sipwise
/
ngcp-panel
mirror of https://github.com/sipwise/ngcp-panel.git
1
0
Fork 0
Code Issues Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '42d91eda8f'
${ noResults }
ngcp-panel/lib/NGCP/Panel/Utils/Form.pm

162 lines
6.3 KiB
Raw Blame History

package NGCP::Panel::Utils::Form;
use Sipwise::Base;
use Crypt::Cracklib;
use NGCP::Panel::Utils::Auth;
sub validate_password {
my %params = @_;
my $c = $params{c};
my $field = $params{field};
my $r = $c->config->{security};
my $utf8 = $params{utf8} // 1;
my $pass = $field->value;
my $minlen = $r->{password_min_length} // 6;
my $maxlen = $r->{password_max_length} // 40;
if(length($pass) < $minlen) {
$field->add_error($c->loc('Must be at minimum [_1] characters long', $minlen));
}
if(length($pass) > $maxlen) {
$field->add_error($c->loc('Must be at maximum [_1] characters long', $maxlen));
}
if($r->{password_musthave_lowercase} && $pass !~ /[a-z]/) {
$field->add_error($c->loc('Must contain lower-case characters'));
}
if($r->{password_musthave_uppercase} && $pass !~ /[A-Z]/) {
$field->add_error($c->loc('Must contain upper-case characters'));
}
if($r->{password_musthave_digit} && $pass !~ /[0-9]/) {
$field->add_error($c->loc('Must contain digits'));
}
if($r->{password_musthave_specialchar} && $pass !~ /[^0-9a-zA-Z]/) {
$field->add_error($c->loc('Must contain special characters'));
}
if (!$utf8 && $pass && !NGCP::Panel::Utils::Auth::check_password($pass)) {
$field->add_error($c->loc('Contains invalid characters'));
}
if($field->name eq "password" && $r->{password_sip_validate}) {
my $user;
if($field->form->field('username')) {
$user = $field->form->field('username')->value;
} elsif($c->stash->{subscriber}) {
$user = $c->stash->{subscriber}->provisioning_voip_subscriber->username;
}
if(defined $user && $pass =~ /$user/i) {
$field->add_error($c->loc('Must not contain username'));
}
unless(Crypt::Cracklib::check($pass)) {
$field->add_error($c->loc('Password is too weak'));
}
} elsif($field->name eq "webpassword" && $r->{password_web_validate}) {
my $user;
if($field->form->field('webusername')) {
$user = $field->form->field('webusername')->value;
} elsif($c->stash->{subscriber}) {
$user = $c->stash->{subscriber}->provisioning_voip_subscriber->webusername;
}
if(defined $user && $pass =~ /$user/i) {
$field->add_error($c->loc('Must not contain username'));
}
unless(Crypt::Cracklib::check($pass)) {
$field->add_error($c->loc('Password is too weak'));
}
}
}
sub validate_entities {
my (%params) = @_;
#usage:
#1. last unless validate_entities(c => $c, contracts => 4711, customers => 4712);
#2. return unless validate_entities(c => $c, resource => $json, contract_id => 'contracts');
#3. my $entities = {}; last unless validate_entities(c => $c, resource => $json,
# parent_id => $c->user->reseller_id,
# profile_id => { resultset => 'billing_profiles',
# optional => 1,
# parent_field => 'reseller_id',
# deleted_field => 'status',
# deleted_value => 'terminated'},
# entities => $entities);
#4. last unless validate_entities(..., error => sub { $self->error($c, HTTP_UNPROCESSABLE_ENTITY, shift); });
#5. validation in form handlers...
my @args = qw/c resource parent_id error entities/;
my ($c,$res,$parent_id,$err_code,$entities) = delete @params{@args};
my $schema = $c->model('DB');
if ('CODE' ne ref $err_code) {
$err_code = sub { return; };
}
my $validate_field = sub {
my $name = shift;
my $field = $params{$name}; # { id, resultset, optional, deleted_field, deleted_value, parent_field }
my $is_res = 'HASH' eq ref $res;
if ('HASH' ne ref $field) {
$field = { ($is_res ? 'resultset' : 'id'), $field };
}
if ($is_res) {
$field->{id} = $res->{$name} if !exists $field->{id};
$field->{label} //= "'" . $name . "'";
} else {
$field->{resultset} //= $name;
$field->{label} //= $name . ' ID';
}
$field->{optional} //= 0;
$field->{hfh_field} //= $name;
if (!$field->{optional} && !defined $field->{id}) {
return 0 unless &{$err_code}("Invalid $field->{label}, not defined.",$field->{hfh_field});
}
my $entity = undef;
eval {
$entity = (defined $field->{id} ? $schema->resultset($field->{resultset})->find({id => $field->{id}},($field->{lock} ? {for => 'update'} : undef)) : undef);
};
if ($@) {
return 0 unless &{$err_code}($@,$field->{hfh_field});
}
if (defined $field->{id} && !defined $entity) {
return 0 unless &{$err_code}("Invalid $field->{label} ($field->{id}).",$field->{hfh_field});
}
if (defined $field->{deleted_field} && defined $field->{deleted_value} && defined $entity) {
my $deleted_accessor = $field->{deleted_field};
if (defined $entity->$deleted_accessor() && $field->{deleted_value} eq $entity->$deleted_accessor()) {
return 0 unless &{$err_code}("Invalid $field->{label} ($field->{id}), $field->{deleted_value}.",$field->{hfh_field});
}
}
if (defined $parent_id && defined $field->{parent_field} && defined $entity) {
my $parent_accessor = $field->{parent_field};
if (defined $entity->$parent_accessor() && $parent_id != $entity->$parent_accessor()) {
return 0 unless &{$err_code}("The $field->{parent} of $field->{label} (" . $entity->$parent_accessor() . ") doesn't match.",$field->{hfh_field});
}
}
if ('HASH' eq ref $entities) {
$entities->{$name} = $entity;
}
return 1;
};
foreach my $name (keys %params) {
return 0 unless &$validate_field($name);
}
return 1;
}
sub validate_number_uri {
my %params = @_;
my $c = $params{c};
my $field = $params{field};
my $val = $field->value;
unless ($val =~ /^\s*(sip:)*[[:lower:][:upper:][:digit:]+=,;_.~'()!*-]+\@[\w\d\-_\.]+\s*$/ ||
$val =~ /^\s*\+*[0-9a-z]+\s*$/i) {
$field->add_error($c->loc('Must be either a number or user@domain format.'));
}
}
1;
# vim: set tabstop=4 expandtab:
Reference in new issue View Git Blame Copy Permalink