codeninjasllc/discourse
1
0
Fork 0
mirror of https://github.com/codeninjasllc/discourse.git synced 2024-12-02 11:59:17 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

FIX: don't allow blocked user to send emails in

Browse source
This commit is contained in:
Régis Hanol 2016-02-11 10:39:57 +01:00
parent 5120dcfb3d
commit cad7fc1062
6 changed files with 28 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
app/jobs/scheduled/poll_mailbox.rb
View file

@ -38,6 +38,7 @@ module Jobs
when Email::Receiver::NoMessageIdError then :email_reject_no_message_id when Email::Receiver::NoMessageIdError then :email_reject_no_message_id
when Email::Receiver::AutoGeneratedEmailError then :email_reject_auto_generated when Email::Receiver::AutoGeneratedEmailError then :email_reject_auto_generated
when Email::Receiver::InactiveUserError then :email_reject_inactive_user when Email::Receiver::InactiveUserError then :email_reject_inactive_user
when Email::Receiver::BlockedUserError then :email_reject_blocked_user
when Email::Receiver::BadDestinationAddress then :email_reject_bad_destination_address when Email::Receiver::BadDestinationAddress then :email_reject_bad_destination_address
when Email::Receiver::StrangersNotAllowedError then :email_reject_strangers_not_allowed when Email::Receiver::StrangersNotAllowedError then :email_reject_strangers_not_allowed
when Email::Receiver::InsufficientTrustLevelError then :email_reject_insufficient_trust_level when Email::Receiver::InsufficientTrustLevelError then :email_reject_insufficient_trust_level

8
config/locales/server.en.yml
View file

@ -56,6 +56,7 @@ en:
auto_generated_email_error: "Happens when the 'precedence' header is set to: list, junk, bulk or auto_reply, or when any other header contains: auto-submitted, auto-replied or auto-generated." auto_generated_email_error: "Happens when the 'precedence' header is set to: list, junk, bulk or auto_reply, or when any other header contains: auto-submitted, auto-replied or auto-generated."
no_body_detected_error: "Happens when we couldn't extract a body and there was no attachments." no_body_detected_error: "Happens when we couldn't extract a body and there was no attachments."
inactive_user_error: "Happens when the sender is not active." inactive_user_error: "Happens when the sender is not active."
blocked_user_error: "Happens when the sender has been blocked."
bad_destination_address: "Happens when none of the email addresses in To/Cc/Bcc fields matched a configured incoming email address." bad_destination_address: "Happens when none of the email addresses in To/Cc/Bcc fields matched a configured incoming email address."
strangers_not_allowed_error: "Happens when a user tried to create a new topic in a category they're not a member of." strangers_not_allowed_error: "Happens when a user tried to create a new topic in a category they're not a member of."
insufficient_trust_level_error: "Happens when a use tried to create a new topic in a category they don't have the required trust level for." insufficient_trust_level_error: "Happens when a use tried to create a new topic in a category they don't have the required trust level for."
@ -1795,6 +1796,13 @@ en:
Your account associated with this email address is not activated. Please activate your account before sending emails in. Your account associated with this email address is not activated. Please activate your account before sending emails in.
email_reject_blocked_user:
subject_template: "[%{site_name}] Email issue -- Blocked User"
text_body_template: |
We're sorry, but your email message to %{destination} (titled %{former_title}) didn't work.
Your account associated with this email address has been blocked.
email_reject_reply_user_not_matching: email_reject_reply_user_not_matching:
subject_template: "[%{site_name}] Email issue -- Reply User Not Matching" subject_template: "[%{site_name}] Email issue -- Reply User Not Matching"
text_body_template: | text_body_template: |

2
lib/email/receiver.rb
View file

@ -13,6 +13,7 @@ module Email
class AutoGeneratedEmailError < ProcessingError; end class AutoGeneratedEmailError < ProcessingError; end
class NoBodyDetectedError < ProcessingError; end class NoBodyDetectedError < ProcessingError; end
class InactiveUserError < ProcessingError; end class InactiveUserError < ProcessingError; end
class BlockedUserError < ProcessingError; end
class BadDestinationAddress < ProcessingError; end class BadDestinationAddress < ProcessingError; end
class StrangersNotAllowedError < ProcessingError; end class StrangersNotAllowedError < ProcessingError; end
class InsufficientTrustLevelError < ProcessingError; end class InsufficientTrustLevelError < ProcessingError; end
@ -55,6 +56,7 @@ module Email
raise AutoGeneratedEmailError if is_auto_generated? raise AutoGeneratedEmailError if is_auto_generated?
raise NoBodyDetectedError if body.blank? && !@mail.has_attachments? raise NoBodyDetectedError if body.blank? && !@mail.has_attachments?
raise InactiveUserError if !user.active && !user.staged raise InactiveUserError if !user.active && !user.staged
raise BlockedUserError if user.blocked
if action = subscription_action_for(body, subject) if action = subscription_action_for(body, subject)
message = SubscriptionMailer.send(action, user) message = SubscriptionMailer.send(action, user)

5
spec/components/email/receiver_spec.rb
View file

@ -43,6 +43,11 @@ describe Email::Receiver do
expect { process(:inactive_sender) }.to raise_error(Email::Receiver::InactiveUserError) expect { process(:inactive_sender) }.to raise_error(Email::Receiver::InactiveUserError)
end end
it "raises a BlockedUserError when the sender has been blocked" do
Fabricate(:user, email: "blocked@bar.com", blocked: true)
expect { process(:blocked_sender) }.to raise_error(Email::Receiver::BlockedUserError)
end
skip "doesn't raise an InactiveUserError when the sender is staged" do skip "doesn't raise an InactiveUserError when the sender is staged" do
Fabricate(:user, email: "staged@bar.com", active: false, staged: true) Fabricate(:user, email: "staged@bar.com", active: false, staged: true)
expect { process(:staged_sender) }.not_to raise_error expect { process(:staged_sender) }.not_to raise_error

9
spec/fixtures/emails/blocked_sender.eml vendored Normal file
View file

@ -0,0 +1,9 @@
Return-Path: <blocked@bar.com>
From: Foo Bar <blocked@bar.com>
Date: Fri, 15 Jan 2016 00:12:43 +0100
Message-ID: <8@foo.bar.mail>
Mime-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
Lorem ipsum dolor sit amet, consectetur adipiscing elit.

2
spec/fixtures/emails/staged_sender.eml vendored
View file

@ -1,7 +1,7 @@
Return-Path: <staged@bar.com> Return-Path: <staged@bar.com>
From: Foo Bar <staged@bar.com> From: Foo Bar <staged@bar.com>
Date: Fri, 15 Jan 2016 00:12:43 +0100 Date: Fri, 15 Jan 2016 00:12:43 +0100
Message-ID: <9@foo.bar.mail> Message-ID: <39@foo.bar.mail>
Mime-Version: 1.0 Mime-Version: 1.0
Content-Type: text/plain Content-Type: text/plain
Content-Transfer-Encoding: 7bit Content-Transfer-Encoding: 7bit