fix url regex

Hanagotchi · Apr 4, 2024 · b37b6ee · b37b6ee
1 parent 43620a6
commit b37b6ee
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 16 deletions.
diff --git a/app/schemas/Schemas.py b/app/schemas/Schemas.py
@@ -33,7 +33,7 @@ class LoginRequest(BaseModel):
 class UpdateUserSchema(BaseModel):
     name: Optional[str] = None
     gender: Optional[str] = None
-    photo: Optional[HttpUrl] = None
+    photo: Optional[str] = None
     birthdate: Optional[date] = None
     location: Optional[Dict] = None
     nickname: Optional[str] = None

diff --git a/app/service/Users.py b/app/service/Users.py
@@ -25,6 +25,20 @@ def create_user(self, user_data: dict):
             raise InvalidData()
         return self.user_repository.create_user(**user_data)
 
+    def update_user(self, user_id: int, update_data: dict):
+        # TODO: aca habria que chequear a partir del token, session o algo que
+        # es el propio usuario editando sus datos y no permitir
+        # que un usuario edite los de un tercero
+        self.get_user(user_id)
+        filtered_update_data = {k: v for k, v in update_data.items()
+                                if v is not None}
+        if 'photo' in filtered_update_data:
+            photo_url = filtered_update_data['photo']
+            if not re.match(r'^https?://(?:[a-zA-Z0-9-]+\.)+[a-zA-Z]{2,6}'
+                            r'(?:/[^/#?]+)+(?:\?.*)?$', photo_url):
+                raise InvalidURL("Invalid photo URL")
+        self.user_repository.edit_user(user_id, filtered_update_data)
+
     def login(self, auth_code: str):
         access_token = self._get_access_token(auth_code)
         if access_token is None:
@@ -72,21 +86,6 @@ def _get_user_info(self, access_token):
             user_data['photo'] = response.json().get("picture")
         return user_data
 
-    def update_user(self, user_id: int, update_data: dict):
-        # TODO: aca habria que chequear a partir del token, session o algo que
-        # es el propio usuario editando sus datos y no permitir
-        # que un usuario edite los de un tercero
-        self.get_user(user_id)
-        filtered_update_data = {k: v for k, v in update_data.items()
-                                if v is not None}
-        if 'photo' in filtered_update_data:
-            photo_url = filtered_update_data['photo']
-            if not re.match(r'^https?://(?:[a-zA-Z0-9-]+\.)+[a-zA-Z]{2,6}'
-                            r'(?:/[^/#?]+)+\.(?:jpg|jpeg|png|gif)$',
-                            photo_url):
-                raise InvalidURL("Invalid photo URL")
-        self.user_repository.edit_user(user_id, filtered_update_data)
-
     def _validate_location(self, location):
         if "lat" in location and "long" in location:
             if -90 <= location["lat"] <= 90 and \