diff options
author | Michael Manfre | 2022-11-20 13:13:44 -0500 |
---|---|---|
committer | GitHub | 2022-11-20 11:13:44 -0700 |
commit | 6b7082a194a19579430e426ffc4bce52ffd336e9 (patch) | |
tree | 38aefe1cafcd43b4db2a1aba36fb3f8bc1ed1e3c /users/views | |
parent | f9ee3ef69d7e3c91a3df6bad949d25a24baf57b0 (diff) | |
download | takahe-6b7082a194a19579430e426ffc4bce52ffd336e9.tar.gz takahe-6b7082a194a19579430e426ffc4bce52ffd336e9.tar.bz2 takahe-6b7082a194a19579430e426ffc4bce52ffd336e9.zip |
Add config identity_min_length and apply non-admin validation
Diffstat (limited to 'users/views')
-rw-r--r-- | users/views/admin/settings.py | 10 | ||||
-rw-r--r-- | users/views/identity.py | 22 |
2 files changed, 31 insertions, 1 deletions
diff --git a/users/views/admin/settings.py b/users/views/admin/settings.py index e11aba5..0ed9a60 100644 --- a/users/views/admin/settings.py +++ b/users/views/admin/settings.py @@ -54,6 +54,10 @@ class BasicSettings(AdminSettingsPage): "title": "Maximum Identities Per User", "help_text": "Non-admins will be blocked from creating more than this", }, + "identity_min_length": { + "title": "Minimum Length For User Identities", + "help_text": "Non-admins will be blocked from creating identities shorter than this", + }, "signup_allowed": { "title": "Signups Allowed", "help_text": "If signups are allowed at all", @@ -84,5 +88,9 @@ class BasicSettings(AdminSettingsPage): ], "Signups": ["signup_allowed", "signup_invite_only", "signup_text"], "Posts": ["post_length"], - "Identities": ["identity_max_per_user", "restricted_usernames"], + "Identities": [ + "identity_max_per_user", + "identity_min_length", + "restricted_usernames", + ], } diff --git a/users/views/identity.py b/users/views/identity.py index 5524c4c..4dae6d5 100644 --- a/users/views/identity.py +++ b/users/views/identity.py @@ -2,6 +2,7 @@ import string from django import forms from django.contrib.auth.decorators import login_required +from django.core import validators from django.http import Http404, JsonResponse from django.shortcuts import redirect from django.utils.decorators import method_decorator @@ -144,10 +145,23 @@ class CreateIdentity(FormView): (domain.domain, domain.domain) for domain in Domain.available_for_user(user) ] + self.user = user def clean_username(self): # Remove any leading @ and force it lowercase value = self.cleaned_data["username"].lstrip("@").lower() + + if not self.user.admin: + # Apply username min length + limit = int(Config.system.identity_min_length) + validators.MinLengthValidator(limit)(value) + + # Apply username restrictions + if value in Config.system.restricted_usernames.split(): + raise forms.ValidationError( + "This username is restricted to administrators only." + ) + # Validate it's all ascii characters for character in value: if character not in string.ascii_letters + string.digits + "_-": @@ -167,6 +181,14 @@ class CreateIdentity(FormView): ): raise forms.ValidationError(f"{username}@{domain} is already taken") + if not self.user.admin and ( + Identity.objects.filter(users=self.user).count() + >= Config.system.identity_max_per_user + ): + raise forms.ValidationError( + f"You are not allowed more than {Config.system.identity_max_per_user} identities" + ) + def get_form(self): form_class = self.get_form_class() return form_class(user=self.request.user, **self.get_form_kwargs()) |