Merge pull request #4103 from nextcloud/feature/remember-trusted-senders

Remember trusted senders

8 files changed, 374 insertions, 1 deletions

diff --git a/lib/AppInfo/Application.php b/lib/AppInfo/Application.php
index d81684cb6..f8ef744b1 100644
--- a/lib/AppInfo/Application.php
+++ b/lib/AppInfo/Application.php
@@ -31,6 +31,7 @@ use OCA\Mail\Contracts\IAvatarService;
 use OCA\Mail\Contracts\IMailManager;
 use OCA\Mail\Contracts\IMailSearch;
 use OCA\Mail\Contracts\IMailTransmission;
+use OCA\Mail\Contracts\ITrustedSenderService;
 use OCA\Mail\Contracts\IUserPreferences;
 use OCA\Mail\Dashboard\ImportantMailWidget;
 use OCA\Mail\Dashboard\UnreadMailWidget;
@@ -60,6 +61,7 @@ use OCA\Mail\Service\AvatarService;
 use OCA\Mail\Service\MailManager;
 use OCA\Mail\Service\MailTransmission;
 use OCA\Mail\Service\Search\MailSearch;
+use OCA\Mail\Service\TrustedSenderService;
 use OCA\Mail\Service\UserPreferenceSevice;
 use OCP\AppFramework\App;
 use OCP\AppFramework\Bootstrap\IBootContext;
@@ -96,6 +98,7 @@ class Application extends App implements IBootstrap {
 		$context->registerServiceAlias(IMailManager::class, MailManager::class);
 		$context->registerServiceAlias(IMailSearch::class, MailSearch::class);
 		$context->registerServiceAlias(IMailTransmission::class, MailTransmission::class);
+		$context->registerServiceAlias(ITrustedSenderService::class, TrustedSenderService::class);
 		$context->registerServiceAlias(IUserPreferences::class, UserPreferenceSevice::class);
 
 		$context->registerEventListener(DraftSavedEvent::class, DeleteDraftListener::class);
diff --git a/lib/Contracts/ITrustedSenderService.php b/lib/Contracts/ITrustedSenderService.php
new file mode 100644
index 000000000..4e2ecb22d
--- /dev/null
+++ b/lib/Contracts/ITrustedSenderService.php
@@ -0,0 +1,32 @@
+<?php
+
+declare(strict_types=1);
+
+/*
+ * @copyright 2020 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * @author 2020 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+namespace OCA\Mail\Contracts;
+
+interface ITrustedSenderService {
+	public function isTrusted(string $uid, string $email): bool;
+
+	public function trust(string $uid, string $email, ?bool $trust = true);
+}
diff --git a/lib/Controller/MessagesController.php b/lib/Controller/MessagesController.php
index b46b4e10d..dacad4b08 100755
--- a/lib/Controller/MessagesController.php
+++ b/lib/Controller/MessagesController.php
@@ -34,6 +34,8 @@ use Exception;
 use OC\Security\CSP\ContentSecurityPolicyNonceManager;
 use OCA\Mail\Contracts\IMailManager;
 use OCA\Mail\Contracts\IMailSearch;
+use OCA\Mail\Contracts\ITrustedSenderService;
+use OCA\Mail\Db\Message;
 use OCA\Mail\Exception\ClientException;
 use OCA\Mail\Exception\ServiceException;
 use OCA\Mail\Http\AttachmentDownloadResponse;
@@ -91,6 +93,9 @@ class MessagesController extends Controller {
 	/** @var ContentSecurityPolicyNonceManager */
 	private $nonceManager;
 
+	/** @var ITrustedSenderService */
+	private $trustedSenderService;
+
 	/**
 	 * @param string $appName
 	 * @param IRequest $request
@@ -105,6 +110,7 @@ class MessagesController extends Controller {
 	 * @param IMimeTypeDetector $mimeTypeDetector
 	 * @param IURLGenerator $urlGenerator
 	 * @param ContentSecurityPolicyNonceManager $nonceManager
+	 * @param ITrustedSenderService $trustedSenderService
 	 */
 	public function __construct(string $appName,
 								IRequest $request,
@@ -118,7 +124,8 @@ class MessagesController extends Controller {
 								IL10N $l10n,
 								IMimeTypeDetector $mimeTypeDetector,
 								IURLGenerator $urlGenerator,
-								ContentSecurityPolicyNonceManager $nonceManager) {
+								ContentSecurityPolicyNonceManager $nonceManager,
+								ITrustedSenderService $trustedSenderService) {
 		parent::__construct($appName, $request);
 
