server: rework dmarc parsing to use askama

2025-08-11 14:53:12 -07:00
parent 638e94b4ae
commit c8850404b8
7 changed files with 418 additions and 191 deletions
--- a/server/src/error.rs
+++ b/server/src/error.rs
@@ -39,4 +39,6 @@ pub enum ServerError {
    QueryParseError(#[from] QueryParserError),
    #[error("impossible: {0}")]
    InfaillibleError(#[from] Infallible),
+    #[error("askama error: {0}")]
+    AskamaError(#[from] askama::Error),
 }
--- a/server/src/nm.rs
+++ b/server/src/nm.rs
@@ -4,6 +4,8 @@ use std::{
    io::Cursor,
 };

+use askama::Template;
+use chrono::{TimeZone, Utc};
 use letterbox_notmuch::Notmuch;
 use letterbox_shared::{compute_color, Rule};
 use mailparse::{parse_content_type, parse_mail, MailHeader, MailHeaderMap, ParsedMail};
@@ -471,7 +473,9 @@ fn extract_zip(m: &ParsedMail) -> Result<Body, ServerError> {
                    let name = file.name().to_lowercase();
                    // Google DMARC reports are typically named like "google.com!example.com!...xml"
                    // and may or may not contain "dmarc" in the filename.
-                    if name.ends_with(".xml") && (name.contains("dmarc") || name.starts_with("google.com!")) {
+                    if name.ends_with(".xml")
+                        && (name.contains("dmarc") || name.starts_with("google.com!"))
+                    {
                        let mut xml = String::new();
                        use std::io::Read;
                        if file.read_to_string(&mut xml).is_ok() {
@@ -1175,194 +1179,265 @@ fn find_tags<'a, 'b>(rules: &'a [Rule], headers: &'b [MailHeader]) -> (bool, Has
 }

 // Add this helper function to parse the DMARC XML and summarize it.
-fn parse_dmarc_report(xml: &str) -> Result<String, ServerError> {
-    #[derive(Debug, serde::Deserialize)]
-    struct Feedback {
-        report_metadata: Option<ReportMetadata>,
-        policy_published: Option<PolicyPublished>,
-        record: Option<Vec<Record>>,
-    }
-    #[derive(Debug, serde::Deserialize)]
-    struct ReportMetadata {
-        org_name: Option<String>,
-        email: Option<String>,
-        report_id: Option<String>,
-        date_range: Option<DateRange>,
-    }
-    #[derive(Debug, serde::Deserialize)]
-    struct DateRange {
-        begin: Option<u64>,
-        end: Option<u64>,
-    }
-    #[derive(Debug, serde::Deserialize)]
-    struct PolicyPublished {
-        domain: Option<String>,
-        adkim: Option<String>,
-        aspf: Option<String>,
-        p: Option<String>,
-        sp: Option<String>,
-        pct: Option<String>,
-    }
-    #[derive(Debug, serde::Deserialize)]
-    struct Record {
-        row: Option<Row>,
-        identifiers: Option<Identifiers>,
-        auth_results: Option<AuthResults>,
-    }
-    #[derive(Debug, serde::Deserialize)]
-    struct Row {
-        source_ip: Option<String>,
-        count: Option<u64>,
-        policy_evaluated: Option<PolicyEvaluated>,
-    }
-    #[derive(Debug, serde::Deserialize)]
-    struct PolicyEvaluated {
-        disposition: Option<String>,
-        dkim: Option<String>,
-        spf: Option<String>,
-        reason: Option<Vec<Reason>>,
-    }
-    #[derive(Debug, serde::Deserialize)]
-    struct Reason {
-        #[serde(rename = "type")]
-        reason_type: Option<String>,
-        comment: Option<String>,
-    }
-    #[derive(Debug, serde::Deserialize)]
-    struct Identifiers {
-        header_from: Option<String>,
-    }
-    #[derive(Debug, serde::Deserialize)]
-    struct AuthResults {
-        dkim: Option<Vec<AuthDKIM>>,
-        spf: Option<Vec<AuthSPF>>,
-    }
-    #[derive(Debug, serde::Deserialize)]
-    struct AuthDKIM {
-        domain: Option<String>,
-        result: Option<String>,
-        selector: Option<String>,
-    }
-    #[derive(Debug, serde::Deserialize)]
