From 9dbefafb6aa01baf6888c2e5f3ba5936c6948ad2 Mon Sep 17 00:00:00 2001 From: Davide Iadeluca Date: Mon, 18 Nov 2024 11:59:34 +0100 Subject: [PATCH 1/5] test: write failing tests for email length --- .../integration/api/users/CreateTest.php | 152 ++++++++++++++++++ 1 file changed, 152 insertions(+) diff --git a/framework/core/tests/integration/api/users/CreateTest.php b/framework/core/tests/integration/api/users/CreateTest.php index 5fce8fba83..34de549826 100644 --- a/framework/core/tests/integration/api/users/CreateTest.php +++ b/framework/core/tests/integration/api/users/CreateTest.php @@ -138,6 +138,158 @@ public function admins_can_create_activated_users() $this->assertEquals(1, $user->is_email_confirmed); } + #[Test] + public function admin_can_create_user_with_longest_possible_local_part_email() + { + $email = str_repeat('a', 64).'@machine.local'; + + $response = $this->send( + $this->request( + 'POST', + '/api/users', + [ + 'authenticatedAs' => 1, + 'json' => [ + 'data' => [ + 'attributes' => [ + 'username' => 'test', + 'password' => 'too-obscure', + 'email' => $email, + ], + ] + ], + ] + ) + ); + + $this->assertEquals(201, $response->getStatusCode()); + + /** @var User $user */ + $user = User::where('username', 'test')->firstOrFail(); + + $this->assertEquals($email, $user->email); + } + + #[Test] + public function admin_cannot_create_user_with_invalid_local_part_email() + { + $email = str_repeat('a', 65) . '@machine.local'; + + $response = $this->send( + $this->request( + 'POST', + '/api/users', + [ + 'authenticatedAs' => 1, + 'json' => [ + 'data' => [ + 'attributes' => [ + 'username' => 'test', + 'password' => 'too-obscure', + 'email' => $email, + ], + ] + ], + ] + ) + ); + + $this->assertEquals(422, $response->getStatusCode()); + } + + #[Test] + public function admin_can_create_user_with_longest_valid_domain() + { + $email = 't@'.str_repeat('a', 63).'.'.str_repeat('b', 63).'.'.str_repeat('c', 63).'.'.str_repeat('d', 58).'.x'; + + $response = $this->send( + $this->request( + 'POST', + '/api/users', + [ + 'authenticatedAs' => 1, + 'json' => [ + 'data' => [ + 'attributes' => [ + 'username' => 'test', + 'password' => 'too-obscure', + 'email' => $email, + ], + ] + ], + ] + ) + ); + + $this->assertEquals(201, $response->getStatusCode()); + + /** @var User $user */ + $user = User::where('username', 'test')->firstOrFail(); + + $this->assertEquals($email, $user->email); + } + + #[Test] + public function admin_can_create_user_with_longest_valid_email() + { + $localPart = str_repeat('a', 64); + $domain = str_repeat('a', 61).'.'.str_repeat('a', 60).'.'.str_repeat('a', 60).'.local'; + $email = $localPart.'@'.$domain; + + $response = $this->send( + $this->request( + 'POST', + '/api/users', + [ + 'authenticatedAs' => 1, + 'json' => [ + 'data' => [ + 'attributes' => [ + 'username' => 'test', + 'password' => 'too-obscure', + 'email' => $email, + ], + ] + ], + ] + ) + ); + + $this->assertEquals(201, $response->getStatusCode()); + + /** @var User $user */ + $user = User::where('username', 'test')->firstOrFail(); + + $this->assertEquals($email, $user->email); + } + + #[Test] + public function admin_cannot_create_user_with_invalid_email_length() + { + $email = str_repeat('a', 65).'@'.str_repeat('a', 256).'.local'; + + $response = $this->send( + $this->request( + 'POST', + '/api/users', + [ + 'authenticatedAs' => 1, + 'json' => [ + 'data' => [ + 'attributes' => [ + 'username' => 'test', + 'password' => 'too-obscure', + 'email' => $email, + ], + ] + ], + ] + ) + ); + + $this->assertEquals(422, $response->getStatusCode()); + } + #[Test] public function disabling_sign_up_prevents_user_creation() { From 6cb0d27c2498e3058e70c53154b83a14b7b87a53 Mon Sep 17 00:00:00 2001 From: Davide Iadeluca Date: Mon, 18 Nov 2024 12:12:13 +0100 Subject: [PATCH 2/5] style: formatting --- framework/core/tests/integration/api/users/CreateTest.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/framework/core/tests/integration/api/users/CreateTest.php b/framework/core/tests/integration/api/users/CreateTest.php index 34de549826..6dafe2d484 100644 --- a/framework/core/tests/integration/api/users/CreateTest.php +++ b/framework/core/tests/integration/api/users/CreateTest.php @@ -173,7 +173,7 @@ public function admin_can_create_user_with_longest_possible_local_part_email() #[Test] public function admin_cannot_create_user_with_invalid_local_part_email() { - $email = str_repeat('a', 65) . '@machine.local'; + $email = str_repeat('a', 65).'