empty whitelist by default + allow_ip_domain option

2017-04-10 10:00:49 -04:00 · 2017-04-10 10:00:49 -04:00 · 41371e5fc5
commit 41371e5fc5
parent ce86ea4c9a
3 changed files with 64 additions and 28 deletions
--- a/mongoengine/fields.py
+++ b/mongoengine/fields.py
@ -177,27 +177,24 @@ class EmailField(StringField):
        re.IGNORECASE
    )

-    domain_whitelist = ['localhost']
-
    error_msg = u'Invalid email address: %s'

-    def __init__(self, domain_whitelist=None, allow_utf8_user=False, *args,
-                 **kwargs):
+    def __init__(self, domain_whitelist=None, allow_utf8_user=False,
+                 allow_ip_domain=False, *args, **kwargs):
        """Initialize the EmailField.

        Args:
            domain_whitelist (list) - list of otherwise invalid domain
                                      names which you'd like to support.
-                                      Includes "localhost" by default.
            allow_utf8_user (bool) - if True, the user part of the email
                                     address can contain UTF8 characters.
                                     False by default.
+            allow_ip_domain (bool) - if True, the domain part of the email
+                                     can be a valid IPv4 or IPv6 address.
        """
-        if domain_whitelist is not None:
-            self.domain_whitelist = domain_whitelist
-
+        self.domain_whitelist = domain_whitelist or []
        self.allow_utf8_user = allow_utf8_user
-
+        self.allow_ip_domain = allow_ip_domain
        super(EmailField, self).__init__(*args, **kwargs)

    def validate_user_part(self, user_part):
@ -220,8 +217,12 @@ class EmailField(StringField):
            return True

        # Validate IPv4/IPv6, e.g. user@[192.168.0.1]
-        if domain_part[0] == '[' and domain_part[-1] == ']':
-            for addr_family in socket.AF_INET, socket.AF_INET6:
+        if (
+            self.allow_ip_domain and
+            domain_part[0] == '[' and
+            domain_part[-1] == ']'
+        ):
+            for addr_family in (socket.AF_INET, socket.AF_INET6):
                try:
                    socket.inet_pton(addr_family, domain_part[1:-1])
                    return True
--- a/tests/document/instance.py
+++ b/tests/document/instance.py
@ -844,7 +844,7 @@ class InstanceTest(unittest.TestCase):
        class Recipient(Document):
            email = EmailField(required=True)

-        recipient = Recipient(email='root@localhost')
+        recipient = Recipient(email='not-an-email')
        self.assertRaises(ValidationError, recipient.save)
        recipient.save(validate=False)

--- a/tests/fields/fields.py
+++ b/tests/fields/fields.py
@ -3468,22 +3468,6 @@ class FieldTest(MongoDBTestCase):
        user = User(email='ross@example.com.')
        self.assertRaises(ValidationError, user.validate)

-        # localhost should be whitelisted by default
-        user = User(email='me@localhost')
-        user.validate()
-
-        # valid IPv4 domain
-        user = User(email='email@[127.0.0.1]')
-        user.validate()
-
-        # valid IPv6 domain
-        user = User(email='email@[2001:dB8::1]')
-        user.validate()
-
-        # invalid IP
-        user = User(email='email@[324.0.0.1]')
-        self.assertRaises(ValidationError, user.validate)
-
        # unicode domain
        user = User(email=u'user@пример.рф')
        user.validate()
@ -3492,6 +3476,10 @@ class FieldTest(MongoDBTestCase):
        user = User(email=u'user@пример')
        self.assertRaises(ValidationError, user.validate)

+    def test_email_field_unicode_user(self):
+        class User(Document):
+            email = EmailField()
+
        # unicode user shouldn't validate by default...
        user = User(email=u'Dörte@Sörensen.example.com')
        self.assertRaises(ValidationError, user.validate)
@ -3503,6 +3491,53 @@ class FieldTest(MongoDBTestCase):
        user = User(email=u'Dörte@Sörensen.example.com')
        user.validate()

+    def test_email_field_domain_whitelist(self):
+        class User(Document):
+            email = EmailField()
+
+        # localhost domain shouldn't validate by default...
+        user = User(email='me@localhost')
+        self.assertRaises(ValidationError, user.validate)
+
+        # ...but it should be fine if it's whitelisted
+        class User(Document):
+            email = EmailField(domain_whitelist=['localhost'])
+
+        user = User(email='me@localhost')
+        user.validate()
+
+    def test_email_field_ip_domain(self):
+        class User(Document):
+            email = EmailField()
+
+        valid_ipv4 = 'email@[127.0.0.1]'
+        valid_ipv6 = 'email@[2001:dB8::1]'
+        invalid_ip = 'email@[324.0.0.1]'
+
+        # IP address as a domain shouldn't validate by default...
+        user = User(email=valid_ipv4)
+        self.assertRaises(ValidationError, user.validate)
+
+        user = User(email=valid_ipv6)
+        self.assertRaises(ValidationError, user.validate)
+
+        user = User(email=invalid_ip)
+        self.assertRaises(ValidationError, user.validate)
+
+        # ...but it should be fine with allow_ip_domain set to True
+        class User(Document):
+            email = EmailField(allow_ip_domain=True)
+
+        user = User(email=valid_ipv4)
+        user.validate()
+
+        user = User(email=valid_ipv6)
+        user.validate()
+
+        # invalid IP should still fail validation
+        user = User(email=invalid_ip)
+        self.assertRaises(ValidationError, user.validate)
+
    def test_email_field_honors_regex(self):
        class User(Document):
            email = EmailField(regex=r'\w+@example.com')