mirror of
https://github.com/penpot/penpot.git
synced 2025-03-18 10:41:29 -05:00
Merge remote-tracking branch 'origin/staging' into develop
This commit is contained in:
commit
febaec1b1e
5 changed files with 43 additions and 41 deletions
|
@ -84,7 +84,6 @@
|
|||
|
||||
:allow-demo-users true
|
||||
:registration-enabled true
|
||||
:registration-domain-whitelist ""
|
||||
|
||||
:telemetry-enabled false
|
||||
:telemetry-uri "https://telemetry.penpot.app/"
|
||||
|
@ -161,7 +160,7 @@
|
|||
(s/def ::profile-complaint-threshold ::us/integer)
|
||||
(s/def ::public-uri ::us/string)
|
||||
(s/def ::redis-uri ::us/string)
|
||||
(s/def ::registration-domain-whitelist ::us/string)
|
||||
(s/def ::registration-domain-whitelist ::us/set-of-str)
|
||||
(s/def ::registration-enabled ::us/boolean)
|
||||
(s/def ::rlimits-image ::us/integer)
|
||||
(s/def ::rlimits-password ::us/integer)
|
||||
|
|
|
@ -60,9 +60,10 @@
|
|||
(ex/raise :type :restriction
|
||||
:code :registration-disabled))
|
||||
|
||||
(when-not (email-domain-in-whitelist? (cfg/get :registration-domain-whitelist) (:email params))
|
||||
(ex/raise :type :validation
|
||||
:code :email-domain-is-not-allowed))
|
||||
(when-let [domains (cfg/get :registration-domain-whitelist)]
|
||||
(when-not (email-domain-in-whitelist? domains (:email params))
|
||||
(ex/raise :type :validation
|
||||
:code :email-domain-is-not-allowed)))
|
||||
|
||||
(when-not (:terms-privacy params)
|
||||
(ex/raise :type :validation
|
||||
|
@ -137,14 +138,15 @@
|
|||
::audit/profile-id (:id profile)})))))
|
||||
|
||||
(defn email-domain-in-whitelist?
|
||||
"Returns true if email's domain is in the given whitelist or if given
|
||||
whitelist is an empty string."
|
||||
[whitelist email]
|
||||
(if (str/empty-or-nil? whitelist)
|
||||
"Returns true if email's domain is in the given whitelist or if
|
||||
given whitelist is an empty string."
|
||||
[domains email]
|
||||
(if (or (empty? domains)
|
||||
(nil? domains))
|
||||
true
|
||||
(let [domains (str/split whitelist #",\s*")
|
||||
domain (second (str/split email #"@" 2))]
|
||||
(contains? (set domains) domain))))
|
||||
(let [[_ candidate] (-> (str/lower email)
|
||||
(str/split #"@" 2))]
|
||||
(contains? domains candidate))))
|
||||
|
||||
(def ^:private sql:profile-existence
|
||||
"select exists (select * from profile
|
||||
|
|
|
@ -179,10 +179,10 @@
|
|||
))
|
||||
|
||||
(t/deftest registration-domain-whitelist
|
||||
(let [whitelist "gmail.com, hey.com, ya.ru"]
|
||||
(let [whitelist #{"gmail.com" "hey.com" "ya.ru"}]
|
||||
(t/testing "allowed email domain"
|
||||
(t/is (true? (profile/email-domain-in-whitelist? whitelist "username@ya.ru")))
|
||||
(t/is (true? (profile/email-domain-in-whitelist? "" "username@somedomain.com"))))
|
||||
(t/is (true? (profile/email-domain-in-whitelist? #{} "username@somedomain.com"))))
|
||||
|
||||
(t/testing "not allowed email domain"
|
||||
(t/is (false? (profile/email-domain-in-whitelist? whitelist "username@somedomain.com"))))))
|
||||
|
|
|
@ -137,29 +137,34 @@
|
|||
|
||||
|
||||
;; --- SPEC: email
|
||||
(def email-re #"[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+")
|
||||
|
||||
(let [re #"[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+"
|
||||
cfn (fn [v]
|
||||
(if (string? v)
|
||||
(if-let [matches (re-seq re v)]
|
||||
(first matches)
|
||||
(do ::s/invalid))
|
||||
::s/invalid))]
|
||||
(s/def ::email (s/conformer cfn str)))
|
||||
|
||||
(s/def ::email
|
||||
(s/conformer
|
||||
(fn [v]
|
||||
(if (string? v)
|
||||
(if-let [matches (re-seq email-re v)]
|
||||
(first matches)
|
||||
(do ::s/invalid))
|
||||
::s/invalid))
|
||||
str))
|
||||
|
||||
;; --- SPEC: set-of-str
|
||||
(letfn [(conformer [s]
|
||||
(cond
|
||||
(string? s) (into #{} (str/split s #"\s*,\s*"))
|
||||
(set? s) (if (every? string? s)
|
||||
s
|
||||
::s/invalid)
|
||||
:else ::s/invalid))
|
||||
|
||||
(unformer [s]
|
||||
(str/join "," s))]
|
||||
(s/def ::set-of-str (s/conformer conformer unformer)))
|
||||
(s/def ::set-of-str
|
||||
(s/conformer
|
||||
(fn [s]
|
||||
(let [xform (comp
|
||||
(filter string?)
|
||||
(remove str/empty?)
|
||||
(remove str/blank?))]
|
||||
(cond
|
||||
(string? s) (->> (str/split s #"\s*,\s*")
|
||||
(into #{} xform))
|
||||
(set? s) (into #{} xform s)
|
||||
:else ::s/invalid)))
|
||||
(fn [s]
|
||||
(str/join "," s))))
|
||||
|
||||
;; --- Macros
|
||||
|
||||
|
|
|
@ -12,17 +12,13 @@ goog.provide("app.common.uuid_impl");
|
|||
|
||||
goog.scope(function() {
|
||||
const core = cljs.core;
|
||||
const global = goog.global;
|
||||
const self = app.common.uuid_impl;
|
||||
|
||||
const fill = (() => {
|
||||
if (typeof window === "object" && typeof window.crypto !== "undefined") {
|
||||
if (typeof global.crypto !== "undefined") {
|
||||
return (buf) => {
|
||||
window.crypto.getRandomValues(buf);
|
||||
return buf;
|
||||
};
|
||||
} else if (typeof self === "object" && typeof self.crypto !== "undefined") {
|
||||
return (buf) => {
|
||||
self.crypto.getRandomValues(buf);
|
||||
global.crypto.getRandomValues(buf);
|
||||
return buf;
|
||||
};
|
||||
} else if (typeof require === "function") {
|
||||
|
@ -34,7 +30,7 @@ goog.scope(function() {
|
|||
};
|
||||
} else {
|
||||
// FALLBACK
|
||||
console.warn("No high quality RNG available, switching back to Math.random.");
|
||||
console.warn("No SRNG available, switching back to Math.random.");
|
||||
|
||||
return (buf) => {
|
||||
for (let i = 0, r; i < buf.length; i++) {
|
||||
|
|
Loading…
Add table
Reference in a new issue