From 4c273040474eb455e1f1e7c2cd352611b50d71c4 Mon Sep 17 00:00:00 2001 From: Fabio Bas Date: Mon, 29 Jun 2015 23:35:27 +0200 Subject: [PATCH] publish username rules in registration failure --- cockatrice/src/window_main.cpp | 35 ++++++++++++++++++- common/server_database_interface.h | 2 +- .../src/servatrice_database_interface.cpp | 22 +++++++----- .../src/servatrice_database_interface.h | 2 +- servatrice/src/serversocketinterface.cpp | 8 ++++- 5 files changed, 57 insertions(+), 12 deletions(-) diff --git a/cockatrice/src/window_main.cpp b/cockatrice/src/window_main.cpp index 3a0d4044..de65d4d1 100644 --- a/cockatrice/src/window_main.cpp +++ b/cockatrice/src/window_main.cpp @@ -30,6 +30,10 @@ #include #include #include +#if QT_VERSION < 0x050000 + // for Qt::escape() + #include +#endif #include "main.h" #include "window_main.h" @@ -359,8 +363,37 @@ void MainWindow::registerError(Response::ResponseCode r, QString reasonStr, quin break; } case Response::RespUsernameInvalid: - QMessageBox::critical(this, tr("Error"), tr("Invalid username.\nYou may only use A-Z, a-z, 0-9, _, ., and - in your username.")); + { + QString error = tr("Invalid username.") + "
"; + QStringList rules = reasonStr.split(QChar('|')); + if (rules.size() == 7) + { + error += tr("The username must respect these rules:") + "
    " + + "
  • " + tr("length between %1 and %2 characters").arg(rules.at(0)).arg(rules.at(1)) + "
    • "; + if(rules.at(2).toInt() > 0) + error += "
  • " + tr("it can contain lowercase characters") + "
    • "; + if(rules.at(3).toInt() > 0) + error += "
  • " + tr("it can contain uppercase characters") + "
    • "; + if(rules.at(4).toInt() > 0) + error += "
  • " + tr("it can contain numeric characters") + "
    • "; + if(rules.at(6).size() > 0) + error += "
  • " + tr("it can contain the following punctuation: %1").arg( +#if QT_VERSION < 0x050000 + Qt::escape(rules.at(6)) +#else + rules.at(6).toHtmlEscaped() +#endif + ) + "
    • "; + if(rules.at(5).toInt() > 0) + error += "
  • " + tr("the first character can't be a punctuation") + "
    • "; + error += "
"; + } else { + error += tr("You may only use A-Z, a-z, 0-9, _, ., and - in your username."); + } + + QMessageBox::critical(this, tr("Error"), error); break; + } case Response::RespRegistrationFailed: QMessageBox::critical(this, tr("Error"), tr("Registration failed for a technical problem on the server.")); break; diff --git a/common/server_database_interface.h b/common/server_database_interface.h index d809b1ff..60d6c056 100644 --- a/common/server_database_interface.h +++ b/common/server_database_interface.h @@ -25,7 +25,7 @@ public: virtual DeckList *getDeckFromDatabase(int /* deckId */, int /* userId */) { return 0; } virtual qint64 startSession(const QString & /* userName */, const QString & /* address */) { return 0; } - virtual bool usernameIsValid(const QString & /*userName */) { return true; }; + virtual bool usernameIsValid(const QString & /*userName */, QString & /* error */) { return true; }; public slots: virtual void endSession(qint64 /* sessionId */ ) { } public: diff --git a/servatrice/src/servatrice_database_interface.cpp b/servatrice/src/servatrice_database_interface.cpp index 3a81c9ba..7aa5fa06 100644 --- a/servatrice/src/servatrice_database_interface.cpp +++ b/servatrice/src/servatrice_database_interface.cpp @@ -118,24 +118,29 @@ bool Servatrice_DatabaseInterface::execSqlQuery(QSqlQuery *query) return false; } -bool Servatrice_DatabaseInterface::usernameIsValid(const QString &user) +bool Servatrice_DatabaseInterface::usernameIsValid(const QString &user, QString & error) { - int maxNameLength = settingsCache->value("users/maxnamelength", 12).toInt(); int minNameLength = settingsCache->value("users/minnamelength", 6).toInt(); + int maxNameLength = settingsCache->value("users/maxnamelength", 12).toInt(); + bool allowLowercase = settingsCache->value("users/allowlowercase", true).toBool(); + bool allowUppercase = settingsCache->value("users/allowuppercase", true).toBool(); + bool allowNumerics = settingsCache->value("users/allownumerics", true).toBool(); + bool allowPunctuationPrefix = settingsCache->value("users/allowpunctuationprefix", false).toBool(); + QString allowedPunctuation = settingsCache->value("users/allowedpunctuation", "_").toString(); + error = QString("%1|%2|%3|%4|%5|%6|%7").arg(minNameLength).arg(maxNameLength).arg(allowLowercase).arg(allowUppercase).arg(allowNumerics).arg(allowPunctuationPrefix).arg(allowedPunctuation); + if (user.length() < minNameLength || user.length() > maxNameLength) return false; - bool allowPunctuationPrefix = settingsCache->value("users/allowpunctuationprefix", false).toBool(); - QString allowedPunctuation = settingsCache->value("users/allowedpunctuation", "_").toString(); if (!allowPunctuationPrefix && allowedPunctuation.contains(user.at(0))) return false; QString regEx("["); - if (settingsCache->value("users/allowlowercase", true).toBool()) + if (allowLowercase) regEx.append("a-z"); - if (settingsCache->value("users/allowuppercase", true).toBool()) + if (allowUppercase) regEx.append("A-Z"); - if(settingsCache->value("users/allownumerics", true).toBool()) + if(allowNumerics) regEx.append("0-9"); regEx.append(QRegExp::escape(allowedPunctuation)); regEx.append("]+"); @@ -242,7 +247,8 @@ AuthenticationResult Servatrice_DatabaseInterface::checkUserPassword(Server_Prot if (!checkSql()) return UnknownUser; - if (!usernameIsValid(user)) + QString error; + if (!usernameIsValid(user, error)) return UsernameInvalid; if (checkUserIsBanned(handler->getAddress(), user, reasonStr, banSecondsLeft)) diff --git a/servatrice/src/servatrice_database_interface.h b/servatrice/src/servatrice_database_interface.h index 10770691..e5aae344 100644 --- a/servatrice/src/servatrice_database_interface.h +++ b/servatrice/src/servatrice_database_interface.h @@ -62,7 +62,7 @@ public: void lockSessionTables(); void unlockSessionTables(); bool userSessionExists(const QString &userName); - bool usernameIsValid(const QString &user); + bool usernameIsValid(const QString &user, QString & error); bool checkUserIsBanned(const QString &ipAddress, const QString &userName, QString &banReason, int &banSecondsRemaining); bool getRequireRegistration(); diff --git a/servatrice/src/serversocketinterface.cpp b/servatrice/src/serversocketinterface.cpp index a2fa26b2..13198ef7 100644 --- a/servatrice/src/serversocketinterface.cpp +++ b/servatrice/src/serversocketinterface.cpp @@ -788,8 +788,14 @@ Response::ResponseCode ServerSocketInterface::cmdRegisterAccount(const Command_R } // TODO: Move this method outside of the db interface - if (!sqlInterface->usernameIsValid(userName)) + QString errorString; + if (!sqlInterface->usernameIsValid(userName, errorString)) + { + Response_Register *re = new Response_Register; + re->set_denied_reason_str(errorString.toStdString()); + rc.setResponseExtension(re); return Response::RespUsernameInvalid; + } if(sqlInterface->userExists(userName)) return Response::RespUserAlreadyExists;