Mirror
/
zulip
mirror of https://github.com/zulip/zulip.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
zulip/zerver/lib/email_mirror.py

458 lines
18 KiB
Python
Raw Normal View History

email_mirror: Rewrite log_and_report and cover it with tests. log_and_report and its helper functions were mostly old code no longer well adapted to how email mirror works currently, as well as having no test coverage. We rewrite this part of the email to report errors in a similar manner, and add tests for it. We're able to get rid of the clunky and now useless debug_info dictionary in process message, as log_and_report only needs the recipient email in its third argument.
2019-03-22 16:33:57 +01:00
from typing import Dict, Optional, Tuple, List
Break out non-Twisted email mirror code into separate library (imported from commit 45c3e70ba81cdb44f1e9db4f162e5f2d2fe5ead6)
2013-12-16 23:32:08 +01:00
import logging
import re
email_mirror: Fix parsing of unicode in subject headers. Previously, we had some hand-written logic for parsing the subject line of the email's headers and turning it into a Python string using each of the valid encodings for an email. That logic was buggy, and sometimes resulted in a bytes object being passed into the `send_zulip`, which would eventually throw an exception. The fix for this is to use the Python standard library make_header method for handling internationalized email headers. https://stackoverflow.com/questions/7331351/python-email-header-decoding-utf-8
2019-01-07 19:17:21 +01:00
from email.header import decode_header, make_header
email_mirror: Add email address parsing. When trying to find the email gateway address, use the `email.util.getaddresses` function to deal with cases where multiple recipients are included in the email header or the stream address appears as an angle-addr with a name given (e.g. if someone added it to their address book). Added some other headers where the required address may appear: "Resent" headers are sometimes used for forwarding, and streams may also be found in CC. There is no way to find the address if the email was recieved as a BCC.
2019-01-03 15:53:27 +01:00
from email.utils import getaddresses
Annotate zerver/lib/email_mirror.py. [With some fixes from @sharmaeklavya2].
2016-06-05 21:16:54 +02:00
import email.message as message
Break out non-Twisted email mirror code into separate library (imported from commit 45c3e70ba81cdb44f1e9db4f162e5f2d2fe5ead6)
2013-12-16 23:32:08 +01:00
from django.conf import settings
email_mirror: Migrate missed message addresses from redis to database. Addresses point 1 of #13533. MissedMessageEmailAddress objects get tied to the specific that was missed by the user. A useful benefit of that is that email message sent to that address will handle topic changes - if the message that was missed gets its topic changed, the email response will get posted under the new topic, while in the old model it would get posted under the old topic, which could potentially be confusing. Migrating redis data to this new model is a bit tricky, so the migration code has comments explaining some of the compromises made there, and test_migrations.py tests handling of the various possible cases that could arise.
2019-12-26 13:46:55 +01:00
from django.utils.timezone import timedelta, now as timezone_now
Break out non-Twisted email mirror code into separate library (imported from commit 45c3e70ba81cdb44f1e9db4f162e5f2d2fe5ead6)
2013-12-16 23:32:08 +01:00
email_mirror: Use internal_send_stream_message(). This is just a refactoring to the more modern API for sending internal messages. To make this work we now plumb the email_gateway flag through `internal_send_stream_message` instead of `internal_send_message`. We also change `send_zulip` to have its callers pass in a full UserProfile object (which one of them already had).
2020-02-10 16:49:19 +01:00
from zerver.lib.actions import internal_send_private_message, \
integrations: Change the truncation marker for long messages. Change the truncation marker from `...` to `\n[message truncated]` when receiving messages from the API or through e-mail. Also, update tests to account for the new change. Fix #10871.
2018-11-25 07:40:16 +01:00
internal_send_stream_message, internal_send_huddle_message, \
truncate_body, truncate_topic
email_mirror: Move some helper functions out of actions.py. These functions don't really belong in actions.py, so we move them out, into email_mirror_helpers.py. They can't go directly into email_mirror.py or we'd get circular imports resulting in ImportError.
2019-03-21 10:24:56 +01:00
from zerver.lib.email_mirror_helpers import decode_email_address, \
email_mirror: Raise ZulipEmailForwardError if email pattern not recognised. With the previous commit, fixes #1836. As specified in the issue above, we make get_email_gateway_message_string_from_address raise an exception if it doesn't recognise the email gateway address pattern. Then, we make appropriate adjustments in the codepaths which call this function.
2019-03-21 11:28:14 +01:00
get_email_gateway_message_string_from_address, ZulipEmailForwardError
notifications: Rename notifications.py to email_notifications.py. This library is entirely about email notifications specifically, and this rename should help make the codebase more readable.
2019-03-15 18:51:39 +01:00
from zerver.lib.email_notifications import convert_html_to_markdown
email-mirror: Move postfix email mirror integration to separate script. This fixes a performance problem where we were previously starting up a full Django process (~0.7s even on a fast machine) every time a new email came in, potentially allowing users to accidentally DoS a Zulip server. Now, we just post over HTTPS, allowing the existing thread pool support to do its job. - Add script wrapper to communicate postfix pipe with django web server over HTTP(S). It uses shared_secret authentication mode. - Add django view to process messages from email mirror server. - Clean management command `email-mirror`. Left just functional for cron email processing. - Add routes for new tornado view. - Change pipe script in master process postfix config template based on updated script. - Add tests. Tweaked by tabbott to adjust the directory and set better defaults. Fixes #2421.
2017-04-18 17:28:55 +02:00
from zerver.lib.queue import queue_json_publish
rate_limiter: Move email_mirror limiter to use rate_limit_entity. We change the rate limiting code in the email mirror to use the new, general rate_limit_entity function.
2019-03-23 18:50:05 +01:00
from zerver.lib.utils import generate_random_token
email_mirror: Migrate missed message addresses from redis to database. Addresses point 1 of #13533. MissedMessageEmailAddress objects get tied to the specific that was missed by the user. A useful benefit of that is that email message sent to that address will handle topic changes - if the message that was missed gets its topic changed, the email response will get posted under the new topic, while in the old model it would get posted under the old topic, which could potentially be confusing. Migrating redis data to this new model is a bit tricky, so the migration code has comments explaining some of the compromises made there, and test_migrations.py tests handling of the various possible cases that could arise.
2019-12-26 13:46:55 +01:00
from zerver.lib.upload import upload_message_file
emails: Groundwork to personalize reply-to name of missed message emails.
2017-06-26 19:43:32 +02:00
from zerver.lib.send_email import FromAddress
rate_limit: Move functions called by external code to RateLimitedObject.
2020-03-04 14:05:25 +01:00
from zerver.lib.rate_limiter import RateLimitedObject
email_mirror: Add realm-based rate limiting. Closes #2420 We add rate limiting (max X emails withing Y seconds per realm) to the email mirror. By creating RateLimitedRealmMirror class, inheriting from RateLimitedObject, and rate_limit_mirror_by_realm function, following a mechanism used by rate_limit_user, we're able to have this implementation mostly rely on the already existing, and proven over time, rate_limiter.py code. The rules are configurable in settings.py in RATE_LIMITING_MIRROR_REALM_RULES, analogically to RATE_LIMITING_RULES. Rate limit verification happens in the MirrorWorker in queue_processors.py. We don't rate limit missed message emails, as due to using one time addresses, they're not a spam threat. test_mirror_worker is adapted to the altered MirrorWorker code and a new test - test_mirror_worker_rate_limiting is added in test_queue_worker.py to provide coverage for these changes.
2019-03-16 11:39:09 +01:00
from zerver.lib.exceptions import RateLimited
email_mirror: Migrate missed message addresses from redis to database. Addresses point 1 of #13533. MissedMessageEmailAddress objects get tied to the specific that was missed by the user. A useful benefit of that is that email message sent to that address will handle topic changes - if the message that was missed gets its topic changed, the email response will get posted under the new topic, while in the old model it would get posted under the old topic, which could potentially be confusing. Migrating redis data to this new model is a bit tricky, so the migration code has comments explaining some of the compromises made there, and test_migrations.py tests handling of the various possible cases that could arise.
2019-12-26 13:46:55 +01:00
from zerver.models import Stream, Recipient, MissedMessageEmailAddress, \
get_display_recipient, \
internal_send_stream_message: Support accepting a Stream object. If the caller has access to a Stream object, it is wasteful to query a database for a stream by ID or name. In addition, not having to go through stream names eliminates various classes of possible bugs involved with re-fetching the Stream object by name.
2019-02-08 03:13:14 +01:00
Message, Realm, UserProfile, get_system_bot, get_user, get_stream_by_id_in_realm
Break out non-Twisted email mirror code into separate library (imported from commit 45c3e70ba81cdb44f1e9db4f162e5f2d2fe5ead6)
2013-12-16 23:32:08 +01:00
email_mirror: Ignore missed message email if the user isn't active.
