users: add stricter username rules.

Add stricter username rules: * Only allow usernames to contain basic letters, numbers, CJK characters, underscores, dashes and periods. * Don't allow names to start or end with punctuation. * Don't allow names to have multiple underscores in a row. * Don't allow active users to have names that look like deleted users (e.g. "user_1234"). * Don't allow emoji or any other Unicode characters except for Chinese, Japanese, and Korean characters. CJK characters are currently grandfathered in but will be disallowed in the future. Users with an invalid name will be shown a permanent sitewide banner until they change their name.
2022-03-05 00:46:49 -06:00
parent ca98e218a1
commit a160a3acce
7 changed files with 140 additions and 34 deletions
--- a/app/views/layouts/default.html.erb
+++ b/app/views/layouts/default.html.erb
@@ -104,6 +104,13 @@
      <%= render "users/dmail_notice" %>
    <% end %>

+    <% if !CurrentUser.user.is_anonymous? && CurrentUser.user.name_invalid? %>
+      <div class="notice notice-error notice-large" id="invalid-name-notice">
+        <h2>Action required </h2>
+        <div>You must <%= link_to "change your username", new_user_name_change_request_path %> to continue using <%= Danbooru.config.canonical_app_name %>.</div>
+      </div>
+    <% end %>
+
    <div class="notice notice-info" id="notice" style="<%= "display: none;" unless flash[:notice] %>">
      <span class="prose"><%= format_text(flash[:notice], inline: true) %>.</span>
      <a href="#" id="close-notice-link">close</a>
--- a/app/views/user_name_change_requests/new.html.erb
+++ b/app/views/user_name_change_requests/new.html.erb
@@ -1,13 +1,32 @@
 <div id="c-user-name-change-requests">
-  <div id="a-new">
-    <h1>Name Change Request</h1>
+  <div id="a-new" class="fixed-width-container">
+    <h1>Change Name</h1>

-    <p>You can request a name change once per week. Your previous names will still
-    be visible on your profile to other Danbooru members, but they won't be visible
-    to search engines.</p>
+    <% if CurrentUser.user.name_invalid? %>
+      <p> Your current username is invalid. You must change your username to continue
+      using <%= Danbooru.config.canonical_app_name %>.</p>
+
+      <p>
+        Current name: <b><%= CurrentUser.user.name %></b>.<br>
+        Error: <%= CurrentUser.user.name_errors.full_messages.join(". ").html_safe %>.
+      </p>
+    <% end %>
+
+    <div class="prose mt-4 mb-4">
+      <h6>Rules</h6>
+      <ul>
+        <li>Names can contain only letters, numbers, underscore ('_'), period ('.'), and dash ('-') characters.</li>
+        <li>Names must start and end with a letter or number.</li>
+        <li>Names must be less than 25 characters long.</li>
+        <li>Names can't insult or impersonate other users.</li>
+        <li>Names are case-insensitive.</li>
+        <li>Your previous names will be visible on your profile to other Danbooru members, but they won't be visible to search engines.</li>
+        <li>You can't change your name more than once per week.</li>
+      </ul>
+    </div>

    <%= edit_form_for(@change_request) do |f| %>
-      <%= f.input :desired_name, label: "Name" %>
+      <%= f.input :desired_name, label: "New name" %>
      <%= f.input :desired_name_confirmation, label: "Confirm name" %>
      <%= f.submit "Submit", "data-confirm": "Are you sure you want to change your name?" %>
    <% end %>