ghaymah_dev/postal
1
0
نسخ 0
مراية لـ https://github.com/postalserver/postal.git تم المزامنة 2026-03-04 23:04:08 +00:00
الشفرة المشكلات Packages المشاريع الإصدارات الويكي النشاط

Compare commits

قاعدة: ghaymah_dev:3.2.0
الفروع العلامات
ghaymah_dev:main ghaymah_dev:dependabot/bundler/nokogiri-1.19.1 ghaymah_dev:dependabot/bundler/rack-3.2.5 ghaymah_dev:dependabot/bundler/faraday-2.14.1
ghaymah_dev:3.3.5 ghaymah_dev:3.3.4 ghaymah_dev:3.3.3 ghaymah_dev:3.3.2 ghaymah_dev:3.3.1 ghaymah_dev:3.3.0 ghaymah_dev:3.2.2 ghaymah_dev:3.2.1 ghaymah_dev:3.2.0 ghaymah_dev:3.1.1 ghaymah_dev:3.1.0 ghaymah_dev:3.0.2 ghaymah_dev:3.0.1 ghaymah_dev:3.0.0 ghaymah_dev:2.3.2 ghaymah_dev:2.3.1 ghaymah_dev:2.3.0 ghaymah_dev:2.2.2 ghaymah_dev:2.2.1 ghaymah_dev:2.2.0 ghaymah_dev:2.1.6 ghaymah_dev:2.1.5 ghaymah_dev:2.1.4 ghaymah_dev:2.1.3 ghaymah_dev:2.1.2 ghaymah_dev:2.1.1 ghaymah_dev:2.1.0 ghaymah_dev:2.0.0 ghaymah_dev:2.0.0-beta.1
..
مقارنة: ghaymah_dev:3.2.2
الفروع العلامات
ghaymah_dev:dependabot/bundler/nokogiri-1.19.1 ghaymah_dev:dependabot/bundler/rack-3.2.5 ghaymah_dev:dependabot/bundler/faraday-2.14.1 ghaymah_dev:main
ghaymah_dev:3.3.5 ghaymah_dev:3.3.4 ghaymah_dev:3.3.3 ghaymah_dev:3.3.2 ghaymah_dev:3.3.1 ghaymah_dev:3.3.0 ghaymah_dev:3.2.2 ghaymah_dev:3.2.1 ghaymah_dev:3.2.0 ghaymah_dev:3.1.1 ghaymah_dev:3.1.0 ghaymah_dev:3.0.2 ghaymah_dev:3.0.1 ghaymah_dev:3.0.0 ghaymah_dev:2.3.2 ghaymah_dev:2.3.1 ghaymah_dev:2.3.0 ghaymah_dev:2.2.2 ghaymah_dev:2.2.1 ghaymah_dev:2.2.0 ghaymah_dev:2.1.6 ghaymah_dev:2.1.5 ghaymah_dev:2.1.4 ghaymah_dev:2.1.3 ghaymah_dev:2.1.2 ghaymah_dev:2.1.1 ghaymah_dev:2.1.0 ghaymah_dev:2.0.0 ghaymah_dev:2.0.0-beta.1

10 الالتزامات
3.2.0 ... 3.2.2

المؤلف SHA1 الرسالة التاريخ
github-actions[bot]
6a1ff56fe2 chore(main): release 3.2.2 (#2878) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2024-03-14 22:03:58 +00:00
Adam Cooke
be456523dd fix: don't use authentication on org & server deletion 2024-03-14 14:14:59 +00:00
Adam Cooke
3d208d632f test: add tests for the legacy API 2024-03-13 22:40:41 +00:00
Adam Cooke
1c67f72209 chore: hide further config messages 2024-03-13 19:08:59 +00:00
Adam Cooke
aa76aae232 chore: suppress config location on default-dkim-record 2024-03-13 19:06:37 +00:00
Adam Cooke
f760cdb5a1 chore: allow config location message to be suppressed 2024-03-13 19:06:25 +00:00
Adam Cooke
b55becd2ec doc: add annotations to queued message spec 2024-03-13 19:02:59 +00:00
Adam Cooke
92406129cf fix(smtp-server): fixes proxy protocol 2024-03-13 18:16:08 +00:00
github-actions[bot]
144af20b9c chore(main): release 3.2.1 (#2877) 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
 2024-03-13 17:01:01 +00:00
Adam Cooke
58dddebeb8 fix: fixes postal default-dkim-record 2024-03-13 16:54:53 +00:00
23 ملفات معدلة مع 1047 إضافات و176 حذوفات
توسيع جميع الملفات طي جميع الملفات

2
.release-please-manifest.json
عرض الملف

@@ -1,3 +1,3 @@
{
".": "3.2.0"
".": "3.2.2"
}

27
CHANGELOG.md
عرض الملف

@@ -2,6 +2,33 @@
This file contains all the latest changes and updates to Postal.
## [3.2.2](https://github.com/postalserver/postal/compare/3.2.1...3.2.2) (2024-03-14)
### Bug Fixes
* don't use authentication on org & server deletion ([be45652](https://github.com/postalserver/postal/commit/be456523dd3aacb5c3eb45c9261da97ebffe603c))
* **smtp-server:** fixes proxy protocol ([9240612](https://github.com/postalserver/postal/commit/92406129cfcf1a06499a6f5aa18c73f1d6195793))
### Miscellaneous Chores
* allow config location message to be suppressed ([f760cdb](https://github.com/postalserver/postal/commit/f760cdb5a1d53e9c30ee495d129cbf12603a3cbd))
* hide further config messages ([1c67f72](https://github.com/postalserver/postal/commit/1c67f72209c93404d7024ce3d15f6f54f2d707c4))
* suppress config location on default-dkim-record ([aa76aae](https://github.com/postalserver/postal/commit/aa76aae2322af41af1bd60cfe1d69a11ac76324e))
### Tests
* add tests for the legacy API ([3d208d6](https://github.com/postalserver/postal/commit/3d208d632f4fc8a4adbfdb2bf4b377271eae6692))
## [3.2.1](https://github.com/postalserver/postal/compare/3.2.0...3.2.1) (2024-03-13)
### Bug Fixes
* fixes `postal default-dkim-record` ([58dddeb](https://github.com/postalserver/postal/commit/58dddebeb81dc6fab945d2b10a91588eddc471c2))
## [3.2.0](https://github.com/postalserver/postal/compare/3.1.1...3.2.0) (2024-03-13)

