Add some backend changes and validation for field length

Closes #225 and #226

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

lib/mobilizon/events/event.ex

@@ -125,6 +125,7 @@ defmodule Mobilizon.Events.Event do
     |> cast(attrs, @attrs)
     |> cast_embed(:options)
     |> validate_required(@required_attrs)
+    |> validate_lengths()
   end
 
   @doc false
@@ -135,6 +136,18 @@ defmodule Mobilizon.Events.Event do
     |> cast_embed(:options)
     |> put_tags(attrs)
     |> validate_required(@update_required_attrs)
+    |> validate_lengths()
+  end
+
+  @spec validate_lengths(Ecto.Changeset.t()) :: Ecto.Changeset.t()
+  defp validate_lengths(%Ecto.Changeset{} = changeset) do
+    changeset
+    |> validate_length(:title, min: 3, max: 200)
+    |> validate_length(:online_address, min: 3, max: 2000)
+    |> validate_length(:phone_address, min: 3, max: 200)
+    |> validate_length(:category, min: 2, max: 100)
+    # |> validate_length(:category, min: 2, max: 100)
+    |> validate_length(:slug, min: 3, max: 200)
   end
 
   @doc """

lib/mobilizon/events/tag.ex

@@ -36,5 +36,7 @@ defmodule Mobilizon.Events.Tag do
     |> TitleSlug.maybe_generate_slug()
     |> validate_required(@required_attrs)
     |> TitleSlug.unique_constraint()
+    |> validate_length(:title, min: 2, max: 20)
+    |> validate_length(:slug, min: 2, max: 20)
   end
 end

lib/mobilizon/users/user.ex

@@ -79,7 +79,7 @@ defmodule Mobilizon.Users.User do
       |> validate_required(@required_attrs)
       |> unique_constraint(:email, message: "This email is already used.")
       |> validate_email()
-      |> validate_length(:password, min: 6, max: 100, message: "The chosen password is too short.")
+      |> validate_length(:password, min: 6, max: 200, message: "The chosen password is too short.")
 
     if Map.has_key?(attrs, :default_actor) do
       put_assoc(changeset, :default_actor, attrs.default_actor)
@@ -130,7 +130,7 @@ defmodule Mobilizon.Users.User do
     |> cast(attrs, required_attrs)
     |> validate_length(:password,
       min: 6,
-      max: 100,
+      max: 200,
       message: "registration.error.password_too_short"
     )
     |> hash_password()
@@ -154,7 +154,7 @@ defmodule Mobilizon.Users.User do
   end
 
   @spec save_confirmation_token(Ecto.Changeset.t()) :: Ecto.Changeset.t()
-  defp save_confirmation_token(changeset) do
+  defp save_confirmation_token(%Ecto.Changeset{} = changeset) do
     case changeset do
       %Ecto.Changeset{valid?: true, changes: %{email: _email}} ->
         now = DateTime.utc_now()
@@ -169,7 +169,9 @@ defmodule Mobilizon.Users.User do
   end
 
   @spec validate_email(Ecto.Changeset.t()) :: Ecto.Changeset.t()
-  defp validate_email(changeset) do
+  defp validate_email(%Ecto.Changeset{} = changeset) do
+    changeset = validate_length(changeset, :email, min: 3, max: 250)
+
     case changeset do
       %Ecto.Changeset{valid?: true, changes: %{email: email}} ->
         case EmailChecker.valid?(email) do
@@ -186,7 +188,7 @@ defmodule Mobilizon.Users.User do
   end
 
   @spec hash_password(Ecto.Changeset.t()) :: Ecto.Changeset.t()
-  defp hash_password(changeset) do
+  defp hash_password(%Ecto.Changeset{} = changeset) do
     case changeset do
       %Ecto.Changeset{valid?: true, changes: %{password: password}} ->
         put_change(changeset, :password_hash, Argon2.hash_pwd_salt(password))