]> git.openstreetmap.org Git - rails.git/blobdiff - script/deliver-message
Really remove login.live.com from CSP allow list
[rails.git] / script / deliver-message
index 669e54a667fef1459b1e9c206d76c8affc4333f7..81de3ef587402b35eeff71727e49b85da903da81 100755 (executable)
@@ -1,40 +1,38 @@
 #!/usr/bin/env ruby
 
 #!/usr/bin/env ruby
 
-require File.dirname(__FILE__) + '/../config/environment'
+require File.join(File.dirname(__FILE__), "..", "config", "environment")
 
 
-exit 0 unless recipient = ARGV[0].match(/^([cm])-(\d+)-(.*)$/)
-
-if recipient[1] == "c"
-  comment = DiaryComment.find(recipient[2])
-  digest = comment.digest
-  from = comment.diary_entry.user
+if recipient = ARGV[0].match(/^c-(\d+)-(\d+)-(.*)$/)
+  comment = DiaryComment.find(recipient[1])
+  expected_token = comment.notification_token(recipient[2])
+  date = comment.created_at
+  from = comment.diary_entry.subscribers.find(recipient[2])
   to = comment.user
   to = comment.user
-else
-  message = Message.find(recipient[2])
-  digest = message.digest
+  token = recipient[3]
+elsif recipient = ARGV[0].match(/^m-(\d+)-(.*)$/)
+  message = Message.find(recipient[1])
+  expected_token = message.notification_token
+  date = message.sent_on
   from = message.recipient
   to = message.sender
   from = message.recipient
   to = message.sender
+  token = recipient[2]
+else
+  exit 0
 end
 
 end
 
-exit 0 unless recipient[3] == digest[0,6]
+exit 0 unless ActiveSupport::SecurityUtils.secure_compare(token, expected_token)
+exit 0 unless from.active?
+exit 0 if date < 1.month.ago
 
 
-mail = Mail.new(STDIN.readlines.join)
+message&.update(:message_read => true)
 
 
-if mail.multipart?
-  body = mail.html_part || mail.text_part
-else
-  body = mail
-end
+mail = Mail.new($stdin.read
+                     .encode(:universal_newline => true)
+                     .encode(:crlf_newline => true))
 
 
-message = Message.new({
-  :sender => from,
-  :recipient => to,
-  :sent_on => mail.date.new_offset(0),
-  :title => mail.subject.sub(/\[OpenStreetMap\] */, ""),
-  :body => body.decoded
-}, :without_protection => true)
+message = Message.from_mail(mail, from, to)
 message.save!
 
 message.save!
 
-Notifier.message_notification(message).deliver
+UserMailer.message_notification(message).deliver if message.notify_recipient?
 
 exit 0
 
 exit 0