forked from serverlessworkflow/sdk-java
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathEmailPolicies.java
More file actions
69 lines (60 loc) · 2.2 KB
/
Copy pathEmailPolicies.java
File metadata and controls
69 lines (60 loc) · 2.2 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
/*
* Copyright 2020-Present The Serverless Workflow Specification Authors
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.acme;
import java.net.URI;
import java.util.ArrayList;
import java.util.List;
import java.util.Set;
import java.util.regex.Pattern;
public final class EmailPolicies {
public static PolicyDecision policyCheck(EmailDraft d) {
var notes = new ArrayList<String>();
var subject = safeTrim(d.subject());
var body = safeTrim(d.bodyPlain());
if (subject.isEmpty()) notes.add("Missing subject");
if (body.isEmpty()) notes.add("Missing body");
var secret = Pattern.compile("(?i)(api[-_]?key|secret|password|token)\\s*[:=]\\s*\\S+");
if (secret.matcher(body).find() || secret.matcher(subject).find()) {
notes.add("Suspected secret detected");
return new PolicyDecision(Decision.BLOCKED, d, notes);
}
var allow = Set.of("example.com", "acme.com");
var badLinks = new ArrayList<String>();
for (String url : d.links() == null ? List.<String>of() : d.links()) {
try {
String host = URI.create(url).getHost();
if (host == null || allow.stream().noneMatch(host::endsWith)) {
badLinks.add(url);
}
} catch (IllegalArgumentException ignored) {
badLinks.add(url);
}
}
if (!badLinks.isEmpty()) {
notes.add("Non-allowed or malformed links: " + badLinks);
}
var decision = notes.isEmpty() ? Decision.AUTO_SEND : Decision.REVIEW;
return new PolicyDecision(decision, new EmailDraft(subject, body, d.links()), notes);
}
private static String safeTrim(String s) {
return s == null ? "" : s.trim();
}
public enum Decision {
AUTO_SEND,
REVIEW,
BLOCKED
}
}