Merge branch 'bugfix-truncate-remote-user-fields' into 'develop'

User: truncate remote user fields instead of rejecting

See merge request pleroma/pleroma!4220
This commit is contained in:
feld 2024-08-16 00:37:10 +00:00
commit fcf9ad5573
4 changed files with 20 additions and 2 deletions

View file

@ -0,0 +1 @@
Truncate remote user fields, avoids them getting rejected

View file

@ -463,6 +463,7 @@ defp fix_follower_address(params), do: params
def remote_user_changeset(struct \\ %User{local: false}, params) do def remote_user_changeset(struct \\ %User{local: false}, params) do
bio_limit = Config.get([:instance, :user_bio_length], 5000) bio_limit = Config.get([:instance, :user_bio_length], 5000)
name_limit = Config.get([:instance, :user_name_length], 100) name_limit = Config.get([:instance, :user_name_length], 100)
fields_limit = Config.get([:instance, :max_remote_account_fields], 0)
name = name =
case params[:name] do case params[:name] do
@ -476,6 +477,7 @@ def remote_user_changeset(struct \\ %User{local: false}, params) do
|> Map.put_new(:last_refreshed_at, NaiveDateTime.utc_now()) |> Map.put_new(:last_refreshed_at, NaiveDateTime.utc_now())
|> truncate_if_exists(:name, name_limit) |> truncate_if_exists(:name, name_limit)
|> truncate_if_exists(:bio, bio_limit) |> truncate_if_exists(:bio, bio_limit)
|> Map.update(:fields, [], &Enum.take(&1, fields_limit))
|> truncate_fields_param() |> truncate_fields_param()
|> fix_follower_address() |> fix_follower_address()

View file

@ -1075,6 +1075,21 @@ test "it is invalid given a local user" do
refute cs.valid? refute cs.valid?
end end
test "it truncates fields" do
clear_config([:instance, :max_remote_account_fields], 2)
fields = [
%{"name" => "One", "value" => "Uno"},
%{"name" => "Two", "value" => "Dos"},
%{"name" => "Three", "value" => "Tres"}
]
cs = User.remote_user_changeset(@valid_remote |> Map.put(:fields, fields))
assert [%{"name" => "One", "value" => "Uno"}, %{"name" => "Two", "value" => "Dos"}] ==
Ecto.Changeset.get_field(cs, :fields)
end
end end
describe "followers and friends" do describe "followers and friends" do

View file

@ -119,8 +119,8 @@ test "it works with custom profile fields" do
user = User.get_cached_by_ap_id(user.ap_id) user = User.get_cached_by_ap_id(user.ap_id)
assert user.fields == [ assert user.fields == [
%{"name" => "foo", "value" => "updated"}, %{"name" => "foo", "value" => "bar"},
%{"name" => "foo1", "value" => "updated"} %{"name" => "foo11", "value" => "bar11"}
] ]
update_data = update_data =