Changeset View
Changeset View
Standalone View
Standalone View
src/app/Rules/SharedFolderName.php
<?php | <?php | ||||
namespace App\Rules; | namespace App\Rules; | ||||
use Illuminate\Contracts\Validation\Rule; | use Illuminate\Contracts\Validation\Rule; | ||||
use Illuminate\Support\Facades\Validator; | use Illuminate\Support\Facades\Validator; | ||||
use Illuminate\Support\Str; | use Illuminate\Support\Str; | ||||
class SharedFolderName implements Rule | class SharedFolderName implements Rule | ||||
{ | { | ||||
private $message; | private $message; | ||||
private $owner; | private $owner; | ||||
private $domain; | private $domain; | ||||
private const FORBIDDEN_CHARS = '+/^%*!`@(){}|\\?<;"'; | private const FORBIDDEN_CHARS = '+^%*!`@(){}|\\?<;"'; | ||||
/** | /** | ||||
* Class constructor. | * Class constructor. | ||||
* | * | ||||
* @param \App\User $owner The account owner | * @param \App\User $owner The account owner | ||||
* @param string $domain The domain name of the group | * @param string $domain The domain name of the group | ||||
*/ | */ | ||||
public function __construct($owner, $domain) | public function __construct($owner, $domain) | ||||
{ | { | ||||
$this->owner = $owner; | $this->owner = $owner; | ||||
$this->domain = Str::lower($domain); | $this->domain = Str::lower($domain); | ||||
} | } | ||||
/** | /** | ||||
* Determine if the validation rule passes. | * Determine if the validation rule passes. | ||||
* | * | ||||
* @param string $attribute Attribute name | * @param string $attribute Attribute name | ||||
* @param mixed $name Shared folder name input | * @param mixed $name Shared folder name input | ||||
* | * | ||||
* @return bool | * @return bool | ||||
*/ | */ | ||||
public function passes($attribute, $name): bool | public function passes($attribute, $name): bool | ||||
{ | { | ||||
if (empty($name) || !is_string($name) || $name == 'Resources') { | if (empty($name) || !is_string($name) || $name == 'Resources' || \str_starts_with($name, 'Resources/')) { | ||||
$this->message = \trans('validation.nameinvalid'); | $this->message = \trans('validation.nameinvalid'); | ||||
return false; | return false; | ||||
} | } | ||||
if (strcspn($name, self::FORBIDDEN_CHARS) < strlen($name)) { | foreach (explode('/', $name) as $subfolder) { | ||||
$length = strlen($subfolder); | |||||
if (!$length || strcspn($subfolder, self::FORBIDDEN_CHARS) < $length) { | |||||
$this->message = \trans('validation.nameinvalid'); | $this->message = \trans('validation.nameinvalid'); | ||||
return false; | return false; | ||||
} | } | ||||
} | |||||
// Check the max length, according to the database column length | // Check the max length, according to the database column length | ||||
if (strlen($name) > 191) { | if (strlen($name) > 191) { | ||||
$this->message = \trans('validation.max.string', ['max' => 191]); | $this->message = \trans('validation.max.string', ['max' => 191]); | ||||
return false; | return false; | ||||
} | } | ||||
// Check if specified domain belongs to the user | // Check if specified domain belongs to the user | ||||
Show All 30 Lines |