message_dict.get('to')
  422. self.env.context = frozendict(ctx)
  423. return super(MailThread, self)\
  424. .message_route_process(message, message_dict, routes)
  425. @api.model
  426. def message_route(self, message, message_dict, model=None,
  427. thread_id=None, custom_values=None):
  428. # NOTE! If you're going to backport this module to Odoo 11 or Odoo 10,
  429. # you will have to create the mail_bounce_catchall email template
  430. # because it was introduced only in Odoo 12.
  431. if not isinstance(message, Message):
  432. raise TypeError('message must be an '
  433. 'email.message.Message at this point')
  434. try:
  435. route = super(MailThread, self)\
  436. .message_route(message, message_dict, model,
  437. thread_id, custom_values)
  438. except ValueError:
  439. # If the headers that connect the incoming message to a thread in
  440. # Odoo have disappeared at some point and the message was sent to
  441. # the catchall address (with a sub-addressing suffix), we will
  442. # skip the default catchall check and perform it here for
  443. # mail.catchall.alias.custom. We do this because the alias check
  444. # if done AFTER the catchall check by default and it may cause
  445. # Odoo to send a bounce message to the sender who sent the email to
  446. # the correct thread-specific address.
  447. catchall_alias = self.env['ir.config_parameter']\
  448. .sudo().get_param("mail.catchall.alias.custom")
  449. email_to = tools.decode_message_header(message, 'To')
  450. email_to_localpart = (tools.email_split(email_to) or [''])[0]\
  451. .split('@', 1)[0].lower()
  452. message_id = message.get('Message-Id')
  453. email_from = tools.decode_message_header(message, 'From')
  454. # check it does not directly contact catchall
  455. if catchall_alias and catchall_alias in email_to_localpart:
  456. _logger.info(
  457. 'Routing mail from %s to %s with Message-Id %s: '
  458. 'direct write to catchall, bounce', email_from,
  459. email_to, message_id)
  460. body = self.env.ref('mail.mail_bounce_catchall').render({
  461. 'message': message,
  462. }, engine='ir.qweb')
  463. self._routing_create_bounce_email(
  464. email_from, body, message,
  465. reply_to=self.env.user.company_id.email)
  466. return []
  467. else:
  468. raise
  469. return route