Uniquify reserved word usernames on OAuth user creation

author: Robin Bobbitt <ryehle@us.ibm.com> 2017-08-01 16:42:46 -0400
committer: Robin Bobbitt <ryehle@us.ibm.com> 2017-08-02 09:40:49 -0400
commit: 71951fc38c080579f9270d0c7a80bb3330483886 (patch)
tree: a81113c6742d74a193fc19d821288f0bc540f5a4 /lib/gitlab/o_auth
parent: 48c51e207e4cba8a69e4ca65cba1e169d384cefa (diff)
download: gitlab-ce-71951fc38c080579f9270d0c7a80bb3330483886.tar.gz
1 files changed, 7 insertions, 2 deletions
diff --git a/lib/gitlab/o_auth/user.rb b/lib/gitlab/o_auth/user.rb
index 3f2bbd9f6a6..e8330917e91 100644
--- a/lib/gitlab/o_auth/user.rb
+++ b/lib/gitlab/o_auth/user.rb
@@ -166,12 +166,17 @@ module Gitlab
         username ||= auth_hash.username
         email ||= auth_hash.email
 
+        valid_username = ::Namespace.clean_path(username)
+
+        uniquify = Uniquify.new
+        valid_username = uniquify.string(valid_username) { |s| !DynamicPathValidator.valid_user_path?(s) }
+
         name = auth_hash.name
-        name = ::Namespace.clean_path(username) if name.strip.empty?
+        name = valid_username if name.strip.empty?
 
         {
           name:                       name,
-          username:                   ::Namespace.clean_path(username),
+          username:                   valid_username,
           email:                      email,
           password:                   auth_hash.password,
           password_confirmation:      auth_hash.password,
author	Robin Bobbitt <ryehle@us.ibm.com>	2017-08-01 16:42:46 -0400
committer	Robin Bobbitt <ryehle@us.ibm.com>	2017-08-02 09:40:49 -0400
commit	71951fc38c080579f9270d0c7a80bb3330483886 (patch)
tree	a81113c6742d74a193fc19d821288f0bc540f5a4 /lib/gitlab/o_auth
parent	48c51e207e4cba8a69e4ca65cba1e169d384cefa (diff)
download	gitlab-ce-71951fc38c080579f9270d0c7a80bb3330483886.tar.gz