users: add stricter username rules.

Add stricter username rules: * Only allow usernames to contain basic letters, numbers, CJK characters, underscores, dashes and periods. * Don't allow names to start or end with punctuation. * Don't allow names to have multiple underscores in a row. * Don't allow active users to have names that look like deleted users (e.g. "user_1234"). * Don't allow emoji or any other Unicode characters except for Chinese, Japanese, and Korean characters. CJK characters are currently grandfathered in but will be disallowed in the future. Users with an invalid name will be shown a permanent sitewide banner until they change their name.
2022-03-05 00:46:49 -06:00
parent ca98e218a1
commit a160a3acce
7 changed files with 140 additions and 34 deletions
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -1,6 +1,8 @@
 # frozen_string_literal: true

 class User < ApplicationRecord
+  extend Memoist
+
  class PrivilegeError < StandardError; end

  module Levels
@@ -204,6 +206,18 @@ class User < ApplicationRecord
        errors.add(:base, "Can't enable privacy mode without a Gold account")
      end
    end
+
+    def name_errors
+      User.validators_on(:name).each do |validator|
+        validator.validate_each(self, :name, name)
+      end
+
+      errors
+    end
+
+    def name_invalid?
+      name_errors.present?
+    end
  end

  concerning :AuthenticationMethods do
@@ -695,4 +709,6 @@ class User < ApplicationRecord
  def self.available_includes
    [:inviter]
  end
+
+  memoize :name_errors
 end