#13117

pending completion

Build # #13117

Build Type

push

circleci

Committed by

Vinnl

Commit Message

Pretend HTMLElement.shadowRoot is always set

We generally only tend to access it after having called
this.attachShadow({ mode: 'open' }), and the error message about it
potentially being undefined at every location we access
this.shadowRoot is more noisy than helpful.

See also
https://github.com/mozilla/blurts-server/pull/2959#discussion_r1154023113
and
https://github.com/mozilla/blurts-server/pull/2959#discussion_r1154960095

Run Details

282 of 1629 branches covered (17.31%)

Branch coverage included in aggregate %.

1 of 1 new or added line in 1 file covered. (100.0%)

959 of 4374 relevant lines covered (21.93%)

1.83 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

0.0

/src/utils/email.js

/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

import { createTransport } from 'nodemailer'
import { URL } from 'url'

import mozlog from './log.js'
import AppConstants from '../app-constants.js'
import { MethodNotAllowedError } from '../utils/error.js'
import { getMessage, fluentError } from '../utils/fluent.js'
import { updateMonthlyEmailOptout } from '../db/tables/subscribers.js'

const log = mozlog('email-utils')

const { SERVER_URL } = AppConstants

// The SMTP transport object. This is initialized to a nodemailer transport
// object while reading SMTP credentials, or to a dummy function in debug mode.
let gTransporter

const EmailTemplateType = {
  Notification: 'notification',
  Verification: 'verification',
  Monthly: 'monthly',
  SignupReport: 'signup-report'
}

async function initEmail (smtpUrl = AppConstants.SMTP_URL) {
  // Allow a debug mode that will log JSON instead of sending emails.
  if (!smtpUrl) {
    log.info('smtpUrl-empty', { message: 'EmailUtils will log a JSON response instead of sending emails.' })
    gTransporter = createTransport({ jsonTransport: true })
    return true
  }

  gTransporter = createTransport(smtpUrl)
  const gTransporterVerification = await gTransporter.verify()
  return gTransporterVerification
}

/**
 * Send Email
 *
 * @param {string} recipient
 * @param {string} subject
 * @param {string} html
 * @returns {Promise} <Promise>
 */
function sendEmail (recipient, subject, html) {
  if (!gTransporter) {
    return Promise.reject(new Error('SMTP transport not initialized'))
  }

  return new Promise((resolve, reject) => {
    const emailFrom = AppConstants.EMAIL_FROM
    const mailOptions = {
      from: emailFrom,
      to: recipient,
      subject,
      html,
      headers: {
        'x-ses-configuration-set': AppConstants.SES_CONFIG_SET
      }
    }

    gTransporter.sendMail(mailOptions, (error, info) => {
      if (error) {
        reject(new Error(error))
        return
      }
      if (gTransporter.transporter.name === 'JSONTransport') {
        log.info('JSONTransport', { message: info.message.toString() })
      }
      resolve(info)
    })
  })
}

function appendUrlParams (url, urlParams) {
  const defaultUtmParams = {
    utm_source: 'fx-monitor',
    utm_medium: 'email'
  }

  const allUtmParams = { ...defaultUtmParams, ...urlParams }

  for (const param in allUtmParams) {
    const paramValue = allUtmParams[param]

    if (typeof paramValue !== 'undefined' && paramValue) {
      url.searchParams.set(param, encodeURIComponent(paramValue))
    }
  }

  return url
}

function getEmailCtaHref (emailType, content, subscriberId = null) {
  const dashboardUrl = `${SERVER_URL}/user/breaches`
  const url = new URL(dashboardUrl)
  const utmParams = {
    subscriber_id: subscriberId,
    utm_campaign: emailType,
    utm_content: content
  }

  return appendUrlParams(url, utmParams)
}

function getVerificationUrl (subscriber) {
  if (!subscriber.verification_token) {
    throw new Error('subscriber has no verification_token')
  }

  const url = new URL(`${SERVER_URL}/api/v1/user/verify-email`)
  const verificationUtmParams = {
    token: subscriber.verification_token,
    utm_campaign: 'verified-subscribers',
    utm_content: 'account-verification-email'
  }

  return appendUrlParams(url, verificationUtmParams)
}

function getUnsubscribeCtaHref ({ subscriber, isMonthlyEmail }) {
  const path = isMonthlyEmail
    ? `${SERVER_URL}/user/unsubscribe-monthly`
    : `${SERVER_URL}/user/unsubscribe`

  if (!subscriber) {
    return path
  }

  if (isMonthlyEmail && !subscriber.primary_verification_token) {
    throw new Error('subscriber has no primary verification_token')
  }

  const url = new URL(path)
  const token = Object.hasOwn(subscriber, 'verification_token')
    ? subscriber.verification_token
    : subscriber.primary_verification_token
  const hash = Object.hasOwn(subscriber, 'sha1')
    ? subscriber.sha1
    : subscriber.primary_sha1

