npm - emailengine-app - Versions diffs - 2.61.2 → 2.61.3 - Mend

emailengine-app 2.61.2 → 2.61.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (23) hide show

package/CHANGELOG.md +8 -0
package/data/google-crawlers.json +1 -1
package/lib/account.js +29 -16
package/lib/api-routes/account-routes.js +17 -0
package/lib/ui-routes/account-routes.js +2 -2
package/package.json +2 -2
package/sbom.json +1 -1
package/static/licenses.html +2 -2
package/translations/de.mo +0 -0
package/translations/de.po +40 -32
package/translations/en.mo +0 -0
package/translations/en.po +41 -28
package/translations/et.mo +0 -0
package/translations/et.po +40 -32
package/translations/fr.mo +0 -0
package/translations/fr.po +40 -32
package/translations/ja.mo +0 -0
package/translations/ja.po +40 -32
package/translations/messages.pot +32 -5
package/translations/nl.mo +0 -0
package/translations/nl.po +40 -32
package/translations/pl.mo +0 -0
package/translations/pl.po +40 -32

package/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,13 @@
 # Changelog
+## [2.61.3](https://github.com/postalsys/emailengine/compare/v2.61.2...v2.61.3) (2026-01-14)
+### Bug Fixes
+* prevent 500 error when listing accounts with invalid delegation config ([8651bcc](https://github.com/postalsys/emailengine/commit/8651bcc3c18cd54ee5309b3392915773c355e6c4))
+* update gettext script to include refactored UI route files ([5b2e4a5](https://github.com/postalsys/emailengine/commit/5b2e4a55771f192fb14d030b5e5d08ba860c90ab))
 ## [2.61.2](https://github.com/postalsys/emailengine/compare/v2.61.1...v2.61.2) (2026-01-12)

package/data/google-crawlers.json CHANGED Viewed

@@ -1,5 +1,5 @@
 {
-    "creationTime": "2026-01-09T15:45:52.000000",
+    "creationTime": "2026-01-13T15:46:00.000000",
     "prefixes": [
         {
             "ipv6Prefix": "2001:4860:4801:2008::/64"

package/lib/account.js CHANGED Viewed

@@ -187,23 +187,34 @@ class Account {
                 }
             } else if (accountData.oauth2 && accountData.oauth2.auth && accountData.oauth2.auth.delegatedAccount) {
                 accountData.type = 'delegated';
-                let delegatedAccount = await resolveDelegatedAccount(this.redis, accountData.account);
-                if (delegatedAccount) {
-                    accountData.delegatedAccount = delegatedAccount;
-                    let delegatedAccountRow = await this.redis.hgetall(`${REDIS_PREFIX}iad:${delegatedAccount}`);
-                    let delegatedAccountData = this.unserializeAccountData(delegatedAccountRow);
-                    if (delegatedAccountData.oauth2 && delegatedAccountData.oauth2.provider) {
-                        let app;
-                        if (oauthApps.has(delegatedAccountData.oauth2.provider)) {
-                            app = oauthApps.get(delegatedAccountData.oauth2.provider);
-                        } else {
-                            app = await oauth2Apps.get(delegatedAccountData.oauth2.provider);
-                        }
-                        oauthApps.set(delegatedAccountData.oauth2.provider, app || null);
-                        if (app && app.baseScopes === 'api') {
-                            accountData.isApi = true;
+                try {
+                    let delegatedAccount = await resolveDelegatedAccount(this.redis, accountData.account);
+                    if (delegatedAccount) {
+                        accountData.delegatedAccount = delegatedAccount;
+                        let delegatedAccountRow = await this.redis.hgetall(`${REDIS_PREFIX}iad:${delegatedAccount}`);
+                        let delegatedAccountData = this.unserializeAccountData(delegatedAccountRow);
+                        if (delegatedAccountData.oauth2 && delegatedAccountData.oauth2.provider) {
+                            let app;
+                            if (oauthApps.has(delegatedAccountData.oauth2.provider)) {
+                                app = oauthApps.get(delegatedAccountData.oauth2.provider);
+                            } else {
+                                app = await oauth2Apps.get(delegatedAccountData.oauth2.provider);
+                            }
+                            oauthApps.set(delegatedAccountData.oauth2.provider, app || null);
+                            if (app && app.baseScopes === 'api') {
+                                accountData.isApi = true;
+                            }
                         }
                     }
+                } catch (err) {
+                    this.logger.warn({
+                        msg: 'Failed to resolve delegated account',
+                        account: accountData.account,
+                        delegatedAccount: accountData.oauth2.auth.delegatedAccount,
+                        err
+                    });
+                    accountData.type = 'invalid';
+                    accountData.delegationError = err.message;
                 }
             } else if (accountData.imap && !accountData.imap.disabled) {
                 accountData.type = 'imap';
@@ -240,7 +251,9 @@ class Account {
                 syncTime: accountData.sync,
-                lastError: formatLastError(accountData)
+                lastError: formatLastError(accountData),
+                delegationError: accountData.delegationError || undefined
             }))
         };

