forked from gitea/gitea
1
0
Fork 0

Include username in email headers (#28981)

Emails from Gitea comments do not contain the username of the commenter
anywhere, only their display name, so it is not possible to verify who
made a comment from the email itself:

	From: "Alice" <email@gitea>
	X-Gitea-Sender: Alice
	X-Gitea-Recipient: Bob
	X-GitHub-Sender: Alice
	X-GitHub-Recipient: Bob

	This comment looks like it's from @alice.

The X-Gitea/X-GitHub headers also use display names, which is not very
reliable for filtering, and inconsistent with GitHub's behavior:

	X-GitHub-Sender: lunny
	X-GitHub-Recipient: gwymor

This change includes both the display name and username in the From
header, and switches the other headers from display name to username:

	From: "Alice (@fakealice)" <email@gitea>
	X-Gitea-Sender: fakealice
	X-Gitea-Recipient: bob
	X-GitHub-Sender: fakealice
	X-GitHub-Recipient: bob

	This comment looks like it's from @alice.
This commit is contained in:
Gwyneth Morgan 2024-02-03 00:41:27 +00:00 committed by GitHub
parent a6cea59514
commit 360b3fd17c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 25 additions and 8 deletions

View File

@ -443,6 +443,17 @@ func (u *User) GetDisplayName() string {
return u.Name return u.Name
} }
// GetCompleteName returns the the full name and username in the form of
// "Full Name (@username)" if full name is not empty, otherwise it returns
// "@username".
func (u *User) GetCompleteName() string {
trimmedFullName := strings.TrimSpace(u.FullName)
if len(trimmedFullName) > 0 {
return fmt.Sprintf("%s (@%s)", trimmedFullName, u.Name)
}
return fmt.Sprintf("@%s", u.Name)
}
func gitSafeName(name string) string { func gitSafeName(name string) string {
return strings.TrimSpace(strings.NewReplacer("\n", "", "<", "", ">", "").Replace(name)) return strings.TrimSpace(strings.NewReplacer("\n", "", "<", "", ">", "").Replace(name))
} }

View File

@ -310,7 +310,13 @@ func composeIssueCommentMessages(ctx *mailCommentContext, lang string, recipient
msgs := make([]*Message, 0, len(recipients)) msgs := make([]*Message, 0, len(recipients))
for _, recipient := range recipients { for _, recipient := range recipients {
msg := NewMessageFrom(recipient.Email, ctx.Doer.DisplayName(), setting.MailService.FromEmail, subject, mailBody.String()) msg := NewMessageFrom(
recipient.Email,
ctx.Doer.GetCompleteName(),
setting.MailService.FromEmail,
subject,
mailBody.String(),
)
msg.Info = fmt.Sprintf("Subject: %s, %s", subject, info) msg.Info = fmt.Sprintf("Subject: %s, %s", subject, info)
msg.SetHeader("Message-ID", msgID) msg.SetHeader("Message-ID", msgID)
@ -394,8 +400,8 @@ func generateAdditionalHeaders(ctx *mailCommentContext, reason string, recipient
"X-Mailer": "Gitea", "X-Mailer": "Gitea",
"X-Gitea-Reason": reason, "X-Gitea-Reason": reason,
"X-Gitea-Sender": ctx.Doer.DisplayName(), "X-Gitea-Sender": ctx.Doer.Name,
"X-Gitea-Recipient": recipient.DisplayName(), "X-Gitea-Recipient": recipient.Name,
"X-Gitea-Recipient-Address": recipient.Email, "X-Gitea-Recipient-Address": recipient.Email,
"X-Gitea-Repository": repo.Name, "X-Gitea-Repository": repo.Name,
"X-Gitea-Repository-Path": repo.FullName(), "X-Gitea-Repository-Path": repo.FullName(),
@ -404,8 +410,8 @@ func generateAdditionalHeaders(ctx *mailCommentContext, reason string, recipient
"X-Gitea-Issue-Link": ctx.Issue.HTMLURL(), "X-Gitea-Issue-Link": ctx.Issue.HTMLURL(),
"X-GitHub-Reason": reason, "X-GitHub-Reason": reason,
"X-GitHub-Sender": ctx.Doer.DisplayName(), "X-GitHub-Sender": ctx.Doer.Name,
"X-GitHub-Recipient": recipient.DisplayName(), "X-GitHub-Recipient": recipient.Name,
"X-GitHub-Recipient-Address": recipient.Email, "X-GitHub-Recipient-Address": recipient.Email,
"X-GitLab-NotificationReason": reason, "X-GitLab-NotificationReason": reason,

View File

@ -239,7 +239,7 @@ func TestGenerateAdditionalHeaders(t *testing.T) {
doer, _, issue, _ := prepareMailerTest(t) doer, _, issue, _ := prepareMailerTest(t)
ctx := &mailCommentContext{Context: context.TODO() /* TODO: use a correct context */, Issue: issue, Doer: doer} ctx := &mailCommentContext{Context: context.TODO() /* TODO: use a correct context */, Issue: issue, Doer: doer}
recipient := &user_model.User{Name: "Test", Email: "test@gitea.com"} recipient := &user_model.User{Name: "test", Email: "test@gitea.com"}
headers := generateAdditionalHeaders(ctx, "dummy-reason", recipient) headers := generateAdditionalHeaders(ctx, "dummy-reason", recipient)
@ -247,8 +247,8 @@ func TestGenerateAdditionalHeaders(t *testing.T) {
"List-ID": "user2/repo1 <repo1.user2.localhost>", "List-ID": "user2/repo1 <repo1.user2.localhost>",
"List-Archive": "<https://try.gitea.io/user2/repo1>", "List-Archive": "<https://try.gitea.io/user2/repo1>",
"X-Gitea-Reason": "dummy-reason", "X-Gitea-Reason": "dummy-reason",
"X-Gitea-Sender": "< U<se>r Tw<o > ><", "X-Gitea-Sender": "user2",
"X-Gitea-Recipient": "Test", "X-Gitea-Recipient": "test",
"X-Gitea-Recipient-Address": "test@gitea.com", "X-Gitea-Recipient-Address": "test@gitea.com",
"X-Gitea-Repository": "repo1", "X-Gitea-Repository": "repo1",
"X-Gitea-Repository-Path": "user2/repo1", "X-Gitea-Repository-Path": "user2/repo1",