Trim various user inputs if needed (#969)

jvyden · web-flow · commit ff54771a948f · 2025-10-23T19:08:31.000-04:00
Makes various string inputs entered by users through both the API and
the game get trimmed if they're too long.

Also makes trimming behaviour across game and API endpoints more
consistent (e.g. too long descriptions in game user updates will now
just be trimmed, instead of the entire request being rejected), and
invalid labels in API review submissions will just be removed for
consistency, instead of the whole review being rejected.
diff --git a/Refresh.Interfaces.APIv3/Endpoints/ApiTypes/Errors/ApiValidationError.cs b/Refresh.Interfaces.APIv3/Endpoints/ApiTypes/Errors/ApiValidationError.cs
@@ -37,9 +37,6 @@ public class ApiValidationError : ApiError
 
     public const string DontReviewLevelBeforePlayingWhen = "You may not review levels you haven't played yet";
     public static readonly ApiValidationError DontReviewLevelBeforePlaying = new(DontReviewLevelBeforePlayingWhen);
-
-    public const string ReviewHasInvalidLabelsWhen = "Your review contained invalid labels";
-    public static readonly ApiValidationError ReviewHasInvalidLabels = new(ReviewHasInvalidLabelsWhen);
     
     public const string HashInvalidErrorWhen = "The hash is invalid (should be SHA1 hash)";
     public static readonly ApiValidationError HashInvalidError = new(HashInvalidErrorWhen);
diff --git a/Refresh.Interfaces.APIv3/Endpoints/CommentApiEndpoints.cs b/Refresh.Interfaces.APIv3/Endpoints/CommentApiEndpoints.cs
@@ -2,6 +2,7 @@
 using Bunkum.Core;
 using Bunkum.Core.Endpoints;
 using Bunkum.Protocols.Http;
+using Refresh.Common.Constants;
 using Refresh.Core.Types.Data;
 using Refresh.Database;
 using Refresh.Database.Models.Comments;
@@ -43,6 +44,10 @@ public ApiResponse<ApiProfileCommentResponse> PostCommentOnProfile(RequestContex
         GameUser? profile = dataContext.Database.GetUserByUuid(uuid);
         if (profile == null) return ApiNotFoundError.UserMissingError;
 
+        // Trim content
+        if (body.Content.Length > UgcLimits.CommentLimit) 
+            body.Content = body.Content[..UgcLimits.CommentLimit];
+
         GameProfileComment comment = dataContext.Database.PostCommentToProfile(profile, user, body.Content);
         return ApiProfileCommentResponse.FromOld(comment, dataContext);
     }
@@ -118,6 +123,10 @@ public ApiResponse<ApiLevelCommentResponse> PostCommentOnLevel(RequestContext co
         GameLevel? level = dataContext.Database.GetLevelById(id);
         if (level == null) return ApiNotFoundError.LevelMissingError;
 
+        // Trim content
+        if (body.Content.Length > UgcLimits.CommentLimit) 
+            body.Content = body.Content[..UgcLimits.CommentLimit];
+
         GameLevelComment comment = dataContext.Database.PostCommentToLevel(level, user, body.Content);
         return ApiLevelCommentResponse.FromOld(comment, dataContext);
     }
diff --git a/Refresh.Interfaces.APIv3/Endpoints/LevelApiEndpoints.cs b/Refresh.Interfaces.APIv3/Endpoints/LevelApiEndpoints.cs
@@ -3,6 +3,7 @@
 using Bunkum.Core.Endpoints;
 using Bunkum.Core.Storage;
 using Bunkum.Protocols.Http;
+using Refresh.Common.Constants;
 using Refresh.Common.Verification;
 using Refresh.Core.Authentication.Permission;
 using Refresh.Core.Services;
@@ -63,6 +64,13 @@ public ApiResponse<ApiGameLevelResponse> EditLevelById(RequestContext context,
             !dataContext.GuidChecker.IsTextureGuid(level.GameVersion, long.Parse(body.IconHash)))
             return ApiValidationError.InvalidTextureGuidError;
         
