From 37c834725c7461a33ee4b1befbb88c89c441db33 Mon Sep 17 00:00:00 2001
From: Dessalines <tyhou13@gmx.com>
Date: Mon, 4 Apr 2022 16:23:18 -0400
Subject: [PATCH] Make sure application questionaire is required. Fixes #2189

Also fix local image domain check. Was failing for blank strings /
replaces.
---
 crates/api/src/local_user.rs            |  6 +++---
 crates/api_common/src/lib.rs            |  6 ++----
 crates/api_crud/src/community/create.rs | 12 ++++++------
 crates/api_crud/src/community/update.rs | 10 +++++-----
 crates/api_crud/src/site/create.rs      | 16 ++++++++--------
 crates/api_crud/src/site/update.rs      | 17 ++++++++++++-----
 6 files changed, 36 insertions(+), 31 deletions(-)

diff --git a/crates/api/src/local_user.rs b/crates/api/src/local_user.rs
index 0819c98f..731f7438 100644
--- a/crates/api/src/local_user.rs
+++ b/crates/api/src/local_user.rs
@@ -176,9 +176,6 @@ impl Perform for SaveUserSettings {
     let local_user_view =
       get_local_user_view_from_jwt(&data.auth, context.pool(), context.secret()).await?;
 
-    check_image_has_local_domain(&data.avatar)?;
-    check_image_has_local_domain(&data.banner)?;
-
     let avatar = diesel_option_overwrite_to_url(&data.avatar)?;
     let banner = diesel_option_overwrite_to_url(&data.banner)?;
     let bio = diesel_option_overwrite(&data.bio);
@@ -188,6 +185,9 @@ impl Perform for SaveUserSettings {
     let email_deref = data.email.as_deref().map(|e| e.to_owned());
     let email = diesel_option_overwrite(&email_deref);
 
+    check_image_has_local_domain(avatar.as_ref().unwrap_or(&None))?;
+    check_image_has_local_domain(banner.as_ref().unwrap_or(&None))?;
+
     if let Some(Some(email)) = &email {
       let previous_email = local_user_view.local_user.email.clone().unwrap_or_default();
       // Only send the verification email if there was an email change
diff --git a/crates/api_common/src/lib.rs b/crates/api_common/src/lib.rs
index 50919b3c..0d6789e7 100644
--- a/crates/api_common/src/lib.rs
+++ b/crates/api_common/src/lib.rs
@@ -7,7 +7,7 @@ pub mod websocket;
 
 use crate::site::FederatedInstances;
 use lemmy_db_schema::{
-  newtypes::{CommunityId, LocalUserId, PersonId, PostId},
+  newtypes::{CommunityId, DbUrl, LocalUserId, PersonId, PostId},
   source::{
     comment::Comment,
     community::Community,
@@ -41,7 +41,6 @@ use lemmy_utils::{
 };
 use rosetta_i18n::{Language, LanguageId};
 use tracing::warn;
-use url::Url;
 
 pub async fn blocking<F, T>(pool: &DbPool, f: F) -> Result<T, LemmyError>
 where
@@ -580,10 +579,9 @@ pub async fn remove_user_data_in_community(
   Ok(())
 }
 
-pub fn check_image_has_local_domain(url: &Option<String>) -> Result<(), LemmyError> {
+pub fn check_image_has_local_domain(url: &Option<DbUrl>) -> Result<(), LemmyError> {
   if let Some(url) = url {
     let settings = Settings::get();
-    let url = Url::parse(url)?;
     let domain = url.domain().expect("url has domain");
     if domain != settings.hostname {
       return Err(LemmyError::from_message("image_not_local"));
diff --git a/crates/api_crud/src/community/create.rs b/crates/api_crud/src/community/create.rs
index c76fe430..27bce73e 100644
--- a/crates/api_crud/src/community/create.rs
+++ b/crates/api_crud/src/community/create.rs
@@ -61,11 +61,15 @@ impl PerformCrud for CreateCommunity {
       ));
     }
 
+    // Check to make sure the icon and banners are urls
+    let icon = diesel_option_overwrite_to_url(&data.icon)?;
+    let banner = diesel_option_overwrite_to_url(&data.banner)?;
+
     check_slurs(&data.name, &context.settings().slur_regex())?;
     check_slurs(&data.title, &context.settings().slur_regex())?;
     check_slurs_opt(&data.description, &context.settings().slur_regex())?;
-    check_image_has_local_domain(&data.icon)?;
-    check_image_has_local_domain(&data.banner)?;
+    check_image_has_local_domain(icon.as_ref().unwrap_or(&None))?;
+    check_image_has_local_domain(banner.as_ref().unwrap_or(&None))?;
 
     if !is_valid_actor_name(&data.name, context.settings().actor_name_max_length) {
       return Err(LemmyError::from_message("invalid_community_name"));
@@ -83,10 +87,6 @@ impl PerformCrud for CreateCommunity {
       return Err(LemmyError::from_message("community_already_exists"));
     }
 
