Add username verification (#114)

Move and add validation to Controller.get_username_from_view(). This addresses #101 + Add tests for username validator Reviewed-on: #114 Reviewed-by: Nathan Chung <n4chung@csclub.uwaterloo.ca> Co-authored-by: o32patel <ohm.patel@uwaterloo.ca> Co-committed-by: o32patel <ohm.patel@uwaterloo.ca>
2024-01-15 20:01:44 -05:00 · 2024-01-15 20:01:44 -05:00 · f06ccdc3f9
parent 5332259731
commit f06ccdc3f9
3 changed files with 35 additions and 3 deletions
--- a/ceo/tui/controllers/Controller.py
+++ b/ceo/tui/controllers/Controller.py
@ -1,6 +1,7 @@
 from abc import ABC

 import ceo.tui.utils as utils
+from ...utils import validate_username


 # NOTE: one controller can control multiple views,
@ -52,8 +53,9 @@ class Controller(ABC):
    def get_username_from_view(self):
        username = self.view.username_edit.edit_text
        # TODO: share validation logic between CLI and TUI
-        if not username:
-            self.view.popup('Username must not be empty')
+        verification_res = validate_username(username)
+        if verification_res:
+            self.view.popup(verification_res)
            raise Controller.InvalidInput()
        return username

--- a/ceo/utils.py
+++ b/ceo/utils.py
@ -1,9 +1,10 @@
 import functools
 import json
 import os
-from typing import List, Dict, Tuple, Callable
+from typing import List, Dict, Tuple, Callable, Union

 import requests
+import re
 from zope import component

 from .StreamResponseHandler import StreamResponseHandler
@ -11,6 +12,8 @@ from ceo_common.interfaces import IHTTPClient, IConfig
 from ceo_common.model import Term
 from ceod.transactions.members import AddMemberTransaction

+VALID_USERNAME_RE = re.compile(r"^[a-z0-9]+[a-z0-9-]+$")
+

 def http_request(method: str, path: str, **kwargs) -> requests.Response:
    client = component.getUtility(IHTTPClient)
@ -266,3 +269,11 @@ From other CSC machines you can connect using
        return True
    except PermissionError:
        return False
+
+
+def validate_username(username: str) -> Union[str, None]:
+    if not username:
+        return 'Username must not be empty'
+    if not VALID_USERNAME_RE.fullmatch(username):
+        return 'Username is invalid'
+    return None
--- a/tests/ceo/utils.py
+++ b/tests/ceo/utils.py
@ -0,0 +1,19 @@
+import ceo.utils as utils
+
+
+def test_validate_username():
+    assert utils.validate_username('') == 'Username must not be empty'
+    assert utils.validate_username('-failure') == 'Username is invalid'
+    assert utils.validate_username('35 - joe') == 'Username is invalid'
+    assert utils.validate_username('35 -joe') == 'Username is invalid'
+    assert utils.validate_username('35- joe') == 'Username is invalid'
+    assert utils.validate_username('35$joe') == 'Username is invalid'
+    assert utils.validate_username(' 35joe') == 'Username is invalid'
+    assert utils.validate_username('35 joe') == 'Username is invalid'
+    assert utils.validate_username('35joe ') == 'Username is invalid'
+    assert utils.validate_username('joe!') == 'Username is invalid'
+    assert utils.validate_username('e45jong') is None
+    assert utils.validate_username('joe-35') is None
+    assert utils.validate_username('joe35-') is None
+    assert utils.validate_username('35joe-') is None
+    assert utils.validate_username('35-joe') is None