From 33538cd99b17e9ddcee21adec2472d65cb104893 Mon Sep 17 00:00:00 2001 From: Brad Stein Date: Sun, 18 Jan 2026 00:47:13 -0300 Subject: [PATCH] portal: gate mailu and internalize service emails --- backend/atlas_portal/provisioning.py | 21 ++++++++++++++++++--- backend/atlas_portal/routes/account.py | 6 +++--- 2 files changed, 21 insertions(+), 6 deletions(-) diff --git a/backend/atlas_portal/provisioning.py b/backend/atlas_portal/provisioning.py index cff0950..f3cd994 100644 --- a/backend/atlas_portal/provisioning.py +++ b/backend/atlas_portal/provisioning.py @@ -19,6 +19,7 @@ from .wger_user_sync import trigger as trigger_wger_user_sync MAILU_EMAIL_ATTR = "mailu_email" MAILU_APP_PASSWORD_ATTR = "mailu_app_password" +MAILU_ENABLED_ATTR = "mailu_enabled" WGER_PASSWORD_ATTR = "wger_password" WGER_PASSWORD_UPDATED_ATTR = "wger_password_updated_at" FIREFLY_PASSWORD_ATTR = "firefly_password" @@ -226,7 +227,10 @@ def provision_access_request(request_code: str) -> ProvisionResult: "email": email, "emailVerified": True, "requiredActions": required_actions, - "attributes": {MAILU_EMAIL_ATTR: [mailu_email]}, + "attributes": { + MAILU_EMAIL_ATTR: [mailu_email], + MAILU_ENABLED_ATTR: ["true"], + }, } created_id = admin_client().create_user(payload) user = admin_client().get_user(created_id) @@ -258,6 +262,17 @@ def provision_access_request(request_code: str) -> ProvisionResult: else: mailu_email = f"{username}@{settings.MAILU_DOMAIN}" admin_client().set_user_attribute(username, MAILU_EMAIL_ATTR, mailu_email) + try: + raw_enabled = attrs.get(MAILU_ENABLED_ATTR) if isinstance(attrs, dict) else None + enabled_value = "" + if isinstance(raw_enabled, list) and raw_enabled: + enabled_value = str(raw_enabled[0]).strip() + elif isinstance(raw_enabled, str): + enabled_value = raw_enabled.strip() + if enabled_value.lower() not in {"1", "true", "yes", "y", "on"}: + admin_client().set_user_attribute(username, MAILU_ENABLED_ATTR, "true") + except Exception: + pass except Exception: mailu_email = f"{username}@{settings.MAILU_DOMAIN}" @@ -391,7 +406,7 @@ def provision_access_request(request_code: str) -> ProvisionResult: wger_password = random_password(20) admin_client().set_user_attribute(username, WGER_PASSWORD_ATTR, wger_password) - wger_email = mailu_email or contact_email or f"{username}@{settings.MAILU_DOMAIN}" + wger_email = mailu_email or f"{username}@{settings.MAILU_DOMAIN}" if not wger_password_updated_at: result = trigger_wger_user_sync(username, wger_email, wger_password, wait=True) @@ -431,7 +446,7 @@ def provision_access_request(request_code: str) -> ProvisionResult: firefly_password = random_password(24) admin_client().set_user_attribute(username, FIREFLY_PASSWORD_ATTR, firefly_password) - firefly_email = mailu_email or contact_email or f"{username}@{settings.MAILU_DOMAIN}" + firefly_email = mailu_email or f"{username}@{settings.MAILU_DOMAIN}" if not firefly_password_updated_at: result = trigger_firefly_user_sync(username, firefly_email, firefly_password, wait=True) diff --git a/backend/atlas_portal/routes/account.py b/backend/atlas_portal/routes/account.py index bb2d084..98a80a8 100644 --- a/backend/atlas_portal/routes/account.py +++ b/backend/atlas_portal/routes/account.py @@ -236,7 +236,7 @@ def register(app) -> None: jellyfin_sync_detail = "unavailable" mailu_username = mailu_email or (f"{username}@{settings.MAILU_DOMAIN}" if username else "") - firefly_username = mailu_email or keycloak_email or username + firefly_username = mailu_username vaultwarden_username = vaultwarden_email or mailu_username if not mailu_app_password and mailu_status == "ready": @@ -391,7 +391,7 @@ def register(app) -> None: except Exception: pass - email = mailu_email or keycloak_email or f"{username}@{settings.MAILU_DOMAIN}" + email = mailu_email or f"{username}@{settings.MAILU_DOMAIN}" password = random_password() try: @@ -442,7 +442,7 @@ def register(app) -> None: except Exception: pass - email = mailu_email or keycloak_email or f"{username}@{settings.MAILU_DOMAIN}" + email = mailu_email or f"{username}@{settings.MAILU_DOMAIN}" password = random_password(24) try: