From ff43ea3abee733bc6ba0d8025889c1501cf7f0c9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Alexander=20Aleksandrovi=C4=8D=20Klimov?=
 <al2klimov@gmail.com>
Date: Fri, 5 Jul 2024 09:31:26 +0200
Subject: [PATCH] Limit contact.username and .contact_address length (#221)

* for
https://github.com/Icinga/icinga-notifications/pull/203#discussion_r1663976988
---
 .../Notifications/Web/Form/ContactForm.php    | 40 ++++++++++++-------
 1 file changed, 25 insertions(+), 15 deletions(-)

diff --git a/library/Notifications/Web/Form/ContactForm.php b/library/Notifications/Web/Form/ContactForm.php
index bd2037fd..17121f95 100644
--- a/library/Notifications/Web/Form/ContactForm.php
+++ b/library/Notifications/Web/Form/ContactForm.php
@@ -16,6 +16,7 @@
 use ipl\Stdlib\Filter;
 use ipl\Validator\CallbackValidator;
 use ipl\Validator\EmailAddressValidator;
+use ipl\Validator\StringLengthValidator;
 use ipl\Web\Common\CsrfCounterMeasure;
 use ipl\Web\Compat\CompatForm;
 
@@ -95,20 +96,25 @@ protected function assemble()
             'username',
             [
                 'label' => $this->translate('Username'),
-                'validators' => [new CallbackValidator(function ($value, $validator) {
-                    $contact = Contact::on($this->db)->filter(Filter::equal('username', $value));
-                    if ($this->contactId) {
-                        $contact->filter(Filter::unequal('id', $this->contactId));
-                    }
-
-                    if ($contact->first() !== null) {
-                        $validator->addMessage($this->translate('A contact with the same username already exists.'));
-
-                        return false;
-                    }
-
-                    return true;
-                })]
+                'validators' => [
+                    new StringLengthValidator(['max' => 254]),
+                    new CallbackValidator(function ($value, $validator) {
+                        $contact = Contact::on($this->db)->filter(Filter::equal('username', $value));
+                        if ($this->contactId) {
+                            $contact->filter(Filter::unequal('id', $this->contactId));
+                        }
+
+                        if ($contact->first() !== null) {
+                            $validator->addMessage($this->translate(
+                                'A contact with the same username already exists.'
+                            ));
+
+                            return false;
+                        }
+
+                        return true;
+                    })
+                ]
             ]
         )->addElement(
             'select',
@@ -283,7 +289,11 @@ private function addAddressElements(): void
         $this->addElement($address);
 
         foreach ($plugins as $type => $label) {
-            $element = $this->createElement('text', $type, ['label' => $label]);
+            $element = $this->createElement('text', $type, [
+                'label'      => $label,
+                'validators' => [new StringLengthValidator(['max' => 255])]
+            ]);
+
             if ($type === 'email') {
                 $element->addAttributes(['validators' => [new EmailAddressValidator()]]);
             }