 		$this->accountService = $accountService;
@@ -133,6 +140,7 @@ class MessagesController extends Controller {
 		$this->urlGenerator = $urlGenerator;
 		$this->mailManager = $mailManager;
 		$this->nonceManager = $nonceManager;
+		$this->trustedSenderService = $trustedSenderService;
 	}
 
 	/**
@@ -149,6 +157,7 @@ class MessagesController extends Controller {
 	 * @throws ClientException
 	 * @throws ServiceException
 	 */
+
 	public function index(int $mailboxId,
 						  int $cursor = null,
 						  string $filter = null,
@@ -246,6 +255,7 @@ class MessagesController extends Controller {
 		$json['accountId'] = $account->getId();
 		$json['mailboxId'] = $mailbox->getId();
 		$json['databaseId'] = $message->getId();
+		$json['isSenderTrusted'] = $this->isSenderTrusted($message);
 
 		$response = new JSONResponse($json);
 
@@ -255,6 +265,22 @@ class MessagesController extends Controller {
 		return $response;
 	}
 
+	private function isSenderTrusted(Message $message): bool {
+		$from = $message->getFrom();
+		$first = $from->first();
+		if ($first === null) {
+			return false;
+		}
+		$email = $first->getEmail();
+		if ($email === null) {
+			return false;
+		}
+		return $this->trustedSenderService->isTrusted(
+			$this->currentUserId,
+			$email
+		);
+	}
+
 	/**
 	 * @NoAdminRequired
 	 * @NoCSRFRequired
diff --git a/lib/Controller/TrustedSendersController.php b/lib/Controller/TrustedSendersController.php
new file mode 100644
index 000000000..014b72586
--- /dev/null
+++ b/lib/Controller/TrustedSendersController.php
@@ -0,0 +1,86 @@
+<?php
+
+declare(strict_types=1);
+
+/*
+ * @copyright 2020 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * @author 2020 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+namespace OCA\Mail\Controller;
+
+use OCA\Mail\AppInfo\Application;
+use OCA\Mail\Contracts\ITrustedSenderService;
+use OCA\Mail\Http\JsonResponse;
+use OCP\AppFramework\Controller;
+use OCP\AppFramework\Http;
+use OCP\IRequest;
+
+class TrustedSendersController extends Controller {
+
+	/** @var string|null */
+	private $uid;
+
+	/** @var ITrustedSenderService */
+	private $trustedSenderService;
+
+	public function __construct(IRequest $request,
+								?string $UserId,
+								ITrustedSenderService $trustedSenderService) {
+		parent::__construct(Application::APP_ID, $request);
+
+		$this->uid = $UserId;
+		$this->trustedSenderService = $trustedSenderService;
+	}
+
+	/**
+	 * @NoAdminRequired
+	 * @TrapError
+	 *
+	 * @param string $email
+	 *
+	 * @return JsonResponse
+	 */
+	public function setTrusted(string $email): JsonResponse {
+		$this->trustedSenderService->trust(
+			$this->uid,
+			$email
+		);
+
+		return JsonResponse::success(null, Http::STATUS_CREATED);
+	}
+
+	/**
+	 * @NoAdminRequired
+	 * @TrapError
+	 *
+	 * @param string $email
+	 *
+	 * @return JsonResponse
+	 */
+	public function removeTrust(string $email): JsonResponse {
+		$this->trustedSenderService->trust(
+			$this->uid,
+			$email,
+			false
+		);
+
+		return JsonResponse::success(null);
+	}
+}
diff --git a/lib/Db/TrustedSender.php b/lib/Db/TrustedSender.php
new file mode 100644
index 000000000..86902de8f
--- /dev/null
+++ b/lib/Db/TrustedSender.php
@@ -0,0 +1,43 @@
+<?php
+
+declare(strict_types=1);
+
+/*
+ * @copyright 2020 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * @author 2020 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+namespace OCA\Mail\Db;
+
+use OCP\AppFramework\Db\Entity;
+
+/**
+ * @method setEmail(string $email): void
+ * @method getEmail(): string
+ * @method setUserId(string $userId): void
+ * @method getUserId(): string
+ */
+class TrustedSender extends Entity {
+
+	/** @var string */
+	protected $email;
+
+	/** @var string */
+	protected $userId;
+}
diff --git a/lib/Db/TrustedSenderMapper.php b/lib/Db/TrustedSenderMapper.php
new file mode 100644
index 000000000..0be0afe0c
--- /dev/null
+++ b/lib/Db/TrustedSenderMapper.php
@@ -0,0 +1,75 @@
+<?php
+
+declare(strict_types=1);
+
+/*
