forked from knadh/listmonk
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add support for blocklisting e-mail domains.
E-mails in the domain blocklist are disallowed on the admin UI, public subscription forms, API, and in the bulk importer. - Add blocklist setting that takes a list of multi-line domains on the Settings -> Privacy UI. - Refactor e-mail validation in subimporter to add blocklist checking centrally. - Add Cypress testr testing domain blocklist behaviour on admin and non-admin views. Closes knadh#336.
- Loading branch information
Showing
28 changed files
with
569 additions
and
449 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
email,name,attributes | ||
[email protected],First0 Last0,"{""age"": 29, ""city"": ""Bangalore"", ""clientId"": ""DAXX79""}" | ||
[email protected],First1 Last1,"{""age"": 43, ""city"": ""Bangalore"", ""clientId"": ""DAXX71""}" | ||
[email protected],First2 Last2,"{""age"": 47, ""city"": ""Bangalore"", ""clientId"": ""DAXX70""}" | ||
[email protected],First1 Last1,"{""age"": 43, ""city"": ""Bangalore"", ""clientId"": ""DAXX71""}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,5 @@ | ||
const apiUrl = Cypress.env('apiUrl'); | ||
|
||
describe('Subscribers', () => { | ||
it('Opens subscribers page', () => { | ||
cy.resetDB(); | ||
|
@@ -43,6 +45,7 @@ describe('Subscribers', () => { | |
}); | ||
|
||
cy.get('[data-cy=btn-query-reset]').click(); | ||
cy.wait(1000); | ||
cy.get('tbody td[data-label=Status]').its('length').should('eq', 2); | ||
}); | ||
|
||
|
@@ -55,7 +58,7 @@ describe('Subscribers', () => { | |
{ radio: 'check-list-remove', lists: [0, 1], rows: { 1: [] } }, | ||
{ radio: 'check-list-add', lists: [0, 1], rows: { 0: ['unsubscribed', 'unsubscribed'], 1: ['unconfirmed', 'unconfirmed'] } }, | ||
{ radio: 'check-list-remove', lists: [0], rows: { 0: ['unsubscribed'] } }, | ||
{ radio: 'check-list-add', lists: [0], rows: { 0: ['unconfirmed', 'unsubscribed'] } }, | ||
{ radio: 'check-list-add', lists: [0], rows: { 0: ['unsubscribed', 'unconfirmed'] } }, | ||
]; | ||
|
||
|
||
|
@@ -109,7 +112,7 @@ describe('Subscribers', () => { | |
|
||
// Open the edit popup and edit the default lists. | ||
cy.get('[data-cy=btn-edit]').each(($el, n) => { | ||
const email = `email-${n}@email.com`; | ||
const email = `email-${n}@EMAIL.com`; | ||
const name = `name-${n}`; | ||
|
||
// Open the edit modal. | ||
|
@@ -136,7 +139,7 @@ describe('Subscribers', () => { | |
cy.wait(250); | ||
cy.get('tbody tr').each(($el) => { | ||
cy.wrap($el).find('td[data-id]').invoke('attr', 'data-id').then((id) => { | ||
cy.wrap($el).find('td[data-label=E-mail]').contains(rows[id].email); | ||
cy.wrap($el).find('td[data-label=E-mail]').contains(rows[id].email.toLowerCase()); | ||
cy.wrap($el).find('td[data-label=Name]').contains(rows[id].name); | ||
cy.wrap($el).find('td[data-label=Status]').contains(rows[id].status, { matchCase: false }); | ||
|
||
|
@@ -171,7 +174,7 @@ describe('Subscribers', () => { | |
// Cycle through each status and each list ID combination and create subscribers. | ||
const n = 0; | ||
for (let n = 0; n < 6; n++) { | ||
const email = `email-${n}@email.com`; | ||
const email = `email-${n}@EMAIL.com`; | ||
const name = `name-${n}`; | ||
const status = statuses[(n + 1) % statuses.length]; | ||
const list = lists[(n + 1) % lists.length]; | ||
|
@@ -192,7 +195,7 @@ describe('Subscribers', () => { | |
// which is always the first row in the table. | ||
cy.wait(250); | ||
const tr = cy.get('tbody tr:nth-child(1)').then(($el) => { | ||
cy.wrap($el).find('td[data-label=E-mail]').contains(email); | ||
cy.wrap($el).find('td[data-label=E-mail]').contains(email.toLowerCase()); | ||
cy.wrap($el).find('td[data-label=Name]').contains(name); | ||
cy.wrap($el).find('td[data-label=Status]').contains(status, { matchCase: false }); | ||
