lsm/Orchard
1
0
Fork 0
mirror of https://github.com/OrchardCMS/Orchard.git synced 2025-10-14 02:44:52 +08:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

#17276: Fixing email validation

Browse Source 
--HG--
branch : dev
This commit is contained in:
Sebastien Ros
2011-02-07 17:26:00 -08:00
parent b53f2e6a36
commit 396632dbce
8 changed files with 181 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
src/Orchard.Specs/Users.feature
View File

@@ -260,3 +260,30 @@ Scenario: I should be able to filter users by status
Then I should see "<a[^>]*>user1</a>" Then I should see "<a[^>]*>user1</a>"
And I should see "<a[^>]*>user2</a>" And I should see "<a[^>]*>user2</a>"
And I should see "<a[^>]*>admin</a>" And I should see "<a[^>]*>admin</a>"
@email
Scenario: I should not be able to add users with invalid email addresses
Given I have installed Orchard
When I go to "admin/users"
And I follow "Add a new user"
And I fill in
| name | value |
| UserName | user1 |
| Email | NotAnEmail |
| Password | a12345! |
| ConfirmPassword | a12345! |
And I hit "Save"
Then I should see "You must specify a valid email address."
@email
Scenario: I should be able to add users with valid email addresses
Given I have installed Orchard
When I go to "admin/users"
And I follow "Add a new user"
And I fill in
| name | value |
| UserName | user1 |
| Email | user1@domain.com |
| Password | a12345! |
| ConfirmPassword | a12345! |
And I hit "Save"
And I am redirected
Then I should see "User created"

88
src/Orchard.Specs/Users.feature.cs generated
View File

@@ -30,8 +30,8 @@ namespace Orchard.Specs
public virtual void FeatureSetup() public virtual void FeatureSetup()
{ {
testRunner = TechTalk.SpecFlow.TestRunnerManager.GetTestRunner(); testRunner = TechTalk.SpecFlow.TestRunnerManager.GetTestRunner();
TechTalk.SpecFlow.FeatureInfo featureInfo = new TechTalk.SpecFlow.FeatureInfo(new System.Globalization.CultureInfo("en-US"), "Users", "In order to prevent users module regressions\nAs a site owner\nI want to create, se" + TechTalk.SpecFlow.FeatureInfo featureInfo = new TechTalk.SpecFlow.FeatureInfo(new System.Globalization.CultureInfo("en-US"), "Users", "In order to prevent users module regressions\r\nAs a site owner\r\nI want to create, " +
"arch and modify user accounts", GenerationTargetLanguage.CSharp, ((string[])(null))); "search and modify user accounts", GenerationTargetLanguage.CSharp, ((string[])(null)));
testRunner.OnFeatureStart(featureInfo); testRunner.OnFeatureStart(featureInfo);
} }
@@ -707,6 +707,90 @@ this.ScenarioSetup(scenarioInfo);
testRunner.And("I should see \"<a[^>]*>user2</a>\""); testRunner.And("I should see \"<a[^>]*>user2</a>\"");
#line 262 #line 262
testRunner.And("I should see \"<a[^>]*>admin</a>\""); testRunner.And("I should see \"<a[^>]*>admin</a>\"");
#line hidden
testRunner.CollectScenarioErrors();
}
[NUnit.Framework.TestAttribute()]
[NUnit.Framework.DescriptionAttribute("I should not be able to add users with invalid email addresses")]
[NUnit.Framework.CategoryAttribute("email")]
public virtual void IShouldNotBeAbleToAddUsersWithInvalidEmailAddresses()
{
TechTalk.SpecFlow.ScenarioInfo scenarioInfo = new TechTalk.SpecFlow.ScenarioInfo("I should not be able to add users with invalid email addresses", new string[] {
"email"});
#line 264
this.ScenarioSetup(scenarioInfo);
#line 265
testRunner.Given("I have installed Orchard");
#line 266
testRunner.When("I go to \"admin/users\"");
#line 267
testRunner.And("I follow \"Add a new user\"");
#line hidden
TechTalk.SpecFlow.Table table25 = new TechTalk.SpecFlow.Table(new string[] {
"name",
"value"});
table25.AddRow(new string[] {
"UserName",
"user1"});
table25.AddRow(new string[] {
"Email",
"NotAnEmail"});
table25.AddRow(new string[] {
"Password",
"a12345!"});
table25.AddRow(new string[] {
"ConfirmPassword",
"a12345!"});
#line 268
testRunner.And("I fill in", ((string)(null)), table25);
#line 274
testRunner.And("I hit \"Save\"");
#line 275
testRunner.Then("I should see \"You must specify a valid email address.\"");
#line hidden
testRunner.CollectScenarioErrors();
}
[NUnit.Framework.TestAttribute()]
[NUnit.Framework.DescriptionAttribute("I should be able to add users with valid email addresses")]
[NUnit.Framework.CategoryAttribute("email")]
public virtual void IShouldBeAbleToAddUsersWithValidEmailAddresses()
{
TechTalk.SpecFlow.ScenarioInfo scenarioInfo = new TechTalk.SpecFlow.ScenarioInfo("I should be able to add users with valid email addresses", new string[] {
"email"});
#line 277
this.ScenarioSetup(scenarioInfo);
#line 278
testRunner.Given("I have installed Orchard");
#line 279
testRunner.When("I go to \"admin/users\"");
#line 280
testRunner.And("I follow \"Add a new user\"");
#line hidden
TechTalk.SpecFlow.Table table26 = new TechTalk.SpecFlow.Table(new string[] {
"name",
"value"});
table26.AddRow(new string[] {
"UserName",
"user1"});
table26.AddRow(new string[] {
"Email",
"user1@domain.com"});
table26.AddRow(new string[] {
"Password",
"a12345!"});
table26.AddRow(new string[] {
"ConfirmPassword",
"a12345!"});
#line 281
testRunner.And("I fill in", ((string)(null)), table26);
#line 287
testRunner.And("I hit \"Save\"");
#line 288
testRunner.And("I am redirected");
#line 289
testRunner.Then("I should see \"User created\"");
#line hidden #line hidden
testRunner.CollectScenarioErrors(); testRunner.CollectScenarioErrors();
} }

