Browse Source
Merge branch 'fix/truncate-remote-user-fields' into 'develop'
Truncate remote user fields See merge request pleroma/pleroma!1619object-id-column
rinpatch
4 years ago
3 changed files with 85 additions and 21 deletions
Split View
Diff Options
-
+15 -1lib/pleroma/user.ex
-
+17 -0lib/pleroma/user/info.ex
-
+53 -20test/user_test.exs
+ 15
- 1
lib/pleroma/user.ex
View File
| @@ -174,11 +174,25 @@ defmodule Pleroma.User do | |||
| |> Repo.aggregate(:count, :id) | |||
| end | |||
| defp truncate_if_exists(params, key, max_length) do | |||
| if Map.has_key?(params, key) and is_binary(params[key]) do | |||
| {value, _chopped} = String.split_at(params[key], max_length) | |||
| Map.put(params, key, value) | |||
| else | |||
| params | |||
| end | |||
| end | |||
| def remote_user_creation(params) do | |||
| bio_limit = Pleroma.Config.get([:instance, :user_bio_length], 5000) | |||
| name_limit = Pleroma.Config.get([:instance, :user_name_length], 100) | |||
| params = Map.put(params, :info, params[:info] || %{}) | |||
| params = | |||
| params | |||
| |> Map.put(:info, params[:info] || %{}) | |||
| |> truncate_if_exists(:name, name_limit) | |||
| |> truncate_if_exists(:bio, bio_limit) | |||
| info_cng = User.Info.remote_user_creation(%User.Info{}, params[:info]) | |||
| changes = | |||
+ 17
- 0
lib/pleroma/user/info.ex
View File
| @@ -242,6 +242,13 @@ defmodule Pleroma.User.Info do | |||
| end | |||
| def remote_user_creation(info, params) do | |||
| params = | |||
| if Map.has_key?(params, :fields) do | |||
| Map.put(params, :fields, Enum.map(params[:fields], &truncate_field/1)) | |||
| else | |||
| params | |||
| end | |||
| info | |||
| |> cast(params, [ | |||
| :ap_enabled, | |||
| @@ -326,6 +333,16 @@ defmodule Pleroma.User.Info do | |||
| defp valid_field?(_), do: false | |||
| defp truncate_field(%{"name" => name, "value" => value}) do | |||
| {name, _chopped} = | |||
| String.split_at(name, Pleroma.Config.get([:instance, :account_field_name_length], 255)) | |||
| {value, _chopped} = | |||
| String.split_at(value, Pleroma.Config.get([:instance, :account_field_value_length], 255)) | |||
| %{"name" => name, "value" => value} | |||
| end | |||
| @spec confirmation_changeset(Info.t(), keyword()) :: Changeset.t() | |||
| def confirmation_changeset(info, opts) do | |||
| need_confirmation? = Keyword.get(opts, :need_confirmation) | |||
+ 53
- 20
test/user_test.exs
View File
| @@ -570,22 +570,6 @@ defmodule Pleroma.UserTest do | |||
| refute cs.valid? | |||
| end) | |||
| end | |||
| test "it restricts some sizes" do | |||
| bio_limit = Pleroma.Config.get([:instance, :user_bio_length], 5000) | |||
| name_limit = Pleroma.Config.get([:instance, :user_name_length], 100) | |||
| [bio: bio_limit, name: name_limit] | |||
| |> Enum.each(fn {field, size} -> | |||
| string = String.pad_leading(".", size) | |||
| cs = User.remote_user_creation(Map.put(@valid_remote, field, string)) | |||
| assert cs.valid? | |||
| string = String.pad_leading(".", size + 1) | |||
| cs = User.remote_user_creation(Map.put(@valid_remote, field, string)) | |||
| refute cs.valid? | |||
| end) | |||
| end | |||
| end | |||
| describe "followers and friends" do | |||
| @@ -1117,11 +1101,60 @@ defmodule Pleroma.UserTest do | |||
| assert {:ok, _key} = User.get_public_key_for_ap_id("http://mastodon.example.org/users/admin") | |||
| end | |||
| test "insert or update a user from given data" do | |||
| user = insert(:user, %{nickname: "nick@name.de"}) | |||
| data = %{ap_id: user.ap_id <> "xxx", name: user.name, nickname: user.nickname} | |||
| describe "insert or update a user from given data" do | |||
| test "with normal data" do | |||
| user = insert(:user, %{nickname: "nick@name.de"}) | |||
| data = %{ap_id: user.ap_id <> "xxx", name: user.name, nickname: user.nickname} | |||
| assert {:ok, %User{}} = User.insert_or_update_user(data) | |||
| end | |||
| test "with overly long fields" do | |||
| current_max_length = Pleroma.Config.get([:instance, :account_field_value_length], 255) | |||
| user = insert(:user, nickname: "nickname@supergood.domain") | |||
| data = %{ | |||
| ap_id: user.ap_id, | |||
| name: user.name, | |||
| nickname: user.nickname, | |||
| info: %{ | |||
| fields: [ | |||
| %{"name" => "myfield", "value" => String.duplicate("h", current_max_length + 1)} | |||
| ] | |||
| } | |||
| } | |||
| assert {:ok, %User{}} = User.insert_or_update_user(data) | |||
| assert {:ok, %User{}} = User.insert_or_update_user(data) | |||
| end | |||
| test "with an overly long bio" do | |||
| current_max_length = Pleroma.Config.get([:instance, :user_bio_length], 5000) | |||
| user = insert(:user, nickname: "nickname@supergood.domain") | |||
| data = %{ | |||
| ap_id: user.ap_id, | |||
| name: user.name, | |||
| nickname: user.nickname, | |||
| bio: String.duplicate("h", current_max_length + 1), | |||
| info: %{} | |||
| } | |||
| assert {:ok, %User{}} = User.insert_or_update_user(data) | |||
| end | |||
| test "with an overly long display name" do | |||
| current_max_length = Pleroma.Config.get([:instance, :user_name_length], 100) | |||
| user = insert(:user, nickname: "nickname@supergood.domain") | |||
| data = %{ | |||
| ap_id: user.ap_id, | |||
| name: String.duplicate("h", current_max_length + 1), | |||
| nickname: user.nickname, | |||
| info: %{} | |||
| } | |||
| assert {:ok, %User{}} = User.insert_or_update_user(data) | |||
| end | |||
| end | |||
| describe "per-user rich-text filtering" do | |||