Message Parameters Actionscripts
Message Parameters Actionscripts adds the ability to programatically change Message Parameters using Actionscripts. This can be used for instance to automatically disable authentication of a message if any recipient matches "@trusted.com". Or you can automatically set the private message flag if the subject contains "secret". Set the Expires After to 365 days from now if the recipient matches "@ouraccountant.com".
Please see the following as a video walkthrough of Message Authorization override using Actionscripts.
You can install or upload scripts by going to Admin → Configuration → Actionscripts. Please see the Actionscript Installation instruction for more details. When you have installed the script, you can enable the Message Parameters Actionscript on a per group basis in Admin → Groups.
When the script is executed, it will be exectured similar to:
your_actionscript.ext filedata.json
The filedata file (which in reality will be a randomized filename), will have content like the following JSON output:
{"message":
{
"id":"8pz77fP8c3gJdQiCd1hqzA",
"sender":"sender@mycompany.com",
"recipients":["john.doe@company1.com"],
"ccs":["jane.doe@company2.com","ken.smith@company3.com"],
"bccs": ["someone@mycompany.com"],
"expires_at":"2018-12-04",
"expires_after":0,
"authorization":1,
"size":12620046,
"subject":"Example Message Subject",
"message":"Example Message Body",
"private_message":false,
"authorization_description":"Anyone (with access to the randomized link) can access",
"created_at":"2018-06-07T12:45:25.000Z",
"attachments":[
{
"id":"Ok24eOJA1LuaQHFzNV4GMl",
"filename":"01-12345 our drawings1of2.pdf",
"size":10782517,
"content_type":"application/pdf",
"checksum":"2a5c809063b5831b3d73e4a294879fd056942b70b967f6ed7767c757a1f5bae2"
,"crc32":"3ad5a39c",
"created_at":"2018-06-07T12:44:42.000Z",
"system_file":"/data/domains/default/files/users/604/20180607_Ok24eOJA1LuaQHFzNV4GMl/01-12345_our_drawings1of2.pdf"
},{
"id":"mr60K8v511Se0r3Ba9Imn7",
"filename":"01-12345 our drawings2of2.pdf",
"size":1837529,
"content_type":"application/pdf",
"checksum":"483d57c9cb71b43dc73826579a25624118f0b8f65928524ed8747ebe1dc41d5c",
"crc32":"a493dc29",
"created_at":"2018-06-07T12:44:45.000Z",
"system_file":"/data/domains/default/files/users/604/20180607_mr60K8v511Se0r3Ba9Imn7/01-12345_our_drawings2of2.pdf"
}
]
}
}Please see the Message API for a description of each field. The only difference from the Message API is that there's no URL and instead there's a "system_file" for each attachment. It's this "system_file" parameter you can use to process files.
The parameters you can change using the Message Parameters Actionscript are:
- recipients, ccs, bccs — Array of recipients, ccs, bccs
- authorization — expects a numeric value 0-4
- private_message — true or false
- expires_after — numeric value
- expires_at — date on the format YYYY-MM-DD
- subject — string
- error — will return an error to the user and will prevent the message to send.
Please note that the message will still need to pass validation, so if you have configured that the expires_at can be max 180 days in the future, and the Actionscript sets expires_at to 365 days in the future, the validation will fail and there will be an error presented to the user.
The output from the script needs to be in JSON format like:
{
"authorization": 0,
"private_message": true,
"expires_after": 10,
"expires_at": "2020-02-20",
"subject": "My new Subject",
"error": "You cannot send this message because..."
}You only need to include the parameters you wish to change. If there's no parameters and no output, the message will not change.
If there's any output to STDERR or the exit code is not zero (0), an error message will be sent with the output to the configured System Alert email address. You can use this for debugging.
Please see the following example Actionscript that will override the message authorization and set it to 0 (unauthenticated) if any recipient matches @trusted.com:
#!/usr/bin/env ruby
require 'json'
message_data = JSON.parse(File.read(ARGV[0]))
authorization = message_data["message"]["authorization"]
message_data["message"]["recipients"].each do |recipient|
authorization = 0 if recipient.match(/@trusted\.com/)
end
puts %{{"authorization": #{authorization}}}
If you examine the script, you can see that the script parses the JSON output from the messagedata file. It will then iterate over each recipient. If any recipient matches @trusted.com, it will set the authorization for the message to 0, meaning no authentication. If no recipient matches @trusted.com, it will use the previous authorization from the message.
Another example script:
#!/usr/bin/env ruby
require 'json'
message_data = JSON.parse(File.read(ARGV[0]))
untrusted_error = false
if message_data["message"]["authorization"] = 0
message_data["message"]["recipients"].each do |recipient|
if recipient.match(/@untrusted\.com/)
untrusted_error = true
end
end
end
if untrusted_error
puts '{"error": "You are not allowed to set no authentication when sending to @untrusted.com"}'
end
In this example, there will be an error message if any recipient matches @untrusted.com, and no authentication is set on the message. If you wanted to, you could have overwritten the authorization to something else instead.
Yes Another example script:
#!/usr/bin/env ruby
require 'json'
message_data = JSON.parse(File.read(ARGV[0]))
if message_data["message"]["subject"].match(/secret/i) || message_data["message"]["message"].match(/secret/i)
bcc = (message_data["message"]["bccs"] + ["boss@company.com"]).to_json
puts %{{"authorization": 3, "private_message": true, "bccs": #{bccs}}}
end
In this example, the authorization will be set to Only Specified Recipients, it sets the private message flag and adds "boss@company.com" if either the subject or message matches "secret".