cy.wrap($el).find(`.tags .${status === 'enabled' ? 'unconfirmed' : 'unsubscribed'}`) | ||
|
@@ -217,3 +220,104 @@ describe('Subscribers', () => { | |
}); | ||
}); | ||
}); | ||
|
||
|
||
describe('Domain blocklist', () => { | ||
it('Opens settings page', () => { | ||
cy.resetDB(); | ||
}); | ||
|
||
it('Add domains to blocklist', () => { | ||
cy.loginAndVisit('/settings'); | ||
cy.get('.b-tabs nav a').eq(2).click(); | ||
cy.get('textarea[name="privacy.domain_blocklist"]').clear().type('ban.net\n\nBaN.OrG\n\nban.com\n\n'); | ||
cy.get('[data-cy=btn-save]').click(); | ||
}); | ||
|
||
it('Try subscribing via public page', () => { | ||
cy.visit(`${apiUrl}/subscription/form`); | ||
cy.get('input[name=email]').clear().type('[email protected]'); | ||
cy.get('button[type=submit]').click(); | ||
cy.get('h2').contains('Subscribe'); | ||
|
||
cy.visit(`${apiUrl}/subscription/form`); | ||
cy.get('input[name=email]').clear().type('[email protected]'); | ||
cy.get('button[type=submit]').click(); | ||
cy.get('h2').contains('Error'); | ||
}); | ||
|
||
|
||
// Post to the admin API. | ||
it('Try via admin API', () => { | ||
cy.wait(1000); | ||
|
||
// Add non-banned domain. | ||
cy.request({ | ||
method: 'POST', url: `${apiUrl}/api/subscribers`, failOnStatusCode: true, | ||
body: { email: '[email protected]', 'name': 'test', 'lists': [1], 'status': 'enabled' } | ||
}).should((response) => { | ||
expect(response.status).to.equal(200); | ||
}); | ||
|
||
// Add banned domain. | ||
cy.request({ | ||
method: 'POST', url: `${apiUrl}/api/subscribers`, failOnStatusCode: false, | ||
body: { email: '[email protected]', 'name': 'test', 'lists': [1], 'status': 'enabled' } | ||
}).should((response) => { | ||
expect(response.status).to.equal(400); | ||
}); | ||
|
||
// Modify an existinb subscriber to a banned domain. | ||
cy.request({ | ||
method: 'PUT', url: `${apiUrl}/api/subscribers/1`, failOnStatusCode: false, | ||
body: { email: '[email protected]', 'name': 'test', 'lists': [1], 'status': 'enabled' } | ||
}).should((response) => { | ||
expect(response.status).to.equal(400); | ||
}); | ||
}); | ||
|
||
it('Try via import', () => { | ||
cy.loginAndVisit('/subscribers/import'); | ||
cy.get('.list-selector input').click(); | ||
cy.get('.list-selector .autocomplete a').first().click(); | ||
|
||
cy.fixture('subs-domain-blocklist.csv').then((data) => { | ||
cy.get('input[type="file"]').attachFile({ | ||
fileContent: data.toString(), | ||
fileName: 'subs.csv', | ||
mimeType: 'text/csv', | ||
}); | ||
}); | ||
|
||
cy.get('button.is-primary').click(); | ||
cy.get('section.wrap .has-text-success'); | ||
// cy.get('button.is-primary').click(); | ||
cy.get('.log-view').should('contain', '[email protected]').and('contain', '[email protected]'); | ||
cy.wait(100); | ||
}); | ||
|
||
it('Clear blocklist and try', () => { | ||
cy.loginAndVisit('/settings'); | ||
cy.get('.b-tabs nav a').eq(2).click(); | ||
cy.get('textarea[name="privacy.domain_blocklist"]').clear(); | ||
cy.get('[data-cy=btn-save]').click(); | ||
cy.wait(1000); | ||
|
||
// Add banned domain. | ||
cy.request({ | ||
method: 'POST', url: `${apiUrl}/api/subscribers`, failOnStatusCode: true, | ||
body: { email: '[email protected]', 'name': 'test', 'lists': [1], 'status': 'enabled' } | ||
}).should((response) => { | ||
expect(response.status).to.equal(200); | ||
}); | ||
|
||
// Modify an existinb subscriber to a banned domain. | ||
cy.request({ | ||
method: 'PUT', url: `${apiUrl}/api/subscribers/1`, failOnStatusCode: true, | ||
body: { email: '[email protected]', 'name': 'test', 'lists': [1], 'status': 'enabled' } | ||
}).should((response) => { | ||
expect(response.status).to.equal(200); | ||
}); | ||
}); | ||
|
||
}) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.