aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorEgor Kislitsyn <egor@kislitsyn.com>2019-08-01 15:09:15 +0700
committerEgor Kislitsyn <egor@kislitsyn.com>2019-08-14 14:52:54 +0700
commit2c35d4b0b04e58368c51f2828536d295f72839a2 (patch)
tree240756755e3d649b897d43e04bc1b21c6da077b4
parentdb3c05f6b4c226733633a409cb1f1a290db4c48b (diff)
downloadpleroma-2c35d4b0b04e58368c51f2828536d295f72839a2.tar.gz
Add configurable account field name length limit
Diffstat
-rw-r--r--config/config.exs1
-rw-r--r--docs/config.md1
-rw-r--r--lib/pleroma/user/info.ex3
-rw-r--r--test/web/mastodon_api/mastodon_api_controller/update_credentials_test.exs9
4 files changed, 10 insertions, 4 deletions
diff --git a/config/config.exs b/config/config.exs
index 21f4861f2..4fd241e90 100644
--- a/config/config.exs
+++ b/config/config.exs
@@ -256,6 +256,7 @@ config :pleroma, :instance,
user_bio_length: 5000,
user_name_length: 100,
max_account_fields: 4,
+ account_field_name_length: 255,
account_field_value_length: 255,
external_user_synchronization: true
diff --git a/docs/config.md b/docs/config.md
index fbb506093..6744f5879 100644
--- a/docs/config.md
+++ b/docs/config.md
@@ -133,6 +133,7 @@ config :pleroma, Pleroma.Emails.Mailer,
* `limit_to_local_content`: Limit unauthenticated users to search for local statutes and users only. Possible values: `:unauthenticated`, `:all` and `false`. The default is `:unauthenticated`.
* `dynamic_configuration`: Allow transferring configuration to DB with the subsequent customization from Admin api.
* `max_account_fields`: The maximum number of custom fields in the user profile (default: `4`)
+* `account_field_name_length`: An account field name maximum length (default: `255`)
* `account_field_value_length`: An account field value maximum length (default: `255`)
* `external_user_synchronization`: Enabling following/followers counters synchronization for external users.
diff --git a/lib/pleroma/user/info.ex b/lib/pleroma/user/info.ex
index 9e4d381f8..e54243f06 100644
--- a/lib/pleroma/user/info.ex
+++ b/lib/pleroma/user/info.ex
@@ -308,11 +308,12 @@ defmodule Pleroma.User.Info do
end
defp valid_field?(%{"name" => name, "value" => value}) do
+ name_limit = Pleroma.Config.get([:instance, :account_field_name_length], 255)
value_limit = Pleroma.Config.get([:instance, :account_field_value_length], 255)
is_binary(name) &&
is_binary(value) &&
- String.length(name) <= 255 &&
+ String.length(name) <= name_limit &&
String.length(value) <= value_limit
end
diff --git a/test/web/mastodon_api/mastodon_api_controller/update_credentials_test.exs b/test/web/mastodon_api/mastodon_api_controller/update_credentials_test.exs
index 992a692f0..e75f25d51 100644
--- a/test/web/mastodon_api/mastodon_api_controller/update_credentials_test.exs
+++ b/test/web/mastodon_api/mastodon_api_controller/update_credentials_test.exs
@@ -325,11 +325,12 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController.UpdateCredentialsTest do
%{"name" => "link", "value" => "cofe.io"}
]
+ name_limit = Pleroma.Config.get([:instance, :account_field_name_length])
value_limit = Pleroma.Config.get([:instance, :account_field_value_length])
- long_str = Enum.map(0..value_limit, fn _ -> "x" end) |> Enum.join()
+ long_value = Enum.map(0..value_limit, fn _ -> "x" end) |> Enum.join()
- fields = [%{"name" => "<b>foo<b>", "value" => long_str}]
+ fields = [%{"name" => "<b>foo<b>", "value" => long_value}]
assert %{"error" => "Invalid request"} ==
conn
@@ -337,7 +338,9 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController.UpdateCredentialsTest do
|> patch("/api/v1/accounts/update_credentials", %{"fields" => fields})
|> json_response(403)
- fields = [%{"name" => long_str, "value" => "bar"}]
+ long_name = Enum.map(0..name_limit, fn _ -> "x" end) |> Enum.join()
+
+ fields = [%{"name" => long_name, "value" => "bar"}]
assert %{"error" => "Invalid request"} ==
conn
generated by cgit v1.2.3 (git 2.26.2) at 2025-04-24 08:46:19 +0000