From 761420ece9741432c59fa95aa9b7678177f8a6d3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adri=C3=A0=20Casaj=C3=BAs?= Date: Tue, 23 Jan 2024 14:57:40 +0100 Subject: [PATCH] Prevent mailboxes that have been disabled from being used again (#2016) * Prevent mailboxes that have been disabled from being used again * Improve test * Get one user since it will be unique --- app/email_utils.py | 20 +++++++++++++++++++ tests/test_email_utils.py | 42 ++++++++++++++++++++++++++++++++++----- 2 files changed, 57 insertions(+), 5 deletions(-) diff --git a/app/email_utils.py b/app/email_utils.py index 75e47bbc..c7da8436 100644 --- a/app/email_utils.py +++ b/app/email_utils.py @@ -583,6 +583,26 @@ def email_can_be_used_as_mailbox(email_address: str) -> bool: LOG.d("MX Domain %s %s is invalid mailbox domain", mx_domain, domain) return False + existing_user = User.get_by(email=email_address) + if existing_user and existing_user.disabled: + LOG.d( + f"User {existing_user} is disabled. {email_address} cannot be used for other mailbox" + ) + return False + + for existing_user in ( + User.query() + .join(Mailbox, User.id == Mailbox.user_id) + .filter(Mailbox.email == email_address) + .group_by(User.id) + .all() + ): + if existing_user.disabled: + LOG.d( + f"User {existing_user} is disabled and has a mailbox with {email_address}. Id cannot be used for other mailbox" + ) + return False + return True diff --git a/tests/test_email_utils.py b/tests/test_email_utils.py index 9adefc55..6294c55b 100644 --- a/tests/test_email_utils.py +++ b/tests/test_email_utils.py @@ -49,10 +49,25 @@ from app.models import ( VerpType, AliasGeneratorEnum, SLDomain, + Mailbox, ) # flake8: noqa: E101, W191 -from tests.utils import login, load_eml_file, create_new_user, random_domain +from tests.utils import ( + login, + load_eml_file, + create_new_user, + random_domain, + random_token, +) + + +def setup_module(module): + config.SKIP_MX_LOOKUP_ON_CHECK = True + + +def teardown_module(module): + config.SKIP_MX_LOOKUP_ON_CHECK = False def test_get_email_domain_part(): @@ -68,10 +83,6 @@ def test_email_belongs_to_alias_domains(): assert not can_create_directory_for_address("hey@d3.test") -@pytest.mark.skipif( - "GITHUB_ACTIONS_TEST" in os.environ, - reason="this test requires DNS lookup that does not work on Github CI", -) def test_can_be_used_as_personal_email(flask_client): # default alias domain assert not email_can_be_used_as_mailbox("ab@sl.local") @@ -94,6 +105,27 @@ def test_can_be_used_as_personal_email(flask_client): assert email_can_be_used_as_mailbox("abcd@gmail.com") +def test_disabled_user_prevents_email_from_being_used_as_mailbox(): + email = f"user_{random_token(10)}@mailbox.test" + assert email_can_be_used_as_mailbox(email) + user = create_new_user(email) + user.disabled = True + Session.flush() + assert not email_can_be_used_as_mailbox(email) + + +def test_disabled_user_with_secondary_mailbox_prevents_email_from_being_used_as_mailbox(): + email = f"user_{random_token(10)}@mailbox.test" + assert email_can_be_used_as_mailbox(email) + user = create_new_user() + Mailbox.create(user_id=user.id, email=email) + Session.flush() + assert email_can_be_used_as_mailbox(email) + user.disabled = True + Session.flush() + assert not email_can_be_used_as_mailbox(email) + + def test_delete_header(): msg = EmailMessage() assert msg._headers == []