Add config keys for reserved names

This commit is contained in:
calzoneman 2014-02-05 18:05:52 -06:00
parent 0998e89f5d
commit 767e90a757
6 changed files with 66 additions and 4 deletions

View File

@ -76,3 +76,19 @@ aliases:
# Workaround for Vimeo blocking my domain # Workaround for Vimeo blocking my domain
vimeo-workaround: false vimeo-workaround: false
# Regular expressions for defining reserved user and channel names and page titles
# The list of regular expressions will be joined with an OR, and compared without
# case sensitivity.
#
# Default: reserve any name containing "admin[istrator]" or "owner" as a word
# but only if it is separated by a dash or underscore (e.g. dadmin is not reserved
# but d-admin is)
reserved-names:
usernames:
- '^(.*?[-_])?admin(istrator)?([-_].*)?$'
- '^(.*?[-_])?owner([-_].*)?$'
channels:
- '^(.*?[-_])?admin(istrator)?([-_].*)?$'
- '^(.*?[-_])?owner([-_].*)?$'
pagetitles: []

View File

@ -10,6 +10,7 @@ var InfoGetter = require("./get-info");
var ChatCommand = require("./chatcommand"); var ChatCommand = require("./chatcommand");
var XSS = require("./xss"); var XSS = require("./xss");
var Media = require("./media").Media; var Media = require("./media").Media;
var Config = require("./config");
var fs = require("fs"); var fs = require("fs");
var path = require("path"); var path = require("path");
@ -2451,7 +2452,15 @@ Channel.prototype.handleUpdateOptions = function (user, data) {
} }
if ("pagetitle" in data && user.rank >= 3) { if ("pagetitle" in data && user.rank >= 3) {
this.opts.pagetitle = (""+data.pagetitle).substring(0, 100); var title = (""+data.pagetitle).substring(0, 100);
if (!title.trim().match(Config.get("reserved-names.pagetitles"))) {
this.opts.pagetitle = (""+data.pagetitle).substring(0, 100);
} else {
user.socket.emit("errorMsg", {
msg: "That pagetitle is reserved",
alert: true
});
}
} }
if ("maxlength" in data) { if ("maxlength" in data) {

View File

@ -60,8 +60,12 @@ var defaults = {
"max-age": 2592000000 "max-age": 2592000000
}, },
"html-template": { "html-template": {
title: "CyTube Beta", title: "CyTube Beta", description: "Free, open source synchtube"
description: "Free, open source synchtube" },
"reserved-names": {
usernames: ["^(.*?[-_])?admin(istrator)?([-_].*)?$", "^(.*?[-_])?owner([-_].*)?$"],
channels: ["^(.*?[-_])?admin(istrator)?([-_].*)?$", "^(.*?[-_])?owner([-_].*)?$"],
pagetitles: []
} }
}; };
@ -135,6 +139,15 @@ exports.load = function (file) {
cfg.http.domain = cfg.http.domain.replace(/\/*$/, ""); cfg.http.domain = cfg.http.domain.replace(/\/*$/, "");
cfg.https.domain = cfg.https.domain.replace(/\/*$/, ""); cfg.https.domain = cfg.https.domain.replace(/\/*$/, "");
var reserved = cfg["reserved-names"];
for (var key in reserved) {
if (reserved[key] && reserved[key].length > 0) {
reserved[key] = new RegExp(reserved[key].join("|"), "i");
} else {
reserved[key] = false;
}
}
Logger.syslog.log("Loaded configuration from " + file); Logger.syslog.log("Loaded configuration from " + file);
}; };

View File

@ -251,6 +251,18 @@ function handleNewChannel(req, res) {
return; return;
} }
if (name.match(Config.get("reserved-names.channels"))) {
db.channels.listUserChannels(loginName, function (err2, channels) {
sendJade(res, "account-channels", {
loggedIn: true,
loginName: loginName,
channels: err2 ? [] : channels,
newChannelError: "That channel name is reserved"
});
});
return;
}
db.channels.register(name, user.name, function (err, channel) { db.channels.register(name, user.name, function (err, channel) {
if (!err) { if (!err) {
Logger.eventlog.log("[channel] " + user.name + "@" + Logger.eventlog.log("[channel] " + user.name + "@" +

View File

@ -12,6 +12,7 @@ var sendJade = require("./jade").sendJade;
var Logger = require("../logger"); var Logger = require("../logger");
var $util = require("../utilities"); var $util = require("../utilities");
var db = require("../database"); var db = require("../database");
var Config = require("../config");
/** /**
* Processes a login request. Sets a cookie upon successful authentication * Processes a login request. Sets a cookie upon successful authentication
@ -168,6 +169,13 @@ function handleRegister(req, res) {
return; return;
} }
if (name.match(Config.get("reserved-names.usernames"))) {
sendJade(res, "register", {
registerError: "That username is reserved"
});
return;
}
if (password.length === 0) { if (password.length === 0) {
sendJade(res, "register", { sendJade(res, "register", {
registerError: "Password must not be empty" registerError: "Password must not be empty"

View File

@ -49,7 +49,11 @@ Callbacks = {
}, },
errorMsg: function(data) { errorMsg: function(data) {
errDialog(data.msg); if (data.alert) {
alert(data.msg);
} else {
errDialog(data.msg);
}
}, },
costanza: function (data) { costanza: function (data) {