From b119dd8e9c8e04872ae83807b66e481f79760379 Mon Sep 17 00:00:00 2001
From: Sujith Thirumalaisamy
 <108384868+SujithThirumalaisamy@users.noreply.github.com>
Date: Wed, 7 Feb 2024 14:39:25 +0530
Subject: [PATCH] Added sanitize funtion to normalize the link input (#3543)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* Added sanitize funtion to sanitize the link input of the companies record

* Enabled Eslint

* FIXED: Sanitize www. and query params

Added logic to sanitize both www  and query params in the link input.

* fix: fix useSpreadsheetPersonImport tests

* Refactored sanitizeLink function at packages/twenty-front/src/modules/object-record/utils/sanitizeLinkRecordInput.ts

Co-authored-by: Thaïs <guigon.thais@gmail.com>

---------

Co-authored-by: Thaïs <guigon.thais@gmail.com>
---
 .../utils/sanitizeLinkRecordInput.ts             | 13 +++++++++++++
 .../object-record/utils/sanitizeRecordInput.ts   | 16 +++++++++++++++-
 2 files changed, 28 insertions(+), 1 deletion(-)
 create mode 100644 packages/twenty-front/src/modules/object-record/utils/sanitizeLinkRecordInput.ts

diff --git a/packages/twenty-front/src/modules/object-record/utils/sanitizeLinkRecordInput.ts b/packages/twenty-front/src/modules/object-record/utils/sanitizeLinkRecordInput.ts
new file mode 100644
index 000000000..5546f5c34
--- /dev/null
+++ b/packages/twenty-front/src/modules/object-record/utils/sanitizeLinkRecordInput.ts
@@ -0,0 +1,13 @@
+import { z } from 'zod';
+
+export const sanitizeLink = (url: string) =>
+  getUrlHostName(url) || getUrlHostName(`https://${url}`);
+
+const getUrlHostName = (url: string) => {
+  const urlSchema = z.string().url();
+  const validation = urlSchema.safeParse(url);
+
+  return validation.success
+    ? new URL(validation.data).hostname.replace(/^www\./i, '')
+    : '';
+};
diff --git a/packages/twenty-front/src/modules/object-record/utils/sanitizeRecordInput.ts b/packages/twenty-front/src/modules/object-record/utils/sanitizeRecordInput.ts
index 943cede54..4dd64c020 100644
--- a/packages/twenty-front/src/modules/object-record/utils/sanitizeRecordInput.ts
+++ b/packages/twenty-front/src/modules/object-record/utils/sanitizeRecordInput.ts
@@ -1,5 +1,9 @@
+import { isString } from '@sniptt/guards';
+
+import { CoreObjectNameSingular } from '@/object-metadata/types/CoreObjectNameSingular';
 import { ObjectMetadataItem } from '@/object-metadata/types/ObjectMetadataItem';
 import { isFieldRelationValue } from '@/object-record/record-field/types/guards/isFieldRelationValue';
+import { sanitizeLink } from '@/object-record/utils/sanitizeLinkRecordInput';
 import { FieldMetadataType } from '~/generated/graphql';
 import { isDefined } from '~/utils/isDefined';
 
@@ -10,7 +14,7 @@ export const sanitizeRecordInput = ({
   objectMetadataItem: ObjectMetadataItem;
   recordInput: Record<string, unknown>;
 }) => {
-  return Object.fromEntries(
+  const filteredResultRecord = Object.fromEntries(
     Object.entries(recordInput)
       .map<[string, unknown] | undefined>(([fieldName, fieldValue]) => {
         const fieldMetadataItem = objectMetadataItem.fields.find(
@@ -37,4 +41,14 @@ export const sanitizeRecordInput = ({
       })
       .filter(isDefined),
   );
+  if (
+    objectMetadataItem.nameSingular !== CoreObjectNameSingular.Company ||
+    !isString(filteredResultRecord.domainName)
+  )
+    return filteredResultRecord;
+
+  return {
+    ...filteredResultRecord,
+    domainName: sanitizeLink(filteredResultRecord.domainName),
+  };
 };