  // Mandatory params for unsubscribing a user
  const unsubscribeUtmParams = {
    hash,
    token,
    utm_campaign: isMonthlyEmail
      ? 'monthly-unresolved'
      : 'unsubscribe',
    utm_content: 'unsubscribe-cta'
  }

  return appendUrlParams(url, unsubscribeUtmParams)
}

/**
 * Check if params contain all mandatory params.
 *
 * @param {object} params Params that we like to have checked
 * @param {string} mandatoryParams A comma separated list of mandatory params
 * @returns {boolean} True if all mandatory params are present in params
 */
function hasMandatoryParams (params, mandatoryParams) {
  return mandatoryParams.split(',').every(paramKey => {
    const paramKeyParsed = paramKey.trim()
    return (
      Object.hasOwn(params, paramKeyParsed) &&
      params[paramKeyParsed] !== ''
    )
  })
}

/**
 * TODO: Unsubscribing from emails is currently only implemented for the
 * monthly unresolved breach report.
 *
 * Unsubscribes a user from receiving emails other than the monthly reports.
 *
 * @param {object} req Request should contain a `token` and `hash` query param.
 */
async function unsubscribeFromEmails (req) {
  const urlQuery = req.query

  // For unsubscribing from emails we need a hash and token
  if (!hasMandatoryParams(urlQuery, 'hash,token')) {
    throw fluentError('user-unsubscribe-token-email-error')
  }

  throw new MethodNotAllowedError()
}

/**
 * Unsubscribe the user from receiving the monthly unresolved breach reports.
 *
 * @param {object} req Request that should contain a `token` query param
 */
async function unsubscribeFromMonthlyReport (req) {
  const urlQuery = req.query

  // For unsubscribing from the monthly emails we need a token
  if (!hasMandatoryParams(urlQuery, 'token')) {
    throw fluentError('user-unsubscribe-token-error')
  }

  // Unsubscribe user from the monthly unresolved breach emails
  await updateMonthlyEmailOptout(urlQuery.token)
}

const breachDummyLogo = new Map([
  ['adobe.com', '/images/logo_cache/adobe.com.ico']
])

/**
 * Dummy data for populating the breach notification email preview.
 *
 * @param {string} recipient
 * @returns {object} Breach dummy data
 */
const getNotificationDummyData = (recipient) => ({
  breachData: {
    Id: 1,
    Name: 'Adobe',
    Title: 'Adobe',
    Domain: 'adobe.com',
    BreachDate: '2013-01-01T22:00:00.000Z',
    AddedDate: '2013-01-02T00:00:00.000Z',
    ModifiedDate: '2023-01-01T00:00:00.000Z',
    PwnCount: 123,
    Description: 'Example description',
    DataClasses: [
      'email-addresses',
      'password-hints',
      'passwords',
      'usernames'
    ],
    IsVerified: true,
    IsFabricated: false,
    IsSensitive: false,
    IsRetired: false,
    IsSpamList: false,
    IsMalware: false
  },
  breachedEmail: recipient,
  breachLogos: breachDummyLogo,
  ctaHref: getEmailCtaHref('email-test-notification', 'dashboard-cta'),
  heading: getMessage('email-spotted-new-breach'),
  recipientEmail: recipient,
  subscriberId: 123,
  supportedLocales: ['en']
})

/**
 * Dummy data for populating the email verification preview
 *
 * @param {string} recipient
 * @returns {object} Email verification dummy data
 */
const getVerificationDummyData = (recipient) => ({
  ctaHref: SERVER_URL,
  heading: getMessage('email-verify-heading'),
  recipientEmail: recipient,
  subheading: getMessage('email-verify-subhead')
})

/**
 * Dummy data for populating the monthly unresolved breaches email
 *
 * @param {string} recipient
 * @returns {object} Monthly unresolved breaches dummy data
 */
const getMonthlyDummyData = (recipient) => ({
  breachedEmail: 'breached@email.com',
  breachLogos: breachDummyLogo,
  ctaHref: `${SERVER_URL}/user/breaches`,
  heading: getMessage('email-unresolved-heading'),
  monitoredEmails: {
    count: 2
  },
  numBreaches: {
    count: 3,
    numResolved: 2,
    numUnresolved: 1
  },
  recipientEmail: recipient,
  subheading: getMessage('email-unresolved-subhead'),
  unsubscribeUrl: `${SERVER_URL}/user/unsubscribe-monthly?token=token_123`
})

