diff options
Diffstat (limited to 'actionmailbox/app/controllers')
| -rw-r--r-- | actionmailbox/app/controllers/action_mailbox/base_controller.rb | 6 | ||||
| -rw-r--r-- | actionmailbox/app/controllers/action_mailbox/ingresses/amazon/inbound_emails_controller.rb | 54 |
2 files changed, 1 insertions, 59 deletions
diff --git a/actionmailbox/app/controllers/action_mailbox/base_controller.rb b/actionmailbox/app/controllers/action_mailbox/base_controller.rb index f0f1f555e6..80a14355b7 100644 --- a/actionmailbox/app/controllers/action_mailbox/base_controller.rb +++ b/actionmailbox/app/controllers/action_mailbox/base_controller.rb @@ -3,14 +3,10 @@ module ActionMailbox # The base class for all Action Mailbox ingress controllers. class BaseController < ActionController::Base - skip_forgery_protection + skip_forgery_protection if default_protect_from_forgery before_action :ensure_configured - def self.prepare - # Override in concrete controllers to run code on load. - end - private def ensure_configured unless ActionMailbox.ingress == ingress_name diff --git a/actionmailbox/app/controllers/action_mailbox/ingresses/amazon/inbound_emails_controller.rb b/actionmailbox/app/controllers/action_mailbox/ingresses/amazon/inbound_emails_controller.rb deleted file mode 100644 index e0a187054e..0000000000 --- a/actionmailbox/app/controllers/action_mailbox/ingresses/amazon/inbound_emails_controller.rb +++ /dev/null @@ -1,54 +0,0 @@ -# frozen_string_literal: true - -module ActionMailbox - # Ingests inbound emails from Amazon's Simple Email Service (SES). - # - # Requires the full RFC 822 message in the +content+ parameter. Authenticates requests by validating their signatures. - # - # Returns: - # - # - <tt>204 No Content</tt> if an inbound email is successfully recorded and enqueued for routing to the appropriate mailbox - # - <tt>401 Unauthorized</tt> if the request's signature could not be validated - # - <tt>404 Not Found</tt> if Action Mailbox is not configured to accept inbound emails from SES - # - <tt>422 Unprocessable Entity</tt> if the request is missing the required +content+ parameter - # - <tt>500 Server Error</tt> if one of the Active Record database, the Active Storage service, or - # the Active Job backend is misconfigured or unavailable - # - # == Usage - # - # 1. Install the {aws-sdk-sns}[https://rubygems.org/gems/aws-sdk-sns] gem: - # - # # Gemfile - # gem "aws-sdk-sns", ">= 1.9.0", require: false - # - # 2. Tell Action Mailbox to accept emails from SES: - # - # # config/environments/production.rb - # config.action_mailbox.ingress = :amazon - # - # 3. {Configure SES}[https://docs.aws.amazon.com/ses/latest/DeveloperGuide/receiving-email-notifications.html] - # to deliver emails to your application via POST requests to +/rails/action_mailbox/amazon/inbound_emails+. - # If your application lived at <tt>https://example.com</tt>, you would specify the fully-qualified URL - # <tt>https://example.com/rails/action_mailbox/amazon/inbound_emails</tt>. - class Ingresses::Amazon::InboundEmailsController < BaseController - before_action :authenticate - - cattr_accessor :verifier - - def self.prepare - self.verifier ||= begin - require "aws-sdk-sns" - Aws::SNS::MessageVerifier.new - end - end - - def create - ActionMailbox::InboundEmail.create_and_extract_message_id! params.require(:content) - end - - private - def authenticate - head :unauthorized unless verifier.authentic?(request.body) - end - end -end |