Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Profile updates enabled for antique usernames containing spaces #1804

Merged
merged 7 commits into from
Feb 11, 2025
Merged

Profile updates enabled for antique usernames containing spaces #1804

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
65a055c
profile update: allow spaces for existing usernames (but also for mod…
quimmrc Dec 13, 2024
6a51d80
enable profile updates for antique usernames containing spaces
quimmrc Dec 13, 2024
4cb2b9a
add unit test for username whitespace validation
quimmrc Jan 21, 2025
6e81904
Merge branch 'master' into issue1516
quimmrc Jan 23, 2025
8c7369c
graylog error solving
quimmrc Jan 23, 2025
f7fbd7e
Merge branch 'master' into issue1516
ffont Feb 11, 2025
94dd2de
Use force_login
ffont Feb 11, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 21 additions & 2 deletions accounts/forms.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -152,12 +152,24 @@ def get_user_by_email(email):

class UsernameField(forms.CharField):
""" Username field, 3~30 characters, allows only alphanumeric chars, required by default """

def __init__(self, required=True):
"""Validates the username field for a form. Validation for brand new usernames must have strong validation (see Regex).
For profile modifications, the username validation is done in ProfileForm cleaning methods, as antique usernames can
contain spaces but new modified ones cannot.

Args:
required (bool, optional): True for RegistrationForms, false for ProfileForms
"""
if required:
validators = [RegexValidator(r'^[\w.+-]+$')] # is the same as Django UsernameValidator except for '@' symbol
else:
validators = []
super().__init__(
label="Username",
min_length=3,
max_length=30,
validators=[RegexValidator(r'^[\w.+-]+$')], # is the same as Django UsernameValidator except for '@' symbol
validators=validators,
help_text="30 characters or fewer. Can contain: letters, digits, underscores, dots, dashes and plus signs.",
error_messages={'invalid': "The username field must contain only letters, digits, underscores, dots, dashes and "
"plus signs."},
Expand Down Expand Up @@ -389,9 +401,16 @@ def clean_username(self):
if not username:
username = self.request.user.username

# If username was not changed, consider it valid
# If username was not changed, consider it valid. If it has, validate it to check it does not contain space characters.
if username.lower() == self.request.user.username.lower():
return username
else:
validator = RegexValidator(regex=r'^[\w.+-]+$',
message="The username field must contain only letters, digits, underscores, dots, dashes and plus signs.",
code='invalid')
if validator(username):
return username


# Check that username is not used by another user. Note that because when the maximum number of username
# changes is reached, the "username" field of the ProfileForm is disabled and its contents won't change.
Expand Down
23 changes: 23 additions & 0 deletions accounts/tests/test_user.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1085,7 +1085,30 @@ def test_oldusername_username_unique_case_insensitiveness(self):
OldUsername.objects.create(user=userA, username='newUserAUsername')
with self.assertRaises(IntegrityError):
OldUsername.objects.create(user=userA, username='NewUserAUsername')

def test_username_whitespace(self):
"""Test that for usernames created before stronger validation was applied, whitespaces are a valid character
but for new edited ones they are not."""
userA = User.objects.create_user('user A', email='[email protected]', password='testpass')
self.client.force_login(userA)

# Test save profile without changing username with whitespaces
resp = self.client.post(reverse('accounts-edit'), data={'profile-username': ['user A'], 'profile-ui_theme_preference': 'f'})
self.assertRedirects(resp, reverse('accounts-edit'))
self.assertEqual(OldUsername.objects.filter(user=userA).count(), 0)

# Test save profile changing username (no whitespaces)
resp = self.client.post(reverse('accounts-edit'), data={'profile-username': ['userANewName'], 'profile-ui_theme_preference': 'f'})
self.assertRedirects(resp, reverse('accounts-edit'))
userA.refresh_from_db()
self.assertEqual(OldUsername.objects.filter(user=userA).count(), 1)

# Test save profile changing username (whitespaces -> fail)
resp = self.client.post(reverse('accounts-edit'), data={'profile-username': ['userA SpaceName'], 'profile-ui_theme_preference': 'f'})
self.assertEqual(resp.status_code, 200)
userA.refresh_from_db()
self.assertEqual(userA.username, 'userANewName')
self.assertEqual(OldUsername.objects.filter(user=userA).count(), 1)

class ChangeEmailViaAdminTestCase(TestCase):

Expand Down