fix: enforce maximum number of flags on profile

This commit is contained in:
Sam 2023-05-29 02:59:15 +02:00
parent 8f1d1fc87c
commit c28df5fc7f
Signed by: sam
GPG key ID: B4EF20DDE721CAA1
2 changed files with 20 additions and 0 deletions

View file

@ -155,6 +155,16 @@ func (s *Server) patchMember(w http.ResponseWriter, r *http.Request) error {
}
}
// validate flag length
if req.Flags != nil {
if len(*req.Flags) > db.MaxPrideFlags {
return server.APIError{
Code: server.ErrBadRequest,
Details: fmt.Sprintf("Too many flags (max %d, current %d)", len(*req.Flags), db.MaxPrideFlags),
}
}
}
if err := validateSlicePtr("name", req.Names, u.CustomPreferences); err != nil {
return *err
}

View file

@ -109,6 +109,16 @@ func (s *Server) patchUser(w http.ResponseWriter, r *http.Request) error {
}
}
// validate flag length
if req.Flags != nil {
if len(*req.Flags) > db.MaxPrideFlags {
return server.APIError{
Code: server.ErrBadRequest,
Details: fmt.Sprintf("Too many flags (max %d, current %d)", len(*req.Flags), db.MaxPrideFlags),
}
}
}
// validate custom preferences
if req.CustomPreferences != nil {
if count := len(*req.CustomPreferences); count > db.MaxFields {