1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-02 19:52:44 +01:00
phorge-phorge/src/applications/differential
epriestley e3aa043a02 Allow multiple mail receivers to react to an individual email
Summary:
Fixes T7477. Fixes T13066. Currently, inbound mail is processed by the first receiver that matches any "To:" address. "Cc" addresses are ignored.

**To, CC, and Multiple Receivers**

Some users would like to be able to "Cc" addresses like `bugs@` instead of having to "To" the address, which makes perfect sense. That's the driving use case behind T7477.

Since users can To/Cc multiple "create object" or "update object" addresses, I also wanted to make the behavior more general. For example, if you email `bugs@` and also `paste@`, your mail might reasonably make both a Task and a Paste. Is this useful? I'm not sure. But it seems like it's pretty clearly the best match for user intent, and the least-surprising behavior we can have. There's also no good rule for picking which address "wins" when two or more match -- we ended up with "address order", which is pretty arbitrary since "To" and "Cc" are not really ordered fields.

One part of this change is removing `phabricator.allow-email-users`. In practice, this option only controlled whether users were allowed to send mail to "Application Email" addresses with a configured default author, and it's unlikely that we'll expand it since I think the future of external/grey users is Nuance, not richer interaction with Maniphest/Differential/etc. Since this option only made "Default Author" work and "Default Author" is optional, we can simplify behavior by making the rule work like this:

  - If an address specifies a default author, it allows public email.
  - If an address does not, it doesn't.

That's basically how it worked already, except that you could intentionally "break" the behavior by not configuring `phabricator.allow-email-users`. This is a backwards compatility change with possible security implications (it might allow email in that was previously blocked by configuration) that I'll call out in the changelog, but I suspect that no installs are really impacted and this new behavior is generally more intuitive.

A somewhat related change here is that each receiver is allowed to react to each individual email address, instead of firing once. This allows you to configure `bugs-a@` and `bugs-b@` and CC them both and get two tasks. Useful? Maybe not, but seems like the best execution of intent.

**Sender vs Author**

Adjacently, T13066 described an improvement to error handling behavior here: we did not distinguish between "sender" (the user matching the email "From" address) and "actor" (the user we're actually acting as in the application). These are different when you're some internet rando and send to `bugs@`, which has a default author. Then the "sender" is `null` and the "author" is `@bugs-robot` or whatever (some user account you've configured).

This refines "Sender" vs "Author". This is mostly a purity/correctness change, but it means that we won't send random email error messages to `@bugs-robot`.

Since receivers are now allowed to process mail with no "sender" if they have some default "actor" they would rather use instead, it's not an error to send from an invalid address unless nothing processes the mail.

**Other**

This removes the "abundant receivers" error since this is no longer an error.

This always sets "external user" mail recipients to be unverified. As far as I can tell, there's no pathway by which we send them email anyway (before or after this change), although it's possible I'm missing something somewhere.

Test Plan:
I did most of this with `bin/mail receive-test`. I rigged the workflow slightly for some of it since it doesn't support multiple addresses or explicit "CC" and adding either would be a bit tricky.

These could also be tested with `scripts/mail/mail_handler.php`, but I don't currently have the MIME parser extension installed locally after a recent upgrade to Mojave and suspect T13232 makes it tricky to install.

- Ran unit tests, which provide significant coverage of this flow.
- Sent mail to multiple Maniphest application emails, got multiple tasks.
- Sent mail to a Maniphest and a Paste application email, got a task and a paste.
- Sent mail to a task.
  - Saw original email recorded on tasks. This is a behavior particular to tasks.
- Sent mail to a paste.
- Sent mail to a mock.
- Sent mail to a Phame blog post.
- Sent mail to a Legalpad document.
- Sent mail to a Conpherence thread.
- Sent mail to a poll.
- This isn't every type of supported object but it's enough of them that I'm pretty confident I didn't break the whole flow.
- Sent mail to an object I could not view (got an error).
- As a non-user, sent mail to several "create an object..." addresses.
  - Addresses with a default user worked (e.g., created a task).
  - Addresses without a default user did not work.