-    // Check to make sure the icon and banners are urls
-    let icon = diesel_option_overwrite_to_url(&data.icon)?;
-    let banner = diesel_option_overwrite_to_url(&data.banner)?;
-
     // When you create a community, make sure the user becomes a moderator and a follower
     let keypair = generate_actor_keypair()?;
 
diff --git a/crates/api_crud/src/community/update.rs b/crates/api_crud/src/community/update.rs
index f2a0c94c..b3b89368 100644
--- a/crates/api_crud/src/community/update.rs
+++ b/crates/api_crud/src/community/update.rs
@@ -36,10 +36,13 @@ impl PerformCrud for EditCommunity {
     let local_user_view =
       get_local_user_view_from_jwt(&data.auth, context.pool(), context.secret()).await?;
 
+    let icon = diesel_option_overwrite_to_url(&data.icon)?;
+    let banner = diesel_option_overwrite_to_url(&data.banner)?;
+
     check_slurs_opt(&data.title, &context.settings().slur_regex())?;
     check_slurs_opt(&data.description, &context.settings().slur_regex())?;
-    check_image_has_local_domain(&data.icon)?;
-    check_image_has_local_domain(&data.banner)?;
+    check_image_has_local_domain(icon.as_ref().unwrap_or(&None))?;
+    check_image_has_local_domain(banner.as_ref().unwrap_or(&None))?;
 
     // Verify its a mod (only mods can edit it)
     let community_id = data.community_id;
@@ -58,9 +61,6 @@ impl PerformCrud for EditCommunity {
     })
     .await??;
 
-    let icon = diesel_option_overwrite_to_url(&data.icon)?;
-    let banner = diesel_option_overwrite_to_url(&data.banner)?;
-
     let community_form = CommunityForm {
       name: read_community.name,
       title: data.title.to_owned().unwrap_or(read_community.title),
diff --git a/crates/api_crud/src/site/create.rs b/crates/api_crud/src/site/create.rs
index a38f211d..3ee2874b 100644
--- a/crates/api_crud/src/site/create.rs
+++ b/crates/api_crud/src/site/create.rs
@@ -48,19 +48,19 @@ impl PerformCrud for CreateSite {
     let local_user_view =
       get_local_user_view_from_jwt(&data.auth, context.pool(), context.secret()).await?;
 
-    check_slurs(&data.name, &context.settings().slur_regex())?;
-    check_slurs_opt(&data.description, &context.settings().slur_regex())?;
-    check_image_has_local_domain(&data.icon)?;
-    check_image_has_local_domain(&data.banner)?;
-
-    // Make sure user is an admin
-    is_admin(&local_user_view)?;
-
     let sidebar = diesel_option_overwrite(&data.sidebar);
     let description = diesel_option_overwrite(&data.description);
     let icon = diesel_option_overwrite_to_url(&data.icon)?;
     let banner = diesel_option_overwrite_to_url(&data.banner)?;
 
+    check_slurs(&data.name, &context.settings().slur_regex())?;
+    check_slurs_opt(&data.description, &context.settings().slur_regex())?;
+    check_image_has_local_domain(icon.as_ref().unwrap_or(&None))?;
+    check_image_has_local_domain(banner.as_ref().unwrap_or(&None))?;
+
+    // Make sure user is an admin
+    is_admin(&local_user_view)?;
+
     if let Some(Some(desc)) = &description {
       site_description_length_check(desc)?;
     }
diff --git a/crates/api_crud/src/site/update.rs b/crates/api_crud/src/site/update.rs
index 11a23f26..1fa33b2b 100644
--- a/crates/api_crud/src/site/update.rs
+++ b/crates/api_crud/src/site/update.rs
@@ -37,11 +37,6 @@ impl PerformCrud for EditSite {
     let local_user_view =
       get_local_user_view_from_jwt(&data.auth, context.pool(), context.secret()).await?;
 
-    check_slurs_opt(&data.name, &context.settings().slur_regex())?;
-    check_slurs_opt(&data.description, &context.settings().slur_regex())?;
-    check_image_has_local_domain(&data.icon)?;
-    check_image_has_local_domain(&data.banner)?;
-
     // Make sure user is an admin
     is_admin(&local_user_view)?;
 
@@ -53,10 +48,22 @@ impl PerformCrud for EditSite {
     let icon = diesel_option_overwrite_to_url(&data.icon)?;
     let banner = diesel_option_overwrite_to_url(&data.banner)?;
 
+    check_slurs_opt(&data.name, &context.settings().slur_regex())?;
+    check_slurs_opt(&data.description, &context.settings().slur_regex())?;
+    check_image_has_local_domain(icon.as_ref().unwrap_or(&None))?;
+    check_image_has_local_domain(banner.as_ref().unwrap_or(&None))?;
+
     if let Some(Some(desc)) = &description {
       site_description_length_check(desc)?;
     }
 
+    // Make sure if applications are required, that there is an application questionnaire
+    if data.require_application.unwrap_or(false)
+      && application_question.as_ref().unwrap_or(&None).is_none()
+    {
+      return Err(LemmyError::from_message("application_question_required"));
+    }
+
     let site_form = SiteForm {
       name: data.name.to_owned().unwrap_or(local_site.name),
       sidebar,