darkhelm/notifications-admin
1
0
Fork 0
mirror of https://github.com/GSA/notifications-admin.git synced 2025-12-17 02:23:57 -05:00
Code Issues Packages Projects Releases Wiki Activity

notify-245 update the allowlist for user domains (#510)

Browse Source 
Co-authored-by: Kenneth Kehl <@kkehl@flexion.us>
This commit is contained in:
Kenneth Kehl
2023-05-19 13:54:27 -07:00
committed by GitHub
parent 7b9e030b25
commit 4882595a48
4 changed files with 6 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/config.py
View File

@@ -40,6 +40,8 @@ class Config(object):
TEMPLATE_PREVIEW_API_HOST = getenv('TEMPLATE_PREVIEW_API_HOST', 'http://localhost:9999') TEMPLATE_PREVIEW_API_HOST = getenv('TEMPLATE_PREVIEW_API_HOST', 'http://localhost:9999')
TEMPLATE_PREVIEW_API_KEY = getenv('TEMPLATE_PREVIEW_API_KEY', 'my-secret-key') TEMPLATE_PREVIEW_API_KEY = getenv('TEMPLATE_PREVIEW_API_KEY', 'my-secret-key')
GOVERNMENT_EMAIL_DOMAIN_NAMES = ['gov']
# Logging # Logging
NOTIFY_LOG_LEVEL = getenv('NOTIFY_LOG_LEVEL', 'INFO') NOTIFY_LOG_LEVEL = getenv('NOTIFY_LOG_LEVEL', 'INFO')

5
app/utils/email_domains.txt
View File

@@ -1,5 +0,0 @@
gsa.gov
gmail.com
dispostable.com
simulator.amazonses.com
amazonses.com

10
app/utils/user.py
View File

@@ -1,20 +1,14 @@
import os
from functools import wraps from functools import wraps
from flask import abort, current_app from flask import abort, current_app
from flask_login import current_user, login_required from flask_login import current_user, login_required
from app import config
from app.notify_client.organisations_api_client import organisations_client from app.notify_client.organisations_api_client import organisations_client
user_is_logged_in = login_required user_is_logged_in = login_required
with open('{}/email_domains.txt'.format(
os.path.dirname(os.path.realpath(__file__))
)) as email_domains:
GOVERNMENT_EMAIL_DOMAIN_NAMES = [line.strip() for line in email_domains]
def user_has_permissions(*permissions, **permission_kwargs): def user_has_permissions(*permissions, **permission_kwargs):
def wrap(func): def wrap(func):
@wraps(func) @wraps(func)
@@ -52,7 +46,7 @@ def user_is_platform_admin(f):
def is_gov_user(email_address): def is_gov_user(email_address):
return _email_address_ends_with( return _email_address_ends_with(
email_address, GOVERNMENT_EMAIL_DOMAIN_NAMES email_address, config.Config.GOVERNMENT_EMAIL_DOMAIN_NAMES
) or _email_address_ends_with( ) or _email_address_ends_with(
email_address, organisations_client.get_domains() email_address, organisations_client.get_domains()
) )

5
tests/app/main/test_validators.py
View File

@@ -17,8 +17,8 @@ def _gen_mock_field(x):
@pytest.mark.parametrize("email", [ # TODO: update with email_domains.txt @pytest.mark.parametrize("email", [ # TODO: update with email_domains.txt
'test@gsa.gov', 'test@gsa.gov',
'test@gmail.com', 'test@abc.gov',
'test@amazonses.com' 'test@xyz.gov'
]) ])
def test_valid_list_of_white_list_email_domains( def test_valid_list_of_white_list_email_domains(
client_request, client_request,
@@ -29,7 +29,6 @@ def test_valid_list_of_white_list_email_domains(
@pytest.mark.parametrize("email", [ # TODO: update with email_domains.txt @pytest.mark.parametrize("email", [ # TODO: update with email_domains.txt
'test@gov.gov',
'test@gov.gsa', 'test@gov.gsa',
'test@gmail.co', 'test@gmail.co',
'test@mail.co', 'test@mail.co',