Merge pull request #1 from basecamp/ingresses

Accept inbound emails from a variety of ingresses

9 files changed, 281 insertions, 35 deletions

diff --git a/test/controllers/ingresses/amazon/inbound_emails_controller_test.rb b/test/controllers/ingresses/amazon/inbound_emails_controller_test.rb
new file mode 100644
index 0000000000..c36c500cbe
--- /dev/null
+++ b/test/controllers/ingresses/amazon/inbound_emails_controller_test.rb
@@ -0,0 +1,20 @@
+require "test_helper"
+
+ActionMailbox::Ingresses::Amazon::InboundEmailsController.verifier =
+  Module.new { def self.authentic?(message); true; end }
+
+class ActionMailbox::Ingresses::Amazon::InboundEmailsControllerTest < ActionDispatch::IntegrationTest
+  setup { ActionMailbox.ingress = :amazon }
+
+  test "receiving an inbound email from Amazon" do
+    assert_difference -> { ActionMailbox::InboundEmail.count }, +1 do
+      post rails_amazon_inbound_emails_url, params: { content: file_fixture("../files/welcome.eml").read }, as: :json
+    end
+
+    assert_response :no_content
+
+    inbound_email = ActionMailbox::InboundEmail.last
+    assert_equal file_fixture("../files/welcome.eml").read, inbound_email.raw_email.download
+    assert_equal "0CB459E0-0336-41DA-BC88-E6E28C697DDB@37signals.com", inbound_email.message_id
+  end
+end
diff --git a/test/controllers/ingresses/mailgun/inbound_emails_controller_test.rb b/test/controllers/ingresses/mailgun/inbound_emails_controller_test.rb
new file mode 100644
index 0000000000..c5ec71013e
--- /dev/null
+++ b/test/controllers/ingresses/mailgun/inbound_emails_controller_test.rb
@@ -0,0 +1,89 @@
+require "test_helper"
+
+ENV["MAILGUN_INGRESS_API_KEY"] = "tbsy84uSV1Kt3ZJZELY2TmShPRs91E3yL4tzf96297vBCkDWgL"
+
+class ActionMailbox::Ingresses::Mailgun::InboundEmailsControllerTest < ActionDispatch::IntegrationTest
+  setup { ActionMailbox.ingress = :mailgun }
+
+  test "receiving an inbound email from Mailgun" do
+    assert_difference -> { ActionMailbox::InboundEmail.count }, +1 do
+      travel_to "2018-10-09 15:15:00 EDT"
+      post rails_mailgun_inbound_emails_url, params: {
+        timestamp: 1539112500,
+        token: "7VwW7k6Ak7zcTwoSoNm7aTtbk1g67MKAnsYLfUB7PdszbgR5Xi",
+        signature: "ef24c5225322217bb065b80bb54eb4f9206d764e3e16abab07f0a64d1cf477cc",
+        "body-mime" => file_fixture("../files/welcome.eml").read
+      }
+    end
+
+    assert_response :no_content
+
+    inbound_email = ActionMailbox::InboundEmail.last
+    assert_equal file_fixture("../files/welcome.eml").read, inbound_email.raw_email.download
+    assert_equal "0CB459E0-0336-41DA-BC88-E6E28C697DDB@37signals.com", inbound_email.message_id
+  end
+
+  test "rejecting a delayed inbound email from Mailgun" do
+    assert_no_difference -> { ActionMailbox::InboundEmail.count } do
+      travel_to "2018-10-09 15:26:00 EDT"
+      post rails_mailgun_inbound_emails_url, params: {
+        timestamp: 1539112500,
+        token: "7VwW7k6Ak7zcTwoSoNm7aTtbk1g67MKAnsYLfUB7PdszbgR5Xi",
+        signature: "ef24c5225322217bb065b80bb54eb4f9206d764e3e16abab07f0a64d1cf477cc",
+        "body-mime" => file_fixture("../files/welcome.eml").read
