Docker/documize
Docker/documize
1
0
Fork 0
mirror of https://github.com/documize/community.git synced 2025-07-19 21:29:42 +02:00
Code Releases Activity

Add spam control basics

Browse source
This commit is contained in:
Harvey Kandola 2019-04-16 12:53:22 +01:00
parent e10d04d22e
commit 51a0e1127e
8 changed files with 101 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

4
domain/mail/document.go
View file

@ -36,6 +36,10 @@ func (m *Mailer) DocumentApprover(recipient, inviterName, inviterEmail, url, doc
em.ReplyTo = inviterEmail em.ReplyTo = inviterEmail
em.ReplyName = inviterName em.ReplyName = inviterName
if IsBlockedEmailDomain(em.ToEmail) {
return
}
parameters := struct { parameters := struct {
Subject string Subject string
Inviter string Inviter string

28
domain/mail/mail_test.go Normal file
View file

@ -0,0 +1,28 @@
// Copyright 2016 Documize Inc. <legal@documize.com>. All rights reserved.
//
// This software (Documize Community Edition) is licensed under
// GNU AGPL v3 http://www.gnu.org/licenses/agpl-3.0.en.html
//
// You can operate outside the AGPL restrictions by purchasing
// Documize Enterprise Edition and obtaining a commercial license
// by contacting <sales@documize.com>.
//
// https://documize.com
package mail
import (
"testing"
)
func TestSpamDomains(t *testing.T) {
g1 := "good@example.org"
b1 := "bad@qq.com"
if IsBlockedEmailDomain(g1) {
t.Errorf("%s should not be blocked email domain", g1)
}
if !IsBlockedEmailDomain(b1) {
t.Errorf("%s should be blocked email domain", b1)
}
}

6
domain/mail/mailer.go
View file

@ -39,12 +39,6 @@ func (m *Mailer) Initialize() {
m.Dialer, _ = ds.Connect(m.Config) m.Dialer, _ = ds.Connect(m.Config)
} }
// Send prepares and sends email.
func (m *Mailer) Send(em ds.EmailMessage) (ok bool, err error) {
ok, err = ds.SendMessage(m.Dialer, m.Config, em)
return
}
// ParseTemplate produces email template. // ParseTemplate produces email template.
func (m *Mailer) ParseTemplate(filename string, params interface{}) (html string, err error) { func (m *Mailer) ParseTemplate(filename string, params interface{}) (html string, err error) {
html = "" html = ""

12
domain/mail/space.go
View file

@ -34,6 +34,10 @@ func (m *Mailer) ShareSpaceExistingUser(recipient, inviterName, inviterEmail, ur
em.ReplyTo = inviterEmail em.ReplyTo = inviterEmail
em.ReplyName = inviterName em.ReplyName = inviterName
if IsBlockedEmailDomain(em.ToEmail) {
return
}
parameters := struct { parameters := struct {
Subject string Subject string
Inviter string Inviter string
@ -62,7 +66,7 @@ func (m *Mailer) ShareSpaceExistingUser(recipient, inviterName, inviterEmail, ur
m.Runtime.Log.Error(fmt.Sprintf("%s - unable to send email", method), err) m.Runtime.Log.Error(fmt.Sprintf("%s - unable to send email", method), err)
} }
if !ok { if !ok {
m.Runtime.Log.Info(fmt.Sprintf("%s unable to send email")) m.Runtime.Log.Info(fmt.Sprintf("%s unable to send email", method))
} }
} }
@ -83,6 +87,10 @@ func (m *Mailer) ShareSpaceNewUser(recipient, inviterName, inviterEmail, url, sp
em.ReplyTo = inviterEmail em.ReplyTo = inviterEmail
em.ReplyName = inviterName em.ReplyName = inviterName
if IsBlockedEmailDomain(em.ToEmail) {
return
}
parameters := struct { parameters := struct {
Subject string Subject string
Inviter string Inviter string
@ -111,6 +119,6 @@ func (m *Mailer) ShareSpaceNewUser(recipient, inviterName, inviterEmail, url, sp
m.Runtime.Log.Error(fmt.Sprintf("%s - unable to send email", method), err) m.Runtime.Log.Error(fmt.Sprintf("%s - unable to send email", method), err)
} }
if !ok { if !ok {
m.Runtime.Log.Info(fmt.Sprintf("%s unable to send email")) m.Runtime.Log.Info(fmt.Sprintf("%s unable to send email", method))
} }
} }

26
domain/mail/spam.go Normal file
View file

@ -0,0 +1,26 @@
// Copyright 2016 Documize Inc. <legal@documize.com>. All rights reserved.
//
// This software (Documize Community Edition) is licensed under
// GNU AGPL v3 http://www.gnu.org/licenses/agpl-3.0.en.html
//
// You can operate outside the AGPL restrictions by purchasing
// Documize Enterprise Edition and obtaining a commercial license
// by contacting <sales@documize.com>.
//
// https://documize.com
package mail
import (
"strings"
)
// IsBlockedEmailDomain checks to see if email domain
// is on spam/blacklisted email domain.
func IsBlockedEmailDomain(to string) bool {
if strings.HasSuffix(to, "@qq.com") {
return true
}
return false
}

