fix(user): Add rules to restrict username during installation. fix #181

2023-01-28 10:40:01 +08:00 · 2023-01-28 10:40:01 +08:00 · d355c823c3
parent eacb307328
commit d355c823c3
4 changed files with 29 additions and 9 deletions
--- a/internal/install/install_req.go
+++ b/internal/install/install_req.go
@ -5,6 +5,10 @@ import (
 	"net/url"
 	"strings"

+	"github.com/answerdev/answer/internal/base/reason"
+	"github.com/answerdev/answer/internal/base/validator"
+	"github.com/answerdev/answer/pkg/checker"
+	"github.com/segmentfault/pacman/errors"
 	"xorm.io/xorm/schemas"
 )

@ -82,6 +86,18 @@ type InitBaseInfoReq struct {
 	AdminEmail    string `validate:"required,email,gt=0,lte=500" json:"email"`
 }

+func (r *InitBaseInfoReq) Check() (errFields []*validator.FormErrorField, err error) {
+	if checker.IsInvalidUsername(r.AdminName) {
+		errField := &validator.FormErrorField{
+			ErrorField: "name",
+			ErrorMsg:   reason.UsernameInvalid,
+		}
+		errFields = append(errFields, errField)
+		return errFields, errors.BadRequest(reason.UsernameInvalid)
+	}
+	return
+}
+
 func (r *InitBaseInfoReq) FormatSiteUrl() {
 	parsedUrl, err := url.Parse(r.SiteURL)
 	if err != nil {
--- a/internal/schema/user_schema.go
+++ b/internal/schema/user_schema.go
@ -2,7 +2,6 @@ package schema

 import (
 	"encoding/json"
-	"regexp"

 	"github.com/answerdev/answer/internal/base/reason"
 	"github.com/answerdev/answer/internal/base/validator"
@ -301,10 +300,7 @@ type AvatarInfo struct {

 func (req *UpdateInfoRequest) Check() (errFields []*validator.FormErrorField, err error) {
 	if len(req.Username) > 0 {
-		errFields := make([]*validator.FormErrorField, 0)
-		re := regexp.MustCompile(`^[a-z0-9._-]{4,30}$`)
-		match := re.MatchString(req.Username)
-		if !match {
+		if checker.IsInvalidUsername(req.Username) {
 			errField := &validator.FormErrorField{
 				ErrorField: "username",
 				ErrorMsg:   reason.UsernameInvalid,
--- a/internal/service/user_common/user.go
+++ b/internal/service/user_common/user.go
@ -4,7 +4,6 @@ import (
 	"context"
 	"encoding/hex"
 	"math/rand"
-	"regexp"
 	"strings"

 	"github.com/Chain-Zhang/pinyin"
@ -120,9 +119,7 @@ func (us *UserCommon) MakeUsername(ctx context.Context, displayName string) (use
 	username = strings.ToLower(username)
 	suffix := ""

-	re := regexp.MustCompile(`^[a-z0-9._-]{4,30}$`)
-	match := re.MatchString(username)
-	if !match {
+	if checker.IsInvalidUsername(username) {
 		return "", errors.BadRequest(reason.UsernameInvalid)
 	}

--- a/pkg/checker/username.go
+++ b/pkg/checker/username.go
@ -0,0 +1,11 @@
+package checker
+
+import "regexp"
+
+var (
+	usernameReg = regexp.MustCompile(`^[a-z0-9._-]{4,30}$`)
+)
+
+func IsInvalidUsername(username string) bool {
+	return !usernameReg.MatchString(username)
+}