ユーザー名がUnicode制御文字とスペースのみで構成される場合はnullに

This commit is contained in:
kakkokari-gtyih 2024-07-02 19:05:38 +09:00
parent b0a47c1c51
commit 6c752a69c0
2 changed files with 17 additions and 1 deletions

View File

@ -252,6 +252,8 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
const user = await this.usersRepository.findOneByOrFail({ id: _user.id }) as MiLocalUser; const user = await this.usersRepository.findOneByOrFail({ id: _user.id }) as MiLocalUser;
const isSecure = token == null; const isSecure = token == null;
const onlyControlCharsAndSpaceRegex = /^[\u0000-\u001F\u007F-\u009F\u061C\u200E\u200F\u202A-\u202E\u2066-\u2069\s]+$/;
const updates = {} as Partial<MiUser>; const updates = {} as Partial<MiUser>;
const profileUpdates = {} as Partial<MiUserProfile>; const profileUpdates = {} as Partial<MiUserProfile>;
@ -262,7 +264,13 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
updates.name = null; updates.name = null;
} else { } else {
const trimmedName = ps.name.trim(); const trimmedName = ps.name.trim();
updates.name = trimmedName === '' ? null : trimmedName; if (trimmedName === '') {
updates.name = null;
} else if (onlyControlCharsAndSpaceRegex.test(trimmedName)) {
updates.name = null;
} else {
updates.name = trimmedName;
}
} }
} }
if (ps.description !== undefined) profileUpdates.description = ps.description; if (ps.description !== undefined) profileUpdates.description = ps.description;

View File

@ -134,6 +134,14 @@ describe('Endpoints', () => {
assert.strictEqual(res.body.name, 'あ い う'); assert.strictEqual(res.body.name, 'あ い う');
}); });
test('名前にUnicode制御文字とスペースしか含まない場合はnullになる', async () => {
const res = await api('i/update', {
name: ' \u202e ',
}, alice);
assert.strictEqual(res.status, 200);
assert.strictEqual(res.body.name, null);
});
test('誕生日の設定を削除できる', async () => { test('誕生日の設定を削除できる', async () => {
await api('i/update', { await api('i/update', {
birthday: '2000-09-07', birthday: '2000-09-07',