|> validate_format(:nickname, @email_regex)
|> validate_length(:bio, max: bio_limit)
|> validate_length(:name, max: name_limit)
- |> validate_fields(true)
+ |> validate_fields(true, struct)
|> validate_non_local()
end
:pleroma_settings_store,
&{:ok, Map.merge(struct.pleroma_settings_store, &1)}
)
- |> validate_fields(false)
+ |> validate_fields(false, struct)
end
defp put_fields(changeset) do
defp put_password_hash(
%Ecto.Changeset{valid?: true, changes: %{password: password}} = changeset
) do
- change(changeset, password_hash: Pleroma.Password.Pbkdf2.hash_pwd_salt(password))
+ change(changeset, password_hash: Pleroma.Password.hash_pwd_salt(password))
end
defp put_password_hash(changeset), do: changeset
|> update_and_set_cache()
end
- def validate_fields(changeset, remote? \\ false) do
+ @spec validate_fields(Ecto.Changeset.t(), Boolean.t(), User.t()) :: Ecto.Changeset.t()
+ def validate_fields(changeset, remote? \\ false, struct) do
limit_name = if remote?, do: :max_remote_account_fields, else: :max_account_fields
limit = Config.get([:instance, limit_name], 0)
[fields: "invalid"]
end
end)
+ |> maybe_validate_rel_me_field(struct)
end
defp valid_field?(%{"name" => name, "value" => value}) do
defp valid_field?(_), do: false
+ defp is_url(nil), do: nil
+
+ defp is_url(uri) do
+ case URI.parse(uri) do
+ %URI{host: nil} -> false
+ %URI{scheme: nil} -> false
+ _ -> true
+ end
+ end
+
+ @spec maybe_validate_rel_me_field(Changeset.t(), User.t()) :: Changeset.t()
+ defp maybe_validate_rel_me_field(changeset, %User{ap_id: _ap_id} = struct) do
+ fields = get_change(changeset, :fields)
+ raw_fields = get_change(changeset, :raw_fields)
+
+ if is_nil(fields) do
+ changeset
+ else
+ validate_rel_me_field(changeset, fields, raw_fields, struct)
+ end
+ end
+
+ defp maybe_validate_rel_me_field(changeset, _), do: changeset
+
+ @spec validate_rel_me_field(Changeset.t(), [Map.t()], [Map.t()], User.t()) :: Changeset.t()
+ defp validate_rel_me_field(changeset, fields, raw_fields, %User{
+ nickname: nickname,
+ ap_id: ap_id
+ }) do
+ fields =
+ fields
+ |> Enum.with_index()
+ |> Enum.map(fn {%{"name" => name, "value" => value}, index} ->
+ raw_value =
+ if is_nil(raw_fields) do
+ nil
+ else
+ Enum.at(raw_fields, index)["value"]
+ end
+
+ if is_url(raw_value) do
+ frontend_url =
+ Pleroma.Web.Router.Helpers.redirect_url(
+ Pleroma.Web.Endpoint,
+ :redirector_with_meta,
+ nickname
+ )
+
+ possible_urls = [ap_id, frontend_url]
+
+ with "me" <- RelMe.maybe_put_rel_me(raw_value, possible_urls) do
+ %{
+ "name" => name,
+ "value" => value,
+ "verified_at" => DateTime.to_iso8601(DateTime.utc_now())
+ }
+ else
+ e ->
+ Logger.error("Could not check for rel=me, #{inspect(e)}")
+ %{"name" => name, "value" => value}
+ end
+ else
+ %{"name" => name, "value" => value}
+ end
+ end)
+
+ put_change(changeset, :fields, fields)
+ end
+
defp truncate_field(%{"name" => name, "value" => value}) do
{name, _chopped} =
String.split_at(name, Config.get([:instance, :account_field_name_length], 255))
# - display name
def sanitize_html(%User{} = user, filter) do
fields =
- Enum.map(user.fields, fn %{"name" => name, "value" => value} ->
- %{
- "name" => name,
- "value" => HTML.filter_tags(value, Pleroma.HTML.Scrubber.LinksOnly)
- }
+ Enum.map(user.fields, fn %{"value" => value} = field ->
+ Map.put(field, "value", HTML.filter_tags(value, Pleroma.HTML.Scrubber.LinksOnly))
end)
user