1
1
mirror of https://github.com/go-gitea/gitea synced 2024-11-17 23:54:25 +00:00
gitea/services/mailer/mail_team_invite.go
KN4CK3R 21dd4a252a
Prevent multiple To recipients (#22566)
Change the mailer interface to prevent leaking of possible hidden email
addresses when sending to multiple recipients.

Co-authored-by: Gusted <williamzijl7@hotmail.com>
2023-01-22 08:23:52 -06:00

62 lines
1.5 KiB
Go

// Copyright 2022 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package mailer
import (
"bytes"
"context"
org_model "code.gitea.io/gitea/models/organization"
user_model "code.gitea.io/gitea/models/user"
"code.gitea.io/gitea/modules/base"
"code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/templates"
"code.gitea.io/gitea/modules/translation"
)
const (
tplTeamInviteMail base.TplName = "team_invite"
)
// MailTeamInvite sends team invites
func MailTeamInvite(ctx context.Context, inviter *user_model.User, team *org_model.Team, invite *org_model.TeamInvite) error {
if setting.MailService == nil {
return nil
}
org, err := user_model.GetUserByID(ctx, team.OrgID)
if err != nil {
return err
}
locale := translation.NewLocale(inviter.Language)
subject := locale.Tr("mail.team_invite.subject", inviter.DisplayName(), org.DisplayName())
mailMeta := map[string]interface{}{
"Inviter": inviter,
"Organization": org,
"Team": team,
"Invite": invite,
"Subject": subject,
// helper
"locale": locale,
"Str2html": templates.Str2html,
"DotEscape": templates.DotEscape,
}
var mailBody bytes.Buffer
if err := bodyTemplates.ExecuteTemplate(&mailBody, string(tplTeamInviteMail), mailMeta); err != nil {
log.Error("ExecuteTemplate [%s]: %v", string(tplTeamInviteMail)+"/body", err)
return err
}
msg := NewMessage(invite.Email, subject, mailBody.String())
msg.Info = subject
SendAsync(msg)
return nil
}