Don't require Postfix to send form data

9 files changed, 36 insertions, 46 deletions

diff --git a/app/controllers/action_mailbox/ingresses/amazon/inbound_emails_controller.rb b/app/controllers/action_mailbox/ingresses/amazon/inbound_emails_controller.rb
index 7412928b56..53b9bd07ec 100644
--- a/app/controllers/action_mailbox/ingresses/amazon/inbound_emails_controller.rb
+++ b/app/controllers/action_mailbox/ingresses/amazon/inbound_emails_controller.rb
@@ -6,16 +6,11 @@ class ActionMailbox::Ingresses::Amazon::InboundEmailsController < ActionMailbox:
   cattr_accessor :verifier, default: Aws::SNS::MessageVerifier.new
 
   def create
-    ActionMailbox::InboundEmail.create_and_extract_message_id! raw_email
+    ActionMailbox::InboundEmail.create_and_extract_message_id! params.require(:content)
     head :no_content
   end
 
   private
-    def raw_email
-      StringIO.new params.require(:content)
-    end
-
-
     def ensure_verified
       head :unauthorized unless verified?
     end
diff --git a/app/controllers/action_mailbox/ingresses/mailgun/inbound_emails_controller.rb b/app/controllers/action_mailbox/ingresses/mailgun/inbound_emails_controller.rb
index 4d194a3e00..77e05d712a 100644
--- a/app/controllers/action_mailbox/ingresses/mailgun/inbound_emails_controller.rb
+++ b/app/controllers/action_mailbox/ingresses/mailgun/inbound_emails_controller.rb
@@ -2,16 +2,11 @@ class ActionMailbox::Ingresses::Mailgun::InboundEmailsController < ActionMailbox
   before_action :ensure_authenticated
 
   def create
-    ActionMailbox::InboundEmail.create_and_extract_message_id! raw_email
+    ActionMailbox::InboundEmail.create_and_extract_message_id! params.require("body-mime")
     head :ok
   end
 
   private
-    def raw_email
-      StringIO.new params.require("body-mime")
-    end
-
-
     def ensure_authenticated
       head :unauthorized unless authenticated?
     end
@@ -26,7 +21,6 @@ class ActionMailbox::Ingresses::Mailgun::InboundEmailsController < ActionMailbox
       params.permit(:timestamp, :token, :signature).to_h.symbolize_keys
     end
 
-
     class Authenticator
       cattr_accessor :key
 
diff --git a/app/controllers/action_mailbox/ingresses/mandrill/inbound_emails_controller.rb b/app/controllers/action_mailbox/ingresses/mandrill/inbound_emails_controller.rb
index 825ec6eabd..7910359f51 100644
--- a/app/controllers/action_mailbox/ingresses/mandrill/inbound_emails_controller.rb
+++ b/app/controllers/action_mailbox/ingresses/mandrill/inbound_emails_controller.rb
@@ -13,8 +13,7 @@ class ActionMailbox::Ingresses::Mandrill::InboundEmailsController < ActionMailbo
     def raw_emails
       events.lazy.
         select { |event| event["event"] == "inbound" }.
-        collect { |event| event.dig("msg", "raw_msg") }.
-        collect { |message| StringIO.new message }
+        collect { |event| event.dig("msg", "raw_msg") }
     end
 
     def events
diff --git a/app/controllers/action_mailbox/ingresses/postfix/inbound_emails_controller.rb b/app/controllers/action_mailbox/ingresses/postfix/inbound_emails_controller.rb
index 2631302606..d34257f9e9 100644
--- a/app/controllers/action_mailbox/ingresses/postfix/inbound_emails_controller.rb
+++ b/app/controllers/action_mailbox/ingresses/postfix/inbound_emails_controller.rb
@@ -2,10 +2,17 @@ class ActionMailbox::Ingresses::Postfix::InboundEmailsController < ActionMailbox
   cattr_accessor :username, default: "actionmailbox"
   cattr_accessor :password
 
