fix: allow any email address and allow a dot in group names

cheminfo · Dec 8, 2016 · c7a1ed6 · c7a1ed6
1 parent 9e3aa62
commit c7a1ed6
Show file tree

Hide file tree

Showing 6 changed files with 8 additions and 13 deletions.
diff --git a/package.json b/package.json
@@ -20,7 +20,7 @@
     "start": "if-env NODE_ENV=production && npm run start:prod || npm run start:dev",
     "start:dev": "webpack-dashboard -- webpack-dev-server --inline --content-base public/ --history-api-fallback",
     "start:prod": "npm run build && node bin/rest-on-couch-server.js",
-    "test": "npm run compile && npm run test-mocha && npm run eslint && sh test/checkOnly.sh",
+    "test": "npm run compile && (npm run test-mocha; npm run eslint)",
     "test-cov": "istanbul cover -x '**/design/**' _mocha -- --require should --require ./test/setup --reporter dot --recursive",
     "test-mocha": "mocha --timeout 5000 --require should --require ./test/setup --reporter mocha-better-spec-reporter --recursive",
     "watch": "npm run compile -- --watch"

diff --git a/src/couch/util.js b/src/couch/util.js
@@ -9,7 +9,7 @@ function isSpecialUser(user) {
     return user === 'anonymous' || user === 'anyuser';
 }
 
-const validName = /^[0-9a-zA-Z_-]+$/;
+const validName = /^[0-9a-zA-Z._-]+$/; // do not forget to update the same regex in design/validateDocUpdate
 
 function isValidGroupName(groupName) {
     return validName.test(groupName) && !isSpecialUser(groupName) && !isEmail(groupName);

diff --git a/src/design/validateDocUpdate.js b/src/design/validateDocUpdate.js
@@ -11,8 +11,8 @@ module.exports = function (newDoc, oldDoc, userCtx) {
     var validTypes = ['entry', 'group', 'db', 'log', 'user', 'token'];
     var validRights = ['create', 'read', 'write', 'createGroup'];
     // see http://emailregex.com/
-    var validEmail = /^[-a-z0-9~!$%^&*_=+}{\'?]+(\.[-a-z0-9~!$%^&*_=+}{\'?]+)*@([a-z0-9_][-a-z0-9_]*(\.[-a-z0-9_]+)*\.(aero|arpa|biz|com|coop|edu|gov|info|int|mil|museum|name|net|org|pro|travel|mobi|[a-z][a-z])|([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}))(:[0-9]{1,5})?$/i;
-    var validName = /^[0-9a-zA-Z_-]+$/;
+    var validEmail = /^.+@.+$/;
+    var validName = /^[0-9a-zA-Z._-]+$/;
 
     function validateOwners(doc) {
         if (!Array.isArray(doc.$owners)) {
@@ -30,7 +30,7 @@ module.exports = function (newDoc, oldDoc, userCtx) {
 
     function validateName(name) {
         if (!validName.test(name)) {
-            throw ({forbidden: 'Names can only be alphanumerical'});
+            throw ({forbidden: 'Names can only contain alphanumerical characters and _-.'});
         }
     }
 

diff --git a/src/util/isEmail.js b/src/util/isEmail.js
@@ -1,6 +1,7 @@
 'use strict';
 
-const isEmail = /^[-a-z0-9~!$%^&*_=+}{\'?]+(\.[-a-z0-9~!$%^&*_=+}{\'?]+)*@([a-z0-9_][-a-z0-9_]*(\.[-a-z0-9_]+)*\.(aero|arpa|biz|com|coop|edu|gov|info|int|mil|museum|name|net|org|pro|travel|mobi|[a-z][a-z])|([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}))(:[0-9]{1,5})?$/i;
+// do not forget to update the same regex in design/validateDocUpdate
+const isEmail = /^.+@.+$/;
 
 module.exports = function (str) {
     return isEmail.test(str);

diff --git a/test/checkOnly.sh b/test/checkOnly.sh
diff --git a/test/design/validateDocUpdate.js b/test/design/validateDocUpdate.js
@@ -46,7 +46,7 @@ describe('validate_doc_update', function () {
             assert(addDate(addTypeID({})), null, /Missing owners/);
         });
         it('group', function () {
-            assert(addDate(addOwners(addGroup({name: 'a@a.com', users: []}))), null, /only be alphanumerical/);
+            assert(addDate(addOwners(addGroup({name: 'a@a.com', users: []}))), null, /Names can only contain alphanumerical characters and _-\./);
         });
         it('kind', function () {
             assert(