validating format of username

ryanb · Oct 19, 2008 · 198ae6f · 198ae6f
1 parent 7ab955f
commit 198ae6f
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 0 deletions.
diff --git a/app/models/user.rb b/app/models/user.rb
@@ -10,6 +10,7 @@ class User < ActiveRecord::Base
 
   validates_presence_of :username
   validates_uniqueness_of :username, :email, :openid_url, :allow_blank => true
+  validates_format_of :username, :with => /^[-\w\._@]+$/i, :allow_blank => true, :message => "should only contain letters, numbers, or .-_@"
   validates_format_of :email, :with => /^[-a-z0-9_+\.]+\@([-a-z0-9]+\.)+[a-z0-9]{2,4}$/i
   validates_presence_of :password, :if => :password_required?
   validates_confirmation_of :password, :if => :password_required?

diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
@@ -34,6 +34,10 @@ def new_user(attributes = {})
     new_user(:email => 'foo@bar@example.com').should have(1).error_on(:email)
   end
 
+  it "should not allow odd characters in username" do
+    new_user(:username => 'odd ^&(@)').should have(1).error_on(:username)
+  end
+
   it "should require matching password confirmation" do
     new_user(:password_confirmation => 'nonmatching').should have(1).error_on(:password)
   end