refs #6827 Check usernames special characters
gitea/salix/pipeline/pr-dev This commit looks good Details

This commit is contained in:
Ivan Mas 2024-02-28 13:32:17 +01:00
parent 89ebd36b9b
commit 10a89cb790
14 changed files with 42 additions and 33 deletions

View File

@ -3,14 +3,14 @@ const {models} = require('vn-loopback/server/server');
describe('Chat send()', () => { describe('Chat send()', () => {
it('should return true as response', async() => { it('should return true as response', async() => {
let ctx = {req: {accessToken: {userId: 1}}}; let ctx = {req: {accessToken: {userId: 1}}};
let response = await models.Chat.send(ctx, '@salesPerson', 'I changed something'); let response = await models.Chat.send(ctx, '@salesperson', 'I changed something');
expect(response).toEqual(true); expect(response).toEqual(true);
}); });
it('should return false as response', async() => { it('should return false as response', async() => {
let ctx = {req: {accessToken: {userId: 18}}}; let ctx = {req: {accessToken: {userId: 18}}};
let response = await models.Chat.send(ctx, '@salesPerson', 'I changed something'); let response = await models.Chat.send(ctx, '@salesperson', 'I changed something');
expect(response).toEqual(false); expect(response).toEqual(false);
}); });

View File

@ -81,7 +81,7 @@ INSERT INTO `account`.`roleConfig`(`id`, `mysqlPassword`, `rolePrefix`, `userPre
CALL `account`.`role_sync`; CALL `account`.`role_sync`;
INSERT INTO `account`.`user`(`id`,`name`, `nickname`, `role`,`active`,`email`, `lang`, `image`, `password`) INSERT INTO `account`.`user`(`id`,`name`, `nickname`, `role`,`active`,`email`, `lang`, `image`, `password`)
SELECT id, name, CONCAT(name, 'Nick'), id, 1, CONCAT(name, '@mydomain.com'), 'en', '4fa3ada0-3ac4-11eb-9ab8-27f6fc3b85fd', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2' SELECT id, LOWER(name), CONCAT(name, 'Nick'), id, 1, CONCAT(name, '@mydomain.com'), 'en', '4fa3ada0-3ac4-11eb-9ab8-27f6fc3b85fd', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2'
FROM `account`.`role` FROM `account`.`role`
ORDER BY id; ORDER BY id;
@ -118,18 +118,18 @@ INSERT INTO `hedera`.`tpvConfig`(`id`, `currency`, `terminal`, `transactionType`
INSERT INTO `account`.`user`(`id`,`name`,`nickname`, `password`,`role`,`active`,`email`,`lang`, `image`) INSERT INTO `account`.`user`(`id`,`name`,`nickname`, `password`,`role`,`active`,`email`,`lang`, `image`)
VALUES VALUES
(1101, 'BruceWayne', 'Bruce Wayne', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 2, 1, 'BruceWayne@mydomain.com', 'es', 'e7723f0b24ff05b32ed09d95196f2f29'), (1101, 'brucewayne', 'Bruce Wayne', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 2, 1, 'BruceWayne@mydomain.com', 'es', 'e7723f0b24ff05b32ed09d95196f2f29'),
(1102, 'PetterParker', 'Petter Parker', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 2, 1, 'PetterParker@mydomain.com', 'en', 'e7723f0b24ff05b32ed09d95196f2f29'), (1102, 'petterparker', 'Petter Parker', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 2, 1, 'PetterParker@mydomain.com', 'en', 'e7723f0b24ff05b32ed09d95196f2f29'),
