diff --git a/actionmailbox/app/controllers/action_mailbox/ingresses/relay/inbound_emails_controller.rb b/actionmailbox/app/controllers/action_mailbox/ingresses/relay/inbound_emails_controller.rb index 04cd1c1158f..d569e04334b 100644 --- a/actionmailbox/app/controllers/action_mailbox/ingresses/relay/inbound_emails_controller.rb +++ b/actionmailbox/app/controllers/action_mailbox/ingresses/relay/inbound_emails_controller.rb @@ -52,7 +52,11 @@ module ActionMailbox before_action :authenticate_by_password, :require_valid_rfc822_message def create - ActionMailbox::InboundEmail.create_and_extract_message_id! request.body.read + if request.body + ActionMailbox::InboundEmail.create_and_extract_message_id! request.body.read + else + head :unprocessable_entity + end end private diff --git a/actionmailbox/test/controllers/ingresses/relay/inbound_emails_controller_test.rb b/actionmailbox/test/controllers/ingresses/relay/inbound_emails_controller_test.rb index dcf698ae4a2..ac0a6fab750 100644 --- a/actionmailbox/test/controllers/ingresses/relay/inbound_emails_controller_test.rb +++ b/actionmailbox/test/controllers/ingresses/relay/inbound_emails_controller_test.rb @@ -31,6 +31,15 @@ class ActionMailbox::Ingresses::Relay::InboundEmailsControllerTest < ActionDispa assert_equal "05988AA6EC0D44318855A5E39E3B6F9E@jansterba.com", inbound_email.message_id end + test "rejecting a request with no body" do + assert_no_difference -> { ActionMailbox::InboundEmail.count } do + post rails_relay_inbound_emails_url, headers: { "Authorization" => credentials, "Content-Type" => "message/rfc822" }, + env: { "rack.input" => nil } + end + + assert_response :unprocessable_entity + end + test "rejecting an unauthorized inbound email" do assert_no_difference -> { ActionMailbox::InboundEmail.count } do post rails_relay_inbound_emails_url, headers: { "Content-Type" => "message/rfc822" },