1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
|
// GoToSocial
// Copyright (C) GoToSocial Authors admin@gotosocial.org
// SPDX-License-Identifier: AGPL-3.0-or-later
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
package validate
import (
"errors"
"fmt"
"net/mail"
"strings"
apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
"github.com/superseriousbusiness/gotosocial/internal/config"
"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
"github.com/superseriousbusiness/gotosocial/internal/regexes"
pwv "github.com/wagslane/go-password-validator"
"golang.org/x/text/language"
)
const (
maximumPasswordLength = 256
minimumPasswordEntropy = 60 // dictates password strength. See https://github.com/wagslane/go-password-validator
minimumReasonLength = 40
maximumReasonLength = 500
maximumSiteTitleLength = 40
maximumShortDescriptionLength = 500
maximumDescriptionLength = 5000
maximumSiteTermsLength = 5000
maximumUsernameLength = 64
maximumEmojiCategoryLength = 64
maximumProfileFieldLength = 255
maximumProfileFields = 6
maximumListTitleLength = 200
)
// NewPassword returns an error if the given password is not sufficiently strong, or nil if it's ok.
func NewPassword(password string) error {
if password == "" {
return errors.New("no password provided")
}
if len([]rune(password)) > maximumPasswordLength {
return fmt.Errorf("password should be no more than %d chars", maximumPasswordLength)
}
if err := pwv.Validate(password, minimumPasswordEntropy); err != nil {
// Modify error message to include percentage requred entropy the password has
percent := int(100 * pwv.GetEntropy(password) / minimumPasswordEntropy)
return errors.New(strings.ReplaceAll(
err.Error(),
"insecure password",
fmt.Sprintf("password is only %d%% strength", percent)))
}
return nil // pasword OK
}
// Username makes sure that a given username is valid (ie., letters, numbers, underscores, check length).
// Returns an error if not.
func Username(username string) error {
if username == "" {
return errors.New("no username provided")
}
if !regexes.Username.MatchString(username) {
return fmt.Errorf("given username %s was invalid: must contain only lowercase letters, numbers, and underscores, max %d characters", username, maximumUsernameLength)
}
return nil
}
// Email makes sure that a given email address is a valid address.
// Returns an error if not.
func Email(email string) error {
if email == "" {
return errors.New("no email provided")
}
_, err := mail.ParseAddress(email)
return err
}
// Language checks that the given language string is a 2- or 3-letter ISO 639 code.
// Returns an error if the language cannot be parsed. See: https://pkg.go.dev/golang.org/x/text/language
func Language(lang string) error {
if lang == "" {
return errors.New("no language provided")
}
_, err := language.ParseBase(lang)
return err
}
// SignUpReason checks that a sufficient reason is given for a server signup request
func SignUpReason(reason string, reasonRequired bool) error {
if !reasonRequired {
// we don't care!
// we're not going to do anything with this text anyway if no reason is required
return nil
}
if reason == "" {
return errors.New("no reason provided")
}
length := len([]rune(reason))
if length < minimumReasonLength {
return fmt.Errorf("reason should be at least %d chars but '%s' was %d", minimumReasonLength, reason, length)
}
if length > maximumReasonLength {
return fmt.Errorf("reason should be no more than %d chars but given reason was %d", maximumReasonLength, length)
}
return nil
}
// DisplayName checks that a requested display name is valid
func DisplayName(displayName string) error {
// TODO: add some validation logic here -- length, characters, etc
return nil
}
// Note checks that a given profile/account note/bio is valid
func Note(note string) error {
// TODO: add some validation logic here -- length, characters, etc
return nil
}
// Privacy checks that the desired privacy setting is valid
func Privacy(privacy string) error {
if privacy == "" {
return fmt.Errorf("empty string for privacy not allowed")
}
switch apimodel.Visibility(privacy) {
case apimodel.VisibilityDirect, apimodel.VisibilityMutualsOnly, apimodel.VisibilityPrivate, apimodel.VisibilityPublic, apimodel.VisibilityUnlisted:
return nil
}
return fmt.Errorf("privacy '%s' was not recognized, valid options are 'direct', 'mutuals_only', 'private', 'public', 'unlisted'", privacy)
}
// StatusContentType checks that the desired status format setting is valid.