+ * @copyright 2020 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * @author 2020 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+namespace OCA\Mail\Db;
+
+use OCP\AppFramework\Db\QBMapper;
+use OCP\IDBConnection;
+
+class TrustedSenderMapper extends QBMapper {
+	public function __construct(IDBConnection $db) {
+		parent::__construct($db, 'mail_trusted_senders');
+	}
+
+	public function exists(string $uid, string $email): bool {
+		$qb = $this->db->getQueryBuilder();
+
+		$select = $qb->select('*')
+			->from($this->getTableName())
+			->where(
+				$qb->expr()->eq('user_id', $qb->createNamedParameter($uid)),
+				$qb->expr()->eq('email', $qb->createNamedParameter($email))
+			);
+
+		/** @var TrustedSender[] $rows */
+		$rows = $this->findEntities($select);
+
+		return !empty($rows);
+	}
+
+	public function create(string $uid, string $email): void {
+		$qb = $this->db->getQueryBuilder();
+
+		$insert = $qb->insert($this->getTableName())
+			->values([
+				'user_id' => $qb->createNamedParameter($uid),
+				'email' => $qb->createNamedParameter($email),
+			]);
+
+		$insert->execute();
+	}
+
+	public function remove(string $uid, string $email): void {
+		$qb = $this->db->getQueryBuilder();
+
+		$delete = $qb->delete($this->getTableName())
+			->where(
+				$qb->expr()->eq('user_id', $qb->createNamedParameter($uid)),
+				$qb->expr()->eq('email', $qb->createNamedParameter($email))
+			);
+
+		$delete->execute();
+	}
+}
diff --git a/lib/Migration/Version1080Date20201119084820.php b/lib/Migration/Version1080Date20201119084820.php
new file mode 100644
index 000000000..92d908d03
--- /dev/null
+++ b/lib/Migration/Version1080Date20201119084820.php
@@ -0,0 +1,43 @@
+<?php
+
+declare(strict_types=1);
+
+namespace OCA\Mail\Migration;
+
+use Closure;
+use OCP\DB\ISchemaWrapper;
+use OCP\Migration\IOutput;
+use OCP\Migration\SimpleMigrationStep;
+
+class Version1080Date20201119084820 extends SimpleMigrationStep {
+
+	/**
+	 * @param IOutput $output
+	 * @param Closure $schemaClosure The `\Closure` returns a `ISchemaWrapper`
+	 * @param array $options
+	 * @return ISchemaWrapper
+	 */
+	public function changeSchema(IOutput $output, Closure $schemaClosure, array $options): ?ISchemaWrapper {
+		/** @var ISchemaWrapper $schema */
+		$schema = $schemaClosure();
+
+		$table = $schema->createTable('mail_trusted_senders');
+		$table->addColumn('id', 'integer', [
+			'autoincrement' => true,
+			'notnull' => true,
+			'length' => 4,
+		]);
+		$table->addColumn('email', 'string', [
+			'notnull' => true,
+			'length' => 255,
+		]);
+		$table->addColumn('user_id', 'string', [
+			'notnull' => true,
+			'length' => 64,
+		]);
+		$table->setPrimaryKey(['id']);
+		$table->addUniqueIndex(['email', 'user_id'], 'mail_trusted_sender_uniq');
+
+		return $schema;
+	}
+}
diff --git a/lib/Service/TrustedSenderService.php b/lib/Service/TrustedSenderService.php
new file mode 100644
index 000000000..f70b87f39
--- /dev/null
+++ b/lib/Service/TrustedSenderService.php
@@ -0,0 +1,65 @@
+<?php
+
+declare(strict_types=1);
+
+/*
+ * @copyright 2020 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * @author 2020 Christoph Wurst <christoph@winzerhof-wurst.at>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+namespace OCA\Mail\Service;
+
+use OCA\Mail\Contracts\ITrustedSenderService;
+use OCA\Mail\Db\TrustedSenderMapper;
+
+class TrustedSenderService implements ITrustedSenderService {
+
+	/** @var TrustedSenderMapper */
+	private $mapper;
+
+	public function __construct(TrustedSenderMapper $mapper) {
+		$this->mapper = $mapper;
+	}
+
+	public function isTrusted(string $uid, string $email): bool {
+		return $this->mapper->exists(
+			$uid,
+			$email
+		);
+	}
+
+	public function trust(string $uid, string $email, ?bool $trust = true): void {
+		if ($trust && $this->isTrusted($uid, $email)) {
+			// Nothing to do
+			return;
+		}
+
+		if ($trust) {
+			$this->mapper->create(
+				$uid,
+				$email
+			);
+		} else {
+			$this->mapper->remove(
+				$uid,
+				$email
+			);
+		}
+	}
+}