+        // Trim title and description
+        if (body.Title != null && body.Title.Length > UgcLimits.TitleLimit) 
+            body.Title = body.Title[..UgcLimits.TitleLimit];
+
+        if (body.Description != null && body.Description.Length > UgcLimits.DescriptionLimit)
+            body.Description = body.Description[..UgcLimits.DescriptionLimit];
+        
         level = dataContext.Database.UpdateLevel(body, level, dataContext.User);
 
         return ApiGameLevelResponse.FromOld(level, dataContext);
diff --git a/Refresh.Interfaces.APIv3/Endpoints/ReviewApiEndpoints.cs b/Refresh.Interfaces.APIv3/Endpoints/ReviewApiEndpoints.cs
@@ -84,28 +84,21 @@ public ApiResponse<ApiGameReviewResponse> GetReviewById(RequestContext context,
     }
 
     /// <returns>
-    /// The validated list of labels. If null, return BadRequest.
+    /// The validated list of labels. Labels which are duplicates or invalid will be removed.
+    /// Also, the list will be trimmed if there are too many labels.
     /// </returns>
-    private List<Label>? ValidateLabels(List<Label> input)
-    {
-        // Duplicate labels aren't as bad as invalid ones, so just remove them.
-        // Same with too many labels.
-        List<Label> ret = input.Distinct().Take(UgcLimits.MaximumLabels).ToList();
-
-        foreach (Label label in ret)
-        {
-            if (!Enum.IsDefined(label)) return null;
-        }
-
-        return ret;
-    }
+    private List<Label> ValidateLabels(List<Label> input)
+        => input
+            .Distinct()
+            .Where(l => Enum.IsDefined(l))
+            .Take(UgcLimits.MaximumLabels)
+            .ToList();
 
     [ApiV3Endpoint("levels/id/{id}/reviews", HttpMethods.Post)]
     [DocSummary("Posts a review to the specified level. Updates the user's current review if they've already posted one.")]
     [DocError(typeof(ApiNotFoundError), ApiNotFoundError.LevelMissingErrorWhen)]
     [DocError(typeof(ApiValidationError), ApiValidationError.DontReviewOwnLevelWhen)]
     [DocError(typeof(ApiValidationError), ApiValidationError.DontReviewLevelBeforePlayingWhen)]
-    [DocError(typeof(ApiValidationError), ApiValidationError.ReviewHasInvalidLabelsWhen)]
     [DocError(typeof(ApiValidationError), ApiValidationError.RatingParseErrorWhen)]
     public ApiResponse<ApiGameReviewResponse> PostReviewToLevel(RequestContext context,
         GameDatabaseContext database, IDataStore dataStore, GameUser user,
@@ -126,9 +119,6 @@ public ApiResponse<ApiGameReviewResponse> PostReviewToLevel(RequestContext conte
         if (body.Labels != null)
         {
             body.Labels = this.ValidateLabels(body.Labels);
-
-            if (body.Labels == null) 
-                return ApiValidationError.ReviewHasInvalidLabels;
         }
         
         if (body.LevelRating != null)
@@ -139,10 +129,9 @@ public ApiResponse<ApiGameReviewResponse> PostReviewToLevel(RequestContext conte
             database.RateLevel(level, user, body.LevelRating.Value);
         }
 
-        // TODO: Use the comment char limit constant once the other PR is merged.
-        if (body.Content != null && body.Content.Length > 4096)
+        if (body.Content != null && body.Content.Length > UgcLimits.CommentLimit)
         {
-            body.Content = body.Content[..4096];
+            body.Content = body.Content[..UgcLimits.CommentLimit];
         }
 
