FEATURE: Improve use_email_for_username_and_name_suggestions (#30845)

Previously this setting would only control values received in an 'email' field from an identity provider. This commit extends it, so that it also applies to email-like content in other fields. This provides improved protections against partial email addresses being leaked
2025-05-26 11:21:26 +08:00 · 2025-01-21 13:04:48 +00:00
parent e8d5059156
commit 6fd577d97d
4 changed files with 24 additions and 9 deletions
--- a/spec/lib/email/receiver_spec.rb
+++ b/spec/lib/email/receiver_spec.rb
@ -967,7 +967,7 @@ RSpec.describe Email::Receiver do

      user = topic.user
      expect(user.staged).to eq(true)
-      expect(user.username).to eq("random.name")
+      expect(user.username).to eq("user1")
      expect(user.name).to eq("Случайная Имя")
    end

@ -1090,10 +1090,12 @@ RSpec.describe Email::Receiver do

      it "associates email replies using both 'In-Reply-To' and 'References' headers" do
        expect { process(:email_reply_1) }.to change(Topic, :count).by(1) &
-          change(Post, :count).by(3)
+          change(Post, :count).by(3) & change(User, :count).by(3)

        topic = Topic.last
+        users = User.last(3)
        ordered_posts = topic.ordered_posts
+        expect(ordered_posts.size).to eq(3)

        expect(ordered_posts.first.raw).to eq("This is email reply **1**.")

@ -1101,7 +1103,7 @@ RSpec.describe Email::Receiver do
          expect(post.action_code).to eq("invited_user")
          expect(post.user.email).to eq("one@foo.com")

-          expect(%w[two three].include?(post.custom_fields["action_code_who"])).to eq(true)
+          expect(users.map(&:username)).to include(post.custom_fields["action_code_who"])
        end

        expect { process(:email_reply_2) }.to change { topic.posts.count }.by(1)