Enforce username format for remote users, too (#8102)

Initially I thought there might be valid reasons for remote users to have a different, unpredicted username format. However, I now realize such a difference would be unusable and unexpected within Mastodon. Fix #8058
2018-07-30 22:29:52 +02:00
parent d425d30804
commit e7e577dd6e
2 changed files with 3 additions and 2 deletions
--- a/app/models/account.rb
+++ b/app/models/account.rb
@ -68,6 +68,7 @@ class Account < ApplicationRecord

  # Remote user validations
  validates :username, uniqueness: { scope: :domain, case_sensitive: true }, if: -> { !local? && will_save_change_to_username? }
+  validates :username, format: { with: /\A#{USERNAME_RE}\z/i }, if: -> { !local? && will_save_change_to_username? }

  # Local user validations
  validates :username, format: { with: /\A[a-z0-9_]+\z/i }, length: { maximum: 30 }, if: -> { local? && will_save_change_to_username? }