Update user role position range limit (#33349)

pull/2921/head
Matt Jankowski 2024-12-19 03:10:39 -05:00 committed by GitHub
parent aee64a465c
commit 22caddaa24
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 4 additions and 6 deletions

View File

@ -41,7 +41,7 @@ class UserRole < ApplicationRecord
EVERYONE_ROLE_ID = -99 EVERYONE_ROLE_ID = -99
NOBODY_POSITION = -1 NOBODY_POSITION = -1
POSITION_LIMIT = 2**31 POSITION_LIMIT = (2**31) - 1
module Flags module Flags
NONE = 0 NONE = 0
@ -91,7 +91,7 @@ class UserRole < ApplicationRecord
validates :name, presence: true, unless: :everyone? validates :name, presence: true, unless: :everyone?
validates :color, format: { with: /\A#?(?:[A-F0-9]{3}){1,2}\z/i }, unless: -> { color.blank? } validates :color, format: { with: /\A#?(?:[A-F0-9]{3}){1,2}\z/i }, unless: -> { color.blank? }
validates :position, numericality: { greater_than_or_equal_to: -POSITION_LIMIT, less_than_or_equal_to: POSITION_LIMIT } validates :position, numericality: { in: (-POSITION_LIMIT..POSITION_LIMIT) }
validate :validate_permissions_elevation validate :validate_permissions_elevation
validate :validate_position_elevation validate :validate_position_elevation

View File

@ -21,11 +21,9 @@ RSpec.describe UserRole do
describe 'position' do describe 'position' do
subject { Fabricate.build :user_role } subject { Fabricate.build :user_role }
let(:excess) { 2**32 } let(:limit) { described_class::POSITION_LIMIT }
let(:limit) { 2**31 }
it { is_expected.to_not allow_values(-excess, excess).for(:position) } it { is_expected.to validate_numericality_of(:position).is_in(-limit..limit) }
it { is_expected.to allow_values(-limit, limit).for(:position) }
end end
describe 'color' do describe 'color' do