We use cookies to ensure you get the best experience on our website
Sākums Izpētīt Palīdzība
Reģistrēties Pierakstīties
0ct0pu5
/
simple-login
1
0
Atdalīts 0
Faili Problēmas 0 Izmaiņu pieprasījumi 0 Vikivietne
Pārlūkot izejas kodu

avoid email loop

Prevent user from adding a domain that they are using for their personal email.
Son NK 5 gadi atpakaļ
vecāks
f93e40c6ae
revīzija
fc22593bf6
2 mainītis faili ar 27 papildinājumiem un 1 dzēšanām
Dalītais skats Rādīt salīdzināšanas statistiku
  1. 8 1
      app/dashboard/views/custom_domain.py
  2. 19 0
      tests/dashboard/test_custom_domain.py

+ 8 - 1
app/dashboard/views/custom_domain.py
Parādīt failu 

@@ -5,6 +5,7 @@ from wtforms import StringField, validators
 
 
 from app.config import EMAIL_SERVERS_WITH_PRIORITY
 
 from app.dashboard.base import dashboard_bp
 
+from app.email_utils import get_email_domain_part
 
 from app.extensions import db
 
 from app.models import CustomDomain
 
 
@@ -30,9 +31,15 @@ def custom_domain():
 
                 return redirect(url_for("dashboard.custom_domain"))
 
 
             if new_custom_domain_form.validate():
 
-                new_domain = new_custom_domain_form.domain.data.strip()
 
+                new_domain = new_custom_domain_form.domain.data.lower().strip()
 
                 if CustomDomain.get_by(domain=new_domain):
 
                     flash(f"{new_domain} already added", "warning")
 
+                elif get_email_domain_part(current_user.email) == new_domain:
 
+                    flash(
 
+                        "You cannot add a domain that you are currently using for your personal email. "
 
+                        "Please change your personal email to your real email",
 
+                        "error",
 
+                    )
 
                 else:
 
                     new_custom_domain = CustomDomain.create(
 
                         domain=new_domain, user_id=current_user.id

+ 19 - 0
tests/dashboard/test_custom_domain.py
Parādīt failu 

@@ -17,3 +17,22 @@ def test_add_domain_success(flask_client):
 
 
     assert r.status_code == 200
 
     assert b"New domain ab.cd is created" in r.data
 
+
 
+
 
+def test_add_domain_same_as_user_email(flask_client):
 
+    """cannot add domain if user personal email uses this domain"""
 
+    user = login(flask_client)
 
+    user.lifetime = True
 
+    db.session.commit()
 
+
 
+    r = flask_client.post(
 
+        url_for("dashboard.custom_domain"),
 
+        data={"form-name": "create", "domain": "b.c"},  # user email is a@b.c
 
+        follow_redirects=True,
 
+    )
 
+
 
+    assert r.status_code == 200
 
+    assert (
 
+        b"You cannot add a domain that you are currently using for your personal email"
 
+        in r.data
 
+    )

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5