Add configurable length limits for User.bio and User.name

This commit is contained in:
Egor Kislitsyn 2019-08-01 15:53:37 +07:00
parent cdfd02e904
commit 9ca4506355
4 changed files with 29 additions and 18 deletions

View file

@ -253,6 +253,8 @@
skip_thread_containment: true, skip_thread_containment: true,
limit_to_local_content: :unauthenticated, limit_to_local_content: :unauthenticated,
dynamic_configuration: false, dynamic_configuration: false,
user_bio_length: 5000,
user_name_length: 100,
external_user_synchronization: true external_user_synchronization: true
config :pleroma, :markup, config :pleroma, :markup,

View file

@ -125,6 +125,8 @@ config :pleroma, Pleroma.Emails.Mailer,
* `safe_dm_mentions`: If set to true, only mentions at the beginning of a post will be used to address people in direct messages. This is to prevent accidental mentioning of people when talking about them (e.g. "@friend hey i really don't like @enemy"). Default: `false`. * `safe_dm_mentions`: If set to true, only mentions at the beginning of a post will be used to address people in direct messages. This is to prevent accidental mentioning of people when talking about them (e.g. "@friend hey i really don't like @enemy"). Default: `false`.
* `healthcheck`: If set to true, system data will be shown on ``/api/pleroma/healthcheck``. * `healthcheck`: If set to true, system data will be shown on ``/api/pleroma/healthcheck``.
* `remote_post_retention_days`: The default amount of days to retain remote posts when pruning the database. * `remote_post_retention_days`: The default amount of days to retain remote posts when pruning the database.
* `user_bio_length`: A user bio maximum length (default: `5000`)
* `user_name_length`: A user name maximum length (default: `100`)
* `skip_thread_containment`: Skip filter out broken threads. The default is `false`. * `skip_thread_containment`: Skip filter out broken threads. The default is `false`.
* `limit_to_local_content`: Limit unauthenticated users to search for local statutes and users only. Possible values: `:unauthenticated`, `:all` and `false`. The default is `:unauthenticated`. * `limit_to_local_content`: Limit unauthenticated users to search for local statutes and users only. Possible values: `:unauthenticated`, `:all` and `false`. The default is `:unauthenticated`.
* `dynamic_configuration`: Allow transferring configuration to DB with the subsequent customization from Admin api. * `dynamic_configuration`: Allow transferring configuration to DB with the subsequent customization from Admin api.

