Support deeper subdomains in domain validation (#110)

Use a new validator class with regex based on the URLValidator from Django

2 files changed, 64 insertions, 10 deletions

diff --git a/tests/users/views/test_domains.py b/tests/users/views/test_domains.py
new file mode 100644
index 0000000..13d4b11
--- /dev/null
+++ b/tests/users/views/test_domains.py
@@ -0,0 +1,40 @@
+import pytest
+from django.core.exceptions import ValidationError
+
+from users.views.admin.domains import DomainValidator
+
+VALID_DOMAINS = [
+    "takahe.social",
+    "subdomain.takahe.social",
+    "another.subdomain.takahe.social",
+    "jointakahe.org",
+    "xn--c6h.com",
+    "takahe.xn--social",
+    "example.com",
+    "www.example.com",
+    "example.co.uk",
+]
+
+INVALID_DOMAINS = [
+    "example.c",
+    "example,com",
+    "example,com.com",
+    "example",
+    ".com",
+    "example.com/example",
+    "-example.com",
+    "example-.com",
+    "example.com-",
+    "https://example.com",
+]
+
+
+@pytest.mark.parametrize("domain", VALID_DOMAINS)
+def test_domain_validation_accepts_valid_domains(domain):
+    DomainValidator()(domain)
+
+
+@pytest.mark.parametrize("domain", INVALID_DOMAINS)
+def test_domain_validation_raises_exception_for_invalid_domains(domain):
+    with pytest.raises(ValidationError):
+        DomainValidator()(domain)
diff --git a/users/views/admin/domains.py b/users/views/admin/domains.py
index c42137c..ed4d184 100644
--- a/users/views/admin/domains.py
+++ b/users/views/admin/domains.py
@@ -1,6 +1,5 @@
-import re
-
 from django import forms
+from django.core.validators import RegexValidator
 from django.db import models
 from django.shortcuts import get_object_or_404, redirect
 from django.utils.decorators import method_decorator
@@ -10,6 +9,27 @@ from users.decorators import admin_required
 from users.models import Domain
 
 
+class DomainValidator(RegexValidator):
+    ul = "\u00a1-\uffff"  # Unicode letters range (must not be a raw string).
+
+    # Host patterns
+    hostname_re = (
+        r"[a-z" + ul + r"0-9](?:[a-z" + ul + r"0-9-]{0,61}[a-z" + ul + r"0-9])?"
+    )
+    # Max length for domain name labels is 63 characters per RFC 1034 sec. 3.1
+    domain_re = r"(?:\.(?!-)[a-z" + ul + r"0-9-]{1,63}(?<!-))*"
+    tld_re = (
+        r"\."  # dot
+        r"(?!-)"  # can't start with a dash
+        r"(?:[a-z" + ul + "-]{2,63}"  # domain label
+        r"|xn--[a-z0-9]{1,59})"  # or punycode label
+        r"(?<!-)"  # can't end with a dash
+        r"\.?"  # may have a trailing dot
+    )
+    regex = "^" + hostname_re + domain_re + tld_re + "$"
+    message = "This does not look like a domain name"
+
+
 @method_decorator(admin_required, name="dispatch")
 class Domains(TemplateView):
 
@@ -31,10 +51,12 @@ class DomainCreate(FormView):
     class form_class(forms.Form):
         domain = forms.CharField(
             help_text="The domain displayed as part of a user's identity.\nCannot be changed after the domain has been created.",
+            validators=[DomainValidator()],
         )
         service_domain = forms.CharField(
             help_text="Optional - a domain that serves Takahē if it is not running on the main domain.\nCannot be changed after the domain has been created.",
             required=False,
+            validators=[DomainValidator()],
         )
         public = forms.BooleanField(
             help_text="If any user on this server can create identities here",
@@ -47,13 +69,7 @@ class DomainCreate(FormView):
             required=False,
         )
 
-        domain_regex = re.compile(
-            r"^((?!-))(xn--)?[a-z0-9][a-z0-9-_]{0,61}[a-z0-9]{0,1}\.(xn--)?([a-z0-9\-]{1,61}|[a-z0-9-]{1,30}\.[a-z]{2,})$"
-        )
-
         def clean_domain(self):
-            if not self.domain_regex.match(self.cleaned_data["domain"]):
-                raise forms.ValidationError("This does not look like a domain name")
             if Domain.objects.filter(
                 models.Q(domain=self.cleaned_data["domain"])
                 | models.Q(service_domain=self.cleaned_data["domain"])
@@ -64,8 +80,6 @@ class DomainCreate(FormView):
         def clean_service_domain(self):
             if not self.cleaned_data["service_domain"]:
                 return None
-            if not self.domain_regex.match(self.cleaned_data["service_domain"]):
-                raise forms.ValidationError("This does not look like a domain name")
             if Domain.objects.filter(
                 models.Q(domain=self.cleaned_data["service_domain"])
                 | models.Q(service_domain=self.cleaned_data["service_domain"])