summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--tests/users/views/test_domains.py40
-rw-r--r--users/views/admin/domains.py34
2 files changed, 64 insertions, 10 deletions
diff --git a/tests/users/views/test_domains.py b/tests/users/views/test_domains.py
new file mode 100644
index 0000000..13d4b11
--- /dev/null
+++ b/tests/users/views/test_domains.py
@@ -0,0 +1,40 @@
+import pytest
+from django.core.exceptions import ValidationError
+
+from users.views.admin.domains import DomainValidator
+
+VALID_DOMAINS = [
+ "takahe.social",
+ "subdomain.takahe.social",
+ "another.subdomain.takahe.social",
+ "jointakahe.org",
+ "xn--c6h.com",
+ "takahe.xn--social",
+ "example.com",
+ "www.example.com",
+ "example.co.uk",
+]
+
+INVALID_DOMAINS = [
+ "example.c",
+ "example,com",
+ "example,com.com",
+ "example",
+ ".com",
+ "example.com/example",
+ "-example.com",
+ "example-.com",
+ "example.com-",
+ "https://example.com",
+]
+
+
+@pytest.mark.parametrize("domain", VALID_DOMAINS)
+def test_domain_validation_accepts_valid_domains(domain):
+ DomainValidator()(domain)
+
+
+@pytest.mark.parametrize("domain", INVALID_DOMAINS)
+def test_domain_validation_raises_exception_for_invalid_domains(domain):
+ with pytest.raises(ValidationError):
+ DomainValidator()(domain)
diff --git a/users/views/admin/domains.py b/users/views/admin/domains.py
index c42137c..ed4d184 100644
--- a/users/views/admin/domains.py
+++ b/users/views/admin/domains.py
@@ -1,6 +1,5 @@
-import re
-
from django import forms
+from django.core.validators import RegexValidator
from django.db import models
from django.shortcuts import get_object_or_404, redirect
from django.utils.decorators import method_decorator
@@ -10,6 +9,27 @@ from users.decorators import admin_required
from users.models import Domain
+class DomainValidator(RegexValidator):
+ ul = "\u00a1-\uffff" # Unicode letters range (must not be a raw string).
+
+ # Host patterns
+ hostname_re = (
+ r"[a-z" + ul + r"0-9](?:[a-z" + ul + r"0-9-]{0,61}[a-z" + ul + r"0-9])?"
+ )
+ # Max length for domain name labels is 63 characters per RFC 1034 sec. 3.1
+ domain_re = r"(?:\.(?!-)[a-z" + ul + r"0-9-]{1,63}(?<!-))*"
+ tld_re = (
+ r"\." # dot
+ r"(?!-)" # can't start with a dash
+ r"(?:[a-z" + ul + "-]{2,63}" # domain label
+ r"|xn--[a-z0-9]{1,59})" # or punycode label
+ r"(?<!-)" # can't end with a dash
+ r"\.?" # may have a trailing dot
+ )
+ regex = "^" + hostname_re + domain_re + tld_re + "$"
+ message = "This does not look like a domain name"
+
+
@method_decorator(admin_required, name="dispatch")
class Domains(TemplateView):
@@ -31,10 +51,12 @@ class DomainCreate(FormView):
class form_class(forms.Form):
domain = forms.CharField(
help_text="The domain displayed as part of a user's identity.\nCannot be changed after the domain has been created.",
+ validators=[DomainValidator()],
)
service_domain = forms.CharField(
help_text="Optional - a domain that serves Takahē if it is not running on the main domain.\nCannot be changed after the domain has been created.",
required=False,
+ validators=[DomainValidator()],
)
public = forms.BooleanField(
help_text="If any user on this server can create identities here",
@@ -47,13 +69,7 @@ class DomainCreate(FormView):
required=False,
)
- domain_regex = re.compile(
- r"^((?!-))(xn--)?[a-z0-9][a-z0-9-_]{0,61}[a-z0-9]{0,1}\.(xn--)?([a-z0-9\-]{1,61}|[a-z0-9-]{1,30}\.[a-z]{2,})$"
- )
-
def clean_domain(self):
- if not self.domain_regex.match(self.cleaned_data["domain"]):
- raise forms.ValidationError("This does not look like a domain name")
if Domain.objects.filter(
models.Q(domain=self.cleaned_data["domain"])
| models.Q(service_domain=self.cleaned_data["domain"])
@@ -64,8 +80,6 @@ class DomainCreate(FormView):
def clean_service_domain(self):
if not self.cleaned_data["service_domain"]:
return None
- if not self.domain_regex.match(self.cleaned_data["service_domain"]):
- raise forms.ValidationError("This does not look like a domain name")
if Domain.objects.filter(
models.Q(domain=self.cleaned_data["service_domain"])
| models.Q(service_domain=self.cleaned_data["service_domain"])