         GameReview review = database.AddReviewToLevel(body, level, user);
@@ -153,7 +142,6 @@ public ApiResponse<ApiGameReviewResponse> PostReviewToLevel(RequestContext conte
     [DocSummary("Updates a review by ID.")]
     [DocError(typeof(ApiNotFoundError), ApiNotFoundError.ReviewMissingErrorWhen)]
     [DocError(typeof(ApiValidationError), ApiValidationError.NoReviewEditPermissionErrorWhen)]
-    [DocError(typeof(ApiValidationError), ApiValidationError.ReviewHasInvalidLabelsWhen)]
     [DocError(typeof(ApiValidationError), ApiValidationError.RatingParseErrorWhen)]
     public ApiResponse<ApiGameReviewResponse> UpdateReviewById(RequestContext context,
         GameDatabaseContext database, IDataStore dataStore, GameUser user,
@@ -170,9 +158,6 @@ public ApiResponse<ApiGameReviewResponse> UpdateReviewById(RequestContext contex
         if (body.Labels != null)
         {
             body.Labels = this.ValidateLabels(body.Labels);
-
-            if (body.Labels == null) 
-                return ApiValidationError.ReviewHasInvalidLabels;
         }
 
         if (body.LevelRating != null)
@@ -183,9 +168,9 @@ public ApiResponse<ApiGameReviewResponse> UpdateReviewById(RequestContext contex
             database.RateLevel(review.Level, user, body.LevelRating.Value);
         }
 
-        if (body.Content != null && body.Content.Length > 4096)
+        if (body.Content != null && body.Content.Length > UgcLimits.CommentLimit)
         {
-            body.Content = body.Content[..4096];
+            body.Content = body.Content[..UgcLimits.CommentLimit];
         }
         
         review = database.UpdateReview(body, review);
diff --git a/Refresh.Interfaces.APIv3/Endpoints/UserApiEndpoints.cs b/Refresh.Interfaces.APIv3/Endpoints/UserApiEndpoints.cs
@@ -3,6 +3,7 @@
 using Bunkum.Core.Endpoints;
 using Bunkum.Core.Storage;
 using Bunkum.Protocols.Http;
+using Refresh.Common.Constants;
 using Refresh.Core.Authentication.Permission;
 using Refresh.Core.Configuration;
 using Refresh.Core.Services;
@@ -72,6 +73,10 @@ public ApiResponse<ApiExtendedGameUserResponse> UpdateUser(RequestContext contex
 
         if (body.EmailAddress != null && !smtpService.CheckEmailDomainValidity(body.EmailAddress))
             return ApiValidationError.EmailDoesNotActuallyExistError;
+        
+        // Trim description
+        if (body.Description != null && body.Description.Length > UgcLimits.DescriptionLimit)
+            body.Description = body.Description[..UgcLimits.DescriptionLimit];
 
         database.UpdateUserData(user, body);
         return ApiExtendedGameUserResponse.FromOld(user, dataContext);
diff --git a/Refresh.Interfaces.Game/Endpoints/ChallengeEndpoints.cs b/Refresh.Interfaces.Game/Endpoints/ChallengeEndpoints.cs
@@ -4,6 +4,7 @@
 using Bunkum.Core.Responses;
 using Bunkum.Listener.Protocol;
 using Bunkum.Protocols.Http;
+using Refresh.Common.Constants;
 using Refresh.Core.Authentication.Permission;
 using Refresh.Core.Configuration;
 using Refresh.Core.Services;
@@ -82,6 +83,10 @@ public Response UploadChallenge(RequestContext context, DataContext dataContext,
         if (body.Criteria.Count > 1)
             dataContext.Logger.LogWarning(BunkumCategory.UserContent, $"Challenge by {user.Username} on level ID {level.LevelId} has {body.Criteria.Count} criteria, only the first one will be saved");
 
+        // Trim name
+        if (body.Name.Length > UgcLimits.TitleLimit) 
+            body.Name = body.Name[..UgcLimits.TitleLimit];
+
         GameChallenge challenge = dataContext.Database.CreateChallenge(body, level, user);
 
         // Return a SerializedChallenge which is not body, else the game will not send the first score
diff --git a/Refresh.Interfaces.Game/Endpoints/CommentEndpoints.cs b/Refresh.Interfaces.Game/Endpoints/CommentEndpoints.cs
@@ -31,8 +31,7 @@ public Response PostProfileComment(RequestContext context, GameDatabaseContext d
 
         if (body.Content.Length > UgcLimits.CommentLimit)
         {
-            database.AddErrorNotification("Failed to post comment", $"Your comment under {profile.Username}'s profile couldn't be posted because it was too long.", user);
-            return BadRequest;
+            body.Content = body.Content[..UgcLimits.CommentLimit];
         }
         