+      }
+    end
+
+    assert_response :unauthorized
+  end
+
+  test "rejecting a forged inbound email from Mailgun" do
+    assert_no_difference -> { ActionMailbox::InboundEmail.count } do
+      travel_to "2018-10-09 15:15:00 EDT"
+      post rails_mailgun_inbound_emails_url, params: {
+        timestamp: 1539112500,
+        token: "Zx8mJBiGmiiyyfWnho3zKyjCg2pxLARoCuBM7X9AKCioShGiMX",
+        signature: "ef24c5225322217bb065b80bb54eb4f9206d764e3e16abab07f0a64d1cf477cc",
+        "body-mime" => file_fixture("../files/welcome.eml").read
+      }
+    end
+
+    assert_response :unauthorized
+  end
+
+  test "raising when the configured Mailgun API key is nil" do
+    switch_key_to nil do
+      assert_raises ArgumentError do
+        travel_to "2018-10-09 15:15:00 EDT"
+        post rails_mailgun_inbound_emails_url, params: {
+          timestamp: 1539112500,
+          token: "7VwW7k6Ak7zcTwoSoNm7aTtbk1g67MKAnsYLfUB7PdszbgR5Xi",
+          signature: "ef24c5225322217bb065b80bb54eb4f9206d764e3e16abab07f0a64d1cf477cc",
+          "body-mime" => file_fixture("../files/welcome.eml").read
+        }
+      end
+    end
+  end
+
+  test "raising when the configured Mailgun API key is blank" do
+    switch_key_to "" do
+      assert_raises ArgumentError do
+        travel_to "2018-10-09 15:15:00 EDT"
+        post rails_mailgun_inbound_emails_url, params: {
+          timestamp: 1539112500,
+          token: "7VwW7k6Ak7zcTwoSoNm7aTtbk1g67MKAnsYLfUB7PdszbgR5Xi",
+          signature: "ef24c5225322217bb065b80bb54eb4f9206d764e3e16abab07f0a64d1cf477cc",
+          "body-mime" => file_fixture("../files/welcome.eml").read
+        }
+      end
+    end
+  end
+
+  private
+    def switch_key_to(new_key)
+      previous_key, ENV["MAILGUN_INGRESS_API_KEY"] = ENV["MAILGUN_INGRESS_API_KEY"], new_key
+      yield
+    ensure
+      ENV["MAILGUN_INGRESS_API_KEY"] = previous_key
+    end
+end
diff --git a/test/controllers/ingresses/mandrill/inbound_emails_controller_test.rb b/test/controllers/ingresses/mandrill/inbound_emails_controller_test.rb
new file mode 100644
index 0000000000..c8a8e731d6
--- /dev/null
+++ b/test/controllers/ingresses/mandrill/inbound_emails_controller_test.rb
@@ -0,0 +1,58 @@
+require "test_helper"
+
+ENV["MANDRILL_INGRESS_API_KEY"] = "1l9Qf7lutEf7h73VXfBwhw"
+
+class ActionMailbox::Ingresses::Mandrill::InboundEmailsControllerTest < ActionDispatch::IntegrationTest
+  setup do
+    ActionMailbox.ingress = :mandrill
+    @events = JSON.generate([{ event: "inbound", msg: { raw_msg: file_fixture("../files/welcome.eml").read } }])
+  end
+
+  test "receiving an inbound email from Mandrill" do
+    assert_difference -> { ActionMailbox::InboundEmail.count }, +1 do
+      post rails_mandrill_inbound_emails_url,
+        headers: { "X-Mandrill-Signature" => "gldscd2tAb/G+DmpiLcwukkLrC4=" }, params: { mandrill_events: @events }
+    end
+
+    assert_response :ok
+
+    inbound_email = ActionMailbox::InboundEmail.last
+    assert_equal file_fixture("../files/welcome.eml").read, inbound_email.raw_email.download
+    assert_equal "0CB459E0-0336-41DA-BC88-E6E28C697DDB@37signals.com", inbound_email.message_id
