FediMovies/fedimovies
1
1
Fork 0
Code Issues 3 Pull requests Packages Projects Releases Activity

Set limit on number of media files that can be attached to post

Browse source
This commit is contained in:
silverpill 2023-01-06 16:52:28 +00:00
parent 3b85214daa
commit fe395480eb
4 changed files with 14 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
CHANGELOG.md
View file

@ -16,6 +16,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
- Updated installation instructions, default mitra config and recommended nginx config. - Updated installation instructions, default mitra config and recommended nginx config.
- Limited the number of requests made during the processing of a thread. - Limited the number of requests made during the processing of a thread.
- Limited the number of media files that can be attached to a post.
### Removed ### Removed

8
src/activitypub/handlers/create.rs
View file

@ -29,7 +29,11 @@ use crate::models::posts::{
mentions::mention_to_address, mentions::mention_to_address,
queries::create_post, queries::create_post,
types::{Post, PostCreateData, Visibility}, types::{Post, PostCreateData, Visibility},
validators::{content_allowed_classes, CONTENT_MAX_SIZE}, validators::{
content_allowed_classes,
ATTACHMENTS_MAX_NUM,
CONTENT_MAX_SIZE,
},
}; };
use crate::models::profiles::queries::get_profile_by_acct; use crate::models::profiles::queries::get_profile_by_acct;
use crate::models::profiles::types::DbActorProfile; use crate::models::profiles::types::DbActorProfile;
@ -48,8 +52,6 @@ fn get_note_author_id(object: &Object) -> Result<String, ValidationError> {
Ok(author_id) Ok(author_id)
} }
const ATTACHMENTS_MAX_NUM: usize = 15;
fn parse_object_url(value: &JsonValue) -> Result<String, ConversionError> { fn parse_object_url(value: &JsonValue) -> Result<String, ConversionError> {
let object_url = match value { let object_url = match value {
JsonValue::String(string) => string.to_owned(), JsonValue::String(string) => string.to_owned(),

9
src/mastodon_api/statuses/views.rs
View file

@ -31,7 +31,7 @@ use crate::models::posts::queries::{
delete_post, delete_post,
}; };
use crate::models::posts::types::{PostCreateData, Visibility}; use crate::models::posts::types::{PostCreateData, Visibility};
use crate::models::posts::validators::clean_content; use crate::models::posts::validators::{clean_content, ATTACHMENTS_MAX_NUM};
use crate::models::reactions::queries::{ use crate::models::reactions::queries::{
create_reaction, create_reaction,
delete_reaction, delete_reaction,
@ -139,6 +139,11 @@ async fn create_status(
} else { } else {
None None
}; };
// Validate attachments
let attachments = status_data.media_ids.unwrap_or(vec![]);
if attachments.len() > ATTACHMENTS_MAX_NUM {
return Err(ValidationError("too many attachments").into());
};
// Create post // Create post
let post_data = PostCreateData { let post_data = PostCreateData {
@ -146,7 +151,7 @@ async fn create_status(
in_reply_to_id: status_data.in_reply_to_id, in_reply_to_id: status_data.in_reply_to_id,
repost_of_id: None, repost_of_id: None,
visibility: visibility, visibility: visibility,
attachments: status_data.media_ids.unwrap_or(vec![]), attachments: attachments,
mentions: mentions, mentions: mentions,
tags: tags, tags: tags,
links: links, links: links,

1
src/models/posts/validators.rs
View file

@ -1,6 +1,7 @@
use crate::errors::ValidationError; use crate::errors::ValidationError;
use crate::utils::html::clean_html_strict; use crate::utils::html::clean_html_strict;
pub const ATTACHMENTS_MAX_NUM: usize = 15;
pub const CONTENT_MAX_SIZE: usize = 100000; pub const CONTENT_MAX_SIZE: usize = 100000;
const CONTENT_ALLOWED_TAGS: [&str; 8] = [ const CONTENT_ALLOWED_TAGS: [&str; 8] = [
"a", "a",