func StatusContentType(statusContentType string) error {
if statusContentType == "" {
return fmt.Errorf("empty string for status format not allowed")
}
switch apimodel.StatusContentType(statusContentType) {
case apimodel.StatusContentTypePlain, apimodel.StatusContentTypeMarkdown:
return nil
}
return fmt.Errorf("status content type '%s' was not recognized, valid options are 'text/plain', 'text/markdown'", statusContentType)
}
func CustomCSS(customCSS string) error {
if !config.GetAccountsAllowCustomCSS() {
return errors.New("accounts-allow-custom-css is not enabled for this instance")
}
maximumCustomCSSLength := config.GetAccountsCustomCSSLength()
if length := len([]rune(customCSS)); length > maximumCustomCSSLength {
return fmt.Errorf("custom_css must be less than %d characters, but submitted custom_css was %d characters", maximumCustomCSSLength, length)
}
return nil
}
// EmojiShortcode just runs the given shortcode through the regular expression
// for emoji shortcodes, to figure out whether it's a valid shortcode, ie., 2-30 characters,
// a-zA-Z, numbers, and underscores.
func EmojiShortcode(shortcode string) error {
if !regexes.EmojiShortcode.MatchString(shortcode) {
return fmt.Errorf("shortcode %s did not pass validation, must be between 2 and 30 characters, letters, numbers, and underscores only", shortcode)
}
return nil
}
// EmojiCategory validates the length of the given category string.
func EmojiCategory(category string) error {
if length := len(category); length > maximumEmojiCategoryLength {
return fmt.Errorf("emoji category %s did not pass validation, must be less than %d characters, but provided value was %d characters", category, maximumEmojiCategoryLength, length)
}
return nil
}
// SiteTitle ensures that the given site title is within spec.
func SiteTitle(siteTitle string) error {
if length := len([]rune(siteTitle)); length > maximumSiteTitleLength {
return fmt.Errorf("site title should be no more than %d chars but given title was %d", maximumSiteTitleLength, length)
}
return nil
}
// SiteShortDescription ensures that the given site short description is within spec.
func SiteShortDescription(d string) error {
if length := len([]rune(d)); length > maximumShortDescriptionLength {
return fmt.Errorf("short description should be no more than %d chars but given description was %d", maximumShortDescriptionLength, length)
}
return nil
}
// SiteDescription ensures that the given site description is within spec.
func SiteDescription(d string) error {
if length := len([]rune(d)); length > maximumDescriptionLength {
return fmt.Errorf("description should be no more than %d chars but given description was %d", maximumDescriptionLength, length)
}
return nil
}
// SiteTerms ensures that the given site terms string is within spec.
func SiteTerms(t string) error {
if length := len([]rune(t)); length > maximumSiteTermsLength {
return fmt.Errorf("terms should be no more than %d chars but given terms was %d", maximumSiteTermsLength, length)
}
return nil
}
// ULID returns true if the passed string is a valid ULID.
func ULID(i string) bool {
return regexes.ULID.MatchString(i)
}
// ProfileFields validates the length of provided fields slice,
// and also iterates through the fields and trims each name + value
// to maximumProfileFieldLength, if they were above.
func ProfileFields(fields []*gtsmodel.Field) error {
if len(fields) > maximumProfileFields {
return fmt.Errorf("cannot have more than %d profile fields", maximumProfileFields)
}
// Trim each field name + value to maximum allowed length.
for _, field := range fields {
n := []rune(field.Name)
if len(n) > maximumProfileFieldLength {
field.Name = string(n[:maximumProfileFieldLength])
}
v := []rune(field.Value)
if len(v) > maximumProfileFieldLength {
field.Value = string(v[:maximumProfileFieldLength])
}
}
return nil
}
// ListTitle validates the title of a new or updated List.
func ListTitle(title string) error {
if title == "" {
return fmt.Errorf("list title must be provided, and must be no more than %d chars", maximumListTitleLength)
}
if length := len([]rune(title)); length > maximumListTitleLength {
return fmt.Errorf("list title length must be no more than %d chars, provided title was %d chars", maximumListTitleLength, length)
}
return nil
}
// ListRepliesPolicy validates the replies_policy of a new or updated list.
func ListRepliesPolicy(repliesPolicy gtsmodel.RepliesPolicy) error {
switch repliesPolicy {
case "", gtsmodel.RepliesPolicyFollowed, gtsmodel.RepliesPolicyList, gtsmodel.RepliesPolicyNone:
// No problem.
return nil
default:
// Uh oh.
return fmt.Errorf("list replies_policy must be either empty or one of 'followed', 'list', 'none'")
}
}
|
