vendor/pimcore/pimcore/bundles/AdminBundle/Controller/Admin/EmailController.php line 47

Open in your IDE?
  1. <?php
  3. /**
  4.  * Pimcore
  5.  *
  6.  * This source file is available under two different licenses:
  7.  * - GNU General Public License version 3 (GPLv3)
  8.  * - Pimcore Commercial License (PCL)
  9.  * Full copyright and license information is available in
  10.  * LICENSE.md which is distributed with this source code.
  11.  *
  12.  *  @copyright  Copyright (c) Pimcore GmbH (http://www.pimcore.org)
  13.  *  @license    http://www.pimcore.org/license     GPLv3 and PCL
  14.  */
  16. namespace Pimcore\Bundle\AdminBundle\Controller\Admin;
  18. use Pimcore\Bundle\AdminBundle\Controller\AdminAbstractController;
  19. use Pimcore\Http\RequestHelper;
  20. use Pimcore\Logger;
  21. use Pimcore\Mail;
  22. use Pimcore\Model\Element\ElementInterface;
  23. use Pimcore\Model\Tool;
  24. use Symfony\Component\HttpFoundation\JsonResponse;
  25. use Symfony\Component\HttpFoundation\Request;
  26. use Symfony\Component\HttpFoundation\Response;
  27. use Symfony\Component\HttpKernel\Profiler\Profiler;
  28. use Symfony\Component\Mime\Address;
  29. use Symfony\Component\Routing\Annotation\Route;
  31. /**
  32.  * @Route("/email")
  33.  *
  34.  * @internal
  35.  */
  36. class EmailController extends AdminAbstractController
  37. {
  38.     /**
  39.      * @Route("/email-logs", name="pimcore_admin_email_emaillogs", methods={"GET", "POST"})
  40.      *
  41.      * @param Request $request
  42.      *
  43.      * @return JsonResponse
  44.      *
  45.      * @throws \Exception
  46.      */
  47.     public function emailLogsAction(Request $request)
  48.     {
  49.         if (!$this->getAdminUser()->isAllowed('emails') && !$this->getAdminUser()->isAllowed('gdpr_data_extractor')) {
  50.             throw new \Exception("Permission denied, user needs 'emails' permission.");
  51.         }
  53.         $list = new Tool\Email\Log\Listing();
  54.         if ($request->get('documentId')) {
  55.             $list->setCondition('documentId = ' . (int)$request->get('documentId'));
  56.         }
  57.         $list->setLimit($request->get('limit'));
  58.         $list->setOffset($request->get('start'));
  59.         $list->setOrderKey('sentDate');
  61.         if ($request->get('filter')) {
  62.             $filterTerm $request->get('filter');
  63.             if ($filterTerm == '*') {
  64.                 $filterTerm '';
  65.             }
  67.             $filterTerm str_replace('%''*'$filterTerm);
  68.             $filterTerm htmlspecialchars($filterTermENT_QUOTES);
  70.             if (strpos($filterTerm'@')) {
  71.                 $parts explode(' '$filterTerm);
  72.                 $parts array_map(function ($part) {
  73.                     if (strpos($part'@')) {
  74.                         $part '"' $part '"';
  75.                     }
  77.                     return $part;
  78.                 }, $parts);
  79.                 $filterTerm implode(' '$parts);
  80.             }
  82.             $condition '( MATCH (`from`,`to`,`cc`,`bcc`,`subject`,`params`) AGAINST (' $list->quote($filterTerm) . ' IN BOOLEAN MODE) )';
  84.             if ($request->get('documentId')) {
  85.                 $condition .= 'AND documentId = ' . (int)$request->get('documentId');
  86.             }
  88.             $list->setCondition($condition);
  89.         }
  91.         $list->setOrder('DESC');
  93.         $data $list->load();
  94.         $jsonData = [];
  96.         if (is_array($data)) {
  97.             foreach ($data as $entry) {
  98.                 $tmp $entry->getObjectVars();
  99.                 unset($tmp['bodyHtml']);
  100.                 unset($tmp['bodyText']);
  101.                 $jsonData[] = $tmp;
  102.             }
  103.         }
  105.         return $this->adminJson([
  106.             'data' => $jsonData,
  107.             'success' => true,
  108.             'total' => $list->getTotalCount(),
  109.         ]);
  110.     }
  112.     /**
  113.      * @Route("/show-email-log", name="pimcore_admin_email_showemaillog", methods={"GET"})
  114.      *
  115.      * @param Request $request
  116.      * @param Profiler|null $profiler
  117.      *
  118.      * @return JsonResponse|Response
  119.      *
  120.      * @throws \Exception
  121.      */
