mirror of
https://git.anonymousland.org/anonymousland/synapse.git
synced 2024-12-27 03:39:25 -05:00
Create function to check for long names in devices (#8364)
* Create a new function to verify that the length of a device name is under a certain threshold. * Refactor old code and tests to use said function. * Verify device name length during registration of device * Add a test for the above Signed-off-by: Dionysis Grigoropoulos <dgrig@erethon.com>
This commit is contained in:
parent
4f3096d866
commit
37ca5924bd
2
changelog.d/8364.bugfix
Normal file
2
changelog.d/8364.bugfix
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
Fix a bug where during device registration the length of the device name wasn't
|
||||||
|
limited.
|
@ -20,6 +20,7 @@ from typing import Any, Dict, List, Optional
|
|||||||
from synapse.api import errors
|
from synapse.api import errors
|
||||||
from synapse.api.constants import EventTypes
|
from synapse.api.constants import EventTypes
|
||||||
from synapse.api.errors import (
|
from synapse.api.errors import (
|
||||||
|
Codes,
|
||||||
FederationDeniedError,
|
FederationDeniedError,
|
||||||
HttpResponseException,
|
HttpResponseException,
|
||||||
RequestSendFailed,
|
RequestSendFailed,
|
||||||
@ -265,6 +266,24 @@ class DeviceHandler(DeviceWorkerHandler):
|
|||||||
|
|
||||||
hs.get_distributor().observe("user_left_room", self.user_left_room)
|
hs.get_distributor().observe("user_left_room", self.user_left_room)
|
||||||
|
|
||||||
|
def _check_device_name_length(self, name: str):
|
||||||
|
"""
|
||||||
|
Checks whether a device name is longer than the maximum allowed length.
|
||||||
|
|
||||||
|
Args:
|
||||||
|
name: The name of the device.
|
||||||
|
|
||||||
|
Raises:
|
||||||
|
SynapseError: if the device name is too long.
|
||||||
|
"""
|
||||||
|
if name and len(name) > MAX_DEVICE_DISPLAY_NAME_LEN:
|
||||||
|
raise SynapseError(
|
||||||
|
400,
|
||||||
|
"Device display name is too long (max %i)"
|
||||||
|
% (MAX_DEVICE_DISPLAY_NAME_LEN,),
|
||||||
|
errcode=Codes.TOO_LARGE,
|
||||||
|
)
|
||||||
|
|
||||||
async def check_device_registered(
|
async def check_device_registered(
|
||||||
self, user_id, device_id, initial_device_display_name=None
|
self, user_id, device_id, initial_device_display_name=None
|
||||||
):
|
):
|
||||||
@ -282,6 +301,9 @@ class DeviceHandler(DeviceWorkerHandler):
|
|||||||
Returns:
|
Returns:
|
||||||
str: device id (generated if none was supplied)
|
str: device id (generated if none was supplied)
|
||||||
"""
|
"""
|
||||||
|
|
||||||
|
self._check_device_name_length(initial_device_display_name)
|
||||||
|
|
||||||
if device_id is not None:
|
if device_id is not None:
|
||||||
new_device = await self.store.store_device(
|
new_device = await self.store.store_device(
|
||||||
user_id=user_id,
|
user_id=user_id,
|
||||||
@ -397,12 +419,8 @@ class DeviceHandler(DeviceWorkerHandler):
|
|||||||
|
|
||||||
# Reject a new displayname which is too long.
|
# Reject a new displayname which is too long.
|
||||||
new_display_name = content.get("display_name")
|
new_display_name = content.get("display_name")
|
||||||
if new_display_name and len(new_display_name) > MAX_DEVICE_DISPLAY_NAME_LEN:
|
|
||||||
raise SynapseError(
|
self._check_device_name_length(new_display_name)
|
||||||
400,
|
|
||||||
"Device display name is too long (max %i)"
|
|
||||||
% (MAX_DEVICE_DISPLAY_NAME_LEN,),
|
|
||||||
)
|
|
||||||
|
|
||||||
try:
|
try:
|
||||||
await self.store.update_device(
|
await self.store.update_device(
|
||||||
|
@ -35,6 +35,17 @@ class DeviceTestCase(unittest.HomeserverTestCase):
|
|||||||
# These tests assume that it starts 1000 seconds in.
|
# These tests assume that it starts 1000 seconds in.
|
||||||
self.reactor.advance(1000)
|
self.reactor.advance(1000)
|
||||||
|
|
||||||
|
def test_device_is_created_with_invalid_name(self):
|
||||||
|
self.get_failure(
|
||||||
|
self.handler.check_device_registered(
|
||||||
|
user_id="@boris:foo",
|
||||||
|
device_id="foo",
|
||||||
|
initial_device_display_name="a"
|
||||||
|
* (synapse.handlers.device.MAX_DEVICE_DISPLAY_NAME_LEN + 1),
|
||||||
|
),
|
||||||
|
synapse.api.errors.SynapseError,
|
||||||
|
)
|
||||||
|
|
||||||
def test_device_is_created_if_doesnt_exist(self):
|
def test_device_is_created_if_doesnt_exist(self):
|
||||||
res = self.get_success(
|
res = self.get_success(
|
||||||
self.handler.check_device_registered(
|
self.handler.check_device_registered(
|
||||||
|
@ -221,7 +221,7 @@ class DeviceRestTestCase(unittest.HomeserverTestCase):
|
|||||||
self.render(request)
|
self.render(request)
|
||||||
|
|
||||||
self.assertEqual(400, channel.code, msg=channel.json_body)
|
self.assertEqual(400, channel.code, msg=channel.json_body)
|
||||||
self.assertEqual(Codes.UNKNOWN, channel.json_body["errcode"])
|
self.assertEqual(Codes.TOO_LARGE, channel.json_body["errcode"])
|
||||||
|
|
||||||
# Ensure the display name was not updated.
|
# Ensure the display name was not updated.
|
||||||
request, channel = self.make_request(
|
request, channel = self.make_request(
|
||||||
|
Loading…
Reference in New Issue
Block a user