Add latest changes from gitlab-org/gitlab@16-0-stable-eev16.0.0-rc42

author: GitLab Bot <gitlab-bot@gitlab.com> 2023-05-17 19:05:49 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2023-05-17 19:05:49 +0300
commit: 43a25d93ebdabea52f99b05e15b06250cd8f07d7 (patch)
tree: dceebdc68925362117480a5d672bcff122fb625b /lib/gitlab/email
parent: 20c84b99005abd1c82101dfeff264ac50d2df211 (diff)
9 files changed, 127 insertions, 49 deletions
diff --git a/lib/gitlab/email/handler/create_note_handler.rb b/lib/gitlab/email/handler/create_note_handler.rb
index b168efaac11..e6c64e2b1d6 100644
--- a/lib/gitlab/email/handler/create_note_handler.rb
+++ b/lib/gitlab/email/handler/create_note_handler.rb
@@ -50,7 +50,9 @@ module Gitlab
         end
 
         def create_note
-          sent_notification.create_reply(note_message)
+          external_author = from_address if author == User.support_bot
+
+          sent_notification.create_reply(note_message, external_author)
         end
 
         def note_message
diff --git a/lib/gitlab/email/hook/silent_mode_interceptor.rb b/lib/gitlab/email/hook/silent_mode_interceptor.rb
new file mode 100644
index 00000000000..56f94119472
--- /dev/null
+++ b/lib/gitlab/email/hook/silent_mode_interceptor.rb
@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module Email
+    module Hook
+      class SilentModeInterceptor
+        def self.delivering_email(message)
+          if Gitlab::CurrentSettings.silent_mode_enabled?
+            message.perform_deliveries = false
+
+            Gitlab::AppJsonLogger.info(
+              message: "SilentModeInterceptor prevented sending mail",
+              mail_subject: message.subject,
+              silent_mode_enabled: true
+            )
+          else
+            Gitlab::AppJsonLogger.debug(
+              message: "SilentModeInterceptor did nothing",
+              mail_subject: message.subject,
+              silent_mode_enabled: false
+            )
+          end
+        end
+      end
+    end
+  end
+end
diff --git a/lib/gitlab/email/hook/validate_addresses_interceptor.rb b/lib/gitlab/email/hook/validate_addresses_interceptor.rb
deleted file mode 100644
index e63f047e63d..00000000000
--- a/lib/gitlab/email/hook/validate_addresses_interceptor.rb
+++ /dev/null
@@ -1,32 +0,0 @@
-# frozen_string_literal: true
-
-module Gitlab
-  module Email
-    module Hook
-      # Check for unsafe characters in the envelope-from and -to addresses.
-      # These are passed directly as arguments to sendmail and are liable to shell injection attacks:
-      # https://github.com/mikel/mail/blob/2.7.1/lib/mail/network/delivery_methods/sendmail.rb#L53-L58
-      class ValidateAddressesInterceptor
-        UNSAFE_CHARACTERS = /(\\|[^[:print:]])/.freeze
-
-        def self.delivering_email(message)
-          addresses = Array(message.smtp_envelope_from) + Array(message.smtp_envelope_to)
-
-          addresses.each do |address|
-            next unless address.match?(UNSAFE_CHARACTERS)
-
-            Gitlab::AuthLogger.info(
-              message: 'Skipping email with unsafe characters in address',
-              address: address,
-              subject: message.subject
-            )
-
-            message.perform_deliveries = false
-
-            break
-          end
-        end
-      end
-    end
-  end
-end
diff --git a/lib/gitlab/email/html_parser.rb b/lib/gitlab/email/html_parser.rb
index 10dbedbb464..693048adabf 100644
--- a/lib/gitlab/email/html_parser.rb
+++ b/lib/gitlab/email/html_parser.rb
@@ -34,11 +34,7 @@ module Gitlab
       end
 
       def filtered_text
-        @filtered_text ||= if Feature.enabled?(:service_desk_html_to_text_email_handler)
-                             ::Gitlab::Email::HtmlToMarkdownParser.convert(filtered_html)
-                           else
-                             Html2Text.convert(filtered_html)
-                           end
+        @filtered_text ||= ::Gitlab::Email::HtmlToMarkdownParser.convert(filtered_html)
       end
     end
   end
diff --git a/lib/gitlab/email/html_to_markdown_parser.rb b/lib/gitlab/email/html_to_markdown_parser.rb
index 42dd012308b..5dd3725cc3e 100644
--- a/lib/gitlab/email/html_to_markdown_parser.rb
+++ b/lib/gitlab/email/html_to_markdown_parser.rb
@@ -5,25 +5,46 @@ require 'nokogiri'
 module Gitlab
   module Email
     class HtmlToMarkdownParser < Html2Text
-      ADDITIONAL_TAGS = %w[em strong img details].freeze
-      IMG_ATTRS = %w[alt src].freeze
+      extend Gitlab::Utils::Override
 