  122.     public function showEmailLogAction(Request $request, ?Profiler $profiler)
  123.     {
  124.         if ($profiler) {
  125.             $profiler->disable();
  126.         }
  128.         if (!$this->getAdminUser()->isAllowed('emails')) {
  129.             throw $this->createAccessDeniedHttpException("Permission denied, user needs 'emails' permission.");
  130.         }
  132.         $type $request->get('type');
  133.         $emailLog Tool\Email\Log::getById((int) $request->get('id'));
  135.         if (!$emailLog) {
  136.             throw $this->createNotFoundException();
  137.         }
  139.         if ($type === 'text') {
  140.             return $this->render('@PimcoreAdmin/Admin/Email/text.html.twig', ['log' => $emailLog->getTextLog()]);
  141.         } elseif ($type === 'html') {
  142.             return new Response($emailLog->getHtmlLog(), 200, [
  143.                 'Content-Security-Policy' => "default-src 'self'; style-src 'self' 'unsafe-inline'; img-src * data:",
  144.             ]);
  145.         } elseif ($type === 'params') {
  146.             try {
  147.                 $params $this->decodeJson($emailLog->getParams());
  148.             } catch (\Exception $e) {
  149.                 Logger::warning('Could not decode JSON param string');
  150.                 $params = [];
  151.             }
  152.             foreach ($params as &$entry) {
  153.                 $this->enhanceLoggingData($entry);
  154.             }
  156.             return $this->adminJson($params);
  157.         } elseif ($type === 'details') {
  158.             $data $emailLog->getObjectVars();
  160.             return $this->adminJson($data);
  161.         } else {
  162.             return new Response('No Type specified');
  163.         }
  164.     }
  166.     /**
  167.      * @param array $data
  168.      * @param array $fullEntry
  169.      */
  170.     protected function enhanceLoggingData(&$data, &$fullEntry null)
  171.     {
  172.         if (!empty($data['objectClass'])) {
  173.             $class '\\' ltrim($data['objectClass'], '\\');
  174.             $reflection = new \ReflectionClass($class);
  176.             if (!empty($data['objectId']) && $reflection->implementsInterface(ElementInterface::class)) {
  177.                 $obj $class::getById($data['objectId']);
  178.                 if (is_null($obj)) {
  179.                     $data['objectPath'] = '';
  180.                 } else {
  181.                     $data['objectPath'] = $obj->getRealFullPath();
  182.                 }
  183.                 //check for classmapping
  184.                 if (stristr($class'\\Pimcore\\Model') === false) {
  185.                     $niceClassName '\\' ltrim($reflection->getParentClass()->getName(), '\\');
  186.                 } else {
  187.                     $niceClassName $class;
  188.                 }
  189.                 $niceClassName str_replace('\\Pimcore\\Model\\'''$niceClassName);
  190.                 $niceClassName str_replace('_''\\'$niceClassName);
  192.                 $tmp explode('\\'$niceClassName);
  193.                 if (in_array($tmp[0], ['DataObject''Document''Asset'])) {
  194.                     $data['objectClassBase'] = $tmp[0];
  195.                     $data['objectClassSubType'] = $tmp[1];
  196.                 }
  197.             }
  198.         }
  200.         foreach ($data as &$value) {
  201.             if (is_array($value)) {
  202.                 $this->enhanceLoggingData($value$data);
  203.             }
  204.         }
  205.         if ($data['children'] ?? false) {
  206.             foreach ($data['children'] as $key => $entry) {
  207.                 if (is_string($key)) { //key must be integers
  208.                     unset($data['children'][$key]);
  209.                 }
  210.             }
  211.             $data['iconCls'] = 'pimcore_icon_folder';
  212.             $data['data'] = ['type' => 'simple''value' => 'Children (' count($data['children']) . ')'];
  213.         } else {
  214.             //setting the icon class
  215.             if (empty($data['iconCls'])) {
  216.                 if (($data['objectClassBase'] ?? '') == 'DataObject') {
  217.                     $fullEntry['iconCls'] = 'pimcore_icon_object';
  218.                 } elseif (($data['objectClassBase'] ?? '') == 'Asset') {
