StyAndCo/zeppelin
3
0
Fork 0
mirror of https://github.com/ZeppelinBot/Zeppelin.git synced 2025-05-10 20:35:02 +00:00
Code Releases Activity

Add support for safe regex type checking; make sure regexes passed to Censor are safe

Browse source
This commit is contained in:
Dragory 2019-08-04 13:41:35 +03:00
parent 4034c6a850
commit 68380c5ac3
4 changed files with 46 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

4
src/plugins/Censor.ts
View file

@ -17,6 +17,7 @@ import { SavedMessage } from "../data/entities/SavedMessage";
import { ZeppelinPlugin } from "./ZeppelinPlugin";
import cloneDeep from "lodash.clonedeep";
import * as t from "io-ts";
import { TSafeRegexString } from "../validatorUtils";
const ConfigSchema = t.type({
filter_zalgo: t.boolean,
@ -31,12 +32,13 @@ const ConfigSchema = t.type({
domain_blacklist: tNullable(t.array(t.string)),
blocked_tokens: tNullable(t.array(t.string)),
blocked_words: tNullable(t.array(t.string)),
blocked_regex: tNullable(t.array(t.string)),
blocked_regex: tNullable(t.array(TSafeRegexString)),
});
type TConfigSchema = t.TypeOf<typeof ConfigSchema>;
export class CensorPlugin extends ZeppelinPlugin<TConfigSchema> {
public static pluginName = "censor";
protected static configSchema = ConfigSchema;
protected serverLogs: GuildLogs;
protected savedMessages: GuildSavedMessages;

17
src/validatorUtils.ts
View file

@ -1,8 +1,19 @@
import * as t from "io-ts";
import { pipe } from "fp-ts/lib/pipeable";
import { fold } from "fp-ts/lib/Either";
import { fold, either } from "fp-ts/lib/Either";
import { noop } from "./utils";
import deepDiff from "deep-diff";
import safeRegex from "safe-regex";
export const TSafeRegexString = new t.Type(
"TSafeRegexString",
(s): s is string => typeof s === "string",
(from, to) =>
either.chain(t.string.validate(from, to), s => {
return safeRegex(s) ? t.success(s) : t.failure(from, to, "Unsafe regex");
}),
s => s,
);
// From io-ts/lib/PathReporter
function stringify(v) {
@ -35,10 +46,12 @@ const report = fold((errors: any) => {
return errors.map(err => {
if (err.message) return err.message;
const context = err.context.map(c => c.key).filter(k => k && !k.startsWith("{"));
if (context.length > 0 && !isNaN(context[context.length - 1])) context.splice(-1);
const value = stringify(err.value);
return value === undefined
? `<${context.join("/")}> is required`
: `Invalid value <${stringify(err.value)}> supplied to <${context.join("/")}>`;
: `Invalid value supplied to <${context.join("/")}>`;
});
}, noop);