-  before_action :authenticate
+  before_action :authenticate, :require_valid_rfc822_message
 
   def create
-    ActionMailbox::InboundEmail.create_and_extract_message_id! params.require(:message)
+    ActionMailbox::InboundEmail.create_and_extract_message_id! request.body.read
     head :no_content
   end
+
+  private
+    def require_valid_rfc822_message
+      unless request.content_type == "message/rfc822"
+        head :unsupported_media_type
+      end
+    end
 end
diff --git a/app/controllers/action_mailbox/ingresses/sendgrid/inbound_emails_controller.rb b/app/controllers/action_mailbox/ingresses/sendgrid/inbound_emails_controller.rb
index 0b9e2e1866..19c3b1b2c4 100644
--- a/app/controllers/action_mailbox/ingresses/sendgrid/inbound_emails_controller.rb
+++ b/app/controllers/action_mailbox/ingresses/sendgrid/inbound_emails_controller.rb
@@ -5,12 +5,7 @@ class ActionMailbox::Ingresses::Sendgrid::InboundEmailsController < ActionMailbo
   before_action :authenticate
 
   def create
-    ActionMailbox::InboundEmail.create_and_extract_message_id! raw_email
+    ActionMailbox::InboundEmail.create_and_extract_message_id! params.require(:email)
     head :no_content
   end
-
-  private
-    def raw_email
-      StringIO.new params.require(:email)
-    end
 end
diff --git a/app/models/action_mailbox/inbound_email/message_id.rb b/app/models/action_mailbox/inbound_email/message_id.rb
index 601c5f1a7e..5cfcadaba1 100644
--- a/app/models/action_mailbox/inbound_email/message_id.rb
+++ b/app/models/action_mailbox/inbound_email/message_id.rb
@@ -6,20 +6,15 @@ module ActionMailbox::InboundEmail::MessageId
   end
 
   module ClassMethods
-    def create_and_extract_message_id!(raw_email, **options)
-      create! message_id: extract_message_id(raw_email), **options do |inbound_email|
-        case raw_email
-        when ActionDispatch::Http::UploadedFile
-          inbound_email.raw_email.attach raw_email
-        else
-          inbound_email.raw_email.attach io: raw_email.tap(&:rewind), filename: "message.eml", content_type: "message/rfc822"
-        end
+    def create_and_extract_message_id!(source, **options)
+      create! message_id: extract_message_id(source), **options do |inbound_email|
+        inbound_email.raw_email.attach io: StringIO.new(source), filename: "message.eml", content_type: "message/rfc822"
       end
     end
 
     private
-      def extract_message_id(raw_email)
-        mail_from_source(raw_email.read).message_id
+      def extract_message_id(source)
+        mail_from_source(source).message_id
       rescue => e
         # FIXME: Add logging with "Couldn't extract Message ID, so will generating a new random ID instead"
       end
diff --git a/lib/action_mailbox/test_helper.rb b/lib/action_mailbox/test_helper.rb
index b1d7af33f9..23b2bb02ca 100644
--- a/lib/action_mailbox/test_helper.rb
+++ b/lib/action_mailbox/test_helper.rb
@@ -5,18 +5,15 @@ module ActionMailbox
     # Create an InboundEmail record using an eml fixture in the format of message/rfc822
     # referenced with +fixture_name+ located in +test/fixtures/files/fixture_name+.
     def create_inbound_email_from_fixture(fixture_name, status: :processing)
-      create_inbound_email file_fixture(fixture_name), filename: fixture_name, status: status
+      create_inbound_email file_fixture(fixture_name).read, status: status
     end
 
     def create_inbound_email_from_mail(status: :processing, **mail_options)
-      raw_email = Tempfile.new.tap { |raw_email| raw_email.write Mail.new(mail_options).to_s }
-      create_inbound_email(raw_email, status: status)
+      create_inbound_email Mail.new(mail_options).to_s, status: status
     end
 
