emailengine-app 2.61.2 → 2.61.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +16 -0
- package/data/google-crawlers.json +1 -1
- package/lib/account.js +65 -37
- package/lib/api-routes/account-routes.js +17 -0
- package/lib/routes-ui.js +21 -5
- package/lib/ui-routes/account-routes.js +11 -2
- package/package.json +2 -2
- package/sbom.json +1 -1
- package/static/licenses.html +2 -2
- package/translations/de.mo +0 -0
- package/translations/de.po +40 -32
- package/translations/en.mo +0 -0
- package/translations/en.po +41 -28
- package/translations/et.mo +0 -0
- package/translations/et.po +40 -32
- package/translations/fr.mo +0 -0
- package/translations/fr.po +40 -32
- package/translations/ja.mo +0 -0
- package/translations/ja.po +40 -32
- package/translations/messages.pot +32 -5
- package/translations/nl.mo +0 -0
- package/translations/nl.po +40 -32
- package/translations/pl.mo +0 -0
- package/translations/pl.po +40 -32
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,21 @@
|
|
|
1
1
|
# Changelog
|
|
2
2
|
|
|
3
|
+
## [2.61.4](https://github.com/postalsys/emailengine/compare/v2.61.3...v2.61.4) (2026-01-14)
|
|
4
|
+
|
|
5
|
+
|
|
6
|
+
### Bug Fixes
|
|
7
|
+
|
|
8
|
+
* handle delegation errors in loadAccountData, isApiClient, and UI listing ([c306618](https://github.com/postalsys/emailengine/commit/c306618a37428bbf088ed1289bf832e778f14b9c))
|
|
9
|
+
* show Failed status for accounts with IMAP disabled due to auth errors ([e6b687d](https://github.com/postalsys/emailengine/commit/e6b687d458cfd080795f7176f862109e2c299fff))
|
|
10
|
+
|
|
11
|
+
## [2.61.3](https://github.com/postalsys/emailengine/compare/v2.61.2...v2.61.3) (2026-01-14)
|
|
12
|
+
|
|
13
|
+
|
|
14
|
+
### Bug Fixes
|
|
15
|
+
|
|
16
|
+
* prevent 500 error when listing accounts with invalid delegation config ([8651bcc](https://github.com/postalsys/emailengine/commit/8651bcc3c18cd54ee5309b3392915773c355e6c4))
|
|
17
|
+
* update gettext script to include refactored UI route files ([5b2e4a5](https://github.com/postalsys/emailengine/commit/5b2e4a55771f192fb14d030b5e5d08ba860c90ab))
|
|
18
|
+
|
|
3
19
|
## [2.61.2](https://github.com/postalsys/emailengine/compare/v2.61.1...v2.61.2) (2026-01-12)
|
|
4
20
|
|
|
5
21
|
|
package/lib/account.js
CHANGED
|
@@ -187,23 +187,34 @@ class Account {
|
|
|
187
187
|
}
|
|
188
188
|
} else if (accountData.oauth2 && accountData.oauth2.auth && accountData.oauth2.auth.delegatedAccount) {
|
|
189
189
|
accountData.type = 'delegated';
|
|
190
|
-
|
|
191
|
-
|
|
192
|
-
|
|
193
|
-
|
|
194
|
-
|
|
195
|
-
|
|
196
|
-
|
|
197
|
-
|
|
198
|
-
|
|
199
|
-
|
|
200
|
-
|
|
201
|
-
|
|
202
|
-
|
|
203
|
-
|
|
204
|
-
|
|
190
|
+
try {
|
|
191
|
+
let delegatedAccount = await resolveDelegatedAccount(this.redis, accountData.account);
|
|
192
|
+
if (delegatedAccount) {
|
|
193
|
+
accountData.delegatedAccount = delegatedAccount;
|
|
194
|
+
let delegatedAccountRow = await this.redis.hgetall(`${REDIS_PREFIX}iad:${delegatedAccount}`);
|
|
195
|
+
let delegatedAccountData = this.unserializeAccountData(delegatedAccountRow);
|
|
196
|
+
if (delegatedAccountData.oauth2 && delegatedAccountData.oauth2.provider) {
|
|
197
|
+
let app;
|
|
198
|
+
if (oauthApps.has(delegatedAccountData.oauth2.provider)) {
|
|
199
|
+
app = oauthApps.get(delegatedAccountData.oauth2.provider);
|
|
200
|
+
} else {
|
|
201
|
+
app = await oauth2Apps.get(delegatedAccountData.oauth2.provider);
|
|
202
|
+
}
|
|
203
|
+
oauthApps.set(delegatedAccountData.oauth2.provider, app || null);
|
|
204
|
+
if (app && app.baseScopes === 'api') {
|
|
205
|
+
accountData.isApi = true;
|
|
206
|
+
}
|
|
205
207
|
}
|
|
206
208
|
}
|
|
209
|
+
} catch (err) {
|
|
210
|
+
