From ddcd46807019cd283bf3cf3fe15ed3f1a4545729 Mon Sep 17 00:00:00 2001 From: Jyri-Petteri Paloposki Date: Tue, 22 Feb 2022 18:46:14 +0200 Subject: [PATCH 1/4] Add a user preference that can be used as a fallback for the sender authentication. --- app/controllers/preferences_controller.rb | 2 +- app/models/message_gateway.rb | 12 +++++++++--- app/views/preferences/_tracks_behavior.html.erb | 3 +++ config/locales/en.yml | 1 + config/locales/fi.yml | 1 + ...22184000_add_smspermittedsenders_to_preference.rb | 5 +++++ db/schema.rb | 1 + 7 files changed, 21 insertions(+), 4 deletions(-) create mode 100644 db/migrate/20220222184000_add_smspermittedsenders_to_preference.rb diff --git a/app/controllers/preferences_controller.rb b/app/controllers/preferences_controller.rb index 96e36c6ad..61fbc3904 100644 --- a/app/controllers/preferences_controller.rb +++ b/app/controllers/preferences_controller.rb @@ -39,7 +39,7 @@ def prefs_params :staleness_starts, :due_style, :locale, :title_date_format, :time_zone, :show_hidden_projects_in_sidebar, :show_project_on_todo_done, :review_period, :refresh, :verbose_action_descriptors, - :mobile_todos_per_page, :sms_email, :sms_context_id, :theme) + :mobile_todos_per_page, :sms_email, :sms_context_id, :sms_permitted_senders, :theme) end def user_params diff --git a/app/models/message_gateway.rb b/app/models/message_gateway.rb index 2a125cd79..187a97f0c 100644 --- a/app/models/message_gateway.rb +++ b/app/models/message_gateway.rb @@ -99,9 +99,15 @@ def check_sender_is_in_mailmap(user, email) end def sender_is_in_mailmap?(user, email) - if (SITE_CONFIG['mailmap'].is_a? Hash) && SITE_CONFIG['email_dispatch'] == 'to' - # Look for the sender in the map of allowed senders - SITE_CONFIG['mailmap'][user.preference.sms_email].include? email.from[0] + if SITE_CONFIG['email_dispatch'] == 'to' + if SITE_CONFIG['mailmap'].is_a? Hash + # Look for the sender in the map of allowed senders + SITE_CONFIG['mailmap'][user.preference.sms_email].include? email.from[0] + else + # If the config mailmap isn't defined, use the values provided by the users. + pref_senders = user.prefs.sms_permitted_senders.split(',').collect(&:strip) + pref_senders.include? email.from[0] + end else # We can't check the map if it's not defined, or if the lookup is the # wrong way round, so just allow it diff --git a/app/views/preferences/_tracks_behavior.html.erb b/app/views/preferences/_tracks_behavior.html.erb index da5e5473f..b9fff24d5 100644 --- a/app/views/preferences/_tracks_behavior.html.erb +++ b/app/views/preferences/_tracks_behavior.html.erb @@ -37,6 +37,9 @@
<%= pref('prefs', "sms_context") { select('prefs', 'sms_context_id', current_user.contexts.map{|c| [c.name, c.id]}, {}, class: "form-control") } %>
+
+ <%= pref_with_text_field('prefs', "sms_permitted_senders") %> +
<%= pref_with_select_field('prefs', 'theme', [[t('models.preference.themes.black'), Preference.themes[:black]], [t('models.preference.themes.light_blue'), Preference.themes[:light_blue]]]) %>
diff --git a/config/locales/en.yml b/config/locales/en.yml index f0482daf3..8ec6a5a7a 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -21,6 +21,7 @@ en: show_project_on_todo_done: Go to project page on completing todo sms_context: Default email context sms_email: From email + sms_permitted_senders: Permitted email senders (use comma as separator) staleness_starts: Start of staleness theme: Theme time_zone: Time zone diff --git a/config/locales/fi.yml b/config/locales/fi.yml index 1d71e1628..db3e9ee8d 100644 --- a/config/locales/fi.yml +++ b/config/locales/fi.yml @@ -21,6 +21,7 @@ fi: show_project_on_todo_done: Siirry projektinäkymään toimenpiteen valmistuessa sms_context: Sähköpostin oletusasiayhteys sms_email: Lähettäjän sähköpostiosoite + sms_permitted_senders: Sallitut lähettäjät (käytä pilkkua erottimena) staleness_starts: Vanhentumisen alkaminen time_zone: