From c7b23383656a3dfb4027bfe3304cc118e7312ec9 Mon Sep 17 00:00:00 2001
From: Loic Dachary <loic@dachary.org>
Date: Tue, 12 Jan 2016 18:39:28 +0100
Subject: [PATCH] Fix #1096 - allow - and _ in usernames
Signed-off-by: Loic Dachary <loic@dachary.org>
---
mediagoblin/auth/tools.py | 2 +-
mediagoblin/tests/test_auth.py | 26 ++++++++++++++++++++++++--
2 files changed, 25 insertions(+), 3 deletions(-)
diff --git a/mediagoblin/auth/tools.py b/mediagoblin/auth/tools.py
index 5a47dae..9c16a98 100644
|
a
|
b
|
def normalize_user_or_email_field(allow_email=True, allow_user=True):
|
| 57 | 57 | if not allow_user: |
| 58 | 58 | raise wtforms.ValidationError(nouser_msg) |
| 59 | 59 | wtforms.validators.Length(min=3, max=30)(form, field) |
| 60 | | wtforms.validators.Regexp(r'^\w+$')(form, field) |
| | 60 | wtforms.validators.Regexp(r'^[-_\w]+$')(form, field) |
| 61 | 61 | field.data = field.data.lower() |
| 62 | 62 | if field.data is None: # should not happen, but be cautious anyway |
| 63 | 63 | raise wtforms.ValidationError(message) |
diff --git a/mediagoblin/tests/test_auth.py b/mediagoblin/tests/test_auth.py
index 62f77f7..cb971fd 100644
|
a
|
b
|
def test_register_views(test_app):
|
| 80 | 80 | assert form.username.errors == [u'This field does not take email addresses.'] |
| 81 | 81 | assert form.email.errors == [u'This field requires an email address.'] |
| 82 | 82 | |
| | 83 | ## invalid characters |
| | 84 | template.clear_test_template_context() |
| | 85 | test_app.post( |
| | 86 | '/auth/register/', { |
| | 87 | 'username': 'ampersand&invalid', |
| | 88 | 'email': 'easter@egg.com'}) |
| | 89 | context = template.TEMPLATE_TEST_CONTEXT['mediagoblin/auth/register.html'] |
| | 90 | form = context['register_form'] |
| | 91 | |
| | 92 | assert form.username.errors == [u'Invalid input.'] |
| | 93 | |
| 83 | 94 | ## At this point there should be no users in the database ;) |
| 84 | 95 | assert User.query.count() == 0 |
| 85 | 96 | |
| | 97 | ## mixture of characters from all valid ranges |
| | 98 | template.clear_test_template_context() |
| | 99 | test_app.post( |
| | 100 | '/auth/register/', { |
| | 101 | 'username': 'Jean-Louis1_Le-Chat', |
| | 102 | 'password': 'iamsohappy', |
| | 103 | 'email': 'easter@egg.com'}) |
| | 104 | |
| | 105 | ## At this point there should on user in the database |
| | 106 | assert User.query.count() == 1 |
| | 107 | |
| 86 | 108 | # Successful register |
| 87 | 109 | # ------------------- |
| 88 | 110 | template.clear_test_template_context() |
| … |
… |
def test_register_views(test_app):
|
| 115 | 137 | assert request.session['user_id'] == six.text_type(new_user.id) |
| 116 | 138 | |
| 117 | 139 | ## Make sure we get email confirmation, and try verifying |
| 118 | | assert len(mail.EMAIL_TEST_INBOX) == 1 |
| | 140 | assert len(mail.EMAIL_TEST_INBOX) == 2 |
| 119 | 141 | message = mail.EMAIL_TEST_INBOX.pop() |
| 120 | 142 | assert message['To'] == 'angrygrrl@example.org' |
| 121 | 143 | email_context = template.TEMPLATE_TEST_CONTEXT[ |
| … |
… |
def test_register_views(test_app):
|
| 187 | 209 | assert 'mediagoblin/auth/login.html' in template.TEMPLATE_TEST_CONTEXT |
| 188 | 210 | |
| 189 | 211 | ## Make sure link to change password is sent by email |
| 190 | | assert len(mail.EMAIL_TEST_INBOX) == 1 |
| | 212 | assert len(mail.EMAIL_TEST_INBOX) == 2 |
| 191 | 213 | message = mail.EMAIL_TEST_INBOX.pop() |
| 192 | 214 | assert message['To'] == 'angrygrrl@example.org' |
| 193 | 215 | email_context = template.TEMPLATE_TEST_CONTEXT[ |
