#58 - Allow registration mail filter to operate over 2nd level domains

[pehala]

Overview

Only thing I had to do was change function replaceAll() for replace(), and only difference between these functions that replaceAll() accepts REGEX patterns, which is not needed when replacing dots. Email filter should now accept all REGEX patterns except for dot, which is being filtered out. I also created test to prove that method now accepts patterns.

Changes in files

Util.groovy

• Changed replaceAll() for replace() in hasDomain() function.

test/unit/UtilSpecification.groovy

• Unit Test for testing pattern acceptance in hasDomain() function.

[VaclavDedik]

Looks good :) .. One thing though, I think we shouldn't allow patterns like "*vutbr.cz". It would basically make the whole point of allowing only certain domains quite ineffective as you could just register your own domain (e.g. something like "somethingsomethingvutbr.cz") and circumvent the email domain validation.

So I would just add a validation to the system configuration form that checks if the character after "*" is a dot ("."). If an administrator added an email domain pattern that doesn't contain a dot after the asterisk, I would let the form submission fail and inform the admin that this kind of pattern is not allowed.

[pehala]

I think that since it's up to system administrator, we should not limit them. Maybe add warning that it would be better to use pattern with "*." or even better add text that says that they can use REGEX patterns and link to REGEX documentation, same way as it's done with Markdown.

[jcechace]

We should certainly limit them. The administrators don't necessarily have to be technical people. For the same reason I think that directly suing regex field is not a good idea (as regexes are way more complex than markdown. )

I mostly agree with Vaclav. The check should however account for 2nd level domains as well. That means either "." or "@" should directly precede allowed domain main.

[pehala]

Overview

I did some changes as you requested:

• Added email validation in Configuration to only allow characters: a-Z, 0-9, -, *, .
  • These should be all characters which are allowed in domain part of email address + * and .
• Email filter now treats * same way as *., so there is no need to have a warning.

Changes in files

ConfigurationCommand.groovy

• New validation class for validating email domains in configuration.

ConfigurationController.groovy

• Added validation of email domains.

configuration/_form.bsp

• Added highlighting of validation errors.

Util.groovy

• Updated handling of patterns, * is now treated as *.
• Added comment to explain patterns I use.

UtilSpecification.groovy

• Small adjustments to the test to make it work with new handling of patterns.

[VaclavDedik]

Doesn't work for me, it says "Your allowed email configuration contains forbidden characters." when I try to update the site configuration, even though it clearly doesn't. I think it's also a good idea to mention what characters are allowed.

[pehala]

Ok, fixed. I had to switch method which I use to add parameters to validator.

[VaclavDedik]

Verified. Merged, thanks!