7
app/controllers/organizations_controller.rb
عرض الملف

@@ -43,10 +43,11 @@ class OrganizationsController < ApplicationController
end
def destroy
unless current_user.authenticate(params[:password])
if params[:confirm_text].blank? || params[:confirm_text].downcase.strip != organization.name.downcase.strip
respond_to do |wants|
wants.html { redirect_to organization_delete_path(@organization), alert: "The password you entered was not valid. Please check and try again." }
wants.json { render json: { alert: "The password you entered was invalid. Please check and try again." } }
alert_text = "The text you entered does not match the organization name. Please check and try again."
wants.html { redirect_to organization_delete_path(@organization), alert: alert_text }
wants.json { render json: { alert: alert_text } }
end
return
end

12
app/controllers/servers_controller.rb
عرض الملف

@@ -65,17 +65,15 @@ class ServersController < ApplicationController
end
def destroy
unless current_user.authenticate(params[:password])
if params[:confirm_text].blank? || params[:confirm_text].downcase.strip != @server.name.downcase.strip
respond_to do |wants|
wants.html do
redirect_to [:delete, organization, @server], alert: "The password you entered was not valid. Please check and try again."
end
wants.json do
render json: { alert: "The password you entere was invalid. Please check and try again" }
end
alert_text = "The text you entered does not match the server name. Please check and try again."
wants.html { redirect_to organization_delete_path(@organization), alert: alert_text }
wants.json { render json: { alert: alert_text } }
end
return
end
@server.soft_destroy
redirect_to_with_json organization_root_path(organization), notice: "#{@server.name} has been deleted successfully"
end

66
app/lib/signer.rb
عرض الملف

@@ -1,66 +0,0 @@
# frozen_string_literal: true
require "base64"
class Signer
# Create a new Signer
#
# @param [OpenSSL::PKey::RSA] private_key The private key to use for signing
# @return [Signer]
def initialize(private_key)
@private_key = private_key
end
# Return the private key
#
# @return [OpenSSL::PKey::RSA]
attr_reader :private_key
# Return the public key for the private key
#
# @return [OpenSSL::PKey::RSA]
def public_key
@private_key.public_key
end
# Sign the given data
#
# @param [String] data The data to sign
# @return [String] The signature
def sign(data)
private_key.sign(OpenSSL::Digest.new("SHA256"), data)
end
# Sign the given data and return a Base64-encoded signature
#
# @param [String] data The data to sign
# @return [String] The Base64-encoded signature
def sign64(data)
Base64.strict_encode64(sign(data))
end
# Return a JWK for the private key
#
# @return [JWT::JWK] The JWK
def jwk
@jwk ||= JWT::JWK.new(private_key, { use: "sig", alg: "RS256" })
end
# Sign the given data using SHA1 (for legacy use)
#
# @param [String] data The data to sign
# @return [String] The signature
def sha1_sign(data)
private_key.sign(OpenSSL::Digest.new("SHA1"), data)
end
# Sign the given data using SHA1 (for legacy use) and return a Base64-encoded string
#
# @param [String] data The data to sign
# @return [String] The signature
def sha1_sign64(data)
Base64.strict_encode64(sha1_sign(data))
end
end

7
app/lib/smtp_server/client.rb
عرض الملف

@@ -116,19 +116,20 @@ module SMTPServer
private
def proxy(data)
# inet-protocol, client-ip, proxy-ip, client-port, proxy-port
if m = data.match(/\APROXY (.+) (.+) (.+) (.+) (.+)\z/)
@ip_address = m[2]
check_ip_address
@state = :welcome
logger&.debug "\e[35mClient identified as #{@ip_address}\e[0m"
increment_command_count("PROXY")
"220 #{Postal::Config.postal.smtp_hostname} ESMTP Postal/#{id}"
else
return "220 #{Postal::Config.postal.smtp_hostname} ESMTP Postal/#{trace_id}"
end
@finished = true
increment_error_count("proxy-error")
"502 Proxy Error"
end
end
def quit
@finished = true

2
app/models/outgoing_message_prototype.rb
عرض الملف

@@ -99,7 +99,7 @@ class OutgoingMessagePrototype
{
name: attachment[:name],
content_type: attachment[:content_type] || "application/octet-stream",
data: attachment[:base64] ? Base64.decode64(attachment[:data]) : attachment[:data]
data: attachment[:base64] && attachment[:data] ? Base64.decode64(attachment[:data]) : attachment[:data]
}
end
end

5
app/views/organizations/delete.html.haml
عرض الملف

@@ -13,12 +13,11 @@
all its mail servers & data will be deleted from our systems.
.dangerZone
%p.pageContent__text.u-margin
To continue to delete this organization, please enter your password in the field below and press
To continue to delete this organization, please enter the name of the organization in the field below and press
continue. <b class='u-red'>There will be no other confirmations.</b>
= form_tag [organization, :delete], :method => :delete, :remote => true do
= hidden_field_tag 'return_to', params[:return_to]
%p.u-margin
= password_field_tag "password", '', :class => 'input input--text input--danger'
= text_field_tag "confirm_text", '', :class => 'input input--text input--danger'
.buttonSet.u-center
= submit_tag "Delete this organization, mail servers and all messages", :class => 'button button--danger js-form-submit'

5
app/views/servers/delete.html.haml
عرض الملف

@@ -10,12 +10,11 @@
immediately.
.dangerZone
%p.pageContent__text.u-margin
To continue to remove this server, please enter your password in the field below and press
To continue to remove this server, please enter the server name in the field below and press
continue. <b class='u-red'>There will be no other confirmations.</b>
= form_tag [organization, @server], :remote => true, :method => :delete do
= hidden_field_tag 'return_to', params[:return_to]
%p.u-margin
= password_field_tag "password", '', :class => 'input input--text input--danger'
= text_field_tag "confirm_text", '', :class => 'input input--text input--danger'
.buttonSet.u-center
= submit_tag "Delete this mail server and all messages", :class => 'button button--danger'