-    struct AuthSPF {
-        domain: Option<String>,
-        result: Option<String>,
-        scope: Option<String>,
-    }
-
-    let feedback: Feedback = xml_from_str(xml)
-        .map_err(|e| ServerError::StringError(format!("DMARC XML parse error: {e}")))?;
-    let mut summary = String::new();
-    if let Some(meta) = feedback.report_metadata {
-        if let Some(org) = meta.org_name {
-            summary += &format!("<b>Reporter:</b> {}<br>", org);
-        }
-        if let Some(email) = meta.email {
-            summary += &format!("<b>Contact:</b> {}<br>", email);
-        }
-        if let Some(rid) = meta.report_id {
-            summary += &format!("<b>Report ID:</b> {}<br>", rid);
-        }
-        if let Some(dr) = meta.date_range {
-            if let (Some(begin), Some(end)) = (dr.begin, dr.end) {
-                use chrono::{NaiveDateTime, TimeZone, Utc};
-                let begin_dt = Utc.timestamp_opt(begin as i64, 0).single();
-                let end_dt = Utc.timestamp_opt(end as i64, 0).single();
-                summary += &format!("<b>Date range:</b> {} to {}<br>",
-                    begin_dt.map(|d| d.format("%Y-%m-%d").to_string()).unwrap_or(begin.to_string()),
-                    end_dt.map(|d| d.format("%Y-%m-%d").to_string()).unwrap_or(end.to_string())
-                );
-            }
-        }
-    }
-    if let Some(pol) = feedback.policy_published {
-        summary += "<b>Policy Published:</b><ul>";
-        if let Some(domain) = pol.domain {
-            summary += &format!("<li>Domain: {}</li>", domain);
-        }
-        if let Some(adkim) = pol.adkim {
-            summary += &format!("<li>ADKIM: {}</li>", adkim);
-        }
-        if let Some(aspf) = pol.aspf {
-            summary += &format!("<li>ASPF: {}</li>", aspf);
-        }
-        if let Some(p) = pol.p {
-            summary += &format!("<li>Policy: {}</li>", p);
-        }
-        if let Some(sp) = pol.sp {
-            summary += &format!("<li>Subdomain Policy: {}</li>", sp);
-        }
-        if let Some(pct) = pol.pct {
-            summary += &format!("<li>Percent: {}</li>", pct);
-        }
-        summary += "</ul>";
-    }
-    if let Some(records) = feedback.record {
-        summary += "<b>Records:</b><table style=\"border-collapse:collapse;width:100%;font-size:0.95em;\"><thead><tr style=\"background:#f0f0f0;\"><th style=\"border:1px solid #bbb;padding:4px 8px;\">Source IP</th><th style=\"border:1px solid #bbb;padding:4px 8px;\">Count</th><th style=\"border:1px solid #bbb;padding:4px 8px;\">Header From</th><th style=\"border:1px solid #bbb;padding:4px 8px;\">Disposition</th><th style=\"border:1px solid #bbb;padding:4px 8px;\">DKIM</th><th style=\"border:1px solid #bbb;padding:4px 8px;\">SPF</th><th style=\"border:1px solid #bbb;padding:4px 8px;\">Auth Results</th></tr></thead><tbody>";
-        for rec in records {
-            let mut row_html = String::new();
-            let mut source_ip = String::new();
-            let mut count = String::new();
-            let mut header_from = String::new();
-            let mut disposition = String::new();
-            let mut dkim = String::new();
-            let mut spf = String::new();
-            if let Some(r) = &rec.row {
-                if let Some(ref s) = r.source_ip {
-                    source_ip = s.clone();
-                }
-                if let Some(c) = r.count {
-                    count = c.to_string();
-                }
-                if let Some(ref pe) = r.policy_evaluated {
-                    if let Some(ref disp) = pe.disposition {
-                        disposition = disp.clone();
-                    }
-                    if let Some(ref d) = pe.dkim {
-                        dkim = d.clone();
-                    }
-                    if let Some(ref s) = pe.spf {
