From 6d8f2e19a1db550a4e9e0416c47d7c3b66144e78 Mon Sep 17 00:00:00 2001 From: Gwyneth Morgan Date: Wed, 31 Jan 2024 21:04:22 +0000 Subject: [PATCH 1/2] Include username in email headers Emails from Gitea comments do not contain the username of the commenter anywhere, only their display name, so it is not possible to verify who made a comment from the email itself: From: "Alice" X-Gitea-Sender: Alice X-Gitea-Recipient: Bob X-GitHub-Sender: Alice X-GitHub-Recipient: Bob This comment looks like it's from @alice. The X-Gitea/X-GitHub headers also use display names, which is not very reliable for filtering, and inconsistent with GitHub's behavior: X-GitHub-Sender: lunny X-GitHub-Recipient: gwymor This change includes both the display name and username in the From header, and switches the other headers from display name to username: From: "Alice (@fakealice)" X-Gitea-Sender: fakealice X-Gitea-Recipient: bob X-GitHub-Sender: fakealice X-GitHub-Recipient: bob This comment looks like it's from @alice. --- models/user/user.go | 6 ++++++ services/mailer/mail.go | 16 +++++++++++----- services/mailer/mail_test.go | 6 +++--- 3 files changed, 20 insertions(+), 8 deletions(-) diff --git a/models/user/user.go b/models/user/user.go index 6d1b1aef18bdc..4f9eed8e5871d 100644 --- a/models/user/user.go +++ b/models/user/user.go @@ -443,6 +443,12 @@ func (u *User) GetDisplayName() string { return u.Name } +// GetCompleteName returns the the full name and username in the form of +// "Full Name (@username)" +func (u *User) GetCompleteName() string { + return fmt.Sprintf("%s (@%s)", u.DisplayName(), u.Name) +} + func gitSafeName(name string) string { return strings.TrimSpace(strings.NewReplacer("\n", "", "<", "", ">", "").Replace(name)) } diff --git a/services/mailer/mail.go b/services/mailer/mail.go index cf80333608248..16c30088cdbdc 100644 --- a/services/mailer/mail.go +++ b/services/mailer/mail.go @@ -310,7 +310,13 @@ func composeIssueCommentMessages(ctx *mailCommentContext, lang string, recipient msgs := make([]*Message, 0, len(recipients)) for _, recipient := range recipients { - msg := NewMessageFrom(recipient.Email, ctx.Doer.DisplayName(), setting.MailService.FromEmail, subject, mailBody.String()) + msg := NewMessageFrom( + recipient.Email, + ctx.Doer.GetCompleteName(), + setting.MailService.FromEmail, + subject, + mailBody.String(), + ) msg.Info = fmt.Sprintf("Subject: %s, %s", subject, info) msg.SetHeader("Message-ID", msgID) @@ -394,8 +400,8 @@ func generateAdditionalHeaders(ctx *mailCommentContext, reason string, recipient "X-Mailer": "Gitea", "X-Gitea-Reason": reason, - "X-Gitea-Sender": ctx.Doer.DisplayName(), - "X-Gitea-Recipient": recipient.DisplayName(), + "X-Gitea-Sender": ctx.Doer.Name, + "X-Gitea-Recipient": recipient.Name, "X-Gitea-Recipient-Address": recipient.Email, "X-Gitea-Repository": repo.Name, "X-Gitea-Repository-Path": repo.FullName(), @@ -404,8 +410,8 @@ func generateAdditionalHeaders(ctx *mailCommentContext, reason string, recipient "X-Gitea-Issue-Link": ctx.Issue.HTMLURL(), "X-GitHub-Reason": reason, - "X-GitHub-Sender": ctx.Doer.DisplayName(), - "X-GitHub-Recipient": recipient.DisplayName(), + "X-GitHub-Sender": ctx.Doer.Name, + "X-GitHub-Recipient": recipient.Name, "X-GitHub-Recipient-Address": recipient.Email, "X-GitLab-NotificationReason": reason, diff --git a/services/mailer/mail_test.go b/services/mailer/mail_test.go index 64f2f740ca2db..e300aeccb0c1f 100644 --- a/services/mailer/mail_test.go +++ b/services/mailer/mail_test.go @@ -239,7 +239,7 @@ func TestGenerateAdditionalHeaders(t *testing.T) { doer, _, issue, _ := prepareMailerTest(t) ctx := &mailCommentContext{Context: context.TODO() /* TODO: use a correct context */, Issue: issue, Doer: doer} - recipient := &user_model.User{Name: "Test", Email: "test@gitea.com"} + recipient := &user_model.User{Name: "test", Email: "test@gitea.com"} headers := generateAdditionalHeaders(ctx, "dummy-reason", recipient) @@ -247,8 +247,8 @@ func TestGenerateAdditionalHeaders(t *testing.T) { "List-ID": "user2/repo1 ", "List-Archive": "", "X-Gitea-Reason": "dummy-reason", - "X-Gitea-Sender": "< Ur Tw ><", - "X-Gitea-Recipient": "Test", + "X-Gitea-Sender": "user2", + "X-Gitea-Recipient": "test", "X-Gitea-Recipient-Address": "test@gitea.com", "X-Gitea-Repository": "repo1", "X-Gitea-Repository-Path": "user2/repo1", From 8d96745f57ddfc9cc9eddd4e212bbfeb895364fd Mon Sep 17 00:00:00 2001 From: Gwyneth Morgan Date: Wed, 31 Jan 2024 21:46:48 +0000 Subject: [PATCH 2/2] Fall back to "@username" if display name is empty --- models/user/user.go | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/models/user/user.go b/models/user/user.go index 4f9eed8e5871d..269a1be725f4c 100644 --- a/models/user/user.go +++ b/models/user/user.go @@ -444,9 +444,14 @@ func (u *User) GetDisplayName() string { } // GetCompleteName returns the the full name and username in the form of -// "Full Name (@username)" +// "Full Name (@username)" if full name is not empty, otherwise it returns +// "@username". func (u *User) GetCompleteName() string { - return fmt.Sprintf("%s (@%s)", u.DisplayName(), u.Name) + trimmedFullName := strings.TrimSpace(u.FullName) + if len(trimmedFullName) > 0 { + return fmt.Sprintf("%s (@%s)", trimmedFullName, u.Name) + } + return fmt.Sprintf("@%s", u.Name) } func gitSafeName(name string) string {