2019-05-02 18:17:27 -04:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2016-12-21 04:00:45 -05:00
|
|
|
require_dependency 'user'
|
|
|
|
|
2013-02-08 09:52:56 -05:00
|
|
|
class UsernameValidator
|
2013-07-07 07:05:18 -04:00
|
|
|
# Public: Perform the validation of a field in a given object
|
|
|
|
# it adds the errors (if any) to the object that we're giving as parameter
|
|
|
|
#
|
|
|
|
# object - Object in which we're performing the validation
|
|
|
|
# field_name - name of the field that we're validating
|
|
|
|
#
|
|
|
|
# Example: UsernameValidator.perform_validation(user, 'name')
|
2018-04-02 12:44:04 -04:00
|
|
|
def self.perform_validation(object, field_name)
|
2019-05-06 21:27:05 -04:00
|
|
|
validator = UsernameValidator.new(object.public_send(field_name))
|
2013-07-07 07:05:18 -04:00
|
|
|
unless validator.valid_format?
|
|
|
|
validator.errors.each { |e| object.errors.add(field_name.to_sym, e) }
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2018-04-02 12:44:04 -04:00
|
|
|
def initialize(username)
|
2019-04-23 06:22:47 -04:00
|
|
|
@username = username&.unicode_normalize
|
2013-02-08 14:12:48 -05:00
|
|
|
@errors = []
|
2013-02-08 09:52:56 -05:00
|
|
|
end
|
2019-04-23 06:22:47 -04:00
|
|
|
|
2013-02-08 14:12:48 -05:00
|
|
|
attr_accessor :errors
|
2018-04-02 12:44:04 -04:00
|
|
|
attr_reader :username
|
2013-02-08 09:52:56 -05:00
|
|
|
|
|
|
|
def user
|
|
|
|
@user ||= User.new(user)
|
|
|
|
end
|
|
|
|
|
|
|
|
def valid_format?
|
2019-04-23 06:22:47 -04:00
|
|
|
username_present?
|
2013-02-08 09:52:56 -05:00
|
|
|
username_length_min?
|
|
|
|
username_length_max?
|
|
|
|
username_char_valid?
|
2019-04-23 06:22:47 -04:00
|
|
|
username_char_whitelisted?
|
2013-02-08 09:52:56 -05:00
|
|
|
username_first_char_valid?
|
2015-09-01 22:13:44 -04:00
|
|
|
username_last_char_valid?
|
|
|
|
username_no_double_special?
|
|
|
|
username_does_not_end_with_confusing_suffix?
|
2013-02-08 14:12:48 -05:00
|
|
|
errors.empty?
|
2013-02-08 09:52:56 -05:00
|
|
|
end
|
|
|
|
|
2016-01-20 09:37:34 -05:00
|
|
|
CONFUSING_EXTENSIONS ||= /\.(js|json|css|htm|html|xml|jpg|jpeg|png|gif|bmp|ico|tif|tiff|woff)$/i
|
2019-04-23 06:22:47 -04:00
|
|
|
MAX_CHARS ||= 60
|
|
|
|
|
|
|
|
ASCII_INVALID_CHAR_PATTERN ||= /[^\w.-]/
|
|
|
|
UNICODE_INVALID_CHAR_PATTERN ||= /[^\p{Alnum}\p{M}._-]/
|
|
|
|
INVALID_LEADING_CHAR_PATTERN ||= /^[^\p{Alnum}\p{M}_]+/
|
|
|
|
INVALID_TRAILING_CHAR_PATTERN ||= /[^\p{Alnum}\p{M}]+$/
|
|
|
|
REPEATED_SPECIAL_CHAR_PATTERN ||= /[-_.]{2,}/
|
2016-01-20 09:37:34 -05:00
|
|
|
|
2013-02-08 09:52:56 -05:00
|
|
|
private
|
|
|
|
|
2019-04-23 06:22:47 -04:00
|
|
|
def username_present?
|
2013-02-08 14:12:48 -05:00
|
|
|
return unless errors.empty?
|
2019-04-23 06:22:47 -04:00
|
|
|
|
|
|
|
if username.blank?
|
2013-02-08 14:12:48 -05:00
|
|
|
self.errors << I18n.t(:'user.username.blank')
|
2013-02-08 09:52:56 -05:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def username_length_min?
|
2013-02-08 14:12:48 -05:00
|
|
|
return unless errors.empty?