2019-09-21 02:00:00 +02:00
from zproject.backends import is_user_active
Break out non-Twisted email mirror code into separate library (imported from commit 45c3e70ba81cdb44f1e9db4f162e5f2d2fe5ead6)
2013-12-16 23:32:08 +01:00
logger = logging.getLogger(__name__)
email_mirror: Rewrite log_and_report and cover it with tests. log_and_report and its helper functions were mostly old code no longer well adapted to how email mirror works currently, as well as having no test coverage. We rewrite this part of the email to report errors in a similar manner, and add tests for it. We're able to get rid of the clunky and now useless debug_info dictionary in process message, as log_and_report only needs the recipient email in its third argument.
2019-03-22 16:33:57 +01:00
def redact_email_address(error_message: str) -> str:
if not settings.EMAIL_GATEWAY_EXTRA_PATTERN_HACK:
domain = settings.EMAIL_GATEWAY_PATTERN.rsplit('@')[-1]
else:
# EMAIL_GATEWAY_EXTRA_PATTERN_HACK is of the form '@example.com'
domain = settings.EMAIL_GATEWAY_EXTRA_PATTERN_HACK[1:]
address_match = re.search('\\b(\\S*?)@' + domain, error_message)
if address_match:
email_address = address_match.group(0)
# Annotate basic info about the address before scrubbing:
if is_missed_message_address(email_address):
redacted_message = error_message.replace(email_address,
"{} <Missed message address>".format(email_address))
else:
try:
email_mirror: Give extract_and_validate a more descriptive name.
2020-01-10 10:25:56 +01:00
target_stream_id = decode_stream_email_address(email_address)[0].id
email_mirror: Rewrite log_and_report and cover it with tests. log_and_report and its helper functions were mostly old code no longer well adapted to how email mirror works currently, as well as having no test coverage. We rewrite this part of the email to report errors in a similar manner, and add tests for it. We're able to get rid of the clunky and now useless debug_info dictionary in process message, as log_and_report only needs the recipient email in its third argument.
2019-03-22 16:33:57 +01:00
annotated_address = "{} <Address to stream id: {}>".format(email_address, target_stream_id)
redacted_message = error_message.replace(email_address, annotated_address)
except ZulipEmailForwardError:
redacted_message = error_message.replace(email_address,
"{} <Invalid address>".format(email_address))
# Scrub the address from the message, to the form XXXXX@example.com:
string_to_scrub = address_match.groups()[0]
redacted_message = redacted_message.replace(string_to_scrub, "X" * len(string_to_scrub))
return redacted_message
Break out non-Twisted email mirror code into separate library (imported from commit 45c3e70ba81cdb44f1e9db4f162e5f2d2fe5ead6)
2013-12-16 23:32:08 +01:00
return error_message
zerver/lib: Change use of typing.Text to str.
2018-05-10 19:13:36 +02:00
def report_to_zulip(error_message: str) -> None:
email_mirror: Use ERROR_BOT for error reporting. This has the nice side effect of getting rid of the now-unnecessary ADMIN_DOMAIN from this codepath -- we really just want whichever realm ERROR_BOT is in.
2016-08-23 06:24:20 +02:00
if settings.ERROR_BOT is None:
return
Fetch system bots using new get_system_bot function. This eliminate a bunch of uninteresting calls to get_user_profile_by_email.
2017-05-22 23:37:15 +02:00
error_bot = get_system_bot(settings.ERROR_BOT)
email_mirror: Use ERROR_BOT for error reporting. This has the nice side effect of getting rid of the now-unnecessary ADMIN_DOMAIN from this codepath -- we really just want whichever realm ERROR_BOT is in.
2016-08-23 06:24:20 +02:00
error_stream = Stream.objects.get(name="errors", realm=error_bot.realm)
email_mirror: Use internal_send_stream_message(). This is just a refactoring to the more modern API for sending internal messages. To make this work we now plumb the email_gateway flag through `internal_send_stream_message` instead of `internal_send_message`. We also change `send_zulip` to have its callers pass in a full UserProfile object (which one of them already had).
2020-02-10 16:49:19 +01:00
send_zulip(
error_bot,
error_stream,
"email mirror error",
"""~~~\n%s\n~~~""" % (error_message,)
)
Break out non-Twisted email mirror code into separate library (imported from commit 45c3e70ba81cdb44f1e9db4f162e5f2d2fe5ead6)
2013-12-16 23:32:08 +01:00
email_mirror: Rewrite log_and_report and cover it with tests. log_and_report and its helper functions were mostly old code no longer well adapted to how email mirror works currently, as well as having no test coverage. We rewrite this part of the email to report errors in a similar manner, and add tests for it. We're able to get rid of the clunky and now useless debug_info dictionary in process message, as log_and_report only needs the recipient email in its third argument.
2019-03-22 16:33:57 +01:00
def log_and_report(email_message: message.Message, error_message: str, to: Optional[str]) -> None:
recipient = to or "No recipient found"
error_message = "Sender: {}\nTo: {}\n{}".format(email_message.get("From"),
recipient, error_message)
Break out non-Twisted email mirror code into separate library (imported from commit 45c3e70ba81cdb44f1e9db4f162e5f2d2fe5ead6)
2013-12-16 23:32:08 +01:00
email_mirror: Rewrite log_and_report and cover it with tests. log_and_report and its helper functions were mostly old code no longer well adapted to how email mirror works currently, as well as having no test coverage. We rewrite this part of the email to report errors in a similar manner, and add tests for it. We're able to get rid of the clunky and now useless debug_info dictionary in process message, as log_and_report only needs the recipient email in its third argument.
2019-03-22 16:33:57 +01:00
error_message = redact_email_address(error_message)
logger.error(error_message)
report_to_zulip(error_message)
Break out non-Twisted email mirror code into separate library (imported from commit 45c3e70ba81cdb44f1e9db4f162e5f2d2fe5ead6)
2013-12-16 23:32:08 +01:00
Add support for one time use email address The one time use address are a unique token which maps to stored stated in redis. We store the user_id, recipient_id, and subject. When an email is received at this address it is sent to the stored recipient by the stored user. Anyone with this address can send a single message as this user. (imported from commit 4219417bdc30c033a6cf7a0c7c0939f7d0308144)
2014-07-25 10:40:40 +02:00
# Temporary missed message addresses
email_mirror: Migrate missed message addresses from redis to database. Addresses point 1 of #13533. MissedMessageEmailAddress objects get tied to the specific that was missed by the user. A useful benefit of that is that email message sent to that address will handle topic changes - if the message that was missed gets its topic changed, the email response will get posted under the new topic, while in the old model it would get posted under the old topic, which could potentially be confusing. Migrating redis data to this new model is a bit tricky, so the migration code has comments explaining some of the compromises made there, and test_migrations.py tests handling of the various possible cases that could arise.
2019-12-26 13:46:55 +01:00
def generate_missed_message_token() -> str:
return 'mm' + generate_random_token(32)
Add support for one time use email address The one time use address are a unique token which maps to stored stated in redis. We store the user_id, recipient_id, and subject. When an email is received at this address it is sent to the stored recipient by the stored user. Anyone with this address can send a single message as this user. (imported from commit 4219417bdc30c033a6cf7a0c7c0939f7d0308144)
2014-07-25 10:40:40 +02:00
zerver/lib: Change use of typing.Text to str.
2018-05-10 19:13:36 +02:00
def is_missed_message_address(address: str) -> bool:
email_mirror: Raise ZulipEmailForwardError if email pattern not recognised. With the previous commit, fixes #1836. As specified in the issue above, we make get_email_gateway_message_string_from_address raise an exception if it doesn't recognise the email gateway address pattern. Then, we make appropriate adjustments in the codepaths which call this function.
2019-03-21 11:28:14 +01:00
try:
msg_string = get_email_gateway_message_string_from_address(address)
except ZulipEmailForwardError:
return False
email mirror: Extract is_mm_32_format().
2016-09-22 18:11:09 +02:00
return is_mm_32_format(msg_string)
Add support for one time use email address The one time use address are a unique token which maps to stored stated in redis. We store the user_id, recipient_id, and subject. When an email is received at this address it is sent to the stored recipient by the stored user. Anyone with this address can send a single message as this user. (imported from commit 4219417bdc30c033a6cf7a0c7c0939f7d0308144)
2014-07-25 10:40:40 +02:00
zerver/lib: Change use of typing.Text to str.
2018-05-10 19:13:36 +02:00
def is_mm_32_format(msg_string: Optional[str]) -> bool:
email mirror: Extract is_mm_32_format().
2016-09-22 18:11:09 +02:00
'''
Missed message strings are formatted with a little "mm" prefix
followed by a randomly generated 32-character string.
'''
mypy: Make email_mirror pass --strict-optional check.
