mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2025-01-22 06:12:55 -05:00
Improve the maintainblity of the reserved username list (#32229)
(cherry picked from commit 6029d78ab5006e8fb4f42adb5a8c491f19fa7b0a) Conflicts: models/user/user.go services/user/user_test.go trivial context conflict tests/integration/user_test.go discarded entirely because dot may be allowed in Forgejo under some conditions
This commit is contained in:
parent
eff28911d3
commit
7855e4bb56
3 changed files with 39 additions and 46 deletions
|
@ -586,44 +586,46 @@ var (
|
||||||
".",
|
".",
|
||||||
"..",
|
"..",
|
||||||
".well-known",
|
".well-known",
|
||||||
"admin",
|
|
||||||
"api",
|
"api", // gitea api
|
||||||
"assets",
|
"metrics", // prometheus metrics api
|
||||||
"attachments",
|
"v2", // container registry api
|
||||||
"avatar",
|
|
||||||
"avatars",
|
"assets", // static asset files
|
||||||
"captcha",
|
"attachments", // issue attachments
|
||||||
"commits",
|
|
||||||
"debug",
|
"avatar", // avatar by email hash
|
||||||
"devtest",
|
"avatars", // user avatars by file name
|
||||||
"error",
|
|
||||||
"explore",
|
|
||||||
"favicon.ico",
|
|
||||||
"ghost",
|
|
||||||
"issues",
|
|
||||||
"login",
|
|
||||||
"manifest.json",
|
|
||||||
"metrics",
|
|
||||||
"milestones",
|
|
||||||
"new",
|
|
||||||
"notifications",
|
|
||||||
"org",
|
|
||||||
"pulls",
|
|
||||||
"raw",
|
|
||||||
"repo",
|
|
||||||
"repo-avatars",
|
"repo-avatars",
|
||||||
"robots.txt",
|
|
||||||
"search",
|
"captcha",
|
||||||
"serviceworker.js",
|
"login", // oauth2 login
|
||||||
"ssh_info",
|
"org", // org create/manage, or "/org/{org}", BUT if an org is named as "invite" then it goes wrong
|
||||||
|
"repo", // repo create/migrate, etc
|
||||||
|
"user", // user login/activate/settings, etc
|
||||||
|
|
||||||
|
"admin",
|
||||||
|
"devtest",
|
||||||
|
"explore",
|
||||||
|
"issues",
|
||||||
|
"pulls",
|
||||||
|
"milestones",
|
||||||
|
"notifications",
|
||||||
|
|
||||||
|
"favicon.ico",
|
||||||
|
"manifest.json", // web app manifests
|
||||||
|
"robots.txt", // search engine robots
|
||||||
|
"sitemap.xml", // search engine sitemap
|
||||||
|
"ssh_info", // agit info
|
||||||
"swagger.v1.json",
|
"swagger.v1.json",
|
||||||
"user",
|
|
||||||
"v2",
|
"ghost", // reserved name for deleted users (id: -1)
|
||||||
"gitea-actions",
|
"gitea-actions", // gitea builtin user (id: -2)
|
||||||
"forgejo-actions",
|
"forgejo-actions", // forgejo builtin user (id: -2)
|
||||||
}
|
}
|
||||||
|
|
||||||
// DON'T ADD ANY NEW STUFF, WE SOLVE THIS WITH `/user/{obj}` PATHS!
|
// These names are reserved for user accounts: user's keys, user's rss feed, user's avatar, etc.
|
||||||
|
// DO NOT add any new stuff! The paths with these names are processed by `/{username}` handler (UsernameSubRoute) manually.
|
||||||
reservedUserPatterns = []string{"*.keys", "*.gpg", "*.rss", "*.atom", "*.png"}
|
reservedUserPatterns = []string{"*.keys", "*.gpg", "*.rss", "*.atom", "*.png"}
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
|
@ -114,12 +114,10 @@ func TestRenameUser(t *testing.T) {
|
||||||
})
|
})
|
||||||
|
|
||||||
t.Run("Non usable username", func(t *testing.T) {
|
t.Run("Non usable username", func(t *testing.T) {
|
||||||
usernames := []string{"--diff", "aa.png", ".well-known", "search", "aaa.atom"}
|
usernames := []string{"--diff", ".well-known", "gitea-actions", "aaa.atom", "aa.png"}
|
||||||
for _, username := range usernames {
|
for _, username := range usernames {
|
||||||
t.Run(username, func(t *testing.T) {
|
require.Error(t, user_model.IsUsableUsername(username), "non-usable username: %s", username)
|
||||||
require.Error(t, user_model.IsUsableUsername(username))
|
require.Error(t, RenameUser(db.DefaultContext, user, username), "non-usable username: %s", username)
|
||||||
require.Error(t, RenameUser(db.DefaultContext, user, username))
|
|
||||||
})
|
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
|
|
||||||
|
|
|
@ -114,10 +114,7 @@ func TestRenameReservedUsername(t *testing.T) {
|
||||||
"avatar",
|
"avatar",
|
||||||
"avatars",
|
"avatars",
|
||||||
"captcha",
|
"captcha",
|
||||||
"commits",
|
|
||||||
"debug",
|
|
||||||
"devtest",
|
"devtest",
|
||||||
"error",
|
|
||||||
"explore",
|
"explore",
|
||||||
"favicon.ico",
|
"favicon.ico",
|
||||||
"ghost",
|
"ghost",
|
||||||
|
@ -126,16 +123,12 @@ func TestRenameReservedUsername(t *testing.T) {
|
||||||
"manifest.json",
|
"manifest.json",
|
||||||
"metrics",
|
"metrics",
|
||||||
"milestones",
|
"milestones",
|
||||||
"new",
|
|
||||||
"notifications",
|
"notifications",
|
||||||
"org",
|
"org",
|
||||||
"pulls",
|
"pulls",
|
||||||
"raw",
|
|
||||||
"repo",
|
"repo",
|
||||||
"repo-avatars",
|
"repo-avatars",
|
||||||
"robots.txt",
|
"robots.txt",
|
||||||
"search",
|
|
||||||
"serviceworker.js",
|
|
||||||
"ssh_info",
|
"ssh_info",
|
||||||
"swagger.v1.json",
|
"swagger.v1.json",
|
||||||
"user",
|
"user",
|
||||||
|
|
Loading…
Add table
Reference in a new issue