Add some backend changes and validation for field length

Closes #225 and #226

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
This commit is contained in:
Thomas Citharel 2019-10-18 11:21:31 +02:00
parent 90ba211c90
commit 342506bac0
No known key found for this signature in database
GPG Key ID: A061B9DDE0CA0773
4 changed files with 103 additions and 5 deletions

View File

@ -125,6 +125,7 @@ defmodule Mobilizon.Events.Event do
|> cast(attrs, @attrs) |> cast(attrs, @attrs)
|> cast_embed(:options) |> cast_embed(:options)
|> validate_required(@required_attrs) |> validate_required(@required_attrs)
|> validate_lengths()
end end
@doc false @doc false
@ -135,6 +136,18 @@ defmodule Mobilizon.Events.Event do
|> cast_embed(:options) |> cast_embed(:options)
|> put_tags(attrs) |> put_tags(attrs)
|> validate_required(@update_required_attrs) |> validate_required(@update_required_attrs)
|> validate_lengths()
end
@spec validate_lengths(Ecto.Changeset.t()) :: Ecto.Changeset.t()
defp validate_lengths(%Ecto.Changeset{} = changeset) do
changeset
|> validate_length(:title, min: 3, max: 200)
|> validate_length(:online_address, min: 3, max: 2000)
|> validate_length(:phone_address, min: 3, max: 200)
|> validate_length(:category, min: 2, max: 100)
# |> validate_length(:category, min: 2, max: 100)
|> validate_length(:slug, min: 3, max: 200)
end end
@doc """ @doc """

View File

@ -36,5 +36,7 @@ defmodule Mobilizon.Events.Tag do
|> TitleSlug.maybe_generate_slug() |> TitleSlug.maybe_generate_slug()
|> validate_required(@required_attrs) |> validate_required(@required_attrs)
|> TitleSlug.unique_constraint() |> TitleSlug.unique_constraint()
|> validate_length(:title, min: 2, max: 20)
|> validate_length(:slug, min: 2, max: 20)
end end
end end

View File

@ -79,7 +79,7 @@ defmodule Mobilizon.Users.User do
|> validate_required(@required_attrs) |> validate_required(@required_attrs)
|> unique_constraint(:email, message: "This email is already used.") |> unique_constraint(:email, message: "This email is already used.")
|> validate_email() |> validate_email()
|> validate_length(:password, min: 6, max: 100, message: "The chosen password is too short.") |> validate_length(:password, min: 6, max: 200, message: "The chosen password is too short.")
if Map.has_key?(attrs, :default_actor) do if Map.has_key?(attrs, :default_actor) do
put_assoc(changeset, :default_actor, attrs.default_actor) put_assoc(changeset, :default_actor, attrs.default_actor)
@ -130,7 +130,7 @@ defmodule Mobilizon.Users.User do
|> cast(attrs, required_attrs) |> cast(attrs, required_attrs)
|> validate_length(:password, |> validate_length(:password,
min: 6, min: 6,
max: 100, max: 200,
message: "registration.error.password_too_short" message: "registration.error.password_too_short"
) )
|> hash_password() |> hash_password()
@ -154,7 +154,7 @@ defmodule Mobilizon.Users.User do
end end
@spec save_confirmation_token(Ecto.Changeset.t()) :: Ecto.Changeset.t() @spec save_confirmation_token(Ecto.Changeset.t()) :: Ecto.Changeset.t()
defp save_confirmation_token(changeset) do defp save_confirmation_token(%Ecto.Changeset{} = changeset) do
case changeset do case changeset do
%Ecto.Changeset{valid?: true, changes: %{email: _email}} -> %Ecto.Changeset{valid?: true, changes: %{email: _email}} ->
now = DateTime.utc_now() now = DateTime.utc_now()
@ -169,7 +169,9 @@ defmodule Mobilizon.Users.User do
end end
@spec validate_email(Ecto.Changeset.t()) :: Ecto.Changeset.t() @spec validate_email(Ecto.Changeset.t()) :: Ecto.Changeset.t()
defp validate_email(changeset) do defp validate_email(%Ecto.Changeset{} = changeset) do
changeset = validate_length(changeset, :email, min: 3, max: 250)
case changeset do case changeset do
%Ecto.Changeset{valid?: true, changes: %{email: email}} -> %Ecto.Changeset{valid?: true, changes: %{email: email}} ->
case EmailChecker.valid?(email) do case EmailChecker.valid?(email) do
@ -186,7 +188,7 @@ defmodule Mobilizon.Users.User do
end end
@spec hash_password(Ecto.Changeset.t()) :: Ecto.Changeset.t() @spec hash_password(Ecto.Changeset.t()) :: Ecto.Changeset.t()
defp hash_password(changeset) do defp hash_password(%Ecto.Changeset{} = changeset) do
case changeset do case changeset do
%Ecto.Changeset{valid?: true, changes: %{password: password}} -> %Ecto.Changeset{valid?: true, changes: %{password: password}} ->
put_change(changeset, :password_hash, Argon2.hash_pwd_salt(password)) put_change(changeset, :password_hash, Argon2.hash_pwd_salt(password))

View File

@ -0,0 +1,81 @@
defmodule Mobilizon.Storage.Repo.Migrations.MoveSQLColumnsFromVarCharToText do
use Ecto.Migration
def up do
alter table(:events) do
modify(:title, :text, null: false)
modify(:online_address, :text, null: true)
modify(:phone_address, :text, null: true)
modify(:category, :text, null: true)
modify(:slug, :text, null: true)
end
alter table(:addresses) do
modify(:description, :text, null: true)
modify(:street, :text, null: true)
end
alter table(:bots) do
modify(:source, :text, null: false)
end
alter table(:report_notes) do
modify(:content, :text, null: false)
end
alter table(:reports) do
modify(:content, :text, null: true)
end
alter table(:sessions) do
modify(:title, :text, null: false)
modify(:subtitle, :text, null: true)
modify(:slides_url, :text, null: true)
modify(:videos_urls, :text, null: true)
modify(:audios_urls, :text, null: true)
end
alter table(:tracks) do
modify(:name, :text, null: false)
end
end
def down do
alter table(:events) do
modify(:title, :string, null: false)
modify(:online_address, :string, null: true)
modify(:phone_address, :string, null: true)
modify(:category, :string, null: true)
modify(:slug, :string, null: true)
end
alter table(:addresses) do
modify(:description, :string, null: true)
modify(:street, :string, null: true)
end
alter table(:bots) do
modify(:source, :string, null: false)
end
alter table(:report_notes) do
modify(:content, :string, null: false)
end
alter table(:reports) do
modify(:content, :string, null: true)
end
alter table(:sessions) do
modify(:title, :string, null: false)
modify(:subtitle, :string, null: true)
modify(:slides_url, :string, null: true)
modify(:videos_urls, :string, null: true)
modify(:audios_urls, :string, null: true)
end
alter table(:tracks) do
modify(:name, :string, null: false)
end
end
end