Commit Graph

656 Commits

Author SHA1 Message Date
Son
d2fad44003 create a constant for paddle grace days 2022-05-11 19:03:27 +02:00
Son
2573c68e82 use a grace period of 14 days for paddle subscription 2022-05-11 17:24:52 +02:00
Carlos Quintana
e09d7a2b71
Fix open redirect 2022-05-11 14:50:37 +02:00
Adrià Casajús
48554369bd
Get the mailbox if possible from the email log 2022-05-10 23:34:57 +02:00
Adrià Casajús
6c13f7de05
refactored to reduce duplicated codepaths 2022-05-10 18:23:14 +02:00
Adrià Casajús
a2f141d3cc
Get recipient address from the complaint report when possible 2022-05-10 17:54:51 +02:00
Son
21255866b6 improve test 2022-05-10 14:53:50 +02:00
Son
4dbbc4ed5e add test 2022-05-10 11:23:40 +02:00
Carlos Quintana
8d4683e59e
Add login with proton 2022-05-05 12:20:55 +02:00
Adrià Casajús
eea436875a
Merge pull request #914 from simple-login/ac-store-contact-bounces
Store bounces in the reply phase to prevent abuse
2022-05-03 14:44:07 +02:00
Adrià Casajús
56159765d9
Rename 2022-05-02 11:53:32 +02:00
Son
2de5161cd2 run alembic in run-test.sh 2022-05-01 17:38:14 +02:00
Son
c748ab22e6 run db migration in github ci 2022-05-01 17:06:10 +02:00
Adrià Casajús
e62022f032
Merge remote-tracking branch 'origin/master' into ac-store-contact-bounces
* origin/master: (29 commits)
  PR comments
  support "enabled" param in /api/v2/aliases
  Update PGPy to 0.5.4 to allow for python 3.10
  Also install libpq-dev
  Fix python 3.10
  Add methods to check if alias will be auto-created
  PR comments
  Allow sending messages in a background thread
  Use the proper import for newrelic agent
  not send emails to inform about an alias can't be created to disabled user
  prevent disabled user from using the api
  make sure disabled user can't create new alias
  Put version version between " so it is 3.10 instead of 3.1
  Add workflow for python 3.10
  Remove it for all creds
  Do not send the transports to the js part since we have not stored them previously
  move help to menu on small screen
  only show the help button on desktop
  use another logo for mobile
  add new parameter disabled in /GET /api/v2/aliases
  ...
2022-04-29 15:56:09 +02:00
Adrià Casajús
04399e827e
Merge pull request #940 from simple-login/ac-check-auto-create
Add methods to check if an alias will be auto-created
2022-04-29 12:05:18 +02:00
Son
a2c477a816 support "enabled" param in /api/v2/aliases 2022-04-28 17:24:35 +02:00
Adrià Casajús
8e35a09788
Add methods to check if alias will be auto-created 2022-04-28 15:10:38 +02:00
Adrià Casajús
9a04376894
Allow sending messages in a background thread 2022-04-28 14:43:24 +02:00
Son
7b7cb0b571 prevent disabled user from using the api 2022-04-27 16:24:38 +02:00
Son
eab7606f93 make sure disabled user can't create new alias 2022-04-27 16:06:54 +02:00
Adrià Casajús
5208c549fa
Rename TransactionalComplaint to ProviderComplaint 2022-04-25 14:40:42 +02:00
Son
58b332b7bc add new parameter disabled in /GET /api/v2/aliases 2022-04-25 09:22:29 +02:00
Adrià Casajús
c573ef655e
Store bounces in the reply phase to prevent abuse 2022-04-21 11:23:58 +02:00
Son
b61670fbc0 remove unused import 2022-04-21 09:26:44 +02:00
Son
b3bb0cf250 black 2022-04-21 09:17:09 +02:00
Son
bddb5e500a able to handle several noreply addresses
This prepares the change of noreply@simplelogin.co to noreply@simplelogin.io
