def block_contact(contact_id):
contact = Contact.get(contact_id)
if not contact:
flash("Incorrect link. Redirect you to the home page", "warning")
return redirect(url_for("dashboard.index"))
if contact.user_id != current_user.id:
flash(
"You don't have access to this page. Redirect you to the home page",
"warning",
)
return redirect(url_for("dashboard.index"))
# automatic unsubscribe, according to https://tools.ietf.org/html/rfc8058
if request.method == "POST":
contact.block_forward = True
flash(f"Emails sent from {contact.website_email} are now blocked",
"success")
Session.commit()
return redirect(
url_for(
"dashboard.alias_contact_manager",
alias_id=contact.alias_id,
highlight_contact_id=contact.id,
))
else: # ask user confirmation
return render_template("dashboard/block_contact.html", contact=contact)
def test_add_contact_success(flask_client):
login(flask_client)
alias = Alias.first()
assert Contact.query.count() == 0
# <<< Create a new contact >>>
flask_client.post(
url_for("dashboard.alias_contact_manager", alias_id=alias.id),
data={
"form-name": "create",
"email": "*****@*****.**",
},
follow_redirects=True,
)
# a new contact is added
assert Contact.query.count() == 1
contact = Contact.first()
assert contact.website_email == "*****@*****.**"
# <<< Create a new contact using a full email format >>>
flask_client.post(
url_for("dashboard.alias_contact_manager", alias_id=alias.id),
data={
"form-name": "create",
"email": "First Last <*****@*****.**>",
},
follow_redirects=True,
)
# a new contact is added
assert Contact.query.count() == 2
contact = Contact.get(2)
assert contact.website_email == "*****@*****.**"
assert contact.name == "First Last"
# <<< Create a new contact with invalid email address >>>
r = flask_client.post(
url_for("dashboard.alias_contact_manager", alias_id=alias.id),
data={
"form-name": "create",
"email": "with [email protected]",
},
follow_redirects=True,
)
# no new contact is added
assert Contact.query.count() == 2
assert "Invalid email format. Email must be either [email protected]" in str(
r.data)
def contact_detail_route(contact_id):
contact = Contact.get(contact_id)
if not contact or contact.user_id != current_user.id:
flash("You cannot see this page", "warning")
return redirect(url_for("dashboard.index"))
alias = contact.alias
if request.method == "POST":
if request.form.get("form-name") == "pgp":
if request.form.get("action") == "save":
if not current_user.is_premium():
flash("Only premium plan can add PGP Key", "warning")
return redirect(
url_for("dashboard.contact_detail_route",
contact_id=contact_id))
contact.pgp_public_key = request.form.get("pgp")
try:
contact.pgp_finger_print = load_public_key_and_check(
contact.pgp_public_key)
except PGPException:
flash("Cannot add the public key, please verify it",
"error")
else:
db.session.commit()
flash(
f"PGP public key for {contact.email} is saved successfully",
"success",
)
return redirect(
url_for("dashboard.contact_detail_route",
contact_id=contact_id))
elif request.form.get("action") == "remove":
# Free user can decide to remove contact PGP key
contact.pgp_public_key = None
contact.pgp_finger_print = None
db.session.commit()
flash(f"PGP public key for {contact.email} is removed",
"success")
return redirect(
url_for("dashboard.contact_detail_route",
contact_id=contact_id))
return render_template("dashboard/contact_detail.html",
contact=contact,
alias=alias)
def delete_contact(contact_id):
"""
Delete contact
Input:
contact_id: in url
Output:
200
"""
user = g.user
contact = Contact.get(contact_id)
if not contact or contact.alias.user_id != user.id:
return jsonify(error="Forbidden"), 403
Contact.delete(contact_id)
db.session.commit()
return jsonify(deleted=True), 200
def toggle_contact(contact_id):
"""
Block/Unblock contact
Input:
contact_id: in url
Output:
200
"""
user = g.user
contact = Contact.get(contact_id)
if not contact or contact.alias.user_id != user.id:
return jsonify(error="Forbidden"), 403
contact.block_forward = not contact.block_forward
Session.commit()
return jsonify(block_forward=contact.block_forward), 200
def toggle_contact(contact_id):
"""
Block/Unblock contact
"""
contact = Contact.get(contact_id)
if not contact or contact.alias.user_id != current_user.id:
return "Forbidden", 403
contact.block_forward = not contact.block_forward
Session.commit()
if contact.block_forward:
toast_msg = f"{contact.website_email} can no longer send emails to {contact.alias.email}"
else:
toast_msg = (
f"{contact.website_email} can now send emails to {contact.alias.email}"
)
return render_template("partials/toggle_contact.html",
contact=contact,
toast_msg=toast_msg)
def alias_contact_manager(alias_id):
highlight_contact_id = None
if request.args.get("highlight_contact_id"):
highlight_contact_id = int(request.args.get("highlight_contact_id"))
alias = Alias.get(alias_id)
page = 0
if request.args.get("page"):
page = int(request.args.get("page"))
query = request.args.get("query") or ""
# sanity check
if not alias:
flash("You do not have access to this page", "warning")
return redirect(url_for("dashboard.index"))
if alias.user_id != current_user.id:
flash("You do not have access to this page", "warning")
return redirect(url_for("dashboard.index"))
new_contact_form = NewContactForm()
if request.method == "POST":
if request.form.get("form-name") == "create":
if new_contact_form.validate():
contact_addr = new_contact_form.email.data.strip()
try:
contact_name, contact_email = parseaddr_unicode(
contact_addr)
contact_email = sanitize_email(contact_email)
except Exception:
