TryGhost/Ghost
1
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2024-12-13 22:53:32 +03:00
Code Issues Projects Releases Wiki Activity
89f140c48b
Ghost/core/server/mail.js
Jacob Gable 298077582b ACL and strict rules for Settings API 
Ref #2061

- Add canThis permission checks to settings api calls
- Add strict rules about accessing core settings without internal: true
- Omit core settings in browse() call unless internal: true
- Update unit tests to call api.settings with contexts
- Add a couple unit tests for new scenarios
- Update all api.settings calls in the app to call with internal context
- Re-arrange permissions.init in server startup so config.theme.update
can access settings without permissions error
2014-05-07 10:56:03 -05:00

128 lines
4.1 KiB
JavaScript
Raw Blame History

var cp = require('child_process'),
_ = require('lodash'),
when = require('when'),
nodefn = require('when/node/function'),
nodemailer = require('nodemailer'),
api = require('./api'),
config = require('./config');
function GhostMailer(opts) {
opts = opts || {};
this.transport = opts.transport || null;
}
// ## E-mail transport setup
// *This promise should always resolve to avoid halting Ghost::init*.
GhostMailer.prototype.init = function () {
var self = this;
if (config().mail && config().mail.transport) {
this.createTransport();
return when.resolve();
}
// Attempt to detect and fallback to `sendmail`
return this.detectSendmail().then(function (binpath) {
self.transport = nodemailer.createTransport('sendmail', {
path: binpath
});
self.usingSendmail();
}, function () {
self.emailDisabled();
}).ensure(function () {
return when.resolve();
});
};
GhostMailer.prototype.isWindows = function () {
return process.platform === 'win32';
};
GhostMailer.prototype.detectSendmail = function () {
if (this.isWindows()) {
return when.reject();
}
return when.promise(function (resolve, reject) {
cp.exec('which sendmail', function (err, stdout) {
if (err && !/bin\/sendmail/.test(stdout)) {
return reject();
}
resolve(stdout.toString().replace(/(\n|\r|\r\n)$/, ''));
});
});
};
GhostMailer.prototype.createTransport = function () {
this.transport = nodemailer.createTransport(config().mail.transport, _.clone(config().mail.options) || {});
};
GhostMailer.prototype.usingSendmail = function () {
api.notifications.add({
type: 'info',
message: [
"Ghost is attempting to use your server's <b>sendmail</b> to send e-mail.",
"It is recommended that you explicitly configure an e-mail service,",
"See <a href=\"http://docs.ghost.org/mail\">http://docs.ghost.org/mail</a> for instructions"
].join(' ')
});
};
GhostMailer.prototype.emailDisabled = function () {
api.notifications.add({
type: 'warn',
message: [
"Ghost is currently unable to send e-mail.",
"See <a href=\"http://docs.ghost.org/mail\">http://docs.ghost.org/mail</a> for instructions"
].join(' ')
});
this.transport = null;
};
GhostMailer.prototype.fromAddress = function () {
var from = config().mail && config().mail.fromaddress,
domain;
if (!from) {
// Extract the domain name from url set in config.js
domain = config().url.match(new RegExp("^https?://([^/:?#]+)(?:[/:?#]|$)", "i"));
domain = domain && domain[1];
// Default to ghost@[blog.url]
from = 'ghost@' + domain;
}
return from;
};
// Sends an e-mail message enforcing `to` (blog owner) and `from` fields
GhostMailer.prototype.send = function (message) {
var self = this;
if (!this.transport) {
return when.reject(new Error('Email Error: No e-mail transport configured.'));
}
if (!(message && message.subject && message.html)) {
return when.reject(new Error('Email Error: Incomplete message data.'));
}
return api.settings.read.call({ internal: true }, 'email').then(function (response) {
var email = response.settings[0],
to = message.to || email.value;
message = _.extend(message, {
from: self.fromAddress(),
to: to,
generateTextFromHTML: true
});
}).then(function () {
var sendMail = nodefn.lift(self.transport.sendMail.bind(self.transport));
return sendMail(message);
}).otherwise(function (error) {
// Proxy the error message so we can add 'Email Error:' to the beginning to make it clearer.
error = _.isString(error) ? 'Email Error:' + error : (_.isObject(error) ? 'Email Error: ' + error.message : 'Email Error: Unknown Email Error');
return when.reject(new Error(error));
});
};
module.exports = new GhostMailer();
Reference in New Issue View Git Blame Copy Permalink