Fix username rendering bug

[ethantkoenig]

Fixes #1629.

Don't sanitize user's full names in the database. Since user.FullName and user.DisplayName() are strings, they are automatically already sanitized by the templating engine. If we sanitize the values stored in the database, users' full name end up being up sanitized twice.

I'm planning to add an integration test soon. Added an integration test

[lafriks]

This needs migration to unsanitize already broken user full names

[lafriks]

Integration test for this would be nice

[bkcsoft]

@lafriks No migrations, AfterSet is ran on Read operations :)

[ethantkoenig]

@bkcsoft True, but I also made changes to updateUser(..).

@lafriks It's not always possible to reconstruct an unsanitized string from a sanitized one. For instance, if a sanitized full name is "a & b", the unsanitized version could be "a & b" or "a & b".

Additionally, we don't currently have a function unsanitizing, and IMO writing one seems like more trouble than it would be worth. I'm guessing only a small number of actual users have been affected by this, and they can just changes their names manually.

[bkcsoft]

@ethantkoenig if it's sanitized & would always be &, otherwise it would say & 😄

[ethantkoenig]

@bkcsoft Both markdown.Sanitize("&") and markdown.Sanitize("&") give me "&". So even though "&" would ideally be sanitized as "&", for our purposes we can't unsanitize without making assumptions (since full names were sanitized using markdown.Sanitize)

[lafriks]

Even if & is sanitized as & I don't see how someone would have such symbols in full name so in all cases it can be changed to just &

[lafriks]

For migration golangs built in html.UnescapeString could be used

[ethantkoenig]

@lafriks Migration added

[lafriks]

LGTM

[lunny]

LGTM