Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-20 23:48:52 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 139
fleet/website/api/controllers/deliver-contact-form-message.js
Eric ad58bb9ca1
Website: Add deny list of email domains for contact form messages. (#33647) 
Closes: #33548

Changes:
- Added a new configuration variable
`sails.config.custom.bannedEmailDomainsForContactFormSubmissions` that
contains a list of domains (currently a single domain) that cannot be
used to submit the contact form
- Updated the `bannedEmailDomainsForWebsiteSubmissions` list to include
`example.com`
- Updated the deliver-contact-form-message action to return an
`invalidEmailDomain` exit if the contact form is submitted with an email
domain in the `bannedEmailDomainsForContactFormSubmissions` list
2025-10-01 12:22:54 -05:00

128 lines
3.6 KiB
JavaScript
Vendored
Raw Blame History

module.exports = {
friendlyName: 'Deliver contact form message',
description: 'Deliver a contact form message to the appropriate internal channel(s).',
inputs: {
emailAddress: {
required: true,
isEmail: true,
type: 'string',
description: 'A return email address where we can respond.',
example: '[email protected]'
},
firstName: {
required: true,
type: 'string',
description: 'The first name of the human sending this message.',
example: 'Emma'
},
lastName: {
required: true,
type: 'string',
description: 'The last name of the human sending this message.',
example: 'Watson'
},
message: {
type: 'string',
required: true,
description: 'The custom message, in plain text.'
}
},
exits: {
success: {
description: 'The message was sent successfully.'
},
invalidEmailDomain: {
description: 'This email address is on a denylist of domains and was not delivered.',
responseType: 'badRequest'
},
},
fn: async function({emailAddress, firstName, lastName, message}) {
let emailDomain = emailAddress.split('@')[1];
if(_.includes(sails.config.custom.bannedEmailDomainsForContactFormSubmissions, emailDomain.toLowerCase())){
throw 'invalidEmailDomain';
}
let userHasPremiumSubscription = false;
let thisSubscription;
if(this.req.me){
thisSubscription = await Subscription.findOne({user: this.req.me.id});
if(thisSubscription) {
userHasPremiumSubscription = true;
}
}
if (!sails.config.custom.slackWebhookUrlForContactForm) {
throw new Error(
'Message not delivered: slackWebhookUrlForContactForm needs to be configured in sails.config.custom. Here\'s the undelivered message: ' +
`Name: ${firstName + ' ' + lastName}, Email: ${emailAddress}, Message: ${message ? message : 'No message.'}`
);
}
let subject = 'New contact form message';
if(userHasPremiumSubscription) {
// If the user has a Fleet Premium subscription, prepend the message with details about their subscription.
let subscriptionDetails =`
Fleet Premium subscription details:
- Fleet Premium subscriber since: ${new Date(thisSubscription.createdAt).toISOString().split('T')[0]}
- Next billing date: ${new Date(thisSubscription.nextBillingAt).toISOString().split('T')[0]}
- Host count: ${thisSubscription.numberOfHosts}
- Organization: ${this.req.me.organization}
-----
`;
message = subscriptionDetails + message;
subject = 'New Fleet Premium customer message';
}
await sails.helpers.sendTemplateEmail.with({
to: sails.config.custom.fromEmailAddress,
replyTo: {
name: firstName + ' '+ lastName,
emailAddress: emailAddress,
},
subject,
layout: false,
template: 'email-contact-form',
templateData: {
emailAddress,
firstName,
lastName,
message,
},
});
sails.helpers.salesforce.updateOrCreateContactAndAccount.with({
emailAddress: emailAddress,
firstName: firstName,
lastName: lastName,
contactSource: 'Website - Contact forms',
description: `Sent a contact form message: ${message}`,
}).exec((err)=>{// Use .exec() to run the salesforce helpers in the background.
if(err) {
sails.log.warn(`Background task failed: When a user submitted a contact form message, a lead/contact could not be updated in the CRM for this email address: ${emailAddress}.`, err);
}
return;
});
}
};
Reference in a new issue View git blame Copy permalink