0002-validators-work-around-lack-of-NULL-char-check-in-fo.patch
| src/authentic2/__init__.py | ||
|---|---|---|
| 14 | 14 |
# You should have received a copy of the GNU Affero General Public License |
| 15 | 15 |
# along with this program. If not, see <http://www.gnu.org/licenses/>. |
| 16 | 16 | |
| 17 |
import django |
|
| 18 | ||
| 17 | 19 |
default_app_config = 'authentic2.app.Authentic2Config' |
| 20 | ||
| 21 |
if django.VERSION < (2,): |
|
| 22 |
from . import validators |
|
| 23 |
from django.forms import fields |
|
| 24 |
import rest_framework.fields |
|
| 25 | ||
| 26 |
# query-string and form parameters used to query database charfield must be checked for NULL characters |
|
| 27 |
# https://code.djangoproject.com/ticket/30064 |
|
| 28 |
if not getattr(fields.CharField, 'a2_workaround', False): |
|
| 29 |
CharField_old__init__ = fields.CharField.__init__ |
|
| 30 | ||
| 31 |
def CharField_new_init__(self, *args, **kwargs): |
|
| 32 |
CharField_old__init__(self, *args, **kwargs) |
|
| 33 |
self.validators.append(validators.ProhibitNullCharactersValidator()) |
|
| 34 | ||
| 35 |
fields.CharField.__init__ = CharField_new_init__ |
|
| 36 |
fields.CharField.a2_workaround = True |
|
| 37 |
rest_framework.fields.ProhibitNullCharactersValidator = validators.ProhibitNullCharactersValidator |
|
| src/authentic2/validators.py | ||
|---|---|---|
| 18 | 18 | |
| 19 | 19 |
import smtplib |
| 20 | 20 | |
| 21 |
import django |
|
| 22 |
from django.utils.deconstruct import deconstructible |
|
| 21 | 23 |
from django.utils.translation import ugettext_lazy as _ |
| 22 | 24 |
from django.core.exceptions import ValidationError |
| 23 | 25 |
from django.core.validators import RegexValidator, EmailValidator as DjangoEmailValidator |
| ... | ... | |
| 97 | 99 |
def __init__(self, *args, **kwargs): |
| 98 | 100 |
self.regex = app_settings.A2_REGISTRATION_FORM_USERNAME_REGEX |
| 99 | 101 |
super(UsernameValidator, self).__init__(*args, **kwargs) |
| 102 | ||
| 103 | ||
| 104 |
@deconstructible |
|
| 105 |
class ProhibitNullCharactersValidator: |
|
| 106 |
"""Validate that the string doesn't contain the null character.""" |
|
| 107 |
message = _('Null characters are not allowed.')
|
|
| 108 |
code = 'null_characters_not_allowed' |
|
| 109 | ||
| 110 |
def __init__(self, message=None, code=None): |
|
| 111 |
if message is not None: |
|
| 112 |
self.message = message |
|
| 113 |
if code is not None: |
|
| 114 |
self.code = code |
|
| 115 | ||
| 116 |
def __call__(self, value): |
|
| 117 |
if '\x00' in str(value): |
|
| 118 |
raise ValidationError(self.message, code=self.code) |
|
| 119 | ||
| 120 |
def __eq__(self, other): |
|
| 121 |
return ( |
|
| 122 |
isinstance(other, self.__class__) |
|
| 123 |
and self.message == other.message |
|
| 124 |
and self.code == other.code |
|
| 125 |
) |
|
| 100 |
- |
|