21
lib/postal/config.rb
عرض الملف

@@ -16,6 +16,7 @@ require_relative "error"
require_relative "version"
require_relative "config_schema"
require_relative "legacy_config_source"
require_relative "signer"
module Postal
@@ -37,30 +38,36 @@ module Postal
Dotenv.load(".env")
sources << Konfig::Sources::Environment.new(ENV)
silence_config_messages = ENV.fetch("SILENCE_POSTAL_CONFIG_MESSAGES", "false") == "true"
# If a config file exists, we need to load that. Config files can
# either be legacy (v1) or new (v2). Any file without a 'version'
# key is a legacy file whereas new-style config files will include
# the 'version: 2' key/value.
if File.file?(config_file_path)
puts "Loading config from #{config_file_path}"
unless silence_config_messages
warn "Loading config from #{config_file_path}"
end
config_file = File.read(config_file_path)
yaml = YAML.safe_load(config_file)
config_version = yaml["version"] || 1
case config_version
when 1
puts "WARNING: Using legacy config file format. Upgrade your postal.yml to use"
puts "version 2 of the Postal configuration or configure using environment"
puts "variables. See https://postalserver.io/config-v2 for details."
unless silence_config_messages
warn "WARNING: Using legacy config file format. Upgrade your postal.yml to use"
warn "version 2 of the Postal configuration or configure using environment"
warn "variables. See https://postalserver.io/config-v2 for details."
end
sources << LegacyConfigSource.new(yaml)
when 2
sources << Konfig::Sources::YAML.new(config_file)
else
raise "Invalid version specified in Postal config file. Must be 1 or 2."
end
else
puts "No configuration file found at #{config_file_path}"
puts "Only using environment variables for configuration"
elsif !silence_config_messages
warn "No configuration file found at #{config_file_path}"
warn "Only using environment variables for configuration"
end
# Build configuration with the provided sources.

2
lib/postal/config_schema.rb
عرض الملف

@@ -279,7 +279,7 @@ module Postal
end
boolean :proxy_protocol do
description "Enable proxy protocol for use behind some load balancers"
description "Enable proxy protocol for use behind some load balancers (supports proxy protocol v1 only)"
default false
end

67
lib/postal/signer.rb Normal file
عرض الملف

@@ -0,0 +1,67 @@
# frozen_string_literal: true
require "base64"
module Postal
class Signer
# Create a new Signer
#
# @param [OpenSSL::PKey::RSA] private_key The private key to use for signing
# @return [Signer]
def initialize(private_key)
@private_key = private_key
end
# Return the private key
#
# @return [OpenSSL::PKey::RSA]
attr_reader :private_key
# Return the public key for the private key
#
# @return [OpenSSL::PKey::RSA]
def public_key
@private_key.public_key
end
# Sign the given data
#
# @param [String] data The data to sign
# @return [String] The signature
def sign(data)
private_key.sign(OpenSSL::Digest.new("SHA256"), data)
end
# Sign the given data and return a Base64-encoded signature
#
# @param [String] data The data to sign
# @return [String] The Base64-encoded signature
def sign64(data)
Base64.strict_encode64(sign(data))
end
# Return a JWK for the private key
#
# @return [JWT::JWK] The JWK
def jwk
@jwk ||= JWT::JWK.new(private_key, { use: "sig", alg: "RS256" })
end
# Sign the given data using SHA1 (for legacy use)
#
# @param [String] data The data to sign
# @return [String] The signature
def sha1_sign(data)
private_key.sign(OpenSSL::Digest.new("SHA1"), data)
end
# Sign the given data using SHA1 (for legacy use) and return a Base64-encoded string
#
# @param [String] data The data to sign
# @return [String] The signature
def sha1_sign64(data)
Base64.strict_encode64(sha1_sign(data))
end
end
end

1
script/default_dkim_record.rb
عرض الملف

@@ -1,4 +1,5 @@
# frozen_string_literal: true
ENV["SILENCE_POSTAL_CONFIG_LOCATION_MESSAGE"] = "true"
require File.expand_path("../lib/postal/config", __dir__)
puts Postal.rp_dkim_dns_record