37
src/Orchard.Tests.Modules/Users/Controllers/AccountControllerTests.cs
View File

@@ -154,7 +154,20 @@ namespace Orchard.Tests.Modules.Users.Controllers {
} }
[Test] [Test]
public void UsersShouldNotBeAbleToRegisterIfInvalidEmail() {
public void UsersShouldNotBeAbleToRegisterIfInvalidEmail(
[Values(
@"NotAnEmail",
@"@NotAnEmail",
@"""test\blah""@example.com",
"\"test\rblah\"@example.com",
@"""test""blah""@example.com",
@".wooly@example.com",
@"wo..oly@example.com",
@"pootietang.@example.com",
@".@example.com",
@"Ima Fool@example.com")]
string email) {
var registrationSettings = _container.Resolve<IWorkContextAccessor>().GetContext().CurrentSite.As<RegistrationSettingsPart>(); var registrationSettings = _container.Resolve<IWorkContextAccessor>().GetContext().CurrentSite.As<RegistrationSettingsPart>();
registrationSettings.UsersCanRegister = true; registrationSettings.UsersCanRegister = true;
@@ -164,13 +177,29 @@ namespace Orchard.Tests.Modules.Users.Controllers {
_session.Flush(); _session.Flush();
_controller.ModelState.Clear(); _controller.ModelState.Clear();
var result = _controller.Register("bar", "notanemailaddress", "66554321", "66554321"); var result = _controller.Register("bar", email, "66554321", "66554321");
Assert.That(((ViewResult)result).ViewData.ModelState.Count == 1,"Invalid email address."); Assert.That(((ViewResult)result).ViewData.ModelState.Count == 1,"Invalid email address.");
} }
[Test] [Test]
public void UsersShouldBeAbleToRegisterIfValidEmail() { public void UsersShouldBeAbleToRegisterIfValidEmail(
[Values(
@"""test\\blah""@example.com",
"\"test\\\rblah\"@example.com",
@"""test\""blah""@example.com",
@"customer/department@example.com",
@"$A12345@example.com",
@"!def!xyz%abc@example.com",
@"_Yosemite.Sam@example.com",
@"~@example.com",
@"""Austin@Powers""@example.com",
@"Ima.Fool@example.com",
@"""Ima.Fool""@example.com",
@"""Ima Fool""@example.com"
)]
string email)
{
var registrationSettings = _container.Resolve<IWorkContextAccessor>().GetContext().CurrentSite.As<RegistrationSettingsPart>(); var registrationSettings = _container.Resolve<IWorkContextAccessor>().GetContext().CurrentSite.As<RegistrationSettingsPart>();
registrationSettings.UsersCanRegister = true; registrationSettings.UsersCanRegister = true;
@@ -180,7 +209,7 @@ namespace Orchard.Tests.Modules.Users.Controllers {
_session.Flush(); _session.Flush();
_controller.ModelState.Clear(); _controller.ModelState.Clear();
var result = _controller.Register("bar", "t@t.com", "password", "password"); var result = _controller.Register("bar", email, "password", "password");
Assert.That(result, Is.TypeOf<RedirectResult>()); Assert.That(result, Is.TypeOf<RedirectResult>());
Assert.That(((RedirectResult)result).Url, Is.EqualTo("~/")); Assert.That(((RedirectResult)result).Url, Is.EqualTo("~/"));

