Skip to content

Commit

Permalink
fix: #8582
Browse files Browse the repository at this point in the history
  • Loading branch information
@barisusakli
barisusakli committed Aug 27, 2020
1 parent fb3b4a0 commit 9f9164a
Show file tree
Hide file tree
Showing 4 changed files with 39 additions and 1 deletion.
2 changes: 1 addition & 1 deletion public/src/utils.js
View file
Expand Up @@ -385,7 +385,7 @@
},

isUserNameValid: function (name) {
return (name && name !== '' && (/^['"\s\-+.*[\]0-9\u00BF-\u1FFF\u2C00-\uD7FF\w]+$/.test(name)));
return (name && name !== '' && (/^['" \-+.*[\]0-9\u00BF-\u1FFF\u2C00-\uD7FF\w]+$/.test(name)));
},

isPasswordValid: function (password) {
Expand Down
1 change: 1 addition & 0 deletions src/user/approval.js
View file
Expand Up @@ -13,6 +13,7 @@ const plugins = require('../plugins');

module.exports = function (User) {
User.addToApprovalQueue = async function (userData) {
userData.username = userData.username.trim();
userData.userslug = utils.slugify(userData.username);
await canQueue(userData);
const hashedPassword = await User.hashPassword(userData.password);
Expand Down
17 changes: 17 additions & 0 deletions test/user.js
View file
Expand Up @@ -1805,6 +1805,23 @@ describe('User', function () {
});
});
});

it('should trim username and add user to registration queue', function (done) {
helpers.registerUser({
username: 'invalidname\r\n',
password: '123456',
'password-confirm': '123456',
email: 'invalidtest@test.com',
gdpr_consent: true,
}, function (err) {
assert.ifError(err);
db.getSortedSetRange('registration:queue', 0, -1, function (err, data) {
assert.ifError(err);
assert.equal(data[0], 'invalidname');
done();
});
});
});
});

describe('invites', function () {
Expand Down
20 changes: 20 additions & 0 deletions test/utils.js
View file
Expand Up @@ -63,10 +63,30 @@ describe('Utility Methods', function () {
assert.equal(utils.isUserNameValid(username), false, 'accepted as valid username');
});

it('should reject new lines', function () {
assert.equal(utils.isUserNameValid('myusername\r\n'), false);
});

it('should reject new lines', function () {
assert.equal(utils.isUserNameValid('myusername\n'), false);
});

it('should reject tabs', function () {
assert.equal(utils.isUserNameValid('myusername\t'), false);
});

it('accepts square brackets', function () {
var username = '[best clan] julian';
assert(utils.isUserNameValid(username), 'invalid username');
});

it('accepts regular username', function () {
assert(utils.isUserNameValid('myusername'), 'invalid username');
});

it('accepts quotes', function () {
assert(utils.isUserNameValid('baris "the best" usakli'), 'invalid username');
});
});

describe('email validation', function () {
Expand Down

0 comments on commit 9f9164a

Please sign in to comment.