diff --git a/core/admin/mailu/ui/views/domains.py b/core/admin/mailu/ui/views/domains.py index a48bb154..4010e2ae 100644 --- a/core/admin/mailu/ui/views/domains.py +++ b/core/admin/mailu/ui/views/domains.py @@ -2,6 +2,7 @@ from mailu import models from mailu.ui import ui, forms, access from flask import current_app as app +import validators import flask import flask_login import wtforms_components @@ -18,18 +19,21 @@ def domain_list(): def domain_create(): form = forms.DomainForm() if form.validate_on_submit(): - conflicting_domain = models.Domain.query.get(form.name.data) - conflicting_alternative = models.Alternative.query.get(form.name.data) - conflicting_relay = models.Relay.query.get(form.name.data) - if conflicting_domain or conflicting_alternative or conflicting_relay: - flask.flash('Domain %s is already used' % form.name.data, 'error') + if validators.domain(form.name.data): + conflicting_domain = models.Domain.query.get(form.name.data) + conflicting_alternative = models.Alternative.query.get(form.name.data) + conflicting_relay = models.Relay.query.get(form.name.data) + if conflicting_domain or conflicting_alternative or conflicting_relay: + flask.flash('Domain %s is already used' % form.name.data, 'error') + else: + domain = models.Domain() + form.populate_obj(domain) + models.db.session.add(domain) + models.db.session.commit() + flask.flash('Domain %s created' % domain) + return flask.redirect(flask.url_for('.domain_list')) else: - domain = models.Domain() - form.populate_obj(domain) - models.db.session.add(domain) - models.db.session.commit() - flask.flash('Domain %s created' % domain) - return flask.redirect(flask.url_for('.domain_list')) + flask.flash('Domain %s is invalid' % form.name.data, 'error') return flask.render_template('domain/create.html', form=form) diff --git a/towncrier/newsfragments/2210.bugfix b/towncrier/newsfragments/2210.bugfix new file mode 100644 index 00000000..32c19003 --- /dev/null +++ b/towncrier/newsfragments/2210.bugfix @@ -0,0 +1 @@ +Add input validation for domain creation