this.logger.warn({
|
|
211
|
+
msg: 'Failed to resolve delegated account',
|
|
212
|
+
account: accountData.account,
|
|
213
|
+
delegatedAccount: accountData.oauth2.auth.delegatedAccount,
|
|
214
|
+
err
|
|
215
|
+
});
|
|
216
|
+
accountData.type = 'invalid';
|
|
217
|
+
accountData.delegationError = err.message;
|
|
207
218
|
}
|
|
208
219
|
} else if (accountData.imap && !accountData.imap.disabled) {
|
|
209
220
|
accountData.type = 'imap';
|
|
@@ -240,7 +251,9 @@ class Account {
|
|
|
240
251
|
|
|
241
252
|
syncTime: accountData.sync,
|
|
242
253
|
|
|
243
|
-
lastError: formatLastError(accountData)
|
|
254
|
+
lastError: formatLastError(accountData),
|
|
255
|
+
|
|
256
|
+
delegationError: accountData.delegationError || undefined
|
|
244
257
|
}))
|
|
245
258
|
};
|
|
246
259
|
|
|
@@ -684,20 +697,30 @@ class Account {
|
|
|
684
697
|
accountData._app = app;
|
|
685
698
|
}
|
|
686
699
|
} else if (accountData.oauth2 && accountData.oauth2.auth && accountData.oauth2.auth.delegatedAccount) {
|
|
687
|
-
|
|
688
|
-
|
|
689
|
-
|
|
690
|
-
|
|
691
|
-
|
|
692
|
-
|
|
693
|
-
|
|
694
|
-
|
|
695
|
-
|
|
696
|
-
|
|
697
|
-
|
|
700
|
+
try {
|
|
701
|
+
let delegatedAccount = await resolveDelegatedAccount(this.redis, accountData.account);
|
|
702
|
+
if (delegatedAccount) {
|
|
703
|
+
accountData.delegatedAccount = delegatedAccount;
|
|
704
|
+
let delegatedAccountRow = await this.redis.hgetall(`${REDIS_PREFIX}iad:${delegatedAccount}`);
|
|
705
|
+
let delegatedAccountData = this.unserializeAccountData(delegatedAccountRow);
|
|
706
|
+
if (delegatedAccountData.oauth2 && delegatedAccountData.oauth2.provider) {
|
|
707
|
+
let app = await oauth2Apps.get(delegatedAccountData.oauth2.provider);
|
|
708
|
+
if (app) {
|
|
709
|
+
accountData._app = app;
|
|
710
|
+
if (app.baseScopes === 'api') {
|
|
711
|
+
accountData.isApi = true;
|
|
712
|
+
}
|
|
698
713
|
}
|
|
699
714
|
}
|
|
700
715
|
}
|
|
716
|
+
} catch (err) {
|
|
717
|
+
this.logger.warn({
|
|
718
|
+
msg: 'Failed to resolve delegated account',
|
|
719
|
+
account: accountData.account,
|
|
720
|
+
delegatedAccount: accountData.oauth2.auth.delegatedAccount,
|
|
721
|
+
err
|
|
722
|
+
});
|
|
723
|
+
accountData.delegationError = err.message;
|
|
701
724
|
}
|
|
702
725
|
}
|
|
703
726
|
|
|
@@ -2532,17 +2555,22 @@ class Account {
|
|
|
2532
2555
|
|
|
2533
2556
|
async isApiClient(accountData) {
|
|
2534
2557
|
if (accountData.oauth2?.auth?.delegatedAccount) {
|
|
2535
|
-
|
|
2536
|
-
|
|
2537
|
-
|
|
2538
|
-
|
|
2539
|
-
|
|
2540
|
-
|
|
2541
|
-
|
|
2542
|
-
|
|
2543
|
-
|
|
2544
|
-
|
|
2558
|
+
try {
|
|
2559
|
+
let delegatedAccount = await resolveDelegatedAccount(this.redis, accountData.account);
|
|
2560
|
+
if (delegatedAccount) {
|
|
2561
|
+
accountData.delegatedAccount = delegatedAccount;
|
|
2562
|
+
let delegatedAccountRow = await this.redis.hgetall(`${REDIS_PREFIX}iad:${delegatedAccount}`);
|
|
2563
|
+
let delegatedAccountData = this.unserializeAccountData(delegatedAccountRow);
|
|
2564
|
+
if (delegatedAccountData?.oauth2?.provider) {
|
|
2565
|
+
let app = await oauth2Apps.get(delegatedAccountData.oauth2.provider);
|
|
2566
|
+
return app?.baseScopes === 'api';
|
|
2567
|
+
} else {
|
|
2568
|
+
return false;
|
|
2569
|
+
}
|
|
2545
2570
|
}
|
|
2571
|
+
} catch (err) {
|
|
2572
|
+
// Invalid delegation config - treat as non-API client
|
|
2573
|
+
return false;
|
|
2546
2574
|
}
|
|
2547
2575
|
}
|
|
2548
2576
|
|
|
@@ -26,6 +26,17 @@ const {
|
|
|
26
26
|
|
|
27
27
|
const { REDIS_PREFIX, MAX_FORM_TTL, NONCE_BYTES } = require('../consts');
|
|
28
28
|
|
|
29
|
+
/**
|
|
30
|
+
* Validates that delegation fields are only used with OAuth2 accounts.