         // TODO: include a check for if the user wants to receive these types of notifications 
@@ -96,8 +95,7 @@ public Response PostLevelComment(RequestContext context, GameDatabaseContext dat
 
         if (body.Content.Length > UgcLimits.CommentLimit)
         {
-            database.AddErrorNotification("Failed to post comment", $"Your comment under the level '{level.Title}' couldn't be posted because it was too long.", user);
-            return BadRequest;
+            body.Content = body.Content[..UgcLimits.CommentLimit];
         }
 
         if (level.Publisher != null && !level.Publisher.Equals(user)) 
diff --git a/Refresh.Interfaces.Game/Endpoints/Playlists/Lbp1PlaylistEndpoints.cs b/Refresh.Interfaces.Game/Endpoints/Playlists/Lbp1PlaylistEndpoints.cs
@@ -3,6 +3,7 @@
 using Bunkum.Core.Responses;
 using Bunkum.Listener.Protocol;
 using Bunkum.Protocols.Http;
+using Refresh.Common.Constants;
 using Refresh.Core.Authentication.Permission;
 using Refresh.Core.Configuration;
 using Refresh.Core.Types.Data;
@@ -49,6 +50,13 @@ public Response CreatePlaylist(RequestContext context, DataContext dataContext,
                 return BadRequest;
         }
 
+        // Trim name and description
+        if (body.Name.Length > UgcLimits.TitleLimit) 
+            body.Name = body.Name[..UgcLimits.TitleLimit];
+
+        if (body.Description.Length > UgcLimits.DescriptionLimit)
+            body.Description = body.Description[..UgcLimits.DescriptionLimit];
+
         // Create the playlist, marking it as the root playlist if the user does not have one set already
         GamePlaylist playlist = dataContext.Database.CreatePlaylist(user, body, rootPlaylist == null);
 
@@ -155,6 +163,13 @@ public Response UpdatePlaylistMetadata(RequestContext context, GameServerConfig
         if (playlist.PublisherId != user.UserId)
             return Unauthorized;
         
+        // Trim name and description
+        if (body.Name.Length > UgcLimits.TitleLimit) 
+            body.Name = body.Name[..UgcLimits.TitleLimit];
+
+        if (body.Description.Length > UgcLimits.DescriptionLimit)
+            body.Description = body.Description[..UgcLimits.DescriptionLimit];
+        
         database.UpdatePlaylist(playlist, body);
         return OK;
     }
diff --git a/Refresh.Interfaces.Game/Endpoints/Playlists/Lbp3PlaylistEndpoints.cs b/Refresh.Interfaces.Game/Endpoints/Playlists/Lbp3PlaylistEndpoints.cs
@@ -3,6 +3,7 @@
 using Bunkum.Core.Responses;
 using Bunkum.Listener.Protocol;
 using Bunkum.Protocols.Http;
+using Refresh.Common.Constants;
 using Refresh.Core.Authentication.Permission;
 using Refresh.Core.Configuration;
 using Refresh.Core.Types.Data;
@@ -30,6 +31,13 @@ public Response CreatePlaylist(RequestContext context, GameServerConfig config,
         // if the player has no root playlist yet, create a new one first
         rootPlaylist ??= dataContext.Database.CreateRootPlaylist(user);
 
+        // Trim name and description
+        if (body.Name != null && body.Name.Length > UgcLimits.TitleLimit) 
+            body.Name = body.Name[..UgcLimits.TitleLimit];
+
+        if (body.Description != null && body.Description.Length > UgcLimits.DescriptionLimit)
+            body.Description = body.Description[..UgcLimits.DescriptionLimit];
+
         // create the actual playlist and add it to the root playlist
         GamePlaylist playlist = dataContext.Database.CreatePlaylist(user, body);
         dataContext.Database.AddPlaylistToPlaylist(playlist, rootPlaylist!);
@@ -53,6 +61,13 @@ public Response UpdatePlaylist(RequestContext context, GameServerConfig config,
         if (playlist.PublisherId != user.UserId)
             return Unauthorized;
         
