fix(api): clean spaces in username migration

ovh · Jan 14, 2020 · 7dd9c5f · 7dd9c5f
1 parent bd70519
commit 7dd9c5f
Show file tree

Hide file tree

Showing 5 changed files with 10 additions and 6 deletions.
diff --git a/engine/api/authentication/local/dao_registration.go b/engine/api/authentication/local/dao_registration.go
@@ -42,6 +42,10 @@ func LoadRegistrationByID(ctx context.Context, db gorp.SqlExecutor, id string) (
 
 // InsertRegistration in database.
 func InsertRegistration(ctx context.Context, db gorp.SqlExecutor, ur *sdk.UserRegistration) error {
+	if !sdk.UsernameRegex.MatchString(ur.Username) {
+		return sdk.WithStack(sdk.ErrInvalidUsername)
+	}
+
 	if ur.ID == "" {
 		ur.ID = sdk.UUID()
 	}

diff --git a/engine/api/authentication/local/driver.go b/engine/api/authentication/local/driver.go
@@ -49,7 +49,7 @@ func (d AuthDriver) CheckSignupRequest(req sdk.AuthConsumerSigninRequest) error
 		return sdk.NewErrorFrom(sdk.ErrWrongRequest, "missing fullname for local signup")
 	}
 	if username, ok := req["username"]; !ok || username == "" {
-		return sdk.NewErrorFrom(sdk.ErrWrongRequest, "missing username for local signup")
+		return sdk.NewErrorFrom(sdk.ErrWrongRequest, "missing or invalid username for local signup")
 	}
 	if email, ok := req["email"]; !ok || !sdk.IsValidEmail(email) || !d.isAllowedDomain(email) {
 		return sdk.NewErrorFrom(sdk.ErrWrongRequest, "missing or invalid email for local signup")

diff --git a/engine/api/migrate/refactor_authentication_user.go b/engine/api/migrate/refactor_authentication_user.go
@@ -2,6 +2,7 @@ package migrate
 
 import (
 	"context"
+	"strings"
 
 	"github.com/ovh/cds/engine/api/cache"
 	"github.com/ovh/cds/engine/api/database/gorpmapping"
@@ -67,7 +68,7 @@ func refactorAuthenticationUser(ctx context.Context, db *gorp.DbMap, store cache
 	log.Info(ctx, "migrate.RefactorAuthenticationUser> starting user migration %s - %s", u.Username, u.Fullname)
 
 	var newUser = sdk.AuthentifiedUser{
-		Username:      u.Username,
+		Username:      strings.Trim(u.Username, " "), // fix existing account that starts or ends with spaces
 		Fullname:      u.Fullname,
 		OldUserStruct: &u,
 	}

diff --git a/engine/api/user/dao.go b/engine/api/user/dao.go
@@ -2,7 +2,6 @@ package user
 
 import (
 	"context"
-	"regexp"
 	"time"
 
 	"github.com/go-gorp/gorp"
@@ -127,11 +126,9 @@ func CountAdmin(db gorp.SqlExecutor) (int64, error) {
 	return count, nil
 }
 
-var usernameRegex = regexp.MustCompile("[a-z0-9._-]{3,32}")
-
 // Insert a user in database.
 func Insert(ctx context.Context, db gorp.SqlExecutor, au *sdk.AuthentifiedUser) error {
-	if !usernameRegex.MatchString(au.Username) {
+	if !sdk.UsernameRegex.MatchString(au.Username) {
 		return sdk.WithStack(sdk.ErrInvalidUsername)
 	}
 

diff --git a/sdk/user.go b/sdk/user.go
@@ -74,6 +74,8 @@ type UserRegistration struct {
 	Hash     string    `json:"-"  db:"hash"` // do no return hash in json
 }
 
+var UsernameRegex = regexp.MustCompile("[a-z0-9._-]{3,32}")
+
 // AuthentifiedUser struct contains all information about a cds user.
 type AuthentifiedUser struct {
 	ID       string    `json:"id" yaml:"id" cli:"id" db:"id"`