fix: respect user mail deletion toggle in user center (#979)

* fix: respect user mail deletion toggle in user center Hide user mailbox delete actions and block /user_api/mails deletion when ENABLE_USER_DELETE_EMAIL is disabled. Add an e2e regression test and changelog entries for issue #978. * test: hash user password in mail deletion e2e Use the same SHA-256 pre-hashed password format as the frontend for the user register/login flow in the mail deletion regression test.
2026-06-05 23:51:39 +08:00 · 2026-04-14 15:25:39 +08:00
parent e15b1b83d0
commit 15e339282d
6 changed files with 114 additions and 3 deletions
--- a/worker/src/user_api/user_mail_api.ts
+++ b/worker/src/user_api/user_mail_api.ts
@@ -1,6 +1,8 @@
 import { Context } from "hono";
+import i18n from "../i18n";
 import { handleMailListQuery } from "../common";
 import UserBindAddressModule from "./bind_address";
+import { getBooleanValue } from "../utils";

 export default {
    getMails: async (c: Context<HonoCustomType>) => {
@@ -26,6 +28,10 @@ export default {
        );
    },
    deleteMail: async (c: Context<HonoCustomType>) => {
+        const msgs = i18n.getMessagesbyContext(c);
+        if (!getBooleanValue(c.env.ENABLE_USER_DELETE_EMAIL)) {
+            return c.text(msgs.UserDeleteEmailDisabledMsg, 403)
+        }
        const { id } = c.req.param();
        const { user_id } = c.get("userPayload");
        const bindedAddressList = await UserBindAddressModule.getBindedAddressListById(c, user_id);