mirror of
https://github.com/codeninjasllc/discourse.git
synced 2024-11-23 15:48:43 -05:00
FIX: Don't allow profile bios longer than 3k chars
This commit is contained in:
parent
f2cca140b4
commit
56eda5abf9
9 changed files with 36 additions and 7 deletions
|
@ -92,10 +92,14 @@ export default ObjectController.extend({
|
|||
}
|
||||
self.set('bio_cooked', Discourse.Markdown.cook(Discourse.Markdown.sanitize(self.get('bio_raw'))));
|
||||
self.set('saved', true);
|
||||
}, function() {
|
||||
}, function(error) {
|
||||
// model failed to save
|
||||
self.set('saving', false);
|
||||
if (error && error.responseText) {
|
||||
alert($.parseJSON(error.responseText).errors[0]);
|
||||
} else {
|
||||
alert(I18n.t('generic_error'));
|
||||
}
|
||||
});
|
||||
},
|
||||
|
||||
|
|
|
@ -292,7 +292,6 @@ class ApplicationController < ActionController::Base
|
|||
|
||||
def json_result(obj, opts={})
|
||||
if yield(obj)
|
||||
|
||||
json = success_json
|
||||
|
||||
# If we were given a serializer, add the class to the json that comes back
|
||||
|
@ -302,7 +301,15 @@ class ApplicationController < ActionController::Base
|
|||
|
||||
render json: MultiJson.dump(json)
|
||||
else
|
||||
render_json_error(obj)
|
||||
error_obj = nil
|
||||
if opts[:additional_errors]
|
||||
error_target = opts[:additional_errors].find do |o|
|
||||
target = obj.send(o)
|
||||
target && target.errors.present?
|
||||
end
|
||||
error_obj = obj.send(error_target) if error_target
|
||||
end
|
||||
render_json_error(error_obj || obj)
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -44,7 +44,7 @@ class UsersController < ApplicationController
|
|||
def update
|
||||
user = fetch_user_from_params
|
||||
guardian.ensure_can_edit!(user)
|
||||
json_result(user, serializer: UserSerializer) do |u|
|
||||
json_result(user, serializer: UserSerializer, additional_errors: [:user_profile]) do |u|
|
||||
updater = UserUpdater.new(current_user, user)
|
||||
updater.update(params)
|
||||
end
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
class UserProfile < ActiveRecord::Base
|
||||
belongs_to :user, inverse_of: :user_profile
|
||||
|
||||
validates :bio_raw, length: { maximum: 3000 }
|
||||
validates :user, presence: true
|
||||
before_save :cook
|
||||
after_save :trigger_badges
|
||||
|
|
|
@ -71,8 +71,7 @@ class UserUpdater
|
|||
end
|
||||
|
||||
User.transaction do
|
||||
user_profile.save
|
||||
user.save
|
||||
user_profile.save && user.save
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -202,6 +202,8 @@ en:
|
|||
name: "Category Name"
|
||||
post:
|
||||
raw: "Body"
|
||||
user_profile:
|
||||
bio_raw: "About Me"
|
||||
user:
|
||||
ip_address: ""
|
||||
errors:
|
||||
|
|
6
db/migrate/20140908191429_trim_profile_length.rb
Normal file
6
db/migrate/20140908191429_trim_profile_length.rb
Normal file
|
@ -0,0 +1,6 @@
|
|||
class TrimProfileLength < ActiveRecord::Migration
|
||||
def change
|
||||
# In case any profiles exceed 3000 chars
|
||||
execute "UPDATE user_profiles SET bio_raw=LEFT(bio_raw, 3000)"
|
||||
end
|
||||
end
|
|
@ -1,3 +1,8 @@
|
|||
Fabricator(:user_profile) do
|
||||
bio_raw "I'm batman!"
|
||||
end
|
||||
|
||||
Fabricator(:user_profile_long, from: :user_profile) do
|
||||
bio_raw ("trout" * 1000)
|
||||
user
|
||||
end
|
||||
|
|
|
@ -32,6 +32,11 @@ describe UserProfile do
|
|||
expect(user_profile.valid?).to be_true
|
||||
end
|
||||
|
||||
it "doesn't support really long bios" do
|
||||
user_profile = Fabricate.build(:user_profile_long)
|
||||
user_profile.should_not be_valid
|
||||
end
|
||||
|
||||
describe 'after save' do
|
||||
let(:user) { Fabricate(:user) }
|
||||
|
||||
|
|
Loading…
Reference in a new issue