mirror of
https://github.com/overleaf/overleaf.git
synced 2024-10-17 21:05:04 -04:00
Merge pull request #20692 from overleaf/ar-limit-length-of-user-editable-fields
[web] limit length of user editable fields GitOrigin-RevId: 239398dd05dcde7fea0ac8415e41396ef01c2b74
This commit is contained in:
parent
7cef8b5bdc
commit
50aad92eb9
5 changed files with 32 additions and 3 deletions
|
@ -6,6 +6,7 @@ const { ObjectId } = Schema
|
||||||
|
|
||||||
// See https://stackoverflow.com/questions/386294/what-is-the-maximum-length-of-a-valid-email-address/574698#574698
|
// See https://stackoverflow.com/questions/386294/what-is-the-maximum-length-of-a-valid-email-address/574698#574698
|
||||||
const MAX_EMAIL_LENGTH = 254
|
const MAX_EMAIL_LENGTH = 254
|
||||||
|
const MAX_NAME_LENGTH = 255
|
||||||
|
|
||||||
const UserSchema = new Schema(
|
const UserSchema = new Schema(
|
||||||
{
|
{
|
||||||
|
@ -26,8 +27,16 @@ const UserSchema = new Schema(
|
||||||
reconfirmedAt: { type: Date },
|
reconfirmedAt: { type: Date },
|
||||||
},
|
},
|
||||||
],
|
],
|
||||||
first_name: { type: String, default: '' },
|
first_name: {
|
||||||
last_name: { type: String, default: '' },
|
type: String,
|
||||||
|
default: '',
|
||||||
|
maxlength: MAX_NAME_LENGTH,
|
||||||
|
},
|
||||||
|
last_name: {
|
||||||
|
type: String,
|
||||||
|
default: '',
|
||||||
|
maxlength: MAX_NAME_LENGTH,
|
||||||
|
},
|
||||||
role: { type: String, default: '' },
|
role: { type: String, default: '' },
|
||||||
institution: { type: String, default: '' },
|
institution: { type: String, default: '' },
|
||||||
hashedPassword: String,
|
hashedPassword: String,
|
||||||
|
|
|
@ -313,6 +313,12 @@ function initialize(webRouter, privateApiRouter, publicApiRouter) {
|
||||||
webRouter.post(
|
webRouter.post(
|
||||||
'/user/settings',
|
'/user/settings',
|
||||||
AuthenticationController.requireLogin(),
|
AuthenticationController.requireLogin(),
|
||||||
|
validate({
|
||||||
|
body: Joi.object({
|
||||||
|
first_name: Joi.string().allow(null, '').max(255),
|
||||||
|
last_name: Joi.string().allow(null, '').max(255),
|
||||||
|
}).unknown(),
|
||||||
|
}),
|
||||||
UserController.updateUserSettings
|
UserController.updateUserSettings
|
||||||
)
|
)
|
||||||
webRouter.post(
|
webRouter.post(
|
||||||
|
|
|
@ -88,6 +88,7 @@ function AccountInfoSection() {
|
||||||
type="text"
|
type="text"
|
||||||
label={t('first_name')}
|
label={t('first_name')}
|
||||||
value={firstName}
|
value={firstName}
|
||||||
|
maxLength={255}
|
||||||
handleChange={handleFirstNameChange}
|
handleChange={handleFirstNameChange}
|
||||||
canEdit={canUpdateNames}
|
canEdit={canUpdateNames}
|
||||||
required={false}
|
required={false}
|
||||||
|
@ -96,6 +97,7 @@ function AccountInfoSection() {
|
||||||
id="last-name-input"
|
id="last-name-input"
|
||||||
type="text"
|
type="text"
|
||||||
label={t('last_name')}
|
label={t('last_name')}
|
||||||
|
maxLength={255}
|
||||||
value={lastName}
|
value={lastName}
|
||||||
handleChange={handleLastNameChange}
|
handleChange={handleLastNameChange}
|
||||||
canEdit={canUpdateNames}
|
canEdit={canUpdateNames}
|
||||||
|
@ -145,6 +147,7 @@ type ReadOrWriteFormGroupProps = {
|
||||||
value?: string
|
value?: string
|
||||||
handleChange: (event: any) => void
|
handleChange: (event: any) => void
|
||||||
canEdit: boolean
|
canEdit: boolean
|
||||||
|
maxLength?: number
|
||||||
required: boolean
|
required: boolean
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -155,6 +158,7 @@ function ReadOrWriteFormGroup({
|
||||||
value,
|
value,
|
||||||
handleChange,
|
handleChange,
|
||||||
canEdit,
|
canEdit,
|
||||||
|
maxLength,
|
||||||
required,
|
required,
|
||||||
}: ReadOrWriteFormGroupProps) {
|
}: ReadOrWriteFormGroupProps) {
|
||||||
const [validationMessage, setValidationMessage] = useState('')
|
const [validationMessage, setValidationMessage] = useState('')
|
||||||
|
@ -186,6 +190,7 @@ function ReadOrWriteFormGroup({
|
||||||
type={type}
|
type={type}
|
||||||
required={required}
|
required={required}
|
||||||
value={value}
|
value={value}
|
||||||
|
maxLength={maxLength}
|
||||||
data-ol-dirty={!!validationMessage}
|
data-ol-dirty={!!validationMessage}
|
||||||
onChange={handleChangeAndValidity}
|
onChange={handleChangeAndValidity}
|
||||||
onInvalid={handleInvalid}
|
onInvalid={handleInvalid}
|
||||||
|
|
|
@ -48,4 +48,13 @@ describe('SettingsPage', function () {
|
||||||
})
|
})
|
||||||
})
|
})
|
||||||
})
|
})
|
||||||
|
|
||||||
|
it('prevents first name from being updated to a string longer than 255 characters', function (done) {
|
||||||
|
const newFirstName = 'a'.repeat(256)
|
||||||
|
return this.user.updateSettings({ first_name: newFirstName }, error => {
|
||||||
|
expect(error).to.exist
|
||||||
|
expect(error.message).to.contain('update settings failed: status=400')
|
||||||
|
return done()
|
||||||
|
})
|
||||||
|
})
|
||||||
})
|
})
|
||||||
|
|
|
@ -1142,7 +1142,7 @@ class User {
|
||||||
if (response.statusCode !== 200) {
|
if (response.statusCode !== 200) {
|
||||||
return callback(
|
return callback(
|
||||||
new Error(
|
new Error(
|
||||||
`login failed: status=${
|
`update settings failed: status=${
|
||||||
response.statusCode
|
response.statusCode
|
||||||
} body=${JSON.stringify(body)}`
|
} body=${JSON.stringify(body)}`
|
||||||
)
|
)
|
||||||
|
|
Loading…
Reference in a new issue