FEATURE: new setting to validate user website

This commit is contained in:
Arpit Jalan 2016-12-26 20:54:54 +05:30
parent d46b0a7251
commit d72cbcb2a4
4 changed files with 29 additions and 9 deletions

View File

@ -12,6 +12,8 @@ class UserProfile < ActiveRecord::Base
validates :profile_background, upload_url: true, if: :profile_background_changed?
validates :card_background, upload_url: true, if: :card_background_changed?
validate :website_domain_validator, if: Proc.new { |c| c.new_record? || c.website_changed? }
belongs_to :card_image_badge, class_name: 'Badge'
has_many :user_profile_views, dependent: :destroy
@ -102,6 +104,14 @@ class UserProfile < ActiveRecord::Base
end
end
def website_domain_validator
allowed_domains = SiteSetting.user_website_domains_whitelist
return if (allowed_domains.blank? || self.website.blank?)
domain = URI.parse(self.website).host
self.errors.add :base, (I18n.t('user.website.domain_not_allowed', domains: allowed_domains.split('|').join(", "))) unless allowed_domains.split('|').include?(domain)
end
end
# == Schema Information

View File

@ -1322,6 +1322,8 @@ en:
hide_user_profiles_from_public: "Disable user cards, user profiles and user directory for anonymous users."
user_website_domains_whitelist: "User website will be verified against these domains. Pipe-delimited list."
allow_profile_backgrounds: "Allow users to upload profile backgrounds."
sequential_replies_threshold: "Number of posts a user has to make in a row in a topic before being reminded about too many sequential replies."
@ -1606,6 +1608,8 @@ en:
ip_address:
blocked: "New registrations are not allowed from your IP address."
max_new_accounts_per_registration_ip: "New registrations are not allowed from your IP address (maximum limit reached). Contact a staff member."
website:
domain_not_allowed: "Website is invalid. Allowed domains are: %{domains}"
flags_reminder:
flags_were_submitted:

View File

@ -410,6 +410,9 @@ users:
hide_user_profiles_from_public:
default: false
client: true
user_website_domains_whitelist:
default: ''
type: list
groups:
enable_group_directory:

View File

@ -54,16 +54,19 @@ describe UserProfile do
expect(user_profile).not_to be_valid
end
it "doesn't support invalid website" do
user_profile = Fabricate.build(:user_profile, website: "http://https://google.com")
user_profile.user = Fabricate.build(:user)
expect(user_profile).not_to be_valid
context "website validation" do
let(:user) { Fabricate(:user) }
it "ensures website is valid" do
expect(Fabricate.build(:user_profile, user: user, website: "http://https://google.com")).not_to be_valid
expect(Fabricate.build(:user_profile, user: user, website: "https://google.com")).to be_valid
end
it "supports valid website" do
user_profile = Fabricate.build(:user_profile, website: "https://google.com")
user_profile.user = Fabricate.build(:user)
expect(user_profile.valid?).to be true
it "validates website domain if user_website_domains_whitelist setting is present" do
SiteSetting.user_website_domains_whitelist = "discourse.org"
expect(Fabricate.build(:user_profile, user: user, website: "https://google.com")).not_to be_valid
expect(Fabricate.build(:user_profile, user: user, website: "http://discourse.org")).to be_valid
end
end
describe 'after save' do