forked from GNUsocial/gnu-social
[UTIL][Nickname] Fix some parameters issues found with strict types
This commit is contained in:
parent
5eefea7a29
commit
44cf1fa24c
@ -132,7 +132,7 @@ class Security extends Controller
|
|||||||
// TODO: ensure there's no user with this email registered already
|
// TODO: ensure there's no user with this email registered already
|
||||||
|
|
||||||
// Already used is checked below
|
// Already used is checked below
|
||||||
$sanitized_nickname = Nickname::normalize($data['nickname'], check_already_used: false);
|
$sanitized_nickname = Nickname::normalize($data['nickname'], check_already_used: false, which: Nickname::CHECK_LOCAL_USER, check_is_allowed: false);
|
||||||
|
|
||||||
try {
|
try {
|
||||||
// This already checks if the nickname is being used
|
// This already checks if the nickname is being used
|
||||||
|
@ -92,7 +92,7 @@ class Authenticator extends AbstractFormLoginAuthenticator
|
|||||||
if (filter_var($credentials['nickname_or_email'], FILTER_VALIDATE_EMAIL) !== false) {
|
if (filter_var($credentials['nickname_or_email'], FILTER_VALIDATE_EMAIL) !== false) {
|
||||||
$user = LocalUser::getByEmail($credentials['nickname_or_email']);
|
$user = LocalUser::getByEmail($credentials['nickname_or_email']);
|
||||||
} else {
|
} else {
|
||||||
$user = LocalUser::getWithPK(['nickname' => Nickname::normalize($credentials['nickname_or_email'], check_already_used: false)]);
|
$user = LocalUser::getWithPK(['nickname' => Nickname::normalize($credentials['nickname_or_email'], check_already_used: false, which: Nickname::CHECK_LOCAL_USER, check_is_allowed: false)]);
|
||||||
}
|
}
|
||||||
if ($user === null) {
|
if ($user === null) {
|
||||||
throw new NoSuchActorException('No such local user.');
|
throw new NoSuchActorException('No such local user.');
|
||||||
|
@ -55,6 +55,11 @@ use InvalidArgumentException;
|
|||||||
*/
|
*/
|
||||||
class Nickname
|
class Nickname
|
||||||
{
|
{
|
||||||
|
/**
|
||||||
|
* Maximum number of characters in a canonical-form nickname. Changes must validate regexs
|
||||||
|
*/
|
||||||
|
const MAX_LEN = 64;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Regex fragment for pulling a formated nickname *OR* ID number.
|
* Regex fragment for pulling a formated nickname *OR* ID number.
|
||||||
* Suitable for router def of 'id' parameters on API actions.
|
* Suitable for router def of 'id' parameters on API actions.
|
||||||
@ -67,7 +72,7 @@ class Nickname
|
|||||||
*
|
*
|
||||||
* @fixme would prefer to define in reference to the other constants
|
* @fixme would prefer to define in reference to the other constants
|
||||||
*/
|
*/
|
||||||
public const INPUT_FMT = '(?:[0-9]+|[0-9a-zA-Z_]{1,64})';
|
public const INPUT_FMT = '(?:[0-9]+|[0-9a-zA-Z_]{1,' . self::MAX_LEN . '})';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Regex fragment for acceptable user-formatted variant of a nickname.
|
* Regex fragment for acceptable user-formatted variant of a nickname.
|
||||||
@ -82,7 +87,7 @@ class Nickname
|
|||||||
*
|
*
|
||||||
* This, INPUT_FMT and CANONICAL_FMT should not be enclosed in []s.
|
* This, INPUT_FMT and CANONICAL_FMT should not be enclosed in []s.
|
||||||
*/
|
*/
|
||||||
public const DISPLAY_FMT = '[0-9a-zA-Z_]{1,64}';
|
public const DISPLAY_FMT = '[0-9a-zA-Z_]{1,' . self::MAX_LEN . '}';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Simplified regex fragment for acceptable full WebFinger ID of a user
|
* Simplified regex fragment for acceptable full WebFinger ID of a user
|
||||||
@ -92,11 +97,6 @@ class Nickname
|
|||||||
*/
|
*/
|
||||||
public const WEBFINGER_FMT = '(?:\w+[\w\-\_\.]*)?\w+\@' . URL_REGEX_DOMAIN_NAME;
|
public const WEBFINGER_FMT = '(?:\w+[\w\-\_\.]*)?\w+\@' . URL_REGEX_DOMAIN_NAME;
|
||||||
|
|
||||||
/**
|
|
||||||
* Maximum number of characters in a canonical-form nickname. Changes must validate regexs
|
|
||||||
*/
|
|
||||||
const MAX_LEN = 64;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Regex fragment for checking a canonical nickname.
