Remove the inbound message handling to get the Rails upgrade done. Pull requests for re-implementing with ActionMailbox are welcome.

Fixes #2463.
2026-02-07 00:11:47 +01:00 · 2024-06-06 02:04:29 +03:00 · 2024-06-06 02:04:29 +03:00 · a94d4fa00b
commit a94d4fa00b
parent 86e36b07a6
7 changed files with 1 additions and 477 deletions
--- a/app/controllers/integrations_controller.rb
+++ b/app/controllers/integrations_controller.rb
@ -1,8 +1,7 @@
 class IntegrationsController < ApplicationController
  require 'mail'

-  skip_before_action :login_required, :only => [:cloudmailin, :search_plugin]
-  skip_before_action :verify_authenticity_token, only: [:cloudmailin]
+  skip_before_action :login_required, :only => [:search_plugin]

  def index
    @page_title = 'TRACKS::Integrations'
@ -21,31 +20,8 @@ class IntegrationsController < ApplicationController
      .pack('m').gsub(/\n/, '')
  end

-  def cloudmailin
-    if !verify_cloudmailin_signature
-      render :body => "Message signature verification failed.", :status => 403
-      return false
-    end
-
-    if process_message(params[:message])
-      render :body => 'success', :status => 200
-    else
-      render :body => "No user found or other error", :status => 404
-    end
-  end
-
  private

-  def process_message(message)
-    MessageGateway.receive(Mail.new(message))
-  end
-
-  def verify_cloudmailin_signature
-    provided = request.request_parameters.delete(:signature)
-    signature = Digest::MD5.hexdigest(flatten_params(request.request_parameters).sort.map { |k, v| v }.join + SITE_CONFIG['cloudmailin'])
-    return provided == signature
-  end
-
  def flatten_params(params, title = nil, result = {})
    params.each do |key, value|
      if value.is_a? Hash
--- a/app/controllers/mailgun_controller.rb
+++ b/app/controllers/mailgun_controller.rb
@ -1,36 +0,0 @@
-require 'openssl'
-
-class MailgunController < ApplicationController
-  skip_before_action :login_required, :only => [:mailgun]
-  before_action :verify, :only => [:mailgun]
-  protect_from_forgery with: :null_session
-
-  def mailgun
-    unless params.include? 'body-mime'
-      Rails.logger.info "Cannot process Mailgun request, no body-mime sent"
-      render_failure "Unacceptable body-mime", 406
-      return
-    end
-
-    todo = MessageGateway.receive(params['body-mime'])
-    if todo
-      render :xml => todo.to_xml(*todo_xml_params)
-    else
-      render_failure "Todo not saved", 406
-    end
-  end
-
-  private
-
-  def verify
-    unless params['signature'] == OpenSSL::HMAC.hexdigest(
-            OpenSSL::Digest.new('sha256'),
-            SITE_CONFIG['mailgun_api_key'],
-            '%s%s' % [params['timestamp'], params['token']]
-         )
-      Rails.logger.info "Cannot verify Mailgun signature"
-      render_failure "Access denied", 406
-      return
-    end
-  end
-end