Changeset a0c6ceeb in subsurface


Ignore:
Timestamp:
Jul 14, 2017, 10:41:25 PM (4 months ago)
Author:
Dirk Hohndel <dirk@…>
Branches:
master
Children:
9397dbb
Parents:
1b8b112
git-author:
Dirk Hohndel <dirk@…> (07/14/17 22:15:31)
git-committer:
Dirk Hohndel <dirk@…> (07/14/17 22:41:25)
Message:

QML UI: enforce rules for cloud credentials

Email addresses are checked for a someone useful pattern, passwords are
letters, numbers, and +-_. only. Reject anything else.

Signed-off-by: Dirk Hohndel <dirk@…>

File:
1 edited

Legend:

Unmodified
Added
Removed
  • mobile-widgets/qmlmanager.cpp

    r2c111bb ra0c6ceeb  
    279279        QSettings s;
    280280        bool cloudCredentialsChanged = false;
     281        // make sure we only have letters, numbers, and +-_. in password and email address
     282        QRegularExpression regExp("^[a-zA-Z0-9@.+_-]+$");
     283        QString cloudPwd = cloudPassword();
     284        QString cloudUser = cloudUserName();
     285        if (cloudPwd.isEmpty() || !reg.match(cloudPwd) || !reg.match(cloudUser) {
     286                setStartPageText(RED_FONT + tr("Cloud storage email and password can only consist of letters, numbers, and '.', '-', '_', and '+'.") + END_FONT);
     287                return;
     288        }
     289        // use the same simplistic regex as the backend to check email addresses
     290        regExp = QRegularExpression("^[a-zA-Z0-9.+_-]+@[a-zA-Z0-9.+_-]+\\.[a-zA-Z0-9]+");
     291        if (!regExp.match(cloudUser).hasMatch()) {
     292                setStartPageText(RED_FONT + tr("Invalid format for email address") + END_FONT);
     293                return;
     294        }
    281295        s.beginGroup("CloudStorage");
    282         s.setValue("email", cloudUserName());
    283         s.setValue("password", cloudPassword());
     296        s.setValue("email", cloudUser);
     297        s.setValue("password", cloudPwd);
    284298        s.sync();
    285         if (!same_string(prefs.cloud_storage_email, qPrintable(cloudUserName()))) {
     299        if (!same_string(prefs.cloud_storage_email, qPrintable(cloudUser))) {
    286300                free(prefs.cloud_storage_email);
    287                 prefs.cloud_storage_email = strdup(qPrintable(cloudUserName()));
     301                prefs.cloud_storage_email = strdup(qPrintable(cloudUser));
    288302                cloudCredentialsChanged = true;
    289303        }
    290304
    291         cloudCredentialsChanged |= !same_string(prefs.cloud_storage_password, qPrintable(cloudPassword()));
     305        cloudCredentialsChanged |= !same_string(prefs.cloud_storage_password, qPrintable(cloudPwd));
    292306
    293307        if (!cloudCredentialsChanged) {
     
    296310        }
    297311
    298         if (!same_string(prefs.cloud_storage_password, qPrintable(cloudPassword()))) {
     312        if (!same_string(prefs.cloud_storage_password, qPrintable(cloudPwd))) {
    299313                free(prefs.cloud_storage_password);
    300                 prefs.cloud_storage_password = strdup(qPrintable(cloudPassword()));
    301         }
    302         if (cloudUserName().isEmpty() || cloudPassword().isEmpty()) {
     314                prefs.cloud_storage_password = strdup(qPrintable(cloudPwd));
     315        }
     316        if (cloudUser.isEmpty() || cloudPwd.isEmpty()) {
    303317                setStartPageText(RED_FONT + tr("Please enter valid cloud credentials.") + END_FONT);
    304318        } else if (cloudCredentialsChanged) {
    305319                // let's make sure there are no unsaved changes
    306320                saveChangesLocal();
    307 
    308321                free(prefs.userid);
    309322                prefs.userid = NULL;
Note: See TracChangeset for help on using the changeset viewer.