feat: add domain blocklist feature (#10016)

Co-authored-by: Pranav <pranav@chatwoot.com>
2025-10-29 18:22:53 +00:00 · 2024-08-26 13:05:36 +05:30
parent 53d68868c6
commit 3489783cb8
5 changed files with 31 additions and 4 deletions
--- a/app/builders/account_builder.rb
+++ b/app/builders/account_builder.rb
@@ -32,6 +32,8 @@ class AccountBuilder
  end

  def validate_email
+    raise InvalidEmail.new({ domain_blocked: domain_blocked }) if domain_blocked?
+
    address = ValidEmail2::Address.new(@email)
    if address.valid? && !address.disposable?
      true
@@ -79,4 +81,21 @@ class AccountBuilder
    @user.confirm if @confirmed
    @user.save!
  end
+
+  def domain_blocked?
+    domain = @email.split('@').last
+
+    blocked_domains.each do |blocked_domain|
+      return true if domain.match?(blocked_domain)
+    end
+
+    false
+  end
+
+  def blocked_domains
+    domains = GlobalConfigService.load('BLOCKED_EMAIL_DOMAINS', '')
+    domains.split("\n").map(&:strip) if domains.present?
+
+    []
+  end
 end
--- a/config/installation_config.yml
+++ b/config/installation_config.yml
@@ -168,6 +168,11 @@
  display_title: 'Dashboard Scripts'
  description: 'Scripts are loaded as the last item in the <body> tag'
  type: code
+- name: BLOCKED_EMAIL_DOMAINS
+  value:
+  display_title: 'Blocked Email Domains'
+  description: 'Add a domain per line to block them from signing up, accepts Regex'
+  type: code
 # ------- End of Chatwoot Internal Config for Cloud ----#

 # ------- Chatwoot Internal Config for Self Hosted ----#
@@ -220,11 +225,11 @@

 ## ----- Captain Configs ----- ##
 - name: CAPTAIN_API_URL
-  value: 
+  value:
  display_title: 'Captain API URL'
  description: 'The API URL for Captain'
 - name: CAPTAIN_APP_URL
-  value: 
+  value:
  display_title: 'Captain App URL'
  description: 'The App URL for Captain'
 ## ----- End of Captain Configs ----- ##
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -43,6 +43,7 @@ en:
      invalid: Invalid events
    signup:
      disposable_email: We do not allow disposable emails
+      blocked_domain: This domain is not allowed. If you believe this is a mistake, please contact support.
      invalid_email: You have entered an invalid email
      email_already_exists: "You have already signed up for an account with %{email}"
      invalid_params: 'Invalid, please check the signup paramters and try again'
--- a/enterprise/app/controllers/enterprise/super_admin/app_configs_controller.rb
+++ b/enterprise/app/controllers/enterprise/super_admin/app_configs_controller.rb
@@ -32,6 +32,6 @@ module Enterprise::SuperAdmin::AppConfigsController
  end

  def internal_config_options
-    %w[CHATWOOT_INBOX_TOKEN CHATWOOT_INBOX_HMAC_KEY ANALYTICS_TOKEN CLEARBIT_API_KEY DASHBOARD_SCRIPTS]
+    %w[CHATWOOT_INBOX_TOKEN CHATWOOT_INBOX_HMAC_KEY ANALYTICS_TOKEN CLEARBIT_API_KEY DASHBOARD_SCRIPTS BLOCKED_EMAIL_DOMAINS]
  end
 end
--- a/lib/custom_exceptions/account.rb
+++ b/lib/custom_exceptions/account.rb
@@ -3,7 +3,9 @@
 module CustomExceptions::Account
  class InvalidEmail < CustomExceptions::Base
    def message
-      if @data[:disposable]
+      if @data[:domain_blocked]
+        I18n.t 'errors.signup.blocked_domain'
+      elsif @data[:disposable]
        I18n.t 'errors.signup.disposable_email'
      elsif !@data[:valid]
        I18n.t 'errors.signup.invalid_email'