def verify_prefix_suffix(user: User, alias_prefix, alias_suffix) -> bool: """verify if user could create an alias with the given prefix and suffix""" if not alias_prefix or not alias_suffix: # should be caught on frontend return False user_custom_domains = [cd.domain for cd in user.verified_custom_domains()] alias_prefix = alias_prefix.strip() alias_prefix = convert_to_id(alias_prefix) # make sure alias_suffix is either [email protected] or @my-domain.com alias_suffix = alias_suffix.strip() # alias_domain_prefix is either a .random_word or "" alias_domain_prefix, alias_domain = alias_suffix.split("@", 1) # alias_domain must be either one of user custom domains or built-in domains if alias_domain not in user.available_alias_domains(): LOG.exception("wrong alias suffix %s, user %s", alias_suffix, user) return False # SimpleLogin domain case: # 1) alias_suffix must start with "." and # 2) alias_domain_prefix must come from the word list if (alias_domain in user.available_sl_domains() and alias_domain not in user_custom_domains # when DISABLE_ALIAS_SUFFIX is true, alias_domain_prefix is empty and not DISABLE_ALIAS_SUFFIX): if not alias_domain_prefix.startswith("."): LOG.exception("User %s submits a wrong alias suffix %s", user, alias_suffix) return False random_word_part = alias_domain_prefix[1:] if not word_exist(random_word_part): LOG.exception( "alias suffix %s needs to start with a random word, user %s", alias_suffix, user, ) return False else: if alias_domain not in user_custom_domains: if not DISABLE_ALIAS_SUFFIX: LOG.exception("wrong alias suffix %s, user %s", alias_suffix, user) return False if alias_domain not in user.available_sl_domains(): LOG.exception("wrong alias suffix %s, user %s", alias_suffix, user) return False return True
def verify_prefix_suffix(user, alias_prefix, alias_suffix) -> bool: """verify if user could create an alias with the given prefix and suffix""" if not alias_prefix or not alias_suffix: # should be caught on frontend return False user_custom_domains = [cd.domain for cd in user.verified_custom_domains()] alias_prefix = alias_prefix.strip() alias_prefix = convert_to_id(alias_prefix) # make sure alias_suffix is either [email protected] or @my-domain.com alias_suffix = alias_suffix.strip() if alias_suffix.startswith("@"): alias_domain = alias_suffix[1:] # alias_domain can be either custom_domain or if DISABLE_ALIAS_SUFFIX, one of the default ALIAS_DOMAINS if DISABLE_ALIAS_SUFFIX: if (alias_domain not in user_custom_domains and alias_domain not in ALIAS_DOMAINS): LOG.exception("wrong alias suffix %s, user %s", alias_suffix, user) return False else: if alias_domain not in user_custom_domains: LOG.exception("wrong alias suffix %s, user %s", alias_suffix, user) return False else: if not alias_suffix.startswith("."): LOG.exception("User %s submits a wrong alias suffix %s", user, alias_suffix) return False full_alias = alias_prefix + alias_suffix if not email_belongs_to_alias_domains(full_alias): LOG.exception( "Alias suffix should end with one of the alias domains %s", user, alias_suffix, ) return False random_word_part = alias_suffix[1:alias_suffix.find("@")] if not word_exist(random_word_part): LOG.exception( "alias suffix %s needs to start with a random word, user %s", alias_suffix, user, ) return False return True