8
src/Orchard.Web/Modules/Orchard.Users/Controllers/AccountController.cs
View File

@@ -23,6 +23,7 @@ namespace Orchard.Users.Controllers {
private readonly IUserService _userService; private readonly IUserService _userService;
private readonly IOrchardServices _orchardServices; private readonly IOrchardServices _orchardServices;
public AccountController( public AccountController(
IAuthenticationService authenticationService, IAuthenticationService authenticationService,
IMembershipService membershipService, IMembershipService membershipService,
@@ -320,18 +321,17 @@ namespace Orchard.Users.Controllers {
private bool ValidateRegistration(string userName, string email, string password, string confirmPassword) { private bool ValidateRegistration(string userName, string email, string password, string confirmPassword) {
bool validate = true; bool validate = true;
Regex isValidEmail = new Regex("^[a-z0-9_\\+-]+(\\.[a-z0-9_\\+-]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*\\.([a-z]{2,4})$");
if (String.IsNullOrEmpty(userName)) { if (String.IsNullOrEmpty(userName)) {
ModelState.AddModelError("username", T("You must specify a username.")); ModelState.AddModelError("username", T("You must specify a username."));
validate = false; validate = false;
} }
if (String.IsNullOrEmpty(email)) { if (String.IsNullOrEmpty(email)) {
ModelState.AddModelError("email", T("You must specify an email address.")); ModelState.AddModelError("email", T("You must specify an email address."));
validate = false; validate = false;
} }
else if (!Regex.IsMatch(email, UserPart.EmailPattern, RegexOptions.IgnoreCase)) {
if (!isValidEmail.IsMatch(email)) { // http://haacked.com/archive/2007/08/21/i-knew-how-to-validate-an-email-address-until-i.aspx
ModelState.AddModelError("email", T("You must specify a valid email address.")); ModelState.AddModelError("email", T("You must specify a valid email address."));
validate = false; validate = false;
} }

10
src/Orchard.Web/Modules/Orchard.Users/Controllers/AdminController.cs
View File

