details: http://www.bx.psu.edu/hg/galaxy/rev/44fff02fb036 changeset: 3328:44fff02fb036 user: jeremy goecks <jeremy.goecks@emory.edu> date: Thu Feb 04 10:44:36 2010 -0500 description: Add error checking for public username. Username must have between 3 and 255 characters and be unique. diffstat: lib/galaxy/web/controllers/user.py | 23 +++++++++++++++++++++-- 1 files changed, 21 insertions(+), 2 deletions(-) diffs (47 lines): diff -r 8570bf26275d -r 44fff02fb036 lib/galaxy/web/controllers/user.py --- a/lib/galaxy/web/controllers/user.py Thu Feb 04 10:11:50 2010 -0500 +++ b/lib/galaxy/web/controllers/user.py Thu Feb 04 10:44:36 2010 -0500 @@ -327,6 +327,19 @@ elif trans.sa_session.query( trans.app.model.User ).filter_by(email=email).all(): error = "User with that email already exists" return error + def __validate_username(self, trans, params, username, user=None): + error = None + if user: + if user.username == username: + return None + if len( username ) < 3: + error = "Username must be at least 3 characters long" + elif len( username ) > 255: + error = "Username cannot be more than 255 characters" + elif trans.sa_session.query( trans.app.model.User ).filter_by( username=username ).all(): + error = "User with that username already exists" + return error + def __validate_password(self, trans, params, password, confirm): error = None if len(password) < 6: @@ -482,8 +495,8 @@ # Editing login info (email & username) # if params.get('login_info_button', None) == 'Save': - email = util.restore_text( params.get('email', '') ) - username = util.restore_text( params.get('username', '') ) + email = util.restore_text( params.get('email', '') ).lower() + username = util.restore_text( params.get('username', '') ).lower() # validate the new values error = self.__validate_email(trans, params, email, user) if error: @@ -491,6 +504,12 @@ action='show_info', msg=error, messagetype='error') ) + error = self.__validate_username( trans, params, username, user ) + if error: + return trans.response.send_redirect( web.url_for( controller='user', + action='show_info', + msg=error, + messagetype='error') ) # the new email & username user.email = email user.username = username