| 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
 | // GoToSocial
// Copyright (C) GoToSocial Authors admin@gotosocial.org
// SPDX-License-Identifier: AGPL-3.0-or-later
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program.  If not, see <http://www.gnu.org/licenses/>.
package validate
import (
	"errors"
	"fmt"
	"net/mail"
	apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
	"github.com/superseriousbusiness/gotosocial/internal/config"
	"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
	"github.com/superseriousbusiness/gotosocial/internal/regexes"
	pwv "github.com/wagslane/go-password-validator"
	"golang.org/x/text/language"
)
const (
	maximumPasswordLength         = 72 // 72 bytes is the maximum length afforded by bcrypt. See https://pkg.go.dev/golang.org/x/crypto/bcrypt#GenerateFromPassword.
	minimumPasswordEntropy        = 60 // Heuristic for password strength. See https://github.com/wagslane/go-password-validator.
	minimumReasonLength           = 40
	maximumReasonLength           = 500
	maximumSiteTitleLength        = 40
	maximumShortDescriptionLength = 500
	maximumDescriptionLength      = 5000
	maximumSiteTermsLength        = 5000
	maximumUsernameLength         = 64
	maximumEmojiCategoryLength    = 64
	maximumProfileFieldLength     = 255
	maximumProfileFields          = 6
	maximumListTitleLength        = 200
	maximumFilterKeywordLength    = 40
	maximumFilterTitleLength      = 200
)
// Password returns a helpful error if the given password
// is too short, too long, or not sufficiently strong.
func Password(password string) error {
	// Ensure length is OK first.
	if pwLen := len(password); pwLen == 0 {
		return errors.New("no password provided / provided password was 0 bytes")
	} else if pwLen > maximumPasswordLength {
		return fmt.Errorf(
			"password should be no more than %d bytes, provided password was %d bytes",
			maximumPasswordLength, pwLen,
		)
	}
	if err := pwv.Validate(password, minimumPasswordEntropy); err != nil {
		// Calculate the percentage of our desired entropy this password fulfils.
		entropyPercent := int(100 * pwv.GetEntropy(password) / minimumPasswordEntropy)
		// Replace the first 17 bytes (`insecure password`)
		// of the error string with our own entropy message.
		entropyMsg := fmt.Sprintf("password is only %d%% strength", entropyPercent)
		errMsg := entropyMsg + err.Error()[17:]
		return errors.New(errMsg)
	}
	return nil // password OK
}
// Username makes sure that a given username is valid (ie., letters, numbers, underscores, check length).
// Returns an error if not.
func Username(username string) error {
	if username == "" {
		return errors.New("no username provided")
	}
	if !regexes.Username.MatchString(username) {
		return fmt.Errorf("given username %s was invalid: must contain only lowercase letters, numbers, and underscores, max %d characters", username, maximumUsernameLength)
	}
	return nil
}
// Email makes sure that a given email address is a valid address.
// Returns an error if not.
func Email(email string) error {
	if email == "" {
		return errors.New("no email provided")
	}
	_, err := mail.ParseAddress(email)
	return err
}
// Language checks that the given language string is a valid, if not necessarily canonical, BCP 47 language tag.
// Returns a canonicalized version of the tag if the language can be parsed.
// Returns an error if the language cannot be parsed.
// See: https://pkg.go.dev/golang.org/x/text/language
func Language(lang string) (string, error) {
	if lang == "" {
		return "", errors.New("no language provided")
	}
	parsed, err := language.Parse(lang)
	if err != nil {
		return "", err
	}
	return parsed.String(), err
}
// SignUpReason checks that a sufficient reason is given for a server signup request
func SignUpReason(reason string, reasonRequired bool) error {
	if !reasonRequired {
		// we don't care!
		// we're not going to do anything with this text anyway if no reason is required
		return nil
	}
	if reason == "" {
		return errors.New("no reason provided")
	}
	length := len([]rune(reason))
	if length < minimumReasonLength {
		return fmt.Errorf("reason should be at least %d chars but '%s' was %d", minimumReasonLength, reason, length)
	}
	if length > maximumReasonLength {
		return fmt.Errorf("reason should be no more than %d chars but given reason was %d", maximumReasonLength, length)
	}
	return nil
}
// DisplayName checks that a requested display name is valid
func DisplayName(displayName string) error {
	// TODO: add some validation logic here -- length, characters, etc
	return nil
}
// Note checks that a given profile/account note/bio is valid
func Note(note string) error {
	// TODO: add some validation logic here -- length, characters, etc
	return nil
}
// Privacy checks that the desired privacy setting is valid
func Privacy(privacy string) error {
	if privacy == "" {
		return fmt.Errorf("empty string for privacy not allowed")
	}
	switch apimodel.Visibility(privacy) {
	case apimodel.VisibilityDirect, apimodel.VisibilityMutualsOnly, apimodel.VisibilityPrivate, apimodel.VisibilityPublic, apimodel.VisibilityUnlisted:
		return nil
	}
	return fmt.Errorf("privacy '%s' was not recognized, valid options are 'direct', 'mutuals_only', 'private', 'public', 'unlisted'", privacy)
}
// StatusContentType checks that the desired status format setting is valid.
