Add configurable account field name length limit
This commit is contained in:
parent
db3c05f6b4
commit
2c35d4b0b0
|
@ -256,6 +256,7 @@
|
||||||
user_bio_length: 5000,
|
user_bio_length: 5000,
|
||||||
user_name_length: 100,
|
user_name_length: 100,
|
||||||
max_account_fields: 4,
|
max_account_fields: 4,
|
||||||
|
account_field_name_length: 255,
|
||||||
account_field_value_length: 255,
|
account_field_value_length: 255,
|
||||||
external_user_synchronization: true
|
external_user_synchronization: true
|
||||||
|
|
||||||
|
|
|
@ -133,6 +133,7 @@ config :pleroma, Pleroma.Emails.Mailer,
|
||||||
* `limit_to_local_content`: Limit unauthenticated users to search for local statutes and users only. Possible values: `:unauthenticated`, `:all` and `false`. The default is `:unauthenticated`.
|
* `limit_to_local_content`: Limit unauthenticated users to search for local statutes and users only. Possible values: `:unauthenticated`, `:all` and `false`. The default is `:unauthenticated`.
|
||||||
* `dynamic_configuration`: Allow transferring configuration to DB with the subsequent customization from Admin api.
|
* `dynamic_configuration`: Allow transferring configuration to DB with the subsequent customization from Admin api.
|
||||||
* `max_account_fields`: The maximum number of custom fields in the user profile (default: `4`)
|
* `max_account_fields`: The maximum number of custom fields in the user profile (default: `4`)
|
||||||
|
* `account_field_name_length`: An account field name maximum length (default: `255`)
|
||||||
* `account_field_value_length`: An account field value maximum length (default: `255`)
|
* `account_field_value_length`: An account field value maximum length (default: `255`)
|
||||||
* `external_user_synchronization`: Enabling following/followers counters synchronization for external users.
|
* `external_user_synchronization`: Enabling following/followers counters synchronization for external users.
|
||||||
|
|
||||||
|
|
|
@ -308,11 +308,12 @@ def validate_fields(changeset) do
|
||||||
end
|
end
|
||||||
|
|
||||||
defp valid_field?(%{"name" => name, "value" => value}) do
|
defp valid_field?(%{"name" => name, "value" => value}) do
|
||||||
|
name_limit = Pleroma.Config.get([:instance, :account_field_name_length], 255)
|
||||||
value_limit = Pleroma.Config.get([:instance, :account_field_value_length], 255)
|
value_limit = Pleroma.Config.get([:instance, :account_field_value_length], 255)
|
||||||
|
|
||||||
is_binary(name) &&
|
is_binary(name) &&
|
||||||
is_binary(value) &&
|
is_binary(value) &&
|
||||||
String.length(name) <= 255 &&
|
String.length(name) <= name_limit &&
|
||||||
String.length(value) <= value_limit
|
String.length(value) <= value_limit
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -325,11 +325,12 @@ test "update fields", %{conn: conn} do
|
||||||
%{"name" => "link", "value" => "cofe.io"}
|
%{"name" => "link", "value" => "cofe.io"}
|
||||||
]
|
]
|
||||||
|
|
||||||
|
name_limit = Pleroma.Config.get([:instance, :account_field_name_length])
|
||||||
value_limit = Pleroma.Config.get([:instance, :account_field_value_length])
|
value_limit = Pleroma.Config.get([:instance, :account_field_value_length])
|
||||||
|
|
||||||
long_str = Enum.map(0..value_limit, fn _ -> "x" end) |> Enum.join()
|
long_value = Enum.map(0..value_limit, fn _ -> "x" end) |> Enum.join()
|
||||||
|
|
||||||
fields = [%{"name" => "<b>foo<b>", "value" => long_str}]
|
fields = [%{"name" => "<b>foo<b>", "value" => long_value}]
|
||||||
|
|
||||||
assert %{"error" => "Invalid request"} ==
|
assert %{"error" => "Invalid request"} ==
|
||||||
conn
|
conn
|
||||||
|
@ -337,7 +338,9 @@ test "update fields", %{conn: conn} do
|
||||||
|> patch("/api/v1/accounts/update_credentials", %{"fields" => fields})
|
|> patch("/api/v1/accounts/update_credentials", %{"fields" => fields})
|
||||||
|> json_response(403)
|
|> json_response(403)
|
||||||
|
|
||||||
fields = [%{"name" => long_str, "value" => "bar"}]
|
long_name = Enum.map(0..name_limit, fn _ -> "x" end) |> Enum.join()
|
||||||
|
|
||||||
|
fields = [%{"name" => long_name, "value" => "bar"}]
|
||||||
|
|
||||||
assert %{"error" => "Invalid request"} ==
|
assert %{"error" => "Invalid request"} ==
|
||||||
conn
|
conn
|
||||||
|
|
Loading…
Reference in New Issue