2022-04-21 08:59:46 +02:00
Son Nguyen Kim
c14e01839e
Merge pull request #899 from simple-login/add-alias-to-to-header
add alias to To: header if it isn't included in To and Cc header
2022-04-20 09:10:11 +02:00
Son
b545ebaeb1 remove unnecessary test 2022-04-19 19:40:50 +02:00
Son
01fd880902 add more test. Make sure to delete To header before changing. 2022-04-19 18:45:59 +02:00
Son Nguyen Kim
9b624edf11
Merge pull request #901 from simple-login/no-dot-in-reverse-alias
use _ instead of . in reverse alias
2022-04-19 18:24:37 +02:00
Son
e136fc8c92 add test 2022-04-19 13:33:31 +02:00
Adrià Casajús
bad9202cf8
Calculate proper padding when decoding base32 2022-04-19 10:50:25 +02:00
Son Nguyen Kim
259851a04e
Merge pull request #860 from acasajus/remove-softfail
Generate secure transactional emails from address
2022-04-19 09:28:47 +02:00
Son
becde6458b fix test 2022-04-18 11:55:14 +02:00
Son
9a994ec98b fix test 2022-04-18 11:17:10 +02:00
Son
aaccfc6f9d fix test 2022-04-18 10:18:51 +02:00
Son
cb8b20fc9a fix test 2022-04-15 17:37:19 +02:00
Son
8dfdac79bf use _ instead of . in reverse alias
to avoid AC_FROM_MANY_DOTS SpamAssassin rule
2022-04-15 17:34:29 +02:00
Son
06874ea97c fix test 2022-04-15 17:06:00 +02:00
Son
0565ca4d5e add alias to To: header if it isn't included in To and Cc header 2022-04-15 17:01:27 +02:00
Son
a966665478 refactor test: no hardcode a@b.c, make sure each test has a different user 2022-04-15 16:59:44 +02:00
Son
7edbc3a5d5 black 2022-04-14 18:53:27 +02:00
Son
217518c00e refactor 2022-04-14 18:37:55 +02:00
Adrià Casajús
d28980a810
Format 2022-04-14 18:27:20 +02:00
Adrià Casajús
4bcc728222
Merge remote-tracking branch 'origin/master' into remove-softfail
* origin/master: (34 commits)
  fix flake8
  add link to the anti phishing page
  improve email wording
  Move tests
  Only send enum names
  Only send enum name for events intead of the full class.enum
  Also track login and register events from the api routes
  typo
  revert changes
  Added fix for parts that are not messages
  Add missing formatting place
  Revert unwanted changes
  Do not show an error if we receive an unsubscribe from a different address
  Revert changes to pgp_utils
  fix import
  Send newrelic events on login and register
  PR changes
  format
  Move dmarc management to its own file
  ignore VERPTransactional
  ...
2022-04-14 18:25:03 +02:00
Son
debed67c68 return whether a domain is custom or primary in GET /api/v5/alias/options 2022-04-14 17:28:40 +02:00
Adrià Casajús
fc13171f3d
Move tests 2022-04-12 12:51:11 +02:00
Adrià Casajús
ca93c8e603
Merge remote-tracking branch 'origin/master' into ac-dmarc-reply-phase
* origin/master:
  Only send enum name for events intead of the full class.enum
  Also track login and register events from the api routes
  typo
  revert changes
  Added fix for parts that are not messages
  Add missing formatting place
  Revert unwanted changes
  Do not show an error if we receive an unsubscribe from a different address
  Revert changes to pgp_utils
  Send newrelic events on login and register
2022-04-12 12:48:46 +02:00
Adrià Casajús
edf34656b6
revert changes 2022-04-11 15:53:37 +02:00
Adrià Casajús
c16fd25b2e
Added fix for parts that are not messages 2022-04-11 15:52:31 +02:00
Adrià Casajús
ae8824a356
Revert unwanted changes 2022-04-11 14:20:56 +02:00
