summaryrefslogtreecommitdiffstats
path: root/models/user
diff options
context:
space:
mode:
authorwxiaoguang <wxiaoguang@gmail.com>2022-11-04 17:04:08 +0800
committerGitHub <noreply@github.com>2022-11-04 17:04:08 +0800
commit2900dc90a792204a02f4a249399f221d3f9b9c52 (patch)
tree84758fc47a0b8a76bd56c061b72eb0d869e9b1c3 /models/user
parent4c6b4a67d9cc5c10c5f40a2420ffc96a6bd9517a (diff)
downloadgitea-2900dc90a792204a02f4a249399f221d3f9b9c52.tar.gz
gitea-2900dc90a792204a02f4a249399f221d3f9b9c52.zip
Improve valid user name check (#20136)
Close https://github.com/go-gitea/gitea/issues/21640 Before: Gitea can create users like ".xxx" or "x..y", which is not ideal, it's already a consensus that dot filenames have special meanings, and `a..b` is a confusing name when doing cross repo compare. After: stricter Co-authored-by: Jason Song <i@wolfogre.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: delvh <dev.lh@web.de>
Diffstat (limited to 'models/user')
-rw-r--r--models/user/user.go3
1 files changed, 2 insertions, 1 deletions
diff --git a/models/user/user.go b/models/user/user.go
index 9a2da6dbc1..84e2c4a9cc 100644
--- a/models/user/user.go
+++ b/models/user/user.go
@@ -29,6 +29,7 @@ import (
"code.gitea.io/gitea/modules/structs"
"code.gitea.io/gitea/modules/timeutil"
"code.gitea.io/gitea/modules/util"
+ "code.gitea.io/gitea/modules/validation"
"golang.org/x/crypto/argon2"
"golang.org/x/crypto/bcrypt"
@@ -621,7 +622,7 @@ var (
// IsUsableUsername returns an error when a username is reserved
func IsUsableUsername(name string) error {
// Validate username make sure it satisfies requirement.
- if db.AlphaDashDotPattern.MatchString(name) {
+ if !validation.IsValidUsername(name) {
// Note: usually this error is normally caught up earlier in the UI
return db.ErrNameCharsNotAllowed{Name: name}
}