Additional cleanup for external usernames on oAuth and LDAP sign up
Currently if a user joins a GitLab instance via oAuth, LDAP, or SCIM and their username begins with multiple `--` characters, these characters are removed to ensure a valid username can be created for the new user. Illegal characters such as `*&^()` are removed, and illegal extensions such as `.git` and `.atom` are also removed. This change extends the behavior to include all leading legal characters: `-` , `_` and `.` . It also trims from the end of the potential username, and removes consecutive legal characters so the resulting username will pass the check for `Gitlab::Regex.oci_repository_path_regex` . Changelog: changed
显示
- config/feature_flags/gitlab_com_derisk/extra_slug_path_sanitization.yml 9 个添加, 0 个删除..._flags/gitlab_com_derisk/extra_slug_path_sanitization.yml
- ee/lib/ee/gitlab/scim/base_provisioning_service.rb 6 个添加, 3 个删除ee/lib/ee/gitlab/scim/base_provisioning_service.rb
- ee/spec/lib/ee/gitlab/scim/group/provisioning_service_spec.rb 30 个添加, 0 个删除...pec/lib/ee/gitlab/scim/group/provisioning_service_spec.rb
- ee/spec/lib/ee/gitlab/scim/provisioning_service_spec.rb 30 个添加, 0 个删除ee/spec/lib/ee/gitlab/scim/provisioning_service_spec.rb
- lib/gitlab/auth/external_username_sanitizer.rb 27 个添加, 0 个删除lib/gitlab/auth/external_username_sanitizer.rb
- lib/gitlab/auth/o_auth/user.rb 10 个添加, 2 个删除lib/gitlab/auth/o_auth/user.rb
- spec/lib/gitlab/auth/external_username_sanitizer_spec.rb 29 个添加, 0 个删除spec/lib/gitlab/auth/external_username_sanitizer_spec.rb
- spec/lib/gitlab/auth/o_auth/user_spec.rb 25 个添加, 0 个删除spec/lib/gitlab/auth/o_auth/user_spec.rb
加载中
想要评论请 注册 或 登录