1
0
mirror of https://gitlab.com/comunic/comunicapiv3 synced 2024-11-22 21:39:21 +00:00

Enforce messages text len policy

This commit is contained in:
Pierre HUBERT 2021-03-05 12:30:40 +01:00
parent 7ce29bca3e
commit 590aba0848
3 changed files with 30 additions and 6 deletions

View File

@ -3,7 +3,7 @@
//! @author Pierre Hubert //! @author Pierre Hubert
use serde::Serialize; use serde::Serialize;
use crate::constants::{conservation_policy, MIN_SUPPORTED_MOBILE_VERSION, password_policy}; use crate::constants::{conservation_policy, MIN_SUPPORTED_MOBILE_VERSION, password_policy, MIN_CONVERSATION_MESSAGE_LENGTH, MAX_CONVERSATION_MESSAGE_LENGTH};
use crate::data::config::conf; use crate::data::config::conf;
#[derive(Serialize)] #[derive(Serialize)]
@ -37,6 +37,8 @@ pub struct ServerConfig {
android_direct_download_url: String, android_direct_download_url: String,
password_policy: PasswordPolicy, password_policy: PasswordPolicy,
data_conservation_policy: DataConservationPolicy, data_conservation_policy: DataConservationPolicy,
min_conversation_message_len: usize,
max_conversation_message_len: usize,
} }
impl ServerConfig { impl ServerConfig {
@ -47,6 +49,10 @@ impl ServerConfig {
privacy_policy_url: &conf().privacy_policy_url, privacy_policy_url: &conf().privacy_policy_url,
play_store_url: &conf().play_store_url, play_store_url: &conf().play_store_url,
android_direct_download_url: conf().android_direct_download_url.clone(), android_direct_download_url: conf().android_direct_download_url.clone(),
min_conversation_message_len: MIN_CONVERSATION_MESSAGE_LENGTH,
max_conversation_message_len: MAX_CONVERSATION_MESSAGE_LENGTH,
password_policy: PasswordPolicy { password_policy: PasswordPolicy {
allow_email_in_password: password_policy::ALLOW_EMAIL_IN_PASSWORD, allow_email_in_password: password_policy::ALLOW_EMAIL_IN_PASSWORD,
allow_name_in_password: password_policy::ALLOW_NAME_IN_PASSWORD, allow_name_in_password: password_policy::ALLOW_NAME_IN_PASSWORD,

View File

@ -166,3 +166,4 @@ pub const MIN_SUPPORTED_MOBILE_VERSION: &str = "1.1.1";
/// Minimum message length /// Minimum message length
pub const MIN_CONVERSATION_MESSAGE_LENGTH: usize = 1; pub const MIN_CONVERSATION_MESSAGE_LENGTH: usize = 1;
pub const MAX_CONVERSATION_MESSAGE_LENGTH: usize = 16000;

View File

@ -9,7 +9,7 @@ use crate::api_data::list_unread_conversations_api::UnreadConversationAPI;
use crate::api_data::res_count_unread_conversations::ResultCountUnreadConversations; use crate::api_data::res_count_unread_conversations::ResultCountUnreadConversations;
use crate::api_data::res_create_conversation::ResCreateConversation; use crate::api_data::res_create_conversation::ResCreateConversation;
use crate::api_data::res_find_private_conversations::ResFindPrivateConversations; use crate::api_data::res_find_private_conversations::ResFindPrivateConversations;
use crate::constants::MIN_CONVERSATION_MESSAGE_LENGTH; use crate::constants::{MAX_CONVERSATION_MESSAGE_LENGTH, MIN_CONVERSATION_MESSAGE_LENGTH};
use crate::controllers::user_ws_controller; use crate::controllers::user_ws_controller;
use crate::data::base_request_handler::BaseRequestHandler; use crate::data::base_request_handler::BaseRequestHandler;
use crate::data::conversation::{ConversationMemberSetting, NewConversationSettings}; use crate::data::conversation::{ConversationMemberSetting, NewConversationSettings};
@ -264,8 +264,15 @@ pub fn send_message(r: &mut HttpRequestHandler) -> RequestResult {
} }
}; };
// Get message, if there is no image
let message = if let None = file { let message = if let None = file {
Some(r.post_string_without_html("message", MIN_CONVERSATION_MESSAGE_LENGTH, true)?) let msg = r.post_string_without_html("message", MIN_CONVERSATION_MESSAGE_LENGTH, true)?;
if msg.len() > MAX_CONVERSATION_MESSAGE_LENGTH {
r.bad_request("Message is too long!".to_string())?;
}
Some(msg)
} else { } else {
None None
}; };
@ -312,12 +319,22 @@ pub fn delete_conversation(r: &mut HttpRequestHandler) -> RequestResult {
/// Update a single conversation message /// Update a single conversation message
pub fn update_message(r: &mut HttpRequestHandler) -> RequestResult { pub fn update_message(r: &mut HttpRequestHandler) -> RequestResult {
let msg_id = r.post_u64("messageID")?; let msg_id = r.post_u64("messageID")?;
let new_content = r.post_string_opt("content", 3, true)?; let new_content = r.post_string_opt("content", MIN_CONVERSATION_MESSAGE_LENGTH, true)?;
if !conversations_helper::is_message_owner(&r.user_id()?, msg_id)? { let msg = conversations_helper::get_single_message(msg_id)?;
if msg.user_id != r.user_id_opt() {
r.forbidden("You are not the owner of this message!".to_string())?; r.forbidden("You are not the owner of this message!".to_string())?;
} }
if msg.file.is_some() {
r.bad_request("Can not have both text and file in the same message!".to_string())?;
}
if new_content.len() > MAX_CONVERSATION_MESSAGE_LENGTH {
r.bad_request("New message is too long!".to_string())?;
}
conversations_helper::update_message_content(msg_id, &new_content)?; conversations_helper::update_message_content(msg_id, &new_content)?;
r.success("Conversation message content successfully updated") r.success("Conversation message content successfully updated")