2019-05-02 18:17:27 -04:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2013-02-08 09:52:56 -05:00
|
|
|
class UsernameValidator
|
2013-07-07 07:05:18 -04:00
|
|
|
# Public: Perform the validation of a field in a given object
|
|
|
|
# it adds the errors (if any) to the object that we're giving as parameter
|
|
|
|
#
|
|
|
|
# object - Object in which we're performing the validation
|
|
|
|
# field_name - name of the field that we're validating
|
|
|
|
#
|
|
|
|
# Example: UsernameValidator.perform_validation(user, 'name')
|
2018-04-02 12:44:04 -04:00
|
|
|
def self.perform_validation(object, field_name)
|
2019-05-06 21:27:05 -04:00
|
|
|
validator = UsernameValidator.new(object.public_send(field_name))
|
2013-07-07 07:05:18 -04:00
|
|
|
unless validator.valid_format?
|
|
|
|
validator.errors.each { |e| object.errors.add(field_name.to_sym, e) }
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2018-04-02 12:44:04 -04:00
|
|
|
def initialize(username)
|
2019-04-23 06:22:47 -04:00
|
|
|
@username = username&.unicode_normalize
|
2013-02-08 14:12:48 -05:00
|
|
|
@errors = []
|
2013-02-08 09:52:56 -05:00
|
|
|
end
|
2019-04-23 06:22:47 -04:00
|
|
|
|
2013-02-08 14:12:48 -05:00
|
|
|
attr_accessor :errors
|
2018-04-02 12:44:04 -04:00
|
|
|
attr_reader :username
|
2013-02-08 09:52:56 -05:00
|
|
|
|
|
|
|
def user
|
|
|
|
@user ||= User.new(user)
|
|
|
|
end
|
|
|
|
|
|
|
|
def valid_format?
|
2019-04-23 06:22:47 -04:00
|
|
|
username_present?
|
2013-02-08 09:52:56 -05:00
|
|
|
username_length_min?
|
|
|
|
username_length_max?
|
|
|
|
username_char_valid?
|
2020-07-26 20:23:54 -04:00
|
|
|
username_char_allowed?
|
2013-02-08 09:52:56 -05:00
|
|
|
username_first_char_valid?
|
2015-09-01 22:13:44 -04:00
|
|
|
username_last_char_valid?
|
|
|
|
username_no_double_special?
|
|
|
|
username_does_not_end_with_confusing_suffix?
|
2013-02-08 14:12:48 -05:00
|
|
|
errors.empty?
|
2013-02-08 09:52:56 -05:00
|
|
|
end
|
|
|
|
|
2023-01-20 13:52:49 -05:00
|
|
|
CONFUSING_EXTENSIONS ||= /\.(js|json|css|htm|html|xml|jpg|jpeg|png|gif|bmp|ico|tif|tiff|woff)\z/i
|
2019-04-23 06:22:47 -04:00
|
|
|
MAX_CHARS ||= 60
|
|
|
|
|
|
|
|
ASCII_INVALID_CHAR_PATTERN ||= /[^\w.-]/
|
|
|
|
UNICODE_INVALID_CHAR_PATTERN ||= /[^\p{Alnum}\p{M}._-]/
|
2023-01-20 13:52:49 -05:00
|
|
|
INVALID_LEADING_CHAR_PATTERN ||= /\A[^\p{Alnum}\p{M}_]+/
|
|
|
|
INVALID_TRAILING_CHAR_PATTERN ||= /[^\p{Alnum}\p{M}]+\z/
|
2019-04-23 06:22:47 -04:00
|
|
|
REPEATED_SPECIAL_CHAR_PATTERN ||= /[-_.]{2,}/
|
2016-01-20 09:37:34 -05:00
|
|
|
|
2013-02-08 09:52:56 -05:00
|
|
|
private
|
|
|
|
|
2019-04-23 06:22:47 -04:00
|
|
|
def username_present?
|
2013-02-08 14:12:48 -05:00
|
|
|
return unless errors.empty?
|
2019-04-23 06:22:47 -04:00
|
|
|
|
2013-02-08 14:12:48 -05:00
|
|
|
self.errors << I18n.t(:"user.username.blank") if username.blank?
|
2013-02-08 09:52:56 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
def username_length_min?
|
2013-02-08 14:12:48 -05:00
|
|
|
return unless errors.empty?
|
2019-04-23 06:22:47 -04:00
|
|
|
|
|
|
|
if username_grapheme_clusters.size < User.username_length.begin
|
2013-02-08 14:12:48 -05:00
|
|
|
self.errors << I18n.t(:"user.username.short", min: User.username_length.begin)
|
2013-02-08 09:52:56 -05:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def username_length_max?
