From 5fff927dc44129070cfcc7e93a1fe8c51654dab0 Mon Sep 17 00:00:00 2001 From: Dessalines <dessalines@users.noreply.github.com> Date: Wed, 7 Apr 2021 07:38:00 -0400 Subject: [PATCH] Adding matrix id validation check. Fixes #1520 (#1538) --- crates/api/src/local_user.rs | 8 +++++++- crates/utils/src/test.rs | 9 +++++++++ crates/utils/src/utils.rs | 5 +++++ 3 files changed, 21 insertions(+), 1 deletion(-) diff --git a/crates/api/src/local_user.rs b/crates/api/src/local_user.rs index 43954aa8..bf5693ce 100644 --- a/crates/api/src/local_user.rs +++ b/crates/api/src/local_user.rs @@ -60,7 +60,7 @@ use lemmy_utils::{ email::send_email, location_info, settings::structs::Settings, - utils::{generate_random_string, is_valid_display_name, naive_from_unix}, + utils::{generate_random_string, is_valid_display_name, is_valid_matrix_id, naive_from_unix}, ApiError, ConnectionId, LemmyError, @@ -187,6 +187,12 @@ impl Perform for SaveUserSettings { } } + if let Some(Some(matrix_user_id)) = &matrix_user_id { + if !is_valid_matrix_id(matrix_user_id) { + return Err(ApiError::err("invalid_matrix_id").into()); + } + } + let local_user_id = local_user_view.local_user.id; let person_id = local_user_view.person.id; let default_listing_type = data.default_listing_type; diff --git a/crates/utils/src/test.rs b/crates/utils/src/test.rs index 754aa8c3..da38299a 100644 --- a/crates/utils/src/test.rs +++ b/crates/utils/src/test.rs @@ -1,6 +1,7 @@ use crate::utils::{ is_valid_community_name, is_valid_display_name, + is_valid_matrix_id, is_valid_post_title, is_valid_username, remove_slurs, @@ -56,6 +57,14 @@ fn test_valid_post_title() { assert!(!is_valid_post_title("\n \n \n \n ")); // tabs/spaces/newlines } +#[test] +fn test_valid_matrix_id() { + assert!(is_valid_matrix_id("@dess:matrix.org")); + assert!(!is_valid_matrix_id("dess:matrix.org")); + assert!(!is_valid_matrix_id(" @dess:matrix.org")); + assert!(!is_valid_matrix_id("@dess:matrix.org t")); +} + #[test] fn test_slur_filter() { let test = diff --git a/crates/utils/src/utils.rs b/crates/utils/src/utils.rs index 732ac2c8..a34d9e30 100644 --- a/crates/utils/src/utils.rs +++ b/crates/utils/src/utils.rs @@ -15,6 +15,7 @@ lazy_static! { static ref VALID_USERNAME_REGEX: Regex = Regex::new(r"^[a-zA-Z0-9_]{3,20}$").expect("compile regex"); static ref VALID_COMMUNITY_NAME_REGEX: Regex = Regex::new(r"^[a-z0-9_]{3,20}$").expect("compile regex"); static ref VALID_POST_TITLE_REGEX: Regex = Regex::new(r".*\S.*").expect("compile regex"); + static ref VALID_MATRIX_ID_REGEX: Regex = Regex::new(r"^@[A-Za-z0-9._=-]+:[A-Za-z0-9.-]+\.[A-Za-z]{2,}$").expect("compile regex"); } pub fn naive_from_unix(time: i64) -> NaiveDateTime { @@ -115,6 +116,10 @@ pub fn is_valid_display_name(name: &str) -> bool { && name.chars().count() <= 20 } +pub fn is_valid_matrix_id(matrix_id: &str) -> bool { + VALID_MATRIX_ID_REGEX.is_match(matrix_id) +} + pub fn is_valid_community_name(name: &str) -> bool { VALID_COMMUNITY_NAME_REGEX.is_match(name) } -- 2.44.1