2017-05-24 23:48:45 +02:00
return msg_string is not None and msg_string.startswith('mm') and len(msg_string) == 34
Add support for one time use email address The one time use address are a unique token which maps to stored stated in redis. We store the user_id, recipient_id, and subject. When an email is received at this address it is sent to the stored recipient by the stored user. Anyone with this address can send a single message as this user. (imported from commit 4219417bdc30c033a6cf7a0c7c0939f7d0308144)
2014-07-25 10:40:40 +02:00
zerver/lib: Change use of typing.Text to str.
2018-05-10 19:13:36 +02:00
def get_missed_message_token_from_address(address: str) -> str:
email-mirror: Support missed message email token string format. The do_send_missedmessage_events_reply_in_zulip function in the email mirror didn't support EMAIL_GATEWAY_PATTERN that wasn't of the form %s@example.com (which resulted in replies to missed message emails failing to be parsed).
2015-10-14 17:11:50 +02:00
msg_string = get_email_gateway_message_string_from_address(address)
bug: Fix code that mis-identifies missed message formats. In our email mirror, we have a special format for missed message emails that uses a 32-bit randomly generated token that we put into redis that is then prefixed with "mm" for a total of 34 characters. We had a bug where we would mis-classify emails like mmcfoo@example.com as being these system-generated emails that were part of the redis setup. It's actually a little unclear how the bug in the library function would have manifested from the user's point of view, but it was definitely buggy code, and it's possibly related in a subtle way to an error report we got from a customer where only one of their users, who happened to have a name like mmcfoo, was having problems with the mirror.
2016-09-22 18:41:10 +02:00
if not is_mm_32_format(msg_string):
Add support for one time use email address The one time use address are a unique token which maps to stored stated in redis. We store the user_id, recipient_id, and subject. When an email is received at this address it is sent to the stored recipient by the stored user. Anyone with this address can send a single message as this user. (imported from commit 4219417bdc30c033a6cf7a0c7c0939f7d0308144)
2014-07-25 10:40:40 +02:00
raise ZulipEmailForwardError('Could not parse missed message address')
email_mirror: Migrate missed message addresses from redis to database. Addresses point 1 of #13533. MissedMessageEmailAddress objects get tied to the specific that was missed by the user. A useful benefit of that is that email message sent to that address will handle topic changes - if the message that was missed gets its topic changed, the email response will get posted under the new topic, while in the old model it would get posted under the old topic, which could potentially be confusing. Migrating redis data to this new model is a bit tricky, so the migration code has comments explaining some of the compromises made there, and test_migrations.py tests handling of the various possible cases that could arise.
2019-12-26 13:46:55 +01:00
return msg_string
email_mirror: Check address usability in get_missed_message_address.
2020-01-10 10:36:35 +01:00
def get_usable_missed_message_address(address: str) -> MissedMessageEmailAddress:
email_mirror: Migrate missed message addresses from redis to database. Addresses point 1 of #13533. MissedMessageEmailAddress objects get tied to the specific that was missed by the user. A useful benefit of that is that email message sent to that address will handle topic changes - if the message that was missed gets its topic changed, the email response will get posted under the new topic, while in the old model it would get posted under the old topic, which could potentially be confusing. Migrating redis data to this new model is a bit tricky, so the migration code has comments explaining some of the compromises made there, and test_migrations.py tests handling of the various possible cases that could arise.
2019-12-26 13:46:55 +01:00
token = get_missed_message_token_from_address(address)
try:
email_mirror: Check address usability in get_missed_message_address.
2020-01-10 10:36:35 +01:00
mm_address = MissedMessageEmailAddress.objects.select_related().get(
email_mirror: Migrate missed message addresses from redis to database. Addresses point 1 of #13533. MissedMessageEmailAddress objects get tied to the specific that was missed by the user. A useful benefit of that is that email message sent to that address will handle topic changes - if the message that was missed gets its topic changed, the email response will get posted under the new topic, while in the old model it would get posted under the old topic, which could potentially be confusing. Migrating redis data to this new model is a bit tricky, so the migration code has comments explaining some of the compromises made there, and test_migrations.py tests handling of the various possible cases that could arise.
2019-12-26 13:46:55 +01:00
email_token=token,
timestamp__gt=timezone_now() - timedelta(seconds=MissedMessageEmailAddress.EXPIRY_SECONDS)
)
except MissedMessageEmailAddress.DoesNotExist:
email_mirror: Reuse exception messages in mirror_email_message.
2020-01-10 10:21:47 +01:00
raise ZulipEmailForwardError("Missed message address expired or doesn't exist.")
Add support for one time use email address The one time use address are a unique token which maps to stored stated in redis. We store the user_id, recipient_id, and subject. When an email is received at this address it is sent to the stored recipient by the stored user. Anyone with this address can send a single message as this user. (imported from commit 4219417bdc30c033a6cf7a0c7c0939f7d0308144)
2014-07-25 10:40:40 +02:00
email_mirror: Check address usability in get_missed_message_address.
2020-01-10 10:36:35 +01:00
if not mm_address.is_usable():
# Technical, this also checks whether the event is expired,
# but that case is excluded by the logic above.
raise ZulipEmailForwardError("Missed message address out of uses.")
return mm_address
zerver/lib: Use python 3 syntax for typing. Split by tabbott from a larger commit; this covers a batch of files with no open PRs touching them.
2017-11-05 11:15:10 +01:00
def create_missed_message_address(user_profile: UserProfile, message: Message) -> str:
Use NOREPLY_EMAIL_ADDRESS if email gateway not enabled. This fixes a regression where missed message emails would not be sent at all in the event that EMAIL_GATEWAY_PATTERN was unset. The overall experience still isn't great, but it's better than crashing. Fixes: #1411 [commit message expanded by tabbott]
2016-07-31 16:49:31 +02:00
if settings.EMAIL_GATEWAY_PATTERN == '':
tests: Suppress logging spam in email mirror tests.
2017-10-28 00:50:15 +02:00
logger.warning("EMAIL_GATEWAY_PATTERN is an empty string, using "
"NOREPLY_EMAIL_ADDRESS in the 'from' field.")
emails: Groundwork to personalize reply-to name of missed message emails.
2017-06-26 19:43:32 +02:00
return FromAddress.NOREPLY
Use NOREPLY_EMAIL_ADDRESS if email gateway not enabled. This fixes a regression where missed message emails would not be sent at all in the event that EMAIL_GATEWAY_PATTERN was unset. The overall experience still isn't great, but it's better than crashing. Fixes: #1411 [commit message expanded by tabbott]
2016-07-31 16:49:31 +02:00
email_mirror: Migrate missed message addresses from redis to database. Addresses point 1 of #13533. MissedMessageEmailAddress objects get tied to the specific that was missed by the user. A useful benefit of that is that email message sent to that address will handle topic changes - if the message that was missed gets its topic changed, the email response will get posted under the new topic, while in the old model it would get posted under the old topic, which could potentially be confusing. Migrating redis data to this new model is a bit tricky, so the migration code has comments explaining some of the compromises made there, and test_migrations.py tests handling of the various possible cases that could arise.
2019-12-26 13:46:55 +01:00
mm_address = MissedMessageEmailAddress.objects.create(message=message,
user_profile=user_profile,
email_token=generate_missed_message_token())
return str(mm_address)
Add support for one time use email address The one time use address are a unique token which maps to stored stated in redis. We store the user_id, recipient_id, and subject. When an email is received at this address it is sent to the stored recipient by the stored user. Anyone with this address can send a single message as this user. (imported from commit 4219417bdc30c033a6cf7a0c7c0939f7d0308144)
2014-07-25 10:40:40 +02:00
email_mirror: Don't remove quotations from forwarded messages. Addresses point 2 of #10612. We use a regex to detect if a form of FWD indicator is present at the beginning of the subject, which means the message has been forwarded. remove_quotations argument is added to a couple of functions where it's necessary. In filter_footer, the criteria for a line to be a possible beginning of a footer is changed to line.strip() == "--", instead of line.strip().startswith("--"), because the former would remove quotations from plaintext emails. This change makes sense, because RFC 3676 specifies ""-- " as the separator line between the body and the signature of a message": https://tools.ietf.org/html/rfc3676
2019-03-09 22:35:45 +01:00
def construct_zulip_body(message: message.Message, realm: Realm, show_sender: bool=False,
email_mirror: Add prefer-html and prefer-text address options. Closes #13484. These options tell zulip whether to prefer the plaintext or html version of the email message. prefer-text is the default behavior, so including the option doesn't change anything as of now, but we're adding it to prepare to potentially change the default behavior in the future.
2020-01-15 16:28:46 +01:00
include_quotes: bool=False, include_footer: bool=False,
prefer_text: bool=True) -> str:
body = extract_body(message, include_quotes, prefer_text)
email_mirror: Filter out null characters in email bodies. They're rarely useful, usually displayed invisibly in most tools anyway, and this helps make sure the message makes it into Zulip rather than being rejected.