16
domain/mail/user.go
View file

@ -34,6 +34,10 @@ func (m *Mailer) InviteNewUser(recipient, inviterName, inviterEmail, url, userna
em.ReplyTo = inviterEmail em.ReplyTo = inviterEmail
em.ReplyName = inviterName em.ReplyName = inviterName
if IsBlockedEmailDomain(em.ToEmail) {
return
}
parameters := struct { parameters := struct {
Subject string Subject string
Inviter string Inviter string
@ -83,6 +87,10 @@ func (m *Mailer) InviteExistingUser(recipient, inviterName, inviterEmail, url st
em.ReplyTo = inviterEmail em.ReplyTo = inviterEmail
em.ReplyName = inviterName em.ReplyName = inviterName
if IsBlockedEmailDomain(em.ToEmail) {
return
}
parameters := struct { parameters := struct {
Subject string Subject string
Inviter string Inviter string
@ -107,7 +115,7 @@ func (m *Mailer) InviteExistingUser(recipient, inviterName, inviterEmail, url st
m.Runtime.Log.Error(fmt.Sprintf("%s - unable to send email", method), err) m.Runtime.Log.Error(fmt.Sprintf("%s - unable to send email", method), err)
} }
if !ok { if !ok {
m.Runtime.Log.Info(fmt.Sprintf("%s unable to send email")) m.Runtime.Log.Info(fmt.Sprintf("%s unable to send email", method))
} }
} }
@ -121,6 +129,10 @@ func (m *Mailer) PasswordReset(recipient, url string) {
em.ToEmail = recipient em.ToEmail = recipient
em.ToName = recipient em.ToName = recipient
if IsBlockedEmailDomain(em.ToEmail) {
return
}
parameters := struct { parameters := struct {
Subject string Subject string
URL string URL string
@ -143,6 +155,6 @@ func (m *Mailer) PasswordReset(recipient, url string) {
m.Runtime.Log.Error(fmt.Sprintf("%s - unable to send email", method), err) m.Runtime.Log.Error(fmt.Sprintf("%s - unable to send email", method), err)
} }
if !ok { if !ok {
m.Runtime.Log.Info(fmt.Sprintf("%s unable to send email")) m.Runtime.Log.Info(fmt.Sprintf("%s unable to send email", method))
} }
} }

6
domain/space/endpoint.go
View file

@ -935,6 +935,12 @@ func (h *Handler) Invite(w http.ResponseWriter, r *http.Request) {
return return
} }
// Spam checks.
if mail.IsBlockedEmailDomain(email) {
response.WriteForbiddenError(w)
return
}
if len(u.RefID) > 0 { if len(u.RefID) > 0 {
// Ensure they have access to this organization // Ensure they have access to this organization
accounts, err2 := h.Store.Account.GetUserAccounts(ctx, u.RefID) accounts, err2 := h.Store.Account.GetUserAccounts(ctx, u.RefID)

15
domain/user/endpoint.go
View file

@ -85,17 +85,21 @@ func (h *Handler) Add(w http.ResponseWriter, r *http.Request) {
response.WriteMissingDataError(w, method, "email") response.WriteMissingDataError(w, method, "email")
return return
} }
if len(userModel.Firstname) == 0 { if len(userModel.Firstname) == 0 {
response.WriteMissingDataError(w, method, "firsrtname") response.WriteMissingDataError(w, method, "firsrtname")
return return
} }
if len(userModel.Lastname) == 0 { if len(userModel.Lastname) == 0 {
response.WriteMissingDataError(w, method, "lastname") response.WriteMissingDataError(w, method, "lastname")
return return
} }
// Spam checks.
if mail.IsBlockedEmailDomain(userModel.Email) {
response.WriteForbiddenError(w)
return
}
userModel.Initials = stringutil.MakeInitials(userModel.Firstname, userModel.Lastname) userModel.Initials = stringutil.MakeInitials(userModel.Firstname, userModel.Lastname)
requestedPassword := secrets.GenerateRandomPassword() requestedPassword := secrets.GenerateRandomPassword()
userModel.Salt = secrets.GenerateSalt() userModel.Salt = secrets.GenerateSalt()
@ -808,6 +812,13 @@ func (h *Handler) BulkImport(w http.ResponseWriter, r *http.Request) {
userID = uniqueid.Generate() userID = uniqueid.Generate()
userModel.RefID = userID userModel.RefID = userID
// Spam checks.
if mail.IsBlockedEmailDomain(userModel.Email) {
ctx.Transaction.Rollback()
response.WriteForbiddenError(w)
return
}
err = h.Store.User.Add(ctx, userModel) err = h.Store.User.Add(ctx, userModel)
if err != nil { if err != nil {
ctx.Transaction.Rollback() ctx.Transaction.Rollback()