Merge pull request #56222 from nextcloud/artonge/feat/sanitize_groupname

feat(group): Sanitize group names and ids on creation

Author: artonge

lib/private/Group/Database.php

@@ -67,6 +67,7 @@ private function fixDI() {
 	public function createGroup(string $name): ?string {
 		$this->fixDI();
 
+		$name = $this->sanitizeGroupName($name);
 		$gid = $this->computeGid($name);
 		try {
 			// Add group
@@ -586,12 +587,21 @@ public function getBackendName(): string {
 		return 'Database';
 	}
 
+	/**
+	 * Merge any white spaces to a single space in group name, then trim it.
+	 */
+	private function sanitizeGroupName(string $displayName): string {
+		$cleanedDisplayName = preg_replace('/\s+/', ' ', $displayName);
+		return trim($cleanedDisplayName);
+	}
+
 	/**
 	 * Compute group ID from display name (GIDs are limited to 64 characters in database)
 	 */
 	private function computeGid(string $displayName): string {
-		return mb_strlen($displayName) > 64
-			? hash('sha256', $displayName)
-			: $displayName;
+		$displayNameWithoutWhitespace = preg_replace('/\s+/', '_', $displayName);
+		return mb_strlen($displayNameWithoutWhitespace) > 64
+			? hash('sha256', $displayNameWithoutWhitespace)
+			: $displayNameWithoutWhitespace;
 	}
 }

tests/lib/Group/DatabaseTest.php

@@ -57,4 +57,17 @@ public function testAddLongGroupName(): void {
 		$group = $this->backend->getGroupDetails($gidCreated);
 		$this->assertEquals(['displayName' => $groupName], $group);
 	}
+
+	public function testWhiteSpaceInGroupName(): void {
+		$randomId = $this->getUniqueID('test_', 10);
+		$groupName = " 	group  name	with  	weird spaces \n" . $randomId;
+		$expectedGroupName = 'group name with weird spaces ' . $randomId;
+		$expectedGroupId = 'group_name_with_weird_spaces_' . $randomId;
+
+		$gidCreated = $this->backend->createGroup($groupName);
+		$this->assertEquals($expectedGroupId, $gidCreated);
+
+		$group = $this->backend->getGroupDetails($gidCreated);
+		$this->assertEquals(['displayName' => $expectedGroupName], $group);
+	}
 }