Disallow usernames that contain certain words and RegExp (#2200)

* Add `disallowedwords` setting and perform check Check if any of the words in `disallowedwords` are contained in the username. If so, return false like other checks. NOTE: Needs testing for advanced bugs. * Remove "administrator" from `disallowedwords` "administrator" contains "admin" anyway, so it is not needed. * Add error message if username contains a disallowed word * Add `disallowedregexp` setting and perform check Check if each expression in `disallowedregexp` exactly matches the username. If so, return false. TODO: Add specific error to dialog in `window_main.cpp`. * Add error message for username matching RegExp * Fix indentation * Compile `disallowedregexp` into a QList upon initialization Reduces system load with each registration request. * Clean up `isUsernameValid` function * Fix indentation * Add backwards compatibility to client Client can accept either 7 or 9 rules to maintain compatibility with older versions of server. * Add examples and warnings to `servatrice.ini`
2026-04-27 07:48:01 -07:00 · 2016-10-17 21:24:42 +11:00 · 2016-10-17 21:24:42 +11:00 · 0b7f4c134c
commit 0b7f4c134c
parent f20e2ce2bd
5 changed files with 49 additions and 7 deletions
--- a/servatrice/src/servatrice_database_interface.cpp
+++ b/servatrice/src/servatrice_database_interface.cpp
@ -132,7 +132,12 @@ bool Servatrice_DatabaseInterface::usernameIsValid(const QString &user, QString
    bool allowNumerics = settingsCache->value("users/allownumerics", true).toBool();
    bool allowPunctuationPrefix = settingsCache->value("users/allowpunctuationprefix", false).toBool();
    QString allowedPunctuation = settingsCache->value("users/allowedpunctuation", "_").toString();
-    error = QString("%1|%2|%3|%4|%5|%6|%7").arg(minNameLength).arg(maxNameLength).arg(allowLowercase).arg(allowUppercase).arg(allowNumerics).arg(allowPunctuationPrefix).arg(allowedPunctuation);
+    QString disallowedWordsStr = settingsCache->value("users/disallowedwords", "").toString();
+    QStringList disallowedWords = disallowedWordsStr.split(",", QString::SkipEmptyParts);
+    disallowedWords.removeDuplicates();
+    QString disallowedRegExpStr = settingsCache->value("users/disallowedregexp", "").toString();
+
+    error = QString("%1|%2|%3|%4|%5|%6|%7|%8|%9").arg(minNameLength).arg(maxNameLength).arg(allowLowercase).arg(allowUppercase).arg(allowNumerics).arg(allowPunctuationPrefix).arg(allowedPunctuation).arg(disallowedWordsStr).arg(disallowedRegExpStr);

    if (user.length() < minNameLength || user.length() > maxNameLength)
        return false;
@ -140,6 +145,14 @@ bool Servatrice_DatabaseInterface::usernameIsValid(const QString &user, QString
    if (!allowPunctuationPrefix && allowedPunctuation.contains(user.at(0)))
        return false;

+    for (const QString &word : disallowedWords) {
+        if (user.contains(word, Qt::CaseInsensitive)) return false;
+    }
+
+    for (const QRegExp &regExp : settingsCache->disallowedRegExp) {
+        if (regExp.exactMatch(user)) return false;
+    }
+
    QString regEx("[");
    if (allowLowercase)
        regEx.append("a-z");