forked from mirrors/pronouns.cc
fix: enforce maximum number of flags on profile
This commit is contained in:
parent
453bc42215
commit
cb305c96c7
2 changed files with 20 additions and 0 deletions
|
@ -155,6 +155,16 @@ func (s *Server) patchMember(w http.ResponseWriter, r *http.Request) error {
|
|||
}
|
||||
}
|
||||
|
||||
// validate flag length
|
||||
if req.Flags != nil {
|
||||
if len(*req.Flags) > db.MaxPrideFlags {
|
||||
return server.APIError{
|
||||
Code: server.ErrBadRequest,
|
||||
Details: fmt.Sprintf("Too many flags (max %d, current %d)", len(*req.Flags), db.MaxPrideFlags),
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if err := validateSlicePtr("name", req.Names, u.CustomPreferences); err != nil {
|
||||
return *err
|
||||
}
|
||||
|
|
|
@ -109,6 +109,16 @@ func (s *Server) patchUser(w http.ResponseWriter, r *http.Request) error {
|
|||
}
|
||||
}
|
||||
|
||||
// validate flag length
|
||||
if req.Flags != nil {
|
||||
if len(*req.Flags) > db.MaxPrideFlags {
|
||||
return server.APIError{
|
||||
Code: server.ErrBadRequest,
|
||||
Details: fmt.Sprintf("Too many flags (max %d, current %d)", len(*req.Flags), db.MaxPrideFlags),
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// validate custom preferences
|
||||
if req.CustomPreferences != nil {
|
||||
if count := len(*req.CustomPreferences); count > db.MaxFields {
|
||||
|
|
Loading…
Reference in a new issue