From 6913381781fd9b27e63129e728e8ff6defd537f0 Mon Sep 17 00:00:00 2001
From: maxwell <maxwell@joindiaspora.com>
Date: Fri, 22 Oct 2010 17:26:10 -0700
Subject: [PATCH] username now can only contain letters numbers, periods, and
 underscores

---
 app/models/user.rb       | 3 +--
 spec/models/user_spec.rb | 5 +++++
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/app/models/user.rb b/app/models/user.rb
index 273cc209b7..343cc2d76d 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -43,8 +43,7 @@ class User
   before_validation :strip_username, :on => :create
   validates_presence_of :username
   validates_uniqueness_of :username, :case_sensitive => false
-  validates_format_of :username, :without => /\s/
-
+  validates_format_of :username, :with => /\A[A-Za-z0-9_.]+\z/ 
   validates_with InvitedUserValidator
 
   one :person, :class_name => 'Person', :foreign_key => :owner_id
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
index ed3008b840..351d5347ce 100644
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -73,6 +73,11 @@ describe User do
         user = Factory.build(:user, :username => "bobby tables")
         user.should_not be_valid
       end
+
+      it 'can not contain non url safe characters' do
+        user = Factory.build(:user, :username => "kittens;")
+        user.should_not be_valid
+      end
     end
 
     describe "of email" do
-- 
GitLab