Fix validation for user name, page name and repository name.

2025-11-12 16:35:52 +01:00 · 2013-06-21 18:56:00 +09:00
parent b20f85e21c
commit 4d4e0c8487
5 changed files with 26 additions and 55 deletions
--- a/src/main/scala/app/ControllerBase.scala
+++ b/src/main/scala/app/ControllerBase.scala
@@ -34,6 +34,17 @@ abstract class ControllerBase extends ScalatraFilter with ClientSideValidationFo
    url.substring(0, url.length - request.getRequestURI.length)
  }
  protected def identifier: Constraint = new Constraint(){
    def validate(name: String, value: String): Option[String] =
      if(!value.matches("^[a-zA-Z0-9\\-_]+$")){
        Some("%s contains invalid character.".format(name))
      } else if(value.startsWith("_") || value.startsWith("-")){
        Some("%s starts with invalid character.".format(name))
      } else {
        None
      }
  }
 }
 case class Context(path: String, loginAccount: Option[Account])
--- a/src/main/scala/app/CreateRepositoryController.scala
+++ b/src/main/scala/app/CreateRepositoryController.scala
@@ -21,7 +21,7 @@ trait CreateRepositoryControllerBase extends ControllerBase {
  case class RepositoryCreationForm(name: String, description: Option[String])
  val form = mapping(
-    "name"        -> trim(label("Repository name", text(required, maxlength(40), repository))),
+    "name"        -> trim(label("Repository name", text(required, maxlength(40), identifier, unique))),
    "description" -> trim(label("Description"    , optional(text())))
  )(RepositoryCreationForm.apply)
@@ -81,20 +81,11 @@ trait CreateRepositoryControllerBase extends ControllerBase {
  })
  /**
-   * Constraint for the repository name.
+   * Duplicate check for the repository name.
   */
-  def repository: Constraint = new Constraint(){
+  private def unique: Constraint = new Constraint(){
-    def validate(name: String, value: String): Option[String] = {
+    def validate(name: String, value: String): Option[String] =
-      if(!value.matches("^[a-zA-Z0-9\\-_]+$")){
+      getRepositoryNamesOfUser(context.loginAccount.get.userName).find(_ == value).map(_ => "Repository already exists.")
        Some("Repository name contains invalid character.")
      } else if(value.startsWith("_") || value.startsWith("-")){
        Some("Repository name starts with invalid character.")
      } else if(getRepositoryNamesOfUser(context.loginAccount.get.userName).contains(value)){
        Some("Repository already exists.")
      } else {
        None
      }
    }
  }
 }
--- a/src/main/scala/app/SettingsController.scala
+++ b/src/main/scala/app/SettingsController.scala
@@ -130,7 +130,7 @@ trait SettingsControllerBase extends ControllerBase {
  /**
   * Provides Constraint to validate the collaborator name.
   */
-  def collaborator: Constraint = new Constraint(){
+  private def collaborator: Constraint = new Constraint(){
    def validate(name: String, value: String): Option[String] = {
      getAccountByUserName(value) match {
        case None => Some("User does not exist.")
--- a/src/main/scala/app/UsersController.scala
+++ b/src/main/scala/app/UsersController.scala
@@ -12,7 +12,7 @@ trait UsersControllerBase extends ControllerBase { self: AccountService with Adm
  case class UserForm(userName: String, password: String, mailAddress: String, isAdmin: Boolean, url: Option[String])
  val newForm = mapping(
-    "userName"    -> trim(label("Username"     , text(required, maxlength(100), username, unique))),
+    "userName"    -> trim(label("Username"     , text(required, maxlength(100), identifier, unique))),
    "password"    -> trim(label("Password"     , text(required, maxlength(100)))),
    "mailAddress" -> trim(label("Mail Address" , text(required, maxlength(100)))),
    "isAdmin"     -> trim(label("User Type"    , boolean())),
@@ -20,7 +20,7 @@ trait UsersControllerBase extends ControllerBase { self: AccountService with Adm
  )(UserForm.apply)
  val editForm = mapping(
-    "userName"    -> trim(label("Username"     , text(required, maxlength(100), username))),
+    "userName"    -> trim(label("Username"     , text(required, maxlength(100), identifier))),
    "password"    -> trim(label("Password"     , text(required, maxlength(100)))),
    "mailAddress" -> trim(label("Mail Address" , text(required, maxlength(100)))),
    "isAdmin"     -> trim(label("User Type"    , boolean())),
@@ -68,17 +68,6 @@ trait UsersControllerBase extends ControllerBase { self: AccountService with Adm
    redirect("/admin/users")
  })
  private def username: Constraint = new Constraint(){
    def validate(name: String, value: String): Option[String] =
      if(!value.matches("^[a-zA-Z0-9\\-_]+$")){
        Some("Username contains invalid character.")
      } else if(value.startsWith("_") || value.startsWith("-")){
        Some("Username starts with invalid character.")
      } else {
        None
      }
  }
  private def unique: Constraint = new Constraint(){
    def validate(name: String, value: String): Option[String] =
      getAccountByUserName(value).map { _ => "User already exists." }
--- a/src/main/scala/app/WikiController.scala
+++ b/src/main/scala/app/WikiController.scala
@@ -14,14 +14,14 @@ trait WikiControllerBase extends ControllerBase {
  case class WikiPageEditForm(pageName: String, content: String, message: Option[String], currentPageName: String)
  val newForm = mapping(
-    "pageName"        -> trim(label("Page name"          , text(required, maxlength(40), pageName, unique))), 
+    "pageName"        -> trim(label("Page name"          , text(required, maxlength(40), identifier, unique))),
    "content"         -> trim(label("Content"            , text(required))),
    "message"         -> trim(label("Message"            , optional(text()))),
    "currentPageName" -> trim(label("Current page name"  , text()))
  )(WikiPageEditForm.apply)
  val editForm = mapping(
-    "pageName"        -> trim(label("Page name"          , text(required, maxlength(40), pageName))), 
+    "pageName"        -> trim(label("Page name"          , text(required, maxlength(40), identifier))),
    "content"         -> trim(label("Content"            , text(required))),
    "message"         -> trim(label("Message"            , optional(text()))),
    "currentPageName" -> trim(label("Current page name"  , text(required)))
@@ -176,22 +176,7 @@ trait WikiControllerBase extends ControllerBase {
    }
  })
-  /**
+  private def isWritable(owner: String, repository: String): Boolean = {
   * Constraint for the wiki page name.
   */
  def pageName: Constraint = new Constraint(){
    def validate(name: String, value: String): Option[String] = {
      if(!value.matches("^[a-zA-Z0-9\\-_]+$")){
        Some("Page name contains invalid character.")
      } else if(value.startsWith("_") || value.startsWith("-")){
        Some("Page name starts with invalid character.")
      } else {
        None
      }
    }
  }
  def isWritable(owner: String, repository: String): Boolean = {
    context.loginAccount match {
      case Some(a) if(a.isAdmin) => true
      case Some(a) if(a.userName == owner) => true
@@ -200,14 +185,9 @@ trait WikiControllerBase extends ControllerBase {
    }
  }
-  def unique: Constraint = new Constraint(){
+  private def unique: Constraint = new Constraint(){
-    def validate(name: String, value: String): Option[String] = {
+    def validate(name: String, value: String): Option[String] =
-      if(getWikiPageList(params("owner"), params("repository")).contains(value)){
+      getWikiPageList(params("owner"), params("repository")).find(_ == value).map(_ => "Page already exists.")
        Some("Page already exists.")
      } else {
        None
      }
    }
  }
 }