Fix crash when saving invalid domain name (#11528)

Fix #7629

diff --git a/app/models/account_domain_block.rb b/app/models/account_domain_block.rb
index 7c0d60379eb60b6a1c358daf980da0bee5126f68..3aaffde9a952d3bcd6eb568273b5beb127314477 100644 (file)
--- a/app/models/account_domain_block.rb
+++ b/app/models/account_domain_block.rb
@@ -15,7 +15,7 @@ class AccountDomainBlock < ApplicationRecord
   include DomainNormalizable
 
   belongs_to :account
-  validates :domain, presence: true, uniqueness: { scope: :account_id }
+  validates :domain, presence: true, uniqueness: { scope: :account_id }, domain: true
 
   after_commit :remove_blocking_cache
   after_commit :remove_relationship_cache

diff --git a/app/models/concerns/domain_normalizable.rb b/app/models/concerns/domain_normalizable.rb
index fb84058fc273f71328f53ae6822cda3e866fa1d4..c00b3142fa73f99129562b4c2d262633329160de 100644 (file)
--- a/app/models/concerns/domain_normalizable.rb
+++ b/app/models/concerns/domain_normalizable.rb
@@ -4,7 +4,7 @@ module DomainNormalizable
   extend ActiveSupport::Concern
 
   included do
-    before_validation :normalize_domain
+    before_save :normalize_domain
   end
 
   private

diff --git a/app/models/domain_allow.rb b/app/models/domain_allow.rb
index 85018b636e252ac45bf73182fa8c774075e1de02..5fe0e3a29c340d8a2da1dfdbdea1e32577b0880f 100644 (file)
--- a/app/models/domain_allow.rb
+++ b/app/models/domain_allow.rb
@@ -13,7 +13,7 @@
 class DomainAllow < ApplicationRecord
   include DomainNormalizable
 
-  validates :domain, presence: true, uniqueness: true
+  validates :domain, presence: true, uniqueness: true, domain: true
 
   scope :matches_domain, ->(value) { where(arel_table[:domain].matches("%#{value}%")) }
 

diff --git a/app/models/domain_block.rb b/app/models/domain_block.rb
index 3f5b9f23ea7d82fa1baac65d4523c599621eb9fd..37b8d98c6d5645f4bfaa5a4eb15673fad1e5d6b4 100644 (file)
--- a/app/models/domain_block.rb
+++ b/app/models/domain_block.rb
@@ -19,7 +19,7 @@ class DomainBlock < ApplicationRecord
 
   enum severity: [:silence, :suspend, :noop]
 
-  validates :domain, presence: true, uniqueness: true
+  validates :domain, presence: true, uniqueness: true, domain: true
 
   has_many :accounts, foreign_key: :domain, primary_key: :domain
   delegate :count, to: :accounts, prefix: true

diff --git a/app/models/email_domain_block.rb b/app/models/email_domain_block.rb
index 0fcd36477b927942e5e02dca35db7dcfdafe8999..bc70dea254a5407da4344a6adfc4e022ad3410ad 100644 (file)
--- a/app/models/email_domain_block.rb
+++ b/app/models/email_domain_block.rb
@@ -12,7 +12,7 @@
 class EmailDomainBlock < ApplicationRecord
   include DomainNormalizable
 
-  validates :domain, presence: true, uniqueness: true
+  validates :domain, presence: true, uniqueness: true, domain: true
 
   def self.block?(email)
     _, domain = email.split('@', 2)

diff --git a/app/validators/domain_validator.rb b/app/validators/domain_validator.rb
new file mode 100644 (file)
index 0000000..ae07f17
--- /dev/null
+++ b/app/validators/domain_validator.rb
@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+class DomainValidator < ActiveModel::EachValidator
+  def validate_each(record, attribute, value)
+    return if value.blank?
+
+    record.errors.add(attribute, I18n.t('domain_validator.invalid_domain')) unless compliant?(value)
+  end
+
+  private
+
+  def compliant?(value)
+    Addressable::URI.new.tap { |uri| uri.host = value }
+  rescue Addressable::URI::InvalidURIError
+    false
+  end
+end

diff --git a/config/locales/en.yml b/config/locales/en.yml
index 7fd0536ae471b37e189fcc840186938a1e9ff1df..786906e2df6865404e16f86fc3cec44415e52891 100644 (file)
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -628,6 +628,8 @@ en:
     people:
       one: "%{count} person"
       other: "%{count} people"
+  domain_validator:
+    invalid_domain: is not a valid domain name
   errors:
     '403': You don't have permission to view this page.
     '404': The page you are looking for isn't here.