Aikavyöhyke title_date_format: Otsakkeen päivämäärämuoto diff --git a/db/migrate/20220222184000_add_smspermittedsenders_to_preference.rb b/db/migrate/20220222184000_add_smspermittedsenders_to_preference.rb new file mode 100644 index 000000000..8a37b6e50 --- /dev/null +++ b/db/migrate/20220222184000_add_smspermittedsenders_to_preference.rb @@ -0,0 +1,5 @@ +class AddSmspermittedsendersToPreference < ActiveRecord::Migration[5.2] + def change + add_column :preferences, :sms_permitted_senders, :string + end +end diff --git a/db/schema.rb b/db/schema.rb index a0b9a2518..212f578a5 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -88,6 +88,7 @@ t.string "locale" t.integer "review_period", default: 14, null: false t.string "theme" + t.string "sms_permitted_senders" t.index ["user_id"], name: "index_preferences_on_user_id" end From aedc9f5409d740e844ca1d2c4ee455fb2b38b1dc Mon Sep 17 00:00:00 2001 From: Jyri-Petteri Paloposki Date: Tue, 22 Feb 2022 22:21:19 +0200 Subject: [PATCH 2/4] Validate uniqueness of the from address. Fixes #2745. --- app/models/preference.rb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/app/models/preference.rb b/app/models/preference.rb index 79f279bb0..8e3d23ad9 100644 --- a/app/models/preference.rb +++ b/app/models/preference.rb @@ -2,6 +2,8 @@ class Preference < ApplicationRecord belongs_to :user belongs_to :sms_context, :class_name => 'Context' + validates_uniqueness_of :sms_email, :case_sensitive => false + def self.themes { :black => 'black', :light_blue => 'light_blue' } end From f395ee12665aff63e50552b6318b26806b0b7c49 Mon Sep 17 00:00:00 2001 From: Jyri-Petteri Paloposki Date: Tue, 22 Feb 2022 22:31:39 +0200 Subject: [PATCH 3/4] Fix code style issues and the sender map logic to handle the empty pref case correctly. Also fixed the rails script to use the correct directory always. --- app/models/message_gateway.rb | 31 +++++++++++++------------------ app/models/preference.rb | 2 +- bin/rails | 2 +- 3 files changed, 15 insertions(+), 20 deletions(-) diff --git a/app/models/message_gateway.rb b/app/models/message_gateway.rb index 187a97f0c..3c9e6e22c 100644 --- a/app/models/message_gateway.rb +++ b/app/models/message_gateway.rb @@ -2,7 +2,7 @@ class MessageGateway < ActionMailer::Base def receive(email) user = get_receiving_user_from_email_address(email) return false if user.nil? - return false unless check_sender_is_in_mailmap(user, email) + return false unless check_sender_is_in_mailmap(user, email.from[0]) context = user.prefs.sms_context todo_params = get_todo_params(email) @@ -90,29 +90,24 @@ def get_receiving_user_from_sms_email(address) return user end - def check_sender_is_in_mailmap(user, email) - if user.present? && !sender_is_in_mailmap?(user, email) - Rails.logger.warn "#{email.from[0]} not found in mailmap for #{user.login}" + def check_sender_is_in_mailmap(user, from) + if user.present? && SITE_CONFIG['email_dispatch'] == 'to' && !sender_is_in_mailmap?(user, from) + Rails.logger.warn "#{from} not found in mailmap for #{user.login}" return false end return true end - def sender_is_in_mailmap?(user, email) - if SITE_CONFIG['email_dispatch'] == 'to' - if SITE_CONFIG['mailmap'].is_a? Hash - # Look for the sender in the map of allowed senders - SITE_CONFIG['mailmap'][user.preference.sms_email].include? email.from[0] - else - # If the config mailmap isn't defined, use the values provided by the users. - pref_senders = user.prefs.sms_permitted_senders.split(',').collect(&:strip) - pref_senders.include? email.from[0] - end - else - # We can't check the map if it's not defined, or if the lookup is the - # wrong way round, so just allow it - true + def sender_is_in_mailmap?(user, from) + if SITE_CONFIG['mailmap'].is_a? Hash + # Look for the sender in the map of allowed senders + SITE_CONFIG['mailmap'][user.preference.sms_email].include? from + elsif !