Fix error when invalid domain name is submitted (#19474)

Fix #19175
main
Eugen Rochko 2022-11-14 08:07:14 +01:00 committed by GitHub
parent 523e106cbf
commit 552d69ad96
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 30 additions and 16 deletions

View File

@ -11,5 +11,7 @@ module DomainNormalizable
def normalize_domain def normalize_domain
self.domain = TagManager.instance.normalize_domain(domain&.strip) self.domain = TagManager.instance.normalize_domain(domain&.strip)
rescue Addressable::URI::InvalidURIError
errors.add(:domain, :invalid)
end end
end end

View File

@ -94,25 +94,37 @@ RSpec.describe Api::V1::Admin::DomainAllowsController, type: :controller do
describe 'POST #create' do describe 'POST #create' do
let!(:domain_allow) { Fabricate(:domain_allow, domain: 'example.com') } let!(:domain_allow) { Fabricate(:domain_allow, domain: 'example.com') }
before do context do
post :create, params: { domain: 'foo.bar.com' } before do
post :create, params: { domain: 'foo.bar.com' }
end
it_behaves_like 'forbidden for wrong scope', 'write:statuses'
it_behaves_like 'forbidden for wrong role', ''
it_behaves_like 'forbidden for wrong role', 'Moderator'
it 'returns http success' do
expect(response).to have_http_status(200)
end
it 'returns expected domain name' do
json = body_as_json
expect(json[:domain]).to eq 'foo.bar.com'
end
it 'creates a domain block' do
expect(DomainAllow.find_by(domain: 'foo.bar.com')).to_not be_nil
end
end end
it_behaves_like 'forbidden for wrong scope', 'write:statuses' context 'with invalid domain name' do
it_behaves_like 'forbidden for wrong role', '' before do
it_behaves_like 'forbidden for wrong role', 'Moderator' post :create, params: { domain: 'foo bar' }
end
it 'returns http success' do it 'returns http unprocessable entity' do
expect(response).to have_http_status(200) expect(response).to have_http_status(422)
end end
it 'returns expected domain name' do
json = body_as_json
expect(json[:domain]).to eq 'foo.bar.com'
end
it 'creates a domain block' do
expect(DomainAllow.find_by(domain: 'foo.bar.com')).to_not be_nil
end end
end end
end end