package/lib/api-routes/account-routes.js CHANGED Viewed

@@ -26,6 +26,17 @@ const {
 const { REDIS_PREFIX, MAX_FORM_TTL, NONCE_BYTES } = require('../consts');
+/**
+ * Validates that delegation fields are only used with OAuth2 accounts.
+ */
+function validateDelegationFields(payload) {
+    const auth = payload.oauth2?.auth;
+    const hasDelegation = auth?.delegatedUser || auth?.delegatedAccount;
+    if (hasDelegation && !payload.oauth2?.provider) {
+        throw Boom.badRequest('Delegation fields (delegatedUser, delegatedAccount) require oauth2.provider to be set');
+    }
+}
 async function init(args) {
     const {
         server,
@@ -110,6 +121,9 @@ async function init(args) {
                     };
                 }
+                // Validate delegation fields are only used with OAuth2 provider
+                validateDelegationFields(request.payload);
                 let result = await accountObject.create(request.payload);
                 return result;
             } catch (err) {
@@ -256,6 +270,9 @@ async function init(args) {
             });
             try {
+                // Validate delegation fields are only used with OAuth2 provider
+                validateDelegationFields(request.payload);
                 return await accountObject.update(request.payload);
             } catch (err) {
                 request.logger.error({ msg: 'API request failed', err });

package/lib/ui-routes/account-routes.js CHANGED Viewed

@@ -725,7 +725,7 @@ function init(args) {
                         });
                     }
-                    await request.flash({ type: 'danger', message: request.app.gt.gettext(`Couldn't set up account. Try again.`) });
+                    await request.flash({ type: 'danger', message: request.app.gt.gettext("Couldn't set up account. Try again.") });
                     request.logger.error({ msg: 'Failed to process account', err });
                     return h
@@ -992,7 +992,7 @@ function init(args) {
                         });
                     }
-                    await request.flash({ type: 'danger', message: request.app.gt.gettext(`Couldn't set up account. Try again.`) });
+                    await request.flash({ type: 'danger', message: request.app.gt.gettext("Couldn't set up account. Try again.") });
                     request.logger.error({ msg: 'Failed to process account', err });
                     return h

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
     "name": "emailengine-app",
-    "version": "2.61.2",
+    "version": "2.61.3",
     "private": false,
     "productTitle": "EmailEngine",
     "description": "Email Sync Engine",
@@ -17,7 +17,7 @@
         "build-dist": "pkg --compress Brotli package.json && npm install && node winconf.js",
         "build-dist-fast": "pkg --debug package.json && npm install && node winconf.js",
         "licenses": "license-checker --excludePackages 'emailengine-app' --json | node list-generate.js > static/licenses.html",
-        "gettext": "find ./views -name \"*.hbs\" -print0 | xargs -0 xgettext-template -L Handlebars -o translations/messages.pot --force-po && jsxgettext lib/routes-ui.js workers/api.js lib/tools.js lib/autodetect-imap-settings.js -j -o translations/messages.pot",
+        "gettext": "find ./views -name \"*.hbs\" -print0 | xargs -0 xgettext-template -L Handlebars -o translations/messages.pot --force-po && jsxgettext lib/routes-ui.js workers/api.js lib/tools.js lib/autodetect-imap-settings.js lib/ui-routes/account-routes.js lib/ui-routes/admin-config-routes.js lib/ui-routes/admin-entities-routes.js -j -o translations/messages.pot",
         "prepare-docker": "echo \"EE_DOCKER_LEGACY=$EE_DOCKER_LEGACY\" >> system.env && cat system.env",
         "update": "rm -rf node_modules package-lock.json && ncu -u && npm install && ./copy-static-files.sh && npm run licenses && npm run gettext",
         "test-gmail-api": "node lib/email-client/gmail-client.js --dbs.redis=redis://127.0.0.1/11",