func StatusContentType(statusContentType string) error {
	if statusContentType == "" {
		return fmt.Errorf("empty string for status format not allowed")
	}
	switch apimodel.StatusContentType(statusContentType) {
	case apimodel.StatusContentTypePlain, apimodel.StatusContentTypeMarkdown:
		return nil
	}
	return fmt.Errorf("status content type '%s' was not recognized, valid options are 'text/plain', 'text/markdown'", statusContentType)
}
func CustomCSS(customCSS string) error {
	if !config.GetAccountsAllowCustomCSS() {
		return errors.New("accounts-allow-custom-css is not enabled for this instance")
	}
	maximumCustomCSSLength := config.GetAccountsCustomCSSLength()
	if length := len([]rune(customCSS)); length > maximumCustomCSSLength {
		return fmt.Errorf("custom_css must be less than %d characters, but submitted custom_css was %d characters", maximumCustomCSSLength, length)
	}
	return nil
}
// EmojiShortcode just runs the given shortcode through the regular expression
// for emoji shortcodes, to figure out whether it's a valid shortcode, ie., 2-30 characters,
// a-zA-Z, numbers, and underscores.
func EmojiShortcode(shortcode string) error {
	if !regexes.EmojiValidator.MatchString(shortcode) {
		return fmt.Errorf("shortcode %s did not pass validation, must be between 2 and 30 characters, letters, numbers, and underscores only", shortcode)
	}
	return nil
}
// EmojiCategory validates the length of the given category string.
func EmojiCategory(category string) error {
	if length := len(category); length > maximumEmojiCategoryLength {
		return fmt.Errorf("emoji category %s did not pass validation, must be less than %d characters, but provided value was %d characters", category, maximumEmojiCategoryLength, length)
	}
	return nil
}
// SiteTitle ensures that the given site title is within spec.
func SiteTitle(siteTitle string) error {
	if length := len([]rune(siteTitle)); length > maximumSiteTitleLength {
		return fmt.Errorf("site title should be no more than %d chars but given title was %d", maximumSiteTitleLength, length)
	}
	return nil
}
// SiteShortDescription ensures that the given site short description is within spec.
func SiteShortDescription(d string) error {
	if length := len([]rune(d)); length > maximumShortDescriptionLength {
		return fmt.Errorf("short description should be no more than %d chars but given description was %d", maximumShortDescriptionLength, length)
	}
	return nil
}
// SiteDescription ensures that the given site description is within spec.
func SiteDescription(d string) error {
	if length := len([]rune(d)); length > maximumDescriptionLength {
		return fmt.Errorf("description should be no more than %d chars but given description was %d", maximumDescriptionLength, length)
	}
	return nil
}
// SiteTerms ensures that the given site terms string is within spec.
func SiteTerms(t string) error {
	if length := len([]rune(t)); length > maximumSiteTermsLength {
		return fmt.Errorf("terms should be no more than %d chars but given terms was %d", maximumSiteTermsLength, length)
	}
	return nil
}
// ULID returns an error if the passed string is not a valid ULID.
// The name param is used to form error messages.
func ULID(i string, name string) error {
	if i == "" {
		return fmt.Errorf("%s must be provided", name)
	}
	if !regexes.ULID.MatchString(i) {
		return fmt.Errorf("%s didn't match the expected ULID format for an ID (26 characters from the set 0123456789ABCDEFGHJKMNPQRSTVWXYZ)", name)
	}
	return nil
}
// ProfileFields validates the length of provided fields slice,
// and also iterates through the fields and trims each name + value
// to maximumProfileFieldLength, if they were above.
func ProfileFields(fields []*gtsmodel.Field) error {
	if len(fields) > maximumProfileFields {
		return fmt.Errorf("cannot have more than %d profile fields", maximumProfileFields)
	}
	// Trim each field name + value to maximum allowed length.
	for _, field := range fields {
		n := []rune(field.Name)
		if len(n) > maximumProfileFieldLength {
			field.Name = string(n[:maximumProfileFieldLength])
		}
		v := []rune(field.Value)
		if len(v) > maximumProfileFieldLength {
			field.Value = string(v[:maximumProfileFieldLength])
		}
	}
	return nil
}
// ListTitle validates the title of a new or updated List.
