summaryrefslogtreecommitdiffstats
path: root/tests
diff options
context:
space:
mode:
authorwxiaoguang <wxiaoguang@gmail.com>2022-11-04 17:04:08 +0800
committerGitHub <noreply@github.com>2022-11-04 17:04:08 +0800
commit2900dc90a792204a02f4a249399f221d3f9b9c52 (patch)
tree84758fc47a0b8a76bd56c061b72eb0d869e9b1c3 /tests
parent4c6b4a67d9cc5c10c5f40a2420ffc96a6bd9517a (diff)
downloadgitea-2900dc90a792204a02f4a249399f221d3f9b9c52.tar.gz
gitea-2900dc90a792204a02f4a249399f221d3f9b9c52.zip
Improve valid user name check (#20136)
Close https://github.com/go-gitea/gitea/issues/21640 Before: Gitea can create users like ".xxx" or "x..y", which is not ideal, it's already a consensus that dot filenames have special meanings, and `a..b` is a confusing name when doing cross repo compare. After: stricter Co-authored-by: Jason Song <i@wolfogre.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: delvh <dev.lh@web.de>
Diffstat (limited to 'tests')
-rw-r--r--tests/integration/user_test.go22
1 files changed, 18 insertions, 4 deletions
diff --git a/tests/integration/user_test.go b/tests/integration/user_test.go
index 110f5c89bf..017700ad40 100644
--- a/tests/integration/user_test.go
+++ b/tests/integration/user_test.go
@@ -53,6 +53,22 @@ func TestRenameInvalidUsername(t *testing.T) {
"%00",
"thisHas ASpace",
"p<A>tho>lo<gical",
+ ".",
+ "..",
+ ".well-known",
+ ".abc",
+ "abc.",
+ "a..bc",
+ "a...bc",
+ "a.-bc",
+ "a._bc",
+ "a_-bc",
+ "a/bc",
+ "☁️",
+ "-",
+ "--diff",
+ "-im-here",
+ "a space",
}
session := loginUser(t, "user2")
@@ -68,7 +84,7 @@ func TestRenameInvalidUsername(t *testing.T) {
htmlDoc := NewHTMLParser(t, resp.Body)
assert.Contains(t,
htmlDoc.doc.Find(".ui.negative.message").Text(),
- translation.NewLocale("en-US").Tr("form.alpha_dash_dot_error"),
+ translation.NewLocale("en-US").Tr("form.username_error"),
)
unittest.AssertNotExistsBean(t, &user_model.User{Name: invalidUsername})
@@ -79,9 +95,7 @@ func TestRenameReservedUsername(t *testing.T) {
defer tests.PrepareTestEnv(t)()
reservedUsernames := []string{
- ".",
- "..",
- ".well-known",
+ // ".", "..", ".well-known", // The names are not only reserved but also invalid
"admin",
"api",
"assets",