Merge master

lib/validators/allow_user_locale_enabled_validator.rb

@@ -1,6 +1,6 @@
 class AllowUserLocaleEnabledValidator
 
-  def initialize(opts={})
+  def initialize(opts = {})
     @opts = opts
   end
 
@@ -15,4 +15,4 @@ class AllowUserLocaleEnabledValidator
     I18n.t("site_settings.errors.user_locale_not_enabled");
   end
 
-end
+end

lib/validators/alternative_reply_by_email_addresses_validator.rb

@@ -1,5 +1,7 @@
+require 'validators/reply_by_email_address_validator'
+
 class AlternativeReplyByEmailAddressesValidator
-  def initialize(opts={})
+  def initialize(opts = {})
     @opts = opts
   end
 

lib/validators/censored_words_validator.rb

@@ -1,6 +1,6 @@
 class CensoredWordsValidator < ActiveModel::EachValidator
   def validate_each(record, attribute, value)
-    if SiteSetting.censored_words.present? && (censored_words = censor_words(value, censored_words_regexp)).present?
+    if WordWatcher.words_for_action(:censor).present? && (censored_words = censor_words(value, censored_words_regexp)).present?
       record.errors.add(
         attribute, :contains_censored_words,
         censored_words: join_censored_words(censored_words)
@@ -32,9 +32,6 @@ class CensoredWordsValidator < ActiveModel::EachValidator
     end
 
     def censored_words_regexp
-      Regexp.new(
-        SiteSetting.censored_words.split('|'.freeze).map! { |w| Regexp.escape(w) }.join('|'.freeze),
-        true
-      )
+      WordWatcher.word_matcher_regexp :censor
     end
 end

lib/validators/email_setting_validator.rb

@@ -1,5 +1,5 @@
 class EmailSettingValidator
-  def initialize(opts={})
+  def initialize(opts = {})
     @opts = opts
   end
 

lib/validators/email_validator.rb

@@ -1,27 +1,32 @@
 class EmailValidator < ActiveModel::EachValidator
 
   def validate_each(record, attribute, value)
-    if (setting = SiteSetting.email_domains_whitelist).present?
-      unless email_in_restriction_setting?(setting, value) || is_developer?(value)
-        record.errors.add(attribute, I18n.t(:'user.email.not_allowed'))
-      end
-    elsif (setting = SiteSetting.email_domains_blacklist).present?
-      if email_in_restriction_setting?(setting, value) && !is_developer?(value)
-        record.errors.add(attribute, I18n.t(:'user.email.not_allowed'))
-      end
+    unless EmailValidator.allowed?(value)
+      record.errors.add(attribute, I18n.t(:'user.email.not_allowed'))
     end
+
     if record.errors[attribute].blank? && value && ScreenedEmail.should_block?(value)
       record.errors.add(attribute, I18n.t(:'user.email.blocked'))
     end
   end
 
-  def email_in_restriction_setting?(setting, value)
+  def self.allowed?(email)
+    if (setting = SiteSetting.email_domains_whitelist).present?
+      return email_in_restriction_setting?(setting, email) || is_developer?(email)
+    elsif (setting = SiteSetting.email_domains_blacklist).present?
+      return !(email_in_restriction_setting?(setting, email) && !is_developer?(email))
+    end
+
+    true
+  end
+
+  def self.email_in_restriction_setting?(setting, value)
     domains = setting.gsub('.', '\.')
     regexp = Regexp.new("@(.+\\.)?(#{domains})", true)
     value =~ regexp
   end
 
-  def is_developer?(value)
+  def self.is_developer?(value)
     Rails.configuration.respond_to?(:developer_emails) && Rails.configuration.developer_emails.include?(value)
   end
 

lib/validators/enable_private_email_messages_validator.rb

@@ -0,0 +1,20 @@
+class EnablePrivateEmailMessagesValidator
+
+  def initialize(opts = {})
+    @opts = opts
+  end
+
+  def valid_value?(val)
+    return true if val == "f"
+    SiteSetting.enable_staged_users &&
+    SiteSetting.reply_by_email_enabled
+  end
+
+  def error_message
+    if !SiteSetting.enable_staged_users
+      I18n.t("site_settings.errors.staged_users_disabled")
+    elsif !SiteSetting.reply_by_email_enabled
+      I18n.t("site_settings.errors.reply_by_email_disabled")
+    end
+  end
+end

lib/validators/enable_sso_validator.rb

@@ -0,0 +1,14 @@
+class EnableSsoValidator
+  def initialize(opts = {})
+    @opts = opts
+  end
+
+  def valid_value?(val)
+    return true if val == 'f'
+    SiteSetting.sso_url.present?
+  end
+
+  def error_message
+    I18n.t('site_settings.errors.sso_url_is_empty')
+  end
+end

lib/validators/integer_setting_validator.rb

@@ -1,24 +1,25 @@
 class IntegerSettingValidator
-  def initialize(opts={})
+  def initialize(opts = {})
     @opts = opts
     @opts[:min] = 0 unless @opts[:min].present? || @opts[:hidden]
-    @opts[:max] = 20000 unless @opts[:max].present? || @opts[:hidden]
+    # set max closer to a long int
+    @opts[:max] = 2_000_000_000 unless @opts[:max].present? || @opts[:hidden]
   end
 
   def valid_value?(val)
     return false if val.to_i.to_s != val.to_s
-    return false if @opts[:min] and @opts[:min].to_i > val.to_i
-    return false if @opts[:max] and @opts[:max].to_i < val.to_i
+    return false if @opts[:min] && @opts[:min].to_i > (val.to_i)
+    return false if @opts[:max] && @opts[:max].to_i < (val.to_i)
     true
   end
 
   def error_message
     if @opts[:min] && @opts[:max]
-      I18n.t('site_settings.errors.invalid_integer_min_max', {min: @opts[:min], max: @opts[:max]})
+      I18n.t('site_settings.errors.invalid_integer_min_max', min: @opts[:min], max: @opts[:max])
     elsif @opts[:min]
-      I18n.t('site_settings.errors.invalid_integer_min', {min: @opts[:min]})
+      I18n.t('site_settings.errors.invalid_integer_min', min: @opts[:min])
     elsif @opts[:max]
-      I18n.t('site_settings.errors.invalid_integer_max', {max: @opts[:max]})
+      I18n.t('site_settings.errors.invalid_integer_max', max: @opts[:max])
     else
       I18n.t('site_settings.errors.invalid_integer')
     end

lib/validators/password_validator.rb

@@ -3,7 +3,8 @@ require_dependency "common_passwords/common_passwords"
 class PasswordValidator < ActiveModel::EachValidator
 
   def validate_each(record, attribute, value)
-    return unless record.password_required?
+    return unless record.password_validation_required?
+
     if value.nil?
       record.errors.add(attribute, :blank)
     elsif value.length < SiteSetting.min_admin_password_length && (record.admin? || is_developer?(record.email))

lib/validators/pop3_polling_enabled_setting_validator.rb

@@ -2,7 +2,7 @@ require "net/pop"
 
 class POP3PollingEnabledSettingValidator
 
-  def initialize(opts={})
+  def initialize(opts = {})
     @opts = opts
   end
 

lib/validators/post_validator.rb

@@ -24,7 +24,7 @@ class Validators::PostValidator < ActiveModel::Validator
       post.errors.add(:topic_id, :blank, options) if post.topic_id.blank?
     end
 
-    if post.new_record? and post.user_id.nil?
+    if post.new_record? && post.user_id.nil?
       post.errors.add(:user_id, :blank, options)
     end
   end
@@ -33,6 +33,7 @@ class Validators::PostValidator < ActiveModel::Validator
     return if options[:skip_post_body] || post.topic&.pm_with_non_human_user?
     stripped_length(post)
     raw_quality(post)
+    watched_words(post)
   end
 
   def stripped_length(post)
@@ -55,6 +56,12 @@ class Validators::PostValidator < ActiveModel::Validator
     post.errors.add(:raw, I18n.t(:is_invalid)) unless sentinel.valid?
   end
 
+  def watched_words(post)
+    if !post.acting_user&.staff? && !post.acting_user&.staged && WordWatcher.new(post.raw).should_block?
+      post.errors[:base] << I18n.t('contains_blocked_words')
+    end
+  end
+
   # Ensure maximum amount of mentions in a post
   def max_mention_validator(post)
     return if post.acting_user.try(:staff?)

lib/validators/regex_setting_validation.rb

@@ -0,0 +1,17 @@
+module RegexSettingValidation
+
+  def initialize_regex_opts(opts = {})
+    @regex = Regexp.new(opts[:regex]) if opts[:regex]
+    @regex_error = opts[:regex_error] || 'site_settings.errors.regex_mismatch'
+  end
+
+  def regex_match?(val)
+    if @regex && !(val =~ @regex)
+      @regex_fail = true
+      return false
+    end
+
+    true
+  end
+
+end

lib/validators/regex_setting_validator.rb

@@ -2,7 +2,7 @@ class RegexSettingValidator
 
   LOREM = 'Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nullam eget sem non elit tincidunt rhoncus.'.freeze
 
-  def initialize(opts={})
+  def initialize(opts = {})
     @opts = opts
   end
 

lib/validators/reply_by_email_address_validator.rb

@@ -1,5 +1,5 @@
 class ReplyByEmailAddressValidator
-  def initialize(opts={})
+  def initialize(opts = {})
     @opts = opts
   end
 

lib/validators/reply_by_email_enabled_validator.rb

@@ -1,6 +1,6 @@
 class ReplyByEmailEnabledValidator
 
-  def initialize(opts={})
+  def initialize(opts = {})
     @opts = opts
   end
 

lib/validators/sso_overrides_email_validator.rb

@@ -0,0 +1,20 @@
+class SsoOverridesEmailValidator
+  def initialize(opts = {})
+    @opts = opts
+  end
+
+  def valid_value?(val)
+    return true if val == 'f'
+    return false if !SiteSetting.enable_sso?
+    return false if SiteSetting.email_editable?
+    true
+  end
+
+  def error_message
+    if !SiteSetting.enable_sso?
+      I18n.t('site_settings.errors.enable_sso_disabled')
+    elsif SiteSetting.email_editable?
+      I18n.t('site_settings.errors.email_editable_enabled')
+    end
+  end
+end

lib/validators/string_setting_validator.rb

@@ -1,24 +1,21 @@
 class StringSettingValidator
-  def initialize(opts={})
+
+  include RegexSettingValidation
+
+  def initialize(opts = {})
     @opts = opts
-    @regex = Regexp.new(opts[:regex]) if opts[:regex]
-    @regex_error = opts[:regex_error] || 'site_settings.errors.regex_mismatch'
+    initialize_regex_opts(opts)
   end
 
   def valid_value?(val)
     return true if !val.present?
 
