refactor(channel): accept SendMessage struct in Channel::send()
Refactor the Channel trait to accept a SendMessage struct instead of separate message and recipient string parameters. This enables passing additional metadata like email subjects. Changes: - Add SendMessage struct with content, recipient, and optional subject - Update Channel::send() signature to accept &SendMessage - Update all 12 channel implementations - Update call sites in channels/mod.rs and gateway/mod.rs Subject field usage: - Email: uses subject for email subject line - DingTalk: uses subject as markdown message title - All others: ignore subject (no native platform support)
This commit is contained in:
Kieran
Chummy
parent
b8ed42edbb
commit
dbebd48dfe
14 changed files with 153 additions and 73 deletions
|
|
@ -1,4 +1,4 @@
|
|||
use crate::channels::traits::{Channel, ChannelMessage};
|
||||
use crate::channels::traits::{Channel, ChannelMessage, SendMessage};
|
||||
use async_trait::async_trait;
|
||||
use directories::UserDirs;
|
||||
use rusqlite::{Connection, OpenFlags};
|
||||
|
|
@ -95,9 +95,9 @@ impl Channel for IMessageChannel {
|
|||
"imessage"
|
||||
}
|
||||
|
||||
async fn send(&self, message: &str, target: &str) -> anyhow::Result<()> {
|
||||
async fn send(&self, message: &SendMessage) -> anyhow::Result<()> {
|
||||
// Defense-in-depth: validate target format before any interpolation
|
||||
if !is_valid_imessage_target(target) {
|
||||
if !is_valid_imessage_target(&message.recipient) {
|
||||
anyhow::bail!(
|
||||
"Invalid iMessage target: must be a phone number (+1234567890) or email (user@example.com)"
|
||||
);
|
||||
|
|
@ -105,8 +105,8 @@ impl Channel for IMessageChannel {
|
|||
|
||||
// SECURITY: Escape both message AND target to prevent AppleScript injection
|
||||
// See: CWE-78 (OS Command Injection)
|
||||
let escaped_msg = escape_applescript(message);
|
||||
let escaped_target = escape_applescript(target);
|
||||
let escaped_msg = escape_applescript(&message.content);
|
||||
let escaped_target = escape_applescript(&message.recipient);
|
||||
|
||||
let script = format!(
|
||||
r#"tell application "Messages"
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue