Category not accepting "anonymous email" from known users


(Michael Downey) #1

Reproduce:

  1. Have a “private” category that only has create/reply/see access for members of a specific group. No other permissions.
  2. Enable “anonymous email in” for that specific via a unique working alias to the incoming POP account.
  3. Have a non-staff user that is not a member of the group send an email report in to the category email address from the email address associated with their account.
  4. Send in an email from an account not associated with any known Discourse account.

Expected Behavior:

  • Both #3 and #4 result in new topics in the private category, and the group can begin discussion.

Actual Behavior:

  • The email in #4 works but email in #3 is rejected with the can_create? failed error.

Can't forward an email to a group & preserve the content
Can't forward an email to a group & preserve the content
(Sam Saffron) #2

@zogstrip can you review this?


(Jeff Atwood) #3

Is this still a problem?


(Michael Downey) #4

I’m no longer running a site with incoming email enabled so unfortunately can’t reproduce to say either way.


(Régis Hanol) #5

Pretty sure #3 still isn’t working.

When we receive an email, we first try to associate it to a user, and then we check for permissions. Since the user isn’t part of the group, they can’t post.

The email_in_allow_strangers field on the category only works for staged users.


#6

Can confirm #3 still not working. Is the best workaround right now to have emails directed at a group rather than a category? Not my preferred arrangement but I can switch until a patch comes out.