PiCloud

fabi/PiCloud

Fork 0

Commit Graph

Author	SHA1	Message	Date
MechaCat02	1f78937dd2	feat(v1.1.7-email-inbound): webhook receiver + email:receive trigger Inbound email: a provider POSTs a normalized JSON message to POST /api/v1/email-inbound/{app_id}/{trigger_id}; the public receiver verifies the optional HMAC signature, builds a TriggerEvent::Email, and enqueues an outbox row the dispatcher delivers like any async trigger. Handlers see ctx.event.email = #{from,to,cc,subject,text,html, received_at,message_id}. - migration 0024: widen triggers.kind + outbox.source_kind CHECKs to 'email'; new email_trigger_details table. - TriggerKind::Email, TriggerDetails::Email{has_inbound_secret}, OutboxSourceKind::Email, TriggerEvent::Email; dispatcher routes the email row via the generic resolve_trigger path. - Admin POST /apps/{id}/triggers/email (validate_trigger_target; module + cross-app rejection). inbound_secret is stored ENCRYPTED via the master key (deviation from the brief's plaintext default; decrypted per inbound request — see HANDBACK §7). - Dashboard: email trigger form on the Triggers tab + webhook URL + expected-payload help. - 8 DB-gated e2e tests (202/401/404/422/cross-app/handler-fire) + receiver unit tests (HMAC verify, secret round-trip, payload parse). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>	2026-06-04 22:24:35 +02:00
MechaCat02	8f2d2bc721	feat(v1.1.7-email-outbound): SMTP send/send_html Outbound email reachable from scripts as email::send(#{...}) (plain text) and email::send_html(#{...}) (multipart text + HTML). Backed by a lettre SMTP relay configured from PICLOUD_SMTP_HOST/PORT/USER/PASSWORD/ TLS/TIMEOUT_SECS; if HOST/USER/PASSWORD aren't all set the service runs in disabled mode (every send throws NotConfigured, warned at startup). - EmailService trait + OutboundEmail DTO (picloud-shared); EmailServiceImpl + EmailTransport seam + lettre transport (manager-core), wired into the Services bundle and Rhai engine. - Capability::AppEmailSend (→ script:write); seven-scope commitment held. - Required-field + RFC5322-ish address validation; 25 MB per-message cap (PICLOUD_EMAIL_MAX_MESSAGE_BYTES). reply_to defaults to from. - Per-call connection (pooling deferred to v1.2); no per-app from validation (operator's SMTP/SPF/DKIM concern). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>	2026-06-04 21:47:46 +02:00

Author

SHA1

Message

Date

MechaCat02

1f78937dd2

feat(v1.1.7-email-inbound): webhook receiver + email:receive trigger

Inbound email: a provider POSTs a normalized JSON message to
POST /api/v1/email-inbound/{app_id}/{trigger_id}; the public receiver
verifies the optional HMAC signature, builds a TriggerEvent::Email, and
enqueues an outbox row the dispatcher delivers like any async trigger.
Handlers see ctx.event.email = #{from,to,cc,subject,text,html,
received_at,message_id}.

- migration 0024: widen triggers.kind + outbox.source_kind CHECKs to
  'email'; new email_trigger_details table.
- TriggerKind::Email, TriggerDetails::Email{has_inbound_secret},
  OutboxSourceKind::Email, TriggerEvent::Email; dispatcher routes the
  email row via the generic resolve_trigger path.
- Admin POST /apps/{id}/triggers/email (validate_trigger_target; module
  + cross-app rejection). inbound_secret is stored ENCRYPTED via the
  master key (deviation from the brief's plaintext default; decrypted
  per inbound request — see HANDBACK §7).
- Dashboard: email trigger form on the Triggers tab + webhook URL +
  expected-payload help.
- 8 DB-gated e2e tests (202/401/404/422/cross-app/handler-fire) +
  receiver unit tests (HMAC verify, secret round-trip, payload parse).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

2026-06-04 22:24:35 +02:00

MechaCat02

8f2d2bc721

feat(v1.1.7-email-outbound): SMTP send/send_html

Outbound email reachable from scripts as email::send(#{...}) (plain
text) and email::send_html(#{...}) (multipart text + HTML). Backed by a
lettre SMTP relay configured from PICLOUD_SMTP_HOST/PORT/USER/PASSWORD/
TLS/TIMEOUT_SECS; if HOST/USER/PASSWORD aren't all set the service runs
in disabled mode (every send throws NotConfigured, warned at startup).

- EmailService trait + OutboundEmail DTO (picloud-shared);
  EmailServiceImpl + EmailTransport seam + lettre transport
  (manager-core), wired into the Services bundle and Rhai engine.
- Capability::AppEmailSend (→ script:write); seven-scope commitment held.
- Required-field + RFC5322-ish address validation; 25 MB per-message cap
  (PICLOUD_EMAIL_MAX_MESSAGE_BYTES). reply_to defaults to from.
- Per-call connection (pooling deferred to v1.2); no per-app from
  validation (operator's SMTP/SPF/DKIM concern).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

2026-06-04 21:47:46 +02:00

2 Commits