Mirrors/chatmail-core
1
0
Fork 0
mirror of https://github.com/chatmail/core.git synced 2026-04-18 22:16:30 +03:00
Code Issues Packages Projects Releases Wiki Activity

feat: Contact::lookup_id_by_addr_ex: Prefer returning accepted contacts

Browse Source 
We don't want to prefer returning verified contacts because e.g. if a bot was reinstalled and its
key changed, it may not be verified, and we don't want to bring the user to the old chat if they
click on the bot email address. But trying to return accepted contacts increases security and
doesn't break the described scenario.
This commit is contained in:
iequidoo
2025-08-05 13:20:00 -03:00
committed by iequidoo
parent f5f4026dbb
commit 615c80bef4
4 changed files with 62 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
src/sql/migrations/migrations_tests.rs
View File

@@ -116,11 +116,15 @@ async fn test_key_contacts_migration_email2() -> Result<()> {
)?)).await?;
t.sql.run_migrations(&t).await?;
let pgp_bob_id = Contact::lookup_id_by_addr(&t, "bob@example.net", Origin::Hidden)
.await?
.unwrap();
let pgp_bob = Contact::get_by_id(&t, pgp_bob_id).await?;
// Hidden key-contact can't be looked up.
assert!(
Contact::get_all(&t, 0, Some("bob@example.net"))
.await?
.is_empty()
);
let pgp_bob = Contact::get_by_id(&t, ContactId::new(11)).await?;
assert_eq!(pgp_bob.is_key_contact(), true);
assert_eq!(pgp_bob.origin, Origin::Hidden);
let email_bob_id = *Contact::get_all(&t, constants::DC_GCL_ADDRESS, Some("bob@example.net"))
.await?