From 095639b97607e4c8ee77a84530dbeeebc71edcd3 Mon Sep 17 00:00:00 2001
From: Nikhil <118773738+pablohashescobar@users.noreply.github.com>
Date: Wed, 3 Jul 2024 13:19:57 +0530
Subject: [PATCH] fix: workspace slug validation (#5023)

---
 apiserver/plane/app/serializers/workspace.py |  8 +++++---
 apiserver/plane/app/views/workspace/base.py  |  8 ++++++--
 apiserver/plane/db/models/workspace.py       | 15 ++-------------
 3 files changed, 13 insertions(+), 18 deletions(-)

diff --git a/apiserver/plane/app/serializers/workspace.py b/apiserver/plane/app/serializers/workspace.py
index b621cfd114e..96ee7dce3ef 100644
--- a/apiserver/plane/app/serializers/workspace.py
+++ b/apiserver/plane/app/serializers/workspace.py
@@ -23,9 +23,11 @@ class WorkSpaceSerializer(DynamicBaseSerializer):
     total_members = serializers.IntegerField(read_only=True)
     total_issues = serializers.IntegerField(read_only=True)
 
-    def validated(self, data):
-        if data.get("slug") in RESTRICTED_WORKSPACE_SLUGS:
-            raise serializers.ValidationError({"slug": "Slug is not valid"})
+    def validate_slug(self, value):
+        # Check if the slug is restricted
+        if value in RESTRICTED_WORKSPACE_SLUGS:
+            raise serializers.ValidationError("Slug is not valid")
+        return value
 
     class Meta:
         model = Workspace
diff --git a/apiserver/plane/app/views/workspace/base.py b/apiserver/plane/app/views/workspace/base.py
index 830ae1dc2b1..afe9985806f 100644
--- a/apiserver/plane/app/views/workspace/base.py
+++ b/apiserver/plane/app/views/workspace/base.py
@@ -44,6 +44,7 @@
     WorkspaceTheme,
 )
 from plane.utils.cache import cache_response, invalidate_cache
+from plane.utils.constants import RESTRICTED_WORKSPACE_SLUGS
 
 
 class WorkSpaceViewSet(BaseViewSet):
@@ -118,7 +119,7 @@ def create(self, request):
                     status=status.HTTP_400_BAD_REQUEST,
                 )
 
-            if serializer.is_valid():
+            if serializer.is_valid(raise_exception=True):
                 serializer.save(owner=request.user)
                 # Create Workspace member
                 _ = WorkspaceMember.objects.create(
@@ -231,7 +232,10 @@ def get(self, request):
                 status=status.HTTP_400_BAD_REQUEST,
             )
 
-        workspace = Workspace.objects.filter(slug=slug).exists()
+        workspace = (
+            Workspace.objects.filter(slug=slug).exists()
+            or slug in RESTRICTED_WORKSPACE_SLUGS
+        )
         return Response({"status": not workspace}, status=status.HTTP_200_OK)
 
 
diff --git a/apiserver/plane/db/models/workspace.py b/apiserver/plane/db/models/workspace.py
index f9cd681ece3..f10d1ce6d76 100644
--- a/apiserver/plane/db/models/workspace.py
+++ b/apiserver/plane/db/models/workspace.py
@@ -5,6 +5,7 @@
 
 # Module imports
 from .base import BaseModel
+from plane.utils.constants import RESTRICTED_WORKSPACE_SLUGS
 
 ROLE_CHOICES = (
     (20, "Owner"),
@@ -112,19 +113,7 @@ def get_issue_props():
 
 
 def slug_validator(value):
-    if value in [
-        "404",
-        "accounts",
-        "api",
-        "create-workspace",
-        "god-mode",
-        "installations",
-        "invitations",
-        "onboarding",
-        "profile",
-        "spaces",
-        "workspace-invitations",
-    ]:
+    if value in RESTRICTED_WORKSPACE_SLUGS:
         raise ValidationError("Slug is not valid")