Limit contact.username and .contact_address length (#221)

* for Icinga/icinga-notifications#203 (comment)
Icinga · Jul 5, 2024 · ff43ea3 · ff43ea3
1 parent cc71c7d
commit ff43ea3
Showing 1 changed file with 25 additions and 15 deletions.
diff --git a/library/Notifications/Web/Form/ContactForm.php b/library/Notifications/Web/Form/ContactForm.php
@@ -16,6 +16,7 @@
 use ipl\Stdlib\Filter;
 use ipl\Validator\CallbackValidator;
 use ipl\Validator\EmailAddressValidator;
+use ipl\Validator\StringLengthValidator;
 use ipl\Web\Common\CsrfCounterMeasure;
 use ipl\Web\Compat\CompatForm;
 
@@ -95,20 +96,25 @@ protected function assemble()
             'username',
             [
                 'label' => $this->translate('Username'),
-                'validators' => [new CallbackValidator(function ($value, $validator) {
-                    $contact = Contact::on($this->db)->filter(Filter::equal('username', $value));
-                    if ($this->contactId) {
-                        $contact->filter(Filter::unequal('id', $this->contactId));
-                    }
-
-                    if ($contact->first() !== null) {
-                        $validator->addMessage($this->translate('A contact with the same username already exists.'));
-
-                        return false;
-                    }
-
-                    return true;
-                })]
+                'validators' => [
+                    new StringLengthValidator(['max' => 254]),
+                    new CallbackValidator(function ($value, $validator) {
+                        $contact = Contact::on($this->db)->filter(Filter::equal('username', $value));
+                        if ($this->contactId) {
+                            $contact->filter(Filter::unequal('id', $this->contactId));
+                        }
+
+                        if ($contact->first() !== null) {
+                            $validator->addMessage($this->translate(
+                                'A contact with the same username already exists.'
+                            ));
+
+                            return false;
+                        }
+
+                        return true;
+                    })
+                ]
             ]
         )->addElement(
             'select',
@@ -283,7 +289,11 @@ private function addAddressElements(): void
         $this->addElement($address);
 
         foreach ($plugins as $type => $label) {
-            $element = $this->createElement('text', $type, ['label' => $label]);
+            $element = $this->createElement('text', $type, [
+                'label'      => $label,
+                'validators' => [new StringLengthValidator(['max' => 255])]
+            ]);
+
             if ($type === 'email') {
                 $element->addAttributes(['validators' => [new EmailAddressValidator()]]);
             }