Added google post master tools #12

catalyst · Jan 15, 2024 · 65bc01e · 65bc01e
1 parent dcfda72
commit 65bc01e
Show file tree

Hide file tree

Showing 5 changed files with 147 additions and 9 deletions.
diff --git a/classes/check/dnspostmastertools.php b/classes/check/dnspostmastertools.php
@@ -0,0 +1,107 @@
+<?php
+// This file is part of Moodle - http://moodle.org/
+//
+// Moodle is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// Moodle is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
+/**
+ * DNS Email post master tools
+ *
+ * @package    tool_emailutils
+ * @author     Brendan Heywood <[email protected]>
+ * @copyright  Catalyst IT 2024
+ * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
+ *
+ */
+
+namespace tool_emailutils\check;
+use core\check\check;
+use core\check\result;
+use tool_emailutils\dns_util;
+
+/**
+ * DNS Post master tools
+ *
+ * @package    tool_emailutils
+ * @author     Brendan Heywood <[email protected]>
+ * @copyright  Catalyst IT 2024
+ * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
+ */
+class dnspostmastertools extends check {
+
+    /**
+     * A link to a place to action this
+     *
+     * @return \action_link|null
+     */
+    public function get_action_link(): ?\action_link {
+        return new \action_link(
+            new \moodle_url('/admin/settings.php?section=tool_emailutils_dns'),
+            get_string('postmastertools', 'tool_emailutils'));
+    }
+
+    /**
+     * Get Result.
+     *
+     * @return result
+     */
+    public function get_result() : result {
+        global $DB, $CFG;
+
+        $url = new \moodle_url($CFG->wwwroot);
+        $domain = $url->get_host();
+
+        $details = '<table class="admintable generaltable table-sm w-auto">';
+        $details .= '<tr><th>Vendor</th><th>Token</th><th>Confirmed</th><th>Url</th></tr>';
+        $status = result::INFO;
+        $summary = '';
+
+        $dns = new dns_util();
+
+        $noreply = $dns->get_noreply();
+        $details .= "<p>No reply email: <code>$noreply</code></p>";
+
+        $noreplydomain = $dns->get_noreply_domain();
+
+        // Later intend to support other email providers.
+        $vendors = ['google'];
+        $vendornames = join(', ', $vendors);
+        $summary = "Post master tools setup for $vendornames ";
+
+        $status = result::INFO;
+
+        foreach ($vendors as $vendor) {
+
+            $token = get_config('tool_emailutils', 'postmaster' . $vendor . 'token');
+            $record = $dns->get_matching_dns_record($noreplydomain, $token);
+
+            if (empty($token)) {
+                $summary = "Post master tools not setup with $vendor";
+                $status = result::WARNING;
+                $confirmed = 'N/A';
+            } else if (empty($record)) {
+                $confirmed = 'No';
+                $details .= "<p>$token was not found in TXT records</p>";
+                $status = result::ERROR;
+                $summary = "Post master tools not verified with $vendor";
+            } else {
+                $confirmed = 'Yes';
+                $status = result::OK;
+            }
+            $details .= "<tr><td>$vendor</td><td>$token</td><td>$confirmed</td></tr>";
+        }
+        $details .= '</table>';
+
+        return new result($status, $summary, $details);
+    }
+
+}
diff --git a/classes/dns_util.php b/classes/dns_util.php
@@ -187,5 +187,23 @@ public function get_mx_record($domain) {
         });
         return $records;
     }
+
+    /**
+     * Get matching record contents
+     * @return string txt record
+     */
+    public function get_matching_dns_record($domain, $match) {
+
+        $records = @dns_get_record($domain, DNS_TXT);
+        if (empty($records)) {
+            return '';
+        }
+        foreach ($records as $record) {
+            if ($record['txt'] == $match) {
+                return $match;
+            }
+        }
+        return '';
+    }
 }
 
