From 0fde0a8ad71960015df2784aa9c93ba97fbd6d58 Mon Sep 17 00:00:00 2001
From: Anna Larch <anna@nextcloud.com>
Date: Mon, 16 May 2022 14:04:59 +0200
Subject: Add email validation

Signed-off-by: Anna Larch <anna@nextcloud.com>
---
 .../NotificationProvider/EmailProvider.php         |  11 +-
 .../NotificationProvider/EmailProviderTest.php     | 120 ++++++---------------
 2 files changed, 42 insertions(+), 89 deletions(-)

diff --git a/apps/dav/lib/CalDAV/Reminder/NotificationProvider/EmailProvider.php b/apps/dav/lib/CalDAV/Reminder/NotificationProvider/EmailProvider.php
index 456b9f8b42d..85590d506cf 100644
--- a/apps/dav/lib/CalDAV/Reminder/NotificationProvider/EmailProvider.php
+++ b/apps/dav/lib/CalDAV/Reminder/NotificationProvider/EmailProvider.php
@@ -272,7 +272,10 @@ class EmailProvider extends AbstractProvider {
 					$emailAddressesOfDelegates = $delegates->getParts();
 					foreach ($emailAddressesOfDelegates as $addressesOfDelegate) {
 						if (strcasecmp($addressesOfDelegate, 'mailto:') === 0) {
-							$emailAddresses[substr($addressesOfDelegate, 7)] = [];
+							$delegateEmail = substr($addressesOfDelegate, 7);
+							if ($delegateEmail !== false && $this->mailer->validateMailAddress($delegateEmail)) {
+								$emailAddresses[$delegateEmail] = [];
+							}
 						}
 					}
 
@@ -344,8 +347,12 @@ class EmailProvider extends AbstractProvider {
 		if (!$this->hasAttendeeMailURI($attendee)) {
 			return null;
 		}
+		$attendeeEMail = substr($attendee->getValue(), 7);
+		if ($attendeeEMail === false || !$this->mailer->validateMailAddress($attendeeEMail)) {
+			return null;
+		}
 
-		return substr($attendee->getValue(), 7);
+		return $attendeeEMail;
 	}
 
 	/**
diff --git a/apps/dav/tests/unit/CalDAV/Reminder/NotificationProvider/EmailProviderTest.php b/apps/dav/tests/unit/CalDAV/Reminder/NotificationProvider/EmailProviderTest.php
index 0352827aa5c..b5cbf94016c 100644
--- a/apps/dav/tests/unit/CalDAV/Reminder/NotificationProvider/EmailProviderTest.php
+++ b/apps/dav/tests/unit/CalDAV/Reminder/NotificationProvider/EmailProviderTest.php
@@ -240,99 +240,45 @@ class EmailProviderTest extends AbstractNotificationProviderTest {
 		$message22 = $this->getMessageMock('foo4@example.org', $template2);
 		$message23 = $this->getMessageMock('uid1@example.com', $template2);
 
-		$this->mailer->expects($this->at(0))
+		$this->mailer->expects(self::exactly(2))
 			->method('createEMailTemplate')
 			->with('dav.calendarReminder')
-			->willReturn($template1);
-
-		$this->mailer->expects($this->at(1))
-			->method('validateMailAddress')
-			->with('foo1@example.org')
-			->willReturn(true);
-
-		$this->mailer->expects($this->at(2))
-			->method('createMessage')
-			->with()
-			->willReturn($message11);
-		$this->mailer->expects($this->at(3))
-			->method('send')
-			->with($message11)
-			->willReturn([]);
-		$this->mailer->expects($this->at(4))
-			->method('validateMailAddress')
-			->with('uid2@example.com')
-			->willReturn(true);
-		$this->mailer->expects($this->at(5))
-			->method('createMessage')
-			->with()
-			->willReturn($message12);
-		$this->mailer->expects($this->at(6))
-			->method('send')
-			->with($message12)
-			->willReturn([]);
-
-		$this->mailer->expects($this->at(7))
+			->willReturnOnConsecutiveCalls(
+				$template1,
+				$template2,
+			);
+		$this->mailer->expects($this->atLeastOnce())
 			->method('validateMailAddress')
-			->with('uid3@example.com')
-			->willReturn(true);
-
-		$this->mailer->expects($this->at(8))
-			->method('createMessage')
-			->with()
-			->willReturn($message13);
-		$this->mailer->expects($this->at(9))
-			->method('send')
-			->with($message13)
-			->willReturn([]);
-
-		$this->mailer->expects($this->at(10))
-			->method('validateMailAddress')
-			->with('invalid')
-			->willReturn(false);
-
-		$this->mailer->expects($this->at(11))
-			->method('createEMailTemplate')
-			->with('dav.calendarReminder')
-			->willReturn($template2);
-
-		$this->mailer->expects($this->at(12))
-			->method('validateMailAddress')
-			->with('foo3@example.org')
-			->willReturn(true);
-
-		$this->mailer->expects($this->at(13))
-			->method('createMessage')
-			->with()
-			->willReturn($message21);
-		$this->mailer->expects($this->at(14))
-			->method('send')
-			->with($message21)
-			->willReturn([]);
-		$this->mailer->expects($this->at(15))
-			->method('validateMailAddress')
-			->with('foo4@example.org')
-			->willReturn(true);
-		$this->mailer->expects($this->at(16))
-			->method('createMessage')
-			->with()
-			->willReturn($message22);
-		$this->mailer->expects($this->at(17))
-			->method('send')
-			->with($message22)
-			->willReturn([]);
-		$this->mailer->expects($this->at(18))
-			->method('validateMailAddress')
-			->with('uid1@example.com')
-			->willReturn(true);
-		$this->mailer->expects($this->at(19))
+			->willReturnMap([
+				['foo1@example.org', true],
+				['foo3@example.org', true],
+				['foo4@example.org', true],
+				['uid1@example.com', true],
+				['uid2@example.com', true],
+				['uid3@example.com', true],
+				['invalid', false],
+			]);
+		$this->mailer->expects($this->exactly(6))
 			->method('createMessage')
 			->with()
-			->willReturn($message23);
-		$this->mailer->expects($this->at(20))
+			->willReturnOnConsecutiveCalls(
+				$message11,
+				$message12,
+				$message13,
+				$message21,
+				$message22,
+				$message23,
+			);
+		$this->mailer->expects($this->exactly(6))
 			->method('send')
-			->with($message23)
-			->willReturn([]);
-
+			->withConsecutive(
+				[$message11],
+				[$message12],
+				[$message13],
+				[$message21],
+				[$message22],
+				[$message23],
+			)->willReturn([]);
 		$this->setupURLGeneratorMock(2);
 
 		$vcalendar = $this->getAttendeeVCalendar();
-- 
cgit v1.2.3