Kaynağa Gözat

refactor: updated value validation

Kristian Vos 5 yıl önce
ebeveyn
işleme
a7471f5628

+ 33 - 26
backend/logic/db/index.js

@@ -9,8 +9,8 @@ const regex = {
 	azAZ09_: /^[A-Za-z0-9_]+$/,
 	az09_: /^[a-z0-9_]+$/,
 	emailSimple: /^[\x00-\x7F]+@[a-z0-9]+\.[a-z0-9]+(\.[a-z0-9]+)?$/,
-	password: /^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[$@$!%*?&])[A-Za-z\d$@$!%*?&]/,
-	ascii: /^[\x00-\x7F]+$/
+	ascii: /^[\x00-\x7F]+$/,
+	custom: regex => new RegExp(`^[${regex}]+$`)
 };
 
 const isLength = (string, min, max) => {
@@ -80,22 +80,24 @@ module.exports = class extends coreClass {
 						this._lockdown();
 					});
 		
-					// this.schemas.user.path('username').validate((username) => {
-					// 	return (isLength(username, 2, 32) && regex.azAZ09_.test(username));
-					// }, 'Invalid username.');
+					// User
+					this.schemas.user.path('username').validate((username) => {
+						return (isLength(username, 2, 32) && regex.custom("a-zA-Z0-9_-").test(username));
+					}, 'Invalid username.');
 		
 					this.schemas.user.path('email.address').validate((email) => {
 						if (!isLength(email, 3, 254)) return false;
 						if (email.indexOf('@') !== email.lastIndexOf('@')) return false;
-						return regex.emailSimple.test(email);
+						return regex.emailSimple.test(email) && regex.ascii.test(email);
 					}, 'Invalid email.');
-		
+
+					// Station
 					this.schemas.station.path('name').validate((id) => {
 						return (isLength(id, 2, 16) && regex.az09_.test(id));
 					}, 'Invalid station name.');
 		
 					this.schemas.station.path('displayName').validate((displayName) => {
-						return (isLength(displayName, 2, 32) && regex.azAZ09_.test(displayName));
+						return (isLength(displayName, 2, 32) && regex.ascii.test(displayName));
 					}, 'Invalid display name.');
 		
 					this.schemas.station.path('description').validate((description) => {
@@ -106,7 +108,6 @@ module.exports = class extends coreClass {
 						}).length === 0;
 					}, 'Invalid display name.');
 		
-		
 					this.schemas.station.path('owner').validate({
 						isAsync: true,
 						validator: (owner, callback) => {
@@ -153,7 +154,9 @@ module.exports = class extends coreClass {
 						return callback(false);
 					}, 'The max amount of songs per user is 3, and only 2 in a row is allowed.');
 					*/
-		
+
+
+					// Song
 					let songTitle = (title) => {
 						return isLength(title, 1, 100);
 					};
@@ -169,29 +172,33 @@ module.exports = class extends coreClass {
 		
 					let songArtists = (artists) => {
 						return artists.filter((artist) => {
-								return (isLength(artist, 1, 32) && regex.ascii.test(artist) && artist !== "NONE");
+								return (isLength(artist, 1, 64) && artist !== "NONE");
 							}).length === artists.length;
 					};
 					this.schemas.song.path('artists').validate(songArtists, 'Invalid artists.');
 					this.schemas.queueSong.path('artists').validate(songArtists, 'Invalid artists.');
 		
-					/*let songGenres = (genres) => {
+					let songGenres = (genres) => {
+						if (genres.length < 1 || genres.length > 16) return false;
 						return genres.filter((genre) => {
-								return (isLength(genre, 1, 16) && regex.azAZ09_.test(genre));
+								return (isLength(genre, 1, 32) && regex.ascii.test(genre));
 							}).length === genres.length;
 					};
 					this.schemas.song.path('genres').validate(songGenres, 'Invalid genres.');
-					this.schemas.queueSong.path('genres').validate(songGenres, 'Invalid genres.');*/
-		
-					this.schemas.song.path('thumbnail').validate((thumbnail) => {
-						return isLength(thumbnail, 8, 256);
-					}, 'Invalid thumbnail.');
-					this.schemas.queueSong.path('thumbnail').validate((thumbnail) => {
-						return isLength(thumbnail, 0, 256);
-					}, 'Invalid thumbnail.');
+					this.schemas.queueSong.path('genres').validate(songGenres, 'Invalid genres.');
 		
