james-server-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From adup...@apache.org
Subject [01/19] james-project git commit: JAMES-2214 Recipient validation should be done before sending
Date Wed, 15 Nov 2017 11:15:42 GMT
Repository: james-project
Updated Branches:
  refs/heads/master b539779b2 -> 5df4371bc


JAMES-2214 Recipient validation should be done before sending

This is required as recipients should not be validated when saving a draft, but only when
sending it.


Project: http://git-wip-us.apache.org/repos/asf/james-project/repo
Commit: http://git-wip-us.apache.org/repos/asf/james-project/commit/e3ffd2bf
Tree: http://git-wip-us.apache.org/repos/asf/james-project/tree/e3ffd2bf
Diff: http://git-wip-us.apache.org/repos/asf/james-project/diff/e3ffd2bf

Branch: refs/heads/master
Commit: e3ffd2bf5fdb517a3c656b21259eb4d8fda77696
Parents: 4dbe064
Author: benwa <btellier@linagora.com>
Authored: Mon Nov 13 09:56:49 2017 +0700
Committer: benwa <btellier@linagora.com>
Committed: Wed Nov 15 17:58:15 2017 +0700

----------------------------------------------------------------------
 .../james/jmap/methods/MessageSender.java       | 16 +++++++++++++
 .../methods/SetMessagesCreationProcessor.java   | 25 ++------------------
 .../james/jmap/model/CreationMessage.java       |  5 ++++
 3 files changed, 23 insertions(+), 23 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/james-project/blob/e3ffd2bf/server/protocols/jmap/src/main/java/org/apache/james/jmap/methods/MessageSender.java
----------------------------------------------------------------------
diff --git a/server/protocols/jmap/src/main/java/org/apache/james/jmap/methods/MessageSender.java
b/server/protocols/jmap/src/main/java/org/apache/james/jmap/methods/MessageSender.java
index dd94618..98e41d2 100644
--- a/server/protocols/jmap/src/main/java/org/apache/james/jmap/methods/MessageSender.java
+++ b/server/protocols/jmap/src/main/java/org/apache/james/jmap/methods/MessageSender.java
@@ -51,6 +51,7 @@ public class MessageSender {
     public void sendMessage(Message jmapMessage,
                             MessageFactory.MetaDataWithContent message,
                             MailboxSession session) throws MailboxException, MessagingException
{
+        validateUserIsInSenders(jmapMessage, session);
         Mail mail = buildMessage(message, jmapMessage);
         try {
             MailMetadata metadata = new MailMetadata(jmapMessage.getId(), session.getUser().getUserName());
@@ -67,4 +68,19 @@ public class MessageSender {
             throw new MessagingException("error building message to send", e);
         }
     }
+
+    private void validateUserIsInSenders(Message message, MailboxSession session) throws
MailboxSendingNotAllowedException {
+        List<String> allowedSenders = ImmutableList.of(session.getUser().getUserName());
+        if (!isAllowedFromAddress(message, allowedSenders)) {
+            throw new MailboxSendingNotAllowedException(allowedSenders);
+        }
+    }
+
+    private boolean isAllowedFromAddress(Message message, List<String> allowedFromMailAddresses)
{
+        return message.getFrom()
+            .map(draftEmailer -> draftEmailer.getEmail()
+                .map(allowedFromMailAddresses::contains)
+                .orElse(false))
+            .orElse(false);
+    }
 }

http://git-wip-us.apache.org/repos/asf/james-project/blob/e3ffd2bf/server/protocols/jmap/src/main/java/org/apache/james/jmap/methods/SetMessagesCreationProcessor.java
----------------------------------------------------------------------
diff --git a/server/protocols/jmap/src/main/java/org/apache/james/jmap/methods/SetMessagesCreationProcessor.java
b/server/protocols/jmap/src/main/java/org/apache/james/jmap/methods/SetMessagesCreationProcessor.java
index 8fe1161..045bf37 100644
--- a/server/protocols/jmap/src/main/java/org/apache/james/jmap/methods/SetMessagesCreationProcessor.java
+++ b/server/protocols/jmap/src/main/java/org/apache/james/jmap/methods/SetMessagesCreationProcessor.java
@@ -67,7 +67,6 @@ import com.github.steveash.guavate.Guavate;
 import com.google.common.annotations.VisibleForTesting;
 import com.google.common.base.Joiner;
 import com.google.common.base.Splitter;
-import com.google.common.collect.ImmutableList;
 
