fruitbasket/modules/ldap/0001-update-user-validation-regex.patch

36 lines
1.3 KiB
Diff
Raw Permalink Normal View History

2024-03-05 15:10:20 +01:00
diff --git a/cmd/portunus-orchestrator/config.go b/cmd/portunus-orchestrator/config.go
index 4db19f2..290128a 100644
--- a/cmd/portunus-orchestrator/config.go
+++ b/cmd/portunus-orchestrator/config.go
@@ -23,7 +23,7 @@ type valueCheck struct {
}
2023-07-04 15:10:00 +02:00
var (
2024-03-05 15:10:20 +01:00
- userOrGroupPattern = `^[a-z_][a-z0-9_-]*\$?$`
+ userOrGroupPattern = `^[a-z_][a-z0-9._-]*\$?$`
envDefaults = map[string]string{
//empty value = not optional
"PORTUNUS_DEBUG": "false",
diff --git a/internal/grammars/grammars.go b/internal/grammars/grammars.go
index 1253c05..e458fd0 100644
--- a/internal/grammars/grammars.go
+++ b/internal/grammars/grammars.go
@@ -39,7 +39,7 @@ const (
// This regex is based on the respective format description in the useradd(8) manpage.
//
// This is only shown for documentation purposes here; use func IsPOSIXAccountName instead.
- POSIXAccountNameRegex = `^[a-z_][a-z0-9_-]*\$?$`
+ POSIXAccountNameRegex = `^[a-z_][a-z0-9._-]*\$?$`
)
//TODO There is also some `import "regexp"` in cmd/orchestrator/ldap.go to render
@@ -159,7 +159,7 @@ func checkByteInPOSIXAccountName(idx, length int, b byte) bool {
switch {
case (b >= 'a' && b <= 'z') || b == '_':
return true
- case (b >= '0' && b <= '9') || b == '-':
+ case (b >= '0' && b <= '9') || b == '-' || b == '.':
return idx != 0 // not allowed at start
default:
return false