You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@allura.apache.org by di...@apache.org on 2023/01/12 16:48:37 UTC
[allura] branch gc/8484 updated: fixup! fixup! [#8484] improvements to validation and fixed project features duplication bug
This is an automated email from the ASF dual-hosted git repository.
dill0wn pushed a commit to branch gc/8484
in repository https://gitbox.apache.org/repos/asf/allura.git
The following commit(s) were added to refs/heads/gc/8484 by this push:
new 9717f8f2b fixup! fixup! [#8484] improvements to validation and fixed project features duplication bug
9717f8f2b is described below
commit 9717f8f2b0d64d8d9f5ae8a839df94b0252d5870
Author: Dillon Walls <di...@slashdotmedia.com>
AuthorDate: Thu Jan 12 16:30:41 2023 +0000
fixup! fixup! [#8484] improvements to validation and fixed project features duplication bug
---
Allura/allura/controllers/auth.py | 19 +++++++++++++--
Allura/allura/ext/admin/widgets.py | 14 +++--------
Allura/allura/lib/validators.py | 36 +++++++++++++---------------
Allura/allura/lib/widgets/forms.py | 8 ++-----
Allura/allura/tests/functional/test_admin.py | 3 +--
Allura/development.ini | 1 -
6 files changed, 39 insertions(+), 42 deletions(-)
diff --git a/Allura/allura/controllers/auth.py b/Allura/allura/controllers/auth.py
index 177b95209..21b3fc346 100644
--- a/Allura/allura/controllers/auth.py
+++ b/Allura/allura/controllers/auth.py
@@ -24,6 +24,7 @@ import warnings
from six.moves.urllib.parse import urlparse, urljoin
import bson
+import formencode as fe
import tg
from tg import expose, flash, redirect, validate, config, session
from tg.decorators import with_trailing_slash, without_trailing_slash
@@ -41,6 +42,7 @@ from allura import model as M
from allura.lib.security import require_authenticated, has_access, is_site_admin
from allura.lib import helpers as h
from allura.lib import plugin
+from allura.lib import validators as V
from allura.lib.decorators import require_post, reconfirm_auth
from allura.lib.exceptions import InvalidRecoveryCode, MultifactorRateLimitError
from allura.lib.repository import RepositoryApp
@@ -1053,8 +1055,21 @@ class UserContactsController(BaseController):
def add_social_network(self, **kw):
require_authenticated()
- if kw['socialnetwork'] == 'Twitter' and not kw['accounturl'].startswith('http'):
- kw['accounturl'] = f"http://twitter.com/{kw['accounturl'].replace('@', '')}"
+ validator_map = {
+ 'Twitter': V.TwitterValidator(),
+ 'Instagram': V.InstagramValidator(),
+ 'Facebook': V.FacebookValidator(),
+ 'Mastodon': V.FediverseValidator(),
+ 'Linkedin': V.LinkedinValidator(),
+ }
+
+ try:
+ Validator = validator_map.get(kw['socialnetwork'])
+ kw['accounturl'] = Validator().to_python(kw['accounturl'])
+ except fe.Invalid as e:
+ # c.form_errors['accounturl'] = e.msg
+ flash(e.msg, 'error')
+ redirect('.')
c.user.add_multivalue_pref('socialnetworks',
{'socialnetwork': kw['socialnetwork'], 'accounturl': kw['accounturl']})
diff --git a/Allura/allura/ext/admin/widgets.py b/Allura/allura/ext/admin/widgets.py
index de4fbf933..f20cfc9ac 100644
--- a/Allura/allura/ext/admin/widgets.py
+++ b/Allura/allura/ext/admin/widgets.py
@@ -166,9 +166,6 @@ class MetadataAdmin(ff.AdminForm):
enctype='multipart/form-data')
class fields(ew_core.NameList):
- allowed_social_domains = aslist(tg.config.get('allowed_social_domains',
- ['facebook.com', 'instagram.com', 'linkedin.com', 'twitter.com']),
- ',')
name = ew.InputField(field_type='text',
label='Name',
validator=formencode.All(
@@ -226,18 +223,13 @@ class MetadataAdmin(ff.AdminForm):
attrs=(dict(placeholder='UA-123456-0', pattern='UA-[0-9]+-[0-9]+')))
twitter_handle = ew.InputField(
field_type="text", label='Twitter Handle',
- validator=formencode.All(fev.URL(add_http=True, if_empty=''),
- V.SocialDomainValidator(domains=allowed_social_domains),
- V.TwitterValidator))
+ validator=V.TwitterValidator)
facebook_page = ew.InputField(field_type="text", label='Facebook page',
- validator=formencode.All(fev.URL(add_http=True),
- V.SocialDomainValidator(domains=allowed_social_domains),
- V.FacebookValidator) )
+ validator=V.FacebookValidator)
instagram_page = ew.InputField(
field_type="text", label='Instagram page',
- validator=formencode.All(fev.URL(add_http=True), V.SocialDomainValidator(domains=allowed_social_domains),
- V.InstagramValidator))
+ validator=V.InstagramValidator)
fediverse_address = ew.InputField(field_type="text", label="Mastodon address",
validator=V.FediverseValidator)
