notify-245 update the allowlist for user domains (#510)

Co-authored-by: Kenneth Kehl <@kkehl@flexion.us>
2025-12-16 10:04:07 -05:00 · 2023-05-19 13:54:27 -07:00
parent 7b9e030b25
commit 4882595a48
4 changed files with 6 additions and 16 deletions
--- a/app/config.py
+++ b/app/config.py
@@ -40,6 +40,8 @@ class Config(object):
    TEMPLATE_PREVIEW_API_HOST = getenv('TEMPLATE_PREVIEW_API_HOST', 'http://localhost:9999')
    TEMPLATE_PREVIEW_API_KEY = getenv('TEMPLATE_PREVIEW_API_KEY', 'my-secret-key')

+    GOVERNMENT_EMAIL_DOMAIN_NAMES = ['gov']
+
    # Logging
    NOTIFY_LOG_LEVEL = getenv('NOTIFY_LOG_LEVEL', 'INFO')

--- a/app/utils/email_domains.txt
+++ b/app/utils/email_domains.txt
@@ -1,5 +0,0 @@
-gsa.gov
-gmail.com
-dispostable.com
-simulator.amazonses.com
-amazonses.com
--- a/app/utils/user.py
+++ b/app/utils/user.py
@@ -1,20 +1,14 @@
-import os
 from functools import wraps

 from flask import abort, current_app
 from flask_login import current_user, login_required

+from app import config
 from app.notify_client.organisations_api_client import organisations_client

 user_is_logged_in = login_required


-with open('{}/email_domains.txt'.format(
-    os.path.dirname(os.path.realpath(__file__))
-)) as email_domains:
-    GOVERNMENT_EMAIL_DOMAIN_NAMES = [line.strip() for line in email_domains]
-
-
 def user_has_permissions(*permissions, **permission_kwargs):
    def wrap(func):
        @wraps(func)
@@ -52,7 +46,7 @@ def user_is_platform_admin(f):

 def is_gov_user(email_address):
    return _email_address_ends_with(
-        email_address, GOVERNMENT_EMAIL_DOMAIN_NAMES
+        email_address, config.Config.GOVERNMENT_EMAIL_DOMAIN_NAMES
    ) or _email_address_ends_with(
        email_address, organisations_client.get_domains()
    )
--- a/tests/app/main/test_validators.py
+++ b/tests/app/main/test_validators.py
@@ -17,8 +17,8 @@ def _gen_mock_field(x):

@pytest.mark.parametrize("email", [  # TODO: update with email_domains.txt
    'test@gsa.gov',
-    'test@gmail.com',
-    'test@amazonses.com'
+    'test@abc.gov',
+    'test@xyz.gov'
 ])
 def test_valid_list_of_white_list_email_domains(
    client_request,
@@ -29,7 +29,6 @@ def test_valid_list_of_white_list_email_domains(


@pytest.mark.parametrize("email", [  # TODO: update with email_domains.txt
-    'test@gov.gov',
    'test@gov.gsa',
    'test@gmail.co',
    'test@mail.co',