+        // Trim name and description
+        if (body.Name != null && body.Name.Length > UgcLimits.TitleLimit) 
+            body.Name = body.Name[..UgcLimits.TitleLimit];
+
+        if (body.Description != null && body.Description.Length > UgcLimits.DescriptionLimit)
+            body.Description = body.Description[..UgcLimits.DescriptionLimit];
+        
         dataContext.Database.UpdatePlaylist(playlist, body);
         
         // get playlist from database a second time to respond with it in its updated state
diff --git a/Refresh.Interfaces.Game/Endpoints/ReportingEndpoints.cs b/Refresh.Interfaces.Game/Endpoints/ReportingEndpoints.cs
@@ -4,6 +4,7 @@
 using Bunkum.Core.Responses;
 using Bunkum.Listener.Protocol;
 using Bunkum.Protocols.Http;
+using Refresh.Common.Constants;
 using Refresh.Common.Time;
 using Refresh.Core.Authentication.Permission;
 using Refresh.Core.Configuration;
@@ -120,6 +121,10 @@ public Response UploadReport(RequestContext context, GameDatabaseContext databas
             }));
         }
 
+        // Trim description
+        if (body.Description != null && body.Description.Length > UgcLimits.DescriptionLimit)
+            body.Description = body.Description[..UgcLimits.DescriptionLimit];
+
         GriefReport griefReport = new()
         {
             Reporter = user,
diff --git a/Refresh.Interfaces.Game/Endpoints/ReviewEndpoints.cs b/Refresh.Interfaces.Game/Endpoints/ReviewEndpoints.cs
@@ -135,10 +135,9 @@ public Response PostReviewForLevel(RequestContext context,
         if (level == null)
             return NotFound;
         
-        // TODO: Use the comment char limit constant once the other PR is merged.
-        if (body.Content!.Length > 4096)
+        if (body.Content != null && body.Content.Length > UgcLimits.CommentLimit)
         {
-            body.Content = body.Content[..4096];
+            body.Content = body.Content[..UgcLimits.CommentLimit];
         }
 
         //You cant review a level you haven't played.
diff --git a/Refresh.Interfaces.Game/Endpoints/UserEndpoints.cs b/Refresh.Interfaces.Game/Endpoints/UserEndpoints.cs
@@ -137,10 +137,10 @@ public SerializedFriendsList GetFriends(RequestContext context, GameDatabaseCont
             return null;
         }
 
+        // Trim description
         if (data.Description is { Length: > UgcLimits.DescriptionLimit })
         {
-            dataContext.Database.AddErrorNotification("Profile update failed", $"Your profile failed to update because the description was too long. The max length is {UgcLimits.DescriptionLimit} characters.", user);
-            return null;
+            data.Description = data.Description[..UgcLimits.DescriptionLimit];
         }
         
         dataContext.Database.UpdateUserData(user, data, dataContext.Game);
diff --git a/RefreshTests.GameServer/Tests/ApiV3/ReviewApiTests.cs b/RefreshTests.GameServer/Tests/ApiV3/ReviewApiTests.cs
@@ -87,6 +87,30 @@ public void PostAndUpdateReview()
         Assert.That(context.Database.GetTotalReviewsByUser(reviewer), Is.EqualTo(1));
     }
 