diff --git a/Allura/allura/lib/validators.py b/Allura/allura/lib/validators.py
index b7a8d5828..4d9368e38 100644
--- a/Allura/allura/lib/validators.py
+++ b/Allura/allura/lib/validators.py
@@ -488,48 +488,44 @@ class IconValidator(fev.FancyValidator):
return value
-FEDIVERSE_REGEX = r'^@[a-zA-Z_]*@[a-zA-Z_.]*$'
-
-class FediverseAddressValidator(fev.FancyValidator):
-
+FEDIVERSE_REGEX = r'^@[\w-]+@[\w-]+(\.[\w-]+)+$'
+class LinkedinValidator(fev.FancyValidator):
def _to_python(self, value, state):
- match = re.match(FEDIVERSE_REGEX , value)
- if not match:
- raise fe.Invalid('Address format must be @your username@your server', value, state)
-
- return value.lower()
-
-
-
-class SocialDomainValidator(fev.FancyValidator):
- def __init__(self,**kw):
- self.domains = kw.get('domains')
-
- def _to_python(self, value, state):
- url = urlsplit(value)
- if self.domains and not any(domain == url.netloc.replace('www.','') for domain in self.domains):
- raise fe.Invalid('Invalid domain for this field', value, state)
+ if value.startswith('@') and not re.match(FEDIVERSE_REGEX, value):
+ value = f'https://linkedin.com/in/{value.replace("@", "")}/'
+ elif 'linkedin.com' not in value:
+ raise fe.Invalid('Invalid Linkedin address', value, state)
return value
+
class TwitterValidator(fev.FancyValidator):
def _to_python(self, value, state):
if value.startswith('@') and not re.match(FEDIVERSE_REGEX, value):
value = f'https://twitter.com/{value.replace("@", "")}'
+ elif 'twitter.com' not in value:
+ raise fe.Invalid('Invalid Twitter address', value, state)
return value
+
class InstagramValidator(fev.FancyValidator):
def _to_python(self, value, state):
if value.startswith('@') and not re.match(FEDIVERSE_REGEX, value):
value = f'https://instagram.com/{value.replace("@", "")}'
+ elif 'instagram.com' not in value:
+ raise fe.Invalid('Invalid Instagram address', value, state)
return value
+
class FacebookValidator(fev.FancyValidator):
def _to_python(self, value, state):
if value.startswith('@') and not re.match(FEDIVERSE_REGEX, value):
value = f'https://facebook.com/{value.replace("@", "")}'
+ elif 'facebook.com' not in value:
+ raise fe.Invalid('Invalid Facebook address', value, state)
return value
+
class FediverseValidator(fev.FancyValidator):
def _to_python(self, value, state):
if value.startswith('http'):
diff --git a/Allura/allura/lib/widgets/forms.py b/Allura/allura/lib/widgets/forms.py
index 3444bf170..94b99871a 100644
--- a/Allura/allura/lib/widgets/forms.py
+++ b/Allura/allura/lib/widgets/forms.py
@@ -436,9 +436,6 @@ class AddSocialNetworkForm(ForgeForm):
socialnetworks = aslist(tg.config.get('socialnetworks',
['Facebook', 'Linkedin', 'Twitter',]),
',')
- allowed_social_domains = aslist(tg.config.get('allowed_social_domains',
- ['facebook.com', 'instagram.com', 'linkedin.com', 'twitter.com']),
- ',')
return [
ew.SingleSelectField(
@@ -450,9 +447,8 @@ class AddSocialNetworkForm(ForgeForm):
ew.TextField(
name='accounturl',
label='Account url',
- validator=formencode.All(
- V.UnicodeString(not_empty=True), V.SocialDomainValidator(domains=allowed_social_domains)
- ))
+ validator=V.UnicodeString(not_empty=True),
+ )
]
diff --git a/Allura/allura/tests/functional/test_admin.py b/Allura/allura/tests/functional/test_admin.py
index 7a017b710..11deb1ea0 100644
--- a/Allura/allura/tests/functional/test_admin.py
+++ b/Allura/allura/tests/functional/test_admin.py
@@ -967,8 +967,7 @@ class TestProjectAdmin(TestController):
assert resp.status_int == 200
resp = self.app.post('/admin/update', params={'facebook_page': 'https://spam.com'})
assert resp.status_int == 200
- errors = resp.html.findAll('div', attrs={'class': 'error'})
- assert errors[0].text == 'Invalid domain for this field'
+ assert 'Invalid Facebook address' in resp
#invalid instagram
resp = self.app.post('/admin/update', params={'instagram_page': 'https://instagrams.com'})
assert resp.status_int == 200
diff --git a/Allura/development.ini b/Allura/development.ini
index 8499ef58a..7872c3d92 100644
--- a/Allura/development.ini
+++ b/Allura/development.ini
@@ -199,7 +199,6 @@ auth.allow_non_primary_email_password_reset = true
auth.require_email_addr = true
; List of social network options to use on user account settings
socialnetworks = Facebook, Linkedin, Twitter, Instagram, Mastodon
-allowed_social_domains = facebook.com, instagram.com, linkedin.com, twitter.com
; Allow uploading ssh key, optionally set ssh preferences url
auth.allow_upload_ssh_key = false