Skip to content

Commit 9890117

Browse files
artongeartonge
committed
feat(group): Sanitize group names and ids on creation
It does not make sense to allow group name with weird white space sequence going forward. Same for group ids, in which we do not really want white space. Signed-off-by: Louis Chmn <[email protected]>
1 parent fafc07a commit 9890117

File tree

2 files changed

+26
-3
lines changed

2 files changed

+26
-3
lines changed

lib/private/Group/Database.php

Lines changed: 13 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -67,6 +67,7 @@ private function fixDI() {
6767
public function createGroup(string $name): ?string {
6868
$this->fixDI();
6969

70+
$name = $this->sanitizeGroupName($name);
7071
$gid = $this->computeGid($name);
7172
try {
7273
// Add group
@@ -586,12 +587,21 @@ public function getBackendName(): string {
586587
return 'Database';
587588
}
588589

590+
/**
591+
* Merge any white spaces to a single space in group name, then trim it.
592+
*/
593+
private function sanitizeGroupName(string $displayName): string {
594+
$cleanedDisplayName = preg_replace('/\s+/', ' ', $displayName);
595+
return trim($cleanedDisplayName);
596+
}
597+
589598
/**
590599
* Compute group ID from display name (GIDs are limited to 64 characters in database)
591600
*/
592601
private function computeGid(string $displayName): string {
593-
return mb_strlen($displayName) > 64
594-
? hash('sha256', $displayName)
595-
: $displayName;
602+
$displayNameWithoutWhitespace = preg_replace('/\s+/', '_', $displayName);
603+
return mb_strlen($displayNameWithoutWhitespace) > 64
604+
? hash('sha256', $displayNameWithoutWhitespace)
605+
: $displayNameWithoutWhitespace;
596606
}
597607
}

tests/lib/Group/DatabaseTest.php

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -57,4 +57,17 @@ public function testAddLongGroupName(): void {
5757
$group = $this->backend->getGroupDetails($gidCreated);
5858
$this->assertEquals(['displayName' => $groupName], $group);
5959
}
60+
61+
public function testWhiteSpaceInGroupName(): void {
62+
$randomId = $this->getUniqueID('test_', 10);
63+
$groupName = " group name with weird spaces \n" . $randomId;
64+
$expectedGroupName = 'group name with weird spaces ' . $randomId;
65+
$expectedGroupId = 'group_name_with_weird_spaces_' . $randomId;
66+
67+
$gidCreated = $this->backend->createGroup($groupName);
68+
$this->assertEquals($expectedGroupId, $gidCreated);
69+
70+
$group = $this->backend->getGroupDetails($gidCreated);
71+
$this->assertEquals(['displayName' => $expectedGroupName], $group);
72+
}
6073
}

0 commit comments

Comments
 (0)