mirror of
https://github.com/plausible/analytics.git
synced 2024-12-23 17:44:43 +03:00
Disallow funny business on timezone entry (#3662)
* Disallow funny business on timezone entry * Add external API test
This commit is contained in:
parent
7efa253e3f
commit
21bbd3835a
@ -68,6 +68,7 @@ defmodule Plausible.Site do
|
||||
|> cast(attrs, [:domain, :timezone])
|
||||
|> clean_domain()
|
||||
|> validate_required([:domain, :timezone])
|
||||
|> validate_timezone()
|
||||
|> validate_domain_format()
|
||||
|> validate_domain_reserved_characters()
|
||||
|> unique_constraint(:domain,
|
||||
@ -265,4 +266,14 @@ defmodule Plausible.Site do
|
||||
changeset
|
||||
end
|
||||
end
|
||||
|
||||
defp validate_timezone(changeset) do
|
||||
tz = get_field(changeset, :timezone)
|
||||
|
||||
if Timex.is_valid_timezone?(tz) do
|
||||
changeset
|
||||
else
|
||||
add_error(changeset, :timezone, "is invalid")
|
||||
end
|
||||
end
|
||||
end
|
||||
|
@ -12,6 +12,15 @@ defmodule Plausible.SitesTest do
|
||||
assert {:ok, %{site: %{domain: "example.com", timezone: "Europe/London"}}} =
|
||||
Sites.create(user, params)
|
||||
end
|
||||
|
||||
test "fails on invalid timezone" do
|
||||
user = insert(:user)
|
||||
|
||||
params = %{"domain" => "example.com", "timezone" => "blah"}
|
||||
|
||||
assert {:error, :site, %{errors: [timezone: {"is invalid", []}]}, %{}} =
|
||||
Sites.create(user, params)
|
||||
end
|
||||
end
|
||||
|
||||
describe "is_member?" do
|
||||
|
@ -26,6 +26,18 @@ defmodule PlausibleWeb.Api.ExternalSitesControllerTest do
|
||||
}
|
||||
end
|
||||
|
||||
test "timezone is validated", %{conn: conn} do
|
||||
conn =
|
||||
post(conn, "/api/v1/sites", %{
|
||||
"domain" => "some-site.domain",
|
||||
"timezone" => "d"
|
||||
})
|
||||
|
||||
assert json_response(conn, 400) == %{
|
||||
"error" => "timezone: is invalid"
|
||||
}
|
||||
end
|
||||
|
||||
test "timezone defaults to Etc/UTC", %{conn: conn} do
|
||||
conn =
|
||||
post(conn, "/api/v1/sites", %{
|
||||
|
Loading…
Reference in New Issue
Block a user