Reviewers: amckinley

Reviewed By: amckinley

Maniphest Tasks: T13066, T7477

Differential Revision: https://secure.phabricator.com/D19952
2019-01-16 12:28:02 -08:00
..
__tests__ phtize all the things 2015-05-22 21:16:39 +10:00
application Support export of revisions to Excel/CSV/JSON/etc 2018-10-11 13:34:33 -07:00
capability Simplify the implementation of PhabricatorPolicyCapability subclasses 2014-07-25 08:25:42 +10:00
command Define Differential email action in terms of EditEngine 2017-01-02 13:25:45 -08:00
conduit Remove "Large Changes" documentation and make some minor behavioral improvements 2018-04-05 06:40:46 -07:00
config Add yaml files to differential.whitespace-matters 2017-11-15 11:57:11 -08:00
constants Add some more UI reminder text about draft revisions 2018-03-08 12:07:40 -08:00
controller Allow reviewers to mark their own inlines as "Done" before they submit them 2018-09-07 11:17:42 -07:00
customfield Tailor the "no reviewers on this revision" warnings to handle the case where all reviewers have resigned 2018-11-28 13:50:29 -08:00
doorkeeper Reduce callsites to "ArcanistDifferentialRevisionStatus" in Phabricator 2017-08-09 11:04:52 -07:00
edge Update parent/child revision timeline messages to use modern language ("parent revision") 2018-07-13 09:02:10 -07:00
editor Rename "MetaMTA" mail attachments and add more mail message objects 2019-01-04 15:23:44 -08:00
engine Remove "willRenderTimeline()" from ApplicationTransactionInterface 2018-12-20 14:55:07 -08:00
engineextension Add a "commits" attachment to "differential.diff.search" for retrieving local commit information 2018-04-19 17:25:06 -07:00
exception Remove an unused class 2015-01-03 09:07:32 +11:00
field Move misplaced validation for ambiguous fields in "Test Plan" to the right place 2017-06-30 06:36:05 -07:00
garbagecollector Provide bin/garbage for interacting with garbage collection 2015-10-02 09:17:24 -07:00
harbormaster Pass commit authorship information to Buildkite 2018-08-27 12:52:11 -07:00
herald Add "Revision test plan" as a Herald field; remove test plan from the "Revision summary" field 2018-08-29 14:17:38 -07:00
lipsum Fix Lipsum generators for Differential Revisions and Pastes 2018-07-23 15:05:51 -05:00
mail Allow multiple mail receivers to react to an individual email 2019-01-16 12:28:02 -08:00
management When showing a diff-of-diffs, hide files which didn't get any more changes and have no inlines 2018-05-16 17:18:53 -07:00
parser Fix an off-by-one error affecting mail rendering of inlines on the final line of a file 2018-11-26 10:12:09 -08:00
phid Make all revision status readers explicitly read modern or legacy status 2017-08-11 17:22:22 -07:00
query Continue making application fixes to Phabricator for changes to %Q semantics 2018-11-15 03:50:02 -08:00
relationships Convert all standard relationship-editing actions to modern Relationships code 2016-06-29 11:24:52 -07:00
remarkup Rename PhutilRemarkupRule subclasses 2014-08-05 00:55:43 +10:00
render Use more consistent diff coloration in unified diffs 2018-06-08 09:39:34 -07:00
search Reduce the amount of boilerplate that implementing FerretInterface requires 2017-09-07 13:23:31 -07:00
storage Remove "getApplicationTransactionObject()" from ApplicationTransactionInterface 2018-12-20 15:16:19 -08:00
typeahead Fix spelling 2017-10-09 10:48:04 -07:00
view Add more accessibility labels for screen readers 2018-08-17 13:31:51 -07:00
xaction Allow "Abandoned" revisions to be commandeered 2018-11-26 10:13:52 -08:00
DifferentialGetWorkingCopy.php Extend from Phobject 2015-06-15 18:02:27 +10:00