Wiki names should not include hyphens
Bug #54243 reported by
Christian Reis
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Launchpad itself |
Invalid
|
Low
|
Unassigned |
Bug Description
Wiki names should not contain hyphens. When they do, logging in to Moin fails with the message:
"Invalid user name 'Foo-Bar'. Name may contain any Unicode alpha numeric character, with optional one space between words. Group page name is not allowed."
Our validator needs to check for hyphens in the field. The Wiki name generator needs to be modified to stop putting hyphens in there. I suspect that other non-alphabetica
Changed in launchpad: | |
status: | Unconfirmed → Confirmed |
Changed in launchpad: | |
assignee: | nobody → matsubara |
importance: | Untriaged → Medium |
Changed in launchpad: | |
assignee: | matsubara → nobody |
To post a comment you must log in.
Or, we could fix Moin to be less anal -- it apparently accepts random unicode letters in names, but won't accept hyphens? WTF?
Anyway, as you guess, just disallowing hyphens isn't enough. Here's the relevant Moin code:
def normalizeName( name):
""" Make normalized user name
Prevent impersonating another user with names containing leading,
trailing or multiple whitespace, or using invisible unicode
characters.
Prevent creating user page as sub page, because '/' is not allowed
in user names.
Prevent using ':' and ',' which are reserved by acl.
@param name: user name, unicode r"(?u)[ ^\w\d\s] ", "", name)
@rtype: unicode
@return: user name that can be used in acl lines
"""
# Strip non alpha numeric characters, keep white space
name = re.sub(
# Normalize white space. Each name can contain multiple name.split( ))
# words separated with only one space.
name = ' '.join(
return name
def isValidName( request, name):
""" Validate user name
@param name: user name, unicode isGroupPage( request, name)
"""
normalized = normalizeName(name)
return (name == normalized) and not wikiutil.
And here's the code for wikutil. isGroupPage:
def isGroupPage( request, pagename):
""" Is this a name of group page?
@param pagename: the page name request. cfg.page_ group_regex, re.UNICODE) search( pagename) is not None
@rtype: bool
@return: true if page is a form page
"""
filter = re.compile(
return filter.
page_group_regex by default is set to: page_group_regex = u'[a-z]Group$'
So, the rules with default Moin are:
* only alphanumerics (including unicode alphanumerics) and whitespace
* whitespace must be "normalised"
* no names like "abcdefGroup"
We could try to enforce being at least this restrictive, or we could adjust Moin to have something simpler, like:
* whitespace must be "normalised" (this actually makes sense as an anti-spoofing measure)
* no ":", "," or "/", as explained in the normalizeName docstring.
More radical would be to:
* have no "wiki names" in launchpad (i.e. delete the WikiName table), and just use their LP name.
* make Moin accept any name LP gives it unconditionally (seeing as ":", ",", "/" and whitespace are already disallowed).
The transition would be painful, but the end result could be much simpler.