+  end
+
+  test "rejecting a forged inbound email from Mandrill" do
+    assert_no_difference -> { ActionMailbox::InboundEmail.count } do
+      post rails_mandrill_inbound_emails_url,
+        headers: { "X-Mandrill-Signature" => "forged" }, params: { mandrill_events: @events }
+    end
+
+    assert_response :unauthorized
+  end
+
+  test "raising when Mandrill API key is nil" do
+    switch_key_to nil do
+      assert_raises ArgumentError do
+        post rails_mandrill_inbound_emails_url,
+          headers: { "X-Mandrill-Signature" => "gldscd2tAb/G+DmpiLcwukkLrC4=" }, params: { mandrill_events: @events }
+      end
+    end
+  end
+
+  test "raising when Mandrill API key is blank" do
+    switch_key_to "" do
+      assert_raises ArgumentError do
+        post rails_mandrill_inbound_emails_url,
+          headers: { "X-Mandrill-Signature" => "gldscd2tAb/G+DmpiLcwukkLrC4=" }, params: { mandrill_events: @events }
+      end
+    end
+  end
+
+  private
+    def switch_key_to(new_key)
+      previous_key, ENV["MANDRILL_INGRESS_API_KEY"] = ENV["MANDRILL_INGRESS_API_KEY"], new_key
+      yield
+    ensure
+      ENV["MANDRILL_INGRESS_API_KEY"] = previous_key
+    end
+end
diff --git a/test/controllers/ingresses/postfix/inbound_emails_controller_test.rb b/test/controllers/ingresses/postfix/inbound_emails_controller_test.rb
new file mode 100644
index 0000000000..5e0777aa30
--- /dev/null
+++ b/test/controllers/ingresses/postfix/inbound_emails_controller_test.rb
@@ -0,0 +1,54 @@
+require "test_helper"
+
+class ActionMailbox::Ingresses::Postfix::InboundEmailsControllerTest < ActionDispatch::IntegrationTest
+  setup { ActionMailbox.ingress = :postfix }
+
+  test "receiving an inbound email from Postfix" do
+    assert_difference -> { ActionMailbox::InboundEmail.count }, +1 do
+      post rails_postfix_inbound_emails_url, headers: { "Authorization" => credentials, "Content-Type" => "message/rfc822" },
+        params: file_fixture("../files/welcome.eml").read
+    end
+
+    assert_response :no_content
+
+    inbound_email = ActionMailbox::InboundEmail.last
+    assert_equal file_fixture("../files/welcome.eml").read, inbound_email.raw_email.download
+    assert_equal "0CB459E0-0336-41DA-BC88-E6E28C697DDB@37signals.com", inbound_email.message_id
+  end
+
+  test "rejecting an unauthorized inbound email from Postfix" do
+    assert_no_difference -> { ActionMailbox::InboundEmail.count } do
+      post rails_postfix_inbound_emails_url, headers: { "Content-Type" => "message/rfc822" },
+        params: file_fixture("../files/welcome.eml").read
+    end
+
+    assert_response :unauthorized
+  end
+
+  test "rejecting an inbound email of an unsupported media type from Postfix" do
+    assert_no_difference -> { ActionMailbox::InboundEmail.count } do
+      post rails_postfix_inbound_emails_url, headers: { "Authorization" => credentials, "Content-Type" => "text/plain" },
+        params: file_fixture("../files/welcome.eml").read
+    end
+
+    assert_response :unsupported_media_type
+  end
+
+  test "raising when the configured password is nil" do
+    switch_password_to nil do
