public-offering
/
cal.pub0.org
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: Exclude the possibility to book events with invalid email addresses (#9898) 

* Introduce email refinement based on the updated email regex in newer zod versions at https://github.com/colinhacks/zod/pull/2157/files#diff-c54113cf61ec99691748a3890bfbeb00e10efb3f0a76f03a0fd9ec49072e410a

* fix import bug

* fix lint issue

* update emailSchemaRefinement comment to reflect the state of play for the zod fix
pull/9938/head
jemiluv8 2023-07-05 00:37:52 +00:00 committed by GitHub
parent a36f2aa871
commit bfc2b8df34
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 10 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
packages/features/bookings/lib/getBookingResponsesSchema.ts
View File

@ -3,7 +3,7 @@ import z from "zod";
import type { ALL_VIEWS } from "@calcom/features/form-builder/FormBuilderFieldsSchema";
import type { eventTypeBookingFields } from "@calcom/prisma/zod-utils";
import { bookingResponses } from "@calcom/prisma/zod-utils";
import { bookingResponses, emailSchemaRefinement } from "@calcom/prisma/zod-utils";
type EventType = Parameters<typeof preprocess>[0]["eventType"];
// eslint-disable-next-line @typescript-eslint/ban-types
@ -114,7 +114,7 @@ function preprocess<T extends z.ZodType>({
eventType.bookingFields.forEach((bookingField) => {
const value = responses[bookingField.name];
const stringSchema = z.string();
const emailSchema = isPartialSchema ? z.string() : z.string().email();
const emailSchema = isPartialSchema ? z.string() : z.string().refine(emailSchemaRefinement);
const phoneSchema = isPartialSchema
? z.string()
: z.string().refine((val) => isValidPhoneNumber(val));

8
packages/prisma/zod-utils.ts
View File

@ -576,3 +576,11 @@ export const allManagedEventTypeProps: { [k in keyof Omit<Prisma.EventTypeSelect
export const unlockedManagedEventTypeProps = {
...pick(allManagedEventTypeProps, ["locations", "scheduleId", "destinationCalendar"]),
};
// The PR at https://github.com/colinhacks/zod/pull/2157 addresses this issue and improves email validation
// I introduced this refinement(to be used with z.email()) as a short term solution until we upgrade to a zod
// version that will include updates in the above PR.
export const emailSchemaRefinement = (value: string) => {
const emailRegex = /^([A-Z0-9_+-]+\.?)*[A-Z0-9_+-]@([A-Z0-9][A-Z0-9-]*\.)+[A-Z]{2,}$/i
return emailRegex.test(value)
}