-                        spf = s.clone();
-                    }
-                }
-            }
-            if let Some(ids) = &rec.identifiers {
-                if let Some(ref hf) = ids.header_from {
-                    header_from = hf.clone();
-                }
-            }
-            row_html += &format!("<tr><td style=\"border:1px solid #bbb;padding:4px 8px;\">{}</td><td style=\"border:1px solid #bbb;padding:4px 8px;\">{}</td><td style=\"border:1px solid #bbb;padding:4px 8px;\">{}</td><td style=\"border:1px solid #bbb;padding:4px 8px;\">{}</td><td style=\"border:1px solid #bbb;padding:4px 8px;\">{}</td><td style=\"border:1px solid #bbb;padding:4px 8px;\">{}</td><td style=\"border:1px solid #bbb;padding:4px 8px;\">",
-                source_ip, count, header_from, disposition, dkim, spf);
-            // Auth Results
-            let mut auths = String::new();
-            if let Some(auth) = &rec.auth_results {
-                if let Some(dkims) = &auth.dkim {
-                    for dkimres in dkims {
-                        auths += &format!("<span style=\"white-space:nowrap;\">DKIM: domain=<b>{}</b> selector=<b>{}</b> result=<b>{}</b></span><br>",
-                            dkimres.domain.as_deref().unwrap_or(""),
-                            dkimres.selector.as_deref().unwrap_or(""),
-                            dkimres.result.as_deref().unwrap_or("")
-                        );
-                    }
-                }
-                if let Some(spfs) = &auth.spf {
-                    for spfres in spfs {
-                        auths += &format!("<span style=\"white-space:nowrap;\">SPF: domain=<b>{}</b> scope=<b>{}</b> result=<b>{}</b></span><br>",
-                            spfres.domain.as_deref().unwrap_or(""),
-                            spfres.scope.as_deref().unwrap_or(""),
-                            spfres.result.as_deref().unwrap_or("")
-                        );
-                    }
-                }
-            }
-            row_html += &auths;
-            row_html += "</td></tr>";
-            summary += &row_html;
-        }
-        summary += "</tbody></table>";
-    }
-    if summary.is_empty() {
-        summary = "No DMARC summary found.".to_string();
-    }
-    Ok(summary)
+#[derive(Debug, serde::Deserialize)]
+pub struct FormattedDateRange {
+    pub begin: String,
+    pub end: String,
+}
+
+pub struct FormattedReportMetadata {
+    pub org_name: String,
+    pub email: String,
+    pub report_id: String,
+    pub date_range: Option<FormattedDateRange>,
+}
+
+pub struct FormattedRecord {
+    pub source_ip: String,
+    pub count: String,
+    pub header_from: String,
+    pub disposition: String,
+    pub dkim: String,
+    pub spf: String,
+    pub auth_results: Option<FormattedAuthResults>,
+}
+
+pub struct FormattedAuthResults {
+    pub dkim: Vec<FormattedAuthDKIM>,
+    pub spf: Vec<FormattedAuthSPF>,
+}
+
+pub struct FormattedAuthDKIM {
+    pub domain: String,
+    pub result: String,
+    pub selector: String,
+}
+
+pub struct FormattedAuthSPF {
+    pub domain: String,
+    pub result: String,
+    pub scope: String,
+}
+
+pub struct FormattedPolicyPublished {
+    pub domain: String,
+    pub adkim: String,
+    pub aspf: String,
+    pub p: String,
+    pub sp: String,
+    pub pct: String,
+}
+
+pub struct FormattedFeedback {
+    pub report_metadata: Option<FormattedReportMetadata>,
+    pub policy_published: Option<FormattedPolicyPublished>,
+    pub record: Option<Vec<FormattedRecord>>,
+}
+
+#[derive(Debug, serde::Deserialize)]
+pub struct Feedback {
+    pub report_metadata: Option<ReportMetadata>,
+    pub policy_published: Option<PolicyPublished>,
+    pub record: Option<Vec<Record>>,
+}
+#[derive(Debug, serde::Deserialize)]
+pub struct ReportMetadata {
+    pub org_name: Option<String>,