+					let songThumbnail = (thumbnail) => {
+						if (!isLength(thumbnail, 1, 256)) return false;
+						let startWith = "https://";
+						if (config.get("cookie.secure") === false) startWith = "http://";
+						return thumbnail.startsWith(startWith);
+					};
+					this.schemas.song.path('thumbnail').validate(songThumbnail, 'Invalid thumbnail.');
+					this.schemas.queueSong.path('thumbnail').validate(songThumbnail, 'Invalid thumbnail.');
+
+					// Playlist
 					this.schemas.playlist.path('displayName').validate((displayName) => {
-						return (isLength(displayName, 1, 16) && regex.ascii.test(displayName));
+						return (isLength(displayName, 1, 32) && regex.ascii.test(displayName));
 					}, 'Invalid display name.');
 		
 					this.schemas.playlist.path('createdBy').validate((createdBy) => {
@@ -201,14 +208,15 @@ module.exports = class extends coreClass {
 					}, 'Max 10 playlists per user.');
 		
 					this.schemas.playlist.path('songs').validate((songs) => {
-						return songs.length <= 2000;
-					}, 'Max 2000 songs per playlist.');
+						return songs.length <= 5000;
+					}, 'Max 5000 songs per playlist.');
 		
 					this.schemas.playlist.path('songs').validate((songs) => {
 						if (songs.length === 0) return true;
 						return songs[0].duration <= 10800;
 					}, 'Max 3 hours per song.');
 		
+					// Report
 					this.schemas.report.path('description').validate((description) => {
 						return (!description || (isLength(description, 0, 400) && regex.ascii.test(description)));
 					}, 'Invalid description.');
@@ -223,7 +231,6 @@ module.exports = class extends coreClass {
 	}
 
 	passwordValid(password) {
-		if (!isLength(password, 6, 200)) return false;
-		return regex.password.test(password);
+		return isLength(password, 6, 200);
 	}
 }

+ 2 - 2
frontend/components/Admin/EditStation.vue

@@ -230,9 +230,9 @@ export default {
 					"Display name must have between 2 and 32 characters.",
 					8000
 				);
-			if (!validation.regex.azAZ09_.test(displayName))
+			if (!validation.regex.ASCII.test(displayName))
 				return Toast.methods.addToast(
-					"Invalid display name format. Allowed characters: a-z, A-Z, 0-9 and _.",
+					"Invalid display name format. Only ASCII characters are allowed.",
 					8000
 				);
 

+ 3 - 3
frontend/components/Modals/CreateCommunityStation.vue

@@ -89,9 +89,9 @@ export default {
 					"Display name must have between 2 and 32 characters.",
 					8000
 				);
-			if (!validation.regex.azAZ09_.test(displayName))
+			if (!validation.regex.ascii.test(displayName))
 				return Toast.methods.addToast(
-					"Invalid display name format. Allowed characters: a-z, A-Z, 0-9 and _.",
+					"Invalid display name format. Only ASCII characters are allowed.",
 					8000
 				);
 
@@ -109,7 +109,7 @@ export default {
 
 			if (characters.length !== 0)
 				return Toast.methods.addToast(
-					"Invalid description format. Swastika's are not allowed.",
+					"Invalid description format.",
 					8000
 				);
 

+ 10 - 18
frontend/components/Modals/EditSong.vue

@@ -660,11 +660,6 @@ export default {
 					"Title must have between 1 and 100 characters.",
 					8000
 				);
-			/* if (!validation.regex.ascii.test(song.title))
-				return Toast.methods.addToast(
-					"Invalid title format. Only ascii characters are allowed.",
-					8000
-				); */
 
 			// Artists
 			if (song.artists.length < 1 || song.artists.length > 10)
@@ -674,13 +669,8 @@ export default {
 				);
 			let error;
 			song.artists.forEach(artist => {
-				if (!validation.isLength(artist, 1, 32)) {
-					error = "Artist must have between 1 and 32 characters.";
-					return error;
-				}
-				if (!validation.regex.ascii.test(artist)) {
-					error =
-						"Invalid artist format. Only ascii characters are allowed.";
+				if (!validation.isLength(artist, 1, 64)) {
+					error = "Artist must have between 1 and 64 characters.";
 					return error;
 				}
 				if (artist === "NONE") {
@@ -694,13 +684,13 @@ export default {
 			if (error) return Toast.methods.addToast(error, 8000);
 
