[UTIL][Nickname] Fix some parameters issues found with strict types

This commit is contained in:
Diogo Peralta Cordeiro 2021-10-18 16:48:16 +01:00
parent 5eefea7a29
commit 44cf1fa24c
No known key found for this signature in database
GPG Key ID: 18D2D35001FBFAB0
3 changed files with 15 additions and 15 deletions

View File

@ -132,7 +132,7 @@ class Security extends Controller
// TODO: ensure there's no user with this email registered already // TODO: ensure there's no user with this email registered already
// Already used is checked below // Already used is checked below
$sanitized_nickname = Nickname::normalize($data['nickname'], check_already_used: false); $sanitized_nickname = Nickname::normalize($data['nickname'], check_already_used: false, which: Nickname::CHECK_LOCAL_USER, check_is_allowed: false);
try { try {
// This already checks if the nickname is being used // This already checks if the nickname is being used

View File

@ -92,7 +92,7 @@ class Authenticator extends AbstractFormLoginAuthenticator
if (filter_var($credentials['nickname_or_email'], FILTER_VALIDATE_EMAIL) !== false) { if (filter_var($credentials['nickname_or_email'], FILTER_VALIDATE_EMAIL) !== false) {
$user = LocalUser::getByEmail($credentials['nickname_or_email']); $user = LocalUser::getByEmail($credentials['nickname_or_email']);
} else { } else {
$user = LocalUser::getWithPK(['nickname' => Nickname::normalize($credentials['nickname_or_email'], check_already_used: false)]); $user = LocalUser::getWithPK(['nickname' => Nickname::normalize($credentials['nickname_or_email'], check_already_used: false, which: Nickname::CHECK_LOCAL_USER, check_is_allowed: false)]);
} }
if ($user === null) { if ($user === null) {
throw new NoSuchActorException('No such local user.'); throw new NoSuchActorException('No such local user.');

View File

@ -55,6 +55,11 @@ use InvalidArgumentException;
*/ */
class Nickname class Nickname
{ {
/**
* Maximum number of characters in a canonical-form nickname. Changes must validate regexs
*/
const MAX_LEN = 64;
/** /**
* Regex fragment for pulling a formated nickname *OR* ID number. * Regex fragment for pulling a formated nickname *OR* ID number.
* Suitable for router def of 'id' parameters on API actions. * Suitable for router def of 'id' parameters on API actions.
@ -67,7 +72,7 @@ class Nickname
* *
* @fixme would prefer to define in reference to the other constants * @fixme would prefer to define in reference to the other constants
*/ */
public const INPUT_FMT = '(?:[0-9]+|[0-9a-zA-Z_]{1,64})'; public const INPUT_FMT = '(?:[0-9]+|[0-9a-zA-Z_]{1,' . self::MAX_LEN . '})';
/** /**
* Regex fragment for acceptable user-formatted variant of a nickname. * Regex fragment for acceptable user-formatted variant of a nickname.
@ -82,7 +87,7 @@ class Nickname
* *
* This, INPUT_FMT and CANONICAL_FMT should not be enclosed in []s. * This, INPUT_FMT and CANONICAL_FMT should not be enclosed in []s.
*/ */
public const DISPLAY_FMT = '[0-9a-zA-Z_]{1,64}'; public const DISPLAY_FMT = '[0-9a-zA-Z_]{1,' . self::MAX_LEN . '}';
/** /**
* Simplified regex fragment for acceptable full WebFinger ID of a user * Simplified regex fragment for acceptable full WebFinger ID of a user
@ -92,11 +97,6 @@ class Nickname
*/ */
public const WEBFINGER_FMT = '(?:\w+[\w\-\_\.]*)?\w+\@' . URL_REGEX_DOMAIN_NAME; public const WEBFINGER_FMT = '(?:\w+[\w\-\_\.]*)?\w+\@' . URL_REGEX_DOMAIN_NAME;
/**
* Maximum number of characters in a canonical-form nickname. Changes must validate regexs
*/
const MAX_LEN = 64;
/** /**
* Regex fragment for checking a canonical nickname. * Regex fragment for checking a canonical nickname.
* *
@ -182,7 +182,7 @@ class Nickname
* @throws NicknameTakenException * @throws NicknameTakenException
* @throws NicknameTooLongException * @throws NicknameTooLongException
*/ */
public static function normalize(string $nickname, bool $check_already_used = true, bool $check_is_allowed = true): string public static function normalize(string $nickname, bool $check_already_used = false, int $which = self::CHECK_LOCAL_USER, bool $check_is_allowed = true): string
{ {
$nickname = trim($nickname); $nickname = trim($nickname);
$nickname = str_replace('_', '', $nickname); $nickname = str_replace('_', '', $nickname);
@ -190,7 +190,7 @@ class Nickname
// We could do UTF-8 normalization (å to a, etc.) with something like Normalizer::normalize($nickname, Normalizer::FORM_C) // We could do UTF-8 normalization (å to a, etc.) with something like Normalizer::normalize($nickname, Normalizer::FORM_C)
// We won't as it could confuse tremendously the user, he must know what is valid and should fix his own input // We won't as it could confuse tremendously the user, he must know what is valid and should fix his own input
if (!self::validate($nickname, $check_already_used, $check_is_allowed) || !self::isCanonical($nickname)) { if (!self::validate(nickname: $nickname, check_already_used: $check_already_used, which: $which, check_is_allowed: $check_is_allowed) || !self::isCanonical($nickname)) {
throw new NicknameInvalidException(); throw new NicknameInvalidException();
} }
@ -201,14 +201,14 @@ class Nickname
* Nice simple check of whether the given string is a valid input nickname, * Nice simple check of whether the given string is a valid input nickname,
* which can be normalized into an internally canonical form. * which can be normalized into an internally canonical form.
* *
* Note that valid nicknames may be in use or reserved. * Note that valid nicknames may be in use or blacklisted.
* *
* @return bool True if nickname is valid. False if invalid (or taken if $check_already_used == true). * @return bool True if nickname is valid. False if invalid (or taken if $check_already_used == true).
*/ */
public static function isValid(string $nickname, bool $check_already_used = true, bool $check_is_allowed = true): bool public static function isValid(string $nickname, bool $check_already_used = false, int $which = self::CHECK_LOCAL_USER, bool $check_is_allowed = true): bool
{ {
try { try {
self::normalize($nickname, $check_already_used, $check_is_allowed); self::normalize(nickname: $nickname, check_already_used: $check_already_used, which: $which, check_is_allowed: $check_is_allowed);
} catch (NicknameException) { } catch (NicknameException) {
return false; return false;
} }
@ -223,7 +223,7 @@ class Nickname
*/ */
public static function isCanonical(string $nickname): bool public static function isCanonical(string $nickname): bool
{ {
return preg_match('/^(?:' . self::CANONICAL_FMT . ')$/', $nickname); return preg_match('/^(?:' . self::CANONICAL_FMT . ')$/', $nickname) > 0;
} }
/** /**