+    [Test]
+    public void ReviewContentGetsTrimmed()
+    {
+        using TestContext context = this.GetServer();
+        GameUser publisher = context.CreateUser();
+        GameLevel level = context.CreateLevel(publisher);
+        int id = level.LevelId;
+
+        GameUser reviewer = context.CreateUser();
+        using HttpClient client = context.GetAuthenticatedClient(TokenType.Api, reviewer);
+        context.Database.PlayLevel(level, reviewer, 1);
+
+        ApiSubmitReviewRequest reviewToPost = new()
+        {
+            LevelRating = RatingType.Yay,
+            Content = new string('S', 9000),
+        };
+        ApiResponse<ApiGameReviewResponse>? response = client.PostData<ApiGameReviewResponse>($"/api/v3/levels/id/{id}/reviews", reviewToPost, false);
+
+        Assert.That(response?.Data, Is.Not.Null);
+        Assert.That(response!.Success, Is.True);
+        Assert.That(response.Data!.Text.Length, Is.EqualTo(UgcLimits.CommentLimit));
+    }
+
     [Test]
     public void CantEditNonexistentReview()
     {
diff --git a/RefreshTests.GameServer/Tests/ApiV3/UserApiTests.cs b/RefreshTests.GameServer/Tests/ApiV3/UserApiTests.cs
@@ -1,7 +1,9 @@
+using Refresh.Common.Constants;
 using Refresh.Database.Models.Authentication;
 using Refresh.Database.Models.Users;
 using Refresh.Interfaces.APIv3.Endpoints.ApiTypes;
 using Refresh.Interfaces.APIv3.Endpoints.ApiTypes.Errors;
+using Refresh.Interfaces.APIv3.Endpoints.DataTypes.Request;
 using Refresh.Interfaces.APIv3.Endpoints.DataTypes.Request.Authentication;
 using Refresh.Interfaces.APIv3.Endpoints.DataTypes.Response.Categories;
 using Refresh.Interfaces.APIv3.Endpoints.DataTypes.Response.Users;
@@ -161,6 +163,23 @@ public void CanPatchOwnUser()
         Assert.That(user.Description, Is.EqualTo(description));
     }
 
+    [Test]
+    public void UserDescriptionGetsTrimmed()
+    {
+        using TestContext context = this.GetServer();
+        GameUser user = context.CreateUser();
+        
+        using HttpClient client = context.GetAuthenticatedClient(TokenType.Api, user);
+
+        ApiUpdateUserRequest payload = new()
+        {
+            Description = new string('S', 600),
+        };
+        ApiResponse<ApiGameUserResponse>? response = client.PatchData<ApiGameUserResponse>("/api/v3/users/me", payload);
+        Assert.That(response, Is.Not.Null);
+        Assert.That(response!.Data!.Description.Length, Is.EqualTo(UgcLimits.DescriptionLimit));
+    }
+
     [Test]
     [TestCase(true)]
     [TestCase(false)]
diff --git a/RefreshTests.GameServer/Tests/Comments/LevelCommentTests.cs b/RefreshTests.GameServer/Tests/Comments/LevelCommentTests.cs
diff --git a/RefreshTests.GameServer/Tests/Comments/UserCommentTests.cs b/RefreshTests.GameServer/Tests/Comments/UserCommentTests.cs
diff --git a/RefreshTests.GameServer/Tests/Levels/ReviewEndpointsTests.cs b/RefreshTests.GameServer/Tests/Levels/ReviewEndpointsTests.cs
diff --git a/RefreshTests.GameServer/Tests/Users/UserActionTests.cs b/RefreshTests.GameServer/Tests/Users/UserActionTests.cs

Original file line number	Diff line number	Diff line change
`@@ -31,8 +31,7 @@ public Response PostProfileComment(RequestContext context, GameDatabaseContext d`
`31`	`31`
`32`	`32`	`if (body.Content.Length > UgcLimits.CommentLimit)`
`33`	`33`	`{`
`34`		`- database.AddErrorNotification("Failed to post comment", $"Your comment under {profile.Username}'s profile couldn't be posted because it was too long.", user);`
`35`		`- return BadRequest;`
	`34`	`+ body.Content = body.Content[..UgcLimits.CommentLimit];`
`36`	`35`	`}`
`37`	`36`
`38`	`37`	`// TODO: include a check for if the user wants to receive these types of notifications`
`@@ -96,8 +95,7 @@ public Response PostLevelComment(RequestContext context, GameDatabaseContext dat`
`96`	`95`
`97`	`96`	`if (body.Content.Length > UgcLimits.CommentLimit)`
`98`	`97`	`{`
`99`		`- database.AddErrorNotification("Failed to post comment", $"Your comment under the level '{level.Title}' couldn't be posted because it was too long.", user);`
`100`		`- return BadRequest;`
	`98`	`+ body.Content = body.Content[..UgcLimits.CommentLimit];`
`101`	`99`	`}`
`102`	`100`
`103`	`101`	`if (level.Publisher != null && !level.Publisher.Equals(user))`