From 1566eeff4034dcb2cb8600b9788479c2b1126063 Mon Sep 17 00:00:00 2001
From: Nick Muerdter <nick.muerdter@nrel.gov>
Date: Mon, 23 Oct 2017 11:05:57 -0600
Subject: [PATCH] Shift API user name validations to config file for easier
 customization.

---
 config/default.yml                              | 3 +++
 src/api-umbrella/web-app/app/models/api_user.rb | 4 ++--
 test/apis/v1/users/test_create.rb               | 2 ++
 3 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/config/default.yml b/config/default.yml
index be86f551e..a1b7a5352 100644
--- a/config/default.yml
+++ b/config/default.yml
@@ -80,6 +80,9 @@ web:
     workers: 2
     min_threads: 2
     max_threads: 24
+  api_user:
+    first_name_exclude_regex: "(http|https|www|<|>|\\r|\\n)"
+    last_name_exclude_regex: "(http|https|www|<|>|\\r|\\n)"
   admin:
     initial_superusers: []
     username_is_email: true
diff --git a/src/api-umbrella/web-app/app/models/api_user.rb b/src/api-umbrella/web-app/app/models/api_user.rb
index fece55a23..e3f4b6102 100644
--- a/src/api-umbrella/web-app/app/models/api_user.rb
+++ b/src/api-umbrella/web-app/app/models/api_user.rb
@@ -50,11 +50,11 @@ class ApiUser
     :uniqueness => true
   validates :first_name,
     :presence => { :message => "Provide your first name." },
-    :format => { :without => /(http|https|www|<|>|\r|\n)/i },
+    :format => { :without => proc { ::Regexp.new(ApiUmbrellaConfig[:web][:api_user][:first_name_exclude_regex], ::Regexp::IGNORECASE) } },
     :length => { :maximum => 80 }
   validates :last_name,
     :presence => { :message => "Provide your last name." },
-    :format => { :without => /(http|https|www|<|>|\r|\n)/i },
+    :format => { :without => proc { ::Regexp.new(ApiUmbrellaConfig[:web][:api_user][:last_name_exclude_regex], ::Regexp::IGNORECASE) } },
     :length => { :maximum => 80 }
   validates :email,
     :presence => { :message => "Provide your email address." },
diff --git a/test/apis/v1/users/test_create.rb b/test/apis/v1/users/test_create.rb
index f8d4b7fce..57e0c426f 100644
--- a/test/apis/v1/users/test_create.rb
+++ b/test/apis/v1/users/test_create.rb
@@ -282,6 +282,7 @@ def test_validates_first_name_format
       "https:",
       "www",
       "www.",
+      "WwW.",
       "<",
       ">",
       "test\rtest",
@@ -329,6 +330,7 @@ def test_validates_last_name_format
       "https:",
       "www",
       "www.",
+      "WwW.",
       "<",
       ">",
       "test\rtest",