feat(config): Add CommandValidationExpression (#1735)

Author: rnwood

Rnwood.Smtp4dev/ApiModel/Server.cs

@@ -67,6 +67,7 @@ public class Server
 
         public string CurrentUserDefaultMailboxName { get; set; }
         public string HtmlValidateConfig { get; set; }
+        public string CommandValidationExpression { get; set; }
     }
 
 }

Rnwood.Smtp4dev/ClientApp/src/ApiClient/Server.ts

@@ -8,7 +8,7 @@ export default class Server {
 
     constructor(isRunning: boolean, exception: string, portNumber: number, hostName: string, allowRemoteConnections: boolean, numberOfMessagesToKeep: number, numberOfSessionsToKeep: number, imapPortNumber: number, settingsAreEditable: boolean, disableMessageSanitisation: boolean, automaticRelayExpression: string, tlsMode: string, credentialsValidationExpression: string,
         authenticationRequired: boolean,
-        secureConnectionRequired: boolean, recipientValidationExpression: string, messageValidationExpression: string, disableIPv6: string, users: User[],
+        secureConnectionRequired: boolean, recipientValidationExpression: string, messageValidationExpression: string, commandValidationExpression: string, disableIPv6: string, users: User[],
         relayTlsMode: string | undefined,
         relaySmtpServer: string,
         relaySmtpPort: number,
@@ -47,6 +47,7 @@ export default class Server {
         this.secureConnectionRequired = secureConnectionRequired;
         this.recipientValidationExpression = recipientValidationExpression;
         this.messageValidationExpression = messageValidationExpression;
+        this.commandValidationExpression = commandValidationExpression;
         this.disableIPv6 = disableIPv6;
         this.users = users;
         this.relayTlsMode = relayTlsMode;
@@ -88,6 +89,7 @@ export default class Server {
     secureConnectionRequired: boolean;
     recipientValidationExpression: string;
     messageValidationExpression: string;
+    commandValidationExpression: string;
     disableIPv6: string;
     users: User[];
     relayTlsMode: string | undefined;

Rnwood.Smtp4dev/ClientApp/src/components/settingsdialog.vue

@@ -152,6 +152,14 @@
                                 </template>
                             </el-input>
                         </el-form-item>
+
+                        <el-form-item label="Command validation expression (see comments in appsettings.json)" prop="server.commandValidationExpression">
+                            <el-input v-model="server.commandValidationExpression" :disabled="server.lockedSettings.commandValidationExpression">
+                                <template #prefix>
+                                    <el-icon v-if="server.lockedSettings.commandValidationExpression" :title="`Locked: ${server.lockedSettings.commandValidationExpression}`"><Lock /></el-icon>
+                                </template>
+                            </el-input>
+                        </el-form-item>
                     </el-tab-pane>
 
 

Rnwood.Smtp4dev/Controllers/ServerController.cs

@@ -102,6 +102,7 @@ public ApiModel.Server GetServer()
                 CredentialsValidationExpression = serverOptionsCurrentValue.CredentialsValidationExpression,
                 RecipientValidationExpression = serverOptionsCurrentValue.RecipientValidationExpression,
                 MessageValidationExpression = serverOptionsCurrentValue.MessageValidationExpression,
+                CommandValidationExpression = serverOptionsCurrentValue.CommandValidationExpression,
                 DisableIPv6 = serverOptionsCurrentValue.DisableIPv6,
                 WebAuthenticationRequired = serverOptionsCurrentValue.WebAuthenticationRequired,
                 DeliverMessagesToUsersDefaultMailbox = serverOptionsCurrentValue.DeliverMessagesToUsersDefaultMailbox,
@@ -263,6 +264,7 @@ public ActionResult UpdateServer(ApiModel.Server serverUpdate)
             newSettings.SecureConnectionRequired = serverUpdate.SecureConnectionRequired != defaultSettingsFile.ServerOptions.SecureConnectionRequired ? serverUpdate.SecureConnectionRequired : null;
             newSettings.CredentialsValidationExpression = serverUpdate.CredentialsValidationExpression != defaultSettingsFile.ServerOptions.CredentialsValidationExpression ? serverUpdate.CredentialsValidationExpression : null;
             newSettings.RecipientValidationExpression = serverUpdate.RecipientValidationExpression != defaultSettingsFile.ServerOptions.RecipientValidationExpression ? serverUpdate.RecipientValidationExpression : null;
+            newSettings.CommandValidationExpression = serverUpdate.CommandValidationExpression != defaultSettingsFile.ServerOptions.CommandValidationExpression ? serverUpdate.CommandValidationExpression : null;
             newSettings.MessageValidationExpression = serverUpdate.MessageValidationExpression != defaultSettingsFile.ServerOptions.MessageValidationExpression ? serverUpdate.MessageValidationExpression : null;
             newSettings.DisableIPv6 = serverUpdate.DisableIPv6 != defaultSettingsFile.ServerOptions.DisableIPv6 ? serverUpdate.DisableIPv6 : null;
             newSettings.Users = serverUpdate.Users != defaultSettingsFile.ServerOptions.Users ? serverUpdate.Users : null;

