diff --git a/zerver/lib/push_notifications.py b/zerver/lib/push_notifications.py index af00ffb039..56042754a3 100644 --- a/zerver/lib/push_notifications.py +++ b/zerver/lib/push_notifications.py @@ -8,7 +8,6 @@ from zerver.models import PushDeviceToken, Message, Recipient, UserProfile, \ receives_online_notifications from zerver.models import get_user_profile_by_id from zerver.lib.avatar import avatar_url -from zerver.lib.request import JsonableError from zerver.lib.timestamp import datetime_to_timestamp, timestamp_to_datetime from zerver.decorator import statsd_increment from zerver.lib.utils import generate_random_token @@ -342,8 +341,6 @@ def handle_push_notification(user_profile_id, missed_message): def add_push_device_token(user_profile, token_str, kind, ios_app_id=None): # type: (UserProfile, str, int, Optional[str]) -> None - if token_str == '' or len(token_str) > 4096: - raise JsonableError(_('Empty or invalid length token')) # If another user was previously logged in on the same device and didn't # properly log out, the token will still be registered to the wrong account diff --git a/zerver/views/push_notifications.py b/zerver/views/push_notifications.py index fd7a88a05c..65bf796bcd 100644 --- a/zerver/views/push_notifications.py +++ b/zerver/views/push_notifications.py @@ -7,28 +7,33 @@ from django.http import HttpRequest, HttpResponse from django.utils.translation import ugettext as _ from zerver.lib.push_notifications import add_push_device_token -from zerver.lib.request import has_request_variables, REQ +from zerver.lib.request import has_request_variables, REQ, JsonableError from zerver.lib.response import json_success, json_error from zerver.lib.validator import check_string, check_list, check_bool from zerver.models import PushDeviceToken, UserProfile +def validate_token(token_str): + # type: (str) -> None + if token_str == '' or len(token_str) > 4096: + raise JsonableError(_('Empty or invalid length token')) + @has_request_variables -def add_apns_device_token(request, user_profile, token=REQ(), appid=REQ(default=settings.ZULIP_IOS_APP_ID)): +def add_apns_device_token(request, user_profile, token=REQ(), + appid=REQ(default=settings.ZULIP_IOS_APP_ID)): # type: (HttpRequest, UserProfile, str, str) -> HttpResponse + validate_token(token) add_push_device_token(user_profile, token, PushDeviceToken.APNS, ios_app_id=appid) return json_success() @has_request_variables -def add_android_reg_id(request, user_profile, token_str=REQ("token")): +def add_android_reg_id(request, user_profile, token=REQ()): # type: (HttpRequest, UserProfile, str) -> HttpResponse - add_push_device_token(user_profile, token_str, PushDeviceToken.GCM) + validate_token(token) + add_push_device_token(user_profile, token, PushDeviceToken.GCM) return json_success() def remove_push_device_token(request, user_profile, token_str, kind): # type: (HttpRequest, UserProfile, str, int) -> HttpResponse - if token_str == '' or len(token_str) > 4096: - return json_error(_('Empty or invalid length token')) - try: token = PushDeviceToken.objects.get(token=token_str, kind=kind) token.delete() @@ -40,9 +45,11 @@ def remove_push_device_token(request, user_profile, token_str, kind): @has_request_variables def remove_apns_device_token(request, user_profile, token=REQ()): # type: (HttpRequest, UserProfile, str) -> HttpResponse + validate_token(token) return remove_push_device_token(request, user_profile, token, PushDeviceToken.APNS) @has_request_variables def remove_android_reg_id(request, user_profile, token=REQ()): # type: (HttpRequest, UserProfile, str) -> HttpResponse + validate_token(token) return remove_push_device_token(request, user_profile, token, PushDeviceToken.GCM)