From 5fff927dc44129070cfcc7e93a1fe8c51654dab0 Mon Sep 17 00:00:00 2001
From: Dessalines <dessalines@users.noreply.github.com>
Date: Wed, 7 Apr 2021 07:38:00 -0400
Subject: [PATCH] Adding matrix id validation check. Fixes #1520 (#1538)

---
 crates/api/src/local_user.rs | 8 +++++++-
 crates/utils/src/test.rs     | 9 +++++++++
 crates/utils/src/utils.rs    | 5 +++++
 3 files changed, 21 insertions(+), 1 deletion(-)

diff --git a/crates/api/src/local_user.rs b/crates/api/src/local_user.rs
index 43954aa8..bf5693ce 100644
--- a/crates/api/src/local_user.rs
+++ b/crates/api/src/local_user.rs
@@ -60,7 +60,7 @@ use lemmy_utils::{
   email::send_email,
   location_info,
   settings::structs::Settings,
-  utils::{generate_random_string, is_valid_display_name, naive_from_unix},
+  utils::{generate_random_string, is_valid_display_name, is_valid_matrix_id, naive_from_unix},
   ApiError,
   ConnectionId,
   LemmyError,
@@ -187,6 +187,12 @@ impl Perform for SaveUserSettings {
       }
     }
 
+    if let Some(Some(matrix_user_id)) = &matrix_user_id {
+      if !is_valid_matrix_id(matrix_user_id) {
+        return Err(ApiError::err("invalid_matrix_id").into());
+      }
+    }
+
     let local_user_id = local_user_view.local_user.id;
     let person_id = local_user_view.person.id;
     let default_listing_type = data.default_listing_type;
diff --git a/crates/utils/src/test.rs b/crates/utils/src/test.rs
index 754aa8c3..da38299a 100644
--- a/crates/utils/src/test.rs
+++ b/crates/utils/src/test.rs
@@ -1,6 +1,7 @@
 use crate::utils::{
   is_valid_community_name,
   is_valid_display_name,
+  is_valid_matrix_id,
   is_valid_post_title,
   is_valid_username,
   remove_slurs,
@@ -56,6 +57,14 @@ fn test_valid_post_title() {
   assert!(!is_valid_post_title("\n \n \n \n    		")); // tabs/spaces/newlines
 }
 
+#[test]
+fn test_valid_matrix_id() {
+  assert!(is_valid_matrix_id("@dess:matrix.org"));
+  assert!(!is_valid_matrix_id("dess:matrix.org"));
+  assert!(!is_valid_matrix_id(" @dess:matrix.org"));
+  assert!(!is_valid_matrix_id("@dess:matrix.org t"));
+}
+
 #[test]
 fn test_slur_filter() {
   let test =
diff --git a/crates/utils/src/utils.rs b/crates/utils/src/utils.rs
index 732ac2c8..a34d9e30 100644
--- a/crates/utils/src/utils.rs
+++ b/crates/utils/src/utils.rs
@@ -15,6 +15,7 @@ lazy_static! {
   static ref VALID_USERNAME_REGEX: Regex = Regex::new(r"^[a-zA-Z0-9_]{3,20}$").expect("compile regex");
   static ref VALID_COMMUNITY_NAME_REGEX: Regex = Regex::new(r"^[a-z0-9_]{3,20}$").expect("compile regex");
   static ref VALID_POST_TITLE_REGEX: Regex = Regex::new(r".*\S.*").expect("compile regex");
+  static ref VALID_MATRIX_ID_REGEX: Regex = Regex::new(r"^@[A-Za-z0-9._=-]+:[A-Za-z0-9.-]+\.[A-Za-z]{2,}$").expect("compile regex");
 }
 
 pub fn naive_from_unix(time: i64) -> NaiveDateTime {
@@ -115,6 +116,10 @@ pub fn is_valid_display_name(name: &str) -> bool {
     && name.chars().count() <= 20
 }
 
+pub fn is_valid_matrix_id(matrix_id: &str) -> bool {
+  VALID_MATRIX_ID_REGEX.is_match(matrix_id)
+}
+
 pub fn is_valid_community_name(name: &str) -> bool {
   VALID_COMMUNITY_NAME_REGEX.is_match(name)
 }
-- 
2.44.1