Rnwood.Smtp4dev/Properties/launchSettings.json

@@ -7,7 +7,7 @@
       "environmentVariables": {
         "ASPNETCORE_ENVIRONMENT": "Development",
         "SERVEROPTIONS__URLS": "http://*:5005"
-      }
+      },
       "applicationUrl": "http://localhost:5005/"
     }
   },

Rnwood.Smtp4dev/Server/ScriptingHost.cs

@@ -81,19 +81,27 @@ private void ParseScripts(RelayOptions relayOptionsCurrentValue, Settings.Server
             ref recipValidationSource);
         ParseScript("MessageValidationExpression", serverOptionsCurrentValue.MessageValidationExpression, ref messageValidationScript,
             ref messageValidationSource);
+        ParseScript("CommandValidationExpression", serverOptionsCurrentValue.CommandValidationExpression, ref commandValidationScript,
+    ref commandValidationSource);
     }
 
     private string shouldRelaySource;
     private Script shouldRelayScript;
+    
     private string credValidationSource;
     private Script credValidationScript;
+    
     private string recipValidationSource;
     private Script recipValidationScript;
 
     private string messageValidationSource;
     private Script messageValidationScript;
 
+    private string commandValidationSource;
+    private Script commandValidationScript;
+
     public bool HasValidateMessageExpression { get => this.messageValidationScript != null; }
+    public bool HasValidateCommandExpression { get => this.commandValidationScript != null; }
 
     private void AddStandardApi(Engine jsEngine, IConnection connection)
     {
@@ -273,6 +281,67 @@ public bool ValidateRecipient(ApiModel.Session session, string recipient, IConne
         }
     }
 
+    internal SmtpResponse ValidateCommand(SmtpCommand command, ApiModel.Session session, IConnection connection)
+    {
+        if (commandValidationScript == null)
+        {
+            return null;
+        }
+
+        Engine jsEngine = CreateEngineWithStandardApi(connection);
+
+        jsEngine.SetValue("command", command);
+        jsEngine.SetValue("session", session);
+
+        try
+        {
+            JsValue result = jsEngine.Evaluate(commandValidationScript);
+
+            SmtpResponse response;
+
+            if (result.IsNull() || result.IsUndefined())
+            {
+                response = null;
+            }
+            else if (result.IsNumber())
+            {
+                response = new SmtpResponse((int)result.AsNumber(), "Command rejected by CommandValidationExpression");
+            }
+            else if (result.IsString())
+            {
+                response = new SmtpResponse(StandardSmtpResponseCode.TransactionFailed, result.AsString());
+            }
+            else
+            {
+                response = result.AsBoolean() ? null : new SmtpResponse(StandardSmtpResponseCode.TransactionFailed, "Message rejected by CommandValidationExpression");
+            }
+
+            log.Information("CommandValidationExpression: (command: {command}, session: {session.Id}) => {result} => {success}", command,
+                session.Id, result, response?.Code.ToString() ?? "Success");
+
+            return response;
+
+        }
+        catch (ConnectionUnexpectedlyClosedException)
+        {
+            throw;
+        }
+        catch (SmtpServerException ex)
+        {
+            return ex.SmtpResponse;
+        }
+        catch (JavaScriptException ex)
+        {
+            log.Error("Error executing CommandValidationExpression : {error}", ex.Error);
+            return new SmtpResponse(StandardSmtpResponseCode.TransactionFailed, "CommandValidationExpression failed");
+        }
+        catch (Exception ex)
+        {
+            log.Error("Error executing CommandValidationExpression : {error}", ex.ToString());
+            return new SmtpResponse(StandardSmtpResponseCode.TransactionFailed, "CommandValidationExpression failed");
+        }
+    }
+
     internal SmtpResponse ValidateMessage(ApiModel.Message message, ApiModel.Session session, IConnection connection)
     {
         if (messageValidationScript == null)

Rnwood.Smtp4dev/Server/Settings/ServerOptions.cs

@@ -55,6 +55,8 @@ public record ServerOptions
         public string RecipientValidationExpression { get; set; }
 
         public string MessageValidationExpression { get; set; }
+
+        public string CommandValidationExpression { get; set; }
         public bool DisableIPv6 { get; set; } = false;
 
         public UserOptions[] Users { get; set; } = [];