|
* Regex fragment for checking a canonical nickname.
|
||||||
*
|
*
|
||||||
@ -182,7 +182,7 @@ class Nickname
|
|||||||
* @throws NicknameTakenException
|
* @throws NicknameTakenException
|
||||||
* @throws NicknameTooLongException
|
* @throws NicknameTooLongException
|
||||||
*/
|
*/
|
||||||
public static function normalize(string $nickname, bool $check_already_used = true, bool $check_is_allowed = true): string
|
public static function normalize(string $nickname, bool $check_already_used = false, int $which = self::CHECK_LOCAL_USER, bool $check_is_allowed = true): string
|
||||||
{
|
{
|
||||||
$nickname = trim($nickname);
|
$nickname = trim($nickname);
|
||||||
$nickname = str_replace('_', '', $nickname);
|
$nickname = str_replace('_', '', $nickname);
|
||||||
@ -190,7 +190,7 @@ class Nickname
|
|||||||
// We could do UTF-8 normalization (å to a, etc.) with something like Normalizer::normalize($nickname, Normalizer::FORM_C)
|
// We could do UTF-8 normalization (å to a, etc.) with something like Normalizer::normalize($nickname, Normalizer::FORM_C)
|
||||||
// We won't as it could confuse tremendously the user, he must know what is valid and should fix his own input
|
// We won't as it could confuse tremendously the user, he must know what is valid and should fix his own input
|
||||||
|
|
||||||
if (!self::validate($nickname, $check_already_used, $check_is_allowed) || !self::isCanonical($nickname)) {
|
if (!self::validate(nickname: $nickname, check_already_used: $check_already_used, which: $which, check_is_allowed: $check_is_allowed) || !self::isCanonical($nickname)) {
|
||||||
throw new NicknameInvalidException();
|
throw new NicknameInvalidException();
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -201,14 +201,14 @@ class Nickname
|
|||||||
* Nice simple check of whether the given string is a valid input nickname,
|
* Nice simple check of whether the given string is a valid input nickname,
|
||||||
* which can be normalized into an internally canonical form.
|
* which can be normalized into an internally canonical form.
|
||||||
*
|
*
|
||||||
* Note that valid nicknames may be in use or reserved.
|
* Note that valid nicknames may be in use or blacklisted.
|
||||||
*
|
*
|
||||||
* @return bool True if nickname is valid. False if invalid (or taken if $check_already_used == true).
|
* @return bool True if nickname is valid. False if invalid (or taken if $check_already_used == true).
|
||||||
*/
|
*/
|
||||||
public static function isValid(string $nickname, bool $check_already_used = true, bool $check_is_allowed = true): bool
|
public static function isValid(string $nickname, bool $check_already_used = false, int $which = self::CHECK_LOCAL_USER, bool $check_is_allowed = true): bool
|
||||||
{
|
{
|
||||||
try {
|
try {
|
||||||
self::normalize($nickname, $check_already_used, $check_is_allowed);
|
self::normalize(nickname: $nickname, check_already_used: $check_already_used, which: $which, check_is_allowed: $check_is_allowed);
|
||||||
} catch (NicknameException) {
|
} catch (NicknameException) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
@ -223,7 +223,7 @@ class Nickname
|
|||||||
*/
|
*/
|
||||||
public static function isCanonical(string $nickname): bool
|
public static function isCanonical(string $nickname): bool
|
||||||
{
|
{
|
||||||
return preg_match('/^(?:' . self::CANONICAL_FMT . ')$/', $nickname);
|
return preg_match('/^(?:' . self::CANONICAL_FMT . ')$/', $nickname) > 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
Loading…
Reference in New Issue
Block a user