Adrià Casajús
7649f6b822
Do not show an error if we receive an unsubscribe from a different address 2022-04-11 14:19:32 +02:00
Adrià Casajús
7fdd7d7f6a
PR changes 2022-04-11 09:28:57 +02:00
Adrià Casajús
68e58c0876
Move dmarc management to its own file 2022-04-08 11:28:14 +02:00
Adrià Casajús
b128d64563
Moved spamd check to a custom file and cached the result 2022-04-07 19:17:37 +02:00
Adrià Casajús
44c77439c1
PR comments 2022-04-06 17:44:05 +02:00
Adrià Casajús
61b8bbdfcc
Fix tests 2022-04-06 17:07:36 +02:00
Adrià Casajús
8ca1be0166
Apply dmarc policy to the reply phase 2022-04-06 12:51:04 +02:00
Adrià Casajús
26889283d3
format 2022-03-30 17:20:49 +02:00
Adrià Casajús
c9a15f4921
Fixed tests 2022-03-30 16:29:38 +02:00
Adrià Casajús
451e69a3c4
More rebase fixes 2022-03-30 16:09:17 +02:00
Adrià Casajús
db06ce0ae6
Create signed email addresses for VERP emails 2022-03-30 16:00:02 +02:00
Son Nguyen Kim
110f2f2f2c
Merge pull request #861 from acasajus/spf-dmarc-backscatter
Reduce backscatter by checking return-path domain SPF status
2022-03-30 19:44:39 +07:00
Adrià Casajús
1555bc6346
fix test 2022-03-29 21:03:55 +02:00
Adrià Casajús
a9e31cff26
Fix tests 2022-03-29 18:34:13 +02:00
Adrià Casajús
fe9161b101
Properly validate //host.com urls when redirecting after receiving a next param 2022-03-29 17:53:00 +02:00
Adrià Casajús
ac9b88f87d
Add no header test 2022-03-29 15:59:35 +02:00
Adrià Casajús
085c166cb2
Replace 5XX with 2XX for return path that fail SPF check 2022-03-29 15:09:10 +02:00
Son
8820cecdd3 comment out soft_fail test 2022-03-25 18:12:33 +01:00
Son
4fc450720f fix test 2022-03-22 17:44:08 +01:00
Son Nguyen Kim
99b05034b0
Merge pull request #843 from acasajus/new/parse-rpamd-headers
Parse rspamd headers and apply dmarc policy if found.
2022-03-22 17:13:11 +01:00
Adrià Casajús
ce6ee1a105
Added checks to get_dmarc_status 2022-03-21 19:13:51 +01:00
Adrià Casajús
1b2d504b3b
Send a notification to the user when a message has been quarantined 2022-03-21 18:33:18 +01:00
Adrià Casajús
45459d65be
PR comments 2022-03-21 17:43:26 +01:00
Adrià Casajús
16275620ae
Also quarantine soft_fail dmarc results 2022-03-21 17:38:41 +01:00
Son
2baebe7934 remove unused import 2022-03-21 14:43:27 +01:00
Son
1952f368a8 require password to use the api key page 2022-03-21 14:40:47 +01:00
Adrià Casajús
4d13e0c2b8
Rename 2022-03-21 12:32:50 +01:00
Adrià Casajús
35b47f4698
Updated test 2022-03-21 12:31:25 +01:00
Adrià Casajús
06a1363e92
Updated MR comments 2022-03-21 12:03:11 +01:00
Adrià Casajús
d53ea381a0
Fix signature 2022-03-21 10:43:18 +01:00
Adrià Casajús
4a533bb03b
Fix imports 2022-03-21 10:43:18 +01:00
Adrià Casajús
44dd06fabf
Added spoofed email test 2022-03-21 10:43:18 +01:00
Adrià Casajús
c9cbaeb460
format 2022-03-21 10:43:17 +01:00
Adrià Casajús
e8013f8e0c
Initial parse of rpamd extra headers 2022-03-21 10:43:17 +01:00
Son
350f498b94 lessen alias automatic disable check 2022-03-07 15:50:58 +01:00
Son
71136669e9 return the block reason in should_disable() 2022-03-07 15:44:27 +01:00
Adrià Casajús
0c008edc82
Format 2022-02-24 17:30:07 +01:00
Adrià Casajús
77cf5d9620
Added tests 2022-02-24 17:25:48 +01:00
Son
7da06ba424 return 422 if account not activated 2022-02-22 22:12:36 +01:00
Son Nguyen Kim
e9d134fe8f
Merge pull request #784 from FozzieHi/fix-testing-warnings
Fix deprecation warnings.