/**
 * Dummy data for populating the signup report email
 *
 * @param {string} recipient
 * @returns {object} Signup report email dummy data
 */

const getSignupReportDummyData = (recipient) => {
  const unsafeBreachesForEmail = [
    getNotificationDummyData(recipient).breachData
  ]
  const breachesCount = unsafeBreachesForEmail.length
  const numPasswordsExposed = 1

  const emailBreachStats = [
    {
      statNumber: breachesCount,
      statTitle: getMessage('known-data-breaches-exposed', {
        breaches: breachesCount
      })
    },
    {
      statNumber: numPasswordsExposed,
      statTitle: getMessage('passwords-exposed', {
        passwords: numPasswordsExposed
      })
    }
  ]

  return {
    breachedEmail: recipient,
    breachLogos: breachDummyLogo,
    ctaHref: getEmailCtaHref('email-test-notification', 'dashboard-cta'),
    heading: unsafeBreachesForEmail.length
      ? getMessage('email-subject-found-breaches')
      : getMessage('email-subject-no-breaches'),
    emailBreachStats,
    recipientEmail: recipient,
    subscriberId: 123,
    unsafeBreachesForEmail
  }
}

export {
  EmailTemplateType,
  getEmailCtaHref,
  getMonthlyDummyData,
  getNotificationDummyData,
  getSignupReportDummyData,
  getUnsubscribeCtaHref,
  getVerificationDummyData,
  getVerificationUrl,
  initEmail,
  unsubscribeFromEmails,
  unsubscribeFromMonthlyReport,
  sendEmail
}

