From 2c63e0292a0a0a530ce814246bb6762983808135 Mon Sep 17 00:00:00 2001
From: Eugen Rochko <eugen@zeonfederated.com>
Date: Sat, 6 Apr 2019 17:53:17 +0200
Subject: [PATCH] Fix admin validation being too strict about usernames
(#10449)
* Fix admin validation being too strict about usernames
Fix #10446
* Strip Setting.site_contact_username consistently throughout the codebase
---
app/controllers/home_controller.rb | 2 +-
app/controllers/shares_controller.rb | 2 +-
app/models/concerns/account_finder_concern.rb | 2 +-
app/presenters/instance_presenter.rb | 2 +-
app/validators/existing_username_validator.rb | 10 ++--------
5 files changed, 6 insertions(+), 12 deletions(-)
diff --git a/app/controllers/home_controller.rb b/app/controllers/home_controller.rb
index b5d6460f9f..d1bd0601e9 100644
--- a/app/controllers/home_controller.rb
+++ b/app/controllers/home_controller.rb
@@ -50,7 +50,7 @@ class HomeController < ApplicationController
push_subscription: current_account.user.web_push_subscription(current_session),
current_account: current_account,
token: current_session.token,
- admin: Account.find_local(Setting.site_contact_username),
+ admin: Account.find_local(Setting.site_contact_username.strip.gsub(/\A@/, '')),
}
end
diff --git a/app/controllers/shares_controller.rb b/app/controllers/shares_controller.rb
index 9ef1e07491..af605b98f7 100644
--- a/app/controllers/shares_controller.rb
+++ b/app/controllers/shares_controller.rb
@@ -21,7 +21,7 @@ class SharesController < ApplicationController
push_subscription: current_account.user.web_push_subscription(current_session),
current_account: current_account,
token: current_session.token,
- admin: Account.find_local(Setting.site_contact_username),
+ admin: Account.find_local(Setting.site_contact_username.strip.gsub(/\A@/, '')),
text: text,
}
end
diff --git a/app/models/concerns/account_finder_concern.rb b/app/models/concerns/account_finder_concern.rb
index 7e3bbde097..0ac49cc126 100644
--- a/app/models/concerns/account_finder_concern.rb
+++ b/app/models/concerns/account_finder_concern.rb
@@ -13,7 +13,7 @@ module AccountFinderConcern
end
def representative
- find_local(Setting.site_contact_username.gsub(/\A@/, '')) || Account.local.find_by(suspended: false)
+ find_local(Setting.site_contact_username.strip.gsub(/\A@/, '')) || Account.local.find_by(suspended: false)
end
def find_local(username)
diff --git a/app/presenters/instance_presenter.rb b/app/presenters/instance_presenter.rb
index 74c5ed1293..f3a73209af 100644
--- a/app/presenters/instance_presenter.rb
+++ b/app/presenters/instance_presenter.rb
@@ -13,7 +13,7 @@ class InstancePresenter
)
def contact_account
- Account.find_local(Setting.site_contact_username.gsub(/\A@/, ''))
+ Account.find_local(Setting.site_contact_username.strip.gsub(/\A@/, ''))
end
def user_count
diff --git a/app/validators/existing_username_validator.rb b/app/validators/existing_username_validator.rb
index 4388a0c983..b31d098273 100644
--- a/app/validators/existing_username_validator.rb
+++ b/app/validators/existing_username_validator.rb
@@ -5,16 +5,10 @@ class ExistingUsernameValidator < ActiveModel::EachValidator
return if value.blank?
if options[:multiple]
- missing_usernames = value.split(',').map { |username| username unless Account.find_local(username) }.compact
+ missing_usernames = value.split(',').map { |username| username.strip.gsub(/\A@/, '') }.map { |username| username unless Account.find_local(username) }.compact
record.errors.add(attribute, I18n.t('existing_username_validator.not_found_multiple', usernames: missing_usernames.join(', '))) if missing_usernames.any?
else
- record.errors.add(attribute, I18n.t('existing_username_validator.not_found')) unless Account.find_local(value)
+ record.errors.add(attribute, I18n.t('existing_username_validator.not_found')) unless Account.find_local(value.strip.gsub(/\A@/, ''))
end
end
-
- private
-
- def valid_html?(str)
- Nokogiri::HTML.fragment(str).to_s == str
- end
end