+    pub email: Option<String>,
+    pub report_id: Option<String>,
+    pub date_range: Option<DateRange>,
+}
+#[derive(Debug, serde::Deserialize)]
+pub struct DateRange {
+    pub begin: Option<u64>,
+    pub end: Option<u64>,
+}
+#[derive(Debug, serde::Deserialize)]
+pub struct PolicyPublished {
+    pub domain: Option<String>,
+    pub adkim: Option<String>,
+    pub aspf: Option<String>,
+    pub p: Option<String>,
+    pub sp: Option<String>,
+    pub pct: Option<String>,
+}
+#[derive(Debug, serde::Deserialize)]
+pub struct Record {
+    pub row: Option<Row>,
+    pub identifiers: Option<Identifiers>,
+    pub auth_results: Option<AuthResults>,
+}
+#[derive(Debug, serde::Deserialize)]
+pub struct Row {
+    pub source_ip: Option<String>,
+    pub count: Option<u64>,
+    pub policy_evaluated: Option<PolicyEvaluated>,
+}
+#[derive(Debug, serde::Deserialize)]
+pub struct PolicyEvaluated {
+    pub disposition: Option<String>,
+    pub dkim: Option<String>,
+    pub spf: Option<String>,
+    pub reason: Option<Vec<Reason>>,
+}
+#[derive(Debug, serde::Deserialize)]
+pub struct Reason {
+    #[serde(rename = "type")]
+    pub reason_type: Option<String>,
+    pub comment: Option<String>,
+}
+#[derive(Debug, serde::Deserialize)]
+pub struct Identifiers {
+    pub header_from: Option<String>,
+}
+#[derive(Debug, serde::Deserialize)]
+pub struct AuthResults {
+    pub dkim: Option<Vec<AuthDKIM>>,
+    pub spf: Option<Vec<AuthSPF>>,
+}
+#[derive(Debug, serde::Deserialize)]
+pub struct AuthDKIM {
+    pub domain: Option<String>,
+    pub result: Option<String>,
+    pub selector: Option<String>,
+}
+#[derive(Debug, serde::Deserialize)]
+pub struct AuthSPF {
+    pub domain: Option<String>,
+    pub result: Option<String>,
+    pub scope: Option<String>,
+}
+
+#[derive(Template)]
+#[template(path = "dmarc_report.html")]
+pub struct DmarcReportTemplate<'a> {
+    pub report: &'a FormattedFeedback,
+}
+
+// Add this helper function to parse the DMARC XML and summarize it.
+pub fn parse_dmarc_report(xml: &str) -> Result<String, ServerError> {
+    let feedback: Feedback = xml_from_str(xml)
+        .map_err(|e| ServerError::StringError(format!("DMARC XML parse error: {}", e)))?;
+
+    let formatted_report_metadata = feedback.report_metadata.map(|meta| {
+        let date_range = meta.date_range.map(|dr| FormattedDateRange {
+            begin: match Utc.timestamp_opt(dr.begin.unwrap_or(0) as i64, 0) {
+                chrono::LocalResult::Single(d) => Some(d),
+                _ => None,
+            }
+            .map(|d| d.format("%Y-%m-%d").to_string())
+            .unwrap_or_else(|| "".to_string()),
+            end: match Utc.timestamp_opt(dr.end.unwrap_or(0) as i64, 0) {
+                chrono::LocalResult::Single(d) => Some(d),
+                _ => None,
+            }
+            .map(|d| d.format("%Y-%m-%d").to_string())
+            .unwrap_or_else(|| "".to_string()),
+        });
+        FormattedReportMetadata {
+            org_name: meta.org_name.unwrap_or_else(|| "".to_string()),
+            email: meta.email.unwrap_or_else(|| "".to_string()),
+            report_id: meta.report_id.unwrap_or_else(|| "".to_string()),
+            date_range,
+        }
+    });
+
+    let formatted_record = feedback.record.map(|records| {
+        records
+            .into_iter()
+            .map(|rec| {
+                let auth_results = rec.auth_results.map(|auth| {
+                    let dkim = auth
+                        .dkim
+                        .map(|dkims| {
+                            dkims
+                                .into_iter()
+                                .map(|d| FormattedAuthDKIM {
+                                    domain: d.domain.unwrap_or_else(|| "".to_string()),
+                                    result: d.result.unwrap_or_else(|| "".to_string()),