  219.                     switch ($data['objectClassSubType']) {
  220.                         case 'Image':
  221.                             $fullEntry['iconCls'] = 'pimcore_icon_image';
  223.                             break;
  224.                         case 'Video':
  225.                             $fullEntry['iconCls'] = 'pimcore_icon_wmv';
  227.                             break;
  228.                         case 'Text':
  229.                             $fullEntry['iconCls'] = 'pimcore_icon_txt';
  231.                             break;
  232.                         case 'Document':
  233.                             $fullEntry['iconCls'] = 'pimcore_icon_pdf';
  235.                             break;
  236.                         default:
  237.                             $fullEntry['iconCls'] = 'pimcore_icon_asset';
  238.                     }
  239.                 } elseif (strpos($data['objectClass'] ?? '''Document') === 0) {
  240.                     $fullEntry['iconCls'] = 'pimcore_icon_' strtolower($data['objectClassSubType']);
  241.                 } else {
  242.                     $data['iconCls'] = 'pimcore_icon_text';
  243.                 }
  244.             }
  246.             $data['leaf'] = true;
  247.         }
  248.     }
  250.     /**
  251.      * @Route("/delete-email-log", name="pimcore_admin_email_deleteemaillog", methods={"DELETE"})
  252.      *
  253.      * @param Request $request
  254.      *
  255.      * @return JsonResponse
  256.      *
  257.      * @throws \Exception
  258.      */
  259.     public function deleteEmailLogAction(Request $request)
  260.     {
  261.         if (!$this->getAdminUser()->isAllowed('emails')) {
  262.             throw $this->createAccessDeniedHttpException("Permission denied, user needs 'emails' permission.");
  263.         }
  265.         $success false;
  266.         $emailLog Tool\Email\Log::getById((int) $request->get('id'));
  267.         if ($emailLog instanceof Tool\Email\Log) {
  268.             $emailLog->delete();
  269.             $success true;
  270.         }
  272.         return $this->adminJson([
  273.             'success' => $success,
  274.         ]);
  275.     }
  277.     /**
  278.      * @Route("/resend-email", name="pimcore_admin_email_resendemail", methods={"POST"})
  279.      *
  280.      * @param Request $request
  281.      *
  282.      * @return JsonResponse
  283.      *
  284.      * @throws \Exception
  285.      */
  286.     public function resendEmailAction(Request $request)
  287.     {
  288.         if (!$this->getAdminUser()->isAllowed('emails')) {
  289.             throw $this->createAccessDeniedHttpException("Permission denied, user needs 'emails' permission.");
  290.         }
  292.         $success false;
  293.         $emailLog Tool\Email\Log::getById((int) $request->get('id'));
  295.         if ($emailLog instanceof Tool\Email\Log) {
  296.             $mail = new Mail();
  297.             $mail->preventDebugInformationAppending();
  298.             $mail->setIgnoreDebugMode(true);
  300.             if (!empty($request->get('to'))) {
  301.                 $emailLog->setTo(null);
  302.                 $emailLog->setCc(null);
  303.                 $emailLog->setBcc(null);
  304.             } else {
  305.                 $mail->disableLogging();
  306.             }
  308.             if ($html $emailLog->getHtmlLog()) {
  309.                 $mail->html($html);
  310.             }
  312.             if ($text $emailLog->getTextLog()) {
  313.                 $mail->text($text);
  314.             }
  316.             foreach (['From''To''Cc''Bcc''ReplyTo'] as $field) {
  317.                 if (!$values $request->get(strtolower($field))) {
  318.                     $getter 'get' $field;
  319.                     $values $emailLog->{$getter}();
  320.                 }
  322.                 $values \Pimcore\Helper\Mail::parseEmailAddressField($values);
  324.                 if (!empty($values)) {
  325.                     list($value) = $values;
  326.                     if ($value) {
  327.                         $prefix 'add';
  328.                         $mail->{$prefix $field}(new Address($value['email'], $value['name'] ?? ''));
  329.                     }
  330.                 }
  331.             }