+      assert_raises ArgumentError do
+        post rails_postfix_inbound_emails_url, headers: { "Authorization" => credentials, "Content-Type" => "message/rfc822" },
+          params: file_fixture("../files/welcome.eml").read
+      end
+    end
+  end
+
+  test "raising when the configured password is blank" do
+    switch_password_to "" do
+      assert_raises ArgumentError do
+        post rails_postfix_inbound_emails_url, headers: { "Authorization" => credentials, "Content-Type" => "message/rfc822" },
+          params: file_fixture("../files/welcome.eml").read
+      end
+    end
+  end
+end
diff --git a/test/controllers/ingresses/sendgrid/inbound_emails_controller_test.rb b/test/controllers/ingresses/sendgrid/inbound_emails_controller_test.rb
new file mode 100644
index 0000000000..0c7d0d6846
--- /dev/null
+++ b/test/controllers/ingresses/sendgrid/inbound_emails_controller_test.rb
@@ -0,0 +1,44 @@
+require "test_helper"
+
+class ActionMailbox::Ingresses::Sendgrid::InboundEmailsControllerTest < ActionDispatch::IntegrationTest
+  setup { ActionMailbox.ingress = :sendgrid }
+
+  test "receiving an inbound email from Sendgrid" do
+    assert_difference -> { ActionMailbox::InboundEmail.count }, +1 do
+      post rails_sendgrid_inbound_emails_url,
+        headers: { authorization: credentials }, params: { email: file_fixture("../files/welcome.eml").read }
+    end
+
+    assert_response :no_content
+
+    inbound_email = ActionMailbox::InboundEmail.last
+    assert_equal file_fixture("../files/welcome.eml").read, inbound_email.raw_email.download
+    assert_equal "0CB459E0-0336-41DA-BC88-E6E28C697DDB@37signals.com", inbound_email.message_id
+  end
+
+  test "rejecting an unauthorized inbound email from Sendgrid" do
+    assert_no_difference -> { ActionMailbox::InboundEmail.count } do
+      post rails_sendgrid_inbound_emails_url, params: { email: file_fixture("../files/welcome.eml").read }
+    end
+
+    assert_response :unauthorized
+  end
+
+  test "raising when the configured password is nil" do
+    switch_password_to nil do
+      assert_raises ArgumentError do
+        post rails_sendgrid_inbound_emails_url,
+          headers: { authorization: credentials }, params: { email: file_fixture("../files/welcome.eml").read }
+      end
+    end
+  end
+
+  test "raising when the configured password is blank" do
+    switch_password_to "" do
+      assert_raises ArgumentError do
+        post rails_sendgrid_inbound_emails_url,
+          headers: { authorization: credentials }, params: { email: file_fixture("../files/welcome.eml").read }
+      end
+    end
+  end
+end
diff --git a/test/fixtures/files/text.txt b/test/fixtures/files/text.txt
deleted file mode 100644
index 84c3f1cf21..0000000000
--- a/test/fixtures/files/text.txt
+++ /dev/null
@@ -1 +0,0 @@
-This Is Not An Email!
diff --git a/test/test_helper.rb b/test/test_helper.rb
index 264f9e8482..b4459f3feb 100644
--- a/test/test_helper.rb
+++ b/test/test_helper.rb
@@ -1,5 +1,5 @@
-# Configure Rails Environment
 ENV["RAILS_ENV"] = "test"
+ENV["RAILS_INBOUND_EMAIL_PASSWORD"] = "tbsy84uSV1Kt3ZJZELY2TmShPRs91E3yL4tzf96297vBCkDWgL"
 
