Code Coverage for /var/www/social/src/Util/Nickname.php

	Code Coverage
	Classes and Traits			Functions and Methods				Lines
Total	100.00% covered (success)	100.00%	1 / 1	100.00% covered (success)	100.00%	5 / 5	CRAP	100.00% covered (success)	100.00%	37 / 37
Nickname	100.00% covered (success)	100.00%	1 / 1	100.00% covered (success)	100.00%	5 / 5	20	100.00% covered (success)	100.00%	37 / 37
validate				100.00% covered (success)	100.00%	1 / 1	11	100.00% covered (success)	100.00%	17 / 17
normalize				100.00% covered (success)	100.00%	1 / 1	4	100.00% covered (success)	100.00%	9 / 9
isValid				100.00% covered (success)	100.00%	1 / 1	2	100.00% covered (success)	100.00%	4 / 4
isCanonical				100.00% covered (success)	100.00%	1 / 1	1	100.00% covered (success)	100.00%	1 / 1
isReserved				100.00% covered (success)	100.00%	1 / 1	2	100.00% covered (success)	100.00%	6 / 6

1	<?php
2
3	// {{{ License
4
5	// This file is part of GNU social - https://www.gnu.org/software/social
6	//
7	// GNU social is free software: you can redistribute it and/or modify
8	// it under the terms of the GNU Affero General Public License as published by
9	// the Free Software Foundation, either version 3 of the License, or
10	// (at your option) any later version.
11	//
12	// GNU social is distributed in the hope that it will be useful,
13	// but WITHOUT ANY WARRANTY; without even the implied warranty of
14	// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15	// GNU Affero General Public License for more details.
16	//
17	// You should have received a copy of the GNU Affero General Public License
18	// along with GNU social. If not, see <http://www.gnu.org/licenses/>.
19
20	// }}}
21
22	namespace App\Util;
23
24	use App\Entity\LocalUser;
25	use App\Util\Exception\NicknameBlacklistedException;
26	use App\Util\Exception\NicknameEmptyException;
27	use App\Util\Exception\NicknameException;
28	use App\Util\Exception\NicknameInvalidException;
29	use App\Util\Exception\NicknamePathCollisionException;
30	use App\Util\Exception\NicknameReservedException;
31	use App\Util\Exception\NicknameTakenException;
32	use App\Util\Exception\NicknameTooLongException;
33	use App\Util\Exception\NicknameTooShortException;
34	use Functional as F;
35	use Normalizer;
36
37	/**
38	* Nickname validation
39	*
40	* @category Validation
41	* @package GNUsocial
42	*
43	* @author Zach Copley <zach@status.net>
44	* @copyright 2010 StatusNet Inc.
45	* @author Brion Vibber <brion@pobox.com>
46	* @author Mikael Nordfeldth <mmn@hethane.se>
47	* @author Nym Coy <nymcoy@gmail.com>
48	* @copyright 2009-2014 Free Software Foundation, Inc http://www.fsf.org
49	* @auuthor Daniel Supernault <danielsupernault@gmail.com>
50	* @auuthor Diogo Cordeiro <diogo@fc.up.pt>
51	*
52	* @author Hugo Sales <hugo@hsal.es>
53	* @copyright 2018-2021 Free Software Foundation, Inc http://www.fsf.org
54	* @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
55	*/
56	class Nickname
57	{
58	/**
59	* Regex fragment for pulling a formated nickname OR ID number.
60	* Suitable for router def of 'id' parameters on API actions.
61	*
62	* Not guaranteed to be valid after normalization; run the string through
63	* Nickname::normalize() to get the canonical form, or Nickname::isValid()
64	* if you just need to check if it's properly formatted.
65	*
66	* This, DISPLAY_FMT, and CANONICAL_FMT should not be enclosed in []s.
67	*
68	* @fixme would prefer to define in reference to the other constants
69	*/
70	const INPUT_FMT = '(?:[0-9]+\|[0-9a-zA-Z_]{1,64})';
71
72	/**
73	* Regex fragment for acceptable user-formatted variant of a nickname.
74	*
75	* This includes some chars such as underscore which will be removed
76	* from the normalized canonical form, but still must fit within
77	* field length limits.
78	*
79	* Not guaranteed to be valid after normalization; run the string through
80	* Nickname::normalize() to get the canonical form, or Nickname::isValid()
81	* if you just need to check if it's properly formatted.
82	*
83	* This, INPUT_FMT and CANONICAL_FMT should not be enclosed in []s.
84	*/
85	const DISPLAY_FMT = '[0-9a-zA-Z_]{1,64}';
86
87	/**
88	* Simplified regex fragment for acceptable full WebFinger ID of a user
89	*
90	* We could probably use an email regex here, but mainly we are interested
91	* in matching it in our URLs, like https://social.example/user@example.com
92	*/
93	const WEBFINGER_FMT = '(?:\w+[\w\-\_\.]*)?\w+\@' . URL_REGEX_DOMAIN_NAME;
94
95	/**
96	* Regex fragment for checking a canonical nickname.
97	*
98	* Any non-matching string is not a valid canonical/normalized nickname.
