TagName サニタイズ（#281） (#289)

#281

#281

Merge remote-tracking branch 'origin/main' into feature/281

#281

#281 テストまだ通ってないので要確認

Co-authored-by: miteruzo <miteruzo@naver.com>
Reviewed-on: #289

backend/app/controllers/wiki_pages_controller.rb

@@ -90,7 +90,7 @@ class WikiPagesController < ApplicationController
 
     return head :unprocessable_entity if name.blank? || body.blank?
 
-    tag_name = TagName.find_or_create_by!(name:)
+    tag_name = TagName.find_undiscard_or_create_by!(name:)
     page = WikiPage.new(tag_name:, created_user: current_user, updated_user: current_user)
     if page.save
       message = params[:message].presence

backend/app/models/my_discard.rb

@@ -0,0 +1,20 @@
+module MyDiscard
+  extend ActiveSupport::Concern
+
+  included { include Discard::Model }
+
+  class_methods do
+    def find_undiscard_or_create_by! attrs, &block
+      record = with_discarded.find_by(attrs)
+
+      if record&.discarded?
+        record.undiscard!
+        record.update_columns(created_at: record.reload.updated_at)
+      end
+
+      record or create!(attrs, &block)
+    rescue ActiveRecord::RecordNotUnique
+      retry
+    end
+  end
+end

backend/app/models/tag.rb

@@ -1,5 +1,5 @@
 class Tag < ApplicationRecord
-  include Discard::Model
+  include MyDiscard
 
   class NicoTagNormalisationError < ArgumentError
     ;
@@ -134,10 +134,10 @@ class Tag < ApplicationRecord
   end
 
   def self.find_or_create_by_tag_name! name, category:
-    tn = TagName.find_or_create_by!(name: name.to_s.strip)
+    tn = TagName.find_undiscard_or_create_by!(name: name.to_s.strip)
     tn = tn.canonical if tn.canonical_id?
 
-    Tag.find_or_create_by!(tag_name_id: tn.id) do |t|
+    Tag.find_undiscard_or_create_by!(tag_name_id: tn.id) do |t|
       t.category = category
     end
   rescue ActiveRecord::RecordNotUnique
@@ -162,9 +162,19 @@ class Tag < ApplicationRecord
         end
 
         source_tag_name = source_tag.tag_name
+
+        if source_tag_name.wiki_page.present?
+          raise ActiveRecord::RecordInvalid.new(source_tag_name)
+        end
+
         source_tag.discard!
-        source_tag_name.reload
-        source_tag_name.update!(canonical: target_tag.tag_name)
+
+        if source_tag.nico?
+          source_tag_name.discard!
+        else
+          source_tag_name.update_columns(canonical_id: target_tag.tag_name_id,
+                                         updated_at: Time.current)
+        end
       end
 
       # 投稿件数を再集計

backend/app/models/tag_name.rb

@@ -1,4 +1,8 @@
 class TagName < ApplicationRecord
+  include MyDiscard
+
+  default_scope -> { kept }
+
   has_one :tag
   has_one :wiki_page
 
@@ -10,6 +14,7 @@ class TagName < ApplicationRecord
   validate :canonical_must_be_canonical
   validate :alias_name_must_not_have_prefix
   validate :canonical_must_not_be_present_with_tag_or_wiki_page
+  validate :name_must_be_sanitised
 
   def self.canonicalise names
     names = Array(names).map { |n| n.to_s.strip }.reject(&:blank?)
@@ -39,4 +44,10 @@ class TagName < ApplicationRecord
       errors.add :canonical, 'タグもしくは Wiki の参照がある名前はエーリアスになれません．'
     end
   end
+
+  def name_must_be_sanitised
+    if name? && name != TagNameSanitisationRule.sanitise(name)
+      errors.add :name, '名前に使用できない文字が含まれてゐます．'
+    end
+  end
 end

backend/app/models/tag_name_sanitisation_rule.rb

@@ -0,0 +1,58 @@
+class TagNameSanitisationRule < ApplicationRecord
+  include Discard::Model
+
+  self.primary_key = :priority
+
+  default_scope -> { kept }
+
+  validates :source_pattern, presence: true, uniqueness: true
+
+  validate :source_pattern_must_be_regexp
+
+  class << self
+    def sanitise(name) =
+        rules.reduce(name.dup) { |name, (pattern, replacement)| name.gsub(pattern, replacement) }
+
+    def apply!
+      TagName.find_each do |tn|
+        name = sanitise(tn.name)
+        next if name == tn.name
+
+        TagName.transaction do
+          existing_tn = TagName.find_by(name:)
+          if existing_tn
+            existing_tn = existing_tn.canonical || existing_tn
+            next if existing_tn.id == tn.id
+
+            existing_tag = Tag.find_by(tag_name_id: existing_tn.id)
+            source_tag = Tag.find_by(tag_name_id: tn.id)
+
+            if existing_tag
+              Tag.merge_tags!(existing_tag, source_tag) if tn.tag
+            elsif source_tag
+              source_tag.update_columns(tag_name_id: existing_tn.id, updated_at: Time.current)
+            end
+            tn.discard!
+
+            next
+          end
+
+          # TagName 側の自動サニタイズを回避
+          tn.update_columns(name:, updated_at: Time.current)
+        end
+      end
+    end
+
+    private
+
+    def rules = kept.order(:priority).map { |r| [Regexp.new(r.source_pattern), r.replacement] }
+  end
+
+  private
+
+  def source_pattern_must_be_regexp
+    Regexp.new(source_pattern)
+  rescue RegexpError
+    errors.add :source_pattern, '変な正規表現だね〜（笑）'
+  end
+end

backend/app/models/wiki_page.rb

@@ -2,6 +2,10 @@ require 'set'
 
 
 class WikiPage < ApplicationRecord
+  include MyDiscard
+
+  default_scope -> { kept }
+
   has_many :wiki_revisions, dependent: :destroy
   belongs_to :created_user, class_name: 'User'
   belongs_to :updated_user, class_name: 'User'