From e1a29d0851951dd8dc517d2cc9ed8372e840a6c8 Mon Sep 17 00:00:00 2001
From: Alex Pott <alex.a.pott@googlemail.com>
Date: Wed, 3 Apr 2024 11:50:34 +0100
Subject: [PATCH] Issue #124969 by Dave Reid, andregp, naxoc, pameeela,
 ravi.shankar, bruno.bicudo, _pratik_, jnlar, yogeshmpawar, marcingy,
 StevenPatz, amitgoyal, Johnny Santos, larowlan, smustgrave, Dries,
 DanielVeza, mstrelan, cburschka, quietone, alexpott, bradlis7: Contact form
 opt-out line should be excluded from admin-sent and sender-copy e-mails

(cherry picked from commit 1dbf2cc2ea7a37495af96f56d42fa1da8481ab56)
---
 core/modules/contact/contact.module           |  8 ++-
 .../src/Functional/ContactPersonalTest.php    | 49 ++++++++++++++++++-
 2 files changed, 55 insertions(+), 2 deletions(-)

diff --git a/core/modules/contact/contact.module b/core/modules/contact/contact.module
index e1d8b6196a52..23d44ee0665f 100644
--- a/core/modules/contact/contact.module
+++ b/core/modules/contact/contact.module
@@ -161,7 +161,13 @@ function contact_mail($key, &$message, $params) {
       $message['subject'] .= t('[@site-name] @subject', $variables, $options);
       $message['body'][] = t('Hello @recipient-name,', $variables, $options);
       $message['body'][] = t("@sender-name (@sender-url) has sent you a message via your contact form at @site-name.", $variables, $options);
-      $message['body'][] = t("If you don't want to receive such emails, you can change your settings at @recipient-edit-url.", $variables, $options);
+      // Only include the opt-out line in the original email and not in the
+      // copy to the sender. Also exclude this if the email was sent from a
+      // user administrator because they can always send emails even if the
+      // contacted user has disabled their contact form.
+      if ($key === 'user_mail' && !$params['sender']->hasPermission('administer users')) {
+        $message['body'][] = t("If you don't want to receive such messages, you can change your settings at @recipient-edit-url.", $variables, $options);
+      }
       $build = \Drupal::entityTypeManager()
         ->getViewBuilder('contact_message')
         ->view($contact_message, 'mail');
diff --git a/core/modules/contact/tests/src/Functional/ContactPersonalTest.php b/core/modules/contact/tests/src/Functional/ContactPersonalTest.php
index 658b016cef09..0c2a91fe2dd3 100644
--- a/core/modules/contact/tests/src/Functional/ContactPersonalTest.php
+++ b/core/modules/contact/tests/src/Functional/ContactPersonalTest.php
@@ -338,18 +338,65 @@ protected function checkContactAccess($response, $contact_value = NULL) {
    * @param array $message
    *   (optional) An array with the form fields being used. Defaults to an empty
    *   array.
+   * @param bool $user_copy
+   *   (optional) A boolean to determine whether to send a user copy email.
+   *   Defaults to FALSE.
    *
    * @return array
    *   An array with the form fields being used.
    */
-  protected function submitPersonalContact(AccountInterface $account, array $message = []) {
+  protected function submitPersonalContact(AccountInterface $account, array $message = [], bool $user_copy = FALSE) {
     $message += [
       'subject[0][value]' => $this->randomMachineName(16) . '< " =+ >',
       'message[0][value]' => $this->randomMachineName(64) . '< " =+ >',
+      'copy' => $user_copy,
     ];
     $this->drupalGet('user/' . $account->id() . '/contact');
     $this->submitForm($message, 'Send message');
     return $message;
   }
 
+  /**
+   * Tests that the opt-out message is included correctly in contact emails.
+   */
+  public function testPersonalContactForm(): void {
+    $opt_out_message = "If you don't want to receive such messages, you can change your settings at";
+
+    // Send an email from an admin (should not contain the opt-out message).
+    $this->drupalLogin($this->adminUser);
+    $this->submitPersonalContact($this->contactUser);
+    $this->drupalLogout();
+
+    $this->assertStringNotContainsString($opt_out_message, $this->getMails()[0]['body'], 'Opt-out message excluded in email.');
+
+    // Send an email from a non-admin (should contain the opt-out message).
+    $this->drupalLogin($this->webUser);
+    $this->submitPersonalContact($this->contactUser);
+
+    $this->assertMailString('body', $opt_out_message, 1, 'Opt-out message included in email.');
+  }
+
+  /**
+   * Tests that the opt-out message is not included in user copy emails.
+   */
+  public function testPersonalContactFormUserCopy(): void {
+    $opt_out_message = "If you don't want to receive such messages, you can change your settings at";
+
+    // Send an email from an admin.
+    $this->drupalLogin($this->adminUser);
+    $this->submitPersonalContact($this->contactUser, [], TRUE);
+    $this->drupalLogout();
+
+    // Send an email from a non-admin.
+    $this->drupalLogin($this->webUser);
+    $this->submitPersonalContact($this->contactUser, [], TRUE);
+
+    $user_copy_emails = $this->getMails(['id' => 'contact_user_copy']);
+
+    // Tests that the opt-out message is not included in admin user copy emails.
+    $this->assertStringNotContainsString($opt_out_message, $user_copy_emails[0]['body'], 'Opt-out message not included in admin user copy email.');
+    // Tests that the opt-out message is not included in non-admin user copy emails.
+    $this->assertStringNotContainsString($opt_out_message, $user_copy_emails[1]['body'], 'Opt-out message not included in non-admin user copy email.');
+  }
+
 }
-- 
GitLab