Account for pathologically named external users

LDAP and the like usernames are not checked in the same way that users who signup are. Therefore just ensure that user names are also git safe and if totally pathological - Set them to "user-$UID" Signed-off-by: Andrew Thornton <[email protected]>
go-gitea · Jan 20, 2019 · 67fcd64 · 67fcd64
1 parent 8f0a35f
commit 67fcd64
Showing 1 changed file with 13 additions and 2 deletions.
diff --git a/models/user.go b/models/user.go
@@ -636,13 +636,24 @@ func (u *User) DisplayName() string {
 	return u.Name
 }
 
+func gitSafeName(name string) string {
+	return strings.TrimSpace(strings.NewReplacer("\n", "", "<", "", ">", "").Replace(name))
+}
+
 // GitName returns a git safe name
 func (u *User) GitName() string {
-	gitName := strings.TrimSpace(strings.NewReplacer("\n", "", "<", "", ">", "").Replace(u.FullName))
+	gitName := gitSafeName(u.FullName)
 	if len(gitName) > 0 {
 		return gitName
 	}
-	return u.Name
+	// Although u.Name should be safe if created in our system
+	// LDAP users may have bad names
+	gitName = gitSafeName(u.Name)
+	if len(gitName) > 0 {
+		return gitName
+	}
+	// Totally pathological name so it's got to be:
+	return fmt.Sprintf("user-%d", u.ID)
 }
 
 // ShortName ellipses username to length