Merge pull request #3585 from riking/patch-3
FEATURE: Reserved usernames
This commit is contained in:
commit
be664857be
|
@ -231,6 +231,10 @@ class UsersController < ApplicationController
|
|||
return fail_with("login.password_too_long")
|
||||
end
|
||||
|
||||
if SiteSetting.reserved_usernames.include? params[:username].downcase
|
||||
return fail_with("login.reserved_username")
|
||||
end
|
||||
|
||||
user = User.new(user_params)
|
||||
|
||||
# Handle custom fields
|
||||
|
|
|
@ -887,6 +887,8 @@ en:
|
|||
min_username_length: "Minimum username length in characters. WARNING: ANY EXISTING USERS WITH NAMES SHORTER THAN THIS WILL BE UNABLE TO ACCESS THE SITE."
|
||||
max_username_length: "Maximum username length in characters. WARNING: ANY EXISTING USERS WITH NAMES LONGER THAN THIS WILL BE UNABLE TO ACCESS THE SITE."
|
||||
|
||||
reserved_usernames: "Usernames for which signup is not allowed."
|
||||
|
||||
min_password_length: "Minimum password length."
|
||||
block_common_passwords: "Don't allow passwords that are in the 10,000 most common passwords."
|
||||
|
||||
|
@ -1288,6 +1290,7 @@ en:
|
|||
omniauth_error_unknown: "Something went wrong processing your log in, please try again."
|
||||
new_registrations_disabled: "New account registrations are not allowed at this time."
|
||||
password_too_long: "Passwords are limited to 200 characters."
|
||||
reserved_username: "That username is not allowed."
|
||||
missing_user_field: "You have not completed all the user fields"
|
||||
close_window: "Authentication is complete. Close this window to continue."
|
||||
|
||||
|
|
|
@ -263,6 +263,9 @@ users:
|
|||
default: 20
|
||||
min: 8
|
||||
max: 60
|
||||
reserved_usernames:
|
||||
type: list
|
||||
default: "admin|moderator|administrator|mod|sys|system|community|info|you|name|username|user|nickname|discourse|discourseorg|discourseforum"
|
||||
min_password_length:
|
||||
client: true
|
||||
default: 8
|
||||
|
|
|
@ -600,6 +600,13 @@ describe UsersController do
|
|||
include_examples 'failed signup'
|
||||
end
|
||||
|
||||
context 'with a reserved username' do
|
||||
let(:create_params) { {name: @user.name, username: 'Reserved', email: @user.email, password: "x" * 20} }
|
||||
before { SiteSetting.reserved_usernames = 'a|reserved|b' }
|
||||
after { SiteSetting.reserved_usernames = nil }
|
||||
include_examples 'failed signup'
|
||||
end
|
||||
|
||||
context 'when an Exception is raised' do
|
||||
[ ActiveRecord::StatementInvalid,
|
||||
RestClient::Forbidden ].each do |exception|
|
||||
|
|
Loading…
Reference in New Issue