Add separate Post check for is_valid_body_field (#3263)

* Add separate Post check for is_valid_body_field

* Modify is_valid_body_check for posts only

* Fix check var reinit in validation.rs

* Extra empty line to rerun woodpecker with changes

* Change Option to bool, add false to non-post calls

* Woodpecker trick.. again

* Probable rust_fmt fail fixed

* cargo_clippy changes

* Missing space between = and if

* Remove ; after body length checks
This commit is contained in:
Neshura 2023-06-26 10:47:01 +02:00 committed by GitHub
parent 206789af67
commit 203e35899e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
13 changed files with 20 additions and 14 deletions

View file

@ -42,7 +42,7 @@ impl Perform for BanFromCommunity {
// Verify that only mods or admins can ban // Verify that only mods or admins can ban
is_mod_or_admin(context.pool(), local_user_view.person.id, community_id).await?; is_mod_or_admin(context.pool(), local_user_view.person.id, community_id).await?;
is_valid_body_field(&data.reason)?; is_valid_body_field(&data.reason, false)?;
let community_user_ban_form = CommunityPersonBanForm { let community_user_ban_form = CommunityPersonBanForm {
community_id: data.community_id, community_id: data.community_id,

View file

@ -30,7 +30,7 @@ impl Perform for BanPerson {
// Make sure user is an admin // Make sure user is an admin
is_admin(&local_user_view)?; is_admin(&local_user_view)?;
is_valid_body_field(&data.reason)?; is_valid_body_field(&data.reason, false)?;
let ban = data.ban; let ban = data.ban;
let banned_person_id = data.person_id; let banned_person_id = data.person_id;

View file

@ -49,7 +49,7 @@ impl PerformCrud for CreateComment {
&data.content.clone(), &data.content.clone(),
&local_site_to_slur_regex(&local_site), &local_site_to_slur_regex(&local_site),
); );
is_valid_body_field(&Some(content_slurs_removed.clone()))?; is_valid_body_field(&Some(content_slurs_removed.clone()), false)?;
// Check for a community ban // Check for a community ban
let post_id = data.post_id; let post_id = data.post_id;

View file

@ -64,7 +64,7 @@ impl PerformCrud for EditComment {
.as_ref() .as_ref()
.map(|c| remove_slurs(c, &local_site_to_slur_regex(&local_site))); .map(|c| remove_slurs(c, &local_site_to_slur_regex(&local_site)));
is_valid_body_field(&content_slurs_removed)?; is_valid_body_field(&content_slurs_removed, false)?;
let comment_id = data.comment_id; let comment_id = data.comment_id;
let form = CommentUpdateForm::builder() let form = CommentUpdateForm::builder()

View file

@ -67,7 +67,7 @@ impl PerformCrud for CreateCommunity {
check_slurs_opt(&data.description, &slur_regex)?; check_slurs_opt(&data.description, &slur_regex)?;
is_valid_actor_name(&data.name, local_site.actor_name_max_length as usize)?; is_valid_actor_name(&data.name, local_site.actor_name_max_length as usize)?;
is_valid_body_field(&data.description)?; is_valid_body_field(&data.description, false)?;
// Double check for duplicate community actor_ids // Double check for duplicate community actor_ids
let community_actor_id = generate_local_apub_endpoint( let community_actor_id = generate_local_apub_endpoint(

View file

@ -39,7 +39,7 @@ impl PerformCrud for EditCommunity {
let slur_regex = local_site_to_slur_regex(&local_site); let slur_regex = local_site_to_slur_regex(&local_site);
check_slurs_opt(&data.title, &slur_regex)?; check_slurs_opt(&data.title, &slur_regex)?;
check_slurs_opt(&data.description, &slur_regex)?; check_slurs_opt(&data.description, &slur_regex)?;
is_valid_body_field(&data.description)?; is_valid_body_field(&data.description, false)?;
// Verify its a mod (only mods can edit it) // Verify its a mod (only mods can edit it)
let community_id = data.community_id; let community_id = data.community_id;