118
spec/apis/legacy_api/messages/deliveries_spec.rb Normal file
عرض الملف

@@ -0,0 +1,118 @@
# frozen_string_literal: true
require "rails_helper"
RSpec.describe "Legacy Messages API", type: :request do
describe "/api/v1/messages/deliveries" do
context "when no authentication is provided" do
it "returns an error" do
post "/api/v1/messages/deliveries"
expect(response.status).to eq 200
parsed_body = JSON.parse(response.body)
expect(parsed_body["status"]).to eq "error"
expect(parsed_body["data"]["code"]).to eq "AccessDenied"
end
end
context "when the credential does not match anything" do
it "returns an error" do
post "/api/v1/messages/deliveries", headers: { "x-server-api-key" => "invalid" }
expect(response.status).to eq 200
parsed_body = JSON.parse(response.body)
expect(parsed_body["status"]).to eq "error"
expect(parsed_body["data"]["code"]).to eq "InvalidServerAPIKey"
end
end
context "when the credential belongs to a suspended server" do
it "returns an error" do
server = create(:server, :suspended)
credential = create(:credential, server: server)
post "/api/v1/messages/deliveries", headers: { "x-server-api-key" => credential.key }
expect(response.status).to eq 200
parsed_body = JSON.parse(response.body)
expect(parsed_body["status"]).to eq "error"
expect(parsed_body["data"]["code"]).to eq "ServerSuspended"
end
end
context "when the credential is valid" do
let(:server) { create(:server) }
let(:credential) { create(:credential, server: server) }
context "when no message ID is provided" do
it "returns an error" do
post "/api/v1/messages/deliveries", headers: { "x-server-api-key" => credential.key }
expect(response.status).to eq 200
parsed_body = JSON.parse(response.body)
expect(parsed_body["status"]).to eq "parameter-error"
expect(parsed_body["data"]["message"]).to match(/`id` parameter is required but is missing/)
end
end
context "when the message ID does not exist" do
it "returns an error" do
post "/api/v1/messages/deliveries",
headers: { "x-server-api-key" => credential.key,
"content-type" => "application/json" },
params: { id: 123 }.to_json
expect(response.status).to eq 200
parsed_body = JSON.parse(response.body)
expect(parsed_body["status"]).to eq "error"
expect(parsed_body["data"]["code"]).to eq "MessageNotFound"
expect(parsed_body["data"]["id"]).to eq 123
end
end
context "when the message ID exists" do
let(:server) { create(:server) }
let(:credential) { create(:credential, server: server) }
let(:message) { MessageFactory.outgoing(server) }
before do
message.create_delivery("SoftFail", details: "no server found",
output: "404",
sent_with_ssl: true,
log_id: "1234",
time: 1.2)
message.create_delivery("Sent", details: "sent successfully",
output: "200",
sent_with_ssl: false,
log_id: "5678",
time: 2.2)
end
before do
post "/api/v1/messages/deliveries",
headers: { "x-server-api-key" => credential.key,
"content-type" => "application/json" },
params: { id: message.id }.to_json
end
it "returns an array of deliveries" do
expect(response.status).to eq 200
parsed_body = JSON.parse(response.body)
expect(parsed_body["status"]).to eq "success"
expect(parsed_body["data"]).to match([
{ "id" => kind_of(Integer),
"status" => "SoftFail",
"details" => "no server found",
"output" => "404",
"sent_with_ssl" => true,
"log_id" => "1234",
"time" => 1.2,
"timestamp" => kind_of(Float) },
{ "id" => kind_of(Integer),
"status" => "Sent",
"details" => "sent successfully",
"output" => "200",
"sent_with_ssl" => false,
"log_id" => "5678",
"time" => 2.2,
"timestamp" => kind_of(Float) },
])
end
end
end
end
end

270
spec/apis/legacy_api/messages/message_spec.rb Normal file
عرض الملف

@@ -0,0 +1,270 @@
# frozen_string_literal: true
require "rails_helper"
RSpec.describe "Legacy Messages API", type: :request do
describe "/api/v1/messages/message" do
context "when no authentication is provided" do
it "returns an error" do
post "/api/v1/messages/message"
expect(response.status).to eq 200
parsed_body = JSON.parse(response.body)
expect(parsed_body["status"]).to eq "error"
expect(parsed_body["data"]["code"]).to eq "AccessDenied"
end
end
context "when the credential does not match anything" do
it "returns an error" do
post "/api/v1/messages/message", headers: { "x-server-api-key" => "invalid" }
expect(response.status).to eq 200
parsed_body = JSON.parse(response.body)
expect(parsed_body["status"]).to eq "error"
expect(parsed_body["data"]["code"]).to eq "InvalidServerAPIKey"
end
end
context "when the credential belongs to a suspended server" do
it "returns an error" do
server = create(:server, :suspended)
credential = create(:credential, server: server)
post "/api/v1/messages/message", headers: { "x-server-api-key" => credential.key }
expect(response.status).to eq 200
parsed_body = JSON.parse(response.body)
expect(parsed_body["status"]).to eq "error"
expect(parsed_body["data"]["code"]).to eq "ServerSuspended"
end
end
context "when the credential is valid" do
let(:server) { create(:server) }
let(:credential) { create(:credential, server: server) }
context "when no message ID is provided" do
it "returns an error" do
post "/api/v1/messages/message", headers: { "x-server-api-key" => credential.key }
expect(response.status).to eq 200
parsed_body = JSON.parse(response.body)
expect(parsed_body["status"]).to eq "parameter-error"
expect(parsed_body["data"]["message"]).to match(/`id` parameter is required but is missing/)
end
end
context "when the message ID does not exist" do
it "returns an error" do
post "/api/v1/messages/message",
headers: { "x-server-api-key" => credential.key,
"content-type" => "application/json" },
