diff options
| author | wxiaoguang <wxiaoguang@gmail.com> | 2022-11-04 17:04:08 +0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-11-04 17:04:08 +0800 |
| commit | 2900dc90a792204a02f4a249399f221d3f9b9c52 (patch) | |
| tree | 84758fc47a0b8a76bd56c061b72eb0d869e9b1c3 /models | |
| parent | 4c6b4a67d9cc5c10c5f40a2420ffc96a6bd9517a (diff) | |
| download | gitea-2900dc90a792204a02f4a249399f221d3f9b9c52.tar.gz gitea-2900dc90a792204a02f4a249399f221d3f9b9c52.zip | |
Improve valid user name check (#20136)
Close https://github.com/go-gitea/gitea/issues/21640
Before: Gitea can create users like ".xxx" or "x..y", which is not
ideal, it's already a consensus that dot filenames have special
meanings, and `a..b` is a confusing name when doing cross repo compare.
After: stricter
Co-authored-by: Jason Song <i@wolfogre.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
Diffstat (limited to 'models')
| -rw-r--r-- | models/user/user.go | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/models/user/user.go b/models/user/user.go index 9a2da6dbc1..84e2c4a9cc 100644 --- a/models/user/user.go +++ b/models/user/user.go @@ -29,6 +29,7 @@ import ( "code.gitea.io/gitea/modules/structs" "code.gitea.io/gitea/modules/timeutil" "code.gitea.io/gitea/modules/util" + "code.gitea.io/gitea/modules/validation" "golang.org/x/crypto/argon2" "golang.org/x/crypto/bcrypt" @@ -621,7 +622,7 @@ var ( // IsUsableUsername returns an error when a username is reserved func IsUsableUsername(name string) error { // Validate username make sure it satisfies requirement. - if db.AlphaDashDotPattern.MatchString(name) { + if !validation.IsValidUsername(name) { // Note: usually this error is normally caught up earlier in the UI return db.ErrNameCharsNotAllowed{Name: name} } |