From f070b5569ca0eafdca79f1f3e3b6b5025f3f8fc9 Mon Sep 17 00:00:00 2001
From: Egor Kislitsyn <egor@kislitsyn.com>
Date: Mon, 4 May 2020 22:33:05 +0400
Subject: Add a config option to enable strict validation

---
 config/config.exs | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'config')

diff --git a/config/config.exs b/config/config.exs
index a6c6d6f99..ca9bbab64 100644
--- a/config/config.exs
+++ b/config/config.exs
@@ -653,6 +653,8 @@ config :pleroma, :restrict_unauthenticated,
   profiles: %{local: false, remote: false},
   activities: %{local: false, remote: false}
 
+config :pleroma, Pleroma.Web.ApiSpec.CastAndValidate, strict: false
+
 # Import environment specific config. This must remain at the bottom
 # of this file so it overrides the configuration defined above.
 import_config "#{Mix.env()}.exs"
-- 
cgit v1.2.3


From 1cb89aac1eef7711aa7950fe03e02e24bc665317 Mon Sep 17 00:00:00 2001
From: Egor Kislitsyn <egor@kislitsyn.com>
Date: Mon, 4 May 2020 22:35:28 +0400
Subject: Enable strict validation mode in dev and test environments

---
 config/dev.exs  | 2 ++
 config/test.exs | 2 ++
 2 files changed, 4 insertions(+)

(limited to 'config')

diff --git a/config/dev.exs b/config/dev.exs
index 7e1e3b4be..4faaeff5b 100644
--- a/config/dev.exs
+++ b/config/dev.exs
@@ -52,6 +52,8 @@ config :pleroma, Pleroma.Repo,
   hostname: "localhost",
   pool_size: 10
 
+config :pleroma, Pleroma.Web.ApiSpec.CastAndValidate, strict: true
+
 if File.exists?("./config/dev.secret.exs") do
   import_config "dev.secret.exs"
 else
diff --git a/config/test.exs b/config/test.exs
index 040e67e4a..cbf775109 100644
--- a/config/test.exs
+++ b/config/test.exs
@@ -96,6 +96,8 @@ config :pleroma, Pleroma.Emails.NewUsersDigestEmail, enabled: true
 
 config :pleroma, Pleroma.Plugs.RemoteIp, enabled: false
 
+config :pleroma, Pleroma.Web.ApiSpec.CastAndValidate, strict: true
+
 if File.exists?("./config/test.secret.exs") do
   import_config "test.secret.exs"
 else
-- 
cgit v1.2.3


From cc922e7d8ccbf22a0f7e0898a6ff4639123f0c7f Mon Sep 17 00:00:00 2001
From: Egor Kislitsyn <egor@kislitsyn.com>
Date: Tue, 5 May 2020 14:44:29 +0400
Subject: Document configuration for Pleroma.Web.ApiSpec.CastAndValidate

---
 config/description.exs | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

(limited to 'config')

diff --git a/config/description.exs b/config/description.exs
index 9d8e3b93c..72bb4d436 100644
--- a/config/description.exs
+++ b/config/description.exs
@@ -3194,5 +3194,19 @@ config :pleroma, :config_description, [
         ]
       }
     ]
+  },
+  %{
+    group: :pleroma,
+    key: Pleroma.Web.ApiSpec.CastAndValidate,
+    type: :group,
+    children: [
+      %{
+        key: :strict,
+        type: :boolean,
+        description:
+          "Enables strict input validation (useful in development, not recommended in production)",
+        suggestions: [false]
+      }
+    ]
   }
 ]
-- 
cgit v1.2.3