custom_user: forbid special characters in names (#51194)
This commit is contained in:
parent
926aad5f72
commit
8df0d97988
|
@ -18,6 +18,7 @@ import re
|
|||
|
||||
from django.contrib.auth import get_user_model
|
||||
from django.core.exceptions import ValidationError
|
||||
from django.core.validators import RegexValidator
|
||||
from django.utils.translation import ugettext_lazy as _, ugettext
|
||||
|
||||
from django.contrib.auth.models import BaseUserManager, Group
|
||||
|
@ -61,10 +62,24 @@ class RegistrationForm(HoneypotForm):
|
|||
return email
|
||||
|
||||
|
||||
validate_name = RegexValidator(
|
||||
r'[0-9_!¡?÷?¿/\\+=@#$%ˆ&*(){}|~<>;:[\]]',
|
||||
message=_('Special caracters are not allowed.'),
|
||||
inverse_match=True,
|
||||
)
|
||||
|
||||
|
||||
class RegistrationCompletionFormNoPassword(profile_forms.BaseUserForm):
|
||||
error_css_class = 'form-field-error'
|
||||
required_css_class = 'form-field-required'
|
||||
|
||||
def __init__(self, *args, **kwargs):
|
||||
super().__init__(*args, **kwargs)
|
||||
if 'first_name' in self.fields:
|
||||
self.fields['first_name'].validators.append(validate_name)
|
||||
if 'last_name' in self.fields:
|
||||
self.fields['last_name'].validators.append(validate_name)
|
||||
|
||||
def clean_username(self):
|
||||
if self.cleaned_data.get('username'):
|
||||
username = self.cleaned_data['username']
|
||||
|
|
|
@ -835,3 +835,32 @@ def test_honeypot(app, db, settings, mailoutbox):
|
|||
response = response.follow()
|
||||
assert len(mailoutbox) == 0
|
||||
assert 'Your registration request has been refused' in response
|
||||
|
||||
|
||||
def test_registration_name_validation(app, db, mailoutbox):
|
||||
resp = app.get(reverse('registration_register'))
|
||||
resp.form.set('email', 'testbot@entrouvert.com')
|
||||
resp = resp.form.submit().follow()
|
||||
link = get_link_from_mail(mailoutbox[0])
|
||||
resp = app.get(link)
|
||||
|
||||
resp.form.set('password1', 'T0==toto')
|
||||
resp.form.set('password2', 'T0==toto')
|
||||
resp.form.set('first_name', '01/01/1871')
|
||||
resp.form.set('last_name', 'Doe')
|
||||
resp = resp.form.submit()
|
||||
assert 'Special caracters are not allowed' in resp.text
|
||||
|
||||
resp.form.set('password1', 'T0==toto')
|
||||
resp.form.set('password2', 'T0==toto')
|
||||
resp.form.set('first_name', 'John')
|
||||
resp.form.set('last_name', 'a(a')
|
||||
resp = resp.form.submit()
|
||||
assert 'Special caracters are not allowed' in resp.text
|
||||
|
||||
resp.form.set('password1', 'T0==toto')
|
||||
resp.form.set('password2', 'T0==toto')
|
||||
resp.form.set('first_name', 'Léo')
|
||||
resp.form.set('last_name', 'D\'Équerre')
|
||||
resp = resp.form.submit().follow()
|
||||
assert 'You have just created an account' in resp.text
|
||||
|
|
Loading…
Reference in New Issue