params: { id: 123 }.to_json
expect(response.status).to eq 200
parsed_body = JSON.parse(response.body)
expect(parsed_body["status"]).to eq "error"
expect(parsed_body["data"]["code"]).to eq "MessageNotFound"
end
end
context "when the message ID exists" do
let(:server) { create(:server) }
let(:credential) { create(:credential, server: server) }
let(:message) { MessageFactory.outgoing(server) }
let(:expansions) { [] }
before do
post "/api/v1/messages/message",
headers: { "x-server-api-key" => credential.key,
"content-type" => "application/json" },
params: { id: message.id, _expansions: expansions }.to_json
end
context "when no expansions are requested" do
it "returns details about the message" do
expect(response.status).to eq 200
parsed_body = JSON.parse(response.body)
expect(parsed_body["status"]).to eq "success"
expect(parsed_body["data"]).to match({
"id" => message.id,
"token" => message.token
})
end
end
context "when the status expansion is requested" do
let(:expansions) { ["status"] }
it "returns details about the message" do
expect(response.status).to eq 200
parsed_body = JSON.parse(response.body)
expect(parsed_body["status"]).to eq "success"
expect(parsed_body["data"]).to match({
"id" => message.id,
"token" => message.token,
"status" => { "held" => false,
"hold_expiry" => nil,
"last_delivery_attempt" => nil,
"status" => "Pending" }
})
end
end
context "when the details expansion is requested" do
let(:expansions) { ["details"] }
it "returns details about the message" do
expect(response.status).to eq 200
parsed_body = JSON.parse(response.body)
expect(parsed_body["status"]).to eq "success"
expect(parsed_body["data"]).to match({
"id" => message.id,
"token" => message.token,
"details" => { "bounce" => false,
"bounce_for_id" => 0,
"direction" => "outgoing",
"mail_from" => "test@example.com",
"message_id" => message.message_id,
"rcpt_to" => "john@example.com",
"received_with_ssl" => nil,
"size" => kind_of(String),
"subject" => "An example message",
"tag" => nil,
"timestamp" => kind_of(Float) }
})
end
end
context "when the details expansion is requested" do
let(:expansions) { ["inspection"] }
it "returns details about the message" do
expect(response.status).to eq 200
parsed_body = JSON.parse(response.body)
expect(parsed_body["status"]).to eq "success"
expect(parsed_body["data"]).to match({
"id" => message.id,
"token" => message.token,
"inspection" => { "inspected" => false,
"spam" => false,
"spam_score" => 0.0,
"threat" => false,
"threat_details" => nil }
})
end
end
context "when the body expansions are requested" do
let(:expansions) { %w[plain_body html_body] }
it "returns details about the message" do
expect(response.status).to eq 200
parsed_body = JSON.parse(response.body)
expect(parsed_body["status"]).to eq "success"
expect(parsed_body["data"]).to match({
"id" => message.id,
"token" => message.token,
"plain_body" => message.plain_body,
"html_body" => message.html_body
})
end
end
context "when the attachments expansions is requested" do
let(:message) do
MessageFactory.outgoing(server) do |_, mail|
mail.attachments["example.txt"] = "hello world!"
end
end
let(:expansions) { ["attachments"] }
it "returns details about the message" do
expect(response.status).to eq 200
parsed_body = JSON.parse(response.body)
expect(parsed_body["status"]).to eq "success"
expect(parsed_body["data"]).to match({
"id" => message.id,
"token" => message.token,
"attachments" => [
{
"content_type" => "text/plain",
"data" => Base64.encode64("hello world!"),
"filename" => "example.txt",
"hash" => Digest::SHA1.hexdigest("hello world!"),
"size" => 12
},
]
})
end
end
context "when the headers expansions is requested" do
let(:expansions) { ["headers"] }
it "returns details about the message" do
expect(response.status).to eq 200
parsed_body = JSON.parse(response.body)
expect(parsed_body["status"]).to eq "success"
expect(parsed_body["data"]).to match({
"id" => message.id,
"token" => message.token,
"headers" => message.headers
})
end
end
context "when the raw_message expansions is requested" do
let(:expansions) { ["raw_message"] }
it "returns details about the message" do
expect(response.status).to eq 200
parsed_body = JSON.parse(response.body)
expect(parsed_body["status"]).to eq "success"
expect(parsed_body["data"]).to match({
"id" => message.id,
"token" => message.token,
"raw_message" => Base64.encode64(message.raw_message)
})
end
end
context "when the activity_entries expansions is requested" do
let(:message) do
MessageFactory.outgoing(server) do |msg|
msg.create_load(double("request", ip: "1.2.3.4", user_agent: "user agent"))
link = msg.create_link("https://example.com")
link_id = msg.database.select(:links, where: { token: link }).first["id"]
msg.database.insert(:clicks, {
message_id: msg.id,
link_id: link_id,
ip_address: "1.2.3.4",
user_agent: "user agent",
timestamp: Time.now.to_f
})
end
end
let(:expansions) { ["activity_entries"] }
it "returns details about the message" do
expect(response.status).to eq 200
parsed_body = JSON.parse(response.body)
expect(parsed_body["status"]).to eq "success"
expect(parsed_body["data"]).to match({
"id" => message.id,
"token" => message.token,
"activity_entries" => {
"loads" => [{
"ip_address" => "1.2.3.4",
"user_agent" => "user agent",
"timestamp" => match(/\A\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}\.\d+Z\z/)
}],
"clicks" => [{
"url" => "https://example.com",
"ip_address" => "1.2.3.4",
"user_agent" => "user agent",
"timestamp" => match(/\A\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}\.\d+Z\z/)
}]
}
})
end
end
end
end
end
end

