Defect #36394 » 36394-mail_handler_controller_permit_parameters.patch
| app/controllers/mail_handler_controller.rb | ||
|---|---|---|
| 28 | 28 | |
| 29 | 29 |
# Submits an incoming email to MailHandler |
| 30 | 30 |
def index |
| 31 |
options = params.dup |
|
| 31 |
options = params.permit( |
|
| 32 |
:key, |
|
| 33 |
:email, |
|
| 34 |
:allow_override, |
|
| 35 |
:unknown_user, |
|
| 36 |
:default_group, |
|
| 37 |
:no_account_notice, |
|
| 38 |
:no_notification, |
|
| 39 |
:no_permission_check, |
|
| 40 |
:project_from_subaddress, |
|
| 41 |
{
|
|
| 42 |
issue: [ |
|
| 43 |
:project, |
|
| 44 |
:status, |
|
| 45 |
:tracker, |
|
| 46 |
:category, |
|
| 47 |
:priority, |
|
| 48 |
:assigned_to, |
|
| 49 |
:fixed_version, |
|
| 50 |
:is_private |
|
| 51 |
] |
|
| 52 |
} |
|
| 53 |
).to_h |
|
| 32 | 54 |
email = options.delete(:email) |
| 33 | 55 |
if MailHandler.safe_receive(email, options) |
| 34 | 56 |
head :created |