mirror of
https://github.com/simple-login/app.git
synced 2024-09-28 20:51:29 +02:00
check contact address in POST /aliases/<int:alias_id>/contacts
This commit is contained in:
parent
72a34e28be
commit
751cc05534
@ -16,7 +16,7 @@ from app.api.serializer import (
|
|||||||
)
|
)
|
||||||
from app.config import EMAIL_DOMAIN
|
from app.config import EMAIL_DOMAIN
|
||||||
from app.dashboard.views.alias_log import get_alias_log
|
from app.dashboard.views.alias_log import get_alias_log
|
||||||
from app.email_utils import parseaddr_unicode
|
from app.email_utils import parseaddr_unicode, is_valid_email
|
||||||
from app.extensions import db
|
from app.extensions import db
|
||||||
from app.log import LOG
|
from app.log import LOG
|
||||||
from app.models import Alias, Contact, Mailbox, AliasMailbox
|
from app.models import Alias, Contact, Mailbox, AliasMailbox
|
||||||
@ -386,6 +386,9 @@ def create_contact_route(alias_id):
|
|||||||
|
|
||||||
contact_addr = data.get("contact")
|
contact_addr = data.get("contact")
|
||||||
|
|
||||||
|
if not contact_addr:
|
||||||
|
return jsonify(error="Contact cannot be empty"), 400
|
||||||
|
|
||||||
# generate a reply_email, make sure it is unique
|
# generate a reply_email, make sure it is unique
|
||||||
# not use while to avoid infinite loop
|
# not use while to avoid infinite loop
|
||||||
reply_email = f"ra+{random_string(25)}@{EMAIL_DOMAIN}"
|
reply_email = f"ra+{random_string(25)}@{EMAIL_DOMAIN}"
|
||||||
@ -395,6 +398,8 @@ def create_contact_route(alias_id):
|
|||||||
break
|
break
|
||||||
|
|
||||||
contact_name, contact_email = parseaddr_unicode(contact_addr)
|
contact_name, contact_email = parseaddr_unicode(contact_addr)
|
||||||
|
if not is_valid_email(contact_email):
|
||||||
|
return jsonify(error=f"invalid contact email {contact_email}"), 400
|
||||||
|
|
||||||
# already been added
|
# already been added
|
||||||
if Contact.get_by(alias_id=alias.id, website_email=contact_email):
|
if Contact.get_by(alias_id=alias.id, website_email=contact_email):
|
||||||
|
@ -3,6 +3,7 @@ from flask import url_for
|
|||||||
from app.config import PAGE_LIMIT
|
from app.config import PAGE_LIMIT
|
||||||
from app.extensions import db
|
from app.extensions import db
|
||||||
from app.models import User, ApiKey, Alias, Contact, EmailLog, Mailbox
|
from app.models import User, ApiKey, Alias, Contact, EmailLog, Mailbox
|
||||||
|
from tests.utils import login
|
||||||
|
|
||||||
|
|
||||||
def test_get_aliases_error_without_pagination(flask_client):
|
def test_get_aliases_error_without_pagination(flask_client):
|
||||||
@ -503,6 +504,32 @@ def test_create_contact_route(flask_client):
|
|||||||
assert r.status_code == 409
|
assert r.status_code == 409
|
||||||
|
|
||||||
|
|
||||||
|
def test_create_contact_route_empty_contact_address(flask_client):
|
||||||
|
login(flask_client)
|
||||||
|
alias = Alias.query.first()
|
||||||
|
|
||||||
|
r = flask_client.post(
|
||||||
|
url_for("api.create_contact_route", alias_id=alias.id),
|
||||||
|
json={"contact": ""},
|
||||||
|
)
|
||||||
|
|
||||||
|
assert r.status_code == 400
|
||||||
|
assert r.json["error"] == "Contact cannot be empty"
|
||||||
|
|
||||||
|
|
||||||
|
def test_create_contact_route_invalid_contact_email(flask_client):
|
||||||
|
login(flask_client)
|
||||||
|
alias = Alias.query.first()
|
||||||
|
|
||||||
|
r = flask_client.post(
|
||||||
|
url_for("api.create_contact_route", alias_id=alias.id),
|
||||||
|
json={"contact": "with space@gmail.com"},
|
||||||
|
)
|
||||||
|
|
||||||
|
assert r.status_code == 400
|
||||||
|
assert r.json["error"] == "invalid contact email with space@gmail.com"
|
||||||
|
|
||||||
|
|
||||||
def test_delete_contact(flask_client):
|
def test_delete_contact(flask_client):
|
||||||
user = User.create(
|
user = User.create(
|
||||||
email="a@b.c", password="password", name="Test User", activated=True
|
email="a@b.c", password="password", name="Test User", activated=True
|
||||||
|
Loading…
Reference in New Issue
Block a user