From 75b989240a21449e2941f582ba2d0d933fcefe56 Mon Sep 17 00:00:00 2001
From: Henning <hng@users.noreply.github.com>
Date: Tue, 22 Sep 2020 16:46:17 +0200
Subject: [PATCH] Added validation for name: Should not include a http(s) url
 (#2114)

---
 app/models/user.rb       | 3 ++-
 spec/models/user_spec.rb | 1 +
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/app/models/user.rb b/app/models/user.rb
index 71e3c8d1..fc5d0108 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -35,7 +35,8 @@ class User < ApplicationRecord
 
   belongs_to :role, required: false
 
-  validates :name, length: { maximum: 256 }, presence: true
+  validates :name, length: { maximum: 256 }, presence: true,
+                   format: { without: %r{https?://}i }
   validates :provider, presence: true
   validate :check_if_email_can_be_blank
   validates :email, length: { maximum: 256 }, allow_blank: true,
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
index 9670b997..8c6d6522 100644
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -27,6 +27,7 @@ describe User, type: :model do
   context 'validations' do
     it { should validate_presence_of(:name) }
     it { should validate_length_of(:name).is_at_most(256) }
+    it { should_not allow_value("https://www.bigbluebutton.org").for(:name) }
 
     it { should validate_presence_of(:provider) }