about summary refs log tree commit diff
diff options
context:
space:
mode:
authorabcang <abcang1015@gmail.com>2019-09-27 22:24:13 +0900
committerEugen Rochko <eugen@zeonfederated.com>2019-09-27 15:24:13 +0200
commit07b057eabb9cc923aa7fc6bb851084af048ed5d2 (patch)
tree1ae743f8e1e8c828dc9da82de489da31bb7e28c9
parent059945c97cb9a9f3cbddda729f499b44800bdc68 (diff)
Validate Web::PushSubscription (#11971)
-rw-r--r--app/models/web/push_subscription.rb4
-rw-r--r--db/post_migrate/20190927124642_remove_invalid_web_push_subscription.rb18
-rw-r--r--db/schema.rb2
3 files changed, 23 insertions, 1 deletions
diff --git a/app/models/web/push_subscription.rb b/app/models/web/push_subscription.rb
index b57807d1c..c5dbb58ba 100644
--- a/app/models/web/push_subscription.rb
+++ b/app/models/web/push_subscription.rb
@@ -20,6 +20,10 @@ class Web::PushSubscription < ApplicationRecord
 
   has_one :session_activation, foreign_key: 'web_push_subscription_id', inverse_of: :web_push_subscription
 
+  validates :endpoint, presence: true
+  validates :key_p256dh, presence: true
+  validates :key_auth, presence: true
+
   def push(notification)
     I18n.with_locale(associated_user&.locale || I18n.default_locale) do
       push_payload(payload_for_notification(notification), 48.hours.seconds)
diff --git a/db/post_migrate/20190927124642_remove_invalid_web_push_subscription.rb b/db/post_migrate/20190927124642_remove_invalid_web_push_subscription.rb
new file mode 100644
index 000000000..c2397476a
--- /dev/null
+++ b/db/post_migrate/20190927124642_remove_invalid_web_push_subscription.rb
@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+class RemoveInvalidWebPushSubscription < ActiveRecord::Migration[5.2]
+  disable_ddl_transaction!
+
+  def up
+    invalid_web_push_subscriptions = Web::PushSubscription.where(endpoint: '')
+                                                          .or(Web::PushSubscription.where(key_p256dh: ''))
+                                                          .or(Web::PushSubscription.where(key_auth: ''))
+                                                          .preload(:session_activation)
+    invalid_web_push_subscriptions.find_each do |web_push_subscription|
+      web_push_subscription.session_activation&.update!(web_push_subscription_id: nil)
+      web_push_subscription.destroy!
+    end
+  end
+
+  def down; end
+end
diff --git a/db/schema.rb b/db/schema.rb
index fabeb16f3..8eeaf48a0 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 2019_09_17_213523) do
+ActiveRecord::Schema.define(version: 2019_09_27_124642) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "plpgsql"