fix: limit SEND_MAIL domain checks to binding paths (#987)

* fix: scope SEND_MAIL domain gating to binding * test: cover SEND_MAIL domain gating in e2e
2026-06-01 05:30:04 +08:00 · 2026-04-17 18:08:19 +08:00
parent e772db8c3e
commit 000cd0ddfa
11 changed files with 124 additions and 4 deletions
--- a/e2e/docker-compose.yml
+++ b/e2e/docker-compose.yml
@@ -72,6 +72,24 @@ services:
      start_period: 10s
      retries: 20

+  worker-send-mail-domain:
+    build:
+      context: ..
+      dockerfile: e2e/Dockerfile.worker
+      args:
+        WRANGLER_TOML: e2e/fixtures/wrangler.toml.e2e.send-mail-domain
+    ports:
+      - "8791:8791"
+    command: ["pnpm", "exec", "wrangler", "dev", "--port", "8791", "--ip", "0.0.0.0"]
+    depends_on:
+      - mailpit
+    healthcheck:
+      test: ["CMD", "curl", "-sf", "http://localhost:8791/health_check"]
+      interval: 3s
+      timeout: 5s
+      start_period: 10s
+      retries: 20
+
  frontend:
    build:
      context: ..
@@ -128,6 +146,7 @@ services:
      WORKER_URL_SUBDOMAIN: http://worker-subdomain:8789
      WORKER_URL_ENV_OFF: http://worker-env-off:8790
      WORKER_GZIP_URL: http://worker-gzip:8788
+      WORKER_URL_SEND_MAIL_DOMAIN: http://worker-send-mail-domain:8791
      FRONTEND_URL: https://frontend:5173
      MAILPIT_API: http://mailpit:8025/api
      SMTP_PROXY_HOST: smtp-proxy
@@ -146,6 +165,8 @@ services:
        condition: service_healthy
      worker-gzip:
        condition: service_healthy
+      worker-send-mail-domain:
+        condition: service_healthy
      frontend:
        condition: service_started
      smtp-proxy:
--- a/e2e/fixtures/test-helpers.ts
+++ b/e2e/fixtures/test-helpers.ts
@@ -5,6 +5,7 @@ export const WORKER_URL = process.env.WORKER_URL!;
 export const WORKER_URL_SUBDOMAIN = process.env.WORKER_URL_SUBDOMAIN || '';
 export const WORKER_URL_ENV_OFF = process.env.WORKER_URL_ENV_OFF || '';
 export const WORKER_GZIP_URL = process.env.WORKER_GZIP_URL || '';
+export const WORKER_URL_SEND_MAIL_DOMAIN = process.env.WORKER_URL_SEND_MAIL_DOMAIN || '';
 export const FRONTEND_URL = process.env.FRONTEND_URL!;
 export const MAILPIT_API = process.env.MAILPIT_API!;
 export const TEST_DOMAIN = 'test.example.com';
--- a/e2e/fixtures/wrangler.toml.e2e.send-mail-domain
+++ b/e2e/fixtures/wrangler.toml.e2e.send-mail-domain
@@ -0,0 +1,38 @@
+name = "cloudflare_temp_email"
+main = "src/worker.ts"
+compatibility_date = "2025-04-01"
+compatibility_flags = [ "nodejs_compat" ]
+keep_vars = true
+
+send_email = [
+  { name = "SEND_MAIL" },
+]
+
+[vars]
+PREFIX = "tmp"
+DEFAULT_DOMAINS = ["test.example.com"]
+DOMAINS = ["test.example.com"]
+SEND_MAIL_DOMAINS = ["test.example.com"]
+JWT_SECRET = "e2e-test-secret-key"
+BLACK_LIST = ""
+ENABLE_USER_CREATE_EMAIL = true
+ENABLE_USER_DELETE_EMAIL = true
+ENABLE_AUTO_REPLY = true
+DEFAULT_SEND_BALANCE = 10
+ENABLE_ADDRESS_PASSWORD = true
+DISABLE_ADMIN_PASSWORD_CHECK = true
+ADMIN_PASSWORDS = '["e2e-admin-pass"]'
+ENABLE_WEBHOOK = true
+E2E_TEST_MODE = true
+SMTP_CONFIG = """
+{"test.example.com":{"host":"mailpit","port":1025,"secure":false}}
+"""
+
+[[kv_namespaces]]
+binding = "KV"
+id = "e2e-test-kv-00000000-0000-0000-0000-000000000000"
+
+[[d1_databases]]
+binding = "DB"
+database_name = "e2e-temp-email"
+database_id = "e2e-test-db-00000000-0000-0000-0000-000000000000"
--- a/e2e/tests/api/send-mail-limit.spec.ts
+++ b/e2e/tests/api/send-mail-limit.spec.ts
@@ -1,6 +1,7 @@
 import { test, expect, APIRequestContext } from '@playwright/test';
 import {
  WORKER_URL,
+  WORKER_URL_SEND_MAIL_DOMAIN,
  createTestAddress,
  deleteAddress,
  deleteAllMailpitMessages,
@@ -424,6 +425,34 @@ test.describe('Send Mail Limit', () => {
    expect(res.status()).toBe(400);
  });

+  test('/admin/send_mail_by_binding returns 200 when domain is allowed', async ({ request }) => {
+    const res = await request.post(`${WORKER_URL_SEND_MAIL_DOMAIN}/admin/send_mail_by_binding`, {
+      headers: ADMIN_HEADERS,
+      data: {
+        from: 'admin@test.example.com',
+        to: ['recipient@test.example.com'],
+        subject: `send-mail-domain-ok-${Date.now()}`,
+        text: 'body',
+      },
+    });
+    expect(res.ok()).toBe(true);
+    expect(await res.json()).toEqual({ status: 'ok' });
+  });
+
+  test('/admin/send_mail_by_binding returns 400 when domain is not allowed', async ({ request }) => {
+    const res = await request.post(`${WORKER_URL_SEND_MAIL_DOMAIN}/admin/send_mail_by_binding`, {
+      headers: ADMIN_HEADERS,
+      data: {
+        from: 'admin@blocked.example.com',
+        to: ['recipient@test.example.com'],
+        subject: `send-mail-domain-blocked-${Date.now()}`,
+        text: 'body',
+      },
+    });
+    expect(res.status()).toBe(400);
+    expect(await res.text()).toContain('Please enable SEND_MAIL for this domain first');
+  });
+
  test('daily and monthly counters both increment on successful send', async ({ request }) => {
    const { jwt } = await createTestAddress(request, 'limit-both-inc');
    await requestSendAccess(request, jwt);