You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@james.apache.org by bt...@apache.org on 2021/11/24 01:43:39 UTC
[james-project] 03/08: JAMES-3534 Check if a user can send from an address before save it as custom identity
This is an automated email from the ASF dual-hosted git repository.
btellier pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/james-project.git
commit 57764bcc82244599082fc8361f30908cab3f4fca
Author: Quan Tran <hq...@linagora.com>
AuthorDate: Wed Nov 17 14:48:12 2021 +0700
JAMES-3534 Check if a user can send from an address before save it as custom identity
---
.../james/jmap/api/identity/CustomIdentityDAO.scala | 15 ++++++++++++---
.../scala/org/apache/james/jmap/api/model/Identity.scala | 2 +-
2 files changed, 13 insertions(+), 4 deletions(-)
diff --git a/server/data/data-jmap/src/main/scala/org/apache/james/jmap/api/identity/CustomIdentityDAO.scala b/server/data/data-jmap/src/main/scala/org/apache/james/jmap/api/identity/CustomIdentityDAO.scala
index bd30740..155e68e 100644
--- a/server/data/data-jmap/src/main/scala/org/apache/james/jmap/api/identity/CustomIdentityDAO.scala
+++ b/server/data/data-jmap/src/main/scala/org/apache/james/jmap/api/identity/CustomIdentityDAO.scala
@@ -25,8 +25,9 @@ import java.util.UUID
import com.google.common.collect.ImmutableList
import javax.inject.Inject
import org.apache.james.core.{MailAddress, Username}
-import org.apache.james.jmap.api.model.{EmailAddress, HtmlSignature, Identity, IdentityId, IdentityName, MayDeleteIdentity, PushSubscriptionCreationRequest, TextSignature}
+import org.apache.james.jmap.api.model.{EmailAddress, ForbiddenSendFromException, HtmlSignature, Identity, IdentityId, IdentityName, MayDeleteIdentity, TextSignature}
import org.apache.james.rrt.api.CanSendFrom
+import org.apache.james.user.api.UsersRepository
import org.reactivestreams.Publisher
import reactor.core.scala.publisher.{SFlux, SMono}
import reactor.core.scheduler.Schedulers
@@ -83,7 +84,7 @@ trait CustomIdentityDAO {
def delete(username: Username, ids: Seq[IdentityId]): Publisher[Unit]
}
-class DefaultIdentitySupplier @Inject()(canSendFrom: CanSendFrom) {
+class DefaultIdentitySupplier @Inject()(canSendFrom: CanSendFrom, usersRepository: UsersRepository) {
def listIdentities(username: Username): List[Identity] =
canSendFrom.allValidFromAddressesForUser(username)
.collect(ImmutableList.toImmutableList()).asScala.toList
@@ -99,6 +100,9 @@ class DefaultIdentitySupplier @Inject()(canSendFrom: CanSendFrom) {
htmlSignature = HtmlSignature.DEFAULT,
mayDelete = MayDeleteIdentity(false))))
+ def userCanSendFrom(username: Username, mailAddress: MailAddress): Boolean =
+ canSendFrom.userCanSendFrom(username, usersRepository.getUsername(mailAddress))
+
private def from(address: MailAddress): Option[IdentityId] =
Try(UUID.nameUUIDFromBytes(address.asString().getBytes(StandardCharsets.UTF_8)))
.toEither
@@ -109,7 +113,12 @@ class DefaultIdentitySupplier @Inject()(canSendFrom: CanSendFrom) {
// This class is intended to merge default (server-set0 identities with (user defined) custom identities
// Using the custom identities we can stores deltas of the default (server-set) identities allowing to modify them.
class IdentityRepository @Inject()(customIdentityDao: CustomIdentityDAO, identityFactory: DefaultIdentitySupplier) {
- def save(user: Username, creationRequest: IdentityCreationRequest): Publisher[Identity] = customIdentityDao.save(user, creationRequest)
+ def save(user: Username, creationRequest: IdentityCreationRequest): Publisher[Identity] =
+ if (identityFactory.userCanSendFrom(user, creationRequest.email)) {
+ customIdentityDao.save(user, creationRequest)
+ } else {
+ SMono.error(ForbiddenSendFromException(creationRequest.email))
+ }
def list(user: Username): Publisher[Identity] = SFlux.merge(Seq(
customIdentityDao.list(user),
diff --git a/server/data/data-jmap/src/main/scala/org/apache/james/jmap/api/model/Identity.scala b/server/data/data-jmap/src/main/scala/org/apache/james/jmap/api/model/Identity.scala
index acf65b4..58a9cc1 100644
--- a/server/data/data-jmap/src/main/scala/org/apache/james/jmap/api/model/Identity.scala
+++ b/server/data/data-jmap/src/main/scala/org/apache/james/jmap/api/model/Identity.scala
@@ -51,4 +51,4 @@ case class Identity(id: IdentityId,
htmlSignature: HtmlSignature,
mayDelete: MayDeleteIdentity)
-
+case class ForbiddenSendFromException(mailAddress: MailAddress) extends IllegalStateException(s"Can not send from ${mailAddress.asString()}")
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@james.apache.org
For additional commands, e-mail: notifications-help@james.apache.org