Don't allow preferred usernames to start with @. Fixes #1058 (#1076)

* Don't allow preferred usernames to start with @. Fixes #1058 * Trim the preferred username.
2020-08-12 07:13:44 -04:00 · 2020-08-12 07:13:44 -04:00 · d28e5245d2
parent 49892690ff
commit d28e5245d2
4 changed files with 22 additions and 3 deletions
--- a/server/lemmy_utils/src/lib.rs
+++ b/server/lemmy_utils/src/lib.rs
@ -162,6 +162,11 @@ pub fn is_valid_username(name: &str) -> bool {
  VALID_USERNAME_REGEX.is_match(name)
 }
 // Can't do a regex here, reverse lookarounds not supported
 pub fn is_valid_preferred_username(preferred_username: &str) -> bool {
  !preferred_username.starts_with("@") && preferred_username.len() >=3 && preferred_username.len() <= 20
 }
 pub fn is_valid_community_name(name: &str) -> bool {
  VALID_COMMUNITY_NAME_REGEX.is_match(name)
 }
@ -176,6 +181,7 @@ mod tests {
    is_valid_community_name,
    is_valid_post_title,
    is_valid_username,
    is_valid_preferred_username,
    remove_slurs,
    scrape_text_for_mentions,
    slur_check,
@ -201,6 +207,12 @@ mod tests {
    assert!(!is_valid_username(""));
  }
  #[test]
  fn test_valid_preferred_username() {
    assert!(is_valid_preferred_username("hello @there"));
    assert!(!is_valid_preferred_username("@hello there"));
  }
  #[test]
  fn test_valid_community_name() {
    assert!(is_valid_community_name("example"));
--- a/server/src/api/user.rs
+++ b/server/src/api/user.rs
@ -51,6 +51,7 @@ use lemmy_db::{
 use lemmy_utils::{
  generate_actor_keypair,
  generate_random_string,
  is_valid_preferred_username,
  is_valid_username,
  make_apub_endpoint,
  naive_from_unix,
@ -576,7 +577,12 @@ impl Perform for Oper<SaveUserSettings> {
    // The DB constraint should stop too many characters
    let preferred_username = match &data.preferred_username {
-      Some(preferred_username) => Some(preferred_username.to_owned()),
+      Some(preferred_username) => {
        if !is_valid_preferred_username(preferred_username.trim()) {
          return Err(APIError::err("invalid_username").into());
        }
        Some(preferred_username.trim().to_string())
      }
      None => read_user.preferred_username,
    };
--- a/ui/src/components/user-details.tsx
+++ b/ui/src/components/user-details.tsx
@ -79,6 +79,7 @@ export class UserDetails extends Component<UserDetailsProps, UserDetailsState> {
  componentDidMount() {
    this.fetchUserData();
    setupTippy();
  }
  componentDidUpdate(lastProps: UserDetailsProps) {
@ -88,7 +89,6 @@ export class UserDetails extends Component<UserDetailsProps, UserDetailsState> {
        break;
      }
    }
    setupTippy();
  }
  fetchUserData() {
--- a/ui/src/components/user.tsx
+++ b/ui/src/components/user.tsx
@ -180,6 +180,7 @@ export class User extends Component<any, UserState> {
      );
    WebSocketService.Instance.getSite();
    setupTippy();
  }
  get isCurrentUser() {
@ -226,7 +227,6 @@ export class User extends Component<any, UserState> {
      // Couldnt get a refresh working. This does for now.
      location.reload();
    }
    setupTippy();
  }
  get documentTitle(): string {
@ -565,6 +565,7 @@ export class User extends Component<any, UserState> {
                      this,
                      this.handleUserSettingsPreferredUsernameChange
                    )}
                    pattern="^(?!@)(.+)$"
                    minLength={3}
                    maxLength={20}
                  />