 			// Genres
-			/* error = undefined;
+			error = undefined;
 			song.genres.forEach(genre => {
-				if (!validation.isLength(genre, 1, 16)) {
-					error = "Genre must have between 1 and 16 characters.";
+				if (!validation.isLength(genre, 1, 32)) {
+					error = "Genre must have between 1 and 32 characters.";
 					return error;
 				}
-				if (!validation.regex.azAZ09_.test(genre)) {
+				if (!validation.regex.ascii.test(genre)) {
 					error =
 						"Invalid genre format. Only ascii characters are allowed.";
 					return error;
@@ -708,10 +698,12 @@ export default {
 
 				return false;
 			});
-			if (error) return Toast.methods.addToast(error, 8000); */
+			if (song.genres.length < 1 || song.genres.length > 16)
+				error = "You must have between 1 and 16 genres.";
+			if (error) return Toast.methods.addToast(error, 8000);
 
 			// Thumbnail
-			if (!validation.isLength(song.thumbnail, 8, 256))
+			if (!validation.isLength(song.thumbnail, 1, 256))
 				return Toast.methods.addToast(
 					"Thumbnail must have between 8 and 256 characters.",
 					8000

+ 3 - 3
frontend/components/Modals/EditStation.vue

@@ -167,9 +167,9 @@ export default {
 					"Display name must have between 2 and 32 characters.",
 					8000
 				);
-			if (!validation.regex.azAZ09_.test(displayName))
+			if (!validation.regex.ascii.test(displayName))
 				return Toast.methods.addToast(
-					"Invalid display name format. Allowed characters: a-z, A-Z, 0-9 and _.",
+					"Invalid display name format. Only ASCII characters are allowed.",
 					8000
 				);
 
@@ -210,7 +210,7 @@ export default {
 
 			if (characters.length !== 0)
 				return Toast.methods.addToast(
-					"Invalid description format. Swastika's are not allowed.",
+					"Invalid description format.",
 					8000
 				);
 

+ 5 - 4
frontend/components/Modals/EditUser.vue

@@ -122,9 +122,9 @@ export default {
 					"Username must have between 2 and 32 characters.",
 					8000
 				);
-			if (!validation.regex.azAZ09_.test(username))
+			if (!validation.regex.custom("a-zA-Z0-9_-").test(username))
 				return Toast.methods.addToast(
-					"Invalid username format. Allowed characters: a-z, A-Z, 0-9 and _.",
+					"Invalid username format. Allowed characters: a-z, A-Z, 0-9, _ and -.",
 					8000
 				);
 
@@ -138,7 +138,7 @@ export default {
 			);
 		},
 		updateEmail() {
-			const { email } = this.editing;
+			const email = this.editing.email.address;
 			if (!validation.isLength(email, 3, 254))
 				return Toast.methods.addToast(
 					"Email must have between 3 and 254 characters.",
@@ -146,7 +146,8 @@ export default {
 				);
 			if (
 				email.indexOf("@") !== email.lastIndexOf("@") ||
-				!validation.regex.emailSimple.test(email)
+				!validation.regex.emailSimple.test(email) ||
+				!validation.regex.ascii.test(email)
 			)
 				return Toast.methods.addToast("Invalid email format.", 8000);
 

+ 2 - 2
frontend/components/Modals/Playlists/Create.vue

@@ -51,9 +51,9 @@ export default {
 					"Display name must have between 2 and 32 characters.",
 					8000
 				);
-			if (!validation.regex.azAZ09_.test(displayName))
+			if (!validation.regex.ascii.test(displayName))
 				return Toast.methods.addToast(
-					"Invalid display name format. Allowed characters: a-z, A-Z, 0-9 and _.",
+					"Invalid display name format. Only ASCII characters are allowed.",
 					8000
 				);
 

+ 2 - 2
frontend/components/Modals/Playlists/Edit.vue

@@ -322,9 +322,9 @@ export default {
 					"Display name must have between 2 and 32 characters.",
 					8000
 				);
-			if (!validation.regex.azAZ09_.test(displayName))
+			if (!validation.regex.ascii.test(displayName))
 				return Toast.methods.addToast(
-					"Invalid display name format. Allowed characters: a-z, A-Z, 0-9 and _.",
+					"Invalid display name format. Only ASCII characters are allowed.",
 					8000
 				);
 

+ 4 - 2
frontend/validation.js

@@ -3,8 +3,10 @@ module.exports = {
 		azAZ09_: /^[A-Za-z0-9_]+$/,
 		az09_: /^[a-z0-9_]+$/,
 		emailSimple: /^[\x00-\x7F]+@[a-z0-9]+\.[a-z0-9]+(\.[a-z0-9]+)?$/,
-		password: /^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[$@$!%*?&])[A-Za-z\d$@$!%*?&]/,
-		ascii: /^[\x00-\x7F]+$/
+		ascii: /^[\x00-\x7F]+$/,
+		custom: regex => {
+			return new RegExp(`^[${regex}]+$`);
+		}
 	},
 	isLength: (string, min, max) => {
 		return !(