From 3489783cb8c650db7242656e41f7f916bfee2d4a Mon Sep 17 00:00:00 2001 From: Shivam Mishra Date: Mon, 26 Aug 2024 13:05:36 +0530 Subject: [PATCH] feat: add domain blocklist feature (#10016) Co-authored-by: Pranav --- app/builders/account_builder.rb | 19 +++++++++++++++++++ config/installation_config.yml | 9 +++++++-- config/locales/en.yml | 1 + .../super_admin/app_configs_controller.rb | 2 +- lib/custom_exceptions/account.rb | 4 +++- 5 files changed, 31 insertions(+), 4 deletions(-) diff --git a/app/builders/account_builder.rb b/app/builders/account_builder.rb index a3a90451d..ff67eefc5 100644 --- a/app/builders/account_builder.rb +++ b/app/builders/account_builder.rb @@ -32,6 +32,8 @@ class AccountBuilder end def validate_email + raise InvalidEmail.new({ domain_blocked: domain_blocked }) if domain_blocked? + address = ValidEmail2::Address.new(@email) if address.valid? && !address.disposable? true @@ -79,4 +81,21 @@ class AccountBuilder @user.confirm if @confirmed @user.save! end + + def domain_blocked? + domain = @email.split('@').last + + blocked_domains.each do |blocked_domain| + return true if domain.match?(blocked_domain) + end + + false + end + + def blocked_domains + domains = GlobalConfigService.load('BLOCKED_EMAIL_DOMAINS', '') + domains.split("\n").map(&:strip) if domains.present? + + [] + end end diff --git a/config/installation_config.yml b/config/installation_config.yml index 95d9cc6a5..26f05211e 100644 --- a/config/installation_config.yml +++ b/config/installation_config.yml @@ -168,6 +168,11 @@ display_title: 'Dashboard Scripts' description: 'Scripts are loaded as the last item in the tag' type: code +- name: BLOCKED_EMAIL_DOMAINS + value: + display_title: 'Blocked Email Domains' + description: 'Add a domain per line to block them from signing up, accepts Regex' + type: code # ------- End of Chatwoot Internal Config for Cloud ----# # ------- Chatwoot Internal Config for Self Hosted ----# @@ -220,11 +225,11 @@ ## ----- Captain Configs ----- ## - name: CAPTAIN_API_URL - value: + value: display_title: 'Captain API URL' description: 'The API URL for Captain' - name: CAPTAIN_APP_URL - value: + value: display_title: 'Captain App URL' description: 'The App URL for Captain' ## ----- End of Captain Configs ----- ## diff --git a/config/locales/en.yml b/config/locales/en.yml index 63593ef04..dd7b07bcf 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -43,6 +43,7 @@ en: invalid: Invalid events signup: disposable_email: We do not allow disposable emails + blocked_domain: This domain is not allowed. If you believe this is a mistake, please contact support. invalid_email: You have entered an invalid email email_already_exists: "You have already signed up for an account with %{email}" invalid_params: 'Invalid, please check the signup paramters and try again' diff --git a/enterprise/app/controllers/enterprise/super_admin/app_configs_controller.rb b/enterprise/app/controllers/enterprise/super_admin/app_configs_controller.rb index 126ed292e..a9c8ee1f0 100644 --- a/enterprise/app/controllers/enterprise/super_admin/app_configs_controller.rb +++ b/enterprise/app/controllers/enterprise/super_admin/app_configs_controller.rb @@ -32,6 +32,6 @@ module Enterprise::SuperAdmin::AppConfigsController end def internal_config_options - %w[CHATWOOT_INBOX_TOKEN CHATWOOT_INBOX_HMAC_KEY ANALYTICS_TOKEN CLEARBIT_API_KEY DASHBOARD_SCRIPTS] + %w[CHATWOOT_INBOX_TOKEN CHATWOOT_INBOX_HMAC_KEY ANALYTICS_TOKEN CLEARBIT_API_KEY DASHBOARD_SCRIPTS BLOCKED_EMAIL_DOMAINS] end end diff --git a/lib/custom_exceptions/account.rb b/lib/custom_exceptions/account.rb index efacc9e6e..08c6f0ddb 100644 --- a/lib/custom_exceptions/account.rb +++ b/lib/custom_exceptions/account.rb @@ -3,7 +3,9 @@ module CustomExceptions::Account class InvalidEmail < CustomExceptions::Base def message - if @data[:disposable] + if @data[:domain_blocked] + I18n.t 'errors.signup.blocked_domain' + elsif @data[:disposable] I18n.t 'errors.signup.disposable_email' elsif !@data[:valid] I18n.t 'errors.signup.invalid_email'