mirrors
/
redmine
mirror of https://github.com/redmine/redmine.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 201 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
17595 Commits
33 Branches
Tree: 92bd67c279
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '92bd67c279'
${ noResults }
redmine/app/controllers/mail_handler_controller.rb

mail_handler_controller.rb 2.2KB
Raw Blame History

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576 
  1. # frozen_string_literal: true

  2. 

  3. # Redmine - project management software

  4. # Copyright (C) 2006-2023  Jean-Philippe Lang

  5. #

  6. # This program is free software; you can redistribute it and/or

  7. # modify it under the terms of the GNU General Public License

  8. # as published by the Free Software Foundation; either version 2

  9. # of the License, or (at your option) any later version.

  10. #

  11. # This program is distributed in the hope that it will be useful,

  12. # but WITHOUT ANY WARRANTY; without even the implied warranty of

  13. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

  14. # GNU General Public License for more details.

  15. #

  16. # You should have received a copy of the GNU General Public License

  17. # along with this program; if not, write to the Free Software

  18. # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19. 

  20. class MailHandlerController < ActionController::Base

  21.   include ActiveSupport::SecurityUtils

  22. 

  23.   before_action :check_credential

  24. 

  25.   # Requests from rdm-mailhandler.rb don't contain CSRF tokens

  26.   skip_before_action :verify_authenticity_token

  27. 

  28.   # Displays the email submission form

  29.   def new

  30.   end

  31. 

  32.   # Submits an incoming email to MailHandler

  33.   def index

  34.     # MailHandlerController#index should permit all options set by

  35.     # RedmineMailHandler#submit in rdm-mailhandler.rb.

  36.     # It must be kept in sync.

  37.     options = params.permit(

  38.       :key,

  39.       :email,

  40.       :allow_override,

  41.       :unknown_user,

  42.       :default_group,

  43.       :no_account_notice,

  44.       :no_notification,

  45.       :no_permission_check,

  46.       :project_from_subaddress,

  47.       {

  48.         issue: [

  49.           :project,

  50.           :status,

  51.           :tracker,

  52.           :category,

  53.           :priority,

  54.           :assigned_to,

  55.           :fixed_version,

  56.           :is_private

  57.         ]

  58.       }

  59.     ).to_h

  60.     email = options.delete(:email)

  61.     if MailHandler.safe_receive(email, options)

  62.       head :created

  63.     else

  64.       head :unprocessable_entity

  65.     end

  66.   end

  67. 

  68.   private

  69. 

  70.   def check_credential

  71.     User.current = nil

  72.     unless Setting.mail_handler_api_enabled? && secure_compare(params[:key].to_s, Setting.mail_handler_api_key.to_s)

  73.       render :plain => 'Access denied. Incoming emails WS is disabled or key is invalid.', :status => 403

  74.     end

  75.   end

  76. end