feat: polite username rule (#53)

Highjhacker · web-flow · commit 591bbda4f997 · 2021-02-04T11:22:54.000+01:00
diff --git a/composer.json b/composer.json
@@ -19,7 +19,8 @@
         "arkecosystem/ui": "^2.0",
         "spatie/laravel-personal-data-export": "^2.0",
         "spatie/laravel-medialibrary": "^9.4",
-        "konceiver/laravel-data-bags": "^1.1"
+        "konceiver/laravel-data-bags": "^1.1",
+        "snipe/banbuilder": "^2.3"
     },
     "autoload": {
         "psr-4": {
diff --git a/composer.lock b/composer.lock
diff --git a/config/profanities.php b/config/profanities.php
@@ -0,0 +1,12 @@
+<?php
+
+declare(strict_types=1);
+
+return [
+
+    'cunt',
+    'shit',
+    'fag',
+    'penis',
+
+];
diff --git a/resources/lang/en/validation.php b/resources/lang/en/validation.php
@@ -8,5 +8,6 @@
 
     'messages' => [
         'one_time_password' => 'We were not able to enable two-factor authentication with this one-time password.',
+        'polite_username'   => 'The given username contains words with profanities.',
     ],
 ];
diff --git a/src/Actions/CreateNewUser.php b/src/Actions/CreateNewUser.php
@@ -5,6 +5,7 @@
 namespace ARKEcosystem\Fortify\Actions;
 
 use ARKEcosystem\Fortify\Models;
+use ARKEcosystem\Fortify\Rules\PoliteUsername;
 use Illuminate\Support\Facades\Config;
 use Illuminate\Support\Facades\DB;
 use Illuminate\Support\Facades\Hash;
@@ -51,15 +52,15 @@ public function create(array $input)
     private function buildValidator(array $input): ValidationValidator
     {
         $rules = [
-            'name'              => ['required', 'string', 'max:255'],
+            'name'              => ['required', 'string', 'max:255', resolve(PoliteUsername::class)],
             Fortify::username() => $this->usernameRules(),
             'password'          => $this->passwordRules(),
             'terms'             => ['required', 'accepted'],
             'invitation'        => ['sometimes', 'required', 'string'],
         ];
 
         if ($usernameAlt = Config::get('fortify.username_alt')) {
-            $rules[$usernameAlt] = ['required', 'string', 'max:255', 'unique:users'];
+            $rules[$usernameAlt] = ['required', 'string', 'max:255', 'unique:users', resolve(PoliteUsername::class)];
         }
 
         return Validator::make($input, $rules);
@@ -82,7 +83,7 @@ private function getUserData(array $input): array
 
     private function usernameRules(): array
     {
-        $rules = ['required', 'string', 'max:255', 'unique:users'];
+        $rules = ['required', 'string', 'max:255', 'unique:users', resolve(PoliteUsername::class)];
 
         if (Fortify::username() === 'email') {
             $rules[] = 'email';
diff --git a/src/Actions/UpdateUserProfileInformation.php b/src/Actions/UpdateUserProfileInformation.php
@@ -4,6 +4,7 @@
 
 namespace ARKEcosystem\Fortify\Actions;
 
+use ARKEcosystem\Fortify\Rules\PoliteUsername;
 use Illuminate\Contracts\Auth\MustVerifyEmail;
 use Illuminate\Support\Facades\Validator;
 use Illuminate\Validation\Rule;
@@ -22,7 +23,7 @@ class UpdateUserProfileInformation implements UpdatesUserProfileInformation
     public function update($user, array $input)
     {
         Validator::make($input, [
-            'name'  => ['required', 'string', 'max:255'],
+            'name'  => ['required', 'string', 'max:255', resolve(PoliteUsername::class)],
             'email' => ['required', 'email', 'max:255', Rule::unique('users')->ignore($user->id)],
         ])->validateWithBag('updateProfileInformation');
 
diff --git a/src/FortifyServiceProvider.php b/src/FortifyServiceProvider.php
@@ -87,6 +87,11 @@ public function registerPublishers(): void
             __DIR__.'/../config/fortify.php' => config_path('fortify.php'),
         ], 'config');
 