|
2013-02-08 14:12:48 -05:00
|
|
|
return unless errors.empty?
|
2019-04-23 06:22:47 -04:00
|
|
|
|
|
|
|
if username_grapheme_clusters.size > User.username_length.end
|
2013-02-08 14:12:48 -05:00
|
|
|
self.errors << I18n.t(:"user.username.long", max: User.username_length.end)
|
2019-04-23 06:22:47 -04:00
|
|
|
elsif username.length > MAX_CHARS
|
|
|
|
self.errors << I18n.t(:"user.username.too_long")
|
2013-02-08 09:52:56 -05:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def username_char_valid?
|
2013-02-08 14:12:48 -05:00
|
|
|
return unless errors.empty?
|
2019-04-23 06:22:47 -04:00
|
|
|
|
|
|
|
if self.class.invalid_char_pattern.match?(username)
|
|
|
|
self.errors << I18n.t(:"user.username.characters")
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2020-07-26 20:23:54 -04:00
|
|
|
def username_char_allowed?
|
|
|
|
return unless errors.empty? && self.class.char_allowlist_exists?
|
2019-04-23 06:22:47 -04:00
|
|
|
|
2020-07-26 20:23:54 -04:00
|
|
|
if username.chars.any? { |c| !self.class.allowed_char?(c) }
|
2013-02-08 14:12:48 -05:00
|
|
|
self.errors << I18n.t(:"user.username.characters")
|
2013-02-08 09:52:56 -05:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def username_first_char_valid?
|
2013-02-08 14:12:48 -05:00
|
|
|
return unless errors.empty?
|
2019-04-23 06:22:47 -04:00
|
|
|
|
|
|
|
if INVALID_LEADING_CHAR_PATTERN.match?(username_grapheme_clusters.first)
|
2016-02-18 17:19:14 -05:00
|
|
|
self.errors << I18n.t(:"user.username.must_begin_with_alphanumeric_or_underscore")
|
2013-02-08 09:52:56 -05:00
|
|
|
end
|
|
|
|
end
|
2015-09-01 22:13:44 -04:00
|
|
|
|
|
|
|
def username_last_char_valid?
|
|
|
|
return unless errors.empty?
|
2019-04-23 06:22:47 -04:00
|
|
|
|
|
|
|
if INVALID_TRAILING_CHAR_PATTERN.match?(username_grapheme_clusters.last)
|
2015-09-01 22:13:44 -04:00
|
|
|
self.errors << I18n.t(:"user.username.must_end_with_alphanumeric")
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def username_no_double_special?
|
|
|
|
return unless errors.empty?
|
2019-04-23 06:22:47 -04:00
|
|
|
|
|
|
|
if REPEATED_SPECIAL_CHAR_PATTERN.match?(username)
|
2015-09-01 22:13:44 -04:00
|
|
|
self.errors << I18n.t(:"user.username.must_not_contain_two_special_chars_in_seq")
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def username_does_not_end_with_confusing_suffix?
|
|
|
|
return unless errors.empty?
|
2019-04-23 06:22:47 -04:00
|
|
|
|
|
|
|
if CONFUSING_EXTENSIONS.match?(username)
|
2016-01-20 09:37:34 -05:00
|
|
|
self.errors << I18n.t(:"user.username.must_not_end_with_confusing_suffix")
|
2015-09-01 22:13:44 -04:00
|
|
|
end
|
|
|
|
end
|
2019-04-23 06:22:47 -04:00
|
|
|
|
|
|
|
def username_grapheme_clusters
|
|
|
|
@username_grapheme_clusters ||= username.grapheme_clusters
|
|
|
|
end
|
|
|
|
|
|
|
|
def self.invalid_char_pattern
|
|
|
|
SiteSetting.unicode_usernames ? UNICODE_INVALID_CHAR_PATTERN : ASCII_INVALID_CHAR_PATTERN
|
|
|
|
end
|
|
|
|
|
2020-07-26 20:23:54 -04:00
|
|
|
def self.char_allowlist_exists?
|
|
|
|
SiteSetting.unicode_usernames && SiteSetting.allowed_unicode_username_characters.present?
|
2019-04-23 06:22:47 -04:00
|
|
|
end
|
|
|
|
|
2020-07-26 20:23:54 -04:00
|
|
|
def self.allowed_char?(c)
|
2022-11-09 07:28:51 -05:00
|
|
|
c.match?(/[\w.-]/) || c.match?(SiteSetting.allowed_unicode_username_characters_regex)
|
2019-04-23 06:22:47 -04:00
|
|
|
end
|
2013-02-08 09:52:56 -05:00
|
|
|
end
|