From 1dad58252359bcc013950e432cb01e34f253ed3c Mon Sep 17 00:00:00 2001 From: MrMeeb Date: Thu, 25 Jan 2024 12:00:08 +0000 Subject: [PATCH] 4.37.1 --- app/app/email_utils.py | 20 +++++++++++++++++ app/app/utils.py | 4 ++-- app/templates/footer.html | 2 +- app/tests/test_email_utils.py | 42 ++++++++++++++++++++++++++++++----- 4 files changed, 60 insertions(+), 8 deletions(-) diff --git a/app/app/email_utils.py b/app/app/email_utils.py index 75e47bb..c7da843 100644 --- a/app/app/email_utils.py +++ b/app/app/email_utils.py @@ -583,6 +583,26 @@ def email_can_be_used_as_mailbox(email_address: str) -> bool: LOG.d("MX Domain %s %s is invalid mailbox domain", mx_domain, domain) return False + existing_user = User.get_by(email=email_address) + if existing_user and existing_user.disabled: + LOG.d( + f"User {existing_user} is disabled. {email_address} cannot be used for other mailbox" + ) + return False + + for existing_user in ( + User.query() + .join(Mailbox, User.id == Mailbox.user_id) + .filter(Mailbox.email == email_address) + .group_by(User.id) + .all() + ): + if existing_user.disabled: + LOG.d( + f"User {existing_user} is disabled and has a mailbox with {email_address}. Id cannot be used for other mailbox" + ) + return False + return True diff --git a/app/app/utils.py b/app/app/utils.py index e6577b7..21d96bf 100644 --- a/app/app/utils.py +++ b/app/app/utils.py @@ -49,11 +49,11 @@ def random_string(length=10, include_digits=False): def convert_to_id(s: str): """convert a string to id-like: remove space, remove special accent""" - s = s.replace(" ", "") s = s.lower() s = unidecode(s) + s = s.replace(" ", "") - return s + return s[:256] _ALLOWED_CHARS = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_-." diff --git a/app/templates/footer.html b/app/templates/footer.html index 6a2bc23..95f85ea 100644 --- a/app/templates/footer.html +++ b/app/templates/footer.html @@ -9,7 +9,7 @@ SimpleLogin logo diff --git a/app/tests/test_email_utils.py b/app/tests/test_email_utils.py index 9adefc5..6294c55 100644 --- a/app/tests/test_email_utils.py +++ b/app/tests/test_email_utils.py @@ -49,10 +49,25 @@ from app.models import ( VerpType, AliasGeneratorEnum, SLDomain, + Mailbox, ) # flake8: noqa: E101, W191 -from tests.utils import login, load_eml_file, create_new_user, random_domain +from tests.utils import ( + login, + load_eml_file, + create_new_user, + random_domain, + random_token, +) + + +def setup_module(module): + config.SKIP_MX_LOOKUP_ON_CHECK = True + + +def teardown_module(module): + config.SKIP_MX_LOOKUP_ON_CHECK = False def test_get_email_domain_part(): @@ -68,10 +83,6 @@ def test_email_belongs_to_alias_domains(): assert not can_create_directory_for_address("hey@d3.test") -@pytest.mark.skipif( - "GITHUB_ACTIONS_TEST" in os.environ, - reason="this test requires DNS lookup that does not work on Github CI", -) def test_can_be_used_as_personal_email(flask_client): # default alias domain assert not email_can_be_used_as_mailbox("ab@sl.local") @@ -94,6 +105,27 @@ def test_can_be_used_as_personal_email(flask_client): assert email_can_be_used_as_mailbox("abcd@gmail.com") +def test_disabled_user_prevents_email_from_being_used_as_mailbox(): + email = f"user_{random_token(10)}@mailbox.test" + assert email_can_be_used_as_mailbox(email) + user = create_new_user(email) + user.disabled = True + Session.flush() + assert not email_can_be_used_as_mailbox(email) + + +def test_disabled_user_with_secondary_mailbox_prevents_email_from_being_used_as_mailbox(): + email = f"user_{random_token(10)}@mailbox.test" + assert email_can_be_used_as_mailbox(email) + user = create_new_user() + Mailbox.create(user_id=user.id, email=email) + Session.flush() + assert email_can_be_used_as_mailbox(email) + user.disabled = True + Session.flush() + assert not email_can_be_used_as_mailbox(email) + + def test_delete_header(): msg = EmailMessage() assert msg._headers == []