jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
nix-flake
danbooru/test/unit/post_flag_test.rb
evazion d9dc84325f Fix #5365: Don't allow whitespace-only text submission. 
Fix bug where it was possible to submit blank text in various text fields.

Caused by `String#blank?` not considering certain Unicode characters as blank. `blank?` is defined
as `match?(/\A[[:space:]]*\z/)`, where `[[:space:]]` matches ASCII spaces (space, tab, newline, etc)
and Unicode characters in the Space category ([1]). However, there are other space-like characters
not in the Space category. This includes U+200B (Zero-Width Space), and many more.

It turns out the "Default ignorable code points" [2][3] are what we're after. These are the set of 400
or so formatting and control characters that are invisible when displayed.

Note that there are other control characters that aren't invisible when rendered, instead they're
shown with a placeholder glyph. These include the ASCII C0 and C1 control codes [4], certain Unicode
control characters [5], and unassigned, reserved, and private use codepoints.

There is one outlier: the Braille pattern blank (U+2800) [6]. This character is visually blank, but is
not considered to be a space or an ignorable code point.

[1]: https://codepoints.net/search?gc[]=Z
[2]: https://codepoints.net/search?DI=1
[3]: https://www.unicode.org/review/pr-5.html
[4]: https://codepoints.net/search?gc[]=Cc
[5]: https://codepoints.net/search?gc[]=Cf
[6]: https://codepoints.net/U+2800
[7]: https://en.wikipedia.org/wiki/Whitespace_character
[8]: https://character.construction/blanks
[9]: https://invisible-characters.com
2022-12-05 01:58:34 -06:00

127 lines
4.4 KiB
Ruby
Raw Permalink Blame History

require 'test_helper'
class PostFlagTest < ActiveSupport::TestCase
context "PostFlag: " do
context "an approver" do
should "be able to flag an unlimited number of posts" do
@user = create(:approver)
assert_nothing_raised do
create_list(:post_flag, 6, creator: @user, status: :pending)
end
end
end
context "a user with unlimited flags" do
should "be able to flag an unlimited number of posts" do
@user = create(:user)
create_list(:post_flag, 30, status: :succeeded, creator: @user)
assert_equal(true, @user.has_unlimited_flags?)
assert_equal(false, @user.is_flag_limited?)
assert_nothing_raised do
create_list(:post_flag, 6, creator: @user, status: :pending)
end
end
end
context "a basic user" do
should "be able to flag up to 5 posts at once" do
@user = create(:user)
@flags = create_list(:post_flag, 5, creator: @user, status: :pending)
@flag = build(:post_flag, creator: @user, status: :pending)
assert_equal(false, @flag.valid?)
assert_equal(["have reached your flag limit"], @flag.errors[:creator])
end
should "have early rejected flags count against their flag limit" do
@user = create(:user)
create(:post_flag, creator: @user, status: :pending)
assert_equal(1, @user.post_flags.active.count)
create(:post_flag, creator: @user, status: :rejected)
assert_equal(2, @user.post_flags.active.count)
create(:post_flag, creator: @user, status: :succeeded)
assert_equal(2, @user.post_flags.active.count)
create(:post_flag, creator: @user, status: :rejected, created_at: 4.days.ago)
assert_equal(2, @user.post_flags.active.count)
end
end
context "a user" do
should "not be able to flag a post more than once" do
@user = create(:user)
@post = create(:post)
@post_flag = create(:post_flag, post: @post, creator: @user)
@post_flag = build(:post_flag, post: @post, creator: @user)
assert_equal(false, @post_flag.valid?)
assert_equal(["have already flagged this post"], @post_flag.errors[:creator_id])
end
should "not be able to flag a deleted post" do
@post = create(:post, is_deleted: true)
@post_flag = build(:post_flag, post: @post)
assert_equal(false, @post_flag.valid?)
assert_equal(["Post is deleted and cannot be flagged"], @post_flag.errors.full_messages)
end
should "not be able to flag a pending post" do
@post = create(:post, is_pending: true)
@flag = build(:post_flag, post: @post)
assert_equal(false, @flag.valid?)
assert_equal(["Post is pending and cannot be flagged"], @flag.errors.full_messages)
end
should "not be able to flag a post in the cooldown period" do
@mod = create(:moderator_user)
@users = create_list(:user, 2)
@post = create(:post)
@flag1 = create(:post_flag, post: @post, creator: @users.first)
create(:post_approval, post: @post, user: @mod)
travel_to(Danbooru.config.moderation_period.from_now - 1.minute) do
@flag2 = build(:post_flag, post: @post, reason: "something", creator: @users.second)
assert_equal(false, @flag2.valid?)
assert_match(/cannot be flagged more than once/, @flag2.errors[:post].join)
end
travel_to(Danbooru.config.moderation_period.from_now + 1.minute) do
@flag3 = create(:post_flag, post: @post, reason: "something", creator: @users.second)
assert(@flag3.errors.empty?)
end
end
should "be able to flag a post in the cooldown period if they're a mod" do
@post = create(:post)
@flag1 = create(:post_flag, post: @post)
create(:post_approval, post: @post)
assert_equal(false, @post.reload.is_pending?)
travel_to(Danbooru.config.moderation_period.from_now - 1.minute) do
@flag2 = create(:post_flag, post: @post, reason: "something", creator: create(:approver))
assert_equal(true, @flag2.valid?)
assert_equal(true, @post.reload.is_flagged?)
end
end
end
context "during validation" do
subject { build(:post_flag) }
should_not allow_value("").for(:reason)
should_not allow_value(" ").for(:reason)
should_not allow_value("\u200B").for(:reason)
end
end
end
Reference in New Issue View Git Blame Copy Permalink