 
 public class SetMessagesCreationProcessor implements SetMessagesProcessor {
@@ -114,7 +113,7 @@ public class SetMessagesCreationProcessor implements SetMessagesProcessor
{
         try {
             validateImplementedFeature(create, mailboxSession);
             validateArguments(create, mailboxSession);
-            validateRights(create, mailboxSession);
+            validateIsUserOwnerOfMailboxes(create, mailboxSession);
             MessageWithId created = handleOutboxMessages(create, mailboxSession);
             responseBuilder.created(created.getCreationId(), created.getValue());
 
@@ -219,26 +218,6 @@ public class SetMessagesCreationProcessor implements SetMessagesProcessor
{
         return AttachmentId.from(attachment.getBlobId().getRawValue());
     }
 
-    private void validateRights(CreationMessageEntry entry, MailboxSession session) throws
MailboxSendingNotAllowedException, MailboxRightsException {
-        validateUserIsInSenders(entry, session);
-        validateIsUserOwnerOfMailboxes(entry, session);
-    }
-
-    private void validateUserIsInSenders(CreationMessageEntry entry, MailboxSession session)
throws MailboxSendingNotAllowedException {
-        List<String> allowedSenders = ImmutableList.of(session.getUser().getUserName());
-        if (!isAllowedFromAddress(entry.getValue(), allowedSenders)) {
-            throw new MailboxSendingNotAllowedException(allowedSenders);
-        }
-    }
-    
-    private boolean isAllowedFromAddress(CreationMessage creationMessage, List<String>
allowedFromMailAddresses) {
-        return creationMessage.getFrom()
-                .map(draftEmailer -> draftEmailer.getEmail()
-                        .map(allowedFromMailAddresses::contains)
-                        .orElse(false))
-                .orElse(false);
-    }
-
     @VisibleForTesting void validateIsUserOwnerOfMailboxes(CreationMessageEntry entry, MailboxSession
session) throws MailboxRightsException {
         if (containsMailboxNotOwn(entry.getValue().getMailboxIds(), session)) {
             throw new MailboxRightsException();
@@ -266,7 +245,7 @@ public class SetMessagesCreationProcessor implements SetMessagesProcessor
{
     
     private boolean isAppendToMailboxWithRole(Role role, CreationMessage entry, MailboxSession
mailboxSession) throws MailboxException {
         return getMailboxWithRole(mailboxSession, role)
-                .map(entry::isIn)
+                .map(entry::isInOnly)
                 .orElse(false);
     }
 

http://git-wip-us.apache.org/repos/asf/james-project/blob/e3ffd2bf/server/protocols/jmap/src/main/java/org/apache/james/jmap/model/CreationMessage.java
----------------------------------------------------------------------
diff --git a/server/protocols/jmap/src/main/java/org/apache/james/jmap/model/CreationMessage.java
b/server/protocols/jmap/src/main/java/org/apache/james/jmap/model/CreationMessage.java
index 8bcbe4b..73bbf9d 100644
--- a/server/protocols/jmap/src/main/java/org/apache/james/jmap/model/CreationMessage.java
+++ b/server/protocols/jmap/src/main/java/org/apache/james/jmap/model/CreationMessage.java
@@ -370,6 +370,11 @@ public class CreationMessage {
     public boolean isIn(MessageManager mailbox) {
         return mailboxIds.contains(mailbox.getId().serialize());
     }
+
+    public boolean isInOnly(MessageManager mailbox) {
+        return isIn(mailbox)
+            && mailboxIds.size() == 1;
+    }
     
     @JsonDeserialize(builder = DraftEmailer.Builder.class)
     public static class DraftEmailer {


---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org


Mime
View raw message