234
spec/apis/legacy_api/send/message_spec.rb Normal file
عرض الملف

@@ -0,0 +1,234 @@
# frozen_string_literal: true
require "rails_helper"
RSpec.describe "Legacy Send API", type: :request do
describe "/api/v1/send/message" do
context "when no authentication is provided" do
it "returns an error" do
post "/api/v1/send/message"
expect(response.status).to eq 200
parsed_body = JSON.parse(response.body)
expect(parsed_body["status"]).to eq "error"
expect(parsed_body["data"]["code"]).to eq "AccessDenied"
end
end
context "when the credential does not match anything" do
it "returns an error" do
post "/api/v1/send/message", headers: { "x-server-api-key" => "invalid" }
expect(response.status).to eq 200
parsed_body = JSON.parse(response.body)
expect(parsed_body["status"]).to eq "error"
expect(parsed_body["data"]["code"]).to eq "InvalidServerAPIKey"
end
end
context "when the credential belongs to a suspended server" do
it "returns an error" do
server = create(:server, :suspended)
credential = create(:credential, server: server)
post "/api/v1/send/message", headers: { "x-server-api-key" => credential.key }
expect(response.status).to eq 200
parsed_body = JSON.parse(response.body)
expect(parsed_body["status"]).to eq "error"
expect(parsed_body["data"]["code"]).to eq "ServerSuspended"
end
end
context "when the credential is valid" do
let(:server) { create(:server) }
let(:credential) { create(:credential, server: server) }
let(:domain) { create(:domain, owner: server) }
let(:default_params) do
{
to: ["test@example.com"],
cc: ["cc@example.com"],
bcc: ["bcc@example.com"],
from: "test@#{domain.name}",
sender: "sender@#{domain.name}",
tag: "test-tag",
reply_to: "reply@example.com",
plain_body: "plain text",
html_body: "<p>html</p>",
attachments: [{ name: "test1.txt", content_type: "text/plain", data: Base64.encode64("hello world 1") },
{ name: "test2.txt", content_type: "text/plain", data: Base64.encode64("hello world 2") },],
headers: { "x-test-header-1" => "111", "x-test-header-2" => "222" },
bounce: false,
subject: "Test"
}
end
let(:params) { default_params }
before do
post "/api/v1/send/message",
headers: { "x-server-api-key" => credential.key,
"content-type" => "application/json" },
params: params.to_json
end
context "when no recipients are provided" do
let(:params) { default_params.merge(to: [], cc: [], bcc: []) }
it "returns an error" do
parsed_body = JSON.parse(response.body)
expect(parsed_body["status"]).to eq "error"
expect(parsed_body["data"]["code"]).to eq "NoRecipients"
expect(parsed_body["data"]["message"]).to match(/there are no recipients defined to receive this message/i)
end
end
context "when no content is provided" do
let(:params) { default_params.merge(html_body: nil, plain_body: nil) }
it "returns an error" do
parsed_body = JSON.parse(response.body)
expect(parsed_body["status"]).to eq "error"
expect(parsed_body["data"]["code"]).to eq "NoContent"
expect(parsed_body["data"]["message"]).to match(/there is no content defined for this e-mail/i)
end
end
context "when the number of 'To' recipients exceeds the maximum" do
let(:params) { default_params.merge(to: ["a@a.com"] * 51) }
it "returns an error" do
parsed_body = JSON.parse(response.body)
expect(parsed_body["status"]).to eq "error"
expect(parsed_body["data"]["code"]).to eq "TooManyToAddresses"
expect(parsed_body["data"]["message"]).to match(/the maximum number of To addresses has been reached/i)
end
end
context "when the number of 'CC' recipients exceeds the maximum" do
let(:params) { default_params.merge(cc: ["a@a.com"] * 51) }
it "returns an error" do
parsed_body = JSON.parse(response.body)
expect(parsed_body["status"]).to eq "error"
expect(parsed_body["data"]["code"]).to eq "TooManyCCAddresses"
expect(parsed_body["data"]["message"]).to match(/the maximum number of CC addresses has been reached/i)
end
end
context "when the number of 'BCC' recipients exceeds the maximum" do
let(:params) { default_params.merge(bcc: ["a@a.com"] * 51) }
it "returns an error" do
parsed_body = JSON.parse(response.body)
expect(parsed_body["status"]).to eq "error"
expect(parsed_body["data"]["code"]).to eq "TooManyBCCAddresses"
expect(parsed_body["data"]["message"]).to match(/the maximum number of BCC addresses has been reached/i)
end
end
context "when the 'From' address is missing" do
let(:params) { default_params.merge(from: nil) }
it "returns an error" do
parsed_body = JSON.parse(response.body)
expect(parsed_body["status"]).to eq "error"
expect(parsed_body["data"]["code"]).to eq "FromAddressMissing"
expect(parsed_body["data"]["message"]).to match(/the from address is missing and is required/i)
end
end
context "when the 'From' address is not authorised" do
let(:params) { default_params.merge(from: "test@another.com") }
it "returns an error" do
parsed_body = JSON.parse(response.body)
expect(parsed_body["status"]).to eq "error"
expect(parsed_body["data"]["code"]).to eq "UnauthenticatedFromAddress"
expect(parsed_body["data"]["message"]).to match(/the from address is not authorised to send mail from this server/i)
end
end
context "when an attachment is missing a name" do
let(:params) { default_params.merge(attachments: [{ name: nil, content_type: "text/plain", data: Base64.encode64("hello world 1") }]) }
it "returns an error" do
parsed_body = JSON.parse(response.body)
expect(parsed_body["status"]).to eq "error"
expect(parsed_body["data"]["code"]).to eq "AttachmentMissingName"
expect(parsed_body["data"]["message"]).to match(/an attachment is missing a name/i)
end
end
context "when an attachment is missing data" do
let(:params) { default_params.merge(attachments: [{ name: "test1.txt", content_type: "text/plain", data: nil }]) }
it "returns an error" do
parsed_body = JSON.parse(response.body)
expect(parsed_body["status"]).to eq "error"
expect(parsed_body["data"]["code"]).to eq "AttachmentMissingData"
expect(parsed_body["data"]["message"]).to match(/an attachment is missing data/i)
end
end
context "when an attachment entry is not a hash" do
let(:params) { default_params.merge(attachments: [123, "string"]) }
it "continues as if it wasn't there" do
parsed_body = JSON.parse(response.body)
["test@example.com", "cc@example.com", "bcc@example.com"].each do |rcpt_to|
message_id = parsed_body["data"]["messages"][rcpt_to]["id"]
message = server.message(message_id)
expect(message.attachments).to be_empty
end
end
end
context "when given a complete email to send" do
it "returns details of the messages created" do
parsed_body = JSON.parse(response.body)
expect(parsed_body["status"]).to eq "success"
expect(parsed_body["data"]["messages"]).to match({
"test@example.com" => { "id" => kind_of(Integer), "token" => /\A[a-zA-Z0-9]{16}\z/ },
"cc@example.com" => { "id" => kind_of(Integer), "token" => /\A[a-zA-Z0-9]{16}\z/ },
"bcc@example.com" => { "id" => kind_of(Integer), "token" => /\A[a-zA-Z0-9]{16}\z/ }
})
end
it "adds an appropriate received header" do
parsed_body = JSON.parse(response.body)
message_id = parsed_body["data"]["messages"]["test@example.com"]["id"]
message = server.message(message_id)
expect(message.headers["received"].first).to match(/\Afrom api/)
end
it "creates appropriate message objects" do
parsed_body = JSON.parse(response.body)
["test@example.com", "cc@example.com", "bcc@example.com"].each do |rcpt_to|
message_id = parsed_body["data"]["messages"][rcpt_to]["id"]
message = server.message(message_id)
expect(message).to have_attributes(
server: server,
rcpt_to: rcpt_to,
mail_from: params[:from],
subject: params[:subject],
message_id: kind_of(String),
timestamp: kind_of(Time),
domain_id: domain.id,
credential_id: credential.id,
bounce: false,
tag: params[:tag],
headers: hash_including("x-test-header-1" => ["111"],
"x-test-header-2" => ["222"],
"sender" => [params[:sender]],
"to" => ["test@example.com"],
"cc" => ["cc@example.com"],
"reply-to" => ["reply@example.com"]),
plain_body: params[:plain_body],
html_body: params[:html_body],
attachments: [
have_attributes(content_type: /\Atext\/plain/, filename: "test1.txt", body: have_attributes(to_s: "hello world 1")),
have_attributes(content_type: /\Atext\/plain/, filename: "test2.txt", body: have_attributes(to_s: "hello world 2")),
]
)
end
end
end
end
end
end

