Improve email message readability (#3950)

Author: imnasnainaec

Backend.Tests/Controllers/InviteControllerTests.cs

@@ -46,6 +46,9 @@ public async Task Setup()
                 new UserRoleRepositoryMock(), new EmailServiceMock(), permissionService);
             _inviteController = new InviteController(_projRepo, inviteService, permissionService);
 
+            var _userId = (await _userRepo.Create(new() { Name = "Signore Inviter", Username = "inviter" }))!.Id;
+            _inviteController.ControllerContext.HttpContext = PermissionServiceMock.HttpContextWithUserId(_userId);
+
             _projId = (await _projRepo.Create(new Project { Name = ProjectName }))!.Id;
             var inviteActive =
                 new ProjectInvite(_projId, EmailActive, Role.Harvester) { Created = DateTime.UtcNow };
@@ -56,7 +59,7 @@ public async Task Setup()
             await inviteRepo.Insert(inviteExpired);
             _tokenExpired = inviteExpired.Token;
             var inviteFuture =
-                new ProjectInvite(_projId, EmailExpired, Role.Harvester) { Created = DateTime.UtcNow.AddYears(1) };
+                new ProjectInvite(_projId, EmailFuture, Role.Harvester) { Created = DateTime.UtcNow.AddYears(1) };
             await inviteRepo.Insert(inviteFuture);
             _tokenFuture = inviteFuture.Token;
         }

Backend/Controllers/InviteController.cs

@@ -37,13 +37,15 @@ public async Task<IActionResult> EmailInviteToProject([FromBody, BindRequired] E
                 return Forbid();
             }
 
+            var inviterId = _permissionService.GetUserId(HttpContext);
+
             var project = await _projRepo.GetProject(projectId);
             if (project is null)
             {
                 return NotFound($"projectId: {projectId}");
             }
 
-            return Ok(await _inviteService.EmailLink(project, data.Role, data.EmailAddress, data.Message));
+            return Ok(await _inviteService.EmailLink(project, data.Role, data.EmailAddress, inviterId, data.Message));
         }
 
         /// <summary> Validates invite token in url and adds user to project </summary>

Backend/Interfaces/IInviteService.cs

@@ -5,7 +5,7 @@ namespace BackendFramework.Interfaces
 {
     public interface IInviteService
     {
-        Task<string> EmailLink(Project project, Role role, string emailAddress, string message);
+        Task<string> EmailLink(Project project, Role role, string emailAddress, string inviterId, string message);
         Task<EmailInviteStatus> ValidateProjectToken(string projectId, string token);
     }
 }

Backend/Services/EmailVerifyService.cs

@@ -60,10 +60,10 @@ private MimeMessage CreateEmail(User user, string url)
             message.Subject = "The Combine email verification";
             message.Body = new TextPart("plain")
             {
-                Text = $"Email verification has been requested for the user {user.Username}. " +
-                    $"Follow the link to verify {user.Username}'s email address: {url}\n\n" +
-                    "Email verification is required to add users to your projects in The Combine." +
-                    $"(This link will expire in {_expireTime.TotalMinutes} minutes.)\n\n" +
+                Text = $"Email verification has been requested for {user.Name} (username: {user.Username}).\n\n" +
+                    "Email verification is required to add users to your projects in The Combine.\n\n" +
+                    $"Follow this link to verify your email address: {url}\n\n" +
+                    $"(Link will expire in {_expireTime.TotalMinutes} minutes.)\n\n" +
                     "If you do not wish to verify your email address, you may ignore this email."
             };
             return message;

Backend/Services/InviteService.cs

@@ -19,6 +19,8 @@ public class InviteService(IOptions<Startup.Settings> options, IInviteRepository
         private readonly IEmailService _emailService = emailService;
         private readonly IPermissionService _permissionService = permissionService;
 
+        private const int MaxInviteMessageLength = 1000;
+
         internal static string CreateLink(ProjectInvite invite)
         {
             // Matches the Path.ProjInvite route in src\router\appRoutes.tsx
@@ -32,27 +34,38 @@ internal async Task<ProjectInvite> CreateProjectInvite(string projectId, Role ro
             return invite;
         }
 
-        private MimeMessage CreateEmail(string emailAddress, string emailMessage, string link, string projectName)
+        private MimeMessage CreateEmail(
+            string emailAddress, string emailMessage, string inviter, string link, string projectName)
         {
+            // Trim user-provided emailMessage
+            var trimmedMessage = emailMessage.Trim();
+            if (trimmedMessage.Length > MaxInviteMessageLength)
+            {
+                trimmedMessage = trimmedMessage.Substring(0, MaxInviteMessageLength);
+            }
+
             var message = new MimeMessage();
             message.To.Add(new MailboxAddress("FutureCombineUser", emailAddress));
-            message.Subject = "The Combine Project Invite";
-            message.Body = new TextPart("plain")
+            message.Subject = "The Combine project invitation";
+            message.Body = new TextPart("plain") // With "plain", we don't need to sanitize emailMessage.
             {
-                Text = $"You have been invited project '{projectName}' on The Combine.\n" +
-                       $"To become a member of this project, go to {link}.\n" +
-                       $"Use this email address during registration: {emailAddress}.\n\n" +
-                       $"Message from Project Admin: {emailMessage}\n\n" +
-                       $"(This link will expire in {_expireTime.TotalDays} days.)\n\n" +
-                       "If you did not expect an invite please ignore this email."
+                Text = $"You have been invited to project '{projectName}' on The Combine.\n\n" +
+                       $"Follow this link to become a member of the project: {link}\n\n" +
+                       $"(Link will expire in {_expireTime.TotalDays} days.)\n\n" +
+                       $"Use this email address during registration: {emailAddress}\n\n" +
+                       "If you did not expect an invite, please ignore this email.\n\n" +
+                       $"Message from project administrator ({inviter}):\n\n" +
+                       trimmedMessage
             };
             return message;
         }
 
-        public async Task<string> EmailLink(Project project, Role role, string emailAddress, string message)
+        public async Task<string> EmailLink(
+            Project project, Role role, string emailAddress, string inviterId, string message)
         {
             var link = CreateLink(await CreateProjectInvite(project.Id, role, emailAddress));
-            await _emailService.SendEmail(CreateEmail(emailAddress, message, link, project.Name));
+            var inviter = await _userRepo.GetUser(inviterId) ?? throw new InviteException("Inviting user not found.");
+            await _emailService.SendEmail(CreateEmail(emailAddress, message, inviter.Name, link, project.Name));
             return link;
         }
 

Backend/Services/PasswordResetService.cs

@@ -82,9 +82,9 @@ private MimeMessage CreateEmail(User user, string url)
             message.Subject = "The Combine password reset";
             message.Body = new TextPart("plain")
             {
-                Text = $"A password reset has been requested for the user {user.Username}. " +
-                    $"Follow this link to reset {user.Username}'s password: {url}\n\n" +
-                    $"(This link will expire in {_expireTime.TotalMinutes} minutes.)\n\n" +
+                Text = $"A password reset has been requested for {user.Name} (username: {user.Username}).\n\n" +
+                    $"Follow this link to reset your password: {url}\n\n" +
+                    $"(Link will expire in {_expireTime.TotalMinutes} minutes.)\n\n" +
                     "If you did not request a password reset, please ignore this email."
             };
             return message;