From 4247df429591a83fb84bfab6f7850502e64858d8 Mon Sep 17 00:00:00 2001 From: Ernest Date: Sat, 20 Jun 2020 11:33:23 +0200 Subject: [PATCH 1/2] Community name validation --- server/src/api/community.rs | 5 +++++ server/src/lib.rs | 18 ++++++++++++++++-- 2 files changed, 21 insertions(+), 2 deletions(-) diff --git a/server/src/api/community.rs b/server/src/api/community.rs index df03546cf..2a517bb8c 100644 --- a/server/src/api/community.rs +++ b/server/src/api/community.rs @@ -1,4 +1,5 @@ use super::*; +use crate::is_valid_community_name; #[derive(Serialize, Deserialize)] pub struct GetCommunity { @@ -220,6 +221,10 @@ impl Perform for Oper { } } + if !is_valid_community_name(&data.name) { + return Err(APIError::err("invalid_community_name").into()); + } + let user_id = claims.id; let conn = pool.get()?; diff --git a/server/src/lib.rs b/server/src/lib.rs index 23d6a87a6..e3ce5d716 100644 --- a/server/src/lib.rs +++ b/server/src/lib.rs @@ -273,11 +273,15 @@ pub fn is_valid_username(name: &str) -> bool { VALID_USERNAME_REGEX.is_match(name) } +pub fn is_valid_community_name(name: &str) -> bool { + VALID_COMMUNITY_NAME_REGEX.is_match(name) +} + #[cfg(test)] mod tests { use crate::{ - extract_usernames, is_email_regex, is_image_content_type, is_valid_username, remove_slurs, - slur_check, slurs_vec_to_str, + extract_usernames, is_email_regex, is_image_content_type, is_valid_community_name, + is_valid_username, remove_slurs, slur_check, slurs_vec_to_str, }; #[test] @@ -304,6 +308,15 @@ mod tests { assert!(!is_valid_username("")); } + #[test] + fn test_valid_community_name() { + assert!(is_valid_community_name("example")); + assert!(is_valid_community_name("example_community")); + assert!(!is_valid_community_name("Example")); + assert!(!is_valid_community_name("Ex")); + assert!(!is_valid_community_name("")); + } + #[test] fn test_slur_filter() { let test = @@ -366,4 +379,5 @@ lazy_static! { static ref SLUR_REGEX: Regex = RegexBuilder::new(r"(fag(g|got|tard)?|maricos?|cock\s?sucker(s|ing)?|nig(\b|g?(a|er)?(s|z)?)\b|dindu(s?)|mudslime?s?|kikes?|mongoloids?|towel\s*heads?|\bspi(c|k)s?\b|\bchinks?|niglets?|beaners?|\bnips?\b|\bcoons?\b|jungle\s*bunn(y|ies?)|jigg?aboo?s?|\bpakis?\b|rag\s*heads?|gooks?|cunts?|bitch(es|ing|y)?|puss(y|ies?)|twats?|feminazis?|whor(es?|ing)|\bslut(s|t?y)?|\btrann?(y|ies?)|ladyboy(s?)|\b(b|re|r)tard(ed)?s?)").case_insensitive(true).build().unwrap(); static ref USERNAME_MATCHES_REGEX: Regex = Regex::new(r"/u/[a-zA-Z][0-9a-zA-Z_]*").unwrap(); static ref VALID_USERNAME_REGEX: Regex = Regex::new(r"^[a-zA-Z0-9_]{3,20}$").unwrap(); + static ref VALID_COMMUNITY_NAME_REGEX: Regex = Regex::new(r"^[a-z0-9_]{3,20}$").unwrap(); } From 8e1e9a521a17f8c7b52f71a00d4f38b2b7cb20e0 Mon Sep 17 00:00:00 2001 From: Ernest Date: Mon, 22 Jun 2020 09:23:54 +0200 Subject: [PATCH 2/2] Edit community name validation, translations #823 --- server/src/api/community.rs | 4 ++++ ui/translations/en.json | 1 + 2 files changed, 5 insertions(+) diff --git a/server/src/api/community.rs b/server/src/api/community.rs index 2a517bb8c..618122b98 100644 --- a/server/src/api/community.rs +++ b/server/src/api/community.rs @@ -311,6 +311,10 @@ impl Perform for Oper { Err(_e) => return Err(APIError::err("not_logged_in").into()), }; + if !is_valid_community_name(&data.name) { + return Err(APIError::err("invalid_community_name").into()); + } + let user_id = claims.id; let conn = pool.get()?; diff --git a/ui/translations/en.json b/ui/translations/en.json index 874172237..a07da6216 100644 --- a/ui/translations/en.json +++ b/ui/translations/en.json @@ -27,6 +27,7 @@ "number_of_communities": "{{count}} Community", "number_of_communities_plural": "{{count}} Communities", "community_reqs": "lowercase, underscores, and no spaces.", + "invalid_community_name": "Invalid name.", "create_private_message": "Create Private Message", "send_secure_message": "Send Secure Message", "send_message": "Send Message",