Commit Graph

26 Commits

Author SHA1 Message Date
Andrei Prigorshnev
f3508065a3
FIX: auth incorrectly handles duplicate usernames (#15197) 2021-12-06 20:49:04 +04:00
Andrei Prigorshnev
19d95c64af
DEV: simplify username suggester (#14531)
This PR doesn't change any behavior, but just removes code that wasn't in use. This is a pretty dangerous place to change, since it gets called during user's registration. At the same time the refactoring is very straightforward, it's clear that this code wasn't doing any work (it still needs to be double-checked during review though). Also, the test coverage of UserNameSuggester is good.
2021-10-27 14:41:24 +04:00
Andrei Prigorshnev
88ecb83382
FEATURE: stop using email as source for username and name suggestions for Single Sign On (#14541)
We don't want to be using emails as source for username and name suggestions in cases when it's possible that a user have no chance to intervene and correct a suggested username. It risks exposing email addresses.
2021-10-12 17:25:54 +04:00
Andrei Prigorshnev
149e869c22
FEATURE: make username suggester suggest user1, user2 etc. for input that contains invalid characters only (#14179)
We were suggesting 111, 1111, 1112 before.

See the discussion on Meta – https://meta.discourse.org/t/curious-account-creation-behaviour/199970/14.
2021-10-04 16:47:55 +04:00
Sam
adf8539f64
FIX: allow for final sigma in suggested usernames (#11540)
Final sigma is not lower cased correctly in Ruby causing issues with routing.

This works around the issue by downcasing all usernames containing a sigma using JS.
2020-12-23 08:51:36 +11:00
Krzysztof Kotlarek
e0d9232259
FIX: use allowlist and blocklist terminology (#10209)
This is a PR of the renaming whitelist to allowlist and blacklist to the blocklist.
2020-07-27 10:23:54 +10:00
Sam Saffron
7371b427cd DEV: correct a few Ruby 2.7 deprecations
Note:

```
def foo(bar: 1)
end

foo({bar: 2})
# raises a deprecation, instead use:

foo(**{bar: 2})
```

Additionally when matching regexes always use strings. It does not make
sense to match a non string to a regex.
2019-11-28 13:13:29 +11:00
Gerhard Schlager
9e4fb262cf FIX: Respect unicode whitelist when suggesting username 2019-10-01 20:33:09 +02:00
Sam Saffron
3d2c3bd478 FIX: username suggester incorrectly skipping over whitelisted username
SSO uses a special param to username suggester that whitelists a username
due to previous work we amended our lookup logic and started ignoring this
whitelist.

The fix ensures we always respect it, and also improves on the original
implementation that forgot to normalize the username.
2019-05-28 16:48:46 +10:00
Sam Saffron
cabc203885 Followup to a8fbb19e
Correct edge condition where no available names are found

- increase search space
- search for 10 extra names
2019-05-16 18:15:56 +10:00
Sam Saffron
a8fbb19e7c FEATURE: allow a huge number of users to share common prefix
Previously username suggester would give up after 100 attempts at getting
a username and fallback to random string.

This amends the logic so we do all the work of figuring out a good username
in SQL and avoids a large amount of queries in cases where a lot of usernames
were used up.

This corrects an issue on sites with large numbers of anon users
2019-05-16 17:15:16 +10:00
Sam Saffron
0a5a6dfded DEV: stop mutating inputs as a side effect
We had quite a few cases in core where inputs are being mutated as a side
effect of calling a method.

This handles all the cases where specs caught this.

Mutating inputs makes code harder to reason about. Eg:

```
frog = "frog"
jump(frog)
puts frog
"fly" # ?????
```

This commit is part of a followup commit that adds # frozen_string_literal
to all our specs.
2019-04-30 10:25:53 +10:00
Gerhard Schlager
a7bc1ecbae FEATURE: Add support for Unicode usernames and group names
Co-authored-by: Joffrey JAFFEUX <j.jaffeux@gmail.com>
2019-04-23 13:00:27 +02:00
Rishabh Nambiar
81c87df18a FIX: don't raise an error on integer usernames 2018-09-10 22:17:56 +05:30
Arpit Jalan
bb0fa5abbc FIX: suggested username should not be more than setting max_username_length 2017-03-29 18:19:28 +05:30
Bianca Nenciu
30909ec54e Add support for username regex. 2017-03-02 13:53:45 +02:00
Gerhard Schlager
c4ec1d0fcf FIX: Don't suggest invalid username 2016-02-21 23:28:57 +01:00
Guo Xiang Tan
0916007d01 Fix the build. 2016-01-27 16:04:11 +08:00
Jeff Atwood
0337964759 a bit better email name inference 2016-01-26 16:39:02 -08:00
Régis Hanol
c2c01cdb5d FIX: username suggester to account for the more relaxed username rules (closes #3907) 2016-01-20 15:37:34 +01:00
Régis Hanol
3083657358 FEATURE: better email in support
FEATURE: new incoming_email model
FEATURE: infinite scrolling in emails admin
FEATURE: new 'emails:import' rake task
2016-01-19 00:57:55 +01:00
Arpit Jalan
d73d4d4769 FIX: UserNameSuggester should not suggest usernames with a sequence of 2 or more special chars 2015-09-11 16:53:26 +05:30
Sam
d80ed94608 more username cycling avoidance 2015-03-27 10:10:53 +11:00
Régis Hanol
7aaf718cf3 update bbcode dialect and fix vBulletin importer 2014-08-25 10:48:29 +02:00
Robin Ward
d3f1eb395d Updated import for TypePad 2014-03-19 15:02:49 -04:00
Juan de Dios Herrero
96d23ddd8d Refactored user_name suggestion methods into a module to reduce the complexity of User model 2013-06-06 16:40:10 +02:00