Fix empty authorized address (#1423)
* not allow empty authorized address * check authorized address before adding * use github for flake8 * fix test
This commit is contained in:
parent
390b96b991
commit
989358af34
|
@ -11,7 +11,7 @@ repos:
|
|||
rev: 22.3.0
|
||||
hooks:
|
||||
- id: black
|
||||
- repo: https://gitlab.com/pycqa/flake8
|
||||
- repo: https://github.com/pycqa/flake8
|
||||
rev: 3.9.2
|
||||
hooks:
|
||||
- id: flake8
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
from smtplib import SMTPRecipientsRefused
|
||||
|
||||
from email_validator import validate_email, EmailNotValidError
|
||||
from flask import render_template, request, redirect, url_for, flash
|
||||
from flask_login import login_required, current_user
|
||||
from flask_wtf import FlaskForm
|
||||
|
@ -98,16 +99,23 @@ def mailbox_detail_route(mailbox_id):
|
|||
)
|
||||
elif request.form.get("form-name") == "add-authorized-address":
|
||||
address = sanitize_email(request.form.get("email"))
|
||||
if AuthorizedAddress.get_by(mailbox_id=mailbox.id, email=address):
|
||||
flash(f"{address} already added", "error")
|
||||
try:
|
||||
validate_email(
|
||||
address, check_deliverability=False, allow_smtputf8=False
|
||||
).domain
|
||||
except EmailNotValidError:
|
||||
flash(f"invalid {address}", "error")
|
||||
else:
|
||||
AuthorizedAddress.create(
|
||||
user_id=current_user.id,
|
||||
mailbox_id=mailbox.id,
|
||||
email=address,
|
||||
commit=True,
|
||||
)
|
||||
flash(f"{address} added as authorized address", "success")
|
||||
if AuthorizedAddress.get_by(mailbox_id=mailbox.id, email=address):
|
||||
flash(f"{address} already added", "error")
|
||||
else:
|
||||
AuthorizedAddress.create(
|
||||
user_id=current_user.id,
|
||||
mailbox_id=mailbox.id,
|
||||
email=address,
|
||||
commit=True,
|
||||
)
|
||||
flash(f"{address} added as authorized address", "success")
|
||||
|
||||
return redirect(
|
||||
url_for("dashboard.mailbox_detail_route", mailbox_id=mailbox_id)
|
||||
|
|
|
@ -228,7 +228,7 @@
|
|||
<form method="post" action="#authorized-address" class="form-inline">
|
||||
{{ csrf_form.csrf_token }}
|
||||
<input type="hidden" name="form-name" value="add-authorized-address">
|
||||
<input type="email" name="email" size="50" class="form-control">
|
||||
<input type="email" name="email" size="50" class="form-control" required>
|
||||
<input type="submit" class="btn btn-primary" value="Add">
|
||||
</form>
|
||||
</div>
|
||||
|
|
|
@ -83,10 +83,11 @@ def test_can_be_used_as_personal_email(flask_client):
|
|||
assert not email_can_be_used_as_mailbox(f"hey@{domain}")
|
||||
|
||||
# disposable domain
|
||||
assert not email_can_be_used_as_mailbox("abcd@10minutesmail.fr")
|
||||
assert not email_can_be_used_as_mailbox("abcd@temp-mail.com")
|
||||
disposable_domain = random_domain()
|
||||
InvalidMailboxDomain.create(domain=disposable_domain, commit=True)
|
||||
assert not email_can_be_used_as_mailbox(f"abcd@{disposable_domain}")
|
||||
# subdomain will not work
|
||||
assert not email_can_be_used_as_mailbox("abcd@sub.temp-mail.com")
|
||||
assert not email_can_be_used_as_mailbox("abcd@sub.{disposable_domain}")
|
||||
# valid domains should not be affected
|
||||
assert email_can_be_used_as_mailbox("abcd@protonmail.com")
|
||||
assert email_can_be_used_as_mailbox("abcd@gmail.com")
|
||||
|
|
Loading…
Reference in New Issue