Set a fairly sensible limit on user name validation

Also updated controller properties with types within modified files. Related to #3614
2024-11-24 11:52:34 +01:00 · 2022-08-09 12:40:59 +01:00 · 2022-08-09 12:40:59 +01:00 · 4209f27f1a
commit 4209f27f1a
parent 89ec9a5081
3 changed files with 10 additions and 10 deletions
--- a/app/Http/Controllers/Api/UserApiController.php
+++ b/app/Http/Controllers/Api/UserApiController.php
@ -36,7 +36,7 @@ class UserApiController extends ApiController
    {
        return [
            'create' => [
-                'name'  => ['required', 'min:2'],
+                'name'  => ['required', 'min:2', 'max:100'],
                'email' => [
                    'required', 'min:2', 'email', new Unique('users', 'email'),
                ],
@ -48,7 +48,7 @@ class UserApiController extends ApiController
                'send_invite'      => ['boolean'],
            ],
            'update' => [
-                'name'  => ['min:2'],
+                'name'  => ['min:2', 'max:100'],
                'email' => [
                    'min:2',
                    'email',
--- a/app/Http/Controllers/Auth/RegisterController.php
+++ b/app/Http/Controllers/Auth/RegisterController.php
@ -30,9 +30,9 @@ class RegisterController extends Controller

    use RegistersUsers;

-    protected $socialAuthService;
-    protected $registrationService;
-    protected $loginService;
+    protected SocialAuthService $socialAuthService;
+    protected RegistrationService $registrationService;
+    protected LoginService $loginService;

    /**
     * Where to redirect users after login / registration.
@ -69,7 +69,7 @@ class RegisterController extends Controller
    protected function validator(array $data)
    {
        return Validator::make($data, [
-            'name'     => ['required', 'min:2', 'max:255'],
+            'name'     => ['required', 'min:2', 'max:100'],
            'email'    => ['required', 'email', 'max:255', 'unique:users'],
            'password' => ['required', Password::default()],
        ]);
--- a/app/Http/Controllers/UserController.php
+++ b/app/Http/Controllers/UserController.php
@ -18,8 +18,8 @@ use Illuminate\Validation\ValidationException;

 class UserController extends Controller
 {
-    protected $userRepo;
-    protected $imageRepo;
+    protected UserRepo $userRepo;
+    protected ImageRepo $imageRepo;

    /**
     * UserController constructor.
@ -81,7 +81,7 @@ class UserController extends Controller
        $passwordRequired = ($authMethod === 'standard' && !$sendInvite);

        $validationRules = [
-            'name'             => ['required'],
+            'name'             => ['required', 'max:100'],
            'email'            => ['required', 'email', 'unique:users,email'],
            'language'         => ['string', 'max:15', 'alpha_dash'],
            'roles'            => ['array'],
@ -139,7 +139,7 @@ class UserController extends Controller
        $this->checkPermissionOrCurrentUser('users-manage', $id);

        $validated = $this->validate($request, [
-            'name'             => ['min:2'],
+            'name'             => ['min:2', 'max:100'],
            'email'            => ['min:2', 'email', 'unique:users,email,' . $id],
            'password'         => ['required_with:password_confirm', Password::default()],
            'password-confirm' => ['same:password', 'required_with:password'],