@@ -1,5 +1,6 @@
using System.Collections.Generic; using System.Collections.Generic;
using System.Linq; using System.Linq;
using System.Text.RegularExpressions;
using System.Web.Mvc; using System.Web.Mvc;
using System.Web.Routing; using System.Web.Routing;
using Orchard.ContentManagement; using Orchard.ContentManagement;
@@ -170,6 +171,11 @@ namespace Orchard.Users.Controllers {
} }
} }
if (!Regex.IsMatch(createModel.Email ?? "", UserPart.EmailPattern, RegexOptions.IgnoreCase)) {
// http://haacked.com/archive/2007/08/21/i-knew-how-to-validate-an-email-address-until-i.aspx
ModelState.AddModelError("Email", T("You must specify a valid email address."));
}
if (createModel.Password != createModel.ConfirmPassword) { if (createModel.Password != createModel.ConfirmPassword) {
AddModelError("ConfirmPassword", T("Password confirmation must match")); AddModelError("ConfirmPassword", T("Password confirmation must match"));
} }
@@ -229,6 +235,10 @@ namespace Orchard.Users.Controllers {
if (!_userService.VerifyUserUnicity(id, editModel.UserName, editModel.Email)) { if (!_userService.VerifyUserUnicity(id, editModel.UserName, editModel.Email)) {
AddModelError("NotUniqueUserName", T("User with that username and/or email already exists.")); AddModelError("NotUniqueUserName", T("User with that username and/or email already exists."));
} }
else if (!Regex.IsMatch(editModel.Email ?? "", UserPart.EmailPattern, RegexOptions.IgnoreCase)) {
// http://haacked.com/archive/2007/08/21/i-knew-how-to-validate-an-email-address-until-i.aspx
ModelState.AddModelError("Email", T("You must specify a valid email address."));
}
else { else {
// also update the Super user if this is the renamed account // also update the Super user if this is the renamed account
if (String.Equals(Services.WorkContext.CurrentSite.SuperUser, previousName, StringComparison.OrdinalIgnoreCase)) { if (String.Equals(Services.WorkContext.CurrentSite.SuperUser, previousName, StringComparison.OrdinalIgnoreCase)) {

2
src/Orchard.Web/Modules/Orchard.Users/Models/UserPart.cs
View File

@@ -3,6 +3,8 @@ using Orchard.Security;
namespace Orchard.Users.Models { namespace Orchard.Users.Models {
public sealed class UserPart : ContentPart<UserPartRecord>, IUser { public sealed class UserPart : ContentPart<UserPartRecord>, IUser {
public const string EmailPattern = @"^(?!\.)(""([^""\r\\]|\\[""\r\\])*""|([-a-z0-9!#$%&'*+/=?^_`{|}~]|(?<!\.)\.)*)(?<!\.)@[a-z0-9][\w\.-]*[a-z0-9]\.[a-z][a-z\.]*[a-z]$";
public string UserName { public string UserName {
get { return Record.UserName; } get { return Record.UserName; }
set { Record.UserName = value; } set { Record.UserName = value; }

2
src/Orchard.Web/Modules/Orchard.Users/ViewModels/UserCreateViewModel.cs
View File

@@ -1,5 +1,6 @@
using System.ComponentModel.DataAnnotations; using System.ComponentModel.DataAnnotations;
using Orchard.ContentManagement; using Orchard.ContentManagement;
using Orchard.Users.Models;
namespace Orchard.Users.ViewModels { namespace Orchard.Users.ViewModels {
public class UserCreateViewModel { public class UserCreateViewModel {
@@ -7,7 +8,6 @@ namespace Orchard.Users.ViewModels {
public string UserName { get; set; } public string UserName { get; set; }
[Required, DataType(DataType.EmailAddress)] [Required, DataType(DataType.EmailAddress)]
[RegularExpression("^[a-z0-9_\\+-]+(\\.[a-z0-9_\\+-]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*\\.([a-z]{2,4})$")]
public string Email { get; set; } public string Email { get; set; }
[Required, DataType(DataType.Password)] [Required, DataType(DataType.Password)]

1
src/Orchard.Web/Modules/Orchard.Users/ViewModels/UserEditViewModel.cs
View File

@@ -11,7 +11,6 @@ namespace Orchard.Users.ViewModels {
} }
[Required] [Required]
[RegularExpression("^[a-z0-9_\\+-]+(\\.[a-z0-9_\\+-]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*\\.([a-z]{2,4})$")]
public string Email { public string Email {
get { return User.As<UserPart>().Record.Email; } get { return User.As<UserPart>().Record.Email; }
set { User.As<UserPart>().Record.Email = value; } set { User.As<UserPart>().Record.Email = value; }