Set a fairly sensible limit on user name validation

Also updated controller properties with types within modified files.
Related to #3614
This commit is contained in:
Dan Brown 2022-08-09 12:40:59 +01:00
parent 89ec9a5081
commit 4209f27f1a
No known key found for this signature in database
GPG key ID: 46D9F943C24A2EF9
3 changed files with 10 additions and 10 deletions

View file

@ -36,7 +36,7 @@ class UserApiController extends ApiController
{ {
return [ return [
'create' => [ 'create' => [
'name' => ['required', 'min:2'], 'name' => ['required', 'min:2', 'max:100'],
'email' => [ 'email' => [
'required', 'min:2', 'email', new Unique('users', 'email'), 'required', 'min:2', 'email', new Unique('users', 'email'),
], ],
@ -48,7 +48,7 @@ class UserApiController extends ApiController
'send_invite' => ['boolean'], 'send_invite' => ['boolean'],
], ],
'update' => [ 'update' => [
'name' => ['min:2'], 'name' => ['min:2', 'max:100'],
'email' => [ 'email' => [
'min:2', 'min:2',
'email', 'email',

View file

@ -30,9 +30,9 @@ class RegisterController extends Controller
use RegistersUsers; use RegistersUsers;
protected $socialAuthService; protected SocialAuthService $socialAuthService;
protected $registrationService; protected RegistrationService $registrationService;
protected $loginService; protected LoginService $loginService;
/** /**
* Where to redirect users after login / registration. * Where to redirect users after login / registration.
@ -69,7 +69,7 @@ class RegisterController extends Controller
protected function validator(array $data) protected function validator(array $data)
{ {
return Validator::make($data, [ return Validator::make($data, [
'name' => ['required', 'min:2', 'max:255'], 'name' => ['required', 'min:2', 'max:100'],
'email' => ['required', 'email', 'max:255', 'unique:users'], 'email' => ['required', 'email', 'max:255', 'unique:users'],
'password' => ['required', Password::default()], 'password' => ['required', Password::default()],
]); ]);

View file

@ -18,8 +18,8 @@ use Illuminate\Validation\ValidationException;
class UserController extends Controller class UserController extends Controller
{ {
protected $userRepo; protected UserRepo $userRepo;
protected $imageRepo; protected ImageRepo $imageRepo;
/** /**
* UserController constructor. * UserController constructor.
@ -81,7 +81,7 @@ class UserController extends Controller
$passwordRequired = ($authMethod === 'standard' && !$sendInvite); $passwordRequired = ($authMethod === 'standard' && !$sendInvite);
$validationRules = [ $validationRules = [
'name' => ['required'], 'name' => ['required', 'max:100'],
'email' => ['required', 'email', 'unique:users,email'], 'email' => ['required', 'email', 'unique:users,email'],
'language' => ['string', 'max:15', 'alpha_dash'], 'language' => ['string', 'max:15', 'alpha_dash'],
'roles' => ['array'], 'roles' => ['array'],
@ -139,7 +139,7 @@ class UserController extends Controller
$this->checkPermissionOrCurrentUser('users-manage', $id); $this->checkPermissionOrCurrentUser('users-manage', $id);
$validated = $this->validate($request, [ $validated = $this->validate($request, [
'name' => ['min:2'], 'name' => ['min:2', 'max:100'],
'email' => ['min:2', 'email', 'unique:users,email,' . $id], 'email' => ['min:2', 'email', 'unique:users,email,' . $id],
'password' => ['required_with:password_confirm', Password::default()], 'password' => ['required_with:password_confirm', Password::default()],
'password-confirm' => ['same:password', 'required_with:password'], 'password-confirm' => ['same:password', 'required_with:password'],