View file

@ -149,10 +149,10 @@ def following_count(%User{} = user) do
end end
def remote_user_creation(params) do def remote_user_creation(params) do
params = bio_limit = Pleroma.Config.get([:instance, :user_bio_length], 5000)
params name_limit = Pleroma.Config.get([:instance, :user_name_length], 100)
|> Map.put(:info, params[:info] || %{})
params = Map.put(params, :info, params[:info] || %{})
info_cng = User.Info.remote_user_creation(%User.Info{}, params[:info]) info_cng = User.Info.remote_user_creation(%User.Info{}, params[:info])
changes = changes =
@ -161,8 +161,8 @@ def remote_user_creation(params) do
|> validate_required([:name, :ap_id]) |> validate_required([:name, :ap_id])
|> unique_constraint(:nickname) |> unique_constraint(:nickname)
|> validate_format(:nickname, @email_regex) |> validate_format(:nickname, @email_regex)
|> validate_length(:bio, max: 5000) |> validate_length(:bio, max: bio_limit)
|> validate_length(:name, max: 100) |> validate_length(:name, max: name_limit)
|> put_change(:local, false) |> put_change(:local, false)
|> put_embed(:info, info_cng) |> put_embed(:info, info_cng)
@ -185,22 +185,23 @@ def remote_user_creation(params) do
end end
def update_changeset(struct, params \\ %{}) do def update_changeset(struct, params \\ %{}) do
bio_limit = Pleroma.Config.get([:instance, :user_bio_length], 5000)
name_limit = Pleroma.Config.get([:instance, :user_name_length], 100)
struct struct
|> cast(params, [:bio, :name, :avatar, :following]) |> cast(params, [:bio, :name, :avatar, :following])
|> unique_constraint(:nickname) |> unique_constraint(:nickname)
|> validate_format(:nickname, local_nickname_regex()) |> validate_format(:nickname, local_nickname_regex())
|> validate_length(:bio, max: 5000) |> validate_length(:bio, max: bio_limit)
|> validate_length(:name, min: 1, max: 100) |> validate_length(:name, min: 1, max: name_limit)
end end
def upgrade_changeset(struct, params \\ %{}) do def upgrade_changeset(struct, params \\ %{}) do
params = bio_limit = Pleroma.Config.get([:instance, :user_bio_length], 5000)
params name_limit = Pleroma.Config.get([:instance, :user_name_length], 100)
|> Map.put(:last_refreshed_at, NaiveDateTime.utc_now())
info_cng = params = Map.put(params, :last_refreshed_at, NaiveDateTime.utc_now())
struct.info info_cng = User.Info.user_upgrade(struct.info, params[:info])
|> User.Info.user_upgrade(params[:info])
struct struct
|> cast(params, [ |> cast(params, [
@ -213,8 +214,8 @@ def upgrade_changeset(struct, params \\ %{}) do
]) ])
|> unique_constraint(:nickname) |> unique_constraint(:nickname)
|> validate_format(:nickname, local_nickname_regex()) |> validate_format(:nickname, local_nickname_regex())
|> validate_length(:bio, max: 5000) |> validate_length(:bio, max: bio_limit)
|> validate_length(:name, max: 100) |> validate_length(:name, max: name_limit)
|> put_embed(:info, info_cng) |> put_embed(:info, info_cng)
end end
@ -241,6 +242,9 @@ def reset_password(%User{id: user_id} = user, data) do
end end
def register_changeset(struct, params \\ %{}, opts \\ []) do def register_changeset(struct, params \\ %{}, opts \\ []) do
bio_limit = Pleroma.Config.get([:instance, :user_bio_length], 5000)
name_limit = Pleroma.Config.get([:instance, :user_name_length], 100)
need_confirmation? = need_confirmation? =
if is_nil(opts[:need_confirmation]) do if is_nil(opts[:need_confirmation]) do
Pleroma.Config.get([:instance, :account_activation_required]) Pleroma.Config.get([:instance, :account_activation_required])
@ -261,8 +265,8 @@ def register_changeset(struct, params \\ %{}, opts \\ []) do
|> validate_exclusion(:nickname, Pleroma.Config.get([User, :restricted_nicknames])) |> validate_exclusion(:nickname, Pleroma.Config.get([User, :restricted_nicknames]))
|> validate_format(:nickname, local_nickname_regex()) |> validate_format(:nickname, local_nickname_regex())
|> validate_format(:email, @email_regex) |> validate_format(:email, @email_regex)
|> validate_length(:bio, max: 1000) |> validate_length(:bio, max: bio_limit)
|> validate_length(:name, min: 1, max: 100) |> validate_length(:name, min: 1, max: name_limit)
|> put_change(:info, info_change) |> put_change(:info, info_change)
changeset = changeset =

View file

@ -525,7 +525,10 @@ test "it has required fields" do
end end
test "it restricts some sizes" do test "it restricts some sizes" do
[bio: 5000, name: 100] bio_limit = Pleroma.Config.get([:instance, :user_bio_length], 5000)
name_limit = Pleroma.Config.get([:instance, :user_name_length], 100)
[bio: bio_limit, name: name_limit]
|> Enum.each(fn {field, size} -> |> Enum.each(fn {field, size} ->
string = String.pad_leading(".", size) string = String.pad_leading(".", size)
cs = User.remote_user_creation(Map.put(@valid_remote, field, string)) cs = User.remote_user_creation(Map.put(@valid_remote, field, string))