99	* Matching strings are valid and canonical form, but may still be
100	* unavailable for registration due to blacklisting et.
101	*
102	* Only the canonical forms should be stored as keys in the database;
103	* there are multiple possible denormalized forms for each valid
104	* canonical-form name.
105	*
106	* This, INPUT_FMT and DISPLAY_FMT should not be enclosed in []s.
107	*/
108	const CANONICAL_FMT = '[0-9a-z]{1,64}';
109
110	/**
111	* Maximum number of characters in a canonical-form nickname. Changes must validate regexs
112	*/
113	const MAX_LEN = 64;
114
115	/**
116	* Regex with non-capturing group that matches whitespace and some
117	* characters which are allowed right before an @ or ! when mentioning
118	* other users. Like: 'This goes out to:@mmn (@chimo too) (!awwyiss).'
119	*
120	* FIXME: Make this so you can have multiple whitespace but not multiple
121	* parenthesis or something. '(((@n_n@)))' might as well be a smiley.
122	*/
123	const BEFORE_MENTIONS = '(?:^\|[\s\.\,\:\;\[\(]+)';
124
125	const CHECK_LOCAL_USER = 1;
126	const CHECK_LOCAL_GROUP = 2;
127
128	/**
129	* Check if a nickname is valid or throw exceptions if it's not.
130	* Can optionally check if the nickname is currently in use
131	*/
132	public static function validate(string $nickname, bool $check_already_used = false, int $which = self::CHECK_LOCAL_USER)
133	{
134	$nickname = trim($nickname);
135	$length = mb_strlen($nickname);
136
137	if ($length < 1) {
138	throw new NicknameEmptyException();
139	} elseif ($length < Common::config('nickname', 'min_length')) {
140	// dd($nickname, $length, Common::config('nickname', 'min_length'));
141	throw new NicknameTooShortException();
142	} else {
143	if ($length > self::MAX_LEN) {
144	throw new NicknameTooLongException();
145	} elseif (self::isReserved($nickname) \|\| Common::isSystemPath($nickname)) {
146	throw new NicknameReservedException();
147	} elseif ($check_already_used) {
148	switch ($which) {
149	case self::CHECK_LOCAL_USER:
150	$lu = LocalUser::findByNicknameOrEmail($nickname, email: '');
151	if ($lu !== null) {
152	throw new NicknameTakenException($lu->getActor());
153	}
154	break;
155	// @codeCoverageIgnoreStart
156	case self::CHECK_LOCAL_GROUP:
157	throw new \NotImplementedException();
158	break;
159	default:
160	throw new \InvalidArgumentException();
161	// @codeCoverageIgnoreEnd
162	}
163	}
164	}
165
166	return $nickname;
167	}
168
169	/**
170	* Normalize an input $nickname, and normalize it to its canonical form.
171	* The canonical form will be returned, or an exception thrown if invalid.
172	*
173	* @throws NicknameException (base class)
174	* @throws NicknameBlacklistedException
175	* @throws NicknameEmptyException
176	* @throws NicknameInvalidException
177	* @throws NicknamePathCollisionException
178	* @throws NicknameTakenException
179	* @throws NicknameTooLongException
180	* @throws NicknameTooShortException
181	*/
182	public static function normalize(string $nickname, bool $check_already_used = true, bool $checking_reserved = false): string
183	{
184	if (!$checking_reserved) {
185	$nickname = self::validate($nickname, $check_already_used);
186	}
187
188	$nickname = trim($nickname);
189	$nickname = str_replace('_', '', $nickname);
190	$nickname = mb_strtolower($nickname);
191	$nickname = Normalizer::normalize($nickname, Normalizer::FORM_C);
192	if (!self::isCanonical($nickname) && !filter_var($nickname, FILTER_VALIDATE_EMAIL)) {
193	throw new NicknameInvalidException();
194	}
195
196	return $nickname;
197	}
198
199	/**
200	* Nice simple check of whether the given string is a valid input nickname,
201	* which can be normalized into an internally canonical form.
202	*
203	* Note that valid nicknames may be in use or reserved.
204	*
205	* @return bool True if nickname is valid. False if invalid (or taken if $check_already_used == true).
206	*/
207	public static function isValid(string $nickname, bool $check_already_used = true): bool
208	{
209	try {
210	self::normalize($nickname, $check_already_used);
211	} catch (NicknameException $e) {
212	return false;
213	}
214
215	return true;
216	}
217
218	/**
219	* Is the given string a valid canonical nickname form?
220	*/
221	public static function isCanonical(string $nickname): bool
222	{
223	return preg_match('/^(?:' . self::CANONICAL_FMT . ')$/', $nickname);
224	}
225
226	/**
227	* Is the given string in our nickname blacklist?
228	*/
229	public static function isReserved(string $nickname): bool
230	{
231	$reserved = Common::config('nickname', 'reserved');
232	if (empty($reserved)) {
233	return false;
234	}
235	return in_array($nickname, array_merge($reserved, F\map($reserved, function ($n) {
236	return self::normalize($n, check_already_used: false, checking_reserved: true);
237	})));
238	}
239	}