2022-02-21 17:12:36 +01:00
Carlos Quintana
a44acf1846
Add support for allowed redirect domains 2022-02-16 09:38:55 +01:00
Carlos Quintana
2f9489fe39
Only allow relative redirects 2022-02-15 15:16:31 +01:00
george
c415324932
Add flake8-bugbear 2022-02-06 20:37:43 +00:00
george
116fc7114a
Update test_can_be_used_as_personal_email to only skip if using GitHub Actions. 2022-02-06 14:37:46 +00:00
george
936d90a5f5
Fix deprecation warnings. 2022-02-04 13:49:38 +00:00
george
e6276dc32e
Fix typo. 2022-02-03 21:44:27 +00:00
george
172e509f53
Add comment. 2022-02-03 21:43:40 +00:00
george
3837a9955e
Just get the API key by user ID. 2022-02-03 19:49:29 +00:00
george
836e599517
Use POST requests to create and delete through the dashboard. 2022-02-03 19:47:41 +00:00
george
010c343641
Refactor to the dashboard folder. 2022-02-03 19:33:40 +00:00
george
709ccb176a
Test the dashboard POST request instead of directly testing the API. 2022-02-03 19:30:10 +00:00
george
c0712a6b95
Login using the test utils method. 2022-02-03 19:20:39 +00:00
george
17353c306c
Reduce session commits. 2022-02-03 15:28:56 +00:00
george
8f8a8b875b
Add multiple API keys for test user 1. 2022-02-03 15:05:46 +00:00
george
1f04dfad61
Add unit tests for API keys. 2022-02-03 15:02:32 +00:00
Son
4d1c4cfdff support pinned parameter in /api/v2/aliases 2022-02-03 11:16:49 +01:00
Son
70cb0609d8 refactor 2022-02-03 11:16:49 +01:00
Son
5a712f3877 make sure subdomain can only contain lowercase letters, numbers and dashes. 2022-01-26 14:53:27 +01:00
Son
5b7949f346 return title in /api/notifications 2022-01-24 15:20:59 +01:00
Son
0806f9243e return custom domain json in patch 2022-01-16 17:26:11 +01:00
Son
9ff323c746 make sure to set custom_domain_id when creating a new alias 2022-01-06 15:29:37 +01:00
Son
ffc621596a fix is_automatic_out_of_office: only use "Auto-Submitted" header 2022-01-05 15:21:54 +01:00
Son
5e2ea81a6c do not consider out-of-office as bounce 2022-01-04 18:06:08 +01:00
Son
4d8c89105f GET /api/phone/reservations/:reservation_id 2022-01-04 16:22:41 +01:00
Son
325207d6ba Use InvalidMailboxDomain instead of DISPOSABLE_EMAIL_DOMAINS 2022-01-03 10:33:21 +01:00
Son
80b0af91e5 allow user to create alias with domain that has ownership verified (and might not have MX verified) 2021-12-29 10:24:22 +01:00
Son
a270c72d60 add random_alias_suffix to settings api 2021-12-28 15:24:58 +01:00
Son
fc42db43ca add new sender formats: NAME_ONLY, AT_ONLY, NO_NAME 2021-12-28 10:49:37 +01:00
Son
5e7730c35c refactor: move regex_match() to its own file 2021-12-14 15:00:32 +01:00
Son
f3e8fc10a9 use re instead of re2 if error "Argument 'pattern' has incorrect type (expected bytes, got PythonRePattern)" 2021-12-11 19:38:22 +01:00
Son
226ce9333c return error if invalid alias address 2021-12-02 16:17:41 +01:00
Son
f049da8c9a Compare mx domains with priority order and not priority value 2021-11-23 14:31:53 +01:00
Son
adb376525f flake8 2021-11-18 10:33:38 +01:00
Son
38ecb227b0 reduce subdomain/directory quota when user create/delete subdomain/directory 2021-11-18 10:33:15 +01:00
Son
a8c86785d1 make sure a deleted subdomain can't be recreated 2021-11-17 17:21:13 +01:00
Son
417f7b92b0 make sure a deleted directory can't be recreated 2021-11-17 17:02:31 +01:00
Son
abc074ea9b make sure password can't be longer than 100 chars 2021-11-16 19:41:05 +01:00
Son
6012b6ff54 rename file 2021-11-16 19:39:51 +01:00
Son
416eafaeb9 use the first alias suffix when creating a new random alias 2021-11-12 11:04:00 +01:00
Son
bb5259ac3f fix test 2021-11-12 10:00:01 +01:00
Son