+        $this->mergeConfigFrom(
+            __DIR__.'/../config/profanities.php',
+            'profanities'
+        );
+
         $this->publishes([
             __DIR__.'/../resources/views/auth'          => resource_path('views/auth'),
             __DIR__.'/../resources/views/components'    => resource_path('views/components'),
diff --git a/src/Rules/PoliteUsername.php b/src/Rules/PoliteUsername.php
@@ -0,0 +1,26 @@
+<?php
+
+declare(strict_types=1);
+
+namespace ARKEcosystem\Fortify\Rules;
+
+use Illuminate\Contracts\Validation\Rule;
+use Snipe\BanBuilder\CensorWords;
+
+final class PoliteUsername implements Rule
+{
+    public function __construct(public CensorWords $censor)
+    {
+        $this->censor->badwords = config('profanities');
+    }
+
+    public function passes($attribute, $value)
+    {
+        return count($this->censor->censorString($value)['matched']) === 0;
+    }
+
+    public function message()
+    {
+        return trans('fortify::validation.messages.polite_username');
+    }
+}
diff --git a/tests/Actions/CreateNewUserTest.php b/tests/Actions/CreateNewUserTest.php
@@ -217,3 +217,16 @@
 
     $this->assertNull($user->email_verified_at);
 });
+
+it('should require to not have any profanity in the name', function () {
+    Config::set('fortify.models.user', \ARKEcosystem\Fortify\Models\User::class);
+
+    expectValidationError(fn () => (new CreateNewUser())->create([
+        'name'                  => 'John Penis',
+        'username'              => 'alfonsobries',
+        'email'                 => 'john@doe.com',
+        'password'              => 'sec$r2t12345',
+        'password_confirmation' => 'sec$r2t12345',
+        'terms'                 => true,
+    ]), 'name', trans('fortify::validation.messages.polite_username'));
+});
diff --git a/tests/Actions/UpdateUserProfileInformationTest.php b/tests/Actions/UpdateUserProfileInformationTest.php
@@ -85,3 +85,12 @@
         'email' => str_repeat('#', 256),
     ]), 'email', 'The email must be a valid email address.');
 });
+
+it('should not update the profile information if the name of the user contain profanity', function () {
+    $user = createUserModel();
+
+    expectValidationError(fn () => resolve(UpdateUserProfileInformation::class)->update($user, [
+        'name'  => 'Penis Doe',
+        'email' => 'jane@doe.com',
+    ]), 'name', trans('fortify::validation.messages.polite_username'));
+});
diff --git a/tests/Rules/PoliteUsernameTest.php b/tests/Rules/PoliteUsernameTest.php
@@ -0,0 +1,34 @@
+<?php
+
+declare(strict_types=1);
+
+use ARKEcosystem\Fortify\Rules\PoliteUsername;
+use Snipe\BanBuilder\CensorWords;
+
+it('can pass validation', function () {
+    $subject = new PoliteUsername(new CensorWords());
+
+    expect($subject->passes('name', 'foo'))->toBeTrue();
+});
+
+it('can fail validation', function () {
+    $subject = new PoliteUsername(new CensorWords());
+
+    expect($subject->passes('name', 'penis'))->toBeFalse();
+    expect($subject->passes('name', 'pEniS'))->toBeFalse();
+    expect($subject->passes('name', 'p3n1S'))->toBeFalse();
+});
+
+it('shows the correct validation message', function () {
+    $subject = new PoliteUsername(new CensorWords());
+
+    expect($subject->message())->toBe(trans('fortify::validation.messages.polite_username'));
+});
+
+it('should use a default profanities list', function () {
+    $subject = new PoliteUsername(new CensorWords());
+    $defaultConfig = config('profanities');
+
+    expect($subject->censor->badwords)->toBeArray();
+    expect($subject->censor->badwords)->toBe($defaultConfig);
+});