func ListTitle(title string) error {
	if title == "" {
		return fmt.Errorf("list title must be provided, and must be no more than %d chars", maximumListTitleLength)
	}
	if length := len([]rune(title)); length > maximumListTitleLength {
		return fmt.Errorf("list title length must be no more than %d chars, provided title was %d chars", maximumListTitleLength, length)
	}
	return nil
}
// ListRepliesPolicy validates the replies_policy of a new or updated list.
func ListRepliesPolicy(repliesPolicy gtsmodel.RepliesPolicy) error {
	switch repliesPolicy {
	case "", gtsmodel.RepliesPolicyFollowed, gtsmodel.RepliesPolicyList, gtsmodel.RepliesPolicyNone:
		// No problem.
		return nil
	default:
		// Uh oh.
		return fmt.Errorf("list replies_policy must be either empty or one of 'followed', 'list', 'none'")
	}
}
// MarkerName checks that the desired marker timeline name is valid.
func MarkerName(name string) error {
	if name == "" {
		return fmt.Errorf("empty string for marker timeline name not allowed")
	}
	switch apimodel.MarkerName(name) {
	case apimodel.MarkerNameHome, apimodel.MarkerNameNotifications:
		return nil
	}
	return fmt.Errorf("marker timeline name '%s' was not recognized, valid options are '%s', '%s'", name, apimodel.MarkerNameHome, apimodel.MarkerNameNotifications)
}
// FilterKeyword validates a filter keyword.
func FilterKeyword(keyword string) error {
	if keyword == "" {
		return fmt.Errorf("filter keyword must be provided, and must be no more than %d chars", maximumFilterKeywordLength)
	}
	if length := len([]rune(keyword)); length > maximumFilterKeywordLength {
		return fmt.Errorf("filter keyword length must be no more than %d chars, provided keyword was %d chars", maximumFilterKeywordLength, length)
	}
	return nil
}
// FilterTitle validates the title of a new or updated filter.
func FilterTitle(title string) error {
	if title == "" {
		return fmt.Errorf("filter title must be provided, and must be no more than %d chars", maximumFilterTitleLength)
	}
	if length := len([]rune(title)); length > maximumFilterTitleLength {
		return fmt.Errorf("filter title length must be no more than %d chars, provided title was %d chars", maximumFilterTitleLength, length)
	}
	return nil
}
// FilterContexts validates the context of a new or updated filter.
func FilterContexts(contexts []apimodel.FilterContext) error {
	if len(contexts) == 0 {
		return fmt.Errorf("at least one filter context is required")
	}
	for _, context := range contexts {
		switch context {
		case apimodel.FilterContextHome,
			apimodel.FilterContextNotifications,
			apimodel.FilterContextPublic,
			apimodel.FilterContextThread,
			apimodel.FilterContextAccount:
			continue
		default:
			return fmt.Errorf(
				"filter context '%s' was not recognized, valid options are '%s', '%s', '%s', '%s', '%s'",
				context,
				apimodel.FilterContextHome,
				apimodel.FilterContextNotifications,
				apimodel.FilterContextPublic,
				apimodel.FilterContextThread,
				apimodel.FilterContextAccount,
			)
		}
	}
	return nil
}
func FilterAction(action apimodel.FilterAction) error {
	switch action {
	case apimodel.FilterActionWarn,
		apimodel.FilterActionHide:
		return nil
	}
	return fmt.Errorf(
		"filter action '%s' was not recognized, valid options are '%s', '%s'",
		action,
		apimodel.FilterActionWarn,
		apimodel.FilterActionHide,
	)
}
// CreateAccount checks through all the prerequisites for
// creating a new account, according to the provided form.
// If the account isn't eligible, an error will be returned.
//
// Side effect: normalizes the provided language tag for the user's locale.
func CreateAccount(form *apimodel.AccountCreateRequest) error {
	if form == nil {
		return errors.New("form was nil")
	}
	if !config.GetAccountsRegistrationOpen() {
		return errors.New("registration is not open for this server")
	}
	if err := Username(form.Username); err != nil {
		return err
	}
	if err := Email(form.Email); err != nil {
		return err
	}
	if err := Password(form.Password); err != nil {
		return err
	}
	if !form.Agreement {
		return errors.New("agreement to terms and conditions not given")
	}
	locale, err := Language(form.Locale)
	if err != nil {
		return err
	}
	form.Locale = locale
	return SignUpReason(form.Reason, config.GetAccountsReasonRequired())
}
 |