From 68ac319d78630e20a13e6b540fee4a9011f40ef1 Mon Sep 17 00:00:00 2001
From: Teryk Bellahsene <teryk.bellahsene@sonarsource.com>
Date: Mon, 1 Feb 2016 12:16:22 +0100
Subject: [PATCH] SONAR-7020 forbid login with a space when creating a user

---
 .../java/org/sonar/server/user/UserUpdater.java    |  2 +-
 .../org/sonar/server/user/UserUpdaterTest.java     | 14 ++++++++++++++
 .../src/main/java/org/sonar/db/user/UserDto.java   |  4 ++++
 3 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/server/sonar-server/src/main/java/org/sonar/server/user/UserUpdater.java b/server/sonar-server/src/main/java/org/sonar/server/user/UserUpdater.java
index 915a6619b26..ad432464253 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/user/UserUpdater.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/user/UserUpdater.java
@@ -277,7 +277,7 @@ public class UserUpdater {
         messages.add(Message.of(Validation.IS_TOO_SHORT_MESSAGE, LOGIN_PARAM, LOGIN_MIN_LENGTH));
       } else if (login.length() > LOGIN_MAX_LENGTH) {
         messages.add(Message.of(Validation.IS_TOO_LONG_MESSAGE, LOGIN_PARAM, LOGIN_MAX_LENGTH));
-      } else if (!login.matches("\\A\\w[\\w\\.\\-_@\\s]+\\z")) {
+      } else if (!login.matches("\\A\\w[\\w\\.\\-_@]+\\z")) {
         messages.add(Message.of("user.bad_login"));
       }
     }
diff --git a/server/sonar-server/src/test/java/org/sonar/server/user/UserUpdaterTest.java b/server/sonar-server/src/test/java/org/sonar/server/user/UserUpdaterTest.java
index 6730b0de7c3..d5c915a48c5 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/user/UserUpdaterTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/user/UserUpdaterTest.java
@@ -257,6 +257,20 @@ public class UserUpdaterTest {
     }
   }
 
+  @Test
+  public void fail_to_create_user_with_space_in_login() {
+    try {
+      userUpdater.create(NewUser.create()
+        .setLogin("mari us")
+        .setName("Marius")
+        .setEmail("marius@mail.com")
+        .setPassword("password"));
+      fail();
+    } catch (BadRequestException e) {
+      assertThat(e.errors().messages()).containsOnly(Message.of("user.bad_login"));
+    }
+  }
+
   @Test
   public void fail_to_create_user_with_too_short_login() {
     try {
diff --git a/sonar-db/src/main/java/org/sonar/db/user/UserDto.java b/sonar-db/src/main/java/org/sonar/db/user/UserDto.java
index 3ab6379620c..5e24f886255 100644
--- a/sonar-db/src/main/java/org/sonar/db/user/UserDto.java
+++ b/sonar-db/src/main/java/org/sonar/db/user/UserDto.java
@@ -59,6 +59,10 @@ public class UserDto {
     return this;
   }
 
+  /**
+   * Spaces were authorized before SQ 5.4.
+   * For versions 5.4+ it's not possible to create a login with a space character.
+   */
   public String getLogin() {
     return login;
   }
-- 
2.39.5