Merge branch 'length-limit-bio' into 'develop'
Add configurable length limits for `User.bio` and `User.name` See merge request pleroma/pleroma!1515
This commit is contained in:
commit
83a3de8cc4
|
@ -69,6 +69,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
||||||
- Added synchronization of following/followers counters for external users
|
- Added synchronization of following/followers counters for external users
|
||||||
- Configuration: `enabled` option for `Pleroma.Emails.Mailer`, defaulting to `false`.
|
- Configuration: `enabled` option for `Pleroma.Emails.Mailer`, defaulting to `false`.
|
||||||
- Configuration: Pleroma.Plugs.RateLimiter `bucket_name`, `params` options.
|
- Configuration: Pleroma.Plugs.RateLimiter `bucket_name`, `params` options.
|
||||||
|
- Configuration: `user_bio_length` and `user_name_length` options.
|
||||||
- Addressable lists
|
- Addressable lists
|
||||||
- Twitter API: added rate limit for `/api/account/password_reset` endpoint.
|
- Twitter API: added rate limit for `/api/account/password_reset` endpoint.
|
||||||
- ActivityPub: Add an internal service actor for fetching ActivityPub objects.
|
- ActivityPub: Add an internal service actor for fetching ActivityPub objects.
|
||||||
|
|
|
@ -253,6 +253,8 @@
|
||||||
skip_thread_containment: true,
|
skip_thread_containment: true,
|
||||||
limit_to_local_content: :unauthenticated,
|
limit_to_local_content: :unauthenticated,
|
||||||
dynamic_configuration: false,
|
dynamic_configuration: false,
|
||||||
|
user_bio_length: 5000,
|
||||||
|
user_name_length: 100,
|
||||||
external_user_synchronization: true
|
external_user_synchronization: true
|
||||||
|
|
||||||
config :pleroma, :markup,
|
config :pleroma, :markup,
|
||||||
|
|
|
@ -126,6 +126,8 @@ config :pleroma, Pleroma.Emails.Mailer,
|
||||||
* `safe_dm_mentions`: If set to true, only mentions at the beginning of a post will be used to address people in direct messages. This is to prevent accidental mentioning of people when talking about them (e.g. "@friend hey i really don't like @enemy"). Default: `false`.
|
* `safe_dm_mentions`: If set to true, only mentions at the beginning of a post will be used to address people in direct messages. This is to prevent accidental mentioning of people when talking about them (e.g. "@friend hey i really don't like @enemy"). Default: `false`.
|
||||||
* `healthcheck`: If set to true, system data will be shown on ``/api/pleroma/healthcheck``.
|
* `healthcheck`: If set to true, system data will be shown on ``/api/pleroma/healthcheck``.
|
||||||
* `remote_post_retention_days`: The default amount of days to retain remote posts when pruning the database.
|
* `remote_post_retention_days`: The default amount of days to retain remote posts when pruning the database.
|
||||||
|
* `user_bio_length`: A user bio maximum length (default: `5000`)
|
||||||
|
* `user_name_length`: A user name maximum length (default: `100`)
|
||||||
* `skip_thread_containment`: Skip filter out broken threads. The default is `false`.
|
* `skip_thread_containment`: Skip filter out broken threads. The default is `false`.
|
||||||
* `limit_to_local_content`: Limit unauthenticated users to search for local statutes and users only. Possible values: `:unauthenticated`, `:all` and `false`. The default is `:unauthenticated`.
|
* `limit_to_local_content`: Limit unauthenticated users to search for local statutes and users only. Possible values: `:unauthenticated`, `:all` and `false`. The default is `:unauthenticated`.
|
||||||
* `dynamic_configuration`: Allow transferring configuration to DB with the subsequent customization from Admin api.
|
* `dynamic_configuration`: Allow transferring configuration to DB with the subsequent customization from Admin api.
|
||||||
|
|
|
@ -152,10 +152,10 @@ def following_count(%User{} = user) do
|
||||||
end
|
end
|
||||||
|
|
||||||
def remote_user_creation(params) do
|
def remote_user_creation(params) do
|
||||||
params =
|
bio_limit = Pleroma.Config.get([:instance, :user_bio_length], 5000)
|
||||||
params
|
name_limit = Pleroma.Config.get([:instance, :user_name_length], 100)
|
||||||
|> Map.put(:info, params[:info] || %{})
|
|
||||||
|
|
||||||
|
params = Map.put(params, :info, params[:info] || %{})
|
||||||
info_cng = User.Info.remote_user_creation(%User.Info{}, params[:info])
|
info_cng = User.Info.remote_user_creation(%User.Info{}, params[:info])
|
||||||
|
|
||||||
changes =
|
changes =
|
||||||
|
@ -164,8 +164,8 @@ def remote_user_creation(params) do
|
||||||
|> validate_required([:name, :ap_id])
|
|> validate_required([:name, :ap_id])
|
||||||
|> unique_constraint(:nickname)
|
|> unique_constraint(:nickname)
|
||||||
|> validate_format(:nickname, @email_regex)
|
|> validate_format(:nickname, @email_regex)
|
||||||