|
|
31
|
+
*/
|
|
32
|
+
function validateDelegationFields(payload) {
|
|
33
|
+
const auth = payload.oauth2?.auth;
|
|
34
|
+
const hasDelegation = auth?.delegatedUser || auth?.delegatedAccount;
|
|
35
|
+
if (hasDelegation && !payload.oauth2?.provider) {
|
|
36
|
+
throw Boom.badRequest('Delegation fields (delegatedUser, delegatedAccount) require oauth2.provider to be set');
|
|
37
|
+
}
|
|
38
|
+
}
|
|
39
|
+
|
|
29
40
|
async function init(args) {
|
|
30
41
|
const {
|
|
31
42
|
server,
|
|
@@ -110,6 +121,9 @@ async function init(args) {
|
|
|
110
121
|
};
|
|
111
122
|
}
|
|
112
123
|
|
|
124
|
+
// Validate delegation fields are only used with OAuth2 provider
|
|
125
|
+
validateDelegationFields(request.payload);
|
|
126
|
+
|
|
113
127
|
let result = await accountObject.create(request.payload);
|
|
114
128
|
return result;
|
|
115
129
|
} catch (err) {
|
|
@@ -256,6 +270,9 @@ async function init(args) {
|
|
|
256
270
|
});
|
|
257
271
|
|
|
258
272
|
try {
|
|
273
|
+
// Validate delegation fields are only used with OAuth2 provider
|
|
274
|
+
validateDelegationFields(request.payload);
|
|
275
|
+
|
|
259
276
|
return await accountObject.update(request.payload);
|
|
260
277
|
} catch (err) {
|
|
261
278
|
request.logger.error({ msg: 'API request failed', err });
|
package/lib/routes-ui.js
CHANGED
|
@@ -618,6 +618,15 @@ function formatAccountData(account, gt) {
|
|
|
618
618
|
break;
|
|
619
619
|
}
|
|
620
620
|
|
|
621
|
+
// Check if IMAP was disabled due to errors - override state label to show error
|
|
622
|
+
if (account.imap && account.imap.disabled && account.lastErrorState) {
|
|
623
|
+
account.stateLabel = {
|
|
624
|
+
type: 'danger',
|
|
625
|
+
name: 'Failed',
|
|
626
|
+
error: account.lastErrorState.description || account.lastErrorState.response
|
|
627
|
+
};
|
|
628
|
+
}
|
|
629
|
+
|
|
621
630
|
if (account.oauth2) {
|
|
622
631
|
account.oauth2.scopes = []
|
|
623
632
|
.concat(account.oauth2.scope || [])
|
|
@@ -4157,13 +4166,20 @@ ${Buffer.from(data.content, 'base64url').toString('base64')}
|
|
|
4157
4166
|
|
|
4158
4167
|
for (let account of accounts.accounts) {
|
|
4159
4168
|
let accountObject = new Account({ redis, account: account.account });
|
|
4160
|
-
|
|
4169
|
+
try {
|
|
4170
|
+
account.data = await accountObject.loadAccountData(null, null, runIndex);
|
|
4161
4171
|
|
|
4162
|
-
|
|
4163
|
-
|
|
4164
|
-
|
|
4165
|
-
|
|
4172
|
+
if (account.data && account.data.oauth2 && account.data.oauth2.provider) {
|
|
4173
|
+
let oauth2App = await oauth2Apps.get(account.data.oauth2.provider);
|
|
4174
|
+
if (oauth2App) {
|
|
4175
|
+
account.data.oauth2.app = oauth2App;
|
|
4176
|
+
}
|
|
4166
4177
|
}
|
|
4178
|
+
} catch (err) {
|
|
4179
|
+
// Account has invalid config (e.g., broken delegation)
|
|
4180
|
+
account.data = {
|
|
4181
|
+
delegationError: err.message
|
|
4182
|
+
};
|
|
4167
4183
|
}
|
|
4168
4184
|
}
|
|
4169
4185
|
|
|
@@ -159,6 +159,15 @@ function formatAccountData(account, gt) {
|
|
|
159
159
|
