Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

FIX: Do not allow blank chat messages (#21968) 

This fixes an issue where a user could send an empty
string as a chat message .e.g '   ' and the message would
be posted. We don't want this, we need to strip the message
first before validating for length etc.
This commit is contained in:
Martin Brennan 2023-06-08 16:06:09 +10:00 committed by GitHub
parent 853bce2abc
commit 482ef0782d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 38 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
plugins/chat/app/models/chat/message.rb
View File

@ -76,6 +76,9 @@ module Chat
def self.polymorphic_class_mapping = { "ChatMessage" => Chat::Message }
def validate_message(has_uploads:)
self.message =
TextCleaner.clean(self.message, strip_whitespaces: true, strip_zero_width_spaces: true)
WatchedWordsValidator.new(attributes: [:message]).validate(self)
if self.new_record? || self.changed.include?("message")

12
plugins/chat/spec/components/chat/message_creator_spec.rb
View File

@ -65,6 +65,18 @@ describe Chat::MessageCreator do
)
end
it "errors when a blank message is sent" do
creator =
described_class.create(chat_channel: public_chat_channel, user: user1, content: " ")
expect(creator.failed?).to eq(true)
expect(creator.error.message).to match(
I18n.t(
"chat.errors.minimum_length_not_met",
{ count: SiteSetting.chat_minimum_message_length },
),
)
end
it "errors when length is greater than `chat_maximum_message_length`" do
SiteSetting.chat_maximum_message_length = 100
creator =

21
plugins/chat/spec/components/chat/message_updater_spec.rb
View File

@ -85,6 +85,27 @@ describe Chat::MessageUpdater do
expect(chat_message.reload.message).to eq(og_message)
end
it "errors when a blank message is sent" do
og_message = "This won't be changed!"
chat_message = create_chat_message(user1, og_message, public_chat_channel)
new_message = " "
updater =
Chat::MessageUpdater.update(
guardian: guardian,
chat_message: chat_message,
new_content: new_message,
)
expect(updater.failed?).to eq(true)
expect(updater.error.message).to match(
I18n.t(
"chat.errors.minimum_length_not_met",
{ count: SiteSetting.chat_minimum_message_length },
),
)
expect(chat_message.reload.message).to eq(og_message)
end
it "errors if a user other than the message user is trying to edit the message" do
og_message = "This won't be changed!"
chat_message = create_chat_message(user1, og_message, public_chat_channel)

4
plugins/chat/spec/requests/chat/incoming_webhooks_controller_spec.rb
View File

@ -117,7 +117,7 @@ RSpec.describe Chat::IncomingWebhooksController do
Chat::Message.where(chat_channel: chat_channel).count
}.by(1)
expect(Chat::Message.last.message).to eq(
"New alert: \"[StatusCake] https://www.test_notification.com (StatusCake Test Alert): Down,\" [46353](https://eu.opsg.in/a/i/test/blahguid)\nTags: ",
"New alert: \"[StatusCake] https://www.test_notification.com (StatusCake Test Alert): Down,\" [46353](https://eu.opsg.in/a/i/test/blahguid)\nTags:",
)
expect {
post "/chat/hooks/#{webhook.key}/slack.json", params: { payload: payload_data }
@ -142,7 +142,7 @@ RSpec.describe Chat::IncomingWebhooksController do
post "/chat/hooks/#{webhook.key}/slack.json", params: { payload: payload_data.to_json }
}.to change { Chat::Message.where(chat_channel: chat_channel).count }.by(1)
expect(Chat::Message.last.message).to eq(
"New alert: \"[StatusCake] https://www.test_notification.com (StatusCake Test Alert): Down,\" [46353](https://eu.opsg.in/a/i/test/blahguid)\nTags: ",
"New alert: \"[StatusCake] https://www.test_notification.com (StatusCake Test Alert): Down,\" [46353](https://eu.opsg.in/a/i/test/blahguid)\nTags:",
)
end
end