2017-10-04 00:05:46 +02:00
# Remove null characters, since Zulip will reject
body = body.replace("\x00", "")
email_mirror: Rename "include-footers" option to "include-footer".
2019-06-06 12:14:12 +02:00
if not include_footer:
email_mirror: Add support for "+include-footers" in address. In addition to the "+show-sender" option, we now add "+include-footers" which disables stripping of the footer from the email body if this token is included in the email address.
2019-05-26 18:07:21 +02:00
body = filter_footer(body)
email_mirror: Insert a new line before attachment links.
2020-01-14 13:05:14 +01:00
if not body.endswith('\n'):
body += '\n'
email_mirror: Extract construct_message_body.
2017-10-04 00:03:00 +02:00
body += extract_and_upload_attachments(message, realm)
email_mirror: Strip content before checking for empty emails. This may fix an exception we were getting of the form: "Error queueing internal message by emailgateway@zulip.com: Message must not be empty".
2017-10-19 06:13:03 +02:00
body = body.strip()
email_mirror: Extract construct_message_body.
2017-10-04 00:03:00 +02:00
if not body:
body = '(No email body)'
email_mirror: Add the sender at the start of stream message. Fixes part 3 of #10612. When sending an email to the email mirror to a stream address, if "+show-sender" is added in the address, the stream message will now include "From: <sender>" at the top.
2019-02-08 14:13:33 +01:00
if show_sender:
email_mirror: Extract handle_header_content function.
2020-01-30 15:01:07 +01:00
sender = handle_header_content(message.get("From", ""))
email_mirror: Add the sender at the start of stream message. Fixes part 3 of #10612. When sending an email to the email mirror to a stream address, if "+show-sender" is added in the address, the stream message will now include "From: <sender>" at the top.
2019-02-08 14:13:33 +01:00
body = "From: %s\n%s" % (sender, body)
email_mirror: Extract construct_message_body.
2017-10-04 00:03:00 +02:00
return body
Add support for one time use email address The one time use address are a unique token which maps to stored stated in redis. We store the user_id, recipient_id, and subject. When an email is received at this address it is sent to the stored recipient by the stored user. Anyone with this address can send a single message as this user. (imported from commit 4219417bdc30c033a6cf7a0c7c0939f7d0308144)
2014-07-25 10:40:40 +02:00
email_mirror: Extract handle_header_content function.
2020-01-30 15:01:07 +01:00
def handle_header_content(content: str) -> str:
"""
Deals with converting encoded headers to readable python string.
"""
return str(make_header(decode_header(content)))
Break out non-Twisted email mirror code into separate library (imported from commit 45c3e70ba81cdb44f1e9db4f162e5f2d2fe5ead6)
2013-12-16 23:32:08 +01:00
## Sending the Zulip ##
email_mirror: Don't email errors for emails missing body type. This lowers the severity on content type errors to not send spammy error emails, and instead just log a warning.
2019-01-05 19:29:08 +01:00
class ZulipEmailForwardUserError(ZulipEmailForwardError):
pass
email_mirror: Use internal_send_stream_message(). This is just a refactoring to the more modern API for sending internal messages. To make this work we now plumb the email_gateway flag through `internal_send_stream_message` instead of `internal_send_message`. We also change `send_zulip` to have its callers pass in a full UserProfile object (which one of them already had).
2020-02-10 16:49:19 +01:00
def send_zulip(sender: UserProfile, stream: Stream, topic: str, content: str) -> None:
internal_send_stream_message(
lint: Clean up E126 PEP-8 rule.
2017-01-24 07:06:13 +01:00
stream.realm,
sender,
email_mirror: Use internal_send_stream_message(). This is just a refactoring to the more modern API for sending internal messages. To make this work we now plumb the email_gateway flag through `internal_send_stream_message` instead of `internal_send_message`. We also change `send_zulip` to have its callers pass in a full UserProfile object (which one of them already had).
2020-02-10 16:49:19 +01:00
stream,
integrations: Change the truncation marker for long messages. Change the truncation marker from `...` to `\n[message truncated]` when receiving messages from the API or through e-mail. Also, update tests to account for the new change. Fix #10871.
2018-11-25 07:40:16 +01:00
truncate_topic(topic),
truncate_body(content),
email_gateway: Disable code block processor for email gateway. Generally emails are not written with markdown in mind and hence sometimes render in strange ways. This commit fixes a particular issue that was causing whitespace before paragraphs to be treated as code block due to which email content was being rendered in a box that scrolls in right direction a lot. Fixes: #7045.
2017-11-03 12:13:17 +01:00
email_gateway=True)
Break out non-Twisted email mirror code into separate library (imported from commit 45c3e70ba81cdb44f1e9db4f162e5f2d2fe5ead6)
2013-12-16 23:32:08 +01:00
zerver/lib: Change use of typing.Text to str.
2018-05-10 19:13:36 +02:00
def get_message_part_by_type(message: message.Message, content_type: str) -> Optional[str]:
Break out non-Twisted email mirror code into separate library (imported from commit 45c3e70ba81cdb44f1e9db4f162e5f2d2fe5ead6)
2013-12-16 23:32:08 +01:00
charsets = message.get_charsets()
for idx, part in enumerate(message.walk()):
if part.get_content_type() == content_type:
content = part.get_payload(decode=True)
Remove usage of six.moves.binary_type.
2017-11-09 09:03:33 +01:00
assert isinstance(content, bytes)
Break out non-Twisted email mirror code into separate library (imported from commit 45c3e70ba81cdb44f1e9db4f162e5f2d2fe5ead6)
2013-12-16 23:32:08 +01:00
if charsets[idx]:
email_mirror: Fix exception for emails with no valid content type. If a broken email shows up with no text or email content-type, we were attempting to return an undefined variable.
2017-07-14 07:19:49 +02:00
return content.decode(charsets[idx], errors="ignore")
email_mirror: Handle case of unspecified charset in Content-Type header. If the text part of an email message didn't specify the charset in the Content-Type header, the text content wouldn't be found. We fix this, by assuming us-ascii charset in those cases, as specified by RFC6657: https://tools.ietf.org/html/rfc6657
2019-05-09 16:01:34 +02:00
# If no charset has been specified in the header, assume us-ascii,
# by RFC6657: https://tools.ietf.org/html/rfc6657
else:
return content.decode("us-ascii", errors="ignore")
mypy: Work around several new mypy bugs in 0.501.
2017-03-05 00:18:18 +01:00
return None
Break out non-Twisted email mirror code into separate library (imported from commit 45c3e70ba81cdb44f1e9db4f162e5f2d2fe5ead6)
2013-12-16 23:32:08 +01:00
email_mirror: Add prefer-html and prefer-text address options. Closes #13484. These options tell zulip whether to prefer the plaintext or html version of the email message. prefer-text is the default behavior, so including the option doesn't change anything as of now, but we're adding it to prepare to potentially change the default behavior in the future.
2020-01-15 16:28:46 +01:00
def extract_body(message: message.Message, include_quotes: bool=False, prefer_text: bool=True) -> str:
email_mirror: Use plaintext if html body empty with prefer-html option. If an email is sent with the .prefer-html option, but it has no html body, it's better to fall back to plaintext content instead of treating it as a user error.
2020-01-16 13:07:04 +01:00
plaintext_content = extract_plaintext_body(message, include_quotes)
html_content = extract_html_body(message, include_quotes)
if plaintext_content is None and html_content is None:
logging.warning("Content types: %s" % ([part.get_content_type() for part in message.walk()],))
raise ZulipEmailForwardUserError("Unable to find plaintext or HTML message body")
if not plaintext_content and not html_content:
raise ZulipEmailForwardUserError("Email has no nonempty body sections; ignoring.")
if prefer_text:
if plaintext_content:
return plaintext_content
else:
assert html_content # Needed for mypy. Ensured by the validating block above.
return html_content
else:
if html_content:
return html_content
else:
assert plaintext_content # Needed for mypy. Ensured by the validating block above.
return plaintext_content
talon_initialized = False
def extract_plaintext_body(message: message.Message, include_quotes: bool=False) -> Optional[str]:
email_mirror: Don't import talon unless we're using it. Talon is an expensive import; on my system, deferring this import saves 28ms on the import time for Zulip.
2018-08-08 22:11:29 +02:00
import talon
global talon_initialized
if not talon_initialized:
talon.init()
talon_initialized = True
Break out non-Twisted email mirror code into separate library (imported from commit 45c3e70ba81cdb44f1e9db4f162e5f2d2fe5ead6)
2013-12-16 23:32:08 +01:00
plaintext_content = get_message_part_by_type(message, "text/plain")
email_mirror: Use plaintext if html body empty with prefer-html option. If an email is sent with the .prefer-html option, but it has no html body, it's better to fall back to plaintext content instead of treating it as a user error.
