diff --git a/src/db/models/SavedFilter.ts b/src/db/models/SavedFilter.ts index aecb49b..c18d850 100644 --- a/src/db/models/SavedFilter.ts +++ b/src/db/models/SavedFilter.ts @@ -1,6 +1,6 @@ import { DataTypes, Model } from 'sequelize'; -import { NAME_REGEX, UUID_VERSION } from '../../utils/constants'; +import { SET_FILTER_NAME_REGEX, UUID_VERSION } from '../../utils/constants'; import { handleUniqueName } from '../../utils/savedFilters'; import sequelizeConnection from '../config'; @@ -53,7 +53,7 @@ SavedFilterModel.init( title: { type: DataTypes.TEXT, validate: { - is: NAME_REGEX, + is: SET_FILTER_NAME_REGEX, }, }, tag: DataTypes.TEXT, diff --git a/src/db/models/UserSets.ts b/src/db/models/UserSets.ts index 1892fae..0d32cc7 100644 --- a/src/db/models/UserSets.ts +++ b/src/db/models/UserSets.ts @@ -1,6 +1,6 @@ import { DataTypes, Model } from 'sequelize'; -import { NAME_REGEX, UUID_VERSION } from '../../utils/constants'; +import { SET_FILTER_NAME_REGEX, UUID_VERSION } from '../../utils/constants'; import sequelizeConnection from '../config'; interface IUserSetAttributes { @@ -50,7 +50,7 @@ UserSetModel.init( type: DataTypes.STRING, allowNull: false, validate: { - is: NAME_REGEX, + is: SET_FILTER_NAME_REGEX, }, }, sharedpublicly: { diff --git a/src/utils/constants.ts b/src/utils/constants.ts index 23273e3..1b11645 100644 --- a/src/utils/constants.ts +++ b/src/utils/constants.ts @@ -1,4 +1,5 @@ export const UUID_VERSION = 4; export const NAME_REGEX = /^[\u0027-\u0029\u002F-\u0039\u0040\u0061-\u007A\u00C0-\uFFFF ,.'\-_]+$/iu; // see regex.test.ts to understand the regex +export const SET_FILTER_NAME_REGEX = /^[\w\s()\-_,.|:'[\]]{1,200}$/iu; // see regex.test.ts to understand the regex export const LINKEDIN_REGEX = /^(http(s)?:\/\/)?([\w]+\.)?linkedin\.com\/(pub|in|profile)\/([-a-zA-Z0-9]+)\/*/iu; export const MAX_LENGTH_PER_ROLE = 100; diff --git a/src/utils/regex.test.ts b/src/utils/regex.test.ts index a455472..b6a8360 100644 --- a/src/utils/regex.test.ts +++ b/src/utils/regex.test.ts @@ -1,4 +1,4 @@ -import { NAME_REGEX } from './constants'; +import { NAME_REGEX, SET_FILTER_NAME_REGEX } from './constants'; describe('NAME_REGEX', () => { it('should allow alphanumeric lower and uppercase', () => { @@ -47,3 +47,40 @@ describe('NAME_REGEX', () => { expect(NAME_REGEX.test('a~a')).toBeFalsy(); }); }); + +describe('SET_NAME_REGEX', () => { + it('should allow alphanumeric lower and uppercase', () => { + expect(SET_FILTER_NAME_REGEX.test('ThisIsAlphanumeric123')).toBeTruthy(); + }); + it(`should allow / @ ( ) ' - _ , . space`, () => { + expect(SET_FILTER_NAME_REGEX.test(`( ) ' - _ , . [ ] : |`)).toBeTruthy(); + }); + it(`should not allow ; { } ^ ! " # $ % & * + < = > ? \\ ~`, () => { + expect(SET_FILTER_NAME_REGEX.test('a;a')).toBeFalsy(); + expect(SET_FILTER_NAME_REGEX.test('a{a')).toBeFalsy(); + expect(SET_FILTER_NAME_REGEX.test('a}a')).toBeFalsy(); + expect(SET_FILTER_NAME_REGEX.test('a^a')).toBeFalsy(); + expect(SET_FILTER_NAME_REGEX.test('a!a')).toBeFalsy(); + expect(SET_FILTER_NAME_REGEX.test('a"a')).toBeFalsy(); + expect(SET_FILTER_NAME_REGEX.test('a#a')).toBeFalsy(); + expect(SET_FILTER_NAME_REGEX.test('a$a')).toBeFalsy(); + expect(SET_FILTER_NAME_REGEX.test('a%a')).toBeFalsy(); + expect(SET_FILTER_NAME_REGEX.test('a&a')).toBeFalsy(); + expect(SET_FILTER_NAME_REGEX.test('a*a')).toBeFalsy(); + expect(SET_FILTER_NAME_REGEX.test('a+a')).toBeFalsy(); + expect(SET_FILTER_NAME_REGEX.test('aa')).toBeFalsy(); + expect(SET_FILTER_NAME_REGEX.test('a?a')).toBeFalsy(); + expect(SET_FILTER_NAME_REGEX.test('a\\a')).toBeFalsy(); + expect(SET_FILTER_NAME_REGEX.test('a~a')).toBeFalsy(); + }); + it(`should not allow more than 200 character names`, () => { + expect( + SET_FILTER_NAME_REGEX.test( + 'aaaaaaaaaa aaaaaaaaaa aaaaaaaaaa aaaaaaaaaa aaaaaaaaaa aaaaaaaaaa aaaaaaaaaa aaaaaaaaaa aaaaaaaaaa aaaaaaaaaa ' + + 'aaaaaaaaaa aaaaaaaaaa aaaaaaaaaa aaaaaaaaaa aaaaaaaaaa aaaaaaaaaa aaaaaaaaaa aaaaaaaaaa aaaaaaaaaa aaaaaaaaaa', + ), + ).toBeFalsy(); + }); +});