Quellcode durchsuchen

Validate tag names as being alphanumeric

Getty Ritter vor 4 Jahren
Ursprung
Commit
2a42bdbce2
2 geänderte Dateien mit 19 neuen und 1 gelöschten Zeilen
  1. 11 0
      lc/error.py
  2. 8 1
      lc/model.py

+ 11 - 0
lc/error.py

@@ -127,3 +127,14 @@ class MismatchedPassword(LCException):
 
     def http_code(self) -> int:
         return 400
+
+
+@dataclass
+class BadTagName(LCException):
+    tag_name: str
+
+    def __str__(self):
+        return f"'{self.tag_name}' is not a valid tag name, for Reasons."
+
+    def http_code(self) -> int:
+        return 400

+ 8 - 1
lc/model.py

@@ -223,10 +223,17 @@ class Tag(Model):
         return links, pagination
 
     @staticmethod
-    def get_or_create_tag(user: User, tag_name: str):
+    def is_valid_tag_name(tag_name: str) -> bool:
+        return all((c.isalnum() for c in tag_name))
+
+    @staticmethod
+    def get_or_create_tag(user: User, tag_name: str) -> 'Tag':
         if (t := Tag.get_or_none(name=tag_name, user=user)) :
             return t
 
+        if not Tag.is_valid_tag_name(tag_name):
+            raise e.BadTagName(tag_name)
+
         parent = None
         if "/" in tag_name:
             parent_name = tag_name[: tag_name.rindex("/")]