(1103, 'ClarkKent', 'Clark Kent', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 2, 1, 'ClarkKent@mydomain.com', 'fr', 'e7723f0b24ff05b32ed09d95196f2f29'), (1103, 'clarkkent', 'Clark Kent', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 2, 1, 'ClarkKent@mydomain.com', 'fr', 'e7723f0b24ff05b32ed09d95196f2f29'),
(1104, 'TonyStark', 'Tony Stark', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 2, 1, 'TonyStark@mydomain.com', 'es', 'e7723f0b24ff05b32ed09d95196f2f29'), (1104, 'tonystark', 'Tony Stark', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 2, 1, 'TonyStark@mydomain.com', 'es', 'e7723f0b24ff05b32ed09d95196f2f29'),
(1105, 'MaxEisenhardt', 'Max Eisenhardt', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 2, 1, 'MaxEisenhardt@mydomain.com', 'pt', 'e7723f0b24ff05b32ed09d95196f2f29'), (1105, 'maxeisenhardt', 'Max Eisenhardt', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 2, 1, 'MaxEisenhardt@mydomain.com', 'pt', 'e7723f0b24ff05b32ed09d95196f2f29'),
(1106, 'DavidCharlesHaller', 'David Charles Haller', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 1, 1, 'DavidCharlesHaller@mydomain.com', 'en', 'e7723f0b24ff05b32ed09d95196f2f29'), (1106, 'davidcharleshaller', 'David Charles Haller', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 1, 1, 'DavidCharlesHaller@mydomain.com', 'en', 'e7723f0b24ff05b32ed09d95196f2f29'),
(1107, 'HankPym', 'Hank Pym', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 1, 1, 'HankPym@mydomain.com', 'en', 'e7723f0b24ff05b32ed09d95196f2f29'), (1107, 'hankpym', 'Hank Pym', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 1, 1, 'HankPym@mydomain.com', 'en', 'e7723f0b24ff05b32ed09d95196f2f29'),
(1108, 'CharlesXavier', 'Charles Xavier', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 1, 1, 'CharlesXavier@mydomain.com', 'en', 'e7723f0b24ff05b32ed09d95196f2f29'), (1108, 'charlesxavier', 'Charles Xavier', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 1, 1, 'CharlesXavier@mydomain.com', 'en', 'e7723f0b24ff05b32ed09d95196f2f29'),
(1109, 'BruceBanner', 'Bruce Banner', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 1, 1, 'BruceBanner@mydomain.com', 'en', 'e7723f0b24ff05b32ed09d95196f2f29'), (1109, 'brucebanner', 'Bruce Banner', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 1, 1, 'BruceBanner@mydomain.com', 'en', 'e7723f0b24ff05b32ed09d95196f2f29'),
(1110, 'JessicaJones', 'Jessica Jones', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 1, 1, 'JessicaJones@mydomain.com', 'en', NULL), (1110, 'jessicajones', 'Jessica Jones', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 1, 1, 'JessicaJones@mydomain.com', 'en', NULL),
(1111, 'Missing', 'Missing', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 2, 0, NULL, 'en', NULL), (1111, 'missing', 'Missing', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 2, 0, NULL, 'en', NULL),
(1112, 'Trash', 'Trash', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 2, 0, NULL, 'en', NULL); (1112, 'trash', 'Trash', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 2, 0, NULL, 'en', NULL);
UPDATE account.`user` UPDATE account.`user`
SET passExpired = DATE_SUB(util.VN_CURDATE(), INTERVAL 1 YEAR) SET passExpired = DATE_SUB(util.VN_CURDATE(), INTERVAL 1 YEAR)