@machine.local'; $response = $this->send( $this->request( From c9c5cf9889cfca49d9e6ab7c8b50ce79e1f245e5 Mon Sep 17 00:00:00 2001 From: Davide Iadeluca Date: Mon, 18 Nov 2024 12:13:49 +0100 Subject: [PATCH 3/5] fix: change length of email field --- ..._18_000000_increase_email_field_length.php | 25 +++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 framework/core/migrations/2024_11_18_000000_increase_email_field_length.php diff --git a/framework/core/migrations/2024_11_18_000000_increase_email_field_length.php b/framework/core/migrations/2024_11_18_000000_increase_email_field_length.php new file mode 100644 index 0000000000..f1325546b8 --- /dev/null +++ b/framework/core/migrations/2024_11_18_000000_increase_email_field_length.php @@ -0,0 +1,25 @@ + function (Builder $schema) { + $schema->table('users', function (Blueprint $table) { + $table->string('email', 254)->change(); + }); + }, + + 'down' => function (Builder $schema) { + $schema->table('users', function (Blueprint $table) { + $table->string('email', 150)->change(); + }); + } +]; From 893759e61b2953289e1d20cf12076600d861ee71 Mon Sep 17 00:00:00 2001 From: Davide Iadeluca Date: Mon, 18 Nov 2024 12:22:05 +0100 Subject: [PATCH 4/5] chore: remove unnecessary tests --- .../integration/api/users/CreateTest.php | 91 ------------------- 1 file changed, 91 deletions(-) diff --git a/framework/core/tests/integration/api/users/CreateTest.php b/framework/core/tests/integration/api/users/CreateTest.php index 6dafe2d484..df146fea7a 100644 --- a/framework/core/tests/integration/api/users/CreateTest.php +++ b/framework/core/tests/integration/api/users/CreateTest.php @@ -138,97 +138,6 @@ public function admins_can_create_activated_users() $this->assertEquals(1, $user->is_email_confirmed); } - #[Test] - public function admin_can_create_user_with_longest_possible_local_part_email() - { - $email = str_repeat('a', 64).'@machine.local'; - - $response = $this->send( - $this->request( - 'POST', - '/api/users', - [ - 'authenticatedAs' => 1, - 'json' => [ - 'data' => [ - 'attributes' => [ - 'username' => 'test', - 'password' => 'too-obscure', - 'email' => $email, - ], - ] - ], - ] - ) - ); - - $this->assertEquals(201, $response->getStatusCode()); - - /** @var User $user */ - $user = User::where('username', 'test')->firstOrFail(); - - $this->assertEquals($email, $user->email); - } - - #[Test] - public function admin_cannot_create_user_with_invalid_local_part_email() - { - $email = str_repeat('a', 65).'@machine.local'; - - $response = $this->send( - $this->request( - 'POST', - '/api/users', - [ - 'authenticatedAs' => 1, - 'json' => [ - 'data' => [ - 'attributes' => [ - 'username' => 'test', - 'password' => 'too-obscure', - 'email' => $email, - ], - ] - ], - ] - ) - ); - - $this->assertEquals(422, $response->getStatusCode()); - } - - #[Test] - public function admin_can_create_user_with_longest_valid_domain() - { - $email = 't@'.str_repeat('a', 63).'.'.str_repeat('b', 63).'.'.str_repeat('c', 63).'.'.str_repeat('d', 58).'.x'; - - $response = $this->send( - $this->request( - 'POST', - '/api/users', - [ - 'authenticatedAs' => 1, - 'json' => [ - 'data' => [ - 'attributes' => [ - 'username' => 'test', - 'password' => 'too-obscure', - 'email' => $email, - ], - ] - ], - ] - ) - ); - - $this->assertEquals(201, $response->getStatusCode()); - - /** @var User $user */ - $user = User::where('username', 'test')->firstOrFail(); - - $this->assertEquals($email, $user->email); - } - #[Test] public function admin_can_create_user_with_longest_valid_email() { From e3f0b2018f23a031795a1d9f736d8388b5f66892 Mon Sep 17 00:00:00 2001 From: Davide Iadeluca Date: Fri, 22 Nov 2024 10:35:05 +0100 Subject: [PATCH 5/5] refactor: split migration --- ..._increase_email_field_length_of_users.php} | 0 ...ase_email_field_length_in_email_tokens.php | 25 +++++++++++++++++++ 2 files changed, 25 insertions(+) rename framework/core/migrations/{2024_11_18_000000_increase_email_field_length.php => 2024_11_18_000000_increase_email_field_length_of_users.php} (100%) create mode 100644 framework/core/migrations/2024_11_22_000000_increase_email_field_length_in_email_tokens.php diff --git a/framework/core/migrations/2024_11_18_000000_increase_email_field_length.php b/framework/core/migrations/2024_11_18_000000_increase_email_field_length_of_users.php similarity index 100% rename from framework/core/migrations/2024_11_18_000000_increase_email_field_length.php rename to framework/core/migrations/2024_11_18_000000_increase_email_field_length_of_users.php diff --git a/framework/core/migrations/2024_11_22_000000_increase_email_field_length_in_email_tokens.php b/framework/core/migrations/2024_11_22_000000_increase_email_field_length_in_email_tokens.php new file mode 100644 index 0000000000..d83df4db06 --- /dev/null +++ b/framework/core/migrations/2024_11_22_000000_increase_email_field_length_in_email_tokens.php @@ -0,0 +1,25 @@ + function (Builder $schema) { + $schema->table('email_tokens', function (Blueprint $table) { + $table->string('email', 254)->change(); + }); + }, + + 'down' => function (Builder $schema) { + $schema->table('email_tokens', function (Blueprint $table) { + $table->string('email', 150)->change(); + }); + } +];