152
spec/apis/legacy_api/send/raw_spec.rb Normal file
عرض الملف

@@ -0,0 +1,152 @@
# frozen_string_literal: true
require "rails_helper"
RSpec.describe "Legacy Send API", type: :request do
describe "/api/v1/send/raw" do
context "when no authentication is provided" do
it "returns an error" do
post "/api/v1/send/raw"
expect(response.status).to eq 200
parsed_body = JSON.parse(response.body)
expect(parsed_body["status"]).to eq "error"
expect(parsed_body["data"]["code"]).to eq "AccessDenied"
end
end
context "when the credential does not match anything" do
it "returns an error" do
post "/api/v1/send/raw", headers: { "x-server-api-key" => "invalid" }
expect(response.status).to eq 200
parsed_body = JSON.parse(response.body)
expect(parsed_body["status"]).to eq "error"
expect(parsed_body["data"]["code"]).to eq "InvalidServerAPIKey"
end
end
context "when the credential belongs to a suspended server" do
it "returns an error" do
server = create(:server, :suspended)
credential = create(:credential, server: server)
post "/api/v1/send/raw", headers: { "x-server-api-key" => credential.key }
expect(response.status).to eq 200
parsed_body = JSON.parse(response.body)
expect(parsed_body["status"]).to eq "error"
expect(parsed_body["data"]["code"]).to eq "ServerSuspended"
end
end
context "when the credential is valid" do
let(:server) { create(:server) }
let(:credential) { create(:credential, server: server) }
let(:domain) { create(:domain, owner: server) }
let(:data) do
mail = Mail.new
mail.to = "test1@example.com"
mail.from = "test@#{domain.name}"
mail.subject = "test"
mail.text_part = Mail::Part.new
mail.text_part.body = "plain text"
mail.html_part = Mail::Part.new
mail.html_part.content_type = "text/html; charset=UTF-8"
mail.html_part.body = "<p>html</p>"
mail
end
let(:default_params) do
{
mail_from: "test@#{domain.name}",
rcpt_to: ["test1@example.com", "test2@example.com"],
data: Base64.encode64(data.to_s),
bounce: false
}
end
let(:params) { default_params }
before do
post "/api/v1/send/raw",
headers: { "x-server-api-key" => credential.key,
"content-type" => "application/json" },
params: params.to_json
end
context "when rcpt_to is not provided" do
let(:params) { default_params.except(:rcpt_to) }
it "returns an error" do
parsed_body = JSON.parse(response.body)
expect(parsed_body["status"]).to eq "parameter-error"
expect(parsed_body["data"]["message"]).to match(/`rcpt_to` parameter is required but is missing/i)
end
end
context "when mail_from is not provided" do
let(:params) { default_params.except(:mail_from) }
it "returns an error" do
parsed_body = JSON.parse(response.body)
expect(parsed_body["status"]).to eq "parameter-error"
expect(parsed_body["data"]["message"]).to match(/`mail_from` parameter is required but is missing/i)
end
end
context "when data is not provided" do
let(:params) { default_params.except(:data) }
it "returns an error" do
parsed_body = JSON.parse(response.body)
expect(parsed_body["status"]).to eq "parameter-error"
expect(parsed_body["data"]["message"]).to match(/`data` parameter is required but is missing/i)
end
end
context "when no recipients are provided" do
let(:params) { default_params.merge(rcpt_to: []) }
it "returns success but with no messages" do
parsed_body = JSON.parse(response.body)
expect(parsed_body["status"]).to eq "success"
expect(parsed_body["data"]["messages"]).to eq({})
expect(parsed_body["data"]["message_id"]).to be nil
end
end
context "when a valid email is provided" do
it "returns details of the messages created" do
parsed_body = JSON.parse(response.body)
expect(parsed_body["data"]["message_id"]).to be_a String
expect(parsed_body["data"]["messages"]).to be_a Hash
expect(parsed_body["data"]["messages"]).to match({
"test1@example.com" => { "id" => kind_of(Integer), "token" => /\A[a-zA-Z0-9]{16}\z/ },
"test2@example.com" => { "id" => kind_of(Integer), "token" => /\A[a-zA-Z0-9]{16}\z/ }
})
end
it "creates appropriate message objects" do
parsed_body = JSON.parse(response.body)
["test1@example.com", "test2@example.com"].each do |rcpt_to|
message_id = parsed_body["data"]["messages"][rcpt_to]["id"]
message = server.message(message_id)
expect(message).to have_attributes(
server: server,
rcpt_to: rcpt_to,
mail_from: "test@#{domain.name}",
subject: "test",
message_id: kind_of(String),
timestamp: kind_of(Time),
domain_id: domain.id,
credential_id: credential.id,
bounce: false,
headers: hash_including("to" => ["test1@example.com"]),
plain_body: "plain text",
html_body: "<p>html</p>",
attachments: [],
received_with_ssl: true,
scope: "outgoing",
raw_message: data.to_s
)
end
end
end
end
end
end

79
spec/lib/postal/signer_spec.rb Normal file
عرض الملف

@@ -0,0 +1,79 @@
# frozen_string_literal: true
require "rails_helper"
module Postal
RSpec.describe Signer do
STATIC_PRIVATE_KEY = OpenSSL::PKey::RSA.new(2048) # rubocop:disable Lint/ConstantDefinitionInBlock
subject(:signer) { described_class.new(STATIC_PRIVATE_KEY) }
describe "#private_key" do
it "returns the private key" do
expect(signer.private_key).to eq(STATIC_PRIVATE_KEY)
end
end
describe "#public_key" do
it "returns the public key" do
expect(signer.public_key.to_s).to eq(STATIC_PRIVATE_KEY.public_key.to_s)
end
end
describe "#sign" do
it "returns a valid signature" do
data = "hello world!"
signature = signer.sign(data)
expect(signature).to be_a(String)
verification = STATIC_PRIVATE_KEY.public_key.verify(OpenSSL::Digest.new("SHA256"),
signature,
data)
expect(verification).to be true
end
end
describe "#sign64" do
it "returns a valid Base64-encoded signature" do
data = "hello world!"
signature = signer.sign64(data)
expect(signature).to be_a(String)
verification = STATIC_PRIVATE_KEY.public_key.verify(OpenSSL::Digest.new("SHA256"),
Base64.strict_decode64(signature),
data)
expect(verification).to be true
end
end
describe "#jwk" do
it "returns a valid JWK" do
jwk = signer.jwk
expect(jwk).to be_a(JWT::JWK::RSA)
end
end
describe "#sha1_sign" do
it "returns a valid signature" do
data = "hello world!"
signature = signer.sha1_sign(data)
expect(signature).to be_a(String)
verification = STATIC_PRIVATE_KEY.public_key.verify(OpenSSL::Digest.new("SHA1"),
signature,
data)
expect(verification).to be true
end
end
describe "#sha1_sign64" do
it "returns a valid Base64-encoded signature" do
data = "hello world!"
signature = signer.sha1_sign64(data)
expect(signature).to be_a(String)
verification = STATIC_PRIVATE_KEY.public_key.verify(OpenSSL::Digest.new("SHA1"),
Base64.strict_decode64(signature),
data)
expect(verification).to be true
end
end
end
end