(pref_senders = user.prefs.sms_permitted_senders).empty? + # If the config mailmap isn't defined, use the values provided by the users. + pref_senders.split(',').collect(&:strip).include? from end + # We can't check the map if it's not defined so just allow it + true end def get_text_or_nil(text) diff --git a/app/models/preference.rb b/app/models/preference.rb index 8e3d23ad9..f7cd7405f 100644 --- a/app/models/preference.rb +++ b/app/models/preference.rb @@ -2,7 +2,7 @@ class Preference < ApplicationRecord belongs_to :user belongs_to :sms_context, :class_name => 'Context' - validates_uniqueness_of :sms_email, :case_sensitive => false + validates :sms_email, uniqueness: { case_sensitive: false } def self.themes { :black => 'black', :light_blue => 'light_blue' } diff --git a/bin/rails b/bin/rails index 9d8f5bd1c..f5cab3d60 100755 --- a/bin/rails +++ b/bin/rails @@ -5,7 +5,7 @@ SCRIPT=$(readlink -f "$0") # Absolute path this script is in, thus /home/user/bin SCRIPTPATH=$(dirname "$SCRIPT") -if [ -e ../.use-docker -a ! -e /etc/app-env ]; +if [ -e $SCRIPTPATH/../.use-docker -a ! -e /etc/app-env ]; then $SCRIPTPATH/../script/docker-environment $0 "$@" else From 987f2848a8be977def28fe300ff634ad44c36810 Mon Sep 17 00:00:00 2001 From: Jyri-Petteri Paloposki Date: Tue, 22 Feb 2022 23:07:51 +0200 Subject: [PATCH 4/4] Updated DB schema --- db/schema.rb | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/db/schema.rb b/db/schema.rb index 212f578a5..5b0151e0f 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -2,15 +2,15 @@ # of editing this file, please use the migrations feature of Active Record to # incrementally modify your database, and then regenerate this schema definition. # -# Note that this schema.rb definition is the authoritative source for your -# database schema. If you need to create the application database on another -# system, you should be using db:schema:load, not running all the migrations -# from scratch. The latter is a flawed and unsustainable approach (the more migrations -# you'll amass, the slower it'll run and the greater likelihood for issues). +# This file is the source Rails uses to define your schema when running `rails +# db:schema:load`. When creating a new database, `rails db:schema:load` tends to +# be faster and is potentially less error prone than running all of your +# migrations from scratch. Old migrations may fail to apply correctly if those +# migrations use external dependencies or application code. # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema.define(version: 2020_08_20_000743) do +ActiveRecord::Schema.define(version: 2022_02_22_184000) do create_table "attachments", options: "ENGINE=InnoDB DEFAULT CHARSET=utf8", force: :cascade do |t| t.integer "todo_id" @@ -96,7 +96,7 @@ t.string "name", null: false t.integer "position", default: 0 t.integer "user_id", default: 1 - t.text "description", limit: 16777215 + t.text "description", size: :medium t.string "state", limit: 20, null: false t.datetime "created_at" t.datetime "updated_at" @@ -115,7 +115,7 @@ t.integer "context_id", null: false t.integer "project_id" t.string "description", null: false - t.text "notes", limit: 16777215 + t.text "notes", size: :medium t.string "state", limit: 20, null: false t.datetime "start_from" t.string "ends_on" @@ -169,7 +169,7 @@ t.integer "context_id", null: false t.integer "project_id" t.text "description", null: false - t.text "notes", limit: 16777215 + t.text "notes", size: :medium t.datetime "created_at" t.datetime "due" t.datetime "completed_at" @@ -178,7 +178,7 @@ t.string "state", limit: 20, null: false t.integer "recurring_todo_id" t.datetime "updated_at" - t.text "rendered_notes", limit: 16777215 + t.text "rendered_notes", size: :medium t.index ["context_id"], name: "index_todos_on_context_id" t.index ["project_id"], name: "index_todos_on_project_id" t.index ["state"], name: "index_todos_on_state"