From 2c63e0292a0a0a530ce814246bb6762983808135 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Sat, 6 Apr 2019 17:53:17 +0200 Subject: [PATCH] Fix admin validation being too strict about usernames (#10449) * Fix admin validation being too strict about usernames Fix #10446 * Strip Setting.site_contact_username consistently throughout the codebase --- app/controllers/home_controller.rb | 2 +- app/controllers/shares_controller.rb | 2 +- app/models/concerns/account_finder_concern.rb | 2 +- app/presenters/instance_presenter.rb | 2 +- app/validators/existing_username_validator.rb | 10 ++-------- 5 files changed, 6 insertions(+), 12 deletions(-) diff --git a/app/controllers/home_controller.rb b/app/controllers/home_controller.rb index b5d6460f9..d1bd0601e 100644 --- a/app/controllers/home_controller.rb +++ b/app/controllers/home_controller.rb @@ -50,7 +50,7 @@ class HomeController < ApplicationController push_subscription: current_account.user.web_push_subscription(current_session), current_account: current_account, token: current_session.token, - admin: Account.find_local(Setting.site_contact_username), + admin: Account.find_local(Setting.site_contact_username.strip.gsub(/\A@/, '')), } end diff --git a/app/controllers/shares_controller.rb b/app/controllers/shares_controller.rb index 9ef1e0749..af605b98f 100644 --- a/app/controllers/shares_controller.rb +++ b/app/controllers/shares_controller.rb @@ -21,7 +21,7 @@ class SharesController < ApplicationController push_subscription: current_account.user.web_push_subscription(current_session), current_account: current_account, token: current_session.token, - admin: Account.find_local(Setting.site_contact_username), + admin: Account.find_local(Setting.site_contact_username.strip.gsub(/\A@/, '')), text: text, } end diff --git a/app/models/concerns/account_finder_concern.rb b/app/models/concerns/account_finder_concern.rb index 7e3bbde09..0ac49cc12 100644 --- a/app/models/concerns/account_finder_concern.rb +++ b/app/models/concerns/account_finder_concern.rb @@ -13,7 +13,7 @@ module AccountFinderConcern end def representative - find_local(Setting.site_contact_username.gsub(/\A@/, '')) || Account.local.find_by(suspended: false) + find_local(Setting.site_contact_username.strip.gsub(/\A@/, '')) || Account.local.find_by(suspended: false) end def find_local(username) diff --git a/app/presenters/instance_presenter.rb b/app/presenters/instance_presenter.rb index 74c5ed129..f3a73209a 100644 --- a/app/presenters/instance_presenter.rb +++ b/app/presenters/instance_presenter.rb @@ -13,7 +13,7 @@ class InstancePresenter ) def contact_account - Account.find_local(Setting.site_contact_username.gsub(/\A@/, '')) + Account.find_local(Setting.site_contact_username.strip.gsub(/\A@/, '')) end def user_count diff --git a/app/validators/existing_username_validator.rb b/app/validators/existing_username_validator.rb index 4388a0c98..b31d09827 100644 --- a/app/validators/existing_username_validator.rb +++ b/app/validators/existing_username_validator.rb @@ -5,16 +5,10 @@ class ExistingUsernameValidator < ActiveModel::EachValidator return if value.blank? if options[:multiple] - missing_usernames = value.split(',').map { |username| username unless Account.find_local(username) }.compact + missing_usernames = value.split(',').map { |username| username.strip.gsub(/\A@/, '') }.map { |username| username unless Account.find_local(username) }.compact record.errors.add(attribute, I18n.t('existing_username_validator.not_found_multiple', usernames: missing_usernames.join(', '))) if missing_usernames.any? else - record.errors.add(attribute, I18n.t('existing_username_validator.not_found')) unless Account.find_local(value) + record.errors.add(attribute, I18n.t('existing_username_validator.not_found')) unless Account.find_local(value.strip.gsub(/\A@/, '')) end end - - private - - def valid_html?(str) - Nokogiri::HTML.fragment(str).to_s == str - end end