ユーザー名がUnicode制御文字とスペースのみで構成される場合はnullに
This commit is contained in:
parent
b0a47c1c51
commit
6c752a69c0
|
@ -252,6 +252,8 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
|
||||||
const user = await this.usersRepository.findOneByOrFail({ id: _user.id }) as MiLocalUser;
|
const user = await this.usersRepository.findOneByOrFail({ id: _user.id }) as MiLocalUser;
|
||||||
const isSecure = token == null;
|
const isSecure = token == null;
|
||||||
|
|
||||||
|
const onlyControlCharsAndSpaceRegex = /^[\u0000-\u001F\u007F-\u009F\u061C\u200E\u200F\u202A-\u202E\u2066-\u2069\s]+$/;
|
||||||
|
|
||||||
const updates = {} as Partial<MiUser>;
|
const updates = {} as Partial<MiUser>;
|
||||||
const profileUpdates = {} as Partial<MiUserProfile>;
|
const profileUpdates = {} as Partial<MiUserProfile>;
|
||||||
|
|
||||||
|
@ -262,7 +264,13 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
|
||||||
updates.name = null;
|
updates.name = null;
|
||||||
} else {
|
} else {
|
||||||
const trimmedName = ps.name.trim();
|
const trimmedName = ps.name.trim();
|
||||||
updates.name = trimmedName === '' ? null : trimmedName;
|
if (trimmedName === '') {
|
||||||
|
updates.name = null;
|
||||||
|
} else if (onlyControlCharsAndSpaceRegex.test(trimmedName)) {
|
||||||
|
updates.name = null;
|
||||||
|
} else {
|
||||||
|
updates.name = trimmedName;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (ps.description !== undefined) profileUpdates.description = ps.description;
|
if (ps.description !== undefined) profileUpdates.description = ps.description;
|
||||||
|
|
|
@ -134,6 +134,14 @@ describe('Endpoints', () => {
|
||||||
assert.strictEqual(res.body.name, 'あ い う');
|
assert.strictEqual(res.body.name, 'あ い う');
|
||||||
});
|
});
|
||||||
|
|
||||||
|
test('名前にUnicode制御文字とスペースしか含まない場合はnullになる', async () => {
|
||||||
|
const res = await api('i/update', {
|
||||||
|
name: ' \u202e ',
|
||||||
|
}, alice);
|
||||||
|
assert.strictEqual(res.status, 200);
|
||||||
|
assert.strictEqual(res.body.name, null);
|
||||||
|
});
|
||||||
|
|
||||||
test('誕生日の設定を削除できる', async () => {
|
test('誕生日の設定を削除できる', async () => {
|
||||||
await api('i/update', {
|
await api('i/update', {
|
||||||
birthday: '2000-09-07',
|
birthday: '2000-09-07',
|
||||||
|
|
Loading…
Reference in New Issue