Validate alias IDs
This commit is contained in:
parent
d0eb43b58b
commit
bd1e2e3a58
@ -63,6 +63,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
||||
- Support pagination in emoji packs API (for packs and for files in pack)
|
||||
- Support for viewing instances favicons next to posts and accounts
|
||||
- Added Pleroma.Upload.Filter.Exiftool as an alternate EXIF stripping mechanism targeting GPS/location metadata.
|
||||
- Ability to set ActivityPub aliases for follower migration.
|
||||
|
||||
<details>
|
||||
<summary>API Changes</summary>
|
||||
|
@ -47,6 +47,8 @@ defmodule Pleroma.User do
|
||||
|
||||
# credo:disable-for-next-line Credo.Check.Readability.MaxLineLength
|
||||
@email_regex ~r/^[a-zA-Z0-9.!#$%&'*+\/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$/
|
||||
# credo:disable-for-next-line Credo.Check.Readability.MaxLineLength
|
||||
@url_regex ~r/https?:\/\/[-a-zA-Z0-9@:%._\+~#=]{1,256}\.[a-zA-Z0-9()]{1,6}\b([-a-zA-Z0-9()@:%_\+.~#?&\/=]*)/
|
||||
|
||||
@strict_local_nickname_regex ~r/^[a-zA-Z\d]+$/
|
||||
@extended_local_nickname_regex ~r/^[a-zA-Z\d_-]+$/
|
||||
@ -2278,6 +2280,7 @@ def add_aliases(%User{} = user, aliases) when is_list(aliases) do
|
||||
|
||||
user
|
||||
|> change(%{ap_aliases: alias_set})
|
||||
|> validate_ap_aliases()
|
||||
|> Repo.update()
|
||||
end
|
||||
|
||||
@ -2290,6 +2293,16 @@ def delete_aliases(%User{} = user, aliases) when is_list(aliases) do
|
||||
|
||||
user
|
||||
|> change(%{ap_aliases: alias_set})
|
||||
|> validate_ap_aliases()
|
||||
|> Repo.update()
|
||||
end
|
||||
|
||||
defp validate_ap_aliases(changeset) do
|
||||
validate_change(changeset, :ap_aliases, fn :ap_aliases, ap_aliases ->
|
||||
case Enum.all?(ap_aliases, fn a -> Regex.match?(@url_regex, a) end) do
|
||||
true -> []
|
||||
false -> [ap_aliases: "Invalid ap_id format. Must be a URL."]
|
||||
end
|
||||
end)
|
||||
end
|
||||
end
|
||||
|
@ -1876,6 +1876,13 @@ test "add_aliases/2" do
|
||||
]
|
||||
end
|
||||
|
||||
test "add_aliases/2 with invalid alias" do
|
||||
user = insert(:user)
|
||||
{:error, _} = User.add_aliases(user, ["invalid_alias"])
|
||||
{:error, _} = User.add_aliases(user, ["http://still_invalid"])
|
||||
{:error, _} = User.add_aliases(user, ["http://validalias.com/users/dude", "invalid_alias"])
|
||||
end
|
||||
|
||||
test "delete_aliases/2" do
|
||||
user =
|
||||
insert(:user,
|
||||
|
Loading…
Reference in New Issue
Block a user