From 785e4fae979b5462f73e7abe23644cf5103639e0 Mon Sep 17 00:00:00 2001 From: Tom Hacohen Date: Fri, 26 Jun 2020 12:13:50 +0300 Subject: [PATCH] Merge the uidvalidator with the base64url validator and set a min length. --- .../migrations/0021_auto_20200626_0913.py | 40 +++++++++++++++++++ django_etebase/models.py | 9 ++--- 2 files changed, 44 insertions(+), 5 deletions(-) create mode 100644 django_etebase/migrations/0021_auto_20200626_0913.py diff --git a/django_etebase/migrations/0021_auto_20200626_0913.py b/django_etebase/migrations/0021_auto_20200626_0913.py new file mode 100644 index 0000000..b890384 --- /dev/null +++ b/django_etebase/migrations/0021_auto_20200626_0913.py @@ -0,0 +1,40 @@ +# Generated by Django 3.0.3 on 2020-06-26 09:13 + +import django.core.validators +from django.db import migrations, models +import django_etebase.models + + +class Migration(migrations.Migration): + + dependencies = [ + ('django_etebase', '0020_remove_collectionitemrevision_salt'), + ] + + operations = [ + migrations.AlterField( + model_name='collectioninvitation', + name='uid', + field=models.CharField(db_index=True, max_length=43, validators=[django.core.validators.RegexValidator(message='Not a valid UID', regex='^[a-zA-Z0-9\\-_]{20,}$')]), + ), + migrations.AlterField( + model_name='collectionitem', + name='uid', + field=models.CharField(db_index=True, max_length=43, validators=[django.core.validators.RegexValidator(message='Not a valid UID', regex='^[a-zA-Z0-9\\-_]{20,}$')]), + ), + migrations.AlterField( + model_name='collectionitemchunk', + name='uid', + field=models.CharField(db_index=True, max_length=60, validators=[django.core.validators.RegexValidator(message='Not a valid UID', regex='^[a-zA-Z0-9\\-_]{20,}$')]), + ), + migrations.AlterField( + model_name='collectionitemrevision', + name='uid', + field=models.CharField(db_index=True, max_length=43, unique=True, validators=[django.core.validators.RegexValidator(message='Not a valid UID', regex='^[a-zA-Z0-9\\-_]{20,}$')]), + ), + migrations.AlterField( + model_name='stoken', + name='uid', + field=models.CharField(db_index=True, default=django_etebase.models.generate_stoken_uid, max_length=43, unique=True, validators=[django.core.validators.RegexValidator(message='Not a valid UID', regex='^[a-zA-Z0-9\\-_]{20,}$')]), + ), + ] diff --git a/django_etebase/models.py b/django_etebase/models.py index c8ceaba..b4b04fc 100644 --- a/django_etebase/models.py +++ b/django_etebase/models.py @@ -22,8 +22,7 @@ from django.utils.functional import cached_property from django.utils.crypto import get_random_string -Base64Url256BitlValidator = RegexValidator(regex=r'^[a-zA-Z0-9\-_]{42,43}$', message='Expected a base64url.') -UidValidator = RegexValidator(regex=r'^[a-zA-Z0-9\-_]*$', message='Not a valid UID') +UidValidator = RegexValidator(regex=r'^[a-zA-Z0-9\-_]{20,}$', message='Not a valid UID') class Collection(models.Model): @@ -103,13 +102,13 @@ def generate_stoken_uid(): class Stoken(models.Model): uid = models.CharField(db_index=True, unique=True, blank=False, null=False, default=generate_stoken_uid, - max_length=43, validators=[Base64Url256BitlValidator]) + max_length=43, validators=[UidValidator]) class CollectionItemRevision(models.Model): stoken = models.OneToOneField(Stoken, on_delete=models.PROTECT) uid = models.CharField(db_index=True, unique=True, blank=False, null=False, - max_length=43, validators=[Base64Url256BitlValidator]) + max_length=43, validators=[UidValidator]) item = models.ForeignKey(CollectionItem, related_name='revisions', on_delete=models.CASCADE) meta = models.BinaryField(editable=True, blank=False, null=False) current = models.BooleanField(db_index=True, default=True, null=True) @@ -179,7 +178,7 @@ class CollectionMemberRemoved(models.Model): class CollectionInvitation(models.Model): uid = models.CharField(db_index=True, blank=False, null=False, - max_length=43, validators=[Base64Url256BitlValidator]) + max_length=43, validators=[UidValidator]) version = models.PositiveSmallIntegerField(default=1) fromMember = models.ForeignKey(CollectionMember, on_delete=models.CASCADE) # FIXME: make sure to delete all invitations for the same collection once one is accepted