apply validator for username update input

ee/tabby-schema/src/schema/auth.rs

@@ -279,6 +279,26 @@ pub struct PasswordChangeInput {
     pub new_password2: String,
 }
 
+#[derive(Validate)]
+pub struct UpdateUserNameInput {
+    #[validate(length(
+        min = 2,
+        code = "username",
+        message = "Username must be at least 2 characters"
+    ))]
+    #[validate(length(
+        max = 20,
+        code = "username",
+        message = "Username must be at most 20 characters"
+    ))]
+    #[validate(regex(
+        code = "username",
+        path = "crate::schema::constants::USERNAME_REGEX",
+        message = "Invalid username, only alphanumeric characters, _ and - are allowed"
+    ))]
+    pub name: String,
+}
+
 #[derive(Debug, Serialize, Deserialize, GraphQLObject)]
 #[graphql(context = Context)]
 pub struct Invitation {

ee/tabby-schema/src/schema/constants.rs

@@ -3,4 +3,5 @@ use regex::Regex;
 
 lazy_static! {
     pub static ref REPOSITORY_NAME_REGEX: Regex = Regex::new("^[a-zA-Z][\\w.-]+$").unwrap();
+    pub static ref USERNAME_REGEX: Regex = Regex::new("^[a-zA-Z0-9_-]+$").unwrap();
 }

ee/tabby-schema/src/schema/mod.rs

@@ -623,7 +623,9 @@ impl Mutation {
                 "You cannot change another user's name",
             ));
         }
-        ctx.locator.auth().update_user_name(&id, name).await?;
+        let input = auth::UpdateUserNameInput { name };
+        input.validate()?;
+        ctx.locator.auth().update_user_name(&id, input.name).await?;
         Ok(true)
     }
 

ee/tabby-webserver/src/service/auth.rs

@@ -223,9 +223,6 @@ impl AuthenticationService for AuthenticationServiceImpl {
         if is_demo_mode() {
             bail!("Changing profile data is disabled in demo mode");
         }
-        if name.is_empty() || name.len() > 100 {
-            bail!("Name must be between 1 and 10 characters");
-        }
         let id = id.as_rowid()?;
         self.db.update_user_name(id, name).await?;
         Ok(())