search

liqd / aula

An online platform for political participation in schools in Germany (not in active development)
https://liqd.net
Other
27 stars 5 forks source link

user name validation too strict #990

Closed fisx closed 8 years ago

fisx commented 8 years ago

rule for valid characters in userFirstName, userLastName:

allowed c = ... everything goes!

login nicks will be composed of small letters only; special characters are ignored.

(not sure: what's the current behavior?) current behavior: a-okay except the login construction does not filter invalid characters. see https://github.com/liqd/aula/issues/990#issuecomment-254502893 below.

fisx commented 8 years ago

we already have usernameV in Frontend.Validation for user login. we need to add userFirstLastNameV and change the name of usernameV to userLoginV for consistency.

fisx commented 8 years ago

before we get going with that: write a failing test case.

fisx commented 8 years ago

ok, after some testing:

  1. user names are not restricted to any characters at all. any byte sequence that does not violate the encoding will be accepted, and correctly written to the csv file with the initial passwords.
  2. generating logins from that will violate the rule that logins should only consist of [a-zA-Z]. they will just pick what they find in the user name.

2016-10-18-150718_1600x900_scrot

so the task here is to filter special characters out of the first and last name before constructing the login.