2020-01-16 13:07:04 +01:00
if plaintext_content is not None:
email_mirror: Rename include-quotations to include-quotes.
2019-07-14 03:51:53 +02:00
if include_quotes:
email_mirror: Don't remove quotations from forwarded messages. Addresses point 2 of #10612. We use a regex to detect if a form of FWD indicator is present at the beginning of the subject, which means the message has been forwarded. remove_quotations argument is added to a couple of functions where it's necessary. In filter_footer, the criteria for a line to be a possible beginning of a footer is changed to line.strip() == "--", instead of line.strip().startswith("--"), because the former would remove quotations from plaintext emails. This change makes sense, because RFC 3676 specifies ""-- " as the separator line between the body and the signature of a message": https://tools.ietf.org/html/rfc3676
2019-03-09 22:35:45 +01:00
return plaintext_content
email_mirror: Add support for "+include-quotations" in address. We add an option to disable the stripping of quotations from the email body, if "+include-quotations" token is included in the email address.
2019-05-26 18:28:39 +02:00
else:
return talon.quotations.extract_from_plain(plaintext_content)
email_mirror: Use plaintext if html body empty with prefer-html option. If an email is sent with the .prefer-html option, but it has no html body, it's better to fall back to plaintext content instead of treating it as a user error.
2020-01-16 13:07:04 +01:00
else:
return None
def extract_html_body(message: message.Message, include_quotes: bool=False) -> Optional[str]:
import talon
global talon_initialized
if not talon_initialized: # nocoverage
talon.init()
talon_initialized = True
Break out non-Twisted email mirror code into separate library (imported from commit 45c3e70ba81cdb44f1e9db4f162e5f2d2fe5ead6)
2013-12-16 23:32:08 +01:00
html_content = get_message_part_by_type(message, "text/html")
email_mirror: Use plaintext if html body empty with prefer-html option. If an email is sent with the .prefer-html option, but it has no html body, it's better to fall back to plaintext content instead of treating it as a user error.
2020-01-16 13:07:04 +01:00
if html_content is not None:
email_mirror: Rename include-quotations to include-quotes.
2019-07-14 03:51:53 +02:00
if include_quotes:
email_mirror: Don't remove quotations from forwarded messages. Addresses point 2 of #10612. We use a regex to detect if a form of FWD indicator is present at the beginning of the subject, which means the message has been forwarded. remove_quotations argument is added to a couple of functions where it's necessary. In filter_footer, the criteria for a line to be a possible beginning of a footer is changed to line.strip() == "--", instead of line.strip().startswith("--"), because the former would remove quotations from plaintext emails. This change makes sense, because RFC 3676 specifies ""-- " as the separator line between the body and the signature of a message": https://tools.ietf.org/html/rfc3676
2019-03-09 22:35:45 +01:00
return convert_html_to_markdown(html_content)
email_mirror: Add support for "+include-quotations" in address. We add an option to disable the stripping of quotations from the email body, if "+include-quotations" token is included in the email address.
2019-05-26 18:28:39 +02:00
else:
return convert_html_to_markdown(talon.quotations.extract_from_html(html_content))
email_mirror: Use plaintext if html body empty with prefer-html option. If an email is sent with the .prefer-html option, but it has no html body, it's better to fall back to plaintext content instead of treating it as a user error.
2020-01-16 13:07:04 +01:00
else:
return None
Break out non-Twisted email mirror code into separate library (imported from commit 45c3e70ba81cdb44f1e9db4f162e5f2d2fe5ead6)
2013-12-16 23:32:08 +01:00
zerver/lib: Change use of typing.Text to str.
2018-05-10 19:13:36 +02:00
def filter_footer(text: str) -> str:
Break out non-Twisted email mirror code into separate library (imported from commit 45c3e70ba81cdb44f1e9db4f162e5f2d2fe5ead6)
2013-12-16 23:32:08 +01:00
# Try to filter out obvious footers.
email_mirror: Don't remove quotations from forwarded messages. Addresses point 2 of #10612. We use a regex to detect if a form of FWD indicator is present at the beginning of the subject, which means the message has been forwarded. remove_quotations argument is added to a couple of functions where it's necessary. In filter_footer, the criteria for a line to be a possible beginning of a footer is changed to line.strip() == "--", instead of line.strip().startswith("--"), because the former would remove quotations from plaintext emails. This change makes sense, because RFC 3676 specifies ""-- " as the separator line between the body and the signature of a message": https://tools.ietf.org/html/rfc3676
2019-03-09 22:35:45 +01:00
possible_footers = [line for line in text.split("\n") if line.strip() == "--"]
Break out non-Twisted email mirror code into separate library (imported from commit 45c3e70ba81cdb44f1e9db4f162e5f2d2fe5ead6)
2013-12-16 23:32:08 +01:00
if len(possible_footers) != 1:
# Be conservative and don't try to scrub content if there
# isn't a trivial footer structure.
return text
return text.partition("--")[0].strip()
zerver/lib: Change use of typing.Text to str.
2018-05-10 19:13:36 +02:00
def extract_and_upload_attachments(message: message.Message, realm: Realm) -> str:
Fetch system bots using new get_system_bot function. This eliminate a bunch of uninteresting calls to get_user_profile_by_email.
2017-05-22 23:37:15 +02:00
user_profile = get_system_bot(settings.EMAIL_GATEWAY_BOT)
Break out non-Twisted email mirror code into separate library (imported from commit 45c3e70ba81cdb44f1e9db4f162e5f2d2fe5ead6)
2013-12-16 23:32:08 +01:00
email_mirror: Use .walk() to search all MIME parts for attachments. Fixes #13416 We used to search only one level in depth through the MIME structure, and thus would miss attachments that were nested deeper (which can happen with some email clients). We can take advantage of message.walk() to iterate through each MIME part.
2020-01-14 16:33:48 +01:00
attachment_links = []
for part in message.walk():
Break out non-Twisted email mirror code into separate library (imported from commit 45c3e70ba81cdb44f1e9db4f162e5f2d2fe5ead6)
2013-12-16 23:32:08 +01:00
content_type = part.get_content_type()
email_mirror: Handle encoded attachment filenames.
2020-01-30 15:37:33 +01:00
encoded_filename = part.get_filename()
if not encoded_filename:
continue
filename = handle_header_content(encoded_filename)
Break out non-Twisted email mirror code into separate library (imported from commit 45c3e70ba81cdb44f1e9db4f162e5f2d2fe5ead6)
2013-12-16 23:32:08 +01:00
if filename:
zerver/lib/email_mirror.py: Improve annotation in python 3. Add asserts and if statements to help mypy.
2016-07-04 17:13:24 +02:00
attachment = part.get_payload(decode=True)
Remove usage of six.moves.binary_type.
2017-11-09 09:03:33 +01:00
if isinstance(attachment, bytes):
upload: Rename upload_message_image to upload_message_file. Tweaked by tabbott to also fix a Slack import comment.
2018-03-28 18:14:17 +02:00
s3_url = upload_message_file(filename, len(attachment), content_type,
attachment,
user_profile,
target_realm=realm)
zerver/lib: Remove u prefix from strings.
2017-11-04 05:34:38 +01:00
formatted_link = "[%s](%s)" % (filename, s3_url)
zerver/lib/email_mirror.py: Improve annotation in python 3. Add asserts and if statements to help mypy.
2016-07-04 17:13:24 +02:00
attachment_links.append(formatted_link)
else:
logger.warning("Payload is not bytes (invalid attachment %s in message from %s)." %
(filename, message.get("From")))
Break out non-Twisted email mirror code into separate library (imported from commit 45c3e70ba81cdb44f1e9db4f162e5f2d2fe5ead6)
2013-12-16 23:32:08 +01:00
email_mirror: Use .walk() to search all MIME parts for attachments. Fixes #13416 We used to search only one level in depth through the MIME structure, and thus would miss attachments that were nested deeper (which can happen with some email clients). We can take advantage of message.walk() to iterate through each MIME part.
2020-01-14 16:33:48 +01:00
return '\n'.join(attachment_links)
Break out non-Twisted email mirror code into separate library (imported from commit 45c3e70ba81cdb44f1e9db4f162e5f2d2fe5ead6)
2013-12-16 23:32:08 +01:00
email_mirror: Give extract_and_validate a more descriptive name.
2020-01-10 10:25:56 +01:00
def decode_stream_email_address(email: str) -> Tuple[Stream, Dict[str, bool]]:
email_mirror: Add general support for optional tokens in the address. To enable a comfortable way of adding more optional tokens in the address (like current '+show-sender') we change decode_email_address to return a general dictionary containing options specified through adding these optional tokens in the To: address. For now, we only have "+show-sender", but more can be easily added using this change.
2019-05-26 16:25:23 +02:00
token, options = decode_email_address(email)
Break out non-Twisted email mirror code into separate library (imported from commit 45c3e70ba81cdb44f1e9db4f162e5f2d2fe5ead6)
2013-12-16 23:32:08 +01:00
email_mirror: Ignore stream_name part of receiving address. To prepare for changing how the stream name gets encoded into mirror email addresses while making sure old addresses keep working, we ignore the stream_name part when receiving emails into the mirror and we only look at the email_token to identify into which stream to mirror the email.
2019-03-17 10:36:16 +01:00
try:
stream = Stream.objects.get(email_token=token)
except Stream.DoesNotExist:
Break out non-Twisted email mirror code into separate library (imported from commit 45c3e70ba81cdb44f1e9db4f162e5f2d2fe5ead6)
2013-12-16 23:32:08 +01:00
raise ZulipEmailForwardError("Bad stream token from email recipient " + email)
email_mirror: Add general support for optional tokens in the address. To enable a comfortable way of adding more optional tokens in the address (like current '+show-sender') we change decode_email_address to return a general dictionary containing options specified through adding these optional tokens in the To: address. For now, we only have "+show-sender", but more can be easily added using this change.
2019-05-26 16:25:23 +02:00
return stream, options
Break out non-Twisted email mirror code into separate library (imported from commit 45c3e70ba81cdb44f1e9db4f162e5f2d2fe5ead6)
2013-12-16 23:32:08 +01:00
zerver/lib: Change use of typing.Text to str.
2018-05-10 19:13:36 +02:00
def find_emailgateway_recipient(message: message.Message) -> str:
Break out non-Twisted email mirror code into separate library (imported from commit 45c3e70ba81cdb44f1e9db4f162e5f2d2fe5ead6)
2013-12-16 23:32:08 +01:00
# We can't use Delivered-To; if there is a X-Gm-Original-To
# it is more accurate, so try to find the most-accurate
# recipient list in descending priority order
email_mirror: also check for Envelope-To After subscribing a stream email address to a Mailman email list and receiving a message from it (using the polling configuration with an Exim + Dovecot mailserver), the following error message is emitted by Zulip: Logger zerver.lib.email_mirror, from module zerver.lib.email_mirror line 77: Error generated by Anonymous user (not logged in) on zulip deployment Sender: "Foo Bar" <foo@example.com> To: No recipient found Missing recipient in mirror email This is because the To: header on the received email corresponds to the email list, and there are no other headers to indicate the final recipient, apart from the "Envelope-To" header added by Exim. To resolve this problem, the commit adds "Envelope-To" to the list of headers to check for a match.
2020-03-20 04:15:24 +01:00
recipient_headers = ["X-Gm-Original-To", "Delivered-To", "Envelope-To",
email_mirror: Add email address parsing. When trying to find the email gateway address, use the `email.util.getaddresses` function to deal with cases where multiple recipients are included in the email header or the stream address appears as an angle-addr with a name given (e.g. if someone added it to their address book). Added some other headers where the required address may appear: "Resent" headers are sometimes used for forwarding, and streams may also be found in CC. There is no way to find the address if the email was recieved as a BCC.
2019-01-03 15:53:27 +01:00
"Resent-To", "Resent-CC", "To", "CC"]
Break out non-Twisted email mirror code into separate library (imported from commit 45c3e70ba81cdb44f1e9db4f162e5f2d2fe5ead6)
2013-12-16 23:32:08 +01:00
pattern_parts = [re.escape(part) for part in settings.EMAIL_GATEWAY_PATTERN.split('%s')]
match_email_re = re.compile(".*?".join(pattern_parts))
email_mirror: Add email address parsing. When trying to find the email gateway address, use the `email.util.getaddresses` function to deal with cases where multiple recipients are included in the email header or the stream address appears as an angle-addr with a name given (e.g. if someone added it to their address book). Added some other headers where the required address may appear: "Resent" headers are sometimes used for forwarding, and streams may also be found in CC. There is no way to find the address if the email was recieved as a BCC.
2019-01-03 15:53:27 +01:00
header_addresses = [str(addr)
for recipient_header in recipient_headers
for addr in message.get_all(recipient_header, [])]
for addr_tuple in getaddresses(header_addresses):
if match_email_re.match(addr_tuple[1]):
return addr_tuple[1]
Break out non-Twisted email mirror code into separate library (imported from commit 45c3e70ba81cdb44f1e9db4f162e5f2d2fe5ead6)
2013-12-16 23:32:08 +01:00
raise ZulipEmailForwardError("Missing recipient in mirror email")
email_mirror: Strip RE and FWD from email subject. Fixes part 1 of #10612. We use a regex to remove RE:, FWD: (and similar variations) from email subjects. Unit test is included, we add subjects.json in fixtures containing various subjects to try the stripping on.
2019-01-04 10:46:35 +01:00
def strip_from_subject(subject: str) -> str:
# strips RE and FWD from the subject
# from: https://stackoverflow.com/questions/9153629/regex-code-for-removing-fwd-re-etc-from-email-subject
reg = r"([\[\(] *)?\b(RE|FWD?) *([-:;)\]][ :;\])-]*|$)|\]+ *$"
stripped = re.sub(reg, "", subject, flags = re.IGNORECASE | re.MULTILINE)
return stripped.strip()
email_mirror: Don't remove quotations from forwarded messages. Addresses point 2 of #10612. We use a regex to detect if a form of FWD indicator is present at the beginning of the subject, which means the message has been forwarded. remove_quotations argument is added to a couple of functions where it's necessary. In filter_footer, the criteria for a line to be a possible beginning of a footer is changed to line.strip() == "--", instead of line.strip().startswith("--"), because the former would remove quotations from plaintext emails. This change makes sense, because RFC 3676 specifies ""-- " as the separator line between the body and the signature of a message": https://tools.ietf.org/html/rfc3676
2019-03-09 22:35:45 +01:00
def is_forwarded(subject: str) -> bool:
# regex taken from strip_from_subject, we use it to detect various forms
# of FWD at the beginning of the subject.
reg = r"([\[\(] *)?\b(FWD?) *([-:;)\]][ :;\])-]*|$)|\]+ *$"
return bool(re.match(reg, subject, flags=re.IGNORECASE))
email_mirror: Don't pass debug_info to process_stream_message. The only place in which process_stream_message used debug_info was to set the 'stream' key, which would only be used if ZulipEmailForwardError was raised after this line in the code - which is impossible, because after that line only send_zulip (which doesnt raise this exception) and logger.info get called, then process_stream_message successfully returns and then process_message succesfully returns as well. So this debug_info code wasn't doing anything. We remove it.
2019-03-22 11:22:14 +01:00
def process_stream_message(to: str, message: message.Message) -> None:
email_mirror: Extract handle_header_content function.
2020-01-30 15:01:07 +01:00
subject_header = handle_header_content(message.get("Subject", ""))
email_mirror: Move subject processing into process_stream_message. We remove the 'subject' argument of process_stream_message and make subject processing happen inside the function, as it's a more appropriate place than the general process_message function and is needed to have a good way of disabling removing quotations in forwarded emails sent into the mirror.
2019-03-09 16:52:54 +01:00
subject = strip_from_subject(subject_header) or "(no topic)"
email_mirror: Give extract_and_validate a more descriptive name.
2020-01-10 10:25:56 +01:00
stream, options = decode_stream_email_address(to)
email_mirror: Add support for "+include-quotations" in address. We add an option to disable the stripping of quotations from the email body, if "+include-quotations" token is included in the email address.
2019-05-26 18:28:39 +02:00
# Don't remove quotations if message is forwarded, unless otherwise specified:
email_mirror: Rename include-quotations to include-quotes.
2019-07-14 03:51:53 +02:00
if 'include_quotes' not in options:
options['include_quotes'] = is_forwarded(subject_header)
email_mirror: Add support for "+include-quotations" in address. We add an option to disable the stripping of quotations from the email body, if "+include-quotations" token is included in the email address.
2019-05-26 18:28:39 +02:00
email_mirror: Add general support for optional tokens in the address. To enable a comfortable way of adding more optional tokens in the address (like current '+show-sender') we change decode_email_address to return a general dictionary containing options specified through adding these optional tokens in the To: address. For now, we only have "+show-sender", but more can be easily added using this change.
2019-05-26 16:25:23 +02:00
body = construct_zulip_body(message, stream.realm, **options)
email_mirror: Use internal_send_stream_message(). This is just a refactoring to the more modern API for sending internal messages. To make this work we now plumb the email_gateway flag through `internal_send_stream_message` instead of `internal_send_message`. We also change `send_zulip` to have its callers pass in a full UserProfile object (which one of them already had).
