WIP Encrypt outgoing emails when possible

app/mailers/application_mailer.rb

@@ -1,5 +1,4 @@
 class ApplicationMailer < ActionMailer::Base
-  default Rails.application.config.action_mailer.default_options
   layout 'mailer'
 
   private
@@ -20,7 +19,7 @@ class ApplicationMailer < ActionMailer::Base
     end
 
     def from_address
-      self.class.default[:from]
+      ENV.fetch('SMTP_FROM_ADDRESS', 'accounts@localhost')
     end
 
     def from_domain

config/environments/development.rb

@@ -57,22 +57,16 @@ Rails.application.configure do
   # routes, locales, etc. This feature depends on the listen gem.
   config.file_watcher = ActiveSupport::EventedFileUpdateChecker
 
+  config.action_mailer.default_options = {
+    from: "accounts@localhost"
+  }
+
   # Don't actually send emails, cache them for viewing via letter opener
   config.action_mailer.delivery_method = :letter_opener
-
   # Don't care if the mailer can't send
   config.action_mailer.raise_delivery_errors = true
-
   # Base URL to be used by email template link helpers
-  config.action_mailer.default_url_options = {
-    host: "localhost:3000",
-    protocol: "http"
-  }
-
-  config.action_mailer.default_options = {
-    from: "accounts@localhost",
-    message_id: -> { "<#{Mail.random_tag}@localhost>" },
-  }
+  config.action_mailer.default_url_options = { host: "localhost:3000", protocol: "http" }
 
   # Allow requests from any IP
   config.web_console.permissions = '0.0.0.0/0'

config/environments/production.rb

@@ -63,7 +63,7 @@ Rails.application.configure do
   outgoing_email_domain  = Mail::Address.new(outgoing_email_address).domain
 
   config.action_mailer.default_url_options = {
-    host: ENV.fetch('AKKOUNTS_DOMAIN'),
+    host: ENV['AKKOUNTS_DOMAIN'],
     protocol: "https",
   }
 

config/environments/test.rb

@@ -46,12 +46,8 @@ Rails.application.configure do
 
   config.action_mailer.default_url_options = {
     host: "accounts.kosmos.org",
-    protocol: "https"
-  }
-
-  config.action_mailer.default_options = {
-    from: "accounts@kosmos.org",
-    message_id: -> { "<#{Mail.random_tag}@kosmos.org>" },
+    protocol: "https",
+    from: "accounts@kosmos.org"
   }
 
   config.active_job.queue_adapter = :test

spec/mailers/notification_mailer_spec.rb

@@ -1,87 +0,0 @@
-# spec/mailers/welcome_mailer_spec.rb
-require 'rails_helper'
-
-RSpec.describe NotificationMailer, type: :mailer do
-  describe '#lightning_sats_received' do
-
-    context "without PGP key" do
-      let(:user) { create(:user, cn: "phil", email: 'phil@example.com') }
-
-      before do
-        allow_any_instance_of(User).to receive(:ldap_entry).and_return({
-          uid: user.cn, ou: user.ou, display_name: nil, pgp_key: nil
-        })
-      end
-
-      describe "unencrypted email" do
-        let(:mail) { described_class.with(user: user, amount_sats: 21000).lightning_sats_received }
-
-        it 'renders the correct to/from headers' do
-          expect(mail.to).to eq([user.email])
-          expect(mail.from).to eq(['accounts@kosmos.org'])
-        end
-
-        it 'renders the correct subject' do
-          expect(mail.subject).to eq('Sats received')
-        end
-
-        it 'uses the correct content type' do
-          expect(mail.header['content-type'].to_s).to include('text/plain')
-        end
-
-        it 'renders the body with correct content' do
-          expect(mail.body.encoded).to match(/You just received 21,000 sats/)
-          expect(mail.body.encoded).to include(user.address)
-        end
-
-        it 'includes a link to the lightning service page' do
-          expect(mail.body.encoded).to include("https://accounts.kosmos.org/services/lightning")
-        end
-      end
-    end
-
-    context "with PGP key" do
-      let(:pgp_pubkey) { File.read("#{Rails.root}/spec/fixtures/files/pgp_key_valid_alice.asc") }
-      let(:pgp_fingerprint) { "EB85BB5FA33A75E15E944E63F231550C4F47E38E" }
-      let(:user) { create(:user, id: 2, cn: "alice", email: 'alice@example.com', pgp_fpr: pgp_fingerprint) }
-
-      before do
-        allow_any_instance_of(User).to receive(:ldap_entry).and_return({
-          uid: user.cn, ou: user.ou, display_name: nil, pgp_key: pgp_pubkey
-        })
-      end
-
-      describe "encrypted email" do
-        let(:mail) { described_class.with(user: user, amount_sats: 21000).lightning_sats_received }
-
-        it 'renders the correct to/from headers' do
-          expect(mail.to).to eq([user.email])
-          expect(mail.from).to eq(['accounts@kosmos.org'])
-        end
-
-        it 'encrypts the subject line' do
-          expect(mail.subject).to eq('...')
-        end
-
-        it 'uses the correct content type' do
-          expect(mail.header['content-type'].to_s).to include('multipart/encrypted')
-          expect(mail.header['content-type'].to_s).to include('protocol="application/pgp-encrypted"')
-        end
-
-        it 'renders the PGP version part' do
-          expect(mail.body.encoded).to include("Content-Type: application/pgp-encrypted")
-          expect(mail.body.encoded).to include("Content-Description: PGP/MIME version identification")
-          expect(mail.body.encoded).to include("Version: 1")
-        end
-
-        it 'renders the encrypted PGP part' do
-          expect(mail.body.encoded).to include('Content-Type: application/octet-stream; name="encrypted.asc"')
-          expect(mail.body.encoded).to include('Content-Description: OpenPGP encrypted message')
-          expect(mail.body.encoded).to include('Content-Disposition: inline; filename="encrypted.asc"')
-          expect(mail.body.encoded).to include('-----BEGIN PGP MESSAGE-----')
-          expect(mail.body.encoded).to include('hF4DR')
-        end
-      end
-    end
-  end
-end