Merge pull request #19413 from jdavcs/dev_permaban

Prevent users from reusing a banned email after account is purged

doc/source/admin/galaxy_options.rst

@@ -1817,6 +1817,44 @@
 :Type: str
 
 
+~~~~~~~~~~~~~~~~~~
+``email_ban_file``
+~~~~~~~~~~~~~~~~~~
+
+:Description:
+    E-mail ban file is used to specify email addresses that have been
+    banned. If a user attempts to register a new account using an
+    email address listed in this file, registration will be denied.
+    This file does not affect user sign-in. Email addresses are
+    matched against a canonical address representation based on rules
+    defined in <canonical_email_rules>. The file should include one
+    email address per line. Lines starting with the "#" character are
+    ignored.
+    Example value "banned_emails.conf"
+    The value of this option will be resolved with respect to
+    <config_dir>.
+:Default: ``None``
+:Type: str
+
+
+~~~~~~~~~~~~~~~~~~~~~~~~~
+``canonical_email_rules``
+~~~~~~~~~~~~~~~~~~~~~~~~~
+
+:Description:
+    Specifies how email addresses are reduced to their canonical form
+    by assigning rules to email service domains and domain aliases.
+    Available rules - ignore_case   Values are not case-sensitive
+    ([email protected] == [email protected]) - ignore_dots
+    Periods in the local-part of an email address are ignored
+    ([email protected] == [email protected]) - sub_addressing
+    Suffixes prefixed with <sub_addressing_delim> in the local-part of
+    an email address are ignored   ([email protected] ==
+    [email protected] if delimiter is the character '+')
+:Default: ``{'all': {'ignore_case': False, 'ignore_dots': False, 'sub_addressing': False, 'sub_addressing_delim': '+'}, 'gmail.com': {'aliases': ['googlemail.com'], 'ignore_case': True, 'ignore_dots': True, 'sub_addressing': True}, 'proton.me': {'aliases': ['pm.me', 'protonmail.com'], 'ignore_case': True, 'sub_addressing': True}}``
+:Type: map
+
+
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 ``registration_warning_message``
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

lib/galaxy/app_unittest_utils/galaxy_mock.py

@@ -225,6 +225,8 @@ def __init__(self, **kwargs):
         self.custom_activation_email_message = "custom_activation_email_message"
         self.email_domain_allowlist_content = None
         self.email_domain_blocklist_content = None
+        self.email_ban_file = None
+        self.canonical_email_rules = None
         self.email_from = "email_from"
         self.enable_old_display_applications = True
         self.error_email_to = "[email protected]"

lib/galaxy/config/config_manage.py

@@ -26,6 +26,8 @@
 except ImportError:
     settings_to_sample = None
 
+from pykwalify.errors import RuleError
+
 try:
     from pykwalify.core import Core
 except ImportError:
@@ -373,7 +375,13 @@ def _clean(p: Tuple[str, ...], k: str, v: Any) -> bool:
             schema_files=[fp.name],
         )
     os.remove(config_p.name)
-    c.validate()
+    try:
+        c.validate()
+    except RuleError as error:
+        if error.error_key == "default.not_scalar":
+            # Default values are not supported by pykwalify (or kwalify) for map types. Yet, it is
+            # beneficial to provide those defaults since they are loaded with the schema.
+            pass
 
 
 def _run_conversion(args: Namespace, app_desc: App) -> None:

lib/galaxy/config/sample/galaxy.yml.sample

@@ -1217,6 +1217,46 @@ galaxy:
   # <config_dir>.
   #email_domain_allowlist_file: null
 
