From 4936cb1b228675f032d0ece65933b25463f15e86 Mon Sep 17 00:00:00 2001
From: Zhang Huangbin <zhb@iredmail.org>
Date: Fri, 23 Jul 2021 16:29:43 +0800
Subject: [PATCH] Update iRedAdmin-Pro API doc.

---
 .../0-iredadmin-pro.restful.api-new.md        | 38 +++++++++++++++----
 html/iredadmin-pro.restful.api-new.html       | 35 ++++++++++++-----
 2 files changed, 56 insertions(+), 17 deletions(-)

diff --git a/en_US/iredadmin/0-iredadmin-pro.restful.api-new.md b/en_US/iredadmin/0-iredadmin-pro.restful.api-new.md
index 25620b9c..9b411b1a 100644
--- a/en_US/iredadmin/0-iredadmin-pro.restful.api-new.md
+++ b/en_US/iredadmin/0-iredadmin-pro.restful.api-new.md
@@ -4,8 +4,8 @@
 
 !!! attention
 
-    * This document is applicable to `iRedAdmin-Pro-SQL-4.4` and
-      `iRedAdmin-Pro-LDAP-4.5`. If you're running an old release, please
+    * This document is applicable to `iRedAdmin-Pro-SQL-4.9` and
+      `iRedAdmin-Pro-LDAP-5.0`. If you're running an old release, please
       upgrade iRedAdmin-Pro to the latest release, or check
       [document for old releases](./iredadmin-pro.releases.html).
     * If you need an API which has not yet been implemented, don't hesitate to
@@ -225,7 +225,20 @@ Notes:
     * This is standalone domain admin account, not mail user with admin privileges.
     * Only global admin can access these APIs.
 
-!!! api "`GET`{: .get } `/api/admin/<mail>`{: .url } `Get profile of an existing domain admin`{: .comment }"
+!!! api "`GET`{: .get } `/api/admin/<mail>`{: .url } `Get profile of an existing domain admin`{: .comment } `Parameters`{: .has_params }"
+
+    <div class="params params_user">
+    Encrypted account password is not exposed in API request by default, if you
+    want to expose it for some reason, please add a new line in iRedAdmin-Pro config
+    file `/opt/www/iredadmin/settings.py` like below, then restart `iredadmin`
+    service:
+
+    ```
+    API_HIDDEN_ADMIN_PROFILES = []
+    ```
+
+    </div>
+
 !!! api "`POST`{: .post } `/api/admin/<mail>`{: .url } `Create a new domain admin`{: .comment } `Parameters`{: .has_params }"
 
     <div class="params params_admin">
@@ -297,7 +310,20 @@ Notes:
 
 ### Mail User {: .toggle }
 
-!!! api "`GET`{: .get } `/api/user/<mail>`{: .url } `Get profile of an existing mail user`{: .comment }"
+!!! api "`GET`{: .get } `/api/user/<mail>`{: .url } `Get profile of an existing mail user`{: .comment } `Parameters`{: .has_params }"
+
+    <div class="params params_user">
+    Encrypted account password is not exposed in API request by default, if you
+    want to expose it for some reason, please add a new line in iRedAdmin-Pro config
+    file `/opt/www/iredadmin/settings.py` like below, then restart `iredadmin`
+    service:
+
+    ```
+    API_HIDDEN_USER_PROFILES = []
+    ```
+
+    </div>
+
 !!! api "`POST`{: .post } `/api/user/<mail>`{: .url } `Create a new mail user`{: .comment } `Parameters`{: .has_params }"
 
     <div class="params params_user">
@@ -693,6 +719,7 @@ Notes:
     `prefix_spam_in_subject` | Prefix string `[SPAM] ` in mail subject if it's spam | `prefix_spam_in_subject=yes` (default is `no`)
     `always_insert_x_spam_headers` | Always insert `X-Spam-*` headers in email. It contains spam score and matched SpamAssassin rules. __Don't enable this unless you want to debug spam checking.__ | `always_insert_x_spam_headers=yes` (default is `no`)
     `spam_score` | Set a preferred spam score, if scanned email has higher score than this one, it will be marked as spam. | `spam_score=4` (defaults to use system setting defined in Amavisd config file.)
+    `banned_rulenames` | Assign ban rules | `banned_rulenames=ALLOW_MS_WORD,ALLOW_MS_EXCEL`
 
     </div>
 
@@ -810,7 +837,6 @@ Catch-all address | `@.`
 !!! api "`DELETE`{: .delete } `/api/wblist/inbound/blacklist/<mail>`{: .url } `Delete all per-user existing global blacklists for inbound.`{: .comment }"
 !!! api "`DELETE`{: .delete } `/api/wblist/outbound/whitelist/<mail>`{: .url } `Delete all per-user existing global whitelists for outbound.`{: .comment }"
 !!! api "`DELETE`{: .delete } `/api/wblist/outbound/blacklist/<mail>`{: .url } `Delete all per-user existing global whitelists for outbound.`{: .comment }"
-!!! api "`PUT`{: .put } `/api/wblist/senderscore/whitelist/<ip>`{: .url } `Whitelist given IP address for the senderscore checking. Applied by iRedAPD plugin 'senderscore'`{: .comment }"
 
 
 ### Greylisting {: .toggle }
@@ -883,8 +909,6 @@ Catch-all address | `@.`
 
     </div>
 
-!!! api "`PUT`{: .put } `/api/greylisting/global/whitelist/<ip>`{: .url } `Whitelist given IP address globally`{: .comment }"
-
 ### Export Accounts {: .toggle }
 
