Add length validations for string fields (#24283).

Patch by Felix Schäfer.

git-svn-id: http://svn.redmine.org/redmine/trunk@15989 e93f8b46-1217-0410-a6f0-8f06a7374b81

6 files changed, 7 insertions, 1 deletions

diff --git a/app/models/custom_field.rb b/app/models/custom_field.rb
index 46d45813c..8936a6d66 100644
--- a/app/models/custom_field.rb
+++ b/app/models/custom_field.rb
@@ -32,6 +32,7 @@ class CustomField < ActiveRecord::Base
   validates_presence_of :name, :field_format
   validates_uniqueness_of :name, :scope => :type
   validates_length_of :name, :maximum => 30
+  validates_length_of :regexp, maximum: 30
   validates_inclusion_of :field_format, :in => Proc.new { Redmine::FieldFormat.available_formats }
   validate :validate_custom_field
   attr_protected :id
diff --git a/app/models/repository.rb b/app/models/repository.rb
index 0a04b58e8..c563789b6 100644
--- a/app/models/repository.rb
+++ b/app/models/repository.rb
@@ -37,7 +37,9 @@ class Repository < ActiveRecord::Base
   # has_many :changesets, :dependent => :destroy is too slow for big repositories
   before_destroy :clear_changesets
 
+  validates_length_of :login, maximum: 60, allow_nil: true
   validates_length_of :password, :maximum => 255, :allow_nil => true
+  validates_length_of :root_url, :url, maximum: 255
   validates_length_of :identifier, :maximum => IDENTIFIER_MAX_LENGTH, :allow_blank => true
   validates_uniqueness_of :identifier, :scope => :project_id
   validates_exclusion_of :identifier, :in => %w(browse show entry raw changes annotate diff statistics graph revisions revision)
diff --git a/app/models/user.rb b/app/models/user.rb
index 1a6b621c0..81a2e7c77 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -111,6 +111,7 @@ class User < Principal
   validates_format_of :login, :with => /\A[a-z0-9_\-@\.]*\z/i
   validates_length_of :login, :maximum => LOGIN_LENGTH_LIMIT
   validates_length_of :firstname, :lastname, :maximum => 30
+  validates_length_of :identity_url, maximum: 255
   validates_inclusion_of :mail_notification, :in => MAIL_NOTIFICATION_OPTIONS.collect(&:first), :allow_blank => true
   validate :validate_password_length
   validate do
diff --git a/app/models/version.rb b/app/models/version.rb
index 2b82f7c5b..14428f605 100644
--- a/app/models/version.rb
+++ b/app/models/version.rb
@@ -35,7 +35,7 @@ class Version < ActiveRecord::Base
   validates_presence_of :name
   validates_uniqueness_of :name, :scope => [:project_id]
   validates_length_of :name, :maximum => 60
-  validates_length_of :description, :maximum => 255
+  validates_length_of :description, :wiki_page_title, :maximum => 255
   validates :effective_date, :date => true
   validates_inclusion_of :status, :in => VERSION_STATUSES
   validates_inclusion_of :sharing, :in => VERSION_SHARINGS
diff --git a/app/models/wiki.rb b/app/models/wiki.rb
index 188cb5b6c..e629baf9b 100644
--- a/app/models/wiki.rb
+++ b/app/models/wiki.rb
@@ -25,6 +25,7 @@ class Wiki < ActiveRecord::Base
 
   validates_presence_of :start_page
   validates_format_of :start_page, :with => /\A[^,\.\/\?\;\|\:]*\z/
+  validates_length_of :title, maximum: 255
   attr_protected :id
 
   before_destroy :delete_redirects
diff --git a/app/models/wiki_page.rb b/app/models/wiki_page.rb
index ae1e74cca..9922fa4be 100644
--- a/app/models/wiki_page.rb
+++ b/app/models/wiki_page.rb
@@ -45,6 +45,7 @@ class WikiPage < ActiveRecord::Base
   validates_presence_of :title
   validates_format_of :title, :with => /\A[^,\.\/\?\;\|\s]*\z/
   validates_uniqueness_of :title, :scope => :wiki_id, :case_sensitive => false
+  validates_length_of :title, maximum: 255
   validates_associated :content
   attr_protected :id