|> validate_length(:bio, max: 5000)
|
|> validate_length(:bio, max: bio_limit)
|
||||||
|> validate_length(:name, max: 100)
|
|> validate_length(:name, max: name_limit)
|
||||||
|> put_change(:local, false)
|
|> put_change(:local, false)
|
||||||
|> put_embed(:info, info_cng)
|
|> put_embed(:info, info_cng)
|
||||||
|
|
||||||
|
@ -188,22 +188,23 @@ def remote_user_creation(params) do
|
||||||
end
|
end
|
||||||
|
|
||||||
def update_changeset(struct, params \\ %{}) do
|
def update_changeset(struct, params \\ %{}) do
|
||||||
|
bio_limit = Pleroma.Config.get([:instance, :user_bio_length], 5000)
|
||||||
|
name_limit = Pleroma.Config.get([:instance, :user_name_length], 100)
|
||||||
|
|
||||||
struct
|
struct
|
||||||
|> cast(params, [:bio, :name, :avatar, :following])
|
|> cast(params, [:bio, :name, :avatar, :following])
|
||||||
|> unique_constraint(:nickname)
|
|> unique_constraint(:nickname)
|
||||||
|> validate_format(:nickname, local_nickname_regex())
|
|> validate_format(:nickname, local_nickname_regex())
|
||||||
|> validate_length(:bio, max: 5000)
|
|> validate_length(:bio, max: bio_limit)
|
||||||
|> validate_length(:name, min: 1, max: 100)
|
|> validate_length(:name, min: 1, max: name_limit)
|
||||||
end
|
end
|
||||||
|
|
||||||
def upgrade_changeset(struct, params \\ %{}) do
|
def upgrade_changeset(struct, params \\ %{}) do
|
||||||
params =
|
bio_limit = Pleroma.Config.get([:instance, :user_bio_length], 5000)
|
||||||
params
|
name_limit = Pleroma.Config.get([:instance, :user_name_length], 100)
|
||||||
|> Map.put(:last_refreshed_at, NaiveDateTime.utc_now())
|
|
||||||
|
|
||||||
info_cng =
|
params = Map.put(params, :last_refreshed_at, NaiveDateTime.utc_now())
|
||||||
struct.info
|
info_cng = User.Info.user_upgrade(struct.info, params[:info])
|
||||||
|> User.Info.user_upgrade(params[:info])
|
|
||||||
|
|
||||||
struct
|
struct
|
||||||
|> cast(params, [
|
|> cast(params, [
|
||||||
|
@ -216,8 +217,8 @@ def upgrade_changeset(struct, params \\ %{}) do
|
||||||
])
|
])
|
||||||
|> unique_constraint(:nickname)
|
|> unique_constraint(:nickname)
|
||||||
|> validate_format(:nickname, local_nickname_regex())
|
|> validate_format(:nickname, local_nickname_regex())
|
||||||
|> validate_length(:bio, max: 5000)
|
|> validate_length(:bio, max: bio_limit)
|
||||||
|> validate_length(:name, max: 100)
|
|> validate_length(:name, max: name_limit)
|
||||||
|> put_embed(:info, info_cng)
|
|> put_embed(:info, info_cng)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -244,6 +245,9 @@ def reset_password(%User{id: user_id} = user, data) do
|
||||||
end
|
end
|
||||||
|
|
||||||
def register_changeset(struct, params \\ %{}, opts \\ []) do
|
def register_changeset(struct, params \\ %{}, opts \\ []) do
|
||||||
|
bio_limit = Pleroma.Config.get([:instance, :user_bio_length], 5000)
|
||||||
|
name_limit = Pleroma.Config.get([:instance, :user_name_length], 100)
|
||||||
|
|
||||||
need_confirmation? =
|
need_confirmation? =
|
||||||
if is_nil(opts[:need_confirmation]) do
|
if is_nil(opts[:need_confirmation]) do
|
||||||
Pleroma.Config.get([:instance, :account_activation_required])
|
Pleroma.Config.get([:instance, :account_activation_required])
|
||||||
|
@ -264,8 +268,8 @@ def register_changeset(struct, params \\ %{}, opts \\ []) do
|
||||||
|> validate_exclusion(:nickname, Pleroma.Config.get([User, :restricted_nicknames]))
|
|> validate_exclusion(:nickname, Pleroma.Config.get([User, :restricted_nicknames]))
|
||||||
|> validate_format(:nickname, local_nickname_regex())
|
|> validate_format(:nickname, local_nickname_regex())
|
||||||
|> validate_format(:email, @email_regex)
|
|> validate_format(:email, @email_regex)
|
||||||
|> validate_length(:bio, max: 1000)
|
|> validate_length(:bio, max: bio_limit)
|
||||||
|> validate_length(:name, min: 1, max: 100)
|
|> validate_length(:name, min: 1, max: name_limit)
|
||||||
|> put_change(:info, info_change)
|
|> put_change(:info, info_change)
|
||||||
|
|
||||||
changeset =
|
changeset =
|
||||||
|
|
|
@ -525,7 +525,10 @@ test "it has required fields" do
|
||||||
end
|
end
|
||||||
|
|
||||||
test "it restricts some sizes" do
|
test "it restricts some sizes" do
|
||||||
[bio: 5000, name: 100]
|
bio_limit = Pleroma.Config.get([:instance, :user_bio_length], 5000)
|
||||||
|
name_limit = Pleroma.Config.get([:instance, :user_name_length], 100)
|
||||||
|
|
||||||
|
[bio: bio_limit, name: name_limit]
|
||||||
|> Enum.each(fn {field, size} ->
|
|> Enum.each(fn {field, size} ->
|
||||||
string = String.pad_leading(".", size)
|
string = String.pad_leading(".", size)
|
||||||
cs = User.remote_user_creation(Map.put(@valid_remote, field, string))
|
cs = User.remote_user_creation(Map.put(@valid_remote, field, string))
|
||||||
|
|
Loading…
Reference in New Issue