[#7875] Block incoming messages parsing #7920
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Clearer what you're getting and is more consistent with other factories.
Only generate 1 PDF attachment by default. This is consistent with other factories.
Use trait to build instances with certain attachments.
Save confusing on what the after build/create are doing and any conflicts which might occur. Ultimately the `plain_incoming_message` should be removed.
Assign a re-built mail object to the `RawEmail` instance. This should mean the `IncomingMessage` won't need to parsed within specs. Needed to improve the spec support helper to build the mail object for a given `IncomingMessage` to work with unsaved instances.
Simplify the after build callback by ensuring there will be a `body`, `content_type` and `filename`.
Ensure we don't ever replace attachments which have been hidden using prominence with newly parsed attachments. This could in theory happen if the hexdigest which is based on the attachment body changes. There have been occasions this has happened to due to changes in the underlying mail gem and other parsing changes. See: #7875
gbp
added
awaiting-deploy
merged-without-review
on-staging
and removed
merged-without-review
labels
gbp
added a commit
that referenced
this pull request
Oct 2, 2023
This check isn't doing anything. It was meant to protect when parsing incoming messages to stop hidden attachments from being made public again. We don't actually yet have this parsing in place instead we've focused on finding the original attachment [1]. For the remainder of cases we will need to parse the raw email again but we have added separate check [2] so this one here is redundant. [1] #7875 [2] #7920
gbp
added a commit
that referenced
this pull request
Oct 2, 2023
This check isn't doing anything. It was meant to protect when parsing incoming messages to stop hidden attachments from being made public again. We don't actually yet have this parsing in place instead we've focused on finding the original attachment [1]. For the remainder of cases we will need to parse the raw email again but we have added separate check [2] so this one here is redundant. [1] #7875 [2] #7920
gbp
added a commit
that referenced
this pull request
Oct 2, 2023
This check isn't doing anything. It was meant to protect when parsing incoming messages to stop hidden attachments from being made public again. We don't actually yet have this parsing in place instead we've focused on finding the original attachment [1]. For the remainder of cases we will need to parse the raw email again but we have added separate check [2] so this one here is redundant. [1] #7875 [2] #7920
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Relevant issue(s)
Connected to #7875
Depends on #7919
What does this do?
Block incoming messages parsing if hidden attachments will be removed.
Why was this needed?
To ensure hidden attachments aren't accidentally made visible again.