+                                    selector: d.selector.unwrap_or_else(|| "".to_string()),
+                                })
+                                .collect()
+                        })
+                        .unwrap_or_else(|| Vec::new());
+
+                    let spf = auth
+                        .spf
+                        .map(|spfs| {
+                            spfs.into_iter()
+                                .map(|s| FormattedAuthSPF {
+                                    domain: s.domain.unwrap_or_else(|| "".to_string()),
+                                    result: s.result.unwrap_or_else(|| "".to_string()),
+                                    scope: s.scope.unwrap_or_else(|| "".to_string()),
+                                })
+                                .collect()
+                        })
+                        .unwrap_or_else(|| Vec::new());
+
+                    FormattedAuthResults { dkim, spf }
+                });
+
+                FormattedRecord {
+                    source_ip: rec
+                        .row
+                        .as_ref()
+                        .and_then(|r| r.source_ip.clone())
+                        .unwrap_or_else(|| "".to_string()),
+                    count: rec
+                        .row
+                        .as_ref()
+                        .and_then(|r| r.count.map(|c| c.to_string()))
+                        .unwrap_or_else(|| "".to_string()),
+                    header_from: rec
+                        .identifiers
+                        .as_ref()
+                        .and_then(|i| i.header_from.clone())
+                        .unwrap_or_else(|| "".to_string()),
+                    disposition: rec
+                        .row
+                        .as_ref()
+                        .and_then(|r| r.policy_evaluated.as_ref())
+                        .and_then(|p| p.disposition.clone())
+                        .unwrap_or_else(|| "".to_string()),
+                    dkim: rec
+                        .row
+                        .as_ref()
+                        .and_then(|r| r.policy_evaluated.as_ref())
+                        .and_then(|p| p.dkim.clone())
+                        .unwrap_or_else(|| "".to_string()),
+                    spf: rec
+                        .row
+                        .as_ref()
+                        .and_then(|r| r.policy_evaluated.as_ref())
+                        .and_then(|p| p.spf.clone())
+                        .unwrap_or_else(|| "".to_string()),
+                    auth_results,
+                }
+            })
+            .collect()
+    });
+
+    let formatted_policy_published =
+        feedback
+            .policy_published
+            .map(|pol| FormattedPolicyPublished {
+                domain: pol.domain.unwrap_or_else(|| "".to_string()),
+                adkim: pol.adkim.unwrap_or_else(|| "".to_string()),
+                aspf: pol.aspf.unwrap_or_else(|| "".to_string()),
+                p: pol.p.unwrap_or_else(|| "".to_string()),
+                sp: pol.sp.unwrap_or_else(|| "".to_string()),
+                pct: pol.pct.unwrap_or_else(|| "".to_string()),
+            });
+
+    let formatted_feedback = FormattedFeedback {
+        report_metadata: formatted_report_metadata,
+        policy_published: formatted_policy_published,
+        record: formatted_record,
+    };
+
+    let template = DmarcReportTemplate {
+        report: &formatted_feedback,
+    };
+    let html = template.render()?;
+    Ok(html)
 }
--- a/server/src/templates.rs
+++ b/server/src/templates.rs
@@ -0,0 +1,7 @@
+use askama::Template;
+
+#[derive(Template)]
+#[template(path = "dmarc_report.html")]
+pub struct DmarcReportTemplate<'a> {
+    pub feedback: &'a crate::nm::Feedback,
+}