def verify_prefix_suffix(user, alias_prefix, alias_suffix, user_custom_domains) -> bool: """verify if user could create an alias with the given prefix and suffix""" alias_prefix = alias_prefix.strip() alias_prefix = convert_to_id(alias_prefix) if not alias_prefix: # should be caught on frontend return False # make sure alias_suffix is either [email protected] or @my-domain.com alias_suffix = alias_suffix.strip() if alias_suffix.startswith("@"): alias_domain = alias_suffix[1:] # alias_domain can be either custom_domain or if DISABLE_ALIAS_SUFFIX, EMAIL_DOMAIN if DISABLE_ALIAS_SUFFIX: if alias_domain not in user_custom_domains and alias_domain != EMAIL_DOMAIN: LOG.error("wrong alias suffix %s, user %s", alias_suffix, user) return False else: if alias_domain not in user_custom_domains: LOG.error("wrong alias suffix %s, user %s", alias_suffix, user) return False else: if not alias_suffix.startswith("."): LOG.error("User %s submits a wrong alias suffix %s", user, alias_suffix) return False if not alias_suffix.endswith(EMAIL_DOMAIN): LOG.error( "Alias suffix should end with default alias domain %s", user, alias_suffix, ) return False random_word_part = alias_suffix[1 : alias_suffix.find("@")] if not word_exist(random_word_part): LOG.error( "alias suffix %s needs to start with a random word, user %s", alias_suffix, user, ) return False return True
def custom_alias(): # check if user has the right to create custom alias if not current_user.can_create_new_alias(): # notify admin LOG.error("user %s tries to create custom alias", current_user) flash("ony premium user can choose custom alias", "warning") return redirect(url_for("dashboard.index")) error = "" if request.method == "POST": if request.form.get("form-name") == "non-custom-domain-name": email_prefix = request.form.get("email-prefix") email_prefix = convert_to_id(email_prefix) email_suffix = request.form.get("email-suffix") # verify email_suffix: do not verify when DISABLE_ALIAS_SUFFIX is set if not DISABLE_ALIAS_SUFFIX: # email suffix must be in the format ".{word}" if email_suffix[0] != "." or not word_exist(email_suffix[1:]): flash( "nice try :). The suffix is there so no one can take all the *nice* aliases though", "warning", ) return redirect(url_for("dashboard.custom_alias")) if not email_prefix: error = "alias prefix cannot be empty" else: full_email = f"{email_prefix}{email_suffix}@{EMAIL_DOMAIN}" # check if email already exists if GenEmail.get_by(email=full_email) or DeletedAlias.get_by( email=full_email): error = "email already chosen, please choose another one" else: # create the new alias LOG.d("create custom alias %s for user %s", full_email, current_user) gen_email = GenEmail.create(email=full_email, user_id=current_user.id) db.session.commit() flash(f"Alias {full_email} has been created", "success") session[HIGHLIGHT_GEN_EMAIL_ID] = gen_email.id return redirect(url_for("dashboard.index")) elif request.form.get("form-name") == "custom-domain-name": custom_domain_id = request.form.get("custom-domain-id") email = request.form.get("email").lower() custom_domain = CustomDomain.get(custom_domain_id) if not custom_domain: flash("Unknown error. Refresh the page", "warning") return redirect(url_for("dashboard.custom_alias")) elif custom_domain.user_id != current_user.id: flash("Unknown error. Refresh the page", "warning") return redirect(url_for("dashboard.custom_alias")) elif not custom_domain.verified: flash("Unknown error. Refresh the page", "warning") return redirect(url_for("dashboard.custom_alias")) full_email = f"{email}@{custom_domain.domain}" if GenEmail.get_by(email=full_email): error = f"{full_email} already exist, please choose another one" else: LOG.d( "create custom alias %s for custom domain %s", full_email, custom_domain.domain, ) gen_email = GenEmail.create( email=full_email, user_id=current_user.id, custom_domain_id=custom_domain.id, ) db.session.commit() flash(f"Alias {full_email} has been created", "success") session[HIGHLIGHT_GEN_EMAIL_ID] = gen_email.id return redirect(url_for("dashboard.index")) email_suffix = "" if DISABLE_ALIAS_SUFFIX else "." + random_word() return render_template( "dashboard/custom_alias.html", error=error, email_suffix=email_suffix, EMAIL_DOMAIN=EMAIL_DOMAIN, custom_domains=current_user.verified_custom_domains(), )