Refactor email attributes (#1458)

* Add StrictEmailAddress attribute * Remove duplicate checks, use attributes instead * Rename EmailAddressListAttribute
2025-03-01 04:01:11 +01:00 · 2021-07-16 08:01:51 +10:00 · 2021-07-16 08:01:51 +10:00 · 7abb053914
commit 7abb053914
parent 752aa70924
7 changed files with 43 additions and 23 deletions
--- a/src/Core/Models/Api/Public/Request/MemberCreateRequestModel.cs
+++ b/src/Core/Models/Api/Public/Request/MemberCreateRequestModel.cs
@ -2,36 +2,24 @@
 using System.Collections.Generic;
 using System.ComponentModel.DataAnnotations;
 using Bit.Core.Models.Table;
+using Bit.Core.Utilities;

 namespace Bit.Core.Models.Api.Public
 {
-    public class MemberCreateRequestModel : MemberUpdateRequestModel, IValidatableObject
+    public class MemberCreateRequestModel : MemberUpdateRequestModel
    {
        /// <summary>
        /// The member's email address.
        /// </summary>
        /// <example>jsmith@example.com</example>
        [Required]
-        [EmailAddress]
+        [StringLength(256)]
+        [StrictEmailAddress]
        public string Email { get; set; }

        public override OrganizationUser ToOrganizationUser(OrganizationUser existingUser)
        {
            throw new NotImplementedException();
        }
-
-        public IEnumerable<ValidationResult> Validate(ValidationContext validationContext)
-        {
-            if (Email.Contains(" ") || Email.Contains("<"))
-            {
-                yield return new ValidationResult($"Email is not valid.",
-                    new string[] { nameof(Email) });
-            }
-            else if (Email.Length > 256)
-            {
-                yield return new ValidationResult($"Email is longer than 256 characters.",
-                    new string[] { nameof(Email) });
-            }
-        }
    }
 }
--- a/src/Core/Models/Api/Request/Accounts/EmailRequestModel.cs
+++ b/src/Core/Models/Api/Request/Accounts/EmailRequestModel.cs
@ -1,12 +1,13 @@
 using System;
 using System.ComponentModel.DataAnnotations;
+using Bit.Core.Utilities;

 namespace Bit.Core.Models.Api
 {
    public class EmailRequestModel
    {
        [Required]
-        [EmailAddress]
+        [StrictEmailAddress]
        [StringLength(256)]
        public string NewEmail { get; set; }
        [Required]
--- a/src/Core/Models/Api/Request/Accounts/RegisterRequestModel.cs
+++ b/src/Core/Models/Api/Request/Accounts/RegisterRequestModel.cs
@ -4,6 +4,7 @@ using System.ComponentModel.DataAnnotations;
 using Bit.Core.Enums;
 using Bit.Core.Models.Business;
 using Bit.Core.Models.Table;
+using Bit.Core.Utilities;
 using Newtonsoft.Json;

 namespace Bit.Core.Models.Api
@ -13,7 +14,7 @@ namespace Bit.Core.Models.Api
        [StringLength(50)]
        public string Name { get; set; }
        [Required]
-        [EmailAddress]
+        [StrictEmailAddress]
        [StringLength(256)]
        public string Email { get; set; }
        [Required]
--- a/src/Core/Models/Api/Request/Organizations/OrganizationUserRequestModels.cs
+++ b/src/Core/Models/Api/Request/Organizations/OrganizationUserRequestModels.cs
@ -12,7 +12,7 @@ namespace Bit.Core.Models.Api
    public class OrganizationUserInviteRequestModel
    {
        [Required]
-        [EmailAddressList]
+        [StrictEmailAddressList]
        public IEnumerable<string> Emails { get; set; }
        [Required]
        public Enums.OrganizationUserType? Type { get; set; }
--- a/src/Core/Models/Api/Request/Providers/ProviderUserRequestModels.cs
+++ b/src/Core/Models/Api/Request/Providers/ProviderUserRequestModels.cs
@ -11,7 +11,7 @@ namespace Bit.Core.Models.Api
    public class ProviderUserInviteRequestModel
    {
        [Required]
-        [EmailAddressList]
+        [StrictEmailAddressList]
        public IEnumerable<string> Emails { get; set; }
        [Required]
        public ProviderUserType? Type { get; set; }
--- a/src/Core/Utilities/StrictEmailAddressAttribute.cs
+++ b/src/Core/Utilities/StrictEmailAddressAttribute.cs
@ -0,0 +1,30 @@
+using System;
+using System.ComponentModel.DataAnnotations;
+using System.Text.RegularExpressions;
+
+namespace Bit.Core.Utilities
+{
+    public class StrictEmailAddressAttribute : ValidationAttribute
+    {
+        public StrictEmailAddressAttribute()
+            : base("The {0} field is not a valid e-mail address.")
+        {}
+        
+        public override bool IsValid(object value)
+        {
+            var emailAddress = value?.ToString();
+            if (emailAddress == null)
+            {
+                return false;
+            }
+
+            var illegalChars = @"[\s<>()]";
+            if (Regex.IsMatch(emailAddress, illegalChars))
+            {
+                return false;
+            }
+             
+            return new EmailAddressAttribute().IsValid(emailAddress);
+        }
+    }
+}
--- a/src/Core/Utilities/StrictEmailAddressListAttribute.cs
+++ b/src/Core/Utilities/StrictEmailAddressListAttribute.cs
@ -4,11 +4,11 @@ using System.Linq;

 namespace Bit.Core.Utilities
 {
-    public class EmailAddressListAttribute : ValidationAttribute
+    public class StrictEmailAddressListAttribute : ValidationAttribute
    {
        protected override ValidationResult IsValid(object value, ValidationContext validationContext)
        {
-            var emailAttribute = new EmailAddressAttribute();
+            var strictEmailAttribute = new StrictEmailAddressAttribute();
            var emails = value as IList<string>;

            if (!emails?.Any() ?? true)
@ -24,7 +24,7 @@ namespace Bit.Core.Utilities
            for (var i = 0; i < emails.Count(); i++)
            {
                var email = emails.ElementAt(i);
-                if (!emailAttribute.IsValid(email) || email.Contains(" ") || email.Contains("<"))
+                if (!strictEmailAttribute.IsValid(email))
                {
                    return new ValidationResult($"Email #{i + 1} is not valid.");
                }