Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/lib/gitlab/email/handler/create_note_handler.rb
diff options
context:
space:
mode:
Diffstat (limited to 'lib/gitlab/email/handler/create_note_handler.rb')
-rw-r--r--lib/gitlab/email/handler/create_note_handler.rb13
1 files changed, 13 insertions, 0 deletions
diff --git a/lib/gitlab/email/handler/create_note_handler.rb b/lib/gitlab/email/handler/create_note_handler.rb
index 4fa2fe1724e..b168efaac11 100644
--- a/lib/gitlab/email/handler/create_note_handler.rb
+++ b/lib/gitlab/email/handler/create_note_handler.rb
@@ -24,6 +24,8 @@ module Gitlab
validate_permission!(:create_note)
+ validate_from_address!
+
raise NoteableNotFoundError unless noteable
raise EmptyEmailError if note_message.blank?
@@ -56,6 +58,17 @@ module Gitlab
message_with_appended_reply
end
+
+ def from_address
+ mail.from&.first
+ end
+
+ def validate_from_address!
+ # Recipieint is always set to Support bot for ServiceDesk issues so we should exclude those.
+ return if author == User.support_bot
+
+ raise UserNotFoundError unless from_address && author.verified_email?(from_address)
+ end
end
end
end
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-14 21:37:18 +0300