From 4ae5acfdc36fb12595bcdf0ad0338e25e6d7f22a Mon Sep 17 00:00:00 2001 From: Emi Matchu Date: Tue, 16 Apr 2024 17:04:31 -0700 Subject: [PATCH] Disallow email addresses in closet list descriptions Just another attempt to communicate the rules! --- app/controllers/closet_lists_controller.rb | 4 ++-- app/models/closet_list.rb | 6 ++++++ 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/app/controllers/closet_lists_controller.rb b/app/controllers/closet_lists_controller.rb index f633a19a..9db54b7f 100644 --- a/app/controllers/closet_lists_controller.rb +++ b/app/controllers/closet_lists_controller.rb @@ -8,7 +8,7 @@ class ClosetListsController < ApplicationController save_successful! else save_failed! - render :action => :new + render action: :new, status: :unprocessable_entity end end @@ -28,7 +28,7 @@ class ClosetListsController < ApplicationController save_successful! else save_failed! - render :action => :edit + render action: :edit, status: :unprocessable_entity end end diff --git a/app/models/closet_list.rb b/app/models/closet_list.rb index 691e5243..fabc6907 100644 --- a/app/models/closet_list.rb +++ b/app/models/closet_list.rb @@ -5,6 +5,12 @@ class ClosetList < ApplicationRecord validates :name, :presence => true, :uniqueness => {:scope => :user_id} validates :user, :presence => true validates :hangers_owned, :inclusion => {:in => [true, false], :message => "can't be blank"} + validates :description, format: { + # This isn't a very careful email filter! It's easy to avoid. But the + # purpose is to communicate the rules, more than actual prevention. + without: /\b([\w+\-].?)+@[a-z\d\-]+(\.[a-z]+)*\.[a-z]+\b/i, # from emailregex.com + message: "must not contain email addresses" + } delegate :log_trade_activity, to: :user