+  # E-mail ban file is used to specify email addresses that have been
+  # banned. If a user attempts to register a new account using an email
+  # address listed in this file, registration will be denied. This file
+  # does not affect user sign-in. Email addresses are matched against a
+  # canonical address representation based on rules defined in
+  # <canonical_email_rules>. The file should include one email address
+  # per line. Lines starting with the "#" character are ignored.
+  # Example value "banned_emails.conf"
+  # The value of this option will be resolved with respect to
+  # <config_dir>.
+  #email_ban_file: null
+
+  # Specifies how email addresses are reduced to their canonical form by
+  # assigning rules to email service domains and domain aliases.
+  # Available rules - ignore_case   Values are not case-sensitive
+  # ([email protected] == [email protected]) - ignore_dots   Periods
+  # in the local-part of an email address are ignored
+  # ([email protected] == [email protected]) - sub_addressing
+  # Suffixes prefixed with <sub_addressing_delim> in the local-part of
+  # an email address are ignored   ([email protected] ==
+  # [email protected] if delimiter is the character '+')
+  #canonical_email_rules:
+  #  all:
+  #    ignore_case: false
+  #    ignore_dots: false
+  #    sub_addressing: false
+  #    sub_addressing_delim: +
+  #  gmail.com:
+  #    aliases:
+  #    - googlemail.com
+  #    ignore_case: true
+  #    ignore_dots: true
+  #    sub_addressing: true
+  #  proton.me:
+  #    aliases:
+  #    - pm.me
+  #    - protonmail.com
+  #    ignore_case: true
+  #    sub_addressing: true
+
   # Registration warning message is used to discourage people from
   # registering multiple accounts.  Applies mostly for the main Galaxy
   # instance. If no message specified the warning box will not be shown.

lib/galaxy/config/sample/tool_shed.yml.sample

@@ -322,6 +322,46 @@ tool_shed:
   # <email_domain_blocklist_file> will be ignored.
   #email_domain_allowlist_file: null
 
+  # E-mail ban file is used to specify email addresses that have been
+  # banned. If a user attempts to register a new account using an email
+  # address listed in this file, registration will be denied. This file
+  # does not affect user sign-in. Email addresses are matched against a
+  # canonical address representation based on rules defined in
+  # <canonical_email_rules>. The file should include one email address
+  # per line. Lines starting with the "#" character are ignored.
+  # Example value "banned_emails.conf"
+  # The value of this option will be resolved with respect to
+  # <config_dir>.
+  #email_ban_file: null
+
+  # Specifies how email addresses are reduced to their canonical form by
+  # assigning rules to email service domains and domain aliases.
+  # Available rules - ignore_case   Values are not case-sensitive
+  # ([email protected] == [email protected]) - ignore_dots   Periods
+  # in the local-part of an email address are ignored
+  # ([email protected] == [email protected]) - sub_addressing
+  # Suffixes prefixed with <sub_addressing_delim> in the local-part of
+  # an email address are ignored   ([email protected] ==
+  # [email protected] if delimiter is the character '+')
+  #canonical_email_rules:
+  #  all:
+  #    ignore_case: false
+  #    ignore_dots: false
+  #    sub_addressing: false
+  #    sub_addressing_delim: +
+  #  gmail.com:
+  #    aliases:
+  #    - googlemail.com
+  #    ignore_case: true
+  #    ignore_dots: true
+  #    sub_addressing: true
+  #  proton.me:
+  #    aliases:
+  #    - pm.me
+  #    - protonmail.com
+  #    ignore_case: true
+  #    sub_addressing: true
+
   # Append "/{brand}" to the "Galaxy" text in the masthead.
   #brand: null
 

lib/galaxy/config/schemas/config_schema.yml

@@ -1303,6 +1303,87 @@ mapping:
 
           The value of this option will be resolved with respect to <config_dir>.
 
