Make checking blacklisted domains and restricted nicknames case-insenstive
This commit is contained in:
parent
29f4ab640b
commit
0d4aceb9b0
|
@ -758,13 +758,26 @@ def register_changeset(struct, params \\ %{}, opts \\ []) do
|
||||||
valid? =
|
valid? =
|
||||||
Config.get([User, :email_blacklist])
|
Config.get([User, :email_blacklist])
|
||||||
|> Enum.all?(fn blacklisted_domain ->
|
|> Enum.all?(fn blacklisted_domain ->
|
||||||
!String.ends_with?(email, ["@" <> blacklisted_domain, "." <> blacklisted_domain])
|
blacklisted_domain_downcase = String.downcase(blacklisted_domain)
|
||||||
|
|
||||||
|
!String.ends_with?(String.downcase(email), [
|
||||||
|
"@" <> blacklisted_domain_downcase,
|
||||||
|
"." <> blacklisted_domain_downcase
|
||||||
|
])
|
||||||
end)
|
end)
|
||||||
|
|
||||||
if valid?, do: [], else: [email: "Invalid email"]
|
if valid?, do: [], else: [email: "Invalid email"]
|
||||||
end)
|
end)
|
||||||
|> unique_constraint(:nickname)
|
|> unique_constraint(:nickname)
|
||||||
|> validate_exclusion(:nickname, Config.get([User, :restricted_nicknames]))
|
|> validate_change(:nickname, fn :nickname, nickname ->
|
||||||
|
valid? =
|
||||||
|
Config.get([User, :restricted_nicknames])
|
||||||
|
|> Enum.all?(fn restricted_nickname ->
|
||||||
|
String.downcase(nickname) != String.downcase(restricted_nickname)
|
||||||
|
end)
|
||||||
|
|
||||||
|
if valid?, do: [], else: [nickname: "Invalid nickname"]
|
||||||
|
end)
|
||||||
|> validate_format(:nickname, local_nickname_regex())
|
|> validate_format(:nickname, local_nickname_regex())
|
||||||
|> validate_length(:bio, max: bio_limit)
|
|> validate_length(:bio, max: bio_limit)
|
||||||
|> validate_length(:name, min: 1, max: name_limit)
|
|> validate_length(:name, min: 1, max: name_limit)
|
||||||
|
|
|
@ -618,6 +618,7 @@ test "it requires an name, nickname and password, bio and email are optional whe
|
||||||
end
|
end
|
||||||
|
|
||||||
test "it restricts certain nicknames" do
|
test "it restricts certain nicknames" do
|
||||||
|
clear_config([User, :restricted_nicknames], ["about"])
|
||||||
[restricted_name | _] = Pleroma.Config.get([User, :restricted_nicknames])
|
[restricted_name | _] = Pleroma.Config.get([User, :restricted_nicknames])
|
||||||
|
|
||||||
assert is_bitstring(restricted_name)
|
assert is_bitstring(restricted_name)
|
||||||
|
@ -631,6 +632,23 @@ test "it restricts certain nicknames" do
|
||||||
refute changeset.valid?
|
refute changeset.valid?
|
||||||
end
|
end
|
||||||
|
|
||||||
|
test "it is case-insensitive when restricting nicknames" do
|
||||||
|
clear_config([User, :restricted_nicknames], ["about"])
|
||||||
|
[restricted_name | _] = Pleroma.Config.get([User, :restricted_nicknames])
|
||||||
|
|
||||||
|
assert is_bitstring(restricted_name)
|
||||||
|
|
||||||
|
restricted_upcase_name = String.upcase(restricted_name)
|
||||||
|
|
||||||
|
params =
|
||||||
|
@full_user_data
|
||||||
|
|> Map.put(:nickname, restricted_upcase_name)
|
||||||
|
|
||||||
|
changeset = User.register_changeset(%User{}, params)
|
||||||
|
|
||||||
|
refute changeset.valid?
|
||||||
|
end
|
||||||
|
|
||||||
test "it blocks blacklisted email domains" do
|
test "it blocks blacklisted email domains" do
|
||||||
clear_config([User, :email_blacklist], ["trolling.world"])
|
clear_config([User, :email_blacklist], ["trolling.world"])
|
||||||
|
|
||||||
|
@ -639,6 +657,11 @@ test "it blocks blacklisted email domains" do
|
||||||
changeset = User.register_changeset(%User{}, params)
|
changeset = User.register_changeset(%User{}, params)
|
||||||
refute changeset.valid?
|
refute changeset.valid?
|
||||||
|
|
||||||
|
# Block with case-insensitive match
|
||||||
|
params = Map.put(@full_user_data, :email, "troll@TrOlLing.wOrld")
|
||||||
|
changeset = User.register_changeset(%User{}, params)
|
||||||
|
refute changeset.valid?
|
||||||
|
|
||||||
# Block with subdomain match
|
# Block with subdomain match
|
||||||
params = Map.put(@full_user_data, :email, "troll@gnomes.trolling.world")
|
params = Map.put(@full_user_data, :email, "troll@gnomes.trolling.world")
|
||||||
changeset = User.register_changeset(%User{}, params)
|
changeset = User.register_changeset(%User{}, params)
|
||||||
|
|
Loading…
Reference in New Issue