1	/* This Source Code Form is subject to the terms of the Mozilla Public
2	* License, v. 2.0. If a copy of the MPL was not distributed with this
3	* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4
5	import { createTransport } from 'nodemailer'
6	import { URL } from 'url'
7
8	import mozlog from './log.js'
9	import AppConstants from '../app-constants.js'
10	import { MethodNotAllowedError } from '../utils/error.js'
11	import { getMessage, fluentError } from '../utils/fluent.js'
12	import { updateMonthlyEmailOptout } from '../db/tables/subscribers.js'
13
14	const log = mozlog('email-utils')	×
15
16	const { SERVER_URL } = AppConstants	×
17
18	// The SMTP transport object. This is initialized to a nodemailer transport
19	// object while reading SMTP credentials, or to a dummy function in debug mode.
20	let gTransporter
21
22	const EmailTemplateType = {	×
23	Notification: 'notification',
24	Verification: 'verification',
25	Monthly: 'monthly',
26	SignupReport: 'signup-report'
27	}
28
29	async function initEmail (smtpUrl = AppConstants.SMTP_URL) {	×
30	// Allow a debug mode that will log JSON instead of sending emails.
31	if (!smtpUrl) {	×
32	log.info('smtpUrl-empty', { message: 'EmailUtils will log a JSON response instead of sending emails.' })	×
33	gTransporter = createTransport({ jsonTransport: true })	×
34	return true	×
35	}
36
37	gTransporter = createTransport(smtpUrl)	×
38	const gTransporterVerification = await gTransporter.verify()	×
39	return gTransporterVerification	×
40	}
41
42	/**
43	* Send Email
44	*
45	* @param {string} recipient
46	* @param {string} subject
47	* @param {string} html
48	* @returns {Promise} <Promise>
49	*/
50	function sendEmail (recipient, subject, html) {
51	if (!gTransporter) {	×
52	return Promise.reject(new Error('SMTP transport not initialized'))	×
53	}
54
55	return new Promise((resolve, reject) => {	×
56	const emailFrom = AppConstants.EMAIL_FROM	×
57	const mailOptions = {	×
58	from: emailFrom,
59	to: recipient,
60	subject,
61	html,
62	headers: {
63	'x-ses-configuration-set': AppConstants.SES_CONFIG_SET
64	}
65	}
66
67	gTransporter.sendMail(mailOptions, (error, info) => {	×
68	if (error) {	×
69	reject(new Error(error))	×
70	return	×
71	}
72	if (gTransporter.transporter.name === 'JSONTransport') {	×
73	log.info('JSONTransport', { message: info.message.toString() })	×
74	}
75	resolve(info)	×
76	})
77	})
78	}
79
80	function appendUrlParams (url, urlParams) {
81	const defaultUtmParams = {	×
82	utm_source: 'fx-monitor',
83	utm_medium: 'email'
84	}
85
86	const allUtmParams = { ...defaultUtmParams, ...urlParams }	×
87
88	for (const param in allUtmParams) {	×
89	const paramValue = allUtmParams[param]	×
90
91	if (typeof paramValue !== 'undefined' && paramValue) {	×
92	url.searchParams.set(param, encodeURIComponent(paramValue))	×
93	}
94	}
95
96	return url	×
97	}
98
99	function getEmailCtaHref (emailType, content, subscriberId = null) {	×
100	const dashboardUrl = `${SERVER_URL}/user/breaches`	×
101	const url = new URL(dashboardUrl)	×
102	const utmParams = {	×
103	subscriber_id: subscriberId,
104	utm_campaign: emailType,
105	utm_content: content
106	}
107
108	return appendUrlParams(url, utmParams)	×
109	}
110
111	function getVerificationUrl (subscriber) {
112	if (!subscriber.verification_token) {	×
113	throw new Error('subscriber has no verification_token')	×
114	}
115
116	const url = new URL(`${SERVER_URL}/api/v1/user/verify-email`)	×
117	const verificationUtmParams = {	×
118	token: subscriber.verification_token,
119	utm_campaign: 'verified-subscribers',
120	utm_content: 'account-verification-email'
121	}
122
123	return appendUrlParams(url, verificationUtmParams)	×
124	}
125
126	function getUnsubscribeCtaHref ({ subscriber, isMonthlyEmail }) {
127	const path = isMonthlyEmail	×
128	? `${SERVER_URL}/user/unsubscribe-monthly`
129	: `${SERVER_URL}/user/unsubscribe`
130
131	if (!subscriber) {	×
132	return path	×
133	}
134
135	if (isMonthlyEmail && !subscriber.primary_verification_token) {	×
136	throw new Error('subscriber has no primary verification_token')	×
137	}
138
139	const url = new URL(path)	×
140	const token = Object.hasOwn(subscriber, 'verification_token')	×
141	? subscriber.verification_token
142	: subscriber.primary_verification_token
143	const hash = Object.hasOwn(subscriber, 'sha1')	×
144	? subscriber.sha1
145	: subscriber.primary_sha1
146
147	// Mandatory params for unsubscribing a user
148	const unsubscribeUtmParams = {	×
149	hash,
150	token,
151	utm_campaign: isMonthlyEmail	×
152	? 'monthly-unresolved'
153	: 'unsubscribe',
154	utm_content: 'unsubscribe-cta'
155	}
156
157	return appendUrlParams(url, unsubscribeUtmParams)	×
158	}
159
160	/**
161	* Check if params contain all mandatory params.
162	*
163	* @param {object} params Params that we like to have checked
164	* @param {string} mandatoryParams A comma separated list of mandatory params
165	* @returns {boolean} True if all mandatory params are present in params
166	*/
167	function hasMandatoryParams (params, mandatoryParams) {
168	return mandatoryParams.split(',').every(paramKey => {	×
169	const paramKeyParsed = paramKey.trim()	×
170	return (	×
