Repository: james-project Updated Branches: refs/heads/master b539779b2 -> 5df4371bc
JAMES-2214 Recipient validation should be done before sending This is required as recipients should not be validated when saving a draft, but only when sending it. Project: http://git-wip-us.apache.org/repos/asf/james-project/repo Commit: http://git-wip-us.apache.org/repos/asf/james-project/commit/e3ffd2bf Tree: http://git-wip-us.apache.org/repos/asf/james-project/tree/e3ffd2bf Diff: http://git-wip-us.apache.org/repos/asf/james-project/diff/e3ffd2bf Branch: refs/heads/master Commit: e3ffd2bf5fdb517a3c656b21259eb4d8fda77696 Parents: 4dbe064 Author: benwa <[email protected]> Authored: Mon Nov 13 09:56:49 2017 +0700 Committer: benwa <[email protected]> Committed: Wed Nov 15 17:58:15 2017 +0700 ---------------------------------------------------------------------- .../james/jmap/methods/MessageSender.java | 16 +++++++++++++ .../methods/SetMessagesCreationProcessor.java | 25 ++------------------ .../james/jmap/model/CreationMessage.java | 5 ++++ 3 files changed, 23 insertions(+), 23 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/james-project/blob/e3ffd2bf/server/protocols/jmap/src/main/java/org/apache/james/jmap/methods/MessageSender.java ---------------------------------------------------------------------- diff --git a/server/protocols/jmap/src/main/java/org/apache/james/jmap/methods/MessageSender.java b/server/protocols/jmap/src/main/java/org/apache/james/jmap/methods/MessageSender.java index dd94618..98e41d2 100644 --- a/server/protocols/jmap/src/main/java/org/apache/james/jmap/methods/MessageSender.java +++ b/server/protocols/jmap/src/main/java/org/apache/james/jmap/methods/MessageSender.java @@ -51,6 +51,7 @@ public class MessageSender { public void sendMessage(Message jmapMessage, MessageFactory.MetaDataWithContent message, MailboxSession session) throws MailboxException, MessagingException { + validateUserIsInSenders(jmapMessage, session); Mail mail = buildMessage(message, jmapMessage); try { MailMetadata metadata = new MailMetadata(jmapMessage.getId(), session.getUser().getUserName()); @@ -67,4 +68,19 @@ public class MessageSender { throw new MessagingException("error building message to send", e); } } + + private void validateUserIsInSenders(Message message, MailboxSession session) throws MailboxSendingNotAllowedException { + List<String> allowedSenders = ImmutableList.of(session.getUser().getUserName()); + if (!isAllowedFromAddress(message, allowedSenders)) { + throw new MailboxSendingNotAllowedException(allowedSenders); + } + } + + private boolean isAllowedFromAddress(Message message, List<String> allowedFromMailAddresses) { + return message.getFrom() + .map(draftEmailer -> draftEmailer.getEmail() + .map(allowedFromMailAddresses::contains) + .orElse(false)) + .orElse(false); + } } http://git-wip-us.apache.org/repos/asf/james-project/blob/e3ffd2bf/server/protocols/jmap/src/main/java/org/apache/james/jmap/methods/SetMessagesCreationProcessor.java ---------------------------------------------------------------------- diff --git a/server/protocols/jmap/src/main/java/org/apache/james/jmap/methods/SetMessagesCreationProcessor.java b/server/protocols/jmap/src/main/java/org/apache/james/jmap/methods/SetMessagesCreationProcessor.java index 8fe1161..045bf37 100644 --- a/server/protocols/jmap/src/main/java/org/apache/james/jmap/methods/SetMessagesCreationProcessor.java +++ b/server/protocols/jmap/src/main/java/org/apache/james/jmap/methods/SetMessagesCreationProcessor.java @@ -67,7 +67,6 @@ import com.github.steveash.guavate.Guavate; import com.google.common.annotations.VisibleForTesting; import com.google.common.base.Joiner; import com.google.common.base.Splitter; -import com.google.common.collect.ImmutableList; public class SetMessagesCreationProcessor implements SetMessagesProcessor { @@ -114,7 +113,7 @@ public class SetMessagesCreationProcessor implements SetMessagesProcessor { try { validateImplementedFeature(create, mailboxSession); validateArguments(create, mailboxSession); - validateRights(create, mailboxSession); + validateIsUserOwnerOfMailboxes(create, mailboxSession); MessageWithId created = handleOutboxMessages(create, mailboxSession); responseBuilder.created(created.getCreationId(), created.getValue()); @@ -219,26 +218,6 @@ public class SetMessagesCreationProcessor implements SetMessagesProcessor { return AttachmentId.from(attachment.getBlobId().getRawValue()); } - private void validateRights(CreationMessageEntry entry, MailboxSession session) throws MailboxSendingNotAllowedException, MailboxRightsException { - validateUserIsInSenders(entry, session); - validateIsUserOwnerOfMailboxes(entry, session); - } - - private void validateUserIsInSenders(CreationMessageEntry entry, MailboxSession session) throws MailboxSendingNotAllowedException { - List<String> allowedSenders = ImmutableList.of(session.getUser().getUserName()); - if (!isAllowedFromAddress(entry.getValue(), allowedSenders)) { - throw new MailboxSendingNotAllowedException(allowedSenders); - } - } - - private boolean isAllowedFromAddress(CreationMessage creationMessage, List<String> allowedFromMailAddresses) { - return creationMessage.getFrom() - .map(draftEmailer -> draftEmailer.getEmail() - .map(allowedFromMailAddresses::contains) - .orElse(false)) - .orElse(false); - } - @VisibleForTesting void validateIsUserOwnerOfMailboxes(CreationMessageEntry entry, MailboxSession session) throws MailboxRightsException { if (containsMailboxNotOwn(entry.getValue().getMailboxIds(), session)) { throw new MailboxRightsException(); @@ -266,7 +245,7 @@ public class SetMessagesCreationProcessor implements SetMessagesProcessor { private boolean isAppendToMailboxWithRole(Role role, CreationMessage entry, MailboxSession mailboxSession) throws MailboxException { return getMailboxWithRole(mailboxSession, role) - .map(entry::isIn) + .map(entry::isInOnly) .orElse(false); } http://git-wip-us.apache.org/repos/asf/james-project/blob/e3ffd2bf/server/protocols/jmap/src/main/java/org/apache/james/jmap/model/CreationMessage.java ---------------------------------------------------------------------- diff --git a/server/protocols/jmap/src/main/java/org/apache/james/jmap/model/CreationMessage.java b/server/protocols/jmap/src/main/java/org/apache/james/jmap/model/CreationMessage.java index 8bcbe4b..73bbf9d 100644 --- a/server/protocols/jmap/src/main/java/org/apache/james/jmap/model/CreationMessage.java +++ b/server/protocols/jmap/src/main/java/org/apache/james/jmap/model/CreationMessage.java @@ -370,6 +370,11 @@ public class CreationMessage { public boolean isIn(MessageManager mailbox) { return mailboxIds.contains(mailbox.getId().serialize()); } + + public boolean isInOnly(MessageManager mailbox) { + return isIn(mailbox) + && mailboxIds.size() == 1; + } @JsonDeserialize(builder = DraftEmailer.Builder.class) public static class DraftEmailer { --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