break;
|
|
160
160
|
}
|
|
161
161
|
|
|
162
|
+
// Check if IMAP was disabled due to errors - override state label to show error
|
|
163
|
+
if (account.imap && account.imap.disabled && account.lastErrorState) {
|
|
164
|
+
account.stateLabel = {
|
|
165
|
+
type: 'danger',
|
|
166
|
+
name: 'Failed',
|
|
167
|
+
error: account.lastErrorState.description || account.lastErrorState.response
|
|
168
|
+
};
|
|
169
|
+
}
|
|
170
|
+
|
|
162
171
|
if (account.oauth2) {
|
|
163
172
|
account.oauth2.scopes = []
|
|
164
173
|
.concat(account.oauth2.scope || [])
|
|
@@ -725,7 +734,7 @@ function init(args) {
|
|
|
725
734
|
});
|
|
726
735
|
}
|
|
727
736
|
|
|
728
|
-
await request.flash({ type: 'danger', message: request.app.gt.gettext(
|
|
737
|
+
await request.flash({ type: 'danger', message: request.app.gt.gettext("Couldn't set up account. Try again.") });
|
|
729
738
|
request.logger.error({ msg: 'Failed to process account', err });
|
|
730
739
|
|
|
731
740
|
return h
|
|
@@ -992,7 +1001,7 @@ function init(args) {
|
|
|
992
1001
|
});
|
|
993
1002
|
}
|
|
994
1003
|
|
|
995
|
-
await request.flash({ type: 'danger', message: request.app.gt.gettext(
|
|
1004
|
+
await request.flash({ type: 'danger', message: request.app.gt.gettext("Couldn't set up account. Try again.") });
|
|
996
1005
|
request.logger.error({ msg: 'Failed to process account', err });
|
|
997
1006
|
|
|
998
1007
|
return h
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "emailengine-app",
|
|
3
|
-
"version": "2.61.
|
|
3
|
+
"version": "2.61.4",
|
|
4
4
|
"private": false,
|
|
5
5
|
"productTitle": "EmailEngine",
|
|
6
6
|
"description": "Email Sync Engine",
|
|
@@ -17,7 +17,7 @@
|
|
|
17
17
|
"build-dist": "pkg --compress Brotli package.json && npm install && node winconf.js",
|
|
18
18
|
"build-dist-fast": "pkg --debug package.json && npm install && node winconf.js",
|
|
19
19
|
"licenses": "license-checker --excludePackages 'emailengine-app' --json | node list-generate.js > static/licenses.html",
|
|
20
|
-
"gettext": "find ./views -name \"*.hbs\" -print0 | xargs -0 xgettext-template -L Handlebars -o translations/messages.pot --force-po && jsxgettext lib/routes-ui.js workers/api.js lib/tools.js lib/autodetect-imap-settings.js -j -o translations/messages.pot",
|
|
20
|
+
"gettext": "find ./views -name \"*.hbs\" -print0 | xargs -0 xgettext-template -L Handlebars -o translations/messages.pot --force-po && jsxgettext lib/routes-ui.js workers/api.js lib/tools.js lib/autodetect-imap-settings.js lib/ui-routes/account-routes.js lib/ui-routes/admin-config-routes.js lib/ui-routes/admin-entities-routes.js -j -o translations/messages.pot",
|
|
21
21
|
"prepare-docker": "echo \"EE_DOCKER_LEGACY=$EE_DOCKER_LEGACY\" >> system.env && cat system.env",
|
|
22
22
|
"update": "rm -rf node_modules package-lock.json && ncu -u && npm install && ./copy-static-files.sh && npm run licenses && npm run gettext",
|
|
23
23
|
"test-gmail-api": "node lib/email-client/gmail-client.js --dbs.redis=redis://127.0.0.1/11",
|