fix: restrict userName characters

gasp · Aug 7, 2024 · 826eef9 · 826eef9
1 parent e5eb7d3
commit 826eef9
Show file tree

Hide file tree

Showing 3 changed files with 32 additions and 6 deletions.
diff --git a/src/components/accessories/admin/users/newUser/validation.test.ts b/src/components/accessories/admin/users/newUser/validation.test.ts
@@ -1,8 +1,8 @@
-import { passwordRules } from "./validation";
+import { passwordRules, userNameRules } from "./validation";
 
 describe("password rules", () => {
   it("should pass when all rules are matched", () => {
-    expect(passwordRules.test("ThisPassw0rdIsCorrect"));
+    expect(passwordRules.test("ThisPassw0rdIsCorrect")).toBeTruthy();
   });
   it("should be 5 characters long", () => {
     expect(passwordRules.test("aA4")).toBeFalsy();
@@ -17,3 +17,22 @@ describe("password rules", () => {
     expect(passwordRules.test("ThisPasswordIsNotCorrect")).toBeFalsy();
   });
 });
+
+describe("userName rules", () => {
+  it("should pass", () => {
+    expect(userNameRules.test("johndoe")).toBeTruthy();
+    expect(userNameRules.test("johndoe42")).toBeTruthy();
+    expect(userNameRules.test("42")).toBeTruthy();
+    expect(userNameRules.test("john.doe")).toBeTruthy();
+    expect(userNameRules.test("john-doe")).toBeTruthy();
+    expect(userNameRules.test("john_doe")).toBeTruthy();
+  });
+  it("should filter out", () => {
+    expect(userNameRules.test("Johndoe")).toBeFalsy();
+    expect(userNameRules.test("johnDoe")).toBeFalsy();
+    expect(userNameRules.test("john doe")).toBeFalsy();
+    expect(userNameRules.test("john/doe")).toBeFalsy();
+    expect(userNameRules.test("すず")).toBeFalsy();
+    expect(userNameRules.test("j̵̨̨̧͖̠̩̤̗̟̲̯̭̫̰͆͛̏͛͒́̂̔̅͘͘̚̕͝͝ȯ̵̫̭̮̖̀̓̾̉͋͋̌̇͘h̶̡̢̡̜̻̥͙̳͉̰̟̬͚̍̃̽̎͒̋̄̔͋͘͝͝ͅn̷̜̠̰͍̤̰̺̠͌̌̒͑̓̌̂̒͗͒͗̐͝͝͠")).toBeFalsy();
+  });
+});
diff --git a/src/components/accessories/admin/users/newUser/validation.ts b/src/components/accessories/admin/users/newUser/validation.ts
@@ -1,13 +1,19 @@
-import { object, string, ref } from "yup";
-import { UserGroupDTO } from "../../../../../generated";
 import { TFunction } from "react-i18next";
+import { object, ref, string } from "yup";
+import { UserGroupDTO } from "../../../../../generated";
 import { FormProps } from "./NewUser";
 // min 5 characters, 1 upper case letter, 1 lower case letter, 1 numeric digit.
 export const passwordRules = /^(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{5,}$/;
 
+export const userNameRules = /^[a-z0-9-._]+$/;
+
 export const userSchema = (t: TFunction<"translation">) =>
   object().shape<FormProps>({
-    userName: string().min(2).required(t("user.validateUserName")),
+    userName: string()
+      .min(2)
+      .max(50)
+      .matches(userNameRules, t("user.validateUserNameRegex"))
+      .required(t("user.validateUserName")),
     userGroupName: object<UserGroupDTO>({
       code: string().required(t("user.validateUserNeedsGroup")),
       desc: string(),

diff --git a/src/resources/i18n/en.json b/src/resources/i18n/en.json
@@ -34,7 +34,8 @@
     "validatePasswordTooShort": "Password is too short - should be 5 chars minimum.",
     "validatePasswordTooWeak": "Please create a stronger password: 1 upper case letter, 1 lower case letter, 1 numeric digit",
     "validatePasswordMustMatch": "Passwords must match",
-    "validateUserName": "You need to specify a user name"
+    "validateUserName": "You need to specify a user name",
+    "validateUserNameRegex": "Allowed characters: lowercase letters(abc), numbers(123), dot(.), dash (-) and underscore (_)"
   },
   "hospital": {
     "address": "Address",