Rnwood.Smtp4dev/Server/Settings/ServerOptionsSource.cs

@@ -47,8 +47,8 @@ public record ServerOptionsSource
         public bool? SmtpAllowAnyCredentials { get; set; }
         public bool? SecureConnectionRequired { get; set; }
         public string RecipientValidationExpression { get; set; }
-
         public string MessageValidationExpression { get; set; }
+        public string CommandValidationExpression { get; set; }
         public bool? DisableIPv6 { get; set; }
 
         public UserOptions[] Users { get; set; }

Rnwood.Smtp4dev/Server/Smtp4devServer.cs

@@ -109,6 +109,30 @@ private void CreateSmtpServer()
             ((SmtpServer.ServerOptions)this.smtpServer.Options).MessageStartEventHandler += OnMessageStart;
 
             ((SmtpServer.ServerOptions)this.smtpServer.Options).MessageRecipientAddingEventHandler += OnMessageRecipientAddingEventHandler;
+            ((SmtpServer.ServerOptions)this.smtpServer.Options).CommandReceivedEventHandler += OnCommandReceived;
+        }
+
+        private Task OnCommandReceived(object sender, CommandEventArgs e)
+        {
+            if (!scriptingHost.HasValidateCommandExpression)
+            {
+                return Task.CompletedTask;
+            }
+
+            using var scope = serviceScopeFactory.CreateScope();
+            Smtp4devDbContext dbContext = scope.ServiceProvider.GetService<Smtp4devDbContext>();
+            Session dbSession = dbContext.Sessions.Find(activeSessionsToDbId[e.Connection.Session]);
+
+            var apiSession = new ApiModel.Session(dbSession);
+
+            var errorResponse = scriptingHost.ValidateCommand(e.Command, apiSession, e.Connection);
+
+            if (errorResponse != null)
+            {
+                throw new SmtpServerException(errorResponse);
+            }
+
+            return Task.CompletedTask;
         }
 
         private Task OnMessageRecipientAddingEventHandler(object sender, RecipientAddingEventArgs e)

Rnwood.Smtp4dev/appsettings.json

@@ -140,6 +140,7 @@
     // The return value is a boolean value where true will accept the credentials.
     // The variable `credentials` refers to the credentials that were presented. See:
     // https://github.com/rnwood/smtpserver/tree/master/Rnwood.SmtpServer/Extensions/Auth
+    // A standard API is available. See the top of this file.
     //
     // Examples:
     // credentials.Type == 'USERNAME_PASSWORD' && credentials.username == 'rob' && credentials.password == 'pass'
@@ -150,6 +151,7 @@
     // The variable 'recipient' refers to the current recipient (one call per recipient)
     // The variable `session` refers to the the current session:
     // For available properties see https://github.com/rnwood/smtp4dev/blob/master/Rnwood.Smtp4dev/ApiModel/Session.cs
+    // A standard API is available. See the top of this file.
     //
     // Examples
     // recipient == "foo@bar.com"
@@ -166,6 +168,7 @@
     // For available properties see https://github.com/rnwood/smtp4dev/blob/master/Rnwood.Smtp4dev/ApiModel/Message.cs
     // The variable `session` refers to the the current session:
     // For available properties see https://github.com/rnwood/smtp4dev/blob/master/Rnwood.Smtp4dev/ApiModel/Session.cs
+    // A standard API is available. See the top of this file.
     //
     // Examples
     // !message.subject.includes("19")
@@ -174,6 +177,24 @@
     // - Rejects messages that include 19 with a 441, otherwise accepts
     "MessageValidationExpression": "",
 
+    //A JavaScript expression used to validate commands and allowing you to change the response.
+    //The return value is a boolean value where true will accept the command.
+    //If the return value is a number it will be used as response code
+    //If the return value is a string, it will be used as an error response message
+    // The variable 'command' refers to the current command:
+    // For available properties, see https://github.com/rnwood/smtp4dev/blob/master/smtpserver/Rnwood.SmtpServer/SmtpCommand.cs
+    // The variable `session` refers to the the current session:
+    // For available properties see https://github.com/rnwood/smtp4dev/blob/master/Rnwood.Smtp4dev/ApiModel/Session.cs
+    // A standard API is available. See the top of this file.
+    //
+    // Examples
+    // command.Verb == "HELO" && command.ArgumentsText == "rob"
+    // - Rejects "HELO rob"
+    // command.Verb == "HELO" && command.ArgumentsText == "rob" ? error(123, "Rob is not welcome here") : null
+    // - Rejects "HELO rob" with a custom error
+    // 
+    "CommandValidationExpression": "",
+
     //True if web interface and API will need BASIC auth.
     //See 'Users'
     "WebAuthenticationRequired": false,

smtpserver/Rnwood.SmtpServer.Tests/CommandEventArgsTests.cs

@@ -18,7 +18,7 @@ public class CommandEventArgsTests
     public void Command()
     {
         SmtpCommand command = new SmtpCommand("BLAH");
-        CommandEventArgs args = new CommandEventArgs(command);
+        CommandEventArgs args = new CommandEventArgs(command, null,null);
 
