From: Alex Gleason <alex@alexgleason.me>
Date: Sun, 2 Aug 2020 19:53:42 +0000 (-0500)
Subject: Add email blacklist, fixes #1404
X-Git-Url: https://git.squeep.com/?a=commitdiff_plain;h=dc88b6f0919cf5686af7d5b935e8ee462491704b;p=akkoma
Add email blacklist, fixes #1404
---
diff --git a/config/config.exs b/config/config.exs
index d31208c25..ba263bf95 100644
--- a/config/config.exs
+++ b/config/config.exs
@@ -509,7 +509,8 @@ config :pleroma, Pleroma.User,
"user_exists",
"users",
"web"
- ]
+ ],
+ email_blacklist: []
config :pleroma, Oban,
repo: Pleroma.Repo,
diff --git a/config/description.exs b/config/description.exs
index 11fbe0d78..3fe22e969 100644
--- a/config/description.exs
+++ b/config/description.exs
@@ -3021,6 +3021,7 @@ config :pleroma, :config_description, [
%{
key: :restricted_nicknames,
type: {:list, :string},
+ description: "List of nicknames users may not register with.",
suggestions: [
".well-known",
"~",
@@ -3053,6 +3054,12 @@ config :pleroma, :config_description, [
"users",
"web"
]
+ },
+ %{
+ key: :email_blacklist,
+ type: {:list, :string},
+ description: "List of email domains users may not register with.",
+ suggestions: ["mailinator.com", "maildrop.cc"]
}
]
},
diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md
index 9c768abef..1a86179f3 100644
--- a/docs/configuration/cheatsheet.md
+++ b/docs/configuration/cheatsheet.md
@@ -202,6 +202,11 @@ config :pleroma, :mrf_user_allowlist, %{
* `sign_object_fetches`: Sign object fetches with HTTP signatures
* `authorized_fetch_mode`: Require HTTP signatures for AP fetches
+## Pleroma.User
+
+* `restricted_nicknames`: List of nicknames users may not register with.
+* `email_blacklist`: List of email domains users may not register with.
+
## Pleroma.ScheduledActivity
* `daily_user_limit`: the number of scheduled activities a user is allowed to create in a single day (Default: `25`)
diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex
index dcf6ebee2..d0cc098fe 100644
--- a/lib/pleroma/user.ex
+++ b/lib/pleroma/user.ex
@@ -676,10 +676,19 @@ defmodule Pleroma.User do
|> validate_required([:name, :nickname, :password, :password_confirmation])
|> validate_confirmation(:password)
|> unique_constraint(:email)
+ |> validate_format(:email, @email_regex)
+ |> validate_change(:email, fn :email, email ->
+ valid? =
+ Config.get([User, :email_blacklist])
+ |> Enum.all?(fn blacklisted_domain ->
+ !String.ends_with?(email, ["@" <> blacklisted_domain, "." <> blacklisted_domain])
+ end)
+
+ if valid?, do: [], else: [email: "Email domain is blacklisted"]
+ end)
|> unique_constraint(:nickname)
|> validate_exclusion(:nickname, Config.get([User, :restricted_nicknames]))
|> validate_format(:nickname, local_nickname_regex())
- |> validate_format(:email, @email_regex)
|> validate_length(:bio, max: bio_limit)
|> validate_length(:name, min: 1, max: name_limit)
|> validate_length(:registration_reason, max: reason_limit)
diff --git a/test/user_test.exs b/test/user_test.exs
index 904cea536..7c45e69e7 100644
--- a/test/user_test.exs
+++ b/test/user_test.exs
@@ -490,6 +490,29 @@ defmodule Pleroma.UserTest do
refute changeset.valid?
end
+ test "it blocks blacklisted email domains" do
+ clear_config([User, :email_blacklist], ["trolling.world"])
+
+ # Block with match
+ params = Map.put(@full_user_data, :email, "troll@trolling.world")
+ changeset = User.register_changeset(%User{}, params)
+ refute changeset.valid?
+
+ # Block with subdomain match
+ params = Map.put(@full_user_data, :email, "troll@gnomes.trolling.world")
+ changeset = User.register_changeset(%User{}, params)
+ refute changeset.valid?
+
+ # Pass with different domains that are similar
+ params = Map.put(@full_user_data, :email, "troll@gnomestrolling.world")
+ changeset = User.register_changeset(%User{}, params)
+ assert changeset.valid?
+
+ params = Map.put(@full_user_data, :email, "troll@trolling.world.us")
+ changeset = User.register_changeset(%User{}, params)
+ assert changeset.valid?
+ end
+
test "it sets the password_hash and ap_id" do
changeset = User.register_changeset(%User{}, @full_user_data)