1
0
mirror of https://github.com/BookStackApp/BookStack.git synced 2024-11-23 03:12:32 +01:00

Sprinkled in some user language validation

For #3615
This commit is contained in:
Dan Brown 2022-08-04 17:24:04 +01:00
parent 42f4c9afae
commit 89ec9a5081
No known key found for this signature in database
GPG Key ID: 46D9F943C24A2EF9
3 changed files with 28 additions and 4 deletions

View File

@ -41,7 +41,7 @@ class UserApiController extends ApiController
'required', 'min:2', 'email', new Unique('users', 'email'),
],
'external_auth_id' => ['string'],
'language' => ['string'],
'language' => ['string', 'max:15', 'alpha_dash'],
'password' => [Password::default()],
'roles' => ['array'],
'roles.*' => ['integer'],
@ -55,7 +55,7 @@ class UserApiController extends ApiController
(new Unique('users', 'email'))->ignore($userId ?? null),
],
'external_auth_id' => ['string'],
'language' => ['string'],
'language' => ['string', 'max:15', 'alpha_dash'],
'password' => [Password::default()],
'roles' => ['array'],
'roles.*' => ['integer'],

View File

@ -83,7 +83,7 @@ class UserController extends Controller
$validationRules = [
'name' => ['required'],
'email' => ['required', 'email', 'unique:users,email'],
'language' => ['string'],
'language' => ['string', 'max:15', 'alpha_dash'],
'roles' => ['array'],
'roles.*' => ['integer'],
'password' => $passwordRequired ? ['required', Password::default()] : null,
@ -143,7 +143,7 @@ class UserController extends Controller
'email' => ['min:2', 'email', 'unique:users,email,' . $id],
'password' => ['required_with:password_confirm', Password::default()],
'password-confirm' => ['same:password', 'required_with:password'],
'language' => ['string'],
'language' => ['string', 'max:15', 'alpha_dash'],
'roles' => ['array'],
'roles.*' => ['integer'],
'external_auth_id' => ['string'],

View File

@ -234,4 +234,28 @@ class UserManagementTest extends TestCase
$this->assertDatabaseMissing('activities', ['type' => 'USER_CREATE']);
}
public function test_user_create_update_fails_if_locale_is_invalid()
{
$user = $this->getEditor();
// Too long
$resp = $this->asAdmin()->put($user->getEditUrl(), ['language' => 'this_is_too_long']);
$resp->assertSessionHasErrors(['language' => 'The language may not be greater than 15 characters.']);
session()->flush();
// Invalid characters
$resp = $this->put($user->getEditUrl(), ['language' => 'en<GB']);
$resp->assertSessionHasErrors(['language' => 'The language may only contain letters, numbers, dashes and underscores.']);
session()->flush();
// Both on create
$resp = $this->post('/settings/users/create', [
'language' => 'en<GB_and_this_is_longer',
'name' => 'My name',
'email' => 'jimmy@example.com',
]);
$resp->assertSessionHasErrors(['language' => 'The language may not be greater than 15 characters.']);
$resp->assertSessionHasErrors(['language' => 'The language may only contain letters, numbers, dashes and underscores.']);
}
}