|
2019-04-23 06:22:47 -04:00
|
|
|
|
|
|
|
if username_grapheme_clusters.size < User.username_length.begin
|
2013-02-08 14:12:48 -05:00
|
|
|
self.errors << I18n.t(:'user.username.short', min: User.username_length.begin)
|
2013-02-08 09:52:56 -05:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def username_length_max?
|
2013-02-08 14:12:48 -05:00
|
|
|
return unless errors.empty?
|
2019-04-23 06:22:47 -04:00
|
|
|
|
|
|
|
if username_grapheme_clusters.size > User.username_length.end
|
2013-02-08 14:12:48 -05:00
|
|
|
self.errors << I18n.t(:'user.username.long', max: User.username_length.end)
|
2019-04-23 06:22:47 -04:00
|
|
|
elsif username.length > MAX_CHARS
|
|
|
|
self.errors << I18n.t(:'user.username.too_long')
|
2013-02-08 09:52:56 -05:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def username_char_valid?
|
2013-02-08 14:12:48 -05:00
|
|
|
return unless errors.empty?
|
2019-04-23 06:22:47 -04:00
|
|
|
|
|
|
|
if self.class.invalid_char_pattern.match?(username)
|
|
|
|
self.errors << I18n.t(:'user.username.characters')
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def username_char_whitelisted?
|
|
|
|
return unless errors.empty? && self.class.char_whitelist_exists?
|
|
|
|
|
|
|
|
if username.chars.any? { |c| !self.class.whitelisted_char?(c) }
|
2013-02-08 14:12:48 -05:00
|
|
|
self.errors << I18n.t(:'user.username.characters')
|
2013-02-08 09:52:56 -05:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def username_first_char_valid?
|
2013-02-08 14:12:48 -05:00
|
|
|
return unless errors.empty?
|
2019-04-23 06:22:47 -04:00
|
|
|
|
|
|
|
if INVALID_LEADING_CHAR_PATTERN.match?(username_grapheme_clusters.first)
|
2016-02-18 17:19:14 -05:00
|
|
|
self.errors << I18n.t(:'user.username.must_begin_with_alphanumeric_or_underscore')
|
2013-02-08 09:52:56 -05:00
|
|
|
end
|
|
|
|
end
|
2015-09-01 22:13:44 -04:00
|
|
|
|
|
|
|
def username_last_char_valid?
|
|
|
|
return unless errors.empty?
|
2019-04-23 06:22:47 -04:00
|
|
|
|
|
|
|
if INVALID_TRAILING_CHAR_PATTERN.match?(username_grapheme_clusters.last)
|
2015-09-01 22:13:44 -04:00
|
|
|
self.errors << I18n.t(:'user.username.must_end_with_alphanumeric')
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def username_no_double_special?
|
|
|
|
return unless errors.empty?
|
2019-04-23 06:22:47 -04:00
|
|
|
|
|
|
|
if REPEATED_SPECIAL_CHAR_PATTERN.match?(username)
|
2015-09-01 22:13:44 -04:00
|
|
|
self.errors << I18n.t(:'user.username.must_not_contain_two_special_chars_in_seq')
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def username_does_not_end_with_confusing_suffix?
|
|
|
|
return unless errors.empty?
|
2019-04-23 06:22:47 -04:00
|
|
|
|
|
|
|
if CONFUSING_EXTENSIONS.match?(username)
|
2016-01-20 09:37:34 -05:00
|
|
|
self.errors << I18n.t(:'user.username.must_not_end_with_confusing_suffix')
|
2015-09-01 22:13:44 -04:00
|
|
|
end
|
|
|
|
end
|
2019-04-23 06:22:47 -04:00
|
|
|
|
|
|
|
def username_grapheme_clusters
|
|
|
|
@username_grapheme_clusters ||= username.grapheme_clusters
|
|
|
|
end
|
|
|
|
|
|
|
|
def self.invalid_char_pattern
|
|
|
|
SiteSetting.unicode_usernames ? UNICODE_INVALID_CHAR_PATTERN : ASCII_INVALID_CHAR_PATTERN
|
|
|
|
end
|
|
|
|
|
|
|
|
def self.char_whitelist_exists?
|
|
|
|
SiteSetting.unicode_usernames && SiteSetting.unicode_username_character_whitelist_regex.present?
|
|
|
|
end
|
|
|
|
|
|
|
|
def self.whitelisted_char?(c)
|
|
|
|
c.match?(/[\w.-]/) || c.match?(SiteSetting.unicode_username_character_whitelist_regex)
|
|
|
|
end
|
2013-02-08 09:52:56 -05:00
|
|
|
end
|