611fb8a20c take into account user.include_website_in_one_click_alias in /api/alias/random/new 2021-11-12 09:45:31 +01:00
Son
4c87e4ce68 improve test 2021-11-08 12:57:03 +01:00
Son
31e39314d5 return "block_forward" for /api/aliases/{alias.id}/contacts 2021-11-02 15:55:16 +01:00
Son
caa8656748 create /dashboard/block_contact/:contact_id 2021-11-02 15:30:18 +01:00
Son
fd7d9969f8 create a test for unsubscribe 2021-11-02 15:20:33 +01:00
Son
ebe727dc53 skip test_can_be_used_as_personal_email 2021-10-28 19:00:41 +02:00
Son
bc4805b1fa Add POST /api/contacts/:contact_id/toggle 2021-10-28 10:14:20 +02:00
Son
8680c0a739 do do not use the ra+ prefix for reverse alias 2021-10-25 14:33:42 +02:00
Son
ad24f19cd6 rename words.txt to test_words.txt 2021-10-23 17:29:37 +02:00
Son
4a90c79753 make sure mailbox_ids is a list in /api/v3/alias/custom/new 2021-10-23 15:55:39 +02:00
Son
ecdce2307f make sure input of /api/v3/alias/custom/new is a dict 2021-10-23 15:52:17 +02:00
Son
be7ae3021a rename is_reply_email -> is_reverse_alias, make sure reverse-alias must end with EMAIL_DOMAIN 2021-10-19 12:14:16 +02:00
Son
462164ff16 use tldextract to extract hostname 2021-10-18 11:45:48 +02:00
Son
283a6a530d handle case address.parse can also parse an URL and return UrlAddress 2021-10-17 12:52:59 +02:00
Son
57bfa7e933 make sure that a domain already used in a verified mailbox can't be added 2021-10-15 10:32:20 +02:00
Son
3bdeda3e04 add get_mailbox_bounce_info() 2021-10-14 15:10:16 +02:00
Son
b9d26d46f6 fix test 2021-10-12 15:11:25 +02:00
Son
eb0e327402 remove "with app.app_context():" 2021-10-12 14:47:01 +02:00
Son
372466ab06 do not use flask-sqlalchemy
- add __tablename__ for all models
- use sa and orm instead of db
- rollback all changes in tests
- remove session in @app.teardown_appcontext
2021-10-12 14:36:47 +02:00
Son
ba6ed3cba7 black 2021-10-03 19:44:39 +02:00
Son
d622d95c35 fix test 2 2021-10-03 19:36:30 +02:00
Son
931e924f8c fix test 2021-10-03 19:34:51 +02:00
Son Nguyen Kim
0aa3dff38b handle case pg_trgm can't be dropped when running test 2021-09-20 12:28:12 +02:00
Son Nguyen Kim
153831ed1a remove obsolete sender formats 2021-09-20 12:27:36 +02:00
Son Nguyen Kim
8b676bc4af not disable alias if ALIAS_AUTOMATIC_DISABLE is not set 2021-09-17 18:05:35 +02:00
Son Nguyen Kim
41478a5715 replace parseaddr_unicode by parse_full_address 2021-09-10 17:26:14 +02:00
Son Nguyen Kim
638e8137ec fix test 2021-09-10 17:10:05 +02:00
Son Nguyen Kim
defd7b159d Fix get_header_unicode: handle the case header contains several parts 2021-09-09 11:47:01 +02:00
Son Nguyen Kim
51578ce934 add filter by mailbox 2021-08-20 12:21:27 +02:00
Son Nguyen Kim
00b3d716b7 load pg_trgm when running test 2021-08-20 12:20:38 +02:00
Son
d9c682a23e remove sqlite everywhere, only use postgres. Do not use 5432 port to avoid conflict 2021-08-15 17:41:16 +02:00
Son
1384ccc459 remove RESET_DB config 2021-08-15 17:32:33 +02:00
Son Nguyen Kim
a13953e13f add postgres to github action 2021-08-06 08:54:24 +02:00
Son Nguyen Kim
07c912fd35 use postgres database in test instead of sqlite 2021-08-06 08:50:10 +02:00
Son Nguyen Kim
348c2271c6 fix test 2021-08-06 08:46:34 +02:00
Son Nguyen Kim
264bab965a fix test 2021-08-05 19:49:36 +02:00
Son Nguyen Kim
012c6fc3fb replace get(1) by first() 2021-08-05 19:44:56 +02:00
Son Nguyen Kim
fb29503b81 do not send bounce to IgnoreBounceSender 2021-08-02 11:33:58 +02:00
Son Nguyen Kim
d181cd49dd Sign the whole Alias Suffix Info instead of just the suffix 2021-07-19 20:14:59 +02:00
Son Nguyen Kim
e26287a4c7 Revert "disable should_disable() for now"
This reverts commit fb88654d84.
