Disallow email addresses in closet list descriptions

Just another attempt to communicate the rules!
2024-04-16 17:04:31 -07:00 · 2024-04-16 17:04:31 -07:00 · 4ae5acfdc3
commit 4ae5acfdc3
parent 1cbcb5bcd6
2 changed files with 8 additions and 2 deletions
--- a/app/controllers/closet_lists_controller.rb
+++ b/app/controllers/closet_lists_controller.rb
@ -8,7 +8,7 @@ class ClosetListsController < ApplicationController
      save_successful!
    else
      save_failed!
-      render :action => :new
+      render action: :new, status: :unprocessable_entity
    end
  end

@ -28,7 +28,7 @@ class ClosetListsController < ApplicationController
      save_successful!
    else
      save_failed!
-      render :action => :edit
+      render action: :edit, status: :unprocessable_entity
    end
  end

--- a/app/models/closet_list.rb
+++ b/app/models/closet_list.rb
@ -5,6 +5,12 @@ class ClosetList < ApplicationRecord
  validates :name, :presence => true, :uniqueness => {:scope => :user_id}
  validates :user, :presence => true
  validates :hangers_owned, :inclusion => {:in => [true, false], :message => "can't be blank"}
+  validates :description, format: {
+    # This isn't a very careful email filter! It's easy to avoid. But the
+    # purpose is to communicate the rules, more than actual prevention.
+    without: /\b([\w+\-].?)+@[a-z\d\-]+(\.[a-z]+)*\.[a-z]+\b/i, # from emailregex.com
+    message: "must not contain email addresses"
+  }

  delegate :log_trade_activity, to: :user