From 2387d30caa78e5776be6f7e06d66a9f7cf5bc96c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adri=C3=A0=20Casaj=C3=BAs?= Date: Thu, 28 Nov 2024 17:29:44 +0100 Subject: [PATCH] Sanitize the mailbox email before creating it --- app/mailbox_utils.py | 3 ++- tests/test_mailbox_utils.py | 8 ++++++++ 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/app/mailbox_utils.py b/app/mailbox_utils.py index 0ac78eb1b..3cbb030b4 100644 --- a/app/mailbox_utils.py +++ b/app/mailbox_utils.py @@ -18,7 +18,7 @@ from app.log import LOG from app.models import User, Mailbox, Job, MailboxActivation, Alias from app.user_audit_log_utils import emit_user_audit_log, UserAuditLogAction -from app.utils import canonicalize_email +from app.utils import canonicalize_email, sanitize_email @dataclasses.dataclass @@ -54,6 +54,7 @@ def create_mailbox( use_digit_codes: bool = False, send_link: bool = True, ) -> CreateMailboxOutput: + email = sanitize_email(email) if not user.is_premium(): LOG.i( f"User {user} has tried to create mailbox with {email} but is not premium" diff --git a/tests/test_mailbox_utils.py b/tests/test_mailbox_utils.py index 38782324e..c80d52252 100644 --- a/tests/test_mailbox_utils.py +++ b/tests/test_mailbox_utils.py @@ -59,6 +59,14 @@ def test_already_used(): mailbox_utils.create_mailbox(user, user.email) +def test_already_used_with_different_case(): + user.lifetime = True + email = random_email() + mailbox_utils.create_mailbox(user, email) + with pytest.raises(mailbox_utils.MailboxError): + mailbox_utils.create_mailbox(user, email.upper()) + + @mail_sender.store_emails_test_decorator def test_create_mailbox(): email = random_email()