+      email_ban_file:
+        type: str
+        path_resolves_to: config_dir
+        required: false
+        desc: |
+          E-mail ban file is used to specify email addresses that have been banned.
+          If a user attempts to register a new account using an email address listed in this file,
+          registration will be denied. This file does not affect user sign-in. Email addresses are
+          matched against a canonical address representation based on rules defined in <canonical_email_rules>.
+          The file should include one email address per line. Lines starting with the "#" character are ignored.
+
+          Example value "banned_emails.conf"
+
+      canonical_email_rules:
+        type: map
+        desc: |
+          Specifies how email addresses are reduced to their canonical form by assigning rules to
+          email service domains and domain aliases.
+
+          Available rules
+          - ignore_case
+            Values are not case-sensitive ([email protected] == [email protected])
+          - ignore_dots
+            Periods in the local-part of an email address are ignored ([email protected] == [email protected])
+          - sub_addressing
+            Suffixes prefixed with <sub_addressing_delim> in the local-part of an email address are ignored
+            ([email protected] == [email protected] if delimiter is the character '+')
+
+        default:
+          all:
+            ignore_case: false
+            ignore_dots: false
+            sub_addressing: false
+            sub_addressing_delim: "+"
+          gmail.com:
+            aliases:
+              - googlemail.com
+            ignore_case: true
+            ignore_dots: true
+            sub_addressing: true
+          proton.me:
+            aliases:
+              - pm.me
+              - protonmail.com
+            ignore_case: true
+            sub_addressing: true
+
+        mapping:
+          regex;(.+):
+            type: map
+            desc: |
+              Email service domain name. Note that "all" is a reserved keyword used to refer to all email service domain names.
+              Example value "gmail.com"
+            mapping:
+              aliases:
+                type: seq
+                desc: |
+                  Domain aliases used by email service.
+                sequence:
+                  - type: str
+              ignore_dots:
+                type: bool
+                default: false
+                desc: |
+                  Periods in the local-part of an email address will be ignored.
+              ignore_case:
+                type: bool
+                default: false
+                desc: |
+                  Email addresses are not case-sensitive.
+              sub_addressing:
+                type: bool
+                default: false
+                desc: |
+                  In the email address's local-part, ignore the suffix prefixed with <sub_addressing_delim>.
+              sub_addressing_delim:
+                type: str
+                default: "+"
+                desc: |
+                  The delimiter used to separate the address from the optional sub-addressing suffix.
+
       registration_warning_message:
         type: str
         default: >-

lib/galaxy/config/schemas/tool_shed_config_schema.yml

@@ -570,6 +570,87 @@ mapping:
           therefore, in case <email_domain_allowlist_file> is set and is not empty,
           <email_domain_blocklist_file> will be ignored.
 
+      email_ban_file:
+        type: str
+        path_resolves_to: config_dir
+        required: false
+        desc: |
+          E-mail ban file is used to specify email addresses that have been banned.
+          If a user attempts to register a new account using an email address listed in this file,
+          registration will be denied. This file does not affect user sign-in. Email addresses are
+          matched against a canonical address representation based on rules defined in <canonical_email_rules>.
+          The file should include one email address per line. Lines starting with the "#" character are ignored.
+
+          Example value "banned_emails.conf"
+
+      canonical_email_rules:
+        type: map
+        desc: |
+          Specifies how email addresses are reduced to their canonical form by assigning rules to
+          email service domains and domain aliases.
+
+          Available rules
+          - ignore_case
+            Values are not case-sensitive ([email protected] == [email protected])
+          - ignore_dots
+            Periods in the local-part of an email address are ignored ([email protected] == [email protected])
+          - sub_addressing
+            Suffixes prefixed with <sub_addressing_delim> in the local-part of an email address are ignored
+            ([email protected] == [email protected] if delimiter is the character '+')
+
+        default:
+          all:
+            ignore_case: false
+            ignore_dots: false
+            sub_addressing: false
+            sub_addressing_delim: "+"
+          gmail.com:
+            aliases:
+              - googlemail.com
+            ignore_case: true
+            ignore_dots: true
+            sub_addressing: true
+          proton.me:
+            aliases:
+              - pm.me
+              - protonmail.com
+            ignore_case: true
+            sub_addressing: true
+
+        mapping:
+          regex;(.+):
+            type: map
+            desc: |
+              Email service domain name. Note that "all" is a reserved keyword used to refer to all email service domain names.
+              Example value "gmail.com"
+            mapping:
+              aliases:
+                type: seq
+                desc: |
+                  Domain aliases used by email service.
+                sequence:
+                  - type: str
+              ignore_dots:
+                type: bool
+                default: false
+                desc: |
+                  Periods in the local-part of an email address will be ignored.
+              ignore_case:
+                type: bool
+                default: false
+                desc: |
+                  Email addresses are not case-sensitive.
+              sub_addressing:
+                type: bool
+                default: false
+                desc: |
+                  In the email address's local-part, ignore the suffix prefixed with <sub_addressing_delim>.
+              sub_addressing_delim:
+                type: str
+                default: "+"
+                desc: |
+                  The delimiter used to separate the address from the optional sub-addressing suffix.
+
       brand:
         type: str
         required: false