Commit Graph

26 Commits

Author SHA1 Message Date
Andrei Prigorshnev f3508065a3
FIX: auth incorrectly handles duplicate usernames (#15197) 2021-12-06 20:49:04 +04:00
Andrei Prigorshnev 19d95c64af
DEV: simplify username suggester (#14531)
This PR doesn't change any behavior, but just removes code that wasn't in use. This is a pretty dangerous place to change, since it gets called during user's registration. At the same time the refactoring is very straightforward, it's clear that this code wasn't doing any work (it still needs to be double-checked during review though). Also, the test coverage of UserNameSuggester is good.
2021-10-27 14:41:24 +04:00
Andrei Prigorshnev 88ecb83382
FEATURE: stop using email as source for username and name suggestions for Single Sign On (#14541)
We don't want to be using emails as source for username and name suggestions in cases when it's possible that a user have no chance to intervene and correct a suggested username. It risks exposing email addresses.
2021-10-12 17:25:54 +04:00
Andrei Prigorshnev 149e869c22
FEATURE: make username suggester suggest `user1`, `user2` etc. for input that contains invalid characters only (#14179)
We were suggesting 111, 1111, 1112 before.

See the discussion on Meta – https://meta.discourse.org/t/curious-account-creation-behaviour/199970/14.
2021-10-04 16:47:55 +04:00
Sam adf8539f64
FIX: allow for final sigma in suggested usernames (#11540)
Final sigma is not lower cased correctly in Ruby causing issues with routing.

This works around the issue by downcasing all usernames containing a sigma using JS.
2020-12-23 08:51:36 +11:00
Krzysztof Kotlarek e0d9232259
FIX: use allowlist and blocklist terminology (#10209)
This is a PR of the renaming whitelist to allowlist and blacklist to the blocklist.
2020-07-27 10:23:54 +10:00
Sam Saffron 7371b427cd DEV: correct a few Ruby 2.7 deprecations
Note:

```
def foo(bar: 1)
end

foo({bar: 2})
# raises a deprecation, instead use:

foo(**{bar: 2})
```

Additionally when matching regexes always use strings. It does not make
sense to match a non string to a regex.
2019-11-28 13:13:29 +11:00
Gerhard Schlager 9e4fb262cf FIX: Respect unicode whitelist when suggesting username 2019-10-01 20:33:09 +02:00
Sam Saffron 3d2c3bd478 FIX: username suggester incorrectly skipping over whitelisted username
SSO uses a special param to username suggester that whitelists a username
due to previous work we amended our lookup logic and started ignoring this
whitelist.

The fix ensures we always respect it, and also improves on the original
implementation that forgot to normalize the username.
2019-05-28 16:48:46 +10:00
Sam Saffron cabc203885 Followup to a8fbb19e
Correct edge condition where no available names are found

- increase search space
- search for 10 extra names
2019-05-16 18:15:56 +10:00
Sam Saffron a8fbb19e7c FEATURE: allow a huge number of users to share common prefix
Previously username suggester would give up after 100 attempts at getting
a username and fallback to random string.

This amends the logic so we do all the work of figuring out a good username
in SQL and avoids a large amount of queries in cases where a lot of usernames
were used up.

This corrects an issue on sites with large numbers of anon users
2019-05-16 17:15:16 +10:00
Sam Saffron 0a5a6dfded DEV: stop mutating inputs as a side effect
We had quite a few cases in core where inputs are being mutated as a side
effect of calling a method.

This handles all the cases where specs caught this.

Mutating inputs makes code harder to reason about. Eg:

```
frog = "frog"
jump(frog)
puts frog
"fly" # ?????
```

This commit is part of a followup commit that adds # frozen_string_literal
to all our specs.
2019-04-30 10:25:53 +10:00
Gerhard Schlager a7bc1ecbae FEATURE: Add support for Unicode usernames and group names
Co-authored-by: Joffrey JAFFEUX <j.jaffeux@gmail.com>
2019-04-23 13:00:27 +02:00
Rishabh Nambiar 81c87df18a FIX: don't raise an error on integer usernames 2018-09-10 22:17:56 +05:30
Arpit Jalan bb0fa5abbc FIX: suggested username should not be more than setting max_username_length 2017-03-29 18:19:28 +05:30
Bianca Nenciu 30909ec54e Add support for username regex. 2017-03-02 13:53:45 +02:00
Gerhard Schlager c4ec1d0fcf FIX: Don't suggest invalid username 2016-02-21 23:28:57 +01:00
Guo Xiang Tan 0916007d01 Fix the build. 2016-01-27 16:04:11 +08:00
Jeff Atwood 0337964759 a bit better email name inference 2016-01-26 16:39:02 -08:00
Régis Hanol c2c01cdb5d FIX: username suggester to account for the more relaxed username rules (closes #3907) 2016-01-20 15:37:34 +01:00
Régis Hanol 3083657358 FEATURE: better email in support
FEATURE: new incoming_email model
FEATURE: infinite scrolling in emails admin
FEATURE: new 'emails:import' rake task
2016-01-19 00:57:55 +01:00
Arpit Jalan d73d4d4769 FIX: UserNameSuggester should not suggest usernames with a sequence of 2 or more special chars 2015-09-11 16:53:26 +05:30
Sam d80ed94608 more username cycling avoidance 2015-03-27 10:10:53 +11:00
Régis Hanol 7aaf718cf3 update bbcode dialect and fix vBulletin importer 2014-08-25 10:48:29 +02:00
Robin Ward d3f1eb395d Updated import for TypePad 2014-03-19 15:02:49 -04:00
Juan de Dios Herrero 96d23ddd8d Refactored user_name suggestion methods into a module to reduce the complexity of User model 2013-06-06 16:40:10 +02:00