From fb2a9285d297e457a87049c8d7723ac936cb81be Mon Sep 17 00:00:00 2001 From: trisua Date: Tue, 20 May 2025 23:30:40 -0400 Subject: [PATCH] fix: don't allow user display name to be over 32 chars --- .../public/html/communities/create_post.html | 135 +----------------- crates/app/src/public/html/components.html | 133 ++++++++++++++++- crates/app/src/public/html/misc/requests.html | 11 +- crates/app/src/routes/api/v1/auth/profile.rs | 5 + 4 files changed, 145 insertions(+), 139 deletions(-) diff --git a/crates/app/src/public/html/communities/create_post.html b/crates/app/src/public/html/communities/create_post.html index 5aec044..55e44bc 100644 --- a/crates/app/src/public/html/communities/create_post.html +++ b/crates/app/src/public/html/communities/create_post.html @@ -112,21 +112,7 @@
-
- {{ components::emoji_picker(element_id="content", - render_dialog=true) }} {% if is_supporter -%} {{ - components::file_picker(files_list_id="files_list") - }} {%- endif %} - - -
+ {{ components::create_post_options() }}
{% if draft -%} @@ -199,26 +185,7 @@ if (res.ok) { // update settings - if ( - JSON.stringify( - window.POST_INITIAL_SETTINGS, - ) !== window.BLANK_INITIAL_SETTINGS - ) { - await fetch( - `/api/v1/posts/${res.payload}/context`, - { - method: "POST", - headers: { - "Content-Type": - "application/json", - }, - body: JSON.stringify({ - context: - window.POST_INITIAL_SETTINGS, - }), - }, - ); - } + await update_settings_maybe(res.payload); // remove draft // {% if draft -%} @@ -423,102 +390,4 @@ window.history.back(); } - - -
-
- -
- -
-
- -
- -
-
- - -
- {% endblock %} diff --git a/crates/app/src/public/html/components.html b/crates/app/src/public/html/components.html index 310af6d..7f6b71d 100644 --- a/crates/app/src/public/html/components.html +++ b/crates/app/src/public/html/components.html @@ -1397,4 +1397,135 @@ is_supporter %}
-{%- endif %} {%- endmacro %} +{%- endif %} {%- endmacro %} {% macro create_post_options() -%} +
+ {{ components::emoji_picker(element_id="content", render_dialog=true) }} {% + if is_supporter -%} {{ components::file_picker(files_list_id="files_list") + }} {%- endif %} + + +
+ + +
+
+ +
+ +
+
+ +
+ +
+
+ + +
+ +{%- endmacro %} diff --git a/crates/app/src/public/html/misc/requests.html b/crates/app/src/public/html/misc/requests.html index c37370f..c1f2396 100644 --- a/crates/app/src/public/html/misc/requests.html +++ b/crates/app/src/public/html/misc/requests.html @@ -111,10 +111,7 @@
- {{ components::emoji_picker(element_id="content", - render_dialog=true) }} {% if is_supporter -%} {{ - components::file_picker(files_list_id="files_list") }} - {%- endif %} + {{ components::create_post_options() }} @@ -199,13 +196,17 @@ body, }) .then((res) => res.json()) - .then((res) => { + .then(async (res) => { trigger("atto::toast", [ res.ok ? "success" : "error", res.message, ]); if (res.ok) { + // update settings + await update_settings_maybe(res.payload); + + // ... e.target.parentElement.remove(); } }); diff --git a/crates/app/src/routes/api/v1/auth/profile.rs b/crates/app/src/routes/api/v1/auth/profile.rs index c8d7e7f..5c6c093 100644 --- a/crates/app/src/routes/api/v1/auth/profile.rs +++ b/crates/app/src/routes/api/v1/auth/profile.rs @@ -100,6 +100,11 @@ pub async fn update_user_settings_request( return Json(Error::NotAllowed.into()); } + // check lengths + if req.display_name.len() > 32 { + return Json(Error::DataTooLong("display name".to_string()).into()); + } + // check percentage themes if !req.theme_sat.is_empty() && !req.theme_sat.ends_with("%") { req.theme_sat = format!("{}%", req.theme_sat)