  333.             $mail->subject($emailLog->getSubject());
  335.             // add document
  336.             if ($emailLog->getDocumentId()) {
  337.                 $mail->setDocument($emailLog->getDocumentId());
  338.             }
  340.             // re-add params
  341.             try {
  342.                 $params $this->decodeJson($emailLog->getParams());
  343.             } catch (\Exception $e) {
  344.                 Logger::warning('Could not decode JSON param string');
  345.                 $params = [];
  346.             }
  348.             foreach ($params as $entry) {
  349.                 $data null;
  350.                 $hasChildren = isset($entry['children']) && is_array($entry['children']);
  352.                 if ($hasChildren) {
  353.                     $childData = [];
  354.                     foreach ($entry['children'] as $childParam) {
  355.                         $childData[$childParam['key']] = $this->parseLoggingParamObject($childParam);
  356.                     }
  357.                     $data $childData;
  358.                 } else {
  359.                     $data $this->parseLoggingParamObject($entry);
  360.                 }
  362.                 $mail->setParam($entry['key'], $data);
  363.             }
  365.             $mail->send();
  366.             $success true;
  367.         }
  369.         return $this->adminJson([
  370.             'success' => $success,
  371.         ]);
  372.     }
  374.     /**
  375.      * @Route("/send-test-email", name="pimcore_admin_email_sendtestemail", methods={"POST"})
  376.      *
  377.      * @param Request $request
  378.      *
  379.      * @return JsonResponse
  380.      *
  381.      * @throws \Exception
  382.      */
  383.     public function sendTestEmailAction(Request $request)
  384.     {
  385.         if (!$this->getAdminUser()->isAllowed('emails')) {
  386.             throw new \Exception("Permission denied, user needs 'emails' permission.");
  387.         }
  389.         // Simulate a frontend request to prefix assets
  390.         $request->attributes->set(RequestHelper::ATTRIBUTE_FRONTEND_REQUESTtrue);
  392.         $mail = new Mail();
  394.         if ($request->get('emailType') == 'text') {
  395.             $mail->text($request->get('content'));
  396.         } elseif ($request->get('emailType') == 'html') {
  397.             $mail->html($request->get('content'));
  398.         } elseif ($request->get('emailType') == 'document') {
  399.             $doc \Pimcore\Model\Document::getByPath($request->get('documentPath'));
  401.             if ($doc instanceof \Pimcore\Model\Document\Email || $doc instanceof \Pimcore\Model\Document\Newsletter) {
  402.                 $mail->setDocument($doc);
  404.                 if ($request->get('mailParamaters')) {
  405.                     if ($mailParamsArray json_decode($request->get('mailParamaters'), true)) {
  406.                         foreach ($mailParamsArray as $mailParam) {
  407.                             if ($mailParam['key']) {
  408.                                 $mail->setParam($mailParam['key'], $mailParam['value']);
  409.                             }
  410.                         }
  411.                     }
  412.                 }
  413.             } else {
  414.                 throw new \Exception('Email document not found!');
  415.             }
  416.         }
  418.         if ($from $request->get('from')) {
  419.             $addressArray \Pimcore\Helper\Mail::parseEmailAddressField($from);
  420.             if ($addressArray) {
  421.                 //use the first address only
  422.                 list($cleanedFromAddress) = $addressArray;
  423.                 $mail->from(new Address($cleanedFromAddress['email'], $cleanedFromAddress['name'] ?? ''));
  424.             }
  425.         }
  427.         $toAddresses \Pimcore\Helper\Mail::parseEmailAddressField($request->get('to'));
  428.         foreach ($toAddresses as $cleanedToAddress) {
  429.             $mail->addTo($cleanedToAddress['email'], $cleanedToAddress['name'] ?? '');
  430.         }
  432.         $mail->subject($request->get('subject'));
  433.         $mail->setIgnoreDebugMode(true);
  435.         $mail->send();
  437.         return $this->adminJson([
  438.             'success' => true,
  439.         ]);
  440.     }
