From 360b3fd17c3315ad9ad9c4e6ac02eda73f48d8ae Mon Sep 17 00:00:00 2001 From: Gwyneth Morgan Date: Sat, 3 Feb 2024 00:41:27 +0000 Subject: [PATCH] Include username in email headers (#28981) Emails from Gitea comments do not contain the username of the commenter anywhere, only their display name, so it is not possible to verify who made a comment from the email itself: From: "Alice" X-Gitea-Sender: Alice X-Gitea-Recipient: Bob X-GitHub-Sender: Alice X-GitHub-Recipient: Bob This comment looks like it's from @alice. The X-Gitea/X-GitHub headers also use display names, which is not very reliable for filtering, and inconsistent with GitHub's behavior: X-GitHub-Sender: lunny X-GitHub-Recipient: gwymor This change includes both the display name and username in the From header, and switches the other headers from display name to username: From: "Alice (@fakealice)" X-Gitea-Sender: fakealice X-Gitea-Recipient: bob X-GitHub-Sender: fakealice X-GitHub-Recipient: bob This comment looks like it's from @alice. --- models/user/user.go | 11 +++++++++++ services/mailer/mail.go | 16 +++++++++++----- services/mailer/mail_test.go | 6 +++--- 3 files changed, 25 insertions(+), 8 deletions(-) diff --git a/models/user/user.go b/models/user/user.go index 6d1b1aef1..269a1be72 100644 --- a/models/user/user.go +++ b/models/user/user.go @@ -443,6 +443,17 @@ func (u *User) GetDisplayName() string { return u.Name } +// GetCompleteName returns the the full name and username in the form of +// "Full Name (@username)" if full name is not empty, otherwise it returns +// "@username". +func (u *User) GetCompleteName() string { + trimmedFullName := strings.TrimSpace(u.FullName) + if len(trimmedFullName) > 0 { + return fmt.Sprintf("%s (@%s)", trimmedFullName, u.Name) + } + return fmt.Sprintf("@%s", u.Name) +} + func gitSafeName(name string) string { return strings.TrimSpace(strings.NewReplacer("\n", "", "<", "", ">", "").Replace(name)) } diff --git a/services/mailer/mail.go b/services/mailer/mail.go index cf8033360..16c30088c 100644 --- a/services/mailer/mail.go +++ b/services/mailer/mail.go @@ -310,7 +310,13 @@ func composeIssueCommentMessages(ctx *mailCommentContext, lang string, recipient msgs := make([]*Message, 0, len(recipients)) for _, recipient := range recipients { - msg := NewMessageFrom(recipient.Email, ctx.Doer.DisplayName(), setting.MailService.FromEmail, subject, mailBody.String()) + msg := NewMessageFrom( + recipient.Email, + ctx.Doer.GetCompleteName(), + setting.MailService.FromEmail, + subject, + mailBody.String(), + ) msg.Info = fmt.Sprintf("Subject: %s, %s", subject, info) msg.SetHeader("Message-ID", msgID) @@ -394,8 +400,8 @@ func generateAdditionalHeaders(ctx *mailCommentContext, reason string, recipient "X-Mailer": "Gitea", "X-Gitea-Reason": reason, - "X-Gitea-Sender": ctx.Doer.DisplayName(), - "X-Gitea-Recipient": recipient.DisplayName(), + "X-Gitea-Sender": ctx.Doer.Name, + "X-Gitea-Recipient": recipient.Name, "X-Gitea-Recipient-Address": recipient.Email, "X-Gitea-Repository": repo.Name, "X-Gitea-Repository-Path": repo.FullName(), @@ -404,8 +410,8 @@ func generateAdditionalHeaders(ctx *mailCommentContext, reason string, recipient "X-Gitea-Issue-Link": ctx.Issue.HTMLURL(), "X-GitHub-Reason": reason, - "X-GitHub-Sender": ctx.Doer.DisplayName(), - "X-GitHub-Recipient": recipient.DisplayName(), + "X-GitHub-Sender": ctx.Doer.Name, + "X-GitHub-Recipient": recipient.Name, "X-GitHub-Recipient-Address": recipient.Email, "X-GitLab-NotificationReason": reason, diff --git a/services/mailer/mail_test.go b/services/mailer/mail_test.go index 64f2f740c..e300aeccb 100644 --- a/services/mailer/mail_test.go +++ b/services/mailer/mail_test.go @@ -239,7 +239,7 @@ func TestGenerateAdditionalHeaders(t *testing.T) { doer, _, issue, _ := prepareMailerTest(t) ctx := &mailCommentContext{Context: context.TODO() /* TODO: use a correct context */, Issue: issue, Doer: doer} - recipient := &user_model.User{Name: "Test", Email: "test@gitea.com"} + recipient := &user_model.User{Name: "test", Email: "test@gitea.com"} headers := generateAdditionalHeaders(ctx, "dummy-reason", recipient) @@ -247,8 +247,8 @@ func TestGenerateAdditionalHeaders(t *testing.T) { "List-ID": "user2/repo1 ", "List-Archive": "", "X-Gitea-Reason": "dummy-reason", - "X-Gitea-Sender": "< Ur Tw ><", - "X-Gitea-Recipient": "Test", + "X-Gitea-Sender": "user2", + "X-Gitea-Recipient": "test", "X-Gitea-Recipient-Address": "test@gitea.com", "X-Gitea-Repository": "repo1", "X-Gitea-Repository-Path": "user2/repo1",