Handle excessively long email addresses in the team member invite form.

CHANGELOG.md

@@ -9,6 +9,7 @@ All notable changes to this project will be documented in this file.
 
 ## Bug Fixes
 - Handle excessively long email addresses in the signup form.
+- Handle excessively long email addresses in the team member invite form.
 
 ## v1.16.0 - 2020-08-04
 

hc/accounts/forms.py

@@ -98,7 +98,7 @@ class ChangeEmailForm(forms.Form):
 
 
 class InviteTeamMemberForm(forms.Form):
-    email = LowercaseEmailField()
+    email = LowercaseEmailField(max_length=254)
 
 
 class RemoveTeamMemberForm(forms.Form):

hc/accounts/tests/test_project.py

@@ -108,6 +108,17 @@ class ProjectTestCase(BaseTestCase):
         q = TokenBucket.objects.filter(value="invite-%d" % self.alice.id)
         self.assertFalse(q.exists())
 
+    def test_it_rejects_too_long_email_addresses(self):
+        self.client.login(username="[email protected]", password="password")
+
+        aaa = "a" * 300
+        form = {"invite_team_member": "1", "email": f"frank+{aaa}@example.org"}
+        r = self.client.post(self.url, form)
+        self.assertEqual(r.status_code, 200)
+
+        # No email should have been sent
+        self.assertEqual(len(mail.outbox), 0)
+
     @override_settings(SECRET_KEY="test-secret")
     def test_it_rate_limits_invites(self):
         obj = TokenBucket(value="invite-%d" % self.alice.id)

static/css/settings.css

@@ -61,10 +61,21 @@
     border-top: 0;
 }
 
+#team-table .email {
+    max-width: 340px;
+    word-wrap: break-word;
+
+}
+
+.page-project .panel-footer {
+    max-width: 100%;
+    word-wrap: break-word;
+}
+
 #transfer-request {
     border: 5px solid #ffdc3e;
 }
 
 #transfer-request .settings-block {
     padding: 20px;
-}
+}

templates/accounts/project.html

@@ -147,13 +147,13 @@
                             <th></th>
                         </tr>
                         <tr>
-                            <td>{{ project.owner.email }}</td>
+                            <td class="email">{{ project.owner.email }}</td>
                             <td>Owner</td>
                             <td></td>
                         </tr>
                         {% for user in project.team %}
                         <tr>
-                            <td>{{ user.email }} </td>
+                            <td class="email">{{ user.email }}</td>
                             <td>Member</td>
                             <td>
                                 {% if is_owner %}
@@ -369,6 +369,7 @@
                                 class="form-control"
                                 id="itm-email"
                                 name="email"
+                                maxlength="254"
                                 placeholder="[email protected]">
                         </div>
                     </div>