name_: string = randomString(5)
): Promise<CommunityResponse> {
let description = 'a sample description';
- let icon = 'https://image.flaticon.com/icons/png/512/35/35896.png';
- let banner = 'https://image.flaticon.com/icons/png/512/35/35896.png';
let form: CreateCommunity = {
name: name_,
title: name_,
description,
- icon,
- banner,
nsfw: false,
auth: api.auth,
};
use chrono::Duration;
use lemmy_api_common::{
blocking,
+ check_image_has_local_domain,
check_registration_application,
get_local_user_view_from_jwt,
is_admin,
let local_user_view =
get_local_user_view_from_jwt(&data.auth, context.pool(), context.secret()).await?;
+ check_image_has_local_domain(&data.avatar)?;
+ check_image_has_local_domain(&data.banner)?;
+
let avatar = diesel_option_overwrite_to_url(&data.avatar)?;
let banner = diesel_option_overwrite_to_url(&data.banner)?;
let bio = diesel_option_overwrite(&data.bio);
LemmyError,
Sensitive,
};
+use url::Url;
pub async fn blocking<F, T>(pool: &DbPool, f: F) -> Result<T, LemmyError>
where
Ok(())
}
+
+pub fn check_image_has_local_domain(url: &Option<String>) -> Result<(), LemmyError> {
+ if let Some(url) = url {
+ let settings = Settings::get();
+ let url = Url::parse(url)?;
+ let domain = url.domain().expect("url has domain");
+ if domain != settings.hostname {
+ return Err(LemmyError::from_message("image_not_local"));
+ }
+ }
+ Ok(())
+}
use actix_web::web::Data;
use lemmy_api_common::{
blocking,
+ check_image_has_local_domain,
community::{CommunityResponse, CreateCommunity},
get_local_user_view_from_jwt,
is_admin,
check_slurs(&data.name, &context.settings().slur_regex())?;
check_slurs(&data.title, &context.settings().slur_regex())?;
check_slurs_opt(&data.description, &context.settings().slur_regex())?;
+ check_image_has_local_domain(&data.icon)?;
+ check_image_has_local_domain(&data.banner)?;
if !is_valid_actor_name(&data.name, context.settings().actor_name_max_length) {
return Err(LemmyError::from_message("invalid_community_name"));
use actix_web::web::Data;
use lemmy_api_common::{
blocking,
+ check_image_has_local_domain,
community::{CommunityResponse, EditCommunity, HideCommunity},
get_local_user_view_from_jwt,
is_admin,
check_slurs_opt(&data.title, &context.settings().slur_regex())?;
check_slurs_opt(&data.description, &context.settings().slur_regex())?;
+ check_image_has_local_domain(&data.icon)?;
+ check_image_has_local_domain(&data.banner)?;
// Verify its a mod (only mods can edit it)
let community_id = data.community_id;
use actix_web::web::Data;
use lemmy_api_common::{
blocking,
+ check_image_has_local_domain,
get_local_user_view_from_jwt,
is_admin,
site::*,
check_slurs(&data.name, &context.settings().slur_regex())?;
check_slurs_opt(&data.description, &context.settings().slur_regex())?;
+ check_image_has_local_domain(&data.icon)?;
+ check_image_has_local_domain(&data.banner)?;
// Make sure user is an admin
is_admin(&local_user_view)?;
use actix_web::web::Data;
use lemmy_api_common::{
blocking,
+ check_image_has_local_domain,
get_local_user_view_from_jwt,
is_admin,
site::{EditSite, SiteResponse},
check_slurs_opt(&data.name, &context.settings().slur_regex())?;
check_slurs_opt(&data.description, &context.settings().slur_regex())?;
+ check_image_has_local_domain(&data.icon)?;
+ check_image_has_local_domain(&data.banner)?;
// Make sure user is an admin
is_admin(&local_user_view)?;
use crate::{
check_is_apub_id_valid,
- objects::get_summary_from_string_or_source,
+ objects::{get_summary_from_string_or_source, verify_image_domain_matches},
protocol::{objects::instance::Instance, ImageObject, Source},
};
use activitystreams_kinds::actor::ServiceType;
) -> Result<(), LemmyError> {
check_is_apub_id_valid(apub.id.inner(), true, &data.settings())?;
verify_domains_match(expected_domain, apub.id.inner())?;
+ verify_image_domain_matches(expected_domain, &apub.icon)?;
+ verify_image_domain_matches(expected_domain, &apub.image)?;
let slur_regex = &data.settings().slur_regex();
check_slurs(&apub.name, slur_regex)?;
-use crate::protocol::Source;
+use crate::protocol::{ImageObject, Source};
use html2md::parse_html;
+use lemmy_apub_lib::verify::verify_domains_match;
+use lemmy_utils::LemmyError;
+use url::Url;
pub mod comment;
pub mod community;
}
}
+pub fn verify_image_domain_matches(a: &Url, b: &Option<ImageObject>) -> Result<(), LemmyError> {
+ if let Some(b) = b {
+ verify_domains_match(a, &b.url)
+ } else {
+ Ok(())
+ }
+}
+
#[cfg(test)]
pub(crate) mod tests {
use actix::Actor;
use crate::{
check_is_apub_id_valid,
generate_outbox_url,
- objects::{get_summary_from_string_or_source, instance::fetch_instance_actor_for_object},
+ objects::{
+ get_summary_from_string_or_source,
+ instance::fetch_instance_actor_for_object,
+ verify_image_domain_matches,
+ },
protocol::{
objects::{
person::{Person, UserTypes},
) -> Result<(), LemmyError> {
verify_domains_match(person.id.inner(), expected_domain)?;
check_is_apub_id_valid(person.id.inner(), false, &context.settings())?;
+ verify_image_domain_matches(expected_domain, &person.icon)?;
+ verify_image_domain_matches(expected_domain, &person.image)?;
let slur_regex = &context.settings().slur_regex();
check_slurs(&person.preferred_username, slur_regex)?;
community_moderators::ApubCommunityModerators,
community_outbox::ApubCommunityOutbox,
},
- objects::{community::ApubCommunity, get_summary_from_string_or_source},
+ objects::{
+ community::ApubCommunity,
+ get_summary_from_string_or_source,
+ verify_image_domain_matches,
+ },
protocol::{objects::Endpoints, ImageObject, Source},
};
use activitystreams_kinds::actor::GroupType;
) -> Result<(), LemmyError> {
check_is_apub_id_valid(self.id.inner(), true, &context.settings())?;
verify_domains_match(expected_domain, self.id.inner())?;
+ verify_image_domain_matches(expected_domain, &self.icon)?;
+ verify_image_domain_matches(expected_domain, &self.image)?;
let slur_regex = &context.settings().slur_regex();
check_slurs(&self.preferred_username, slur_regex)?;
projects / lemmy.git / commitdiff