diff options
author | Timothy Andrew <mail@timothyandrew.net> | 2016-11-16 17:54:43 +0530 |
---|---|---|
committer | Timothy Andrew <mail@timothyandrew.net> | 2016-11-18 11:47:37 +0530 |
commit | 78b6d6624be3a6d59710bf766e7253c2e6787f5a (patch) | |
tree | 1c563db6ffaa38d2772c8fcf9092abd9d80a6bda /lib | |
parent | b33791d8b94f5b41699996414e7fa2ce06e2f519 (diff) | |
download | gitlab-ce-78b6d6624be3a6d59710bf766e7253c2e6787f5a.tar.gz |
Allow registering users where the username contains dots (.).
Javascript does not support the negative lookbehind assertion (?<!) used
in the Ruby regex (to disallow usernames ending in `.git` or `.atom`.
Getting the client side code to fully support this format is
non-trivial, since we'd either have to heavily complicate the
regex used, or modify the frontend code to support more complex
validation schemes (it currently uses HTML5 validations).
The pragmatic choice is to create a
`Gitlab::Regex::NAMESPACE_REGEX_STR_SIMPLE` regex to serve as a
Javascript-compatible version of `NAMESPACE_REGEX_STR`.
The client-side code will not display an error for usernames ending in
`.git` and `.atom`, but these will be caught by the server-side
validation.
Diffstat (limited to 'lib')
-rw-r--r-- | lib/gitlab/regex.rb | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/lib/gitlab/regex.rb b/lib/gitlab/regex.rb index 155ca47e04c..47ea8b7e82e 100644 --- a/lib/gitlab/regex.rb +++ b/lib/gitlab/regex.rb @@ -2,7 +2,14 @@ module Gitlab module Regex extend self - NAMESPACE_REGEX_STR = '(?:[a-zA-Z0-9_\.][a-zA-Z0-9_\-\.]*[a-zA-Z0-9_\-]|[a-zA-Z0-9_])(?<!\.git|\.atom)'.freeze + # The namespace regex is used in Javascript to validate usernames in the "Register" form. However, Javascript + # does not support the negative lookbehind assertion (?<!) that disallows usernames ending in `.git` and `.atom`. + # Since this is a non-trivial problem to solve in Javascript (heavily complicate the regex, modify view code to + # allow non-regex validatiions, etc), `NAMESPACE_REGEX_STR_SIMPLE` serves as a Javascript-compatible version of + # `NAMESPACE_REGEX_STR`, with the negative lookbehind assertion removed. This means that the client-side validation + # will pass for usernames ending in `.atom` and `.git`, but will be caught by the server-side validation. + NAMESPACE_REGEX_STR_SIMPLE = '[a-zA-Z0-9_\.][a-zA-Z0-9_\-\.]*[a-zA-Z0-9_\-]|[a-zA-Z0-9_]'.freeze + NAMESPACE_REGEX_STR = "(?:#{NAMESPACE_REGEX_STR_SIMPLE})(?<!\.git|\.atom)".freeze def namespace_regex @namespace_regex ||= /\A#{NAMESPACE_REGEX_STR}\z/.freeze |