171	Object.hasOwn(params, paramKeyParsed) &&	×
172	params[paramKeyParsed] !== ''
173	)
174	})
175	}
176
177	/**
178	* TODO: Unsubscribing from emails is currently only implemented for the
179	* monthly unresolved breach report.
180	*
181	* Unsubscribes a user from receiving emails other than the monthly reports.
182	*
183	* @param {object} req Request should contain a `token` and `hash` query param.
184	*/
185	async function unsubscribeFromEmails (req) {
186	const urlQuery = req.query	×
187
188	// For unsubscribing from emails we need a hash and token
189	if (!hasMandatoryParams(urlQuery, 'hash,token')) {	×
190	throw fluentError('user-unsubscribe-token-email-error')	×
191	}
192
193	throw new MethodNotAllowedError()	×
194	}
195
196	/**
197	* Unsubscribe the user from receiving the monthly unresolved breach reports.
198	*
199	* @param {object} req Request that should contain a `token` query param
200	*/
201	async function unsubscribeFromMonthlyReport (req) {
202	const urlQuery = req.query	×
203
204	// For unsubscribing from the monthly emails we need a token
205	if (!hasMandatoryParams(urlQuery, 'token')) {	×
206	throw fluentError('user-unsubscribe-token-error')	×
207	}
208
209	// Unsubscribe user from the monthly unresolved breach emails
210	await updateMonthlyEmailOptout(urlQuery.token)	×
211	}
212
213	const breachDummyLogo = new Map([	×
214	['adobe.com', '/images/logo_cache/adobe.com.ico']
215	])
216
217	/**
218	* Dummy data for populating the breach notification email preview.
219	*
220	* @param {string} recipient
221	* @returns {object} Breach dummy data
222	*/
223	const getNotificationDummyData = (recipient) => ({	×
224	breachData: {
225	Id: 1,
226	Name: 'Adobe',
227	Title: 'Adobe',
228	Domain: 'adobe.com',
229	BreachDate: '2013-01-01T22:00:00.000Z',
230	AddedDate: '2013-01-02T00:00:00.000Z',
231	ModifiedDate: '2023-01-01T00:00:00.000Z',
232	PwnCount: 123,
233	Description: 'Example description',
234	DataClasses: [
235	'email-addresses',
236	'password-hints',
237	'passwords',
238	'usernames'
239	],
240	IsVerified: true,
241	IsFabricated: false,
242	IsSensitive: false,
243	IsRetired: false,
244	IsSpamList: false,
245	IsMalware: false
246	},
247	breachedEmail: recipient,
248	breachLogos: breachDummyLogo,
249	ctaHref: getEmailCtaHref('email-test-notification', 'dashboard-cta'),
250	heading: getMessage('email-spotted-new-breach'),
251	recipientEmail: recipient,
252	subscriberId: 123,
253	supportedLocales: ['en']
254	})
255
256	/**
257	* Dummy data for populating the email verification preview
258	*
259	* @param {string} recipient
260	* @returns {object} Email verification dummy data
261	*/
262	const getVerificationDummyData = (recipient) => ({	×
263	ctaHref: SERVER_URL,
264	heading: getMessage('email-verify-heading'),
265	recipientEmail: recipient,
266	subheading: getMessage('email-verify-subhead')
267	})
268
269	/**
270	* Dummy data for populating the monthly unresolved breaches email
271	*
272	* @param {string} recipient
273	* @returns {object} Monthly unresolved breaches dummy data
274	*/
275	const getMonthlyDummyData = (recipient) => ({	×
276	breachedEmail: 'breached@email.com',
277	breachLogos: breachDummyLogo,
278	ctaHref: `${SERVER_URL}/user/breaches`,
279	heading: getMessage('email-unresolved-heading'),
280	monitoredEmails: {
281	count: 2
282	},
283	numBreaches: {
284	count: 3,
285	numResolved: 2,
286	numUnresolved: 1
287	},
288	recipientEmail: recipient,
289	subheading: getMessage('email-unresolved-subhead'),
290	unsubscribeUrl: `${SERVER_URL}/user/unsubscribe-monthly?token=token_123`
291	})
292
293	/**
294	* Dummy data for populating the signup report email
295	*
296	* @param {string} recipient
297	* @returns {object} Signup report email dummy data
298	*/
299
300	const getSignupReportDummyData = (recipient) => {	×
301	const unsafeBreachesForEmail = [	×
302	getNotificationDummyData(recipient).breachData
303	]
304	const breachesCount = unsafeBreachesForEmail.length	×
305	const numPasswordsExposed = 1	×
306
307	const emailBreachStats = [	×
308	{
309	statNumber: breachesCount,
310	statTitle: getMessage('known-data-breaches-exposed', {
311	breaches: breachesCount
312	})
313	},
314	{
315	statNumber: numPasswordsExposed,
316	statTitle: getMessage('passwords-exposed', {
317	passwords: numPasswordsExposed
318	})
319	}
320	]
321
322	return {	×
323	breachedEmail: recipient,
324	breachLogos: breachDummyLogo,
325	ctaHref: getEmailCtaHref('email-test-notification', 'dashboard-cta'),
326	heading: unsafeBreachesForEmail.length	×
327	? getMessage('email-subject-found-breaches')
328	: getMessage('email-subject-no-breaches'),
329	emailBreachStats,
330	recipientEmail: recipient,
331	subscriberId: 123,
332	unsafeBreachesForEmail
333	}
334	}
335
336	export {
337	EmailTemplateType,
338	getEmailCtaHref,
339	getMonthlyDummyData,
340	getNotificationDummyData,
341	getSignupReportDummyData,
342	getUnsubscribeCtaHref,
343	getVerificationDummyData,
344	getVerificationUrl,
345	initEmail,
346	unsubscribeFromEmails,
347	unsubscribeFromMonthlyReport,
348	sendEmail
349	}

mozilla / blurts-server / #13117

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous