-
Notifications
You must be signed in to change notification settings - Fork 327
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
d01c6d3
commit b73f5ca
Showing
3 changed files
with
154 additions
and
62 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
39 changes: 39 additions & 0 deletions
39
src/api-umbrella/web-app/app/views/api_user_mailer/notify_api_admin.erb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,39 @@ | ||
| <h1><%= @user.first_name %> <%= @user.last_name %> just subscribed</h1> | ||
| <h2>Description</h2> | ||
|
|
||
| <p> | ||
| <%= @user.use_description %> | ||
| </p> | ||
|
|
||
| <h2>Extra-informations</h2> | ||
|
|
||
| <table> | ||
| <tr> | ||
| <td>Email</td> | ||
| <td><%= @user.email %></td> | ||
| </tr> | ||
| <% unless @user.registration_source.blank? -%> | ||
| <tr> | ||
| <td>Source</td> | ||
| <td><%= @user.registration_source %></td> | ||
| </tr> | ||
| <% end -%> | ||
| <% unless @user.website.blank? -%> | ||
| <tr> | ||
| <td>Website</td> | ||
| <td><%= @user.website %></td> | ||
| </tr> | ||
| <% end -%> | ||
| <tr> | ||
| <td>IP Adress</td> | ||
| <td><%= @user.registration_ip %></td> | ||
| </tr> | ||
| <tr> | ||
| <td>Referer</td> | ||
| <td><%= @user.registration_referer %></td> | ||
| </tr> | ||
| <tr> | ||
| <td>Origin</td> | ||
| <td><%= @user.registration_origin %></td> | ||
| </tr> | ||
| </table> |
165 changes: 103 additions & 62 deletions
165
src/api-umbrella/web-app/spec/mailers/api_user_mailer_spec.rb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,88 +1,129 @@ | ||
| require "spec_helper" | ||
|
|
||
| describe ApiUserMailer do | ||
| describe "OSVDB-131677 security" do | ||
| it "accepts recipients without newlines" do | ||
| expect do | ||
| api_user = FactoryGirl.create(:api_user, :email => "[email protected]") | ||
| ApiUserMailer.signup_email(api_user, {}).deliver | ||
| end.to change { ActionMailer::Base.deliveries.count }.by(1) | ||
| end | ||
|
|
||
| it "rejects recipients with newlines" do | ||
| expect do | ||
| describe "signup_email" do | ||
| describe "OSVDB-131677 security" do | ||
| it "accepts recipients without newlines" do | ||
| expect do | ||
| api_user = FactoryGirl.create(:api_user, :email => "[email protected]\nfoo") | ||
| api_user = FactoryGirl.create(:api_user, :email => "[email protected]") | ||
| ApiUserMailer.signup_email(api_user, {}).deliver | ||
| end.to raise_error(MailSanitizer::InvalidAddress) | ||
| end.to change { ActionMailer::Base.deliveries.count }.by(0) | ||
| end | ||
| end.to change { ActionMailer::Base.deliveries.count }.by(1) | ||
| end | ||
|
|
||
| it "rejects recipients with carriage returns" do | ||
| expect do | ||
| it "rejects recipients with newlines" do | ||
| expect do | ||
| api_user = FactoryGirl.create(:api_user, :email => "[email protected]\rfoo") | ||
| ApiUserMailer.signup_email(api_user, {}).deliver | ||
| end.to raise_error(MailSanitizer::InvalidAddress) | ||
| end.to change { ActionMailer::Base.deliveries.count }.by(0) | ||
| end | ||
| expect do | ||
| api_user = FactoryGirl.create(:api_user, :email => "[email protected]\nfoo") | ||
| ApiUserMailer.signup_email(api_user, {}).deliver | ||
| end.to raise_error(MailSanitizer::InvalidAddress) | ||
| end.to change { ActionMailer::Base.deliveries.count }.by(0) | ||
| end | ||
|
|
||
| it "accepts recipients 500 chars or less" do | ||
| expect do | ||
| api_user = FactoryGirl.create(:api_user, :email => "#{"o" * 488}@example.com") | ||
| ApiUserMailer.signup_email(api_user, {}).deliver | ||
| end.to change { ActionMailer::Base.deliveries.count }.by(1) | ||
| end | ||
| it "rejects recipients with carriage returns" do | ||
| expect do | ||
| expect do | ||
| api_user = FactoryGirl.create(:api_user, :email => "[email protected]\rfoo") | ||
| ApiUserMailer.signup_email(api_user, {}).deliver | ||
| end.to raise_error(MailSanitizer::InvalidAddress) | ||
| end.to change { ActionMailer::Base.deliveries.count }.by(0) | ||
| end | ||
|
|
||
| it "rejects recipients greater than 500 chars" do | ||
| expect do | ||
| it "accepts recipients 500 chars or less" do | ||
| expect do | ||
| api_user = FactoryGirl.create(:api_user, :email => "#{"o" * 489}@example.com") | ||
| api_user = FactoryGirl.create(:api_user, :email => "#{"o" * 488}@example.com") | ||
| ApiUserMailer.signup_email(api_user, {}).deliver | ||
| end.to raise_error(MailSanitizer::InvalidAddress) | ||
| end.to change { ActionMailer::Base.deliveries.count }.by(0) | ||
| end | ||
| end.to change { ActionMailer::Base.deliveries.count }.by(1) | ||
| end | ||
|
|
||
| it "accepts from addresses without newlines" do | ||
| expect do | ||
| api_user = FactoryGirl.create(:api_user) | ||
| ApiUserMailer.signup_email(api_user, { :email_from_address => "[email protected]" }).deliver | ||
| end.to change { ActionMailer::Base.deliveries.count }.by(1) | ||
| end | ||
| it "rejects recipients greater than 500 chars" do | ||
| expect do | ||
| expect do | ||
| api_user = FactoryGirl.create(:api_user, :email => "#{"o" * 489}@example.com") | ||
| ApiUserMailer.signup_email(api_user, {}).deliver | ||
| end.to raise_error(MailSanitizer::InvalidAddress) | ||
| end.to change { ActionMailer::Base.deliveries.count }.by(0) | ||
| end | ||
|
|
||
| it "rejects from addresses with newlines" do | ||
| expect do | ||
| it "accepts from addresses without newlines" do | ||
| expect do | ||
| api_user = FactoryGirl.create(:api_user) | ||
| ApiUserMailer.signup_email(api_user, { :email_from_address => "[email protected]\nfoo" }).deliver | ||
| end.to raise_error(MailSanitizer::InvalidAddress) | ||
| end.to change { ActionMailer::Base.deliveries.count }.by(0) | ||
| end | ||
| ApiUserMailer.signup_email(api_user, { :email_from_address => "[email protected]" }).deliver | ||
| end.to change { ActionMailer::Base.deliveries.count }.by(1) | ||
| end | ||
|
|
||
| it "rejects from addresses with newlines" do | ||
| expect do | ||
| expect do | ||
| api_user = FactoryGirl.create(:api_user) | ||
| ApiUserMailer.signup_email(api_user, { :email_from_address => "[email protected]\nfoo" }).deliver | ||
| end.to raise_error(MailSanitizer::InvalidAddress) | ||
| end.to change { ActionMailer::Base.deliveries.count }.by(0) | ||
| end | ||
|
|
||
| it "rejects from addresses with carriage returns" do | ||
| expect do | ||
| expect do | ||
| api_user = FactoryGirl.create(:api_user) | ||
| ApiUserMailer.signup_email(api_user, { :email_from_address => "[email protected]\rfoo" }).deliver | ||
| end.to raise_error(MailSanitizer::InvalidAddress) | ||
| end.to change { ActionMailer::Base.deliveries.count }.by(0) | ||
| end | ||
|
|
||
| it "rejects from addresses with carriage returns" do | ||
| expect do | ||
| it "accepts from addresses 500 chars or less" do | ||
| expect do | ||
| api_user = FactoryGirl.create(:api_user) | ||
| ApiUserMailer.signup_email(api_user, { :email_from_address => "[email protected]\rfoo" }).deliver | ||
| end.to raise_error(MailSanitizer::InvalidAddress) | ||
| end.to change { ActionMailer::Base.deliveries.count }.by(0) | ||
| ApiUserMailer.signup_email(api_user, { :email_from_address => "#{"o" * 488}@example.com" }).deliver | ||
| end.to change { ActionMailer::Base.deliveries.count }.by(1) | ||
| end | ||
|
|
||
| it "rejects from addresses greater than 500 chars" do | ||
| expect do | ||
| expect do | ||
| api_user = FactoryGirl.create(:api_user) | ||
| ApiUserMailer.signup_email(api_user, { :email_from_address => "#{"o" * 489}@example.com" }).deliver | ||
| end.to raise_error(MailSanitizer::InvalidAddress) | ||
| end.to change { ActionMailer::Base.deliveries.count }.by(0) | ||
| end | ||
|
|
||
| end | ||
| end | ||
|
|
||
| it "accepts from addresses 500 chars or less" do | ||
| expect do | ||
| api_user = FactoryGirl.create(:api_user) | ||
| ApiUserMailer.signup_email(api_user, { :email_from_address => "#{"o" * 488}@example.com" }).deliver | ||
| end.to change { ActionMailer::Base.deliveries.count }.by(1) | ||
| describe "signup_email" do | ||
| before(:each) do | ||
| ApiUmbrellaConfig[:web][:contact_form_email] = "[email protected]" | ||
| end | ||
|
|
||
| it "rejects from addresses greater than 500 chars" do | ||
| expect do | ||
| expect do | ||
| api_user = FactoryGirl.create(:api_user) | ||
| ApiUserMailer.signup_email(api_user, { :email_from_address => "#{"o" * 489}@example.com" }).deliver | ||
| end.to raise_error(MailSanitizer::InvalidAddress) | ||
| end.to change { ActionMailer::Base.deliveries.count }.by(0) | ||
| let(:api_user) { FactoryGirl.create(:api_user, | ||
| :first_name => "aaa", | ||
| :last_name => "bbb", | ||
| :use_description => "I WANNA DO EVERYTHING", | ||
| :email => "[email protected]") } | ||
|
|
||
| subject { ApiUserMailer.notify_api_admin(api_user).deliver } | ||
|
|
||
| it "send an email " do | ||
| expect { subject }.to change { ActionMailer::Base.deliveries.count }.by(1) | ||
| end | ||
|
|
||
| it "send an email to the contact email" do | ||
| subject | ||
| expect(ActionMailer::Base.deliveries.first.to).to eq ["[email protected]"] | ||
| end | ||
|
|
||
| it "the receiver can be overwrited by the admin " do | ||
| ApiUmbrellaConfig[:admin_notify_email] = "[email protected]" | ||
| subject | ||
| expect(ActionMailer::Base.deliveries.first.to).to eq ["[email protected]"] | ||
| end | ||
|
|
||
| it "send an email with the name of the person in the subject" do | ||
| subject | ||
| expect(ActionMailer::Base.deliveries.first.subject).to eq "aaa bbb just subscribed" | ||
| end | ||
|
|
||
| it "send an email with usage in the body" do | ||
| subject | ||
| expect(ActionMailer::Base.deliveries.first.encoded).to include "I WANNA DO EVERYTHING" | ||
| end | ||
| end | ||
| end |