steve/emcli
1
0
Fork 0
Code Issues Pull Requests Actions Projects Releases 4 Wiki Activity

feat(admin): Phase 4 — doctor, admin completeness, and bubbletea TUI

Browse Source 
Adds the admin/diagnostics surface from SPEC §7.2:

- doctor [--account]: per-account IMAP + (RW) SMTP connectivity/auth checks via
  new mail.CheckIMAP/CheckSMTP (connect+auth only, no mail). Exit non-zero on any
  failure; secrets never printed.
- store.UpdateAccount: partial edit, re-encrypts password/secrets only when a
  non-empty value is supplied (blank keeps existing). RecentAuditFor(account).
- config set/get (validates audit_retention_days), audit list [--account][--limit],
  account edit (flag partial-update) / remove [--yes].
- internal/tui: bubbletea AccountForm with pure, fully-tested Fields (validation +
  store.Account assembly + edit prefill). init / bare `account add` / `account edit
  --name X` drop into the TUI; flag forms remain for scripting.

Built test-first; full suite green incl -race. Validated live against the mxlogin
(password) and Gmail (app-password) accounts. Live validation caught a real bug:
doctor authenticated with empty passwords because it iterated ListAccounts (which
strips secrets) — fixed to re-fetch via GetAccount, locked in by a regression test.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
Steve Cliff
2026-06-22 20:09:43 +01:00
parent 193815dd25
commit a837b25d73
20 changed files with 1535 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/mail/check.go
+50
View File
@@ -0,0 +1,50 @@
package mail
import (
"crypto/tls"
"fmt"
"github.com/emersion/go-sasl"
"github.com/emersion/go-smtp"
)
// CheckIMAP verifies that the IMAP endpoint connects and the credentials
// authenticate, then logs out. It transfers no mail. A nil return means the
// account can read.
func CheckIMAP(cfg IMAPConfig) error {
c, err := Dial(cfg) // Dial connects and logs in
if err != nil {
return err
}
return c.Logout()
}
// CheckSMTP verifies that the SMTP endpoint connects and the credentials
// authenticate (SASL PLAIN), then quits. It sends no mail. A nil return means
// the account can send.
func CheckSMTP(cfg SMTPConfig) error {
addr := fmt.Sprintf("%s:%d", cfg.Host, cfg.Port)
tlsConf := &tls.Config{ServerName: cfg.Host}
var (
c *smtp.Client
err error
)
switch cfg.Security {
case "tls":
c, err = smtp.DialTLS(addr, tlsConf)
case "starttls":
c, err = smtp.DialStartTLS(addr, tlsConf)
default:
return fmt.Errorf("unknown smtp security %q", cfg.Security)
}
if err != nil {
return fmt.Errorf("smtp connect: %w", err)
}
defer c.Close()
if err := c.Auth(sasl.NewPlainClient("", cfg.Username, cfg.Password)); err != nil {
return fmt.Errorf("smtp auth: %w", err)
}
return c.Quit()
}