Browse Source

Check for valid renamed usernames (#2077)

* Check for valid renamed usernames

* Integration test

* Test for username with space

* Make name field required
release/v1.2
Ethan Koenig 5 years ago
committed by Lauris BH
parent
commit
fea902adc8
  1. 99
      integrations/user_test.go
  2. 2
      modules/auth/user_form.go

99
integrations/user_test.go

@ -8,6 +8,9 @@ import (
"net/http"
"testing"
"code.gitea.io/gitea/models"
"github.com/Unknwon/i18n"
"github.com/stretchr/testify/assert"
)
@ -18,3 +21,99 @@ func TestViewUser(t *testing.T) {
resp := MakeRequest(req)
assert.EqualValues(t, http.StatusOK, resp.HeaderCode)
}
func TestRenameUsername(t *testing.T) {
prepareTestEnv(t)
session := loginUser(t, "user2")
req := NewRequest(t, "GET", "/user/settings")
resp := session.MakeRequest(t, req)
assert.EqualValues(t, http.StatusOK, resp.HeaderCode)
htmlDoc := NewHTMLParser(t, resp.Body)
req = NewRequestWithValues(t, "POST", "/user/settings", map[string]string{
"_csrf": htmlDoc.GetCSRF(),
"name": "newUsername",
"email": "user2@example.com",
})
resp = session.MakeRequest(t, req)
assert.EqualValues(t, http.StatusFound, resp.HeaderCode)
models.AssertExistsAndLoadBean(t, &models.User{Name: "newUsername"})
models.AssertNotExistsBean(t, &models.User{Name: "user2"})
}
func TestRenameInvalidUsername(t *testing.T) {
prepareTestEnv(t)
invalidUsernames := []string{
"%2f*",
"%2f.",
"%2f..",
"%00",
"thisHas ASpace",
}
session := loginUser(t, "user2")
for _, invalidUsername := range invalidUsernames {
t.Logf("Testing username %s", invalidUsername)
req := NewRequest(t, "GET", "/user/settings")
resp := session.MakeRequest(t, req)
assert.EqualValues(t, http.StatusOK, resp.HeaderCode)
htmlDoc := NewHTMLParser(t, resp.Body)
req = NewRequestWithValues(t, "POST", "/user/settings", map[string]string{
"_csrf": htmlDoc.GetCSRF(),
"name": invalidUsername,
"email": "user2@example.com",
})
resp = session.MakeRequest(t, req)
assert.EqualValues(t, http.StatusOK, resp.HeaderCode)
htmlDoc = NewHTMLParser(t, resp.Body)
assert.Contains(t,
htmlDoc.doc.Find(".ui.negative.message").Text(),
i18n.Tr("en", "form.alpha_dash_dot_error"),
)
models.AssertNotExistsBean(t, &models.User{Name: invalidUsername})
}
}
func TestRenameReservedUsername(t *testing.T) {
prepareTestEnv(t)
reservedUsernames := []string{
"help",
"user",
"template",
}
session := loginUser(t, "user2")
for _, reservedUsername := range reservedUsernames {
t.Logf("Testing username %s", reservedUsername)
req := NewRequest(t, "GET", "/user/settings")
resp := session.MakeRequest(t, req)
assert.EqualValues(t, http.StatusOK, resp.HeaderCode)
htmlDoc := NewHTMLParser(t, resp.Body)
req = NewRequestWithValues(t, "POST", "/user/settings", map[string]string{
"_csrf": htmlDoc.GetCSRF(),
"name": reservedUsername,
"email": "user2@example.com",
})
resp = session.MakeRequest(t, req)
assert.EqualValues(t, http.StatusFound, resp.HeaderCode)
req = NewRequest(t, "GET", "/user/settings")
resp = session.MakeRequest(t, req)
assert.EqualValues(t, http.StatusOK, resp.HeaderCode)
htmlDoc = NewHTMLParser(t, resp.Body)
assert.Contains(t,
htmlDoc.doc.Find(".ui.negative.message").Text(),
i18n.Tr("en", "user.newName_reserved"),
)
models.AssertNotExistsBean(t, &models.User{Name: reservedUsername})
}
}

2
modules/auth/user_form.go

@ -100,7 +100,7 @@ func (f *SignInForm) Validate(ctx *macaron.Context, errs binding.Errors) binding
// UpdateProfileForm form for updating profile
type UpdateProfileForm struct {
Name string `binding:"OmitEmpty;MaxSize(35)"`
Name string `binding:"Required;AlphaDashDot;MaxSize(35)"`
FullName string `binding:"MaxSize(100)"`
Email string `binding:"Required;Email;MaxSize(254)"`
KeepEmailPrivate bool

Loading…
Cancel
Save