2
spec/lib/postal_spec.rb
عرض الملف

@@ -5,7 +5,7 @@ require "rails_helper"
RSpec.describe Postal do
describe "#signer" do
it "returns a signer with the installation's signing key" do
expect(Postal.signer).to be_a(Signer)
expect(Postal.signer).to be_a(Postal::Signer)
expect(Postal.signer.private_key.to_pem).to eq OpenSSL::PKey::RSA.new(File.read(Postal::Config.postal.signing_key_path)).to_pem
end
end

76
spec/lib/signer_spec.rb
عرض الملف

@@ -1,76 +0,0 @@
# frozen_string_literal: true
require "rails_helper"
RSpec.describe Signer do
STATIC_PRIVATE_KEY = OpenSSL::PKey::RSA.new(2048) # rubocop:disable Lint/ConstantDefinitionInBlock
subject(:signer) { described_class.new(STATIC_PRIVATE_KEY) }
describe "#private_key" do
it "returns the private key" do
expect(signer.private_key).to eq(STATIC_PRIVATE_KEY)
end
end
describe "#public_key" do
it "returns the public key" do
expect(signer.public_key.to_s).to eq(STATIC_PRIVATE_KEY.public_key.to_s)
end
end
describe "#sign" do
it "returns a valid signature" do
data = "hello world!"
signature = signer.sign(data)
expect(signature).to be_a(String)
verification = STATIC_PRIVATE_KEY.public_key.verify(OpenSSL::Digest.new("SHA256"),
signature,
data)
expect(verification).to be true
end
end
describe "#sign64" do
it "returns a valid Base64-encoded signature" do
data = "hello world!"
signature = signer.sign64(data)
expect(signature).to be_a(String)
verification = STATIC_PRIVATE_KEY.public_key.verify(OpenSSL::Digest.new("SHA256"),
Base64.strict_decode64(signature),
data)
expect(verification).to be true
end
end
describe "#jwk" do
it "returns a valid JWK" do
jwk = signer.jwk
expect(jwk).to be_a(JWT::JWK::RSA)
end
end
describe "#sha1_sign" do
it "returns a valid signature" do
data = "hello world!"
signature = signer.sha1_sign(data)
expect(signature).to be_a(String)
verification = STATIC_PRIVATE_KEY.public_key.verify(OpenSSL::Digest.new("SHA1"),
signature,
data)
expect(verification).to be true
end
end
describe "#sha1_sign64" do
it "returns a valid Base64-encoded signature" do
data = "hello world!"
signature = signer.sha1_sign64(data)
expect(signature).to be_a(String)
verification = STATIC_PRIVATE_KEY.public_key.verify(OpenSSL::Digest.new("SHA1"),
Base64.strict_decode64(signature),
data)
expect(verification).to be true
end
end
end

28
spec/lib/smtp_server/client/proxy_spec.rb Normal file
عرض الملف

@@ -0,0 +1,28 @@
# frozen_string_literal: true
require "rails_helper"
module SMTPServer
describe Client do
let(:ip_address) { nil }
subject(:client) { described_class.new(ip_address) }
describe "PROXY" do
context "when the proxy header is sent correctly" do
it "sets the IP address" do
expect(client.handle("PROXY TCP4 1.1.1.1 2.2.2.2 1111 2222")).to eq "220 #{Postal::Config.postal.smtp_hostname} ESMTP Postal/#{client.trace_id}"
expect(client.ip_address).to eq "1.1.1.1"
end
end
context "when the proxy header is not valid" do
it "returns an error" do
expect(client.handle("PROXY TCP4")).to eq "502 Proxy Error"
expect(client.finished?).to be true
end
end
end
end
end

25
spec/models/queued_message_spec.rb
عرض الملف

@@ -1,5 +1,30 @@
# frozen_string_literal: true
# == Schema Information
#
# Table name: queued_messages
#
# id :integer not null, primary key
# attempts :integer default(0)
# batch_key :string(255)
# domain :string(255)
# locked_at :datetime
# locked_by :string(255)
# manual :boolean default(FALSE)
# retry_after :datetime
# created_at :datetime
# updated_at :datetime
# ip_address_id :integer
# message_id :integer
# route_id :integer
# server_id :integer
#
# Indexes
#
# index_queued_messages_on_domain (domain)
# index_queued_messages_on_message_id (message_id)
# index_queued_messages_on_server_id (server_id)
#
require "rails_helper"
RSpec.describe QueuedMessage do

9
spec/rails_helper.rb
عرض الملف

@@ -37,9 +37,16 @@ RSpec.configure do |config|
config.include FactoryBot::Syntax::Methods
config.include GeneralHelpers
config.before(:suite) do
# Before all request specs, set the hostname to the web hostname for
# Postal otherwise it'll be www.example.com which will fail host
# authorization checks.
config.before(:each, type: :request) do
host! Postal::Config.postal.web_hostname
end
# Test that the factories are working as they should and then clean up before getting started on
# the rest of the suite.
config.before(:suite) do
DatabaseCleaner.start
FactoryBot.lint
ensure