From 29947b4ed5ae998064a000adc0e9117a6114ee91 Mon Sep 17 00:00:00 2001 From: f Date: Wed, 25 Mar 2020 15:49:36 -0300 Subject: [PATCH] hostname en los formularios de contacto --- app/controllers/api/v1/contact_controller.rb | 7 +++- app/models/site.rb | 13 ++++--- .../api/v1/contact_controller_test.rb | 35 +++++++++++++++++-- 3 files changed, 44 insertions(+), 11 deletions(-) diff --git a/app/controllers/api/v1/contact_controller.rb b/app/controllers/api/v1/contact_controller.rb index 52ce52d..1b24725 100644 --- a/app/controllers/api/v1/contact_controller.rb +++ b/app/controllers/api/v1/contact_controller.rb @@ -64,8 +64,13 @@ module Api render html: body(:gave_consent), status: status end + # Realiza la inversa de Site#hostname def site_id - params[:site_id].gsub(/\.#{Site.domain}\z/, '') + @site_id ||= if params[:site_id].end_with? Site.domain + params[:site_id].gsub(/\.#{Site.domain}\z/, '') + else + "#{params[:site_id]}." + end end # Encuentra el sitio diff --git a/app/models/site.rb b/app/models/site.rb index 8a1b17c..8a89f64 100644 --- a/app/models/site.rb +++ b/app/models/site.rb @@ -68,14 +68,13 @@ class Site < ApplicationRecord end def hostname - return @hostname unless name_changed? || @hostname.blank? - sub = name || I18n.t('deploys.deploy_local.ejemplo') - @hostname = if sub.ends_with? '.' - sub.gsub(/\.\Z/, '') - else - "#{sub}.#{Site.domain}" - end + + if sub.ends_with? '.' + sub.gsub(/\.\Z/, '') + else + "#{sub}.#{Site.domain}" + end end def url diff --git a/test/controllers/api/v1/contact_controller_test.rb b/test/controllers/api/v1/contact_controller_test.rb index 1a525bc..e2aabfd 100644 --- a/test/controllers/api/v1/contact_controller_test.rb +++ b/test/controllers/api/v1/contact_controller_test.rb @@ -18,7 +18,7 @@ module Api test 'el sitio tiene que existir' do @site.destroy - post v1_site_contact_url(@site), + post v1_site_contact_url(site_id: @site.hostname), params: { name: SecureRandom.hex, pronouns: SecureRandom.hex, @@ -33,7 +33,7 @@ module Api end test 'hay que enviar desde el sitio principal' do - post v1_site_contact_url(@site), + post v1_site_contact_url(site_id: @site.hostname), params: { name: SecureRandom.hex, pronouns: SecureRandom.hex, @@ -48,7 +48,7 @@ module Api end test 'hay que dar consentimiento' do - post v1_site_contact_url(@site), + post v1_site_contact_url(site_id: @site.hostname), headers: { Origin: @site.url }, @@ -90,6 +90,35 @@ module Api assert_equal redirect, response.headers['Location'] assert_equal 2, ActionMailer::Base.deliveries.size end + + test 'se puede enviar mensajes a dominios propios' do + ActionMailer::Base.deliveries.clear + + @site.update name: 'example.org.' + + redirect = "#{@site.url}?thanks" + + 10.times do + create :rol, site: @site + end + + post v1_site_contact_url(site_id: @site.hostname), + headers: { + Origin: @site.url + }, + params: { + name: SecureRandom.hex, + pronouns: SecureRandom.hex, + contact: SecureRandom.hex, + from: "#{SecureRandom.hex}@sutty.nl", + body: SecureRandom.hex, + gdpr: true, + redirect: redirect + } + + assert_equal redirect, response.headers['Location'] + assert_equal 2, ActionMailer::Base.deliveries.size + end end end end