View File

@ -7,7 +7,7 @@ BEGIN
* The user name must only contain lowercase letters or, starting with second * The user name must only contain lowercase letters or, starting with second
* character, numbers or underscores. * character, numbers or underscores.
*/ */
IF vUserName NOT REGEXP '^[a-z0-9_-]*$' THEN IF vUserName NOT REGEXP BINARY '^[a-z0-9_-]+$' THEN
SIGNAL SQLSTATE '45000' SIGNAL SQLSTATE '45000'
SET MESSAGE_TEXT = 'INVALID_USER_NAME'; SET MESSAGE_TEXT = 'INVALID_USER_NAME';
END IF; END IF;

View File

@ -0,0 +1,9 @@
UPDATE account.user
SET name = LOWER(name),
name = REPLACE(name, ' ', ''),
name = REPLACE(name, '.', ''),
name = REPLACE(name, 'ñ', 'n'),
name = REPLACE(name, '*', ''),
name = REPLACE(name, 'ç', 'z'),
name = REPLACE(name, 'ã', 'a')
WHERE NOT active;

View File

@ -32,7 +32,7 @@ describe('Client create path', () => {
await page.autocompleteSearch(selectors.createClientView.salesPerson, 'salesPerson'); await page.autocompleteSearch(selectors.createClientView.salesPerson, 'salesPerson');
await page.autocompleteSearch(selectors.createClientView.businessType, 'florist'); await page.autocompleteSearch(selectors.createClientView.businessType, 'florist');
await page.write(selectors.createClientView.taxNumber, '74451390E'); await page.write(selectors.createClientView.taxNumber, '74451390E');
await page.write(selectors.createClientView.userName, 'CaptainMarvel'); await page.write(selectors.createClientView.userName, 'captainmarvel');
await page.write(selectors.createClientView.email, 'CarolDanvers@verdnatura.es'); await page.write(selectors.createClientView.email, 'CarolDanvers@verdnatura.es');
await page.waitToClick(selectors.createClientView.createButton); await page.waitToClick(selectors.createClientView.createButton);
const message = await page.waitForSnackbar(); const message = await page.waitForSnackbar();

View File

@ -29,7 +29,7 @@ describe('Client web access path', () => {
await page.click($.enableWebAccess); await page.click($.enableWebAccess);
await page.click($.saveButton); await page.click($.saveButton);
const enableMessage = await page.waitForSnackbar(); const enableMessage = await page.waitForSnackbar();
await page.overwrite($.userName, 'Legion'); await page.overwrite($.userName, 'legion');
await page.overwrite($.email, 'legion@marvel.com'); await page.overwrite($.email, 'legion@marvel.com');
await page.click($.saveButton); await page.click($.saveButton);
const modifyMessage = await page.waitForSnackbar(); const modifyMessage = await page.waitForSnackbar();
@ -47,7 +47,7 @@ describe('Client web access path', () => {
expect(modifyMessage.type).toBe('success'); expect(modifyMessage.type).toBe('success');
expect(hasAccess).toBe('unchecked'); expect(hasAccess).toBe('unchecked');
expect(userName).toEqual('Legion'); expect(userName).toEqual('legion');
expect(email).toEqual('legion@marvel.com'); expect(email).toEqual('legion@marvel.com');
// expect(logName).toEqual('Legion'); // expect(logName).toEqual('Legion');

View File

@ -34,6 +34,6 @@ describe('Client Add credit path', () => {
const result = await page.waitToGetProperty(selectors.clientCredit.firstCreditText, 'innerText'); const result = await page.waitToGetProperty(selectors.clientCredit.firstCreditText, 'innerText');
expect(result).toContain(999); expect(result).toContain(999);
expect(result).toContain('salesAssistant'); expect(result).toContain('salesassistant');
}); });
}); });

View File

@ -61,7 +61,7 @@ describe('Client summary path', () => {
it('should display web access details', async() => { it('should display web access details', async() => {
const result = await page.waitToGetProperty(selectors.clientSummary.userName, 'innerText'); const result = await page.waitToGetProperty(selectors.clientSummary.userName, 'innerText');
expect(result).toContain('PetterParker'); expect(result).toContain('petterparker');
}); });
it('should display business data', async() => { it('should display business data', async() => {

View File

@ -59,7 +59,7 @@ describe('Ticket Create new tracking state path', () => {
const result = await page const result = await page
.waitToGetProperty(selectors.createStateView.worker, 'value'); .waitToGetProperty(selectors.createStateView.worker, 'value');
expect(result).toEqual('salesPerson'); expect(result).toEqual('salesperson');
}); });
it(`should succesfully create a valid state`, async() => { it(`should succesfully create a valid state`, async() => {

View File

@ -21,7 +21,7 @@ describe('Account create and basic data path', () => {
}); });
it('should fill the form and then save it by clicking the create button', async() => { it('should fill the form and then save it by clicking the create button', async() => {
await page.write(selectors.accountIndex.newName, 'Remy'); await page.write(selectors.accountIndex.newName, 'remy');
await page.write(selectors.accountIndex.newNickname, 'Gambit'); await page.write(selectors.accountIndex.newNickname, 'Gambit');
await page.write(selectors.accountIndex.newEmail, 'RemyEtienneLeBeau@verdnatura.es'); await page.write(selectors.accountIndex.newEmail, 'RemyEtienneLeBeau@verdnatura.es');
await page.autocompleteSearch(selectors.accountIndex.newRole, 'Trainee'); await page.autocompleteSearch(selectors.accountIndex.newRole, 'Trainee');
@ -39,7 +39,7 @@ describe('Account create and basic data path', () => {
it('should check the name is as expected', async() => { it('should check the name is as expected', async() => {
const result = await page.waitToGetProperty(selectors.accountBasicData.name, 'value'); const result = await page.waitToGetProperty(selectors.accountBasicData.name, 'value');
expect(result).toEqual('Remy'); expect(result).toEqual('remy');
}); });
it('should check the nickname is as expected', async() => { it('should check the nickname is as expected', async() => {