flash(f"{contact_addr} is invalid", "error")
return redirect(
url_for(
"dashboard.alias_contact_manager",
alias_id=alias_id,
))
if not is_valid_email(contact_email):
flash(f"{contact_email} is invalid", "error")
return redirect(
url_for(
"dashboard.alias_contact_manager",
alias_id=alias_id,
))
contact = Contact.get_by(alias_id=alias.id,
website_email=contact_email)
# already been added
if contact:
flash(f"{contact_email} is already added", "error")
return redirect(
url_for(
"dashboard.alias_contact_manager",
alias_id=alias_id,
highlight_contact_id=contact.id,
))
contact = Contact.create(
user_id=alias.user_id,
alias_id=alias.id,
website_email=contact_email,
name=contact_name,
reply_email=generate_reply_email(contact_email,
current_user),
)
LOG.d("create reverse-alias for %s", contact_addr)
db.session.commit()
flash(f"Reverse alias for {contact_addr} is created",
"success")
return redirect(
url_for(
"dashboard.alias_contact_manager",
alias_id=alias_id,
highlight_contact_id=contact.id,
))
elif request.form.get("form-name") == "delete":
contact_id = request.form.get("contact-id")
contact = Contact.get(contact_id)
if not contact:
flash("Unknown error. Refresh the page", "warning")
return redirect(
url_for("dashboard.alias_contact_manager",
alias_id=alias_id))
elif contact.alias_id != alias.id:
flash("You cannot delete reverse-alias", "warning")
return redirect(
url_for("dashboard.alias_contact_manager",
alias_id=alias_id))
delete_contact_email = contact.website_email
Contact.delete(contact_id)
db.session.commit()
flash(f"Reverse-alias for {delete_contact_email} has been deleted",
"success")
return redirect(
url_for("dashboard.alias_contact_manager", alias_id=alias_id))
elif request.form.get("form-name") == "search":
query = request.form.get("query")
return redirect(
url_for(
"dashboard.alias_contact_manager",
alias_id=alias_id,
query=query,
highlight_contact_id=highlight_contact_id,
))
contact_infos = get_contact_infos(alias, page, query=query)
last_page = len(contact_infos) < PAGE_LIMIT
# if highlighted contact isn't included, fetch it
# make sure highlighted contact is at array start
contact_ids = [contact_info.contact.id for contact_info in contact_infos]
if highlight_contact_id and highlight_contact_id not in contact_ids:
contact_infos = (get_contact_infos(
alias, contact_id=highlight_contact_id, query=query) +
contact_infos)
return render_template(
"dashboard/alias_contact_manager.html",
contact_infos=contact_infos,
alias=alias,
new_contact_form=new_contact_form,
highlight_contact_id=highlight_contact_id,
page=page,
last_page=last_page,
query=query,
)
def alias_contact_manager(alias_id):
highlight_contact_id = None
if request.args.get("highlight_contact_id"):
highlight_contact_id = int(request.args.get("highlight_contact_id"))
alias = Alias.get(alias_id)
# sanity check
if not alias:
flash("You do not have access to this page", "warning")
return redirect(url_for("dashboard.index"))
if alias.user_id != current_user.id:
flash("You do not have access to this page", "warning")
return redirect(url_for("dashboard.index"))
new_contact_form = NewContactForm()
if request.method == "POST":
if request.form.get("form-name") == "create":
if new_contact_form.validate():
contact_addr = new_contact_form.email.data.strip()
# generate a reply_email, make sure it is unique
# not use while to avoid infinite loop
reply_email = f"ra+{random_string(25)}@{EMAIL_DOMAIN}"
for _ in range(1000):
reply_email = f"ra+{random_string(25)}@{EMAIL_DOMAIN}"
if not Contact.get_by(reply_email=reply_email):
break
try:
contact_name, contact_email = parseaddr_unicode(
contact_addr)
except Exception:
flash(f"{contact_addr} is invalid", "error")
return redirect(
url_for(
"dashboard.alias_contact_manager",
alias_id=alias_id,
))
contact_email = contact_email.lower()
contact = Contact.get_by(alias_id=alias.id,
website_email=contact_email)
# already been added
if contact:
flash(f"{contact_email} is already added", "error")
return redirect(
url_for(
"dashboard.alias_contact_manager",
alias_id=alias_id,
highlight_contact_id=contact.id,
))
contact = Contact.create(
user_id=alias.user_id,
alias_id=alias.id,
website_email=contact_email,
name=contact_name,
reply_email=reply_email,
)
LOG.d("create reverse-alias for %s", contact_addr)
db.session.commit()
flash(f"Reverse alias for {contact_addr} is created",
"success")
return redirect(
url_for(
"dashboard.alias_contact_manager",
alias_id=alias_id,
highlight_contact_id=contact.id,
))
elif request.form.get("form-name") == "delete":
contact_id = request.form.get("contact-id")
contact = Contact.get(contact_id)
if not contact:
flash("Unknown error. Refresh the page", "warning")
return redirect(
url_for("dashboard.alias_contact_manager",
alias_id=alias_id))
elif contact.alias_id != alias.id:
flash("You cannot delete reverse-alias", "warning")
return redirect(
url_for("dashboard.alias_contact_manager",
alias_id=alias_id))
delete_contact_email = contact.website_email
Contact.delete(contact_id)
db.session.commit()
flash(f"Reverse-alias for {delete_contact_email} has been deleted",
"success")
return redirect(
url_for("dashboard.alias_contact_manager", alias_id=alias_id))
# make sure highlighted contact is at array start
contacts = alias.contacts
if highlight_contact_id:
contacts = sorted(contacts,
key=lambda fe: fe.id == highlight_contact_id,
reverse=True)
return render_template(
"dashboard/alias_contact_manager.html",
contacts=contacts,
alias=alias,
new_contact_form=new_contact_form,
highlight_contact_id=highlight_contact_id,
)
