summaryrefslogtreecommitdiff
path: root/lib/Travelynx/Controller
diff options
context:
space:
mode:
authorDaniel Friesel <derf@finalrewind.org>2021-06-13 08:48:08 +0200
committerDaniel Friesel <derf@finalrewind.org>2021-06-13 08:48:08 +0200
commit1803a1723c2952723a4ec9ad67e3cd1184fcf137 (patch)
tree5d0db56f3221d04359ff57468ff1f50a0bb513cd /lib/Travelynx/Controller
parentbccdefbb7d3b2a92df919cea75d102f95cadf188 (diff)
move user name validation to Users model
Diffstat (limited to 'lib/Travelynx/Controller')
-rw-r--r--lib/Travelynx/Controller/Account.pm37
1 files changed, 8 insertions, 29 deletions
diff --git a/lib/Travelynx/Controller/Account.pm b/lib/Travelynx/Controller/Account.pm
index 31ba434..9c161e0 100644
--- a/lib/Travelynx/Controller/Account.pm
+++ b/lib/Travelynx/Controller/Account.pm
@@ -85,8 +85,8 @@ sub register {
return;
}
- if ( not length($user) ) {
- $self->render( 'register', invalid => 'user_empty' );
+ if ( my $error = $self->users->is_name_invalid( name => $user ) ) {
+ $self->render( 'register', invalid => $error );
return;
}
@@ -95,16 +95,6 @@ sub register {
return;
}
- if ( $user !~ m{ ^ [0-9a-zA-Z_-]+ $ }x ) {
- $self->render( 'register', invalid => 'user_format' );
- return;
- }
-
- if ( $self->users->user_name_exists( name => $user ) ) {
- $self->render( 'register', invalid => 'user_collision' );
- return;
- }
-
if ( $self->users->mail_is_blacklisted( email => $email ) ) {
$self->render( 'register', invalid => 'mail_blacklisted' );
return;
@@ -485,13 +475,8 @@ sub change_name {
return;
}
- if ( not length($new_name) ) {
- $self->render( 'change_name', invalid => 'user_empty' );
- return;
- }
-
- if ( $new_name !~ m{ ^ [0-9a-zA-Z_-]+ $ }x ) {
- $self->render( 'change_name', invalid => 'user_format' );
+ if ( my $error = $self->users->is_name_invalid( name => $new_name ) ) {
+ $self->render( 'change_name', invalid => $error );
return;
}
@@ -500,16 +485,10 @@ sub change_name {
return;
}
- # This call is technically superfluous. The users table has a unique
- # constraint on the "name" column, so having two users with the same name
- # is not possible. However, to minimize the number of failed SQL
- # queries, we first do a select check here and only attempt an update
- # if it succeeded.
- if ( $self->users->user_name_exists( name => $new_name ) ) {
- $self->render( 'change_name', invalid => 'user_collision' );
- return;
- }
-
+ # The users table has a unique constraint on the "name" column, so having
+ # two users with the same name is not possible. The race condition
+ # between the user_name_exists check in is_name_invalid and this
+ # change_name call is harmless.
my $success = $self->users->change_name(
uid => $self->current_user->{id},
name => $new_name