Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Don't allow Domain name matching production domain to be created #7244

Merged
merged 4 commits into from Jul 8, 2020
Merged

Don't allow Domain name matching production domain to be created #7244

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
3bfb3e2
Don't allow Domain name matching production domain to be created
saadmk11 Jun 29, 2020
23da7e0
lint fix
saadmk11 Jun 29, 2020
b7c7aa5
use endswith for domain validation
saadmk11 Jun 30, 2020
83e783b
Run validation in a loop
saadmk11 Jun 30, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
13 changes: 13 additions & 0 deletions readthedocs/projects/forms.py
View file
Open in desktop
Expand Up @@ -634,6 +634,19 @@ def clean_domain(self):
domain_string = parsed.netloc
else:
domain_string = parsed.path

if (
settings.PRODUCTION_DOMAIN and
settings.PRODUCTION_DOMAIN in domain_string
saadmk11 marked this conversation as resolved.
Show resolved Hide resolved
):
raise forms.ValidationError('Enter a valid domain name.')
saadmk11 marked this conversation as resolved.
Show resolved Hide resolved

if (
settings.PUBLIC_DOMAIN and
settings.PUBLIC_DOMAIN in domain_string
):
raise forms.ValidationError('Enter a valid domain name.')

return domain_string

def clean_canonical(self):
Expand Down
36 changes: 35 additions & 1 deletion readthedocs/rtd_tests/tests/test_domains.py
View file
Open in desktop
Expand Up @@ -2,7 +2,8 @@

import json

from django.test import TestCase
from django.conf import settings
from django.test import TestCase, override_settings
from django_dynamic_fixture import get

from readthedocs.projects.forms import DomainForm
Expand Down Expand Up @@ -53,6 +54,39 @@ def test_https(self):
)
self.assertFalse(form.is_valid())

def test_production_domain_not_allowed(self):
"""Make sure user can not enter production domain name."""
form = DomainForm(
{'domain': settings.PRODUCTION_DOMAIN},
project=self.project,
)
self.assertFalse(form.is_valid())
self.assertEqual(form.errors['domain'][0], 'Enter a valid domain name.')

form2 = DomainForm(
{'domain': 'test.' + settings.PRODUCTION_DOMAIN},
project=self.project,
)
self.assertFalse(form2.is_valid())
self.assertEqual(form2.errors['domain'][0], 'Enter a valid domain name.')

@override_settings(PUBLIC_DOMAIN='readthedocs.io')
def test_public_domain_not_allowed(self):
"""Make sure user can not enter public domain name."""
form = DomainForm(
{'domain': settings.PUBLIC_DOMAIN},
project=self.project,
)
self.assertFalse(form.is_valid())
self.assertEqual(form.errors['domain'][0], 'Enter a valid domain name.')

form2 = DomainForm(
{'domain': 'docs.' + settings.PUBLIC_DOMAIN},
project=self.project,
)
self.assertFalse(form2.is_valid())
self.assertEqual(form2.errors['domain'][0], 'Enter a valid domain name.')

def test_canonical_change(self):
"""Make sure canonical can be properly changed."""
form = DomainForm(
Expand Down