2021-07-14 12:23:02 +02:00
Son Nguyen Kim
fb88654d84 disable should_disable() for now 2021-07-13 17:24:28 +02:00
Son Nguyen Kim
183449e38b fix test 2021-07-11 15:00:47 +02:00
Son Nguyen Kim
1e4746dfe5 fix test 2021-07-11 15:00:22 +02:00
Son Nguyen Kim
f97b18e60a fill up EmailLog.alias_id when creating new EmailLog 2021-07-11 12:28:42 +02:00
Son NK
6532e0de93 Return 550 instead of 421 when rate limited. Rename greylisting to rate limit 2021-06-24 09:47:01 +02:00
Son NK
b84eb13ab5 Discard ignored email
Create IgnoredEmail model
2021-06-22 17:52:24 +02:00
Son
6bc093df3f fix test 2021-06-17 23:54:14 +02:00
Son
e14e697207 fix flake8 2021-06-17 23:24:07 +02:00
Son NK
3e1f098c79 fix test 2021-06-05 17:48:41 +02:00
Son NK
79d0ef8906 Use Postfix queue-id as log message-id 2021-06-04 17:15:59 +02:00
Son NK
62683a221a black 2021-06-02 18:48:35 +02:00
Son Nguyen Kim
b14d79c8f7
Merge pull request #496 from nbraud/pw_hash/refactor
Fix minor issues with password-handling, refactor
2021-06-02 18:33:56 +02:00
Son NK
eb2adc870a make sure only premium user can create new mailbox via API 2021-06-02 17:17:28 +02:00
nicoo
d216812f14 tests/api/auth: Use a pw showing Unicode issues 2021-05-27 22:16:07 +02:00
nicoo
f5f4d46aa4 tests/api/test_auth_login: Refactor
Have a single “login success” test, for both MFA and no-MFA cases.
No functional change to the test.
2021-05-26 19:05:26 +02:00
Son NK
73555ad524 generate mail_from during reply phase using BOUNCE_PREFIX_FOR_REPLY_PHASE 2021-05-25 17:59:40 +02:00
Son NK
ade07f9449 return empty name when name can't be decoded 2021-05-22 16:47:44 +02:00
Son NK
0039b4c301 disable an alias if the user has too many bounces recently 2021-04-16 17:57:25 +02:00
Son NK
f8540808bc remove Client.published 2021-04-06 19:46:21 +02:00
Son NK
7c1af6a265 improve should_disable(): take into account repetitive bounces 2021-04-06 17:24:06 +02:00
Son NK
be5cdc59ba fix test 2021-04-06 15:19:28 +02:00
Son NK
17cb4462e3 fix test 2021-04-01 18:17:27 +02:00
Son NK
d5de99afe9 Restore /alias/custom/new as currently used by safari 2021-03-31 14:41:32 +02:00
Son NK
1cac625a90 restore /v2/alias/custom/new as used by browser extension 2021-03-25 19:18:50 +01:00
Son NK
92acf352b6 add limiter for random alias creation 2021-03-24 17:30:05 +01:00
Son NK
71389b7e09 add limiter on custom alias page 2021-03-24 16:52:05 +01:00
Son NK
e46e3b1c01 fix test 2021-03-24 16:51:23 +01:00
Son NK
acc285abf0 remove /alias/custom/new, /v2/alias/custom/new, refactor test 2021-03-24 16:39:49 +01:00
Son NK
0c62ac4b1f set rate limit for creating alias endpoint 2021-03-24 16:26:42 +01:00