From b3ceb3dcc4df62803aa967d7aecee686973a8996 Mon Sep 17 00:00:00 2001
From: Eugen Rochko <eugen@zeonfederated.com>
Date: Sat, 17 Apr 2021 03:14:25 +0200
Subject: Add canonical e-mail blocks for suspended accounts (#16049)

Prevent new accounts from being created using the same underlying
e-mail as a suspended account using extensions and period
permutations. Stores e-mails as a SHA256 hash
---
 app/validators/blacklisted_email_validator.rb | 30 +++++++++++++++++----------
 1 file changed, 19 insertions(+), 11 deletions(-)

(limited to 'app/validators')

diff --git a/app/validators/blacklisted_email_validator.rb b/app/validators/blacklisted_email_validator.rb
index 1ca73fdcc..eb66ad93d 100644
--- a/app/validators/blacklisted_email_validator.rb
+++ b/app/validators/blacklisted_email_validator.rb
@@ -6,26 +6,25 @@ class BlacklistedEmailValidator < ActiveModel::Validator
 
     @email = user.email
 
-    user.errors.add(:email, :blocked) if blocked_email?
+    user.errors.add(:email, :blocked) if blocked_email_provider?
+    user.errors.add(:email, :taken) if blocked_canonical_email?
   end
 
   private
 
-  def blocked_email?
-    on_blacklist? || not_on_whitelist?
+  def blocked_email_provider?
+    disallowed_through_email_domain_block? || disallowed_through_configuration? || not_allowed_through_configuration?
   end
 
-  def on_blacklist?
-    return true  if EmailDomainBlock.block?(@email)
-    return false if Rails.configuration.x.email_domains_blacklist.blank?
-
-    domains = Rails.configuration.x.email_domains_blacklist.gsub('.', '\.')
-    regexp  = Regexp.new("@(.+\\.)?(#{domains})", true)
+  def blocked_canonical_email?
+    CanonicalEmailBlock.block?(@email)
+  end
 
-    regexp.match?(@email)
+  def disallowed_through_email_domain_block?
+    EmailDomainBlock.block?(@email)
   end
 
-  def not_on_whitelist?
+  def not_allowed_through_configuration?
     return false if Rails.configuration.x.email_domains_whitelist.blank?
 
     domains = Rails.configuration.x.email_domains_whitelist.gsub('.', '\.')
@@ -33,4 +32,13 @@ class BlacklistedEmailValidator < ActiveModel::Validator
 
     @email !~ regexp
   end
+
+  def disallowed_through_configuration?
+    return false if Rails.configuration.x.email_domains_blacklist.blank?
+
+    domains = Rails.configuration.x.email_domains_blacklist.gsub('.', '\.')
+    regexp  = Regexp.new("@(.+\\.)?(#{domains})", true)
+
+    regexp.match?(@email)
+  end
 end
-- 
cgit