+      # List of tags to be converted by Markdown.
+      #
+      # All attributes are removed except for the defined ones.
+      #
+      #   <tag> => [<attribute to keep>, ...]
+      ALLOWED_TAG_ATTRIBUTES = {
+        'em' => [],
+        'strong' => [],
+        'details' => [],
+        'img' => %w[alt src]
+      }.freeze
+      private_constant :ALLOWED_TAG_ATTRIBUTES
+
+      # This redefinition can be removed once https://github.com/soundasleep/html2text_ruby/pull/30
+      # is merged and released.
       def self.convert(html)
         html = fix_newlines(replace_entities(html))
         doc = Nokogiri::HTML(html)
 
-        HtmlToMarkdownParser.new(doc).convert
+        new(doc).convert
       end
 
+      private
+
+      override :iterate_over
       def iterate_over(node)
-        return super unless ADDITIONAL_TAGS.include?(node.name)
+        allowed_attributes = ALLOWED_TAG_ATTRIBUTES[node.name]
+        return super unless allowed_attributes
 
-        if node.name == 'img'
-          node.keys.each { |key| node.remove_attribute(key) unless IMG_ATTRS.include?(key) } # rubocop:disable Style/HashEachMethods
-        end
+        remove_attributes(node, allowed_attributes)
 
         Kramdown::Document.new(node.to_html, input: 'html').to_commonmark
       end
+
+      def remove_attributes(node, allowed_attributes)
+        to_remove = (node.keys - allowed_attributes)
+        to_remove.each { |key| node.remove_attribute(key) }
+      end
     end
   end
 end
diff --git a/lib/gitlab/email/incoming_email.rb b/lib/gitlab/email/incoming_email.rb
new file mode 100644
index 00000000000..a0a01ae0d70
--- /dev/null
+++ b/lib/gitlab/email/incoming_email.rb
@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module Email
+    module IncomingEmail
+      class << self
+        include Gitlab::Email::Common
+
+        def config
+          incoming_email_config
+        end
+
+        def key_from_address(address, wildcard_address: nil)
+          wildcard_address ||= config.address
+          regex = address_regex(wildcard_address)
+          return unless regex
+
+          match = address.match(regex)
+          return unless match
+
+          match[1]
+        end
+
+        private
+
+        def address_regex(wildcard_address)
+          return unless wildcard_address
+
+          regex = Regexp.escape(wildcard_address)
+          regex = regex.sub(Regexp.escape(WILDCARD_PLACEHOLDER), '(.+)')
+          Regexp.new(/\A<?#{regex}>?\z/).freeze
+        end
+      end
+    end
+  end
+end
diff --git a/lib/gitlab/email/receiver.rb b/lib/gitlab/email/receiver.rb
index 32794a6c99d..51d250ea98c 100644
--- a/lib/gitlab/email/receiver.rb
+++ b/lib/gitlab/email/receiver.rb
@@ -110,7 +110,7 @@ module Gitlab
         when String
           # Handle emails from clients which append with commas,
           # example clients are Microsoft exchange and iOS app
-          Gitlab::IncomingEmail.scan_fallback_references(references)
+          email_class.scan_fallback_references(references)
         when nil
           []
         end
@@ -177,7 +177,7 @@ module Gitlab
 
       def recipients_from_received_headers
         strong_memoize :emails_from_received_headers do
-          received.map { |header| header.value[RECEIVED_HEADER_REGEX, 1] }.compact
+          received.filter_map { |header| header.value[RECEIVED_HEADER_REGEX, 1] }
         end
       end
 
@@ -203,7 +203,7 @@ module Gitlab
       end
 
       def email_class
-        Gitlab::IncomingEmail
+        Gitlab::Email::IncomingEmail
       end
     end
   end
diff --git a/lib/gitlab/email/service_desk_email.rb b/lib/gitlab/email/service_desk_email.rb
new file mode 100644
index 00000000000..4ea1c077327
--- /dev/null
+++ b/lib/gitlab/email/service_desk_email.rb
@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+
+module Gitlab
+  module Email
+    module ServiceDeskEmail
+      class << self
+        include Gitlab::Email::Common
+
+        def config
+          Gitlab.config.service_desk_email
+        end
+
+        def key_from_address(address)
+          wildcard_address = config&.address
+          return unless wildcard_address
+
+          Gitlab::Email::IncomingEmail.key_from_address(address, wildcard_address: wildcard_address)
+        end
+
+        def address_for_key(key)
+          return if config.address.blank?
+
+          config.address.sub(WILDCARD_PLACEHOLDER, key)
+        end
+      end
+    end
+  end
+end
diff --git a/lib/gitlab/email/service_desk_receiver.rb b/lib/gitlab/email/service_desk_receiver.rb
index 6c6eb3b0a65..e286cf1f68c 100644
--- a/lib/gitlab/email/service_desk_receiver.rb
+++ b/lib/gitlab/email/service_desk_receiver.rb
@@ -12,7 +12,7 @@ module Gitlab
       end
 
       def email_class
-        ::Gitlab::ServiceDeskEmail
+        ::Gitlab::Email::ServiceDeskEmail
       end
     end
   end
author	GitLab Bot <gitlab-bot@gitlab.com>	2023-05-17 19:05:49 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2023-05-17 19:05:49 +0300
commit	43a25d93ebdabea52f99b05e15b06250cd8f07d7 (patch)
tree	dceebdc68925362117480a5d672bcff122fb625b /lib/gitlab/email
parent	20c84b99005abd1c82101dfeff264ac50d2df211 (diff)