  442.     /**
  443.      * @Route("/blocklist", name="pimcore_admin_email_blocklist", methods={"POST"})
  444.      *
  445.      * @param Request $request
  446.      *
  447.      * @return JsonResponse
  448.      *
  449.      * @throws \Exception
  450.      */
  451.     public function blocklistAction(Request $request)
  452.     {
  453.         if (!$this->getAdminUser()->isAllowed('emails')) {
  454.             throw new \Exception("Permission denied, user needs 'emails' permission.");
  455.         }
  457.         if ($request->get('data')) {
  458.             $data $this->decodeJson($request->get('data'));
  460.             if (is_array($data)) {
  461.                 foreach ($data as $key => &$value) {
  462.                     if (is_string($value)) {
  463.                         if ($key === 'address') {
  464.                             $value filter_var($valueFILTER_SANITIZE_EMAIL);
  465.                         }
  467.                         $value trim($value);
  468.                     }
  469.                 }
  470.             }
  472.             if ($request->get('xaction') == 'destroy') {
  473.                 $address Tool\Email\Blocklist::getByAddress($data['address']);
  474.                 $address->delete();
  476.                 return $this->adminJson(['success' => true'data' => []]);
  477.             } elseif ($request->get('xaction') == 'update') {
  478.                 $address Tool\Email\Blocklist::getByAddress($data['address']);
  479.                 $address->setValues($data);
  480.                 $address->save();
  482.                 return $this->adminJson(['data' => $address->getObjectVars(), 'success' => true]);
  483.             } elseif ($request->get('xaction') == 'create') {
  484.                 unset($data['id']);
  486.                 $address = new Tool\Email\Blocklist();
  487.                 $address->setValues($data);
  488.                 $address->save();
  490.                 return $this->adminJson(['data' => $address->getObjectVars(), 'success' => true]);
  491.             }
  492.         } else {
  493.             // get list of routes
  495.             $list = new Tool\Email\Blocklist\Listing();
  497.             $list->setLimit($request->get('limit'));
  498.             $list->setOffset($request->get('start'));
  500.             $sortingSettings \Pimcore\Bundle\AdminBundle\Helper\QueryParams::extractSortingSettings($request->query->all());
  501.             if ($sortingSettings['orderKey']) {
  502.                 $orderKey $sortingSettings['orderKey'];
  503.             }
  504.             if ($sortingSettings['order']) {
  505.                 $order $sortingSettings['order'];
  506.             }
  508.             if ($request->get('filter')) {
  509.                 $list->setCondition('`address` LIKE ' $list->quote('%'.$request->get('filter').'%'));
  510.             }
  512.             $data $list->load();
  513.             $jsonData = [];
  514.             if (is_array($data)) {
  515.                 foreach ($data as $entry) {
  516.                     $jsonData[] = $entry->getObjectVars();
  517.                 }
  518.             }
  520.             return $this->adminJson([
  521.                 'success' => true,
  522.                 'data' => $jsonData,
  523.                 'total' => $list->getTotalCount(),
  524.             ]);
  525.         }
  527.         return $this->adminJson(['success' => false]);
  528.     }
  530.     /**
  531.      * @param array $params
  532.      *
  533.      * @return array
  534.      */
  535.     protected function parseLoggingParamObject($params)
  536.     {
  537.         $data null;
  538.         if ($params['data']['type'] === 'object') {
  539.             $class '\\' ltrim($params['data']['objectClass'], '\\');
  540.             $reflection = new \ReflectionClass($class);
  542.             if (!empty($params['data']['objectId']) && $reflection->implementsInterface(ElementInterface::class)) {
  543.                 $obj $class::getById($params['data']['objectId']);
  544.                 if (!is_null($obj)) {
  545.                     $data $obj;
  546.                 }
  547.             }
  548.         } else {
  549.             $data $params['data']['value'];
  550.         }
  552.         return $data;
  553.     }
  554. }