2020-02-10 16:49:19 +01:00
send_zulip(
get_system_bot(settings.EMAIL_GATEWAY_BOT),
stream, subject, body)
tests: Suppress logging spam in email mirror tests.
2017-10-28 00:50:15 +02:00
logger.info("Successfully processed email to %s (%s)" % (
Use Realm.string_id instead of Realm.domain when logging.
2017-03-13 17:42:14 +01:00
stream.name, stream.realm.string_id))
Add support for one time use email address The one time use address are a unique token which maps to stored stated in redis. We store the user_id, recipient_id, and subject. When an email is received at this address it is sent to the stored recipient by the stored user. Anyone with this address can send a single message as this user. (imported from commit 4219417bdc30c033a6cf7a0c7c0939f7d0308144)
2014-07-25 10:40:40 +02:00
email_mirror: Migrate missed message addresses from redis to database. Addresses point 1 of #13533. MissedMessageEmailAddress objects get tied to the specific that was missed by the user. A useful benefit of that is that email message sent to that address will handle topic changes - if the message that was missed gets its topic changed, the email response will get posted under the new topic, while in the old model it would get posted under the old topic, which could potentially be confusing. Migrating redis data to this new model is a bit tricky, so the migration code has comments explaining some of the compromises made there, and test_migrations.py tests handling of the various possible cases that could arise.
2019-12-26 13:46:55 +01:00
def process_missed_message(to: str, message: message.Message) -> None:
email_mirror: Check address usability in get_missed_message_address.
2020-01-10 10:36:35 +01:00
mm_address = get_usable_missed_message_address(to)
email_mirror: Move send_to_mm_address code to process_missed_message. process_missed_message did nothing other than calling send_to_missed_message_address with the same arguments, so there's no reason to have these as separate functions.
2019-12-26 14:08:41 +01:00
mm_address.increment_times_used()
user_profile = mm_address.user_profile
topic = mm_address.message.topic_name()
if mm_address.message.recipient.type == Recipient.PERSONAL:
# We need to reply to the sender so look up their personal recipient_id
recipient = mm_address.message.sender.recipient
else:
recipient = mm_address.message.recipient
if not is_user_active(user_profile):
logger.warning("Sending user is not active. Ignoring this missed message email.")
return
body = construct_zulip_body(message, user_profile.realm)
if recipient.type == Recipient.STREAM:
stream = get_stream_by_id_in_realm(recipient.type_id, user_profile.realm)
internal_send_stream_message(
user_profile.realm, user_profile, stream,
topic, body
)
recipient_str = stream.name
elif recipient.type == Recipient.PERSONAL:
display_recipient = get_display_recipient(recipient)
assert not isinstance(display_recipient, str)
recipient_str = display_recipient[0]['email']
recipient_user = get_user(recipient_str, user_profile.realm)
internal_send_private_message(user_profile.realm, user_profile,
recipient_user, body)
elif recipient.type == Recipient.HUDDLE:
display_recipient = get_display_recipient(recipient)
assert not isinstance(display_recipient, str)
emails = [user_dict['email'] for user_dict in display_recipient]
recipient_str = ', '.join(emails)
internal_send_huddle_message(user_profile.realm, user_profile,
emails, body)
else:
raise AssertionError("Invalid recipient type!")
logger.info("Successfully processed email from user %s to %s" % (
user_profile.id, recipient_str))
Add support for one time use email address The one time use address are a unique token which maps to stored stated in redis. We store the user_id, recipient_id, and subject. When an email is received at this address it is sent to the stored recipient by the stored user. Anyone with this address can send a single message as this user. (imported from commit 4219417bdc30c033a6cf7a0c7c0939f7d0308144)
2014-07-25 10:40:40 +02:00
email_mirror: Migrate missed message addresses from redis to database. Addresses point 1 of #13533. MissedMessageEmailAddress objects get tied to the specific that was missed by the user. A useful benefit of that is that email message sent to that address will handle topic changes - if the message that was missed gets its topic changed, the email response will get posted under the new topic, while in the old model it would get posted under the old topic, which could potentially be confusing. Migrating redis data to this new model is a bit tricky, so the migration code has comments explaining some of the compromises made there, and test_migrations.py tests handling of the various possible cases that could arise.
2019-12-26 13:46:55 +01:00
def process_message(message: message.Message, rcpt_to: Optional[str]=None) -> None:
email_mirror: Rewrite log_and_report and cover it with tests. log_and_report and its helper functions were mostly old code no longer well adapted to how email mirror works currently, as well as having no test coverage. We rewrite this part of the email to report errors in a similar manner, and add tests for it. We're able to get rid of the clunky and now useless debug_info dictionary in process message, as log_and_report only needs the recipient email in its third argument.
2019-03-22 16:33:57 +01:00
to = None # type: Optional[str]
Break out non-Twisted email mirror code into separate library (imported from commit 45c3e70ba81cdb44f1e9db4f162e5f2d2fe5ead6)
2013-12-16 23:32:08 +01:00
try:
Let message recipient in process_message be passed as an argument. (imported from commit cfcfb9edf748a35d279235ee11a05b1a00c934b5)
2013-12-17 22:37:29 +01:00
if rcpt_to is not None:
to = rcpt_to
else:
to = find_emailgateway_recipient(message)
Add support for one time use email address The one time use address are a unique token which maps to stored stated in redis. We store the user_id, recipient_id, and subject. When an email is received at this address it is sent to the stored recipient by the stored user. Anyone with this address can send a single message as this user. (imported from commit 4219417bdc30c033a6cf7a0c7c0939f7d0308144)
2014-07-25 10:40:40 +02:00
if is_missed_message_address(to):
email_mirror: Migrate missed message addresses from redis to database. Addresses point 1 of #13533. MissedMessageEmailAddress objects get tied to the specific that was missed by the user. A useful benefit of that is that email message sent to that address will handle topic changes - if the message that was missed gets its topic changed, the email response will get posted under the new topic, while in the old model it would get posted under the old topic, which could potentially be confusing. Migrating redis data to this new model is a bit tricky, so the migration code has comments explaining some of the compromises made there, and test_migrations.py tests handling of the various possible cases that could arise.
2019-12-26 13:46:55 +01:00
process_missed_message(to, message)
Add support for one time use email address The one time use address are a unique token which maps to stored stated in redis. We store the user_id, recipient_id, and subject. When an email is received at this address it is sent to the stored recipient by the stored user. Anyone with this address can send a single message as this user. (imported from commit 4219417bdc30c033a6cf7a0c7c0939f7d0308144)
2014-07-25 10:40:40 +02:00
else:
email_mirror: Don't pass debug_info to process_stream_message. The only place in which process_stream_message used debug_info was to set the 'stream' key, which would only be used if ZulipEmailForwardError was raised after this line in the code - which is impossible, because after that line only send_zulip (which doesnt raise this exception) and logger.info get called, then process_stream_message successfully returns and then process_message succesfully returns as well. So this debug_info code wasn't doing anything. We remove it.
2019-03-22 11:22:14 +01:00
process_stream_message(to, message)
Apply Python 3 futurize transform lib2to3.fixes.fix_except.
2015-11-01 17:08:33 +01:00
except ZulipEmailForwardError as e:
email_mirror: Don't email errors for emails missing body type. This lowers the severity on content type errors to not send spammy error emails, and instead just log a warning.
2019-01-05 19:29:08 +01:00
if isinstance(e, ZulipEmailForwardUserError):
# TODO: notify sender of error, retry if appropriate.
logging.warning(str(e))
else:
email_mirror: Rewrite log_and_report and cover it with tests. log_and_report and its helper functions were mostly old code no longer well adapted to how email mirror works currently, as well as having no test coverage. We rewrite this part of the email to report errors in a similar manner, and add tests for it. We're able to get rid of the clunky and now useless debug_info dictionary in process message, as log_and_report only needs the recipient email in its third argument.
2019-03-22 16:33:57 +01:00
log_and_report(message, str(e), to)
email-mirror: Move postfix email mirror integration to separate script. This fixes a performance problem where we were previously starting up a full Django process (~0.7s even on a fast machine) every time a new email came in, potentially allowing users to accidentally DoS a Zulip server. Now, we just post over HTTPS, allowing the existing thread pool support to do its job. - Add script wrapper to communicate postfix pipe with django web server over HTTP(S). It uses shared_secret authentication mode. - Add django view to process messages from email mirror server. - Clean management command `email-mirror`. Left just functional for cron email processing. - Add routes for new tornado view. - Change pipe script in master process postfix config template based on updated script. - Add tests. Tweaked by tabbott to adjust the directory and set better defaults. Fixes #2421.
2017-04-18 17:28:55 +02:00
email_mirror: Reuse exception messages in mirror_email_message.
