profile: Allow dashes in display name.

Author: freezy

src/app/authentication/authentication.api.spec.js

@@ -474,7 +474,7 @@ describe('The authentication engine of the VPDB API', () => {
 				profile: {
 					provider: 'github',
 					id: '11234',
-					displayName: 'Motörhead Dude-23',
+					displayName: 'Motörhead-Dude&23',
 					username: 'motorhead',
 					profileUrl: 'https://github.com/mockuser',
 					emails: [
@@ -484,7 +484,7 @@ describe('The authentication engine of the VPDB API', () => {
 				}
 			}).then(res => api.retrieveUserProfile(res));
 			api.tearDownUser(profile.id);
-			expect(profile.name).to.be('Motorhead Dude23');
+			expect(profile.name).to.be('Motorhead-Dude23');
 		});
 
 		it('should match the same already registered Github user even though email and name are different', async () => {

src/app/authentication/authentication.api.ts

@@ -477,7 +477,7 @@ export class AuthenticationApi extends Api {
 			user.providers = user.providers || {};
 			user.providers[provider] = {
 				id: String(profile.id),
-				name: this.getNameFromProfile(profile),
+				name: UserUtil.getNameFromProfile(profile),
 				emails,
 				created_at: new Date(),
 				modified_at: new Date(),
@@ -492,7 +492,7 @@ export class AuthenticationApi extends Api {
 		} else {
 			user.providers[provider].id = String(profile.id);
 			user.providers[provider].emails = emails;
-			user.providers[provider].name = this.getNameFromProfile(profile);
+			user.providers[provider].name = UserUtil.getNameFromProfile(profile);
 			user.providers[provider].modified_at = new Date();
 			user.providers[provider].profile = profile._json;
 			await LogUserUtil.success(ctx, user, 'authenticate', { provider });
@@ -523,30 +523,16 @@ export class AuthenticationApi extends Api {
 	 */
 	private async createOAuthUser(ctx: Context, provider: string, profile: OAuthProfile, emails: string[]): Promise<UserDocument> {
 		// compute username
-		let name: string;
-		if (!profile.displayName && !profile.username) {
-			logger.warn(ctx.state, '[AuthenticationApi.createOAuthUser] Profile data does contain neither display name nor username: %s', JSON.stringify(profile));
-			name = profile.emails[0].value.substr(0, profile.emails[0].value.indexOf('@'));
-		} else {
-			name = profile.displayName || profile.username;
-		}
-		name = UserUtil.removeDiacritics(name).replace(/[^0-9a-z ]+/gi, '');
-
-		// check if username doesn't conflict
-		let newUser: UserDocument;
-		const dupeNameUser = await state.models.User.findOne({ name }).exec();
-		if (dupeNameUser) {
-			name += Math.floor(Math.random() * 1000);
-		}
+		const name = await UserUtil.makeValidName(UserUtil.getNameFromProfile(profile));
 		const now = new Date();
-		newUser = {
+		let newUser = {
 			is_local: false,
 			name,
 			email: emails[0],
 			providers: {
 				[provider]: {
 					id: String(profile.id),
-					name: this.getNameFromProfile(profile),
+					name: UserUtil.getNameFromProfile(profile),
 					emails,
 					created_at: now,
 					modified_at: now,
@@ -580,19 +566,6 @@ export class AuthenticationApi extends Api {
 
 		return newUser;
 	}
-
-	/**
-	 * Retrieves the username from the received OAuth profile. Falls back to
-	 * email prefix if none found.
-	 * @param profile
-	 * @return {string}
-	 */
-	private getNameFromProfile(profile: any) {
-		return profile.displayName
-			|| profile.username
-			|| (profile.name ? profile.name.givenName || profile.name.familyName : '')
-			|| profile.emails[0].value.substr(0, profile.emails[0].value.indexOf('@'));
-	}
 }
 
 /**

src/app/authentication/strategies/ips.strategy.ts

@@ -109,6 +109,7 @@ export class IpsStrategy extends Strategy {
 				break;
 			default: throw new ApiError('Unsupported IPS version %s', this.config.version);
 		}
+		logger.debug(ctx.state, '[IpsStrategy.getProfile] Retrieving profile at: %s (%s)', this.config.baseURL + path, JSON.stringify(postData));
 