diff --git a/lang/en/tool_emailutils.php b/lang/en/tool_emailutils.php
@@ -34,6 +34,7 @@
 $string['checkdnsspf'] = 'DNS Email SPF check';
 $string['checkdnsdkim'] = 'DNS Email DKIM check';
 $string['checkdnsdmarc'] = 'DNS Email DMARC check';
+$string['checkdnspostmastertools'] = 'Check Post master tools';
 $string['dkimmanagerhelp'] = '<p>This shows all DKIM key pairs / selectors available for email signing, including those made by this admin tool or put in place by external tools such as open-dkim. For most systems this is the end to end setup:</p>
 <ol>
 <li>First decide and set the <code>$CFG->noreply</code> email as the domain of the reply email is tied to the signing.
@@ -63,27 +64,30 @@
 $string['not_implemented'] = 'Not implemented yet. Search the user report for emails ending with ".b.invalid" and ".c.invalid".';
 $string['password'] = 'Password';
 $string['password_help'] = 'HTTP Basic Auth Password - Leave empty if you\'re not changing the password';
+$string['pluginname'] = 'Email utilities';
+$string['postmastertools'] = 'Post master tools';
+$string['postmastergoogletoken'] = 'Post master tools google-site-verification';
+$string['postmastergoogletoken_help'] = 'This is the entire TXT DNS record and looks similar to <code>google-site-verification=abcdef123456789abcdef</code>';
 $string['privacy:metadata:tool_emailutils_list'] = 'Information.';
-$string['privacy:metadata:tool_emailutils_list:userid'] = 'The ID of the user.';
 $string['privacy:metadata:tool_emailutils_list:updatedid'] = 'The ID of updated user.';
-$string['pluginname'] = 'Email utilities';
+$string['privacy:metadata:tool_emailutils_list:userid'] = 'The ID of the user.';
 $string['resetbounces'] = 'Reset the number of bounces';
-$string['sendcount'] = 'Send count';
 $string['selectoractive'] = 'Active selector';
+$string['sendcount'] = 'Send count';
 $string['selectoractivate'] = 'Activate key pair';
-$string['selectoractivated'] = 'Selector was activated';
 $string['selectoractivateconfirm'] = 'This will set $CFG->emaildkimselector to this selector and it will be used for signing outgoing emails.';
+$string['selectoractivated'] = 'Selector was activated';
 $string['selectorcreate'] = 'Create a new domain:selector certificate pair';
-$string['selectorcreatesubmit'] = 'Create new selector';
 $string['selectorcreated'] = 'A new certificate pair has been created';
-$string['selectordefault'] = '%Y-%m';
+$string['selectorcreatesubmit'] = 'Create new selector';
 $string['selectordeactivate'] = 'Deactivate key pair';
-$string['selectordeactivated'] = 'Email signing has been turned off';
 $string['selectordeactivateconfirm'] = 'This will unset $CFG->emaildkimselector so emails will no longer be signed.';
-$string['selectormissing'] = 'No DKIM selector certificates found';
+$string['selectordeactivated'] = 'Email signing has been turned off';
+$string['selectordefault'] = '%Y-%m';
 $string['selectordelete'] = 'Delete key pair';
-$string['selectordeleted'] = 'Key pair has been deleted';
 $string['selectordeleteconfirm'] = 'This will permanently delete this selector\'s private and public keys and is irreversable.';
+$string['selectordeleted'] = 'Key pair has been deleted';
+$string['selectormissing'] = 'No DKIM selector certificates found';
 $string['settings'] = 'AWS SES settings';
 $string['username'] = 'Username';
 $string['username_help'] = 'HTTP Basic Auth Username';
diff --git a/lib.php b/lib.php
@@ -46,6 +46,7 @@ function tool_emailutils_security_checks() {
         new \tool_emailutils\check\dnsdkim(),
         new \tool_emailutils\check\dnsdmarc(),
         new \tool_emailutils\check\dnsmx(),
+        new \tool_emailutils\check\dnspostmastertools(),
     ];
 }
 
diff --git a/settings.php b/settings.php
@@ -55,6 +55,14 @@
         new lang_string('dnsspfinclude_help', 'tool_emailutils'),
         '')
     );
+
+    $settings->add(new admin_setting_configtext(
+        'tool_emailutils/postmastergoogletoken',
+        new lang_string('postmastergoogletoken', 'tool_emailutils'),
+        new lang_string('postmastergoogletoken_help', 'tool_emailutils'),
+        '', PARAM_RAW, 70)
+    );
+
     $ADMIN->add('tool_emailutils', $settings);
 
     // Plugin Settings Page.