Add basic checks to grief reporting

This commit is contained in:
Slendy 2023-02-18 07:15:39 -06:00
parent cf1adbe640
commit a796cb9185
No known key found for this signature in database
GPG key ID: 7288D68361B91428
2 changed files with 12 additions and 3 deletions

View file

@ -3,6 +3,7 @@ using System.Text.Json;
using LBPUnion.ProjectLighthouse.Configuration;
using LBPUnion.ProjectLighthouse.Database;
using LBPUnion.ProjectLighthouse.Extensions;
using LBPUnion.ProjectLighthouse.Files;
using LBPUnion.ProjectLighthouse.Helpers;
using LBPUnion.ProjectLighthouse.Types.Entities.Moderation;
using LBPUnion.ProjectLighthouse.Types.Entities.Token;
@ -37,6 +38,14 @@ public class ReportController : ControllerBase
SanitizationHelper.SanitizeStringsInClass(report);
if (string.IsNullOrWhiteSpace(report.JpegHash)) return this.BadRequest();
if (!FileHelper.ResourceExists(report.JpegHash)) return this.BadRequest();
if (report.XmlPlayers.Length > 4) return this.BadRequest();
if (report.XmlPlayers.Any(p => !this.database.IsUsernameValid(p.Name))) return this.BadRequest();
report.Bounds = JsonSerializer.Serialize(report.XmlBounds.Rect, typeof(Rectangle));
report.Players = JsonSerializer.Serialize(report.XmlPlayers, typeof(ReportPlayer[]));
report.Timestamp = TimeHelper.TimestampMillis;

View file

@ -21,6 +21,8 @@ public partial class DatabaseContext
[GeneratedRegex("^[a-zA-Z0-9_.-]{3,16}$")]
private static partial Regex UsernameRegex();
public bool IsUsernameValid(string username) => UsernameRegex().IsMatch(username);
#nullable enable
public async Task<User> CreateUser(string username, string password, string? emailAddress = null)
{
@ -31,9 +33,7 @@ public partial class DatabaseContext
{
if (username.Length is > 16 or < 3) throw new ArgumentException(nameof(username) + " is either too long or too short");
Regex regex = UsernameRegex();
if (!regex.IsMatch(username)) throw new ArgumentException(nameof(username) + " does not match the username regex");
if (!this.IsUsernameValid(username)) throw new ArgumentException(nameof(username) + " does not match the username regex");
}
User? user = await this.Users.Where(u => u.Username == username).FirstOrDefaultAsync();