From da485e523913df28def6335be0836b1fc437617f Mon Sep 17 00:00:00 2001
From: Owen Jacobson <owen@grimoire.ca>
Date: Tue, 29 Oct 2024 19:32:30 -0400
Subject: Restrict login names.

There's no good reason to use an empty string as your login name, or to use one so long as to annoy others. Names beginning or ending with whitespace, or containing runs of whitespace, are also a technical problem, so they're also prohibited.

This change does not implement [UTS #39], as I haven't yet fully understood how to do so.

[UTS #39]: https://www.unicode.org/reports/tr39/
---
 src/invite/routes/invite/post.rs      |  3 +++
 src/invite/routes/invite/test/post.rs | 32 ++++++++++++++++++++++++++++++++
 2 files changed, 35 insertions(+)

(limited to 'src/invite/routes')

diff --git a/src/invite/routes/invite/post.rs b/src/invite/routes/invite/post.rs
index 627eca3..bb68e07 100644
--- a/src/invite/routes/invite/post.rs
+++ b/src/invite/routes/invite/post.rs
@@ -45,6 +45,9 @@ impl IntoResponse for Error {
         let Self(error) = self;
         match error {
             app::AcceptError::NotFound(_) => NotFound(error).into_response(),
+            app::AcceptError::InvalidName(_) => {
+                (StatusCode::BAD_REQUEST, error.to_string()).into_response()
+            }
             app::AcceptError::DuplicateLogin(_) => {
                 (StatusCode::CONFLICT, error.to_string()).into_response()
             }
diff --git a/src/invite/routes/invite/test/post.rs b/src/invite/routes/invite/test/post.rs
index 65ab61e..40e0580 100644
--- a/src/invite/routes/invite/test/post.rs
+++ b/src/invite/routes/invite/test/post.rs
@@ -206,3 +206,35 @@ async fn conflicting_name() {
         matches!(error, AcceptError::DuplicateLogin(error_name) if error_name == conflicting_name)
     );
 }
+
+#[tokio::test]
+async fn invalid_name() {
+    // Set up the environment
+
+    let app = fixtures::scratch_app().await;
+    let issuer = fixtures::login::create(&app, &fixtures::now()).await;
+    let invite = fixtures::invite::issue(&app, &issuer, &fixtures::now()).await;
+
+    // Call the endpoint
+
+    let name = fixtures::login::propose_invalid_name();
+    let password = fixtures::login::propose_password();
+    let identity = fixtures::cookie::not_logged_in();
+    let request = post::Request {
+        name: name.clone(),
+        password: password.clone(),
+    };
+    let post::Error(error) = post::handler(
+        State(app.clone()),
+        fixtures::now(),
+        identity,
+        Path(invite.id),
+        Json(request),
+    )
+    .await
+    .expect_err("using an invalid name should fail");
+
+    // Verify the response
+
+    assert!(matches!(error, AcceptError::InvalidName(error_name) if name == error_name));
+}
-- 
cgit v1.2.3