# frozen_string_literal: true
class PostValidator < ActiveModel::Validator
def validate(record)
presence(record)
return if record.acting_user.try(:staged?)
if record.acting_user.try(:admin?) && Discourse.static_doc_topic_ids.include?(record.topic_id)
return
end
post_body_validator(record)
max_posts_validator(record)
max_mention_validator(record)
max_embedded_media_validator(record)
max_attachments_validator(record)
can_post_links_validator(record)
unique_post_validator(record)
force_edit_last_validator(record)
end
def presence(post)
unless options[:skip_topic]
post.errors.add(:topic_id, :blank, **options) if post.topic_id.blank?
end
post.errors.add(:user_id, :blank, **options) if post.new_record? && post.user_id.nil?
end
def post_body_validator(post)
return if options[:skip_post_body] || post.topic&.pm_with_non_human_user?
stripped_length(post)
raw_quality(post)
WatchedWordsValidator.new(attributes: [:raw]).validate(post) if !post.acting_user&.staged
end
def stripped_length(post)
range =
if private_message?(post)
# private message
SiteSetting.private_message_post_length
elsif post.is_first_post? || (post.topic.present? && post.topic.posts_count == 0)
# creating/editing first post
if post.topic&.featured_link&.present?
(0..SiteSetting.max_post_length)
else
SiteSetting.first_post_length
end
else
# regular post
SiteSetting.post_length
end
StrippedLengthValidator.validate(post, :raw, post.raw, range)
end
def raw_quality(post)
sentinel = TextSentinel.body_sentinel(post.raw, private_message: private_message?(post))
post.errors.add(:raw, I18n.t(:is_invalid)) unless sentinel.valid?
end
# Ensure maximum amount of mentions in a post
def max_mention_validator(post)
return if post.acting_user.try(:staff?)
if acting_user_is_trusted?(post) || private_message?(post)
add_error_if_count_exceeded(
post,
:no_mentions_allowed,
:too_many_mentions,
post.raw_mentions.size,
SiteSetting.max_mentions_per_post,
)
else
add_error_if_count_exceeded(
post,
:no_mentions_allowed_newuser,
:too_many_mentions_newuser,
post.raw_mentions.size,
SiteSetting.newuser_max_mentions_per_post,
)
end
end
def max_posts_validator(post)
if post.new_record? && post.acting_user.present? &&
post.acting_user.posted_too_much_in_topic?(post.topic_id)
post.errors.add(
:base,
I18n.t(:too_many_replies, count: SiteSetting.newuser_max_replies_per_topic),
)
end
end
# Ensure new users can not put too many media embeds (images, video, audio) in a post
def max_embedded_media_validator(post)
return if post.acting_user.blank? || post.acting_user&.staff?
if post.acting_user.trust_level < TrustLevel[SiteSetting.min_trust_to_post_embedded_media]
add_error_if_count_exceeded(
post,
:no_embedded_media_allowed_trust,
:no_embedded_media_allowed_trust,
post.embedded_media_count,
0,
)
elsif post.acting_user.trust_level == TrustLevel[0]
add_error_if_count_exceeded(
post,
:no_embedded_media_allowed,
:too_many_embedded_media,
post.embedded_media_count,
SiteSetting.newuser_max_embedded_media,
)
end
end
# Ensure new users can not put too many attachments in a post
def max_attachments_validator(post)
return if acting_user_is_trusted?(post) || private_message?(post)
add_error_if_count_exceeded(
post,
:no_attachments_allowed,
:too_many_attachments,
post.attachment_count,
SiteSetting.newuser_max_attachments,
)
end
def can_post_links_validator(post)
if (post.link_count == 0 && !post.has_oneboxes?) || private_message?(post)
return newuser_links_validator(post)
end
guardian = Guardian.new(post.acting_user)
if post.linked_hosts.keys.all? { |h| guardian.can_post_link?(host: h) }
return newuser_links_validator(post)
end
post.errors.add(:base, I18n.t(:links_require_trust))
end
# Ensure new users can not put too many links in a post
def newuser_links_validator(post)
return if acting_user_is_trusted?(post) || private_message?(post)
add_error_if_count_exceeded(
post,
:no_links_allowed,
:too_many_links,
post.link_count,
SiteSetting.newuser_max_links,
)
end
# Stop us from posting the same thing too quickly
def unique_post_validator(post)
return if SiteSetting.unique_posts_mins == 0
return if post.skip_unique_check
return if post.acting_user.try(:staff?)
# If the post is empty, default to the validates_presence_of
return if post.raw.blank?
post.errors.add(:raw, I18n.t(:just_posted_that)) if post.matches_recent_post?
end
def force_edit_last_validator(post)
if SiteSetting.max_consecutive_replies == 0 || post.id || post.acting_user&.staff? ||
private_message?(post)
return
end
topic = post.topic
return if topic&.ordered_posts&.first&.user == post.user
guardian = Guardian.new(post.acting_user)
return if guardian.is_category_group_moderator?(post.topic&.category)
last_posts_count =
DB.query_single(
<<~SQL,
SELECT COUNT(*)
FROM (
SELECT user_id
FROM posts
WHERE deleted_at IS NULL
AND NOT hidden
AND topic_id = :topic_id
ORDER BY post_number DESC
LIMIT :max_replies
) c
WHERE c.user_id = :user_id
SQL
topic_id: post.topic_id,
user_id: post.acting_user.id,
max_replies: SiteSetting.max_consecutive_replies,
).first
return if last_posts_count < SiteSetting.max_consecutive_replies
if guardian.can_edit?(topic.ordered_posts.last)
post.errors.add(
:base,
I18n.t(:max_consecutive_replies, count: SiteSetting.max_consecutive_replies),
)
end
end
private
def acting_user_is_trusted?(post, level = 1)
post.acting_user.present? && post.acting_user.has_trust_level?(TrustLevel[level])
end
def private_message?(post)
post.topic.try(:private_message?)
end
def add_error_if_count_exceeded(
post,
not_allowed_translation_key,
limit_translation_key,
current_count,
max_count
)
if current_count > max_count
if max_count == 0
post.errors.add(:base, I18n.t(not_allowed_translation_key))
else
post.errors.add(:base, I18n.t(limit_translation_key, count: max_count))
end
end
end
end