2020-01-10 10:21:47 +01:00
def validate_to_address(rcpt_to: str) -> None:
email-mirror: Move postfix email mirror integration to separate script. This fixes a performance problem where we were previously starting up a full Django process (~0.7s even on a fast machine) every time a new email came in, potentially allowing users to accidentally DoS a Zulip server. Now, we just post over HTTPS, allowing the existing thread pool support to do its job. - Add script wrapper to communicate postfix pipe with django web server over HTTP(S). It uses shared_secret authentication mode. - Add django view to process messages from email mirror server. - Clean management command `email-mirror`. Left just functional for cron email processing. - Add routes for new tornado view. - Change pipe script in master process postfix config template based on updated script. - Add tests. Tweaked by tabbott to adjust the directory and set better defaults. Fixes #2421.
2017-04-18 17:28:55 +02:00
if is_missed_message_address(rcpt_to):
email_mirror: Check address usability in get_missed_message_address.
2020-01-10 10:36:35 +01:00
get_usable_missed_message_address(rcpt_to)
email-mirror: Move postfix email mirror integration to separate script. This fixes a performance problem where we were previously starting up a full Django process (~0.7s even on a fast machine) every time a new email came in, potentially allowing users to accidentally DoS a Zulip server. Now, we just post over HTTPS, allowing the existing thread pool support to do its job. - Add script wrapper to communicate postfix pipe with django web server over HTTP(S). It uses shared_secret authentication mode. - Add django view to process messages from email mirror server. - Clean management command `email-mirror`. Left just functional for cron email processing. - Add routes for new tornado view. - Change pipe script in master process postfix config template based on updated script. - Add tests. Tweaked by tabbott to adjust the directory and set better defaults. Fixes #2421.
2017-04-18 17:28:55 +02:00
else:
email_mirror: Give extract_and_validate a more descriptive name.
2020-01-10 10:25:56 +01:00
decode_stream_email_address(rcpt_to)
email_mirror: Reuse exception messages in mirror_email_message.
2020-01-10 10:21:47 +01:00
def mirror_email_message(data: Dict[str, str]) -> Dict[str, str]:
rcpt_to = data['recipient']
try:
validate_to_address(rcpt_to)
except ZulipEmailForwardError as e:
return {
"status": "error",
"msg": "5.1.1 Bad destination mailbox address: {}".format(e)
}
email-mirror: Move postfix email mirror integration to separate script. This fixes a performance problem where we were previously starting up a full Django process (~0.7s even on a fast machine) every time a new email came in, potentially allowing users to accidentally DoS a Zulip server. Now, we just post over HTTPS, allowing the existing thread pool support to do its job. - Add script wrapper to communicate postfix pipe with django web server over HTTP(S). It uses shared_secret authentication mode. - Add django view to process messages from email mirror server. - Clean management command `email-mirror`. Left just functional for cron email processing. - Add routes for new tornado view. - Change pipe script in master process postfix config template based on updated script. - Add tests. Tweaked by tabbott to adjust the directory and set better defaults. Fixes #2421.
2017-04-18 17:28:55 +02:00
queue_json_publish(
"email_mirror",
{
"message": data['msg_text'],
"rcpt_to": rcpt_to
queue processor tests: Call consume by default. This significantly improves the API for queue_json_publish to not be overly focused on what the behavior of this function should be in our unit tests.
2017-11-24 13:18:46 +01:00
}
email-mirror: Move postfix email mirror integration to separate script. This fixes a performance problem where we were previously starting up a full Django process (~0.7s even on a fast machine) every time a new email came in, potentially allowing users to accidentally DoS a Zulip server. Now, we just post over HTTPS, allowing the existing thread pool support to do its job. - Add script wrapper to communicate postfix pipe with django web server over HTTP(S). It uses shared_secret authentication mode. - Add django view to process messages from email mirror server. - Clean management command `email-mirror`. Left just functional for cron email processing. - Add routes for new tornado view. - Change pipe script in master process postfix config template based on updated script. - Add tests. Tweaked by tabbott to adjust the directory and set better defaults. Fixes #2421.
2017-04-18 17:28:55 +02:00
)
return {"status": "success"}
email_mirror: Add realm-based rate limiting. Closes #2420 We add rate limiting (max X emails withing Y seconds per realm) to the email mirror. By creating RateLimitedRealmMirror class, inheriting from RateLimitedObject, and rate_limit_mirror_by_realm function, following a mechanism used by rate_limit_user, we're able to have this implementation mostly rely on the already existing, and proven over time, rate_limiter.py code. The rules are configurable in settings.py in RATE_LIMITING_MIRROR_REALM_RULES, analogically to RATE_LIMITING_RULES. Rate limit verification happens in the MirrorWorker in queue_processors.py. We don't rate limit missed message emails, as due to using one time addresses, they're not a spam threat. test_mirror_worker is adapted to the altered MirrorWorker code and a new test - test_mirror_worker_rate_limiting is added in test_queue_worker.py to provide coverage for these changes.
2019-03-16 11:39:09 +01:00
# Email mirror rate limiter code:
class RateLimitedRealmMirror(RateLimitedObject):
def __init__(self, realm: Realm) -> None:
self.realm = realm
rate_limit: Add the concept of RateLimiterBackend. This will allow easily swapping and using various implementations of rate-limiting, and separate the implementation logic from RateLimitedObjects.
2020-03-05 13:38:20 +01:00
super().__init__()
email_mirror: Add realm-based rate limiting. Closes #2420 We add rate limiting (max X emails withing Y seconds per realm) to the email mirror. By creating RateLimitedRealmMirror class, inheriting from RateLimitedObject, and rate_limit_mirror_by_realm function, following a mechanism used by rate_limit_user, we're able to have this implementation mostly rely on the already existing, and proven over time, rate_limiter.py code. The rules are configurable in settings.py in RATE_LIMITING_MIRROR_REALM_RULES, analogically to RATE_LIMITING_RULES. Rate limit verification happens in the MirrorWorker in queue_processors.py. We don't rate limit missed message emails, as due to using one time addresses, they're not a spam threat. test_mirror_worker is adapted to the altered MirrorWorker code and a new test - test_mirror_worker_rate_limiting is added in test_queue_worker.py to provide coverage for these changes.
2019-03-16 11:39:09 +01:00
rate_limit: Rename key_fragment() method to key().
2020-03-06 10:49:04 +01:00
def key(self) -> str:
rate_limit: Adjust keys() of some RateLimitedObjects. type().__name__ is sufficient, and much readable than type(), so it's better to use the former for keys. We also make the classes consistent in forming the keys in the format type(self).__name__:identifier and adjust logger.warning and statsd to take advantage of that and simply log the key().
2020-03-06 10:56:36 +01:00
return "{}:{}".format(type(self).__name__, self.realm.string_id)
email_mirror: Add realm-based rate limiting. Closes #2420 We add rate limiting (max X emails withing Y seconds per realm) to the email mirror. By creating RateLimitedRealmMirror class, inheriting from RateLimitedObject, and rate_limit_mirror_by_realm function, following a mechanism used by rate_limit_user, we're able to have this implementation mostly rely on the already existing, and proven over time, rate_limiter.py code. The rules are configurable in settings.py in RATE_LIMITING_MIRROR_REALM_RULES, analogically to RATE_LIMITING_RULES. Rate limit verification happens in the MirrorWorker in queue_processors.py. We don't rate limit missed message emails, as due to using one time addresses, they're not a spam threat. test_mirror_worker is adapted to the altered MirrorWorker code and a new test - test_mirror_worker_rate_limiting is added in test_queue_worker.py to provide coverage for these changes.
2019-03-16 11:39:09 +01:00
def rules(self) -> List[Tuple[int, int]]:
return settings.RATE_LIMITING_MIRROR_REALM_RULES
def rate_limit_mirror_by_realm(recipient_realm: Realm) -> None:
rate_limit: Move functions called by external code to RateLimitedObject.
2020-03-04 14:05:25 +01:00
ratelimited = RateLimitedRealmMirror(recipient_realm).rate_limit()[0]
email_mirror: Add realm-based rate limiting. Closes #2420 We add rate limiting (max X emails withing Y seconds per realm) to the email mirror. By creating RateLimitedRealmMirror class, inheriting from RateLimitedObject, and rate_limit_mirror_by_realm function, following a mechanism used by rate_limit_user, we're able to have this implementation mostly rely on the already existing, and proven over time, rate_limiter.py code. The rules are configurable in settings.py in RATE_LIMITING_MIRROR_REALM_RULES, analogically to RATE_LIMITING_RULES. Rate limit verification happens in the MirrorWorker in queue_processors.py. We don't rate limit missed message emails, as due to using one time addresses, they're not a spam threat. test_mirror_worker is adapted to the altered MirrorWorker code and a new test - test_mirror_worker_rate_limiting is added in test_queue_worker.py to provide coverage for these changes.
2019-03-16 11:39:09 +01:00
if ratelimited:
raise RateLimited()