users: don't allow names ending with file extensions.
This is so in the future we can have URLs like https://danbooru.donmai.us/users/evazion without problems caused by names like https://danbooru.donmai.us/users/evazion.json
This commit is contained in:
evazion
@@ -24,6 +24,8 @@ class UserNameValidator < ActiveModel::EachValidator
|
|||||||
rec.errors.add(attr, "can't start with '#{name.first}'")
|
rec.errors.add(attr, "can't start with '#{name.first}'")
|
||||||
elsif name =~ /[[:punct:]]\z/
|
elsif name =~ /[[:punct:]]\z/
|
||||||
rec.errors.add(attr, "can't end with '#{name.last}'")
|
rec.errors.add(attr, "can't end with '#{name.last}'")
|
||||||
|
elsif name =~ /\.(html|json|xml|atom|rss|txt|js|css|csv|png|jpg|jpeg|gif|png|mp4|webm|zip|pdf|exe|sitemap)\z/i
|
||||||
|
rec.errors.add(attr, "can't end with a file extension")
|
||||||
elsif name =~ /__/
|
elsif name =~ /__/
|
||||||
rec.errors.add(attr, "can't contain multiple underscores in a row")
|
rec.errors.add(attr, "can't contain multiple underscores in a row")
|
||||||
elsif forbidden_characters.present?
|
elsif forbidden_characters.present?
|
||||||
|
|||||||
@@ -189,6 +189,12 @@ class UserTest < ActiveSupport::TestCase
|
|||||||
assert_equal(["Name must contain only basic letters or numbers"], user.errors.full_messages)
|
assert_equal(["Name must contain only basic letters or numbers"], user.errors.full_messages)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
should "not allow names ending in file extensions" do
|
||||||
|
user = build(:user, name: "evazion.json")
|
||||||
|
user.save
|
||||||
|
assert_equal(["Name can't end with a file extension"], user.errors.full_messages)
|
||||||
|
end
|
||||||
|
|
||||||
should "not be in the same format as a deleted user" do
|
should "not be in the same format as a deleted user" do
|
||||||
user = build(:user, name: "user_1234")
|
user = build(:user, name: "user_1234")
|
||||||
user.save
|
user.save
|
||||||
|
|||||||
Reference in New Issue
Block a user