View file

@ -57,7 +57,7 @@ impl PerformCrud for CreatePost {
let url = data_url.map(clean_url_params).map(Into::into); // TODO no good way to handle a "clear" let url = data_url.map(clean_url_params).map(Into::into); // TODO no good way to handle a "clear"
is_valid_post_title(&data.name)?; is_valid_post_title(&data.name)?;
is_valid_body_field(&data.body)?; is_valid_body_field(&data.body, true)?;
check_community_ban(local_user_view.person.id, data.community_id, context.pool()).await?; check_community_ban(local_user_view.person.id, data.community_id, context.pool()).await?;
check_community_deleted_or_removed(data.community_id, context.pool()).await?; check_community_deleted_or_removed(data.community_id, context.pool()).await?;

View file

@ -49,7 +49,7 @@ impl PerformCrud for EditPost {
is_valid_post_title(name)?; is_valid_post_title(name)?;
} }
is_valid_body_field(&data.body)?; is_valid_body_field(&data.body, true)?;
let post_id = data.post_id; let post_id = data.post_id;
let orig_post = Post::read(context.pool(), post_id).await?; let orig_post = Post::read(context.pool(), post_id).await?;

View file

@ -43,7 +43,7 @@ impl PerformCrud for CreatePrivateMessage {
&data.content.clone(), &data.content.clone(),
&local_site_to_slur_regex(&local_site), &local_site_to_slur_regex(&local_site),
); );
is_valid_body_field(&Some(content_slurs_removed.clone()))?; is_valid_body_field(&Some(content_slurs_removed.clone()), false)?;
check_person_block(local_user_view.person.id, data.recipient_id, context.pool()).await?; check_person_block(local_user_view.person.id, data.recipient_id, context.pool()).await?;

View file

@ -41,7 +41,7 @@ impl PerformCrud for EditPrivateMessage {
// Doing the update // Doing the update
let content_slurs_removed = remove_slurs(&data.content, &local_site_to_slur_regex(&local_site)); let content_slurs_removed = remove_slurs(&data.content, &local_site_to_slur_regex(&local_site));
is_valid_body_field(&Some(content_slurs_removed.clone()))?; is_valid_body_field(&Some(content_slurs_removed.clone()), false)?;
let private_message_id = data.private_message_id; let private_message_id = data.private_message_id;
PrivateMessage::update( PrivateMessage::update(

View file

@ -73,7 +73,7 @@ impl PerformCrud for CreateSite {
site_description_length_check(desc)?; site_description_length_check(desc)?;
} }
is_valid_body_field(&data.sidebar)?; is_valid_body_field(&data.sidebar, false)?;
let application_question = diesel_option_overwrite(&data.application_question); let application_question = diesel_option_overwrite(&data.application_question);
check_application_question( check_application_question(

View file

@ -67,7 +67,7 @@ impl PerformCrud for EditSite {
site_description_length_check(desc)?; site_description_length_check(desc)?;
} }
is_valid_body_field(&data.sidebar)?; is_valid_body_field(&data.sidebar, false)?;
let application_question = diesel_option_overwrite(&data.application_question); let application_question = diesel_option_overwrite(&data.application_question);
check_application_question( check_application_question(

View file

@ -18,6 +18,7 @@ static CLEAN_URL_PARAMS_REGEX: Lazy<Regex> = Lazy::new(|| {
.expect("compile regex") .expect("compile regex")
}); });
const BODY_MAX_LENGTH: usize = 10000; const BODY_MAX_LENGTH: usize = 10000;
const POST_BODY_MAX_LENGTH: usize = 50000;
const BIO_MAX_LENGTH: usize = 300; const BIO_MAX_LENGTH: usize = 300;
fn has_newline(name: &str) -> bool { fn has_newline(name: &str) -> bool {
@ -68,9 +69,14 @@ pub fn is_valid_post_title(title: &str) -> LemmyResult<()> {
} }
/// This could be post bodies, comments, or any description field /// This could be post bodies, comments, or any description field
pub fn is_valid_body_field(body: &Option<String>) -> LemmyResult<()> { pub fn is_valid_body_field(body: &Option<String>, post: bool) -> LemmyResult<()> {
if let Some(body) = body { if let Some(body) = body {
let check = body.chars().count() <= BODY_MAX_LENGTH; let check = if post {
body.chars().count() <= POST_BODY_MAX_LENGTH
} else {
body.chars().count() <= BODY_MAX_LENGTH
};
if !check { if !check {
Err(LemmyError::from_message("invalid_body_field")) Err(LemmyError::from_message("invalid_body_field"))
} else { } else {