View File

@ -3,8 +3,8 @@ const LoopBackContext = require('loopback-context');
describe('Client Create', () => { describe('Client Create', () => {
const newAccount = { const newAccount = {
userName: 'Deadpool', userName: 'deadpool',
email: 'Deadpool@marvel.com', email: 'deadpool@marvel.com',
fi: '16195279J', fi: '16195279J',
name: 'Wade', name: 'Wade',
socialName: 'DEADPOOL MARVEL', socialName: 'DEADPOOL MARVEL',
@ -31,7 +31,7 @@ describe('Client Create', () => {
}); });
}); });
it(`should not find Deadpool as he's not created yet`, async() => { it(`should not find deadpool as he's not created yet`, async() => {
const tx = await models.Client.beginTransaction({}); const tx = await models.Client.beginTransaction({});
try { try {

View File

@ -31,8 +31,8 @@ describe('Client Model', () => {
await models.Client.notifyAssignment(instance, previousWorkerId, currentWorkerId); await models.Client.notifyAssignment(instance, previousWorkerId, currentWorkerId);
expect(chatModel.send).toHaveBeenCalledWith(ctx, '@DavidCharlesHaller', `Client assignment has changed`); expect(chatModel.send).toHaveBeenCalledWith(ctx, '@davidcharleshaller', `Client assignment has changed`);
expect(chatModel.send).toHaveBeenCalledWith(ctx, '@HankPym', `Client assignment has changed`); expect(chatModel.send).toHaveBeenCalledWith(ctx, '@hankpym', `Client assignment has changed`);
}); });
it('should call to the Chat send() method for the previous worker', async() => { it('should call to the Chat send() method for the previous worker', async() => {
@ -40,7 +40,7 @@ describe('Client Model', () => {
await models.Client.notifyAssignment(instance, null, currentWorkerId); await models.Client.notifyAssignment(instance, null, currentWorkerId);
expect(chatModel.send).toHaveBeenCalledWith(ctx, '@HankPym', `Client assignment has changed`); expect(chatModel.send).toHaveBeenCalledWith(ctx, '@hankpym', `Client assignment has changed`);
}); });
it('should call to the Chat send() method for the current worker', async() => { it('should call to the Chat send() method for the current worker', async() => {
@ -48,7 +48,7 @@ describe('Client Model', () => {
await models.Client.notifyAssignment(instance, previousWorkerId, null); await models.Client.notifyAssignment(instance, previousWorkerId, null);
expect(chatModel.send).toHaveBeenCalledWith(ctx, '@DavidCharlesHaller', `Client assignment has changed`); expect(chatModel.send).toHaveBeenCalledWith(ctx, '@davidcharleshaller', `Client assignment has changed`);
}); });
}); });

View File

@ -6,7 +6,7 @@ describe('Worker activeWithInheritedRole', () => {
allRolesCount = await app.models.VnRole.count(); allRolesCount = await app.models.VnRole.count();
}); });
it('should return the workers with an inherited role of salesPerson', async() => { it('should return the workers with an inherited role of salesperson', async() => {
const filter = {where: {role: 'salesPerson'}}; const filter = {where: {role: 'salesPerson'}};
const result = await app.models.Worker.activeWithInheritedRole(filter); const result = await app.models.Worker.activeWithInheritedRole(filter);

View File

@ -20,7 +20,7 @@ describe('Worker new', () => {
const employeeId = 1; const employeeId = 1;
const defaultWorker = { const defaultWorker = {
fi: '78457139E', fi: '78457139E',
name: 'DEFAULTERWORKER', name: 'defaulterworker',
firstName: 'DEFAULT', firstName: 'DEFAULT',
lastNames: 'WORKER', lastNames: 'WORKER',
email: 'defaultWorker@mydomain.com', email: 'defaultWorker@mydomain.com',