         Assert.Same(command, args.Command);
     }

smtpserver/Rnwood.SmtpServer/CommandEventArgs.cs

@@ -16,10 +16,19 @@ public class CommandEventArgs : EventArgs
     ///     Initializes a new instance of the <see cref="CommandEventArgs" /> class.
     /// </summary>
     /// <param name="command">The command<see cref="SmtpCommand" />.</param>
-    public CommandEventArgs(SmtpCommand command) => Command = command;
+    public CommandEventArgs(SmtpCommand command, ISession session, IConnection connection)
+    {
+        this.Command = command;
+        this.Session = session;
+        this.Connection = connection;
+    }
 
     /// <summary>
     ///     Gets the Command.
     /// </summary>
     public SmtpCommand Command { get; private set; }
+
+    public ISession Session { get; private set; }
+
+    public IConnection Connection { get; private set; }
 }

smtpserver/Rnwood.SmtpServer/Connection.cs

@@ -242,38 +242,45 @@ private async Task ReadAndProcessNextCommand()
     {
         bool badCommand = false;
         SmtpCommand command = new SmtpCommand(await ReadLine().ConfigureAwait(false));
-        await Server.Options.OnCommandReceived(this, command).ConfigureAwait(false);
 
-        if (command.IsValid)
-        {
-            badCommand = !await TryProcessCommand(command).ConfigureAwait(false);
-        }
-        else if (!command.IsEmpty)
+        try
         {
-            badCommand = true;
-        }
+            await Server.Options.OnCommandReceived(this, command).ConfigureAwait(false);
 
-        if (badCommand)
-        {
-            await Session.IncrementBadCommandCounter().ConfigureAwait(false);
+            if (command.IsValid)
+            {
+                badCommand = !await TryProcessCommand(command).ConfigureAwait(false);
+            }
+            else if (!command.IsEmpty)
+            {
+                badCommand = true;
+            }
 
-            if (Server.Options.MaximumNumberOfSequentialBadCommands > 0 &&
-                Session.NumberOfBadCommandsInARow >= Server.Options.MaximumNumberOfSequentialBadCommands)
+            if (badCommand)
             {
-                await WriteResponse(new SmtpResponse(StandardSmtpResponseCode.ClosingTransmissionChannel,
-                    "Too many bad commands. Bye!")).ConfigureAwait(false);
-                await CloseConnection().ConfigureAwait(false);
+                await Session.IncrementBadCommandCounter().ConfigureAwait(false);
+
+                if (Server.Options.MaximumNumberOfSequentialBadCommands > 0 &&
+                    Session.NumberOfBadCommandsInARow >= Server.Options.MaximumNumberOfSequentialBadCommands)
+                {
+                    await WriteResponse(new SmtpResponse(StandardSmtpResponseCode.ClosingTransmissionChannel,
+                        "Too many bad commands. Bye!")).ConfigureAwait(false);
+                    await CloseConnection().ConfigureAwait(false);
+                }
+                else
+                {
+                    await WriteResponse(new SmtpResponse(
+                        StandardSmtpResponseCode.SyntaxErrorCommandUnrecognised,
+                        "Command unrecognised")).ConfigureAwait(false);
+                }
             }
             else
             {
-                await WriteResponse(new SmtpResponse(
-                    StandardSmtpResponseCode.SyntaxErrorCommandUnrecognised,
-                    "Command unrecognised")).ConfigureAwait(false);
+                await Session.ResetBadCommandCounter().ConfigureAwait(false);
             }
-        }
-        else
+        } catch (SmtpServerException e)
         {
-            await Session.ResetBadCommandCounter().ConfigureAwait(false);
+            await WriteResponse(e.SmtpResponse);
         }
     }
 

smtpserver/Rnwood.SmtpServer/ServerOptions.cs

@@ -170,7 +170,7 @@ public virtual Task<bool> IsAuthMechanismEnabled(IConnection connection, IAuthMe
 
     /// <inheritdoc />
     public virtual Task OnCommandReceived(IConnection connection, SmtpCommand command) =>
-        CommandReceivedEventHandler?.Invoke(this, new CommandEventArgs(command)) ?? Task.CompletedTask;
+        CommandReceivedEventHandler?.Invoke(this, new CommandEventArgs(command, connection.Session, connection)) ?? Task.CompletedTask;
 
     /// <inheritdoc />
     public virtual Task<IMessageBuilder> OnCreateNewMessage(IConnection connection) =>