From abd2f5654a5d1b2baa4a210c8175d6ed5e6ff5c5 Mon Sep 17 00:00:00 2001
From: Matt Jankowski <matt@jankowski.online>
Date: Mon, 16 Sep 2024 03:53:03 -0400
Subject: [PATCH] Add validation coverage for `CustomEmoji` shortcode value
(#31906)
---
app/models/custom_emoji.rb | 3 ++-
spec/models/custom_emoji_spec.rb | 9 +++++++++
2 files changed, 11 insertions(+), 1 deletion(-)
diff --git a/app/models/custom_emoji.rb b/app/models/custom_emoji.rb
index 6e788c0c1..f1423bc2f 100644
--- a/app/models/custom_emoji.rb
+++ b/app/models/custom_emoji.rb
@@ -25,6 +25,7 @@ class CustomEmoji < ApplicationRecord
include Attachmentable
LIMIT = 256.kilobytes
+ MINIMUM_SHORTCODE_SIZE = 2
SHORTCODE_RE_FRAGMENT = '[a-zA-Z0-9_]{2,}'
@@ -44,7 +45,7 @@ class CustomEmoji < ApplicationRecord
normalizes :domain, with: ->(domain) { domain.downcase }
validates_attachment :image, content_type: { content_type: IMAGE_MIME_TYPES }, presence: true, size: { less_than: LIMIT }
- validates :shortcode, uniqueness: { scope: :domain }, format: { with: SHORTCODE_ONLY_RE }, length: { minimum: 2 }
+ validates :shortcode, uniqueness: { scope: :domain }, format: { with: SHORTCODE_ONLY_RE }, length: { minimum: MINIMUM_SHORTCODE_SIZE }
scope :local, -> { where(domain: nil) }
scope :remote, -> { where.not(domain: nil) }
diff --git a/spec/models/custom_emoji_spec.rb b/spec/models/custom_emoji_spec.rb
index 87b111441..f812cf758 100644
--- a/spec/models/custom_emoji_spec.rb
+++ b/spec/models/custom_emoji_spec.rb
@@ -84,4 +84,13 @@ RSpec.describe CustomEmoji, :attachment_processing do
it { is_expected.to normalize(:domain).from(nil).to(nil) }
end
end
+
+ describe 'Validations' do
+ subject { Fabricate.build :custom_emoji }
+
+ it { is_expected.to validate_uniqueness_of(:shortcode).scoped_to(:domain) }
+ it { is_expected.to validate_length_of(:shortcode).is_at_least(described_class::MINIMUM_SHORTCODE_SIZE) }
+ it { is_expected.to allow_values('cats').for(:shortcode) }
+ it { is_expected.to_not allow_values('@#$@#$', 'X').for(:shortcode) }
+ end
end