 #### LDIF (LDAP backend only) {: .toggle }
diff --git a/html/iredadmin-pro.restful.api-new.html b/html/iredadmin-pro.restful.api-new.html
index 3fc3f802..9d5b93fa 100644
--- a/html/iredadmin-pro.restful.api-new.html
+++ b/html/iredadmin-pro.restful.api-new.html
@@ -47,8 +47,8 @@
 <div class="admonition attention">
 <p class="admonition-title">Attention</p>
 <ul>
-<li>This document is applicable to <code>iRedAdmin-Pro-SQL-4.4</code> and
-  <code>iRedAdmin-Pro-LDAP-4.5</code>. If you're running an old release, please
+<li>This document is applicable to <code>iRedAdmin-Pro-SQL-4.9</code> and
+  <code>iRedAdmin-Pro-LDAP-5.0</code>. If you're running an old release, please
   upgrade iRedAdmin-Pro to the latest release, or check
   <a href="./iredadmin-pro.releases.html">document for old releases</a>.</li>
 <li>If you need an API which has not yet been implemented, don't hesitate to
@@ -618,7 +618,15 @@ to be a domain admin.</p>
 </ul>
 </div>
 <div class="admonition api">
-<p class="admonition-title"><code class="get">GET</code> <code class="url">/api/admin/&lt;mail&gt;</code> <code class="comment">Get profile of an existing domain admin</code></p>
+<p class="admonition-title"><code class="get">GET</code> <code class="url">/api/admin/&lt;mail&gt;</code> <code class="comment">Get profile of an existing domain admin</code> <code class="has_params">Parameters</code></p>
+<p><div class="params params_user">
+Encrypted account password is not exposed in API request by default, if you
+want to expose it for some reason, please add a new line in iRedAdmin-Pro config
+file <code>/opt/www/iredadmin/settings.py</code> like below, then restart <code>iredadmin</code>
+service:</p>
+<p><code>API_HIDDEN_ADMIN_PROFILES = []</code></p>
+</div>
+
 </div>
 <div class="admonition api">
 <p class="admonition-title"><code class="post">POST</code> <code class="url">/api/admin/&lt;mail&gt;</code> <code class="comment">Create a new domain admin</code> <code class="has_params">Parameters</code></p>
@@ -842,7 +850,15 @@ to be a domain admin.</p>
 </div>
 <h3 class="toggle" id="mail-user">Mail User</h3>
 <div class="admonition api">
-<p class="admonition-title"><code class="get">GET</code> <code class="url">/api/user/&lt;mail&gt;</code> <code class="comment">Get profile of an existing mail user</code></p>
+<p class="admonition-title"><code class="get">GET</code> <code class="url">/api/user/&lt;mail&gt;</code> <code class="comment">Get profile of an existing mail user</code> <code class="has_params">Parameters</code></p>
+<p><div class="params params_user">
+Encrypted account password is not exposed in API request by default, if you
+want to expose it for some reason, please add a new line in iRedAdmin-Pro config
+file <code>/opt/www/iredadmin/settings.py</code> like below, then restart <code>iredadmin</code>
+service:</p>
+<p><code>API_HIDDEN_USER_PROFILES = []</code></p>
+</div>
+
 </div>
 <div class="admonition api">
 <p class="admonition-title"><code class="post">POST</code> <code class="url">/api/user/&lt;mail&gt;</code> <code class="comment">Create a new mail user</code> <code class="has_params">Parameters</code></p>
@@ -2137,6 +2153,11 @@ to be a domain admin.</p>
 <td>Set a preferred spam score, if scanned email has higher score than this one, it will be marked as spam.</td>
 <td><code>spam_score=4</code> (defaults to use system setting defined in Amavisd config file.)</td>
 </tr>
+<tr>
+<td><code>banned_rulenames</code></td>
+<td>Assign ban rules</td>
+<td><code>banned_rulenames=ALLOW_MS_WORD,ALLOW_MS_EXCEL</code></td>
+</tr>
 </tbody>
 </table>
 </div>
@@ -2438,9 +2459,6 @@ to be a domain admin.</p>
 <div class="admonition api">
 <p class="admonition-title"><code class="delete">DELETE</code> <code class="url">/api/wblist/outbound/blacklist/&lt;mail&gt;</code> <code class="comment">Delete all per-user existing global whitelists for outbound.</code></p>
 </div>
-<div class="admonition api">
-<p class="admonition-title"><code class="put">PUT</code> <code class="url">/api/wblist/senderscore/whitelist/&lt;ip&gt;</code> <code class="comment">Whitelist given IP address for the senderscore checking. Applied by iRedAPD plugin 'senderscore'</code></p>
-</div>
 <h3 class="toggle" id="greylisting">Greylisting</h3>
 <div class="admonition api">
 <p class="admonition-title"><code class="get">GET</code> <code class="url">/api/greylisting/all</code> <code class="comment">Get all existing greylisting settings</code></p>
@@ -2610,9 +2628,6 @@ to be a domain admin.</p>
 
 </div>
 
-</div>
-<div class="admonition api">
-<p class="admonition-title"><code class="put">PUT</code> <code class="url">/api/greylisting/global/whitelist/&lt;ip&gt;</code> <code class="comment">Whitelist given IP address globally</code></p>
 </div>
 <h3 class="toggle" id="export-accounts">Export Accounts</h3>
 <h4 class="toggle" id="ldif-ldap-backend-only">LDIF (LDAP backend only)</h4>