Make checking blacklisted domains and restricted nicknames case-insenstive

This commit is contained in:
Sean King 2022-07-05 20:36:47 -06:00
parent 29f4ab640b
commit 0d4aceb9b0
No known key found for this signature in database
GPG key ID: 510C52BACD6E7257
2 changed files with 38 additions and 2 deletions

View file

@ -758,13 +758,26 @@ defmodule Pleroma.User do
valid? = valid? =
Config.get([User, :email_blacklist]) Config.get([User, :email_blacklist])
|> Enum.all?(fn blacklisted_domain -> |> Enum.all?(fn blacklisted_domain ->
!String.ends_with?(email, ["@" <> blacklisted_domain, "." <> blacklisted_domain]) blacklisted_domain_downcase = String.downcase(blacklisted_domain)
!String.ends_with?(String.downcase(email), [
"@" <> blacklisted_domain_downcase,
"." <> blacklisted_domain_downcase
])
end) end)
if valid?, do: [], else: [email: "Invalid email"] if valid?, do: [], else: [email: "Invalid email"]
end) end)
|> unique_constraint(:nickname) |> unique_constraint(:nickname)
|> validate_exclusion(:nickname, Config.get([User, :restricted_nicknames])) |> validate_change(:nickname, fn :nickname, nickname ->
valid? =
Config.get([User, :restricted_nicknames])
|> Enum.all?(fn restricted_nickname ->
String.downcase(nickname) != String.downcase(restricted_nickname)
end)
if valid?, do: [], else: [nickname: "Invalid nickname"]
end)
|> validate_format(:nickname, local_nickname_regex()) |> validate_format(:nickname, local_nickname_regex())
|> validate_length(:bio, max: bio_limit) |> validate_length(:bio, max: bio_limit)
|> validate_length(:name, min: 1, max: name_limit) |> validate_length(:name, min: 1, max: name_limit)

View file

@ -618,6 +618,7 @@ defmodule Pleroma.UserTest do
end end
test "it restricts certain nicknames" do test "it restricts certain nicknames" do
clear_config([User, :restricted_nicknames], ["about"])
[restricted_name | _] = Pleroma.Config.get([User, :restricted_nicknames]) [restricted_name | _] = Pleroma.Config.get([User, :restricted_nicknames])
assert is_bitstring(restricted_name) assert is_bitstring(restricted_name)
@ -631,6 +632,23 @@ defmodule Pleroma.UserTest do
refute changeset.valid? refute changeset.valid?
end end
test "it is case-insensitive when restricting nicknames" do
clear_config([User, :restricted_nicknames], ["about"])
[restricted_name | _] = Pleroma.Config.get([User, :restricted_nicknames])
assert is_bitstring(restricted_name)
restricted_upcase_name = String.upcase(restricted_name)
params =
@full_user_data
|> Map.put(:nickname, restricted_upcase_name)
changeset = User.register_changeset(%User{}, params)
refute changeset.valid?
end
test "it blocks blacklisted email domains" do test "it blocks blacklisted email domains" do
clear_config([User, :email_blacklist], ["trolling.world"]) clear_config([User, :email_blacklist], ["trolling.world"])
@ -639,6 +657,11 @@ defmodule Pleroma.UserTest do
changeset = User.register_changeset(%User{}, params) changeset = User.register_changeset(%User{}, params)
refute changeset.valid? refute changeset.valid?
# Block with case-insensitive match
params = Map.put(@full_user_data, :email, "troll@TrOlLing.wOrld")
changeset = User.register_changeset(%User{}, params)
refute changeset.valid?
# Block with subdomain match # Block with subdomain match
params = Map.put(@full_user_data, :email, "troll@gnomes.trolling.world") params = Map.put(@full_user_data, :email, "troll@gnomes.trolling.world")
changeset = User.register_changeset(%User{}, params) changeset = User.register_changeset(%User{}, params)