From 75db45671d432a0d81805ad50c6cc9f8f7eff7a7 Mon Sep 17 00:00:00 2001
From: Azul <azul@leap.se>
Date: Wed, 21 Aug 2013 09:49:26 +0200
Subject: use the same login validations on sessions and users

The session ones were outdated so valid usernames could not login if they contained a '.'

Refactored so both models use the same module for this validation to ensure consistency.
---
 users/app/models/login_format_validation.rb | 19 +++++++++++++++++++
 users/app/models/session.rb                 |  6 ++----
 users/app/models/user.rb                    | 15 +--------------
 3 files changed, 22 insertions(+), 18 deletions(-)
 create mode 100644 users/app/models/login_format_validation.rb

(limited to 'users/app/models')

diff --git a/users/app/models/login_format_validation.rb b/users/app/models/login_format_validation.rb
new file mode 100644
index 0000000..1d02bd1
--- /dev/null
+++ b/users/app/models/login_format_validation.rb
@@ -0,0 +1,19 @@
+module LoginFormatValidation
+  extend ActiveSupport::Concern
+
+  included do
+    # Have multiple regular expression validations so we can get specific error messages:
+    validates :login,
+      :format => { :with => /\A.{2,}\z/,
+        :message => "Login must have at least two characters"}
+    validates :login,
+      :format => { :with => /\A[a-z\d_\.-]+\z/,
+        :message => "Only lowercase letters, digits, . - and _ allowed."}
+    validates :login,
+      :format => { :with => /\A[a-z].*\z/,
+        :message => "Login must begin with a lowercase letter"}
+    validates :login,
+      :format => { :with => /\A.*[a-z\d]\z/,
+        :message => "Login must end with a letter or digit"}
+  end
+end
diff --git a/users/app/models/session.rb b/users/app/models/session.rb
index a9fdb1b..0d7e10e 100644
--- a/users/app/models/session.rb
+++ b/users/app/models/session.rb
@@ -1,12 +1,10 @@
 class Session < SRP::Session
   include ActiveModel::Validations
+  include LoginFormatValidation
 
   attr_accessor :login
 
-  validates :login,
-    :presence => true,
-    :format => { :with => /\A[A-Za-z\d_]+\z/,
-      :message => "Only letters, digits and _ allowed" }
+  validates :login, :presence => true
 
   def initialize(user = nil, aa = nil)
     super(user, aa) if user
diff --git a/users/app/models/user.rb b/users/app/models/user.rb
index 0a89f7c..c1988f3 100644
--- a/users/app/models/user.rb
+++ b/users/app/models/user.rb
@@ -1,4 +1,5 @@
 class User < CouchRest::Model::Base
+  include LoginFormatValidation
 
   use_database :users
 
@@ -15,20 +16,6 @@ class User < CouchRest::Model::Base
     :uniqueness => true,
     :if => :serverside?
 
-  # Have multiple regular expression validations so we can get specific error messages:
-  validates :login,
-    :format => { :with => /\A.{2,}\z/,
-      :message => "Login must have at least two characters"}
-  validates :login,
-    :format => { :with => /\A[a-z\d_\.-]+\z/,
-      :message => "Only lowercase letters, digits, . - and _ allowed."}
-  validates :login,
-    :format => { :with => /\A[a-z].*\z/,
-      :message => "Login must begin with a lowercase letter"}
-  validates :login,
-    :format => { :with => /\A.*[a-z\d]\z/,
-      :message => "Login must end with a letter or digit"}
-
   validate :login_is_unique_alias
 
   validates :password_salt, :password_verifier,
-- 
cgit v1.2.3