 require_relative "../test/dummy/config/environment"
 ActiveRecord::Migrator.migrations_paths = [File.expand_path("../test/dummy/db/migrate", __dir__)]
@@ -7,14 +7,11 @@ require "rails/test_help"
 
 require "byebug"
 
-# Filter out Minitest backtrace while allowing backtrace from other libraries
-# to be shown.
 Minitest.backtrace_filter = Minitest::BacktraceFilter.new
 
 require "rails/test_unit/reporter"
 Rails::TestUnitReporter.executable = 'bin/test'
 
-# Load fixtures from the engine
 if ActiveSupport::TestCase.respond_to?(:fixture_path=)
   ActiveSupport::TestCase.fixture_path = File.expand_path("fixtures", __dir__)
   ActionDispatch::IntegrationTest.fixture_path = ActiveSupport::TestCase.fixture_path
@@ -28,6 +25,20 @@ class ActiveSupport::TestCase
   include ActionMailbox::TestHelper, ActiveJob::TestHelper
 end
 
+class ActionDispatch::IntegrationTest
+  private
+    def credentials
+      ActionController::HttpAuthentication::Basic.encode_credentials "actionmailbox", ENV["RAILS_INBOUND_EMAIL_PASSWORD"]
+    end
+
+    def switch_password_to(new_password)
+      previous_password, ENV["RAILS_INBOUND_EMAIL_PASSWORD"] = ENV["RAILS_INBOUND_EMAIL_PASSWORD"], new_password
+      yield
+    ensure
+      ENV["RAILS_INBOUND_EMAIL_PASSWORD"] = previous_password
+    end
+end
+
 if ARGV.include?("-v")
   ActiveRecord::Base.logger = Logger.new(STDOUT)
   ActiveJob::Base.logger    = Logger.new(STDOUT)
diff --git a/test/unit/controller_test.rb b/test/unit/controller_test.rb
deleted file mode 100644
index 508e561244..0000000000
--- a/test/unit/controller_test.rb
+++ /dev/null
@@ -1,27 +0,0 @@
-require_relative '../test_helper'
-
-class ActionMailbox::InboundEmailsControllerTest < ActionDispatch::IntegrationTest
-  test "receiving a valid RFC 822 message" do
-    assert_difference -> { ActionMailbox::InboundEmail.count }, +1 do
-      post_inbound_email "welcome.eml"
-    end
-
-    assert_response :created
-
-    inbound_email = ActionMailbox::InboundEmail.last
-    assert_equal file_fixture('../files/welcome.eml').read, inbound_email.raw_email.download
-  end
-
-  test "rejecting a message of an unsupported type" do
-    assert_no_difference -> { ActionMailbox::InboundEmail.count } do
-      post rails_inbound_emails_url, params: { message: fixture_file_upload('files/text.txt', 'text/plain') }
-    end
-
-    assert_response :unsupported_media_type
-  end
-
-  private
-    def post_inbound_email(fixture_name)
-      post rails_inbound_emails_url, params: { message: fixture_file_upload("files/#{fixture_name}", 'message/rfc822') }
-    end
-end
diff --git a/test/unit/inbound_email/message_id_test.rb b/test/unit/inbound_email/message_id_test.rb
index aa9ce90b4c..c744a5bf99 100644
--- a/test/unit/inbound_email/message_id_test.rb
+++ b/test/unit/inbound_email/message_id_test.rb
@@ -7,9 +7,7 @@ class ActionMailbox::InboundEmail::MessageIdTest < ActiveSupport::TestCase
   end
 
   test "message id is generated if its missing" do
-    source_without_message_id = "Date: Fri, 28 Sep 2018 11:08:55 -0700\r\nTo: a@example.com\r\nMime-Version: 1.0\r\nContent-Type: text/plain\r\nContent-Transfer-Encoding: 7bit\r\n\r\nHello!"
-    inbound_email = create_inbound_email Tempfile.new.tap { |raw_email| raw_email.write source_without_message_id }
-
+    inbound_email = create_inbound_email "Date: Fri, 28 Sep 2018 11:08:55 -0700\r\nTo: a@example.com\r\nMime-Version: 1.0\r\nContent-Type: text/plain\r\nContent-Transfer-Encoding: 7bit\r\n\r\nHello!"
     assert_not_nil inbound_email.message_id
   end
 end