-    def create_inbound_email(io, filename: 'mail.eml', status: :processing)
-      ActionMailbox::InboundEmail.create_and_extract_message_id! \
-        ActionDispatch::Http::UploadedFile.new(tempfile: io, filename: filename, type: 'message/rfc822'),
-        status: status
+    def create_inbound_email(source, status: :processing)
+      ActionMailbox::InboundEmail.create_and_extract_message_id! source, status: status
     end
 
     def receive_inbound_email_from_fixture(*args)
diff --git a/test/controllers/ingresses/postfix/inbound_emails_controller_test.rb b/test/controllers/ingresses/postfix/inbound_emails_controller_test.rb
index bade5215d6..3fa0854576 100644
--- a/test/controllers/ingresses/postfix/inbound_emails_controller_test.rb
+++ b/test/controllers/ingresses/postfix/inbound_emails_controller_test.rb
@@ -5,8 +5,8 @@ ActionMailbox::Ingresses::Postfix::InboundEmailsController.password = "tbsy84uSV
 class ActionMailbox::Ingresses::Postfix::InboundEmailsControllerTest < ActionDispatch::IntegrationTest
   test "receiving an inbound email from Postfix" do
     assert_difference -> { ActionMailbox::InboundEmail.count }, +1 do
-      post rails_postfix_inbound_emails_url, headers: { authorization: credentials },
-        params: { message: fixture_file_upload("files/welcome.eml", "message/rfc822") }
+      post rails_postfix_inbound_emails_url, headers: { "Authorization" => credentials, "Content-Type" => "message/rfc822" },
+        params: file_fixture("../files/welcome.eml").read
     end
 
     assert_response :no_content
@@ -18,12 +18,22 @@ class ActionMailbox::Ingresses::Postfix::InboundEmailsControllerTest < ActionDis
 
   test "rejecting an unauthorized inbound email from Postfix" do
     assert_no_difference -> { ActionMailbox::InboundEmail.count } do
-      post rails_postfix_inbound_emails_url, params: { message: fixture_file_upload("files/welcome.eml", "message/rfc822") }
+      post rails_postfix_inbound_emails_url, headers: { "Content-Type" => "message/rfc822" },
+        params: file_fixture("../files/welcome.eml").read
     end
 
     assert_response :unauthorized
   end
 
+  test "rejecting an inbound email of an unsupported media type from Postfix" do
+    assert_no_difference -> { ActionMailbox::InboundEmail.count } do
+      post rails_postfix_inbound_emails_url, headers: { "Authorization" => credentials, "Content-Type" => "text/plain" },
+        params: file_fixture("../files/welcome.eml").read
+    end
+
+    assert_response :unsupported_media_type
+  end
+
   private
     delegate :username, :password, to: ActionMailbox::Ingresses::Postfix::InboundEmailsController
 
diff --git a/test/unit/inbound_email/message_id_test.rb b/test/unit/inbound_email/message_id_test.rb
index aa9ce90b4c..c744a5bf99 100644
--- a/test/unit/inbound_email/message_id_test.rb
+++ b/test/unit/inbound_email/message_id_test.rb
@@ -7,9 +7,7 @@ class ActionMailbox::InboundEmail::MessageIdTest < ActiveSupport::TestCase
   end
 
   test "message id is generated if its missing" do
-    source_without_message_id = "Date: Fri, 28 Sep 2018 11:08:55 -0700\r\nTo: a@example.com\r\nMime-Version: 1.0\r\nContent-Type: text/plain\r\nContent-Transfer-Encoding: 7bit\r\n\r\nHello!"
-    inbound_email = create_inbound_email Tempfile.new.tap { |raw_email| raw_email.write source_without_message_id }
-
+    inbound_email = create_inbound_email "Date: Fri, 28 Sep 2018 11:08:55 -0700\r\nTo: a@example.com\r\nMime-Version: 1.0\r\nContent-Type: text/plain\r\nContent-Transfer-Encoding: 7bit\r\n\r\nHello!"
     assert_not_nil inbound_email.message_id
   end
 end