* Drop recipients that are on the AppConfig access-control ban list. Returns the * original options when nothing is banned, options narrowed to the allowed * recipients when some are, or `null` when every recipient is banned. Config is * cached (~30s TTL) with an env fallback, so a missing/unreac
(options: EmailOptions)
| 55 | * fails open rather than blocking all mail. |
| 56 | */ |
| 57 | async function applyBanList(options: EmailOptions): Promise<EmailOptions | null> { |
| 58 | const recipients = Array.isArray(options.to) ? options.to : [options.to] |
| 59 | const config = await getAccessControlConfig() |
| 60 | const allowed = recipients.filter((email) => !isEmailBlockedByAccessControl(email, config)) |
| 61 | if (allowed.length === 0) return null |
| 62 | if (allowed.length === recipients.length) return options |
| 63 | return { ...options, to: allowed.length === 1 ? allowed[0] : allowed } |
| 64 | } |
| 65 | |
| 66 | export async function sendEmail(options: EmailOptions): Promise<SendEmailResult> { |
| 67 | try { |
no test coverage detected