 		// get access token
 		let res = await this.client.post(path, postData, config) as AxiosResponse;

src/app/authentication/strategies/strategy.ts

@@ -48,7 +48,7 @@ export abstract class Strategy extends AuthenticationApi {
 	/**
 	 * Where the redirection from the provider lands.
 	 *
-	 * @see GET /auth/:provider
+	 * @see GET /v1/authenticate/:provider
 	 * @param {Context} ctx Koa context coming from redirection, i.e. it should contain the access code or an error in the query.
 	 */
 	public async authenticateOAuth(ctx: Context): Promise<boolean> {

src/app/users/user.api.ts

@@ -432,29 +432,22 @@ export class UserApi extends Api {
 	}
 
 	private async createProviderUser(ctx: Context, provider: string): Promise<UserDocument> {
-		// check if username doesn't conflict
-		let newUser;
-		let name = UserUtil.removeDiacritics(ctx.request.body.username).replace(/[^0-9a-z ]+/gi, '');
-		const originalName = name;
-		const dupeNameUser = await state.models.User.findOne({ name }).exec();
-		if (dupeNameUser) {
-			name += Math.floor(Math.random() * 1000);
-		}
-		newUser = {
-			is_local: false,
+		const name = await UserUtil.makeValidName(ctx.request.body.username);
+		const newUser = {
 			name,
+			is_local: false,
 			email: ctx.request.body.email,
 			emails: [ctx.request.body.email],
 			providers: {
 				[provider]: {
 					id: String(ctx.request.body.provider_id),
-					name: originalName,
+					name: UserUtil.stripToValidName(ctx.request.body.username),
 					emails: [ctx.request.body.email],
 					created_at: new Date(),
 					profile: ctx.request.body.provider_profile,
 				},
 			},
-		};
-		return UserUtil.createUser(ctx, newUser as UserDocument, false);
+		} as UserDocument;
+		return UserUtil.createUser(ctx, newUser, false);
 	}
 }

src/app/users/user.schema.ts

@@ -30,6 +30,7 @@ import { config } from '../common/settings';
 import { flavors } from '../releases/release.flavors';
 import { state } from '../state';
 import { UserDocument } from './user.document';
+import { UserUtil } from './user.util';
 
 const shortId = require('shortid32');
 
@@ -151,7 +152,6 @@ userSchema.virtual('provider')
 //-----------------------------------------------------------------------------
 // VALIDATIONS
 //-----------------------------------------------------------------------------
-const validNameRegex = /^[0-9a-z ]{3,}$/i;
 userSchema.path('name').validate(function(name: string) {
 	// this gets default from username if not set anyway.
 	if (this.isNew) {
@@ -165,7 +165,7 @@ userSchema.path('name').validate(function(name: string) {
 	if (this.isNew) {
 		return true;
 	}
-	return validNameRegex.test(name);
+	return UserUtil.isValidName(name);
 }, 'Name can only contain letters, numbers and spaces.');
 
 userSchema.path('email').validate(function(email: string) {

src/app/users/user.util.ts

@@ -20,6 +20,7 @@
 import { assign, keys, sum, uniq, values } from 'lodash';
 import randomString from 'randomstring';
 
+import { OAuthProfile } from '../authentication/authentication.api';
 import { BackglassDocument } from '../backglasses/backglass.document';
 import { acl } from '../common/acl';
 import { ApiError } from '../common/api.error';
@@ -312,6 +313,48 @@ export class UserUtil {
 		return { permissions };
 	}
 
+	/**
+	 * Checks if a given display name is valid.
+	 * @param name Display name to check
+	 */
+	public static isValidName(name: string) {
+		return  /^[0-9a-z -]{3,}$/i.test(name);
+	}
+
+	/**
+	 * Strips or replaces invalid characters from the display name.
+	 * @param name Display name to strip
+	 */
+	public static stripToValidName(name: string) {
+		return UserUtil.removeDiacritics(name).replace(/[^0-9a-z -]+/gi, '');
+	}
+
+	/**
+	 * Returns a valid display name, if necessary suffixed by a random number in case the name already exists.
+	 * @param originalName Display name to convert to a valid name
+	 */
+	public static async makeValidName(originalName: string) {
+		let name = UserUtil.stripToValidName(originalName);
+		const dupeNameUser = await state.models.User.findOne({ name }).exec();
+		if (dupeNameUser) {
+			name += Math.floor(Math.random() * 1000);
+		}
+		return name;
+	}
+
+	/**
+	 * Retrieves the username from the received OAuth profile. Falls back to
+	 * email prefix if none found.
+	 * @param profile
+	 * @return {string}
+	 */
+	public static getNameFromProfile(profile: OAuthProfile) {
+		return profile.displayName
+			|| profile.username
+			|| (profile.name ? profile.name.givenName || profile.name.familyName : '')
+			|| profile.emails[0].value.substr(0, profile.emails[0].value.indexOf('@'));
+	}
+
 	/**
 	 * Replaces umlauts with standard ascii sequence, e.g. "börk" becomes "boerk".
 	 * @param {string} str Input with diacritics