-    if (@opts[:min] and @opts[:min].to_i > val.length) || (@opts[:max] and @opts[:max].to_i < val.length)
+    if (@opts[:min] && @opts[:min].to_i > (val.length)) || (@opts[:max] && @opts[:max].to_i < (val.length))
       @length_fail = true
       return false
     end
 
-    if @regex and !(val =~ @regex)
-      @regex_fail = true
-      return false
-    end
-
-    true
+    regex_match?(val)
   end
 
   def error_message
@@ -26,11 +23,11 @@ class StringSettingValidator
       I18n.t(@regex_error)
     elsif @length_fail
       if @opts[:min] && @opts[:max]
-        I18n.t('site_settings.errors.invalid_string_min_max', {min: @opts[:min], max: @opts[:max]})
+        I18n.t('site_settings.errors.invalid_string_min_max', min: @opts[:min], max: @opts[:max])
       elsif @opts[:min]
-        I18n.t('site_settings.errors.invalid_string_min', {min: @opts[:min]})
+        I18n.t('site_settings.errors.invalid_string_min', min: @opts[:min])
       else
-        I18n.t('site_settings.errors.invalid_string_max', {max: @opts[:max]})
+        I18n.t('site_settings.errors.invalid_string_max', max: @opts[:max])
       end
     else
       I18n.t('site_settings.errors.invalid_string')

lib/validators/topic_title_length_validator.rb

@@ -7,15 +7,16 @@ class TopicTitleLengthValidator < ActiveModel::EachValidator
   private
 
     def title_validator(record)
-      length_range = if record.user.try(:admin?)
-                       1..SiteSetting.max_topic_title_length
-                     elsif record.private_message?
-                       SiteSetting.private_message_title_length
-                     else
-                       SiteSetting.topic_title_length
-                     end
+      length_range =
+        if record.user.try(:admin?)
+          1..SiteSetting.max_topic_title_length
+        elsif record.private_message?
+          SiteSetting.private_message_title_length
+        else
+          SiteSetting.topic_title_length
+        end
 
-      ActiveModel::Validations::LengthValidator.new({attributes: :title, in: length_range, allow_blank: true})
+      ActiveModel::Validations::LengthValidator.new(attributes: :title, in: length_range, allow_blank: true)
     end
 
 end

lib/validators/upload_validator.rb

@@ -5,8 +5,13 @@ module Validators; end
 class Validators::UploadValidator < ActiveModel::Validator
 
   def validate(upload)
+    # staff can upload any file in PM
+    if upload.for_private_message && SiteSetting.allow_staff_to_upload_any_file_in_pm
+      return true if upload.user&.staff?
+    end
+
     # check the attachment blacklist
-    if upload.is_attachment_for_group_message && SiteSetting.allow_all_attachments_for_group_messages
+    if upload.for_group_message && SiteSetting.allow_all_attachments_for_group_messages
       return upload.original_filename =~ SiteSetting.attachment_filename_blacklist_regex
     end
 

lib/validators/url_validator.rb

@@ -1,9 +1,20 @@
 class UrlValidator < ActiveModel::EachValidator
   def validate_each(record, attribute, value)
     if value.present?
-      uri = URI.parse(value) rescue nil
+      valid =
+        begin
+          uri = URI.parse(value)
+          uri.is_a?(URI::HTTP) && !uri.host.nil? && uri.host.include?(".")
+        rescue URI::InvalidURIError => e
+          if (e.message =~ /URI must be ascii only/)
+            value = URI.encode(value)
+            retry
+          end
 
-      unless uri
+          nil
+        end
+
+      unless valid
         record.errors[attribute] << (options[:message] || I18n.t('errors.messages.invalid'))
       end
     end

lib/validators/username_setting_validator.rb

@@ -1,13 +1,21 @@
 class UsernameSettingValidator
-  def initialize(opts={})
+
+  include RegexSettingValidation
+
+  def initialize(opts = {})
     @opts = opts
+    initialize_regex_opts(opts)
   end
 
   def valid_value?(val)
-    !val.present? || User.where(username: val).exists?
+    !val.present? || (User.where(username: val).exists? && regex_match?(val))
   end
 
   def error_message
-    I18n.t('site_settings.errors.invalid_username')
+    if @regex_fail
+      I18n.t(@regex_error)
+    else
+      I18n.t('site_settings.errors.invalid_username')
+    end
   end
 end